intel

package
v0.4.8 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Jun 5, 2020 License: AGPL-3.0 Imports: 16 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

View Source
var (
	// Module of this package. Export needed for testing of the endpoints package.
	Module *modules.Module
)

Functions

func SetReverseResolver added in v0.4.0

func SetReverseResolver(fn func(ctx context.Context, ip string, securityLevel uint8) (domain string, err error))

SetReverseResolver allows the resolver module to register a function to allow reverse resolving IPs to domains.

Types

type Entity added in v0.4.0

type Entity struct {
	sync.Mutex

	// Protocol is the protcol number used by the connection.
	Protocol uint8

	// Port is the destination port of the connection
	Port uint16

	// Domain is the target domain of the connection.
	Domain string

	// CNAME is a list of domain names that have been
	// resolved for Domain.
	CNAME []string

	// IP is the IP address of the connection. If domain is
	// set, IP has been resolved by following all CNAMEs.
	IP net.IP

	// Country holds the country the IP address (ASN) is
	// located in.
	Country string

	// ASN holds the autonomous system number of the IP.
	ASN uint

	// BlockedByLists holds list source IDs that
	// are used to block the entity.
	BlockedByLists []string

	// BlockedEntities holds a list of entities that
	// have been blocked. Values can be used as a key
	// for the ListOccurences map.
	BlockedEntities []string

	// ListOccurences is a map that matches an entity (Domain, IPs, ASN, Country, Sub-domain)
	// to a list of sources where the entity has been observed in.
	ListOccurences map[string][]string
	// contains filtered or unexported fields
}

Entity describes a remote endpoint in many different ways. It embeddes a sync.Mutex but none of the endpoints own functions performs locking. The caller MUST ENSURE proper locking and synchronization when accessing any properties of Entity.

func (*Entity) CNAMECheckEnabled added in v0.4.1

func (e *Entity) CNAMECheckEnabled() bool

CNAMECheckEnabled returns true if the entities CNAMEs should also be checked.

func (*Entity) EnableCNAMECheck added in v0.4.1

func (e *Entity) EnableCNAMECheck(enabled bool)

EnableCNAMECheck enalbes or disables list lookups for entity CNAMEs.

func (*Entity) EnableReverseResolving added in v0.4.0

func (e *Entity) EnableReverseResolving()

EnableReverseResolving enables reverse resolving the domain from the IP on demand.

func (*Entity) FetchData added in v0.4.0

func (e *Entity) FetchData()

FetchData fetches additional information, meant to be called before persisting an entity record.

func (*Entity) GetASN added in v0.4.0

func (e *Entity) GetASN() (uint, bool)

GetASN returns the AS number and whether it is set.

func (*Entity) GetCountry added in v0.4.0

func (e *Entity) GetCountry() (string, bool)

GetCountry returns the two letter ISO country code and whether it is set.

func (*Entity) GetDomain added in v0.4.0

func (e *Entity) GetDomain() (string, bool)

GetDomain returns the domain and whether it is set.

func (*Entity) GetIP added in v0.4.0

func (e *Entity) GetIP() (net.IP, bool)

GetIP returns the IP and whether it is set.

func (*Entity) GetLocation added in v0.4.0

func (e *Entity) GetLocation() (*geoip.Location, bool)

GetLocation returns the raw location data and whether it is set.

func (*Entity) Init added in v0.4.0

func (e *Entity) Init() *Entity

Init initializes the internal state and returns the entity.

func (*Entity) ListBlockReason added in v0.4.1

func (e *Entity) ListBlockReason() ListBlockReason

ListBlockReason returns the block reason for this entity.

func (*Entity) LoadLists added in v0.4.1

func (e *Entity) LoadLists() bool

LoadLists searches all filterlists for all occurrences of this entity.

func (*Entity) MatchLists added in v0.4.1

func (e *Entity) MatchLists(lists []string) bool

MatchLists matches the entities lists against a slice of source IDs and updates various entity properties like BlockedByLists, ListOccurences and BlockedEntitites.

func (*Entity) ResetLists added in v0.4.0

func (e *Entity) ResetLists()

ResetLists resets the current list data and forces all list sources to be re-acquired when calling GetLists().

func (*Entity) ResolveSubDomainLists added in v0.4.0

func (e *Entity) ResolveSubDomainLists(enabled bool)

ResolveSubDomainLists enables or disables list lookups for sub-domains.

type ListBlockReason added in v0.4.1

type ListBlockReason []ListMatch

ListBlockReason is a list of list matches.

func (ListBlockReason) Context added in v0.4.1

func (br ListBlockReason) Context() interface{}

Context returns br wrapped into a map. It implements the endpoints.Reason interface.

func (ListBlockReason) GetExtraRR added in v0.4.2

func (br ListBlockReason) GetExtraRR(_ *dns.Msg, _ string, _ interface{}) []dns.RR

GetExtraRR implements the nsutil.RRProvider interface and adds additional TXT records justifying the reason the request was blocked.

func (ListBlockReason) MarshalJSON added in v0.4.1

func (br ListBlockReason) MarshalJSON() ([]byte, error)

MarshalJSON marshals the list block reason into a map prefixed with filterlists.

func (ListBlockReason) String added in v0.4.1

func (br ListBlockReason) String() string

type ListMatch added in v0.4.1

type ListMatch struct {
	Entity        string
	ActiveLists   []string
	InactiveLists []string
}

ListMatch represents an entity that has been matched against filterlists.

func (*ListMatch) String added in v0.4.1

func (lm *ListMatch) String() string

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL