Documentation ¶
Overview ¶
Package v1 is the v1 version of the API.
Index ¶
- Constants
- Variables
- func AddToListFromSet(set *Set, list *[]string)
- func AddToSetFromList(list []string, set *Set)
- func Kind(kind string) schema.GroupKind
- func NameFlags(f uint32) string
- func Resource(resource string) schema.GroupResource
- func SetFlags(slots []int) (f uint32)
- type CidrSet
- type Critiria
- type Ctrl
- type Guardian
- type GuardianList
- type GuardianSpec
- type HeadersConfig
- func (config *HeadersConfig) AddTypicalVal()
- func (config *HeadersConfig) Decide(h *HeadersProfile) string
- func (in *HeadersConfig) DeepCopy() *HeadersConfig
- func (in *HeadersConfig) DeepCopyInto(out *HeadersConfig)
- func (config *HeadersConfig) Learn(p *HeadersPile)
- func (config *HeadersConfig) Marshal(depth int) string
- func (config *HeadersConfig) Normalize()
- type HeadersPile
- type HeadersProfile
- type IpPile
- type IpSet
- type KeyValConfig
- func (config *KeyValConfig) Decide(kvp *KeyValProfile) string
- func (in *KeyValConfig) DeepCopy() *KeyValConfig
- func (in *KeyValConfig) DeepCopyInto(out *KeyValConfig)
- func (config *KeyValConfig) Describe() string
- func (config *KeyValConfig) Learn(p *KeyValPile)
- func (config *KeyValConfig) Marshal(depth int) string
- func (config *KeyValConfig) Normalize()
- func (config *KeyValConfig) SetMandatoryKeys(minimalSet []string)
- func (config *KeyValConfig) WhitelistByExample(k string, v string)
- func (config *KeyValConfig) WhitelistKnownKeys(m map[string]string)
- type KeyValPile
- type KeyValProfile
- type Pile
- type ProcessConfig
- func (config *ProcessConfig) AddTypicalVal()
- func (config *ProcessConfig) Decide(pp *ProcessProfile) string
- func (in *ProcessConfig) DeepCopy() *ProcessConfig
- func (in *ProcessConfig) DeepCopyInto(out *ProcessConfig)
- func (config *ProcessConfig) Learn(p *ProcessPile)
- func (config *ProcessConfig) Marshal(depth int) string
- func (config *ProcessConfig) Normalize()
- func (config *ProcessConfig) Reconcile()
- type ProcessPile
- type ProcessProfile
- type QueryConfig
- func (config *QueryConfig) AddTypicalVal()
- func (config *QueryConfig) Decide(q *QueryProfile) string
- func (in *QueryConfig) DeepCopy() *QueryConfig
- func (in *QueryConfig) DeepCopyInto(out *QueryConfig)
- func (config *QueryConfig) Learn(p *QueryPile)
- func (config *QueryConfig) Marshal(depth int) string
- func (config *QueryConfig) Normalize()
- type QueryPile
- type QueryProfile
- type ReqConfig
- func (config *ReqConfig) AddTypicalVal()
- func (config *ReqConfig) Decide(rp *ReqProfile) string
- func (in *ReqConfig) DeepCopy() *ReqConfig
- func (in *ReqConfig) DeepCopyInto(out *ReqConfig)
- func (config *ReqConfig) Learn(p *ReqPile)
- func (config *ReqConfig) Marshal(depth int) string
- func (config *ReqConfig) Normalize()
- func (config *ReqConfig) Reconcile()
- type ReqPile
- type ReqProfile
- type RespConfig
- func (config *RespConfig) AddTypicalVal()
- func (config *RespConfig) Decide(rp *RespProfile) string
- func (in *RespConfig) DeepCopy() *RespConfig
- func (in *RespConfig) DeepCopyInto(out *RespConfig)
- func (config *RespConfig) Learn(p *RespPile)
- func (config *RespConfig) Marshal(depth int) string
- func (config *RespConfig) Normalize()
- func (config *RespConfig) Reconcile()
- type RespPile
- type RespProfile
- type SessionProfile
- type Set
- type SimpleValConfig
- func (config *SimpleValConfig) AddValExample(str string)
- func (config *SimpleValConfig) Decide(svp *SimpleValProfile) string
- func (in *SimpleValConfig) DeepCopy() *SimpleValConfig
- func (in *SimpleValConfig) DeepCopyInto(out *SimpleValConfig)
- func (config *SimpleValConfig) Describe() string
- func (config *SimpleValConfig) Learn(p *SimpleValPile)
- func (config *SimpleValConfig) Marshal(depth int) string
- func (config *SimpleValConfig) NameFlags() string
- func (config *SimpleValConfig) Normalize()
- type SimpleValPile
- type SimpleValProfile
- func (in *SimpleValProfile) DeepCopy() *SimpleValProfile
- func (in *SimpleValProfile) DeepCopyInto(out *SimpleValProfile)
- func (svp *SimpleValProfile) Describe() string
- func (svp *SimpleValProfile) Marshal(depth int) string
- func (svp *SimpleValProfile) NameFlags() string
- func (svp *SimpleValProfile) Profile(str string)
- type U8Minmax
- type U8MinmaxSlice
- func (mms U8MinmaxSlice) AddValExample(v uint8) U8MinmaxSlice
- func (mms U8MinmaxSlice) Decide(v uint8) string
- func (in U8MinmaxSlice) DeepCopy() U8MinmaxSlice
- func (in U8MinmaxSlice) DeepCopyInto(out *U8MinmaxSlice)
- func (mms U8MinmaxSlice) Describe() string
- func (mms *U8MinmaxSlice) Learn(list []uint8)
- func (mms U8MinmaxSlice) Marshal() string
- type Uint32Slice
- func (base Uint32Slice) Add(val Uint32Slice) Uint32Slice
- func (base Uint32Slice) Decide(val Uint32Slice) string
- func (in Uint32Slice) DeepCopy() Uint32Slice
- func (in Uint32Slice) DeepCopyInto(out *Uint32Slice)
- func (uint64Slice Uint32Slice) Describe() string
- func (uint64Slice Uint32Slice) Marshal() string
- type UrlConfig
- func (config *UrlConfig) AddTypicalVal()
- func (config *UrlConfig) Decide(u *UrlProfile) string
- func (in *UrlConfig) DeepCopy() *UrlConfig
- func (in *UrlConfig) DeepCopyInto(out *UrlConfig)
- func (config *UrlConfig) Learn(p *UrlPile)
- func (config *UrlConfig) Marshal(depth int) string
- func (config *UrlConfig) Normalize()
- type UrlPile
- type UrlProfile
- type WsGate
Constants ¶
const ( SpaceSlot = iota // 32 ExclamationSlot // 33 DoubleQouteSlot // 34 NumberSlot // 35 DollarSlot // 36 PrecentSlot // 37 AmpersandSlot // 38 SingleQouteSlot // 39 RoundBrecketSlot // 40, 41 AsteriskSlot // 42 PlusSlot // 43 (10) CommaSlot // 44 MinusSlot // 45 PeriodSlot // 46 SlashSlot // 47 ColonSlot // 58 (15) SemiSlot // 59 LtGtSlot // 60, 62 EqualSlot //61 QuestionSlot // 63 AtSlot // 64 (20) BackslashSlot // 92 (21) SquareBrecketSlot // 91, 93 PowerSlot // 94 UnderscoreSlot // 95 AccentSlot // 96 PipeSlot // 124 (26) CurlyBrecketSlot // 123, 125 HomeSlot // 126 NonReadableCharSlot // 0-31, 127 (29) CommentsSlot HexSlot // (31) )
Slots and counters for AsciiDaya: 0-31 (32) nonReadableRCharCounter 32-47 (16) slots 0-15 respectivly 48-57 (10) digitCounter 58-64 (6) slots 16-22 65-90 (26) smallLetterCounter 91-96 (6) slots 23-28 97-122 (26) capitalLetterCounter 123-126 (4) slots 29-32 127 (1) nonReadableRCharCounter Slots: <SPACE> ! " # $ % & ' ( ) * + , - . / : ; < = > ? @ [ \ ] ^ _ ` { | } ~
0 1 2 3 4 5 6 7 8 8 9 0 1 2 3 4 5 6 7 8 7 9 0 1 2 1 3 4 5 6 7 6 9 0 1 2
Variables ¶
var ( // SchemeBuilder initializes a scheme builder SchemeBuilder = runtime.NewSchemeBuilder(addKnownTypes) // AddToScheme is a global function that registers this API group & version to a scheme AddToScheme = SchemeBuilder.AddToScheme )
var FlagName = map[int]string{ SpaceSlot: "Space", ExclamationSlot: "Exclamation", DoubleQouteSlot: "DoubleQoute", NumberSlot: "NumberSign", DollarSlot: "DollarSign", PrecentSlot: "PrecentSign", SingleQouteSlot: "SingleQoute", RoundBrecketSlot: "RoundBrecket", AsteriskSlot: "MultiplySign", PlusSlot: "PlusSign", AtSlot: "CommentSign", MinusSlot: "MinusSign", PeriodSlot: "DotSign", SlashSlot: "DivideSign", ColonSlot: "ColonSign", SemiSlot: "SemicolonSign", LtGtSlot: "Less/GreaterThanSign", EqualSlot: "EqualSign", QuestionSlot: "QuestionMark", CommaSlot: "CommaSign", SquareBrecketSlot: "SquareBrecket", BackslashSlot: "ReverseDivideSign", PowerSlot: "PowerSign", UnderscoreSlot: "UnderscoreSign", AccentSlot: "AccentSign", CurlyBrecketSlot: "CurlyBrecket", PipeSlot: "PipeSign", NonReadableCharSlot: "NonReadableChar", CommentsSlot: "CommentsCombination", HexSlot: "HexCombination", }
var SchemeGroupVersion = schema.GroupVersion{Group: wsecurity.GroupName, Version: "v1"}
SchemeGroupVersion is group version used to register these objects
Functions ¶
func AddToListFromSet ¶ added in v0.0.16
func AddToSetFromList ¶ added in v0.0.16
func Resource ¶
func Resource(resource string) schema.GroupResource
Resource takes an unqualified resource and returns a Group qualified GroupResource
Types ¶
type CidrSet ¶ added in v0.0.14
func GetCidrsFromIpList ¶ added in v0.0.16
func GetCidrsFromList ¶ added in v0.0.14
func (CidrSet) DeepCopy ¶ added in v0.0.14
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CidrSet.
func (CidrSet) DeepCopyInto ¶ added in v0.0.14
type Critiria ¶ added in v0.0.8
type Critiria struct { Req ReqConfig `json:"req"` // Request critiria for blocking/allowing Resp RespConfig `json:"resp"` // Response critiria for blocking/allowing Process ProcessConfig `json:"process"` // Processing critiria for blocking/allowing }
func (*Critiria) DeepCopy ¶ added in v0.0.8
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Critiria.
func (*Critiria) DeepCopyInto ¶ added in v0.0.8
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type Ctrl ¶ added in v0.0.8
type Ctrl struct { Consult bool `json:"consult"` // False means never consult guard, all decissions are local RequestsPerMinuete uint16 `json:"rpm"` // Maximum rpm allows for consulting guard Block bool `json:"block"` // If false, alert only Learn bool `json:"learn"` // If false, allowed piles are not processed Auto bool `json:"auto"` // If true, use learned critiria rather than configured critiria }
Decission process If request profile allowed by ReqConfig: - Main Critiria
<Allow> + Log and gather statistics
If Consult.Active and did not cross Consult.RequestsPerMinuete
If request profile allowed by Guard: - Secondary Critiria <Allow> + Log and gather statistics
Log and gather statistics about request not allowed If ForceAllow
<Allow> // used for example when ReqConfig is not ready
<Block>
func (*Ctrl) DeepCopy ¶ added in v0.0.8
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Ctrl.
func (*Ctrl) DeepCopyInto ¶ added in v0.0.8
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type Guardian ¶
type Guardian struct { metav1.TypeMeta `json:",inline"` metav1.ObjectMeta `json:"metadata,omitempty"` Spec *GuardianSpec `json:"spec"` }
Guardian is a specification for a Guaerdian resource
func (*Guardian) DeepCopy ¶
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Guardian.
func (*Guardian) DeepCopyInto ¶
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*Guardian) DeepCopyObject ¶
DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
type GuardianList ¶
type GuardianList struct { metav1.TypeMeta `json:",inline"` metav1.ListMeta `json:"metadata"` Items []Guardian `json:"items"` }
+k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object GuardianList is a list of Guaerdian resources
func (*GuardianList) DeepCopy ¶
func (in *GuardianList) DeepCopy() *GuardianList
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new GuardianList.
func (*GuardianList) DeepCopyInto ¶
func (in *GuardianList) DeepCopyInto(out *GuardianList)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*GuardianList) DeepCopyObject ¶
func (in *GuardianList) DeepCopyObject() runtime.Object
DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
type GuardianSpec ¶
type GuardianSpec WsGate
func (*GuardianSpec) DeepCopy ¶
func (in *GuardianSpec) DeepCopy() *GuardianSpec
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new GuardianSpec.
func (*GuardianSpec) DeepCopyInto ¶
func (in *GuardianSpec) DeepCopyInto(out *GuardianSpec)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type HeadersConfig ¶
type HeadersConfig struct {
Kv KeyValConfig `json:"kv"`
}
func (*HeadersConfig) AddTypicalVal ¶
func (config *HeadersConfig) AddTypicalVal()
Allow typical values - use for development but not in production
func (*HeadersConfig) Decide ¶
func (config *HeadersConfig) Decide(h *HeadersProfile) string
func (*HeadersConfig) DeepCopy ¶
func (in *HeadersConfig) DeepCopy() *HeadersConfig
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new HeadersConfig.
func (*HeadersConfig) DeepCopyInto ¶
func (in *HeadersConfig) DeepCopyInto(out *HeadersConfig)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*HeadersConfig) Learn ¶ added in v0.0.16
func (config *HeadersConfig) Learn(p *HeadersPile)
func (*HeadersConfig) Marshal ¶
func (config *HeadersConfig) Marshal(depth int) string
func (*HeadersConfig) Normalize ¶ added in v0.0.8
func (config *HeadersConfig) Normalize()
type HeadersPile ¶ added in v0.0.7
type HeadersPile struct {
Kv *KeyValPile `json:"kv"`
}
func (*HeadersPile) Add ¶ added in v0.0.7
func (p *HeadersPile) Add(h *HeadersProfile)
func (*HeadersPile) Append ¶ added in v0.0.16
func (p *HeadersPile) Append(a *HeadersPile)
func (*HeadersPile) Clear ¶ added in v0.0.12
func (p *HeadersPile) Clear()
func (*HeadersPile) DeepCopy ¶ added in v0.0.7
func (in *HeadersPile) DeepCopy() *HeadersPile
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new HeadersPile.
func (*HeadersPile) DeepCopyInto ¶ added in v0.0.7
func (in *HeadersPile) DeepCopyInto(out *HeadersPile)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*HeadersPile) Marshal ¶ added in v0.0.16
func (h *HeadersPile) Marshal(depth int) string
type HeadersProfile ¶
type HeadersProfile struct {
Kv *KeyValProfile `json:"kv"`
}
func (*HeadersProfile) DeepCopy ¶
func (in *HeadersProfile) DeepCopy() *HeadersProfile
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new HeadersProfile.
func (*HeadersProfile) DeepCopyInto ¶
func (in *HeadersProfile) DeepCopyInto(out *HeadersProfile)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*HeadersProfile) Marshal ¶ added in v0.0.8
func (h *HeadersProfile) Marshal(depth int) string
func (*HeadersProfile) Profile ¶
func (h *HeadersProfile) Profile(m map[string][]string)
type IpPile ¶ added in v0.0.12
type IpPile struct { List []string // contains filtered or unexported fields }
func (*IpPile) DeepCopy ¶ added in v0.0.12
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IpPile.
func (*IpPile) DeepCopyInto ¶ added in v0.0.12
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type IpSet ¶ added in v0.0.11
type IpSet struct {
// contains filtered or unexported fields
}
func IpSetFromIp ¶ added in v0.0.11
func IpSetFromProc ¶ added in v0.0.11
func (*IpSet) DeepCopy ¶ added in v0.0.11
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IpSet.
func (*IpSet) DeepCopyInto ¶ added in v0.0.11
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type KeyValConfig ¶
type KeyValConfig struct { Vals map[string]*SimpleValConfig `json:"vals"` // Profile the value of whitelisted keys //MinimalSet map[string]void `json:"minimalSet,omitempty"` // Mandatory keys //MinimalSet map[string]struct{} `json:"minimalSet,omitempty"` // Mandatory keys OtherVals *SimpleValConfig `json:"otherVals"` // Profile the values of other keys OtherKeynames *SimpleValConfig `json:"otherKeynames"` // Profile the keynames of other keys }
func (*KeyValConfig) Decide ¶
func (config *KeyValConfig) Decide(kvp *KeyValProfile) string
func (*KeyValConfig) DeepCopy ¶
func (in *KeyValConfig) DeepCopy() *KeyValConfig
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new KeyValConfig.
func (*KeyValConfig) DeepCopyInto ¶
func (in *KeyValConfig) DeepCopyInto(out *KeyValConfig)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*KeyValConfig) Describe ¶
func (config *KeyValConfig) Describe() string
func (*KeyValConfig) Learn ¶ added in v0.0.16
func (config *KeyValConfig) Learn(p *KeyValPile)
func (*KeyValConfig) Marshal ¶
func (config *KeyValConfig) Marshal(depth int) string
func (*KeyValConfig) Normalize ¶ added in v0.0.8
func (config *KeyValConfig) Normalize()
func (*KeyValConfig) SetMandatoryKeys ¶
func (config *KeyValConfig) SetMandatoryKeys(minimalSet []string)
Define which of the known keynames is mandatory (if any) Must call WhitelistKnownKeys before setting keys as Mandatory
func (*KeyValConfig) WhitelistByExample ¶
func (config *KeyValConfig) WhitelistByExample(k string, v string)
Allow keynames and their values based on examples Can be called multiple times to add examples for keynames or values Use this when the keynames are not known in advance Call multiple times to show the entire range of keynames and values When keys are known in advance, use WhitelistKnownKeys() instead
func (*KeyValConfig) WhitelistKnownKeys ¶
func (config *KeyValConfig) WhitelistKnownKeys(m map[string]string)
Allow a list of specific keys and an example of their values Can be called multiple times to add keys or to add examples for values Use this when the keynames are known in advance Call multiple times to show the entire range of values per key For keys not known in advance, use WhitelistByExample() instead
type KeyValPile ¶ added in v0.0.7
type KeyValPile struct {
Vals map[string]*SimpleValPile
}
func (*KeyValPile) Add ¶ added in v0.0.7
func (p *KeyValPile) Add(kv *KeyValProfile)
func (*KeyValPile) Append ¶ added in v0.0.16
func (p *KeyValPile) Append(a *KeyValPile)
func (*KeyValPile) Clear ¶ added in v0.0.12
func (p *KeyValPile) Clear()
func (*KeyValPile) DeepCopy ¶ added in v0.0.7
func (in *KeyValPile) DeepCopy() *KeyValPile
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new KeyValPile.
func (*KeyValPile) DeepCopyInto ¶ added in v0.0.7
func (in *KeyValPile) DeepCopyInto(out *KeyValPile)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*KeyValPile) Marshal ¶ added in v0.0.16
func (kvp *KeyValPile) Marshal(depth int) string
type KeyValProfile ¶
type KeyValProfile struct {
Vals map[string]*SimpleValProfile
}
func (*KeyValProfile) DeepCopy ¶
func (in *KeyValProfile) DeepCopy() *KeyValProfile
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new KeyValProfile.
func (*KeyValProfile) DeepCopyInto ¶
func (in *KeyValProfile) DeepCopyInto(out *KeyValProfile)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*KeyValProfile) Marshal ¶ added in v0.0.8
func (kvp *KeyValProfile) Marshal(depth int) string
func (*KeyValProfile) Profile ¶
func (kvp *KeyValProfile) Profile(m map[string][]string)
Profile a generic map of key vals where we expect: keys belonging to some contstant list of keys vals have some defined charactaristics
type Pile ¶ added in v0.0.12
type Pile struct { Req ReqPile Resp RespPile Process ProcessPile }
func (*Pile) DeepCopy ¶ added in v0.0.12
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Pile.
func (*Pile) DeepCopyInto ¶ added in v0.0.12
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*Pile) Pile ¶ added in v0.0.16
func (p *Pile) Pile(sp *SessionProfile)
type ProcessConfig ¶ added in v0.0.8
type ProcessConfig struct { ResponseTime U8MinmaxSlice `json:"responsetime"` CompletionTime U8MinmaxSlice `json:"completiontime"` Tcp4Peers []string `json:"tcp4peers"` // from /proc/net/tcp Udp4Peers []string `json:"udp4peers"` // from /proc/net/udp Udplite4Peers []string `json:"udplite4peers"` // from /proc/udpline Tcp6Peers []string `json:"tcp6peers"` // from /proc/net/tcp6 Udp6Peers []string `json:"udp6peers"` // from /proc/net/udp6 Udplite6Peers []string `json:"udplite6peers"` // from /proc/net/udpline6 // contains filtered or unexported fields }
func (*ProcessConfig) AddTypicalVal ¶ added in v0.0.8
func (config *ProcessConfig) AddTypicalVal()
Allow typical values - use for development but not in production
func (*ProcessConfig) Decide ¶ added in v0.0.8
func (config *ProcessConfig) Decide(pp *ProcessProfile) string
func (*ProcessConfig) DeepCopy ¶ added in v0.0.8
func (in *ProcessConfig) DeepCopy() *ProcessConfig
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ProcessConfig.
func (*ProcessConfig) DeepCopyInto ¶ added in v0.0.8
func (in *ProcessConfig) DeepCopyInto(out *ProcessConfig)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*ProcessConfig) Learn ¶ added in v0.0.16
func (config *ProcessConfig) Learn(p *ProcessPile)
func (*ProcessConfig) Marshal ¶ added in v0.0.8
func (config *ProcessConfig) Marshal(depth int) string
func (*ProcessConfig) Normalize ¶ added in v0.0.8
func (config *ProcessConfig) Normalize()
func (*ProcessConfig) Reconcile ¶ added in v0.0.14
func (config *ProcessConfig) Reconcile()
type ProcessPile ¶ added in v0.0.8
type ProcessPile struct { ResponseTime []uint8 `json:"responsetime"` CompletionTime []uint8 `json:"completiontime"` Tcp4Peers IpPile `json:"tcp4peers"` // from /proc/net/tcp Udp4Peers IpPile `json:"udp4peers"` // from /proc/net/udp Udplite4Peers IpPile `json:"udplite4peers"` // from /proc/udpline Tcp6Peers IpPile `json:"tcp6peers"` // from /proc/net/tcp6 Udp6Peers IpPile `json:"udp6peers"` // from /proc/net/udp6 Udplite6Peers IpPile `json:"udplite6peers"` // from /proc/net/udpline6 }
func (*ProcessPile) Add ¶ added in v0.0.12
func (p *ProcessPile) Add(pp *ProcessProfile)
func (*ProcessPile) Append ¶ added in v0.0.16
func (p *ProcessPile) Append(a *ProcessPile)
func (*ProcessPile) Clear ¶ added in v0.0.12
func (p *ProcessPile) Clear()
func (*ProcessPile) DeepCopy ¶ added in v0.0.8
func (in *ProcessPile) DeepCopy() *ProcessPile
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ProcessPile.
func (*ProcessPile) DeepCopyInto ¶ added in v0.0.8
func (in *ProcessPile) DeepCopyInto(out *ProcessPile)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*ProcessPile) Marshal ¶ added in v0.0.16
func (pp *ProcessPile) Marshal(depth int) string
type ProcessProfile ¶ added in v0.0.8
type ProcessProfile struct { ResponseTime uint8 `json:"responsetime"` CompletionTime uint8 `json:"completiontime"` // from local /proc/net (same net namespace) Tcp4Peers *IpSet `json:"tcp4peers"` // from /proc/net/tcp Udp4Peers *IpSet `json:"udp4peers"` // from /proc/net/udp Udplite4Peers *IpSet `json:"udplite4peers"` // from /proc/udpline Tcp6Peers *IpSet `json:"tcp6peers"` // from /proc/net/tcp6 Udp6Peers *IpSet `json:"udp6peers"` // from /proc/net/udp6 Udplite6Peers *IpSet `json:"udplite6peers"` // from /proc/net/udpline6 // The below requires sharing Process Namespace... ProcessCount uint32 `json:"processcount"` // from /proc/[1-9] - require ssh to container Processes []string `json:"processes"` // from /proc/*/cmdline - require ssh to container FdCount uint32 `json:"fdcount"` // from /proc/<PID>/fd - require ssh to container IoRchar KeyValProfile `json:"iorchar"` // from /proc/<PID>/io - cycled on 32 bits - require ssh to container IoWchar KeyValProfile `json:"iowchar"` // from /proc/<PID>/io - cycled on 32 bits - require ssh to container }
func (*ProcessProfile) DeepCopy ¶ added in v0.0.8
func (in *ProcessProfile) DeepCopy() *ProcessProfile
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ProcessProfile.
func (*ProcessProfile) DeepCopyInto ¶ added in v0.0.8
func (in *ProcessProfile) DeepCopyInto(out *ProcessProfile)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*ProcessProfile) Marshal ¶ added in v0.0.9
func (pp *ProcessProfile) Marshal(depth int) string
type QueryConfig ¶
type QueryConfig struct {
Kv KeyValConfig `json:"kv"`
}
func (*QueryConfig) AddTypicalVal ¶
func (config *QueryConfig) AddTypicalVal()
Allow typical query string values - use for development but not in production
func (*QueryConfig) Decide ¶
func (config *QueryConfig) Decide(q *QueryProfile) string
func (*QueryConfig) DeepCopy ¶
func (in *QueryConfig) DeepCopy() *QueryConfig
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new QueryConfig.
func (*QueryConfig) DeepCopyInto ¶
func (in *QueryConfig) DeepCopyInto(out *QueryConfig)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*QueryConfig) Learn ¶ added in v0.0.16
func (config *QueryConfig) Learn(p *QueryPile)
func (*QueryConfig) Marshal ¶
func (config *QueryConfig) Marshal(depth int) string
func (*QueryConfig) Normalize ¶ added in v0.0.8
func (config *QueryConfig) Normalize()
type QueryPile ¶ added in v0.0.7
type QueryPile struct {
Kv *KeyValPile `json:"kv"`
}
func (*QueryPile) Add ¶ added in v0.0.7
func (p *QueryPile) Add(q *QueryProfile)
func (*QueryPile) DeepCopy ¶ added in v0.0.7
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new QueryPile.
func (*QueryPile) DeepCopyInto ¶ added in v0.0.7
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type QueryProfile ¶
type QueryProfile struct {
Kv *KeyValProfile `json:"kv"`
}
func (*QueryProfile) DeepCopy ¶
func (in *QueryProfile) DeepCopy() *QueryProfile
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new QueryProfile.
func (*QueryProfile) DeepCopyInto ¶
func (in *QueryProfile) DeepCopyInto(out *QueryProfile)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*QueryProfile) Marshal ¶ added in v0.0.8
func (q *QueryProfile) Marshal(depth int) string
func (*QueryProfile) Profile ¶
func (q *QueryProfile) Profile(m map[string][]string)
type ReqConfig ¶
type ReqConfig struct { ClientIp []string `json:"cip"` // subnets for external IPs (normally empty) HopIp []string `json:"hopip"` // subnets for external IPs Method []string `json:"method"` // GET Proto []string `json:"proto"` // "HTTP/1.1" ContentLength U8MinmaxSlice `json:"contentlength"` // 0 Url UrlConfig `json:"url"` Qs QueryConfig `json:"qs"` Headers HeadersConfig `json:"headers"` // contains filtered or unexported fields }
func (*ReqConfig) AddTypicalVal ¶
func (config *ReqConfig) AddTypicalVal()
Allow typical values - use for development but not in production
func (*ReqConfig) Decide ¶
func (config *ReqConfig) Decide(rp *ReqProfile) string
func (*ReqConfig) DeepCopy ¶
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ReqConfig.
func (*ReqConfig) DeepCopyInto ¶
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type ReqPile ¶ added in v0.0.7
type ReqPile struct { ClientIp IpPile `json:"cip"` // 192.168.32.1 HopIp IpPile `json:"hopip"` // 1.2.3.4 Method Set `json:"method"` // GET Proto Set `json:"proto"` // "HTTP/1.1" ContentLength []uint8 `json:"contentlength"` // 0 Url UrlPile `json:"url"` Qs QueryPile `json:"qs"` Headers HeadersPile `json:"headers"` }
func (*ReqPile) Add ¶ added in v0.0.7
func (p *ReqPile) Add(rp *ReqProfile)
func (*ReqPile) DeepCopy ¶ added in v0.0.7
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ReqPile.
func (*ReqPile) DeepCopyInto ¶ added in v0.0.7
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type ReqProfile ¶
type ReqProfile struct { ClientIp *IpSet `json:"cip"` // 192.168.32.1 HopIp *IpSet `json:"hopip"` // 1.2.3.4 Method string `json:"method"` // GET Proto string `json:"proto"` // "HTTP/1.1" ContentLength uint8 `json:"contentlength"` // 0 Url *UrlProfile `json:"url"` Qs *QueryProfile `json:"qs"` Headers *HeadersProfile `json:"headers"` }
func (*ReqProfile) DeepCopy ¶
func (in *ReqProfile) DeepCopy() *ReqProfile
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ReqProfile.
func (*ReqProfile) DeepCopyInto ¶
func (in *ReqProfile) DeepCopyInto(out *ReqProfile)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*ReqProfile) Marshal ¶ added in v0.0.8
func (rp *ReqProfile) Marshal(depth int) string
type RespConfig ¶ added in v0.0.8
type RespConfig struct {
Headers HeadersConfig `json:"headers"`
}
func (*RespConfig) AddTypicalVal ¶ added in v0.0.8
func (config *RespConfig) AddTypicalVal()
Allow typical values - use for development but not in production
func (*RespConfig) Decide ¶ added in v0.0.8
func (config *RespConfig) Decide(rp *RespProfile) string
func (*RespConfig) DeepCopy ¶ added in v0.0.8
func (in *RespConfig) DeepCopy() *RespConfig
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RespConfig.
func (*RespConfig) DeepCopyInto ¶ added in v0.0.8
func (in *RespConfig) DeepCopyInto(out *RespConfig)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*RespConfig) Learn ¶ added in v0.0.16
func (config *RespConfig) Learn(p *RespPile)
func (*RespConfig) Marshal ¶ added in v0.0.8
func (config *RespConfig) Marshal(depth int) string
func (*RespConfig) Normalize ¶ added in v0.0.8
func (config *RespConfig) Normalize()
func (*RespConfig) Reconcile ¶ added in v0.0.14
func (config *RespConfig) Reconcile()
type RespPile ¶ added in v0.0.8
type RespPile struct {
Headers HeadersPile `json:"headers"`
}
func (*RespPile) Add ¶ added in v0.0.8
func (p *RespPile) Add(rp *RespProfile)
func (*RespPile) DeepCopy ¶ added in v0.0.8
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RespPile.
func (*RespPile) DeepCopyInto ¶ added in v0.0.8
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type RespProfile ¶ added in v0.0.8
type RespProfile struct {
Headers *HeadersProfile `json:"headers"`
}
func (*RespProfile) DeepCopy ¶ added in v0.0.9
func (in *RespProfile) DeepCopy() *RespProfile
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RespProfile.
func (*RespProfile) DeepCopyInto ¶ added in v0.0.9
func (in *RespProfile) DeepCopyInto(out *RespProfile)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*RespProfile) Marshal ¶ added in v0.0.8
func (rp *RespProfile) Marshal(depth int) string
func (*RespProfile) Profile ¶ added in v0.0.8
func (rp *RespProfile) Profile(resp *http.Response)
type SessionProfile ¶ added in v0.0.16
type SessionProfile struct { Alert bool ReqTime time.Time Req ReqProfile Resp RespProfile Process ProcessProfile }
func (*SessionProfile) DeepCopy ¶ added in v0.0.16
func (in *SessionProfile) DeepCopy() *SessionProfile
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SessionProfile.
func (*SessionProfile) DeepCopyInto ¶ added in v0.0.16
func (in *SessionProfile) DeepCopyInto(out *SessionProfile)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type Set ¶ added in v0.0.9
type Set struct { List []string // contains filtered or unexported fields }
func (*Set) DeepCopy ¶ added in v0.0.9
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Set.
func (*Set) DeepCopyInto ¶ added in v0.0.9
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type SimpleValConfig ¶
type SimpleValConfig struct { Flags uint32 `json:"flags"` NonReadables U8MinmaxSlice `json:"nonreadables"` Spaces U8MinmaxSlice `json:"spaces"` Unicodes U8MinmaxSlice `json:"unicodes"` Digits U8MinmaxSlice `json:"digits"` Letters U8MinmaxSlice `json:"letters"` SpecialChars U8MinmaxSlice `json:"schars"` Sequences U8MinmaxSlice `json:"sequences"` //Words U8MinmaxSlice `json:"words"` //Numbers U8MinmaxSlice `json:"numbers"` UnicodeFlags Uint32Slice `json:"unicodeFlags"` //[]uint32 Mandatory bool `json:"mandatory"` }
func NewSimpleValConfig ¶
func NewSimpleValConfig(spaces, unicodes, nonreadables, letters, digits, specialChars, sequences uint8) *SimpleValConfig
func (*SimpleValConfig) AddValExample ¶
func (config *SimpleValConfig) AddValExample(str string)
Allow generic value based on example (whitelisting) Call multiple times top present multiple examples
func (*SimpleValConfig) Decide ¶
func (config *SimpleValConfig) Decide(svp *SimpleValProfile) string
func (*SimpleValConfig) DeepCopy ¶
func (in *SimpleValConfig) DeepCopy() *SimpleValConfig
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SimpleValConfig.
func (*SimpleValConfig) DeepCopyInto ¶
func (in *SimpleValConfig) DeepCopyInto(out *SimpleValConfig)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*SimpleValConfig) Describe ¶
func (config *SimpleValConfig) Describe() string
func (*SimpleValConfig) Learn ¶ added in v0.0.16
func (config *SimpleValConfig) Learn(p *SimpleValPile)
func (*SimpleValConfig) Marshal ¶
func (config *SimpleValConfig) Marshal(depth int) string
func (*SimpleValConfig) NameFlags ¶
func (config *SimpleValConfig) NameFlags() string
func (*SimpleValConfig) Normalize ¶ added in v0.0.8
func (config *SimpleValConfig) Normalize()
type SimpleValPile ¶ added in v0.0.7
type SimpleValPile struct { Flags uint32 NonReadables []uint8 Spaces []uint8 Unicodes []uint8 Digits []uint8 Letters []uint8 SpecialChars []uint8 //Words []uint8 //Numbers []uint8 Sequences []uint8 UnicodeFlags Uint32Slice //[]uint32 }
func (*SimpleValPile) Add ¶ added in v0.0.7
func (p *SimpleValPile) Add(svp *SimpleValProfile)
func (*SimpleValPile) Append ¶ added in v0.0.16
func (p *SimpleValPile) Append(a *SimpleValPile)
func (*SimpleValPile) DeepCopy ¶ added in v0.0.7
func (in *SimpleValPile) DeepCopy() *SimpleValPile
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SimpleValPile.
func (*SimpleValPile) DeepCopyInto ¶ added in v0.0.7
func (in *SimpleValPile) DeepCopyInto(out *SimpleValPile)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*SimpleValPile) Marshal ¶ added in v0.0.16
func (svp *SimpleValPile) Marshal(depth int) string
type SimpleValProfile ¶
type SimpleValProfile struct { Flags uint32 NonReadables uint8 Spaces uint8 Unicodes uint8 Digits uint8 Letters uint8 SpecialChars uint8 //Words uint8 //Numbers uint8 Sequences uint8 UnicodeFlags Uint32Slice //[]uint32 }
func (*SimpleValProfile) DeepCopy ¶
func (in *SimpleValProfile) DeepCopy() *SimpleValProfile
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SimpleValProfile.
func (*SimpleValProfile) DeepCopyInto ¶
func (in *SimpleValProfile) DeepCopyInto(out *SimpleValProfile)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*SimpleValProfile) Describe ¶
func (svp *SimpleValProfile) Describe() string
func (*SimpleValProfile) Marshal ¶ added in v0.0.8
func (svp *SimpleValProfile) Marshal(depth int) string
func (*SimpleValProfile) NameFlags ¶
func (svp *SimpleValProfile) NameFlags() string
func (*SimpleValProfile) Profile ¶
func (svp *SimpleValProfile) Profile(str string)
Profile generic value where we expect: some short combination of chars mainly english letters and/or digits (ascii) potentially some small content of special chars typically no unicode
type U8Minmax ¶
func (*U8Minmax) DeepCopy ¶
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new U8Minmax.
func (*U8Minmax) DeepCopyInto ¶
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type U8MinmaxSlice ¶
type U8MinmaxSlice []U8Minmax
func (U8MinmaxSlice) AddValExample ¶
func (mms U8MinmaxSlice) AddValExample(v uint8) U8MinmaxSlice
func (U8MinmaxSlice) Decide ¶
func (mms U8MinmaxSlice) Decide(v uint8) string
func (U8MinmaxSlice) DeepCopy ¶
func (in U8MinmaxSlice) DeepCopy() U8MinmaxSlice
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new U8MinmaxSlice.
func (U8MinmaxSlice) DeepCopyInto ¶
func (in U8MinmaxSlice) DeepCopyInto(out *U8MinmaxSlice)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (U8MinmaxSlice) Describe ¶
func (mms U8MinmaxSlice) Describe() string
func (*U8MinmaxSlice) Learn ¶ added in v0.0.16
func (mms *U8MinmaxSlice) Learn(list []uint8)
func (U8MinmaxSlice) Marshal ¶
func (mms U8MinmaxSlice) Marshal() string
type Uint32Slice ¶ added in v0.0.7
type Uint32Slice []uint32
func (Uint32Slice) Add ¶ added in v0.0.7
func (base Uint32Slice) Add(val Uint32Slice) Uint32Slice
func (Uint32Slice) Decide ¶ added in v0.0.7
func (base Uint32Slice) Decide(val Uint32Slice) string
func (Uint32Slice) DeepCopy ¶ added in v0.0.7
func (in Uint32Slice) DeepCopy() Uint32Slice
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Uint32Slice.
func (Uint32Slice) DeepCopyInto ¶ added in v0.0.7
func (in Uint32Slice) DeepCopyInto(out *Uint32Slice)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (Uint32Slice) Describe ¶ added in v0.0.7
func (uint64Slice Uint32Slice) Describe() string
func (Uint32Slice) Marshal ¶ added in v0.0.7
func (uint64Slice Uint32Slice) Marshal() string
type UrlConfig ¶
type UrlConfig struct { Val SimpleValConfig `json:"val"` Segments U8MinmaxSlice `json:"segments"` }
func (*UrlConfig) AddTypicalVal ¶
func (config *UrlConfig) AddTypicalVal()
Allow typical URL values - use for development but not in production
func (*UrlConfig) Decide ¶
func (config *UrlConfig) Decide(u *UrlProfile) string
func (*UrlConfig) DeepCopy ¶
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new UrlConfig.
func (*UrlConfig) DeepCopyInto ¶
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type UrlPile ¶ added in v0.0.7
type UrlPile struct { Val *SimpleValPile `json:"val"` Segments []uint8 `json:"segments"` }
func (*UrlPile) Add ¶ added in v0.0.7
func (p *UrlPile) Add(u *UrlProfile)
func (*UrlPile) DeepCopy ¶ added in v0.0.7
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new UrlPile.
func (*UrlPile) DeepCopyInto ¶ added in v0.0.7
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type UrlProfile ¶
type UrlProfile struct { Scheme string `json:"scheme"` // http Val *SimpleValProfile `json:"val"` Segments uint8 `json:"segments"` }
func (*UrlProfile) DeepCopy ¶
func (in *UrlProfile) DeepCopy() *UrlProfile
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new UrlProfile.
func (*UrlProfile) DeepCopyInto ¶
func (in *UrlProfile) DeepCopyInto(out *UrlProfile)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*UrlProfile) Marshal ¶ added in v0.0.8
func (u *UrlProfile) Marshal(depth int) string
func (*UrlProfile) Profile ¶
func (u *UrlProfile) Profile(path string)
type WsGate ¶
type WsGate struct { Configured *Critiria `json:"configured"` // configrued critiria Learned []*Critiria `json:"learned,omitempty"` // Learned citiria Control Ctrl `json:"control"` // Control }
func (*WsGate) DeepCopy ¶
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new WsGate.
func (*WsGate) DeepCopyInto ¶
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.