api

package
v1.0.29 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jan 11, 2026 License: MPL-2.0 Imports: 25 Imported by: 0

Documentation

Overview

Package api provides HTTP API handlers for NFTBan

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func AnalyticsCountriesHandler 

func AnalyticsCountriesHandler(w http.ResponseWriter, r *http.Request)

AnalyticsCountriesHandler returns country-based ban statistics Executes: nftban-core analytics countries --json

func AnalyticsIPHandler 

func AnalyticsIPHandler(w http.ResponseWriter, r *http.Request)

AnalyticsIPHandler looks up analytics data for a specific IP Executes: nftban-core analytics ip <IP> --json

func AnalyticsSummaryHandler 

func AnalyticsSummaryHandler(w http.ResponseWriter, r *http.Request)

AnalyticsSummaryHandler returns overall analytics summary Executes: nftban-core analytics summary --json

func AnalyticsTopCountriesHandler 

func AnalyticsTopCountriesHandler(w http.ResponseWriter, r *http.Request)

AnalyticsTopCountriesHandler returns top N countries by ban count Executes: nftban-core analytics top [N] --json

func BanHandler 

func BanHandler(w http.ResponseWriter, r *http.Request)

BanHandler bans an IP address

func BandwidthConnectionsHandler 

func BandwidthConnectionsHandler(w http.ResponseWriter, r *http.Request)

BandwidthConnectionsHandler - GET /api/v1/bandwidth/connections?limit=10

func BandwidthCurrentHandler 

func BandwidthCurrentHandler(w http.ResponseWriter, r *http.Request)

BandwidthCurrentHandler - GET /api/v1/bandwidth/current

func BandwidthHandler 

func BandwidthHandler(w http.ResponseWriter, r *http.Request)

BandwidthHandler returns current bandwidth statistics GET /api/network/bandwidth

func BandwidthHistoryHandler 

func BandwidthHistoryHandler(w http.ResponseWriter, r *http.Request)

BandwidthHistoryHandler - GET /api/v1/bandwidth/history?minutes=5

func BandwidthInterfacesHandler 

func BandwidthInterfacesHandler(w http.ResponseWriter, r *http.Request)

BandwidthInterfacesHandler - GET /api/v1/bandwidth/interfaces

func ConfigFileHandler 

func ConfigFileHandler(w http.ResponseWriter, r *http.Request)

ConfigFileHandler serves configuration files from /etc/nftban/

func ConfigGetHandler 

func ConfigGetHandler(w http.ResponseWriter, r *http.Request)

ConfigGetHandler handles GET /api/v1/config/:module

func ConfigResetHandler 

func ConfigResetHandler(w http.ResponseWriter, r *http.Request)

ConfigResetHandler handles POST /api/v1/config/:module/reset

func ConfigSetHandler 

func ConfigSetHandler(w http.ResponseWriter, r *http.Request)

ConfigSetHandler handles POST /api/v1/config/:module

func ConnectionsHandler 

func ConnectionsHandler(w http.ResponseWriter, r *http.Request)

ConnectionsHandler returns current network connections GET /api/network/connections?protocol=tcp&limit=100

func DashboardHandler 

func DashboardHandler(w http.ResponseWriter, r *http.Request)

DashboardHandler returns dashboard statistics

func DashboardMetricsHandler 

func DashboardMetricsHandler(w http.ResponseWriter, r *http.Request)

DashboardMetricsHandler provides all metrics for impressive dashboard in one call OPTIMIZED: Removed slow nftban health call (9+ seconds), use Prometheus metrics instead

func DdosControlHandler 

func DdosControlHandler(w http.ResponseWriter, r *http.Request)

DdosControlHandler handles DDoS enable/disable POST /api/v1/ddos/enable or /api/v1/ddos/disable

func DdosDisableHandler 

func DdosDisableHandler(w http.ResponseWriter, r *http.Request)

DdosDisableHandler disables DDoS protection POST /api/v1/ddos/disable

func DdosEnableHandler 

func DdosEnableHandler(w http.ResponseWriter, r *http.Request)

DdosEnableHandler enables DDoS protection POST /api/v1/ddos/enable

func DdosStatsHandler 

func DdosStatsHandler(w http.ResponseWriter, r *http.Request)

DdosStatsHandler returns DDoS protection statistics GET /api/v1/ddos/stats

func EmulateBatchHandler 

func EmulateBatchHandler(w http.ResponseWriter, r *http.Request)

EmulateBatchHandler handles POST /api/v1/emulate/batch Accepts array of IPs to check

func EmulateHandler 

func EmulateHandler(w http.ResponseWriter, r *http.Request)

EmulateHandler handles GET /api/v1/emulate Query parameters: ip (required), proto, port, direction

func EmulateQuickHandler 

func EmulateQuickHandler(w http.ResponseWriter, r *http.Request)

EmulateQuickHandler handles GET /api/v1/emulate/quick Returns just allow/block for simple checks

func FeedsControlHandler 

func FeedsControlHandler(w http.ResponseWriter, r *http.Request)

FeedsControlHandler handles enable/disable feed operations

func FeedsHandler 

func FeedsHandler(w http.ResponseWriter, r *http.Request)

FeedsHandler returns ALL threat feeds (enabled and disabled) from CLI

func FeedsStatsHandler 

func FeedsStatsHandler(w http.ResponseWriter, r *http.Request)

FeedsStatsHandler returns feed statistics for dashboard

func FirewallCheckHandler 

func FirewallCheckHandler(w http.ResponseWriter, r *http.Request)

FirewallCheckHandler checks if IP or port is blocked/allowed

func FirewallStatsHandler 

func FirewallStatsHandler(w http.ResponseWriter, r *http.Request)

FirewallStatsHandler returns firewall statistics

func FirewallValidateHandler 

func FirewallValidateHandler(w http.ResponseWriter, r *http.Request)

FirewallValidateHandler validates nftables structure against NFTBan spec

func FlushHandler 

func FlushHandler(w http.ResponseWriter, r *http.Request)

FlushHandler clears nftban runtime table (temporary bans from Fail2ban)

func GeoBanStatsHandler 

func GeoBanStatsHandler(w http.ResponseWriter, r *http.Request)

GeoBanStatsHandler provides detailed GeoIP/GeoBan statistics

func GeoHandler 

func GeoHandler(w http.ResponseWriter, r *http.Request)

GeoHandler returns geographic statistics (top countries)

func GrafanaStatusHandler 

func GrafanaStatusHandler(w http.ResponseWriter, r *http.Request)

GrafanaStatusHandler checks if Grafana is available

func HealthFixHandler 

func HealthFixHandler(w http.ResponseWriter, r *http.Request)

HealthFixHandler runs automated fixes via CLI command

func HealthHandler 

func HealthHandler(w http.ResponseWriter, r *http.Request)

HealthHandler returns system health check

func JSON 

func JSON(w http.ResponseWriter, status int, data interface{})

JSON sends a successful response with data

func JSONBadRequest 

func JSONBadRequest(w http.ResponseWriter, msg string)

JSONBadRequest sends 400 Bad Request error

func JSONConflict 

func JSONConflict(w http.ResponseWriter, msg string)

JSONConflict sends 409 Conflict error

func JSONError 

func JSONError(w http.ResponseWriter, status int, msg string)

JSONError sends an error response with specified status code

func JSONForbidden 

func JSONForbidden(w http.ResponseWriter, msg string)

JSONForbidden sends 403 Forbidden error

func JSONInternalError 

func JSONInternalError(w http.ResponseWriter, msg string)

JSONInternalError sends 500 Internal Server Error

func JSONNotFound 

func JSONNotFound(w http.ResponseWriter, msg string)

JSONNotFound sends 404 Not Found error

func JSONPaginated 

func JSONPaginated(w http.ResponseWriter, items interface{}, page, limit, total int)

JSONPaginated sends a paginated response

func JSONRaw 

func JSONRaw(w http.ResponseWriter, status int, response interface{})

JSONRaw sends a raw response object (for backward compatibility)

func JSONServiceUnavailable 

func JSONServiceUnavailable(w http.ResponseWriter, msg string)

JSONServiceUnavailable sends 503 Service Unavailable error

func JSONSuccess 

func JSONSuccess(w http.ResponseWriter, message string, data interface{})

JSONSuccess sends a success message with optional data

func JSONUnauthorized 

func JSONUnauthorized(w http.ResponseWriter, msg string)

JSONUnauthorized sends 401 Unauthorized error

func LogFileHandler 

func LogFileHandler(w http.ResponseWriter, r *http.Request)

LogFileHandler serves individual log files from /var/log/nftban/

func LoginHandler 

func LoginHandler(authService *auth.PAMAuth) http.HandlerFunc

LoginHandler handles user authentication

func LoginMonitorControlHandler 

func LoginMonitorControlHandler(w http.ResponseWriter, r *http.Request)

LoginMonitorControlHandler enables/disables login monitoring POST /api/v1/login-monitor/control

func LoginMonitorEventsHandler 

func LoginMonitorEventsHandler(w http.ResponseWriter, r *http.Request)

LoginMonitorEventsHandler returns recent login events GET /api/v1/login-monitor/events?limit=100

func LoginMonitorStatsHandler 

func LoginMonitorStatsHandler(w http.ResponseWriter, r *http.Request)

LoginMonitorStatsHandler returns login statistics GET /api/v1/login-monitor/stats

func LoginMonitorStatusHandler 

func LoginMonitorStatusHandler(w http.ResponseWriter, r *http.Request)

LoginMonitorStatusHandler returns login monitor status GET /api/v1/login-monitor/status

func LoginMonitorUsersHandler 

func LoginMonitorUsersHandler(w http.ResponseWriter, r *http.Request)

LoginMonitorUsersHandler returns users with login activity GET /api/v1/login-monitor/users

func LogoutHandler added in v1.0.27 

func LogoutHandler(store *session.Store) http.HandlerFunc

LogoutHandler invalidates the current session (server-side) This is a key security improvement over JWT - tokens can be revoked

func LogsHandler 

func LogsHandler(w http.ResponseWriter, r *http.Request)

LogsHandler returns system logs

func LogsViewerHandler 

func LogsViewerHandler(w http.ResponseWriter, r *http.Request)

LogsViewerHandler returns logs from specific NFTBan log files Supports multiple log types with search filtering and tail mode

func MeHandler 

func MeHandler(w http.ResponseWriter, r *http.Request)

MeHandler returns current user information

func MetricsEnableHandler 

func MetricsEnableHandler(w http.ResponseWriter, r *http.Request)

MetricsEnableHandler enables continuous metrics sampling (overrides session-based logic)

func MetricsSamplesHandler 

func MetricsSamplesHandler(w http.ResponseWriter, r *http.Request)

MetricsSamplesHandler returns recent metric samples GET /api/network/metrics/samples?count=60

func MetricsSnapshotHandler 

func MetricsSnapshotHandler(w http.ResponseWriter, r *http.Request)

MetricsSnapshotHandler returns recent samples

func MetricsStatusHandler 

func MetricsStatusHandler(w http.ResponseWriter, r *http.Request)

MetricsStatusHandler returns current metrics sampler status

func NFTablesRulesetHandler 

func NFTablesRulesetHandler(w http.ResponseWriter, r *http.Request)

NFTablesRulesetHandler returns the current nftables ruleset

func NFTablesSaveHandler 

func NFTablesSaveHandler(w http.ResponseWriter, r *http.Request)

NFTablesSaveHandler saves the current nftables ruleset to a backup file

func NFTablesValidateHandler 

func NFTablesValidateHandler(w http.ResponseWriter, r *http.Request)

NFTablesValidateHandler validates the nftables hierarchy

func PortBanHandler 

func PortBanHandler(w http.ResponseWriter, r *http.Request)

PortBanHandler bans a port via CLI POST /api/v1/ports/ban

func PortScanLogsHandler 

func PortScanLogsHandler(w http.ResponseWriter, r *http.Request)

PortScanLogsHandler fetches PortScan detection logs with pagination

func PortStatusHandler 

func PortStatusHandler(w http.ResponseWriter, r *http.Request)

PortStatusHandler checks status of a specific port GET /api/v1/ports/status?port=22&protocol=tcp

func PortUnbanHandler 

func PortUnbanHandler(w http.ResponseWriter, r *http.Request)

PortUnbanHandler unbans a port via CLI POST /api/v1/ports/unban

func PortsHandler 

func PortsHandler(w http.ResponseWriter, r *http.Request)

PortsHandler returns open ports status via CLI command

func PortscanControlHandler 

func PortscanControlHandler(w http.ResponseWriter, r *http.Request)

PortscanControlHandler handles portscan enable/disable/status

func PortscanStatsHandler 

func PortscanStatsHandler(w http.ResponseWriter, r *http.Request)

PortscanStatsHandler returns portscan statistics GET /api/v1/portscan/stats

func PrometheusMetricsHandler 

func PrometheusMetricsHandler(w http.ResponseWriter, r *http.Request)

PrometheusMetricsHandler fetches metrics from Prometheus exporter textfile

func RecentActivityHandler 

func RecentActivityHandler(w http.ResponseWriter, r *http.Request)

RecentActivityHandler returns recent ban/unban/feed activity GET /api/v1/activity/recent?limit=10

func ReloadHandler 

func ReloadHandler(w http.ResponseWriter, r *http.Request)

ReloadHandler reloads nftban firewall configuration

func RulesHandler 

func RulesHandler(w http.ResponseWriter, r *http.Request)

RulesHandler returns nftables statistics

func SearchHandler 

func SearchHandler(w http.ResponseWriter, r *http.Request)

SearchHandler searches for an IP across all NFTBan components

func SessionInfoHandler added in v1.0.27 

func SessionInfoHandler(store *session.Store) http.HandlerFunc

SessionInfoHandler returns current session information

func SessionLoginHandler added in v1.0.27 

func SessionLoginHandler(authService *auth.PAMAuth, store *session.Store) http.HandlerFunc

SessionLoginHandler authenticates user via PAM and creates server-side session Replaces JWT-based LoginHandler for improved security (revocable tokens)

func SessionRevokeHandler added in v1.0.27 

func SessionRevokeHandler(store *session.Store) http.HandlerFunc

SessionRevokeHandler revokes a specific session (admin only)

func SessionsListHandler added in v1.0.27 

func SessionsListHandler(store *session.Store) http.HandlerFunc

SessionsListHandler returns all active sessions (admin only)

func StartStatsUpdater 

func StartStatsUpdater()

Start background stats updater

func StatsBansHandler 

func StatsBansHandler(w http.ResponseWriter, r *http.Request)

StatsBansHandler returns ban statistics by module

func StatsCountriesHandler 

func StatsCountriesHandler(w http.ResponseWriter, r *http.Request)

StatsCountriesHandler returns top blocked countries

func StatsTrafficHandler 

func StatsTrafficHandler(w http.ResponseWriter, r *http.Request)

StatsTrafficHandler returns real traffic statistics from Node Exporter

func StatsTrendHandler 

func StatsTrendHandler(w http.ResponseWriter, r *http.Request)

StatsTrendHandler returns 7-day trend analysis GET /api/v1/stats/trend

func StatusHandler 

func StatusHandler(w http.ResponseWriter, r *http.Request)

StatusHandler returns firewall status

func SyncFeedsHandler 

func SyncFeedsHandler(w http.ResponseWriter, r *http.Request)

SyncFeedsHandler updates threat feeds

func SystemFHSFixHandler 

func SystemFHSFixHandler(w http.ResponseWriter, r *http.Request)

SystemFHSFixHandler fixes FHS issues POST /api/v1/system/fhs/fix

func SystemFHSHandler 

func SystemFHSHandler(w http.ResponseWriter, r *http.Request)

SystemFHSHandler returns FHS compliance report GET /api/v1/system/fhs

func SystemHealthFixHandler 

func SystemHealthFixHandler(w http.ResponseWriter, r *http.Request)

SystemHealthFixHandler runs health fix POST /api/v1/system/health/fix

func SystemHealthHandler 

func SystemHealthHandler(w http.ResponseWriter, r *http.Request)

SystemHealthHandler returns health check results GET /api/v1/system/health

func SystemHostnameHandler 

func SystemHostnameHandler(w http.ResponseWriter, r *http.Request)

SystemHostnameHandler returns the system hostname

func SystemInfoHandler 

func SystemInfoHandler(w http.ResponseWriter, r *http.Request)

SystemInfoHandler returns system information GET /api/v1/system/info

func SystemLogsHandler 

func SystemLogsHandler(w http.ResponseWriter, r *http.Request)

SystemLogsHandler provides unified system logs viewer

func SystemModulesHandler 

func SystemModulesHandler(w http.ResponseWriter, r *http.Request)

SystemModulesHandler returns NFTBan modules inventory

func SystemOverviewStatusHandler 

func SystemOverviewStatusHandler(w http.ResponseWriter, r *http.Request)

SystemOverviewStatusHandler returns comprehensive system status for overview GET /api/v1/system/status

func SystemServiceControlHandler 

func SystemServiceControlHandler(w http.ResponseWriter, r *http.Request)

SystemServiceControlHandler handles service start/stop/restart

func SystemServicesDetailHandler 

func SystemServicesDetailHandler(w http.ResponseWriter, r *http.Request)

SystemServicesDetailHandler returns detailed services list with status GET /api/v1/system/services/detail

func SystemServicesHandler 

func SystemServicesHandler(w http.ResponseWriter, r *http.Request)

SystemServicesHandler returns system services status

func SystemTimersDetailHandler 

func SystemTimersDetailHandler(w http.ResponseWriter, r *http.Request)

SystemTimersDetailHandler returns detailed systemd timer information GET /api/v1/system/timers/detail

func SystemTimersHandler 

func SystemTimersHandler(w http.ResponseWriter, r *http.Request)

SystemTimersHandler returns systemd timers status

func UIListBannedIPsHandler 

func UIListBannedIPsHandler(w http.ResponseWriter, r *http.Request)

UIListBannedIPsHandler returns all banned IPs from nftables sets

func UIWhitelistAddHandler 

func UIWhitelistAddHandler(w http.ResponseWriter, r *http.Request)

UIWhitelistAddHandler adds IP to GUI whitelist

func UIWhitelistGetHandler 

func UIWhitelistGetHandler(w http.ResponseWriter, r *http.Request)

UIWhitelistGetHandler returns IPs whitelisted for GUI access

func UnbanHandler 

func UnbanHandler(w http.ResponseWriter, r *http.Request)

UnbanHandler unbans an IP address

func WhitelistAddHandler 

func WhitelistAddHandler(w http.ResponseWriter, r *http.Request)

WhitelistAddHandler adds IP to whitelist

func WhitelistCountHandler 

func WhitelistCountHandler(w http.ResponseWriter, r *http.Request)

WhitelistCountHandler returns the count of whitelisted IPs

func WhitelistGetHandler 

func WhitelistGetHandler(w http.ResponseWriter, r *http.Request)

WhitelistGetHandler returns whitelisted IPs

func WhitelistRemoveHandler 

func WhitelistRemoveHandler(w http.ResponseWriter, r *http.Request)

WhitelistRemoveHandler removes IP from whitelist

Types

type API 

type API struct {
	NFT              *sync.NFTManager
	WhitelistIPv4Set *nftables.Set
	WhitelistIPv6Set *nftables.Set
	BlacklistIPv4Set *nftables.Set
	BlacklistIPv6Set *nftables.Set
}

API holds dependencies for all API handlers

func (*API) HandleBlacklistIPv4Add 

func (api *API) HandleBlacklistIPv4Add(w http.ResponseWriter, r *http.Request)

HandleBlacklistIPv4Add handles single IP add POST /api/blacklist/ipv4/add Body: { "ip": "1.2.3.4" }

func (*API) HandleBlacklistIPv4Batch 

func (api *API) HandleBlacklistIPv4Batch(w http.ResponseWriter, r *http.Request)

HandleBlacklistIPv4Batch handles batch add/remove for blacklist IPv4 POST /api/blacklist/ipv4/batch Body: { "add": ["1.2.3.4", "5.6.7.8"], "remove": ["9.9.9.9"] }

func (*API) HandleBlacklistIPv4Preview 

func (api *API) HandleBlacklistIPv4Preview(w http.ResponseWriter, r *http.Request)

HandleBlacklistIPv4Preview shows what would change (dry-run) POST /api/blacklist/ipv4/preview Body: { "desired": ["1.2.3.4", "5.6.7.8"] }

func (*API) HandleBlacklistIPv4Remove 

func (api *API) HandleBlacklistIPv4Remove(w http.ResponseWriter, r *http.Request)

HandleBlacklistIPv4Remove handles single IP remove POST /api/blacklist/ipv4/remove Body: { "ip": "1.2.3.4" }

func (*API) HandleWhitelistIPv4Add 

func (api *API) HandleWhitelistIPv4Add(w http.ResponseWriter, r *http.Request)

HandleWhitelistIPv4Add handles single IP add POST /api/whitelist/ipv4/add Body: { "ip": "1.2.3.4" }

func (*API) HandleWhitelistIPv4Batch 

func (api *API) HandleWhitelistIPv4Batch(w http.ResponseWriter, r *http.Request)

HandleWhitelistIPv4Batch handles batch add/remove for whitelist IPv4 POST /api/whitelist/ipv4/batch Body: { "add": ["1.2.3.4", "5.6.7.8"], "remove": ["9.9.9.9"] }

func (*API) HandleWhitelistIPv4Preview 

func (api *API) HandleWhitelistIPv4Preview(w http.ResponseWriter, r *http.Request)

HandleWhitelistIPv4Preview shows what would change (dry-run) POST /api/whitelist/ipv4/preview Body: { "desired": ["1.2.3.4", "5.6.7.8"] }

func (*API) HandleWhitelistIPv4Remove 

func (api *API) HandleWhitelistIPv4Remove(w http.ResponseWriter, r *http.Request)

HandleWhitelistIPv4Remove handles single IP remove POST /api/whitelist/ipv4/remove Body: { "ip": "1.2.3.4" }

type APIResponse 

type APIResponse struct {
	Success   bool        `json:"success"`
	Message   string      `json:"message,omitempty"`
	Error     string      `json:"error,omitempty"`
	Data      interface{} `json:"data,omitempty"`
	Timestamp int64       `json:"timestamp"`
}

APIResponse is the standard JSON envelope for all API responses

func NewDataResponse 

func NewDataResponse(data interface{}) APIResponse

NewDataResponse creates a success response with just data (no message)

func NewErrorResponse 

func NewErrorResponse(err string) APIResponse

NewErrorResponse creates an error response

func NewSuccessResponse 

func NewSuccessResponse(message string, data interface{}) APIResponse

NewSuccessResponse creates a success response with optional data

type BandwidthCurrentResponse 

type BandwidthCurrentResponse struct {
	Timestamp   int64                    `json:"timestamp"`
	Total       BandwidthTotal           `json:"total"`
	Interfaces  []BandwidthInterface     `json:"interfaces"`
	Protocols   map[string]ProtocolStats `json:"protocols"`
	Connections ConnectionCounts         `json:"connections"`
	Peaks5Min   BandwidthPeaks           `json:"peaks_5min"`
}

BandwidthCurrentResponse - GET /api/v1/bandwidth/current

type BandwidthHistoryResponse 

type BandwidthHistoryResponse struct {
	Start        int64             `json:"start"`
	End          int64             `json:"end"`
	Interval     int               `json:"interval"`
	TotalSamples int               `json:"total_samples"`
	Samples      []BandwidthSample `json:"samples"`
}

BandwidthHistoryResponse - GET /api/v1/bandwidth/history

type BandwidthInterface 

type BandwidthInterface struct {
	Name      string  `json:"name"`
	RxMbps    float64 `json:"rx_mbps"`
	TxMbps    float64 `json:"tx_mbps"`
	RxBytes   uint64  `json:"rx_bytes"`
	TxBytes   uint64  `json:"tx_bytes"`
	RxPackets uint64  `json:"rx_packets"`
	TxPackets uint64  `json:"tx_packets"`
	Status    string  `json:"status"`
}

BandwidthInterface - per-interface stats

type BandwidthInterfaceDetailed 

type BandwidthInterfaceDetailed struct {
	Name        string            `json:"name"`
	Status      string            `json:"status"`
	MAC         string            `json:"mac,omitempty"`
	IP          string            `json:"ip,omitempty"`
	RxMbps      float64           `json:"rx_mbps"`
	TxMbps      float64           `json:"tx_mbps"`
	RxBytes     uint64            `json:"rx_bytes"`
	TxBytes     uint64            `json:"tx_bytes"`
	RxPackets   uint64            `json:"rx_packets"`
	TxPackets   uint64            `json:"tx_packets"`
	Errors      int               `json:"errors"`
	Drops       int               `json:"drops"`
	History5Min []BandwidthSample `json:"history_5min,omitempty"`
}

BandwidthInterfaceDetailed - detailed interface information

type BandwidthInterfacesResponse 

type BandwidthInterfacesResponse struct {
	Timestamp  int64                        `json:"timestamp"`
	Interfaces []BandwidthInterfaceDetailed `json:"interfaces"`
}

BandwidthInterfacesResponse - GET /api/v1/bandwidth/interfaces

type BandwidthMetrics 

type BandwidthMetrics struct {
	Timestamp   time.Time
	Interfaces  map[string]*BandwidthInterface
	TotalRxMbps float64
	TotalTxMbps float64
	Protocols   map[string]*ProtocolStats
	Connections ConnectionCounts
	Peaks       BandwidthPeaks
}

BandwidthMetrics - internal structure for caching parsed metrics

type BandwidthPeaks 

type BandwidthPeaks struct {
	RxMbps    float64 `json:"rx_mbps"`
	TxMbps    float64 `json:"tx_mbps"`
	Timestamp int64   `json:"timestamp,omitempty"`
}

BandwidthPeaks - peak bandwidth values

type BandwidthSample 

type BandwidthSample struct {
	Timestamp int64   `json:"timestamp"`
	RxMbps    float64 `json:"rx_mbps"`
	TxMbps    float64 `json:"tx_mbps"`
}

BandwidthSample - single bandwidth sample

type BandwidthTotal 

type BandwidthTotal struct {
	RxMbps    float64 `json:"rx_mbps"`
	TxMbps    float64 `json:"tx_mbps"`
	RxBytes   uint64  `json:"rx_bytes"`
	TxBytes   uint64  `json:"tx_bytes"`
	RxPackets uint64  `json:"rx_packets"`
	TxPackets uint64  `json:"tx_packets"`
}

BandwidthTotal - total bandwidth across all interfaces

type BatchRequest 

type BatchRequest struct {
	Add    []string `json:"add"`
	Remove []string `json:"remove"`
}

BatchRequest represents a batch add/remove operation

type BatchResponse 

type BatchResponse struct {
	Added     int    `json:"added"`
	Removed   int    `json:"removed"`
	Unchanged int    `json:"unchanged,omitempty"`
	Success   bool   `json:"success"`
	Message   string `json:"message,omitempty"`
}

BatchResponse represents the result of a batch operation

type Connection 

type Connection struct {
	State       string `json:"state"`
	LocalAddr   string `json:"local_addr"`
	LocalPort   string `json:"local_port"`
	PeerAddr    string `json:"peer_addr"`
	PeerPort    string `json:"peer_port"`
	Timer       string `json:"timer,omitempty"`       // Timer name (keepalive, on, off, etc.)
	TimerValue  string `json:"timer_value,omitempty"` // Timer value (e.g., "30sec")
	Protocol    string `json:"protocol"`
	RecvQ       int    `json:"recv_q"`            // Receive queue size
	SendQ       int    `json:"send_q"`            // Send queue size
	UID         string `json:"uid,omitempty"`     // User ID (if available)
	ProcessInfo string `json:"process,omitempty"` // Process info (if available)
}

Connection represents a network connection from ss output

type ConnectionCounts 

type ConnectionCounts struct {
	Active      int `json:"active"`
	Established int `json:"established"`
	TimeWait    int `json:"time_wait"`
	CloseWait   int `json:"close_wait"`
}

ConnectionCounts - connection statistics

type ConnectionStats 

type ConnectionStats struct {
	Timestamp   time.Time      `json:"timestamp"`
	Total       int            `json:"total"`
	ByState     map[string]int `json:"by_state"`
	ByProtocol  map[string]int `json:"by_protocol"`
	Connections []Connection   `json:"connections,omitempty"`
}

ConnectionStats represents connection statistics

type DdosStats 

type DdosStats struct {
	PacketsDropped    int    `json:"packets_dropped"`
	BytesDropped      int    `json:"bytes_dropped"`
	Blocked24h        int    `json:"blocked_24h"`
	BlockedTotal      int    `json:"blocked_total"`
	Enabled           bool   `json:"enabled"`
	RateLimit         int    `json:"rate_limit"`
	Mode              string `json:"mode"`               // classic, suricata, hybrid
	SuricataAvailable bool   `json:"suricata_available"` // is Suricata service running
}

DdosStats represents DDoS protection statistics

type EmulateEvalEntry 

type EmulateEvalEntry struct {
	Set     string `json:"set"`
	Matched bool   `json:"matched"`
	Entry   string `json:"entry,omitempty"`
}

EmulateEvalEntry tracks each set evaluation

type EmulateNFT 

type EmulateNFT struct {
	Family     string `json:"family"`
	Table      string `json:"table"`
	Chain      string `json:"chain"`
	RuleHandle int    `json:"rule_handle,omitempty"`
	SetName    string `json:"set_name,omitempty"`
}

EmulateNFT contains nftables-specific information

type EmulateQuery 

type EmulateQuery struct {
	IP        string `json:"ip"`
	Protocol  string `json:"protocol,omitempty"`
	Port      int    `json:"port,omitempty"`
	Direction string `json:"direction,omitempty"`
	Family    string `json:"family"`
}

EmulateQuery represents the query parameters for emulation

type EmulateReason 

type EmulateReason struct {
	Module       string `json:"module"`
	Source       string `json:"source"`
	ListType     string `json:"list_type"`
	MatchingCIDR string `json:"matching_cidr"`
}

EmulateReason explains why the decision was made

type EmulateResponse 

type EmulateResponse struct {
	Query           EmulateQuery       `json:"query"`
	Result          EmulateResult      `json:"result"`
	EvaluationOrder []EmulateEvalEntry `json:"evaluation_order"`
}

EmulateResponse is the complete API response

type EmulateResult 

type EmulateResult struct {
	Decision    string        `json:"decision"`
	Reason      EmulateReason `json:"reason"`
	NFTables    EmulateNFT    `json:"nftables"`
	Explanation string        `json:"explanation"`
}

EmulateResult is the full result of an emulation

type ErrorResponse 

type ErrorResponse struct {
	Error string `json:"error"`
}

type FirewallCheckRequest 

type FirewallCheckRequest struct {
	Value string `json:"value"` // IP or port to check
}

FirewallCheckRequest represents the request body for firewall check

type InterfaceStats 

type InterfaceStats struct {
	Name      string  `json:"name"`
	RxBytes   uint64  `json:"rx_bytes"`
	TxBytes   uint64  `json:"tx_bytes"`
	RxPackets uint64  `json:"rx_packets"`
	TxPackets uint64  `json:"tx_packets"`
	RxMbps    float64 `json:"rx_mbps,omitempty"`
	TxMbps    float64 `json:"tx_mbps,omitempty"`
}

InterfaceStats represents stats for a single network interface

type LoginEvent 

type LoginEvent struct {
	Timestamp string `json:"timestamp"`
	Type      string `json:"type"`
	User      string `json:"user"`
	IP        string `json:"ip"`
	Location  string `json:"location"`
	Status    string `json:"status"`
}

LoginEvent represents a single login event

type LoginEventStats 

type LoginEventStats struct {
	Total   int `json:"total"`
	Success int `json:"success"`
	Failed  int `json:"failed"`
	Today   int `json:"today"`
}

type LoginMonitorConfig 

type LoginMonitorConfig struct {
	Enabled bool   `json:"enabled"`
	Format  string `json:"format"`
	GeoIP   bool   `json:"geoip"`
}

type LoginMonitorFailed 

type LoginMonitorFailed struct {
	AlertOnFailed bool `json:"alert_on_failed"`
	Threshold     int  `json:"threshold"`
	WindowSeconds int  `json:"window_seconds"`
}

type LoginMonitorStats 

type LoginMonitorStats struct {
	Events  LoginEventStats   `json:"events"`
	Service LoginServiceStats `json:"service"`
}

LoginMonitorStats represents login statistics

type LoginMonitorStatus 

type LoginMonitorStatus struct {
	ConfigExists   bool               `json:"config_exists"`
	ModuleExists   bool               `json:"module_exists"`
	ServiceStatus  string             `json:"service_status"`
	Config         LoginMonitorConfig `json:"config"`
	Monitoring     LoginMonitorTypes  `json:"monitoring"`
	FailedAttempts LoginMonitorFailed `json:"failed_attempts"`
	LogLines       int                `json:"log_lines"`
}

LoginMonitorStatus represents login monitor status

type LoginMonitorTypes 

type LoginMonitorTypes struct {
	SSH     bool `json:"ssh"`
	SU      bool `json:"su"`
	SUDO    bool `json:"sudo"`
	Console bool `json:"console"`
}

type LoginRequest 

type LoginRequest struct {
	Username string `json:"username"`
	Password string `json:"password"`
}

Response structures

type LoginResponse 

type LoginResponse struct {
	Success bool   `json:"success"`
	Token   string `json:"token,omitempty"`
	Message string `json:"message,omitempty"`
}

type LoginServiceStats 

type LoginServiceStats struct {
	Running bool   `json:"running"`
	Uptime  string `json:"uptime"`
}

type LoginUser 

type LoginUser struct {
	Username  string `json:"username"`
	Total     int    `json:"total"`
	Success   int    `json:"success"`
	Failed    int    `json:"failed"`
	LastLogin string `json:"last_login"`
}

LoginUser represents user login statistics

type NetworkStats 

type NetworkStats struct {
	Timestamp     time.Time        `json:"timestamp"`
	Interfaces    []InterfaceStats `json:"interfaces"`
	Total         InterfaceStats   `json:"total"`
	RecentSamples []metrics.Sample `json:"recent_samples,omitempty"`
}

NetworkStats represents network bandwidth statistics

type PaginatedResponse 

type PaginatedResponse struct {
	Items      interface{} `json:"items"`
	Page       int         `json:"page"`
	Limit      int         `json:"limit"`
	Total      int         `json:"total"`
	TotalPages int         `json:"total_pages"`
}

PaginatedResponse wraps data with pagination info

func NewPaginatedResponse 

func NewPaginatedResponse(items interface{}, page, limit, total int) PaginatedResponse

NewPaginatedResponse creates a paginated response

type PortscanStats 

type PortscanStats struct {
	MonitoredPorts    int    `json:"monitored_ports"`
	Blocked24h        int    `json:"blocked_24h"`
	BlockedTotal      int    `json:"blocked_total"`
	Enabled           bool   `json:"enabled"`
	Mode              string `json:"mode"`               // classic, suricata, hybrid
	SuricataAvailable bool   `json:"suricata_available"` // is Suricata service running
}

PortscanStats represents portscan statistics

type PreviewRequest 

type PreviewRequest struct {
	Desired []string `json:"desired"`
}

PreviewRequest requests a dry-run diff preview

type PreviewResponse 

type PreviewResponse struct {
	ToAdd     []string `json:"to_add"`
	ToRemove  []string `json:"to_remove"`
	Unchanged int      `json:"unchanged"`
}

PreviewResponse shows what would change

type ProtocolStats 

type ProtocolStats struct {
	Bytes   uint64 `json:"bytes"`
	Packets uint64 `json:"packets"`
}

ProtocolStats - protocol-level statistics

type RecentActivity 

type RecentActivity struct {
	Timestamp string `json:"timestamp"`
	Type      string `json:"type"`
	Action    string `json:"action"`
	IP        string `json:"ip"`
	Source    string `json:"source"`
	Details   string `json:"details"`
	TimeAgo   string `json:"time_ago"`
}

RecentActivity represents a single recent activity event

type SingleIPRequest 

type SingleIPRequest struct {
	IP string `json:"ip"`
}

SingleIPRequest for adding/removing single IP

type SingleIPResponse 

type SingleIPResponse struct {
	Success bool   `json:"success"`
	Message string `json:"message"`
}

SingleIPResponse for single IP operations

type SuccessResponse 

type SuccessResponse struct {
	Success bool   `json:"success"`
	Message string `json:"message"`
}

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.