Skip to content

Releases: pavel-odintsov/fastnetmon

FastNetMon Community 1.2.8 Hong Kong

16 Dec 13:02
05bd983
Compare
Choose a tag to compare

Security fixes:

  • CVE-2024-56072 Fixed DoS vulnerability in sFlow v5 plugin which caused crash of FastNetMon with specially crafted packet. Reported by Evgeny Shtanov aka @Klavishnik
  • CVE-2024-56073 Fixed FPE / division by zero vulnerability in Netflow v9 logic when length of template is zero. Reported by Evgeny Shtanov aka @Klavishnik

Changes:

  • Added Clickhouse support for exporting metrics
  • Integrated fuzzing support by @Klavishnik
  • Introduced per protocol total traffic counters
  • Migrated IPv6 announces to use our logic to craft BGP IPv6 Unicast announces
  • Migrated IPv4 announces to use our logic to craft BGP IPv4 Unicast announces
  • Multiple improvements for sFlow v5 plugin
  • Introduced detailed attack reporting logic
  • Multi flow support for inline monitoring services and IPFIX 315

To install / upgrade please use:

wget https://install.fastnetmon.com/installer -Oinstaller
sudo chmod +x installer
sudo ./installer -install_community_edition

FastNetMon Community 1.2.7 Alanya

01 Jul 20:59
Compare
Choose a tag to compare

Changes:

  • Migrated away from IPv4 only inet_addr in sFlow logic. Adds IPv6 support for sFlow plugin
  • Added logic to export per network IPv6 traffic to InfluxDB
  • Huge amount of improvements to improve IPFIX standard support and support for multiple vendor specific capabilities
  • Added logic to strip 1, 2 or 3 nested vlans for packet parser
  • Enabled attack details dumps for IPv6
  • Added logic to load IPv6 prefixes from whitelist file
  • Added logic to exclude some traffic from processing using JSON encoded BGP Flow Spec rules in JSON format in file /etc/whitelist_rules one rule per line
  • Added Ubuntu 24.04 LTS support
  • Deprecated CentOS 7, Debian 9, 10, Ubuntu 16.04 and Ubuntu 18.04

FastNetMon Community 1.2.6 Seattle

15 Oct 21:17
19ea45a
Compare
Choose a tag to compare

Changes:

  • Switched to C++ 20
  • Unified IPv4 and IPv6 host counters to use high efficient hash based counters to store per host traffic
  • Introduced Terms and Conditions and updated Privacy Policy documents
  • Added support for bi-directional flows used by Cisco ASA
  • Added dozens of new fields for IPFIX
  • Full refactoring of Netflow plugin
  • Enabled process_outgoing_traffic and process_incoming_traffic configuration options for IPv6 traffic.
  • Added instance ID reporting to analytics report to distinguish different instances behind NAT
  • Reworked packet parser to avoid data modification in buffer during parsing process
  • Unified InfluxDB host traffic export logic with templates
  • Added complete BGP Unicast IPv4 and IPv6 implementation for native BGP operations

To install / upgrade please use:

wget https://install.fastnetmon.com/installer -Oinstaller
sudo chmod +x installer
sudo ./installer -install_community_edition

FastNetMon Community 1.2.5 Antalya

23 May 17:10
Compare
Choose a tag to compare

Changes:

  • Official ARM64 support for Debian, Ubuntu and RedHat platforms and official binary builds
  • Automated installation for Grafana and InfluxDB with dozens of pre-defined dashboards
  • Disabled PID logic by default, no need to use --disable_pid_logic Can be enabled explicitly using --pid_logic
  • GoBGP upgrade to 3.12
  • Ability to compile FastNetMon for Windows Server platforms
  • log4cpp upgrade to 1.1.4
  • New set of performance metrics for AF_PACKET
  • New binary dependency caching logic to speed up CI builds

To install / upgrade please use:

wget https://install.fastnetmon.com/installer -Oinstaller
sudo chmod +x installer
sudo ./installer -install_community_edition

FastNetMon Community 1.2.4 San Francisco

01 Mar 14:48
Compare
Choose a tag to compare

New features:

  • Native Prometheus support
  • Option to send all traffic in JSON format to Kafka
  • Option to send all traffic in Protobuf format to Kafka

Bugfixes:

  • Reworked speed reporting calculation to monotonic time to address crashes during time adjustments

New platforms support:

  • Added Debian 12 (future release) support

Improvements:

  • Migrated to stand alone libbpf 1.0.1 from in kernel version
  • Added emojis to README, yay
  • Added option for build system to store binary versions of libraries on S3 to reduce build time
  • Added option to verify checksums for all dependencies to detect any alteration attempts
  • Added absl, zlib, c-ares, re2 as dependencies for gRPC
  • Switched gRPC to use cmake based build
  • Added help command for fastnetmon_api_client
  • Reworked Boost install process to use b2 install instead of building stage in place
  • Switched cmake to use system libraries by default for build procedure to offer better developer experience
  • Removed dependency on libatomic1 as it's not required on x86_64 platforms
  • Added XDP microcode to use with FastNetMon
  • Added rdkafka and cppkafka as optional dependencies
  • Complete redesign of speed counters for IPv4 prefixes and IPv6 hosts and networks

For install or upgrade please use our official installer tool.

FastNetMon Community 1.2.3 London

15 Oct 17:09
Compare
Choose a tag to compare

New capabilities:

  • Added new AF_XDP plugin for high efficient XDP based traffic capture
  • Added IPv6 support for sFlow plugin
  • Added configuration option logging_level to control log level between info and debug

Changes:

  • Switched systemd unit files to use simple daemon type and disabled our own forking logic
  • Reworked very error prone and complicated to use and maintain json-c to modern nlohmann/json
  • Reworked IPv4 per network counters to completely new unified counters logic
  • Removed ExaBGP backed Flow Spec implementation due to API compatibility issues
  • We deprecated configuration field notify_script_pass_details and enabled it by default. You need to read stdin attack information for both ban and attack_details actions
  • Reduced number of packets for attack confirmation from 50 to 20 as 50 is too much for sampled protocols
  • Complete migration to new high efficient native C++ network packet parser which has full support of IPv6 and GRE tunnelling
  • Reworked total traffic counters to use unified class total_speed_counters_t
  • Switched HTTPS client to use TLS instead of outdated SSL
  • Add logic to export usage statistics with goal to learn more about customer platforms and most popular features in FastNetMon. It can be disabled using configuration option: disable_usage_report = on
  • Breaking change in logging configuration, we replaced our snowflake 'logging:' prefix by standard 'logging_'
  • Added logic to catch stacktrace in case of segmentation fault
  • Added logic to restart FastNetMon in case of failures using systemd capability: Restart=on-failure
  • Improved statistics for AF_PACKET
  • Addressed race condition in API logic for unban and ban operations

Dependencies:

  • Removed dependency on json-c
  • Upgrade OpenSSL to 1.1.1q
  • Upgrade Boost to 1.80
  • Added dependency on libelf (AF_XDP plugin)
  • Added dependency on libbpf (AF_XDP plugin)

FastNetMon Community 1.2.2 Whitstable

19 Jun 17:48
Compare
Choose a tag to compare

New platforms:

  • Added support for RHEL 9, Alma Linux 9, Rocky Linux 9
  • We're part of Fedora Upstream (Rawhide, 35, 36)
  • Added upstream support for Homebrew and MacOS builds
  • Deprecated Ubuntu 14.04. The last version which supports Ubuntu 14.04 is 1.2.1.
  • We're back in Debian upstream

Changes:

  • Upgrade our custom gcc compiler to latest version available: 12.1.0
  • Switched FastNetMon to C++ 20
  • Reworked convert_timeval_to_date to std::put_time to avoid low level snprintf manipulations
  • Reworked Patricia code to be more C++ compliant
  • Added logic to log only to console to use native systemd logging facilities with flag --log_to_console
  • Added new flag disable_pid_logic which disables PID writing and checking logic. It's legacy for init based distros and we do not need it for modern distributions
  • Added explicit error if we cannot create socket for AF_PACKET
  • Debian upstream build system was moved to Debian Salsa
  • Moved all FastNetMon Community files to /opt/fastnetmon-community
  • Upgrade GoBGP to 2.27
  • Moved all binaries to /opt/fastnetmon-community/app/bin
  • Upgrade Boost 1.74 to 1.78
  • Upgrade json-c to 0.13.1 20180305
  • Added logic to fix set_boost_process_name compilation on Apple platforms
  • Ported libsflow to our unified endian-less conversion library

To install / upgrade please use:

wget https://install.fastnetmon.com/installer -Oinstaller
sudo chmod +x installer
sudo ./installer -install_community_edition

FastNetMon Community 1.2.1 Edinburgh

14 May 11:25
Compare
Choose a tag to compare

Changes

  • Added configuration options to control how often we export traffic to InfluxDB: influxdb_push_period
  • Added configuration option to control how often we export traffic to Graphite: graphite_push_period = 1
  • Added GoBGP 2.17 as part of our binary package
  • Added experimental logic for Netflow v9 Lite
  • Add support for Discord notifications via script contributed by amit17
  • Deprecated and removed DPI logic as we focus only on L3 and L4 protocols
  • Deprecated CentOS 6 for new versions, last support which supports it will be 1.2.0
  • Deprecated Debian 8 for new versions, last support which supports it will be 1.2.0
  • Added support for Debian 11 and Ubuntu 22.04
  • Deprecated PF_RING plugin for new versions. We switched to AF_PACKET which is completely open source and works way better
  • Switched fastnetmon_client to use sort by mbits by default for consistency between editions
  • Deprecated Netmap support for all new Linux releases. It may be enabled manually on FreeBSD which has native support for it
  • Improved code style and reformatted code with clang-format
  • Replaced unsafe call of printw by format-less addstr
  • Added logic to build bindings files for capnp during build process. Addresses issue with inability to build on platforms with different version of capnp installed
  • Switched to C++ 17 by default to use latest development in language
  • Upgrade log4cpp to 1.1.3 to address C++ 17 compatibility
  • Added official Docker image powered by GitHub's Docker registry
  • Performance optimisations for sFlow logic
  • Implemented logic to parse IPv4 samples for sFlow plugin. Some agents such as hsflowd use this kind of encoding
  • Created our security policy
  • Added logic to search Protobuf gRPC compiler plugin using find_program
  • Moved NO_DEFAULT_PATH to variable and added configuration option to control it. It's very useful for upstream builds
  • Disabled RPATH alterations when DO_NOT_USE_SYSTEM_LIBRARIES_FOR_BUILD is not set
  • Extended LimitNOFILE to 65535 as we may have pretty large number of active attack notification
  • Removing bundled Netmap header files as they cause issues with compatibility when Netmap driver has different version.
  • Upgrade {fmt} to 8.0.0 to address issue with build on Debian bullseye
  • Updated Fedora spec to prepare upstreaming

To install / upgrade please use:

wget https://install.fastnetmon.com/installer -Oinstaller
sudo chmod +x installer
sudo ./installer -install_community_edition

FastNetMon Community 1.2.0 Bath

29 Mar 21:04
Compare
Choose a tag to compare
  • Native InfluxDB support
  • IPFIX sampling support
  • Netflow v9 plugin reliability improvements (infinite loop prevention logic)
  • Netflow / IPFIX plugin performance optimisations
Before using InfluxDB you need to create database using influx tool:
# create database fastnetmon

Then configure it in /etc/fastnetmon.conf:
# InfluxDB
influxdb = on
influxdb_host = 127.0.0.1
influxdb_port = 8086
influxdb_database = fastnetmon

# InfluxDB auth
influxdb_auth = off
influxdb_user = fastnetmon
influxdb_password = secure

FastNetMon Community 1.1.9 Maidstone

25 Mar 19:39
Compare
Choose a tag to compare
  • Added option sflow_read_packet_length_from_ip_header to use packet length from header instead of sFlow field
  • Added logic to ban / unban IPv6 hosts manually via API and fastnetmon_api_client
  • Added logic to announce / withdraw announces about IPv6 hosts