vrr/ntopng
2
0
Fork 0
mirror of https://github.com/ntop/ntopng.git synced 2026-05-05 19:15:03 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 4
26031 commits 26 branches 19 tags 448 MiB
Commit graph

762 commits

Author SHA1 Message Date
Matteo Biscosi
819f39830b Added ACL Violation alert (#8696) 2024-11-28 18:02:53 +01:00
Luca Deri
fb06400fe2 Changed alert serialization 2024-11-28 09:34:57 +01:00
Luca Deri
b1cff04dba Fixes #8830 2024-11-26 20:29:09 +01:00
Luca Deri
05720cb9ce Fingerprint improvements 2024-11-25 23:38:34 +01:00
Luca Deri
076d45b862 Uodated TP stream type 2024-11-25 10:55:04 +01:00
Luca Deri
2b09e88ede Added methods for getting DPI protocols 2024-11-24 20:47:37 +01:00
Luca Deri
33f21c3a47 Fix for #8818 2024-11-18 11:49:41 +01:00
Matteo Biscosi
10f2fe880f Added custom field mapping in historical flows 2024-11-06 10:47:03 +01:00
Luca Deri
b662353a35 Added resolved addresses to the DNS JSON 2024-10-29 19:08:56 +01:00
Luca Deri
3b1756a06a Added stub for DOMAIN_NAME 2024-10-28 11:28:56 +01:00
Luca Deri
b1cb9a547d Fixes DSCP/TOS set 2024-10-17 19:21:12 +02:00
Luca
5de88f0df7 Added comments 2024-10-16 17:48:13 +02:00
Matteo Biscosi
fdf1274391 Possible fix for counter overflow in syn flood alert 2024-10-16 17:30:55 +02:00
Matteo Biscosi
17ca341011 Minor fixes to syn flood alert 2024-10-15 11:04:38 +02:00
Luca Deri
48226d7de3 Improved flow host name support 2024-10-08 18:32:43 +02:00
Alfredo Cardigliano
57d683fd78 Parse WLAN_SSID and WTP_MAC_ADDRESS from flows and visualize them in flow details 2024-09-16 16:25:17 +02:00
Luca Deri
7036134bdb Compilation fixes due to nDPI changes 2024-08-24 16:44:27 +02:00
Luca Deri
7dc61bf496 Implemented mechanism to avoid collected flows to expire too early 
in case the original flow date was back in time (e.g. when
reproduced from an old pcap file, or if the flow sender has
invalid date/time set)
 2024-08-22 23:15:31 +02:00
Alfredo Cardigliano
548c9aeec5 Remove obsolete JA3 support 2024-08-09 09:08:32 +02:00
Luca Deri
9874229933 Cleaned up code 2024-08-07 18:45:50 +02:00
Luca Deri
e7430f97ea Cleaned up flow throughout calculation 2024-07-29 23:44:06 +02:00
Luca Deri
80abcc8005 Implemented flow traffic account in pcap interfaces when reading traffic from a pcap interface. 2024-07-29 15:14:47 +02:00
Luca Deri
c29a73d4f6 Fixed invalid application protocol accounting in network interfaces 
due to partial nDPi detection
 2024-07-26 22:10:59 +02:00
Luca Ferretti
87429d4314
FIrst integration of check on open server ports (#8402) 
* initial integretion of server port check

* update learning period and received packet time

* updated host initial time

* Update Flow.cpp

* fixed reported issues
 2024-05-27 11:16:54 +02:00
Nicolo Maio
02de3d317d Fix TCPFlowReset check. (#8264) 2024-05-15 17:40:57 +02:00
Matteo Biscosi
d795bf3474 Added NAT info in clickhouse (#8384) 2024-05-10 10:22:55 -04:00
Luca Deri
3d117a9e16 Added support for SIP CallID in flow key 2024-05-04 11:27:38 +02:00
Luca Deri
c51d4d70c9 CentOS 7 fixes 2024-04-29 21:48:15 +02:00
Luca Deri
ddd449ea90 Added the ability to set custom alert score 2024-04-29 11:56:02 +02:00
Luca Deri
4a93fe8a87 Added support in flow details for STUN MAPPED-ADDRESS 2024-04-12 21:14:38 +02:00
Matteo Biscosi
96d374007d Fixed info field cut after 256 characters 2024-04-08 13:11:09 -04:00
Luca Deri
296eebda0a Updates due to the new nDPI 2024-04-03 14:21:09 +02:00
Matteo Biscosi
9aaf15c49f Added network interface filter resolving the issue with duplicated flow exporters (#8129) 2024-03-28 05:55:15 -04:00
Nicolo Maio
93062e6c12 Fix minor connection state calculation with cumulative flags. 2024-03-26 17:11:25 +01:00
Nicolò Maio
c83a33e20b
Add in and out iface index filters (#8286) (#8288) 2024-03-26 10:29:18 +01:00
Luca Deri
c615274179 Code cleaup 2024-03-05 16:16:11 +01:00
Nicolò Maio
2d150103b7
Add TCP flow connection state (#8210) 
* Add TCP flow connection state (#8140)

* Add Major and Minor connection states (#8140)

* Remove ZMQ connection state parsing. (#8140)

* Update doc with major and minor conn states. (#8140)
 2024-02-28 14:45:49 +01:00
Nicolo Maio
5a295e5f8e Fix inconsistent DPI with nProbe (#8233) 2024-02-21 10:42:39 +01:00
Nicolo Maio
9165d05e40 Add JA4C 2024-02-20 11:48:13 +01:00
Luca Deri
3535198ea2 Various OT fixes 2024-02-16 19:18:13 +01:00
Luca Deri
841270d800 Added flow confidence 2024-02-16 16:37:05 +01:00
Nicolò Maio
d6cc11a10b
Refactor the isSMTP method (#8198) 2024-02-07 16:05:43 +01:00
Nicolo Maio
ed479a8b09 Add SMTP_MAIL_FROM, SMTP_RCPT_TO mapping + L7_PROTO_RISK_NAME dump on syslog. 2024-01-30 17:52:33 +01:00
Nicolo Maio
d0eb93ec1a Implement the FLOW_END_REASON parser. 2024-01-30 14:23:32 +01:00
Luca Deri
55870e97b9 (C) Update 2024-01-12 11:44:18 +01:00
Luca Deri
c00c4b9360 Added flow source support 2024-01-11 12:43:25 +01:00
Luca
aa3c050fc0 Reworked throughput calculation for flow-based interfaces: it is no longer calculated periodically but only when a new flow update is received 2024-01-11 11:36:25 +01:00
Alfredo Cardigliano
5642f22426 Fix 0 duration 2024-01-11 11:05:48 +01:00
Luca Deri
a5d1c92cdc Now with PF_RING in case of merged interfaces (e.g. -i virbr0,virbr1,eno1) ntopng keeps 
track of the interface where a flow/host has been first observed
 2023-12-01 20:48:40 +01:00
Matteo Biscosi
954d86bfb7 Fixes location not correctly set in case of aggregation 2023-11-30 14:20:24 +00:00