portwatch 0.1.8

A cross-platform TUI for monitoring network ports and managing processes
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67

use chrono::{DateTime, Utc};
use serde::{Deserialize, Serialize};

#[derive(Debug, Clone, Serialize, Deserialize)]
#[serde(tag = "type", content = "params")]
pub enum AlertCondition {
    PortOpened { port: u16 },
    PortClosed { port: u16 },
    ExternalConnection { 
        ip_pattern: String,
        exclude_private: bool,
    },
    ProcessCpuThreshold { 
        process_pattern: String,
        threshold_percent: f32,
    },
    ProcessMemoryThreshold { 
        process_pattern: String,
        threshold_mb: u64,
    },
    UnknownProcessListening,
    PortRangeActivity { 
        start_port: u16, 
        end_port: u16,
    },
}

#[derive(Debug, Clone, Serialize, Deserialize)]
pub struct AlertRule {
    pub id: String,
    pub name: String,
    pub condition: AlertCondition,
    pub enabled: bool,
    pub severity: AlertSeverity,
    pub cooldown_seconds: u64,
}

#[derive(Debug, Clone, Copy, Serialize, Deserialize, PartialEq)]
pub enum AlertSeverity {
    Info,
    Warning,
    Critical,
}


#[derive(Debug, Clone)]
pub struct Alert {
    pub rule_id: String,
    pub message: String,
    pub severity: AlertSeverity,
    pub timestamp: DateTime<Utc>,
}

impl Alert {
    pub fn new(
        rule_id: String,
        message: String,
        severity: AlertSeverity,
    ) -> Self {
        Self {
            rule_id,
            message,
            severity,
            timestamp: Utc::now(),
        }
    }
}