version: 2.0.276
changes:
- Disabled memory validation for licenses
- Added counters clickhouse_metrics_writes_total and clickhouse_metrics_writes_failed to track Clickhouse metrics writes
- Added flag ipfix_parse_datalink_frame_section to control IPFIX parser logic which actually parses traffic
- Added logic to identify templates with variable length encoding using template information
version: 2.0.275
changes:
- Added santiy check logic for IPFIX field processing to prevent buffer overflow
- Added sanity checks for memcpy() in Netflow v9 code to avoid buffer overflow
- Added counter to track failures to decode Netflow v9 lite
- Added TCP Flag encoded via two byte encoding
- Added counter for IPFIX when we ahve very large chunks of data from wire
- Fixed bug in ExecuteMailTest. We did send email only to first email but we must send it to all. Thanks to PVS
- Added explict zerofication for UDP listener
- Switched all exception to pass them by reference
version: 2.0.274
changes:
- Enable kernel level sampling for mirror mode by default with rate 1:100.
- Disable multi-thread processing as it is not compatible with sampling
- Fixed bug with IPv6 flow spec logic being enabled by IPv4 flag
- Added intilizers for some structures to zeroify them explicitly
- Added missing return value check for malloc
version: 2.0.273
changes:
- Added proper initalizers in BGP code and sFlow logic
- Enabled one more warning type about non initlized values
- Enabled -Wuninitialized -Winit-self for build system by default
- Added initialization logic for bitfields in network parser
- 'Added logic to set logging level with storage conf option: logging_level'
- Effectively disabled all thresholds set to 0
- Added different path for TLS root certificates on RedHat family
- Increased GoBGP timeout to 10 seconds by default. For heavy operations like teable loading you we will use 60 seconds
version: 2.0.272
changes:
- Enabled outgoing attack detection by default. Disabled remote attack detection logic when per_direction_hostgroup_thresholds set to true
- Introduced per direction thresholds
version: 2.0.271
changes:
- Added missing return for save_ipfix_sampling_rates_to_disk to address daemon crashes
version: 2.0.270
changes:
- Enabled per protocol counters for IPv6 networks
- Returned logic to maintain per protocol counters for IPv4 per network metrics
- 'Added sampling rate cache for IPFIX and Netflow, use netflow_sampling_cache to enable it'
- Extracted IPFIX and Netflow sampling rate update logic
- Added explicit zeroify for Netflow structures
version: 2.0.269
changes:
- Fixed bug with missing networks list for total hostgroups. We need to clean it only for per host
version: 2.0.268
changes:
- Added logging logic to trace new hostgroup creation in details
- Reworked per host hostgroups to new unified logic
- Simplified locks for hostgroup lookup structure as we have no reasons to keep two locks
- Updated resources to sync mongo configuration files change
- Added quiet flag to reduce MongoDB verbosity
- Added logic to cleanup FastNetMon caches for rpm based distributions
- Added logrotate for fastnetmon logs on Debian and Ubuntu
- Added logic to remove traffic counters dump during upgrade
version: 2.0.267
changes:
- Reworked per network IPv4 traffic counetrs to use standard logic
version: 2.0.266
changes:
- Added logic to serialize IPv4 networks
- Added logic to serialize old IPv4 counetrs
- Moved all IPv4 network counetrs to single structure
- Cleanup of old style static counters
- Added logic to load total traffic counters
- Ported all metrics backend to new total counters code
- Added logic to serialize total counters
- Reworked total traffic counters
- Added logic to remove traffic counters after load attempt
- Added logic to store total hostgroups between restarts
- Added logic to dump traffic to disk for IPv6 networks too. Unified dump logic
- Unfied speed counters logic
- Added logic to dump IPv6 per host counters to disk
- Added fcli / API command save_traffic_counters
- Implemented API endpoint to dump traffic to disk
- Added logic to dump traffic on restart
- Added logic to load speed calculation counters to disk
- Added logic to store speed counters to disk
- Added function to load traffic counetrs from disk
- Added logic to serialize speed counters
- 'Added logic to disable TLS certificate checks, it needed in some cases: email_notifications_disable_certificate_checks'
version: 2.0.265
changes:
- Unified IPv6 logic for total hostgroups by introducing function
- Improved total hostgroup logic for IPv4 by adding function to build it
- Imporoved duplicate check logic for total hostgroups
- Unified logic which adds global hostgroup
- Unified total hostgroup creation logic
- Added logic to unify parent logic for total hostgroups
- Unified logic which adds new total hostgroups
- Unified logic to lookup total hostgroups by id
- Unified IPv6 path for total hostgroup lookup
- Unified logic for getting total hostgroups by name
- Flipped logic for lookup_tree_32bit_with_payload_t and lookup_tree_128bit_with_payload_t to avoid memory de-allocation by default for clarity