mirror of
https://github.com/TeaOSLab/EdgeAPI.git
synced 2025-11-15 09:10:24 +08:00
WAF策略可以自定义默认的区域/省份封禁提示
This commit is contained in:
GoEdgeLab
@@ -293,7 +293,9 @@ func (this *HTTPFirewallPolicyDAO) UpdateFirewallPolicy(tx *dbs.Tx,
|
|||||||
useLocalFirewall bool,
|
useLocalFirewall bool,
|
||||||
synFloodConfig *firewallconfigs.SYNFloodConfig,
|
synFloodConfig *firewallconfigs.SYNFloodConfig,
|
||||||
logConfig *firewallconfigs.HTTPFirewallPolicyLogConfig,
|
logConfig *firewallconfigs.HTTPFirewallPolicyLogConfig,
|
||||||
maxRequestBodySize int64) error {
|
maxRequestBodySize int64,
|
||||||
|
denyCountryHTML string,
|
||||||
|
denyProvinceHTML string) error {
|
||||||
if policyId <= 0 {
|
if policyId <= 0 {
|
||||||
return errors.New("invalid policyId")
|
return errors.New("invalid policyId")
|
||||||
}
|
}
|
||||||
@@ -342,6 +344,8 @@ func (this *HTTPFirewallPolicyDAO) UpdateFirewallPolicy(tx *dbs.Tx,
|
|||||||
|
|
||||||
op.UseLocalFirewall = useLocalFirewall
|
op.UseLocalFirewall = useLocalFirewall
|
||||||
op.MaxRequestBodySize = maxRequestBodySize
|
op.MaxRequestBodySize = maxRequestBodySize
|
||||||
|
op.DenyCountryHTML = denyCountryHTML
|
||||||
|
op.DenyProvinceHTML = denyProvinceHTML
|
||||||
|
|
||||||
err := this.Save(tx, op)
|
err := this.Save(tx, op)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
@@ -420,6 +424,8 @@ func (this *HTTPFirewallPolicyDAO) ComposeFirewallPolicy(tx *dbs.Tx, policyId in
|
|||||||
config.Description = policy.Description
|
config.Description = policy.Description
|
||||||
config.UseLocalFirewall = policy.UseLocalFirewall == 1
|
config.UseLocalFirewall = policy.UseLocalFirewall == 1
|
||||||
config.MaxRequestBodySize = int64(policy.MaxRequestBodySize)
|
config.MaxRequestBodySize = int64(policy.MaxRequestBodySize)
|
||||||
|
config.DenyCountryHTML = policy.DenyCountryHTML
|
||||||
|
config.DenyProvinceHTML = policy.DenyProvinceHTML
|
||||||
|
|
||||||
if len(policy.Mode) == 0 {
|
if len(policy.Mode) == 0 {
|
||||||
policy.Mode = firewallconfigs.FirewallModeDefend
|
policy.Mode = firewallconfigs.FirewallModeDefend
|
||||||
|
|||||||
@@ -23,6 +23,8 @@ const (
|
|||||||
HTTPFirewallPolicyField_SynFlood dbs.FieldName = "synFlood" // SynFlood防御设置
|
HTTPFirewallPolicyField_SynFlood dbs.FieldName = "synFlood" // SynFlood防御设置
|
||||||
HTTPFirewallPolicyField_Log dbs.FieldName = "log" // 日志配置
|
HTTPFirewallPolicyField_Log dbs.FieldName = "log" // 日志配置
|
||||||
HTTPFirewallPolicyField_MaxRequestBodySize dbs.FieldName = "maxRequestBodySize" // 可以检查的最大请求内容尺寸
|
HTTPFirewallPolicyField_MaxRequestBodySize dbs.FieldName = "maxRequestBodySize" // 可以检查的最大请求内容尺寸
|
||||||
|
HTTPFirewallPolicyField_DenyCountryHTML dbs.FieldName = "denyCountryHTML" // 区域封禁提示
|
||||||
|
HTTPFirewallPolicyField_DenyProvinceHTML dbs.FieldName = "denyProvinceHTML" // 省份封禁提示
|
||||||
)
|
)
|
||||||
|
|
||||||
// HTTPFirewallPolicy HTTP防火墙
|
// HTTPFirewallPolicy HTTP防火墙
|
||||||
@@ -47,6 +49,8 @@ type HTTPFirewallPolicy struct {
|
|||||||
SynFlood dbs.JSON `field:"synFlood"` // SynFlood防御设置
|
SynFlood dbs.JSON `field:"synFlood"` // SynFlood防御设置
|
||||||
Log dbs.JSON `field:"log"` // 日志配置
|
Log dbs.JSON `field:"log"` // 日志配置
|
||||||
MaxRequestBodySize uint32 `field:"maxRequestBodySize"` // 可以检查的最大请求内容尺寸
|
MaxRequestBodySize uint32 `field:"maxRequestBodySize"` // 可以检查的最大请求内容尺寸
|
||||||
|
DenyCountryHTML string `field:"denyCountryHTML"` // 区域封禁提示
|
||||||
|
DenyProvinceHTML string `field:"denyProvinceHTML"` // 省份封禁提示
|
||||||
}
|
}
|
||||||
|
|
||||||
type HTTPFirewallPolicyOperator struct {
|
type HTTPFirewallPolicyOperator struct {
|
||||||
@@ -70,6 +74,8 @@ type HTTPFirewallPolicyOperator struct {
|
|||||||
SynFlood any // SynFlood防御设置
|
SynFlood any // SynFlood防御设置
|
||||||
Log any // 日志配置
|
Log any // 日志配置
|
||||||
MaxRequestBodySize any // 可以检查的最大请求内容尺寸
|
MaxRequestBodySize any // 可以检查的最大请求内容尺寸
|
||||||
|
DenyCountryHTML any // 区域封禁提示
|
||||||
|
DenyProvinceHTML any // 省份封禁提示
|
||||||
}
|
}
|
||||||
|
|
||||||
func NewHTTPFirewallPolicyOperator() *HTTPFirewallPolicyOperator {
|
func NewHTTPFirewallPolicyOperator() *HTTPFirewallPolicyOperator {
|
||||||
|
|||||||
@@ -305,7 +305,7 @@ func (this *HTTPFirewallPolicyService) UpdateHTTPFirewallPolicy(ctx context.Cont
|
|||||||
req.MaxRequestBodySize = 0
|
req.MaxRequestBodySize = 0
|
||||||
}
|
}
|
||||||
|
|
||||||
err = models.SharedHTTPFirewallPolicyDAO.UpdateFirewallPolicy(tx, req.HttpFirewallPolicyId, req.IsOn, req.Name, req.Description, inboundConfigJSON, outboundConfigJSON, req.BlockOptionsJSON, req.CaptchaOptionsJSON, req.Mode, req.UseLocalFirewall, synFloodConfig, logConfig, req.MaxRequestBodySize)
|
err = models.SharedHTTPFirewallPolicyDAO.UpdateFirewallPolicy(tx, req.HttpFirewallPolicyId, req.IsOn, req.Name, req.Description, inboundConfigJSON, outboundConfigJSON, req.BlockOptionsJSON, req.CaptchaOptionsJSON, req.Mode, req.UseLocalFirewall, synFloodConfig, logConfig, req.MaxRequestBodySize, req.DenyCountryHTML, req.DenyProvinceHTML)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return nil, err
|
return nil, err
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -91706,7 +91706,7 @@
|
|||||||
"name": "edgeHTTPFirewallPolicies",
|
"name": "edgeHTTPFirewallPolicies",
|
||||||
"engine": "InnoDB",
|
"engine": "InnoDB",
|
||||||
"charset": "utf8mb4_general_ci",
|
"charset": "utf8mb4_general_ci",
|
||||||
"definition": "CREATE TABLE `edgeHTTPFirewallPolicies` (\n `id` int(11) unsigned NOT NULL AUTO_INCREMENT COMMENT 'ID',\n `templateId` int(11) unsigned DEFAULT '0' COMMENT '模版ID',\n `adminId` int(11) unsigned DEFAULT '0' COMMENT '管理员ID',\n `userId` int(11) unsigned DEFAULT '0' COMMENT '用户ID',\n `serverId` int(11) unsigned DEFAULT '0' COMMENT '服务ID',\n `groupId` int(11) unsigned DEFAULT '0' COMMENT '服务分组ID',\n `state` tinyint(1) unsigned DEFAULT '1' COMMENT '状态',\n `createdAt` bigint(11) unsigned DEFAULT '0' COMMENT '创建时间',\n `isOn` tinyint(1) unsigned DEFAULT '1' COMMENT '是否启用',\n `name` varchar(255) DEFAULT NULL COMMENT '名称',\n `description` varchar(1024) DEFAULT NULL COMMENT '描述',\n `inbound` json DEFAULT NULL COMMENT '入站规则',\n `outbound` json DEFAULT NULL COMMENT '出站规则',\n `blockOptions` json DEFAULT NULL COMMENT 'BLOCK选项',\n `captchaOptions` json DEFAULT NULL COMMENT '验证码选项',\n `mode` varchar(32) DEFAULT 'defend' COMMENT '模式',\n `useLocalFirewall` tinyint(1) unsigned DEFAULT '1' COMMENT '是否自动使用本地防火墙',\n `synFlood` json DEFAULT NULL COMMENT 'SynFlood防御设置',\n `log` json DEFAULT NULL COMMENT '日志配置',\n `maxRequestBodySize` int(11) unsigned DEFAULT '0' COMMENT '可以检查的最大请求内容尺寸',\n PRIMARY KEY (`id`),\n KEY `userId` (`userId`),\n KEY `serverId` (`serverId`)\n) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 COMMENT='HTTP防火墙'",
|
"definition": "CREATE TABLE `edgeHTTPFirewallPolicies` (\n `id` int(11) unsigned NOT NULL AUTO_INCREMENT COMMENT 'ID',\n `templateId` int(11) unsigned DEFAULT '0' COMMENT '模版ID',\n `adminId` int(11) unsigned DEFAULT '0' COMMENT '管理员ID',\n `userId` int(11) unsigned DEFAULT '0' COMMENT '用户ID',\n `serverId` int(11) unsigned DEFAULT '0' COMMENT '服务ID',\n `groupId` int(11) unsigned DEFAULT '0' COMMENT '服务分组ID',\n `state` tinyint(1) unsigned DEFAULT '1' COMMENT '状态',\n `createdAt` bigint(11) unsigned DEFAULT '0' COMMENT '创建时间',\n `isOn` tinyint(1) unsigned DEFAULT '1' COMMENT '是否启用',\n `name` varchar(255) DEFAULT NULL COMMENT '名称',\n `description` varchar(1024) DEFAULT NULL COMMENT '描述',\n `inbound` json DEFAULT NULL COMMENT '入站规则',\n `outbound` json DEFAULT NULL COMMENT '出站规则',\n `blockOptions` json DEFAULT NULL COMMENT 'BLOCK选项',\n `captchaOptions` json DEFAULT NULL COMMENT '验证码选项',\n `mode` varchar(32) DEFAULT 'defend' COMMENT '模式',\n `useLocalFirewall` tinyint(1) unsigned DEFAULT '1' COMMENT '是否自动使用本地防火墙',\n `synFlood` json DEFAULT NULL COMMENT 'SynFlood防御设置',\n `log` json DEFAULT NULL COMMENT '日志配置',\n `maxRequestBodySize` int(11) unsigned DEFAULT '0' COMMENT '可以检查的最大请求内容尺寸',\n `denyCountryHTML` text COMMENT '区域封禁提示',\n `denyProvinceHTML` varchar(255) DEFAULT NULL COMMENT '省份封禁提示',\n PRIMARY KEY (`id`),\n KEY `userId` (`userId`),\n KEY `serverId` (`serverId`)\n) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 COMMENT='HTTP防火墙'",
|
||||||
"fields": [
|
"fields": [
|
||||||
{
|
{
|
||||||
"name": "id",
|
"name": "id",
|
||||||
@@ -91787,6 +91787,14 @@
|
|||||||
{
|
{
|
||||||
"name": "maxRequestBodySize",
|
"name": "maxRequestBodySize",
|
||||||
"definition": "int(11) unsigned DEFAULT '0' COMMENT '可以检查的最大请求内容尺寸'"
|
"definition": "int(11) unsigned DEFAULT '0' COMMENT '可以检查的最大请求内容尺寸'"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"name": "denyCountryHTML",
|
||||||
|
"definition": "text COMMENT '区域封禁提示'"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"name": "denyProvinceHTML",
|
||||||
|
"definition": "varchar(255) COMMENT '省份封禁提示'"
|
||||||
}
|
}
|
||||||
],
|
],
|
||||||
"indexes": [
|
"indexes": [
|
||||||
|
|||||||
Reference in New Issue
Block a user