合并子项目

lanthora · Jul 5, 2023 · 12c9dd8 · 12c9dd8
1 parent e9780a8
commit 12c9dd8
Show file tree

Hide file tree

Showing 160 changed files with 5,775 additions and 32 deletions.
diff --git a/Makefile b/Makefile
@@ -0,0 +1,33 @@
+default:
+	@scripts/update-submodule.sh
+	@scripts/build.sh
+	@scripts/done.sh
+
+init:
+	@scripts/update-submodule.sh
+
+build:
+	@scripts/build.sh
+
+install:
+	@scripts/install.sh
+
+clean:
+	@scripts/clean.sh
+
+uninstall:
+	@scripts/uninstall.sh
+
+arch-build:
+	@scripts/arch-build.sh
+
+arch-install:
+	@scripts/arch-install.sh
+
+gentoo-build:
+	@scripts/gentoo-build.sh
+
+update-aur:
+	@scripts/update-aur.sh
+
+PHONY: default init build install uninstall arch-build arch-install gentoo-build
diff --git a/README.md b/README.md
@@ -1,30 +1,3 @@
-# Hack Kernel
+# Hackernel
 
-尝试在内核层面做些有趣的事情.
-
-详细描述见[主页](https://hackernel.org/)
-
-## 构建项目
-
-### 环境
-
-* 架构: AMD64/ARM/ARM64
-* 内核: Linux 5.10 及以上,对应发行版版本可参考[维基百科](https://en.wikipedia.org/wiki/Linux_kernel_version_history)
-
-### 依赖
-
-* [nlohmann-json](https://github.com/nlohmann/json)
-* [libnl](https://www.infradead.org/~tgr/libnl/doc/api/index.html#main_intro)
-
-### 编译
-
-* [内核模块](kernel-space/Makefile)
-* [上层服务](user-space/CMakeLists.txt)
-
-## 相关项目
-
-* [uranus](https://github.com/lanthora/uranus)
-
-## Licence
-
-[GPL-2.0-only](https://spdx.org/licenses/GPL-2.0-only.html)
+Host Intrusion Detection and Prevention System
diff --git a/apps/.gitignore b/apps/.gitignore
@@ -0,0 +1,22 @@
+# Binaries for programs and plugins
+*.exe
+*.exe~
+*.dll
+*.so
+*.dylib
+
+# Test binary, built with `go test -c`
+*.test
+
+# Output of the go coverage tool, specifically when used with LiteIDE
+*.out
+
+# Dependency directories (remove the comment below to include it)
+vendor/
+
+cmd/sample/hackernel-sample
+cmd/telegram/hackernel-telegram
+cmd/web/hackernel-web
+cmd/notify/hackernel-notify
+internal/web/webui/*
+!.gitkeep
diff --git a/apps/Makefile b/apps/Makefile
@@ -0,0 +1,10 @@
+build:
+	@scripts/build.sh
+
+clean:
+	@scripts/clean.sh
+
+init:
+	@scripts/init.sh
+
+.PHONY: init build clean
diff --git a/apps/README.md b/apps/README.md
@@ -0,0 +1,23 @@
+# Apps
+
+## 构建
+
+```bash
+# 如果更新依赖时出现网络问题,可以设置使用国内镜像
+export GOPROXY=https://goproxy.cn
+
+# 构建
+make
+```
+
+## 运行
+
+编译后的二进制为 `/cmd/dirname/hackernel-dirname`, 其中 `dirname` 为 `cmd` 的子目录名.
+
+```bash
+# 运行示例程序,将显示进程审计事件
+./cmd/sample/hackernel-sample
+```
+
+其他程序的运行可能需要配置文件,配置文件模板见 `configs` 目录.
+
diff --git a/apps/cmd/notify/main.go b/apps/cmd/notify/main.go
@@ -0,0 +1,68 @@
+package main
+
+import (
+	"fmt"
+	"os"
+	"os/signal"
+	"path/filepath"
+	"syscall"
+
+	"github.com/lanthora/hackernel/apps/internal/notify"
+	"github.com/lanthora/hackernel/apps/pkg/logger"
+	"github.com/sirupsen/logrus"
+	"github.com/spf13/viper"
+)
+
+func main() {
+	logger.InitLogrusFormat()
+
+	sigchan := make(chan os.Signal, 1)
+	signal.Notify(sigchan, syscall.SIGINT, syscall.SIGTERM)
+
+	config := viper.New()
+	config.SetConfigName("notify")
+	config.SetConfigType("yaml")
+	config.AddConfigPath("$HOME/.config/hackernel")
+
+	if err := config.ReadInConfig(); err != nil {
+		logrus.Fatal(err)
+	}
+
+	cacheFilePath := fmt.Sprintf("%s/.cache/hackernel/notify.yaml", os.Getenv("HOME"))
+	cache := viper.New()
+	cache.SetConfigName("notify")
+	cache.SetConfigType("yaml")
+	cache.AddConfigPath(filepath.Dir(cacheFilePath))
+	cache.SetDefault("process-event-offset", int64(0))
+	os.MkdirAll(filepath.Dir(cacheFilePath), os.ModePerm)
+
+	if err := cache.ReadInConfig(); err != nil {
+		if _, ok := err.(viper.ConfigFileNotFoundError); ok {
+			logrus.Info("The cache file was not found, it will be created when the process exits")
+		} else {
+			logrus.Fatal(err)
+		}
+	}
+
+	server := config.GetString("server")
+	username := config.GetString("username")
+	password := config.GetString("password")
+	processEventOffset := cache.GetInt64("process-event-offset")
+	fileEventOffset := cache.GetInt64("file-event-offset")
+	netEventOffset := cache.GetInt64("net-event-offset")
+
+	notifier := notify.NewWorker(server, username, password, processEventOffset, fileEventOffset, netEventOffset)
+	notifier.Start()
+
+	sig := <-sigchan
+	logrus.Info(sig)
+
+	notifier.Stop()
+
+	cache.Set("process-event-offset", notifier.ProcessEventOffset)
+	cache.Set("file-event-offset", notifier.FileEventOffset)
+	cache.Set("net-event-offset", notifier.NetEventOffset)
+	if err := cache.WriteConfigAs(cacheFilePath); err != nil {
+		logrus.Error(err)
+	}
+}
diff --git a/apps/cmd/notify/uranus-notify b/apps/cmd/notify/uranus-notify
diff --git a/apps/cmd/sample/main.go b/apps/cmd/sample/main.go
@@ -0,0 +1,27 @@
+// SPDX-License-Identifier: GPL-2.0-only
+package main
+
+import (
+	"os"
+	"os/signal"
+	"syscall"
+
+	"github.com/lanthora/hackernel/apps/internal/sample"
+	"github.com/lanthora/hackernel/apps/pkg/logger"
+	"github.com/sirupsen/logrus"
+)
+
+func main() {
+	logger.InitLogrusFormat()
+
+	sigchan := make(chan os.Signal, 1)
+	signal.Notify(sigchan, syscall.SIGINT, syscall.SIGTERM)
+
+	sampleWorker := sample.NewWorker()
+	sampleWorker.Start()
+
+	sig := <-sigchan
+	logrus.Info(sig)
+
+	sampleWorker.Stop()
+}
diff --git a/apps/cmd/sample/uranus-sample b/apps/cmd/sample/uranus-sample
diff --git a/apps/cmd/telegram/main.go b/apps/cmd/telegram/main.go
@@ -0,0 +1,78 @@
+// SPDX-License-Identifier: GPL-2.0-only
+package main
+
+import (
+	"database/sql"
+	"errors"
+	"os"
+	"os/signal"
+	"syscall"
+
+	"github.com/lanthora/hackernel/apps/internal/common"
+	"github.com/lanthora/hackernel/apps/internal/telegram"
+	"github.com/lanthora/hackernel/apps/internal/worker"
+	"github.com/lanthora/hackernel/apps/pkg/logger"
+	_ "github.com/mattn/go-sqlite3"
+	"github.com/sirupsen/logrus"
+	"github.com/spf13/viper"
+)
+
+var (
+	ErrorInvalidToken = errors.New("the token is empty, please get the token from BotFather")
+	ErrorInvalidOwner = errors.New("chat id is 0, please use correct id")
+)
+
+func main() {
+	logger.InitLogrusFormat()
+
+	sigchan := make(chan os.Signal, 1)
+	signal.Notify(sigchan, syscall.SIGINT, syscall.SIGTERM)
+
+	config := viper.New()
+	config.SetConfigName("telegram")
+	config.SetConfigType("yaml")
+	config.AddConfigPath("/etc/hackernel")
+	if err := config.ReadInConfig(); err != nil {
+		logrus.Fatal(err)
+	}
+
+	token := config.GetString("token")
+	if len(token) == 0 {
+		logrus.Fatal(ErrorInvalidToken)
+	}
+	ownerID := config.GetInt64("id")
+	if ownerID == 0 {
+		logrus.Fatal(ErrorInvalidOwner)
+	}
+
+	dataSourceName := common.GetDataSourceNameFromConfig(config)
+	db, err := sql.Open("sqlite3", dataSourceName)
+	if err != nil {
+		logrus.Fatal(err)
+	}
+	defer db.Close()
+
+	telegramWorker := telegram.NewWorker(token, ownerID)
+	processWorker := worker.NewProcessWorker(db)
+
+	if err := telegram.SetStandaloneMode(db); err != nil {
+		logrus.Fatal(err)
+	}
+
+	if err := processWorker.Init(); err != nil {
+		logrus.Fatal(err)
+	}
+
+	if err := telegramWorker.Start(); err != nil {
+		logrus.Fatal(err)
+	}
+	if err := processWorker.Start(); err != nil {
+		logrus.Fatal(err)
+	}
+
+	sig := <-sigchan
+	logrus.Info(sig)
+
+	telegramWorker.Stop()
+	processWorker.Stop()
+}
diff --git a/apps/cmd/telegram/uranus-telegram b/apps/cmd/telegram/uranus-telegram
diff --git a/apps/cmd/web/main.go b/apps/cmd/web/main.go
@@ -0,0 +1,87 @@
+// SPDX-License-Identifier: GPL-2.0-only
+package main
+
+import (
+	"database/sql"
+	"os"
+	"os/signal"
+	"syscall"
+
+	"github.com/lanthora/hackernel/apps/internal/common"
+	"github.com/lanthora/hackernel/apps/internal/web"
+	"github.com/lanthora/hackernel/apps/internal/worker"
+	"github.com/lanthora/hackernel/apps/pkg/logger"
+	_ "github.com/mattn/go-sqlite3"
+	"github.com/sirupsen/logrus"
+	"github.com/spf13/viper"
+)
+
+func main() {
+	logger.InitLogrusFormat()
+
+	sigchan := make(chan os.Signal, 1)
+	signal.Notify(sigchan, syscall.SIGINT, syscall.SIGTERM)
+
+	config := viper.New()
+	config.SetConfigName("web")
+	config.SetConfigType("yaml")
+	config.AddConfigPath("/etc/hackernel")
+	if err := config.ReadInConfig(); err != nil {
+		logrus.Fatal(err)
+	}
+
+	listen := config.GetString("listen")
+	dataSourceName := common.GetDataSourceNameFromConfig(config)
+	db, err := sql.Open("sqlite3", dataSourceName)
+	if err != nil {
+		logrus.Fatal(err)
+	}
+	defer db.Close()
+
+	processWorker := worker.NewProcessWorker(db)
+	fileWorker := worker.NewFileWorker(db)
+	netWorker := worker.NewNetWorker(db)
+	webWorker := web.NewWorker(listen, db)
+
+	if err := processWorker.Init(); err != nil {
+		logrus.Fatal(err)
+	}
+
+	if err := fileWorker.Init(); err != nil {
+		logrus.Fatal(err)
+	}
+
+	if err := netWorker.Init(); err != nil {
+		logrus.Fatal(err)
+	}
+
+	if err := webWorker.Init(); err != nil {
+		logrus.Fatal(err)
+	}
+
+	if err := processWorker.Start(); err != nil {
+		logrus.Fatal(err)
+	}
+
+	if err := fileWorker.Start(); err != nil {
+		logrus.Fatal(err)
+	}
+
+	if err := netWorker.Start(); err != nil {
+		logrus.Fatal(err)
+	}
+
+	if err := webWorker.Start(); err != nil {
+		logrus.Fatal(err)
+	}
+
+	logrus.Info("listen: ", listen)
+
+	sig := <-sigchan
+	logrus.Info(sig)
+
+	webWorker.Stop()
+	processWorker.Stop()
+	fileWorker.Stop()
+	netWorker.Stop()
+}
diff --git a/apps/cmd/web/uranus-web b/apps/cmd/web/uranus-web
diff --git a/apps/configs/notify.yaml b/apps/configs/notify.yaml
@@ -0,0 +1,6 @@
+# cp notify.yaml ~/.config/hackernel/notify.yaml
+# update your config
+# systemctl start hackernel-notify --user
+server: "http[s]://your-hackernel-web-server"
+username: "test"
+password: "123456"