spoofer-1.4.12 (2022-11-01) ------------- * Fix: win32 and macOS binary installations could get stuck on automatic upgrades and stop collecting data (but manual upgrades worked) * Fix: delete-data option of uninstaller didn't always delete everything spoofer-1.4.11 (2022-08-16) ------------- * Fix bug introduced in 1.4.10 that sometimes caused prober to crash spoofer-1.4.10 (2022-08-11) ------------- * Fix bugs that sometimes caused prober to skip tests (labeled "sendto" in the Spoofer Session Report) * Add option to manager GUI to force prober to run single-threaded spoofer-1.4.8 (2022-03-24) ------------- * Windows: fix service path to avoid misleading report of "unquoted service path" vulnerability from some security tools * macOS: fix bad GUI colors when system is in dark mode * macOS: updated binary release: - fix installer error "macOS cannot verify that this app is free from malware" on 10.15 Catalina and later. - drop support for macOS earlier than 10.13 High Sierra - updated bundled third-party packages: openssl 1.1.1m, pcap 1.10.1, protobuf 3.19.4, Qt 5.15 * GUI: fix crash due to missing font on some platforms spoofer-1.4.7 (2021-04-30) ------------- * Fixed incorrect error "The spoofer client was unable to send spoofed headers due to an operating system restriction" that was occuring on some platforms. The prober could not detect its own sent packets on newer linux platforms with libpcap >=1.9 (with TPACKET_V3), and maybe other platforms. * Fixed build error when building prober without libpcap. spoofer-1.4.6 (2020-07-24) ------------- * Finds Spoofer control server by hostname instead of IP address * Updated for better compatibility with Qt 5.15 * Updated for better compatibility with protobuf 3.12 * macOS: avoid use of launch services API (deprecated in OS X 10.10) * macOS: updated binary release: - drop support for OS X earlier than 10.10 - updated bundled third-party packages: openssl 1.1.1g, pcap 1.9.1, protobuf 3.12.3, Qt 5.9, scamper 20200717 * Windows: updated binary release: - updated bundled third-party packages: openssl 1.1.1g, protobuf 3.9.0, Qt 5.15, scamper 20200717 * Added new CA bundle to match potential new server SSL certificate * Fix build error on FreeBSD 13+ and other platforms with arc4random() but not arc4random_stir() (OpenBSD was already fixed in Spoofer 1.4.2) spoofer-1.4.5 (2019-07-03) ------------- * Fixed compile-time incompatibility with protobuf 3.8 spoofer-1.4.4 (2019-03-12) ------------- * GUI: fixed: "outbound routable" column was mislabeled "outbound private" spoofer-1.4.3 (2019-03-05) ------------- * Removed dependence on deprecated OpenSSL calls * Reworded some text for clarity spoofer-1.4.2 (2018-12-21) ------------- * Portability fixes for OpenBSD * Raised minimum allowed value of settings for proberInterval ("Wait to run a test after a successful run on the same network") and proberRetryInterval ("Wait to retry after first incomplete run") * GUI: in result table, log column is hidden by default; click triangle in table header to show it. * GUI: in result table, IPv6 addresses are abbreviated to /64 by default; click column header to toggle full addresses. * GUI starts up faster spoofer-1.4.1 (2018-11-09) ------------- * Fixed bug in spoofer-scheduler when -d/--datadir option disagreed with saved setting (or default value), on Unix-like or MacOS systems: the scheduler might fail with a "QLocalServer::listen" error, or it might succeed but put its socket in the wrong directory (broken in 1.3.0). * Removed some debugging output spoofer-1.4.0 (2018-09-12) ------------- * When a new release becomes available, an installed binary release on win32 or macosx will upgrade itself automatically the next time it attempts to run the prober (can be disabled). * If scheduler logs are regular files (i.e., not syslog), they are also subject to the "log files to keep" limit * A failed prober that was started manually via the GUI or CLI no longer affects scheduling of automatic probers. * Fixed: installer on MacOS could sometimes fail to start scheduler when upgrading * Fixed fatal bug in --daemon option to spoofer-scheduler on MacOS (doesn't affect most users). * Fixed interpretation of relative paths on scheduler command line to be relative to initial directory instead of dataDir spoofer-1.3.3 (2018-07-16) ------------- * OpenWrt: added UCI configuration options and result storage (for use with luci-app-spoofer, released separately) * Added missing LICENSE file and some other files necessary for advanced development * Fixed potential problems with stale or corrupt lock files (especially on Windows) that prevented the scheduler from starting, which manifested in the UI as 'Critical: There is no scheduler running using settings in "..." ("schedulerSocketName" is not set).' * Fixed spoofer-scheduler to accept Windows Service start parameters (not needed by normal users) spoofer-1.3.2 (2018-06-08) ------------- * Prober avoids blocking or rewriting of sent and received spoofed packets by in-host firewalls/NAT (if pcap is available) * Ported prober to OpenWrt, with the scheduler replaced with an initscript and cronjob * Prober will time out instead of hanging if server does not respond * GUI starts up faster * In the GUI, error messages about launching the prober are now displayed in the upper panel in addition to the console * When building from source, the configure script no longer computes a default value for --with-protobuf from $PROTOC spoofer-1.3.1 (2017-12-08) ------------- * Added workaround to avoid triggering a bug in MacOS High Sierra (10.13) that could break all networking, requiring a reboot. * Now works with most link layer protocols, not just Ethernet II. * Fixed multiple issues that broke spoofer testing on Linux with ppp or other "cooked" intefaces (e.g. a 3G dongle or other wireless modem) * Fixed: some network errors on BSD-based systems were incorrectly reported as failure to send. * Prober's reports to server include more specific probe results. spoofer-1.3.0 (2017-10-20) ------------- * Added IPv6 Tracefilter probing * Prober communicates with server over SSL/TLS (can be disabled if necessary) * spoofer-prober: fixed handling of long command line options on Windows * fixed issue on some platforms where UI failed to connect to Scheduler with "Socket access error" * fixed: prober would fail to execute the traceroute test on rare unix-like platforms where the traceroute binary does not accept an "-m30" option and scamper is not installed * fixed potential protobuf incompatibilities when building from source spoofer-1.2.0 (2017-03-30) ------------- * Added ingress testing, i.e. testing whether spoofed packets from an outside network can reach the Spoofer client. * Added IPv6 traceroute probing. * Some settings that were requested in the binary installer are now requested in the UI, but only if they're not already set from a previous installation. * Windows binary installer defaults to installing in the same directory as a previous installation, if there was one (affects only users who installed in a custom location). * If Windows or OSX binary installer fails, it will restore the previously installed version of spoofer if it is >= 1.2.0. * spoofer-scheduler: added options --save-settings, --restore-settings, --delete-settings, and --delete-data * Fixed crash when both traceroute and scamper are missing (affects only source builds, since binary releases include scamper) * Fixed: on some platforms, spoofer prober 1.1.0 would report "ERROR: pcap_sendpacket: send: Invalid argument" and then not run the tests. * The scheduler will automatically kill the prober in the unlikely event that the prober hangs. spoofer-1.1.0 (2016-12-16) ------------- * Prober works much faster by probing multiple targets in parallel. * Prober uses scamper instead of traceroute if possible; binary Spoofer releases include a bundled scamper binary. * Improved display: - displays total progress, not just progress within current stage - GUI progress area is fixed size, so other elements don't jump around - GUI result history is updated in real time while a test is running; new data is highlighted briefly when first displayed * Installer for Windows configures Windows Firewall. * Added --dump-settings option to scheduler. * Fixed a fatal problem in layer 2 probing on platforms with unusual interfaces (due to undocumented pcap behavior). * Better detection of an HTTP server or proxy intercepting connection to spoofer server. * Other minor fixes. spoofer-1.0.8 (2016-10-31) ------------- * Fixed a build error on some platforms when building from source. If you have a binary release of 1.0.7 or have successfully built 1.0.7 from source, there is no need to upgrade. spoofer-1.0.7 (2016-10-28) ------------- * Fixed probe payload formatting issue in version 1.0.6 that occasionally caused a test result to be "unknown" instead of "blocked". * Improved handling of socket errors on Windows. * Improved handling of installation errors on MacOS. spoofer-1.0.6 (2016-10-14) ------------- * Fixed problem with stale lock files on OSX that prevented the scheduler from starting, which manifested in the UI as 'Critical: There is no scheduler running using settings in "..." ("schedulerSocketName" is not set).' * Fixed: prober could run earlier than expected if proberInterval ("Wait to run a test after a successful run on the same network") was set to 50 days or more. * Portability fixes for building from source: - Builds automatically on platforms that have qtchooser installed (previously required QT_SELECT or QMAKE to be set correctly). - Builds automatically on systems with libprotobuf but not libprotobuf-lite (previously required --with-protobuf-heavy option). - Fixed build error on platforms without libpcap. * Fixed race condition in writing settings when multiple schedulers were started simultaneously. * Other minor fixes. spoofer-1.0.5 (2016-07-29) ------------- * Fixed: on some platforms and network configurations, spoofer-scheduler could cause excessive CPU usage and network disruption (due to a bug in Qt's QNetworkConfigurationManager). * Fixed excessive CPU usage in spoofer-gui in the 60-second period preceeding a scheduled prober run. * Fixed: text typed into GUI preferences dialog might be ignored if "Ok" was clicked without first changing focus. * Improved integration with Windows "Add/Remove Programs" control panel. * Added interactive "help" command to spoofer-cli. spoofer-1.0.4 (2016-07-20) ------------- * Fixed: scheduler would not start if the settings file's directory did not already exist (bug introduced in 1.0.3) * On Unix-like systems, ignores XDG_DATA_DIRS and XDG_CONFIG_DIRS environment variables when choosing defaults for datadir and settings file, fixing potential problems such as a user's spoofer-gui not using the same settings file as the system's spoofer-scheduler. * Mac OSX binary releases are now all built for x86_64 (in previous 1.0.x releases, prober was i386, and manager was x86_64) * Spoofer icon appears on GUI's title bar and "About" dialog on all supported platforms; icons also provided in source release. * Source releases can be built with Qt version >= 5.2 (instead of >= 5.3). * When building from source, passes configured build variables to qmake. * More informative help and error messages. * Other minor bugfixes. spoofer-1.0.3 (2016-07-01) ------------- * Added new option to allow results to be shared for remediation. * Added --datadir command line option to spoofer-scheduler. * Fixed poor default choice of data directory in "/.local" on some unix-like platforms when spoofer-scheduler was run as true root (not just sudo). (If you wish to change the datadir chosen by a previously installed version of spoofer, you can use the new default by deleting the old "dataDir" setting or deleting the old settings file; or, after installing but before starting the new scheduler, you can explicitly specify a datadir with a command like "sudo spoofer-scheduler --init --datadir /usr/local/share/CAIDA/Spoofer". To see the location of the settings file and the new default datadir, use "sudo spoofer-scheduler --help".) * Fixed possible false report of a network error from a probing target after a real error from a previous target. * Faster handling of unreachable target addresses during probing. * Works with google protobuf version >= 2.4 (instead of >= 2.6). Earlier versions may also work, but have not been tested. * Reduced impact of incomplete prober runs: - increased default initial proberRetryInterval (which doubles after each attempt). - added configurable limit (default 3) on the number of retry attempts. - retry is triggered only if probing ALL attempted network protocols (IPv4 and IPv6) failed (instead of ANY). - GUI hides old blank tests by default. * Fixed rare (Windows only?) error where gui/cli got only part of the message that the prober had started, and reported "QFSFileEngine::open: No file name specified" and then prematurely reported that the prober had finished. * Fixed rare error where gui/cli failed to open prober log and prematurely reported prober finished. * In binary installers, the option to disable automatic scheduled testing can be changed after installation and is persistant across reboots, and disabling it does not prevent GUI operations such as manually running a test. * In Windows installer, added option to create Windows start items for all users. * More informative help and error messages. * Other minor bugfixes. spoofer-1.0.2 (2016-05-26) ------------- * Fixed: traceroutes on Windows were sometimes corrupt. * Removed some unimportant messages from GUI. spoofer-1.0.1 (2016-05-24) ------------- * Added Scheduler component designed to start at system boot time, run in the background, and periodically or when a network change is detected run the Prober to perform a spoofing test. * Added GUI and CLI components to manage the Scheduler and display test results. * New protobuf-based protocol between Prober and Server allows more flexible testing. * Fixed: traceroutes were sometimes truncated or corrupted. * Many other bugfixes. spoofer-0.8d (2015-10-06) ----------- * Fixed a race condition on some platforms (e.g. linux kernel 3.13) when using libpcap that caused spoofing to appear to fail even when successful. * Fixed several old bugs when built with newer compilers (e.g. mingw gcc 5.1) that caused spoofing to fail. * Fixed spurious "Session Key Not Found" from webserver when attempting to view a report from a test done on Windows. * If libpcap is available, spoofer uses it to verify outbound packets. spoofer-0.8c (2015-09-10) ----------- * Fixed compile error when building without libpcap (affects only source code release, not binary releases). spoofer-0.8b (2015-08-03) ----------- * Fixed bug in raw link layer spoofing to previously unprobed address * Fixed build errors with old versions of libpcap spoofer-0.8a (2015-05-27) ----------- * Moved servers to CAIDA * Implemented raw ethernet spoofing on all platforms (with libpcap or winpcap) as a fallback when the OS blocks raw ip spoofing * Implemented IPv6 spoofing on all platforms (with libpcap or winpcap) * Removed dependence on crufty old libnet and libdnet spoofer-0.8 ----------- * IPv6 spoofing support (*NIX only) spoofer-0.7.3 ------------- * Fixes to Windows Ethernet spoofing * Interface improvements * Control channel fixes spoofer-0.7.2 ------------- * Improved traceroute detection * Rewritten Windows traceroute wrapper * Better traceroute parallel batching * Improved report output * Large session ID support in tracefilter spoofer-0.7.1 ------------- * Add improved NAT filtering detection * Fix multi-interface error on win32 * Win32 interface fixes spoofer-0.7 ----------- * Multiple tracefilter destination support * Timestamped probes * OSX GUI fixes * Better error processing spoofer-0.6.2 ------------- * Windows Vista libdnet fixes * Better OSX GUI support * Gracefully detect proxied control connection * Multiple asynchronous traceroute to all destinations spoofer-0.6.1 ------------- * Automatically open results browser in OSX * OSX basic security framework support * Command line switches * Selectable verbosity * Traceroute fixes * Misc bug fixes spoofer-0.6 ----------- * Rewritten control channel architecture * Test negotiation supports dynamic destination and source sets * GNU autotools support * HMAC authentication over spoofed probes * Improved traceroute implementation * Better user interface * From: Greg Troxel Fixed netbsd bug spoofer-0.5 ----------- * Sends raw ethernet frames on windows boxes that block raw sockets * Modularize code; general cleanup * Spawn default system browser rather than MS explorer on windows boxen * Fix tracerouting on some platforms * Security cleanup of string and memory functions * From: Jolan Luff Fixed sscanf string conversion bug spoofer-0.4 ----------- * Client and server now dynamically determine IP hop distance and use this to negotiate filtering depth check. * Changed reverse traceroute destination to be confluent with current server path * Added early termination when client can't source spoofed packets * Fixed problems with big endian ISAs * Code cleanup spoofer-0.3 ----------- * Now uses a TCP control connection to determine its local address for adjacent netblock testing * Added "reverse traceroute" that determines where along the forward path filtering is in place spoofer-0.2 ----------- * Adjacent netblock scanning to determine filtering granularity spoofer-0.1 ----------- * First public release