Modernize terminology (#81)

README.md

@@ -17,9 +17,9 @@ policy-related functions.
 TAPIR-POP presents a single output with all conflicts resolved,
 rather than feeding the resolver multiple sources of data from
 which to look for policy guidance, where sources can even be conflicting
-(eg. a domainname may be flagged by one source but whitelisted by another).
+(eg. a domainname may be flagged by one source but allowlisted by another).
 
-The result is smaller, as no whitelisting information is needed for the resolver.
+The result is smaller, as no allowlisting information is needed for the resolver.
 
 ## TAPIR-POP supports a local policy configuration
 
@@ -29,9 +29,9 @@ design a suitable threat policy TAPIR-POP uses a number of concepts:
 
 - __lists__: there are three types of lists of domain names:
 
-  - whitelists (names that must not be blocked)
-  - blacklists (names that must be blocked)
-  - greylists (names that should perhaps be blocked)
+  - allowlists (names that must not be blocked)
+  - denylists (names that must be blocked)
+  - doubtlists (names that should perhaps be blocked)
 
 - __observations__: these are attributes of a suspicious domain name. In reality
   whether a particular domain name should be blocked or not is not an
@@ -50,7 +50,7 @@ design a suitable threat policy TAPIR-POP uses a number of concepts:
   - __MQTT__: DNS TAPIR Core Analyser sends out rapid updates for small numbers
     of names via an MQTT message bus infrastructure.
   - __DAWG__: Directed Acyclic Word Graphs are extremely compact data structures.
-    TEM is able to mmap very large lists in DAWG format which is used for large whitelists.
+    TEM is able to mmap very large lists in DAWG format which is used for large allowlists.
   - __CSV Files__: Text files on local disk, either with just domain names, or in
     CSV format are supported.
   - __HTTPS__: To bootstrap an intelligence feed that only distributes deltas
@@ -64,12 +64,12 @@ design a suitable threat policy TAPIR-POP uses a number of concepts:
 
 The resulting policy has the following structure (in order of precedence):
 
-- no whitelisted name is ever included.
+- no allowlisted name is ever included.
 - blocklisted names are always included, together with a configurable
   RPZ action.
-- greylisted names that have particular tags that the resolver operator
+- doubtlisted names that have particular tags that the resolver operator
   chooses are included, together with a configurable RPZ action.
-- the same greylisted name that appear in N distinct intelligence feeds
+- the same doubtlisted name that appear in N distinct intelligence feeds
   is included, where N is configureable, as is the RPZ action.
-- a greylisted name that has M or more tags is included, where both
+- a doubtlisted name that has M or more tags is included, where both
   M and the action are configurable.

apihandler.go

@@ -265,49 +265,49 @@ func APIbootstrap(conf *Config) func(w http.ResponseWriter, r *http.Request) {
 		log.Printf("API: received /bootstrap request (cmd: %s) from %s.\n", bp.Command, r.RemoteAddr)
 
 		switch bp.Command {
-		case "greylist-status":
+		case "doubtlist-status":
 			me := conf.PopData.MqttEngine
 			stats := me.Stats()
 			// resp.MsgCounters = stats.MsgCounters
 			// resp.MsgTimeStamps = stats.MsgTimeStamps
 			resp.TopicData = stats
-			// log.Printf("API: greylist-status: msgs: %d last msg: %v", stats.MsgCounters[bp.ListName], stats.MsgTimeStamps[bp.ListName])
-			log.Printf("API: greylist-status: %v", stats)
+			// log.Printf("API: doubtlist-status: msgs: %d last msg: %v", stats.MsgCounters[bp.ListName], stats.MsgTimeStamps[bp.ListName])
+			log.Printf("API: doubtlist-status: %v", stats)
 
-		case "export-greylist":
+		case "export-doubtlist":
 			td := conf.PopData
 			td.mu.RLock()
 			defer td.mu.RUnlock()
 
-			greylist, ok := td.Lists["greylist"][bp.ListName]
+			doubtlist, ok := td.Lists["doubtlist"][bp.ListName]
 			if !ok {
 				resp.Error = true
-				resp.ErrorMsg = fmt.Sprintf("Greylist '%s' not found", bp.ListName)
+				resp.ErrorMsg = fmt.Sprintf("Doubtlist '%s' not found", bp.ListName)
 				return
 			}
-			log.Printf("Found %s greylist containing %d names", bp.ListName, len(greylist.Names))
+			log.Printf("Found %s doubtlist containing %d names", bp.ListName, len(doubtlist.Names))
 
 			switch bp.Encoding {
 			case "gob":
 				w.Header().Set("Content-Type", "application/octet-stream")
-				w.Header().Set("Content-Disposition", fmt.Sprintf("attachment; filename=greylist-%s.gob", bp.ListName))
+				w.Header().Set("Content-Disposition", fmt.Sprintf("attachment; filename=doubtlist-%s.gob", bp.ListName))
 
 				encoder := gob.NewEncoder(w)
-				err := encoder.Encode(greylist)
+				err := encoder.Encode(doubtlist)
 				if err != nil {
-					log.Printf("Error encoding greylist: %v", err)
+					log.Printf("Error encoding doubtlist: %v", err)
 					resp.Error = true
 					resp.ErrorMsg = err.Error()
 					return
 				}
 
 				//			case "protobuf":
 				//				w.Header().Set("Content-Type", "application/octet-stream")
-				//				w.Header().Set("Content-Disposition", fmt.Sprintf("attachment; filename=greylist-%s.protobuf", bp.ListName))
+				//				w.Header().Set("Content-Disposition", fmt.Sprintf("attachment; filename=doubtlist-%s.protobuf", bp.ListName))
 				//
-				//				data, err := proto.Marshal(greylist)
+				//				data, err := proto.Marshal(doubtlist)
 				//				if err != nil {
-				//					log.Printf("Error encoding greylist to protobuf: %v", err)
+				//					log.Printf("Error encoding doubtlist to protobuf: %v", err)
 				//					resp.Error = true
 				//					resp.ErrorMsg = err.Error()
 				//					return
@@ -323,31 +323,31 @@ func APIbootstrap(conf *Config) func(w http.ResponseWriter, r *http.Request) {
 
 			// case "flatbuffer":
 			// 	w.Header().Set("Content-Type", "application/octet-stream")
-			// 	w.Header().Set("Content-Disposition", fmt.Sprintf("attachment; filename=greylist-%s.flatbuffer", bp.ListName))
+			// 	w.Header().Set("Content-Disposition", fmt.Sprintf("attachment; filename=doubtlist-%s.flatbuffer", bp.ListName))
 
 			// 	builder := flatbuffers.NewBuilder(0)
-			// 	names := make([]flatbuffers.UOffsetT, len(greylist.Names))
+			// 	names := make([]flatbuffers.UOffsetT, len(doubtlist.Names))
 
 			// 	i := 0
-			// 	for name := range greylist.Names {
+			// 	for name := range doubtlist.Names {
 			// 		nameOffset := builder.CreateString(name)
 			// 		tapir.NameStart(builder)
 			// 		tapir.NameAddName(builder, nameOffset)
 			// 		names[i] = tapir.NameEnd(builder)
 			// 		i++
 			// 	}
 
-			// 	tapir.GreylistStartNamesVector(builder, len(names))
+			// 	tapir.DoubtlistStartNamesVector(builder, len(names))
 			// 	for j := len(names) - 1; j >= 0; j-- {
 			// 		builder.PrependUOffsetT(names[j])
 			// 	}
 			// 	namesVector := builder.EndVector(len(names))
 
-			// 	tapir.GreylistStart(builder)
-			// 	tapir.GreylistAddNames(builder, namesVector)
-			// 	greylistOffset := tapir.GreylistEnd(builder)
+			// 	tapir.DoubtlistStart(builder)
+			// 	tapir.DoubtlistAddNames(builder, namesVector)
+			// 	doubtlistOffset := tapir.DoubtlistEnd(builder)
 
-			// 	builder.Finish(greylistOffset)
+			// 	builder.Finish(doubtlistOffset)
 			// 	buf := builder.FinishedBytes()
 
 			// 	_, err := w.Write(buf)
@@ -433,7 +433,7 @@ func APIdebug(conf *Config) func(w http.ResponseWriter, r *http.Request) {
 		case "reaper-stats":
 			log.Printf("TAPIR-POP debug reaper stats")
 			resp.ReaperStats = make(map[string]map[time.Time][]string)
-			for SrcName, list := range td.Lists["greylist"] {
+			for SrcName, list := range td.Lists["doubtlist"] {
 				resp.ReaperStats[SrcName] = make(map[time.Time][]string)
 				for ts, names := range list.ReaperData {
 					for name := range names {
@@ -442,8 +442,8 @@ func APIdebug(conf *Config) func(w http.ResponseWriter, r *http.Request) {
 				}
 			}
 
-		case "colourlists":
-			log.Printf("TAPIR-POP debug white/black/grey lists")
+		case "filterlists":
+			log.Printf("TAPIR-POP debug allow/deny/doubt lists")
 			resp.Lists = map[string]map[string]*tapir.WBGlist{}
 			for t, l := range td.Lists {
 				resp.Lists[t] = map[string]*tapir.WBGlist{}
@@ -469,8 +469,8 @@ func APIdebug(conf *Config) func(w http.ResponseWriter, r *http.Request) {
 				resp.Error = true
 				resp.ErrorMsg = err.Error()
 			}
-			resp.BlacklistedNames = td.BlacklistedNames
-			resp.GreylistedNames = td.GreylistedNames
+			resp.DenylistedNames = td.DenylistedNames
+			resp.DoubtlistedNames = td.DoubtlistedNames
 			for _, rpzn := range td.Rpz.Axfr.Data {
 				resp.RpzOutput = append(resp.RpzOutput, *rpzn)
 			}

bootstrap.go

@@ -70,7 +70,7 @@ func (td *PopData) BootstrapMqttSource(src SourceConf) (*tapir.WBGlist, error) {
 		td.Logger.Printf("BootstrapMqttSource: MQTT bootstrap server %s uptime: %v. It has processed %d MQTT messages", server, uptime, 17)
 
 		status, buf, err := api.RequestNG(http.MethodPost, "/bootstrap", tapir.BootstrapPost{
-			Command:  "greylist-status",
+			Command:  "doubtlist-status",
 			ListName: src.Name,
 			Encoding: "json", // XXX: This is our default, but we'll test other encodings later
 		}, true)
@@ -88,11 +88,11 @@ func (td *PopData) BootstrapMqttSource(src SourceConf) (*tapir.WBGlist, error) {
 		var br tapir.BootstrapResponse
 		err = json.Unmarshal(buf, &br)
 		if err != nil {
-			td.Logger.Printf("BootstrapMqttSource: Error decoding greylist-status response from %s: %v. Giving up.\n", server, err)
+			td.Logger.Printf("BootstrapMqttSource: Error decoding doubtlist-status response from %s: %v. Giving up.\n", server, err)
 			continue
 		}
 		if br.Error {
-			td.Logger.Printf("BootstrapMqttSource: Bootstrap server %s responded with error: %s (instead of greylist status)", server, br.ErrorMsg)
+			td.Logger.Printf("BootstrapMqttSource: Bootstrap server %s responded with error: %s (instead of doubtlist status)", server, br.ErrorMsg)
 		}
 		if len(br.Msg) != 0 {
 			td.Logger.Printf("BootstrapMqttSource: Bootstrap server %s responded: %s", server, br.Msg)
@@ -101,7 +101,7 @@ func (td *PopData) BootstrapMqttSource(src SourceConf) (*tapir.WBGlist, error) {
 		td.Logger.Printf("BootstrapMqttSource: MQTT bootstrap server %s uptime: %v. It has processed %d MQTT messages on the %s topic (last sub msg arrived at %s), ", server, uptime, br.TopicData[src.Name].SubMsgs, src.Name, br.TopicData[src.Name].LatestSub.Format(tapir.TimeLayout))
 
 		status, buf, err = api.RequestNG(http.MethodPost, "/bootstrap", tapir.BootstrapPost{
-			Command:  "export-greylist",
+			Command:  "export-doubtlist",
 			ListName: src.Name,
 			Encoding: "gob", // XXX: This is our default, but we'll test other encodings later
 		}, true)
@@ -116,11 +116,11 @@ func (td *PopData) BootstrapMqttSource(src SourceConf) (*tapir.WBGlist, error) {
 			continue
 		}
 
-		var greylist tapir.WBGlist
+		var doubtlist tapir.WBGlist
 		decoder := gob.NewDecoder(bytes.NewReader(buf))
-		err = decoder.Decode(&greylist)
+		err = decoder.Decode(&doubtlist)
 		if err != nil {
-			// fmt.Printf("Error decoding greylist data: %v\n", err)
+			// fmt.Printf("Error decoding doubtlist data: %v\n", err)
 			// If decoding the gob failed, perhaps we received a tapir.BootstrapResponse instead?
 			var br tapir.BootstrapResponse
 			err = json.Unmarshal(buf, &br)
@@ -139,17 +139,17 @@ func (td *PopData) BootstrapMqttSource(src SourceConf) (*tapir.WBGlist, error) {
 		}
 
 		if td.Debug {
-			td.Logger.Printf("%v", greylist)
-			td.Logger.Printf("Names present in greylist %s:", src.Name)
+			td.Logger.Printf("%v", doubtlist)
+			td.Logger.Printf("Names present in doubtlist %s:", src.Name)
 			out := []string{"Name|Time added|TTL|Tags"}
-			for _, n := range greylist.Names {
+			for _, n := range doubtlist.Names {
 				out = append(out, fmt.Sprintf("%s|%v|%v|%v", n.Name, n.TimeAdded.Format(tapir.TimeLayout), n.TTL, n.TagMask))
 			}
 			td.Logger.Printf("%s", columnize.SimpleFormat(out))
 		}
 
 		// Successfully received and decoded bootstrap data
-		return &greylist, nil
+		return &doubtlist, nil
 	}
 
 	// If no bootstrap server succeeded

config.go

@@ -103,19 +103,19 @@ type SourceConf struct {
 type PolicyConf struct {
 	Logfile string
 	//	Logger    *log.Logger
-	Whitelist struct {
+	Allowlist struct {
 		Action string `validate:"required"`
 	}
-	Blacklist struct {
+	Denylist struct {
 		Action string `validate:"required"`
 	}
-	Greylist GreylistConf
+	Doubtlist DoubtlistConf
 }
 
 type ListConf struct {
 }
 
-type GreylistConf struct {
+type DoubtlistConf struct {
 	NumSources struct {
 		Limit  int    `validate:"required"`
 		Action string `validate:"required"`
@@ -124,7 +124,7 @@ type GreylistConf struct {
 		Limit  int    `validate:"required"`
 		Action string `validate:"required"`
 	}
-	BlackTapir struct {
+	DenyTapir struct {
 		Tags   []string `validate:"required"`
 		Action string   `validate:"required"`
 	}

configupdater.go

@@ -77,8 +77,8 @@ func (pd *PopData) ProcessTapirGlobalConfig(gconfig tapir.GlobalConfig) {
     bootstrapUrl := gconfig.Bootstrap.BaseUrl
     bootstrapKey := gconfig.Bootstrap.ApiToken
 
-	//for _, listtype := range []string{"whitelist", "blacklist", "greylist"} {
-	for _, wbgl := range pd.Lists["greylist"] {
+	//for _, listtype := range []string{"allowlist", "denylist", "doubtlist"} {
+	for _, wbgl := range pd.Lists["doubtlist"] {
         if  wbgl.Immutable || wbgl.Datasource != "mqtt" {
             continue
         }

go.mod

@@ -3,7 +3,7 @@ module tapir-pop
 go 1.22.0
 
 require (
-	github.com/dnstapir/tapir v0.0.0-20241112185916-6aeac4bb8fcf
+	github.com/dnstapir/tapir v0.0.0-20250114144620-18cc0cdb5c33
 	github.com/go-playground/validator/v10 v10.24.0
 	github.com/google/uuid v1.6.0
 	github.com/gorilla/mux v1.8.1

go.sum

@@ -8,6 +8,8 @@ github.com/decred/dcrd/dcrec/secp256k1/v4 v4.2.0 h1:8UrgZ3GkP4i/CLijOJx79Yu+etly
 github.com/decred/dcrd/dcrec/secp256k1/v4 v4.2.0/go.mod h1:v57UDF4pDQJcEfFUCRop3lJL149eHGSe9Jvczhzjo/0=
 github.com/dnstapir/tapir v0.0.0-20241112185916-6aeac4bb8fcf h1:vu4ixsu/GKB0iC4iTRXa+Qo9hsOw85Q45MU1qYwT6vE=
 github.com/dnstapir/tapir v0.0.0-20241112185916-6aeac4bb8fcf/go.mod h1:HawPZkAsNV3X7oAEXdGeL9bVlb6osfqyztqCn5EZyUs=
+github.com/dnstapir/tapir v0.0.0-20250114144620-18cc0cdb5c33 h1:Lf+/NSB7DtzdR6NWHz801UCijHow97wwTpSBxptjB7M=
+github.com/dnstapir/tapir v0.0.0-20250114144620-18cc0cdb5c33/go.mod h1:RO6+sbbg0euAnaMm1HTN+aFoyBvXXdxuZPBie5erN24=
 github.com/eclipse/paho.golang v0.21.0 h1:cxxEReu+iFbA5RrHfRGxJOh8tXZKDywuehneoeBeyn8=
 github.com/eclipse/paho.golang v0.21.0/go.mod h1:GHF6vy7SvDbDHBguaUpfuBkEB5G6j0zKxMG4gbh6QRQ=
 github.com/frankban/quicktest v1.14.6 h1:7Xjx+VpznH+oBnejlPUj8oUpdxnVs4f8XU8WnHkI4W8=