Documentation
¶
Index ¶
- type Counters
- type IPEntry
- type RuntimeState
- func (rs *RuntimeState) AddToBlacklist(ip string, isIPv4 bool, source string, reason string) error
- func (rs *RuntimeState) GetBlacklistSnapshot() ([]string, []string)
- func (rs *RuntimeState) GetStats() map[string]interface{}
- func (rs *RuntimeState) GetWhitelistSnapshot() ([]string, []string)
- func (rs *RuntimeState) IncrementSyncCounter(success bool)
- func (rs *RuntimeState) IsBlacklisted(ip string, isIPv4 bool) bool
- func (rs *RuntimeState) IsWhitelisted(ip string, isIPv4 bool) bool
- func (rs *RuntimeState) LoadBlacklists() error
- func (rs *RuntimeState) LoadWhitelists() error
- func (rs *RuntimeState) ReloadAll() error
- func (rs *RuntimeState) RemoveFromBlacklist(ip string, isIPv4 bool) error
- type SourceStats
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type Counters ¶
type Counters struct {
// Global counters
TotalWhitelistIPv4 int64
TotalWhitelistIPv6 int64
TotalBlacklistIPv4 int64
TotalBlacklistIPv6 int64
// Per-source counters
FeedsIPv4 int64
FeedsIPv6 int64
GeoBanIPv4 int64
GeoBanIPv6 int64
// Removed: Fail2BanIPv4, Fail2BanIPv6 (v1.0 migration to Suricata)
ManualIPv4 int64
ManualIPv6 int64
// Operations counters
BansTotal int64
UnbansTotal int64
ReloadsTotal int64
SyncsTotal int64
SyncErrorsTotal int64
// contains filtered or unexported fields
}
Counters holds atomic counters for metrics
type IPEntry ¶
type IPEntry struct {
IP string
Source string // "whitelist", "blacklist", "feeds", "geoban", "tempban" (v1.0: removed fail2ban)
AddedAt time.Time
BanCount int // Number of times this IP was banned
LastBanAt time.Time // Last time this IP was banned
ExpireAt *time.Time // Optional: expiration time for temporary bans
Reason string // Why this IP was added
}
IPEntry represents a single IP in the runtime state
type RuntimeState ¶
type RuntimeState struct {
// Whitelist sets (IPv4 and IPv6 separated)
WhitelistIPv4 map[string]*IPEntry
WhitelistIPv6 map[string]*IPEntry
// Blacklist sets (IPv4 and IPv6 separated)
BlacklistIPv4 map[string]*IPEntry
BlacklistIPv6 map[string]*IPEntry
// Effective sets (computed from sources)
EffectiveBlackIPv4 map[string]bool
EffectiveBlackIPv6 map[string]bool
// Per-source tracking
Sources map[string]*SourceStats
// Counters
Counters *Counters
// Config directory
ConfigDir string
// Last reload time
LastReload time.Time
// contains filtered or unexported fields
}
RuntimeState holds the in-memory firewall state Thread-safe with RWMutex
func NewRuntimeState ¶
func NewRuntimeState(configDir string) *RuntimeState
NewRuntimeState creates a new RuntimeState instance
func (*RuntimeState) AddToBlacklist ¶
AddToBlacklist adds an IP to the blacklist
func (*RuntimeState) GetBlacklistSnapshot ¶
func (rs *RuntimeState) GetBlacklistSnapshot() ([]string, []string)
GetBlacklistSnapshot returns a copy of current blacklist
func (*RuntimeState) GetStats ¶
func (rs *RuntimeState) GetStats() map[string]interface{}
GetStats returns a snapshot of current stats
func (*RuntimeState) GetWhitelistSnapshot ¶
func (rs *RuntimeState) GetWhitelistSnapshot() ([]string, []string)
GetWhitelistSnapshot returns a copy of current whitelist
func (*RuntimeState) IncrementSyncCounter ¶
func (rs *RuntimeState) IncrementSyncCounter(success bool)
IncrementSyncCounter increments the sync counter
func (*RuntimeState) IsBlacklisted ¶
func (rs *RuntimeState) IsBlacklisted(ip string, isIPv4 bool) bool
IsBlacklisted checks if an IP is in the blacklist
func (*RuntimeState) IsWhitelisted ¶
func (rs *RuntimeState) IsWhitelisted(ip string, isIPv4 bool) bool
IsWhitelisted checks if an IP is in the whitelist
func (*RuntimeState) LoadBlacklists ¶
func (rs *RuntimeState) LoadBlacklists() error
LoadBlacklists loads all blacklist files into memory
func (*RuntimeState) LoadWhitelists ¶
func (rs *RuntimeState) LoadWhitelists() error
LoadWhitelists loads all whitelist files into memory
func (*RuntimeState) ReloadAll ¶
func (rs *RuntimeState) ReloadAll() error
ReloadAll reloads both whitelists and blacklists
func (*RuntimeState) RemoveFromBlacklist ¶
func (rs *RuntimeState) RemoveFromBlacklist(ip string, isIPv4 bool) error
RemoveFromBlacklist removes an IP from the blacklist
Source Files
Click to show internal directories.
Click to hide internal directories.