You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
fw-daemon/sgfw/const.go

156 lines
3.9 KiB

package sgfw
import (
"strings"
)
// Static strings for various usage
const (
STR_REDACTED = "[redacted]"
STR_UNKNOWN = "[uknown]"
)
//RuleAction is the action to apply to a rule
type RuleAction uint16
const (
RULE_ACTION_DENY RuleAction = iota
RULE_ACTION_ALLOW
RULE_ACTION_ALLOW_TLSONLY
)
// RuleActionString is used to get a string from an action id
var RuleActionString = map[RuleAction]string{
RULE_ACTION_DENY: "DENY",
RULE_ACTION_ALLOW: "ALLOW",
RULE_ACTION_ALLOW_TLSONLY: "ALLOW_TLSONLY",
}
// RuleActionValue is used to get an action id using the action string
var RuleActionValue = map[string]RuleAction{
RuleActionString[RULE_ACTION_DENY]: RULE_ACTION_DENY,
RuleActionString[RULE_ACTION_ALLOW]: RULE_ACTION_ALLOW,
RuleActionString[RULE_ACTION_ALLOW_TLSONLY]: RULE_ACTION_ALLOW_TLSONLY,
}
//RuleMode contains the time scope of a rule
type RuleMode uint16
const (
RULE_MODE_SESSION RuleMode = iota
RULE_MODE_PROCESS
RULE_MODE_PERMANENT
RULE_MODE_SYSTEM
RULE_MODE_ONCE
)
// RuleModeString is used to get a rule mode string from its id
var RuleModeString = map[RuleMode]string{
RULE_MODE_SESSION: "SESSION",
RULE_MODE_PROCESS: "PROCESS",
RULE_MODE_PERMANENT: "PERMANENT",
RULE_MODE_SYSTEM: "SYSTEM",
RULE_MODE_ONCE: "ONCE",
}
// RuleModeValue converts a mode string to its id
var RuleModeValue = map[string]RuleMode{
RuleModeString[RULE_MODE_SESSION]: RULE_MODE_SESSION,
RuleModeString[RULE_MODE_PROCESS]: RULE_MODE_PROCESS,
RuleModeString[RULE_MODE_PERMANENT]: RULE_MODE_PERMANENT,
RuleModeString[RULE_MODE_SYSTEM]: RULE_MODE_SYSTEM,
RuleModeString[RULE_MODE_ONCE]: RULE_MODE_ONCE,
}
//FilterScope contains a filter's time scope
type FilterScope uint16
const (
APPLY_SESSION FilterScope = iota
APPLY_PROCESS
APPLY_FOREVER
APPLY_SYSTEM
APPLY_ONCE
)
// FilterScopeString converts a filter scope ID to its string
var FilterScopeString = map[FilterScope]string{
APPLY_ONCE: "ONCE",
APPLY_SESSION: "SESSION",
APPLY_PROCESS: "PROCESS",
APPLY_FOREVER: "FOREVER",
}
// FilterScopeString converts a filter scope string to its ID
var FilterScopeValue = map[string]FilterScope{
FilterScopeString[APPLY_ONCE]: APPLY_ONCE,
FilterScopeString[APPLY_SESSION]: APPLY_SESSION,
FilterScopeString[APPLY_PROCESS]: APPLY_PROCESS,
FilterScopeString[APPLY_FOREVER]: APPLY_FOREVER,
}
// GetFilterScopeString is used to safely return a filter scope string
func GetFilterScopeString(scope FilterScope) string {
if val, ok := FilterScopeString[scope]; ok {
return val
}
return FilterScopeString[APPLY_SESSION]
}
// GetFilterScopeValue is used to safely return a filter scope ID
func GetFilterScopeValue(scope string) FilterScope {
scope = strings.ToUpper(scope)
if val, ok := FilterScopeValue[scope]; ok {
return val
}
return APPLY_SESSION
}
//FilterResult contains the filtering resulting action
type FilterResult uint16
const (
FILTER_DENY FilterResult = iota
FILTER_ALLOW
FILTER_PROMPT
FILTER_ALLOW_TLSONLY
)
// FilterResultString converts a filter value ID to its string
var FilterResultString = map[FilterResult]string{
FILTER_DENY: "DENY",
FILTER_ALLOW: "ALLOW",
FILTER_PROMPT: "PROMPT",
FILTER_ALLOW_TLSONLY: "ALLOW_TLSONLY",
}
// FilterResultValue converts a filter value string to its ID
var FilterResultValue = map[string]FilterResult{
FilterResultString[FILTER_DENY]: FILTER_DENY,
FilterResultString[FILTER_ALLOW]: FILTER_ALLOW,
FilterResultString[FILTER_PROMPT]: FILTER_PROMPT,
FilterResultString[FILTER_ALLOW_TLSONLY]: FILTER_ALLOW_TLSONLY,
}
// DbusRule struct of the rule passed to the dbus interface
type DbusRule struct {
ID uint32
Net string
Origin string
Proto string
Pid uint32
Privs string
App string
Path string
Verb uint16
Target string
Mode uint16
Sandbox string
}
/*const (
OZ_FWRULE_WHITELIST = iota
OZ_FWRULE_BLACKLIST
OZ_FWRULE_NONE
) */