opensnitch/proto/ui.proto

syntax = "proto3";

package protocol;

service UI {
    rpc Ping(PingRequest) returns (PingReply) {}
    rpc AskRule (Connection) returns (Rule) {}
    rpc Subscribe (ClientConfig) returns (ClientConfig) {}
    rpc Notifications (stream NotificationReply) returns (stream Notification) {}
}

message Event {
    string time = 1;
    Connection connection = 2;
    Rule rule = 3;
}

message Statistics {
    string daemon_version = 1;
    uint64 rules = 2;
    uint64 uptime = 3;
	uint64 dns_responses = 4;
	uint64 connections  = 5;
	uint64 ignored = 6;
	uint64 accepted = 7;
	uint64 dropped = 8;
	uint64 rule_hits = 9;
	uint64 rule_misses = 10;
	map<string, uint64> by_proto = 11;
	map<string, uint64> by_address = 12;
	map<string, uint64> by_host = 13;
	map<string, uint64> by_port = 14;
	map<string, uint64> by_uid = 15;
	map<string, uint64> by_executable = 16;
    repeated Event events = 17;
}

message PingRequest {
    uint64 id = 1;
    Statistics stats = 2;
}

message PingReply {
    uint64 id = 1;
}

message Connection {
    string protocol = 1;
    string src_ip = 2;
    uint32 src_port = 3;
    string dst_ip = 4;
    string dst_host = 5;
    uint32 dst_port = 6;
    uint32 user_id = 7;
    uint32 process_id = 8;
    string process_path = 9;
    repeated string process_args = 10;
}

message Operator {
    string type = 1;
    string operand = 2;
    string data = 3;
}

message Rule {
    string name = 1;
    bool enabled = 2;
    string action = 3;
    string duration = 4;
    Operator operator = 5;
}

enum Action {
    NONE = 0;
    LOAD_FIREWALL = 1;
    UNLOAD_FIREWALL = 2;
    CHANGE_CONFIG = 3;
    ENABLE_RULE = 4;
    DISABLE_RULE = 5;
    DELETE_RULE = 6;
    CHANGE_RULE = 7;
    LOG_LEVEL = 8;
    STOP = 9;
}

// client configuration sent on Subscribe()
message ClientConfig {
    uint64 id = 1;
    string name = 2;
    string version = 3;
    bool isFirewallRunning = 4;
    // daemon configuration as json string
    string config = 5;
    uint32 logLevel = 6;
    repeated Rule rules = 7;
}

// notification sent to the clients (daemons)
message Notification {
    uint64 id = 1;
    string clientName = 2;
    string serverName = 3;
    // CHANGE_CONFIG: 2, data: {"default_timeout": 1, ...}
    Action type = 4;
    string data = 5;   
    repeated Rule rules = 6;
}

// notification reply sent to the server (GUI)
message NotificationReply {
    uint64 id = 1;
    NotificationReplyCode code = 2;
    string data = 3;
}

enum NotificationReplyCode {
    OK = 0;
    ERROR = 1;
}
started working on ui gRPC protocol 2018-04-02 17:54:56 +02:00			`syntax = "proto3";`

better protocol file manag. 2018-04-06 15:58:19 +02:00			`package protocol;`
started working on ui gRPC protocol 2018-04-02 17:54:56 +02:00
			`service UI {`
added ui ping/pong 2018-04-02 18:26:04 +02:00			`rpc Ping(PingRequest) returns (PingReply) {}`
when the thc kicks in and you find a better logic, better naming, better design and new ideas 2018-04-08 15:32:20 +02:00			`rpc AskRule (Connection) returns (Rule) {}`
Added logic to handle changes/notifications from the GUI. - Allow to perform the following actions from the GUI: * Load/unload firewall (i.e.: interception) * Change daemon default configuration. * Enable/disable rules. * Delete rules. * Change/Add rules. * Change log level. 2020-05-10 17:44:56 +02:00			`rpc Subscribe (ClientConfig) returns (ClientConfig) {}`
			`rpc Notifications (stream NotificationReply) returns (stream Notification) {}`
when the thc kicks in and you find a better logic, better naming, better design and new ideas 2018-04-08 15:32:20 +02:00			`}`

			`message Event {`
			`string time = 1;`
			`Connection connection = 2;`
			`Rule rule = 3;`
added ui ping/pong 2018-04-02 18:26:04 +02:00			`}`

misc: small fix or general refactoring i did not bother commenting 2018-04-06 01:44:15 +02:00			`message Statistics {`
misc: small fix or general refactoring i did not bother commenting 2018-04-06 13:55:03 +02:00			`string daemon_version = 1;`
added the number of loaded rules in the statistics 2018-04-08 17:20:37 +02:00			`uint64 rules = 2;`
			`uint64 uptime = 3;`
			`uint64 dns_responses = 4;`
			`uint64 connections = 5;`
			`uint64 ignored = 6;`
			`uint64 accepted = 7;`
			`uint64 dropped = 8;`
			`uint64 rule_hits = 9;`
			`uint64 rule_misses = 10;`
			`map<string, uint64> by_proto = 11;`
			`map<string, uint64> by_address = 12;`
			`map<string, uint64> by_host = 13;`
			`map<string, uint64> by_port = 14;`
			`map<string, uint64> by_uid = 15;`
			`map<string, uint64> by_executable = 16;`
			`repeated Event events = 17;`
misc: small fix or general refactoring i did not bother commenting 2018-04-06 01:44:15 +02:00			`}`

added ui ping/pong 2018-04-02 18:26:04 +02:00			`message PingRequest {`
			`uint64 id = 1;`
misc: small fix or general refactoring i did not bother commenting 2018-04-06 01:44:15 +02:00			`Statistics stats = 2;`
added ui ping/pong 2018-04-02 18:26:04 +02:00			`}`

			`message PingReply {`
			`uint64 id = 1;`
started working on ui gRPC protocol 2018-04-02 17:54:56 +02:00			`}`

when the thc kicks in and you find a better logic, better naming, better design and new ideas 2018-04-08 15:32:20 +02:00			`message Connection {`
added ui ping/pong 2018-04-02 18:26:04 +02:00			`string protocol = 1;`
			`string src_ip = 2;`
			`uint32 src_port = 3;`
			`string dst_ip = 4;`
			`string dst_host = 5;`
			`uint32 dst_port = 6;`
misc: small fix or general refactoring i did not bother commenting 2018-04-05 15:26:36 +02:00			`uint32 user_id = 7;`
			`uint32 process_id = 8;`
			`string process_path = 9;`
			`repeated string process_args = 10;`
started working on ui gRPC protocol 2018-04-02 17:54:56 +02:00			`}`

when the thc kicks in and you find a better logic, better naming, better design and new ideas 2018-04-08 15:32:20 +02:00			`message Operator {`
support rules with type=regexp (closes #127) 2018-04-07 13:52:25 +02:00			`string type = 1;`
			`string operand = 2;`
			`string data = 3;`
			`}`

when the thc kicks in and you find a better logic, better naming, better design and new ideas 2018-04-08 15:32:20 +02:00			`message Rule {`
started working on ui gRPC protocol 2018-04-02 17:54:56 +02:00			`string name = 1;`
Added logic to handle changes/notifications from the GUI. - Allow to perform the following actions from the GUI: * Load/unload firewall (i.e.: interception) * Change daemon default configuration. * Enable/disable rules. * Delete rules. * Change/Add rules. * Change log level. 2020-05-10 17:44:56 +02:00			`bool enabled = 2;`
			`string action = 3;`
			`string duration = 4;`
			`Operator operator = 5;`
started working on ui gRPC protocol 2018-04-02 17:54:56 +02:00			`}`
Allow to change settings from the UI (1/2) We start receiving notifications from the UI, which allow us to change configurations and perform actions on the daemon. The concept of Node has also been introduced, which identifies every daemon (client) connected to the UI (server). These options has been added: - Enable/Disable firewall interception (for all nodes) - Change daemons (clients) configuration. globally or per node. - Change prompt dialog options. We have fixed some bugs along the way: - Close audit client connection gracefully. - Exclude our own connections from being intercepted. - Better handling of client connection status with the UI. We probably has also introduced some other bugs (not listed here). 2020-04-19 20:13:31 +02:00
			`enum Action {`
			`NONE = 0;`
			`LOAD_FIREWALL = 1;`
			`UNLOAD_FIREWALL = 2;`
			`CHANGE_CONFIG = 3;`
			`ENABLE_RULE = 4;`
			`DISABLE_RULE = 5;`
Added logic to handle changes/notifications from the GUI. - Allow to perform the following actions from the GUI: * Load/unload firewall (i.e.: interception) * Change daemon default configuration. * Enable/disable rules. * Delete rules. * Change/Add rules. * Change log level. 2020-05-10 17:44:56 +02:00			`DELETE_RULE = 6;`
			`CHANGE_RULE = 7;`
			`LOG_LEVEL = 8;`
			`STOP = 9;`
Allow to change settings from the UI (1/2) We start receiving notifications from the UI, which allow us to change configurations and perform actions on the daemon. The concept of Node has also been introduced, which identifies every daemon (client) connected to the UI (server). These options has been added: - Enable/Disable firewall interception (for all nodes) - Change daemons (clients) configuration. globally or per node. - Change prompt dialog options. We have fixed some bugs along the way: - Close audit client connection gracefully. - Exclude our own connections from being intercepted. - Better handling of client connection status with the UI. We probably has also introduced some other bugs (not listed here). 2020-04-19 20:13:31 +02:00			`}`

Added logic to handle changes/notifications from the GUI. - Allow to perform the following actions from the GUI: * Load/unload firewall (i.e.: interception) * Change daemon default configuration. * Enable/disable rules. * Delete rules. * Change/Add rules. * Change log level. 2020-05-10 17:44:56 +02:00			`// client configuration sent on Subscribe()`
Allow to change settings from the UI (1/2) We start receiving notifications from the UI, which allow us to change configurations and perform actions on the daemon. The concept of Node has also been introduced, which identifies every daemon (client) connected to the UI (server). These options has been added: - Enable/Disable firewall interception (for all nodes) - Change daemons (clients) configuration. globally or per node. - Change prompt dialog options. We have fixed some bugs along the way: - Close audit client connection gracefully. - Exclude our own connections from being intercepted. - Better handling of client connection status with the UI. We probably has also introduced some other bugs (not listed here). 2020-04-19 20:13:31 +02:00			`message ClientConfig {`
			`uint64 id = 1;`
			`string name = 2;`
			`string version = 3;`
			`bool isFirewallRunning = 4;`
			`// daemon configuration as json string`
			`string config = 5;`
			`uint32 logLevel = 6;`
			`repeated Rule rules = 7;`
			`}`

Added logic to handle changes/notifications from the GUI. - Allow to perform the following actions from the GUI: * Load/unload firewall (i.e.: interception) * Change daemon default configuration. * Enable/disable rules. * Delete rules. * Change/Add rules. * Change log level. 2020-05-10 17:44:56 +02:00			`// notification sent to the clients (daemons)`
Allow to change settings from the UI (1/2) We start receiving notifications from the UI, which allow us to change configurations and perform actions on the daemon. The concept of Node has also been introduced, which identifies every daemon (client) connected to the UI (server). These options has been added: - Enable/Disable firewall interception (for all nodes) - Change daemons (clients) configuration. globally or per node. - Change prompt dialog options. We have fixed some bugs along the way: - Close audit client connection gracefully. - Exclude our own connections from being intercepted. - Better handling of client connection status with the UI. We probably has also introduced some other bugs (not listed here). 2020-04-19 20:13:31 +02:00			`message Notification {`
			`uint64 id = 1;`
			`string clientName = 2;`
			`string serverName = 3;`
			`// CHANGE_CONFIG: 2, data: {"default_timeout": 1, ...}`
			`Action type = 4;`
			`string data = 5;`
			`repeated Rule rules = 6;`
			`}`
Added logic to handle changes/notifications from the GUI. - Allow to perform the following actions from the GUI: * Load/unload firewall (i.e.: interception) * Change daemon default configuration. * Enable/disable rules. * Delete rules. * Change/Add rules. * Change log level. 2020-05-10 17:44:56 +02:00
			`// notification reply sent to the server (GUI)`
			`message NotificationReply {`
			`uint64 id = 1;`
			`NotificationReplyCode code = 2;`
			`string data = 3;`
			`}`

			`enum NotificationReplyCode {`
			`OK = 0;`
			`ERROR = 1;`
			`}`