Documentation
¶
Index ¶
- Constants
- Variables
- type Server
- func (s *Server) Close() error
- func (s *Server) SetGalahOptions(cache, events bool)
- func (s *Server) SetGalahService(svc *galah.Service)
- func (s *Server) SetGlobalEngine(eng *rules.Engine)
- func (s *Server) SetLocalEngine(eng *rules.Engine)
- func (s *Server) SetSuricataSet(set *atomic.Pointer[suricata.RuleSet])
- func (s *Server) Shutdown(ctx context.Context) error
- func (s *Server) Start() error
- type TarpitConfig
Constants ¶
const ( HeaderJA3 = "X-JA3-Fingerprint" HeaderJA4 = "X-JA4-Fingerprint" HeaderJA4H = "X-JA4H-Fingerprint" HeaderHTTP2 = "X-HTTP2-Fingerprint" )
const DefaultBodyLimit int64 = 1 << 20 // 1MB
const DefaultProxyCacheSize = 32
DefaultProxyCacheSize controls how many upstream reverse proxies are kept in memory. Tests may override ProxyCacheSize to tune behaviour.
Variables ¶
var BodyLimit int64 = DefaultBodyLimit
BodyLimit controls how many bytes of the request body are captured for logging and Suricata matching. The full body is still forwarded upstream. The value can be adjusted for testing or tuning.
var ProxyCacheSize int = DefaultProxyCacheSize
ProxyCacheSize defines the maximum number of cached reverse proxies. It can be overridden for testing or via configuration.
Functions ¶
This section is empty.
Types ¶
type Server ¶
type Server struct {
*proxyserver.Server
ID string
ListenAddr string
UpstreamURL *url.URL
LocalEngine *rules.Engine
GlobalEngine *rules.Engine
Logger *logger.Logger
Hub *sse.Hub
Service atomic.Pointer[galah.Service]
SuricataSet *atomic.Pointer[suricata.RuleSet]
CertFile string
KeyFile string
UpstreamCAFile string
UpstreamSkipVerify bool
// contains filtered or unexported fields
}
Server wraps proxyserver.Server and holds minimal configuration.
func New ¶
func New(id, listenAddr, upstreamURL, certFile, keyFile string, lgr *logger.Logger, localEng, globalEng *rules.Engine, suriSet *atomic.Pointer[suricata.RuleSet], hub *sse.Hub, svc *galah.Service, upstreamCAFile string, upstreamSkipVerify bool) (*Server, error)
New creates a Server that listens on listenAddr and forwards to upstreamURL. A self-signed certificate is generated if certFile and keyFile are empty. The provided logger records request events and can be shared by multiple servers.
func NewEcho ¶
NewEcho creates a Server that returns fingerprint information for every request instead of proxying to an upstream.
func (*Server) SetGalahOptions ¶
SetGalahOptions updates Galah cache and event logging settings.
func (*Server) SetGalahService ¶
SetGalahService stores svc atomically and updates the rule handler.
func (*Server) SetGlobalEngine ¶
SetGlobalEngine replaces the shared rule engine.
func (*Server) SetLocalEngine ¶
SetLocalEngine replaces the listener-specific rule engine.
func (*Server) SetSuricataSet ¶
SetSuricataSet replaces the active Suricata rule set.
type TarpitConfig ¶
type TarpitConfig struct {
// StatusCode is the HTTP status written once the connection is accepted.
// If zero, http.StatusOK is used.
StatusCode int
// IntervalMin and IntervalMax define the range for random intervals between
// writes. Defaults are 3s and 7s respectively when unset.
IntervalMin time.Duration
IntervalMax time.Duration
// DelayMin and DelayMax bound the total duration of the tarpit. Defaults are
// 45s and 120s when unset.
DelayMin time.Duration
DelayMax time.Duration
// Concurrency is an optional semaphore channel that limits the maximum
// number of concurrent tarpits. If nil, no limit is applied.
Concurrency chan struct{}
}
TarpitConfig configures the tarpit handler.
Source Files