Documentation ¶
Index ¶
- Constants
- Variables
- type LayeredProfile
- func (lp *LayeredProfile) AddEndpoint(newEntry string)
- func (lp *LayeredProfile) AddServiceEndpoint(newEntry string)
- func (lp *LayeredProfile) DefaultAction() uint8
- func (lp *LayeredProfile) MarkUsed()
- func (lp *LayeredProfile) MatchEndpoint(entity *intel.Entity) (endpoints.EPResult, endpoints.Reason)
- func (lp *LayeredProfile) MatchFilterLists(entity *intel.Entity) (endpoints.EPResult, endpoints.Reason)
- func (lp *LayeredProfile) MatchServiceEndpoint(entity *intel.Entity) (endpoints.EPResult, endpoints.Reason)
- func (lp *LayeredProfile) SecurityLevel() uint8
- func (lp *LayeredProfile) Update() (revisionCounter uint64)
- type Profile
- func EnsureProfile(r record.Record) (*Profile, error)
- func FindOrCreateLocalProfileByPath(fullPath string) (profile *Profile, new bool, err error)
- func GetProfile(source, id string) (*Profile, error)
- func GetProfileByScopedID(scopedID string) (*Profile, error)
- func GetSystemProfile() *Profile
- func GetUnidentifiedProfile() *Profile
- func New() *Profile
Constants ¶
const ( SourceLocal string = "local" // local, editable SourceSpecial string = "special" // specials (read-only) SourceCommunity string = "community" SourceEnterprise string = "enterprise" )
Profile Sources
const ( DefaultActionNotSet uint8 = 0 DefaultActionBlock uint8 = 1 DefaultActionAsk uint8 = 2 DefaultActionPermit uint8 = 3 )
Default Action IDs
Variables ¶
var ( CfgOptionDefaultActionKey = "filter/defaultAction" CfgOptionDisableAutoPermitKey = "filter/disableAutoPermit" CfgOptionEndpointsKey = "filter/endpoints" CfgOptionServiceEndpointsKey = "filter/serviceEndpoints" CfgOptionFilterListKey = "filter/lists" CfgOptionFilterSubDomainsKey = "filter/includeSubdomains" CfgOptionFilterCNAMEKey = "filter/includeCNAMEs" CfgOptionBlockScopeLocalKey = "filter/blockLocal" CfgOptionBlockScopeLANKey = "filter/blockLAN" CfgOptionBlockScopeInternetKey = "filter/blockInternet" CfgOptionBlockP2PKey = "filter/blockP2P" CfgOptionBlockInboundKey = "filter/blockInbound" CfgOptionEnforceSPNKey = "filter/enforceSPN" CfgOptionRemoveOutOfScopeDNSKey = "filter/removeOutOfScopeDNS" CfgOptionRemoveBlockedDNSKey = "filter/removeBlockedDNS" CfgOptionPreventBypassingKey = "filter/preventBypassing" )
Configuration Keys
Functions ¶
This section is empty.
Types ¶
type LayeredProfile ¶ added in v0.4.0
type LayeredProfile struct { DisableAutoPermit config.BoolOption BlockScopeLocal config.BoolOption BlockScopeLAN config.BoolOption BlockScopeInternet config.BoolOption BlockP2P config.BoolOption BlockInbound config.BoolOption EnforceSPN config.BoolOption RemoveOutOfScopeDNS config.BoolOption RemoveBlockedDNS config.BoolOption FilterSubDomains config.BoolOption FilterCNAMEs config.BoolOption PreventBypassing config.BoolOption // contains filtered or unexported fields }
LayeredProfile combines multiple Profiles.
func NewLayeredProfile ¶ added in v0.4.0
func NewLayeredProfile(localProfile *Profile) *LayeredProfile
NewLayeredProfile returns a new layered profile based on the given local profile.
func (*LayeredProfile) AddEndpoint ¶ added in v0.4.0
func (lp *LayeredProfile) AddEndpoint(newEntry string)
AddEndpoint adds an endpoint to the local endpoint list, saves the local profile and reloads the configuration.
func (*LayeredProfile) AddServiceEndpoint ¶ added in v0.4.0
func (lp *LayeredProfile) AddServiceEndpoint(newEntry string)
AddServiceEndpoint adds a service endpoint to the local endpoint list, saves the local profile and reloads the configuration.
func (*LayeredProfile) DefaultAction ¶ added in v0.4.0
func (lp *LayeredProfile) DefaultAction() uint8
DefaultAction returns the active default action ID.
func (*LayeredProfile) MarkUsed ¶ added in v0.4.1
func (lp *LayeredProfile) MarkUsed()
MarkUsed marks the localProfile as used.
func (*LayeredProfile) MatchEndpoint ¶ added in v0.4.0
func (lp *LayeredProfile) MatchEndpoint(entity *intel.Entity) (endpoints.EPResult, endpoints.Reason)
MatchEndpoint checks if the given endpoint matches an entry in any of the profiles.
func (*LayeredProfile) MatchFilterLists ¶ added in v0.4.0
func (lp *LayeredProfile) MatchFilterLists(entity *intel.Entity) (endpoints.EPResult, endpoints.Reason)
MatchFilterLists matches the entity against the set of filter lists.
func (*LayeredProfile) MatchServiceEndpoint ¶ added in v0.4.0
func (lp *LayeredProfile) MatchServiceEndpoint(entity *intel.Entity) (endpoints.EPResult, endpoints.Reason)
MatchServiceEndpoint checks if the given endpoint of an inbound connection matches an entry in any of the profiles.
func (*LayeredProfile) SecurityLevel ¶ added in v0.4.0
func (lp *LayeredProfile) SecurityLevel() uint8
SecurityLevel returns the highest security level of all layered profiles.
func (*LayeredProfile) Update ¶ added in v0.4.0
func (lp *LayeredProfile) Update() (revisionCounter uint64)
Update checks for updated profiles and replaces any outdated profiles.
type Profile ¶
type Profile struct { record.Base sync.Mutex // Identity ID string Source string // App Information Name string Description string Homepage string // Icon is a path to the icon and is either prefixed "f:" for filepath, "d:" for a database path or "e:" for the encoded data. Icon string // References - local profiles only // LinkedPath is a filesystem path to the executable this profile was created for. LinkedPath string // LinkedProfiles is a list of other profiles LinkedProfiles []string // Configuration // The mininum security level to apply to connections made with this profile SecurityLevel uint8 Config map[string]interface{} // When this Profile was approximately last used. // For performance reasons not every single usage is saved. ApproxLastUsed int64 Created int64 // contains filtered or unexported fields }
Profile is used to predefine a security profile for applications.
func EnsureProfile ¶
EnsureProfile ensures that the given record is a *Profile, and returns it.
func FindOrCreateLocalProfileByPath ¶ added in v0.4.0
FindOrCreateLocalProfileByPath returns an existing or new profile for the given application path.
func GetProfile ¶ added in v0.4.0
GetProfile loads a profile from the database.
func GetProfileByScopedID ¶ added in v0.4.0
GetProfileByScopedID loads a profile from the database using a scoped ID like "local/id" or "community/id".
func GetSystemProfile ¶ added in v0.4.1
func GetSystemProfile() *Profile
GetSystemProfile returns the special profile used for the Kernel.
func GetUnidentifiedProfile ¶ added in v0.4.1
func GetUnidentifiedProfile() *Profile
GetUnidentifiedProfile returns the special profile assigned to unidentified processes.
func (*Profile) AddEndpoint ¶ added in v0.4.0
AddEndpoint adds an endpoint to the endpoint list, saves the profile and reloads the configuration.
func (*Profile) AddServiceEndpoint ¶ added in v0.4.0
AddServiceEndpoint adds a service endpoint to the endpoint list, saves the profile and reloads the configuration.
func (*Profile) MarkUsed ¶
func (profile *Profile) MarkUsed()
MarkUsed marks the profile as used and saves it when it has changed.