models

package

v0.0.0-...-0740fd7 Latest Latest Go to latest Published: Jun 1, 2021 License: MIT Imports: 14 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/motikan2010/guardian

Documentation ¶

Index ¶

Variables
func InitConfig()
func InitConfigFile(cnfFile string)
type Action
- func (a *Action) ExecuteTransformation(variableData interface{}) interface{}
type Config
type DisruptiveAction
- func GetDisruptiveAction(action string) DisruptiveAction
- func (action DisruptiveAction) ToString() string
type FirewallRule
type HTTPLog
- func NewHTTPLog() *HTTPLog
- func (h *HTTPLog) Build(target *Target, request *http.Request, response *http.Response) *HTTPLog
- func (h *HTTPLog) NoResponse() *HTTPLog
- func (h *HTTPLog) OriginRequestEnd() *HTTPLog
- func (h *HTTPLog) OriginRequestStart() *HTTPLog
- func (h *HTTPLog) RequestRulesExecutionEnd() *HTTPLog
- func (h *HTTPLog) ResponseRulesExecutionEnd() *HTTPLog
- func (h *HTTPLog) ResponseRulesExecutionStart() *HTTPLog
type IPRateLimiter
- func NewIPRateLimiter(r rate.Limit, b int) *IPRateLimiter
- func (i *IPRateLimiter) AddIP(ip string) *rate.Limiter
- func (i *IPRateLimiter) GetLimiter(ip string) *rate.Limiter
- func (i *IPRateLimiter) GetLimiterIP(ip string) *rate.Limiter
- func (i *IPRateLimiter) IsAllowed(ip string) bool
type LogAction
type Operator
type Phase
type Rule
- func NewRule(variables []*Variable, operators *Operator, action *Action, chain *Rule) *Rule
- func (rule *Rule) ExecuteRule(variableData interface{}) *matches.MatchResult
- func (rule *Rule) ShouldBlock() bool
type RuleExecutionResult
type Target
type Variable
- func (variable *Variable) ShouldPassCheck(value string) bool

Constants ¶

This section is empty.

Variables ¶

View Source

var RulesCollection map[int][]*Rule

RulesCollection Rules collection

Functions ¶

func InitConfig ¶

func InitConfig()

InitConfig ...

func InitConfigFile ¶

func InitConfigFile(cnfFile string)

InitConfigFile initializes the config file

Types ¶

type Action ¶

type Action struct {
	ID               string
	Phase            Phase
	Transformations  []string
	DisruptiveAction DisruptiveAction
	LogAction        LogAction
}

Action definition for Rules

func (*Action) ExecuteTransformation ¶

func (a *Action) ExecuteTransformation(variableData interface{}) interface{}

ExecuteTransformation transformation function executer

type Config ¶

type Config struct {
	ConnectionString string `json:"connectionString"`
	RateLimitSec     int    `json:"rateLimitSec"`
	RateLimitBurst   int    `json:"rateLimitBurst"`
}

Config Application settings

var Configuration Config

Configuration ...

type DisruptiveAction ¶

type DisruptiveAction uint8

DisruptiveAction WAF Disruptive action

const (
	//DisruptiveActionPass Pass
	DisruptiveActionPass DisruptiveAction = iota
	//DisruptiveActionBlock Blocks
	DisruptiveActionBlock
	//DisruptiveActionDrop Drop
	DisruptiveActionDrop
	//DisruptiveActionDeny Deny
	DisruptiveActionDeny
	//DisruptiveActionProxy Proxy(WTF)
	DisruptiveActionProxy
)

func GetDisruptiveAction ¶

func GetDisruptiveAction(action string) DisruptiveAction

GetDisruptiveAction Gets the waf action with given action string

func (DisruptiveAction) ToString ¶

func (action DisruptiveAction) ToString() string

ToString for waf action

type FirewallRule ¶

type FirewallRule struct {
	ID         string
	Expression string
	Action     int
}

FirewallRule The firewall rule

type HTTPLog ¶

type HTTPLog struct {
	TargetID                  string
	RequestURI                string
	StatusCode                int
	RequestRulesCheckElapsed  int64
	ResponseRulesCheckElapsed int64
	HTTPElapsed               int64
	RequestSize               int64
	ResponseSize              int64
	// contains filtered or unexported fields
}

HTTPLog represents http log

func NewHTTPLog ¶

func NewHTTPLog() *HTTPLog

NewHTTPLog inits HTTP log

func (*HTTPLog) Build ¶

func (h *HTTPLog) Build(target *Target, request *http.Request, response *http.Response) *HTTPLog

Build Fills HTTP Log

func (*HTTPLog) NoResponse ¶

func (h *HTTPLog) NoResponse() *HTTPLog

NoResponse handles when no response

func (*HTTPLog) OriginRequestEnd ¶

func (h *HTTPLog) OriginRequestEnd() *HTTPLog

OriginRequestEnd Origin request execution time measure ender

func (*HTTPLog) OriginRequestStart ¶

func (h *HTTPLog) OriginRequestStart() *HTTPLog

OriginRequestStart Origin request time measure starter

func (*HTTPLog) RequestRulesExecutionEnd ¶

func (h *HTTPLog) RequestRulesExecutionEnd() *HTTPLog

RequestRulesExecutionEnd Calculates the time for execution of rules

func (*HTTPLog) ResponseRulesExecutionEnd ¶

func (h *HTTPLog) ResponseRulesExecutionEnd() *HTTPLog

ResponseRulesExecutionEnd Response execution time measure ender

func (*HTTPLog) ResponseRulesExecutionStart ¶

func (h *HTTPLog) ResponseRulesExecutionStart() *HTTPLog

ResponseRulesExecutionStart Response execution time measure starter

type IPRateLimiter ¶

type IPRateLimiter struct {
	// contains filtered or unexported fields
}

IPRateLimiter .

func NewIPRateLimiter ¶

func NewIPRateLimiter(r rate.Limit, b int) *IPRateLimiter

NewIPRateLimiter .

func (*IPRateLimiter) AddIP ¶

func (i *IPRateLimiter) AddIP(ip string) *rate.Limiter

AddIP creates a new rate limiter and adds it to the ips map, using the IP address as the key

func (*IPRateLimiter) GetLimiter ¶

func (i *IPRateLimiter) GetLimiter(ip string) *rate.Limiter

GetLimiter returns the rate limiter for the provided IP address if it exists. Otherwise calls AddIP to add IP address to the map

func (*IPRateLimiter) GetLimiterIP ¶

func (i *IPRateLimiter) GetLimiterIP(ip string) *rate.Limiter

GetLimiterIP splits given address and returns the limiter belongs to that ip address.

func (*IPRateLimiter) IsAllowed ¶

func (i *IPRateLimiter) IsAllowed(ip string) bool

IsAllowed splits given ip string and checks is ip address allowed to go

type LogAction ¶

type LogAction uint8

LogAction Log action

const (
	//LogActionLog Log
	LogActionLog LogAction = iota
	//LogActionNoLog No log
	LogActionNoLog
)

type Operator ¶

type Operator struct {
	Func              string
	Expression        string
	OperatorIsNotType bool
}

Operator definition for a rule

type Phase ¶

type Phase uint8

Phase WAF Rule check phase

const (
	//Phase1 First
	Phase1 Phase = iota
	//Phase2 Second
	Phase2
	//Phase3 Third
	Phase3
	//Phase4 Fourth
	Phase4
)

type Rule ¶

type Rule struct {
	Variables []*Variable
	Operator  *Operator
	Action    *Action
	Chain     *Rule
}

Rule the rule model

func NewRule ¶

func NewRule(variables []*Variable, operators *Operator, action *Action, chain *Rule) *Rule

NewRule Inits a rule

func (*Rule) ExecuteRule ¶

func (rule *Rule) ExecuteRule(variableData interface{}) *matches.MatchResult

ExecuteRule Executes rule and returns match result

func (*Rule) ShouldBlock ¶

func (rule *Rule) ShouldBlock() bool

ShouldBlock Determines whether rule is blocking action

type RuleExecutionResult ¶

type RuleExecutionResult struct {
	MatchResult *matches.MatchResult
	Rule        *Rule
}

RuleExecutionResult the result object

type Target ¶

type Target struct {
	ID              string
	Domain          string
	OriginIPAddress string
	CertKey         sql.NullString
	CertCrt         sql.NullString
	AutoCert        bool
	UseHTTPS        bool
	WAFEnabled      bool
	Proto           int
}

Target The target type

type Variable ¶

type Variable struct {
	Name                     string
	Filter                   []string
	FilterIsNotType          bool
	LengthCheckForCollection bool
}

Variable definition for a rule

func (*Variable) ShouldPassCheck ¶

func (variable *Variable) ShouldPassCheck(value string) bool

ShouldPassCheck Variable filter

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL