wanderer/ fastnetmon-rewritten
1
0
Fork 0
mirror of https://github.com/pavel-odintsov/fastnetmon synced 2024-05-18 04:06:11 +02:00
Code Issues Releases Activity
3,724 Commits 2 Branches 19 Tags 50 MiB
Commit Graph

110 Commits

Author SHA1 Message Date
Pavel Odintsov 64a78d1d83 Fixed bug in connection tracking logic due to double capture of mutex. Closes #988 2023-07-12 12:08:53 +01:00
Pavel Odintsov 1ec90a9837 Complete flow tracking logic for flow based counters 2023-07-11 22:45:58 +01:00
Pavel Odintsov 96c08b37bd Enabled host announce by default when GoBGP is enabled 2023-03-13 13:12:09 +00:00
Pavel Odintsov c5090e8e84 Increased default threshold per host from 20k to 100k as 20k is too low for modern traffic speeds 2023-03-01 14:23:34 +00:00
Pavel Odintsov 71096caf9c
Updated Netflow v9 plugin configuration about IPv6 support 2023-02-14 20:33:01 +00:00
Pavel Odintsov e6ffb31e5c Added option to export traffic to Kafka in Protobuf format 2023-02-12 21:17:05 +00:00
Pavel Odintsov 2e9af3ba91 Added native Prometheus support 2023-02-11 18:08:48 +00:00
Pavel Odintsov 03ded87f1d Added logic to load Kafka configuration for traffic export 2023-02-05 17:54:40 +00:00
Pavel Odintsov 9f9d1ebd46 Added new configuration options: dump_all_traffic and dump_other_traffic useful for parser debugging 2023-01-25 17:37:48 +00:00
Pavel Odintsov d62d81dc50 We do not use quotes for configuration parameters 2023-01-25 14:34:02 +00:00
Pavel Odintsov f12ce5ed7b Breaking change in logging configuration. We've repalced our snowflake 'logging:' prefix by standard 'logging_' 2022-10-15 13:11:14 +01:00
Pavel Odintsov 62524d270d Enabled stats logic by default with option to disable it via: disable_usage_report = on 2022-10-12 19:39:49 +01:00
Pavel Odintsov 5598ac3d21 Implemented plugin for AF_XDP XDP based traffic capture 2022-10-02 19:50:10 +01:00
Pavel Odintsov 1b09faa53f Configuration cleanup from not used options 2022-08-16 19:08:57 +01:00
Pavel Odintsov fdca825466
Improved documentation in configuration file 2022-08-16 19:05:08 +01:00
Pavel Odintsov db8c9ab7fd Removed configuration option enable_subnet_counters and enabled it by default. We've removed it from fastnetmon_client, please use InfluxDB integraration instead 2022-08-03 22:45:37 +01:00
Pavel Odintsov 32e20bd99e Reduced number of packets for attack confirmation from 50 to 20 as 50 is too much for sampled protocols 2022-08-03 22:42:22 +01:00
Pavel Odintsov 4f27cf0657 We deprecated configuration field notify_script_pass_details and set it to true by default. You need to read stdin attack information for both ban and attack_details actions 2022-08-03 22:40:41 +01:00
Pavel Odintsov bfde24946e We've unified average calculation time between hosts and networks and removed configuration option average_calculation_time_for_subnets as we do not need it. Cleanup in unused Flow Spec code. 2022-07-29 17:47:43 +01:00
Pavel Odintsov 54da2b6cad
Deprecated PF_RING plugin for new versions. We switched to AF_PACKET which is compeltely open source and worse way better (#929) 2022-04-04 15:30:23 +01:00
Pavel Odintsov a8af8ea5e7
We decided to remove DPI support as it does not work for all protocols and focus only on L3 and L4 protocols (#928) 2022-04-02 22:23:52 +01:00
Pavel Odintsov 79ed5e3548 Added conf option to control how often we export traffic to Graphite 2022-04-02 01:39:06 +01:00
Pavel Odintsov 419f23200b Added conf options to control how often we export traffic to InfluxDB 2022-04-02 01:39:06 +01:00
Pavel Odintsov bcb28203bd Added InfluxDB support 2022-03-28 14:58:01 +01:00
Pavel Odintsov e2b5c468a0 Added stub conf options for IPv6 BGP implementation 2022-03-25 13:40:29 +00:00
Pavel Odintsov 27589dd835 Introduced separate packet length parser management flag for AF_PACKET: af_packet_read_packet_length_from_ip_header. It's not coupled with Netmap anymore 2022-03-25 13:40:29 +00:00
Pavel Odintsov 7b609acbd1 Added option sflow_read_packet_length_from_ip_header to use packet length from header instead of sFlow field. 2022-03-25 13:40:29 +00:00
Pavel Odintsov 7423088151 Added support for native BGP communities for GoBGP integration. 2022-03-24 01:29:11 +00:00
Pavel Odintsov 802acec352 Implemented BGP community parsers logic 2022-03-24 01:29:11 +00:00
Pavel Odintsov de34d99801 Ipv6 callback 
* Added proper storage for captured IPv6 packets

* Added final logic to trigger IPv6 attacks
 2022-03-24 01:23:56 +00:00
Pavel Odintsov f839e8d27d Added logic to show total IPv6 counters in fastnetmon_client 2022-03-19 21:58:07 +02:00
Pavel Odintsov 6e7c6df1f1 Removed obsoleted values from configuration 2022-03-19 21:58:07 +02:00
Pavel Odintsov 88e112376a We have to revert process internal as external logic because it make migration to new counters logic impossible 2022-03-19 21:58:07 +02:00
Pavel Odintsov c19c1c39d1 Deprecated PF_RING filters compeltely 2022-03-14 00:09:35 +02:00
Pavel Odintsov 48c43a8952 Removed Snabb Switch support 2022-03-13 17:18:21 +02:00
Pavel Odintsov b2da05e6e1 Added option to process intrenal traffic as external for attack detection purposes. 2022-03-13 17:18:21 +02:00
Pavel Odintsov 69f490a0da Deprecated LUA support 2022-02-26 20:12:06 +00:00
Pavel Odintsov 74d01090fd Implemented option to configure delay between traffic recalculations: speed_calculation_delay 2022-02-20 00:19:29 +00:00
Pavel Odintsov e91fff07da Made option to read list of networks from OpenVZ configurable and optional. 2022-02-10 13:39:04 +00:00
Pavel Odintsov d077617eb3 Aligned average calculatuon time for subnets and enabled per flow counters by default 2022-02-09 14:42:20 +00:00
Pavel Odintsov 6e6f1ca053 Added option to control fanout mode in AF_PACKET. 2022-02-09 14:42:20 +00:00
Pavel Odintsov 7082750cae Added support for artificial sampling rate in AF_PACKET mode. 2022-02-09 14:42:16 +00:00
Pavel Odintsov 93ead8d3bc
Commented out default hostgroup 2019-07-11 20:58:09 +01:00
Pavel Odintsov 4790c728eb
Disabled sFlow and Netflow plugins by default 2019-07-11 20:03:04 +01:00
Dmitriy Limonov f527101e62 Added decoding of the outer vlan tag in sflow packets. (#736) 
* Added decoding of the outer vlan tag in sFlow packets for QnQ
 2018-09-28 16:59:49 +01:00
Pavel Odintsov 1fdde91cbb Fixed bunch of paths to old versions of FNM 2017-12-03 21:22:11 +00:00
Pavel Odintsov ec092ae702 Fix about absent support of domains names 2016-11-07 01:12:23 +00:00
Pavel Odintsov 6e07a08bec Remove space at the end of "ban_for_tcp_pps" line 2016-09-09 09:06:31 +03:00
Pavel Odintsov a2ab84e771 Merged test API server. Refactor cmake file. Get rid absolute library paths. 2015-10-16 00:24:03 +02:00
Pavel Odintsov 204b41aedc Completely workiing GoBGP integration. But compilation do not enabled by default 2015-10-05 12:48:48 +02:00