mirror of
https://github.com/evilsocket/opensnitch.git
synced 2025-03-04 08:34:40 +01:00
Merge pull request #224 from jkozera/jkozera/list-rule-type
Add a 'list' rule type
This commit is contained in:
evilsocket
GitHub
commit
61cf3d1e08
3 changed files with 24 additions and 4 deletions
|
|
@ -16,6 +16,7 @@ const (
|
|||
Simple = Type("simple")
|
||||
Regexp = Type("regexp")
|
||||
Complex = Type("complex") // for future use
|
||||
List = Type("list")
|
||||
)
|
||||
|
||||
type Operand string
|
||||
|
|
@ -30,6 +31,7 @@ const (
|
|||
OpDstIP = Operand("dest.ip")
|
||||
OpDstHost = Operand("dest.host")
|
||||
OpDstPort = Operand("dest.port")
|
||||
OpList = Operand("list")
|
||||
)
|
||||
|
||||
type opCallback func(value string) bool
|
||||
|
|
@ -38,16 +40,18 @@ type Operator struct {
|
|||
Type Type `json:"type"`
|
||||
Operand Operand `json:"operand"`
|
||||
Data string `json:"data"`
|
||||
List []Operator `json:"list"`
|
||||
|
||||
cb opCallback
|
||||
re *regexp.Regexp
|
||||
}
|
||||
|
||||
func NewOperator(t Type, o Operand, data string) Operator {
|
||||
func NewOperator(t Type, o Operand, data string, list []Operator) Operator {
|
||||
op := Operator{
|
||||
Type: t,
|
||||
Operand: o,
|
||||
Data: data,
|
||||
List: list,
|
||||
}
|
||||
op.Compile()
|
||||
return op
|
||||
|
|
@ -59,6 +63,8 @@ func (o *Operator) Compile() {
|
|||
} else if o.Type == Regexp {
|
||||
o.cb = o.reCmp
|
||||
o.re = regexp.MustCompile(o.Data)
|
||||
} else if o.Type == List {
|
||||
o.Operand = OpList
|
||||
}
|
||||
}
|
||||
|
||||
|
|
@ -78,6 +84,16 @@ func (o *Operator) reCmp(v string) bool {
|
|||
return o.re.MatchString(v)
|
||||
}
|
||||
|
||||
func (o *Operator) listMatch(con *conman.Connection) bool {
|
||||
res := true
|
||||
for i := 0; i < len(o.List); i += 1 {
|
||||
o := o.List[i]
|
||||
o.Compile()
|
||||
res = res && o.Match(con)
|
||||
}
|
||||
return res
|
||||
}
|
||||
|
||||
func (o *Operator) Match(con *conman.Connection) bool {
|
||||
if o.Operand == OpTrue {
|
||||
return true
|
||||
|
|
@ -97,6 +113,8 @@ func (o *Operator) Match(con *conman.Connection) bool {
|
|||
return o.cb(con.DstHost)
|
||||
} else if o.Operand == OpDstPort {
|
||||
return o.cb(fmt.Sprintf("%d", con.DstPort))
|
||||
} else if o.Operand == OpList {
|
||||
return o.listMatch(con)
|
||||
}
|
||||
|
||||
return false
|
||||
|
|
|
|||
|
|
@ -59,7 +59,9 @@ func Deserialize(reply *protocol.Rule) *Rule {
|
|||
operator := NewOperator(
|
||||
Type(reply.Operator.Type),
|
||||
Operand(reply.Operator.Operand),
|
||||
reply.Operator.Data)
|
||||
reply.Operator.Data,
|
||||
make([]Operator, 0),
|
||||
)
|
||||
|
||||
return Create(
|
||||
reply.Name,
|
||||
|
|
|
|||
|
|
@ -20,8 +20,8 @@ import (
|
|||
)
|
||||
|
||||
var (
|
||||
clientDisconnectedRule = rule.Create("ui.client.disconnected", rule.Allow, rule.Once, rule.NewOperator(rule.Simple, rule.OpTrue, ""))
|
||||
clientErrorRule = rule.Create("ui.client.error", rule.Allow, rule.Once, rule.NewOperator(rule.Simple, rule.OpTrue, ""))
|
||||
clientDisconnectedRule = rule.Create("ui.client.disconnected", rule.Allow, rule.Once, rule.NewOperator(rule.Simple, rule.OpTrue, "", make([]rule.Operator, 0)))
|
||||
clientErrorRule = rule.Create("ui.client.error", rule.Allow, rule.Once, rule.NewOperator(rule.Simple, rule.OpTrue, "", make([]rule.Operator, 0)))
|
||||
)
|
||||
|
||||
type Client struct {
|
||||
|
|
|
|||
Loading…
Add table
Reference in a new issue