SMB Traffic Analyzer 1.2.2 released
After some delay which wasn’t on our plan, we’re happy to announce SMB Traffic Analyzer (called SMBTA in the following) version 1.2.2, bringing a whole bunch of new features and bugfixes to the table.
First off, you might not believe it but SMBTA actually received some artwork, as we already reported here. Version 1.2.2 includes those graphics as well as the SVG source. Thank you Sirko!
SMBTA was installed on completely different systems than Linux during the past months. In some cases, things could have been much easier if required libraries could have come included with SMBTA. So we did for sqlite. If shared sqlite objects are found, and are of version 3.7.0 or newer, those will be used, otherwise SMBTA will compile the 3.7.4 Amalgamation build of sqlite, that is included with both smbtad and smbtatools (bnc#662186). By specifying an environment variable, the user can also force an amalgamation build, even if shared libraries are available. Since the amalgamation build of sqlite is basically sqlite in a single c file, most compilers can employ optimization much better compared to a usual sqlite build.
We are in the process of addressing possibilities to make SMBTA more than just output it’s results to a text mode terminal.
The decision was taken to drive the output of smbtaquery – the main program used to query the database of SMBTA – with XML, a move that allows us maximum flexibility. The smbtaquery program therefore produces XML by default and employs the XSLT processor xsltproc of the libxslt library to convert the output to HTML or ASCII text automatically.
All functions of smbtaquery are supported in both formats. SMBTA includes style sheets to produce the output and the user can choose the prefered output format on the command line. HTML support in smbtaquery forms the core of our plans to create a web based user interface for SMBTA (bnc#659326).
SMBTA 1.2.2 extends 128Bit AES encryption for the whole software suite. All tools, smbtad, and the module are now able to talk encrypted to each other. With former versions this has only been possible from the VFS module to smbtad. To support the end user, smbtaquery has been extended to generate 128 bit keys for usage with smbtad. The smbtad daemon supports two different keys, to allow a different group of users running the smbtatools (bnc#599644). A long standing issue finally resolved.
A lot of effort moved into our test suite – smbtatorture -, in order to enhance the SMBTA Stresstest appliance. First off, a smbtatorture process now creates directories, and filenames that make some more sense then the ones used before (which were just generated out of the user name and a number), to produce much more realistic looking results (bnc#653618). Furthermore, we worked on having support for multiple instances of smbtatorture on the same shares. A small control server has been created, “smbtatorturesrv“, distributing unique filenames to make sure that no smbtatorture process chooses the same file name than one of the others running on the network. smbtatorturesrv is internet socket networked, therefore smbtatorture processes can connect from anywhere to it.
This program will be extended to make up a controlling instance for the connecting smbtatorture processes, showing statistics and healthiness information. We will implement the features introduced with 1.2.2 in the upcoming version of the SMBTA Stresstest.
On the documentation, probably the most irrelevant part of SMBTA , it has been completely reviewed and many design changes have been made. Everything about encryption has been taken out, and formed into a separate new chapter, addressing how encryption works in all parts of the software suite. All new features of smbtatorture and smbtatorturesrv have been documented. We have added descriptive illustration and diagrams to the documentation. (bnc#664823). And of course we updated the online version of this document.
Oh wait, the openSUSE’s BuildService already consumed SMB Traffic Analyzer 1.2.2. We will submit packages to openSUSE Factory and Tumbleweed in the next days.