PCAPpuller v0.3.1

PCAPpuller v0.3.1

Highlights

• Simplified 3-step workflow and safer defaults
• Step 1 defaults to include *.pcap, *.pcapng only; selection-mode defaults to manifest (no copying)
• Precise filtering moved to Step 2; auto batch size and trim-per-batch by window
• Step 2 supports --out and --tmpdir; Step 3 defaults to convert_to_pcap + gzip if not specified
• GUI improvements: minimal main inputs (Source/Time/Output/Temp), verbose console messages, friendlier progress labels
• Desktop/packaging: Linux .desktop + icon installer, macOS/Windows PyInstaller scripts

CLI & Workflow changes

• New flag: --source (hidden alias: --root)
• Step 1: mtime + patterns only by default; selection-mode {manifest|symlink}
• Step 2: precise filtering runs here; supports --out and --tmpdir; auto batch/trim
• Step 3: defaults to convert_to_pcap + gzip (no snaplen)

GUI changes

• Renamed “Root Directory” to “Source Directory”
• Added Output File and Temporary Directory inputs
• Verbose configuration and progress messages in the Output area
• Auto-loads icons from assets/PCAPpuller.{png,icns,ico}

Desktop / Packaging

• pcappuller-gui.desktop now uses Name=PCAPpuller, Exec=PCAPpuller, Icon=PCAPpuller
• Linux scripts: packaging/linux/install_desktop.sh and uninstall_desktop.sh
• macOS: packaging/macos/build_pyinstaller.sh (PyInstaller)
• Windows: packaging/windows/build_pyinstaller.ps1 (PyInstaller)

Docs

• README.md, WORKFLOW_GUIDE.md, and docs/Analyst-Guide.md updated for --source and new defaults

Compatibility

• --root remains as a hidden alias to ease migration

v0.3.0

Three-step workflow + size inflation fix

v0.2.3

Release v0.2.3

- **300+ Wireshark display filters** across 41 protocol categories
- **Complete protocol coverage**: TCP, UDP, HTTP/HTTPS, DNS, TLS/SSL,
  IPSec, SSH, WiFi, VoIP, routing protocols, and much more
- **97 practical examples** with real-world filtering scenarios
- **Professional-grade filtering** matching Wireshark's capabilities

- **Comprehensive filter library** in both main GUI and Clean dialogs
- **Categorized browsing** for quick filter discovery
- **Advanced analysis filters** for security, performance, and troubleshooting
- **Enterprise-ready** network analysis capabilities

- **Enhanced CI workflow** with better dependency handling
- **Python syntax checking** and improved error recovery
- **Robust testing** for code quality assurance

- **Security**: TLS handshakes, IPSec, anomaly detection patterns
- **Performance**: TCP analysis, timing filters, retransmission detection
- **Wireless**: 802.11 management, beacon analysis, deauth detection
- **VoIP**: SIP call analysis, RTP stream monitoring
- **Routing**: OSPF, BGP, EIGRP protocol analysis
- **Layer 2**: LLDP, STP, LACP network management
- **Monitoring**: NetFlow, sFlow traffic analysis

This release transforms PCAPpuller into a comprehensive network analysis
platform with enterprise-grade filtering capabilities! 🚀

v0.2.2

Release v0.2.2

- **Fixed app icon display** in desktop environments for DEB packages
- Added proper desktop file (pcappuller-gui.desktop) for GUI application
- Icon now installed in hicolor theme and pixmaps directories
- Post-install scripts update desktop database and icon cache

- **Version synchronization** across Mac, Linux (DEB/RPM), and Windows
- Linux PyInstaller binary now includes icon support
- Improved packaging workflow with better error handling
- Updated project description to include clean functionality

- Fixed YAML syntax errors in GitHub Actions workflow
- Resolved missing desktop integration in Linux packages

- Kept both Display Filter buttons (main GUI + Clean dialog) as they serve
  different contexts and improve user experience

This release addresses the missing app icon issue and ensures all
platforms have consistent versions and proper desktop integration.

v0.2.1

Release v0.2.1

- **GUI Clean Integration**: Added PCAP Clean functionality to the GUI
  - Clean button in main interface opens comprehensive dialog
  - Options for format conversion, packet reordering, truncation
  - Time window filtering and display filter support
  - Output splitting capabilities
- Progress reporting for clean operations
- Full integration with existing CLI clean pipeline

- Fixed Python 3.9 compatibility with future annotations import
- Resolved union syntax errors in tools.py

- Clean operations run in background thread (non-blocking GUI)
- Comprehensive input validation in clean dialog
- Enhanced error handling and user feedback
- Type safety improvements across codebase

This release completes the GUI integration for the pcap-clean functionality that was missing in v0.2.0.

v0.2.0

Release v0.2.0

- Added pcap-clean CLI and GUI integration for cleaning PCAP files

- Resolved mypy type checking errors
- Fixed type annotations for better code quality

- Enhanced type safety with explicit type annotations
- Removed redundant cast operations

v0.1.4

Release v0.1.4

v0.1.2

PCAPpuller v0.1.2

This release re-runs the GUI build and publishing with a green CI, removing a non-critical token scope check that caused a false failure. It includes the same functional changes as v0.1.1.

Highlights

• macOS: GUI distributed as a proper .app bundle (zipped). Double‑click launches correctly in Finder.
• Windows: Single-file EXE for easy launch.
• Linux: One-file portable binary plus DEB/RPM packages.
• README clarifies macOS first‑run/quarantine and terminal fallback.

Requirements

• Wireshark CLI tools on PATH: tshark, mergecap, editcap, capinfos.

Install and Run

• macOS (.app bundle)

  1. Download PCAPpullerGUI-macos.zip and extract PCAPpullerGUI.app
  2. Optional: move PCAPpullerGUI.app to /Applications
  3. First run: right-click → Open (or remove quarantine):
     xattr -dr com.apple.quarantine "/Applications/PCAPpullerGUI.app"
  4. Launch: double‑click PCAPpullerGUI.app

• Windows (EXE)

  1. Download PCAPpullerGUI-windows.exe
  2. If SmartScreen warns, click “More info” → “Run anyway”

• Linux (portable binary)

  1. Download PCAPpullerGUI-linux
  2. Make executable and run:
     chmod +x ./PCAPpullerGUI-linux && ./PCAPpullerGUI-linux

• Linux (packages)

  • Debian/Ubuntu:
    sudo dpkg -i pcappuller-gui_0.1.2_amd64.deb && sudo apt -f install
  • Fedora/RHEL:
    sudo rpm -Uvh pcappuller-gui-0.1.2-1.x86_64.rpm

Artifacts

• macOS: PCAPpullerGUI-macos.zip
  • sha256: 33494ebffa5e273f118849c1bf79febc3aaa94b3996de7c7a34425d7b964c544
• Windows: PCAPpullerGUI-windows.exe
  • sha256: d95175bc79febeb78d9dde6107a192344fa2ba70b901f202208df4be8839dfc8
• Linux: PCAPpullerGUI-linux
  • sha256: 8dea283c703e4c823fca3133a6bd9d82966a9ef60528a44bda8bba8f034a6c40
• Linux: pcappuller-gui_0.1.2_amd64.deb
  • sha256: 766b631bbbcaa7ed9494d1e6c0dfcf6861b343a92090f07f5927a3f0c9da08da
• Linux: pcappuller-gui-0.1.2-1.x86_64.rpm
  • sha256: 46dbd9dba079dd1a449d191bb6db286bba20431415f00d35f02214900a25341c
• Docs: Analyst-Guide.pdf
  • sha256: 8aebc7e4e3778f441fc9feac642d7c0bec79c4d38f8722706d65afea61948e14

Notes

• The GUI bundles Python and Tk; no separate Python install required for the binary builds.
• For source installs, PySimpleGUI requires an extra index. See README for the exact pip command.

v0.1.1 (deprecated)

PCAPpuller v0.1.1 (deprecated)

This release is deprecated in favor of v0.1.2, which has identical functionality but a green CI status and improved release workflow. Please use:

• Latest stable: https://github.com/ktalons/daPCAPpuller/releases/tag/v0.1.2

All artifacts are still available here for historical reference.

v0.1.0

Merge pull request #2 from ktalons/fix/release-permissions

ci(release): grant token contents:write