Changes:

• Switched to C++ 20
• Unified IPv4 and IPv6 host counters to use high efficient hash based counters to store per host traffic
• Introduced Terms and Conditions and updated Privacy Policy documents
• Added support for bi-directional flows used by Cisco ASA
• Added dozens of new fields for IPFIX
• Full refactoring of Netflow plugin
• Enabled process_outgoing_traffic and process_incoming_traffic configuration options for IPv6 traffic.
• Added instance ID reporting to analytics report to distinguish different instances behind NAT
• Reworked packet parser to avoid data modification in buffer during parsing process
• Unified InfluxDB host traffic export logic with templates
• Added complete BGP Unicast IPv4 and IPv6 implementation for native BGP operations

To install / upgrade please use:

wget https://install.fastnetmon.com/installer -Oinstaller
sudo chmod +x installer
sudo ./installer -install_community_edition

Changes:

• Official ARM64 support for Debian, Ubuntu and RedHat platforms and official binary builds
• Automated installation for Grafana and InfluxDB with dozens of pre-defined dashboards
• Disabled PID logic by default, no need to use --disable_pid_logic Can be enabled explicitly using --pid_logic
• GoBGP upgrade to 3.12
• Ability to compile FastNetMon for Windows Server platforms
• log4cpp upgrade to 1.1.4
• New set of performance metrics for AF_PACKET
• New binary dependency caching logic to speed up CI builds

To install / upgrade please use:

wget https://install.fastnetmon.com/installer -Oinstaller
sudo chmod +x installer
sudo ./installer -install_community_edition

New features:

• Native Prometheus support
• Option to send all traffic in JSON format to Kafka
• Option to send all traffic in Protobuf format to Kafka

Bugfixes:

• Reworked speed reporting calculation to monotonic time to address crashes during time adjustments

New platforms support:

• Added Debian 12 (future release) support

Improvements:

• Migrated to stand alone libbpf 1.0.1 from in kernel version
• Added emojis to README, yay
• Added option for build system to store binary versions of libraries on S3 to reduce build time
• Added option to verify checksums for all dependencies to detect any alteration attempts
• Added absl, zlib, c-ares, re2 as dependencies for gRPC
• Switched gRPC to use cmake based build
• Added help command for fastnetmon_api_client
• Reworked Boost install process to use b2 install instead of building stage in place
• Switched cmake to use system libraries by default for build procedure to offer better developer experience
• Removed dependency on libatomic1 as it's not required on x86_64 platforms
• Added XDP microcode to use with FastNetMon
• Added rdkafka and cppkafka as optional dependencies
• Complete redesign of speed counters for IPv4 prefixes and IPv6 hosts and networks

For install or upgrade please use our official installer tool.

New capabilities:

• Added new AF_XDP plugin for high efficient XDP based traffic capture
• Added IPv6 support for sFlow plugin
• Added configuration option logging_level to control log level between info and debug

Changes:

• Switched systemd unit files to use simple daemon type and disabled our own forking logic
• Reworked very error prone and complicated to use and maintain json-c to modern nlohmann/json
• Reworked IPv4 per network counters to completely new unified counters logic
• Removed ExaBGP backed Flow Spec implementation due to API compatibility issues
• We deprecated configuration field notify_script_pass_details and enabled it by default. You need to read stdin attack information for both ban and attack_details actions
• Reduced number of packets for attack confirmation from 50 to 20 as 50 is too much for sampled protocols
• Complete migration to new high efficient native C++ network packet parser which has full support of IPv6 and GRE tunnelling
• Reworked total traffic counters to use unified class total_speed_counters_t
• Switched HTTPS client to use TLS instead of outdated SSL
• Add logic to export usage statistics with goal to learn more about customer platforms and most popular features in FastNetMon. It can be disabled using configuration option: disable_usage_report = on
• Breaking change in logging configuration, we replaced our snowflake 'logging:' prefix by standard 'logging_'
• Added logic to catch stacktrace in case of segmentation fault
• Added logic to restart FastNetMon in case of failures using systemd capability: Restart=on-failure
• Improved statistics for AF_PACKET
• Addressed race condition in API logic for unban and ban operations

Dependencies:

• Removed dependency on json-c
• Upgrade OpenSSL to 1.1.1q
• Upgrade Boost to 1.80
• Added dependency on libelf (AF_XDP plugin)
• Added dependency on libbpf (AF_XDP plugin)

New platforms:

• Added support for RHEL 9, Alma Linux 9, Rocky Linux 9
• We're part of Fedora Upstream (Rawhide, 35, 36)
• Added upstream support for Homebrew and MacOS builds
• Deprecated Ubuntu 14.04. The last version which supports Ubuntu 14.04 is 1.2.1.
• We're back in Debian upstream

Changes:

• Upgrade our custom gcc compiler to latest version available: 12.1.0
• Switched FastNetMon to C++ 20
• Reworked convert_timeval_to_date to std::put_time to avoid low level snprintf manipulations
• Reworked Patricia code to be more C++ compliant
• Added logic to log only to console to use native systemd logging facilities with flag --log_to_console
• Added new flag disable_pid_logic which disables PID writing and checking logic. It's legacy for init based distros and we do not need it for modern distributions
• Added explicit error if we cannot create socket for AF_PACKET
• Debian upstream build system was moved to Debian Salsa
• Moved all FastNetMon Community files to /opt/fastnetmon-community
• Upgrade GoBGP to 2.27
• Moved all binaries to /opt/fastnetmon-community/app/bin
• Upgrade Boost 1.74 to 1.78
• Upgrade json-c to 0.13.1 20180305
• Added logic to fix set_boost_process_name compilation on Apple platforms
• Ported libsflow to our unified endian-less conversion library

To install / upgrade please use:

wget https://install.fastnetmon.com/installer -Oinstaller
sudo chmod +x installer
sudo ./installer -install_community_edition

Changes

• Added configuration options to control how often we export traffic to InfluxDB: influxdb_push_period
• Added configuration option to control how often we export traffic to Graphite: graphite_push_period = 1
• Added GoBGP 2.17 as part of our binary package
• Added experimental logic for Netflow v9 Lite
• Add support for Discord notifications via script contributed by amit17
• Deprecated and removed DPI logic as we focus only on L3 and L4 protocols
• Deprecated CentOS 6 for new versions, last support which supports it will be 1.2.0
• Deprecated Debian 8 for new versions, last support which supports it will be 1.2.0
• Added support for Debian 11 and Ubuntu 22.04
• Deprecated PF_RING plugin for new versions. We switched to AF_PACKET which is completely open source and works way better
• Switched fastnetmon_client to use sort by mbits by default for consistency between editions
• Deprecated Netmap support for all new Linux releases. It may be enabled manually on FreeBSD which has native support for it
• Improved code style and reformatted code with clang-format
• Replaced unsafe call of printw by format-less addstr
• Added logic to build bindings files for capnp during build process. Addresses issue with inability to build on platforms with different version of capnp installed
• Switched to C++ 17 by default to use latest development in language
• Upgrade log4cpp to 1.1.3 to address C++ 17 compatibility
• Added official Docker image powered by GitHub's Docker registry
• Performance optimisations for sFlow logic
• Implemented logic to parse IPv4 samples for sFlow plugin. Some agents such as hsflowd use this kind of encoding
• Created our security policy
• Added logic to search Protobuf gRPC compiler plugin using find_program
• Moved NO_DEFAULT_PATH to variable and added configuration option to control it. It's very useful for upstream builds
• Disabled RPATH alterations when DO_NOT_USE_SYSTEM_LIBRARIES_FOR_BUILD is not set
• Extended LimitNOFILE to 65535 as we may have pretty large number of active attack notification
• Removing bundled Netmap header files as they cause issues with compatibility when Netmap driver has different version.
• Upgrade {fmt} to 8.0.0 to address issue with build on Debian bullseye
• Updated Fedora spec to prepare upstreaming

To install / upgrade please use:

wget https://install.fastnetmon.com/installer -Oinstaller
sudo chmod +x installer
sudo ./installer -install_community_edition

• Native InfluxDB support
• IPFIX sampling support
• Netflow v9 plugin reliability improvements (infinite loop prevention logic)
• Netflow / IPFIX plugin performance optimisations

Before using InfluxDB you need to create database using influx tool:
# create database fastnetmon

Then configure it in /etc/fastnetmon.conf:
# InfluxDB
influxdb = on
influxdb_host = 127.0.0.1
influxdb_port = 8086
influxdb_database = fastnetmon

# InfluxDB auth
influxdb_auth = off
influxdb_user = fastnetmon
influxdb_password = secure

• Added option sflow_read_packet_length_from_ip_header to use packet length from header instead of sFlow field
• Added logic to ban / unban IPv6 hosts manually via API and fastnetmon_api_client
• Added logic to announce / withdraw announces about IPv6 hosts

• Complete IPv6 support for mirror, Netflow and IPFIX modes
• Support for BGP communities for announces over GoBGP (recommended BGP daemon)
• Mikrotik plug-in upgrade to support latest RouterOS auth methods
• Switched to using own version of OpenSSL
• Added cap'n'p dependency for new traffic streaming logic
• Switch to custom compiler (GCC 9.3) for all platforms
• Switch to C++ 14
• Switched to custom version of MongoC
• Added command line flag documentation for build / install scripts
• Significant code refactoring and modularisation
• Added logic to track return code from notify script calls
• Preparation to CentOS 6 support deprecation (EOL since November 30th, 2020)

• Completely new Netflow and IPFIX plugin which significantly improves performance, compatibility and security of protocol support
• Added support for sampled Netflow v9
• Completely new sFlow v5 plugin which significantly improves performance, compatibility and security of protocol support
• Completely new packet parser
• Deprecated sFlow v4
• Switched to C++ 11 on all platforms
• Made option to read list of networks from OpenVZ configurable and disabled it by default