CHANGELOG

Read and parse configuration files for nDPId (+ libnDPI) and nDPIsrvd
Added loading risk domains from a file (-R, thanks to @UnveilTech)
Added Filebeat configuration file
Improved hostname handling; will now always be part of analyse/end/idle events (if dissected)
Improved Documentation (INSTALL / Schema)
Added PF_RING support
Improved nDPIsrvd-analyse to write global stats to a CSV
Added global (heap) memory stats for daemon status events (if enabled)
Fixed IPv6 address/netmask retrieval on some systems
Improved nDPIsrvd-collect; gauges and counters are now handled the right way
Added nDPId Grafana dashboard
Fixed detection-update event bug; was thrown even if nothing changed
Fixed not-detected event spam if detection not completed (in some rare cases)
Improved InfluxDB push daemon (severity parsing / gauge handling)
Improved zLib compression
Fixed nDPIsrvd-collectd missing escape character

Added Event I/O abstraction layer (supporting only poll/epoll by now)
Support for OSX and *BSD systems
Added proper DLT_RAW dissection for IPv4 and IPv6
Improved TCP timeout handling if FIN/RST seen which caused Midstream TCP flows when there shouldn't be any
Fixed a crash if nDPId -o value='' was used
Added OpenWrt packaging
Added new flow event "analyse" used to give some statistical information about active flows
Added new analyse event daemon which generates CSV files from such events
Fixed a crash in nDPIsrvd if a collector closes a connection
Support nDPId to send it's data to a UDP endpoint instead of a nDPIsrvd collector
Added events and flow states documentation
Added basic systemd support
Fixed a bug in base64 encoding which could lead to invalid base64 strings
Added some machine learning examples
Fixed various smaller bugs
Fixed nDPIsrvd bug which causes invalid JSON messages sent to Distributors

Use layer4 specific flow timeouts for nDPId
Reworked layer4 flow length names and calculations (use only layer4 payload w/o any previous headers) for nDPId
Build system cleanup and cosmetics

Provide feedback