Kismet

Recent Commits

• Mike Kershaw / Dragorn (16 Jun 26)

  json: fix issues in json v2 field summarizer beast: extract fields for json2 field summarizer channeltrackerv3: fix json serialization

• Mike Kershaw / Dragorn (16 Jun 26)

  configure: fix missing cflags for libwebsockets

• Mike Kershaw / Dragorn (16 Jun 26)

  json: more work on new json framework to enable field selection & complex dictionary/array field selection

• Mike Kershaw / Dragorn (07 Jun 26)

  Merge branch 'neoowl-defense-pcapng-ring-logfile-upstream'

• Mike Kershaw / Dragorn (28 May 26)

  censor: add censor_heavy=1 url option, fix more missing censoring in related APs and in SSID list

• Mike Kershaw / Dragorn (28 May 26)

  censor: add censor_heavy=1 url option, fix more missing censoring in related APs and in SSID list

• Costa (23 May 26)

  pcapng_ring: in-memory ring logfile + on-demand snapshot endpoint A new kis_logfile subclass for sensors where continuous on-disk pcap would burn through SD/SSD storage. Writes a multi-slot pcapng ring to tmpfs (default 64MB = 8 slots * 8 MB). POST to /logging/pcapng_ring/snapshot/<label>.cmd freezes the current ring into <persist_dir>/<label>/pre.pcapng and records the next N seconds into post.pcapng — intended as the evidence-capture half of an external alert-driven monitoring pipeline. Each ring slot is a self-contained pcapng section (its own SHB written by pcapng_stream_packetchain::restart_stream), so concatenation produces a valid multi-section pcapng that wireshark/tshark read natively. Snapshot uses an internal force_rotate_now() to flush the active slot to disk before the pre copy and again after the post-trigger sleep, so low-traffic captures (where natural rotation never fires within the snapshot window) still get the active slot's bytes. Rotation itself stays on the writer thread (via an atomic flag + condvar) to avoid racing rotate_ring's buffer swap with the writer's fwrite. The buffer member is a shared_ptr so a snapshot thread's sync() call can't hit a use-after-free if rotate_ring drops the old buffer concurrently. Background prune thread enforces three retention axes on persist_dir: total size cap, max age, minimum free-space floor (returns 507 Insufficient Storage rather than silently pruning). Opt in via `log_types+=pcapng_ring` in kismet_logging.conf. All knobs are config keys: ring_dir, ring_file_size_mb, ring_file_count, persist_dir, default_post_seconds, persist_max_total_mb, persist_max_age_days, persist_min_free_mb, persist_prune_interval. The builder is class-singleton because the snapshot HTTP route is class-scoped; two instances would race on the same path. The route is registered in the logfile constructor (matching the kis_databaselogfile pattern) with extensions={"cmd"} so the URL contract is explicit.

• Mike Kershaw / Dragorn (23 May 26)

  nrf serial: merge some proposed fixes for nrf serial devices when compield under gcc15 which seems to introduce broken behavior between threads

• Mike Kershaw / Dragorn (22 May 26)

  devicetracker: rework how timers are expired on device watch websockets, might help with #606 but more testing needed

• Mike Kershaw / Dragorn (19 May 26)

  json: add missing header

• Mike Kershaw / Dragorn (19 May 26)

  json: start new json/field system to decrease complexity and increase performance (eventually) rrd: new rrd optimized around new field structures channeltracker: new channel tracker based on new fields beast: new endpoints to handle new jsonable objects

• Mike Kershaw / Dragorn (19 May 26)

  rrd: squash more warnings while adapting math types

• Mike Kershaw / Dragorn (18 May 26)

  rrd: fix averaging wrong array

• Mike Kershaw / Dragorn (17 May 26)

  dot11: fix integer underflow causing bad malloc sizing in eap identity, should fix #605, thanks for the heads up

• Mike Kershaw / Dragorn (17 May 26)

  packet: move some structs around in prep for other optimizations

• Mike Kershaw / Dragorn (12 May 26)

  rrd: further efforts to optimize rrd math which gets called a LOT.

• Mike Kershaw / Dragorn (12 May 26)

  rrd: rewrite array access to improve speed on rrd updates

• Mike Kershaw / Dragorn (12 May 26)

  radiotap: squash compile warning in fcs

• Mike Kershaw / Dragorn (10 May 26)

  gps: fix new gps index in protobuf code

• Mike Kershaw / Dragorn (09 May 26)

  dot11: extremely minor optimization

• Mike Kershaw / Dragorn (09 May 26)

  rrd: minor optimizations for vectors

• Mike Kershaw / Dragorn (09 May 26)

  dot11: minor optimization to device naming logic

• Mike Kershaw / Dragorn (09 May 26)

  gps: mild revamp of gps packet data to avoid copying strings we never use, add a basic gps id number tracker to reference the original gps

• Mike Kershaw / Dragorn (09 May 26)

  dot11: use proper ie tag (114, meshid) as the ssid checksum when detecting a mesh object, instead of the typo'd one (113, mesh config)

• Mike Kershaw / Dragorn (08 May 26)

  802154: fill in phy id on new commoninfo

• Mike Kershaw / Dragorn (08 May 26)

  alerts: disable bleedingtooth by default since modern btle triggers false positives

• Mike Kershaw / Dragorn (08 May 26)

  Merge branch 'buzzdeee-ccbsd'

• Mike Kershaw / Dragorn (07 May 26)

  bluetooth: fix HCI devices not being classified with new common info handling

• Mike Kershaw / Dragorn (07 May 26)

  configure: fix wch build var substitution

• Mike Kershaw / Dragorn (07 May 26)

  bluetooth: fix HCI devices not being classified with new common info handling