[waf]可以配置阻止动作的状态码和提示内容

internal/db/models/http_firewall_policy_dao.go

@@ -153,7 +153,7 @@ func (this *HTTPFirewallPolicyDAO) UpdateFirewallPolicyInbound(policyId int64, i
 }
 
 // 修改策略
-func (this *HTTPFirewallPolicyDAO) UpdateFirewallPolicy(policyId int64, isOn bool, name string, description string, inboundJSON []byte, outboundJSON []byte) error {
+func (this *HTTPFirewallPolicyDAO) UpdateFirewallPolicy(policyId int64, isOn bool, name string, description string, inboundJSON []byte, outboundJSON []byte, blockOptionsJSON []byte) error {
 	if policyId <= 0 {
 		return errors.New("invalid policyId")
 	}
@@ -172,6 +172,9 @@ func (this *HTTPFirewallPolicyDAO) UpdateFirewallPolicy(policyId int64, isOn boo
 	} else {
 		op.Outbound = "null"
 	}
+	if len(blockOptionsJSON) > 0 {
+		op.BlockOptions = blockOptionsJSON
+	}
 	_, err := this.Save(op)
 	return err
 }
@@ -267,5 +270,15 @@ func (this *HTTPFirewallPolicyDAO) ComposeFirewallPolicy(policyId int64) (*firew
 	}
 	config.Outbound = outbound
 
+	// Block动作配置
+	if IsNotNull(policy.BlockOptions) {
+		blockAction := &firewallconfigs.HTTPFirewallBlockAction{}
+		err = json.Unmarshal([]byte(policy.BlockOptions), blockAction)
+		if err != nil {
+			return config, err
+		}
+		config.BlockOptions = blockAction
+	}
+
 	return config, nil
 }

internal/db/models/http_firewall_policy_model.go

@@ -2,31 +2,33 @@ package models
 
 // HTTP防火墙
 type HTTPFirewallPolicy struct {
-	Id          uint32 `field:"id"`          // ID
-	TemplateId  uint32 `field:"templateId"`  // 模版ID
-	AdminId     uint32 `field:"adminId"`     // 管理员ID
-	UserId      uint32 `field:"userId"`      // 用户ID
-	State       uint8  `field:"state"`       // 状态
-	CreatedAt   uint64 `field:"createdAt"`   // 创建时间
-	IsOn        uint8  `field:"isOn"`        // 是否启用
-	Name        string `field:"name"`        // 名称
-	Description string `field:"description"` // 描述
-	Inbound     string `field:"inbound"`     // 入站规则
-	Outbound    string `field:"outbound"`    // 出站规则
+	Id           uint32 `field:"id"`           // ID
+	TemplateId   uint32 `field:"templateId"`   // 模版ID
+	AdminId      uint32 `field:"adminId"`      // 管理员ID
+	UserId       uint32 `field:"userId"`       // 用户ID
+	State        uint8  `field:"state"`        // 状态
+	CreatedAt    uint64 `field:"createdAt"`    // 创建时间
+	IsOn         uint8  `field:"isOn"`         // 是否启用
+	Name         string `field:"name"`         // 名称
+	Description  string `field:"description"`  // 描述
+	Inbound      string `field:"inbound"`      // 入站规则
+	Outbound     string `field:"outbound"`     // 出站规则
+	BlockOptions string `field:"blockOptions"` // BLOCK选项
 }
 
 type HTTPFirewallPolicyOperator struct {
-	Id          interface{} // ID
-	TemplateId  interface{} // 模版ID
-	AdminId     interface{} // 管理员ID
-	UserId      interface{} // 用户ID
-	State       interface{} // 状态
-	CreatedAt   interface{} // 创建时间
-	IsOn        interface{} // 是否启用
-	Name        interface{} // 名称
-	Description interface{} // 描述
-	Inbound     interface{} // 入站规则
-	Outbound    interface{} // 出站规则
+	Id           interface{} // ID
+	TemplateId   interface{} // 模版ID
+	AdminId      interface{} // 管理员ID
+	UserId       interface{} // 用户ID
+	State        interface{} // 状态
+	CreatedAt    interface{} // 创建时间
+	IsOn         interface{} // 是否启用
+	Name         interface{} // 名称
+	Description  interface{} // 描述
+	Inbound      interface{} // 入站规则
+	Outbound     interface{} // 出站规则
+	BlockOptions interface{} // BLOCK选项
 }
 
 func NewHTTPFirewallPolicyOperator() *HTTPFirewallPolicyOperator {

internal/rpc/services/service_http_firewall_policy.go

@@ -227,7 +227,7 @@ func (this *HTTPFirewallPolicyService) UpdateHTTPFirewallPolicy(ctx context.Cont
 		return nil, err
 	}
 
-	err = models.SharedHTTPFirewallPolicyDAO.UpdateFirewallPolicy(req.FirewallPolicyId, req.IsOn, req.Name, req.Description, inboundConfigJSON, outboundConfigJSON)
+	err = models.SharedHTTPFirewallPolicyDAO.UpdateFirewallPolicy(req.FirewallPolicyId, req.IsOn, req.Name, req.Description, inboundConfigJSON, outboundConfigJSON, req.BlockOptionsJSON)
 	if err != nil {
 		return nil, err
 	}