crowdsec

package
v0.69.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Apr 20, 2026 License: BSD-3-Clause, AGPL-3.0 Imports: 12 Imported by: 0

Documentation

Overview

Package crowdsec provides a CrowdSec stream bouncer that maintains a local decision cache for IP reputation checks.

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type Bouncer 

type Bouncer struct {
	// contains filtered or unexported fields
}

Bouncer wraps a CrowdSec StreamBouncer, maintaining a local cache of active decisions for fast IP lookups. It implements restrict.CrowdSecChecker.

func NewBouncer 

func NewBouncer(apiURL, apiKey string, logger *log.Entry) *Bouncer

NewBouncer creates a bouncer but does not start the stream.

func (*Bouncer) CheckIP 

func (b *Bouncer) CheckIP(addr netip.Addr) *restrict.CrowdSecDecision

CheckIP looks up addr in the local decision cache. Returns nil if no active decision exists for the address.

Prefix lookups are O(1): instead of scanning all stored prefixes, we probe the map for every possible containing prefix of the address (at most 33 for IPv4, 129 for IPv6).

func (*Bouncer) Ready 

func (b *Bouncer) Ready() bool

Ready returns true after the first batch of decisions has been processed.

func (*Bouncer) Start 

func (b *Bouncer) Start(ctx context.Context) error

Start launches the background goroutine that streams decisions from the CrowdSec LAPI. The stream runs until Stop is called or ctx is cancelled.

func (*Bouncer) Stop 

func (b *Bouncer) Stop()

Stop cancels the stream and waits for all goroutines to finish.

type Registry 

type Registry struct {
	// contains filtered or unexported fields
}

Registry manages a single shared Bouncer instance with reference counting. The bouncer starts when the first service acquires it and stops when the last service releases it.

func NewRegistry 

func NewRegistry(apiURL, apiKey string, logger *log.Entry) *Registry

NewRegistry creates a registry. The bouncer is not started until Acquire is called.

func (*Registry) Acquire 

func (r *Registry) Acquire(svcID types.ServiceID) *Bouncer

Acquire registers svcID as a consumer and starts the bouncer if this is the first consumer. Returns the shared Bouncer (which implements the restrict package's CrowdSecChecker interface). Returns nil if not Available.

func (*Registry) Available 

func (r *Registry) Available() bool

Available returns true when the LAPI URL and API key are configured.

func (*Registry) Release 

func (r *Registry) Release(svcID types.ServiceID)

Release removes svcID as a consumer. Stops the bouncer when the last consumer releases.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.