calvin.erfmann/pangolin
1
0
Fork 0
mirror of https://github.com/fosrl/pangolin.git synced 2026-02-01 15:49:08 +00:00
Code Issues Packages Projects Releases Wiki Activity
4,343 Commits 20 Branches 85 Tags
msg-delivery
Commit Graph

122 Commits

Author SHA1 Message Date
miloschwartz
a56b058858 fix role name missing in forward headers 2026-01-13 15:28:02 -08:00
Owen
f7fcde8312 Add max recursion depth to matchSegments 2025-12-31 10:40:16 -05:00
Owen
6660c850f3 Try to bound logs 
Ref #2120
 2025-12-31 10:31:40 -05:00
miloschwartz
da112d3417 add stripPortFromHost and reuse everywhere 2025-12-23 12:35:03 -05:00
miloschwartz
1905936950 parse request ip in exchange session 2025-12-22 15:48:24 -05:00
miloschwartz
71386d3b05 fix request ip port strip issue with badger >=1.3.0 2025-12-22 12:35:40 -05:00
Dhananjay Mahtha
90c48f20e0 Fix: Prevent cache memory leak by adding maxKeys limit and conditional caching 
- Add maxKeys limit (10,000) to NodeCache to prevent unbounded memory growth
- Skip caching undefined values when GeoIP/ASN lookups fail (e.g., when MaxMind DB not configured)
- Add periodic cache statistics logging every 5 minutes for monitoring
- Fixes memory leak where cache would grow indefinitely with high request volumes

The maxKeys limit uses LRU eviction, so oldest entries are automatically removed
when the limit is reached. With ~10k requests/day and 5min TTL, 10k keys provides
ample headroom while preventing OOM issues.

Fixes #2120
 2025-12-21 17:08:27 -05:00
Owen
eafcefbe45 Merge branch 'dev' of github.com:jln-brtn/pangolin into jln-brtn-dev 2025-12-20 15:34:32 -05:00
Thomas Wilde
4f154d212e Add ASN-based resource rule matching 
- Add MaxMind ASN database integration
- Implement ASN lookup and matching in resource rule verification
- Add curated list of 100+ major ASNs (cloud, ISP, CDN, mobile carriers)
- Add ASN dropdown selector in resource rules UI with search functionality
- Support custom ASN input for unlisted ASNs
- Add 'ALL ASNs' special case handling (AS0)
- Cache ASN lookups with 5-minute TTL for performance
- Update validation schemas to support ASN match type

This allows administrators to create resource access rules based on
Autonomous System Numbers, similar to existing country-based rules.
Useful for restricting access by ISP, cloud provider, or mobile carrier.
 2025-12-20 12:16:31 -05:00
Owen
a012369f83 Make sure to always check retention first 
Fixes #2061
 2025-12-12 18:39:13 -05:00
Owen
f9b03943c3 Format all files 2025-12-09 10:56:14 -05:00
Owen
e24a13fb11 Implement previous year delete 2025-12-06 20:49:53 -05:00
Owen
8a8c0edad3 Speed up writing to not block io operations 2025-12-06 17:54:39 -05:00
Julien Breton
46ed27a218 Fix: Extend Basic Auth compatibility with browsers 2025-12-01 01:18:09 +01:00
Owen
937b36e756 Build client site resource associations and send messages 2025-11-19 18:05:42 -05:00
Lokowitz
7db99a7dd5 used zod codemod 2025-11-16 14:18:17 +00:00
Pallavi Kumari
63a1ecfb86 role in header 2025-11-13 23:31:29 +05:30
Owen
0e649883cb More bugfixes 2025-10-29 17:21:32 -07:00
Owen
6dc4cbe448 Check country code 2025-10-29 16:24:35 -07:00
miloschwartz
219e213c1e change logs to debug 2025-10-29 11:39:45 -07:00
Owen
15d63ddffa Various fixes for rc 2025-10-27 16:33:21 -07:00
Owen
b59a6b82ef Merge branch 'dev' into user-compliance 2025-10-27 10:37:53 -07:00
Owen
c04d9eda6b Merge branch 'dev' into audit-logs 2025-10-27 10:02:32 -07:00
miloschwartz
4cfd1b1ff5 always check resource session length 2025-10-27 09:45:12 -07:00
miloschwartz
44316731c0 enforce resource session length 2025-10-26 16:52:15 -07:00
miloschwartz
8973726f63 add org policy check to verify session 2025-10-25 17:15:37 -07:00
Owen Schwartz
bc6b9eb905 Merge pull request #1736 from Lokowitz/fix-geoip-blueprint 
fix blueprint country issue - fix #1705 - option 2
 2025-10-25 16:21:49 -07:00
Owen
4b40e7b8d6 Restrict features 2025-10-24 16:29:37 -07:00
Owen
10a5af67aa Merge branch 'dev' into audit-logs 2025-10-24 11:15:39 -07:00
Owen
b542d82553 Consolidate into central cache 2025-10-24 11:14:07 -07:00
Owen
2a644c3f88 Working on settings 2025-10-24 10:51:32 -07:00
Lokowitz
5b61742075 change geoip to country 2025-10-23 13:27:34 +00:00
Owen
f2c31d3ca6 Add actor data to request 2025-10-22 14:27:21 -07:00
Owen
f748c5dbe4 Basic request log working 2025-10-22 12:23:48 -07:00
Owen
fdd4d5244f Temp dont ignore org 2025-10-22 10:59:35 -07:00
Owen
654145be84 Clean up imports and ordering 2025-10-21 21:58:09 -07:00
Owen
3662d42374 Add resource id and cc 2025-10-21 21:42:53 -07:00
Owen
d392fb371e Add logging for all auth 2025-10-21 21:22:56 -07:00
Owen
c0039190bd Fix frontend type imports 2025-10-14 11:28:56 -07:00
Owen
377cb77307 Returning unauthorized 2025-10-13 15:34:26 -07:00
Owen
48af91c976 Return unauthorized if header auth is the only one 2025-10-13 15:20:53 -07:00
Owen
38faf1f905 Add header auth so it does not allow passing 2025-10-13 14:59:54 -07:00
Owen
c7a40d59b7 Seperate managed node code to fosrl/pangolin-node 2025-10-12 16:34:36 -07:00
Owen
d92b87b7c8 Chungus 2.0 2025-10-10 11:27:15 -07:00
Owen
850e9a734a Adding HTTP Header Authentication 2025-10-06 10:14:02 -07:00
Owen
c2c907852d Chungus 2025-10-04 18:36:44 -07:00
miloschwartz
8851156f23 use resource guid in url closes #1517 2025-09-28 16:22:26 -07:00
Owen
c02ac8d1bf Seperate out function 2025-08-26 17:19:04 -07:00
Owen
a1802add19 Geoblocking works 2025-08-26 17:14:55 -07:00
Owen
78d3861382 Add pass rule 2025-08-24 22:20:09 -07:00