pangolin

mirror of https://github.com/fosrl/pangolin.git synced 2026-05-05 23:42:40 +00:00

Author	SHA1	Message	Date
miloschwartz	a56b058858	fix role name missing in forward headers	2026-01-13 15:28:02 -08:00
Owen	f7fcde8312	Add max recursion depth to matchSegments	2025-12-31 10:40:16 -05:00
Owen	6660c850f3	Try to bound logs Ref #2120	2025-12-31 10:31:40 -05:00
miloschwartz	da112d3417	add stripPortFromHost and reuse everywhere	2025-12-23 12:35:03 -05:00
miloschwartz	1905936950	parse request ip in exchange session	2025-12-22 15:48:24 -05:00
miloschwartz	71386d3b05	fix request ip port strip issue with badger >=1.3.0	2025-12-22 12:35:40 -05:00
Dhananjay Mahtha	90c48f20e0	Fix: Prevent cache memory leak by adding maxKeys limit and conditional caching - Add maxKeys limit (10,000) to NodeCache to prevent unbounded memory growth - Skip caching undefined values when GeoIP/ASN lookups fail (e.g., when MaxMind DB not configured) - Add periodic cache statistics logging every 5 minutes for monitoring - Fixes memory leak where cache would grow indefinitely with high request volumes The maxKeys limit uses LRU eviction, so oldest entries are automatically removed when the limit is reached. With ~10k requests/day and 5min TTL, 10k keys provides ample headroom while preventing OOM issues. Fixes #2120	2025-12-21 17:08:27 -05:00
Owen	eafcefbe45	Merge branch 'dev' of github.com:jln-brtn/pangolin into jln-brtn-dev	2025-12-20 15:34:32 -05:00
Thomas Wilde	4f154d212e	Add ASN-based resource rule matching - Add MaxMind ASN database integration - Implement ASN lookup and matching in resource rule verification - Add curated list of 100+ major ASNs (cloud, ISP, CDN, mobile carriers) - Add ASN dropdown selector in resource rules UI with search functionality - Support custom ASN input for unlisted ASNs - Add 'ALL ASNs' special case handling (AS0) - Cache ASN lookups with 5-minute TTL for performance - Update validation schemas to support ASN match type This allows administrators to create resource access rules based on Autonomous System Numbers, similar to existing country-based rules. Useful for restricting access by ISP, cloud provider, or mobile carrier.	2025-12-20 12:16:31 -05:00
Owen	a012369f83	Make sure to always check retention first Fixes #2061	2025-12-12 18:39:13 -05:00
Owen	f9b03943c3	Format all files	2025-12-09 10:56:14 -05:00
Owen	e24a13fb11	Implement previous year delete	2025-12-06 20:49:53 -05:00
Owen	8a8c0edad3	Speed up writing to not block io operations	2025-12-06 17:54:39 -05:00
Julien Breton	46ed27a218	Fix: Extend Basic Auth compatibility with browsers	2025-12-01 01:18:09 +01:00
Owen	937b36e756	Build client site resource associations and send messages	2025-11-19 18:05:42 -05:00
Lokowitz	7db99a7dd5	used zod codemod	2025-11-16 14:18:17 +00:00
Pallavi Kumari	63a1ecfb86	role in header	2025-11-13 23:31:29 +05:30
Owen	0e649883cb	More bugfixes	2025-10-29 17:21:32 -07:00
Owen	6dc4cbe448	Check country code	2025-10-29 16:24:35 -07:00
miloschwartz	219e213c1e	change logs to debug	2025-10-29 11:39:45 -07:00
Owen	15d63ddffa	Various fixes for rc	2025-10-27 16:33:21 -07:00
Owen	b59a6b82ef	Merge branch 'dev' into user-compliance	2025-10-27 10:37:53 -07:00
Owen	c04d9eda6b	Merge branch 'dev' into audit-logs	2025-10-27 10:02:32 -07:00
miloschwartz	4cfd1b1ff5	always check resource session length	2025-10-27 09:45:12 -07:00
miloschwartz	44316731c0	enforce resource session length	2025-10-26 16:52:15 -07:00
miloschwartz	8973726f63	add org policy check to verify session	2025-10-25 17:15:37 -07:00
Owen Schwartz	bc6b9eb905	Merge pull request #1736 from Lokowitz/fix-geoip-blueprint fix blueprint country issue - fix #1705 - option 2	2025-10-25 16:21:49 -07:00
Owen	4b40e7b8d6	Restrict features	2025-10-24 16:29:37 -07:00
Owen	10a5af67aa	Merge branch 'dev' into audit-logs	2025-10-24 11:15:39 -07:00
Owen	b542d82553	Consolidate into central cache	2025-10-24 11:14:07 -07:00
Owen	2a644c3f88	Working on settings	2025-10-24 10:51:32 -07:00
Lokowitz	5b61742075	change geoip to country	2025-10-23 13:27:34 +00:00
Owen	f2c31d3ca6	Add actor data to request	2025-10-22 14:27:21 -07:00
Owen	f748c5dbe4	Basic request log working	2025-10-22 12:23:48 -07:00
Owen	fdd4d5244f	Temp dont ignore org	2025-10-22 10:59:35 -07:00
Owen	654145be84	Clean up imports and ordering	2025-10-21 21:58:09 -07:00
Owen	3662d42374	Add resource id and cc	2025-10-21 21:42:53 -07:00
Owen	d392fb371e	Add logging for all auth	2025-10-21 21:22:56 -07:00
Owen	c0039190bd	Fix frontend type imports	2025-10-14 11:28:56 -07:00
Owen	377cb77307	Returning unauthorized	2025-10-13 15:34:26 -07:00
Owen	48af91c976	Return unauthorized if header auth is the only one	2025-10-13 15:20:53 -07:00
Owen	38faf1f905	Add header auth so it does not allow passing	2025-10-13 14:59:54 -07:00
Owen	c7a40d59b7	Seperate managed node code to fosrl/pangolin-node	2025-10-12 16:34:36 -07:00
Owen	d92b87b7c8	Chungus 2.0	2025-10-10 11:27:15 -07:00
Owen	850e9a734a	Adding HTTP Header Authentication	2025-10-06 10:14:02 -07:00
Owen	c2c907852d	Chungus	2025-10-04 18:36:44 -07:00
miloschwartz	8851156f23	use resource guid in url closes #1517	2025-09-28 16:22:26 -07:00
Owen	c02ac8d1bf	Seperate out function	2025-08-26 17:19:04 -07:00
Owen	a1802add19	Geoblocking works	2025-08-26 17:14:55 -07:00
Owen	78d3861382	Add pass rule	2025-08-24 22:20:09 -07:00

1 2 3

122 commits