config

package
v0.18.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Dec 6, 2024 License: MIT Imports: 7 Imported by: 0

Documentation

Index

Constants

View Source 
const (
	DefaultEnableHTTP           = true
	DefaultEnableHTTPS          = true
	DefaultEnableSSH            = true
	DefaultEnableThreatFeed     = true
	DefaultPortHTTP             = "8080"
	DefaultPortHTTPS            = "8443"
	DefaultPortSSH              = "2222"
	DefaultPortThreatFeed       = "9000"
	DefaultThreatExpiryHours    = 336
	DefaultThreatDatabasePath   = "deceptifeed-database.csv"
	DefaultThreatIncludePrivate = true
	DefaultLogPath              = "deceptifeed-log.txt"
	DefaultHomePagePath         = ""
	DefaultCertPathHTTPS        = "deceptifeed-https.crt"
	DefaultKeyPathHTTPS         = "deceptifeed-https.key"
	DefaultKeyPathSSH           = "deceptifeed-ssh.key"
	DefaultBannerSSH            = "SSH-2.0-OpenSSH_9.3 FreeBSD-20230316" // SSH banner for FreeBSD 13.2
)

This block of constants defines the default application settings when no configuration file is provided.

Variables

This section is empty.

Functions

func GetHostIP 

func GetHostIP() string

GetHostIP returns the local IP address of the system, defaulting to "127.0.0.1" if it cannot be determined. If there is more than one active IP address on the system, only the first found is returned.

func GetHostname 

func GetHostname() string

GetHostname returns the system's hostname, defaulting to "localhost" if it cannot be determined.

Types

type Config 

type Config struct {
	LogPath    string     `xml:"defaultLogPath"`
	Servers    []Server   `xml:"honeypotServers>server"`
	ThreatFeed ThreatFeed `xml:"threatFeed"`
}

Config holds the configuration settings for the application. It contains the logger, settings for managing a threat feed, and the collection of honeypot servers that are configured to run.

func Load 

func Load(filename string) (*Config, error)

Load reads an optional XML configuration file and unmarshals its contents into a Config struct. Any errors encountered opening or decoding the file are returned. When decoding is successful, the populated Config struct is returned.

func (*Config) CloseLogFiles 

func (c *Config) CloseLogFiles()

CloseLogFiles closes all open log file handles for the servers. This function should be called when the application is shutting down.

func (*Config) InitializeLoggers 

func (c *Config) InitializeLoggers() error

InitializeLoggers creates structured loggers for each server. It opens log files using the server's specified log path, defaulting to the global log path if none is provided.

type Prompt 

type Prompt struct {
	Text string `xml:",chardata"`
	Log  string `xml:"log,attr"`
}

Prompt represents a text prompt that can be displayed to connecting clients when using the TCP-type honeypot server. Each prompt waits for input and logs the response. A Server can include multiple prompts which are displayed one at a time. The optional Log field gives a description when logging the response.

type Rule added in v0.16.0 

type Rule struct {
	Target  string `xml:"target,attr"`
	Pattern string `xml:",chardata"`
	Negate  bool   `xml:"negate,attr"`
}

type Rules added in v0.16.0 

type Rules struct {
	Include []Rule `xml:"include"`
	Exclude []Rule `xml:"exclude"`
}

type Server 

type Server struct {
	Type             ServerType `xml:"type,attr"`
	Enabled          bool       `xml:"enabled"`
	Port             string     `xml:"port"`
	CertPath         string     `xml:"certPath"`
	KeyPath          string     `xml:"keyPath"`
	HomePagePath     string     `xml:"homePagePath"`
	ErrorPagePath    string     `xml:"errorPagePath"`
	Banner           string     `xml:"banner"`
	Headers          []string   `xml:"headers>header"`
	Prompts          []Prompt   `xml:"prompts>prompt"`
	SendToThreatFeed bool       `xml:"sendToThreatFeed"`
	ThreatScore      int        `xml:"threatScore"`
	Rules            Rules      `xml:"rules"`
	SourceIPHeader   string     `xml:"sourceIpHeader"`
	LogPath          string     `xml:"logPath"`
	LogEnabled       bool       `xml:"logEnabled"`
	LogFile          *os.File
	Logger           *slog.Logger
}

Server represents a honeypot server with its relevant settings.

type ServerType 

type ServerType int

ServerType represents the different types of honeypot servers that can be deployed. Each type has its own specific handlers and behavior. 

const (
	HTTP ServerType = iota
	HTTPS
	SSH
	TCP
	UDP
)

func (ServerType) String 

func (t ServerType) String() string

String returns a string represenation of ServerType.

func (*ServerType) UnmarshalXMLAttr 

func (t *ServerType) UnmarshalXMLAttr(attr xml.Attr) error

UnmarshalXMLAttr unmarshals the XML 'type' attribute from 'server' elements into a ServerType.

Example XML snippet: <server type="http"><enabled>true</enabled></server>

type ThreatFeed 

type ThreatFeed struct {
	Enabled            bool   `xml:"enabled"`
	Port               string `xml:"port"`
	DatabasePath       string `xml:"databasePath"`
	ExpiryHours        int    `xml:"threatExpiryHours"`
	IsPrivateIncluded  bool   `xml:"includePrivateIPs"`
	MinimumThreatScore int    `xml:"minimumThreatScore"`
	CustomThreatsPath  string `xml:"customThreatsPath"`
	ExcludeListPath    string `xml:"excludeListPath"`
}

ThreatFeed represents an optional HTTP server that serves a list of IP addresses observed interacting with your honeypot servers. This server outputs data in a format compatible with most enterprise firewalls, which can be configured to automatically block communication with IP addresses appearing in the threat feed.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.