mirror of
https://github.com/syntrex-lab/gomcp.git
synced 2026-04-25 04:16:22 +02:00
Release prep: 54 engines, self-hosted signatures, i18n, dashboard updates
This commit is contained in:
DmitrL-dev
parent
694e32be26
commit
41cbfd6e0a
178 changed files with 36008 additions and 399 deletions
212
internal/application/shadow_ai/plugins.go
Normal file
212
internal/application/shadow_ai/plugins.go
Normal file
|
|
@ -0,0 +1,212 @@
|
|||
package shadow_ai
|
||||
|
||||
import (
|
||||
"context"
|
||||
"fmt"
|
||||
"log/slog"
|
||||
"time"
|
||||
)
|
||||
|
||||
// --- Vendor Plugin Stubs ---
|
||||
// Reference implementations for major security vendors.
|
||||
// These stubs implement the full interface with logging but no real API calls.
|
||||
// Production deployments replace these with real vendor SDK integrations.
|
||||
|
||||
// CheckPointEnforcer is a stub implementation for Check Point firewalls.
|
||||
type CheckPointEnforcer struct {
|
||||
apiURL string
|
||||
apiKey string
|
||||
logger *slog.Logger
|
||||
}
|
||||
|
||||
func NewCheckPointEnforcer() *CheckPointEnforcer {
|
||||
return &CheckPointEnforcer{
|
||||
logger: slog.Default().With("component", "shadow-ai-plugin-checkpoint"),
|
||||
}
|
||||
}
|
||||
|
||||
func (c *CheckPointEnforcer) Initialize(config map[string]interface{}) error {
|
||||
if url, ok := config["api_url"].(string); ok {
|
||||
c.apiURL = url
|
||||
}
|
||||
if key, ok := config["api_key"].(string); ok {
|
||||
c.apiKey = key
|
||||
}
|
||||
if c.apiURL == "" {
|
||||
return fmt.Errorf("checkpoint: api_url required")
|
||||
}
|
||||
c.logger.Info("initialized", "api_url", c.apiURL)
|
||||
return nil
|
||||
}
|
||||
|
||||
func (c *CheckPointEnforcer) BlockIP(_ context.Context, ip string, duration time.Duration, reason string) error {
|
||||
c.logger.Info("block IP", "ip", ip, "duration", duration, "reason", reason)
|
||||
// Stub: would call Check Point Management API POST /web_api/add-host
|
||||
return nil
|
||||
}
|
||||
|
||||
func (c *CheckPointEnforcer) BlockDomain(_ context.Context, domain string, reason string) error {
|
||||
c.logger.Info("block domain", "domain", domain, "reason", reason)
|
||||
// Stub: would create application-site-category block rule
|
||||
return nil
|
||||
}
|
||||
|
||||
func (c *CheckPointEnforcer) UnblockIP(_ context.Context, ip string) error {
|
||||
c.logger.Info("unblock IP", "ip", ip)
|
||||
return nil
|
||||
}
|
||||
|
||||
func (c *CheckPointEnforcer) UnblockDomain(_ context.Context, domain string) error {
|
||||
c.logger.Info("unblock domain", "domain", domain)
|
||||
return nil
|
||||
}
|
||||
|
||||
func (c *CheckPointEnforcer) HealthCheck(ctx context.Context) error {
|
||||
if c.apiURL == "" {
|
||||
return fmt.Errorf("not configured")
|
||||
}
|
||||
// Stub: would call GET /web_api/show-session
|
||||
return nil
|
||||
}
|
||||
|
||||
func (c *CheckPointEnforcer) Vendor() string { return "checkpoint" }
|
||||
|
||||
// CrowdStrikeController is a stub implementation for CrowdStrike Falcon EDR.
|
||||
type CrowdStrikeController struct {
|
||||
clientID string
|
||||
clientSecret string
|
||||
baseURL string
|
||||
logger *slog.Logger
|
||||
}
|
||||
|
||||
func NewCrowdStrikeController() *CrowdStrikeController {
|
||||
return &CrowdStrikeController{
|
||||
baseURL: "https://api.crowdstrike.com",
|
||||
logger: slog.Default().With("component", "shadow-ai-plugin-crowdstrike"),
|
||||
}
|
||||
}
|
||||
|
||||
func (cs *CrowdStrikeController) Initialize(config map[string]interface{}) error {
|
||||
if id, ok := config["client_id"].(string); ok {
|
||||
cs.clientID = id
|
||||
}
|
||||
if secret, ok := config["client_secret"].(string); ok {
|
||||
cs.clientSecret = secret
|
||||
}
|
||||
if url, ok := config["base_url"].(string); ok {
|
||||
cs.baseURL = url
|
||||
}
|
||||
if cs.clientID == "" {
|
||||
return fmt.Errorf("crowdstrike: client_id required")
|
||||
}
|
||||
cs.logger.Info("initialized", "base_url", cs.baseURL)
|
||||
return nil
|
||||
}
|
||||
|
||||
func (cs *CrowdStrikeController) IsolateHost(_ context.Context, hostname string) error {
|
||||
cs.logger.Info("isolate host", "hostname", hostname)
|
||||
// Stub: would call POST /devices/entities/devices-actions/v2?action_name=contain
|
||||
return nil
|
||||
}
|
||||
|
||||
func (cs *CrowdStrikeController) ReleaseHost(_ context.Context, hostname string) error {
|
||||
cs.logger.Info("release host", "hostname", hostname)
|
||||
// Stub: would call POST /devices/entities/devices-actions/v2?action_name=lift_containment
|
||||
return nil
|
||||
}
|
||||
|
||||
func (cs *CrowdStrikeController) KillProcess(_ context.Context, hostname string, pid int) error {
|
||||
cs.logger.Info("kill process", "hostname", hostname, "pid", pid)
|
||||
// Stub: would use RTR session to kill process
|
||||
return nil
|
||||
}
|
||||
|
||||
func (cs *CrowdStrikeController) QuarantineFile(_ context.Context, hostname, path string) error {
|
||||
cs.logger.Info("quarantine file", "hostname", hostname, "path", path)
|
||||
return nil
|
||||
}
|
||||
|
||||
func (cs *CrowdStrikeController) HealthCheck(ctx context.Context) error {
|
||||
if cs.clientID == "" {
|
||||
return fmt.Errorf("not configured")
|
||||
}
|
||||
// Stub: would call GET /sensors/queries/sensors/v1?limit=1
|
||||
return nil
|
||||
}
|
||||
|
||||
func (cs *CrowdStrikeController) Vendor() string { return "crowdstrike" }
|
||||
|
||||
// ZscalerGateway is a stub implementation for Zscaler Internet Access.
|
||||
type ZscalerGateway struct {
|
||||
cloudName string
|
||||
apiKey string
|
||||
username string
|
||||
password string
|
||||
logger *slog.Logger
|
||||
}
|
||||
|
||||
func NewZscalerGateway() *ZscalerGateway {
|
||||
return &ZscalerGateway{
|
||||
logger: slog.Default().With("component", "shadow-ai-plugin-zscaler"),
|
||||
}
|
||||
}
|
||||
|
||||
func (z *ZscalerGateway) Initialize(config map[string]interface{}) error {
|
||||
if cloud, ok := config["cloud_name"].(string); ok {
|
||||
z.cloudName = cloud
|
||||
}
|
||||
if key, ok := config["api_key"].(string); ok {
|
||||
z.apiKey = key
|
||||
}
|
||||
if user, ok := config["username"].(string); ok {
|
||||
z.username = user
|
||||
}
|
||||
if pass, ok := config["password"].(string); ok {
|
||||
z.password = pass
|
||||
}
|
||||
if z.cloudName == "" {
|
||||
return fmt.Errorf("zscaler: cloud_name required")
|
||||
}
|
||||
z.logger.Info("initialized", "cloud", z.cloudName)
|
||||
return nil
|
||||
}
|
||||
|
||||
func (z *ZscalerGateway) BlockURL(_ context.Context, url, reason string) error {
|
||||
z.logger.Info("block URL", "url", url, "reason", reason)
|
||||
// Stub: would call PUT /webApplicationRules to add URL to block list
|
||||
return nil
|
||||
}
|
||||
|
||||
func (z *ZscalerGateway) UnblockURL(_ context.Context, url string) error {
|
||||
z.logger.Info("unblock URL", "url", url)
|
||||
return nil
|
||||
}
|
||||
|
||||
func (z *ZscalerGateway) BlockCategory(_ context.Context, category string) error {
|
||||
z.logger.Info("block category", "category", category)
|
||||
// Stub: would update URL category policy to BLOCK
|
||||
return nil
|
||||
}
|
||||
|
||||
func (z *ZscalerGateway) HealthCheck(ctx context.Context) error {
|
||||
if z.cloudName == "" {
|
||||
return fmt.Errorf("not configured")
|
||||
}
|
||||
// Stub: would call GET /status
|
||||
return nil
|
||||
}
|
||||
|
||||
func (z *ZscalerGateway) Vendor() string { return "zscaler" }
|
||||
|
||||
// RegisterDefaultPlugins registers all built-in vendor plugin factories.
|
||||
func RegisterDefaultPlugins(registry *PluginRegistry) {
|
||||
registry.RegisterFactory(PluginTypeFirewall, "checkpoint", func() interface{} {
|
||||
return NewCheckPointEnforcer()
|
||||
})
|
||||
registry.RegisterFactory(PluginTypeEDR, "crowdstrike", func() interface{} {
|
||||
return NewCrowdStrikeController()
|
||||
})
|
||||
registry.RegisterFactory(PluginTypeProxy, "zscaler", func() interface{} {
|
||||
return NewZscalerGateway()
|
||||
})
|
||||
}
|
||||
Loading…
Add table
Add a link
Reference in a new issue