Documentation

Index

Constants

View Source
const (
	SecurityLevelOff     uint8 = 0
	SecurityLevelNormal  uint8 = 1
	SecurityLevelHigh    uint8 = 2
	SecurityLevelExtreme uint8 = 4

	SecurityLevelsNormalAndHigh    uint8 = SecurityLevelNormal | SecurityLevelHigh
	SecurityLevelsNormalAndExtreme uint8 = SecurityLevelNormal | SecurityLevelExtreme
	SecurityLevelsHighAndExtreme   uint8 = SecurityLevelHigh | SecurityLevelExtreme
	SecurityLevelsAll              uint8 = SecurityLevelNormal | SecurityLevelHigh | SecurityLevelExtreme
)

    Security levels.

    View Source
    const DisplayHintSecurityLevel string = "security level"

      DisplayHintSecurityLevel is an external option hint for security levels. It's meant to be used as a value for config.DisplayHintAnnotation.

      Variables

      View Source
      var AllSecurityLevelValues = append([]config.PossibleValue{
      	{
      		Name:        "Off",
      		Value:       SecurityLevelOff,
      		Description: "Setting is always disabled.",
      	},
      },
      	SecurityLevelValues...,
      )

        AllSecurityLevelValues is like SecurityLevelValues but also includes Off.

        View Source
        var SecurityLevelValues = []config.PossibleValue{
        	{
        		Name:        "Trusted / Home Network",
        		Value:       SecurityLevelsAll,
        		Description: "Setting is always enabled.",
        	},
        	{
        		Name:        "Untrusted / Public Network",
        		Value:       SecurityLevelsHighAndExtreme,
        		Description: "Setting is enabled in untrusted and dangerous networks.",
        	},
        	{
        		Name:        "Danger / Hacked Network",
        		Value:       SecurityLevelExtreme,
        		Description: "Setting is enabled only in dangerous networks.",
        	},
        }

          SecurityLevelValues defines all possible security levels.

          Functions

          func ActiveSecurityLevel

          func ActiveSecurityLevel() uint8

            ActiveSecurityLevel returns the currently active security level.

            func AddToDebugInfo

            func AddToDebugInfo(di *debug.Info)

              AddToDebugInfo adds the system status to the given debug.Info.

              func DeleteMitigationLevel

              func DeleteMitigationLevel(id string)

                DeleteMitigationLevel deletes the mitigation level for id.

                func IsValidSecurityLevel

                func IsValidSecurityLevel(level uint8) bool

                  IsValidSecurityLevel returns true if level is a valid, single security level. Level is also invalid if it's a bitmask with more that one security level set.

                  func IsValidSecurityLevelMask

                  func IsValidSecurityLevelMask(level uint8) bool

                    IsValidSecurityLevelMask returns true if level is a valid security level mask. It's like IsValidSecurityLevel but also allows bitmask combinations.

                    func SecurityLevelString

                    func SecurityLevelString(level uint8) string

                      SecurityLevelString returns the given security level as a string.

                      func SelectedSecurityLevel

                      func SelectedSecurityLevel() uint8

                        SelectedSecurityLevel returns the security level as selected by the user.

                        func SetMitigationLevel

                        func SetMitigationLevel(id string, mitigation uint8)

                          SetMitigationLevel sets the mitigation level for id to mitigation. If mitigation is SecurityLevelOff the mitigation record will be removed. If mitigation is an invalid level the call to SetMitigationLevel is a no-op.

                          Types

                          type SecurityLevelOptionFunc

                          type SecurityLevelOptionFunc func(minSecurityLevel uint8) bool

                            SecurityLevelOptionFunc can be called with a minimum security level and returns whether or not a given security option is enabled or not. Use SecurityLevelOption() to get a SecurityLevelOptionFunc for a specific option.

                            func SecurityLevelOption

                            func SecurityLevelOption(name string) SecurityLevelOptionFunc

                              SecurityLevelOption returns a function to check if the option identified by name is active at a given minimum security level. The returned function is safe for concurrent use with configuration updates.

                              type SelectedSecurityLevelRecord

                              type SelectedSecurityLevelRecord struct {
                              	record.Base
                              	sync.Mutex
                              
                              	SelectedSecurityLevel uint8
                              }

                                SelectedSecurityLevelRecord is used as a dummy record.Record to provide a simply runtime-configuration for the user. It is write-only and exposed at "runtime:system/security-level".

                                type SystemStatusRecord

                                type SystemStatusRecord struct {
                                	record.Base
                                	sync.Mutex
                                
                                	// ActiveSecurityLevel holds the currently
                                	// active security level.
                                	ActiveSecurityLevel uint8
                                	// SelectedSecurityLevel holds the security level
                                	// as selected by the user.
                                	SelectedSecurityLevel uint8
                                	// ThreatMitigationLevel holds the security level
                                	// as selected by the auto-pilot.
                                	ThreatMitigationLevel uint8
                                	// OnlineStatus holds the current online status as
                                	// seen by the netenv package.
                                	OnlineStatus netenv.OnlineStatus
                                	// CaptivePortal holds all information about the captive
                                	// portal of the network the portmaster is currently
                                	// connected to, if any.
                                	CaptivePortal *netenv.CaptivePortal
                                }

                                  SystemStatusRecord describes the overall status of the Portmaster. It's a read-only record exposed via runtime:system/status.

                                  type Threat

                                  type Threat struct {
                                  	*notifications.Notification
                                  }

                                    Threat represents a threat to the system. A threat is basically a notification with strong typed EventData. Use the methods expored on Threat to manipulate the EventData field and push updates of the notification. Do not use EventData directly!

                                    func NewThreat

                                    func NewThreat(id, title, msg string) *Threat

                                      NewThreat returns a new threat. Note that the threat only gets published once Publish is called.

                                      Example:

                                      threat := NewThreat("portscan", "Someone is scanning you").
                                      	SetData(portscanResult).
                                      	SetMitigationLevel(SecurityLevelExtreme).
                                      	Publish()
                                      
                                      // Once you're done, delete the threat
                                      threat.Delete().Publish()
                                      

                                      func (*Threat) Delete

                                      func (t *Threat) Delete() *Threat

                                        Delete sets the ended timestamp of the threat.

                                        func (*Threat) Payload

                                        func (t *Threat) Payload() ThreatPayload

                                          Payload returns a copy of the threat payload.

                                          func (*Threat) Publish

                                          func (t *Threat) Publish() *Threat

                                            Publish publishes the current threat. Publish should always be called when changes to the threat are recorded.

                                            func (*Threat) SetData

                                            func (t *Threat) SetData(data interface{}) *Threat

                                              SetData sets the data member of the threat payload.

                                              func (*Threat) SetMitigationLevel

                                              func (t *Threat) SetMitigationLevel(lvl uint8) *Threat

                                                SetMitigationLevel sets the mitigation level of the threat data.

                                                type ThreatPayload

                                                type ThreatPayload struct {
                                                	// MitigationLevel holds the recommended security
                                                	// level to mitigate the threat.
                                                	MitigationLevel uint8
                                                	// Started holds the UNIX epoch timestamp in seconds
                                                	// at which the threat has been detected the first time.
                                                	Started int64
                                                	// Ended holds the UNIX epoch timestamp in seconds
                                                	// at which the threat has been detected the last time.
                                                	Ended int64
                                                	// Data may holds threat-specific data.
                                                	Data interface{}
                                                }

                                                  ThreatPayload holds threat related information.