You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
This commit was created on GitHub.com and signed with GitHub’s verified signature.
The key has expired.
Added update socket to the provisioner, which allows new intercept configuration to be pushed to the provisioner via a REST API. As part of this change, any intercept-related configuration (including IP and VOIP intercepts, RADIUS core servers, SIP servers and agency details) has now been moved into a separate configuration file, which will be managed directly by the provisioner. Configuration changes made using the REST API will be written into this file by the provisioner as soon as they are enacted. Any intercept-related configuration remaining in the provisioner configuration file after upgrading to 1.0.4 will be ignored.
UMTS (mobile) intercepts are now supported, based on sessions established using GTP. GTP + the IP for the target's sessions must be fed into a collector, much like you would do for RADIUS + IP for a conventional IP intercept. The validity of the resulting encoded UMTS records is not yet confirmed with an LEA, so please consider this feature to still be "in beta". Feedback from both operators and LEAs on this feature would be more than welcome.
Allow RADIUS Calling-Station-ID AVP to be used to determine the user identity for a RADIUS stream (either in addition to or in place of the standard Username AVP).
Add configuration option to list "default" RADIUS usernames that should not be treated as genuine user identities (useful for operators relying on Calling-Station-ID for identity instead).
If an LEA is withdrawn, the mediator will now disconnect its handovers to that LEA.
Allow multiple concurrent RADIUS sessions for a given user (e.g. a concurrent IPv4 and IPv6 session should now each produce their own HI2 streams).
Allow multiple concurrent IP intercepts for the same JMirror or ALUShim session.
Fixed bug where starting a collector with systemd would fail if using a DPDK or DAG device as a packet source.
Fixed memory leaks in the collector forwarding code.
Fixed bug where CINs for Jmirror intercepts were inconsistent across HI2 and HI3.
Fixed bug where mediators were accepting client connections after they had been told to halt.
Fixed bug where a static IP range that was being stored by the collector could become invalid after being modified.
Fixed bugs that were preventing large UDP SIP messages from being correctly reassembled.
Improved logging of connection status between the mediator and handover clients.
The keep alive response timeout must now be less than or equal to the keep alive frequency.
Improve mediator performance by rate-limiting keep alive timer resets to one per second.
Fix concurrency issues on the mediator related to newly-connected handovers.
Fix crash when flushing a pcap output file that has not been given any packets to write yet.
Fix excessive logging in mediator when an LEA has been disabled or removed by the provisioner.
Fix bug where modifications to the configured LEA for an IP intercept would only remove the existing LEA and not add the new one.
Fixed assertion failure that could trigger in the mediator if a client handover failed to respond to a keepalive.
Prevent mediator from sending any new data to a client handover as long as there is an unanswered keepalive.
Do not start the keep alive response timer until after a successful send() of the keep alive message.
