vrr/ntopng
2
0
Fork 0
mirror of https://github.com/ntop/ntopng.git synced 2026-05-05 19:15:03 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 4
26031 commits 26 branches 19 tags 448 MiB
Commit graph

762 commits

Author SHA1 Message Date
emanuele-f
e0fd591db2 Add ability to reset a status bit 2019-10-16 16:21:18 +02:00
emanuele-f
9786581526 flow.getInfo now returns minimal information 2019-10-16 13:57:54 +02:00
Simone Mainardi
a208285aab nEdge compilation fix 2019-10-12 01:31:36 +02:00
emanuele-f
0ddc82d7db Port blacklisted flow alerts to new api 2019-10-11 16:32:37 +02:00
Alfredo Cardigliano
364b9057f2 TCP connection refused check (fix #2933) 2019-10-11 16:02:17 +02:00
Luca
aa908c97cf Merge branch 'dev' of https://github.com/ntop/ntopng into dev 2019-10-11 11:41:29 +02:00
Luca
d1417519ec Reworked bitmap handling 2019-10-11 11:41:20 +02:00
Simone Mainardi
48caf68f69 Fixes invalid state transitions 2019-10-11 11:15:38 +02:00
Luca Deri
fc6f055137 Initial code cleanup for flow scripts 2019-10-09 23:39:44 +02:00
Simone Mainardi
27444ec067 Reworks lua method calls in flow context 2019-10-09 11:51:53 +02:00
Alfredo Cardigliano
7e9678de37 IDS alert -> External alert 2019-10-09 11:35:51 +02:00
Simone Mainardi
359599c4eb Removes static Flow::lua_method_id_to_name map moving it in a flow method 2019-10-07 12:32:50 +02:00
Alfredo Cardigliano
256fec9283 Importing http metadata from Suricata 2019-10-05 12:15:16 +02:00
emanuele-f
fc308260be Fix Flow protos.dns.last_query_type and protos.dns.last_return_code 2019-10-03 16:23:01 +02:00
Simone Mainardi
b81592e49f nEdge compilation fixes 2019-09-30 20:04:42 +02:00
Simone Mainardi
7edfdf3944 Exposes interarrival times via lua flow functions 2019-09-30 19:25:49 +02:00
Simone Mainardi
fa17aab9db Implements lua flow method calls using ids to be more efficient 2019-09-30 17:29:01 +02:00
emanuele-f
62f136cc08 Fix detection give up in nEdge 
This prevented most flows from being offloaded
 2019-09-27 17:35:27 +02:00
emanuele-f
903fcf9c98 Rename callback in processFullyDissectedProtocol 2019-09-27 14:55:50 +02:00
emanuele-f
793c4bc4c5 Add extra detection function 2019-09-27 14:07:26 +02:00
Simone Mainardi
d36d69b2e2 Additional alerted flows debug traces 2019-09-24 18:19:26 +02:00
Luca
7379cc1a1c Updated IAT calculation for TCP flows skipping 3WH packets 2019-09-24 17:31:46 +02:00
Simone Mainardi
0bbda384c9 Adds alerted flow flag 2019-09-24 16:00:51 +02:00
Simone Mainardi
da1dbe4ab0 Reworks hash entries idling 2019-09-24 14:29:20 +02:00
emanuele-f
1bf89fdb4d Add server malicious JA3 signature check and improve alert information 
Closes #2880
 2019-09-24 13:30:32 +02:00
Simone Mainardi
7f150ef407 Implements alerted flows counters and shows them in the footer 
Implements #2863
 2019-09-19 15:15:32 +02:00
emanuele-f
f735749716 Add flow alert information into the flow defails 2019-09-18 15:10:41 +02:00
Simone Mainardi
b3d595653e Initial implementation of lua flow callback scripts and blacklisted alerts 
Partially implements #2842
 2019-09-16 18:27:46 +02:00
Alfredo Cardigliano
b7d459dd2b Moved strdup for JSON/TLV strings from Flow to Parser to handle non-null-terminated strings 2019-09-13 12:36:19 +02:00
Simone Mainardi
968e21d984 Implements flow lua callbacks in the periodic activities thread 2019-09-12 15:36:41 +02:00
Alfredo Cardigliano
9bd00fa0ee Support for encoding additional fields to TLV 2019-09-10 20:50:34 +02:00
emanuele-f
4d62d68655 Add active alerted flows filter and count 
Closes #2821
 2019-09-10 17:52:22 +02:00
Luca
46a3ef5002 Removed unused variable 2019-09-10 15:56:13 +02:00
Simone Mainardi
8c3271753e Allocates InterarrivalStats only for packet interfaces with unsampled traffic 
Fixes #2826
 2019-09-10 12:15:01 +02:00
emanuele-f
d9a44d615a Implement generic flow callbacks 2019-09-05 19:11:11 +02:00
Alfredo Cardigliano
38a53ec1fa Transferring flows status bitmap to the client/server host. Added anomalous flows reasons to the host details page. 2019-09-05 17:55:00 +02:00
Alfredo Cardigliano
4ea64d4275 Flow::getFlowStatus is now setting a bitmap to handle multiple statuses to be exposed in the flowinfo 2019-09-04 18:27:32 +02:00
emanuele-f
fbb66951b5 Add alert score on hosts 2019-09-03 13:36:27 +02:00
Luca Deri
6fb94b8a1a Enhanced flow stats 2019-09-03 00:23:08 +02:00
Luca Deri
ffcfe398cc Reworked flow stats defining InterarrivalStats 
Fixed ms/timeval diffrence functions
 2019-09-02 23:58:34 +02:00
emanuele-f
2d02de6cc1 Implement initial flow score support 2019-08-30 17:16:11 +02:00
Alfredo Cardigliano
2c81afd678 Setting severity for IDS alerts 2019-08-28 03:38:01 +02:00
emanuele-f
b66b71fd7e Implement alert on JA3 malicious signatures 
Closes #2788
 2019-08-28 18:33:13 +02:00
Simone Mainardi
af61cfd483 Implements tcp packet stats for hosts, ases, networks in interface views 2019-08-27 11:16:20 +02:00
Simone Mainardi
11aa854cba Handles hosts HASSH fingerprints 2019-08-26 16:55:39 +02:00
Simone Mainardi
0353edb2a6 Adds ssh HASSH signatures into flows 2019-08-26 15:22:47 +02:00
Simone Mainardi
54473f7883 Updates host pools stats also in community mode 2019-08-20 12:00:41 +02:00
Luca
899b580cc4 SSL/TLS rename 2019-08-08 15:24:38 +02:00
Alfredo Cardigliano
babab56394 Handling http ret code, dns query type and ret code from the ZMQ parser 2019-07-26 16:12:35 +00:00
Alfredo Cardigliano
d010bb9b47 ZMQ flow processing optimization (+20%) 2019-07-26 11:11:40 +00:00