nodes

package
v0.1.2 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Aug 17, 2020 License: Apache-2.0 Imports: 12 Imported by: 0

Documentation

Overview

Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.

Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.

Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.

Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.

Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.

Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.

Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.

Index

Constants

View Source 
const (
	ConversionTypeMsg         = "type conversion is not allowed"
	InputDataNotValidMsg      = "input data is not valid"
	MixedFormatsNotAllowedMsg = "mixed formats are not allowed"
	RangeExceededMsg          = "port range can not contain more than one range splitter"
	InvalidPortNumberMsg      = "value %s is not valid port number"
	PortBaundsNotValidMsg     = "lower port cannot be higher or equal to the higher port in port range"
	WhileParsingCIDRMsg       = "building a IP node and while parsing CIDR address found"
	UndefinedNodeMsg          = "undefined node"
)

Variables

View Source 
var (
	ErrConversionType     = errors.New(ConversionTypeMsg)
	ErrInputDataNotValid  = errors.New(InputDataNotValidMsg)
	ErrMixedFormats       = errors.New(MixedFormatsNotAllowedMsg)
	ErrRangeExceeded      = errors.New(RangeExceededMsg)
	ErrPortBoundsNotValid = errors.New(PortBaundsNotValidMsg)
	ErrUndefinedNode      = errors.New(UndefinedNodeMsg)
)
View Source 
var (
	// Keywords defines what Yara metadata entries are used for processing the rule.
	// This array also defines the order in which each key is taking into account
	Keywords = []string{"proto", "src", "sport", "dst", "dport"}

	// RuleDefVersion defines the version of the metadata accepted by Mole
	// this will be handy to version rules later on
	RuleDefVersion = "1.0"

	// RangeSplitter character used to define a range, like ports 80:443
	RangeSplitter = ":"
	// SequenceSplitter character used to define a sequence, like ports 80,443
	SequenceSplitter = ","
)
View Source 
var (
	// NodeTypeLookUp utility to lookup node types based on its keywords
	NodeTypeLookUp = map[string]NodeType{
		"root":  Root,
		"proto": Proto,
		"src":   SrcNet,
		"sport": SrcPort,
		"dst":   DstNet,
		"dport": DstPort,
		"id":    ID,
	}
)

Functions

This section is empty.

Types

type NodeID 

type NodeID struct {
	// contains filtered or unexported fields
}

NodeID represents proto node

func NewID 

func NewID() NodeID

NewID returns a new NodeID node

func (NodeID) GetKey 

func (nid NodeID) GetKey() string

GetKey returns the key associated to the node which is also part of the keywords

func (NodeID) GetValue 

func (nid NodeID) GetValue() string

GetValue returns a string version of the node value

func (NodeID) Match 

func (nid NodeID) Match(id NodeValue) bool

Match checks whether the argument's value match with the node value

func (NodeID) MatchB 

func (nid NodeID) MatchB(id NodeValue) bool

MatchB checks whether the argument's value match with the node value

type NodeNet 

type NodeNet struct {
	// contains filtered or unexported fields
}

NodeNet represents proto node

func NewDstNet 

func NewDstNet(value interface{}) (NodeNet, error)

NewDstNet returns a new NodeNet node with `dst` as key

func NewSrcNet 

func NewSrcNet(value interface{}) (NodeNet, error)

NewSrcNet returns a new NodeNet node with `src` as key

func (NodeNet) GetKey 

func (nn NodeNet) GetKey() string

GetKey returns the key associated to the node which is also part of the keywords

func (NodeNet) GetList 

func (nn NodeNet) GetList() []*net.IPNet

GetList returns the list of address if any or a empty list

func (NodeNet) GetListS 

func (nn NodeNet) GetListS() []string

GetListS returns the list of address if any or a empty list

func (NodeNet) GetOriginal 

func (nn NodeNet) GetOriginal() string

GetOriginal returns a string version of the node value without parsing

func (NodeNet) GetParsedValue 

func (nn NodeNet) GetParsedValue() []*net.IPNet

GetParsedValue returns a string version of the node value

func (NodeNet) GetValue 

func (nn NodeNet) GetValue() string

GetValue returns a string version of the node value

func (NodeNet) HasNot 

func (nn NodeNet) HasNot() bool

HasNot returns whether the node has not operator

func (NodeNet) Match 

func (nn NodeNet) Match(addr NodeValue) bool

Match checks whether the argument's value match with the node value

func (NodeNet) MatchB 

func (nn NodeNet) MatchB(addr NodeValue) bool

MatchB checks whether the argument's value match with the node value

type NodePort 

type NodePort struct {
	// contains filtered or unexported fields
}

NodePort represents port node

func NewDstPort 

func NewDstPort(value interface{}) (NodePort, error)

NewDstPort returns a new NodePort node with `dport` as key

func NewSrcPort 

func NewSrcPort(value interface{}) (NodePort, error)

NewSrcPort returns a new NodePort node with `sport` as key

func (NodePort) GetInverse 

func (np NodePort) GetInverse() NodePort

func (NodePort) GetKey 

func (np NodePort) GetKey() string

GetKey returns the key associated to the node which is also part of the keywords

func (NodePort) GetList 

func (np NodePort) GetList() []int

GetList returns the list values

func (NodePort) GetOriginal 

func (np NodePort) GetOriginal() string

GetOriginal returns a string version of the node value without parsing

func (NodePort) GetRange 

func (np NodePort) GetRange() (int, int)

GetRange returns the port range

func (NodePort) GetValue 

func (np NodePort) GetValue() string

GetValue returns a string version of the node value

func (NodePort) HasNot 

func (np NodePort) HasNot() bool

HasNot returns whether the node has not operator

func (NodePort) IsRange 

func (np NodePort) IsRange() bool

IsRange returns the port range

func (NodePort) Match 

func (np NodePort) Match(port NodeValue) bool

Match checks whether the argument's value match with the node value

func (NodePort) MatchB 

func (np NodePort) MatchB(port NodeValue) bool

MatchB checks whether the argument's value match with the node value

type NodeProto 

type NodeProto struct {
	// contains filtered or unexported fields
}

NodeProto represents proto node

func NewProto 

func NewProto(value interface{}) (NodeProto, error)

NewProto returns a new proto node

func (NodeProto) GetKey 

func (np NodeProto) GetKey() string

GetKey returns the key associated to the node which is also part of the keywords

func (NodeProto) GetOriginal 

func (np NodeProto) GetOriginal() string

GetOriginal returns a string version of the node value without parsing

func (NodeProto) GetValue 

func (np NodeProto) GetValue() string

GetValue returns a string version of the node value

func (NodeProto) HasNot 

func (np NodeProto) HasNot() bool

HasNot returns whether the node has not operator

func (NodeProto) Match 

func (np NodeProto) Match(proto NodeValue) bool

Match checks whether the argument's value match with the node value

func (NodeProto) MatchB 

func (np NodeProto) MatchB(proto NodeValue) bool

MatchB checks whether the argument's value match with the node value

type NodeRoot 

type NodeRoot struct {
	// contains filtered or unexported fields
}

NodeRoot represents the root node

func NewRoot 

func NewRoot() NodeRoot

NewRoot returns a new NodeRoot node

func (NodeRoot) GetKey 

func (nr NodeRoot) GetKey() string

GetKey is a dummy function that needs to be implemented in terms to accomplish the NodeValue interface

func (NodeRoot) GetValue 

func (nr NodeRoot) GetValue() string

GetValue is a dummy function that needs to be implemented in terms to accomplish the NodeValue interface

func (NodeRoot) Match 

func (nr NodeRoot) Match(proto NodeValue) bool

Match is a dummy function that needs to be implemented in terms to accomplish the NodeValue interface

func (NodeRoot) MatchB 

func (nr NodeRoot) MatchB(proto NodeValue) bool

MatchB is a dummy function that needs to be implemented in terms to accomplish the NodeValue interface

type NodeType 

type NodeType string

NodeType defines the node type 

const (
	// Root defines the root node keyword
	Root NodeType = "root"
	// Proto defines the protocol node keyword
	Proto NodeType = "proto"
	// SrcNet defines the source IP node keyword
	SrcNet NodeType = "src"
	// SrcPort defines the source port node keyword
	SrcPort NodeType = "sport"
	// DstNet defines the destination IP node keyword
	DstNet NodeType = "dst"
	// DstPort defines the destination port node keyword
	DstPort NodeType = "dport"
	// ID defines the id node keyword
	ID NodeType = "id"
)

func (NodeType) String 

func (nt NodeType) String() string

type NodeValue 

type NodeValue interface {
	Match(NodeValue) bool
	MatchB(NodeValue) bool
	GetKey() string
	GetValue() string
}

NodeValue is the interface that all nodes in the decision tree needs to meet

func GetNodeValue 

func GetNodeValue(key string, value interface{}) (NodeValue, error)

GetNodeValue returns the NodeValue based on the key value

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.