feature: 1.1.18
Some checks failed
Build RPM Package / Build RPM Packages (CentOS 7, Rocky 8/9/10) (push) Has been cancelled
Some checks failed
Build RPM Package / Build RPM Packages (CentOS 7, Rocky 8/9/10) (push) Has been cancelled
+- FEATURE: Add comprehensive metrics for capture and TLS parser monitoring +- Capture metrics: packets_received, packets_sent, packets_dropped (atomic counters) +- Parser metrics: retransmit_count, gap_detected_count, buffer_exceeded_count, segment_exceeded_count +- New GetStats() method on Capture interface for capture statistics +- New GetMetrics() method on Parser interface for parser statistics +- Add DefaultMaxHelloSegments constant (100) to prevent memory leaks from fragmented handshakes +- Add Segments field to ConnectionFlow for per-flow segment tracking +- Increase DefaultMaxTrackedFlows from 50000 to 100000 for high-traffic scenarios +- Improve TCP reassembly: better handling of retransmissions and sequence gaps +- Memory leak prevention: limit segments per flow and buffer size +- Aggressive flow cleanup: clean up JA4_DONE flows when approaching flow limit +- Lock ordering fix: release flow.mu before acquiring p.mu to avoid deadlocks +- Exclude IPv6 link-local addresses (fe80::) from local IP detection +- Improve error logging with detailed connection and TLS extension information +- Add capture diagnostics logging (interface, link_type, local_ips, bpf_filter) +- Fix false positive retransmission counter when SYN packet is missed +- Fix gap handling: reset sequence tracking instead of dropping flow +- Fix extractTLSExtensions: return error details with basic TLS info for debugging
This commit is contained in:
toto
@ -3,7 +3,7 @@
|
||||
%if %{defined build_version}
|
||||
%define spec_version %{build_version}
|
||||
%else
|
||||
%define spec_version 1.1.15
|
||||
%define spec_version 1.1.18
|
||||
%endif
|
||||
|
||||
Name: ja4sentinel
|
||||
@ -123,6 +123,45 @@ fi
|
||||
|
||||
%changelog
|
||||
|
||||
* Mon Mar 09 2026 Jacquin Antoine <rpm@arkel.fr> - 1.1.18-1
|
||||
- FEATURE: Add comprehensive metrics for capture and TLS parser monitoring
|
||||
- Capture metrics: packets_received, packets_sent, packets_dropped (atomic counters)
|
||||
- Parser metrics: retransmit_count, gap_detected_count, buffer_exceeded_count, segment_exceeded_count
|
||||
- New GetStats() method on Capture interface for capture statistics
|
||||
- New GetMetrics() method on Parser interface for parser statistics
|
||||
- Add DefaultMaxHelloSegments constant (100) to prevent memory leaks from fragmented handshakes
|
||||
- Add Segments field to ConnectionFlow for per-flow segment tracking
|
||||
- Increase DefaultMaxTrackedFlows from 50000 to 100000 for high-traffic scenarios
|
||||
- Improve TCP reassembly: better handling of retransmissions and sequence gaps
|
||||
- Memory leak prevention: limit segments per flow and buffer size
|
||||
- Aggressive flow cleanup: clean up JA4_DONE flows when approaching flow limit
|
||||
- Lock ordering fix: release flow.mu before acquiring p.mu to avoid deadlocks
|
||||
- Exclude IPv6 link-local addresses (fe80::) from local IP detection
|
||||
- Improve error logging with detailed connection and TLS extension information
|
||||
- Add capture diagnostics logging (interface, link_type, local_ips, bpf_filter)
|
||||
- Fix false positive retransmission counter when SYN packet is missed
|
||||
- Fix gap handling: reset sequence tracking instead of dropping flow
|
||||
- Fix extractTLSExtensions: return error details with basic TLS info for debugging
|
||||
|
||||
* Mon Mar 09 2026 Jacquin Antoine <rpm@arkel.fr> - 1.1.17-1
|
||||
- FEATURE: Default network interface set to "any" for automatic multi-interface capture
|
||||
- No manual configuration required - captures on all interfaces out of the box
|
||||
- Supports physical (ens18, eth0), virtual, Docker, VPN interfaces automatically
|
||||
- Linux SLL (cooked capture) used for interface "any" - already implemented and tested
|
||||
|
||||
* Mon Mar 09 2026 Jacquin Antoine <rpm@arkel.fr> - 1.1.16-1
|
||||
- FEATURE: Add comprehensive metrics for capture and TLS parser monitoring
|
||||
- Capture: packets_received, packets_sent, packets_dropped counters (atomic)
|
||||
- Parser: retransmit_count, gap_detected_count, buffer_exceeded_count, segment_exceeded_count
|
||||
- New GetStats() method on Capture interface for capture statistics
|
||||
- New GetMetrics() method on Parser interface for parser statistics
|
||||
- Add DefaultMaxHelloSegments constant (100) to prevent memory leaks from fragmented handshakes
|
||||
- Add Segments field to ConnectionFlow for per-flow segment tracking
|
||||
- Improve TCP reassembly: better handling of retransmissions and sequence gaps
|
||||
- Memory leak prevention: limit segments per flow and buffer size
|
||||
- All counters use sync/atomic for thread-safe access without locks
|
||||
- Metrics designed for monitoring/debugging (can be exposed via future endpoints)
|
||||
|
||||
* Thu Mar 05 2026 Jacquin Antoine <rpm@arkel.fr> - 1.1.15-1
|
||||
- FIX: ALPN not appearing in logs for packets with truncated/malformed TLS extensions
|
||||
- Add sanitization fallback in extractTLSExtensions (same as fingerprint engine)
|
||||
|
||||
Reference in New Issue
Block a user