---
- branch: MAIN
  date: Mon May 25 20:26:51 UTC 2020
  files:
  - new: '1.43'
    old: '1.42'
    path: pkgsrc/net/ntopng/Makefile
    pathrev: pkgsrc/net/ntopng/Makefile@1.43
    type: modified
  - new: '1.5'
    old: '1.4'
    path: pkgsrc/net/ntopng/PLIST
    pathrev: pkgsrc/net/ntopng/PLIST@1.5
    type: modified
  - new: '1.7'
    old: '1.6'
    path: pkgsrc/net/ntopng/distinfo
    pathrev: pkgsrc/net/ntopng/distinfo@1.7
    type: modified
  - new: '1.5'
    old: '1.4'
    path: pkgsrc/net/ntopng/patches/patch-configure.seed
    pathrev: pkgsrc/net/ntopng/patches/patch-configure.seed@1.5
    type: modified
  - new: '1.2'
    old: '1.1'
    path: pkgsrc/net/ntopng/patches/patch-include_Redis.h
    pathrev: pkgsrc/net/ntopng/patches/patch-include_Redis.h@1.2
    type: modified
  - new: '1.1'
    old: '0'
    path: pkgsrc/net/ntopng/patches/patch-src_Flow.cpp
    pathrev: pkgsrc/net/ntopng/patches/patch-src_Flow.cpp@1.1
    type: added
  - new: '1.1'
    old: '0'
    path: pkgsrc/net/ntopng/patches/patch-src_SyslogCollectorInterface.cpp
    pathrev: pkgsrc/net/ntopng/patches/patch-src_SyslogCollectorInterface.cpp@1.1
    type: added
  - new: '0'
    old: '1.1'
    path: pkgsrc/net/ntopng/patches/patch-src_NetworkInterface.cpp
    pathrev: pkgsrc/net/ntopng/patches/patch-src_NetworkInterface.cpp@0
    type: deleted
  - new: '1.3'
    old: '1.2'
    path: pkgsrc/net/ntopng/patches/patch-src_Redis.cpp
    pathrev: pkgsrc/net/ntopng/patches/patch-src_Redis.cpp@1.3
    type: modified
  - new: '1.4'
    old: '1.3'
    path: pkgsrc/net/ntopng/patches/patch-src_Utils.cpp
    pathrev: pkgsrc/net/ntopng/patches/patch-src_Utils.cpp@1.4
    type: modified
  id: 20200525T202651Z.63f5244528ad69c4f6ad68172f91cb08aec89eb1
  log: |
    ntopng: updated to 4.0

    ntopng 4.0:

    Breakthroughs

    * Plugins engine to tap into flows, hosts and other network elements
    * Migration to Bootstrap 4 and Font Awesome 5 for a renewed ntopng look-and-feel with light and dark themes
    * Processes and containers monitoring thanks to the eBPF integration via libebpfflow https://github.com/ntop/libebpfflow
    * Active monitoring of hosts ICMP/ICMPv6/HTTP/HTTPS Round Trip Times (RTT)

    New features
    * X.509 client certificate authentication
    * ERSPAN transparent ethernet bridging
    * Webhook export module for exporting alarms
    * Identifications of the hosts in broadcast domain
    * Category Lists editor to manage ip/domain lists
    * Handling of PEN fields from nProbe
    * Added anomalous flows to the looking glass
    * Visibility of ICMP port-unreachable flows IPv4
    * TCP states filtering (est., connecting, closed and rst)
    * Ability to serialize local hosts in the broadcast domain via MAC address
    * Japanese, portugese/brazilian localization
    * Added process memory, cpu load, InfluxDB, Redis status pages and charts
    * Implement ntopng Plugins, self contained modules to extend the ntopng functionalities
    * Implement ZMQ/Suricata companion interface
    * SSL traffic analysis and alerts via JA3 fingerprint, unsafe ciphers detection
    * SSH traffic analysis and alerts via HASSH fingerprint
    * Host traffic profile generation via the (MUD) Manufacturer Usage Descriptor
    * Experimental Prometheus timeseries export
    * Introduce the System interface to manage system wide settings and status
    * Read events from Suricata and generate alerts
    * SNMP network topology visualization
    * Automatic ntopng update check and upgrade
    * Calculate host anomaly score and trigger alerts when it exceeds a threshold
    * Add ability to extract timeseries data with a click
    * Initial Marketplace droplet using Fabric
    * Alerts on duplex status change on SNMP interface

    Improvements
    * View interfaces are now optimized for big networks and use less memory
    * Systemd macros are now used to start/restart the ntopng services
    * Handles n2disk traffic extractions from recording processes non managed by ntopng
    * Interface in/out now available also for non PF_RING interfaces (read from /proc)
    * Automatic InfluxDB rollup support
    * MDNS discovery improvements
    * Rework of the alerts engine and api for efficient engaged alerts triggering
    * Faster ZMQ communication to nProbe thanks to the implementation of a binary TLV format
    * Stats update for ZMQ interfaces is now based on the idle/active flows timeout
    * Timeseries export improvements via queues, detect if InfluxDB is down and stop the export
    * Implemented reusable Lua engine to reduce the overhead of periodic scripts
    * Improve Lua error handling
    * Exclude certain categories from Elephant/Long lived flows alerts

    nEdge
    * Ability to set up port forwarding
    * Support for Ubuntu 18.04
    * Fix users and other prefs deleted during nEdge data reset
    * Japanese localization
    * Block unsupported L3 protocols (currently only ARP and IPv4 are supported)
    * DNS mapping port to avoid conflicts with system programs

    Fixes
    * Fixed export to mysql on shutdown in case of Pcap file in community mode
    * Fixed failing SYN-scan detection
    * Fixed ZMQ decompression errors with large templates
    * Fixed possible XSS in login.lua referer param and `runtime.lua`
    * Update geolocation due to changes in the library usage policy
    * Fixes to support browsers dark mode
    * Option `--zmq-encryption-key <pub key>` can be used with `-I <endpoint>` to encrypt data hi hierarchical mode
    * Fixed nIndex missing data while performing some queries and throughput calculation
  module: pkgsrc
  subject: 'CVS commit: pkgsrc/net/ntopng'
  unixtime: '1590438411'
  user: adam