vrr/ntopng
2
0
Fork 0
mirror of https://github.com/ntop/ntopng.git synced 2026-05-21 18:33:24 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 3
8568 commits 26 branches 19 tags 461 MiB
Commit graph

859 commits

Author SHA1 Message Date
Simone Mainardi
bbeb491534 Fixes certain DNS flows with multiple queries not reset 2020-02-07 20:29:44 +01:00
emanuele-f
7105cb8a65 Add score and user script config link into the flow details additional status 2020-02-07 20:02:19 +01:00
emanuele-f
e3d3d3992f Replace an existing flow alert if a more critical problem is found 
Also add the flow score into the database
 2020-02-07 19:20:57 +01:00
emanuele-f
0a0a3c4537 Rework flow status accounting 2020-02-07 19:17:07 +01:00
Simone Mainardi
38ee7f8439 Fixes for idle transitions not performed 
Fixes #3394

Commit also affects #3106 as now DNS flows are adjusted
periodically when they contain more than one query
 2020-02-07 19:13:45 +01:00
emanuele-f
5882926b0b Host score increment fix for PCAP dump interfaces 2020-02-07 11:32:22 +01:00
Luca Deri
f1d8fb00f4 Handled partial protocol detection 2020-02-06 22:01:32 +01:00
Luca
30f52179d9 Fixes #3106 2020-02-06 19:21:05 +01:00
Simone Mainardi
05750cf3ef Fixes and cleanup 2020-02-05 18:07:54 +01:00
emanuele-f
8d51dae0e5 Implement Misbehaving vs Alerted flows chart 2020-01-27 15:37:36 +01:00
Luca Deri
e55854aaff Initial work on host bins 2020-01-27 11:55:00 +01:00
Simone Mainardi
ca2322531c Fixes 3WH computation with ECE and CWR flags 
Fixes #3255
 2020-01-20 11:53:41 +01:00
emanuele-f
566b9ece0b Score changes 
- Move score from status definition to user scripts
- Separate flow score counter from the peers score
- Create a new HostScore class to hold the score data
 2020-01-16 18:11:14 +01:00
emanuele-f
01d5d83f21 Account host score also on volatile flows (e.g. scans) 
Such flows may go idle too early and miss the minute.lua iteration
 2020-01-16 14:08:49 +01:00
Simone Mainardi
5fbb370134 Fixes sync issues between threads 
Fixes #3246
 2020-01-15 19:20:34 +01:00
emanuele-f
c336cca0e7 Improve host score calculation 2020-01-15 18:42:48 +01:00
emanuele-f
d7528e1628 Score improvements 
The score is now calculated differently on the client and on the server of the flow.
The hosts flow is updated every minute and charted.
It's now possible to trigger an alert when the score threshold is exceeded
 2020-01-15 12:34:16 +01:00
Alfredo Cardigliano
55b1ca75a9 Replace anomalous with misbehaving to avoid inconsistencies (fix #2866) 2020-01-14 15:49:19 +01:00
emanuele-f
93a96eb214 Code cleanup 2020-01-13 15:20:38 +01:00
Simone Mainardi
7960bdfa38 Adds ports information to flow alerts 
Implements #3216
 2020-01-13 12:18:43 +01:00
Simone Mainardi
0ef0c27f66 Refines scan detection by not checking ECE or CWR 2020-01-09 14:55:57 +01:00
Simone Mainardi
fec159f63a Fix for syn scan alerts detection 2020-01-09 10:21:29 +01:00
Simone Mainardi
76391ff6a5 Resores flow alerts for view interfaces 2020-01-08 18:18:00 +01:00
Simone Mainardi
8cb1db967a Improvements to the probing traffic detection algorithm 2020-01-08 10:46:53 +01:00
Luca Deri
57e6a93065 Improved scheduling algorithm to guarantee minimum service time when number of entries allow 
Updated (C)
 2020-01-06 23:36:36 +01:00
Simone Mainardi
0ade3cc8ed Handles TCP fast-open 3WH with data piggybacked in ACK 
Handles https://lwn.net/Articles/508865/
 2020-01-03 12:22:15 +01:00
Simone Mainardi
417c4a3146 Reworks handling of TCP flags for both ZMQ and packet interfaces 
This commit allows simplifies the code and also allows flags-based alerts
to be triggered for packet and non-packet interfaces

Fixes #3167
 2020-01-02 19:21:44 +01:00
Simone Mainardi
8a169991cb Minor method name change 2020-01-02 15:18:49 +01:00
Simone Mainardi
0fc220bd0a Removes unused cli2srv_direction Flow class member 2020-01-02 15:04:49 +01:00
Luca
92ea3cf5a0 TLS certificate improvements 2020-01-02 09:36:31 +01:00
emanuele-f
9d9fbd2aee Fix broken flows purging 2020-01-01 12:18:13 +01:00
emanuele-f
87c336a4aa Reduce cpu usage due to the loading of flow.lua 
The FlowAlertCheckLuaEngine is now cached into the (reused) vm, so it is reloaded
only when needed (e.g. a script on disk changes).
 2019-12-31 18:27:14 +01:00
Simone Mainardi
b44de6e18d Implements discarded probing traffic counters and timeseries 2019-12-31 16:01:24 +01:00
Simone Mainardi
2abb8cfde5 Reworks flow scripts deadlines 2019-12-27 20:50:53 +01:00
Luca Deri
c5fbb49bfd Fix for memory corruption in flow initialization 2019-12-26 23:00:45 +01:00
emanuele-f
8b7d711a36 Add option to disable flow user scripts invocation 2019-12-23 18:03:19 +01:00
Simone Mainardi
6901aed387 Fixes possibly wrong DNS protocol category 2019-12-23 15:34:10 +01:00
Simone Mainardi
71fa8de0a3 Fixes DNS protocol detection with resolvers using same ports 
Fixes #3106
 2019-12-23 12:42:47 +01:00
Simone Mainardi
cc8c98581d Fixes flow filters not listing certain master protocols 
Fixes #2892
 2019-12-20 17:26:52 +01:00
Simone Mainardi
77960010fe Fixes broken DNS qry/rsp dissection 2019-12-20 14:56:41 +01:00
Simone Mainardi
562ac1d0f8 Fixes custom categories detection and concurrency issues 2019-12-19 18:38:14 +01:00
Simone Mainardi
f9b6921983 Fixes devices policies reload and alerts generation 
Fixes #3102
 2019-12-19 11:42:24 +01:00
Simone Mainardi
16f93bd6e1 Fixes vtable pointers overwrites 2019-12-18 12:08:16 +01:00
Simone Mainardi
141cbeb2bc ICMP fixes and tables for both ICMP and ICMPv4 2019-12-18 10:17:31 +01:00
Simone Mainardi
ba13e49856 Updates vlans, pools, ases stats for view interfaces 2019-12-13 18:49:29 +01:00
Simone Mainardi
0ebc64cf71 Handles offline NetBIOS updates 2019-12-13 17:08:35 +01:00
Simone Mainardi
0a7d677beb Handles offline MDNS updates 2019-12-13 16:54:13 +01:00
Simone Mainardi
69453397a5 Handles offline MDNS updates 2019-12-13 16:47:18 +01:00
Simone Mainardi
e0c247bfca Implements tcp stats for view interfaces 2019-12-13 15:28:02 +01:00
Simone Mainardi
a65b6efc7c Implements icmp hosts stats for view interfaces 2019-12-13 13:06:26 +01:00