watchdog

package
v0.0.0-...-6d7c776 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Jul 14, 2022 License: BSD-3-Clause Imports: 15 Imported by: 0

Documentation

Overview

Watchdog is a module that helps to manage the access control based on rules

Index

Constants

View Source
const (
	Name        = "watchdog"
	Description = "A module that helps to manage the access control based on rules."
	Author      = "NEMESIS"
)

Variables

This section is empty.

Functions

func GetRealAddr

func GetRealAddr(r *http.Request) net.IP

GetRealAddr returns the IP address from an http.Request

func GetUserAgent

func GetUserAgent(r *http.Request) string

GetUserAgent returns the User-Agent string from an http.Request

Types

type Blacklist

type Blacklist struct {
	List []*Rule
}

Blacklist is a list of Rules

func ParseRules

func ParseRules(rules string) Blacklist

ParseRules parses a raw blacklist (text) and returns a Blacklist struct.

Match All [*] (Useful for creating a whitelist)
Match IP [e.g. 203.0.113.6 or 2001:db8::68]
Match IP Network [e.g.: 192.0.2.0/24 or ::1/128]
Match Hostname [e.g. crawl-66-249-66-1.googlebot.com]
Match Hostname RegExp [e.g.: ~ .*\.cox\.net]
Match Geofence [e.g.: @ 39.377297 -74.451082 (7km)] or [ @ Country:IT ] or [ @ City:Rome ]

func (*Blacklist) Add

func (b *Blacklist) Add(item *Rule)

Add appends a Rule to the Blacklist

func (*Blacklist) AppendRaw

func (b *Blacklist) AppendRaw(raw string) bool

AppendRaw parse a rule string and appends the Rule to the Blacklist

func (*Blacklist) Concatenate

func (b *Blacklist) Concatenate(items []*Rule)

Concatenate combines a list of Rules to the Blacklist

func (*Blacklist) Remove

func (b *Blacklist) Remove(item *Rule) bool

Remove removes a Rule from the Blacklist

type Geofence

type Geofence struct {
	Type                        GeofenceType
	Field                       string
	Value                       string
	Latitude, Longitude, Radius float64
}

Geofence represents a point on the Earth with an accuracy radius in meters.

func (*Geofence) Intersection

func (mi *Geofence) Intersection(tu *Geofence) (i SetIntersection)

Intersection describes the relationship between two geofences

type GeofenceType

type GeofenceType string
const (
	Location  GeofenceType = "Location"
	Parameter              = "Parameter"
)

type ResponseAction

type ResponseAction struct {
	Code ResponseCode

	// Optional parameters
	TargetURL string
}

ResponseAction contains actions to perform after a block

type ResponseCode

type ResponseCode string

type Rule

type Rule struct {
	Raw       string
	All       bool
	Negation  bool
	IP        net.IP
	Network   *net.IPNet
	Hostname  string
	Regexp    string
	Geofence  *Geofence
	UserAgent string
}

Rule is a structure that represents the rules of a blacklist

type SetIntersection

type SetIntersection uint

SetIntersection is a description of the relationship between two sets.

const (
	// IsDisjoint means that the two sets have no common elements.
	IsDisjoint SetIntersection = 1 << iota

	// IsSubset means the first set is a subset of the second.
	IsSubset

	// IsSuperset means the second set is a subset of the first.
	IsSuperset
)

type Watchdog

type Watchdog struct {
	session.SessionModule

	Enabled       bool
	Dynamic       bool
	Raw           string
	Rules         Blacklist
	RulesFilePath string
	GeoDB         *geoip2.Reader
	GeoDBFilePath string

	Action ResponseAction
}

Watchdog module

func Load

func Load(s *session.Session) (m *Watchdog, err error)

Load configures the module by initializing its main structure and variables

func (*Watchdog) Allow

func (module *Watchdog) Allow(r *http.Request) bool

Allow decides whether the Blacklist permits the selected IP address. func (module *Watchdog) Allow(ip net.IP) bool {

func (*Watchdog) Author

func (module *Watchdog) Author() string

Author returns the module author

func (*Watchdog) CustomMovedPermanently

func (module *Watchdog) CustomMovedPermanently(w http.ResponseWriter, r *http.Request, targetURL string)

CustomMovedPermanently redirects to targetURL page with 301 response header

func (*Watchdog) CustomResponse

func (module *Watchdog) CustomResponse(response http.ResponseWriter, request *http.Request)

BlockRequest takes action and send the visitor to a chosen destination, i.e. blocks or trolls him

func (*Watchdog) Description

func (module *Watchdog) Description() string

Description returns the module description

func (*Watchdog) Flush

func (module *Watchdog) Flush()

Flush removes all the rules

func (*Watchdog) MonitorRules

func (module *Watchdog) MonitorRules()

MonitorRules starts a watcher to monitor changes to file containing blacklist rules.

func (*Watchdog) Name

func (module *Watchdog) Name() string

Name returns the module name

func (*Watchdog) NginxNotFound

func (module *Watchdog) NginxNotFound(w http.ResponseWriter, r *http.Request)

NginxNotFound replies with a 404 page similar to nginx server

func (*Watchdog) PrintRules

func (module *Watchdog) PrintRules()

PrintRules pretty prints the list of active rules

func (*Watchdog) Prompt

func (module *Watchdog) Prompt()

Prompt prints module status based on the provided parameters

func (*Watchdog) PromptResponseAction

func (module *Watchdog) PromptResponseAction()

PromptResponseAction allows to setup the response actions using the interactive prompt

func (*Watchdog) Reload

func (module *Watchdog) Reload()

Reload reparses the rules to update the Blacklist

func (*Watchdog) Save

func (module *Watchdog) Save()

Save dumps current Blacklist to file

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL