Documentation ¶
Overview ¶
Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.
Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.
Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.
Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.
Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.
Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.
Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.
Index ¶
- Constants
- Variables
- type NodeID
- type NodeNet
- func (nn NodeNet) GetKey() string
- func (nn NodeNet) GetList() []*net.IPNet
- func (nn NodeNet) GetListS() []string
- func (nn NodeNet) GetOriginal() string
- func (nn NodeNet) GetParsedValue() []*net.IPNet
- func (nn NodeNet) GetValue() string
- func (nn NodeNet) HasNot() bool
- func (nn NodeNet) Match(addr NodeValue) bool
- func (nn NodeNet) MatchB(addr NodeValue) bool
- type NodePort
- func (np NodePort) GetInverse() NodePort
- func (np NodePort) GetKey() string
- func (np NodePort) GetList() []int
- func (np NodePort) GetOriginal() string
- func (np NodePort) GetRange() (int, int)
- func (np NodePort) GetValue() string
- func (np NodePort) HasNot() bool
- func (np NodePort) IsRange() bool
- func (np NodePort) Match(port NodeValue) bool
- func (np NodePort) MatchB(port NodeValue) bool
- type NodeProto
- type NodeRoot
- type NodeType
- type NodeValue
Constants ¶
const ( ConversionTypeMsg = "type conversion is not allowed" InputDataNotValidMsg = "input data is not valid" MixedFormatsNotAllowedMsg = "mixed formats are not allowed" RangeExceededMsg = "port range can not contain more than one range splitter" InvalidPortNumberMsg = "value %s is not valid port number" PortBaundsNotValidMsg = "lower port cannot be higher or equal to the higher port in port range" WhileParsingCIDRMsg = "building a IP node and while parsing CIDR address found" UndefinedNodeMsg = "undefined node" )
Variables ¶
var ( ErrConversionType = errors.New(ConversionTypeMsg) ErrInputDataNotValid = errors.New(InputDataNotValidMsg) ErrMixedFormats = errors.New(MixedFormatsNotAllowedMsg) ErrRangeExceeded = errors.New(RangeExceededMsg) ErrPortBoundsNotValid = errors.New(PortBaundsNotValidMsg) ErrUndefinedNode = errors.New(UndefinedNodeMsg) )
var ( // Keywords defines what Yara metadata entries are used for processing the rule. // This array also defines the order in which each key is taking into account Keywords = []string{"proto", "src", "sport", "dst", "dport"} // RuleDefVersion defines the version of the metadata accepted by Mole // this will be handy to version rules later on RuleDefVersion = "1.0" // RangeSplitter character used to define a range, like ports 80:443 RangeSplitter = ":" // SequenceSplitter character used to define a sequence, like ports 80,443 SequenceSplitter = "," )
Functions ¶
This section is empty.
Types ¶
type NodeID ¶
type NodeID struct {
// contains filtered or unexported fields
}
NodeID represents proto node
func (NodeID) GetKey ¶
GetKey returns the key associated to the node which is also part of the keywords
type NodeNet ¶
type NodeNet struct {
// contains filtered or unexported fields
}
NodeNet represents proto node
func (NodeNet) GetKey ¶
GetKey returns the key associated to the node which is also part of the keywords
func (NodeNet) GetOriginal ¶
GetOriginal returns a string version of the node value without parsing
func (NodeNet) GetParsedValue ¶
GetParsedValue returns a string version of the node value
type NodePort ¶
type NodePort struct {
// contains filtered or unexported fields
}
NodePort represents port node
func NewDstPort ¶
NewDstPort returns a new NodePort node with `dport` as key
func NewSrcPort ¶
NewSrcPort returns a new NodePort node with `sport` as key
func (NodePort) GetInverse ¶
func (NodePort) GetKey ¶
GetKey returns the key associated to the node which is also part of the keywords
func (NodePort) GetOriginal ¶
GetOriginal returns a string version of the node value without parsing
type NodeProto ¶
type NodeProto struct {
// contains filtered or unexported fields
}
NodeProto represents proto node
func (NodeProto) GetKey ¶
GetKey returns the key associated to the node which is also part of the keywords
func (NodeProto) GetOriginal ¶
GetOriginal returns a string version of the node value without parsing
type NodeRoot ¶
type NodeRoot struct {
// contains filtered or unexported fields
}
NodeRoot represents the root node
func (NodeRoot) GetKey ¶
GetKey is a dummy function that needs to be implemented in terms to accomplish the NodeValue interface
func (NodeRoot) GetValue ¶
GetValue is a dummy function that needs to be implemented in terms to accomplish the NodeValue interface
type NodeType ¶
type NodeType string
NodeType defines the node type
const ( // Root defines the root node keyword Root NodeType = "root" // Proto defines the protocol node keyword Proto NodeType = "proto" // SrcNet defines the source IP node keyword SrcNet NodeType = "src" // SrcPort defines the source port node keyword SrcPort NodeType = "sport" // DstNet defines the destination IP node keyword DstNet NodeType = "dst" // DstPort defines the destination port node keyword DstPort NodeType = "dport" // ID defines the id node keyword ID NodeType = "id" )