ucollect merge requestshttps://gitlab.nic.cz/turris/ucollect/-/merge_requests2020-11-12T02:24:42+01:00https://gitlab.nic.cz/turris/ucollect/-/merge_requests/17Let the flow tagger use the same index as archivist2020-11-12T02:24:42+01:00Ghost UserLet the flow tagger use the same index as archivistThen we can drop the other index, as it is not used.Then we can drop the other index, as it is not used.https://gitlab.nic.cz/turris/ucollect/-/merge_requests/20Fix FWUp segfault2020-11-12T02:24:42+01:00Ghost UserFix FWUp segfaulthttps://gitlab.nic.cz/turris/ucollect/-/merge_requests/19Tagmerge2020-11-12T02:24:42+01:00Ghost UserTagmergehttps://gitlab.nic.cz/turris/ucollect/-/merge_requests/18Remidx2020-11-12T02:24:43+01:00Ghost UserRemidxhttps://gitlab.nic.cz/turris/ucollect/-/merge_requests/21Kill the buckets plugin2020-11-12T02:24:42+01:00Ghost UserKill the buckets pluginIt produced no usable output, took a bunch of resources and was
otherwise annoying.It produced no usable output, took a bunch of resources and was
otherwise annoying.https://gitlab.nic.cz/turris/ucollect/-/merge_requests/16master: Don't produce debug table2020-11-12T02:24:42+01:00Ghost Usermaster: Don't produce debug tablehttps://gitlab.nic.cz/turris/ucollect/-/merge_requests/15authenticator: Don't keep a transaction open forever2020-11-12T02:24:41+01:00Ghost Userauthenticator: Don't keep a transaction open foreverhttps://gitlab.nic.cz/turris/ucollect/-/merge_requests/13Add missing header2020-11-12T02:24:42+01:00Ghost UserAdd missing headerhttps://gitlab.nic.cz/turris/ucollect/-/merge_requests/12Store honeypot remote port into the archive2020-11-12T02:24:42+01:00Ghost UserStore honeypot remote port into the archivehttps://gitlab.nic.cz/turris/ucollect/-/merge_requests/9Store plugin history of clients2020-11-12T02:24:43+01:00Ghost UserStore plugin history of clientshttps://gitlab.nic.cz/turris/ucollect/-/merge_requests/8Auth cache2019-12-17T16:05:59+01:00Ghost UserAuth cacheCache login credentials in authenticator's memory.Cache login credentials in authenticator's memory.https://gitlab.nic.cz/turris/ucollect/-/merge_requests/6Ssh blacklist2019-12-17T16:05:59+01:00Ghost UserSsh blacklistInclude attackers from ssh honeypot in the view of attackers.
Related to https://redmine-old.labs.nic.cz/issues/4246Include attackers from ssh honeypot in the view of attackers.
Related to https://redmine-old.labs.nic.cz/issues/4246https://gitlab.nic.cz/turris/ucollect/-/merge_requests/10Print times in archivist output2020-11-12T02:24:43+01:00Ghost UserPrint times in archivist outputhttps://gitlab.nic.cz/turris/ucollect/-/merge_requests/3Use sanity instead of assert in the fake plugin2019-12-17T16:06:00+01:00Ghost UserUse sanity instead of assert in the fake pluginThe sanity function produces a log message when it fails, which may help us discover why we are getting SIGABRT in the fake plugin.
Related to https://redmine-old.labs.nic.cz/issues/4136.The sanity function produces a log message when it fails, which may help us discover why we are getting SIGABRT in the fake plugin.
Related to https://redmine-old.labs.nic.cz/issues/4136.https://gitlab.nic.cz/turris/ucollect/-/merge_requests/1Don't lose ipset error messages2019-12-17T16:06:00+01:00Ghost UserDon't lose ipset error messagesCode for ticket https://redmine-old.labs.nic.cz/issues/4182.Code for ticket https://redmine-old.labs.nic.cz/issues/4182.https://gitlab.nic.cz/turris/ucollect/-/merge_requests/45Provide logs to api's syslog2020-11-12T02:24:37+01:00Ghost UserProvide logs to api's syslogWe want to send the logs there (as well as other places), because its
where we take it to the graphana logging stuff.
The API has a bit broken syslog, so we do it through some little unusual
tricks.
An equivalent code is actually alrea...We want to send the logs there (as well as other places), because its
where we take it to the graphana logging stuff.
The API has a bit broken syslog, so we do it through some little unusual
tricks.
An equivalent code is actually already deployed on API right now, as uncommited local changes. But it still should go through at least minimal review before getting to the master branch.https://gitlab.nic.cz/turris/ucollect/-/merge_requests/44Store termination flags of TCP flows2020-11-12T02:24:38+01:00Ghost UserStore termination flags of TCP flowsThis is the server part of storing the ands of biflows as well as their
starts (which we did from the very beginning).
This follows 10b805a84f3c14408a484083a7d06e363998586e, which should be ready to go into the 3.7. Not tested, but doub...This is the server part of storing the ands of biflows as well as their
starts (which we did from the very beginning).
This follows 10b805a84f3c14408a484083a7d06e363998586e, which should be ready to go into the 3.7. Not tested, but double-checked there are no typos in the variable names.https://gitlab.nic.cz/turris/ucollect/-/merge_requests/43Drop the NAT detector support2019-12-17T16:05:54+01:00Ghost UserDrop the NAT detector supportAs discussed previously, we want to get rid of the nat detector support. I already turned it off in the server configuration and in the archivist. This drops the code (that is currently present, but isn't run).
I'll also delete the rele...As discussed previously, we want to get rid of the nat detector support. I already turned it off in the server configuration and in the archivist. This drops the code (that is currently present, but isn't run).
I'll also delete the relevant table in the db (not on archive), once it becomes empty.https://gitlab.nic.cz/turris/ucollect/-/merge_requests/11Archivist: Allow arbitrary data in several columns2020-11-12T02:24:43+01:00Ghost UserArchivist: Allow arbitrary data in several columnsUser inputs (ssh commands, names, passwords) may contain invalid UTF-8
data, therefore store them in BYTEA columns. The main database already
uses BYTEA. Make sure the data are fed to the DB in the correct format,
with a trick with bind_...User inputs (ssh commands, names, passwords) may contain invalid UTF-8
data, therefore store them in BYTEA columns. The main database already
uses BYTEA. Make sure the data are fed to the DB in the correct format,
with a trick with bind_param.https://gitlab.nic.cz/turris/ucollect/-/merge_requests/2authenticator: Handle repeated errors of DB2019-12-17T16:06:00+01:00Ghost Userauthenticator: Handle repeated errors of DBhttps://redmine-old.labs.nic.cz/issues/4221https://redmine-old.labs.nic.cz/issues/4221