code_public/ja4sentinel
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
79 Commits 1 Branch 0 Tags
bd45344d191236bd03f58927093baa3a74e3ba19
Commit Graph

7 Commits

Author SHA1 Message Date
toto
bd45344d19 v1.1.11: Fix exclude_source_ips config loading and debug logging 
Major fixes:
- Add exclude_source_ips to mergeConfigs() - config file values now properly loaded
- Add validation for exclude_source_ips (IP/CIDR format validation)
- Remove JA4SENTINEL_LOG_LEVEL env var from systemd service
- Config file log_level now respected without env override

Debug logging improvements:
- Log IP filter entries at startup (debug mode)
- Track filtered packet count with atomic counter
- Display filter statistics at shutdown via GetFilterStats()
- New debug logs in tlsparse component

Testing:
- Add 6 new unit tests for exclude_source_ips and log_level config loading
- Test mergeConfigs() behavior with empty/override values
- Test validation of invalid IPs and CIDR ranges

Documentation:
- Update architecture.yml with ipfilter module
- Document config loading priority and notes
- Update api.Config fields (LocalIPs, ExcludeSourceIPs, LogLevel)

Files changed:
- internal/config/loader.go (merge, validation, helpers)
- internal/config/loader_test.go (6 new tests)
- internal/tlsparse/parser.go (GetFilterStats, counter)
- cmd/ja4sentinel/main.go (debug logging)
- packaging/systemd/ja4sentinel.service (remove env var)
- architecture.yml (ipfilter module, config_loading section)

Co-authored-by: Qwen-Coder <qwen-coder@alibabacloud.com>
 2026-03-04 15:55:00 +01:00
Jacquin Antoine
52c9f2f6f4 feat: add logrotate support with SIGHUP signal handling
Some checks failed
Build RPM Package / Build RPM Packages (CentOS 7, Rocky 8/9/10) (push) Has been cancelled
Details 
- Add Reopenable interface in api/types.go for log rotation support
- Add FileWriter.Reopen() method to reopen log files after rotation
- Add MultiWriter.Reopen() method to propagate rotation to all writers
- Update main.go to handle SIGHUP signal for systemctl reload
- Add logrotate configuration file (packaging/logrotate/ja4sentinel)
- Update systemd service with ExecReload for graceful rotation
- Update architecture.yml with logrotate documentation
- Update RPM spec and Dockerfile.package to include logrotate files
- Bump version to 1.1.0

Co-authored-by: Qwen-Coder <qwen-coder@alibabacloud.com>
 2026-03-02 20:50:47 +01:00
Jacquin Antoine
fd162982d9 v1.0.8: Add configurable log level and immediate service stop
Some checks failed
Build RPM Package / Build RPM Packages (CentOS 7, Rocky 8/9/10) (push) Has been cancelled
Details 
- Add log_level config option (debug, info, warn, error)
- Add JA4SENTINEL_LOG_LEVEL environment variable support
- Set TimeoutStopSec=2 for immediate stop on restart/stop
- Consolidate config files into single example (config.yml.example)
- Update RPM changelog

Co-authored-by: Qwen-Coder <qwen-coder@alibabacloud.com>
 2026-03-01 02:51:11 +01:00
Jacquin Antoine
dcd6bd0a94 feat: add systemd sdnotify support (ready, watchdog, stopping)
Some checks failed
Build RPM Package / Build RPM Packages (CentOS 7, Rocky 8/9/10) (push) Has been cancelled
Details 
- Add github.com/coreos/go-systemd/v22/daemon dependency
- Signal SdNotifyReady after configuration is loaded
- Start watchdog goroutine that pings systemd every WatchdogSec/2
- Signal SdNotifyStopping during graceful shutdown
- Update systemd unit file:
  - Type=notify (instead of simple)
  - WatchdogSec=30 (auto-restart if service hangs)
  - NotifyAccess=main (only main process can notify)

Benefits:
- systemd knows when service is truly ready
- Automatic detection of hung/frozen service
- Better integration with systemd supervision
- More accurate service status reporting

Co-authored-by: Qwen-Coder <qwen-coder@alibabacloud.com>
 2026-03-01 01:06:20 +01:00
Jacquin Antoine
b137b3df85 fix(packaging): run service as root for packet capture
Some checks failed
Build RPM Package / Build RPM Packages (CentOS 7, Rocky 8/9/10) (push) Has been cancelled
Details 
- Change systemd service to run as root instead of ja4sentinel user
- Remove user/group creation from RPM spec (%pre script)
- Update %post to set root:root ownership on directories
- Adjust security hardening for root execution (ProtectSystem=strict)
- Add ReadWritePaths for writable directories

Fixes: systemd error 'Failed at step USER spawning /usr/bin/ja4sentinel: No such process'

Co-authored-by: Qwen-Coder <qwen-coder@alibabacloud.com>
 2026-03-01 00:14:23 +01:00
Jacquin Antoine
86649b1630 feat: generate RPM packages for CentOS 7, Rocky Linux 8/9/10
Some checks failed
Build RPM Package / Build RPM Package (Rocky Linux) (push) Has been cancelled
Details
Build DEB Package / Build DEB Package (Debian/Ubuntu) (push) Has been cancelled
Details 
- Update Dockerfile.package to build RPMs for multiple distributions
  using a unified fpm-based approach
- Add RPM maintainer scripts (postinst, prerm, postrm) for proper
  installation and service management
- Update ja4sentinel.spec for CentOS 7+ compatibility
- Add packaging/systemd/config.yml as default configuration
- Update test-rpm.sh to test installation on all 4 target distributions
- Fix CentOS 7 repository configuration (EOL - vault.centos.org)

Generated RPMs:
- el7: CentOS 7 (libpcap >= 1.4.0)
- el8: Rocky Linux 8 (libpcap >= 1.9.0)
- el9: Rocky Linux 9 (libpcap >= 1.9.0)
- el10: AlmaLinux 10 / Rocky Linux 10 (libpcap >= 1.9.0)

Co-authored-by: Qwen-Coder <qwen-coder@alibabacloud.com>
 2026-02-28 17:02:58 +01:00
Jacquin Antoine
61bf05454e feat: CI/CD pour packages .deb et .rpm + tests d'installation 
Nouveaux workflows GitHub Actions:
- .github/workflows/build-deb.yml : Build et release DEB sur Ubuntu
- .github/workflows/build-rpm.yml : Build et release RPM sur Fedora
- Déclenchement sur tags v*, push main/master, workflow_dispatch
- Upload des artifacts et création automatique de release

Système de build de packages:
- packaging/build-deb.sh : Script de build .deb avec sanitization version
- packaging/build-rpm.sh : Script de build .rpm (via Docker)
- packaging/Dockerfile.deb : Container Ubuntu 22.04 pour build DEB
- packaging/Dockerfile.rpm : Container Go 1.24 + rpm pour build RPM

Fichiers de configuration systemd:
- packaging/systemd/ja4sentinel.service : Unit avec security hardening
  * NoNewPrivileges, ProtectSystem, ProtectHome
  * CAP_NET_RAW, CAP_NET_ADMIN pour packet capture
- packaging/systemd/config.yml : Configuration par défaut

Scripts mainteneur DEB:
- packaging/deb/postinst : Création user/group, dirs, config
- packaging/deb/prerm : Stop service avant upgrade/remove
- packaging/deb/postrm : Cleanup complet en purge

Spec file RPM:
- packaging/rpm/ja4sentinel.spec : Spec complet avec dependencies
  * Requires: systemd, libpcap
  * %pre/%post/%preun/%postun scripts

Tests d'installation dans containers:
- packaging/test/test-deb.sh : Build + test Docker Ubuntu
- packaging/test/test-rpm.sh : Build + test Docker Fedora
- packaging/test/test-install-deb.sh : 11 tests automatisés
- packaging/test/test-install-rpm.sh : 11 tests automatisés
- Dockerfile.deb/rpm : Containers de test dédiés

Makefile:
- package-deb : Build .deb
- package-rpm : Build .rpm via Docker (no-cache)
- package : Build les deux
- test-package-deb : Build + test installation DEB
- test-package-rpm : Build + test installation RPM
- test-package : Test les deux packages

Tests:
-  DEB: 11/11 tests passés (binaire, config, service, user, dirs)
-  RPM: Build réussi (3.3 MB)
- Version sanitization pour git tags (ex: efd4481-dirty → 0.0.0+efd4481-dirty)

Co-authored-by: Qwen-Coder <qwen-coder@alibabacloud.com>
 2026-02-25 21:05:23 +01:00