The latest releases of YAF 2.x are listed below.

See also pre-releases of YAF 3.x and all YAF releases.

YAF Release 2.16.1, 2024-Sep-26

Downloads

yaf-2.16.1.tar.gz (2.2MiB)

(SHA256=6005b8165831039e616cbcd7a450ac3e6daae051b4421d6294ad9c00688a14a2)

Changelog

  • Fixed an invocation bug where yaf-2.16.0 required the --pcap option when using --pcap-meta-file.
  • Changed yaf --stime to use milliseconds precision when checking for a match.
  • Fixed a compilation error and an RPM spec file dependecy issue when attempting to build with Napatech support.

YAF Release 2.16.0, 2024-Aug-29

Downloads

yaf-2.16.0.tar.gz (2.2MiB)

(SHA256=b8950b232ddb830e9a9e2730b77fef703c0528894cf2102ab8b787daa4d50c9b)

Changelog

  • Changed the timestamps used by yaf internally to use nanosecond precision.
  • Changed the default timestamps exported by yaf to have both milli- and microsecond precision for maximum compatibility.
  • Added a --time-elements command line option to choose which timestamps are exported.
  • Added support for running yaf as a systemd service.
  • Updated the yaf.spec file to be compatible with current best practices.
  • Added rpmbuild feature flag support: YAF compile-time options are selected by using "rpmbuild --with FEATURE1 --without FEATURE2".
  • Modified configure to use pkg-config when searching for OpenSSL.

YAF Release 2.15.0, 2023-Dec-21

Downloads

yaf-2.15.0.tar.gz (2.1MiB)

(SHA256=3743d2f7b9bac3ac2ee2017dc26f6d7c5775dfdf95062ef7fa29c8c793e9472f)

Changelog

  • Enhanced the deep packet inspection capabilities for SSH connections to include negotiated algorithms and HASSH hash.
  • Added the JA3 hash to the DPI for TLS connections.
  • Added support for reading VxLAN-encapsulated packets, Geneve-encapsulated packets, and Geneve-encapsulated VxLAN-encapsulated packets.
  • Fixed TLS certificate parsing to be more selective on which values are stored in the list of sslObjectType-sslObjectValue pairs.
  • Fixed a potential bug in the Shannon entropy calculation that may cause small differences in calculated values.

YAF Release 2.14.0, 2023-Mar-23

Downloads

yaf-2.14.0.tar.gz (2.1MiB)

(SHA256=cf9e40428690387de7db78e27981c47b72664e4129a6b348ed19ea831f2ee019)

Changelog

  • Changed DNS deep packet inspection to produce names and text records with escape codes for special characters (non-ASCII, non-printable, special whitespace, and label-internal dots in names).
  • Made DNS deep packet inspection more strict about parsing malformed DNS Resource Records across RR boundaries within the packet.
  • Changed destination of --version output to the standard output.
  • Fixed a crash in YAF that occurs when it is built with GLib 2.75.3 or newer.