Pakon Improvements
Outline
In order to refactor Pakon code, here are some ideas how to overall improve
- it's performance
- code readability
- database load
- etc.
Content
-
move from pakon-handler
and provide API to frontend directly- query database in API
- remove
pakon-query/pakon-handler
-
run-check
outside themonitor
module -
determine and refactor when is ConntrackScriptSource
vsUnixSocketSource
, for now if not set inuci
user does not see the difference -
make sure we have option to feed name data from various sources (currently Suricata, in future DNS resolver, maybe separate TLS dump)
Database improvements
-
Amend data instead of having daily database squash (squas on insert) - (TRIGGER perhaps?)
-
Split database into two - avoid copy to ram and back to flash
- short term in
/var/cache
with non-aggregated data - long term in
/srv
with aggregated data - do aggregation from short term to long term one
-
ORM based DB access -
use peewee
overSQLAlchemy
aspeewee
seems is already used on router
BusyBox v1.30.1 () built-in shell (ash)
(...)
TurrisOS 5.3.0, Turris Mox
(...)
In [1]: import SQLAlchemy
---------------------------------------------------------------------------
ModuleNotFoundError Traceback (most recent call last)
<ipython-input-1-8a440f506672> in <module>
----> 1 import SQLAlchemy
ModuleNotFoundError: No module named 'SQLAlchemy'
In [2]: import peewee
In [3]:
Refactor
-
remove new device alert -
light-remove suricata - knot resolver