When there is a significant difference between the user's browser's time
and the system time, a button appears in the web UI to fix the system
time. This time will then be used to correct both data inside of PCAPs
and any metadata.
We don't actually set the system time to this value. Instead, rayhunter
adjusts any timestamps it handles by an offset. That offset defaults to
zero, and the user adjusts it by hitting the button in the web UI. The
main reason for this is device portability.
I haven't investigated whether it would actually be easy to set the real
system time. It's possible that it works the same way across all
devices.
...and make a small UI change so that folks won't get concerned about parsing errors.
Right now all the "undecoded extensions" noise goes into
rayhunter-daemon.log, and users get concerned about it when browsing
that through the UI.
These payloads would previous cause panic on underflow.
The fuzzing setup lives in
https://github.com/untitaker/rayhunter/tree/fuzz-wip -- I can eventually
upstream it though right now it runs very inefficiently.
See https://github.com/EFForg/rayhunter/issues/334
Severity levels low, medium, high are now exposed to the UI in form of
dotted, dashed and solid lines. The line on the UI represents the
highest-so-far severity seen.
Originally this was intended to be represented by Yellow/Orange/Red, but
this would mean yet another divergence for colorblind mode. This is
colorblind-friendly by default (I think...)
As part of this, simplify EventType so that it becomes a flat "level"
enum without nested variants.
There is also a new debug endpoint that allows one to overwrite the
display level directly for testing.
