policy

package

v0.7.0 Latest Latest Go to latest Published: May 3, 2025 License: MIT Imports: 15 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

git.gammaspectra.live/git/go-away

Links

Open Source Insights

Documentation ¶

Index ¶

type Challenge
type Network
- func (n Network) FetchPrefixes(c *http.Client, whois *utils.RADb) (output []net.IPNet, err error)
type Policy
- func NewPolicy(r io.Reader, snippetsDirectories ...string) (*Policy, error)
type Rule
type RuleAction
type StateSettings

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

This section is empty.

Types ¶

type Challenge ¶

type Challenge struct {
	Conditions []string `yaml:"conditions"`
	Runtime    string   `yaml:"runtime"`

	Duration time.Duration `yaml:"duration"`

	Parameters ast.Node `yaml:"parameters,omitempty"`
}

type Network ¶

type Network struct {
	// Fetches
	Url  *string `yaml:"url,omitempty"`
	File *string `yaml:"file,omitempty"`
	ASN  *int    `yaml:"asn,omitempty"`

	// Filtering
	JqPath *string `yaml:"jq-path,omitempty"`
	Regex  *string `yaml:"regex,omitempty"`

	Prefixes []string `yaml:"prefixes,omitempty"`
}

func (Network) FetchPrefixes ¶

func (n Network) FetchPrefixes(c *http.Client, whois *utils.RADb) (output []net.IPNet, err error)

type Policy ¶

type Policy struct {

	// Networks map of networks and prefixes to be loaded
	Networks map[string][]Network `yaml:"networks"`

	Conditions map[string][]string `yaml:"conditions"`

	Challenges map[string]Challenge `yaml:"challenges"`

	Rules []Rule `yaml:"rules"`
}

func NewPolicy ¶ added in v0.5.0

func NewPolicy(r io.Reader, snippetsDirectories ...string) (*Policy, error)

type Rule ¶

type Rule struct {
	Name       string   `yaml:"name"`
	Conditions []string `yaml:"conditions"`

	Action string `yaml:"action"`

	Settings ast.Node `yaml:"settings"`

	Children []Rule `yaml:"children"`
}

type RuleAction ¶

type RuleAction string

const (
	// RuleActionNONE Does nothing. Useful for parent rules when children want to be specified
	RuleActionNONE RuleAction = "NONE"
	// RuleActionPASS Passes the connection immediately
	RuleActionPASS RuleAction = "PASS"
	// RuleActionDENY Denies the connection with a fancy page
	RuleActionDENY RuleAction = "DENY"
	// RuleActionBLOCK Denies the connection with a response code
	RuleActionBLOCK RuleAction = "BLOCK"
	// RuleActionCODE Returns a specified HTTP code
	RuleActionCODE RuleAction = "CODE"

	// RuleActionDROP Drops the connection without sending a reply
	RuleActionDROP RuleAction = "DROP"

	// RuleActionCHALLENGE Issues a challenge that when passed, passes the connection
	RuleActionCHALLENGE RuleAction = "CHALLENGE"
	// RuleActionCHECK Issues a challenge that when passed, continues checking rules
	RuleActionCHECK RuleAction = "CHECK"

	// RuleActionPROXY Proxies request to a backend, with optional path replacements
	RuleActionPROXY RuleAction = "PROXY"

	// RuleActionCONTEXT Changes Request Context information or properties
	RuleActionCONTEXT RuleAction = "CONTEXT"
)

type StateSettings ¶ added in v0.6.0

type StateSettings struct {
	Cache           utils.Cache
	Backends        map[string]http.Handler
	PrivateKeySeed  []byte
	MainName        string
	MainVersion     string
	BasePath        string
	ClientIpHeader  string
	BackendIpHeader string

	ChallengeResponseCode int
}

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL