vrr/ntopng
2
0
Fork 0
mirror of https://github.com/ntop/ntopng.git synced 2026-05-20 00:57:00 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 3
11203 commits 26 branches 19 tags 459 MiB
Commit graph

146 commits

Author SHA1 Message Date
Simone Mainardi
7320c8266c Adds throughput estimation via ZMQ 
Implements #3508
 2020-10-06 19:28:11 +02:00
Simone Mainardi
6e0c369fa9 Handles flow dump queues in view interfaces - and fixes races 2020-09-25 14:10:06 +02:00
Simone Mainardi
7f2a9b1420 Decouples flow dump from user scripts execution 
Addresses #3545
 2020-09-24 19:29:00 +02:00
Alfredo Cardigliano
eaa98e6002 Show counters for unhandled flows 2020-09-16 18:52:19 +02:00
Alfredo Cardigliano
a65b4ada64 Debug code cleanup, account flow allocation failures as dump drops in direct mode 2020-09-15 23:40:43 +02:00
Alfredo Cardigliano
0a6a569435 Add debug counter for flow allocation failures 2020-09-15 19:16:31 +02:00
Alfredo Cardigliano
0fb6f9472f Direct flow dump improbements and debug counters 2020-09-15 18:13:24 +02:00
Alfredo Cardigliano
1693c21ed7 Implement direct flow dump (testing) 2020-09-15 15:21:41 +02:00
Alfredo Cardigliano
f1ff3e89ea Add -F nindex;direct to enable direct dump 2020-09-15 01:31:57 +02:00
Luca Deri
0bd6f1353a Added support for flow risk over ZMQ 2020-08-26 23:03:00 +02:00
Luca Deri
75efc0ec0c Partial fix (community code is now clean) for #2533 
Reworked inteface disaggregation
Moved to attic some unused classes
Added ability to disaggregate also for Probe IP + Ingress Interface
 2020-08-07 17:20:26 +02:00
Simone Mainardi
21d151a404 Implements HTTP stats over ZMQ 
Fixes #4152
 2020-07-29 11:07:35 +02:00
Simone Mainardi
ec9d092423 Fixes DNS stats when collecting from ZMQ 
Fixes #4148
 2020-07-29 10:40:53 +02:00
Alfredo Cardigliano
b69bc2f958 Custom disaggregation can now work with Dynamic disaggregation (fix #4099) 2020-07-08 11:58:51 +02:00
Luca Deri
70c0601dfa Implemented DSCP/TOS collection, dissection and report 2020-06-25 23:23:04 +02:00
Simone Mainardi
7920d77a15 Fixes detection of custom protocols over ZMQ 
Fixes #3993
 2020-06-23 12:17:51 +02:00
Simone Mainardi
d481465e72 Fixes flow exporter filtering 
Fixes #4033
 2020-06-12 10:59:23 +02:00
Alfredo Cardigliano
54f9a26fc7 Macro fix 2020-06-01 17:00:43 +02:00
Alfredo Cardigliano
297cf32c53 Check against unknown 2020-06-01 16:53:47 +02:00
Alfredo Cardigliano
d9eb0263c8 Guess L7 proto when L7_PROTO is not available due to collector-passthrough mode in nprobe (fix #3993) 2020-06-01 16:05:05 +02:00
Simone Mainardi
ebbe0155e3 Several ZMQ traffic and throughput calc fixes 
Addresses #3863
 2020-05-07 17:28:44 +02:00
Simone Mainardi
6082024c13 Updates flow throughput immediately for ZMQ flows 
Possibly addresses #3863
 2020-04-30 19:20:09 +02:00
Alfredo Cardigliano
823af75000 Propagate and print in flow details AS src/dst/prev/next from collected flows 2020-04-30 10:09:26 +00:00
emanuele-f
fa730db28f Fixes for capture from nProbe Agent 
- Add missing protocol guess
- Fix flows filter by L4 protocol
- Fix traffic profile filter validation
- Fix missing apps in the l7 dropdown
- Fix bad unidirectional flow status with ebpf flows
- Fix broken flows refresh in username_details.lua
 2020-03-11 19:22:31 +01:00
Simone Mainardi
88693f5f6a Adds flow tcp seq issues (ooo, retx, lost) over ZMQ 2020-03-04 15:01:24 +01:00
Alfredo Cardigliano
ef16436576 Support for EXPORTER_IPV6_ADDRESS parsing and disaggregation 2020-02-28 18:47:46 +01:00
emanuele-f
15898e8dad Flow dissection code cleanup. 
The Flow API is now composed of the following methods:
  - Flow::setDetectedProtocol to manually set a protocol on the flow
    and terminate the dissection
  - Flow::processPacket to run the nDPI dissection on the raw packets
  - Flow::endProtocolDissection to terminate or give up the dissection

Also fixes the flow sampling rate preference, which was never used.
 2020-02-17 17:36:06 +01:00
Luca Deri
3fcd016ace ZMQ debug code 2020-02-04 22:58:06 +01:00
Simone Mainardi
b9a4534af6 Implements randomization of ips 2020-01-09 17:44:11 +01:00
Simone Mainardi
0ef0c27f66 Refines scan detection by not checking ECE or CWR 2020-01-09 14:55:57 +01:00
Simone Mainardi
8cb1db967a Improvements to the probing traffic detection algorithm 2020-01-08 10:46:53 +01:00
Luca Deri
57e6a93065 Improved scheduling algorithm to guarantee minimum service time when number of entries allow 
Updated (C)
 2020-01-06 23:36:36 +01:00
Simone Mainardi
c17a962424 Avoids re-init of var 2020-01-02 19:25:37 +01:00
Simone Mainardi
417c4a3146 Reworks handling of TCP flags for both ZMQ and packet interfaces 
This commit allows simplifies the code and also allows flags-based alerts
to be triggered for packet and non-packet interfaces

Fixes #3167
 2020-01-02 19:21:44 +01:00
Simone Mainardi
b44de6e18d Implements discarded probing traffic counters and timeseries 2019-12-31 16:01:24 +01:00
Simone Mainardi
750a1dd36d Adds logic to detect udp probing flows 2019-12-31 12:16:48 +01:00
Simone Mainardi
1789543037 Improves logic to detect tcp probing flows 2019-12-31 11:12:19 +01:00
Simone Mainardi
b2c89117df Implements logic to discard ZMQ probing flows 2019-12-31 10:44:59 +01:00
Simone Mainardi
fcbdd58a52 Implements custom protocols for ZMQ interfaces 2019-12-19 19:58:11 +01:00
Simone Mainardi
562ac1d0f8 Fixes custom categories detection and concurrency issues 2019-12-19 18:38:14 +01:00
Simone Mainardi
e0c247bfca Implements tcp stats for view interfaces 2019-12-13 15:28:02 +01:00
Simone Mainardi
993fcc2fc3 Fixes interfaces TCP timeseries 
Fixes #3077
 2019-11-25 15:53:30 +01:00
Alfredo Cardigliano
e38835a603 Rename SSL to TLS (fix #3013) 2019-11-15 12:40:01 +01:00
Alfredo Cardigliano
d05777df1e External alerts API update and cleanup 2019-10-22 15:08:06 +02:00
Alfredo Cardigliano
87ac1b0bb6 New Duplicate Disaggregated Traffic option to show disaggregated traffic in the master interface 2019-10-16 04:50:47 +02:00
Alfredo Cardigliano
3290bd803b Propagating additional fields to companion interface 2019-10-15 16:41:42 +02:00
Simone Mainardi
167c40582a Avoids multiple setDetectedProtocol calls for ZMQ flows 2019-10-11 11:25:57 +02:00
Luca
9870eee2e7 Revisited state hangling 2019-10-10 20:09:42 +02:00
Alfredo Cardigliano
a2e74e16a3 New Lua interface.processFlow API, moved processFlow from NetworkInterface to ParserInterface, code cleanup 2019-10-10 12:49:32 +02:00
Alfredo Cardigliano
f8af84df2d SyslogParserInterface now supports the companion interface for delivering Suricata alerts to a packet interface (#1928) 2019-08-27 17:53:34 +02:00