Documentation ¶
Index ¶
- Constants
- func SetPackageLoggingValues(output io.Writer, level logrus.Level)
- func UpdateMetadata(cfg *proto.NginxConfig, appProtectWAFDetails *proto.AppProtectWAFDetails, ...) error
- type BundleMetadata
- type Metadata
- type NAPRelease
- type NAPReleaseMap
- type NAPReleasePackages
- type NAPReport
- type NAPReportBundle
- type NAPVersioningDetails
- type NginxAppProtect
- type Status
Constants ¶
const ( NAP_VERSION_FILE = "/opt/app_protect/VERSION" BD_SOCKET_PLUGIN_PATH = "/usr/share/ts/bin/bd-socket-plugin" BD_SOCKET_PLUGIN_PROCESS = "bd-socket-plugin" // TODO: Rather than using the update yaml files for attack signatures and threat // campaigns we should use the version files. We're currently using the update files // to determine the versions because the version files for attack signatures and threat // campaigns are write protected files this means when we do a "purge" on the packages // the packages seem to be removed but their version files are not. This causes an issue // because we rely on the version files existing or not existing to determine if those // packages are installed and get the versions. This means when the packages are removed // but version files aren't then we're reporting back that these packages are installed and // report their versions. // ATTACK_SIGNATURE_VERSION_FILE = "/opt/app_protect/var/update_files/signatures/version" // THREAT_CAMPAIGN_VERSION_FILE = "/opt/app_protect/var/update_files/threat_campaigns/version" ATTACK_SIGNATURES_UPDATE_FILE = "/opt/app_protect/var/update_files/signatures/signature_update.yaml" THREAT_CAMPAIGNS_UPDATE_FILE = "/opt/app_protect/var/update_files/threat_campaigns/threat_campaign_update.yaml" APP_PROTECT_METADATA_FILE_PATH = "/etc/nms/app_protect_metadata.json" )
const ( FILE_NOT_FOUND = "the following file could not be found - %s" UNABLE_TO_MATCH_NAP_BUILD_VERSION = "Couldn't match the NAP build version (%s) to a supported NAP release..." UNABLE_TO_FIND_RELEASE_VERSION_INFO = "Unable to find NAP release info for supplied NAP release version - %s" UNSUPPORTED_NAP_RELEASE_VERSION = "The supplied release version (%s) is not within the supported release versions - %v" )
const ( DefaultOptNAPDir = "/opt/app_protect" DefaultNMSCompilerDir = "/opt/nms-nap-compiler" )
Variables ¶
This section is empty.
Functions ¶
func SetPackageLoggingValues ¶
SetPackageLoggingValues sets the values of the logging done within this package to the values of the parameters passed in.
func UpdateMetadata ¶ added in v2.22.0
func UpdateMetadata( cfg *proto.NginxConfig, appProtectWAFDetails *proto.AppProtectWAFDetails, ignoreDirectives []string, ) error
UpdateMetadata retrieves the NAP content from the config and writes the metadata
Types ¶
type BundleMetadata ¶ added in v2.20.0
type Metadata ¶ added in v2.20.0
type Metadata struct { NapVersion string `json:"napVersion"` PrecompiledPublication bool `json:"precompiledPublication"` GlobalStateFileName string `json:"globalStateFileName,omitempty"` GlobalStateFileUID string `json:"globalStateFileUID,omitempty"` AttackSignatureRevisionTimestamp string `json:"attackSignatureRevisionTimestamp,omitempty"` AttackSignatureUID string `json:"attackSignatureUID,omitempty"` ThreatCampaignRevisionTimestamp string `json:"threatCampaignRevisionTimestamp,omitempty"` ThreatCampaignUID string `json:"threatCampaignUID,omitempty"` Policies []*BundleMetadata `json:"policyMetadata,omitempty"` Profiles []*BundleMetadata `json:"logProfileMetadata,omitempty"` }
type NAPRelease ¶
type NAPRelease struct { NAPPackages NAPReleasePackages `json:"nap-packages,omitempty"` NAPCompilerPackages NAPReleasePackages `json:"nap-compiler-packages,omitempty"` NAPEnginePackages NAPReleasePackages `json:"nap-engine-packages,omitempty"` NAPPluginPackages NAPReleasePackages `json:"nap-plugin-packages,omitempty"` NAPPlusModulePackages NAPReleasePackages `json:"nap-plus-module-packages,omitempty"` VersioningDetails NAPVersioningDetails `json:"versioning-details,omitempty"` }
NAPRelease captures information like specific packages and versions for a specific NAP release.
func ReleaseUnmappedBuild ¶ added in v2.20.0
func ReleaseUnmappedBuild(buildVersion string) NAPRelease
type NAPReleaseMap ¶
type NAPReleaseMap struct {
ReleaseMap map[string]NAPRelease `json:"releases"`
}
NAPReleaseMap is a mapping object meant to capture a specific NAP Release version as the key and NAP Release information as the value.
type NAPReleasePackages ¶
type NAPReleasePackages struct { Alpine310 string `json:"alpine-3.10,omitempty"` AmazonLinux2 string `json:"amazon-linux-2,omitempty"` Centos7 string `json:"centos-7,omitempty"` Debian9 string `json:"debian-9,omitempty"` Debian10 string `json:"debian-10,omitempty"` Redhat7 string `json:"redhat-7,omitempty"` Redhat8 string `json:"redhat-8,omitempty"` Ubuntu1804 string `json:"ubuntu-18.04,omitempty"` Ubuntu2004 string `json:"ubuntu-20.04,omitempty"` }
NAPReleasePackages represents the package needed on a specific OS from the supported OSs for a specific release package.
type NAPReport ¶
type NAPReport struct { Status string NAPVersion string AttackSignaturesVersion string ThreatCampaignsVersion string }
NAPReport is a collection of information on the current systems NAP details.
type NAPReportBundle ¶
NAPReportBundle is meant to capture the NAPReport before an update has occurred on NAP as well as capture the NAPReport after an update has occurred on NAP.
type NAPVersioningDetails ¶
type NAPVersioningDetails struct { NAPBuild string `json:"nap-build,omitempty"` NAPCompiler string `json:"nap-compiler,omitempty"` NAPEngine string `json:"nap-engine,omitempty"` NAPPlugin string `json:"nap-plugin,omitempty"` NAPPlusModule string `json:"nap-plus-module,omitempty"` NAPRelease string `json:"nap-release"` NginxPlus string `json:"nginx-plus,omitempty"` }
NAPVersioningDetails provides the version information for packages related to NAP.
type NginxAppProtect ¶
type NginxAppProtect struct { Status string Release NAPRelease AttackSignaturesVersion string ThreatCampaignsVersion string // contains filtered or unexported fields }
NginxAppProtect is the object representation of Nginx App Protect, it contains information related to the Nginx App Protect on the system.
func NewNginxAppProtect ¶
func NewNginxAppProtect(optDirPath, symLinkDir string) (*NginxAppProtect, error)
NewNginxAppProtect returns the object NginxAppProtect, which contains information related to the Nginx App Protect installed on the system. If Nginx App Protect is NOT installed on the system then a NginxAppProtect object is still returned, the status field will be set as MISSING and all other fields will be blank.
func (*NginxAppProtect) GenerateNAPReport ¶
func (nap *NginxAppProtect) GenerateNAPReport() NAPReport
GenerateNAPReport generates a NAPReport based off the NAP object calling this function. This means the report contains the values from the NAP object which COULD be different from the current system NAP values if the NAP object that called this function has NOT called the Monitor function that is responsible for updating its values to be in sync with the current system NAP values.
func (*NginxAppProtect) Monitor ¶
func (nap *NginxAppProtect) Monitor(pollInterval time.Duration) chan NAPReportBundle
Monitor starts a goroutine responsible for monitoring the system for any NAP related changes and communicates those changes with a report message sent via the channel this function returns. Additionally, if any changes are detected the NAP object that called this monitoring function will have its attributes updated to the new changes. Here are examples of NAP changes that would be detected and communicated:
- NAP installed/version changed
- NAP started running
- NAP stopped running
- NAP version changed
- Attack signature installed/version changed
- Threat campaign installed/version changed