2018-06-10 22:50:03 +08:00
|
|
|
package constant
|
|
|
|
|
|
|
|
// Rule Type
|
|
|
|
const (
|
2018-09-09 15:01:46 +08:00
|
|
|
Domain RuleType = iota
|
|
|
|
DomainSuffix
|
2018-06-10 22:50:03 +08:00
|
|
|
DomainKeyword
|
2024-03-07 23:32:07 +08:00
|
|
|
DomainRegex
|
2021-11-17 16:03:47 +08:00
|
|
|
GEOSITE
|
2018-06-10 22:50:03 +08:00
|
|
|
GEOIP
|
2024-04-01 18:16:34 +08:00
|
|
|
SrcGEOIP
|
2024-03-12 03:14:25 +08:00
|
|
|
IPASN
|
2024-04-01 18:16:34 +08:00
|
|
|
SrcIPASN
|
|
|
|
IPCIDR
|
2019-05-09 21:00:29 +08:00
|
|
|
SrcIPCIDR
|
2022-06-02 12:53:19 +08:00
|
|
|
IPSuffix
|
|
|
|
SrcIPSuffix
|
2019-05-09 21:00:29 +08:00
|
|
|
SrcPort
|
|
|
|
DstPort
|
2022-11-11 23:36:06 +08:00
|
|
|
InPort
|
2024-01-20 10:19:42 +08:00
|
|
|
DSCP
|
2023-05-28 17:19:57 +08:00
|
|
|
InUser
|
|
|
|
InName
|
|
|
|
InType
|
2024-05-15 10:44:56 +08:00
|
|
|
ProcessName
|
2022-03-12 19:07:53 +08:00
|
|
|
ProcessPath
|
2024-05-15 10:44:56 +08:00
|
|
|
ProcessNameRegex
|
|
|
|
ProcessPathRegex
|
2021-12-02 22:56:17 +08:00
|
|
|
RuleSet
|
2022-01-22 22:10:45 +08:00
|
|
|
Network
|
2022-04-22 16:27:51 +08:00
|
|
|
Uid
|
feat: support sub-rule, eg.
rules:
- SUB-RULE,(AND,((NETWORK,TCP),(DOMAIN-KEYWORD,google))),TEST2
- SUB-RULE,(GEOIP,!CN),TEST1
- MATCH,DIRECT
sub-rules:
TEST2:
- MATCH,Proxy
TEST1:
- RULE-SET,Local,DIRECT,no-resolve
- GEOSITE,CN,Domestic
- GEOIP,CN,Domestic
- MATCH,Proxy
2022-09-06 17:30:35 +08:00
|
|
|
SubRules
|
2019-02-18 21:53:57 +08:00
|
|
|
MATCH
|
2022-01-22 22:10:45 +08:00
|
|
|
AND
|
|
|
|
OR
|
|
|
|
NOT
|
2018-06-10 22:50:03 +08:00
|
|
|
)
|
|
|
|
|
|
|
|
type RuleType int
|
|
|
|
|
2018-06-20 22:41:02 +08:00
|
|
|
func (rt RuleType) String() string {
|
|
|
|
switch rt {
|
2018-09-09 15:01:46 +08:00
|
|
|
case Domain:
|
|
|
|
return "Domain"
|
2018-06-20 22:41:02 +08:00
|
|
|
case DomainSuffix:
|
|
|
|
return "DomainSuffix"
|
|
|
|
case DomainKeyword:
|
|
|
|
return "DomainKeyword"
|
2024-03-07 23:32:07 +08:00
|
|
|
case DomainRegex:
|
|
|
|
return "DomainRegex"
|
2021-11-17 16:03:47 +08:00
|
|
|
case GEOSITE:
|
|
|
|
return "GeoSite"
|
2018-06-20 22:41:02 +08:00
|
|
|
case GEOIP:
|
2019-10-27 21:44:07 +08:00
|
|
|
return "GeoIP"
|
2024-04-01 18:16:34 +08:00
|
|
|
case SrcGEOIP:
|
|
|
|
return "SrcGeoIP"
|
2024-03-12 03:14:25 +08:00
|
|
|
case IPASN:
|
|
|
|
return "IPASN"
|
2024-04-01 18:16:34 +08:00
|
|
|
case SrcIPASN:
|
|
|
|
return "SrcIPASN"
|
|
|
|
case IPCIDR:
|
|
|
|
return "IPCIDR"
|
2019-05-09 21:00:29 +08:00
|
|
|
case SrcIPCIDR:
|
|
|
|
return "SrcIPCIDR"
|
2022-06-02 12:53:19 +08:00
|
|
|
case IPSuffix:
|
|
|
|
return "IPSuffix"
|
|
|
|
case SrcIPSuffix:
|
|
|
|
return "SrcIPSuffix"
|
2019-05-09 21:00:29 +08:00
|
|
|
case SrcPort:
|
|
|
|
return "SrcPort"
|
|
|
|
case DstPort:
|
|
|
|
return "DstPort"
|
2022-11-11 23:36:06 +08:00
|
|
|
case InPort:
|
|
|
|
return "InPort"
|
2023-05-28 17:19:57 +08:00
|
|
|
case InUser:
|
|
|
|
return "InUser"
|
|
|
|
case InName:
|
|
|
|
return "InName"
|
|
|
|
case InType:
|
|
|
|
return "InType"
|
2024-05-15 10:44:56 +08:00
|
|
|
case ProcessName:
|
|
|
|
return "ProcessName"
|
2022-03-12 19:07:53 +08:00
|
|
|
case ProcessPath:
|
|
|
|
return "ProcessPath"
|
2024-05-15 10:44:56 +08:00
|
|
|
case ProcessNameRegex:
|
|
|
|
return "ProcessNameRegex"
|
|
|
|
case ProcessPathRegex:
|
|
|
|
return "ProcessPathRegex"
|
2019-02-18 21:53:57 +08:00
|
|
|
case MATCH:
|
2019-10-27 21:44:07 +08:00
|
|
|
return "Match"
|
2021-12-02 22:56:17 +08:00
|
|
|
case RuleSet:
|
|
|
|
return "RuleSet"
|
2022-01-22 22:10:45 +08:00
|
|
|
case Network:
|
|
|
|
return "Network"
|
2024-01-20 10:19:42 +08:00
|
|
|
case DSCP:
|
|
|
|
return "DSCP"
|
2022-04-22 16:27:51 +08:00
|
|
|
case Uid:
|
|
|
|
return "Uid"
|
feat: support sub-rule, eg.
rules:
- SUB-RULE,(AND,((NETWORK,TCP),(DOMAIN-KEYWORD,google))),TEST2
- SUB-RULE,(GEOIP,!CN),TEST1
- MATCH,DIRECT
sub-rules:
TEST2:
- MATCH,Proxy
TEST1:
- RULE-SET,Local,DIRECT,no-resolve
- GEOSITE,CN,Domestic
- GEOIP,CN,Domestic
- MATCH,Proxy
2022-09-06 17:30:35 +08:00
|
|
|
case SubRules:
|
|
|
|
return "SubRules"
|
2022-01-22 22:10:45 +08:00
|
|
|
case AND:
|
|
|
|
return "AND"
|
|
|
|
case OR:
|
|
|
|
return "OR"
|
|
|
|
case NOT:
|
|
|
|
return "NOT"
|
2018-06-20 22:41:02 +08:00
|
|
|
default:
|
2019-08-26 12:26:14 +08:00
|
|
|
return "Unknown"
|
2018-06-20 22:41:02 +08:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2018-06-10 22:50:03 +08:00
|
|
|
type Rule interface {
|
|
|
|
RuleType() RuleType
|
feat: support sub-rule, eg.
rules:
- SUB-RULE,(AND,((NETWORK,TCP),(DOMAIN-KEYWORD,google))),TEST2
- SUB-RULE,(GEOIP,!CN),TEST1
- MATCH,DIRECT
sub-rules:
TEST2:
- MATCH,Proxy
TEST1:
- RULE-SET,Local,DIRECT,no-resolve
- GEOSITE,CN,Domestic
- GEOIP,CN,Domestic
- MATCH,Proxy
2022-09-06 17:30:35 +08:00
|
|
|
Match(metadata *Metadata) (bool, string)
|
2018-06-10 22:50:03 +08:00
|
|
|
Adapter() string
|
2018-06-20 22:41:02 +08:00
|
|
|
Payload() string
|
2020-07-27 11:57:55 +08:00
|
|
|
ShouldResolveIP() bool
|
2022-03-12 19:07:53 +08:00
|
|
|
ShouldFindProcess() bool
|
2024-06-17 22:04:51 +08:00
|
|
|
ProviderNames() []string
|
2018-06-10 22:50:03 +08:00
|
|
|
}
|