Darryl Sokoloski 753a93ccb3 netifyd: updated to v2.88

Change log for v2.88:
[IMP] Added support for search and replace privacy expressions.
[IMP] Added support for masking external addresses with private address ranges.
[IMP] When enabled, trigger a sink update on start-up.
[IMP] Added flow hash cache.
[IMP] Added HTTPS as a super-protocol of SSL.
[IMP] Add ability to save DNS hint cache to non-volatile (persistent) memory.
[IMP] Save sink responses when "json_save" is enabled.
[IMP] Added dynamic sink URL cloud configuration.
[IMP] Implemented per-detection-thread packet capture queue.
[IMP] Added support for a loadable serial UUID.
[IMP] Added configuration option to override sink connection timeout.
[IMP] Idle flow TTLs tunable via configuration directives.
[IMP] Added idle TCP flow multiplier to keep TCP flows in memory longer.
[IMP] Added new flow metadata "first_update_at" timestamp.
[IMP] Added complete reference sample configuration file.
[IMP] Various optimizations and fixes for FreeBSD.
[IMP] Employ advisory locking when writing output files.

[FIX] Ensure all configuration files are preserved on upgrades.
[FIX] Fixed automatic interface role detection for nethserver/shorewall.
[FIX] Memory usage fixes using profiling tools.

[UPD] Updated to nDPI v2.9.0-dev-709a87c.

[OPT] Flush and compress upload queue as soon as possible.
[OPT] Significantly reduced detection thread locking times.

[DEV] Added example plugin submodule to repository.

Signed-off-by: Darryl Sokoloski <darryl@sokoloski.ca>

2019-06-10 10:20:14 -04:00

2.8 KiB

Raw Blame History

Netify Agent

Network Intelligence - Simplified

The Netify Agent is a deep-packet inspection server. The Agent is built on top of nDPI (formerly OpenDPI) to detect network protocols and applications. Detections can be saved locally, served over a UNIX or TCP socket, and/or "pushed" (via HTTP POSTs) to a remote third-party server. Flow metadata, network statistics, and detection classifications are stored using JSON encoding.

Optionally, the Netify Agent can be coupled with a Netify Cloud subscription for further cloud processing, historical storage, machine-learning analysis, event notifications, device detection/identification, along with the option (on supported platforms) to take an active role in policing/bandwidth-shaping specific network protocols and applications.

Runtime Requirements

Ensure that the nfnetlink and nf_conntrack_netlink kernel modules are loaded.

Build Requirements

Netify requires the following third-party packages:

libcurl
libjson-c
libmnl
libnetfilter-conntrack
libpcap
zlib

Optional:

libtcmalloc (gperftools)

Download Source

When cloning the source tree, ensure you use --recursive to include all sub-modules.

Download Packages

Currently you can download binary packages for the following OS distributions:

Developer Documentation

Further developer documentation can be found here.

Configuring/Building From Source

Read the appropriate documentation in the doc directory, prefixed with: BUILD-*

Generally the process is:

# ./autogen.sh
# ./configure
# make

License

This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.

This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
GNU General Public License for more details.

2.8 KiB Raw Blame History