Skip to content

Releases: Charlie-Root/goguard

v1.0.0 - Initial Release

04 Aug 11:23
@Charlie-Root Charlie-Root
v1.0.0
6b25647

Choose a tag to compare

View all tags
v1.0.0 - Initial Release Latest
Latest

GoGuard v1.0.0 - Advanced Intrusion Detection & Response System

🚀 Features

  • Real-time log monitoring with flexible pattern matching
  • Multiple firewall backends (iptables, ufw, nftables, mock)
  • Abuse reporting to AbuseIPDB.com and AbuseDB.info
  • Web interface with REST API at port 8080
  • Persistent state management with automatic cleanup
  • Production-ready with comprehensive logging

📋 What's Changed

Changelog

All notable changes to GoGuard will be documented in this file.

[Unreleased]

[1.0.0] - 2025-01-04

Added

  • Core intrusion detection system with real-time log monitoring
  • Multiple firewall backend support: iptables, ufw, nftables, and mock testing
  • Automatic firewall detection with fallback to best available option
  • Comprehensive pattern library for 25+ services including:
    • Web servers (Nginx, Apache, HAProxy)
    • SSH and system authentication
    • Mail services (Postfix, Dovecot, Exim)
    • Applications (Bitwarden, Grafana, MongoDB, etc.)
  • Abuse reporting integration with AbuseIPDB.com and AbuseDB.info
  • Web interface with REST API for monitoring and statistics
  • Persistent state management with automatic cleanup of expired bans
  • IP whitelisting with CIDR support for protecting trusted networks
  • Configurable thresholds and ban times per pattern
  • Production-ready logging with detailed event tracking
  • Graceful shutdown with state preservation
  • Cross-platform support for Linux, macOS, and Windows

Security

  • Input validation for all configuration parameters
  • Safe regex compilation with error handling
  • Privilege separation recommendations in documentation
  • Secure API key handling for abuse reporting services

Performance

  • Efficient file monitoring with non-blocking I/O
  • Compiled regex patterns for fast log processing
  • Concurrent log file processing for multiple files
  • Memory-efficient state management with periodic cleanup
  • Optimized firewall rule management with batch operations

Documentation

  • Comprehensive README with installation and configuration guides
  • API documentation for web interface endpoints
  • Production deployment examples with systemd service
  • Security best practices and troubleshooting guides
  • Example configurations for common use cases

Infrastructure

  • GitHub Actions CI/CD with automated testing and releases
  • Multi-platform binary builds (Linux AMD64/ARM64, macOS, Windows)
  • Automated changelog generation and release notes

📦 Installation

Quick Start

  1. Download the appropriate binary for your system
  2. Extract the archive: tar -xzf goguard-*.tar.gz (Linux/macOS) or extract zip (Windows)
  3. Copy config: cp config.yaml my-config.yaml
  4. Edit configuration for your environment
  5. Run with root privileges: sudo ./goguard-* -config my-config.yaml

Available Downloads

  • Linux AMD64: goguard-linux-amd64.tar.gz (recommended for most servers)
  • Linux ARM64: goguard-linux-arm64.tar.gz (for ARM servers, Raspberry Pi)
  • macOS Intel: goguard-darwin-amd64.tar.gz
  • macOS Apple Silicon: goguard-darwin-arm64.tar.gz
  • Windows: goguard-windows-amd64.zip

⚙️ Configuration

The included config.yaml contains:

  • Pre-configured patterns for 25+ services (Nginx, Apache, SSH, etc.)
  • Firewall auto-detection (iptables/ufw/nftables)
  • Abuse reporting setup (requires API keys)
  • Web interface configuration
  • Comprehensive whitelisting options

Test Mode

# Run with mock firewall for testing (no root required)
./goguard-* -config config.yaml

Production Mode

# Run with real firewall (requires root)
sudo ./goguard-* -config config.yaml

🌐 Web Interface

Access the dashboard at: http://localhost:8080

  • View active bans and statistics
  • Monitor real-time activity
  • REST API for integrations

📚 Documentation

  • Full documentation: README.md
  • Configuration guide: See included config.yaml with detailed comments
  • API reference: Built-in at /api/stats and /health endpoints

🔧 System Requirements

  • Linux, macOS, or Windows
  • One of: iptables, ufw, or nftables (for production use)
  • Root/Administrator privileges (for firewall management)
  • Go 1.19+ (if building from source)

🆘 Support

  • Issues: Report bugs on GitHub Issues
  • Discussions: Use GitHub Discussions for questions
  • Security: Report security issues privately

Note: This release includes comprehensive log patterns for immediate protection against common attacks. Review and customize the configuration before production deployment.

Assets 7
Loading