opensnitch/daemon/rule/rule.go

package rule

import (
	"fmt"
	"time"

	"github.com/evilsocket/opensnitch/daemon/conman"
	"github.com/evilsocket/opensnitch/daemon/ui/protocol"
)

type OperandType string

const (
	OpTrue        = OperandType("true")
	OpProcessPath = OperandType("process.path")
	OpUserId      = OperandType("user.id")
	OpDstIP       = OperandType("dest.ip")
	OpDstHost     = OperandType("dest.host")
	OpDstPort     = OperandType("dest.port")
)

type Cmp struct {
	What OperandType
	With string
}

type Action string

const (
	Allow = Action("allow")
	Deny  = Action("deny")
)

type Duration string

const (
	Once    = Duration("once")
	Restart = Duration("until restart")
	Always  = Duration("always")
)

type Type string

const (
	Simple  = Type("simple")
	Complex = Type("complex") // for future use
)

type Rule struct {
	Created  time.Time `json:"created"`
	Updated  time.Time `json:"updated"`
	Name     string    `json:"name"`
	Enabled  bool      `json:"enabled"`
	Action   Action    `json:"action"`
	Duration Duration  `json:"duration"`
	Type     Type      `json:"type"`
	Rule     Cmp       `json:"rule"`
}

func FromReply(reply *protocol.RuleReply) *Rule {
	return Create(
		reply.Name,
		Action(reply.Action),
		Duration(reply.Duration),
		Cmp{
			What: OperandType(reply.What),
			With: reply.Value,
		},
	)
}

func Create(name string, action Action, duration Duration, rule Cmp) *Rule {
	return &Rule{
		Created:  time.Now(),
		Enabled:  true,
		Name:     name,
		Action:   action,
		Duration: duration,
		Type:     Simple,
		Rule:     rule,
	}
}

func (r *Rule) String() string {
	return fmt.Sprintf("%s: if(%s == '%s'){ %s %s }", r.Name, r.Rule.What, r.Rule.With, r.Action, r.Duration)
}

func (r *Rule) Match(con *conman.Connection) bool {
	if r.Enabled == false {
		return false
	} else if r.Rule.What == OpTrue {
		return true
	} else if r.Rule.What == OpUserId {
		return fmt.Sprintf("%d", con.Entry.UserId) == r.Rule.With
	} else if r.Rule.What == OpProcessPath {
		return con.Process.Path == r.Rule.With
	} else if r.Rule.What == OpDstIP {
		return con.DstIP.String() == r.Rule.With
	} else if r.Rule.What == OpDstHost {
		return con.DstHost == r.Rule.With
	} else if r.Rule.What == OpDstPort {
		return fmt.Sprintf("%d", con.DstPort) == r.Rule.With
	}
	return false
}
misc: small fix or general refactoring i did not bother commenting 2018-04-02 05:25:32 +02:00			`package rule`

			`import (`
			`"fmt"`
			`"time"`

			`"github.com/evilsocket/opensnitch/daemon/conman"`
better protocol file manag. 2018-04-06 15:58:19 +02:00			`"github.com/evilsocket/opensnitch/daemon/ui/protocol"`
misc: small fix or general refactoring i did not bother commenting 2018-04-02 05:25:32 +02:00			`)`

			`type OperandType string`

			`const (`
			`OpTrue = OperandType("true")`
			`OpProcessPath = OperandType("process.path")`
misc: small fix or general refactoring i did not bother commenting 2018-04-05 16:27:48 +02:00			`OpUserId = OperandType("user.id")`
misc: small fix or general refactoring i did not bother commenting 2018-04-02 05:25:32 +02:00			`OpDstIP = OperandType("dest.ip")`
			`OpDstHost = OperandType("dest.host")`
misc: small fix or general refactoring i did not bother commenting 2018-04-05 16:27:48 +02:00			`OpDstPort = OperandType("dest.port")`
misc: small fix or general refactoring i did not bother commenting 2018-04-02 05:25:32 +02:00			`)`

			`type Cmp struct {`
			`What OperandType`
			`With string`
			`}`

			`type Action string`

			`const (`
			`Allow = Action("allow")`
			`Deny = Action("deny")`
			`)`

			`type Duration string`

			`const (`
			`Once = Duration("once")`
			`Restart = Duration("until restart")`
			`Always = Duration("always")`
			`)`

			`type Type string`

			`const (`
			`Simple = Type("simple")`
			`Complex = Type("complex") // for future use`
			`)`

			`type Rule struct {`
			Created time.Time `json:"created"`
			Updated time.Time `json:"updated"`
			Name string `json:"name"`
			Enabled bool `json:"enabled"`
			Action Action `json:"action"`
			Duration Duration `json:"duration"`
			Type Type `json:"type"`
			Rule Cmp `json:"rule"`
			`}`

ui service to test and benchmark gRPC IPC 2018-04-02 19:10:42 +02:00			`func FromReply(reply protocol.RuleReply) Rule {`
			`return Create(`
			`reply.Name,`
			`Action(reply.Action),`
			`Duration(reply.Duration),`
			`Cmp{`
			`What: OperandType(reply.What),`
python ui server 2018-04-05 12:01:33 +02:00			`With: reply.Value,`
ui service to test and benchmark gRPC IPC 2018-04-02 19:10:42 +02:00			`},`
			`)`
			`}`

misc: small fix or general refactoring i did not bother commenting 2018-04-02 05:25:32 +02:00			`func Create(name string, action Action, duration Duration, rule Cmp) *Rule {`
			`return &Rule{`
			`Created: time.Now(),`
			`Enabled: true,`
			`Name: name,`
			`Action: action,`
			`Duration: duration,`
			`Type: Simple,`
			`Rule: rule,`
			`}`
			`}`

			`func (r *Rule) String() string {`
			`return fmt.Sprintf("%s: if(%s == '%s'){ %s %s }", r.Name, r.Rule.What, r.Rule.With, r.Action, r.Duration)`
			`}`

			`func (r Rule) Match(con conman.Connection) bool {`
			`if r.Enabled == false {`
			`return false`
			`} else if r.Rule.What == OpTrue {`
			`return true`
misc: small fix or general refactoring i did not bother commenting 2018-04-05 16:27:48 +02:00			`} else if r.Rule.What == OpUserId {`
			`return fmt.Sprintf("%d", con.Entry.UserId) == r.Rule.With`
misc: small fix or general refactoring i did not bother commenting 2018-04-02 05:25:32 +02:00			`} else if r.Rule.What == OpProcessPath {`
			`return con.Process.Path == r.Rule.With`
			`} else if r.Rule.What == OpDstIP {`
			`return con.DstIP.String() == r.Rule.With`
			`} else if r.Rule.What == OpDstHost {`
			`return con.DstHost == r.Rule.With`
misc: small fix or general refactoring i did not bother commenting 2018-04-05 16:27:48 +02:00			`} else if r.Rule.What == OpDstPort {`
			`return fmt.Sprintf("%d", con.DstPort) == r.Rule.With`
misc: small fix or general refactoring i did not bother commenting 2018-04-02 05:25:32 +02:00			`}`
			`return false`
			`}`