The rocket-fast system for log processing

ChangeLog for 5.3.5 (beta)

Version 5.3.5 [BETA] (rgerhards), 2009-11-13

  • some light performance enhancement by replacing time() call with much faster (at least under linux) gettimeofday() calls.
  • some improvement of omfile performance with dynafiles saved costly time() calls by employing a logical clock, which is sufficient for the use case
  • bugfix: omudpspoof miscalculated source and destination ports while this was probably not noticed for source ports, it resulted in almost all destination ports being wrong, except for the default port of 514, which by virtue of its binary representation was calculated correct (and probably thus the bug not earlier detected).
  • bugfixes imported from earlier releases
    • bugfix: named pipes did no longer work (they always got an open error)
      this was a regression from the omfile rewrite in 4.5.0

    • bugfix(testbench): sequence check was not always performed correctly, that could result in tests reporting success when they actually failed
  • improved testbench: added tests for UDP forwarding and omudpspoof
  • doc bugfix: omudpspoof had wrong config command names ("om" missing)
  • bugfix [imported from 4.4.3]: $ActionExecOnlyOnceEveryInterval did not work.
  • [inport v4] improved testbench, contains now tcp and gzip test cases
  • [import v4] added a so-called "On Demand Debug" mode, in which debug output can be generated only after the process has started, but not right from the beginning. This is assumed to be useful for hard-to-find bugs. Also improved the doc on the debug system.
  • bugfix: segfault on startup when -q or -Q option was given [imported from v3-stable]