Documentation ¶
Index ¶
- Constants
- type Action
- type Duration
- type Loader
- func (l *Loader) Add(rule *Rule, saveToDisk bool) error
- func (l *Loader) Delete(ruleName string) error
- func (l *Loader) FindFirstMatch(con *conman.Connection) (match *Rule)
- func (l *Loader) GetAll() map[string]*Rule
- func (l *Loader) Load(path string) error
- func (l *Loader) NumRules() int
- func (l *Loader) Reload() error
- func (l *Loader) Replace(rule *Rule, saveToDisk bool) error
- func (l *Loader) Save(rule *Rule, path string) error
- type Operand
- type Operator
- type Rule
- type Sensitive
- type Type
Constants ¶
const ( Simple = Type("simple") Regexp = Type("regexp") Complex = Type("complex") // for future use List = Type("list") Network = Type("network") )
Available types
const ( OpTrue = Operand("true") OpProcessID = Operand("process.id") OpProcessPath = Operand("process.path") OpProcessCmd = Operand("process.command") OpProcessEnvPrefix = Operand("process.env.") OpProcessEnvPrefixLen = 12 OpUserID = Operand("user.id") OpDstIP = Operand("dest.ip") OpDstHost = Operand("dest.host") OpDstPort = Operand("dest.port") OpDstNetwork = Operand("dest.network") OpProto = Operand("protocol") OpList = Operand("list") )
Available operands
const ( Allow = Action("allow") Deny = Action("deny") )
Actions of rules
const ( Once = Duration("once") Restart = Duration("until restart") Always = Duration("always") )
daemon possible durations
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type Loader ¶
Loader is the object that holds the rules loaded from disk, as well as the rules watcher.
func NewLoader ¶
NewLoader loads rules from disk, and watches for changes made to the rules files on disk.
func (*Loader) Delete ¶
Delete deletes a rule from the list. If the duration is Always (i.e: saved on disk), it'll attempt to delete it from disk.
func (*Loader) FindFirstMatch ¶
func (l *Loader) FindFirstMatch(con *conman.Connection) (match *Rule)
FindFirstMatch will try match the connection against the existing rule set.
type Operator ¶
type Operator struct { Type Type `json:"type"` Operand Operand `json:"operand"` Sensitive Sensitive `json:"sensitive"` Data string `json:"data"` List []Operator `json:"list"` // contains filtered or unexported fields }
Operator represents what we want to filter of a connection, and how.
func NewOperator ¶
NewOperator returns a new operator object
type Rule ¶
type Rule struct { Created time.Time `json:"created"` Updated time.Time `json:"updated"` Name string `json:"name"` Enabled bool `json:"enabled"` Precedence bool `json:"precedence"` Action Action `json:"action"` Duration Duration `json:"duration"` Operator Operator `json:"operator"` }
Rule represents an action on a connection. The fields match the ones saved as json to disk. If a .json rule file is modified on disk, it's reloaded automatically.
func Create ¶
func Create(name string, enabled bool, precedence bool, action Action, duration Duration, op *Operator) *Rule
Create creates a new rule object with the specified parameters.
func Deserialize ¶
Deserialize translates back the rule received to a Rule object
func (*Rule) Match ¶
func (r *Rule) Match(con *conman.Connection) bool
Match performs on a connection the checks a Rule has, to determine if it must be allowed or denied.