Releases: tschaefer/conntrackd
v1.4.0
Warning
Breaking changes.
This release migrates the Domain Specific Language (DSL) to Common Expression Language (CEL) for filtering.
# Log only NEW TCP connections to public networks (deny everything else)
--filter 'log event.type == "NEW" && protocol == "TCP && is_network(destination.address, "PUBLIC") "'
--filter "drop any"See docs/filter.md for specification and migration description.
v1.3.0
This release enables continous profiling, sending profiling data to Grafana Pyroscope aggregating system.
conntrackd run --profiler.enable=true --profiler.address=https://pyroscope.example.com
v1.2.0
Warning
Breaking changes.
This release introduces the recording of source location data if applicable. Therefore the prefix of some log fields is modified.
{
"time": "2025-11-25T12:35:11.082791653+01:00",
"level": "INFO",
"msg": "NEW TCP connection from [2003:cf:1716:7b64:da80:83ff:fecd:da51]:4...",
"type": "NEW",
"flow": 4000057915,
"prot": "TCP",
"src_addr": "2003:cf:1716:7b64:da80:83ff:fecd:da51",
"dst_addr": "2a01:4f8:160:5372::2",
"src_port": 41756,
"dst_port": 443,
"tcp_state": "SYN_SENT",
"src_city": "Garmisch-Partenkirchen",
"src_country": "Germany",
"src_lat": 47.4906,
"src_lon": 11.1026,
"dst_city": "Falkenstein",
"dst_country": "Germany",
"dst_lat": 50.4777,
"dst_lon": 12.3649
}v1.1.0
v1.0.0
Warning
Breaking changes.
This release introduces a domain-specific language for filtering connections that are to be logged.
sudo conntrackd run \
--sink.stream.enable \
--filter "log protocol tcp and destination network public" \
--filter "drop any"This will log any TCP connection to a target with a public IP address to sdtout.
See docs/filter.md for complete DSL documentation, including grammar, operators, and advanced examples.