Latest Downloads
The latest releases of YAF 2.x are listed below.
See also pre-releases of YAF 3.x and all YAF releases.
RPM Downloads
You can also find RPMs of YAF releases starting from 2.16.2 in our Yum repository.
YAF Release 2.18.3, 2026-Mar-26
Downloads
(SHA256=4cee46b11371fc5b7b76044c7efadb1e30043e699eb0d8d1aa4f1ca6436e8cdd)
Changelog
- Fixed an error since YAF-2.17.0 when using --uniflow that caused an assertion error (or memory corruption if asserts were disabled) during deep packet inspection.
YAF Release 2.17.4, 2026-Mar-26
Downloads
(SHA256=ebc061b2d302d68beec837faa435d2dd8bebf66a0e103ec5477cbdfe5cdca1dc)
Changelog
- Fixed an error since YAF-2.17.0 when using --uniflow that caused an assertion error (or memory corruption if asserts were disabled) during deep packet inspection.
YAF Release 2.18.2, 2025-Dec-11
Downloads
(SHA256=b2324e6c5468e4748e59d9f33312decc8e72cc9ee51e927cd7e77b3d3584d909)
Changelog
- Fixed a bug resulting in the Fragments flag in flowAttributes falsely being true for nearly every flow.
YAF Release 2.17.3, 2025-Dec-11
Downloads
(SHA256=499d860ed6038295785add991de74f39ed14d741c01cb002824d3f3a713e7be2)
Changelog
- Fixed a bug resulting in the Fragments flag in flowAttributes falsely being true for nearly every flow.
YAF Release 2.16.5, 2025-Dec-11
Downloads
(SHA256=7e3a7fdbc2f5e249d47806e930062dd0fe61e9e66c245c358de9c19d21edc87b)
Changelog
- Fixed a bug resulting in the Fragments flag in flowAttributes falsely being true for nearly every flow.
YAF Release 2.15.4, 2025-Dec-11
Downloads
(SHA256=0ec141d489d0e4b993dcd43218051aa3043f2f0a1c545b4f699b36840bc65a2e)
Changelog
- Fixed a bug resulting in the Fragments flag in flowAttributes falsely being true for nearly every flow.
YAF Release 2.18.1, 2025-Nov-21
Downloads
(SHA256=eebab530828deed9628c0d25e3ef663ec36a5dd992603f50fdf5824e19a30dea)
Changelog
- Fixed a memory leak and potential crash when full cert export is enabled.
YAF Release 2.17.2, 2025-Nov-14
Downloads
(SHA256=e40f343b58fdf878e5983307f81f45953e77eec229855021b8e4658936012537)
Changelog
- Fixed a memory leak and potential crash when full cert export is enabled.
- Fixed the accuracy of NNTP application labeling that caused several records to be mistakenly identified as NNTP.
- Fixed issues where temporary files for decompressed PCAP files were not always removed, and improved error reporting when decompression fails.
YAF Release 2.18.0, 2025-Oct-9
Downloads
(SHA256=2aeec41d7540b593d72fbd89b082bc6f1832e3a114b8335249a6d5c24b7e2377)
Changelog
- Upgrading: Previous /etc/yaf.conf files may need updating to work with the start-up scripts in this release: YAF_STATEDIR is no longer set when yaf.conf is read.
- Added the capability to determine the application label of an active flow and modify the amount of payload based on the result. Use options --applabel-max-payload to set the amount of payload to store for an appLabel and --applabel-check-early to enable early appLabel detection.
- Stopped the installation of yaf.conf into /etc which overwrote any previous file.
- Improved the yaf.conf file and the start-up files for both systemd and SysV init.d-style control. Reference copies of the start-up files are now installed under $prefix/share/yaf.
- Added counts of flows opened and the reasons flows were closed to the log file in both periodic messages and at shutdown, and reformatted those messages.
- Added a periodic log message that provides counts since the previous periodic message.
- Added the command line used to invoke yaf to the log file.
- Added appLabel and DPI support Microsoft DNS-related protocols for LLMNR and MDNS.
- Fixed an issue where some DNS records were not identified as such due to using newer RRTYPE values.
- Fixed the accuracy of NNTP application labeling that caused several records to be mistakenly identified as NNTP.
- Fixed issues where temporary files for decompressed PCAP files were not always removed, and improved error reporting when decompression fails.
Visit Release History for older releases.
