0.0.6 - 2007-02-01 - Bugfix release, repairing whois/hostname lookups, port translation and display filtering. 0.0.5 - 2007-01-30 - Interface for remote management of Argi with status indicator added, live transaction reading from remote Argi is possible. - Support for argus-clients 2.x has been dropped. - Improved performance of file reading, fixed bug of errors in transaction counting for tcpdump files, fixed bug of incorrectly updating the progressbar when reading multiple files. - Fixed memory leak in transaction view, fixed error of sometimes closing a notebook page did not work. 0.0.4 - 2007-01-13 - Improved transaction view performance (Thanks to Quentin Sculo!). - It is now possible to open multiple transaction views for different files. - Display column configuration via right-click on column headers. - Hostname and whois lookup for IP addresses on right-click. - Marker feature to highlight a specific IP address. - Simple display filter, specifying protocol, ports and addresses. - On-the-fly syntax checking of Ra filters and display filters. - Reduced saturation of default protocol colors for better readability. 0.0.3 - 2006-12-05 - ArgusEye can now read tcpdump capture files (e.g. wireshark) on the fly. gzipped, compress'd and bzip2'd tcpdump files are supported as well. - Fixed handling of user captured data bytes for ra 3.x - Fixed parsing of state, jitter and intpkt for ra 3.x - Added parsing of argus state change flags and real TCP flags. - Added 'Details' window, available for each transaction via double-click on transaction row or right-click->'Show Details' - Simple generation of tcpdump filter-expression for each transaction via right-click->'Generate tcpdump filter' - Port number to service name translation is now handled by ArgusEye, this makes it possible to switch between numbers and names without re-reading the transactions. Ports are looked up via nmap_services file from the Nmap distribution. - Added protocol lookup via nmap_protocols file and ethernames.h from the Argus distribution. - Ra filter and timerange expressions are now automatically saved for reuse and can be selected from a drop-down menu. - ArgusEye now can be found on 'datenspionage.de'. (donated by C.H.) 0.0.2 - 2006-11-20 - ArgusEye no longer parses Ra output using fixed string offsets. Instead for Ra 3.x the field seperator is used to read the different fields. For Ra 2.0.6 it does a repeated run for each field, one at a time. This has made parsing with Ra 3.x faster and parsing with Ra 2.0.6 slower. It should resolve all problems of not parsing fields correctly. - Support for all fields of Ra 3.x has been added (including default fieldset). - The configuration stuff has been moved to a seperate module, now accessible via a persistent object. - Specifying a filter expression and a timerange for Ra is possible. - ArgusEye now has an icon: "The eye of Ra" :-) - ArgusEye has been reported to run on FreeBSD (Thanks to CS Lee!) 0.0.1 - 2006-11-15 - initial release