./net/ntopng, Network traffic probe

[ CVSweb ] [ Homepage ] [ RSS ] [ Required by ] [ Add to tracker ]


Branch: CURRENT, Version: 6.0, Package name: ntopng-6.0, Maintainer: adam

ntopng is the next generation version of the original ntop, a network traffic
probe that shows the network usage, similar to what the popular top Unix
command does. ntopng is based on libpcap and it has been written in a portable
way in order to virtually run on every Unix platform, MacOSX and on Windows as
well.

ntopng users can use a a web browser to navigate through ntop (that acts as
a web server) traffic information and get a dump of the network status. In
the latter case, ntopng can be seen as a simple RMON-like agent with
an embedded web interface. The use of:

* a web interface.
* limited configuration and administration via the web interface.
* reduced CPU and memory usage (they vary according to network size and traffic)


Required to run:
[www/curl] [databases/rrdtool] [net/GeoIP] [security/gnutls] [security/libgcrypt] [net/zeromq] [databases/redis] [databases/hiredis] [lang/lua53] [net/ndpi] [databases/mysql57-client] [geography/libmaxminddb]

Required to build:
[pkgtools/x11-links] [x11/xcb-proto] [pkgtools/cwrappers] [x11/xorgproto]

Master sites:

Filesize: 66689.082 KB

Version history: (Expand)


CVS history: (Expand)


   2023-11-20 18:59:35 by Adam Ciarcinski | Files touched by this commit (8) | Package updated
Log message:
ntopng: updated to 6.0

6.0 Stable

Breakthroughs

New configurable Dashboard with new built-in templates
New configurable Traffic Report
New Vulnerability Scans & CVEs support
Add support to Periodic Reports notified via Recipients (e.g. email)
Add Inactive Hosts
Add PagerDuty integration
Add TheHive integration
Add support to Modbus and Modbus alerts
Add Server Ports Analysis page
Enable multithreading in active measurements (more accurate)
Migrate frontend chart timeseries library to Dygraph
Add support for MAC Address based RADIUS accounting
Improve OT, ICS, Scada support
Trigger External Host alerts directly from Lua (also for inactive hosts)
Add multicast forwarders
Implement host blackhole
Add support for LLDP id to MIB-II InterfaceId mapping
Add support for bidirectional rules
Add support for Enterprise XL bundle

Improvements

Implement asynchronous VS scanning
Implement Ms Teams call detection
Optimize blacklist handling
Improve Network Map charts physics
Extend support to deliver notification to specific recipients
Improve traffic recording settings
Add support for Host Pools and Networks in Local Traffic Rules
Add search map
Add custom queries for Top Local/Remote hosts
Add Top receiver/sender networks custom queries
Add openvas support
Add new Vulners vulnerability scanner
Add ability to set probes aliases
Add MDNS, NETBios, HTTP historical filters
Improve FreeBSD clickhouse installation
Implement -L <path> for logging HTTP requests
Add -z for enabling timestamp reforge when reading pcap files
Improve dark mode css
Optimize ElasticSearch export (removed locks, increase export queue to 64K to \ 
handle spikes)
Add Radius chap validation
Add Radius auth protocol preference
Automated commit of clang-format CI changes
Add tool for creating nProbe topics in a kafka broker
Implement host score in Host scripts
Improvements for No-RX traffic analysis
Improve nProbe time drift check
Implement clickhouse retention
Add new page with snmp device rules
Add limit to discard clickhouse dump files
Improve IP/MAC association in SNMP

Changes

Support multilple -m options
Rework nDPI stats
Add support for multiple email recipients
Add logic to enable generic checks if without a configuration
Add malware host contacted check
Use REST API to enable/disable checks
Disabled the reset of the email notification modal upon failed edit submission
Whitelisted locale page
Add ability to reset blacklist stats
Implement blacklist stats
Add mining currency in flow info
Add flag to use proxy in email settings
Reduced in simulate vlans option, the number of vlans
Restricted top flow chart for community version
Add input with suggestions component
Set capture direction for n2disk in zmq interfaces
Add explicit flag to enable flow export when recording on zmq interfaces
Add support for %NPROBE_INSTANCE_NAME
Add Ellio blocklist configuration (disabled by default)
Update to the latest nDPI risks
Email endpoint improvements
Improve notification message
Add download/upload buttons
Add possibility to send notification to recipients
Add multicast broadcast filter
Updated checks lists per license
Add feedback of correctly host inserted or already present
Take the score into account when computing the top alerted hosts
Add backend autorefresh support
Add flow exporter mapping to timeseries
Update default aggregation criteria in Aggregated live flows.
Add missing protocol mapping
Exported IP country information when using -F syslog
Change js formatting function for 'number' type, using thousands separator
Disabled LDAP support for FreeBSD
Add VLAN bidirectional traffic alert
Handle JSON format for NXLOG in Kerberos plugin

nEdge

Add dashboard templates for nedge pro and enterprise
Enable CH support on nEdge Enterprise
Enable throughput charts on nedge
Make Multicast repeater configurable
Add MDNS and multicast repeater
Major cleanup of (deprecated) nedge host pools code
Add support for custom informative captive portal
Set multiple LAN addresses in case of multiple LAN interfaces
Add inter-LANs policies
Always redirect somewhere on captive success, instead of displaying an empty page
nf_config API improvements

Fixes

Fix edit rest in multicast forwarding
Fix missing validation functions
Fix traffic timeseries labels
Fix RedHat OS-name detection
Fix prototype pollution vulnerability
Fix thread pool spawning on freebsd
Fix Zoom handling
Fix behavior alert not triggered
Fix naming with timeseries
Fix nDPI protocol id issues
Fix RRD computation of sampled series with MAX as consolidated function
Fix flow alert where clause in write mode
Fix alert silencing not working
Fix application protocol ID using minor and major protocol
Fix UI spinner on loading
Fix recursive problem in active monitoring
Fix ts with vlans
Fix shutting down doesn't insert alerts in CH
Fix checks configuration initialization (default values) for new risks
Fix traffic behavior total not working in charts
Fix timeseries chart date format
Fix SSH flow swap heuristic
Fix avg empty value and added extra check for nan values in js
Fix pcap dynamically loaded not triggering alert
Fix ZMQ linking on Win
Fix date format
Fix blacklist counter stats
Fix flow alert queries on SQLite
Fix interface and local networks alerts not released
Fix flow devices not working with view interface
Fix flow exporters not seen with aggregated interfaces
Fix js regexes
Fix for validating correctly host and VLAN
Fix segv with custom protocols
Fix l7 metadata ingestion (e.g. dns query) when collecting from ZMQ
Fix hostname resolving
Fix ApexCharts formatter
Fix heap-buffer-overflow in MDNS packet dissection
Fix exclusion bitmap not correctly set
Fix some errors and leaks found while fuzzing locally
Fix Heap buffer overflow in IEC104Stats
Fix for memory management in packet-mode
   2023-11-14 15:03:25 by Thomas Klausner | Files touched by this commit (1145)
Log message:
*: recursive bump for cairo dependency changes
   2023-11-12 14:24:43 by Thomas Klausner | Files touched by this commit (2570)
Log message:
*: revebump for new brotli option for freetype2

Addresses PR 57693
   2023-11-08 14:21:43 by Thomas Klausner | Files touched by this commit (2377)
Log message:
*: recursive bump for icu 74.1
   2023-10-25 00:11:51 by Thomas Klausner | Files touched by this commit (2298)
Log message:
*: bump for openssl 3
   2023-06-29 20:06:21 by Adam Ciarcinski | Files touched by this commit (5) | Package updated
Log message:
ntopng: updated to 5.6

ntopng 5.6

Breakthroughs

Add XL license
Add support Rocky9
Add support to Kafka
Increased max num of exporters
Introduce nTap support
Introduce support to ClickHouse Cluster
Rework Historical Chart Page
Rework pages using VueJS and moving towards responsive client
Improvements

Handle allowed networks for unprivileged users
Improve multitenancy support
Improve thread names
Improve mac formatting
Improve top host sites adding reset method
Improve pcap upload
Improve ports formatting
Improve handling for Cisco NBAR collection
Improve source style
Improve Linux OS detection
Improve Engaged Time Report in Chart
Improve passive DNS hosty resolution
Improve alerts reports
Improve OPNsense installation instruction
Improve host report
Improve support to NDPI_TCP_ISSUES flow risk
Improve layout
Improve ICMP flow handling
Lowered memory consumption due to alert score
Rework pro code directories
Rework lua code
Rework flow aggregation
Rework capabilities support
Socket code cleanup
Use API to build interface report
Update rrd calculations
Update JP localization (courtesy of Yoshihiro Ishikawa)
Changes

Add logo to package
Add missing deps
Add link to host
Add options to send report by email
Add Report class and example
Add internal server error on health/interfaces doc api
Add support for external (REST) host alerts
Add various help and parameters
Add script to create a pdf report from historical API data
Add NXLOG/Active Directory documentation
Add reload button in various pages
Add third party resources
Add flow exporter ips to observation points
Add support for the python API documentation
Add forced offline variable to mantain the --offline option
Add support for Lua host engaged alerts using timeout
Add observation points ts
Add HTTP server in flow details
Add token-based authentication \ 
https://www.ntop.org/guides/ntopng/advanced_features/authentication.html?highlight=token#token-based-authentication
Add Flow Risk (Bitmap) Filter in alerts
Add make targets for pip package Updated package classes
Add L7 information in flow object adding
Add CodeQL workflow for GitHub code scanning
Add modal-download-file component and add export timeseries png picture button
Add critical and emergency status to alerts
Add oneway TCP flows counters
Add support for nDPI network handling in flows
Add -n 4 for name resolution
Add IMAP/POP stats
Add Stratosphere Labs Blacklist support
Add support d3v7
Add Requires for RH9 (redhat-lsb-core is deprecated)
Add interfaces stats api and refactor the others health api
Add support to application protocol and master protocol
Add CIDR support in Historical Flows
Add new Aggregated Flows page
Add new Alerts Analysis page
Add support for estimating the number of TCP contacted servers with no reply
Add new Ports Analysis page
Add detection of periodic flows and exported it as flow risk in both flows and alerts
Add REST API to get DB columns and info
Add ability to query alerts from Python
Add Zoom streams handling
Add various checks
Add IP-in-IP decapsulation
Add Host Rules page (possiblity to trigger alerts based on timeseries)
Add the ability to analyze a pcap without creating a new interface
Add Windows timezone handling
Change table definition
Cleanup file names
Disabled host serialization
Enlarged the number of local networks to 1024
Increased upload size to 25 MB
Implement custom script check
Implement support of host filtering with TX traffic sent
Implement unresponsive peers host report
Implement count of incoming tx peers with TCP flows unanswered
Move ts business logic in ts_rest_utils.lua
Patch for handling nicely clock drift at startup
Remove obsolete autogen commands On Linux stay with g++ unless asnitizer is used
Remove REST API v0 (discontinued since ntopng 4.2)
Remove no more used severity
Refactor range-picker query_presets
Rework host packets page and removed dscp page
Rework host ports implementation
Rework Historical class
Rework OPNsense plugin package build
Self test fixes and improvements
Update documentation
Update REST API
Update bootstrap table css
Update various pages to vuejs
Update counter scaling (no gauge)
Update response in service disabled case
nEdge

Add support to multi LAN and fixes DHCP service error
Add VLAN and multi WAN support to nedge
Add routing_policy to nedge configuration callback
Fix netplan configuration error
Update vlan trunk doc
Fix

Df columns error management, table export formatted with % and column reordering \ 
now working
Fix missing openssl dependency from MacOS
Fix clang
Fix host sankey minor issues
Fix hyperlinks to historical charts not working
Fix hyperlinks not working correctly
Fix Regex escape
Fix application name resolution on aggregated views
Fix RRD driver for step calaculation
Fix visual bugs with master and app proto
Fix various interface page minor bugs
Fix shortened labels
Fix default sort not working
Fix influxdb retention not updated
Fix name and size of charts
Fix vlan label not mapped
Fix for FreeBSD configure
Fix ip resolution not updating the name
Fix discrepancy in Traffic Calculation (Interface Chart)
Fix measurement units not uniform
Fix crash swap
Fix bug that reported wrong DNS information
Fix build process with opnsense/plugins
Fix validators regexps
Fix ICMP emtropy report Improved HTTP flows report
Fix Telegram Reported alerts contain HTML
Fix multi-series Charts are Unreadable in Dark Mode
Fix invalid reverse host resolution that caused hosts to be labelled with wrong \ 
symbolic name
Fix delete obsoleted code from page-stats
Fix for circular dependency js
Fix overlay not working
Fix due to changes to nDPI ALPN handling
Fix CSS Inconsistency Across Browsers
Fix Deep copy also for array of objects
Fix missing modules
Fix NAT handling with nprobe
Fix initialization crash
Removed multiple load from tables
ZMQ encryption key is now reported in hex to avoid escape problems
   2023-04-19 10:12:01 by Adam Ciarcinski | Files touched by this commit (2359) | Package updated
Log message:
revbump after textproc/icu update
   2023-01-29 22:18:34 by Ryo ONODERA | Files touched by this commit (2527)
Log message:
*: Recursive revbup from graphics/freetype2