Documentation ¶
Overview ¶
Watchdog is a module that helps to manage the access control based on rules
Index ¶
- Constants
- func GetRealAddr(r *http.Request) net.IP
- func GetUserAgent(r *http.Request) string
- type Blacklist
- type Geofence
- type GeofenceType
- type ResponseAction
- type ResponseCode
- type Rule
- type SetIntersection
- type Watchdog
- func (module *Watchdog) Allow(r *http.Request) bool
- func (module *Watchdog) Author() string
- func (module *Watchdog) CustomMovedPermanently(w http.ResponseWriter, r *http.Request, targetURL string)
- func (module *Watchdog) CustomResponse(response http.ResponseWriter, request *http.Request)
- func (module *Watchdog) Description() string
- func (module *Watchdog) Flush()
- func (module *Watchdog) MonitorRules()
- func (module *Watchdog) Name() string
- func (module *Watchdog) NginxNotFound(w http.ResponseWriter, r *http.Request)
- func (module *Watchdog) PrintRules()
- func (module *Watchdog) Prompt()
- func (module *Watchdog) PromptResponseAction()
- func (module *Watchdog) Reload()
- func (module *Watchdog) Save()
Constants ¶
const ( Name = "watchdog" Description = "A module that helps to manage the access control based on rules." Author = "NEMESIS" )
Variables ¶
This section is empty.
Functions ¶
func GetRealAddr ¶
GetRealAddr returns the IP address from an http.Request
func GetUserAgent ¶
GetUserAgent returns the User-Agent string from an http.Request
Types ¶
type Blacklist ¶
type Blacklist struct {
List []*Rule
}
Blacklist is a list of Rules
func ParseRules ¶
ParseRules parses a raw blacklist (text) and returns a Blacklist struct.
Match All [*] (Useful for creating a whitelist) Match IP [e.g. 203.0.113.6 or 2001:db8::68] Match IP Network [e.g.: 192.0.2.0/24 or ::1/128] Match Hostname [e.g. crawl-66-249-66-1.googlebot.com] Match Hostname RegExp [e.g.: ~ .*\.cox\.net] Match Geofence [e.g.: @ 39.377297 -74.451082 (7km)] or [ @ Country:IT ] or [ @ City:Rome ]
func (*Blacklist) Concatenate ¶
Concatenate combines a list of Rules to the Blacklist
type Geofence ¶
type Geofence struct { Type GeofenceType Field string Value string Latitude, Longitude, Radius float64 }
Geofence represents a point on the Earth with an accuracy radius in meters.
func (*Geofence) Intersection ¶
func (mi *Geofence) Intersection(tu *Geofence) (i SetIntersection)
Intersection describes the relationship between two geofences
type GeofenceType ¶
type GeofenceType string
const ( Location GeofenceType = "Location" Parameter = "Parameter" )
type ResponseAction ¶
type ResponseAction struct { Code ResponseCode // Optional parameters TargetURL string }
ResponseAction contains actions to perform after a block
type ResponseCode ¶
type ResponseCode string
type Rule ¶
type Rule struct { Raw string All bool Negation bool IP net.IP Network *net.IPNet Hostname string Regexp string Geofence *Geofence UserAgent string }
Rule is a structure that represents the rules of a blacklist
type SetIntersection ¶
type SetIntersection uint
SetIntersection is a description of the relationship between two sets.
const ( // IsDisjoint means that the two sets have no common elements. IsDisjoint SetIntersection = 1 << iota // IsSubset means the first set is a subset of the second. IsSubset // IsSuperset means the second set is a subset of the first. IsSuperset )
type Watchdog ¶
type Watchdog struct { session.SessionModule Enabled bool Dynamic bool Raw string Rules Blacklist RulesFilePath string GeoDB *geoip2.Reader GeoDBFilePath string Action ResponseAction }
Watchdog module
func (*Watchdog) Allow ¶
Allow decides whether the Blacklist permits the selected IP address. func (module *Watchdog) Allow(ip net.IP) bool {
func (*Watchdog) CustomMovedPermanently ¶
func (module *Watchdog) CustomMovedPermanently(w http.ResponseWriter, r *http.Request, targetURL string)
CustomMovedPermanently redirects to targetURL page with 301 response header
func (*Watchdog) CustomResponse ¶
func (module *Watchdog) CustomResponse(response http.ResponseWriter, request *http.Request)
BlockRequest takes action and send the visitor to a chosen destination, i.e. blocks or trolls him
func (*Watchdog) Description ¶
Description returns the module description
func (*Watchdog) MonitorRules ¶
func (module *Watchdog) MonitorRules()
MonitorRules starts a watcher to monitor changes to file containing blacklist rules.
func (*Watchdog) NginxNotFound ¶
func (module *Watchdog) NginxNotFound(w http.ResponseWriter, r *http.Request)
NginxNotFound replies with a 404 page similar to nginx server
func (*Watchdog) PrintRules ¶
func (module *Watchdog) PrintRules()
PrintRules pretty prints the list of active rules
func (*Watchdog) Prompt ¶
func (module *Watchdog) Prompt()
Prompt prints module status based on the provided parameters
func (*Watchdog) PromptResponseAction ¶
func (module *Watchdog) PromptResponseAction()
PromptResponseAction allows to setup the response actions using the interactive prompt