Documentation ¶
Overview ¶
This package gives the option for a golang based http service to send http requests for analysis against the shadowd WAF. Examples at: https://github.com/elico/go-shadowd/tree/master/examples
Index ¶
Constants ¶
const ( SHADOWD_CONNECTOR_VERSION = "2.0.1-go" SHADOWD_CONNECTOR_CONFIG = "/etc/shadowd/go-connector.ini" SHADOWD_CONNECTOR_CONFIG_SECTION = "shadowd_go" SHADOWD_LOG = "/var/log/shadowd.log" STATUS_OK = 1 STATUS_BAD_REQUEST = 2 STATUS_BAD_SIGNATURE = 3 STATUS_BAD_JSON = 4 STATUS_ATTACK = 5 STATUS_CRITICAL_ATTACK = 6 )
Global default settings constants All STATUS_X are describing an analysis result.
Variables ¶
var VERSION = "2.0.1"
Functions ¶
This section is empty.
Types ¶
type ShadowdConn ¶
type ShadowdConn struct { ServerAddr string ReadBody bool UpperCookies bool ProfileId string ProfileKey string Logfile string Debug bool LogFullCookie bool }
A shadowd connection, this allows to send a request for analysis.
func (*ShadowdConn) SendToShadowd ¶
func (serverconn *ShadowdConn) SendToShadowd(req *http.Request) (string, error)
Sends an http request to processing on the shadowd service. Returns a json object in a string format with the analysis result. The json "status" key is an integer(float64 when json parses it) that reflect the result of the test ranging from 1 to 6. 1 means that it is ok to pass the request to the origin server 5 and 6 means that the requester or the request was identified as an attack. The error is always nil unless some special parsing or communication happen. It is up to the developer what to do for each error and status code.
Directories ¶
Path | Synopsis |
---|---|
An emulation of a request analysis process An example http file server that is protected against floods attacks This tool is very helpful for GET requests logging and also helps to understand and analyze better mis-caching issues.
|
An emulation of a request analysis process An example http file server that is protected against floods attacks This tool is very helpful for GET requests logging and also helps to understand and analyze better mis-caching issues. |