beenull/crowdsec
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
731 commits 83 branches 177 tags 151 MiB
Commit graph

47 commits

Author SHA1 Message Date
mmetc
7c0593c659
noop code removal, typos and lint fixes (#1329) 2022-03-09 16:15:18 +01:00
Thibault "bui" Koechlin
b66366c28c
Revert "Handle decisions with varying expiry for same IP (#1262)" (#1308) 
This reverts commit e4f6cdfc14.
 2022-03-04 10:17:31 +01:00
blotus
fb74b2fda7
Improve LAPI performance when under high load (#1273) 2022-02-17 17:52:04 +01:00
Shivam Sandbhor
e4f6cdfc14
Handle decisions with varying expiry for same IP (#1262) 
* Upgrade ent and add sql/modifier in codegen

* update db wrappers to sanitize LAPI

Signed-off-by: Shivam Sandbhor <shivam.sandbhor@gmail.com>
 2022-02-16 15:19:14 +01:00
mmetc
ad28a979e9
local control flow cleanup (#1215) 
removed redundant/unreachable returns, else branches, type declarations, unused variables
 2022-02-01 22:08:06 +01:00
blotus
19323ba4aa
fix crash on upgrade with nil last push field (#1191) 2022-01-20 18:10:40 +01:00
Thibault "bui" Koechlin
cc1ab8c50d
switch to utc time everywhere (#1167) 
* switch to utc time everywhere


Co-authored-by: alteredCoder <kevin@crowdsec.net>
 2022-01-19 14:56:05 +01:00
Thibault "bui" Koechlin
a88848009a
fix default perms for log file (#1177) 
* fix default perms
 2022-01-18 16:54:02 +01:00
Thibault "bui" Koechlin
40ed810c0b
Gin upgrade (#1174) 
* upgrade gin / gin-jwt, and add a new 'trusted_proxies' option to provide trusted CIDRs
 2022-01-17 17:18:12 +01:00
Thibault "bui" Koechlin
6e92da76ad
lapi to capi : allow push of tainted/custom/manual decisions (#1154) 
* add console command to control signal sharing
* modify metrics endpoint to add lastpush

Co-authored-by: alteredCoder <kevin@crowdsec.net>
 2022-01-13 16:46:16 +01:00
blotus
cc72800f50
Update LAPI swagger (#1155) 2022-01-11 16:45:34 +01:00
Thibault "bui" Koechlin
3bca25fd6d
lists support from central api (#1074) 
* lists support from central api

Co-authored-by: Sebastien Blot <sebastien@crowdsec.net>
 2022-01-11 14:31:51 +01:00
blotus
3105897f37
Allow to configure log rotation (#1130) 2021-12-28 11:59:03 +01:00
AlteredCoder
88d06260d7
add cscli decisions import (#1038) 
* add cscli decisions import

Co-authored-by: Sebastien Blot <sebastien@crowdsec.net>
Co-authored-by: bui <thibault@crowdsec.net>
 2021-12-15 11:39:37 +01:00
AlteredCoder
fb54388e93
Fix issue 1033 (#1034) 
* Fix issue 1033
 2021-11-02 12:16:33 +01:00
Thibault "bui" Koechlin
2961a0ed02
ensure machineID is included early enough into the alert (#1004) 2021-10-11 15:02:16 +02:00
AlteredCoder
0ccc69696b
Break on success when alert already has decision (#997) (#999) 
* Break on success when alert already has decision (#997)

Signed-off-by: Shivam Sandbhor <shivam.sandbhor@gmail.com>
 2021-10-05 11:30:34 +02:00
Thibault "bui" Koechlin
68c11dd827
don't try to send/don't notify if plugin chan is nil (#923) 2021-08-31 14:39:32 +02:00
ThinkChaos
448a227079
Minor changes to specific logs (#900) 
- Minor changes to specific logs
- Fix LAPI to not push signals to CAPI when disabled #907
 2021-08-25 18:30:05 +02:00
Thibault "bui" Koechlin
c188d401a3
Improve CAPI pull management (#871) 
* prepare for new consensus : thousands of ips

Co-authored-by: Sebastien Blot <sebastien@crowdsec.net>
 2021-08-25 11:45:29 +02:00
Thibault "bui" Koechlin
950759f6d6
Output plugins (#878) 
* Add plugin system for notifications (#857)
 2021-08-25 11:43:29 +02:00
Nanik
b0746fbc4d
fix: add /health endpoint (#881) 
* fix: add /health endpoint
 2021-08-18 09:06:01 +02:00
Thibault "bui" Koechlin
01028d0a09
Goroutine leak hunt (#874) 
* close the writers of gin loggers + kill the tomb of httpServer

* body close defer
 2021-07-30 11:41:17 +02:00
Thibault "bui" Koechlin
b6ee006078
ensure decisions from CAPI have proper case (#848) 2021-07-02 11:23:46 +02:00
Shivam Sandbhor
f25d02a7c8
Allow bouncers to filter decisions by scope (#817) 
Signed-off-by: Shivam Sandbhor <shivam@crowdsec.net>
 2021-05-31 15:07:09 +02:00
Thibault "bui" Koechlin
bf6b791420
fix #781 - avoid unconsistent body : do not send NbDeleted on error (#812) 2021-05-28 11:17:30 +02:00
he2ss
eb0bd70046
fix #787 : load simulation config at startup (#793) 
* fix #787 : load simulation config at startup
 2021-05-17 11:54:28 +02:00
AlteredCoder
fd830b4293
Fix some bugs (#788) 
* fix config restore

* fix panic on middleware

Co-authored-by: AlteredCoder <AlteredCoder>
 2021-05-07 18:40:01 +02:00
Lars Lehtonen
d86ba98cff
pkg/apiserver: fix dropped error (#700) 
* pkg/apiserver: fix dropped error

* pkg/apiserver: remove unused Context from APIServer{}
 2021-04-07 14:51:00 +02:00
Thibault "bui" Koechlin
4bb34d8e77
fix #723 : intercept http2 stream closed errors (#724) 
* fix #723 : intercept http2 stream closed errors

* factorize the 'dump stacktrace' code
 2021-04-07 14:31:03 +02:00
Thibault "bui" Koechlin
cd06929e75
honor log levels for api : don't log access logs if level is warn/err (#732) 
* honor log levels for api : don't log access logs if level is warn/err

* add basic test for logging of api server
 2021-04-07 11:39:24 +02:00
AlteredCoder
1e899c2211
Refactor configuration management (#698) 2021-03-24 18:16:17 +01:00
Thibault "bui" Koechlin
6d28599efa
Ensure LAPI logs respect log_media (#707) 
* if log_media is set to file, don't try to log to stdout

* use the log media no matter what
 2021-03-22 17:46:55 +01:00
registergoofy
a8b16a66b1
truely don't try to send anything with empty online credentials configuration file (#657) 
* truely don't try to send anything with empty online credentials config file

Co-authored-by: AlteredCoder <AlteredCoder>
 2021-03-02 09:25:12 +01:00
Thibault "bui" Koechlin
7f40160f6e
only set logfile dir if media is file (#615) 2021-02-11 18:28:01 +01:00
blotus
260332c726
Add use_forwarded_for_headers configuration option for LAPI (#610) 
* Add use_forwarded_for_headers configuration option for LAPI

* update documentation
 2021-02-09 19:10:14 +01:00
Thibault "bui" Koechlin
e74f221044
Fix default configurations (#597) 
* fix default perms on SQLite file

* seed the prng securely

* fix defaults to enforce certificates verification

* ensure file is within path

* ensure the directory doesn't exist beforehand

* verify certificate by default

* disable http ip forward headers
 2021-02-02 14:15:13 +01:00
Shivam Sandbhor
36844e50b3
Fix typo in apic.go logs (#592) 2021-01-31 11:42:17 +01:00
AlteredCoder
5544000d38
lapi: fix ipv6 operations (#567) 2021-01-14 16:27:45 +01:00
registergoofy
eda9c03c82
jwt token generation improvement (#557) 
* add some warning comment for those who want to choose their secret
* strictly follow the golang doc for using crypto/rand
* fatal if not enough entropy
* add a check when using pre-choosen secret
 2021-01-07 14:24:53 +01:00
Thibault "bui" Koechlin
f2b30db684
ensure decisions from local or tainted scenarios aren't push, neither are manual decisions (#536) 2020-12-14 12:46:07 +01:00
Thibault "bui" Koechlin
bb679310c7
deal with LAPI down : ensure client will reauthenticate (#527) 
* to avoid keeping apiclient in broken state, reset the token on error
 2020-12-14 11:54:16 +01:00
erenJag
339cb6cce7
update prometheus doc (#509) 2020-12-04 11:24:12 +01:00
erenJag
71325d9134
Improve create alerts input (#493) 
* check decisions start_ip & end_ip fields
 2020-12-01 14:42:53 +01:00
AlteredCoder
c6eb2afa20
push to CAPI in go routine (#489) 
Co-authored-by: AlteredCoder <AlteredCoder>
 2020-11-30 17:46:02 +01:00
Thibault "bui" Koechlin
71ac0d2fce
Apiclient tests (#484) 
Co-authored-by: AlteredCoder
Co-authored-by: erenJag
 2020-11-30 16:15:07 +01:00
Thibault "bui" Koechlin
dbb420f79e
local api (#482) 
Co-authored-by: AlteredCoder
Co-authored-by: erenJag
 2020-11-30 10:37:17 +01:00