endpoints

package
v0.7.19 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Jan 26, 2022 License: AGPL-3.0 Imports: 9 Imported by: 0

Documentation

Index

Constants

View Source
const (
	EndpointListIP               = "ip"
	EndpointListAsn              = "asn"
	EndpointListCountry          = "country"
	EndpointListDomain           = "domain"
	EndpointListIPRange          = "iprange"
	EndpointListLists            = "lists"
	EndpointListScopes           = "scopes"
	EndpointListProtocolAndPorts = "protocol-port"
)

Allowed values for the EndpointListAnnotation.

View Source
const DisplayHintEndpointList = "endpoint list"

DisplayHintEndpointList marks an option as an endpoint list option. It's meant to be used with DisplayHintAnnotation.

View Source
const EndpointListAnnotation = "safing/portmaster:ui:endpoint-list"

EndpointListAnnotation is the annotation identifier used in configuration options to hint the UI on available endpoint list types. If configured, only the specified set of entities is allowed to be used. The value is expected to be a single string or []string. If this annotation is missing, all values are expected to be allowed.

Variables

This section is empty.

Functions

func IsDecision added in v0.4.1

func IsDecision(result EPResult) bool

IsDecision returns true if result represents a decision and false if result is NoMatch or Undeterminable.

Types

type EPResult

type EPResult uint8

EPResult represents the result of a check against an EndpointPermission

const (
	NoMatch EPResult = iota
	MatchError
	Denied
	Permitted
)

Endpoint matching return values

func (EPResult) String

func (epr EPResult) String() string

type Endpoint

type Endpoint interface {
	Matches(ctx context.Context, entity *intel.Entity) (EPResult, Reason)
	String() string
}

Endpoint describes an Endpoint Matcher

type EndpointASN

type EndpointASN struct {
	EndpointBase

	ASN uint
}

EndpointASN matches ASNs.

func (*EndpointASN) Matches

func (ep *EndpointASN) Matches(ctx context.Context, entity *intel.Entity) (EPResult, Reason)

Matches checks whether the given entity matches this endpoint definition.

func (*EndpointASN) String

func (ep *EndpointASN) String() string

type EndpointAny

type EndpointAny struct {
	EndpointBase
}

EndpointAny matches anything.

func (*EndpointAny) Matches

func (ep *EndpointAny) Matches(_ context.Context, entity *intel.Entity) (EPResult, Reason)

Matches checks whether the given entity matches this endpoint definition.

func (*EndpointAny) String

func (ep *EndpointAny) String() string

type EndpointBase

type EndpointBase struct {
	Protocol  uint8
	StartPort uint16
	EndPort   uint16

	Permitted bool
}

EndpointBase provides general functions for implementing an Endpoint to reduce boilerplate.

type EndpointCountry

type EndpointCountry struct {
	EndpointBase

	Country string
}

EndpointCountry matches countries.

func (*EndpointCountry) Matches

func (ep *EndpointCountry) Matches(ctx context.Context, entity *intel.Entity) (EPResult, Reason)

Matches checks whether the given entity matches this endpoint definition.

func (*EndpointCountry) String

func (ep *EndpointCountry) String() string

type EndpointDomain

type EndpointDomain struct {
	EndpointBase

	OriginalValue string
	Domain        string
	DomainZone    string
	MatchType     uint8
}

EndpointDomain matches domains.

func (*EndpointDomain) Matches

func (ep *EndpointDomain) Matches(ctx context.Context, entity *intel.Entity) (EPResult, Reason)

Matches checks whether the given entity matches this endpoint definition.

func (*EndpointDomain) String

func (ep *EndpointDomain) String() string

type EndpointIP

type EndpointIP struct {
	EndpointBase

	IP net.IP
}

EndpointIP matches IPs.

func (*EndpointIP) Matches

func (ep *EndpointIP) Matches(_ context.Context, entity *intel.Entity) (EPResult, Reason)

Matches checks whether the given entity matches this endpoint definition.

func (*EndpointIP) String

func (ep *EndpointIP) String() string

type EndpointIPRange

type EndpointIPRange struct {
	EndpointBase

	Net *net.IPNet
}

EndpointIPRange matches IP ranges.

func (*EndpointIPRange) Matches

func (ep *EndpointIPRange) Matches(_ context.Context, entity *intel.Entity) (EPResult, Reason)

Matches checks whether the given entity matches this endpoint definition.

func (*EndpointIPRange) String

func (ep *EndpointIPRange) String() string

type EndpointLists

type EndpointLists struct {
	EndpointBase

	ListSet []string
	Lists   string
}

EndpointLists matches endpoint lists.

func (*EndpointLists) Matches

func (ep *EndpointLists) Matches(ctx context.Context, entity *intel.Entity) (EPResult, Reason)

Matches checks whether the given entity matches this endpoint definition.

func (*EndpointLists) String

func (ep *EndpointLists) String() string

type EndpointScope added in v0.4.4

type EndpointScope struct {
	EndpointBase
	// contains filtered or unexported fields
}

EndpointScope matches network scopes.

func (*EndpointScope) Matches added in v0.4.4

func (ep *EndpointScope) Matches(_ context.Context, entity *intel.Entity) (EPResult, Reason)

Matches checks whether the given entity matches this endpoint definition.

func (*EndpointScope) Scopes added in v0.4.4

func (ep *EndpointScope) Scopes() string

Scopes returns the string representation of all scopes.

func (*EndpointScope) String added in v0.4.4

func (ep *EndpointScope) String() string

type Endpoints

type Endpoints []Endpoint

Endpoints is a list of permitted or denied endpoints.

func ParseEndpoints

func ParseEndpoints(entries []string) (Endpoints, error)

ParseEndpoints parses a list of endpoints and returns a list of Endpoints for matching.

func (Endpoints) IsSet

func (e Endpoints) IsSet() bool

IsSet returns whether the Endpoints object is "set".

func (Endpoints) Match

func (e Endpoints) Match(ctx context.Context, entity *intel.Entity) (result EPResult, reason Reason)

Match checks whether the given entity matches any of the endpoint definitions in the list.

func (Endpoints) String

func (e Endpoints) String() string

type Reason added in v0.4.1

type Reason interface {
	// String should return a human readable string
	// describing the decision reason.
	String() string

	// Context returns the context that was used
	// for the decision.
	Context() interface{}
}

Reason describes the reason why an endpoint has been permitted or blocked.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL