firewall_objects/service/application/
catalog.rs

1//! Sample application catalog for demonstration or testing.
2
3use super::{ApplicationDefinition, ApplicationIndicators};
4use crate::service::TransportService;
5
6/// Sample application definitions. Downstream consumers can replace this slice
7/// with their own catalog or extend it at runtime.
8pub const APPLICATIONS: &[ApplicationDefinition<'static>] = &[
9    ApplicationDefinition {
10        name: "github",
11        category: "developer-tools",
12        transports: &[TransportService::tcp(443), TransportService::tcp(22)],
13        indicators: ApplicationIndicators {
14            dns_suffixes: &[".github.com", ".githubusercontent.com"],
15            tls_sni_suffixes: &[".github.com"],
16            http_hosts: &["api.github.com", "github.com"],
17        },
18    },
19    ApplicationDefinition {
20        name: "zoom",
21        category: "collaboration",
22        transports: &[TransportService::tcp(443), TransportService::udp(3478)],
23        indicators: ApplicationIndicators {
24            dns_suffixes: &[".zoom.us"],
25            tls_sni_suffixes: &[".zoom.us"],
26            http_hosts: &["zoom.us"],
27        },
28    },
29];
30
31/// Find an application by name (case-insensitive) within the catalog.
32pub fn find(name: &str) -> Option<&'static ApplicationDefinition<'static>> {
33    APPLICATIONS
34        .iter()
35        .find(|app| app.name.eq_ignore_ascii_case(name))
36}
37
38#[cfg(test)]
39mod tests {
40    use super::*;
41    use crate::service::application::ApplicationMatchInput;
42
43    #[test]
44    fn catalog_lookup_finds_app() {
45        let app = find("GITHUB").unwrap();
46        let input = ApplicationMatchInput {
47            dns_query: Some("status.github.com"),
48            ..Default::default()
49        };
50        assert!(app.matches(&input));
51    }
52}
firewall_objects/service/application/catalog.rs

firewall_objects/service/application/
catalog.rs
