WAF策略增加“最多检查内容尺寸“选项

internal/db/models/http_firewall_policy_dao.go

@@ -290,7 +290,8 @@ func (this *HTTPFirewallPolicyDAO) UpdateFirewallPolicy(tx *dbs.Tx,
 	mode firewallconfigs.FirewallMode,
 	useLocalFirewall bool,
 	synFloodConfig *firewallconfigs.SYNFloodConfig,
-	logConfig *firewallconfigs.HTTPFirewallPolicyLogConfig) error {
+	logConfig *firewallconfigs.HTTPFirewallPolicyLogConfig,
+	maxRequestBodySize int64) error {
 	if policyId <= 0 {
 		return errors.New("invalid policyId")
 	}
@@ -338,6 +339,8 @@ func (this *HTTPFirewallPolicyDAO) UpdateFirewallPolicy(tx *dbs.Tx,
 	}
 
 	op.UseLocalFirewall = useLocalFirewall
+	op.MaxRequestBodySize = maxRequestBodySize
+
 	err := this.Save(tx, op)
 	if err != nil {
 		return err
@@ -414,6 +417,7 @@ func (this *HTTPFirewallPolicyDAO) ComposeFirewallPolicy(tx *dbs.Tx, policyId in
 	config.Name = policy.Name
 	config.Description = policy.Description
 	config.UseLocalFirewall = policy.UseLocalFirewall == 1
+	config.MaxRequestBodySize = int64(policy.MaxRequestBodySize)
 
 	if len(policy.Mode) == 0 {
 		policy.Mode = firewallconfigs.FirewallModeDefend

internal/db/models/http_firewall_policy_model.go

@@ -2,6 +2,29 @@ package models
 
 import "github.com/iwind/TeaGo/dbs"
 
+const (
+	HTTPFirewallPolicyField_Id                 dbs.FieldName = "id"                 // ID
+	HTTPFirewallPolicyField_TemplateId         dbs.FieldName = "templateId"         // 模版ID
+	HTTPFirewallPolicyField_AdminId            dbs.FieldName = "adminId"            // 管理员ID
+	HTTPFirewallPolicyField_UserId             dbs.FieldName = "userId"             // 用户ID
+	HTTPFirewallPolicyField_ServerId           dbs.FieldName = "serverId"           // 服务ID
+	HTTPFirewallPolicyField_GroupId            dbs.FieldName = "groupId"            // 服务分组ID
+	HTTPFirewallPolicyField_State              dbs.FieldName = "state"              // 状态
+	HTTPFirewallPolicyField_CreatedAt          dbs.FieldName = "createdAt"          // 创建时间
+	HTTPFirewallPolicyField_IsOn               dbs.FieldName = "isOn"               // 是否启用
+	HTTPFirewallPolicyField_Name               dbs.FieldName = "name"               // 名称
+	HTTPFirewallPolicyField_Description        dbs.FieldName = "description"        // 描述
+	HTTPFirewallPolicyField_Inbound            dbs.FieldName = "inbound"            // 入站规则
+	HTTPFirewallPolicyField_Outbound           dbs.FieldName = "outbound"           // 出站规则
+	HTTPFirewallPolicyField_BlockOptions       dbs.FieldName = "blockOptions"       // BLOCK选项
+	HTTPFirewallPolicyField_CaptchaOptions     dbs.FieldName = "captchaOptions"     // 验证码选项
+	HTTPFirewallPolicyField_Mode               dbs.FieldName = "mode"               // 模式
+	HTTPFirewallPolicyField_UseLocalFirewall   dbs.FieldName = "useLocalFirewall"   // 是否自动使用本地防火墙
+	HTTPFirewallPolicyField_SynFlood           dbs.FieldName = "synFlood"           // SynFlood防御设置
+	HTTPFirewallPolicyField_Log                dbs.FieldName = "log"                // 日志配置
+	HTTPFirewallPolicyField_MaxRequestBodySize dbs.FieldName = "maxRequestBodySize" // 可以检查的最大请求内容尺寸
+)
+
 // HTTPFirewallPolicy HTTP防火墙
 type HTTPFirewallPolicy struct {
 	Id                 uint32   `field:"id"`                 // ID
@@ -23,28 +46,30 @@ type HTTPFirewallPolicy struct {
 	UseLocalFirewall   uint8    `field:"useLocalFirewall"`   // 是否自动使用本地防火墙
 	SynFlood           dbs.JSON `field:"synFlood"`           // SynFlood防御设置
 	Log                dbs.JSON `field:"log"`                // 日志配置
+	MaxRequestBodySize uint32   `field:"maxRequestBodySize"` // 可以检查的最大请求内容尺寸
 }
 
 type HTTPFirewallPolicyOperator struct {
-	Id               interface{} // ID
+	Id                 any // ID
-	TemplateId       interface{} // 模版ID
+	TemplateId         any // 模版ID
-	AdminId          interface{} // 管理员ID
+	AdminId            any // 管理员ID
-	UserId           interface{} // 用户ID
+	UserId             any // 用户ID
-	ServerId         interface{} // 服务ID
+	ServerId           any // 服务ID
-	GroupId          interface{} // 服务分组ID
+	GroupId            any // 服务分组ID
-	State            interface{} // 状态
+	State              any // 状态
-	CreatedAt        interface{} // 创建时间
+	CreatedAt          any // 创建时间
-	IsOn             interface{} // 是否启用
+	IsOn               any // 是否启用
-	Name             interface{} // 名称
+	Name               any // 名称
-	Description      interface{} // 描述
+	Description        any // 描述
-	Inbound          interface{} // 入站规则
+	Inbound            any // 入站规则
-	Outbound         interface{} // 出站规则
+	Outbound           any // 出站规则
-	BlockOptions     interface{} // BLOCK选项
+	BlockOptions       any // BLOCK选项
-	CaptchaOptions   interface{} // 验证码选项
+	CaptchaOptions     any // 验证码选项
-	Mode             interface{} // 模式
+	Mode               any // 模式
-	UseLocalFirewall interface{} // 是否自动使用本地防火墙
+	UseLocalFirewall   any // 是否自动使用本地防火墙
-	SynFlood         interface{} // SynFlood防御设置
+	SynFlood           any // SynFlood防御设置
-	Log              interface{} // 日志配置
+	Log                any // 日志配置
+	MaxRequestBodySize any // 可以检查的最大请求内容尺寸
 }
 
 func NewHTTPFirewallPolicyOperator() *HTTPFirewallPolicyOperator {

internal/rpc/services/service_http_firewall_policy.go

@@ -300,7 +300,12 @@ func (this *HTTPFirewallPolicyService) UpdateHTTPFirewallPolicy(ctx context.Cont
 		}
 	}
 
-	err = models.SharedHTTPFirewallPolicyDAO.UpdateFirewallPolicy(tx, req.HttpFirewallPolicyId, req.IsOn, req.Name, req.Description, inboundConfigJSON, outboundConfigJSON, req.BlockOptionsJSON, req.CaptchaOptionsJSON, req.Mode, req.UseLocalFirewall, synFloodConfig, logConfig)
+	// MaxRequestBodySize
+	if req.MaxRequestBodySize < 0 {
+		req.MaxRequestBodySize = 0
+	}
+
+	err = models.SharedHTTPFirewallPolicyDAO.UpdateFirewallPolicy(tx, req.HttpFirewallPolicyId, req.IsOn, req.Name, req.Description, inboundConfigJSON, outboundConfigJSON, req.BlockOptionsJSON, req.CaptchaOptionsJSON, req.Mode, req.UseLocalFirewall, synFloodConfig, logConfig, req.MaxRequestBodySize)
 	if err != nil {
 		return nil, err
 	}