anti/DECNET
1
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity

revert: undo service badge filter, parser normalization, and SSH relay

Browse Source 
Reverts commits 8c249f6, a6c7cfd, 7ff5703. The SSH log relay approach
requires container redeployment and doesn't retroactively fix existing
attacker profiles. Rolling back to reassess the approach.
This commit is contained in:
anti
2026-04-14 02:14:46 -04:00
parent 7ff5703250
commit df3f04c10e
8 changed files with 4 additions and 254 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
tests/test_collector.py
View File

@@ -131,14 +131,6 @@ class TestParseRfc5424:
assert result["msg"] == "login attempt"
def test_non_nil_procid_accepted(self):
line = '<38>1 2026-04-14T05:48:12.611006+00:00 SRV-BRAVO-13 sshd 282 - - Accepted password for root from 192.168.1.5 port 50854 ssh2'
result = parse_rfc5424(line)
assert result is not None
assert result["service"] == "sshd"
assert result["decky"] == "SRV-BRAVO-13"
class TestIsServiceContainer:
def test_known_container_returns_true(self):
with patch("decnet.collector.worker._load_service_container_names", return_value=_KNOWN_NAMES):