vrr/ntopng
2
0
Fork 0
mirror of https://github.com/ntop/ntopng.git synced 2026-04-28 23:19:33 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 3
25194 commits 26 branches 19 tags 444 MiB
Commit graph

1002 commits

Author SHA1 Message Date
Simone Mainardi
0b1f12f928 Improves jsonencode function 2016-08-09 18:17:39 +02:00
Simone Mainardi
199b418037 Implements db-based new generation alerts with lua API (wip) 2016-08-05 19:11:34 +02:00
Simone Mainardi
770bc4c6fc Security Fix: users enumeration 
A user reported us

"""
I would like to report a possible security issue in ntopng.

When connected with a regular, unprivileged user, it is possible to force-navigate to the URL: http://192.168.2.176:3000/lua/admin/validate_new_user.lua?user=<anyuser>&networks=0.0.0.0/0,::/0
Due to this, it is possible to replace <anyuser> with a list of users and enumerate the users that exist in the system.
"""

This commit fixes the issue
 2016-08-05 17:53:34 +02:00
Luca Deri
89d6fa301a Added minimal json encoding function 
Modified bash path in ntopng-add-user.sh
 2016-08-05 11:03:56 +02:00
Luca Deri
45e0c01377 Fix for #672 2016-08-03 15:05:38 +02:00
Simone Mainardi
374d41387a Implements a lua table slicing facility 2016-07-26 20:07:10 +02:00
Simone Mainardi
7a8878a886 Adds bidirectional flags in host_get_json TCP flows 
An excerpt of the json returned is:

{"srv.ip":"a.b.c.d","cli.port":50559,"srv.port":443,
"cli2srv.tcp_flags":{"SYN":1,"RST":0,"PSH":1,"FIN":0,"URG":0,"ACK":1},"cli2srv.throughput_bps":0,"bytes":2869,"srv2cli.throughput_bps":0,"cli2srv.throughput_pps":0,
"srv2cli.tcp_flags":{"SYN":1,"RST":0,"PSH":1,"FIN":0,"URG":0,"ACK":1},"tcp_established":true,"srv2cli.throughput_pps":0,"cli.ip":"192.168.2.130","proto.ndpi_id":126,"proto.ndpi":"SSL.Google"},
 2016-07-14 12:44:55 +02:00
Luca
c85fa80ddd Removed hard-coded number now a #define 
Preliminary work for the enterprise edition
 2016-07-09 09:58:13 +02:00
Simone Mainardi
2c693cb0c1 Adds the ability to set a custom Google Maps API key 
Users can now generate a custom Google Maps API key and
set it via ntopng Preferences page.

Addresses #646
 2016-07-06 11:46:37 +02:00
Simone Mainardi
a51994cfec Implements asynchronous database schema updates 
Database updates are now performed asynchronously.
The web server starts but notifies the user with a
'please wait' message until the updates are completed.
 2016-07-04 19:37:44 +02:00
Luca Deri
5791d5a262 Improved SNMP support 2016-07-03 13:06:34 +02:00
Simone Mainardi
e86103f9fc Accounts all phyisical interfaces in grouped view stats 
Addresses issue raised in #486
 2016-06-24 15:58:03 +02:00
Simone Mainardi
79f778ab59 Fixes web interface ssl certificates visualization issues 2016-06-21 15:41:52 +02:00
Luca Deri
1a154dc52f Per hosts alerts are not correctly initialized 
Aded IPv6 label to top talkers to easily identify hosts with dual stack
 2016-06-18 10:16:02 +02:00
Luca Deri
43c17964e5 Implemented non-L3 stats and improved tcp flow stats 2016-06-17 23:51:13 +02:00
Luca Deri
bd1de5ad64 Fixed merge error (damn git) 2016-06-15 16:52:01 +02:00
Luca Deri
71646ff4bb Merge branch 'dev' of https://github.com/ntop/ntopng into dev 2016-06-15 16:51:07 +02:00
Luca Deri
9a717fede5 Implemented ICMPv6 dissection 2016-06-15 16:42:52 +02:00
Simone Mainardi
6b00fe18b3 Refactors function historicalProtoHostHref 2016-06-15 16:02:57 +02:00
Luca Deri
d6bc2ce91a Implemented ICMP handling 
Optimized flow memory
 2016-06-15 15:33:00 +02:00
Luca Deri
46e0fef38b Implemented alert generation for suspicious probing attempts 
Refactored code for historical traffic analysis
Added various HTML anchors to quick jump to historical reports if -F is used (Pro version only)
 2016-06-15 11:37:52 +02:00
Luca Deri
a26dbe0a6a Fixed bug in interface switch 2016-06-14 16:46:39 +02:00
Luca Deri
ceca189c8e Implemented per interface TCP stats 2016-06-14 14:31:58 +02:00
Simone Mainardi
5d8fbaef9a Prevents nil-string comparisons 
Addresses #609
 2016-06-10 12:57:55 +02:00
Simone Mainardi
4aebe42ab7 Fixes refresh for VLAN-tagged hosts in hosts_stats.lua 2016-06-04 16:37:01 +02:00
Simone Mainardi
a07b8fe22a Escapes double-quotes in AS html 2016-06-01 15:47:02 +02:00
Luca Deri
d35b1b6348 Fixed missing smile 2016-05-31 12:43:53 +02:00
Luca Deri
79022c7238 Fixed flow statistics in host_get_json.lua 
Fixed TCP flags
Smaller cosmetic fixes
 2016-05-30 22:58:08 +02:00
Simone Mainardi
c28fe1248e Adds a method to print purged hosts/flows error messages 2016-05-27 14:26:44 +02:00
Luca Deri
58e48e4529 Improved flow status detection 2016-05-16 19:13:55 +02:00
Luca
5ff9db9dd5 Improved detection of flow status 2016-05-16 18:54:08 +02:00
Luca Deri
4acb2b0e81 Minor cosmetic fixes 2016-05-07 00:20:55 +02:00
Simone Mainardi
9ce96af916 Prevents localstats to be overwritten in interfaces aggregation 
Fixes #552
 2016-05-06 11:02:44 +02:00
Luca Deri
7a34bd7891 Added checks for #497 2016-04-15 22:11:50 +02:00
Simone Mainardi
05c1209310 Pops-up a window to download flows (and prevents page changes to be lost) 2016-04-13 15:51:23 +02:00
Simone Mainardi
7b1e38cc6e Checks whether local packet dump is enabled via Lua 
Fixes #487
 2016-04-12 18:26:32 +02:00
Luca Deri
8b150132d2 Added interface TCP stats 2016-04-11 00:02:37 +02:00
Simone Mainardi
27d9f37016 Fixes issues when sorting flows 
Todo: check also host sort that may be affected as well

Fixes #464
 2016-04-02 18:11:42 +02:00
Luca Deri
ef6fdebf63 Fixes in MySQl batch 2016-03-26 22:00:56 +01:00
Luca
c3d2ecc749 Implemented flow packets interarrival stats 2016-03-23 23:22:58 +01:00
Luca Deri
0c0b671e0f Improved top sites 2016-03-22 14:56:03 +01:00
Simone Mainardi
d89cde0409 Handles interface alerts with ids 
The Interface Alerts toggle button was not working. This
commit fixes this bug as well.
 2016-03-16 19:53:13 +01:00
Luca
8f0f8fc1cf Added logic to detect flows with low goodput (e.g. originated by tools like https://github.com/shekyan/slowhttptest) 2016-03-08 19:18:28 +01:00
Simone Mainardi
5fe6d42bb4 Fixes unescaped dots in lua string.find methods 2016-02-18 19:52:44 +01:00
Luca
ce178a1127 Initial work towards counter trends 2016-02-13 00:07:03 +01:00
Simone Mainardi
25ee0d5c11 Implements Top Talkers and Top Applications In Time Range 
Top Talkers and Top applications can be retrieved via MySQL
both interface-wide and per-host. A couple of tabs, namely
"Top Talkers" and "Top Applications" become available in the
historical page of interfaces and hosts. Upon focus of each
tab, an ajax request is triggered and data is fetched from MySQL.

TODO: interface wide top-talkers are retrieved from sqlite and
need to be moved to mysql.
 2016-02-06 18:11:31 +01:00
Simone Mainardi
418f48e714 Adds JSON endpoints to retrieve top talkers data 2016-02-01 22:14:28 +01:00
Luca Deri
ddbfacaefb Various fixes to host categorization 
Added optional parameter for ntop.getInfo() call
 2016-01-05 11:07:12 +01:00
Simone Mainardi
06ef8d21ab Implements historical RRDs for traffic categories 
Traffic categorization can be optionally saved to RRDs
on a per-host basis.
 2016-01-04 19:18:22 +01:00
Luca Deri
47d43d986b Implemented multi-categories for flows 2016-01-02 12:55:13 +01:00