Overview of changes in EtherApe 0.9.13 (Sunday May 05, 2013):
Central node option, useful for displaying routers or proxies.
Translations and documentation updates, plus some fixes.
OpenSUSE build service now provides binary packages for Fedora 17 and 18 and SLES 11 SP2.
- Optional central node, based on work of Javier Fernandez-Sanguino
- re-enabled full-screen mode, thanks to nrvale0
- Updated spanish translation, thanks to Javier Fernandez-Sanguino
- Added German translation, and fixed typos, thanks to Chris Leick.
- Updated documentation.
Overview of changes in EtherApe 0.9.12 (Tuesday May 31, 2011):
This is a bugfix release.
Shortly after releasing 0.9.11, David Goldfarb discovered a critical bug in EtherApe,
triggered by RPC traffic.
This bug can be exploited to crash EtherApe by sending a suitable packet.
No packet data is used beyond the IP addresses, however, making further escalation unlikely.
This bug has been assigned CVE number CVE-2011-3369
- fixed bug 3309061, thanks to David Goldfarb.
Overview of changes in EtherApe 0.9.11 (Friday May 27, 2011):
Several users asked for a way to export traffic statistics.
EtherApe now can save a snapshot with all known nodes and relevant
informations to an XML file.
With option --final-export, a dump is
automatically generated when a capture file is fully replayed.
Additionally, option --signal-export enables SIGUSR1 handling, to
dump on signal.
EtherApe used to have two links for connection, one for each traffic
direction. With this release, only one link is needed, gaining more
complete statistics and better resource usage.
EtherApe config file is now ~/.config/etherape, instead of the older,
deprecated, ~/.gnome2/Etherape. Migration is automatic.
Filter expression is now saved.
Thanks to OpenSUSE Build Service and a new spec file, development rpms can
easily be built for OpenSUSE 11.x/Tumbleweed, SLE11, Centos5/RHEL5, Fedora and
The spec file is somewhat generic, lacking the nicer integrations of
official distribution packages, so you are advised to build with EtherApe
spec file only as a last resort.
OSX compatibility improved, thanks to Zack Perry.
The old, deprecated, direct resolver was removed. Name resolution is now
only done with the full fledged threaded resolver.
- XML export of node statistics
- added --final-export to export statistics at replay end
- added --signal-export to export statistics on SIGUSR1 (FR 3185920)
- improved link statistics
- added a toolbar button to open the nodes window
- a new button allows skipping lengthy pauses when replaying
- fixed a long-standing bug affecting expiry timeouts. EtherApe was
overestimating traffic averages
- used stock icons when possible to improve consistency with themes
- EtherApe now builds natively on CENTOS5/RHEL5
- rewrote spec file for use with OpenSUSE Build Service
- updated documentation
- removed several (harmless) compiler warnings to make packager's life
- imported debian-specific patches and a swedish translation by Daniel
- workaround for OSX troubles with gtk_input_add. Thanks to Zack Perry
persistence for helping diagnose and fix
- removed obsolete preference "cycle assigned colors"
- removed deprecated direct resolver
- config file now saved to ~/.config/etherape
- filter expression is now saved with the other preferences
- italian translation
- link and node sizes now computed with the same variable types
- new size variables: active packets, total packets, average packet size
EtherApe 0.9.10 RPM packages now available (Friday Feb 25, 2011):
Thanks to OpenSUSE Build Service, prebuilt RPM packages for major distributions are now ready for download.
On SourceForge download section you'll find i586 and x86_64 RPMs for:
- OpenSUSE 11.4 (suse1140)
- OpenSUSE 11.3 (suse1130)
- SUSE Enterprise 11 (sles11)
- SUSE Enterprise 11 sp1 (sles11sp1)
- Red Hat Enterprise 5 (rhel505)
- CENTOS 5 (centos505)
- Mandriva 2010.0 (mdv2010.0)
- Mandriva 2010.1 (mdv2010.1)
plus an RPM source package.
Those packages are somewhat generic, lacking the fancy touches of official distribution packages, like pam integration, automatic root password request, and so on.
Debian, OpenSUSE, Mandriva cooker and others have already official builds of EtherApe 0.9.10. If available, you should use your distribution package.
Overview of changes in EtherApe 0.9.10 (Sunday Feb 06, 2011):
The most notable change is IPV6 support, thanks to David Flamand.
EtherApe now computes average packet size, to better estimate network
The new option --min-delay allows slow-motion replay of a capture file.
In 0.9.9 relnotes I forgot to mention a fix from Sotiris Sotiropoulos.
Many apologies for the mistake.
Note: the old non-threaded name resolver is deprecated and will be
removed on the next release.
If you really need it, speak up *now*.
Works only with IPV4 addresses, anyway.
Important: CVS repository closed
Effective from today, EtherApe CVS is no longer accessible. Please refer
to the Mercurial repository.
- IPV6 support, thanks to David Flamand.
- new statistic: average packet size.
- added option --min-delay, to complement --max-delay when
replaying from file. With this option you can replay a capture
- tweaked default service file, adding some common ports.
- added check for invalid proto-color mappings (debian bug 566226).
- removed bogus double assignement. Thanks to "johndoe123321".
Overview of changes in EtherApe 0.9.9 (Monday Jan 04, 2010):
The most interesting change of this release is *basic* 802.11 WLAN support.
WLAN is one of the most complex protocols around ('crazy' sometimes seems a
better description) and there's no way to support it completely without a
dedicated display mode.
As an example, a single WLAN packet could contain up to four (4) addresses,
source and destination, plus AP interchange. Showing the exact packet route
could be interesting for someone trying to understand WLANs, but not very
useful to monitor application traffic.
So EtherApe tries to treat APs like routers, ignoring them if not directly
addressed. Thus a packet starting from node X and ending with node Y will be
shown as a straight link between the two nodes, even if the real path was
X-AP and AP-Y.
The other notable improvement is 802.1Q VLAN tagging support. VLAN tags are
decoded but ignored, showing all traffic as being in a normal LAN.
Filtering a single vlan could be accomplished with pcap expressions.
Due to pcap limitations, to correctly filter VLAN traffic the pcap filter
must start with the keyword "vlan" (e.g. vlan and ip) and *all* traffic must
All data-link level modes (Ethernet, FDDI, etc) are now unified in a single
Link Layer mode, with automated detection (thanks to libpcap).
Note to packagers: EtherApe now uses gnome-doc-utils. Manual should
appear in yelp under 'Internet'.
Important: this release will be the last mirrored on the CVS repository, wich
will be shut down as of march 2010.
- wlan and wlan/radiotap protocol decoding.
- wlan QOS support.
- PPI (Per Packet Incapsulation) decoding.
- basic 802.1Q VLAN support (FRQ: 1561647).
- LLC-SNAP support.
- unified link level modes.
- several performance enhancements.
- refactored and streamlined node id definition.
- improved l3 packet deconding, now fully dynamic.
- improved documentation, now using gnome-doc-utils.
- borrowed some info from Mandriva .desktop file.
- Mandriva now compiles with -Werror=format-security and EtherApe was
failing to compile. Thanks to Jerome Brenier for the fix.