Documentation
¶
Index ¶
Constants ¶
View Source
const ( DecodedQueryField string = "decodedQuery" DetectorField string = "detector" ScoreField string = "score" QueryField string = "query" ErrorField string = "error" IsInjectionField string = "is_injection" ResponseField string = "response" OutputsField string = "outputs" TokensField string = "tokens" StringField string = "String" DeepLearningModel string = "deep_learning_model" Libinjection string = "libinjection" ErrorLevel string = "error" ExceptionLevel string = "EXCEPTION" ErrorNumber string = "42000" DetectionMessage string = "SQL injection detected" ErrorResponseMessage string = "Back off, you're not welcome here." TokenizeAndSequencePath string = "/tokenize_and_sequence" PredictPath string = "/v1/models/%s/versions/%s:predict" )
Variables ¶
View Source
var ( GetPluginConfig = promauto.NewCounter(prometheus.CounterOpts{ Namespace: metrics.Namespace, Name: "get_plugin_config_total", Help: "The total number of calls to the getPluginConfig method", }) OnTrafficFromClient = promauto.NewCounter(prometheus.CounterOpts{ Namespace: metrics.Namespace, Name: "on_traffic_from_client_total", Help: "The total number of calls to the onTrafficFromClient method", }) Detections = promauto.NewCounterVec(prometheus.CounterOpts{ Namespace: metrics.Namespace, Name: "detections_total", Help: "The total number of malicious requests detected", }, []string{"detector"}) Preventions = promauto.NewCounter(prometheus.CounterOpts{ Namespace: metrics.Namespace, Name: "preventions_total", Help: "The total number of malicious requests prevented", }) )
The following metrics are defined in the plugin and are used to track the number of times the plugin methods are called. These metrics are used as examples to test the plugin metrics functionality.
View Source
var ( Version = "0.0.0" PluginID = v1.PluginID{ Name: "gatewayd-plugin-sql-ids-ips", Version: Version, RemoteUrl: "github.com/gatewayd-io/gatewayd-plugin-sql-ids-ips", } PluginMap = map[string]goplugin.Plugin{ "gatewayd-plugin-sql-ids-ips": &InjectionDetectionPlugin{}, } // TODO: Handle this in a better way // https://github.com/gatewayd-io/gatewayd-plugin-sdk/issues/3 PluginConfig = map[string]interface{}{ "id": map[string]interface{}{ "name": PluginID.Name, "version": PluginID.Version, "remoteUrl": PluginID.RemoteUrl, }, "description": "GatewayD plugin for detection and prevention of SQL injection attacks", "authors": []interface{}{ "Mostafa Moradian <mostafa@gatewayd.io>", }, "license": "AGPL-3.0", "projectUrl": "https://github.com/gatewayd-io/gatewayd-plugin-sql-ids-ips", "config": map[string]interface{}{ "metricsEnabled": sdkConfig.GetEnv("METRICS_ENABLED", "true"), "metricsUnixDomainSocket": sdkConfig.GetEnv( "METRICS_UNIX_DOMAIN_SOCKET", "/tmp/gatewayd-plugin-sql-ids-ips.sock"), "metricsEndpoint": sdkConfig.GetEnv("METRICS_ENDPOINT", "/metrics"), "tokenizerAPIAddress": sdkConfig.GetEnv( "TOKENIZER_API_ADDRESS", "http://localhost:8000"), "servingAPIAddress": sdkConfig.GetEnv( "SERVING_API_ADDRESS", "http://localhost:8501"), "modelName": sdkConfig.GetEnv("MODEL_NAME", "sqli_model"), "modelVersion": sdkConfig.GetEnv("MODEL_VERSION", "1"), "threshold": sdkConfig.GetEnv("THRESHOLD", "0.8"), "enableLibinjection": sdkConfig.GetEnv("ENABLE_LIBINJECTION", "true"), "libinjectionPermissiveMode": sdkConfig.GetEnv("LIBINJECTION_MODE", "true"), }, "hooks": []interface{}{ int32(v1.HookName_HOOK_NAME_ON_TRAFFIC_FROM_CLIENT), }, "tags": []interface{}{"plugin", "sql", "ids", "ips", "security", "waf"}, "categories": []interface{}{"plugin", "enterprise"}, } )
Functions ¶
This section is empty.
Types ¶
type InjectionDetectionPlugin ¶
type InjectionDetectionPlugin struct {
goplugin.NetRPCUnsupportedPlugin
Impl Plugin
}
func NewInjectionDetectionPlugin ¶ added in v0.0.6
func NewInjectionDetectionPlugin(impl Plugin) *InjectionDetectionPlugin
NewInjectionDetectionPlugin returns a new instance of the TestPlugin.
func (*InjectionDetectionPlugin) GRPCClient ¶
func (p *InjectionDetectionPlugin) GRPCClient( ctx context.Context, b *goplugin.GRPCBroker, c *grpc.ClientConn, ) (any, error)
GRPCClient returns the plugin client.
func (*InjectionDetectionPlugin) GRPCServer ¶
func (p *InjectionDetectionPlugin) GRPCServer(b *goplugin.GRPCBroker, s *grpc.Server) error
GRPCServer registers the plugin with the gRPC server.
type Plugin ¶
type Plugin struct {
goplugin.GRPCPlugin
v1.GatewayDPluginServiceServer
Logger hclog.Logger
Threshold float32
EnableLibinjection bool
LibinjectionPermissiveMode bool
TokenizerAPIAddress string
ServingAPIAddress string
ModelName string
ModelVersion string
}
func (*Plugin) GetPluginConfig ¶
GetPluginConfig returns the plugin config. This is called by GatewayD when the plugin is loaded. The plugin config is used to configure the plugin.
func (*Plugin) OnTrafficFromClient ¶
OnTrafficFromClient is called when a request is received by GatewayD from the client. This can be used to modify the request or terminate the connection by returning an error or a response.
Source Files
Click to show internal directories.
Click to hide internal directories.