Skip to content

v0.9.3
Compare
Choose a tag to compare
@mosajjal mosajjal released this 18 Apr 01:04
· 194 commits to main since this release
v0.9.3
04a4ca5
This commit was signed with the committer’s verified signature.
mosajjal Ali
GPG key ID: 1031870842DEF016
Learn about vigilant mode.

Notable Changes:

  • Brand new documentation dnsmonster.dev
  • Capture now accepts dash (---pcapFile=-) as a more elegant solution to #9
  • Dev container populated for each commit (docker pull ghcr.io/mosajjal/dnsmonster:dev)
  • Fixed a bug in dnstap pushing data to ClickHouse when the IP address is omitted
  • SIGPIPE is now handled gracefully in Linux
  • Major performance improvements to skipDomains and allowDomains. dnsmonster no longer uses a basic suffix and prefix string match. Instead, it uses a Ternary Search Tree to provide a much faster solution. I've tested Cisco Umbrella 1M against my test pcap as suffix matching. and there was almost no performance degredation! A small sample of the csv:
$ head top-1m-umbrella.csv
google.com.,suffix
www.google.com.,suffix
microsoft.com.,suffix
netflix.com.,suffix
data.microsoft.com.,suffix
ftl.netflix.com.,suffix
prod.ftl.netflix.com.,suffix
events.data.microsoft.com.,suffix
api-global.netflix.com.,suffix
safebrowsing.googleapis.com.,suffix

Full Changelog: v0.9.2...v0.9.3

Assets 6
Loading
0 Join discussion