1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
|
Logswan 2.1.15 (2025-03-24)
- Add link to Gentoo package in the README
- Add initial RPM spec file
- Bump cmake_minimum_required to 3.5, to allow building with CMake 4.0
- Bump cmake_minimum_required to 3.10 to be more future proof
Logswan 2.1.14 (2023-03-30)
- Add missing void to the usage() function definition
- Move manual page to the man directory
Logswan 2.1.13 (2022-07-28)
- Remove useless backslashes in usage()
- Add entries with IPv6 remote hosts to exercise the IPv6 code paths
- Add an invalid.log log file with invalid lines, for testing purposes
- Add a few more test cases in CMakeLists.txt
- Also generate data for IPv6 addresses in the MMDB test database
- Regenerate the example MMDB database and JSON example output
Logswan 2.1.12 (2021-12-02)
- Fix a use-after-free (read) triggered by strcmp(3) calls.
The parse_request() function didn't zero out the parsed_request struct
between each call. Since the parsing loop was switched to using getline(3)
instead of a fixed size buffer to process log lines, it could reference
already freed memory in certain cases.
Thanks to Brian Carpenter (@geeknik) for finding and reporting the issue.
Logswan 2.1.11 (2021-11-16)
- Bump CMake minimum required version to 2.8.12
- Add SPDX short license identifier in source files
- Use CMAKE_C_STANDARD instead of hardcoding compiler flags
- Switch to using getline(3) instead of fgets(3)
- Call hll_init() after doing getopt() processing
Logswan 2.1.10 (2021-02-15)
- Only call MMDB_close if the GeoIP option was enabled. This fixes a
crash on program exit on OpenBSD when running without the GeoIP
option enabled.
Logswan 2.1.9 (2021-02-15)
- Stop forcing FORTIFY_SOURCE=2, it should be package builders decision
- Add link to Homebrew package in the README
- Remove unused countryId variable
- Remove dead increments for argc and argv
- Rename variables to get rid of all camelCase occurrences
- Remove the measuring Logswan memory usage section from the README
- Try to harmonize usage information everywhere
- Rename the displayUsage() function to usage()
- Rename all the parse*() functions to use snake_case
- Get rid of global variables, move all declarations to main()
Logswan 2.1.8 (2020-10-19)
- Make displayUsage() static
- Removing some leading whitespace characters
- Constify methods and protocols names array
- Constify countries and continents names and ID arrays
- Enable FORTIFY_SOURCE level 2
- Call memset() to set all entry_data struct fields to zero
Logswan 2.1.7 (2020-09-17)
- Add a Perl program to generate an example MMDB database for testing
- Add a new test case to exercise the IP geolocation codepaths
- Add support for seccomp on arm
- Add missing test for __NR_mmap, the mmap syscall doesn't exist on arm
Logswan 2.1.6 (2020-07-03)
- Validate architectures for seccomp
- Minor code shuffling, for consistency with other codebases
- Add seccomp support on i386, tested on glibc and musl
- Remove entry for "Netherlands Antilles" in country table
- Swaziland was officially renamed to Eswatini in 2018
- Macedonia was officially renamed to North Macedonia in February 2019
- Rename Vatican City to Vatican to be consistent with GeoNames naming
- Rename Aland to Aland Islands to be consistent with GeoNames naming
Logswan 2.1.5 (2020-06-12)
- Switch the GEOIP2DIR example to point to '/var/db/dbip'
- Use CLOCK_REALTIME if CLOCK_MONOTONIC is not available
- Remove unneeded <sys/select.h> and <sys/types.h> includes
- Add missing <stddef.h> include
- Remove useless _POSIX_SOURCE define
- Remove useless _POSIX_C_SOURCE 199309L define
- Define _GNU_SOURCE in CMakeLists.txt to avoid cluttering source files
- No need to set HAVE_SECCOMP to 1, defining it is enough
- Remove some unneeded seccomp related includes
Logswan 2.1.4 (2020-03-27)
- Move GEOIP2DB definition to CMakeLists.txt, allowing build time
customization
- Display database path name in error message
- Remove direct link to GeoLite2 databases
- Add dependencies installation instruction for Fedora
- Change GEOIP2DB default value to "dbip-country-lite.mmdb"
- Change GEOIP2DIR default value to "${CMAKE_INSTALL_PREFIX}/share/dbip"
- Mention that DB-IP IP to Country Lite database is now the recommended option
Logswan 2.1.3 (2020-01-17)
- Add a new test target, to test log processing
- Move printed statistics after the actual output
- Use OpenBSD style(9) for function prototypes and declarations
- Remove seccomp mention in README as it is currently disabled by default
Logswan 2.1.2 (2019-11-19)
- Add ENABLE_SECCOMP build option, to allow building seccomp support
conditionally
- Disable seccomp by default, it needs more testing on non !amd64 platforms
- Use ${CMAKE_INSTALL_BINDIR} instead of hardcoding 'bin'
Logswan 2.1.1 (2019-10-30)
- Check if system has seccomp in CMakeLists.txt
- Use the HAVE_SECCOMP macro to check whether or not to enable seccomp
- Define and use a GEOIP2DB macro to specify GeoLite2 database name
- Add a switch (-d) to allow specifying path to a GeoIP2 database file
- Define and use a LOGSWAN_SYSCALL_ALLOW macro to make code more readable
- Adding missing #include guard in seccomp.h header file
- Use __NR_ instead of SYS_ prefix in LOGSWAN_SYSCALL_ALLOW
- Fix the build on aarch64 Linux, where the open() syscall does not exist
- Add error checking for both prctl() calls
Logswan 2.1.0 (2019-10-23)
- Add FALLTHROUGH comments where appropriate
- Add support for parsing HTTP/3 requests
- Add initial seccomp support on Linux, tested on musl and glibc systems
Logswan 2.0.4 (2019-08-16)
- Adding #include guard in compat header file
- Add an example log file and regenerate output example
- Add dependencies installation instructions for NetBSD and FreeBSD
- Add final dots for options descriptions
- Add final dot when printing results summary
- Use EXIT_SUCCESS and EXIT_FAILURE macros for return values
- Add a trailing newline when printing JSON output
Logswan 2.0.3 (2018-10-15)
- Use -std=c11, Logswan requires a C11 compiler for libmaxminddb
- Enable support for parsing HTTP/2.0 requests, for real this time
- Revert back to using INT64_MAX for strtonum() maxval, as maxval is long long
and using UINT64_MAX caused bandwidth parsing to always fail (Thanks James Loh
for reporting the issue)
- Move maps of countries and continents to separate files
Logswan 2.0.2 (2018-08-05)
- Use UINT64_MAX for strtonum() maxval
- Add missing headers and reorder includes
- Add support for HTTP/2.0
Logswan 2.0.1 (2018-06-27)
- Do not use -Werror by default
- Do not always call inet_pton two times per log line, this speeds things up
- Use bool types for isIPv4 and isIPv6
- Use the monotonic clock to determine runtime
- Move conditional includes for 'pledge' and 'strtonum' in compat.h
Logswan 2.0.0 (2018-03-16)
- Use type off_t for results struct member fileSize
- Reflect OpenBSD's pledge() changes
- Switch to using libmaxminddb and GeoIP2/GeoLite2 databases
- Add Antarctica to the list of continents
Logswan 1.07 (2017-02-14)
- Harmonize arrays names
- Remove array of months, it's currently unused and will likely remain so
- Simplify internal JSON array and object names
- Use OpenBSD style(9) for function prototypes and declarations
- Revert back to using strtok, at least for now
- Do not use EXIT_SUCCESS and EXIT_FAILURE macros anymore
- Fix implicit function declaration error on NetBSD (Thanks Maya Rashish)
- Remove now useless variables initialization and unnecessary includes
- Do not add an extra new line when displaying usage or version
Logswan 1.06 (2016-12-17)
- Relicensed under the BSD 2-Clause license
- Use strtok_r instead of strtok to tokenize lines
- Do not attempt to increment countries and continents arrays if there
is no GeoIP database loaded
- Harmonize variable names for the GeoIP databases
- GeoIP lookups are now disabled by default (add a -g switch to enable)
- Use fstat on open file descriptor instead of using stat before opening
the input file
- Count the log line as invalid if parsedLine.remoteHost is NULL
- Pass results structure by reference, not by value
- Initialize some uninitialized variables
- Headers cleanup
Logswan 1.05 (2016-02-25)
- Documentation update (notes on measuring Logswan memory usage)
- Add additional include directories for compat functions + dependencies
to avoid using relative path in includes
- Check that *lineBuffer is not NUL before attempting to parse log line
- Perform GeoIP lookup and HLL add in the same if block
- Increment IPv4 and IPv6 hits counters individually and conditionally
- Use CMake to check if the system has OpenBSD's pledge available and
link pledge conditionally using a null implementation when compiled
on non OpenBSD systems
- Adding an array of months, for the upcoming split log functionalities
Logswan 1.04 (2016-01-10)
- Moving global variables into main
- Using 'size_t' instead of 'int' for array indexes in for loops
- Using 'uint32_t' for all non 'uint64_t' integers
- Do not increment hits and processed lines counter for each parsed line,
compute total only once when everything is parsed
- Setting 'CMAKE_BUILD_TYPE' to 'Release' and formatting fixes
- Sanitize CMake script to build under NetBSD (Thanks Kamil Rytarowski)
- Initializing some uninitialized variables
- Renaming 'DATADIR' variables to 'GEOIPDIR'
Logswan 1.03 (2016-01-01)
- Remove header display and do not print name of processed file
- Print results to stderr instead of stdout
- Output JSON data to stdout instead of creating a new file
- Define GeoIP databases path in CMakeLists.txt
- Adding log file name in the JSON output
- Removing some hardcoded values and replacing them with constants
defined in config.h
- Breaking the loop when a match is found in the request parser
- Using enumeration constants instead of macros
- Process GeoIP continent information
- Re-ordering protocols and methods with more common occurrences on top of
the list, allowing to break earlier when iterating through the array
- Adding support for reading logs from standard input
- Renaming 'definitions' files to 'config'
- Increasing countries array size, as an attempt to be future-proof
- Initial support for using pledge() on OpenBSD
- Documentation updates (HLL precision, Features list, GeoIP databases)
- Updated JSON output example
- Added a manual page
Logswan 1.02 (2015-11-02)
- Renaming 'resource' variable to 'request' in the 'logLine' struct
- Do not attempt to parse empty date tokens
- Do not attempt to parse empty request tokens (Thanks Brian Carpenter for
reporting the issue)
Logswan 1.01 (2015-10-01)
- Documentation updates
- Fixing segfault when request data is empty or malformed (Thanks Jonathan
Armani for reporting and proposing a fix)
Logswan 1.00 (2015-09-28)
- Initial release
|
