github r-smith/deceptifeed v0.68.0
0.68.0
on GitHub

8 hours ago

Changes

  • Add the ability for HTTP honeypots to log connections and report connections to the threatfeed. This allows you take take action immediately when a client establishes a connection to the honeypot. To log connections, use <logConnections>true</logConnections> and to report to the threatfeed, use <reportConnections>true</reportConnections> in an HTTP honeypot config.
  • Add Proxy Protocol support to HTTP honeypots. Enable by adding <useProxyProtocol>true</useProxyProtocol> in an HTTP honeypot config.
  • Add better configuration validation at startup (3031153).

Logging Changes

  • TCP and UDP port numbers are now logged as a numeric type rather than a string (such as "server_port":2022 rather than "server_port":"2022").
  • For UDP logs, the string "[unverified]" is appended to the source IP address. Previously, the string "[unreliable]" was used.
  • For UDP logs, replace the source_reliability string key with source_ip_verified boolean key, and always log the key as 'false'.
  • Renamed the source_ip_parsed key to proxy_parsed .
  • Renamed the source_ip_error key to proxy_error.
  • When Proxy Protocol or a proxy HTTP header is configured, the proxy_error key is always logged. Previously, the key was only included if an error occurred.

Other

  • Improvements and optimizations in Proxy Protocol handling (88d7f4e, 43d7f21, c47c590).
  • Display sessionTimeout setting in the web UI config page.
  • Display connections in the web UI live monitor. Connections appear only when honeypots are configured to log connections.

Full Changelog: v0.67.0...v0.68.0


Binaries built with Go 1.25.7 using make all from the project root.

Check out latest releases or
releases around r-smith/deceptifeed v0.68.0

Don't miss a new deceptifeed release

NewReleases is sending notifications on new releases.

Get notifications