diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index 6bfccb6..001a667 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -5,7 +5,7 @@ stages: variables: DEBIAN_FRONTEND: noninteractive - VERSION: 0.5 + VERSION: 0.6 build-bookworm: stage: build diff --git a/README.md b/README.md index dc0fa7a..125afac 100644 --- a/README.md +++ b/README.md @@ -2,7 +2,7 @@ # pcapmirror ![pcapmirror logo](logo/pcapmirror_logo_small.png) -pcapmirror is a command-line tool for capturing network traffic and mirroring it to a remote destination using [TZSP encapsulation](https://en.wikipedia.org/wiki/TZSP). It leverages the `libpcap` library for packet capture and provides options for filtering traffic based on BPF syntax. This tool is useful for network monitoring, intrusion detection, and remote packet analysis. +pcapmirror is a command-line tool for capturing network traffic and mirroring it to a remote destination using [TZSP encapsulation](https://en.wikipedia.org/wiki/TZSP) or [ERSPAN](https://datatracker.ietf.org/doc/html/draft-foschiano-erspan-01). It leverages the `libpcap` library for packet capture and provides options for filtering traffic based on BPF syntax. This tool is useful for network monitoring, intrusion detection, and remote packet analysis. ## Usage diff --git a/debian/changelog b/debian/changelog index 191d8ca..93b1718 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,11 @@ +pcapmirror (0.6-1) unstable; urgency=medium + + * Erspan Encapsulation support + * added option -e to set the encapsulation type + * added option -S to set ERSPAN session id + + -- Matthias Cramer Sun, 20 Apr 2025 16:50:00 +0200 + pcapmirror (0.5-1) unstable; urgency=medium * new option -c to count matching packets (overrides verbose mode) diff --git a/debian/control b/debian/control index f5bc20e..a7b0520 100644 --- a/debian/control +++ b/debian/control @@ -11,7 +11,7 @@ Architecture: any Depends: ${shlibs:Depends}, ${misc:Depends}, libpcap0.8 Description: A simple packet mirroring tool using libpcap pcapmirror is a command-line tool for capturing network traffic and - mirroring it to a remote destination using TZSP encapsulation. It - leverages the libpcap library for packet capture and provides options + mirroring it to a remote destination using TZSP or ERSPAN encapsulation. + It leverages the libpcap library for packet capture and provides options for filtering traffic based on BPF syntax. This tool is useful for network monitoring, intrusion detection, and remote packet analysis. \ No newline at end of file diff --git a/pcapmirror.spec b/pcapmirror.spec index 3ab7d81..cb1ab81 100644 --- a/pcapmirror.spec +++ b/pcapmirror.spec @@ -10,7 +10,7 @@ BuildRequires: make BuildRequires: libpcap-devel %description -pcapmirror is a command-line tool for capturing and mirroring network traffic using TZSP encapsulation. It leverages the `libpcap` library for packet capture and supports BPF syntax for filtering traffic. +pcapmirror is a command-line tool for capturing and mirroring network traffic using TZSP or ERSPAN encapsulation. It leverages the `libpcap` library for packet capture and supports BPF syntax for filtering traffic. %build %make_build @@ -26,7 +26,11 @@ pcapmirror is a command-line tool for capturing and mirroring network traffic us %changelog -* Sat Mar 29 2025 Matthias Cramer 0.5-1 +* Sun Apr 20 2025 Matthias Cramer 0.6-1 +- Erspan Encapsulation support +- added option -e to set the encapsulation type +- added option -S to set ERSPAN session id +* Sat Mar 29 2025 Matthias Cramer 0.5-1 - new option -c to count matching packets (overrides verbose mode) - reworked packet decoder to also decode arp, vlan and qinq packets - well known protocols numbers are now decoded