Add 62 blog posts generated from git commit history

One-shot import of all bojemoi repo commits as Hugo posts. Each post includes metadata, files changed, and diff stats. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-02-17 14:16:05 +01:00
parent eafc75fd5e
commit 7ac1bd5f4f
62 changed files with 2909 additions and 0 deletions
--- a/content/posts/commits/2026-02-14-commit-c7af3a7.md
+++ b/content/posts/commits/2026-02-14-commit-c7af3a7.md
@@ -0,0 +1,46 @@
+---
+title: "Fix Suricata to capture real traffic: move to host networking"
+date: 2026-02-14T15:56:36+01:00
+draft: false
+tags: ["commit", "bojemoi", "fix", "stack"]
+categories: ["Git Activity"]
+summary: "Commit c7af3a7 par Betty — 4 fichier(s) modifié(s)"
+author: "Betty"
+---
+
+## Commit `c7af3a7`
+
+| | |
+|---|---|
+| **Repository** | bojemoi |
+| **Branch** | `main` |
+| **Auteur** | Betty |
+| **Hash** | `c7af3a7340b2fdd15e343132ce4f4f81b5692bc9` |
+| **Date** | 2026-02-14 |
+
+### Description
+
+Suricata in Docker Swarm overlay network saw 0 packets (monitoring
+virtual VXLAN interface). Move to standalone docker compose with
+network_mode: host for real eth0 packet capture. Suricata-exporter
+stays in Swarm (reads socket/logs via bind mounts).
+
+Also filter private/reserved IPs (RFC1918, multicast, broadcast) from
+Dozor threat feeds to prevent false positives on internal Docker traffic.
+
+Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
+
+### Fichiers modifiés
+
+```
+M	dozor/dozor/feeds.py
+M	scripts/startover.sh
+M	stack/01-service-hl.yml
+A	stack/01-suricata-host.yml
+```
+
+### Statistiques
+
+```
+ 4 files changed, 59 insertions(+), 48 deletions(-)
+```