opensnitch/proto/ui.proto

syntax = "proto3";

package protocol;

option go_package = "github.com/evilsocket/opensnitch/daemon/ui/protocol";

service UI {
    rpc Ping(PingRequest) returns (PingReply) {}
    rpc AskRule (Connection) returns (Rule) {}
    rpc Subscribe (ClientConfig) returns (ClientConfig) {}
    rpc Notifications (stream NotificationReply) returns (stream Notification) {}
}

message Event {
    string time = 1;
    Connection connection = 2;
    Rule rule = 3;
    int64 unixnano = 4;
}

message Statistics {
    string daemon_version = 1;
    uint64 rules = 2;
    uint64 uptime = 3;
	uint64 dns_responses = 4;
	uint64 connections  = 5;
	uint64 ignored = 6;
	uint64 accepted = 7;
	uint64 dropped = 8;
	uint64 rule_hits = 9;
	uint64 rule_misses = 10;
	map<string, uint64> by_proto = 11;
	map<string, uint64> by_address = 12;
	map<string, uint64> by_host = 13;
	map<string, uint64> by_port = 14;
	map<string, uint64> by_uid = 15;
	map<string, uint64> by_executable = 16;
    repeated Event events = 17;
}

message PingRequest {
    uint64 id = 1;
    Statistics stats = 2;
}

message PingReply {
    uint64 id = 1;
}

message Connection {
    string protocol = 1;
    string src_ip = 2;
    uint32 src_port = 3;
    string dst_ip = 4;
    string dst_host = 5;
    uint32 dst_port = 6;
    uint32 user_id = 7;
    uint32 process_id = 8;
    string process_path = 9;
    string process_cwd = 10;
    repeated string process_args = 11;
    map<string, string> process_env = 12;
}

message Operator {
    string type = 1;
    string operand = 2;
    string data = 3;
    bool sensitive = 4;
}

message Rule {
    string name = 1;
    string description = 2;
    bool enabled = 3;
    bool precedence = 4;
    string action = 5;
    string duration = 6;
    Operator operator = 7;
}

enum Action {
    NONE = 0;
    ENABLE_INTERCEPTION = 1;
    DISABLE_INTERCEPTION = 2;
    ENABLE_FIREWALL = 3;
    DISABLE_FIREWALL = 4;
    RELOAD_FW_RULES = 5;
    CHANGE_CONFIG = 6;
    ENABLE_RULE = 7;
    DISABLE_RULE = 8;
    DELETE_RULE = 9;
    CHANGE_RULE = 10;
    LOG_LEVEL = 11;
    STOP = 12;
    MONITOR_PROCESS = 13;
    STOP_MONITOR_PROCESS = 14;
}

message StatementValues {
    string Key = 1;
    string Value = 2;
}

message Statement {
    string Op = 1;
    string Name = 2;
    repeated StatementValues Values = 3;
}

message Expressions {
    Statement Statement = 1;
}

message FwRule {
    // DEPRECATED: for backward compatibility with iptables
    string Table = 1;
    string Chain = 2;

    string UUID = 3;
    bool Enabled = 4;
    uint64 Position = 5;
    string Description = 6;
    string Parameters = 7;
    repeated Expressions Expressions = 8;
    string Target = 9;
    string TargetParameters = 10;
}

message FwChain {
    string Name = 1;
    string Table = 2;
    string Family = 3;
    string Priority = 4;
    string Type = 5;
    string Hook = 6;
    string Policy = 7;
    repeated FwRule Rules = 8;
}

message FwChains {
    // DEPRECATED: backward compatibility with iptables
    FwRule Rule = 1;
    repeated FwChain Chains = 2;
}

message SysFirewall {
    bool Enabled = 1;
    uint32 Version = 2;
    repeated FwChains SystemRules = 3;
}

// client configuration sent on Subscribe()
message ClientConfig {
    uint64 id = 1;
    string name = 2;
    string version = 3;
    bool isFirewallRunning = 4;
    // daemon configuration as json string
    string config = 5;
    uint32 logLevel = 6;
    repeated Rule rules = 7;
    SysFirewall systemFirewall = 8;
}

// notification sent to the clients (daemons)
message Notification {
    uint64 id = 1;
    string clientName = 2;
    string serverName = 3;
    // CHANGE_CONFIG: 2, data: {"default_timeout": 1, ...}
    Action type = 4;
    string data = 5;   
    repeated Rule rules = 6;
    SysFirewall sysFirewall = 7;
}

// notification reply sent to the server (GUI)
message NotificationReply {
    uint64 id = 1;
    NotificationReplyCode code = 2;
    string data = 3;
}

enum NotificationReplyCode {
    OK = 0;
    ERROR = 1;
}