This release includes 4 breaking changes for platform teams planning a safe upgrade.
Published 1mo
Offensive & Pentesting
✓ No known CVEs patched
✓ No known CVEs patched in this version
Topics
dns
linux
packet-capture
pcap
penetration-testing-tools
proxychains
+1 more
rust
Summary
AI summaryRootless workflow becomes default and DNS/proxy/packet‑capture controls are clarified on Linux.
Full changelog
childflow v0.3.0
childflow 0.3.0 makes the rootless path the main day-to-day workflow and improves per-command-tree DNS, proxy, and packet capture control on Linux.
Highlights
- polished the default
rootless-internalbackend - added
--doctorfor backend readiness checks - introduced clearer capture modes:
child,egress,wire-egress, andboth - renamed capture and proxy-auth CLI options for clarity
- added Docker demo, E2E, and rootless smoke coverage
Notable Changes
--doctorreplaces the old doctor subcommand style-c, --capturereplaces the old-o-C, --capture-pointreplaces the old output-view naming-U, --proxy-userand-P, --proxy-passwordare now available- capture files now include metadata for capture view, backend, kind, and interface
Notes
- Linux only
--ifaceand transparent proxy / TPROXY still require--rootegressis an egress-oriented synthetic/logical view, whilewire-egressis a real host-side capture view
Breaking Changes
- --doctor replaces the old doctor subcommand style
- -c, --capture replaces the old -o option
- -C, --capture-point replaces the old output‑view naming
- Capture files now include metadata (capture view, backend, kind, interface)
Weekly OSS security release digest.
The CVE patches and breaking changes that affected production tools this week. One email, every Sunday.
No spam, unsubscribe anytime.
Share this release
About Childflow
All releases →Related context
Related tools
Beta — feedback welcome: [email protected]