From fc436b909575db8087abad78c0bb5e9f086bab46 Mon Sep 17 00:00:00 2001 From: NotAShelf Date: Thu, 1 May 2025 18:12:29 +0300 Subject: [PATCH] eris: improve help texts --- src/main.rs | 76 +++++++++++++++++++++++++++++++++++++++-------------- 1 file changed, 56 insertions(+), 20 deletions(-) diff --git a/src/main.rs b/src/main.rs index ff96b67..98d0a81 100644 --- a/src/main.rs +++ b/src/main.rs @@ -26,36 +26,78 @@ use markov::MarkovGenerator; // Command-line arguments using clap #[derive(Parser, Debug, Clone)] -#[clap(author, version, about)] +#[clap( + author, + version, + about = "Markov chain based HTTP tarpit/honeypot that delays and tracks potential attackers" +)] struct Args { - #[clap(long, default_value = "0.0.0.0:8888")] + #[clap( + long, + default_value = "0.0.0.0:8888", + help = "Address and port to listen for incoming HTTP requests (format: ip:port)" + )] listen_addr: String, - #[clap(long, default_value = "9100")] + #[clap( + long, + default_value = "9100", + help = "Port to expose Prometheus metrics and status endpoint" + )] metrics_port: u16, - #[clap(long, default_value = "127.0.0.1:80")] + #[clap( + long, + default_value = "127.0.0.1:80", + help = "Backend server address to proxy legitimate requests to (format: ip:port)" + )] backend_addr: String, - #[clap(long, default_value = "1000")] + #[clap( + long, + default_value = "1000", + help = "Minimum delay in milliseconds between chunks sent to attacker" + )] min_delay: u64, - #[clap(long, default_value = "15000")] + #[clap( + long, + default_value = "15000", + help = "Maximum delay in milliseconds between chunks sent to attacker" + )] max_delay: u64, - #[clap(long, default_value = "600")] + #[clap( + long, + default_value = "600", + help = "Maximum time in seconds to keep an attacker in the tarpit before disconnecting" + )] max_tarpit_time: u64, - #[clap(long, default_value = "3")] + #[clap( + long, + default_value = "3", + help = "Number of hits to honeypot patterns before permanently blocking an IP" + )] block_threshold: u32, - #[clap(long)] + #[clap( + long, + help = "Base directory for all application data (overrides XDG directory structure)" + )] base_dir: Option, - #[clap(long)] + #[clap( + long, + help = "Path to JSON configuration file (overrides command line options)" + )] config_file: Option, - #[clap(long, default_value = "info")] + #[clap( + long, + default_value = "info", + help = "Log level: trace, debug, info, warn, error" + )] log_level: String, } @@ -526,9 +568,7 @@ async fn handle_connection( let path = request_parts[1]; let protocol = request_parts[2]; - log::debug!( - "Request: {method} {path} {protocol} from {peer_addr}" - ); + log::debug!("Request: {method} {path} {protocol} from {peer_addr}"); // Parse headers let mut headers = HashMap::new(); @@ -553,9 +593,7 @@ async fn handle_connection( let should_tarpit = should_tarpit(path, &peer_addr, &config).await; if should_tarpit { - log::info!( - "Tarpit triggered: {method} {path} from {peer_addr} (UA: {user_agent})" - ); + log::info!("Tarpit triggered: {method} {path} from {peer_addr} (UA: {user_agent})"); // Update metrics HITS_COUNTER.inc(); @@ -750,9 +788,7 @@ async fn tarpit_connection( // Check if we've exceeded maximum tarpit time let elapsed_secs = start_time.elapsed().as_secs(); if elapsed_secs > max_tarpit_time { - log::info!( - "Tarpit maximum time ({max_tarpit_time} sec) reached for {peer_addr}" - ); + log::info!("Tarpit maximum time ({max_tarpit_time} sec) reached for {peer_addr}"); break; }