rules

package
v0.0.0-...-a0757f8 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Jan 22, 2024 License: GPL-3.0 Imports: 10 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func HasNoResolve

func HasNoResolve(params []string) bool

func ParseRule

func ParseRule(tp, payload, target string, params []string) (C.Rule, error)

Types

type Domain

type Domain struct {
	// contains filtered or unexported fields
}

func NewDomain

func NewDomain(domain string, adapter string) *Domain

func (*Domain) Adapter

func (d *Domain) Adapter() string

func (*Domain) Match

func (d *Domain) Match(metadata *C.Metadata) bool

func (*Domain) Payload

func (d *Domain) Payload() string

func (*Domain) RuleType

func (d *Domain) RuleType() C.RuleType

func (*Domain) ShouldFindProcess

func (d *Domain) ShouldFindProcess() bool

func (*Domain) ShouldResolveIP

func (d *Domain) ShouldResolveIP() bool

type DomainKeyword

type DomainKeyword struct {
	// contains filtered or unexported fields
}

func NewDomainKeyword

func NewDomainKeyword(keyword string, adapter string) *DomainKeyword

func (*DomainKeyword) Adapter

func (dk *DomainKeyword) Adapter() string

func (*DomainKeyword) Match

func (dk *DomainKeyword) Match(metadata *C.Metadata) bool

func (*DomainKeyword) Payload

func (dk *DomainKeyword) Payload() string

func (*DomainKeyword) RuleType

func (dk *DomainKeyword) RuleType() C.RuleType

func (*DomainKeyword) ShouldFindProcess

func (dk *DomainKeyword) ShouldFindProcess() bool

func (*DomainKeyword) ShouldResolveIP

func (dk *DomainKeyword) ShouldResolveIP() bool

type DomainSuffix

type DomainSuffix struct {
	// contains filtered or unexported fields
}

func NewDomainSuffix

func NewDomainSuffix(suffix string, adapter string) *DomainSuffix

func (*DomainSuffix) Adapter

func (ds *DomainSuffix) Adapter() string

func (*DomainSuffix) Match

func (ds *DomainSuffix) Match(metadata *C.Metadata) bool

func (*DomainSuffix) Payload

func (ds *DomainSuffix) Payload() string

func (*DomainSuffix) RuleType

func (ds *DomainSuffix) RuleType() C.RuleType

func (*DomainSuffix) ShouldFindProcess

func (ds *DomainSuffix) ShouldFindProcess() bool

func (*DomainSuffix) ShouldResolveIP

func (ds *DomainSuffix) ShouldResolveIP() bool

type GEOIP

type GEOIP struct {
	// contains filtered or unexported fields
}

func NewGEOIP

func NewGEOIP(country string, adapter string, noResolveIP bool) *GEOIP

func (*GEOIP) Adapter

func (g *GEOIP) Adapter() string

func (*GEOIP) Match

func (g *GEOIP) Match(metadata *C.Metadata) bool

func (*GEOIP) Payload

func (g *GEOIP) Payload() string

func (*GEOIP) RuleType

func (g *GEOIP) RuleType() C.RuleType

func (*GEOIP) ShouldFindProcess

func (g *GEOIP) ShouldFindProcess() bool

func (*GEOIP) ShouldResolveIP

func (g *GEOIP) ShouldResolveIP() bool

type IPCIDR

type IPCIDR struct {
	// contains filtered or unexported fields
}

func NewIPCIDR

func NewIPCIDR(s string, adapter string, opts ...IPCIDROption) (*IPCIDR, error)

func (*IPCIDR) Adapter

func (i *IPCIDR) Adapter() string

func (*IPCIDR) Match

func (i *IPCIDR) Match(metadata *C.Metadata) bool

func (*IPCIDR) Payload

func (i *IPCIDR) Payload() string

func (*IPCIDR) RuleType

func (i *IPCIDR) RuleType() C.RuleType

func (*IPCIDR) ShouldFindProcess

func (i *IPCIDR) ShouldFindProcess() bool

func (*IPCIDR) ShouldResolveIP

func (i *IPCIDR) ShouldResolveIP() bool

type IPCIDROption

type IPCIDROption func(*IPCIDR)

func WithIPCIDRNoResolve

func WithIPCIDRNoResolve(noResolve bool) IPCIDROption

func WithIPCIDRSourceIP

func WithIPCIDRSourceIP(b bool) IPCIDROption

type IPSet

type IPSet struct {
	// contains filtered or unexported fields
}

func NewIPSet

func NewIPSet(name string, adapter string, noResolveIP bool) (*IPSet, error)

func (*IPSet) Adapter

func (f *IPSet) Adapter() string

func (*IPSet) Match

func (f *IPSet) Match(metadata *C.Metadata) bool

func (*IPSet) Payload

func (f *IPSet) Payload() string

func (*IPSet) RuleType

func (f *IPSet) RuleType() C.RuleType

func (*IPSet) ShouldFindProcess

func (f *IPSet) ShouldFindProcess() bool

func (*IPSet) ShouldResolveIP

func (f *IPSet) ShouldResolveIP() bool

type Match

type Match struct {
	// contains filtered or unexported fields
}

func NewMatch

func NewMatch(adapter string) *Match

func (*Match) Adapter

func (f *Match) Adapter() string

func (*Match) Match

func (f *Match) Match(metadata *C.Metadata) bool

func (*Match) Payload

func (f *Match) Payload() string

func (*Match) RuleType

func (f *Match) RuleType() C.RuleType

func (*Match) ShouldFindProcess

func (f *Match) ShouldFindProcess() bool

func (*Match) ShouldResolveIP

func (f *Match) ShouldResolveIP() bool

type Port

type Port struct {
	// contains filtered or unexported fields
}

func NewPort

func NewPort(port string, adapter string, portType PortType) (*Port, error)

func (*Port) Adapter

func (p *Port) Adapter() string

func (*Port) Match

func (p *Port) Match(metadata *C.Metadata) bool

func (*Port) Payload

func (p *Port) Payload() string

func (*Port) RuleType

func (p *Port) RuleType() C.RuleType

func (*Port) ShouldFindProcess

func (p *Port) ShouldFindProcess() bool

func (*Port) ShouldResolveIP

func (p *Port) ShouldResolveIP() bool

type PortType

type PortType int
const (
	PortTypeSrc PortType = iota
	PortTypeDest
	PortTypeInbound
)

type Process

type Process struct {
	// contains filtered or unexported fields
}

func NewProcess

func NewProcess(process string, adapter string, nameOnly bool) (*Process, error)

func (*Process) Adapter

func (ps *Process) Adapter() string

func (*Process) Match

func (ps *Process) Match(metadata *C.Metadata) bool

func (*Process) Payload

func (ps *Process) Payload() string

func (*Process) RuleType

func (ps *Process) RuleType() C.RuleType

func (*Process) ShouldFindProcess

func (ps *Process) ShouldFindProcess() bool

func (*Process) ShouldResolveIP

func (ps *Process) ShouldResolveIP() bool

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL