├── docs ├── api │ └── backend.md ├── package.json ├── index.md ├── guide │ ├── introduction.md │ ├── getting-started.md │ ├── contributing.md │ └── architecture.md ├── .vitepress │ └── config.ts └── deployment │ └── requirements.md ├── backend ├── core │ ├── models │ │ ├── __init__.py │ │ └── rwkv_inference.py │ ├── optimization │ │ ├── simd_wrapper.py │ │ └── simd_libs │ │ │ ├── Makefile │ │ │ └── simd_avx2.c │ ├── knowledge │ │ └── __init__.py │ ├── connectors │ │ ├── __init__.py │ │ ├── shell.py │ │ ├── rj45.py │ │ ├── telnet.py │ │ ├── ssh.py │ │ └── cisco_connector.py │ ├── llm │ │ ├── model_classifier.py │ │ ├── text_vectorizer.py │ │ ├── rwkv_manager.py │ │ └── bayes_classifier.py │ ├── auth │ │ ├── init_db.py │ │ ├── schemas.py │ │ ├── deps.py │ │ ├── models.py │ │ └── security.py │ ├── vault │ │ └── manager.py │ └── database │ │ └── db.py ├── tests │ ├── test_intel_optimizer.py │ ├── conftest.py │ ├── test_database.py │ ├── test_knowledge_graph.py │ ├── test_vectorstore.py │ └── test_simd_wrapper.py ├── requirements-test.txt ├── Dockerfile ├── .env.example ├── requirements.txt ├── run_tests.py └── api │ ├── models.py │ ├── auth.py │ └── routes │ └── devices.py ├── networkips ├── training │ ├── README.md │ ├── requirements.txt │ └── scripts │ │ └── preprocess_data.py ├── scripts │ ├── nips.service │ └── nips-start.sh ├── src │ ├── CMakeLists.txt │ └── main.cpp ├── README.md ├── include │ ├── capture │ │ └── packet_capture.hpp │ ├── common │ │ ├── config.hpp │ │ └── logger.hpp │ ├── feature │ │ └── feature_extractor.hpp │ ├── ml │ │ └── anomaly_detector.hpp │ ├── response │ │ └── response_controller.hpp │ └── detection │ │ └── threat_detector.hpp ├── config │ └── nips.yaml └── CMakeLists.txt ├── .DS_Store ├── ARIES.png ├── Figure_1.png ├── Figure_2.png ├── requirements.txt ├── web ├── requirements.txt ├── README.md ├── templates │ └── login.html ├── css │ └── style.css └── server.py ├── mqtt └── config │ └── mosquitto.conf ├── frontend ├── Dockerfile ├── src │ ├── store │ │ ├── index.js │ │ └── modules │ │ │ ├── user.js │ │ │ ├── server.js │ │ │ ├── network.js │ │ │ └── app.js │ ├── main.js │ ├── App.vue │ ├── views │ │ └── login │ │ │ └── index.vue │ └── router │ │ └── index.js └── package.json ├── .github ├── ISSUE_TEMPLATE │ ├── feature_request.md │ └── bug_report.md └── workflows │ └── static.yml ├── docker-compose.yml ├── SECURITY.md ├── .gitignore └── README.md /docs/api/backend.md: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /backend/core/models/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /networkips/training/README.md: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /backend/tests/test_intel_optimizer.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /backend/core/optimization/simd_wrapper.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /backend/core/knowledge/__init__.py: -------------------------------------------------------------------------------- 1 | # 知识库模块初始化文件 -------------------------------------------------------------------------------- /.DS_Store: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Chieko-Seren/ARIES/HEAD/.DS_Store -------------------------------------------------------------------------------- /ARIES.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Chieko-Seren/ARIES/HEAD/ARIES.png -------------------------------------------------------------------------------- /Figure_1.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Chieko-Seren/ARIES/HEAD/Figure_1.png -------------------------------------------------------------------------------- /Figure_2.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Chieko-Seren/ARIES/HEAD/Figure_2.png -------------------------------------------------------------------------------- /backend/core/connectors/__init__.py: -------------------------------------------------------------------------------- 1 | # 连接器模块初始化文件 2 | from .cisco_connector import CiscoConnector -------------------------------------------------------------------------------- /requirements.txt: -------------------------------------------------------------------------------- 1 | # LLM相关依赖 2 | llama-cpp-python>=0.2.0 3 | tokenizers>=0.13.0 4 | 5 | # RWKV相关依赖 6 | torch>=2.0.0 7 | rwkv>=0.8.0 -------------------------------------------------------------------------------- /web/requirements.txt: -------------------------------------------------------------------------------- 1 | Flask==3.0.2 2 | Werkzeug==3.0.1 3 | fastapi==0.109.2 4 | uvicorn[standard]==0.27.1 5 | jinja2==3.1.3 6 | python-multipart==0.0.9 7 | itsdangerous==2.1.2 8 | starlette==0.36.3 -------------------------------------------------------------------------------- /backend/requirements-test.txt: -------------------------------------------------------------------------------- 1 | pytest==7.4.3 2 | pytest-cov==4.1.0 3 | pytest-mock==3.12.0 4 | pytest-asyncio==0.21.1 5 | pytest-timeout==2.2.0 6 | pytest-xdist==3.3.1 7 | coverage==7.3.2 8 | mock==5.1.0 9 | freezegun==1.2.2 10 | requests-mock==1.11.0 -------------------------------------------------------------------------------- /docs/package.json: -------------------------------------------------------------------------------- 1 | { 2 | "name": "aries-docs", 3 | "version": "1.0.0", 4 | "description": "ARIES 项目文档", 5 | "scripts": { 6 | "docs:dev": "vitepress dev", 7 | "docs:build": "vitepress build", 8 | "docs:preview": "vitepress preview" 9 | }, 10 | "devDependencies": { 11 | "vitepress": "^1.0.0-rc.40" 12 | } 13 | } -------------------------------------------------------------------------------- /networkips/training/requirements.txt: -------------------------------------------------------------------------------- 1 | torch>=1.9.0 2 | numpy>=1.19.2 3 | pandas>=1.2.0 4 | scikit-learn>=0.24.0 5 | matplotlib>=3.3.0 6 | seaborn>=0.11.0 7 | tqdm>=4.50.0 8 | transformers>=4.30.0 9 | datasets>=2.12.0 10 | accelerate>=0.20.0 11 | bitsandbytes>=0.39.0 12 | peft>=0.4.0 13 | tensorboard>=2.13.0 14 | sentencepiece>=0.1.99 15 | protobuf>=3.20.0 16 | einops>=0.6.1 17 | safetensors>=0.3.1 -------------------------------------------------------------------------------- /mqtt/config/mosquitto.conf: -------------------------------------------------------------------------------- 1 | # 监听端口配置 2 | listener 1883 3 | listener 9001 4 | protocol websockets 5 | 6 | # 持久化配置 7 | persistence true 8 | persistence_location /mosquitto/data/ 9 | log_dest file /mosquitto/log/mosquitto.log 10 | 11 | # 允许匿名连接(生产环境建议配置认证) 12 | allow_anonymous true 13 | 14 | # 最大连接数 15 | max_connections -1 16 | 17 | # 最大消息队列大小 18 | max_queued_messages 1000 19 | 20 | # 最大消息大小(字节) 21 | max_packet_size 0 -------------------------------------------------------------------------------- /networkips/scripts/nips.service: -------------------------------------------------------------------------------- 1 | [Unit] 2 | Description=NIPS Network Intrusion Prevention System 3 | After=network.target 4 | 5 | [Service] 6 | Type=simple 7 | User=root 8 | ExecStart=/usr/local/bin/nips-start 9 | Restart=always 10 | RestartSec=5 11 | LimitNOFILE=65535 12 | Environment=NIPS_CONFIG=/etc/nips/nips.yaml 13 | Environment=NIPS_LOG=/var/log/nips/nips.log 14 | 15 | [Install] 16 | WantedBy=multi-user.target -------------------------------------------------------------------------------- /docs/index.md: -------------------------------------------------------------------------------- 1 | --- 2 | layout: home 3 | hero: 4 | name: ARIES 5 | text: 智能网络分析系统 6 | tagline: 高效、智能、安全的网络分析解决方案 7 | actions: 8 | - theme: brand 9 | text: 开始使用 10 | link: /guide/getting-started 11 | - theme: alt 12 | text: 查看文档 13 | link: /guide/introduction 14 | features: 15 | - title: 高性能 16 | details: 采用先进的网络分析技术,提供快速、准确的数据处理能力 17 | - title: 智能分析 18 | details: 集成机器学习算法,实现智能化的网络行为分析 19 | - title: 安全可靠 20 | details: 严格的安全机制,确保数据安全和系统稳定 21 | --- -------------------------------------------------------------------------------- /frontend/Dockerfile: -------------------------------------------------------------------------------- 1 | # 构建阶段 2 | FROM node:14-alpine as build 3 | 4 | # 设置工作目录 5 | WORKDIR /app 6 | 7 | # 复制依赖文件 8 | COPY package*.json ./ 9 | 10 | # 安装依赖 11 | RUN npm install 12 | 13 | # 复制项目文件 14 | COPY . . 15 | 16 | # 构建应用 17 | RUN npm run build 18 | 19 | # 生产阶段 20 | FROM nginx:alpine 21 | 22 | # 复制构建产物到 Nginx 目录 23 | COPY --from=build /app/dist /usr/share/nginx/html 24 | 25 | # 复制 Nginx 配置 26 | COPY nginx.conf /etc/nginx/conf.d/default.conf 27 | 28 | # 暴露端口 29 | EXPOSE 80 30 | 31 | # 启动 Nginx 32 | CMD ["nginx", "-g", "daemon off;"] -------------------------------------------------------------------------------- /frontend/src/store/index.js: -------------------------------------------------------------------------------- 1 | import { createStore } from 'vuex' 2 | import user from './modules/user' 3 | import server from './modules/server' 4 | import network from './modules/network' 5 | import knowledge from './modules/knowledge' 6 | import task from './modules/task' 7 | import app from './modules/app' 8 | 9 | export default createStore({ 10 | modules: { 11 | user, 12 | server, 13 | network, 14 | knowledge, 15 | task, 16 | app 17 | }, 18 | // 严格模式,禁止在mutation之外修改状态 19 | strict: process.env.NODE_ENV !== 'production' 20 | }) -------------------------------------------------------------------------------- /backend/Dockerfile: -------------------------------------------------------------------------------- 1 | # 使用 Python 3.8 作为基础镜像 2 | FROM python:3.8-slim 3 | 4 | # 设置工作目录 5 | WORKDIR /app 6 | 7 | # 设置环境变量 8 | ENV PYTHONDONTWRITEBYTECODE=1 \ 9 | PYTHONUNBUFFERED=1 \ 10 | PYTHONPATH=/app 11 | 12 | # 安装系统依赖 13 | RUN apt-get update && apt-get install -y --no-install-recommends \ 14 | build-essential \ 15 | libpq-dev \ 16 | && rm -rf /var/lib/apt/lists/* 17 | 18 | # 复制依赖文件 19 | COPY requirements.txt . 20 | 21 | # 安装 Python 依赖 22 | RUN pip install --no-cache-dir -r requirements.txt 23 | 24 | # 复制项目文件 25 | COPY . . 26 | 27 | # 暴露端口 28 | EXPOSE 8000 29 | 30 | # 启动命令 31 | CMD ["uvicorn", "main:app", "--host", "0.0.0.0", "--port", "8000"] -------------------------------------------------------------------------------- /backend/core/optimization/simd_libs/Makefile: -------------------------------------------------------------------------------- 1 | CC = gcc 2 | CFLAGS = -O3 -mavx2 -fPIC -Wall -Wextra 3 | LDFLAGS = -shared 4 | 5 | # 目标文件 6 | TARGET = libsimd_avx2.so 7 | 8 | # 源文件 9 | SRCS = simd_avx2.c 10 | OBJS = $(SRCS:.c=.o) 11 | 12 | # 默认目标 13 | all: $(TARGET) 14 | 15 | # 编译共享库 16 | $(TARGET): $(OBJS) 17 | $(CC) $(LDFLAGS) -o $@ $^ 18 | 19 | # 编译源文件 20 | %.o: %.c 21 | $(CC) $(CFLAGS) -c $< -o $@ 22 | 23 | # 清理 24 | clean: 25 | rm -f $(OBJS) $(TARGET) 26 | 27 | # 安装 28 | install: $(TARGET) 29 | cp $(TARGET) /usr/local/lib/ 30 | ldconfig 31 | 32 | # 卸载 33 | uninstall: 34 | rm -f /usr/local/lib/$(TARGET) 35 | ldconfig 36 | 37 | .PHONY: all clean install uninstall -------------------------------------------------------------------------------- /.github/ISSUE_TEMPLATE/feature_request.md: -------------------------------------------------------------------------------- 1 | --- 2 | name: Feature request 3 | about: Suggest an idea for this project 4 | title: '' 5 | labels: '' 6 | assignees: '' 7 | 8 | --- 9 | 10 | **Is your feature request related to a problem? Please describe.** 11 | A clear and concise description of what the problem is. Ex. I'm always frustrated when [...] 12 | 13 | **Describe the solution you'd like** 14 | A clear and concise description of what you want to happen. 15 | 16 | **Describe alternatives you've considered** 17 | A clear and concise description of any alternative solutions or features you've considered. 18 | 19 | **Additional context** 20 | Add any other context or screenshots about the feature request here. 21 | -------------------------------------------------------------------------------- /networkips/scripts/nips-start.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | # 检查是否以root权限运行 4 | if [ "$EUID" -ne 0 ]; then 5 | echo "请以root权限运行此脚本" 6 | exit 1 7 | fi 8 | 9 | # 设置环境变量 10 | export NIPS_CONFIG=${NIPS_CONFIG:-"/etc/nips/nips.yaml"} 11 | export NIPS_LOG=${NIPS_LOG:-"/var/log/nips/nips.log"} 12 | 13 | # 创建日志目录 14 | mkdir -p "$(dirname "$NIPS_LOG")" 15 | touch "$NIPS_LOG" 16 | chmod 644 "$NIPS_LOG" 17 | 18 | # 检查配置文件 19 | if [ ! -f "$NIPS_CONFIG" ]; then 20 | echo "错误:配置文件 $NIPS_CONFIG 不存在" 21 | exit 1 22 | fi 23 | 24 | # 检查可执行文件 25 | NIPS_BIN="/usr/local/bin/nips" 26 | if [ ! -x "$NIPS_BIN" ]; then 27 | echo "错误:可执行文件 $NIPS_BIN 不存在或没有执行权限" 28 | exit 1 29 | fi 30 | 31 | # 启动服务 32 | echo "正在启动 NIPS 服务..." 33 | exec "$NIPS_BIN" --config "$NIPS_CONFIG" --log "$NIPS_LOG" -------------------------------------------------------------------------------- /backend/.env.example: -------------------------------------------------------------------------------- 1 | # Vault配置 2 | VAULT_URL=http://vault:8200 3 | VAULT_TOKEN=your-vault-token 4 | VAULT_MOUNT_POINT=aries 5 | 6 | # 基本配置 7 | DEBUG=false 8 | LOG_DIR=./logs 9 | 10 | # API配置 11 | API_PREFIX=/api 12 | ACCESS_TOKEN_EXPIRE_MINUTES=30 13 | 14 | # 数据库配置 15 | DB_PATH=./data/aries.db 16 | 17 | # LLM配置 18 | LLM_PROVIDER=openai 19 | LLM_MODEL=gpt-4 20 | 21 | # 知识库配置 22 | VECTOR_DB_PATH=./data/vector_store 23 | KG_PATH=./data/knowledge_graph 24 | 25 | # 服务器配置 26 | SERVERS_CONFIG_PATH=./config/servers.json 27 | 28 | # Kubernetes配置 29 | KUBE_CONFIG_PATH=~/.kube/config 30 | 31 | # 通知配置 32 | WEBHOOK_URL= 33 | 34 | # 搜索API配置 35 | SEARCH_API_KEY= 36 | 37 | # MQTT配置 38 | MQTT_BROKER=mqtt 39 | MQTT_PORT=1883 40 | 41 | # CORS配置 42 | ALLOWED_ORIGINS=http://localhost:3000,http://localhost:8000 -------------------------------------------------------------------------------- /docs/guide/introduction.md: -------------------------------------------------------------------------------- 1 | # ARIES 介绍 2 | 3 | ARIES 是一个现代化的网络分析系统,旨在提供高效、智能的网络流量分析和安全监控解决方案。 4 | 5 | ## 主要特性 6 | 7 | - **实时监控**:提供实时的网络流量监控和分析 8 | - **智能分析**:集成机器学习算法,实现智能化的网络行为分析 9 | - **可视化展示**:直观的数据可视化界面,支持多种图表展示 10 | - **安全防护**:内置安全防护机制,及时发现和应对网络威胁 11 | 12 | ## 技术栈 13 | 14 | - 前端:Vue.js + TypeScript 15 | - 后端:Python + FastAPI 16 | - 数据库:PostgreSQL 17 | - 缓存:Redis 18 | - 消息队列:RabbitMQ 19 | 20 | ## 系统架构 21 | 22 | ARIES 采用现代化的微服务架构,主要包含以下组件: 23 | 24 | 1. **前端服务**:提供用户界面和交互功能 25 | 2. **后端服务**:处理业务逻辑和数据分析 26 | 3. **数据存储**:管理持久化数据 27 | 4. **消息队列**:处理异步任务和事件 28 | 5. **监控服务**:系统监控和告警 29 | 30 | ## 快速开始 31 | 32 | 要开始使用 ARIES,请参考[快速开始](/guide/getting-started)指南。 33 | 34 | ## 贡献指南 35 | 36 | 我们欢迎社区贡献,请查看我们的[贡献指南](/guide/contributing)了解更多信息。 37 | 38 | ## 许可证 39 | 40 | ARIES 采用 MIT 许可证,详情请查看 [LICENSE](/LICENSE) 文件。 -------------------------------------------------------------------------------- /frontend/src/main.js: -------------------------------------------------------------------------------- 1 | import { createApp } from 'vue' 2 | import App from './App.vue' 3 | import router from './router' 4 | import store from './store' 5 | import ElementPlus from 'element-plus' 6 | import 'element-plus/dist/index.css' 7 | import * as ElementPlusIconsVue from '@element-plus/icons-vue' 8 | import JsonViewer from 'vue-json-viewer' 9 | import 'xterm/css/xterm.css' 10 | 11 | // 创建Vue应用实例 12 | const app = createApp(App) 13 | 14 | // 注册所有Element Plus图标 15 | for (const [key, component] of Object.entries(ElementPlusIconsVue)) { 16 | app.component(key, component) 17 | } 18 | 19 | // 使用插件 20 | app.use(store) 21 | app.use(router) 22 | app.use(ElementPlus, { size: 'default' }) 23 | app.use(JsonViewer) 24 | 25 | // 全局错误处理 26 | app.config.errorHandler = (err, vm, info) => { 27 | console.error('Vue全局错误:', err, info) 28 | store.dispatch('app/setError', { message: err.message, stack: err.stack }) 29 | } 30 | 31 | // 挂载应用 32 | app.mount('#app') -------------------------------------------------------------------------------- /networkips/src/CMakeLists.txt: -------------------------------------------------------------------------------- 1 | # 收集所有源文件 2 | file(GLOB_RECURSE SOURCES 3 | "*.cpp" 4 | "capture/*.cpp" 5 | "feature/*.cpp" 6 | "ml/*.cpp" 7 | "detection/*.cpp" 8 | "response/*.cpp" 9 | "correlation/*.cpp" 10 | "common/*.cpp" 11 | ) 12 | 13 | # 创建主可执行文件 14 | add_executable(nips ${SOURCES}) 15 | 16 | # 链接必要的库 17 | target_link_libraries(nips 18 | PRIVATE 19 | OpenSSL::SSL 20 | OpenSSL::Crypto 21 | Threads::Threads 22 | pcap 23 | protobuf 24 | ${TORCH_LIBRARIES} 25 | yaml-cpp 26 | spdlog::spdlog 27 | Boost::system 28 | Boost::filesystem 29 | ) 30 | 31 | # 设置编译定义 32 | target_compile_definitions(nips 33 | PRIVATE 34 | NIPS_VERSION="${PROJECT_VERSION}" 35 | NIPS_BUILD_TYPE="${CMAKE_BUILD_TYPE}" 36 | SPDLOG_ACTIVE_LEVEL=SPDLOG_LEVEL_INFO 37 | ) 38 | 39 | # 设置编译选项 40 | target_compile_options(nips 41 | PRIVATE 42 | -O3 43 | -march=native 44 | -mtune=native 45 | -DNDEBUG 46 | ) -------------------------------------------------------------------------------- /.github/ISSUE_TEMPLATE/bug_report.md: -------------------------------------------------------------------------------- 1 | --- 2 | name: Bug report 3 | about: Create a report to help us improve 4 | title: '' 5 | labels: '' 6 | assignees: '' 7 | 8 | --- 9 | 10 | **Describe the bug** 11 | A clear and concise description of what the bug is. 12 | 13 | **To Reproduce** 14 | Steps to reproduce the behavior: 15 | 1. Go to '...' 16 | 2. Click on '....' 17 | 3. Scroll down to '....' 18 | 4. See error 19 | 20 | **Expected behavior** 21 | A clear and concise description of what you expected to happen. 22 | 23 | **Screenshots** 24 | If applicable, add screenshots to help explain your problem. 25 | 26 | **Desktop (please complete the following information):** 27 | - OS: [e.g. iOS] 28 | - Browser [e.g. chrome, safari] 29 | - Version [e.g. 22] 30 | 31 | **Smartphone (please complete the following information):** 32 | - Device: [e.g. iPhone6] 33 | - OS: [e.g. iOS8.1] 34 | - Browser [e.g. stock browser, safari] 35 | - Version [e.g. 22] 36 | 37 | **Additional context** 38 | Add any other context about the problem here. 39 | -------------------------------------------------------------------------------- /backend/requirements.txt: -------------------------------------------------------------------------------- 1 | # ARIES 后端依赖 2 | fastapi>=0.95.0 3 | uvicorn>=0.22.0 4 | python-dotenv>=1.0.0 5 | python-jose>=3.3.0 6 | passlib>=1.7.4 7 | pydantic>=2.0.0 8 | requests>=2.28.0 9 | beautiful-soup4>=4.12.0 10 | faiss-cpu>=1.7.4 11 | langchain>=0.0.267 12 | openai>=0.27.0 13 | paramiko>=3.1.0 14 | telnetlib3>=1.0.4 15 | pynetbox>=7.0.0 16 | kubernetes>=26.1.0 17 | networkx>=3.1 18 | prompt-toolkit>=3.0.38 19 | webhook-listener>=1.0.2 20 | python-multipart>=0.0.6 21 | sentence-transformers>=2.2.2 22 | pyYAML>=6.0 23 | schedule>=1.2.0 24 | numpy>=1.24.0 25 | pandas>=2.0.0 26 | scikit-learn>=1.3.0 27 | joblib>=1.3.0 28 | 29 | # SIMD 优化依赖 30 | scipy>=1.10.0 31 | 32 | # 编译工具 33 | setuptools>=65.5.0 34 | wheel>=0.38.0 35 | cython>=0.29.0 36 | numba>=0.57.0 37 | 38 | # 性能分析工具 39 | line-profiler>=4.1.0 40 | memory-profiler>=0.61.0 41 | psutil>=5.9.0 42 | 43 | # 权限管理依赖 44 | sqlalchemy>=2.0.0 45 | alembic>=1.12.0 46 | bcrypt>=4.0.1 47 | python-jose[cryptography]>=3.3.0 48 | redis>=4.5.0 49 | 50 | # MQTT 相关依赖 51 | paho-mqtt==1.6.1 52 | asyncio-mqtt==0.16.1 53 | # 时序数据库支持 54 | timescale-db==0.1.0 55 | 56 | # Vault 依赖 57 | hvac>=1.1.1 # Vault客户端 58 | 59 | # RWKV 相关依赖 60 | rwkv>=0.8.0 61 | torch>=2.0.0 62 | tokenizers>=0.13.0 -------------------------------------------------------------------------------- /networkips/README.md: -------------------------------------------------------------------------------- 1 | # NIPS - 网络入侵防护系统 2 | 3 | NIPS 是一个基于深度学习和传统机器学习的网络入侵防护系统,专为软路由环境设计。系统能够实时分析网络流量,检测异常行为,并采取相应的防护措施。 4 | 5 | ## 主要特性 6 | 7 | - 实时流量采集和分析 8 | - 深度学习模型支持(基于 LibTorch) 9 | - 传统机器学习算法集成 10 | - 威胁情报关联分析 11 | - 自适应防护策略 12 | - 攻击预判能力 13 | - 高性能流量处理 14 | 15 | ## 系统要求 16 | 17 | - C++17 兼容的编译器 18 | - CMake 3.15 或更高版本 19 | - OpenSSL 20 | - libpcap 21 | - Protocol Buffers 22 | - LibTorch (PyTorch C++ API) 23 | - 支持 DPDK 的网络接口(可选,用于高性能模式) 24 | 25 | ## 构建说明 26 | 27 | ```bash 28 | mkdir build && cd build 29 | cmake .. 30 | make -j$(nproc) 31 | ``` 32 | 33 | ## 配置说明 34 | 35 | 配置文件位于 `config/` 目录下: 36 | - `nips.conf` - 主配置文件 37 | - `models/` - 预训练模型目录 38 | - `rules/` - 检测规则目录 39 | 40 | ## 模块说明 41 | 42 | 1. 流量采集模块 (capture/) 43 | - 网络数据包捕获 44 | - 流量预处理 45 | - 会话重组 46 | 47 | 2. 特征提取模块 (feature/) 48 | - 流量特征计算 49 | - 协议解析 50 | - 行为特征提取 51 | 52 | 3. 机器学习模块 (ml/) 53 | - 深度学习模型 54 | - 传统机器学习算法 55 | - 模型训练和推理 56 | 57 | 4. 威胁检测模块 (detection/) 58 | - 异常检测 59 | - 攻击识别 60 | - 威胁评分 61 | 62 | 5. 响应控制模块 (response/) 63 | - 流量阻断 64 | - 访问控制 65 | - 防护策略执行 66 | 67 | 6. 事件关联模块 (correlation/) 68 | - 安全事件关联分析 69 | - 攻击链还原 70 | - 威胁情报集成 71 | 72 | ## 许可证 73 | 74 | 本项目采用 MIT 许可证。详见 LICENSE 文件。 -------------------------------------------------------------------------------- /networkips/include/capture/packet_capture.hpp: -------------------------------------------------------------------------------- 1 | #pragma once 2 | 3 | #include 4 | #include 5 | #include 6 | #include 7 | #include 8 | 9 | namespace nips { 10 | namespace capture { 11 | 12 | struct PacketInfo { 13 | std::vector data; 14 | uint32_t timestamp; 15 | uint32_t length; 16 | std::string interface; 17 | bool is_outbound; 18 | }; 19 | 20 | class PacketCapture { 21 | public: 22 | using PacketCallback = std::function; 23 | 24 | PacketCapture(); 25 | ~PacketCapture(); 26 | 27 | // 初始化捕获器 28 | bool init(const std::string& interface, const std::string& filter = ""); 29 | 30 | // 开始捕获 31 | bool start(PacketCallback callback); 32 | 33 | // 停止捕获 34 | void stop(); 35 | 36 | // 设置过滤器 37 | bool setFilter(const std::string& filter); 38 | 39 | // 获取可用接口列表 40 | static std::vector getAvailableInterfaces(); 41 | 42 | private: 43 | pcap_t* handle_; 44 | bool running_; 45 | std::string interface_; 46 | std::string filter_; 47 | 48 | // 禁用拷贝 49 | PacketCapture(const PacketCapture&) = delete; 50 | PacketCapture& operator=(const PacketCapture&) = delete; 51 | }; 52 | 53 | } // namespace capture 54 | } // namespace nips -------------------------------------------------------------------------------- /frontend/package.json: -------------------------------------------------------------------------------- 1 | { 2 | "name": "aries-frontend", 3 | "version": "1.0.0", 4 | "private": true, 5 | "scripts": { 6 | "serve": "vue-cli-service serve", 7 | "build": "vue-cli-service build", 8 | "lint": "vue-cli-service lint" 9 | }, 10 | "dependencies": { 11 | "axios": "^0.21.4", 12 | "core-js": "^3.6.5", 13 | "echarts": "^5.3.0", 14 | "element-plus": "^2.2.0", 15 | "js-cookie": "^3.0.1", 16 | "vue": "^3.2.33", 17 | "vue-router": "^4.0.14", 18 | "vuex": "^4.0.2", 19 | "xterm": "^4.18.0", 20 | "xterm-addon-fit": "^0.5.0", 21 | "d3": "^7.4.0", 22 | "vis-network": "^9.1.2", 23 | "vue-echarts": "^6.0.3", 24 | "vue-json-viewer": "^2.2.22", 25 | "vue-codemirror": "^6.1.1", 26 | "@codemirror/lang-javascript": "^6.0.0", 27 | "@codemirror/lang-json": "^6.0.0", 28 | "@codemirror/lang-yaml": "^6.0.0", 29 | "@codemirror/theme-one-dark": "^6.0.0" 30 | }, 31 | "devDependencies": { 32 | "@vue/cli-plugin-babel": "~4.5.0", 33 | "@vue/cli-plugin-eslint": "~4.5.0", 34 | "@vue/cli-plugin-router": "~4.5.0", 35 | "@vue/cli-plugin-vuex": "~4.5.0", 36 | "@vue/cli-service": "~4.5.0", 37 | "@vue/compiler-sfc": "^3.2.33", 38 | "babel-eslint": "^10.1.0", 39 | "eslint": "^6.7.2", 40 | "eslint-plugin-vue": "^7.0.0", 41 | "sass": "^1.26.5", 42 | "sass-loader": "^8.0.2" 43 | } 44 | } -------------------------------------------------------------------------------- /.github/workflows/static.yml: -------------------------------------------------------------------------------- 1 | # Simple workflow for deploying static content to GitHub Pages 2 | name: Deploy static content to Pages 3 | 4 | on: 5 | # Runs on pushes targeting the default branch 6 | push: 7 | branches: ["main"] 8 | 9 | # Allows you to run this workflow manually from the Actions tab 10 | workflow_dispatch: 11 | 12 | # Sets permissions of the GITHUB_TOKEN to allow deployment to GitHub Pages 13 | permissions: 14 | contents: read 15 | pages: write 16 | id-token: write 17 | 18 | # Allow only one concurrent deployment, skipping runs queued between the run in-progress and latest queued. 19 | # However, do NOT cancel in-progress runs as we want to allow these production deployments to complete. 20 | concurrency: 21 | group: "pages" 22 | cancel-in-progress: false 23 | 24 | jobs: 25 | # Single deploy job since we're just deploying 26 | deploy: 27 | environment: 28 | name: github-pages 29 | url: ${{ steps.deployment.outputs.page_url }} 30 | runs-on: ubuntu-latest 31 | steps: 32 | - name: Checkout 33 | uses: actions/checkout@v4 34 | - name: Setup Pages 35 | uses: actions/configure-pages@v5 36 | - name: Upload artifact 37 | uses: actions/upload-pages-artifact@v3 38 | with: 39 | # Upload entire repository 40 | path: './web' 41 | - name: Deploy to GitHub Pages 42 | id: deployment 43 | uses: actions/deploy-pages@v4 44 | -------------------------------------------------------------------------------- /networkips/config/nips.yaml: -------------------------------------------------------------------------------- 1 | # NIPS 配置文件 2 | 3 | # 捕获配置 4 | capture: 5 | interface: "eth0" # 监控的网络接口 6 | filter: "" # BPF过滤器 7 | buffer_size: 65535 8 | timeout_ms: 1000 9 | promiscuous: true 10 | 11 | # 特征提取配置 12 | feature: 13 | flow_timeout_seconds: 300 14 | max_packets_per_flow: 1000 15 | enable_deep_packet_inspection: true 16 | enabled_features: 17 | - "basic_stats" 18 | - "protocol_distribution" 19 | - "payload_entropy" 20 | - "time_features" 21 | - "connection_pattern" 22 | 23 | # 机器学习配置 24 | ml: 25 | model_type: "deep_learning" # 或 "traditional_ml" 26 | model_path: "/etc/nips/models/anomaly_detector.pt" 27 | anomaly_threshold: 0.85 28 | batch_size: 64 29 | enable_gpu: true 30 | 31 | # 威胁检测配置 32 | detection: 33 | threat_thresholds: 34 | low: 0.6 35 | medium: 0.75 36 | high: 0.85 37 | critical: 0.95 38 | intel_source: "/etc/nips/intel/threat_intel.json" 39 | max_threats_history: 1000 40 | enable_correlation: true 41 | 42 | # 响应配置 43 | response: 44 | policy_path: "/etc/nips/policies/response_policy.yaml" 45 | enable_auto_response: true 46 | max_concurrent_actions: 100 47 | log_path: "/var/log/nips/response.log" 48 | 49 | # 日志配置 50 | logging: 51 | level: "info" # trace, debug, info, warn, error, critical 52 | file: "/var/log/nips/nips.log" 53 | max_size: 104857600 # 100MB 54 | max_files: 5 55 | console: true 56 | 57 | # 系统配置 58 | system: 59 | threads: 4 60 | queue_size: 10000 61 | memory_limit: 1073741824 # 1GB 62 | check_interval: 60 # 秒 -------------------------------------------------------------------------------- /backend/core/connectors/shell.py: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env python 2 | # -*- coding: utf-8 -*- 3 | 4 | """ 5 | ARIES - Shell连接器 6 | 实现本地Shell命令执行功能 7 | """ 8 | 9 | import subprocess 10 | import logging 11 | from typing import Optional, Dict, Any, List 12 | 13 | class ShellConnector: 14 | """Shell连接器类,用于执行本地Shell命令""" 15 | 16 | def __init__(self): 17 | """初始化Shell连接器""" 18 | self.logger = logging.getLogger("aries_shell") 19 | 20 | def connect(self): 21 | """Shell连接器不需要连接操作,但保留此方法以统一接口""" 22 | return True 23 | 24 | def disconnect(self): 25 | """Shell连接器不需要断开连接操作,但保留此方法以统一接口""" 26 | pass 27 | 28 | def execute(self, command: str) -> str: 29 | """执行Shell命令 30 | 31 | Args: 32 | command: 要执行的命令 33 | 34 | Returns: 35 | 命令执行结果 36 | """ 37 | try: 38 | self.logger.info(f"执行Shell命令: {command}") 39 | 40 | # 执行命令并获取输出 41 | process = subprocess.Popen( 42 | command, 43 | shell=True, 44 | stdout=subprocess.PIPE, 45 | stderr=subprocess.PIPE, 46 | universal_newlines=True 47 | ) 48 | 49 | stdout, stderr = process.communicate() 50 | exit_code = process.returncode 51 | 52 | if exit_code != 0: 53 | self.logger.warning(f"命令执行返回非零状态码: {exit_code}, 错误: {stderr}") 54 | return stderr if stderr else f"命令执行失败,状态码: {exit_code}" 55 | 56 | return stdout 57 | 58 | except Exception as e: 59 | self.logger.error(f"命令执行失败: {str(e)}") 60 | raise -------------------------------------------------------------------------------- /docs/.vitepress/config.ts: -------------------------------------------------------------------------------- 1 | import { defineConfig } from 'vitepress' 2 | 3 | export default defineConfig({ 4 | title: "ARIES 文档", 5 | description: "ARIES 项目官方文档", 6 | themeConfig: { 7 | nav: [ 8 | { text: '首页', link: '/' }, 9 | { text: '指南', link: '/guide/' }, 10 | { text: 'API', link: '/api/' }, 11 | { text: '部署', link: '/deployment/' } 12 | ], 13 | sidebar: { 14 | '/guide/': [ 15 | { 16 | text: '指南', 17 | items: [ 18 | { text: '介绍', link: '/guide/introduction' }, 19 | { text: '快速开始', link: '/guide/getting-started' }, 20 | { text: '架构设计', link: '/guide/architecture' }, 21 | { text: '贡献指南', link: '/guide/contributing' } 22 | ] 23 | } 24 | ], 25 | '/api/': [ 26 | { 27 | text: 'API 文档', 28 | items: [ 29 | { text: '后端 API', link: '/api/backend' }, 30 | { text: '前端 API', link: '/api/frontend' }, 31 | { text: 'WebSocket API', link: '/api/websocket' } 32 | ] 33 | } 34 | ], 35 | '/deployment/': [ 36 | { 37 | text: '部署指南', 38 | items: [ 39 | { text: '环境要求', link: '/deployment/requirements' }, 40 | { text: '安装步骤', link: '/deployment/installation' }, 41 | { text: '配置说明', link: '/deployment/configuration' }, 42 | { text: 'Docker 部署', link: '/deployment/docker' } 43 | ] 44 | } 45 | ] 46 | }, 47 | socialLinks: [ 48 | { icon: 'github', link: 'https://github.com/Chieko-Seren/ARIES' } 49 | ], 50 | footer: { 51 | message: '基于 MIT 许可证发布', 52 | copyright: 'Copyright © 2024-present ARIES Team' 53 | } 54 | } 55 | }) -------------------------------------------------------------------------------- /backend/run_tests.py: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env python 2 | # -*- coding: utf-8 -*- 3 | 4 | """ 5 | ARIES - 测试运行脚本 6 | 执行所有测试用例 7 | """ 8 | 9 | import os 10 | import sys 11 | import pytest 12 | import logging 13 | from datetime import datetime 14 | 15 | def setup_logging(): 16 | """设置日志""" 17 | log_dir = "logs" 18 | os.makedirs(log_dir, exist_ok=True) 19 | 20 | log_file = os.path.join(log_dir, f"test_{datetime.now().strftime('%Y%m%d_%H%M%S')}.log") 21 | 22 | logging.basicConfig( 23 | level=logging.INFO, 24 | format='%(asctime)s [%(levelname)s] %(message)s', 25 | handlers=[ 26 | logging.FileHandler(log_file, encoding='utf-8'), 27 | logging.StreamHandler(sys.stdout) 28 | ] 29 | ) 30 | 31 | def main(): 32 | """主函数""" 33 | # 设置日志 34 | setup_logging() 35 | logger = logging.getLogger(__name__) 36 | 37 | logger.info("开始运行测试...") 38 | 39 | # 设置测试参数 40 | args = [ 41 | "tests", # 测试目录 42 | "-v", # 详细输出 43 | "--tb=short", # 简短的错误回溯 44 | "--cov=backend", # 代码覆盖率 45 | "--cov-report=term-missing", # 显示未覆盖的代码行 46 | "--cov-report=html:coverage_report", # 生成HTML覆盖率报告 47 | "-W", "ignore::DeprecationWarning", # 忽略废弃警告 48 | "--durations=10", # 显示最慢的10个测试 49 | ] 50 | 51 | # 运行测试 52 | try: 53 | exit_code = pytest.main(args) 54 | 55 | if exit_code == 0: 56 | logger.info("所有测试通过!") 57 | else: 58 | logger.error(f"测试失败,退出码: {exit_code}") 59 | 60 | return exit_code 61 | 62 | except Exception as e: 63 | logger.error(f"测试执行出错: {str(e)}") 64 | return 1 65 | 66 | if __name__ == "__main__": 67 | sys.exit(main()) -------------------------------------------------------------------------------- /networkips/CMakeLists.txt: -------------------------------------------------------------------------------- 1 | cmake_minimum_required(VERSION 3.15) 2 | project(NIPS VERSION 1.0.0 LANGUAGES CXX) 3 | 4 | set(CMAKE_CXX_STANDARD 17) 5 | set(CMAKE_CXX_STANDARD_REQUIRED ON) 6 | set(CMAKE_CXX_EXTENSIONS OFF) 7 | 8 | # 查找必要的包 9 | find_package(OpenSSL REQUIRED) 10 | find_package(Threads REQUIRED) 11 | find_package(libpcap REQUIRED) 12 | find_package(Protobuf REQUIRED) 13 | find_package(Torch REQUIRED) 14 | find_package(yaml-cpp REQUIRED) 15 | find_package(spdlog REQUIRED) 16 | find_package(Boost REQUIRED COMPONENTS system filesystem) 17 | 18 | # 设置编译选项 19 | add_compile_options(-Wall -Wextra -Wpedantic) 20 | 21 | # 包含目录 22 | include_directories( 23 | ${CMAKE_CURRENT_SOURCE_DIR}/include 24 | ${OPENSSL_INCLUDE_DIR} 25 | ${LIBPCAP_INCLUDE_DIR} 26 | ${Protobuf_INCLUDE_DIRS} 27 | ${TORCH_INCLUDE_DIRS} 28 | ${YAML_CPP_INCLUDE_DIR} 29 | ${spdlog_INCLUDE_DIRS} 30 | ${Boost_INCLUDE_DIRS} 31 | ) 32 | 33 | # 添加子目录 34 | add_subdirectory(src) 35 | 36 | # 设置输出目录 37 | set(CMAKE_RUNTIME_OUTPUT_DIRECTORY ${CMAKE_BINARY_DIR}/bin) 38 | set(CMAKE_LIBRARY_OUTPUT_DIRECTORY ${CMAKE_BINARY_DIR}/lib) 39 | set(CMAKE_ARCHIVE_OUTPUT_DIRECTORY ${CMAKE_BINARY_DIR}/lib) 40 | 41 | # 安装规则 42 | install(TARGETS nips 43 | RUNTIME DESTINATION bin 44 | LIBRARY DESTINATION lib 45 | ARCHIVE DESTINATION lib 46 | ) 47 | 48 | install(DIRECTORY include/ 49 | DESTINATION include/nips 50 | FILES_MATCHING PATTERN "*.hpp" 51 | ) 52 | 53 | # 安装配置文件 54 | install(DIRECTORY config/ 55 | DESTINATION etc/nips 56 | FILES_MATCHING PATTERN "*.yaml" 57 | ) 58 | 59 | # 安装系统服务文件 60 | install(FILES scripts/nips.service 61 | DESTINATION /etc/systemd/system 62 | ) 63 | 64 | # 安装启动脚本 65 | install(PROGRAMS scripts/nips-start.sh 66 | DESTINATION bin 67 | RENAME nips-start 68 | ) -------------------------------------------------------------------------------- /docker-compose.yml: -------------------------------------------------------------------------------- 1 | version: '3.8' 2 | 3 | services: 4 | # MQTT Broker 5 | mqtt: 6 | image: eclipse-mosquitto:latest 7 | ports: 8 | - "1883:1883" # MQTT 端口 9 | - "9001:9001" # WebSocket 端口 10 | volumes: 11 | - ./mqtt/config:/mosquitto/config 12 | - ./mqtt/data:/mosquitto/data 13 | - ./mqtt/log:/mosquitto/log 14 | networks: 15 | - aries-network 16 | 17 | # 后端服务 18 | backend: 19 | build: 20 | context: ./backend 21 | dockerfile: Dockerfile 22 | ports: 23 | - "8000:8000" 24 | environment: 25 | - MQTT_BROKER=mqtt 26 | - MQTT_PORT=1883 27 | - DATABASE_URL=postgresql://aries:aries@db:5432/aries 28 | depends_on: 29 | - mqtt 30 | - db 31 | networks: 32 | - aries-network 33 | 34 | # 前端服务 35 | frontend: 36 | build: 37 | context: ./frontend 38 | dockerfile: Dockerfile 39 | ports: 40 | - "80:80" 41 | depends_on: 42 | - backend 43 | networks: 44 | - aries-network 45 | 46 | # 数据库服务 47 | db: 48 | image: postgres:13-alpine 49 | environment: 50 | - POSTGRES_USER=aries 51 | - POSTGRES_PASSWORD=aries 52 | - POSTGRES_DB=aries 53 | volumes: 54 | - postgres_data:/var/lib/postgresql/data 55 | networks: 56 | - aries-network 57 | 58 | # 时序数据库(用于存储物联网设备数据) 59 | timescaledb: 60 | image: timescale/timescaledb:latest-pg13 61 | environment: 62 | - POSTGRES_USER=aries 63 | - POSTGRES_PASSWORD=aries 64 | - POSTGRES_DB=aries_tsdb 65 | volumes: 66 | - timescale_data:/var/lib/postgresql/data 67 | networks: 68 | - aries-network 69 | 70 | networks: 71 | aries-network: 72 | driver: bridge 73 | 74 | volumes: 75 | postgres_data: 76 | timescale_data: -------------------------------------------------------------------------------- /docs/guide/getting-started.md: -------------------------------------------------------------------------------- 1 | # 快速开始 2 | 3 | 本指南将帮助您快速搭建和运行 ARIES 系统。 4 | 5 | ## 环境要求 6 | 7 | - Node.js >= 16.0.0 8 | - Python >= 3.8 9 | - PostgreSQL >= 13 10 | - Redis >= 6.0 11 | - RabbitMQ >= 3.8 12 | 13 | ## 克隆项目 14 | 15 | ```bash 16 | git clone https://github.com/Chieko-Seren/ARIES.git 17 | cd ARIES 18 | ``` 19 | 20 | ## 后端设置 21 | 22 | 1. 创建并激活 Python 虚拟环境: 23 | 24 | ```bash 25 | cd backend 26 | python -m venv venv 27 | source venv/bin/activate # Linux/Mac 28 | # 或 29 | .\venv\Scripts\activate # Windows 30 | ``` 31 | 32 | 2. 安装依赖: 33 | 34 | ```bash 35 | pip install -r requirements.txt 36 | ``` 37 | 38 | 3. 配置环境变量: 39 | 40 | ```bash 41 | cp .env.example .env 42 | # 编辑 .env 文件,设置必要的环境变量 43 | ``` 44 | 45 | 4. 初始化数据库: 46 | 47 | ```bash 48 | python manage.py init_db 49 | ``` 50 | 51 | 5. 启动后端服务: 52 | 53 | ```bash 54 | python manage.py run 55 | ``` 56 | 57 | ## 前端设置 58 | 59 | 1. 安装依赖: 60 | 61 | ```bash 62 | cd frontend 63 | npm install 64 | ``` 65 | 66 | 2. 配置环境变量: 67 | 68 | ```bash 69 | cp .env.example .env 70 | # 编辑 .env 文件,设置必要的环境变量 71 | ``` 72 | 73 | 3. 启动开发服务器: 74 | 75 | ```bash 76 | npm run dev 77 | ``` 78 | 79 | ## 验证安装 80 | 81 | 1. 访问前端页面:`http://localhost:5173` 82 | 2. 检查后端 API:`http://localhost:8000/api/health` 83 | 84 | ## 常见问题 85 | 86 | ### 1. 数据库连接失败 87 | 88 | - 检查 PostgreSQL 服务是否运行 89 | - 验证数据库连接信息是否正确 90 | - 确保数据库用户具有适当的权限 91 | 92 | ### 2. Redis 连接问题 93 | 94 | - 确认 Redis 服务是否运行 95 | - 检查 Redis 连接配置 96 | - 验证 Redis 密码是否正确 97 | 98 | ### 3. 前端构建失败 99 | 100 | - 清除 node_modules 并重新安装 101 | - 检查 Node.js 版本是否符合要求 102 | - 查看构建日志获取详细错误信息 103 | 104 | ## 下一步 105 | 106 | - 查看[架构设计](/guide/architecture)了解系统架构 107 | - 阅读[API 文档](/api/backend)了解接口使用 108 | - 参考[部署指南](/deployment/installation)进行生产环境部署 -------------------------------------------------------------------------------- /frontend/src/App.vue: -------------------------------------------------------------------------------- 1 | 10 | 11 | 20 | 21 | -------------------------------------------------------------------------------- /networkips/include/common/config.hpp: -------------------------------------------------------------------------------- 1 | #pragma once 2 | 3 | #include 4 | #include 5 | #include 6 | #include 7 | 8 | namespace nips { 9 | namespace common { 10 | 11 | class Config { 12 | public: 13 | static Config& getInstance(); 14 | 15 | // 加载配置文件 16 | bool load(const std::string& config_path); 17 | 18 | // 获取配置项 19 | template 20 | T get(const std::string& key, const T& default_value = T()) const; 21 | 22 | // 设置配置项 23 | template 24 | void set(const std::string& key, const T& value); 25 | 26 | // 保存配置 27 | bool save(const std::string& config_path = ""); 28 | 29 | private: 30 | Config() = default; 31 | ~Config() = default; 32 | 33 | // 禁用拷贝 34 | Config(const Config&) = delete; 35 | Config& operator=(const Config&) = delete; 36 | 37 | YAML::Node config_; 38 | std::string current_config_path_; 39 | }; 40 | 41 | // 配置项定义 42 | struct CaptureConfig { 43 | std::string interface; 44 | std::string filter; 45 | int buffer_size; 46 | int timeout_ms; 47 | bool promiscuous; 48 | }; 49 | 50 | struct FeatureConfig { 51 | size_t flow_timeout_seconds; 52 | size_t max_packets_per_flow; 53 | bool enable_deep_packet_inspection; 54 | std::vector enabled_features; 55 | }; 56 | 57 | struct MLConfig { 58 | std::string model_type; 59 | std::string model_path; 60 | float anomaly_threshold; 61 | size_t batch_size; 62 | bool enable_gpu; 63 | }; 64 | 65 | struct DetectionConfig { 66 | std::unordered_map threat_thresholds; 67 | std::string intel_source; 68 | size_t max_threats_history; 69 | bool enable_correlation; 70 | }; 71 | 72 | struct ResponseConfig { 73 | std::string policy_path; 74 | bool enable_auto_response; 75 | size_t max_concurrent_actions; 76 | std::string log_path; 77 | }; 78 | 79 | } // namespace common 80 | } // namespace nips -------------------------------------------------------------------------------- /networkips/include/feature/feature_extractor.hpp: -------------------------------------------------------------------------------- 1 | #pragma once 2 | 3 | #include 4 | #include 5 | #include 6 | #include 7 | #include "capture/packet_capture.hpp" 8 | 9 | namespace nips { 10 | namespace feature { 11 | 12 | struct FlowFeatures { 13 | // 基本流量特征 14 | uint32_t packet_count; 15 | uint32_t byte_count; 16 | float duration; 17 | float packets_per_second; 18 | float bytes_per_second; 19 | 20 | // 协议特征 21 | std::unordered_map protocol_distribution; 22 | 23 | // 统计特征 24 | float mean_packet_size; 25 | float std_packet_size; 26 | float mean_inter_arrival_time; 27 | float std_inter_arrival_time; 28 | 29 | // 行为特征 30 | std::vector payload_entropy; 31 | std::vector port_usage_pattern; 32 | std::vector connection_pattern; 33 | 34 | // 时间特征 35 | std::vector time_based_features; 36 | }; 37 | 38 | class FeatureExtractor { 39 | public: 40 | FeatureExtractor(); 41 | ~FeatureExtractor(); 42 | 43 | // 从数据包提取特征 44 | FlowFeatures extractFeatures(const std::vector& packets); 45 | 46 | // 从单个数据包更新特征 47 | void updateFeatures(FlowFeatures& features, const capture::PacketInfo& packet); 48 | 49 | // 获取特征维度 50 | static size_t getFeatureDimension(); 51 | 52 | // 将特征转换为向量形式(用于机器学习模型输入) 53 | std::vector featuresToVector(const FlowFeatures& features); 54 | 55 | private: 56 | // 计算数据包熵值 57 | float calculateEntropy(const std::vector& data); 58 | 59 | // 更新协议分布 60 | void updateProtocolDistribution(FlowFeatures& features, const capture::PacketInfo& packet); 61 | 62 | // 计算时间相关特征 63 | void calculateTimeFeatures(FlowFeatures& features, const std::vector& packets); 64 | 65 | // 计算连接模式特征 66 | void calculateConnectionPattern(FlowFeatures& features, const std::vector& packets); 67 | }; 68 | 69 | } // namespace feature 70 | } // namespace nips -------------------------------------------------------------------------------- /networkips/include/common/logger.hpp: -------------------------------------------------------------------------------- 1 | #pragma once 2 | 3 | #include 4 | #include 5 | #include 6 | #include 7 | #include 8 | 9 | namespace nips { 10 | namespace common { 11 | 12 | enum class LogLevel { 13 | TRACE = SPDLOG_LEVEL_TRACE, 14 | DEBUG = SPDLOG_LEVEL_DEBUG, 15 | INFO = SPDLOG_LEVEL_INFO, 16 | WARN = SPDLOG_LEVEL_WARN, 17 | ERROR = SPDLOG_LEVEL_ERROR, 18 | CRITICAL = SPDLOG_LEVEL_CRITICAL 19 | }; 20 | 21 | class Logger { 22 | public: 23 | static Logger& getInstance(); 24 | 25 | // 初始化日志系统 26 | bool init(const std::string& log_path, LogLevel level = LogLevel::INFO); 27 | 28 | // 获取日志记录器 29 | std::shared_ptr getLogger(const std::string& name); 30 | 31 | // 设置日志级别 32 | void setLevel(LogLevel level); 33 | 34 | // 刷新日志 35 | void flush(); 36 | 37 | private: 38 | Logger() = default; 39 | ~Logger(); 40 | 41 | // 禁用拷贝 42 | Logger(const Logger&) = delete; 43 | Logger& operator=(const Logger&) = delete; 44 | 45 | std::shared_ptr main_logger_; 46 | std::string log_path_; 47 | LogLevel current_level_; 48 | 49 | // 创建日志记录器 50 | void createLogger(const std::string& name); 51 | }; 52 | 53 | // 日志宏定义 54 | #define NIPS_TRACE(...) SPDLOG_LOGGER_TRACE(nips::common::Logger::getInstance().getLogger("nips"), __VA_ARGS__) 55 | #define NIPS_DEBUG(...) SPDLOG_LOGGER_DEBUG(nips::common::Logger::getInstance().getLogger("nips"), __VA_ARGS__) 56 | #define NIPS_INFO(...) SPDLOG_LOGGER_INFO(nips::common::Logger::getInstance().getLogger("nips"), __VA_ARGS__) 57 | #define NIPS_WARN(...) SPDLOG_LOGGER_WARN(nips::common::Logger::getInstance().getLogger("nips"), __VA_ARGS__) 58 | #define NIPS_ERROR(...) SPDLOG_LOGGER_ERROR(nips::common::Logger::getInstance().getLogger("nips"), __VA_ARGS__) 59 | #define NIPS_CRITICAL(...) SPDLOG_LOGGER_CRITICAL(nips::common::Logger::getInstance().getLogger("nips"), __VA_ARGS__) 60 | 61 | } // namespace common 62 | } // namespace nips -------------------------------------------------------------------------------- /web/README.md: -------------------------------------------------------------------------------- 1 | # ARIES Web 2 | 3 | ARIES Web 是一个基于 Vue.js 和 Tailwind CSS 构建的智能网络管理平台,支持通过自然语言进行网络配置和管理。 4 | 5 | ## 功能特点 6 | 7 | - 🖥️ 多服务器管理:支持同时管理多个服务器 8 | - 🤖 AI 辅助:集成 OpenAI API,支持自然语言生成网络配置 9 | - 🔌 插件系统:可扩展的插件架构 10 | - 📚 知识库:基于 RAG 的向量搜索 11 | - 🔒 SSH 支持:安全的服务器连接 12 | - 🎯 Cisco 配置:智能生成 Cisco 设备配置 13 | 14 | ## 快速开始 15 | 16 | 1. 克隆仓库: 17 | ```bash 18 | git clone https://github.com/your-username/ARIES-Web.git 19 | cd ARIES-Web 20 | ``` 21 | 22 | 2. 配置 OpenAI API: 23 | - 在 `web/js/app.js` 中设置你的 OpenAI API 密钥 24 | ```javascript 25 | const OPENAI_API_KEY = 'your-api-key-here'; 26 | ``` 27 | 28 | 3. 启动服务: 29 | - 使用任意 HTTP 服务器托管 web 目录 30 | - 例如,使用 Python 的简单 HTTP 服务器: 31 | ```bash 32 | cd web 33 | python -m http.server 8000 34 | ``` 35 | - 或使用 Node.js 的 http-server: 36 | ```bash 37 | npm install -g http-server 38 | cd web 39 | http-server 40 | ``` 41 | 42 | 4. 访问网站: 43 | - 打开浏览器访问 `http://localhost:8000` 44 | 45 | ## 使用说明 46 | 47 | ### 服务器管理 48 | 49 | 1. 点击"服务器管理"标签 50 | 2. 点击"添加服务器"按钮添加新服务器 51 | 3. 输入服务器信息(名称、IP 地址等) 52 | 4. 点击"连接"按钮连接到服务器 53 | 54 | ### 网络配置 55 | 56 | 1. 点击"网络配置"标签 57 | 2. 在文本框中输入自然语言描述 58 | 3. 点击"生成配置"按钮 59 | 4. 查看生成的 Cisco 配置命令 60 | 61 | ### 插件系统 62 | 63 | 1. 点击"插件中心"标签 64 | 2. 浏览可用插件 65 | 3. 点击"启用"或"禁用"按钮管理插件 66 | 67 | ### 知识库 68 | 69 | 1. 点击"知识库"标签 70 | 2. 在搜索框中输入关键词 71 | 3. 查看搜索结果和相似度 72 | 73 | ## 开发指南 74 | 75 | ### 添加新插件 76 | 77 | 1. 在 `plugins` 目录下创建新的插件文件 78 | 2. 实现插件接口 79 | 3. 在插件中心注册插件 80 | 81 | ### 自定义样式 82 | 83 | - 修改 `css/style.css` 文件 84 | - 使用 Tailwind CSS 类进行快速样式调整 85 | 86 | ### API 集成 87 | 88 | - 修改 `js/app.js` 中的 API 调用 89 | - 添加新的 API 端点 90 | - 实现自定义功能 91 | 92 | ## 安全说明 93 | 94 | - 请妥善保管 OpenAI API 密钥 95 | - 建议在生产环境中使用 HTTPS 96 | - 定期更新依赖包 97 | - 遵循最小权限原则配置服务器访问 98 | 99 | ## 贡献指南 100 | 101 | 1. Fork 项目 102 | 2. 创建特性分支 103 | 3. 提交更改 104 | 4. 推送到分支 105 | 5. 创建 Pull Request 106 | 107 | ## 许可证 108 | 109 | MIT License 110 | 111 | ## 联系方式 112 | 113 | - 项目维护者:[Your Name] 114 | - 邮箱:[your.email@example.com] 115 | - GitHub:[your-github-profile] -------------------------------------------------------------------------------- /networkips/include/ml/anomaly_detector.hpp: -------------------------------------------------------------------------------- 1 | #pragma once 2 | 3 | #include 4 | #include 5 | #include 6 | #include 7 | #include "feature/feature_extractor.hpp" 8 | 9 | namespace nips { 10 | namespace ml { 11 | 12 | enum class ModelType { 13 | DEEP_LEARNING, 14 | TRADITIONAL_ML 15 | }; 16 | 17 | struct DetectionResult { 18 | float anomaly_score; 19 | float confidence; 20 | std::string threat_type; 21 | std::vector indicators; 22 | bool is_anomaly; 23 | }; 24 | 25 | class AnomalyDetector { 26 | public: 27 | AnomalyDetector(ModelType type = ModelType::DEEP_LEARNING); 28 | ~AnomalyDetector(); 29 | 30 | // 加载预训练模型 31 | bool loadModel(const std::string& model_path); 32 | 33 | // 保存模型 34 | bool saveModel(const std::string& model_path); 35 | 36 | // 检测异常 37 | DetectionResult detect(const feature::FlowFeatures& features); 38 | 39 | // 批量检测 40 | std::vector detectBatch(const std::vector& features); 41 | 42 | // 训练模型 43 | void train(const std::vector& features, 44 | const std::vector& labels, 45 | const std::string& model_path = ""); 46 | 47 | // 更新模型 48 | void update(const feature::FlowFeatures& features, bool is_anomaly); 49 | 50 | private: 51 | class Impl; 52 | std::unique_ptr pimpl_; 53 | 54 | // 深度学习模型定义 55 | struct DeepModel : torch::nn::Module { 56 | DeepModel(); 57 | torch::Tensor forward(torch::Tensor x); 58 | 59 | torch::nn::Linear fc1{nullptr}, fc2{nullptr}, fc3{nullptr}; 60 | torch::nn::Dropout dropout{nullptr}; 61 | }; 62 | 63 | // 传统机器学习模型接口 64 | class TraditionalModel { 65 | public: 66 | virtual ~TraditionalModel() = default; 67 | virtual DetectionResult predict(const feature::FlowFeatures& features) = 0; 68 | virtual void train(const std::vector& features, 69 | const std::vector& labels) = 0; 70 | }; 71 | }; 72 | 73 | } // namespace ml 74 | } // namespace nips -------------------------------------------------------------------------------- /networkips/include/response/response_controller.hpp: -------------------------------------------------------------------------------- 1 | #pragma once 2 | 3 | #include 4 | #include 5 | #include 6 | #include 7 | #include "detection/threat_detector.hpp" 8 | 9 | namespace nips { 10 | namespace response { 11 | 12 | enum class ActionType { 13 | BLOCK, 14 | RATE_LIMIT, 15 | LOG, 16 | ALERT, 17 | REDIRECT, 18 | CUSTOM 19 | }; 20 | 21 | struct ResponseAction { 22 | ActionType type; 23 | std::string target; // IP地址、端口或协议 24 | std::chrono::seconds duration; 25 | std::string reason; 26 | std::vector parameters; 27 | }; 28 | 29 | class ResponseController { 30 | public: 31 | using ActionCallback = std::function; 32 | 33 | ResponseController(); 34 | ~ResponseController(); 35 | 36 | // 初始化控制器 37 | bool init(const std::string& config_path); 38 | 39 | // 处理威胁 40 | ResponseAction handleThreat(const detection::ThreatInfo& threat); 41 | 42 | // 执行响应动作 43 | bool executeAction(const ResponseAction& action); 44 | 45 | // 撤销响应动作 46 | bool revokeAction(const std::string& action_id); 47 | 48 | // 设置动作回调 49 | void setActionCallback(ActionCallback callback); 50 | 51 | // 获取当前活动的响应动作 52 | std::vector getActiveActions(); 53 | 54 | // 更新响应策略 55 | bool updateResponsePolicy(const std::string& policy_path); 56 | 57 | // 导出响应日志 58 | bool exportResponseLog(const std::string& file_path); 59 | 60 | private: 61 | class Impl; 62 | std::unique_ptr pimpl_; 63 | 64 | // 生成响应动作 65 | ResponseAction generateAction(const detection::ThreatInfo& threat); 66 | 67 | // 验证动作有效性 68 | bool validateAction(const ResponseAction& action); 69 | 70 | // 应用速率限制 71 | bool applyRateLimit(const std::string& target, uint32_t rate); 72 | 73 | // 应用流量阻断 74 | bool applyBlock(const std::string& target); 75 | 76 | // 发送告警 77 | void sendAlert(const ResponseAction& action); 78 | 79 | // 记录响应日志 80 | void logResponse(const ResponseAction& action, bool success); 81 | }; 82 | 83 | } // namespace response 84 | } // namespace nips -------------------------------------------------------------------------------- /networkips/include/detection/threat_detector.hpp: -------------------------------------------------------------------------------- 1 | #pragma once 2 | 3 | #include 4 | #include 5 | #include 6 | #include 7 | #include "ml/anomaly_detector.hpp" 8 | #include "feature/feature_extractor.hpp" 9 | 10 | namespace nips { 11 | namespace detection { 12 | 13 | enum class ThreatLevel { 14 | NONE, 15 | LOW, 16 | MEDIUM, 17 | HIGH, 18 | CRITICAL 19 | }; 20 | 21 | struct ThreatInfo { 22 | std::string id; 23 | std::string type; 24 | ThreatLevel level; 25 | std::chrono::system_clock::time_point timestamp; 26 | std::string source_ip; 27 | std::string destination_ip; 28 | uint16_t source_port; 29 | uint16_t destination_port; 30 | std::string protocol; 31 | std::vector indicators; 32 | float confidence; 33 | std::string description; 34 | std::vector mitigation_suggestions; 35 | }; 36 | 37 | class ThreatDetector { 38 | public: 39 | ThreatDetector(); 40 | ~ThreatDetector(); 41 | 42 | // 初始化检测器 43 | bool init(const std::string& config_path); 44 | 45 | // 检测威胁 46 | ThreatInfo detectThreat(const feature::FlowFeatures& features, 47 | const ml::DetectionResult& anomaly_result); 48 | 49 | // 更新威胁情报 50 | void updateThreatIntelligence(const std::string& intel_source); 51 | 52 | // 获取威胁统计信息 53 | std::unordered_map getThreatStatistics(); 54 | 55 | // 设置威胁等级阈值 56 | void setThreatThresholds(const std::unordered_map& thresholds); 57 | 58 | // 获取威胁详情 59 | std::vector getRecentThreats(size_t count = 10); 60 | 61 | // 导出威胁报告 62 | bool exportThreatReport(const std::string& file_path); 63 | 64 | private: 65 | class Impl; 66 | std::unique_ptr pimpl_; 67 | 68 | // 威胁等级评估 69 | ThreatLevel evaluateThreatLevel(float anomaly_score, float confidence); 70 | 71 | // 威胁类型识别 72 | std::string identifyThreatType(const feature::FlowFeatures& features, 73 | const ml::DetectionResult& anomaly_result); 74 | 75 | // 生成缓解建议 76 | std::vector generateMitigationSuggestions(const ThreatInfo& threat); 77 | 78 | // 威胁情报匹配 79 | bool matchThreatIntelligence(const ThreatInfo& threat); 80 | }; 81 | 82 | } // namespace detection 83 | } // namespace nips -------------------------------------------------------------------------------- /backend/core/llm/model_classifier.py: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env python 2 | # -*- coding: utf-8 -*- 3 | 4 | """ 5 | ARIES - 模型分类器模块 6 | 使用贝叶斯分类器和文本向量化进行任务分类 7 | """ 8 | 9 | import logging 10 | from enum import Enum 11 | from typing import Dict, Any, Tuple 12 | from .bayes_classifier import BayesTaskClassifier 13 | from .text_vectorizer import TextVectorizer 14 | 15 | class TaskType(str, Enum): 16 | """任务类型枚举""" 17 | LONG_TEXT_LOW_REASONING = "long_text_low_reasoning" # 长文本低推理 18 | SHORT_TEXT_LOW_REASONING = "short_text_low_reasoning" # 短文本低推理 19 | SHORT_TEXT_HIGH_REASONING = "short_text_high_reasoning" # 短文本高推理 20 | 21 | class ModelType(str, Enum): 22 | """模型类型枚举""" 23 | GPT4 = "gpt4" # GPT-4模型 24 | GPT4_MINI = "gpt4-mini" # GPT-4-mini模型 25 | RWKV = "rwkv" # RWKV模型 26 | 27 | class ModelClassifier: 28 | """模型分类器类""" 29 | 30 | def __init__(self, config: Dict[str, Any]): 31 | """初始化模型分类器 32 | 33 | Args: 34 | config: 配置信息 35 | """ 36 | self.config = config 37 | self.logger = logging.getLogger("aries_model_classifier") 38 | 39 | # 初始化文本向量化器 40 | self.vectorizer = TextVectorizer(config) 41 | 42 | # 初始化贝叶斯分类器 43 | self.classifier = BayesTaskClassifier(config, self.vectorizer) 44 | 45 | def classify_task(self, text: str) -> Tuple[TaskType, ModelType]: 46 | """分类任务并选择合适的模型 47 | 48 | Args: 49 | text: 输入文本 50 | 51 | Returns: 52 | (任务类型, 模型类型) 53 | """ 54 | try: 55 | # 使用贝叶斯分类器进行分类 56 | task_type, model_type = self.classifier.classify(text) 57 | 58 | self.logger.info(f"任务分类完成: {task_type.value} -> {model_type.value}") 59 | 60 | return task_type, model_type 61 | 62 | except Exception as e: 63 | self.logger.error(f"任务分类失败: {str(e)}") 64 | # 返回默认分类 65 | return TaskType.SHORT_TEXT_HIGH_REASONING, ModelType.GPT4 66 | 67 | def update_classifier(self, text: str, task_type: TaskType): 68 | """更新分类器训练数据 69 | 70 | Args: 71 | text: 输入文本 72 | task_type: 任务类型 73 | """ 74 | try: 75 | self.classifier.update_training_data(text, task_type) 76 | self.logger.info(f"分类器训练数据已更新: {task_type.value}") 77 | except Exception as e: 78 | self.logger.error(f"更新分类器失败: {str(e)}") 79 | raise -------------------------------------------------------------------------------- /SECURITY.md: -------------------------------------------------------------------------------- 1 | 2 | 3 | # Security Policy 4 | 5 | ## Supported Versions 6 | 7 | The ARIES project follows a rolling release model, with continuous updates applied through commits. Security support is provided based on the number of commits from the latest main branch. Below is the support status for recent commits: 8 | 9 | | Commit Range (from latest) | Supported | 10 | |----------------------------|--------------------| 11 | | Latest 100 commits | :white_check_mark: | 12 | | 101–200 commits | :x: | 13 | | 201–300 commits | :white_check_mark: | 14 | | > 300 commits | :x: | 15 | 16 | We ensure security updates are prioritized for the most recent 100 commits and selectively backported to the 201–300 commit range if critical vulnerabilities are identified. Older commits (>300) are not supported for security updates, and users are encouraged to update to the latest commit to maintain a secure environment. 17 | 18 | ## Reporting a Vulnerability 19 | 20 | If you discover a security vulnerability in ARIES, we encourage responsible disclosure. Please follow these steps to report it: 21 | 22 | 1. **Where to Report**: Submit vulnerability details to our private issue tracker at [https://github.com/Chieko-Seren/ARIES/issues/new](https://github.com/Chieko-Seren/ARIES/issues/new) with the label "Security". Alternatively, email us at chieko.seren@icloud.com for sensitive issues. 23 | 2. **Information to Provide**: Include a detailed description of the vulnerability, steps to reproduce, potential impact, and any suggested mitigations. 24 | 3. **Response Timeline**: 25 | - **Acknowledgment**: You will receive a confirmation within 48 hours of submission. 26 | - **Initial Assessment**: We will evaluate the vulnerability within 7 days and provide an update on its validity and severity. 27 | - **Resolution**: If accepted, we aim to release a fix within 14–30 days, depending on complexity. You will be notified of progress weekly. 28 | - **Declined Vulnerabilities**: If the vulnerability is not applicable or low-impact, we will provide a detailed explanation and close the issue. 29 | 4. **Confidentiality**: Please do not disclose the vulnerability publicly until we have had a chance to address it and coordinate a responsible disclosure. 30 | 5. **Recognition**: With your consent, we will credit you in our release notes for reporting the vulnerability. 31 | 32 | We value the security community’s contributions and are committed to addressing vulnerabilities promptly to ensure the safety of ARIES users. 33 | 34 | 35 | -------------------------------------------------------------------------------- /backend/core/auth/init_db.py: -------------------------------------------------------------------------------- 1 | from sqlalchemy.orm import Session 2 | from core.auth import crud, schemas, security 3 | from core.database import Base, engine 4 | 5 | def init_db(db: Session) -> None: 6 | """初始化数据库""" 7 | # 创建所有表 8 | Base.metadata.create_all(bind=engine) 9 | 10 | # 创建超级管理员角色 11 | admin_role = crud.get_role_by_name(db, name="超级管理员") 12 | if not admin_role: 13 | admin_role = crud.create_role( 14 | db, 15 | schemas.RoleCreate( 16 | name="超级管理员", 17 | description="系统超级管理员,拥有所有权限" 18 | ) 19 | ) 20 | 21 | # 创建基础权限 22 | base_permissions = [ 23 | { 24 | "name": "用户管理", 25 | "code": "user_manage", 26 | "description": "用户管理相关权限", 27 | "resource_type": "api", 28 | "resource_id": "users", 29 | "action": "*" 30 | }, 31 | { 32 | "name": "角色管理", 33 | "code": "role_manage", 34 | "description": "角色管理相关权限", 35 | "resource_type": "api", 36 | "resource_id": "roles", 37 | "action": "*" 38 | }, 39 | { 40 | "name": "权限管理", 41 | "code": "permission_manage", 42 | "description": "权限管理相关权限", 43 | "resource_type": "api", 44 | "resource_id": "permissions", 45 | "action": "*" 46 | } 47 | ] 48 | 49 | for perm_data in base_permissions: 50 | permission = crud.get_permission_by_code(db, code=perm_data["code"]) 51 | if not permission: 52 | permission = crud.create_permission( 53 | db, 54 | schemas.PermissionCreate(**perm_data) 55 | ) 56 | # 将权限授予超级管理员角色 57 | admin_role.permissions.append(permission) 58 | 59 | db.commit() 60 | 61 | # 创建超级管理员用户 62 | admin_user = crud.get_user_by_username(db, username="admin") 63 | if not admin_user: 64 | admin_user = crud.create_user( 65 | db, 66 | schemas.UserCreate( 67 | username="admin", 68 | email="admin@example.com", 69 | password="admin123", # 请在生产环境中修改此密码 70 | is_active=True, 71 | is_superuser=True, 72 | role_ids=[admin_role.id] 73 | ) 74 | ) 75 | 76 | db.commit() 77 | 78 | if __name__ == "__main__": 79 | from core.database import SessionLocal 80 | db = SessionLocal() 81 | init_db(db) 82 | db.close() -------------------------------------------------------------------------------- /backend/api/models.py: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env python 2 | # -*- coding: utf-8 -*- 3 | 4 | """ 5 | ARIES - API数据模型 6 | 定义API请求和响应的数据模型 7 | """ 8 | 9 | from pydantic import BaseModel, Field 10 | from typing import List, Dict, Any, Optional 11 | from datetime import datetime 12 | 13 | # 认证相关模型 14 | class User(BaseModel): 15 | """用户模型""" 16 | username: str 17 | email: Optional[str] = None 18 | full_name: Optional[str] = None 19 | disabled: Optional[bool] = None 20 | hashed_password: str 21 | 22 | class UserInDB(User): 23 | """数据库中的用户模型""" 24 | pass 25 | 26 | class UserCreate(BaseModel): 27 | """创建用户请求模型""" 28 | username: str 29 | email: Optional[str] = None 30 | full_name: Optional[str] = None 31 | password: str 32 | 33 | class Token(BaseModel): 34 | """令牌模型""" 35 | access_token: str 36 | token_type: str 37 | 38 | class TokenData(BaseModel): 39 | """令牌数据模型""" 40 | username: Optional[str] = None 41 | 42 | # 服务器相关模型 43 | class ServerInfo(BaseModel): 44 | """服务器信息模型""" 45 | id: str 46 | name: str 47 | ip: str 48 | connection_type: str 49 | username: Optional[str] = None 50 | password: Optional[str] = None 51 | key_file: Optional[str] = None 52 | expected_services: Optional[List[str]] = None 53 | description: Optional[str] = None 54 | 55 | class ServerStatus(BaseModel): 56 | """服务器状态模型""" 57 | id: str 58 | name: str 59 | healthy: bool 60 | message: str 61 | details: Dict[str, Any] 62 | last_check: datetime 63 | 64 | # API请求模型 65 | class ShellRequest(BaseModel): 66 | """Shell命令请求模型""" 67 | system_type: str = Field(..., description="系统类型,如linux, windows等") 68 | description: str = Field(..., description="命令的自然语言描述") 69 | 70 | class TaskRequest(BaseModel): 71 | """运维任务请求模型""" 72 | description: str = Field(..., description="任务的自然语言描述") 73 | server_ids: Optional[List[str]] = Field(None, description="可选的服务器ID列表") 74 | 75 | class StatisticsRequest(BaseModel): 76 | """统计分析请求模型""" 77 | query: str = Field(..., description="分析查询") 78 | 79 | class DataRequest(BaseModel): 80 | """数据请求模型""" 81 | days: int = Field(7, description="获取最近几天的数据") 82 | 83 | class KubeRequest(BaseModel): 84 | """Kubernetes管理请求模型""" 85 | description: str = Field(..., description="Kubernetes管理任务的自然语言描述") 86 | 87 | class NetworkRequest(BaseModel): 88 | """网络管理请求模型""" 89 | description: str = Field(..., description="网络管理任务的自然语言描述") 90 | 91 | # API响应模型 92 | class ApiResponse(BaseModel): 93 | """API通用响应模型""" 94 | success: bool 95 | message: Optional[str] = None 96 | data: Optional[Any] = None 97 | error: Optional[str] = None -------------------------------------------------------------------------------- /docs/guide/contributing.md: -------------------------------------------------------------------------------- 1 | # 贡献指南 2 | 3 | 感谢您对 ARIES 项目的关注!我们欢迎任何形式的贡献,包括但不限于功能开发、问题报告、文档改进等。 4 | 5 | ## 开发流程 6 | 7 | ### 1. 环境准备 8 | 9 | - Fork 项目到自己的账号下 10 | - 克隆项目到本地 11 | - 设置上游仓库 12 | - 创建开发分支 13 | 14 | ```bash 15 | # 克隆项目 16 | git clone https://github.com/Chieko-Seren/ARIES 17 | cd ARIES 18 | 19 | # 添加上游仓库 20 | git remote add upstream https://github.com/Chieko-Seren/ARIES.git 21 | 22 | # 创建开发分支 23 | git checkout -b feature/your-feature-name 24 | ``` 25 | 26 | ### 2. 开发规范 27 | 28 | #### 代码风格 29 | 30 | - 后端 Python 代码遵循 PEP 8 规范 31 | - 前端代码使用 ESLint 和 Prettier 进行格式化 32 | - 使用 TypeScript 编写前端代码 33 | - 所有代码必须通过单元测试 34 | 35 | #### 提交规范 36 | 37 | 提交信息格式: 38 | ``` 39 | (): 40 | 41 | 42 | 43 |