serve.zone/dcrouter
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
93995d503110ff06942ae68c78379b87fc398e41
dcrouter/ts/opsserver/handlers/security.handler.ts
Philipp Kunz 93995d5031 Implement Metrics Manager and Integrate Metrics Collection 
- Removed the existing readme.opsserver.md file as it is no longer needed.
- Added a new MetricsManager class to handle metrics collection using @push.rocks/smartmetrics.
- Integrated MetricsManager into the DcRouter and OpsServer classes.
- Updated StatsHandler and SecurityHandler to retrieve metrics from MetricsManager.
- Implemented methods for tracking email, DNS, and security metrics.
- Added connection tracking capabilities to the MetricsManager.
- Created a new readme.metrics.md file outlining the metrics implementation plan.
- Adjusted plugins.ts to include smartmetrics.
- Added a new monitoring directory with classes for metrics management.
- Created readme.module-adjustments.md to document necessary adjustments for SmartProxy and SmartDNS.
2025-06-09 16:03:27 +00:00

251 lines
7.8 KiB
TypeScript
Raw Blame History

import * as plugins from '../../plugins.js';
import type { OpsServer } from '../classes.opsserver.js';
import * as interfaces from '../../../ts_interfaces/index.js';
import { MetricsManager } from '../../monitoring/index.js';
export class SecurityHandler {
public typedrouter = new plugins.typedrequest.TypedRouter();
constructor(private opsServerRef: OpsServer) {
// Add this handler's router to the parent
this.opsServerRef.typedrouter.addTypedRouter(this.typedrouter);
this.registerHandlers();
}
private registerHandlers(): void {
// Security Metrics Handler
this.typedrouter.addTypedHandler(
new plugins.typedrequest.TypedHandler<interfaces.requests.IReq_GetSecurityMetrics>(
'getSecurityMetrics',
async (dataArg, toolsArg) => {
const metrics = await this.collectSecurityMetrics();
return {
metrics: {
blockedIPs: metrics.blockedIPs,
reputationScores: metrics.reputationScores,
spamDetected: metrics.spamDetection.detected,
malwareDetected: metrics.malwareDetected,
phishingDetected: metrics.phishingDetected,
authenticationFailures: metrics.authFailures,
suspiciousActivities: metrics.suspiciousActivities,
},
trends: dataArg.includeDetails ? {
spam: metrics.trends.spam,
malware: metrics.trends.malware,
phishing: metrics.trends.phishing,
} : undefined,
};
}
)
);
// Active Connections Handler
this.typedrouter.addTypedHandler(
new plugins.typedrequest.TypedHandler<interfaces.requests.IReq_GetActiveConnections>(
'getActiveConnections',
async (dataArg, toolsArg) => {
const connections = await this.getActiveConnections(dataArg.protocol, dataArg.state);
const connectionInfos: interfaces.data.IConnectionInfo[] = connections.map(conn => ({
id: conn.id,
remoteAddress: conn.source.ip,
localAddress: conn.destination.ip,
startTime: conn.startTime,
protocol: conn.type === 'http' ? 'https' : conn.type as any,
state: conn.status as any,
bytesReceived: Math.floor(conn.bytesTransferred / 2),
bytesSent: Math.floor(conn.bytesTransferred / 2),
}));
const summary = {
total: connectionInfos.length,
byProtocol: connectionInfos.reduce((acc, conn) => {
acc[conn.protocol] = (acc[conn.protocol] || 0) + 1;
return acc;
}, {} as { [protocol: string]: number }),
byState: connectionInfos.reduce((acc, conn) => {
acc[conn.state] = (acc[conn.state] || 0) + 1;
return acc;
}, {} as { [state: string]: number }),
};
return {
connections: connectionInfos,
summary,
};
}
)
);
// Rate Limit Status Handler
this.typedrouter.addTypedHandler(
new plugins.typedrequest.TypedHandler<interfaces.requests.IReq_GetRateLimitStatus>(
'getRateLimitStatus',
async (dataArg, toolsArg) => {
const status = await this.getRateLimitStatus(dataArg.domain, dataArg.ip);
const limits: interfaces.data.IRateLimitInfo[] = status.limits.map(limit => ({
domain: limit.identifier,
currentRate: limit.current,
limit: limit.limit,
remaining: limit.limit - limit.current,
resetTime: limit.resetAt,
blocked: limit.status === 'limited',
}));
return {
limits,
globalLimit: dataArg.includeBlocked ? {
current: limits.reduce((sum, l) => sum + l.currentRate, 0),
limit: 1000, // Global limit
remaining: 1000 - limits.reduce((sum, l) => sum + l.currentRate, 0),
} : undefined,
};
}
)
);
}
private async collectSecurityMetrics(): Promise<{
blockedIPs: string[];
reputationScores: { [domain: string]: number };
spamDetection: {
detected: number;
falsePositives: number;
};
malwareDetected: number;
phishingDetected: number;
authFailures: number;
suspiciousActivities: number;
trends: {
spam: Array<{ timestamp: number; value: number }>;
malware: Array<{ timestamp: number; value: number }>;
phishing: Array<{ timestamp: number; value: number }>;
};
}> {
// Get metrics from MetricsManager if available
if (this.opsServerRef.dcRouterRef.metricsManager) {
const securityStats = await this.opsServerRef.dcRouterRef.metricsManager.getSecurityStats();
return {
blockedIPs: [], // TODO: Track actual blocked IPs
reputationScores: {},
spamDetection: {
detected: securityStats.spamDetected,
falsePositives: 0,
},
malwareDetected: securityStats.malwareDetected,
phishingDetected: securityStats.phishingDetected,
authFailures: securityStats.authFailures,
suspiciousActivities: 0,
trends: {
spam: [],
malware: [],
phishing: [],
},
};
}
// Fallback if MetricsManager not available
return {
blockedIPs: [],
reputationScores: {},
spamDetection: {
detected: 0,
falsePositives: 0,
},
malwareDetected: 0,
phishingDetected: 0,
authFailures: 0,
suspiciousActivities: 0,
trends: {
spam: [],
malware: [],
phishing: [],
},
};
}
private async getActiveConnections(
protocol?: 'http' | 'https' | 'smtp' | 'smtps',
state?: string
): Promise<Array<{
id: string;
type: 'http' | 'smtp' | 'dns';
source: {
ip: string;
port: number;
country?: string;
};
destination: {
ip: string;
port: number;
service?: string;
};
startTime: number;
bytesTransferred: number;
status: 'active' | 'idle' | 'closing';
}>> {
const connections: Array<{
id: string;
type: 'http' | 'smtp' | 'dns';
source: {
ip: string;
port: number;
country?: string;
};
destination: {
ip: string;
port: number;
service?: string;
};
startTime: number;
bytesTransferred: number;
status: 'active' | 'idle' | 'closing';
}> = [];
// Get connection info from MetricsManager if available
if (this.opsServerRef.dcRouterRef.metricsManager) {
const connectionInfo = await this.opsServerRef.dcRouterRef.metricsManager.getConnectionInfo();
// Map connection info to detailed format
// Note: Some fields will be placeholder values until more detailed tracking is implemented
connectionInfo.forEach((info, index) => {
connections.push({
id: `conn-${index}`,
type: 'http', // TODO: Determine from source/protocol
source: {
ip: '0.0.0.0', // TODO: Track actual source IPs
port: 0,
},
destination: {
ip: '0.0.0.0',
port: 443,
service: info.source,
},
startTime: info.lastActivity.getTime(),
bytesTransferred: 0, // TODO: Track bytes per connection
status: 'active',
});
});
}
return connections;
}
private async getRateLimitStatus(
domain?: string,
ip?: string
): Promise<{
limits: Array<{
identifier: string;
type: 'ip' | 'domain' | 'email';
limit: number;
current: number;
resetAt: number;
status: 'ok' | 'warning' | 'limited';
}>;
}> {
// TODO: Implement actual rate limit status collection
return {
limits: [],
};
}
}
Reference in New Issue View Git Blame Copy Permalink