mirror of
https://github.com/evilsocket/opensnitch.git
synced 2025-03-04 08:34:40 +01:00
a1bba4da3f
CWD allow us to know from where was a process executed. The environment variables allows to know more about a process execution.
122 lines
2.5 KiB
Protocol Buffer
122 lines
2.5 KiB
Protocol Buffer
syntax = "proto3";
|
|
|
|
package protocol;
|
|
|
|
service UI {
|
|
rpc Ping(PingRequest) returns (PingReply) {}
|
|
rpc AskRule (Connection) returns (Rule) {}
|
|
rpc Subscribe (ClientConfig) returns (ClientConfig) {}
|
|
rpc Notifications (stream NotificationReply) returns (stream Notification) {}
|
|
}
|
|
|
|
message Event {
|
|
string time = 1;
|
|
Connection connection = 2;
|
|
Rule rule = 3;
|
|
}
|
|
|
|
message Statistics {
|
|
string daemon_version = 1;
|
|
uint64 rules = 2;
|
|
uint64 uptime = 3;
|
|
uint64 dns_responses = 4;
|
|
uint64 connections = 5;
|
|
uint64 ignored = 6;
|
|
uint64 accepted = 7;
|
|
uint64 dropped = 8;
|
|
uint64 rule_hits = 9;
|
|
uint64 rule_misses = 10;
|
|
map<string, uint64> by_proto = 11;
|
|
map<string, uint64> by_address = 12;
|
|
map<string, uint64> by_host = 13;
|
|
map<string, uint64> by_port = 14;
|
|
map<string, uint64> by_uid = 15;
|
|
map<string, uint64> by_executable = 16;
|
|
repeated Event events = 17;
|
|
}
|
|
|
|
message PingRequest {
|
|
uint64 id = 1;
|
|
Statistics stats = 2;
|
|
}
|
|
|
|
message PingReply {
|
|
uint64 id = 1;
|
|
}
|
|
|
|
message Connection {
|
|
string protocol = 1;
|
|
string src_ip = 2;
|
|
uint32 src_port = 3;
|
|
string dst_ip = 4;
|
|
string dst_host = 5;
|
|
uint32 dst_port = 6;
|
|
uint32 user_id = 7;
|
|
uint32 process_id = 8;
|
|
string process_path = 9;
|
|
string process_cwd = 10;
|
|
repeated string process_args = 11;
|
|
map<string, string> process_env = 12;
|
|
}
|
|
|
|
message Operator {
|
|
string type = 1;
|
|
string operand = 2;
|
|
string data = 3;
|
|
}
|
|
|
|
message Rule {
|
|
string name = 1;
|
|
bool enabled = 2;
|
|
string action = 3;
|
|
string duration = 4;
|
|
Operator operator = 5;
|
|
}
|
|
|
|
enum Action {
|
|
NONE = 0;
|
|
LOAD_FIREWALL = 1;
|
|
UNLOAD_FIREWALL = 2;
|
|
CHANGE_CONFIG = 3;
|
|
ENABLE_RULE = 4;
|
|
DISABLE_RULE = 5;
|
|
DELETE_RULE = 6;
|
|
CHANGE_RULE = 7;
|
|
LOG_LEVEL = 8;
|
|
STOP = 9;
|
|
}
|
|
|
|
// client configuration sent on Subscribe()
|
|
message ClientConfig {
|
|
uint64 id = 1;
|
|
string name = 2;
|
|
string version = 3;
|
|
bool isFirewallRunning = 4;
|
|
// daemon configuration as json string
|
|
string config = 5;
|
|
uint32 logLevel = 6;
|
|
repeated Rule rules = 7;
|
|
}
|
|
|
|
// notification sent to the clients (daemons)
|
|
message Notification {
|
|
uint64 id = 1;
|
|
string clientName = 2;
|
|
string serverName = 3;
|
|
// CHANGE_CONFIG: 2, data: {"default_timeout": 1, ...}
|
|
Action type = 4;
|
|
string data = 5;
|
|
repeated Rule rules = 6;
|
|
}
|
|
|
|
// notification reply sent to the server (GUI)
|
|
message NotificationReply {
|
|
uint64 id = 1;
|
|
NotificationReplyCode code = 2;
|
|
string data = 3;
|
|
}
|
|
|
|
enum NotificationReplyCode {
|
|
OK = 0;
|
|
ERROR = 1;
|
|
}
|