added documentation on firewall structure
This commit is contained in:
carnivuth
48
docs/firewall-exporters.md
Normal file
48
docs/firewall-exporters.md
Normal file
@@ -0,0 +1,48 @@
|
|||||||
|
# Firewall exporters documentation
|
||||||
|
|
||||||
|
Firewall export feature is implemented trough a strategy pattern with an abstract class and a series of subclasses that implement the specific export logic for each firewall specific system:
|
||||||
|
|
||||||
|
```mermaid
|
||||||
|
classDiagram
|
||||||
|
class FWType{
|
||||||
|
+getBanlist()
|
||||||
|
}
|
||||||
|
FWType <|-- Raw
|
||||||
|
class Raw{ }
|
||||||
|
FWType <|-- Iptables
|
||||||
|
class Iptables{ }
|
||||||
|
note for Iptables "implements the getBanlist method for iptables rules"
|
||||||
|
```
|
||||||
|
|
||||||
|
## Adding firewalls exporters
|
||||||
|
|
||||||
|
To add a firewall exporter create a new python class in `src/firewall` that implements `FWType` class
|
||||||
|
|
||||||
|
> example with `Yourfirewall` class in the `yourfirewall.py` file
|
||||||
|
```python
|
||||||
|
from typing_extensions import override
|
||||||
|
from firewall.fwtype import FWType
|
||||||
|
|
||||||
|
class Yourfirewall(FWType):
|
||||||
|
|
||||||
|
@override
|
||||||
|
def getBanlist(self, ips) -> str:
|
||||||
|
"""
|
||||||
|
Generate raw list of bad IP addresses.
|
||||||
|
|
||||||
|
Args:
|
||||||
|
ips: List of IP addresses to ban
|
||||||
|
|
||||||
|
Returns:
|
||||||
|
String containing raw ips, one per line
|
||||||
|
"""
|
||||||
|
if not ips:
|
||||||
|
return ""
|
||||||
|
# Add here code implementation
|
||||||
|
```
|
||||||
|
|
||||||
|
Then add the following to the `src/server.py` and `src/tasks/top_attacking_ips.py`
|
||||||
|
|
||||||
|
```python
|
||||||
|
from firewall.yourfirewall import Yourfirewall
|
||||||
|
```
|
||||||
Reference in New Issue
Block a user