Directories
¶
| Path | Synopsis |
|---|---|
|
Package allowlist holds CIDR ranges that must never be banned.
|
Package allowlist holds CIDR ranges that must never be banned. |
|
Package banner abstracts the network-level ban action so rules don't depend on iptables/ipset directly.
|
Package banner abstracts the network-level ban action so rules don't depend on iptables/ipset directly. |
|
Package config loads and validates GoBan configuration from defaults, a YAML file, and environment overrides (in that order).
|
Package config loads and validates GoBan configuration from defaults, a YAML file, and environment overrides (in that order). |
|
Package control defines the JSON shapes shared between the daemon's unix-socket HTTP server and goban-client.
|
Package control defines the JSON shapes shared between the daemon's unix-socket HTTP server and goban-client. |
|
Package daemon wires sources, rules, the banner and the control server into a single supervised lifecycle.
|
Package daemon wires sources, rules, the banner and the control server into a single supervised lifecycle. |
|
Package datepattern translates GoBan's `datepattern:` rule field into a Go time-layout string.
|
Package datepattern translates GoBan's `datepattern:` rule field into a Go time-layout string. |
|
Package ipset is a tiny netlink-direct client for the kernel ipset subsystem.
|
Package ipset is a tiny netlink-direct client for the kernel ipset subsystem. |
|
Package logging configures and exposes a process-wide zerolog logger.
|
Package logging configures and exposes a process-wide zerolog logger. |
|
Package matcher extracts banned-candidate IPs (and optional timestamps and arbitrary named captures) from log lines using a pre-compiled regex.
|
Package matcher extracts banned-candidate IPs (and optional timestamps and arbitrary named captures) from log lines using a pre-compiled regex. |
|
Package nftables is a small netlink-direct client for the kernel nf_tables subsystem.
|
Package nftables is a small netlink-direct client for the kernel nf_tables subsystem. |
|
Package rule orchestrates the per-rule pipeline: line → matcher → date parse → excludes filter → allowlist → tracker → banner.
|
Package rule orchestrates the per-rule pipeline: line → matcher → date parse → excludes filter → allowlist → tracker → banner. |
|
Package source defines the LogLine type and the Source interface that file, docker and journal backends implement.
|
Package source defines the LogLine type and the Source interface that file, docker and journal backends implement. |
|
docker
Package docker implements a Source that streams container logs from the Docker daemon and dynamically attaches to new containers matching a label or name selector.
|
Package docker implements a Source that streams container logs from the Docker daemon and dynamically attaches to new containers matching a label or name selector. |
|
file
Package file implements a Source backed by a tailed file with rotation support.
|
Package file implements a Source backed by a tailed file with rotation support. |
|
journal
Package journal provides a systemd-journal log source.
|
Package journal provides a systemd-journal log source. |
|
Package tracker implements a per-rule sliding-window strike counter.
|
Package tracker implements a per-rule sliding-window strike counter. |
Click to show internal directories.
Click to hide internal directories.