Before compiling Yaf, you need to compile and install the IPFIX library called libfixbuf is required (https://tools.netsa.cert.org/fixbuf/download.html). You will need libglib2.0-dev to compile libfixbuf.
./configure
make
sudo make install
sudo ldconfig
Then you can (download)[https://tools.netsa.cert.org/yaf/download.html], compile and install Yaf. You will need libpcap-dev.
./configure --enable-plugins --enable-applabel --enable-entropy
make
sudo make install
sudo ldconfig
sudo yaf --plugin-name=/usr/local/lib/yaf/dpacketplugin.la --live=pcap --in=eth0 --max-payload=512 --applabel --out=../../data/yaf
Passive DNS capture
yaf --plugin-name=/usr/local/lib/yaf/dpacketplugin.la --rotate 300 --live=pcap --in=eth0 --plugin-opts="53 80 443 110 21" --max-payload=2048 --udp-uniflow=53 --applabel --out=../../data/yaf
yafscii --in yaf --out - --tabular
super_mediator -i yaffile -o - -m TEXT
super_mediator -i yaf-20151206175818-00536.yaf -f 0,1,29,73 -o - -m TEXT