intel

package
v1.0.1 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Nov 10, 2022 License: AGPL-3.0 Imports: 17 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

View Source
var Module *modules.Module

Module of this package. Export needed for testing of the endpoints package.

Functions

func SetReverseResolver added in v0.4.0

func SetReverseResolver(fn func(ctx context.Context, ip string, securityLevel uint8) (domain string, err error))

SetReverseResolver allows the resolver module to register a function to allow reverse resolving IPs to domains.

Types

type Entity added in v0.4.0

type Entity struct {
	sync.Mutex

	// Protocol is the protcol number used by the connection.
	Protocol uint8

	// Port is the remote port of the connection
	Port uint16

	// Domain is the target domain of the connection.
	Domain string

	// ReverseDomain is the domain the IP address points to. This is only
	// resolved and populated when needed.
	ReverseDomain string

	// CNAME is a list of domain names that have been
	// resolved for Domain.
	CNAME []string

	// IP is the IP address of the connection. If domain is
	// set, IP has been resolved by following all CNAMEs.
	IP net.IP

	// IPScope holds the network scope of the IP.
	IPScope netutils.IPScope

	// Country holds the country the IP address (ASN) is
	// located in.
	Country string

	// Coordinates holds the approximate coordinates of the IP address.
	Coordinates *geoip.Coordinates

	// ASN holds the autonomous system number of the IP.
	ASN uint

	// ASOrg holds the owner's name of the autonomous system.
	ASOrg string

	// LocationError holds an error message if fetching the location failed.
	LocationError string

	// BlockedByLists holds list source IDs that
	// are used to block the entity.
	BlockedByLists []string

	// BlockedEntities holds a list of entities that
	// have been blocked. Values can be used as a key
	// for the ListOccurences map.
	BlockedEntities []string

	// ListOccurences is a map that matches an entity (Domain, IPs, ASN, Country, Sub-domain)
	// to a list of sources where the entity has been observed in.
	ListOccurences map[string][]string

	// ListsError holds an error message if fetching the lists failed.
	ListsError string
	// contains filtered or unexported fields
}

Entity describes a remote endpoint in many different ways. It embeddes a sync.Mutex but none of the endpoints own functions performs locking. The caller MUST ENSURE proper locking and synchronization when accessing any properties of Entity.

func (*Entity) CNAMECheckEnabled added in v0.4.1

func (e *Entity) CNAMECheckEnabled() bool

CNAMECheckEnabled returns true if the entities CNAMEs should also be checked.

func (*Entity) DstPort added in v0.6.0

func (e *Entity) DstPort() uint16

DstPort returns the destination port.

func (*Entity) EnableCNAMECheck added in v0.4.1

func (e *Entity) EnableCNAMECheck(ctx context.Context, enabled bool)

EnableCNAMECheck enalbes or disables list lookups for entity CNAMEs.

func (*Entity) EnableReverseResolving added in v0.4.0

func (e *Entity) EnableReverseResolving()

EnableReverseResolving enables reverse resolving the domain from the IP on demand.

func (*Entity) FetchData added in v0.4.0

func (e *Entity) FetchData(ctx context.Context)

FetchData fetches additional information, meant to be called before persisting an entity record.

func (*Entity) GetASN added in v0.4.0

func (e *Entity) GetASN(ctx context.Context) (uint, bool)

GetASN returns the AS number and whether it is set.

func (*Entity) GetCountry added in v0.4.0

func (e *Entity) GetCountry(ctx context.Context) (string, bool)

GetCountry returns the two letter ISO country code and whether it is set.

func (*Entity) GetDomain added in v0.4.0

func (e *Entity) GetDomain(ctx context.Context, mayUseReverseDomain bool) (string, bool)

GetDomain returns the domain and whether it is set.

func (*Entity) GetIP added in v0.4.0

func (e *Entity) GetIP() (net.IP, bool)

GetIP returns the IP and whether it is set.

func (*Entity) GetLocation added in v0.4.0

func (e *Entity) GetLocation(ctx context.Context) (*geoip.Location, bool)

GetLocation returns the raw location data and whether it is set.

func (*Entity) Init added in v0.4.0

func (e *Entity) Init() *Entity

Init initializes the internal state and returns the entity.

func (*Entity) ListBlockReason added in v0.4.1

func (e *Entity) ListBlockReason() ListBlockReason

ListBlockReason returns the block reason for this entity.

func (*Entity) LoadLists added in v0.4.1

func (e *Entity) LoadLists(ctx context.Context)

LoadLists searches all filterlists for all occurrences of this entity.

func (*Entity) MatchLists added in v0.4.1

func (e *Entity) MatchLists(lists []string) bool

MatchLists matches the entities lists against a slice of source IDs and updates various entity properties like BlockedByLists, ListOccurences and BlockedEntitites.

func (*Entity) ResetLists added in v0.4.0

func (e *Entity) ResetLists()

ResetLists resets the current list data and forces all list sources to be re-acquired when calling GetLists().

func (*Entity) ResolveSubDomainLists added in v0.4.0

func (e *Entity) ResolveSubDomainLists(ctx context.Context, enabled bool)

ResolveSubDomainLists enables or disables list lookups for sub-domains.

func (*Entity) SetDstPort added in v0.6.0

func (e *Entity) SetDstPort(dstPort uint16)

SetDstPort sets the destination port.

func (*Entity) SetIP added in v0.6.7

func (e *Entity) SetIP(ip net.IP)

SetIP sets the IP address together with its network scope.

type ListBlockReason added in v0.4.1

type ListBlockReason []ListMatch

ListBlockReason is a list of list matches.

func (ListBlockReason) Context added in v0.4.1

func (br ListBlockReason) Context() interface{}

Context returns br wrapped into a map. It implements the endpoints.Reason interface.

func (ListBlockReason) GetExtraRRs added in v0.5.5

func (br ListBlockReason) GetExtraRRs(ctx context.Context, _ *dns.Msg) []dns.RR

GetExtraRRs implements the nsutil.RRProvider interface and adds additional TXT records justifying the reason the request was blocked.

func (ListBlockReason) MarshalJSON added in v0.4.1

func (br ListBlockReason) MarshalJSON() ([]byte, error)

MarshalJSON marshals the list block reason into a map prefixed with filterlists.

func (ListBlockReason) String added in v0.4.1

func (br ListBlockReason) String() string

type ListMatch added in v0.4.1

type ListMatch struct {
	Entity        string
	ActiveLists   []string
	InactiveLists []string
}

ListMatch represents an entity that has been matched against filterlists.

func (*ListMatch) String added in v0.4.1

func (lm *ListMatch) String() string

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL