Skip to content

FastNetMon Advanced 2.0.362
Compare
Choose a tag to compare
@fastnetmon-release-publisher fastnetmon-release-publisher released this 13 Mar 13:02
v2.0.362
93aeed8
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.

Changes:

  • Complete logic to reload per host hostgroups without FastNetMon restart with sudo fcli set reload_hostgroups
  • Moved hostgroup loading logic to fastnetmon_host_group_configuration_parser
  • Hide internals of hostgroup_lookup_t by using private
  • Added notes about potential options to improve flexible counters calculation
  • Improved IPv6 hostgroup lookup performance by eliminating expensive memory copy
  • Added explicit logic to avoid complex JSON crafting operations in max talkers, attack samplers and hostgroup sampling logic
  • Added counter hostgroup_traffic_samples_calculation_time to measure time required to create per hostgroup samples
  • Added counter attack_traffic_samples_calculation_time to measure time required for attack sampling procedure
  • Added counter max_talkers_per_hostgroup_accumulation_time to track accumulation time as it's very lengthy too
  • Switched to new logic for checking if we should block IPv4 host or not. It features up to 2.5 speed up. It was accomplished by eliminating not needed memory copy
  • Added function to lookup hostgroup and check thresholds in same time
  • Extracted threshold checking logic into separate file
  • Extracted some generic code from fast_libraries to fastnetmon_integers, fastnetmon_networks and fastnetmon_strings
  • Extracted thresholds evaluation logic into separate library
  • Removed duplicate checks to skip ban action if it disabled on hostgroup basis as we have it in we_should_ban_this_entity
  • We decided to do bold move and duplicate speed_calculation_callback_local_ipv4_universal into two independent functions. We have lots of condition sections which make almost half of source code for it. I think it's right move and as independent functions they will be easier to deal with
  • Improved design per hostgroup lookup logic
  • Exposed Sensitive flag for fields API
  • Added -demo for fastnetmon_client to hide real IP addresses
  • Added new option gobgp_communities_host_ipv6 which allows adding multiple communities to configuration
  • Upgrade FerretDB from 1.16.0 to 1.20.1
  • Added new fcli and API endpoint to return all networks which belong to particular ASN: fcli show asn_networks 269872
  • Increased precision of system_counters for API from 3 to 6 digits after point
  • Make XDP filter less verbose
  • Added logrotate for MongoDB to address flooded logs
  • Changed MongoDB configuration
  • Switched logRotate configuration from rename to reopen: https://www.mongodb.com/docs/manual/reference/configuration-options/#mongodb-setting-systemLog.logRotate to make possible logrotation using Linux logrotate
Assets 2
Loading