Shannon Weyrick

icon indicating a website link https://netboxlabs.com icon indicating an email [email protected]

icon company NetBox Labs icon location CTO @netboxlabs

Results 37 issues of Shannon Weyrick

improve pktvisor container usage docs

make it clearer that pktvisor container needs an argument, especially wrt docker compose. don't use `any` in examples as interface. and docker compose example

documentation

PCAP input: handle tcp reassembly errors better

the input module calls reassemblePacket() on TCP packets but ignores the result of that call. instead it needs to capture and use the result to determine if the packet was...

bug
input-pcap

better error handling of timeout in cli

right now it panics after 5 secs

bug

visor::module namespace for modules

1 comment

currently modules are in the base visor name space, this will provide a cleaner separation once there are more modules

pktvisord

logging and error message improvements

* check the flush time so that tailing is possible * syslog doesn't work on all platforms? or if it's unavailable, it needs to fail * "unable to bind host/port"...

bug

daemonize improvements

existing daemonize implementation does not seem to work properly on all distributions * a fork is successful (PID message shows) but it silently exits (see #84)

bug

DNS/NET module: option to anonymize PII

enhancement
handler-net
handler-dns

DNS module: destination IP, top N

Because the host may represent a range of IPs, we may be interested in which are being targeted most. Currently we support only source IP top N

enhancement
good first issue
handler-dns

CLI UI: optionally reverse DNS for IPs in the top lists

enhancement
good first issue
cli

CLI UI: highlight changes in order on the top lists, a la top

enhancement
good first issue
cli