This release has autoconf / automake support, libdnet support, dynamic firewall ports, speed improvements, more secure command line parsing, CIDR style input parameters, better error messages, changes in virtual machine behaviour, improved ARP support, improved Windows support including remote syslog and Event file logging, and a new debug facility.
Version 2.5 incorporates autoconf/automake support. The pgm now uses libdnet. In firewalling mode, ports are added dynamically based on activity. This slows down nmap scans but enables labrea to trap new malware. An optional ARP sweep can be performed on the local subnet to detect occupied IP addresses. labrea now looks at general ARP replies to better track who has what. Pgm now accepts long options (eg --my-option). Remote syslog now works for Windows.
The Win32 version now has the full functionality of the Unix versions. The separate configuration files have been combined into a single file. labrea can now be configured to ignore (and not tarpit) connection attempts from specific IP addresses/specific ports. labrea can now use DNS to automatically exclude any local IPs that resolve. There is better functionality under switched environments, and also better BSD support. Bandwidth tracking while persist capturing has been improved.