FastNetMon Advanced 2.0.363
Changes:
- Migrated from Patricia tree with manual memory management to new lookup_tree_128bit_t
- Implemented complete support for gobgp_next_hop_host_ipv6 and gobgp_next_hop_subnet_ipv6 which allow settings next top for per host and per network announces independently
- Added logic to provide additional BGP communities on hostgorup basis via: bgp_communities_subnet_ipv6 and bgp_communities_host_ipv6 hostgroup options
- Added logic to provide additional BGP communities on hostgorup basis via: bgp_communities_subnet_ipv4 and bgp_communities_host_ipv4 hostgroup options
- Eliminated parent_host_group as individual field
- Renamed ban_settings_t to hostgroup_t
- Added ban_settings_t to attack_details_t
- Added clickhouse_table_name as configuration option for traffic_db
- Added clickhouse_database_name as configuration option for traffic_db
- Extracted all configuration values for traffic_db into separate class
- Add per protocol detailed counters for host_counters_per_hostgroup_v4 and host_counters_per_hostgroup_v6
- Add per protocol counters for API mode of sudo fcli show remote_host_counters
- Added per protocol counters for API mode of sudo fcli show host_counters_v6
- Added per protocol counters for sudo fcli show host_counters in API mode
- Unified function to return metrics for GetHostCountersRemote, GetHostCountersV4, GetHostCountersV6
- Unified types HostCounterRemote, HostCounterV6 to HostCounter
- Added API endpoint sudo fcli set reload_bgp to reload BGP settings without FastNetMon restart
- Extracted read_bgp_configuration from fastnetmon_configuration_parser
- Breaking change for logic used to check if BGP Flow Spec is enabled. Now to enable it you just need to set flag gobgp_flow_spec_announces. We removed logic which required presence of at least one BGP peer with BGP Flow Spec enabled
- Increased default MongoDB timeout for retrieval of hostgroups_max_talkers, hostgroup_traffic_stats, attack_traffic_stats to 96 seconds and added option to independently control it from configuration /etc/fastnetmon/fastnetmon.conf using option mongodb_timeout_heavy
- Switched all the code to use only Patricia wrappers for IPv4 lookups
- Improved design of ip_lookup_tree to hide private members
- Added method lookup_network() for ip_lookup_tree and covered by tests
- Migrated lookup_ip_in_integer_form_inpatricia_and_return_subnet_if_found to lookup_tree_ipv4.lookup_network_which_includes_ip
- Added new IP lookup method lookup_network_which_includes_ip and added tests for lookup_ip
- Moved GoBGP configuration generation into separate library
- Split one large definition of all our configuration structures in a well defined isolated classes
- Moved gobgp configuration generation to gobgp_actions
- Split fastnetmon_configuration_structures to bunch of independent files
- Split logic to generate configuration structures and readers to two different scripts
- Reworked logic to init networks_whitelist_remote by adding strict input data validation and avoid potential crashes when IPv6 prefix specified
- Reworked Patricia test to avoid using deprecated function
- Split ip_lookup_tree_with_payload to ip_lookup_tree_with_payload and ip_lookup_tree_with_dynamically_allocated_payload to provide more clarity about interfaces we use
- Extracted IP lookup logic with payload to library ip_lookup_tree_with_payload.hpp