@serve.zone/dcrouter 5.0.2 → 5.0.4

package/dist_ts/radius/classes.vlan.manager.js

@@ -0,0 +1,272 @@
+import * as plugins from '../plugins.js';
+import { logger } from '../logger.js';
+/**
+ * Manages MAC address to VLAN mappings with support for:
+ * - Exact MAC address matching
+ * - OUI (vendor prefix) pattern matching
+ * - Wildcard patterns
+ * - Default VLAN for unknown devices
+ */
+export class VlanManager {
+    mappings = new Map();
+    config;
+    storageManager;
+    // Cache for normalized MAC lookups
+    normalizedMacCache = new Map();
+    constructor(config, storageManager) {
+        this.config = {
+            defaultVlan: config?.defaultVlan ?? 1,
+            allowUnknownMacs: config?.allowUnknownMacs ?? true,
+            storagePrefix: config?.storagePrefix ?? '/radius/vlan-mappings',
+        };
+        this.storageManager = storageManager;
+    }
+    /**
+     * Initialize the VLAN manager and load persisted mappings
+     */
+    async initialize() {
+        if (this.storageManager) {
+            await this.loadMappings();
+        }
+        logger.log('info', `VlanManager initialized with ${this.mappings.size} mappings, default VLAN: ${this.config.defaultVlan}`);
+    }
+    /**
+     * Normalize a MAC address to lowercase with colons
+     * Accepts formats: 00:11:22:33:44:55, 00-11-22-33-44-55, 001122334455
+     */
+    normalizeMac(mac) {
+        // Check cache first
+        const cached = this.normalizedMacCache.get(mac);
+        if (cached) {
+            return cached;
+        }
+        // Remove all separators and convert to lowercase
+        const cleaned = mac.toLowerCase().replace(/[-:]/g, '');
+        // Format with colons
+        const normalized = cleaned.match(/.{1,2}/g)?.join(':') || mac.toLowerCase();
+        // Cache the result
+        this.normalizedMacCache.set(mac, normalized);
+        return normalized;
+    }
+    /**
+     * Check if a MAC address matches a pattern
+     * Supports:
+     * - Exact match: "00:11:22:33:44:55"
+     * - OUI match: "00:11:22" (matches any device with this vendor prefix)
+     * - Wildcard: "*" (matches all)
+     */
+    macMatchesPattern(mac, pattern) {
+        const normalizedMac = this.normalizeMac(mac);
+        const normalizedPattern = this.normalizeMac(pattern);
+        // Wildcard matches all
+        if (pattern === '*') {
+            return true;
+        }
+        // Exact match
+        if (normalizedMac === normalizedPattern) {
+            return true;
+        }
+        // OUI/prefix match (pattern is shorter than full MAC)
+        if (normalizedPattern.length < 17 && normalizedMac.startsWith(normalizedPattern)) {
+            return true;
+        }
+        return false;
+    }
+    /**
+     * Add or update a MAC to VLAN mapping
+     */
+    async addMapping(mapping) {
+        const normalizedMac = this.normalizeMac(mapping.mac);
+        const now = Date.now();
+        const existingMapping = this.mappings.get(normalizedMac);
+        const fullMapping = {
+            ...mapping,
+            mac: normalizedMac,
+            createdAt: existingMapping?.createdAt || now,
+            updatedAt: now,
+        };
+        this.mappings.set(normalizedMac, fullMapping);
+        // Persist to storage
+        if (this.storageManager) {
+            await this.saveMappings();
+        }
+        logger.log('info', `VLAN mapping ${existingMapping ? 'updated' : 'added'}: ${normalizedMac} -> VLAN ${mapping.vlan}`);
+        return fullMapping;
+    }
+    /**
+     * Remove a MAC to VLAN mapping
+     */
+    async removeMapping(mac) {
+        const normalizedMac = this.normalizeMac(mac);
+        const removed = this.mappings.delete(normalizedMac);
+        if (removed && this.storageManager) {
+            await this.saveMappings();
+            logger.log('info', `VLAN mapping removed: ${normalizedMac}`);
+        }
+        return removed;
+    }
+    /**
+     * Get a specific mapping by MAC
+     */
+    getMapping(mac) {
+        return this.mappings.get(this.normalizeMac(mac));
+    }
+    /**
+     * Get all mappings
+     */
+    getAllMappings() {
+        return Array.from(this.mappings.values());
+    }
+    /**
+     * Determine VLAN assignment for a MAC address
+     * Returns the most specific matching rule (exact > OUI > wildcard > default)
+     */
+    assignVlan(mac) {
+        const normalizedMac = this.normalizeMac(mac);
+        // First, try exact match
+        const exactMatch = this.mappings.get(normalizedMac);
+        if (exactMatch && exactMatch.enabled) {
+            return {
+                assigned: true,
+                vlan: exactMatch.vlan,
+                matchedRule: exactMatch,
+                isDefault: false,
+            };
+        }
+        // Try OUI/prefix matches (sorted by specificity - longer patterns first)
+        const patternMatches = [];
+        for (const mapping of this.mappings.values()) {
+            if (mapping.enabled && mapping.mac !== normalizedMac && this.macMatchesPattern(normalizedMac, mapping.mac)) {
+                patternMatches.push(mapping);
+            }
+        }
+        // Sort by pattern length (most specific first)
+        patternMatches.sort((a, b) => b.mac.length - a.mac.length);
+        if (patternMatches.length > 0) {
+            const bestMatch = patternMatches[0];
+            return {
+                assigned: true,
+                vlan: bestMatch.vlan,
+                matchedRule: bestMatch,
+                isDefault: false,
+            };
+        }
+        // No match - use default VLAN if allowed
+        if (this.config.allowUnknownMacs) {
+            return {
+                assigned: true,
+                vlan: this.config.defaultVlan,
+                isDefault: true,
+            };
+        }
+        // Unknown MAC and not allowed
+        return {
+            assigned: false,
+            vlan: 0,
+            isDefault: false,
+        };
+    }
+    /**
+     * Bulk import mappings
+     */
+    async importMappings(mappings) {
+        let imported = 0;
+        for (const mapping of mappings) {
+            await this.addMapping(mapping);
+            imported++;
+        }
+        logger.log('info', `Imported ${imported} VLAN mappings`);
+        return imported;
+    }
+    /**
+     * Export all mappings
+     */
+    exportMappings() {
+        return this.getAllMappings();
+    }
+    /**
+     * Update configuration
+     */
+    updateConfig(config) {
+        if (config.defaultVlan !== undefined) {
+            this.config.defaultVlan = config.defaultVlan;
+        }
+        if (config.allowUnknownMacs !== undefined) {
+            this.config.allowUnknownMacs = config.allowUnknownMacs;
+        }
+        logger.log('info', `VlanManager config updated: defaultVlan=${this.config.defaultVlan}, allowUnknown=${this.config.allowUnknownMacs}`);
+    }
+    /**
+     * Get current configuration
+     */
+    getConfig() {
+        return { ...this.config };
+    }
+    /**
+     * Get statistics
+     */
+    getStats() {
+        let exactMatches = 0;
+        let ouiPatterns = 0;
+        let wildcardPatterns = 0;
+        let enabledMappings = 0;
+        for (const mapping of this.mappings.values()) {
+            if (mapping.enabled) {
+                enabledMappings++;
+            }
+            if (mapping.mac === '*') {
+                wildcardPatterns++;
+            }
+            else if (mapping.mac.length < 17) {
+                // OUI patterns are shorter than full MAC (17 chars with colons)
+                ouiPatterns++;
+            }
+            else {
+                exactMatches++;
+            }
+        }
+        return {
+            totalMappings: this.mappings.size,
+            enabledMappings,
+            exactMatches,
+            ouiPatterns,
+            wildcardPatterns,
+        };
+    }
+    /**
+     * Load mappings from storage
+     */
+    async loadMappings() {
+        if (!this.storageManager) {
+            return;
+        }
+        try {
+            const data = await this.storageManager.getJSON(this.config.storagePrefix);
+            if (data && Array.isArray(data)) {
+                for (const mapping of data) {
+                    this.mappings.set(this.normalizeMac(mapping.mac), mapping);
+                }
+                logger.log('info', `Loaded ${data.length} VLAN mappings from storage`);
+            }
+        }
+        catch (error) {
+            logger.log('warn', `Failed to load VLAN mappings from storage: ${error.message}`);
+        }
+    }
+    /**
+     * Save mappings to storage
+     */
+    async saveMappings() {
+        if (!this.storageManager) {
+            return;
+        }
+        try {
+            const mappings = Array.from(this.mappings.values());
+            await this.storageManager.setJSON(this.config.storagePrefix, mappings);
+        }
+        catch (error) {
+            logger.log('error', `Failed to save VLAN mappings to storage: ${error.message}`);
+        }
+    }
+}
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiY2xhc3Nlcy52bGFuLm1hbmFnZXIuanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi8uLi90cy9yYWRpdXMvY2xhc3Nlcy52bGFuLm1hbmFnZXIudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6IkFBQUEsT0FBTyxLQUFLLE9BQU8sTUFBTSxlQUFlLENBQUM7QUFDekMsT0FBTyxFQUFFLE1BQU0sRUFBRSxNQUFNLGNBQWMsQ0FBQztBQStDdEM7Ozs7OztHQU1HO0FBQ0gsTUFBTSxPQUFPLFdBQVc7SUFDZCxRQUFRLEdBQWlDLElBQUksR0FBRyxFQUFFLENBQUM7SUFDbkQsTUFBTSxDQUErQjtJQUNyQyxjQUFjLENBQWtCO0lBRXhDLG1DQUFtQztJQUMzQixrQkFBa0IsR0FBd0IsSUFBSSxHQUFHLEVBQUUsQ0FBQztJQUU1RCxZQUFZLE1BQTJCLEVBQUUsY0FBK0I7UUFDdEUsSUFBSSxDQUFDLE1BQU0sR0FBRztZQUNaLFdBQVcsRUFBRSxNQUFNLEVBQUUsV0FBVyxJQUFJLENBQUM7WUFDckMsZ0JBQWdCLEVBQUUsTUFBTSxFQUFFLGdCQUFnQixJQUFJLElBQUk7WUFDbEQsYUFBYSxFQUFFLE1BQU0sRUFBRSxhQUFhLElBQUksdUJBQXVCO1NBQ2hFLENBQUM7UUFDRixJQUFJLENBQUMsY0FBYyxHQUFHLGNBQWMsQ0FBQztJQUN2QyxDQUFDO0lBRUQ7O09BRUc7SUFDSCxLQUFLLENBQUMsVUFBVTtRQUNkLElBQUksSUFBSSxDQUFDLGNBQWMsRUFBRSxDQUFDO1lBQ3hCLE1BQU0sSUFBSSxDQUFDLFlBQVksRUFBRSxDQUFDO1FBQzVCLENBQUM7UUFDRCxNQUFNLENBQUMsR0FBRyxDQUFDLE1BQU0sRUFBRSxnQ0FBZ0MsSUFBSSxDQUFDLFFBQVEsQ0FBQyxJQUFJLDRCQUE0QixJQUFJLENBQUMsTUFBTSxDQUFDLFdBQVcsRUFBRSxDQUFDLENBQUM7SUFDOUgsQ0FBQztJQUVEOzs7T0FHRztJQUNILFlBQVksQ0FBQyxHQUFXO1FBQ3RCLG9CQUFvQjtRQUNwQixNQUFNLE1BQU0sR0FBRyxJQUFJLENBQUMsa0JBQWtCLENBQUMsR0FBRyxDQUFDLEdBQUcsQ0FBQyxDQUFDO1FBQ2hELElBQUksTUFBTSxFQUFFLENBQUM7WUFDWCxPQUFPLE1BQU0sQ0FBQztRQUNoQixDQUFDO1FBRUQsaURBQWlEO1FBQ2pELE1BQU0sT0FBTyxHQUFHLEdBQUcsQ0FBQyxXQUFXLEVBQUUsQ0FBQyxPQUFPLENBQUMsT0FBTyxFQUFFLEVBQUUsQ0FBQyxDQUFDO1FBRXZELHFCQUFxQjtRQUNyQixNQUFNLFVBQVUsR0FBRyxPQUFPLENBQUMsS0FBSyxDQUFDLFNBQVMsQ0FBQyxFQUFFLElBQUksQ0FBQyxHQUFHLENBQUMsSUFBSSxHQUFHLENBQUMsV0FBVyxFQUFFLENBQUM7UUFFNUUsbUJBQW1CO1FBQ25CLElBQUksQ0FBQyxrQkFBa0IsQ0FBQyxHQUFHLENBQUMsR0FBRyxFQUFFLFVBQVUsQ0FBQyxDQUFDO1FBRTdDLE9BQU8sVUFBVSxDQUFDO0lBQ3BCLENBQUM7SUFFRDs7Ozs7O09BTUc7SUFDSCxpQkFBaUIsQ0FBQyxHQUFXLEVBQUUsT0FBZTtRQUM1QyxNQUFNLGFBQWEsR0FBRyxJQUFJLENBQUMsWUFBWSxDQUFDLEdBQUcsQ0FBQyxDQUFDO1FBQzdDLE1BQU0saUJBQWlCLEdBQUcsSUFBSSxDQUFDLFlBQVksQ0FBQyxPQUFPLENBQUMsQ0FBQztRQUVyRCx1QkFBdUI7UUFDdkIsSUFBSSxPQUFPLEtBQUssR0FBRyxFQUFFLENBQUM7WUFDcEIsT0FBTyxJQUFJLENBQUM7UUFDZCxDQUFDO1FBRUQsY0FBYztRQUNkLElBQUksYUFBYSxLQUFLLGlCQUFpQixFQUFFLENBQUM7WUFDeEMsT0FBTyxJQUFJLENBQUM7UUFDZCxDQUFDO1FBRUQsc0RBQXNEO1FBQ3RELElBQUksaUJBQWlCLENBQUMsTUFBTSxHQUFHLEVBQUUsSUFBSSxhQUFhLENBQUMsVUFBVSxDQUFDLGlCQUFpQixDQUFDLEVBQUUsQ0FBQztZQUNqRixPQUFPLElBQUksQ0FBQztRQUNkLENBQUM7UUFFRCxPQUFPLEtBQUssQ0FBQztJQUNmLENBQUM7SUFFRDs7T0FFRztJQUNILEtBQUssQ0FBQyxVQUFVLENBQUMsT0FBeUQ7UUFDeEUsTUFBTSxhQUFhLEdBQUcsSUFBSSxDQUFDLFlBQVksQ0FBQyxPQUFPLENBQUMsR0FBRyxDQUFDLENBQUM7UUFDckQsTUFBTSxHQUFHLEdBQUcsSUFBSSxDQUFDLEdBQUcsRUFBRSxDQUFDO1FBRXZCLE1BQU0sZUFBZSxHQUFHLElBQUksQ0FBQyxRQUFRLENBQUMsR0FBRyxDQUFDLGFBQWEsQ0FBQyxDQUFDO1FBQ3pELE1BQU0sV0FBVyxHQUFvQjtZQUNuQyxHQUFHLE9BQU87WUFDVixHQUFHLEVBQUUsYUFBYTtZQUNsQixTQUFTLEVBQUUsZUFBZSxFQUFFLFNBQVMsSUFBSSxHQUFHO1lBQzVDLFNBQVMsRUFBRSxHQUFHO1NBQ2YsQ0FBQztRQUVGLElBQUksQ0FBQyxRQUFRLENBQUMsR0FBRyxDQUFDLGFBQWEsRUFBRSxXQUFXLENBQUMsQ0FBQztRQUU5QyxxQkFBcUI7UUFDckIsSUFBSSxJQUFJLENBQUMsY0FBYyxFQUFFLENBQUM7WUFDeEIsTUFBTSxJQUFJLENBQUMsWUFBWSxFQUFFLENBQUM7UUFDNUIsQ0FBQztRQUVELE1BQU0sQ0FBQyxHQUFHLENBQUMsTUFBTSxFQUFFLGdCQUFnQixlQUFlLENBQUMsQ0FBQyxDQUFDLFNBQVMsQ0FBQyxDQUFDLENBQUMsT0FBTyxLQUFLLGFBQWEsWUFBWSxPQUFPLENBQUMsSUFBSSxFQUFFLENBQUMsQ0FBQztRQUN0SCxPQUFPLFdBQVcsQ0FBQztJQUNyQixDQUFDO0lBRUQ7O09BRUc7SUFDSCxLQUFLLENBQUMsYUFBYSxDQUFDLEdBQVc7UUFDN0IsTUFBTSxhQUFhLEdBQUcsSUFBSSxDQUFDLFlBQVksQ0FBQyxHQUFHLENBQUMsQ0FBQztRQUM3QyxNQUFNLE9BQU8sR0FBRyxJQUFJLENBQUMsUUFBUSxDQUFDLE1BQU0sQ0FBQyxhQUFhLENBQUMsQ0FBQztRQUVwRCxJQUFJLE9BQU8sSUFBSSxJQUFJLENBQUMsY0FBYyxFQUFFLENBQUM7WUFDbkMsTUFBTSxJQUFJLENBQUMsWUFBWSxFQUFFLENBQUM7WUFDMUIsTUFBTSxDQUFDLEdBQUcsQ0FBQyxNQUFNLEVBQUUseUJBQXlCLGFBQWEsRUFBRSxDQUFDLENBQUM7UUFDL0QsQ0FBQztRQUVELE9BQU8sT0FBTyxDQUFDO0lBQ2pCLENBQUM7SUFFRDs7T0FFRztJQUNILFVBQVUsQ0FBQyxHQUFXO1FBQ3BCLE9BQU8sSUFBSSxDQUFDLFFBQVEsQ0FBQyxHQUFHLENBQUMsSUFBSSxDQUFDLFlBQVksQ0FBQyxHQUFHLENBQUMsQ0FBQyxDQUFDO0lBQ25ELENBQUM7SUFFRDs7T0FFRztJQUNILGNBQWM7UUFDWixPQUFPLEtBQUssQ0FBQyxJQUFJLENBQUMsSUFBSSxDQUFDLFFBQVEsQ0FBQyxNQUFNLEVBQUUsQ0FBQyxDQUFDO0lBQzVDLENBQUM7SUFFRDs7O09BR0c7SUFDSCxVQUFVLENBQUMsR0FBVztRQUNwQixNQUFNLGFBQWEsR0FBRyxJQUFJLENBQUMsWUFBWSxDQUFDLEdBQUcsQ0FBQyxDQUFDO1FBRTdDLHlCQUF5QjtRQUN6QixNQUFNLFVBQVUsR0FBRyxJQUFJLENBQUMsUUFBUSxDQUFDLEdBQUcsQ0FBQyxhQUFhLENBQUMsQ0FBQztRQUNwRCxJQUFJLFVBQVUsSUFBSSxVQUFVLENBQUMsT0FBTyxFQUFFLENBQUM7WUFDckMsT0FBTztnQkFDTCxRQUFRLEVBQUUsSUFBSTtnQkFDZCxJQUFJLEVBQUUsVUFBVSxDQUFDLElBQUk7Z0JBQ3JCLFdBQVcsRUFBRSxVQUFVO2dCQUN2QixTQUFTLEVBQUUsS0FBSzthQUNqQixDQUFDO1FBQ0osQ0FBQztRQUVELHlFQUF5RTtRQUN6RSxNQUFNLGNBQWMsR0FBc0IsRUFBRSxDQUFDO1FBQzdDLEtBQUssTUFBTSxPQUFPLElBQUksSUFBSSxDQUFDLFFBQVEsQ0FBQyxNQUFNLEVBQUUsRUFBRSxDQUFDO1lBQzdDLElBQUksT0FBTyxDQUFDLE9BQU8sSUFBSSxPQUFPLENBQUMsR0FBRyxLQUFLLGFBQWEsSUFBSSxJQUFJLENBQUMsaUJBQWlCLENBQUMsYUFBYSxFQUFFLE9BQU8sQ0FBQyxHQUFHLENBQUMsRUFBRSxDQUFDO2dCQUMzRyxjQUFjLENBQUMsSUFBSSxDQUFDLE9BQU8sQ0FBQyxDQUFDO1lBQy9CLENBQUM7UUFDSCxDQUFDO1FBRUQsK0NBQStDO1FBQy9DLGNBQWMsQ0FBQyxJQUFJLENBQUMsQ0FBQyxDQUFDLEVBQUUsQ0FBQyxFQUFFLEVBQUUsQ0FBQyxDQUFDLENBQUMsR0FBRyxDQUFDLE1BQU0sR0FBRyxDQUFDLENBQUMsR0FBRyxDQUFDLE1BQU0sQ0FBQyxDQUFDO1FBRTNELElBQUksY0FBYyxDQUFDLE1BQU0sR0FBRyxDQUFDLEVBQUUsQ0FBQztZQUM5QixNQUFNLFNBQVMsR0FBRyxjQUFjLENBQUMsQ0FBQyxDQUFDLENBQUM7WUFDcEMsT0FBTztnQkFDTCxRQUFRLEVBQUUsSUFBSTtnQkFDZCxJQUFJLEVBQUUsU0FBUyxDQUFDLElBQUk7Z0JBQ3BCLFdBQVcsRUFBRSxTQUFTO2dCQUN0QixTQUFTLEVBQUUsS0FBSzthQUNqQixDQUFDO1FBQ0osQ0FBQztRQUVELHlDQUF5QztRQUN6QyxJQUFJLElBQUksQ0FBQyxNQUFNLENBQUMsZ0JBQWdCLEVBQUUsQ0FBQztZQUNqQyxPQUFPO2dCQUNMLFFBQVEsRUFBRSxJQUFJO2dCQUNkLElBQUksRUFBRSxJQUFJLENBQUMsTUFBTSxDQUFDLFdBQVc7Z0JBQzdCLFNBQVMsRUFBRSxJQUFJO2FBQ2hCLENBQUM7UUFDSixDQUFDO1FBRUQsOEJBQThCO1FBQzlCLE9BQU87WUFDTCxRQUFRLEVBQUUsS0FBSztZQUNmLElBQUksRUFBRSxDQUFDO1lBQ1AsU0FBUyxFQUFFLEtBQUs7U0FDakIsQ0FBQztJQUNKLENBQUM7SUFFRDs7T0FFRztJQUNILEtBQUssQ0FBQyxjQUFjLENBQUMsUUFBaUU7UUFDcEYsSUFBSSxRQUFRLEdBQUcsQ0FBQyxDQUFDO1FBRWpCLEtBQUssTUFBTSxPQUFPLElBQUksUUFBUSxFQUFFLENBQUM7WUFDL0IsTUFBTSxJQUFJLENBQUMsVUFBVSxDQUFDLE9BQU8sQ0FBQyxDQUFDO1lBQy9CLFFBQVEsRUFBRSxDQUFDO1FBQ2IsQ0FBQztRQUVELE1BQU0sQ0FBQyxHQUFHLENBQUMsTUFBTSxFQUFFLFlBQVksUUFBUSxnQkFBZ0IsQ0FBQyxDQUFDO1FBQ3pELE9BQU8sUUFBUSxDQUFDO0lBQ2xCLENBQUM7SUFFRDs7T0FFRztJQUNILGNBQWM7UUFDWixPQUFPLElBQUksQ0FBQyxjQUFjLEVBQUUsQ0FBQztJQUMvQixDQUFDO0lBRUQ7O09BRUc7SUFDSCxZQUFZLENBQUMsTUFBbUM7UUFDOUMsSUFBSSxNQUFNLENBQUMsV0FBVyxLQUFLLFNBQVMsRUFBRSxDQUFDO1lBQ3JDLElBQUksQ0FBQyxNQUFNLENBQUMsV0FBVyxHQUFHLE1BQU0sQ0FBQyxXQUFXLENBQUM7UUFDL0MsQ0FBQztRQUNELElBQUksTUFBTSxDQUFDLGdCQUFnQixLQUFLLFNBQVMsRUFBRSxDQUFDO1lBQzFDLElBQUksQ0FBQyxNQUFNLENBQUMsZ0JBQWdCLEdBQUcsTUFBTSxDQUFDLGdCQUFnQixDQUFDO1FBQ3pELENBQUM7UUFDRCxNQUFNLENBQUMsR0FBRyxDQUFDLE1BQU0sRUFBRSwyQ0FBMkMsSUFBSSxDQUFDLE1BQU0sQ0FBQyxXQUFXLGtCQUFrQixJQUFJLENBQUMsTUFBTSxDQUFDLGdCQUFnQixFQUFFLENBQUMsQ0FBQztJQUN6SSxDQUFDO0lBRUQ7O09BRUc7SUFDSCxTQUFTO1FBQ1AsT0FBTyxFQUFFLEdBQUcsSUFBSSxDQUFDLE1BQU0sRUFBRSxDQUFDO0lBQzVCLENBQUM7SUFFRDs7T0FFRztJQUNILFFBQVE7UUFPTixJQUFJLFlBQVksR0FBRyxDQUFDLENBQUM7UUFDckIsSUFBSSxXQUFXLEdBQUcsQ0FBQyxDQUFDO1FBQ3BCLElBQUksZ0JBQWdCLEdBQUcsQ0FBQyxDQUFDO1FBQ3pCLElBQUksZUFBZSxHQUFHLENBQUMsQ0FBQztRQUV4QixLQUFLLE1BQU0sT0FBTyxJQUFJLElBQUksQ0FBQyxRQUFRLENBQUMsTUFBTSxFQUFFLEVBQUUsQ0FBQztZQUM3QyxJQUFJLE9BQU8sQ0FBQyxPQUFPLEVBQUUsQ0FBQztnQkFDcEIsZUFBZSxFQUFFLENBQUM7WUFDcEIsQ0FBQztZQUVELElBQUksT0FBTyxDQUFDLEdBQUcsS0FBSyxHQUFHLEVBQUUsQ0FBQztnQkFDeEIsZ0JBQWdCLEVBQUUsQ0FBQztZQUNyQixDQUFDO2lCQUFNLElBQUksT0FBTyxDQUFDLEdBQUcsQ0FBQyxNQUFNLEdBQUcsRUFBRSxFQUFFLENBQUM7Z0JBQ25DLGdFQUFnRTtnQkFDaEUsV0FBVyxFQUFFLENBQUM7WUFDaEIsQ0FBQztpQkFBTSxDQUFDO2dCQUNOLFlBQVksRUFBRSxDQUFDO1lBQ2pCLENBQUM7UUFDSCxDQUFDO1FBRUQsT0FBTztZQUNMLGFBQWEsRUFBRSxJQUFJLENBQUMsUUFBUSxDQUFDLElBQUk7WUFDakMsZUFBZTtZQUNmLFlBQVk7WUFDWixXQUFXO1lBQ1gsZ0JBQWdCO1NBQ2pCLENBQUM7SUFDSixDQUFDO0lBRUQ7O09BRUc7SUFDSyxLQUFLLENBQUMsWUFBWTtRQUN4QixJQUFJLENBQUMsSUFBSSxDQUFDLGNBQWMsRUFBRSxDQUFDO1lBQ3pCLE9BQU87UUFDVCxDQUFDO1FBRUQsSUFBSSxDQUFDO1lBQ0gsTUFBTSxJQUFJLEdBQUcsTUFBTSxJQUFJLENBQUMsY0FBYyxDQUFDLE9BQU8sQ0FBb0IsSUFBSSxDQUFDLE1BQU0sQ0FBQyxhQUFhLENBQUMsQ0FBQztZQUM3RixJQUFJLElBQUksSUFBSSxLQUFLLENBQUMsT0FBTyxDQUFDLElBQUksQ0FBQyxFQUFFLENBQUM7Z0JBQ2hDLEtBQUssTUFBTSxPQUFPLElBQUksSUFBSSxFQUFFLENBQUM7b0JBQzNCLElBQUksQ0FBQyxRQUFRLENBQUMsR0FBRyxDQUFDLElBQUksQ0FBQyxZQUFZLENBQUMsT0FBTyxDQUFDLEdBQUcsQ0FBQyxFQUFFLE9BQU8sQ0FBQyxDQUFDO2dCQUM3RCxDQUFDO2dCQUNELE1BQU0sQ0FBQyxHQUFHLENBQUMsTUFBTSxFQUFFLFVBQVUsSUFBSSxDQUFDLE1BQU0sNkJBQTZCLENBQUMsQ0FBQztZQUN6RSxDQUFDO1FBQ0gsQ0FBQztRQUFDLE9BQU8sS0FBSyxFQUFFLENBQUM7WUFDZixNQUFNLENBQUMsR0FBRyxDQUFDLE1BQU0sRUFBRSw4Q0FBOEMsS0FBSyxDQUFDLE9BQU8sRUFBRSxDQUFDLENBQUM7UUFDcEYsQ0FBQztJQUNILENBQUM7SUFFRDs7T0FFRztJQUNLLEtBQUssQ0FBQyxZQUFZO1FBQ3hCLElBQUksQ0FBQyxJQUFJLENBQUMsY0FBYyxFQUFFLENBQUM7WUFDekIsT0FBTztRQUNULENBQUM7UUFFRCxJQUFJLENBQUM7WUFDSCxNQUFNLFFBQVEsR0FBRyxLQUFLLENBQUMsSUFBSSxDQUFDLElBQUksQ0FBQyxRQUFRLENBQUMsTUFBTSxFQUFFLENBQUMsQ0FBQztZQUNwRCxNQUFNLElBQUksQ0FBQyxjQUFjLENBQUMsT0FBTyxDQUFDLElBQUksQ0FBQyxNQUFNLENBQUMsYUFBYSxFQUFFLFFBQVEsQ0FBQyxDQUFDO1FBQ3pFLENBQUM7UUFBQyxPQUFPLEtBQUssRUFBRSxDQUFDO1lBQ2YsTUFBTSxDQUFDLEdBQUcsQ0FBQyxPQUFPLEVBQUUsNENBQTRDLEtBQUssQ0FBQyxPQUFPLEVBQUUsQ0FBQyxDQUFDO1FBQ25GLENBQUM7SUFDSCxDQUFDO0NBQ0YifQ==

package/dist_ts/radius/index.d.ts

@@ -0,0 +1,13 @@
+/**
+ * RADIUS module for DcRouter
+ *
+ * Provides:
+ * - MAC Authentication Bypass (MAB) for network device authentication
+ * - VLAN assignment based on MAC addresses
+ * - OUI (vendor prefix) pattern matching for device categorization
+ * - RADIUS accounting for session tracking and billing
+ * - Integration with StorageManager for persistence
+ */
+export * from './classes.radius.server.js';
+export * from './classes.vlan.manager.js';
+export * from './classes.accounting.manager.js';

package/dist_ts/radius/index.js

@@ -0,0 +1,14 @@
+/**
+ * RADIUS module for DcRouter
+ *
+ * Provides:
+ * - MAC Authentication Bypass (MAB) for network device authentication
+ * - VLAN assignment based on MAC addresses
+ * - OUI (vendor prefix) pattern matching for device categorization
+ * - RADIUS accounting for session tracking and billing
+ * - Integration with StorageManager for persistence
+ */
+export * from './classes.radius.server.js';
+export * from './classes.vlan.manager.js';
+export * from './classes.accounting.manager.js';
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiaW5kZXguanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi8uLi90cy9yYWRpdXMvaW5kZXgudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6IkFBQUE7Ozs7Ozs7OztHQVNHO0FBRUgsY0FBYyw0QkFBNEIsQ0FBQztBQUMzQyxjQUFjLDJCQUEyQixDQUFDO0FBQzFDLGNBQWMsaUNBQWlDLENBQUMifQ==

package/dist_ts/security/classes.contentscanner.d.ts

@@ -0,0 +1,160 @@
+import { Email } from '@push.rocks/smartmta';
+/**
+ * Scan result information
+ */
+export interface IScanResult {
+    isClean: boolean;
+    threatType?: string;
+    threatDetails?: string;
+    threatScore: number;
+    scannedElements: string[];
+    timestamp: number;
+}
+/**
+ * Options for content scanner configuration
+ */
+export interface IContentScannerOptions {
+    maxCacheSize?: number;
+    cacheTTL?: number;
+    scanSubject?: boolean;
+    scanBody?: boolean;
+    scanAttachments?: boolean;
+    maxAttachmentSizeToScan?: number;
+    scanAttachmentNames?: boolean;
+    blockExecutables?: boolean;
+    blockMacros?: boolean;
+    customRules?: Array<{
+        pattern: string | RegExp;
+        type: string;
+        score: number;
+        description: string;
+    }>;
+    minThreatScore?: number;
+    highThreatScore?: number;
+}
+/**
+ * Threat categories
+ */
+export declare enum ThreatCategory {
+    SPAM = "spam",
+    PHISHING = "phishing",
+    MALWARE = "malware",
+    EXECUTABLE = "executable",
+    SUSPICIOUS_LINK = "suspicious_link",
+    MALICIOUS_MACRO = "malicious_macro",
+    XSS = "xss",
+    SENSITIVE_DATA = "sensitive_data",
+    BLACKLISTED_CONTENT = "blacklisted_content",
+    CUSTOM_RULE = "custom_rule"
+}
+/**
+ * Content Scanner for detecting malicious email content
+ */
+export declare class ContentScanner {
+    private static instance;
+    private scanCache;
+    private options;
+    private static readonly MALICIOUS_PATTERNS;
+    private static readonly EXECUTABLE_EXTENSIONS;
+    private static readonly MACRO_DOCUMENT_EXTENSIONS;
+    /**
+     * Default options for the content scanner
+     */
+    private static readonly DEFAULT_OPTIONS;
+    /**
+     * Constructor for the ContentScanner
+     * @param options Configuration options
+     */
+    constructor(options?: IContentScannerOptions);
+    /**
+     * Get the singleton instance of the scanner
+     * @param options Configuration options
+     * @returns Singleton scanner instance
+     */
+    static getInstance(options?: IContentScannerOptions): ContentScanner;
+    /**
+     * Scan an email for malicious content
+     * @param email The email to scan
+     * @returns Scan result
+     */
+    scanEmail(email: Email): Promise<IScanResult>;
+    /**
+     * Generate a cache key from an email
+     * @param email The email to generate a key for
+     * @returns Cache key
+     */
+    private generateCacheKey;
+    /**
+     * Scan email subject for threats
+     * @param subject The subject to scan
+     * @param result The scan result to update
+     */
+    private scanSubject;
+    /**
+     * Scan plain text content for threats
+     * @param text The text content to scan
+     * @param result The scan result to update
+     */
+    private scanTextContent;
+    /**
+     * Scan HTML content for threats
+     * @param html The HTML content to scan
+     * @param result The scan result to update
+     */
+    private scanHtmlContent;
+    /**
+     * Scan an attachment for threats
+     * @param attachment The attachment to scan
+     * @param result The scan result to update
+     */
+    private scanAttachment;
+    /**
+     * Extract links from HTML content
+     * @param html HTML content
+     * @returns Array of extracted links
+     */
+    private extractLinksFromHtml;
+    /**
+     * Extract plain text from HTML
+     * @param html HTML content
+     * @returns Extracted text
+     */
+    private extractTextFromHtml;
+    /**
+     * Extract text from a binary buffer for scanning
+     * @param buffer Binary content
+     * @returns Extracted text (may be partial)
+     */
+    private extractTextFromBuffer;
+    /**
+     * Check if an Office document likely contains macros
+     * This is a simplified check - real implementation would use specialized libraries
+     * @param attachment The attachment to check
+     * @returns Whether the file likely contains macros
+     */
+    private likelyContainsMacros;
+    /**
+     * Map a pattern category to a threat type
+     * @param category The pattern category
+     * @returns The corresponding threat type
+     */
+    private mapCategoryToThreatType;
+    /**
+     * Log a high threat finding to the security logger
+     * @param email The email containing the threat
+     * @param result The scan result
+     */
+    private logHighThreatFound;
+    /**
+     * Log a threat finding to the security logger
+     * @param email The email containing the threat
+     * @param result The scan result
+     */
+    private logThreatFound;
+    /**
+     * Get threat level description based on score
+     * @param score Threat score
+     * @returns Threat level description
+     */
+    static getThreatLevel(score: number): 'none' | 'low' | 'medium' | 'high';
+}