detect

package
v1.79.2 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Apr 8, 2026 License: MPL-2.0 Imports: 7 Imported by: 0

Documentation

Overview

============================================================================= NFTBan v1.73 - Installer Conflict Detection ============================================================================= SPDX-License-Identifier: MPL-2.0 meta:name="installer-detect-conflicts" meta:type="lib" meta:owner="Antonios Voulvoulis <contact@nftban.com>" meta:created_date="2026-04-04" meta:description="Conflicting firewall detection (services + ghost nft tables)" meta:inventory.files="internal/installer/detect/conflicts.go" meta:inventory.binaries="" meta:inventory.env_vars="" meta:inventory.config_files="" meta:inventory.systemd_units="" meta:inventory.network="" meta:inventory.privileges="root" =============================================================================

============================================================================= NFTBan v1.73 - Installer CT Limits Detection ============================================================================= SPDX-License-Identifier: MPL-2.0 meta:name="installer-detect-ctlimits" meta:type="lib" meta:owner="Antonios Voulvoulis <contact@nftban.com>" meta:created_date="2026-04-04" meta:description="DDoS connection tracking limit reads from config" meta:inventory.files="internal/installer/detect/ctlimits.go" meta:inventory.binaries="" meta:inventory.env_vars="" meta:inventory.config_files="/etc/nftban/conf.d/ddos/classic.conf" meta:inventory.systemd_units="" meta:inventory.network="" meta:inventory.privileges="none" =============================================================================

============================================================================= NFTBan v1.73 - Installer Distro Detection ============================================================================= SPDX-License-Identifier: MPL-2.0 meta:name="installer-detect-distro" meta:type="lib" meta:owner="Antonios Voulvoulis <contact@nftban.com>" meta:created_date="2026-04-04" meta:description="OS distribution detection and nftables.conf path resolution" meta:inventory.files="internal/installer/detect/distro.go" meta:inventory.binaries="" meta:inventory.env_vars="" meta:inventory.config_files="/etc/os-release" meta:inventory.systemd_units="" meta:inventory.network="" meta:inventory.privileges="none" =============================================================================

============================================================================= NFTBan v1.75.1 - Installer Panel Detection ============================================================================= SPDX-License-Identifier: MPL-2.0 meta:name="installer-detect-panel" meta:type="lib" meta:owner="Antonios Voulvoulis <contact@nftban.com>" meta:created_date="2026-04-04" meta:description="Control panel detection by directory existence" meta:inventory.files="internal/installer/detect/panel.go" meta:inventory.binaries="" meta:inventory.env_vars="" meta:inventory.config_files="" meta:inventory.systemd_units="" meta:inventory.network="" meta:inventory.privileges="none" =============================================================================

============================================================================= NFTBan v1.73 - Installer SSH Port Detection ============================================================================= SPDX-License-Identifier: MPL-2.0 meta:name="installer-detect-ssh" meta:type="lib" meta:owner="Antonios Voulvoulis <contact@nftban.com>" meta:created_date="2026-04-04" meta:description="4-source SSH port detection chain for installer" meta:inventory.files="internal/installer/detect/ssh.go" meta:inventory.binaries="" meta:inventory.env_vars="" meta:inventory.config_files="/etc/ssh/sshd_config" meta:inventory.systemd_units="" meta:inventory.network="" meta:inventory.privileges="root" =============================================================================

Index

Constants

View Source 
const (
	PathDirectAdmin = "/usr/local/directadmin"
	PathCPanel      = "/usr/local/cpanel"
	PathPlesk       = "/usr/local/psa"
	PathCyberPanel  = "/usr/local/CyberCP"
	PathHestia      = "/usr/local/hestia"
	PathVesta       = "/usr/local/vesta"
	PathCWP         = "/usr/local/cwpsrv"
	PathInterWorx   = "/usr/local/interworx"
)

Panel directory paths (exported for use by switchop and services packages).

Variables

This section is empty.

Functions

func ConflictNames 

func ConflictNames(conflicts []Conflict) []string

ConflictNames returns a deduplicated list of conflict names.

func HasPanel 

func HasPanel(panel PanelType) bool

HasPanel returns true if any panel was detected.

func SSHPort 

func SSHPort(exec executor.Executor, log *logging.Logger) (int, error)

SSHPort detects the active SSH port using a 4-source priority chain. Returns the port number (1-65535) or an error if no source yields a valid port.

Priority:

  1. ss listener (most authoritative — reflects actual running sshd)
  2. sshd_config + drop-in dirs (config-declared)
  3. State file from previous install (/var/lib/nftban/state/ssh_port_active.state)
  4. nftban.conf.local override (/etc/nftban/nftban.conf.local SSH_PORT=)

Types

type CTLimits 

type CTLimits struct {
	SSH  int // DDOS_CLASSIC_SSH_CONN_LIMIT, default 15
	HTTP int // DDOS_CLASSIC_HTTP_CONN_LIMIT, default 200
	Mail int // DDOS_CLASSIC_SMTP_CONN_LIMIT, default 30
}

CTLimits holds DDoS connection tracking limits used in nftables template rendering.

func DefaultCTLimits 

func DefaultCTLimits() CTLimits

DefaultCTLimits returns the defaults matching the shell %post.

func ReadCTLimits 

func ReadCTLimits(exec executor.Executor, log *logging.Logger) CTLimits

ReadCTLimits reads DDoS connection tracking limits from config files. Reads classic.conf first, then classic.conf.local as override. Returns defaults for any value not found.

type Conflict 

type Conflict struct {
	Name    string // e.g., "CSF", "UFW", "firewalld", "iptables", "iptables-nft"
	Service string // systemd unit name (may be empty for ghost table conflicts)
	Active  bool   // true if service is currently running or table exists
}

Conflict represents a detected conflicting firewall.

func DetectConflicts 

func DetectConflicts(exec executor.Executor, log *logging.Logger) []Conflict

DetectConflicts checks for active conflicting firewalls via systemd services and ghost nftables tables. Returns a deduplicated slice of conflicts.

type DistroInfo 

type DistroInfo struct {
	ID          string // normalized: "rocky", "almalinux", "centos", "rhel", "debian", "ubuntu", "fedora"
	VersionID   string // e.g., "9", "10", "24.04"
	PrettyName  string // e.g., "AlmaLinux 9.7 (Moss Jungle Cat)"
	NftConfPath string // system nftables.conf path for this distro
}

DistroInfo holds detected OS distribution information.

func DetectDistro 

func DetectDistro(exec executor.Executor, log *logging.Logger) (*DistroInfo, error)

DetectDistro parses /etc/os-release and determines the nftables.conf path.

type PanelType 

type PanelType string

PanelType identifies a hosting control panel. 

const (
	PanelNone        PanelType = ""
	PanelDirectAdmin PanelType = "directadmin"
	PanelCPanel      PanelType = "cpanel"
	PanelPlesk       PanelType = "plesk"
	PanelCyberPanel  PanelType = "cyberpanel"
	PanelHestia      PanelType = "hestia"
	PanelVesta       PanelType = "vesta"
	PanelCWP         PanelType = "cwp"
	PanelInterWorx   PanelType = "interworx"
)

func DetectPanel 

func DetectPanel(exec executor.Executor, log *logging.Logger) PanelType

DetectPanel checks for installed control panels by directory existence. Returns PanelNone if no panel is detected.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.