After more than one year since the latest stable release, we are glad to announce cento 1.6-stable. This new release brings stability, fixes and several new features.
Among the new features, it is worth mentioning that:
- Flows can be exported in a standardized JSON to text files.
- By default, a user
cento
runs and owns both the process and process files. This makes running cento more secure than using root. In addition, any user in the system can be used to run cento. - A capture direction can be indicated so that cento will capture only TX, only RX, or both directions, depending on what has been specified.
- Traffic counters can now be dumped in a second-by-second fashion to increase the traffic visibility as it has already done in nProbe.
Here is the full list of changes:
- Main New Features
- Ability to configure multiple netflow collectors with load-balancing
- Support for Ubuntu 18
- Added PEN to JSON fields
- Added heuristic for handling DNS response dissection
- HTTP dissection and export in textual flows
- Check drop stats for the egress aggregated queue in case of multiple threads
- Running cento process as cento by default, falling back to nobody if it does not exist
- Print Kafka metadata
- New Options
- Implemented
--dump-second-counters
for dumping (-P
) second counters - Added
--dump-json-format
to dump text files in JSON (instead of text) format --unprivileged-user|-u <username>
to run cento with any given user- Added VxLAN support with
--tunnel
- Added new
--capture-direction
to capture from TX, RX or both directions - Added
-K
to set kernel cluster id - New
--timestamp-format option
- Implemented
- Fixes
- Fixed segfault fix with Kafka on ubuntu 14
- Fixes for ZC interfaces with RSS enabled in bridge mode
- IPV6 export fixes
- Packet slicing fixes (aggregated egress queues)
- Added missing DNS response code handlingFixed DNS response dissection in uDPI
- Added fix for “remembering” the L7 protocol in case a flow lasts too long
- Added optimization to avoid reprocessing DPI when taken from the previous flow fragment
- Fixes broken non-systemd cento control due to missing pid file
- Fixes systemd / non-systemd packages installation