Added
* support for welcome message required for newer versions of
  sentinel-proxy
* dependency on libczmq\_logc that integrates CZMQ logging with LogC
* configuration parsing for `nflog_group`, `socket` and `topic`

Changed
* minimal required version of LogC is now 0.2.0

Fixed
* CI: release description for automatic release creation

Miroslav Hanak authored 3 years ago and Karel Koci committed 3 years ago

- includes
- attribute nonnull
- function declarations without parameters names
- make packet_data ports uint16_t

Miroslav Hanak authored 3 years ago and Karel Koci committed 3 years ago

- sort includes
- add attribute nonnull to function declarations

Miroslav Hanak authored 3 years ago and Karel Koci committed 3 years ago

- includes
- function declarations without parameter names
- __attribute__((nonnull))

The receive of packet can fail. That breaks the loop but it won't print
any info. This adds report about that.

The nflog_handle_packet can fail according to some search on the
Internet. This function is not documented in the official documentation
but is used in example that is part of it and no error is handled there
but that minimum the callback can return error so there is probably a
way how this could fail.
This is tied to the  change in callback implementation. Originally we
signaled error from callback if sending failed. This can happen for
various reasons but in general we do not care about that. We print error
and we should keep going because ti might be just temporally thing. That
removes only one place when callback would signal error. Any other place
is considered unexpected error and thus abort is called there. The
result is that we no longer need callback to signal error and thus this
was removed as well.

Run tests with fwrecorder to at least cover it by static analysis.

The variable is also a better option to cover cases when server moves.

This actually uses configuration file for real. We allow configuration
of socket, topic and nflog group.

The additional change here is the removal of -t argument. The topic
change is available only through long option now. The reason for this is
because whole pipeline depends on default topic and topic change breaks
it. It is kind of an internal option and thus it for sure should not
have convenient short option.

This ensures that we have working distribution archives.

The LogC changed macro names with 0.2.0 release.

The issue here is that czmq fails to pass helgrind and drd.

This also extends docker image with new dependency, logc-libs.

This redirects czmq messages to logc. Note that at the moment this is
only redirection. The configuration is not yet propagated from
application log because LogC lacks chain implementation still.

This adds welcome message that is send as soon as possible to the
Sentinel proxy.

This also extends tests to cover sender and to cover cases when data
received are just simply invalid.

The original code was just wrong. This correctly extracts the first
block section from changelog.

Added
* support for parsing UDP and TCP protocols for IPv6 (for now without
  extensions headers)

Changed
* source files were reorganized in the repository

These are all protocols that are defined in netinet/in.h but they are
not all available on all systems. Commenting out some subset is not
exactly all right solution. This instead just wraps case with check if
macro is defined.

This has still one huge hole and that is that it simply sends info about
first extension header instead of protocol itself. The idea is to deploy
it as it is now and get back to it after we collect some data and see
how often such packets are blocked on firewall. It might be that they
are just not that common and thus we might not need to hurry with
implementation. Another option is that they are pretty common and so
simply we would have to implement them as soon as possible.

This is just so project is little bit better organized. We have now
sources for recorder and fwlogs itself separate.

This also changes how we load suites in unittests. We now use
constructor to auto-inject suites without having to edit unittests.c.

This removes typo in gitignore, unsecure git (that was just used to
overcome temporally bug in Debian and invalid names of release archives.

These are hidden now. The change was part of
eb7c4cae commit but gitignore wasn't
updated.

The source for original code was logc project and in this place it
wasn't updated.

This tweaks build system to hide some warnings and improve help text.

Another change is in Gitlab CI. Primary change is addition of release
creation.

This also includes some minor code style tweaks.

Added
* Initial version of fwlogs
* IPv4 TCP and UCP support
* Minimal IPv6 support

It is common to install using ./configure && make && make install. This
would include tests and linters and introduced unnecessary dependencies
just to pass configure step. Making tests and linter disable at default
allows simpler usage. Developer can enable tests and linter rather
over common user having to disable them.

These protocols seems to not be defined on Debian when building in CI.
This might be either thanks to configuration or because it is just older
version.

This just reuses template from other projects, nothing spectacular.

IPv6 is partially supported but not covered by tests and fails to detect
correct protocol.