vrr/ntopng
2
0
Fork 0
mirror of https://github.com/ntop/ntopng.git synced 2026-05-20 09:03:24 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 3
8355 commits 26 branches 19 tags 459 MiB
Commit graph

2080 commits

Author SHA1 Message Date
Simone Mainardi
be167a6dcb Adds per-interface option to only allocate flows 2020-01-21 10:50:30 +01:00
Simone Mainardi
ca2322531c Fixes 3WH computation with ECE and CWR flags 
Fixes #3255
 2020-01-20 11:53:41 +01:00
emanuele-f
23f7d90ee4 Move interface.computeHostsScore in the Score script 2020-01-17 10:44:38 +01:00
emanuele-f
566b9ece0b Score changes 
- Move score from status definition to user scripts
- Separate flow score counter from the peers score
- Create a new HostScore class to hold the score data
 2020-01-16 18:11:14 +01:00
emanuele-f
01d5d83f21 Account host score also on volatile flows (e.g. scans) 
Such flows may go idle too early and miss the minute.lua iteration
 2020-01-16 14:08:49 +01:00
Simone Mainardi
5fbb370134 Fixes sync issues between threads 
Fixes #3246
 2020-01-15 19:20:34 +01:00
Alfredo Cardigliano
2a285ff7d3 Allocate only the required memory on POST instead of max. Increased max a bit. 2020-01-15 19:05:01 +01:00
emanuele-f
c336cca0e7 Improve host score calculation 2020-01-15 18:42:48 +01:00
emanuele-f
6edecb12cb Score visualization improvements 2020-01-15 15:27:45 +01:00
Simone Mainardi
48910b9f87 Implements auto assignment of user script alert and status ids 2020-01-15 13:08:58 +01:00
emanuele-f
d7528e1628 Score improvements 
The score is now calculated differently on the client and on the server of the flow.
The hosts flow is updated every minute and charted.
It's now possible to trigger an alert when the score threshold is exceeded
 2020-01-15 12:34:16 +01:00
Alfredo Cardigliano
55b1ca75a9 Replace anomalous with misbehaving to avoid inconsistencies (fix #2866) 2020-01-14 15:49:19 +01:00
emanuele-f
93a96eb214 Code cleanup 2020-01-13 15:20:38 +01:00
Alfredo Cardigliano
da6b521d53 Computing restricted filter for users allowed to capture live traffic based allowed subnets 2020-01-13 13:02:57 +01:00
Simone Mainardi
7960bdfa38 Adds ports information to flow alerts 
Implements #3216
 2020-01-13 12:18:43 +01:00
Alfredo Cardigliano
a86aaa61e6 Add configuration of user permission for downloading pcap (hidden for the time being) 2020-01-10 18:16:01 +01:00
Simone Mainardi
cef4f6df81 Enforces non-privileged users allowed nets when browsing local nets 
Fixes #3205
 2020-01-10 13:16:17 +01:00
Simone Mainardi
b9a4534af6 Implements randomization of ips 2020-01-09 17:44:11 +01:00
Simone Mainardi
3ef133cd35 Fixes hosts one/two way traffic 2020-01-09 16:41:22 +01:00
Simone Mainardi
0ef0c27f66 Refines scan detection by not checking ECE or CWR 2020-01-09 14:55:57 +01:00
Simone Mainardi
76391ff6a5 Resores flow alerts for view interfaces 2020-01-08 18:18:00 +01:00
Alfredo Cardigliano
9ff35cb5f1 Country code to u16 2020-01-08 15:03:24 +01:00
Simone Mainardi
8cb1db967a Improvements to the probing traffic detection algorithm 2020-01-08 10:46:53 +01:00
Alfredo Cardigliano
cfa3c0d1b4 Geolocation support instructions in the AS and countries pages 2020-01-07 17:32:26 +01:00
Luca Deri
57e6a93065 Improved scheduling algorithm to guarantee minimum service time when number of entries allow 
Updated (C)
 2020-01-06 23:36:36 +01:00
Simone Mainardi
adee07bcb4 Source changes to handle geoipupdate installed databases 2020-01-03 17:56:55 +01:00
Simone Mainardi
1b73a89dae Fixes detection of TCP connection-refused flow status 2020-01-03 12:37:41 +01:00
Simone Mainardi
417c4a3146 Reworks handling of TCP flags for both ZMQ and packet interfaces 
This commit allows simplifies the code and also allows flags-based alerts
to be triggered for packet and non-packet interfaces

Fixes #3167
 2020-01-02 19:21:44 +01:00
Simone Mainardi
8a169991cb Minor method name change 2020-01-02 15:18:49 +01:00
Simone Mainardi
0fc220bd0a Removes unused cli2srv_direction Flow class member 2020-01-02 15:04:49 +01:00
Simone Mainardi
591421d530 Handles TCP flags stats in ZMQ interfaces 2020-01-02 14:21:43 +01:00
Luca
92ea3cf5a0 TLS certificate improvements 2020-01-02 09:36:31 +01:00
emanuele-f
4621a8f409 Reload the periodic scripts when the configuration changes 2019-12-31 19:31:03 +01:00
emanuele-f
87c336a4aa Reduce cpu usage due to the loading of flow.lua 
The FlowAlertCheckLuaEngine is now cached into the (reused) vm, so it is reloaded
only when needed (e.g. a script on disk changes).
 2019-12-31 18:27:14 +01:00
emanuele-f
458a773a93 Refactor internal scripts for cleaner code 2019-12-31 16:53:32 +01:00
Simone Mainardi
7a2def354a Moves unused code to attic 2019-12-31 16:07:09 +01:00
Simone Mainardi
b44de6e18d Implements discarded probing traffic counters and timeseries 2019-12-31 16:01:24 +01:00
Simone Mainardi
b2c89117df Implements logic to discard ZMQ probing flows 2019-12-31 10:44:59 +01:00
Simone Mainardi
cc49cdc1af Implements per-interface pref to discard probing traffic 2019-12-31 10:15:54 +01:00
Simone Mainardi
5831451b77 Unifies and cleans interface preferences code 2019-12-31 10:00:18 +01:00
Simone Mainardi
fb7f2d553e Implements scanners detection using radix trees 2019-12-30 20:13:44 +01:00
Simone Mainardi
2abb8cfde5 Reworks flow scripts deadlines 2019-12-27 20:50:53 +01:00
Alfredo Cardigliano
2a3bef9d6c Replace JSON string with TLV for alerts generated by the datapath. This removes a JSON decode in housekeeping.lua (#3148) 2019-12-27 17:03:28 +01:00
Alfredo Cardigliano
72ddef5b93 FifoStringQueue now extends a generic FifoQueue 2019-12-27 15:22:31 +01:00
Simone Mainardi
c873aee41b Implement counter and chart for new flows per second 2019-12-27 12:29:55 +01:00
Luca Deri
c5fbb49bfd Fix for memory corruption in flow initialization 2019-12-26 23:00:45 +01:00
Luca Deri
06e8c4a546 Ticks calcoluation is now optimized as it might lead to return 0 or out 
of range values
 2019-12-26 22:43:28 +01:00
emanuele-f
c74fa6e908 Implement reusable lua engine 
The same Lua vm is now reused. After 5 minutes the vm is destroyed and
reloaded to prevent memory to grow too much. inotify is used to detected
changes in the filesystem (partially implemented, must implement a recursive
watch)

This optimizes periodic scripts calls by a 10x factor.
 2019-12-24 18:35:58 +01:00
emanuele-f
8b7d711a36 Add option to disable flow user scripts invocation 2019-12-23 18:03:19 +01:00
Simone Mainardi
71fa8de0a3 Fixes DNS protocol detection with resolvers using same ports 
Fixes #3106
 2019-12-23 12:42:47 +01:00