Update README.md

Author: pavel-odintsov

README.md

@@ -20,7 +20,7 @@ Author and legal owner: Pavel Odintsov
 
 
 ### Installation
-- [Linux install instructions](https://github.com/pavel-odintsov/fastnetmon/wiki/Install)
+- [Linux install instructions](https://fastnetmon.com/install/)
 - [macOS install instructions](https://formulae.brew.sh/formula/fastnetmon)
 - [FreeBSD port](https://www.freshports.org/net-mgmt/fastnetmon/)
 - [VyOS bundled support](https://vyos.io/)

src/fastnetmon.conf

@@ -17,6 +17,13 @@ logging_remote_syslog_logging = off
 logging_remote_syslog_server = 10.10.10.10
 logging_remote_syslog_port = 514
 
+# To make FastNetMon better we need to know how you use it and what's your software and hardware platform.
+# To accomplish this FastNetMon sends usage information every 1 hour to our statistics server https://community-stats.fastnetmon.com
+# We keep high standards of data protection and you can find our privacy policy here: https://community-stats.fastnetmon.com
+# You can find information which is being sent at GitHub: https://github.com/pavel-odintsov/fastnetmon/search?q=send_usage_data_to_reporting_server
+# If you prefer to disable this capability you need to set following flag to on
+disable_usage_report = off
+
 # Enable/Disable any actions in case of attack
 enable_ban = on
 

src/fastnetmon.cpp

@@ -166,7 +166,7 @@ unsigned int stats_thread_sleep_time = 3600;
 // Delay before we send first report about usage
 unsigned int stats_thread_initial_call_delay = 30;
 
-std::string reporting_server = "community-stats.pavel-odintsov.com";
+std::string reporting_server = "community-stats.fastnetmon.com";
 
 // Each this seconds we will check about available data in bucket
 unsigned int check_for_availible_for_processing_packets_buckets = 1;
@@ -256,6 +256,9 @@ std::vector<flow_spec_rule_t> static_flowspec_based_whitelist;
 std::string graphite_thread_execution_time_desc = "Time consumed by pushing data to Graphite";
 struct timeval graphite_thread_execution_time;
 
+// Run stats thread
+bool usage_stats = true;
+
 void init_global_ban_settings() {
     // ban Configuration params
     global_ban_settings.enable_ban_for_pps              = false;
@@ -2052,6 +2055,16 @@ int main(int argc, char** argv) {
     set_boost_process_name(inaccurate_time_generator_thread, "fast_time");
     service_thread_group.add_thread(inaccurate_time_generator_thread);
 
+    if (configuration_map.count("disable_usage_report") != 0 && configuration_map["disable_usage_report"] == "on") {
+        usage_stats = false;
+    }
+
+    if (usage_stats) {
+        auto stats_thread = new boost::thread(collect_stats);
+        set_boost_process_name(stats_thread, "stats");
+        service_thread_group.add_thread(stats_thread);
+    }
+
     // Run screen draw thread for IPv4
     service_thread_group.add_thread(new boost::thread(screen_draw_ipv4_thread));
 

src/fastnetmon_logic.cpp

@@ -1210,6 +1210,8 @@ void call_blackhole_actions_per_host(attack_action_t attack_action,
                                      const boost::circular_buffer<simple_packet_t>& simple_packets_buffer,
                                      const boost::circular_buffer<fixed_size_packet_storage_t>& raw_packets_buffer) { 
 
+    extern bool usage_stats;
+
     bool ipv4                       = !ipv6;
     std::string client_ip_as_string = "";
 
@@ -1350,6 +1352,11 @@ void call_blackhole_actions_per_host(attack_action_t attack_action,
         }
 #endif
     }
+
+    if (usage_stats) {
+        boost::thread attack_report_thread(send_attack_data_to_reporting_server, basic_attack_information_in_json);
+        attack_report_thread.detach();
+    }
 }
 
 
@@ -1506,7 +1513,7 @@ void traffic_draw_ipv4_program() {
     }
 
     output_buffer << "FastNetMon " << fastnetmon_platform_configuration.fastnetmon_version
-                  << " Author: http://pavel-odintsov.com"
+                  << " Author: https://pavel-odintsov.com"
                   << "\n"
                   << "IPs ordered by: " << sort_parameter << "\n";
 
@@ -3023,6 +3030,182 @@ bool get_instance_id(std::string& instance_id) {
     return true;
 }
 
+void send_usage_data_to_reporting_server() {
+    extern std::string reporting_server;
+    extern total_speed_counters_t total_counters_ipv4;
+    extern total_speed_counters_t total_counters_ipv6;
+
+    // Build query
+    std::stringstream request_stream;
+
+    request_stream << "https://" << reporting_server << "/stats_v1";
+
+
+    std::string stats_json_string;
+
+    try {
+        nlohmann::json stats;
+
+        uint64_t incoming_ipv4 = total_counters_ipv4.total_speed_average_counters[INCOMING].total.bytes;
+        uint64_t outgoing_ipv4 = total_counters_ipv4.total_speed_average_counters[OUTGOING].total.bytes;
+
+        uint64_t incoming_ipv6 = total_counters_ipv6.total_speed_average_counters[INCOMING].total.bytes;
+        uint64_t outgoing_ipv6 = total_counters_ipv6.total_speed_average_counters[OUTGOING].total.bytes;
+
+        stats["incoming_traffic_speed"] = incoming_ipv4 + incoming_ipv6;
+        stats["outgoing_traffic_speed"] = outgoing_ipv4 + outgoing_ipv6;
+
+        stats["incoming_traffic_speed_ipv4"] = incoming_ipv4;
+        stats["outgoing_traffic_speed_ipv4"] = outgoing_ipv4;
+
+        stats["incoming_traffic_speed_ipv6"] = incoming_ipv6;
+        stats["outgoing_traffic_speed_ipv6"] = outgoing_ipv6;
+
+        stats["flows_speed"]            = netflow_ipfix_all_protocols_total_flows_speed;
+        stats["headers_speed"]          = sflow_raw_packet_headers_total_speed;
+        stats["total_hosts"]            = total_number_of_hosts_in_our_networks;
+        stats["cap_plugins"]            = generate_list_of_enabled_capture_engines();
+        stats["speed_calc_time"]        = speed_calculation_time.tv_sec;
+        stats["version"]                = fastnetmon_platform_configuration.fastnetmon_version;
+        stats["virt_method"]            = get_virtualisation_method();
+
+        // We use statically allocated counters in that case
+        stats["hosts_hash_ipv4"] = total_number_of_hosts_in_our_networks;
+
+        ssize_t hosts_hash_size_ipv6 = 0;
+
+        {
+            std::lock_guard<std::mutex> lock_guard(ipv6_host_counters.counter_map_mutex);
+            hosts_hash_size_ipv6 = ipv6_host_counters.average_speed_map.size();
+        }
+
+        stats["hosts_hash_ipv6"] = hosts_hash_size_ipv6;
+
+        bool gobgp = false;
+
+        if (configuration_map.count("gobgp") != 0 && configuration_map["gobgp"] == "on") {
+            gobgp = true;
+        }
+
+        stats["bgp"] = gobgp;
+
+        stats["bgp_flow_spec"] = false;
+
+        bool influxdb = false;
+
+        if (configuration_map.count("influxdb") != 0 && configuration_map["influxdb"] == "on") {
+            influxdb = true;
+        }
+
+        stats["influxdb"] = influxdb;
+
+        stats["clickhouse_metrics"] = false;
+        stats["traffic_db"]         = false;
+        stats["prometheus"]         = false;
+
+        std::string cpu_model;
+        get_cpu_model(cpu_model);
+
+        stats["cpu_model"]         = cpu_model;
+
+        stats["cpu_logical_cores"] = get_logical_cpus_number();
+
+        // Mbytes
+        stats["memory_size"] = get_total_memory();
+
+        std::string kernel_version = "unknown";
+
+        if (!get_kernel_version(kernel_version)) {
+            logger << log4cpp::Priority::ERROR << "Cannot get Linux kernel version";
+        }
+
+        stats["kernel_version"] = kernel_version;
+
+        std::vector<std::string> cpu_flags;
+
+        if (!get_cpu_flags(cpu_flags)) {
+            logger << log4cpp::Priority::ERROR << "Cannot get CPU flags";
+        }
+
+        stats["cpu_flags"] = cpu_flags;
+
+        std::string linux_distro_name = "unknown";
+
+        if (!get_linux_distro_name(linux_distro_name)) {
+            logger << log4cpp::Priority::ERROR << "Cannot get Linux distro name";
+        }
+
+        stats["linux_distro_name"] = linux_distro_name;
+
+        std::string linux_distro_version = "unknown";
+
+        if (!get_linux_distro_version(linux_distro_version)) {
+            logger << log4cpp::Priority::ERROR << "Cannot get Linux distro version";
+        }
+
+        stats["linux_distro_version"] = linux_distro_version;
+
+        std::string instance_id;
+
+        if (get_instance_id(instance_id)) {
+            stats["instance_id"] = instance_id;
+        } else {
+            // OK, it's optional
+        }
+
+        stats_json_string = stats.dump();
+    } catch (...) {
+        logger << log4cpp::Priority::ERROR << "Failed to serialise stats";
+        return;
+    }
+
+    // It's fair to show but we will expose our delay. We need to make delay random first
+    // logger << log4cpp::Priority::DEBUG << "Preparing to send following information to telemetry server " << request_stream.str();
+
+    uint32_t response_code = 0;
+    std::string response_body;
+    std::string error_text;
+
+    std::map<std::string, std::string> headers;
+
+    // I think we need to do it to make clear about format for remote app
+    headers["Content-Type"] = "application/json";
+
+    // Just do it to know about DNS issues, execute_web_request can do DNS resolution on it's own
+    std::string reporting_server_ip_address = dns_lookup(reporting_server);
+
+    if (reporting_server_ip_address.empty()) {
+        logger << log4cpp::Priority::DEBUG << "Stats server resolver failed, please check your DNS";
+        return;
+    }
+
+    bool result = execute_web_request_secure(request_stream.str(), "post", stats_json_string, response_code,
+                                             response_body, headers, error_text);
+
+    if (!result) {
+        logger << log4cpp::Priority::DEBUG << "Can't collect stats data";
+        return;
+    }
+
+    if (response_code != 200) {
+        logger << log4cpp::Priority::DEBUG << "Got code " << response_code << " from stats server instead of 200";
+        return;
+    }
+}
+
+
+void collect_stats() {
+    extern unsigned int stats_thread_initial_call_delay;
+    extern unsigned int stats_thread_sleep_time;
+
+    boost::this_thread::sleep(boost::posix_time::seconds(stats_thread_initial_call_delay));
+
+    while (true) {
+        send_usage_data_to_reporting_server();
+        boost::this_thread::sleep(boost::posix_time::seconds(stats_thread_sleep_time));
+    }
+}
+
 // Adds total traffic metrics to Prometheus endpoint
 void add_total_traffic_to_prometheus(const total_speed_counters_t& total_counters, std::stringstream& output, const std::string& protocol_version) {
     std::vector<direction_t> directions = { INCOMING, OUTGOING, INTERNAL, OTHER };
@@ -3288,3 +3471,43 @@ std::string get_human_readable_attack_detection_direction(attack_detection_direc
         return "unknown";
     }
 }
+
+// Sends attack information to reporting server
+void send_attack_data_to_reporting_server(const std::string& attack_json_string) {
+    extern std::string reporting_server;
+
+    // Build query
+    std::stringstream request_stream;
+
+    request_stream << "https://" << reporting_server << "/attacks_v1";
+
+    uint32_t response_code = 0;
+    std::string response_body;
+    std::string error_text;
+
+    std::map<std::string, std::string> headers;
+
+    // I think we need to do it to make clear about format for remote app
+    headers["Content-Type"] = "application/json";
+
+    // Just do it to know about DNS issues, execute_web_request can do DNS resolution on it's own
+    std::string reporting_server_ip_address = dns_lookup(reporting_server);
+
+    if (reporting_server_ip_address.empty()) {
+        logger << log4cpp::Priority::DEBUG << "Stats server resolver failed, please check your DNS";
+        return;
+    }
+
+    bool result = execute_web_request_secure(request_stream.str(), "post", attack_json_string, response_code,
+                                             response_body, headers, error_text);
+
+    if (!result) {
+        logger << log4cpp::Priority::DEBUG << "Can't collect attack stats data";
+        return;
+    }
+
+    if (response_code != 200) {
+        logger << log4cpp::Priority::DEBUG << "Got code " << response_code << " from stats server instead of 200";
+        return;
+    }
+}