ERSPAN RELEASE

.gitlab-ci.yml

@@ -5,7 +5,7 @@ stages:
   
 variables:
   DEBIAN_FRONTEND: noninteractive
-  VERSION: 0.5
+  VERSION: 0.6
 
 build-bookworm:
   stage: build

README.md

@@ -2,7 +2,7 @@
 # pcapmirror
 ![pcapmirror logo](logo/pcapmirror_logo_small.png)
 
-pcapmirror is a command-line tool for capturing network traffic and mirroring it to a remote destination using [TZSP encapsulation](https://en.wikipedia.org/wiki/TZSP). It leverages the `libpcap` library for packet capture and provides options for filtering traffic based on BPF syntax. This tool is useful for network monitoring, intrusion detection, and remote packet analysis.
+pcapmirror is a command-line tool for capturing network traffic and mirroring it to a remote destination using [TZSP encapsulation](https://en.wikipedia.org/wiki/TZSP) or [ERSPAN](https://datatracker.ietf.org/doc/html/draft-foschiano-erspan-01). It leverages the `libpcap` library for packet capture and provides options for filtering traffic based on BPF syntax. This tool is useful for network monitoring, intrusion detection, and remote packet analysis.
 
 ## Usage
 

debian/changelog

@@ -1,3 +1,11 @@
+pcapmirror (0.6-1) unstable; urgency=medium
+
+  * Erspan Encapsulation support
+  * added option -e to set the encapsulation type
+  * added option -S to set ERSPAN session id
+
+ -- Matthias Cramer <cramer@freestone.net>  Sun, 20 Apr 2025 16:50:00 +0200
+
 pcapmirror (0.5-1) unstable; urgency=medium
 
   * new option -c to count matching packets (overrides verbose mode)

debian/control

@@ -11,7 +11,7 @@ Architecture: any
 Depends: ${shlibs:Depends}, ${misc:Depends}, libpcap0.8
 Description: A simple packet mirroring tool using libpcap
  pcapmirror is a command-line tool for capturing network traffic and
- mirroring it to a remote destination using TZSP encapsulation. It
+ mirroring it to a remote destination using TZSP or ERSPAN encapsulation.
- leverages the libpcap library for packet capture and provides options
+ It leverages the libpcap library for packet capture and provides options
  for filtering traffic based on BPF syntax. This tool is useful for
  network monitoring, intrusion detection, and remote packet analysis.

pcapmirror.spec

@@ -10,7 +10,7 @@ BuildRequires:   make
 BuildRequires:   libpcap-devel
 
 %description
-pcapmirror is a command-line tool for capturing and mirroring network traffic using TZSP encapsulation. It leverages the `libpcap` library for packet capture and supports BPF syntax for filtering traffic.
+pcapmirror is a command-line tool for capturing and mirroring network traffic using TZSP or ERSPAN encapsulation. It leverages the `libpcap` library for packet capture and supports BPF syntax for filtering traffic.
 
 %build
 %make_build
@@ -26,7 +26,11 @@ pcapmirror is a command-line tool for capturing and mirroring network traffic us
 
 
 %changelog
-* Sat Mar 29 2025 Matthias Cramer <cramer@freesone.net> 0.5-1
+* Sun Apr 20 2025 Matthias Cramer <cramer@freestone.net> 0.6-1
+- Erspan Encapsulation support
+- added option -e to set the encapsulation type
+- added option -S to set ERSPAN session id
+* Sat Mar 29 2025 Matthias Cramer <cramer@freestone.net> 0.5-1
 - new option -c to count matching packets (overrides verbose mode)
 - reworked packet decoder to also decode arp, vlan and qinq packets
 - well known protocols numbers are now decoded