2018-06-10 14:50:03 +00:00
|
|
|
package constant
|
|
|
|
|
|
|
|
// Rule Type
|
|
|
|
const (
|
2018-09-09 07:01:46 +00:00
|
|
|
Domain RuleType = iota
|
|
|
|
DomainSuffix
|
2018-06-10 14:50:03 +00:00
|
|
|
DomainKeyword
|
2021-11-17 08:03:47 +00:00
|
|
|
GEOSITE
|
2018-06-10 14:50:03 +00:00
|
|
|
GEOIP
|
|
|
|
IPCIDR
|
2019-05-09 13:00:29 +00:00
|
|
|
SrcIPCIDR
|
|
|
|
SrcPort
|
|
|
|
DstPort
|
2020-07-19 05:17:05 +00:00
|
|
|
Process
|
2022-03-12 11:07:53 +00:00
|
|
|
ProcessPath
|
2021-11-17 08:03:47 +00:00
|
|
|
Script
|
2021-12-02 14:56:17 +00:00
|
|
|
RuleSet
|
2022-01-22 14:10:45 +00:00
|
|
|
Network
|
2022-04-22 08:27:51 +00:00
|
|
|
Uid
|
2019-02-18 13:53:57 +00:00
|
|
|
MATCH
|
2022-01-22 14:10:45 +00:00
|
|
|
AND
|
|
|
|
OR
|
|
|
|
NOT
|
2018-06-10 14:50:03 +00:00
|
|
|
)
|
|
|
|
|
|
|
|
type RuleType int
|
|
|
|
|
2018-06-20 14:41:02 +00:00
|
|
|
func (rt RuleType) String() string {
|
|
|
|
switch rt {
|
2018-09-09 07:01:46 +00:00
|
|
|
case Domain:
|
|
|
|
return "Domain"
|
2018-06-20 14:41:02 +00:00
|
|
|
case DomainSuffix:
|
|
|
|
return "DomainSuffix"
|
|
|
|
case DomainKeyword:
|
|
|
|
return "DomainKeyword"
|
2021-11-17 08:03:47 +00:00
|
|
|
case GEOSITE:
|
|
|
|
return "GeoSite"
|
2018-06-20 14:41:02 +00:00
|
|
|
case GEOIP:
|
2019-10-27 13:44:07 +00:00
|
|
|
return "GeoIP"
|
2018-06-20 14:41:02 +00:00
|
|
|
case IPCIDR:
|
|
|
|
return "IPCIDR"
|
2019-05-09 13:00:29 +00:00
|
|
|
case SrcIPCIDR:
|
|
|
|
return "SrcIPCIDR"
|
|
|
|
case SrcPort:
|
|
|
|
return "SrcPort"
|
|
|
|
case DstPort:
|
|
|
|
return "DstPort"
|
2020-07-19 05:17:05 +00:00
|
|
|
case Process:
|
|
|
|
return "Process"
|
2022-03-12 11:07:53 +00:00
|
|
|
case ProcessPath:
|
|
|
|
return "ProcessPath"
|
2021-11-17 08:03:47 +00:00
|
|
|
case Script:
|
|
|
|
return "Script"
|
2019-02-18 13:53:57 +00:00
|
|
|
case MATCH:
|
2019-10-27 13:44:07 +00:00
|
|
|
return "Match"
|
2021-12-02 14:56:17 +00:00
|
|
|
case RuleSet:
|
|
|
|
return "RuleSet"
|
2022-01-22 14:10:45 +00:00
|
|
|
case Network:
|
|
|
|
return "Network"
|
2022-04-22 08:27:51 +00:00
|
|
|
case Uid:
|
|
|
|
return "Uid"
|
2022-01-22 14:10:45 +00:00
|
|
|
case AND:
|
|
|
|
return "AND"
|
|
|
|
case OR:
|
|
|
|
return "OR"
|
|
|
|
case NOT:
|
|
|
|
return "NOT"
|
2018-06-20 14:41:02 +00:00
|
|
|
default:
|
2019-08-26 04:26:14 +00:00
|
|
|
return "Unknown"
|
2018-06-20 14:41:02 +00:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2018-06-10 14:50:03 +00:00
|
|
|
type Rule interface {
|
|
|
|
RuleType() RuleType
|
2019-10-27 16:02:23 +00:00
|
|
|
Match(metadata *Metadata) bool
|
2018-06-10 14:50:03 +00:00
|
|
|
Adapter() string
|
2018-06-20 14:41:02 +00:00
|
|
|
Payload() string
|
2020-07-27 03:57:55 +00:00
|
|
|
ShouldResolveIP() bool
|
2022-03-12 11:07:53 +00:00
|
|
|
ShouldFindProcess() bool
|
2021-11-17 08:03:47 +00:00
|
|
|
RuleExtra() *RuleExtra
|
2022-03-12 17:21:23 +00:00
|
|
|
SetRuleExtra(re *RuleExtra)
|
2018-06-10 14:50:03 +00:00
|
|
|
}
|