nap

package
v2.39.0 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Nov 7, 2024 License: Apache-2.0 Imports: 16 Imported by: 0

Documentation

Index

Constants

View Source
const (
	NAP_VERSION_FILE         = "/opt/app_protect/VERSION"
	NAP_RELEASE_FILE         = "/opt/app_protect/RELEASE"
	BD_SOCKET_PLUGIN_PROCESS = "bd-socket-plugin"

	// TODO: Rather than using the update yaml files for attack signatures and threat
	// campaigns we should use the version files. We're currently using the update files
	// to determine the versions because the version files for attack signatures and threat
	// campaigns are write protected files this means when we do a "purge" on the packages
	// the packages seem to be removed but their version files are not. This causes an issue
	// because we rely on the version files existing or not existing to determine if those
	// packages are installed and get the versions. This means when the packages are removed
	// but version files aren't then we're reporting back that these packages are installed and
	// report their versions.
	// ATTACK_SIGNATURE_VERSION_FILE = "/opt/app_protect/var/update_files/signatures/version"
	// THREAT_CAMPAIGN_VERSION_FILE  = "/opt/app_protect/var/update_files/threat_campaigns/version"
	ATTACK_SIGNATURES_UPDATE_FILE = "/opt/app_protect/var/update_files/signatures/signature_update.yaml"
	THREAT_CAMPAIGNS_UPDATE_FILE  = "/opt/app_protect/var/update_files/threat_campaigns/threat_campaign_update.yaml"

	APP_PROTECT_METADATA_FILE_PATH = "/etc/nms/app_protect_metadata.json"
)
View Source
const (
	FILE_NOT_FOUND                      = "the following file could not be found - %s"
	UNABLE_TO_MATCH_NAP_BUILD_VERSION   = "Couldn't match the NAP build version (%s) to a supported NAP release..."
	UNABLE_TO_FIND_RELEASE_VERSION_INFO = "Unable to find NAP release info for supplied NAP release version - %s"
	UNSUPPORTED_NAP_RELEASE_VERSION     = "The supplied release version (%s) is not within the supported release versions - %v"
)
View Source
const (
	DefaultOptNAPDir      = "/opt/app_protect"
	DefaultNMSCompilerDir = "/opt/nms-nap-compiler"
)

Variables

This section is empty.

Functions

func SetPackageLoggingValues

func SetPackageLoggingValues(output io.Writer, level logrus.Level)

SetPackageLoggingValues sets the values of the logging done within this package to the values of the parameters passed in.

func UpdateMetadata added in v2.22.0

func UpdateMetadata(
	cfg *proto.NginxConfig,
	appProtectWAFDetails *proto.AppProtectWAFDetails,
	ignoreDirectives []string,
) error

UpdateMetadata retrieves the NAP content from the config and writes the metadata

Types

type BundleMetadata added in v2.20.0

type BundleMetadata struct {
	Name              string `json:"name"`
	UID               string `json:"uid,omitempty"`
	RevisionTimestamp int64  `json:"revisionTimestamp,omitempty"`
}

type Metadata added in v2.20.0

type Metadata struct {
	NapVersion                       string            `json:"napVersion"`
	NapRelease                       string            `json:"napRelease"`
	PrecompiledPublication           bool              `json:"precompiledPublication"`
	GlobalStateFileName              string            `json:"globalStateFileName,omitempty"`
	GlobalStateFileUID               string            `json:"globalStateFileUID,omitempty"`
	AttackSignatureRevisionTimestamp string            `json:"attackSignatureRevisionTimestamp,omitempty"`
	AttackSignatureUID               string            `json:"attackSignatureUID,omitempty"`
	ThreatCampaignRevisionTimestamp  string            `json:"threatCampaignRevisionTimestamp,omitempty"`
	ThreatCampaignUID                string            `json:"threatCampaignUID,omitempty"`
	Policies                         []*BundleMetadata `json:"policyMetadata,omitempty"`
	Profiles                         []*BundleMetadata `json:"logProfileMetadata,omitempty"`
}

type NAPRelease

type NAPRelease struct {
	NAPPackages           NAPReleasePackages   `json:"nap-packages,omitempty"`
	NAPCompilerPackages   NAPReleasePackages   `json:"nap-compiler-packages,omitempty"`
	NAPEnginePackages     NAPReleasePackages   `json:"nap-engine-packages,omitempty"`
	NAPPluginPackages     NAPReleasePackages   `json:"nap-plugin-packages,omitempty"`
	NAPPlusModulePackages NAPReleasePackages   `json:"nap-plus-module-packages,omitempty"`
	VersioningDetails     NAPVersioningDetails `json:"versioning-details,omitempty"`
}

NAPRelease captures information like specific packages and versions for a specific NAP release.

func ReleaseUnmappedBuild added in v2.20.0

func ReleaseUnmappedBuild(version, release string) NAPRelease

type NAPReleaseMap

type NAPReleaseMap struct {
	ReleaseMap map[string]NAPRelease `json:"releases"`
}

NAPReleaseMap is a mapping object meant to capture a specific NAP Release version as the key and NAP Release information as the value.

type NAPReleasePackages

type NAPReleasePackages struct {
	Alpine310    string `json:"alpine-3.10,omitempty"`
	AmazonLinux2 string `json:"amazon-linux-2,omitempty"`
	Centos7      string `json:"centos-7,omitempty"`
	Debian9      string `json:"debian-9,omitempty"`
	Debian10     string `json:"debian-10,omitempty"`
	Redhat7      string `json:"redhat-7,omitempty"`
	Redhat8      string `json:"redhat-8,omitempty"`
	Ubuntu1804   string `json:"ubuntu-18.04,omitempty"`
	Ubuntu2004   string `json:"ubuntu-20.04,omitempty"`
}

NAPReleasePackages represents the package needed on a specific OS from the supported OSs for a specific release package.

type NAPReport

type NAPReport struct {
	Status                  string
	NAPVersion              string
	NAPRelease              string
	AttackSignaturesVersion string
	ThreatCampaignsVersion  string
}

NAPReport is a collection of information on the current systems NAP details.

type NAPReportBundle

type NAPReportBundle struct {
	PreviousReport NAPReport
	UpdatedReport  NAPReport
}

NAPReportBundle is meant to capture the NAPReport before an update has occurred on NAP as well as capture the NAPReport after an update has occurred on NAP.

type NAPVersioningDetails

type NAPVersioningDetails struct {
	NAPBuild      string `json:"nap-build,omitempty"`
	NAPCompiler   string `json:"nap-compiler,omitempty"`
	NAPEngine     string `json:"nap-engine,omitempty"`
	NAPPlugin     string `json:"nap-plugin,omitempty"`
	NAPPlusModule string `json:"nap-plus-module,omitempty"`
	NAPRelease    string `json:"nap-release"`
	NginxPlus     string `json:"nginx-plus,omitempty"`
	NAPVersion    string `json:"nap-version"`
}

NAPVersioningDetails provides the version information for packages related to NAP.

type NginxAppProtect

type NginxAppProtect struct {
	Status                  string
	Release                 NAPRelease
	AttackSignaturesVersion string
	ThreatCampaignsVersion  string
	// contains filtered or unexported fields
}

NginxAppProtect is the object representation of Nginx App Protect, it contains information related to the Nginx App Protect on the system.

func NewNginxAppProtect

func NewNginxAppProtect(optDirPath, symLinkDir string) (*NginxAppProtect, error)

NewNginxAppProtect returns the object NginxAppProtect, which contains information related to the Nginx App Protect installed on the system. If Nginx App Protect is NOT installed on the system then a NginxAppProtect object is still returned, the status field will be set as MISSING and all other fields will be blank.

func (*NginxAppProtect) GenerateNAPReport

func (nap *NginxAppProtect) GenerateNAPReport() NAPReport

GenerateNAPReport generates a NAPReport based off the NAP object calling this function. This means the report contains the values from the NAP object which COULD be different from the current system NAP values if the NAP object that called this function has NOT called the Monitor function that is responsible for updating its values to be in sync with the current system NAP values.

func (*NginxAppProtect) Monitor

func (nap *NginxAppProtect) Monitor(ctx context.Context, pollInterval time.Duration) chan NAPReportBundle

Monitor starts a goroutine responsible for monitoring the system for any NAP related changes and communicates those changes with a report message sent via the channel this function returns. Additionally, if any changes are detected the NAP object that called this monitoring function will have its attributes updated to the new changes. Here are examples of NAP changes that would be detected and communicated:

  • NAP installed/version changed
  • NAP started running
  • NAP stopped running
  • NAP version changed
  • Attack signature installed/version changed
  • Threat campaign installed/version changed

type Status

type Status int

Status is an Enum that represents the status of NAP.

const (
	UNDEFINED Status = iota
	MISSING
	INSTALLED
	RUNNING
)

Enums for Status

func (Status) String

func (s Status) String() string

String get the string representation of the enum

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL