-
Notifications
You must be signed in to change notification settings - Fork 1.1k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Pipeline function "in_private_net" cannot parse IPV6 #4624
Closed
jekelundh opened this issue
Feb 28, 2018
· 3 comments
· Fixed by Graylog2/graylog-plugin-threatintel#157
Closed
Pipeline function "in_private_net" cannot parse IPV6 #4624
jekelundh opened this issue
Feb 28, 2018
· 3 comments
· Fixed by Graylog2/graylog-plugin-threatintel#157
Comments
+1 |
@lennartkoopmann I am experiencing this bug as well, it ends up resulting in excessive CPU usage and log bloat due to errors in the log file on any version before the current. |
|
kroepke
added a commit
to Graylog2/graylog-plugin-threatintel
that referenced
this issue
Mar 23, 2020
extended the ip subnet check to ignore all IPv6 addresses be returning "false" for all of them, even unique local addresses subnet check is not faster only non-IP addresses will lead to a log message now, IPv6 checks will be silent fixes #156 fixes Graylog2/graylog2-server#4624 related to #33
mpfz0r
pushed a commit
to Graylog2/graylog-plugin-threatintel
that referenced
this issue
Aug 17, 2020
extended the ip subnet check to ignore all IPv6 addresses be returning "false" for all of them, even unique local addresses subnet check is not faster only non-IP addresses will lead to a log message now, IPv6 checks will be silent fixes #156 fixes Graylog2/graylog2-server#4624 related to #33
mpfz0r
pushed a commit
to Graylog2/graylog-plugin-threatintel
that referenced
this issue
Aug 17, 2020
extended the ip subnet check to ignore all IPv6 addresses be returning "false" for all of them, even unique local addresses subnet check is not faster only non-IP addresses will lead to a log message now, IPv6 checks will be silent fixes #156 fixes Graylog2/graylog2-server#4624 related to #33 (cherry picked from commit abc08c0)
mpfz0r
pushed a commit
to Graylog2/graylog-plugin-threatintel
that referenced
this issue
Oct 14, 2020
This reduces error log noise by suppressing the stacktrace fixes #156 fixes Graylog2/graylog2-server#4624 related to #33 (cherry picked from commit abc08c0) extend `in_private_net` to check for unique local addresses in IPv6 (cherry picked from commit 6c3f617) use Graylog's IpSubnet class instead of ancient netty one suppress harmless API stability warning (cherry picked from commit 91d4f64)
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Pipline function in_private_net cannot parse IPV6 entries
Expected Behavior
IPV6 entries should be ignored
Current Behavior
IPV6 entries generates a stack trace in server.log for each message containing IPV6 src/dst.
Possibly duplicate of, or related to, Graylog2/graylog-plugin-threatintel#33
The text was updated successfully, but these errors were encountered: