NotAShelf/Eris
1
1
Fork 0
Code Issues Pull requests 1 Projects Releases Packages Wiki Activity

eris: improve help texts

Browse source
This commit is contained in:
raf 2025-05-01 18:12:29 +03:00
commit fc436b9095
Signed by: NotAShelf
GPG key ID: 29D95B64378DB4BF
1 changed files with 56 additions and 20 deletions
Download patch file Download diff file Expand all files Collapse all files

76
src/main.rs
View file

@ -26,36 +26,78 @@ use markov::MarkovGenerator;
// Command-line arguments using clap // Command-line arguments using clap
#[derive(Parser, Debug, Clone)] #[derive(Parser, Debug, Clone)]
#[clap(author, version, about)] #[clap(
author,
version,
about = "Markov chain based HTTP tarpit/honeypot that delays and tracks potential attackers"
)]
struct Args { struct Args {
#[clap(long, default_value = "0.0.0.0:8888")] #[clap(
long,
default_value = "0.0.0.0:8888",
help = "Address and port to listen for incoming HTTP requests (format: ip:port)"
)]
listen_addr: String, listen_addr: String,
#[clap(long, default_value = "9100")] #[clap(
long,
default_value = "9100",
help = "Port to expose Prometheus metrics and status endpoint"
)]
metrics_port: u16, metrics_port: u16,
#[clap(long, default_value = "127.0.0.1:80")] #[clap(
long,
default_value = "127.0.0.1:80",
help = "Backend server address to proxy legitimate requests to (format: ip:port)"
)]
backend_addr: String, backend_addr: String,
#[clap(long, default_value = "1000")] #[clap(
long,
default_value = "1000",
help = "Minimum delay in milliseconds between chunks sent to attacker"
)]
min_delay: u64, min_delay: u64,
#[clap(long, default_value = "15000")] #[clap(
long,
default_value = "15000",
help = "Maximum delay in milliseconds between chunks sent to attacker"
)]
max_delay: u64, max_delay: u64,
#[clap(long, default_value = "600")] #[clap(
long,
default_value = "600",
help = "Maximum time in seconds to keep an attacker in the tarpit before disconnecting"
)]
max_tarpit_time: u64, max_tarpit_time: u64,
#[clap(long, default_value = "3")] #[clap(
long,
default_value = "3",
help = "Number of hits to honeypot patterns before permanently blocking an IP"
)]
block_threshold: u32, block_threshold: u32,
#[clap(long)] #[clap(
long,
help = "Base directory for all application data (overrides XDG directory structure)"
)]
base_dir: Option<PathBuf>, base_dir: Option<PathBuf>,
#[clap(long)] #[clap(
long,
help = "Path to JSON configuration file (overrides command line options)"
)]
config_file: Option<PathBuf>, config_file: Option<PathBuf>,
#[clap(long, default_value = "info")] #[clap(
long,
default_value = "info",
help = "Log level: trace, debug, info, warn, error"
)]
log_level: String, log_level: String,
} }
@ -526,9 +568,7 @@ async fn handle_connection(
let path = request_parts[1]; let path = request_parts[1];
let protocol = request_parts[2]; let protocol = request_parts[2];
log::debug!( log::debug!("Request: {method} {path} {protocol} from {peer_addr}");
"Request: {method} {path} {protocol} from {peer_addr}"
);
// Parse headers // Parse headers
let mut headers = HashMap::new(); let mut headers = HashMap::new();
@ -553,9 +593,7 @@ async fn handle_connection(
let should_tarpit = should_tarpit(path, &peer_addr, &config).await; let should_tarpit = should_tarpit(path, &peer_addr, &config).await;
if should_tarpit { if should_tarpit {
log::info!( log::info!("Tarpit triggered: {method} {path} from {peer_addr} (UA: {user_agent})");
"Tarpit triggered: {method} {path} from {peer_addr} (UA: {user_agent})"
);
// Update metrics // Update metrics
HITS_COUNTER.inc(); HITS_COUNTER.inc();
@ -750,9 +788,7 @@ async fn tarpit_connection(
// Check if we've exceeded maximum tarpit time // Check if we've exceeded maximum tarpit time
let elapsed_secs = start_time.elapsed().as_secs(); let elapsed_secs = start_time.elapsed().as_secs();
if elapsed_secs > max_tarpit_time { if elapsed_secs > max_tarpit_time {
log::info!( log::info!("Tarpit maximum time ({max_tarpit_time} sec) reached for {peer_addr}");
"Tarpit maximum time ({max_tarpit_time} sec) reached for {peer_addr}"
);
break; break;
} }