Merged
Conversation
itcmsgr
added a commit
that referenced
this pull request
Jan 2, 2026
Update nftban_init_nftables_conf.sh
itcmsgr
added a commit
that referenced
this pull request
Jan 25, 2026
Phase 3 of v1.6.0 architecture cleanup: ADDED - Missing metrics to JSON cache (#6): - memory section: rss_bytes, open_fds, threads - network section: rx_mbps, tx_mbps, peak values, connections - Cache now has 44+ metrics (up from 41) OPTIMIZED - Stats functions (#7): - nftban_stats_top_sources() now uses cache-first pattern - Reads from .bans_by_source for all-time stats - Reads from .bans_by_source_24h for 24h stats - Fallback to log parsing for custom date ranges CONFIGURED - Prometheus default OFF (#8): - NFTBAN_EXPORT_PROMETHEUS="false" confirmed as default - Added smart auto-detection: enables if node_exporter detected - Added documentation: "Prometheus is optional adapter, not backend" - Our backend: stats.json + bans.log (not Prometheus) UPDATED - Health checks (#17): - Removed legacy zabbix timer migration warning - All health checks now reference unified exporter only - Fresh install will pass health checks VERIFIED - Zabbix integration (#15): - export_zabbix() function confirmed working - Uses zabbix_sender protocol - Supports TLS/PSK, failover, auto-firewall - LLD infrastructure in place Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
itcmsgr
added a commit
that referenced
this pull request
Apr 28, 2026
Architecture Policy / Policy Gates → Suppression comment audit failed on PR #511 with one false-positive grep hit: ./cmd/nftban-installer/restore_deps_csf_test.go:829: // 4B-3-csf — Test #17: no //nolint:unused on consumed mutation fields. The literal substring //nolint: appears only as prose inside the test's section-header comment — it is NOT an actual suppression directive on a code line. The policy gate's grep does not distinguish prose from a trailing-of-line directive, so the gate fails on its own description. Rephrased to "consumed mutation fields have no stale lint-suppression annotations." — semantics unchanged, no zero-width characters, no literal forbidden substring. The companion test TestCSFMutate_4B3csf_NoNolintUnusedOnMutationFields (function name, not a comment) is a Go identifier and does not contain the //nolint: substring; it is unaffected. Test behavior unchanged. Local grep replay (the exact failing command): grep -r '//nolint:' --include="*.go" . → 0 hits lab2 (Ubuntu 24.04, go1.22.2): go test ./cmd/nftban-installer/... PASS go test ./... PASS No production code touched. No workflow touched. No other test touched. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Added cloudflare public ips