Implement ICMP data exfiltration alerts

Closes #256
2026-05-01 16:30:10 +00:00 · 2019-05-28 10:37:27 +02:00 · 2019-05-28 10:37:27 +02:00 · 1c9a4d3461
commit 1c9a4d3461
parent 9252ead5a5
13 changed files with 47 additions and 2 deletions
--- a/scripts/lua/admin/prefs.lua
+++ b/scripts/lua/admin/prefs.lua
@ -319,7 +319,8 @@ function printAlerts()
 			   "row_toggle_ssl_alerts", "row_toggle_dns_alerts", "row_toggle_remote_to_remote_alerts",
 			   "row_toggle_ip_reassignment_alerts", "row_toggle_dropped_flows_alerts", "row_alerts_informative_header",
 			   "row_toggle_device_first_seen_alert", "row_toggle_device_activation_alert", "row_toggle_pool_activation_alert", "row_toggle_quota_exceeded_alert", "row_toggle_mining_alerts", "row_toggle_device_protocols_alerts",
-			   "row_toggle_longlived_flows_alerts", "longlived_flow_duration", "row_toggle_elephant_flows_alerts", "elephant_flow_local_to_remote_bytes", "elephant_flow_remote_to_local_bytes"
+			   "row_toggle_longlived_flows_alerts", "longlived_flow_duration", "row_toggle_elephant_flows_alerts", "elephant_flow_local_to_remote_bytes", "elephant_flow_remote_to_local_bytes",
+         "row_toggle_data_exfiltration",
 			}
 
 if not subpage_active.entries["toggle_mysql_check_open_files_limit"].hidden then
@ -460,6 +461,13 @@ function printAlerts()
    "ntopng.prefs.", "elephant_flow_remote_to_local_bytes", prefs.elephant_flow_remote_to_local_bytes, 
    "number", showElements, nil, nil, {min=1024, format_spec = FMT_TO_DATA_BYTES, tformat="kmg"})

+  prefsToggleButton(subpage_active, {
+    field = "toggle_data_exfiltration",
+    pref = "data_exfiltration_alerts",
+    default = "1",
+    hidden = not showElements,
+  })
+
  print('<tr id="row_alerts_informative_header" ')
  if (showElements == false) then print(' style="display:none;"') end
  print('><th colspan=2 class="info">'..i18n("prefs.status_alerts")..'</th></tr>')