v1.1.11: Fix exclude_source_ips config loading and debug logging
Major fixes: - Add exclude_source_ips to mergeConfigs() - config file values now properly loaded - Add validation for exclude_source_ips (IP/CIDR format validation) - Remove JA4SENTINEL_LOG_LEVEL env var from systemd service - Config file log_level now respected without env override Debug logging improvements: - Log IP filter entries at startup (debug mode) - Track filtered packet count with atomic counter - Display filter statistics at shutdown via GetFilterStats() - New debug logs in tlsparse component Testing: - Add 6 new unit tests for exclude_source_ips and log_level config loading - Test mergeConfigs() behavior with empty/override values - Test validation of invalid IPs and CIDR ranges Documentation: - Update architecture.yml with ipfilter module - Document config loading priority and notes - Update api.Config fields (LocalIPs, ExcludeSourceIPs, LogLevel) Files changed: - internal/config/loader.go (merge, validation, helpers) - internal/config/loader_test.go (6 new tests) - internal/tlsparse/parser.go (GetFilterStats, counter) - cmd/ja4sentinel/main.go (debug logging) - packaging/systemd/ja4sentinel.service (remove env var) - architecture.yml (ipfilter module, config_loading section) Co-authored-by: Qwen-Coder <qwen-coder@alibabacloud.com>
This commit is contained in:
toto
@ -3,7 +3,7 @@
|
||||
%if %{defined build_version}
|
||||
%define spec_version %{build_version}
|
||||
%else
|
||||
%define spec_version 1.1.9
|
||||
%define spec_version 1.1.11
|
||||
%endif
|
||||
|
||||
Name: ja4sentinel
|
||||
@ -123,6 +123,30 @@ fi
|
||||
|
||||
%changelog
|
||||
|
||||
* Wed Mar 04 2026 Jacquin Antoine <rpm@arkel.fr> - 1.1.11-1
|
||||
- FIX: Remove JA4SENTINEL_LOG_LEVEL environment variable from systemd service
|
||||
- Config file log_level now respected (no env var override)
|
||||
- FIX: Add exclude_source_ips to config merge function (mergeConfigs)
|
||||
- FIX: Add validation for exclude_source_ips entries (IP/CIDR)
|
||||
- New isValidIP() and isValidCIDR() helper functions
|
||||
- Config file exclude_source_ips now properly loaded and validated
|
||||
- DEBUG: Add IP filter debug logging for troubleshooting
|
||||
- Log filter entries at startup in debug mode
|
||||
- Track filtered packet count with atomic counter
|
||||
- Display filter statistics at shutdown
|
||||
- New GetFilterStats() method on parser for monitoring
|
||||
- Added unit tests for exclude_source_ips and log_level config loading
|
||||
|
||||
* Wed Mar 04 2026 Jacquin Antoine <rpm@arkel.fr> - 1.1.10-1
|
||||
- DEBUG: Add IP filter debug logging for troubleshooting
|
||||
- Log filter entries at startup in debug mode
|
||||
- Track filtered packet count with atomic counter
|
||||
- Display filter statistics at shutdown
|
||||
- New GetFilterStats() method on parser for monitoring
|
||||
- FIX: Add exclude_source_ips to config merge function
|
||||
- FIX: Add validation for exclude_source_ips entries (IP/CIDR)
|
||||
- Helps diagnose exclude_source_ips filtering issues
|
||||
|
||||
* Wed Mar 04 2026 Jacquin Antoine <rpm@arkel.fr> - 1.1.9-1
|
||||
- FEATURE: Add source IP exclusion with CIDR support
|
||||
- New exclude_source_ips configuration option
|
||||
|
||||
@ -16,7 +16,6 @@ RestartSec=5
|
||||
WatchdogSec=30
|
||||
TimeoutStopSec=2
|
||||
NotifyAccess=main
|
||||
Environment=JA4SENTINEL_LOG_LEVEL=info
|
||||
|
||||
# Security hardening (compatible with root for packet capture)
|
||||
ProtectSystem=strict
|
||||
|
||||
Reference in New Issue
Block a user