head 1.4; access; symbols pkgsrc-2026Q1:1.4.0.20 pkgsrc-2026Q1-base:1.4 pkgsrc-2025Q4:1.4.0.18 pkgsrc-2025Q4-base:1.4 pkgsrc-2025Q3:1.4.0.16 pkgsrc-2025Q3-base:1.4 pkgsrc-2025Q2:1.4.0.14 pkgsrc-2025Q2-base:1.4 pkgsrc-2025Q1:1.4.0.12 pkgsrc-2025Q1-base:1.4 pkgsrc-2024Q4:1.4.0.10 pkgsrc-2024Q4-base:1.4 pkgsrc-2024Q3:1.4.0.8 pkgsrc-2024Q3-base:1.4 pkgsrc-2024Q2:1.4.0.6 pkgsrc-2024Q2-base:1.4 pkgsrc-2024Q1:1.4.0.4 pkgsrc-2024Q1-base:1.4 pkgsrc-2023Q4:1.4.0.2 pkgsrc-2023Q4-base:1.4 pkgsrc-2023Q3:1.3.0.28 pkgsrc-2023Q3-base:1.3 pkgsrc-2023Q2:1.3.0.26 pkgsrc-2023Q2-base:1.3 pkgsrc-2023Q1:1.3.0.24 pkgsrc-2023Q1-base:1.3 pkgsrc-2022Q4:1.3.0.22 pkgsrc-2022Q4-base:1.3 pkgsrc-2022Q3:1.3.0.20 pkgsrc-2022Q3-base:1.3 pkgsrc-2022Q2:1.3.0.18 pkgsrc-2022Q2-base:1.3 pkgsrc-2022Q1:1.3.0.16 pkgsrc-2022Q1-base:1.3 pkgsrc-2021Q4:1.3.0.14 pkgsrc-2021Q4-base:1.3 pkgsrc-2021Q3:1.3.0.12 pkgsrc-2021Q3-base:1.3 pkgsrc-2021Q2:1.3.0.10 pkgsrc-2021Q2-base:1.3 pkgsrc-2021Q1:1.3.0.8 pkgsrc-2021Q1-base:1.3 pkgsrc-2020Q4:1.3.0.6 pkgsrc-2020Q4-base:1.3 pkgsrc-2020Q3:1.3.0.4 pkgsrc-2020Q3-base:1.3 pkgsrc-2020Q2:1.3.0.2 pkgsrc-2020Q2-base:1.3 pkgsrc-2020Q1:1.2.0.10 pkgsrc-2020Q1-base:1.2 pkgsrc-2019Q4:1.2.0.12 pkgsrc-2019Q4-base:1.2 pkgsrc-2019Q3:1.2.0.8 pkgsrc-2019Q3-base:1.2 pkgsrc-2019Q2:1.2.0.6 pkgsrc-2019Q2-base:1.2 pkgsrc-2019Q1:1.2.0.4 pkgsrc-2019Q1-base:1.2 pkgsrc-2018Q4:1.2.0.2 pkgsrc-2018Q4-base:1.2 pkgsrc-2018Q3:1.1.0.22 pkgsrc-2018Q3-base:1.1 pkgsrc-2018Q2:1.1.0.20 pkgsrc-2018Q2-base:1.1 pkgsrc-2018Q1:1.1.0.18 pkgsrc-2018Q1-base:1.1 pkgsrc-2017Q4:1.1.0.16 pkgsrc-2017Q4-base:1.1 pkgsrc-2017Q3:1.1.0.14 pkgsrc-2017Q3-base:1.1 pkgsrc-2017Q2:1.1.0.10 pkgsrc-2017Q2-base:1.1 pkgsrc-2017Q1:1.1.0.8 pkgsrc-2017Q1-base:1.1 pkgsrc-2016Q4:1.1.0.6 pkgsrc-2016Q4-base:1.1 pkgsrc-2016Q3:1.1.0.4 pkgsrc-2016Q3-base:1.1 pkgsrc-2016Q2:1.1.0.2 pkgsrc-2016Q2-base:1.1; locks; strict; comment @// @; 1.4 date 2023.11.20.17.59.35; author adam; state Exp; branches; next 1.3; commitid 5LmUuvPu4TdTlnNE; 1.3 date 2020.05.25.20.26.51; author adam; state Exp; branches; next 1.2; commitid oGJaGtLkQ2ir7F9C; 1.2 date 2018.10.18.16.25.40; author adam; state Exp; branches; next 1.1; commitid qa5dj4Fcr8znAsWA; 1.1 date 2016.04.08.16.59.07; author adam; state Exp; branches; next ; commitid vxCclWv6LywArQ1z; desc @@ 1.4 log @ntopng: updated to 6.0 6.0 Stable Breakthroughs New configurable Dashboard with new built-in templates New configurable Traffic Report New Vulnerability Scans & CVEs support Add support to Periodic Reports notified via Recipients (e.g. email) Add Inactive Hosts Add PagerDuty integration Add TheHive integration Add support to Modbus and Modbus alerts Add Server Ports Analysis page Enable multithreading in active measurements (more accurate) Migrate frontend chart timeseries library to Dygraph Add support for MAC Address based RADIUS accounting Improve OT, ICS, Scada support Trigger External Host alerts directly from Lua (also for inactive hosts) Add multicast forwarders Implement host blackhole Add support for LLDP id to MIB-II InterfaceId mapping Add support for bidirectional rules Add support for Enterprise XL bundle Improvements Implement asynchronous VS scanning Implement Ms Teams call detection Optimize blacklist handling Improve Network Map charts physics Extend support to deliver notification to specific recipients Improve traffic recording settings Add support for Host Pools and Networks in Local Traffic Rules Add search map Add custom queries for Top Local/Remote hosts Add Top receiver/sender networks custom queries Add openvas support Add new Vulners vulnerability scanner Add ability to set probes aliases Add MDNS, NETBios, HTTP historical filters Improve FreeBSD clickhouse installation Implement -L for logging HTTP requests Add -z for enabling timestamp reforge when reading pcap files Improve dark mode css Optimize ElasticSearch export (removed locks, increase export queue to 64K to handle spikes) Add Radius chap validation Add Radius auth protocol preference Automated commit of clang-format CI changes Add tool for creating nProbe topics in a kafka broker Implement host score in Host scripts Improvements for No-RX traffic analysis Improve nProbe time drift check Implement clickhouse retention Add new page with snmp device rules Add limit to discard clickhouse dump files Improve IP/MAC association in SNMP Changes Support multilple -m options Rework nDPI stats Add support for multiple email recipients Add logic to enable generic checks if without a configuration Add malware host contacted check Use REST API to enable/disable checks Disabled the reset of the email notification modal upon failed edit submission Whitelisted locale page Add ability to reset blacklist stats Implement blacklist stats Add mining currency in flow info Add flag to use proxy in email settings Reduced in simulate vlans option, the number of vlans Restricted top flow chart for community version Add input with suggestions component Set capture direction for n2disk in zmq interfaces Add explicit flag to enable flow export when recording on zmq interfaces Add support for %NPROBE_INSTANCE_NAME Add Ellio blocklist configuration (disabled by default) Update to the latest nDPI risks Email endpoint improvements Improve notification message Add download/upload buttons Add possibility to send notification to recipients Add multicast broadcast filter Updated checks lists per license Add feedback of correctly host inserted or already present Take the score into account when computing the top alerted hosts Add backend autorefresh support Add flow exporter mapping to timeseries Update default aggregation criteria in Aggregated live flows. Add missing protocol mapping Exported IP country information when using -F syslog Change js formatting function for 'number' type, using thousands separator Disabled LDAP support for FreeBSD Add VLAN bidirectional traffic alert Handle JSON format for NXLOG in Kerberos plugin nEdge Add dashboard templates for nedge pro and enterprise Enable CH support on nEdge Enterprise Enable throughput charts on nedge Make Multicast repeater configurable Add MDNS and multicast repeater Major cleanup of (deprecated) nedge host pools code Add support for custom informative captive portal Set multiple LAN addresses in case of multiple LAN interfaces Add inter-LANs policies Always redirect somewhere on captive success, instead of displaying an empty page nf_config API improvements Fixes Fix edit rest in multicast forwarding Fix missing validation functions Fix traffic timeseries labels Fix RedHat OS-name detection Fix prototype pollution vulnerability Fix thread pool spawning on freebsd Fix Zoom handling Fix behavior alert not triggered Fix naming with timeseries Fix nDPI protocol id issues Fix RRD computation of sampled series with MAX as consolidated function Fix flow alert where clause in write mode Fix alert silencing not working Fix application protocol ID using minor and major protocol Fix UI spinner on loading Fix recursive problem in active monitoring Fix ts with vlans Fix shutting down doesn't insert alerts in CH Fix checks configuration initialization (default values) for new risks Fix traffic behavior total not working in charts Fix timeseries chart date format Fix SSH flow swap heuristic Fix avg empty value and added extra check for nan values in js Fix pcap dynamically loaded not triggering alert Fix ZMQ linking on Win Fix date format Fix blacklist counter stats Fix flow alert queries on SQLite Fix interface and local networks alerts not released Fix flow devices not working with view interface Fix flow exporters not seen with aggregated interfaces Fix js regexes Fix for validating correctly host and VLAN Fix segv with custom protocols Fix l7 metadata ingestion (e.g. dns query) when collecting from ZMQ Fix hostname resolving Fix ApexCharts formatter Fix heap-buffer-overflow in MDNS packet dissection Fix exclusion bitmap not correctly set Fix some errors and leaks found while fuzzing locally Fix Heap buffer overflow in IEC104Stats Fix for memory management in packet-mode @ text @$NetBSD: patch-src_Redis.cpp,v 1.3 2020/05/25 20:26:51 adam Exp $ Allow Redis connection through a socket. --- src/Redis.cpp.orig 2023-11-02 14:11:55.000000000 +0000 +++ src/Redis.cpp @@@@ -31,9 +31,7 @@@@ Redis::Redis(const char *_redis_host, co redis_host = _redis_host ? strdup(_redis_host) : NULL; redis_password = _redis_password ? strdup(_redis_password) : NULL; redis_port = _redis_port, redis_db_id = _redis_db_id; -#ifdef __linux__ is_socket_connection = false; -#endif memset(&stats, 0, sizeof(stats)); @@@@ -83,14 +81,12 @@@@ void Redis::reconnectRedis(bool giveup_o redisFree(redis); } -#ifdef __linux__ struct stat buf; if (!stat(redis_host, &buf) && S_ISSOCK(buf.st_mode)) redis = redisConnectUnixWithTimeout(redis_host, timeout), is_socket_connection = true; else -#endif redis = redisConnectWithTimeout(redis_host, redis_port, timeout); if (redis == NULL || redis->err) { @@@@ -159,13 +155,11 @@@@ void Redis::reconnectRedis(bool giveup_o exit(1); } -#ifdef __linux__ if (!is_socket_connection) ntop->getTrace()->traceEvent(TRACE_NORMAL, "Successfully connected to redis %s:%u@@%u", redis_host, redis_port, redis_db_id); else -#endif ntop->getTrace()->traceEvent(TRACE_NORMAL, "Successfully connected to redis %s@@%u", redis_host, redis_db_id); @ 1.3 log @ntopng: updated to 4.0 ntopng 4.0: Breakthroughs * Plugins engine to tap into flows, hosts and other network elements * Migration to Bootstrap 4 and Font Awesome 5 for a renewed ntopng look-and-feel with light and dark themes * Processes and containers monitoring thanks to the eBPF integration via libebpfflow https://github.com/ntop/libebpfflow * Active monitoring of hosts ICMP/ICMPv6/HTTP/HTTPS Round Trip Times (RTT) New features * X.509 client certificate authentication * ERSPAN transparent ethernet bridging * Webhook export module for exporting alarms * Identifications of the hosts in broadcast domain * Category Lists editor to manage ip/domain lists * Handling of PEN fields from nProbe * Added anomalous flows to the looking glass * Visibility of ICMP port-unreachable flows IPv4 * TCP states filtering (est., connecting, closed and rst) * Ability to serialize local hosts in the broadcast domain via MAC address * Japanese, portugese/brazilian localization * Added process memory, cpu load, InfluxDB, Redis status pages and charts * Implement ntopng Plugins, self contained modules to extend the ntopng functionalities * Implement ZMQ/Suricata companion interface * SSL traffic analysis and alerts via JA3 fingerprint, unsafe ciphers detection * SSH traffic analysis and alerts via HASSH fingerprint * Host traffic profile generation via the (MUD) Manufacturer Usage Descriptor * Experimental Prometheus timeseries export * Introduce the System interface to manage system wide settings and status * Read events from Suricata and generate alerts * SNMP network topology visualization * Automatic ntopng update check and upgrade * Calculate host anomaly score and trigger alerts when it exceeds a threshold * Add ability to extract timeseries data with a click * Initial Marketplace droplet using Fabric * Alerts on duplex status change on SNMP interface Improvements * View interfaces are now optimized for big networks and use less memory * Systemd macros are now used to start/restart the ntopng services * Handles n2disk traffic extractions from recording processes non managed by ntopng * Interface in/out now available also for non PF_RING interfaces (read from /proc) * Automatic InfluxDB rollup support * MDNS discovery improvements * Rework of the alerts engine and api for efficient engaged alerts triggering * Faster ZMQ communication to nProbe thanks to the implementation of a binary TLV format * Stats update for ZMQ interfaces is now based on the idle/active flows timeout * Timeseries export improvements via queues, detect if InfluxDB is down and stop the export * Implemented reusable Lua engine to reduce the overhead of periodic scripts * Improve Lua error handling * Exclude certain categories from Elephant/Long lived flows alerts nEdge * Ability to set up port forwarding * Support for Ubuntu 18.04 * Fix users and other prefs deleted during nEdge data reset * Japanese localization * Block unsupported L3 protocols (currently only ARP and IPv4 are supported) * DNS mapping port to avoid conflicts with system programs Fixes * Fixed export to mysql on shutdown in case of Pcap file in community mode * Fixed failing SYN-scan detection * Fixed ZMQ decompression errors with large templates * Fixed possible XSS in login.lua referer param and `runtime.lua` * Update geolocation due to changes in the library usage policy * Fixes to support browsers dark mode * Option `--zmq-encryption-key ` can be used with `-I ` to encrypt data hi hierarchical mode * Fixed nIndex missing data while performing some queries and throughput calculation @ text @d1 1 a1 1 $NetBSD: patch-src_Redis.cpp,v 1.2 2018/10/18 16:25:40 adam Exp $ d5 1 a5 1 --- src/Redis.cpp.orig 2020-03-27 16:51:24.000000000 +0000 d7 1 a7 1 @@@@ -36,9 +36,7 @@@@ Redis::Redis(const char *_redis_host, co d17 1 a17 1 @@@@ -85,13 +83,11 @@@@ void Redis::reconnectRedis(bool giveup_o d24 3 a26 2 if(!stat(redis_host, &buf) && S_ISSOCK(buf.st_mode)) redis = redisConnectUnixWithTimeout(redis_host, timeout), is_socket_connection = true; d31 2 a32 2 if(redis == NULL || redis->err) { @@@@ -152,13 +148,11 @@@@ void Redis::reconnectRedis(bool giveup_o d37 1 a37 1 if(!is_socket_connection) d39 2 a40 2 "Successfully connected to redis %s:%u@@%u", redis_host, redis_port, redis_db_id); d44 2 a45 2 "Successfully connected to redis %s@@%u", redis_host, redis_db_id); @ 1.2 log @ntopng: updated to 3.6.1 3.6.1 Stable Brew formula fixes 3.6 Stable New features ------------ New pro charts Ability to compare data with the past (time shift) Trend lines based on ASAP Average and percentile lines overlayed on the graph and animated New color scheme that uses pastel colors for better visualization https://www.ntop.org/ntopng/ntopng-and-time-series-from-rrd-to-influxdb-new-charts-with-time-shift/ New timeseries API with support for RRD and InfluxDB Abstracts and handles multiple sources transparently https://www.ntop.org/guides/ntopng/api/lua/timeseries/index.html Streaming pcap captures with BPF support Download live packet captures right from the browser New SNMP devices caching Periodically cache information of all the SNMP device configured Calculate and visualize interfaces throughput Improvements ------------ Security Access to the web user interface is controlled with ACLs Secure ntopng cookies with SameSite and HttpOnly HTTP cookie authentication Improved random session id generation Various SNMP improvemenets Caching Interfaces status change alerts Device interfaces page Devices and interfaces added to flows Fixed several library memory leaks Improved device and interface charts Interfaces throughput calculation and visualization Ability to delete all SNMP devices at once Improved active devices discovery OS detection via HTTP User-Agent Alerts Crypto miners alerts toggle Detection and alerting of anomalous terminations Module for sending telegram.org alerts Slack Configurable Slack channel names Added Slack test button Charts Active flows vs local hosts chart Active flows vs interface traffic chart Ubuntu 18.04 support Support for ElasticSearch 6 export Added support for custom categories lists Added ability to use the non-JIT Lua interpreter Improved ntopng startup and shutdown time Support for capturing from interface pairs with PF_RING ZC Support for variable PPP header lenght Migrated geolocation to GeoLite2 and libmaxminddb Configuration backup and restore Improved IE browser support Using client SSL certificate for protocol detection Optimized host/flows purging @ text @d1 1 a1 1 $NetBSD: patch-src_Redis.cpp,v 1.1 2016/04/08 16:59:07 adam Exp $ d5 1 a5 1 --- src/Redis.cpp.orig 2018-09-19 15:35:27.000000000 +0000 d7 1 a7 1 @@@@ -35,9 +35,7 @@@@ Redis::Redis(const char *_redis_host, co d15 6 a20 6 num_requests = num_reconnections = 0; redis = NULL, operational = false; @@@@ -75,13 +73,11 @@@@ void Redis::reconnectRedis() { ntop->getTrace()->traceEvent(TRACE_NORMAL, "Redis has disconnected: reconnecting..."); redisFree(redis); } d22 1 a22 1 struct stat buf; d24 3 a26 3 if(!stat(redis_host, &buf) && S_ISSOCK(buf.st_mode)) redis = redisConnectUnixWithTimeout(redis_host, timeout), is_socket_connection = true; else d28 6 a33 1 redis = redisConnectWithTimeout(redis_host, redis_port, timeout); a34 5 if(redis_password) { @@@@ -122,13 +118,11 @@@@ void Redis::reconnectRedis() { goto redis_error_handler; } else { freeReplyObject(reply); d36 5 a40 5 if(!is_socket_connection) ntop->getTrace()->traceEvent(TRACE_NORMAL, "Successfully connected to redis %s:%u@@%u", redis_host, redis_port, redis_db_id); else d42 3 a44 3 ntop->getTrace()->traceEvent(TRACE_NORMAL, "Successfully connected to redis %s@@%u", redis_host, redis_db_id); @ 1.1 log @ntopng is the next generation version of the original ntop, a network traffic probe that shows the network usage, similar to what the popular top Unix command does. ntopng is based on libpcap and it has been written in a portable way in order to virtually run on every Unix platform, MacOSX and on Windows as well. ntopng users can use a a web browser to navigate through ntop (that acts as a web server) traffic information and get a dump of the network status. In the latter case, ntopng can be seen as a simple RMON-like agent with an embedded web interface. The use of: * a web interface. * limited configuration and administration via the web interface. * reduced CPU and memory usage (they vary according to network size and traffic) @ text @d1 1 a1 1 $NetBSD$ d3 1 a3 1 Allow Redis connection through unix socket. d5 1 a5 1 --- src/Redis.cpp.orig 2016-04-06 11:41:42.000000000 +0000 d7 12 a18 1 @@@@ -75,7 +75,12 @@@@ void Redis::reconnectRedis() { d21 2 d24 5 a28 7 - redis = redisConnectWithTimeout(redis_host, redis_port, timeout); + if (redis_host[0] == '/') { + redis = redisConnectUnixWithTimeout(redis_host, timeout); + } + else { + redis = redisConnectWithTimeout(redis_host, redis_port, timeout); + } d30 15 a44 2 while(num_attemps > 0) { if(redis) reply = (redisReply*)redisCommand(redis, "PING"); else reply = NULL; @