vrr/ntopng
2
0
Fork 0
mirror of https://github.com/ntop/ntopng.git synced 2026-05-20 09:03:24 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 3
9275 commits 26 branches 19 tags 459 MiB
Commit graph

26 commits

Author SHA1 Message Date
Guido Falsi
011eb77d4e htons(3) expect an unsigned integer as input, so lua_tointeger() looks more appropriate there. 
Not sure why on FreeBSD armv7 it's causing an error, my best guess is that certain compiler/arch combinations refuse tu implicitly cast float to unsigned int.

Problem and patch reported and proposed by @rbgarga

This should fix #3743
 2020-04-15 14:30:26 +02:00
Luca Deri
57e6a93065 Improved scheduling algorithm to guarantee minimum service time when number of entries allow 
Updated (C)
 2020-01-06 23:36:36 +01:00
Alfredo Cardigliano
e38835a603 Rename SSL to TLS (fix #3013) 2019-11-15 12:40:01 +01:00
Alfredo Cardigliano
d05777df1e External alerts API update and cleanup 2019-10-22 15:08:06 +02:00
Alfredo Cardigliano
3290bd803b Propagating additional fields to companion interface 2019-10-15 16:41:42 +02:00
Alfredo Cardigliano
240fa15149 Handle additional fields from Suricata 2019-10-15 15:48:12 +02:00
Alfredo Cardigliano
76759a7d03 Suricata events are now processed by the Lua script 2019-10-10 15:56:53 +02:00
Alfredo Cardigliano
a2e74e16a3 New Lua interface.processFlow API, moved processFlow from NetworkInterface to ParserInterface, code cleanup 2019-10-10 12:49:32 +02:00
Alfredo Cardigliano
256fec9283 Importing http metadata from Suricata 2019-10-05 12:15:16 +02:00
Alfredo Cardigliano
b7d459dd2b Moved strdup for JSON/TLV strings from Flow to Parser to handle non-null-terminated strings 2019-09-13 12:36:19 +02:00
Alfredo Cardigliano
9bd00fa0ee Support for encoding additional fields to TLV 2019-09-10 20:50:34 +02:00
Alfredo Cardigliano
2c81afd678 Setting severity for IDS alerts 2019-08-28 03:38:01 +02:00
Alfredo Cardigliano
f8af84df2d SyslogParserInterface now supports the companion interface for delivering Suricata alerts to a packet interface (#1928) 2019-08-27 17:53:34 +02:00
Simone Mainardi
115378f8fc Fixes ja3s_hash initialization in copy constructor 2019-07-30 15:54:08 +02:00
Alfredo Cardigliano
babab56394 Handling http ret code, dns query type and ret code from the ZMQ parser 2019-07-26 16:12:35 +00:00
Alfredo Cardigliano
dc435fd7a3 Parsing missing IE from the default cento/nprobe template to avoid using 'additional fields' (performance boost +35% - 195Kfps) 2019-07-26 15:30:35 +00:00
Alfredo Cardigliano
289e787da7 Creating the flow additional fields json object only when required 2019-07-26 12:54:40 +00:00
Simone Mainardi
f2b90f5c48 Fixes flows direction when receiving eBPF events 2019-06-17 15:02:36 +02:00
Simone Mainardi
9cbd7caabe Additional fixes for eBPF client/server processes 2019-06-14 17:33:53 +02:00
Simone Mainardi
ae8d1b828e Fixes eBPF client/server processes 2019-06-14 16:04:15 +02:00
Simone Mainardi
ace94bd786 Prevents eBPF events from being set for standard nProbe flows 2019-05-15 17:59:52 +02:00
Simone Mainardi
7eedde24e3 Dispatches eBPF events using class ParsedFlow 2019-05-13 13:04:06 +02:00
Simone Mainardi
c95bdc7aa4 Implements class ParsedeBPF to handle eBPF events 2019-05-13 11:56:24 +02:00
Simone Mainardi
16c4772c03 Code cleanup 2019-05-10 19:51:52 +02:00
Simone Mainardi
12d8d1147b Uses class destructor to free json object mem 2019-05-10 19:40:41 +02:00
Simone Mainardi
ab92ee7926 Converts ZMQ PODs to classes 2019-05-10 19:32:34 +02:00