mirror of
https://github.com/TeaOSLab/EdgeAPI.git
synced 2025-11-03 15:00:27 +08:00
WAF策略增加JSCookie动作选项
This commit is contained in:
GoEdgeLab
@@ -134,7 +134,7 @@ func (this *HTTPFirewallPolicyDAO) CreateFirewallPolicy(tx *dbs.Tx, userId int64
|
|||||||
|
|
||||||
if userId <= 0 && serverGroupId <= 0 && serverId <= 0 {
|
if userId <= 0 && serverGroupId <= 0 && serverId <= 0 {
|
||||||
// synFlood
|
// synFlood
|
||||||
var synFloodConfig = firewallconfigs.DefaultSYNFloodConfig()
|
var synFloodConfig = firewallconfigs.NewSYNFloodConfig()
|
||||||
synFloodJSON, err := json.Marshal(synFloodConfig)
|
synFloodJSON, err := json.Marshal(synFloodConfig)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return 0, err
|
return 0, err
|
||||||
@@ -142,7 +142,7 @@ func (this *HTTPFirewallPolicyDAO) CreateFirewallPolicy(tx *dbs.Tx, userId int64
|
|||||||
op.SynFlood = synFloodJSON
|
op.SynFlood = synFloodJSON
|
||||||
|
|
||||||
// block options
|
// block options
|
||||||
var blockOptions = firewallconfigs.DefaultHTTPFirewallBlockAction()
|
var blockOptions = firewallconfigs.NewHTTPFirewallBlockAction()
|
||||||
blockOptionsJSON, err := json.Marshal(blockOptions)
|
blockOptionsJSON, err := json.Marshal(blockOptions)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return 0, err
|
return 0, err
|
||||||
@@ -150,7 +150,7 @@ func (this *HTTPFirewallPolicyDAO) CreateFirewallPolicy(tx *dbs.Tx, userId int64
|
|||||||
op.BlockOptions = blockOptionsJSON
|
op.BlockOptions = blockOptionsJSON
|
||||||
|
|
||||||
// page options
|
// page options
|
||||||
var pageOptions = firewallconfigs.DefaultHTTPFirewallPageAction()
|
var pageOptions = firewallconfigs.NewHTTPFirewallPageAction()
|
||||||
pageOptionsJSON, err := json.Marshal(pageOptions)
|
pageOptionsJSON, err := json.Marshal(pageOptions)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return 0, err
|
return 0, err
|
||||||
@@ -158,12 +158,20 @@ func (this *HTTPFirewallPolicyDAO) CreateFirewallPolicy(tx *dbs.Tx, userId int64
|
|||||||
op.PageOptions = pageOptionsJSON
|
op.PageOptions = pageOptionsJSON
|
||||||
|
|
||||||
// captcha options
|
// captcha options
|
||||||
var captchaOptions = firewallconfigs.DefaultHTTPFirewallCaptchaAction()
|
var captchaOptions = firewallconfigs.NewHTTPFirewallCaptchaAction()
|
||||||
captchaOptionsJSON, err := json.Marshal(captchaOptions)
|
captchaOptionsJSON, err := json.Marshal(captchaOptions)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return 0, err
|
return 0, err
|
||||||
}
|
}
|
||||||
op.CaptchaOptions = captchaOptionsJSON
|
op.CaptchaOptions = captchaOptionsJSON
|
||||||
|
|
||||||
|
// jscookie options
|
||||||
|
var jsCookieOptions = firewallconfigs.NewHTTPFirewallJavascriptCookieAction()
|
||||||
|
jsCookieOptionsJSON, err := json.Marshal(jsCookieOptions)
|
||||||
|
if err != nil {
|
||||||
|
return 0, err
|
||||||
|
}
|
||||||
|
op.JsCookieOptions = jsCookieOptionsJSON
|
||||||
}
|
}
|
||||||
|
|
||||||
err := this.Save(tx, op)
|
err := this.Save(tx, op)
|
||||||
@@ -323,6 +331,7 @@ func (this *HTTPFirewallPolicyDAO) UpdateFirewallPolicy(tx *dbs.Tx,
|
|||||||
blockOptionsJSON []byte,
|
blockOptionsJSON []byte,
|
||||||
pageOptionsJSON []byte,
|
pageOptionsJSON []byte,
|
||||||
captchaOptionsJSON []byte,
|
captchaOptionsJSON []byte,
|
||||||
|
jsCookieOptionsJSON []byte,
|
||||||
mode firewallconfigs.FirewallMode,
|
mode firewallconfigs.FirewallMode,
|
||||||
useLocalFirewall bool,
|
useLocalFirewall bool,
|
||||||
synFloodConfig *firewallconfigs.SYNFloodConfig,
|
synFloodConfig *firewallconfigs.SYNFloodConfig,
|
||||||
@@ -358,6 +367,9 @@ func (this *HTTPFirewallPolicyDAO) UpdateFirewallPolicy(tx *dbs.Tx,
|
|||||||
if IsNotNull(captchaOptionsJSON) {
|
if IsNotNull(captchaOptionsJSON) {
|
||||||
op.CaptchaOptions = captchaOptionsJSON
|
op.CaptchaOptions = captchaOptionsJSON
|
||||||
}
|
}
|
||||||
|
if IsNotNull(jsCookieOptionsJSON) {
|
||||||
|
op.JsCookieOptions = jsCookieOptionsJSON
|
||||||
|
}
|
||||||
|
|
||||||
if synFloodConfig != nil {
|
if synFloodConfig != nil {
|
||||||
synFloodConfigJSON, err := json.Marshal(synFloodConfig)
|
synFloodConfigJSON, err := json.Marshal(synFloodConfig)
|
||||||
@@ -528,7 +540,7 @@ func (this *HTTPFirewallPolicyDAO) ComposeFirewallPolicy(tx *dbs.Tx, policyId in
|
|||||||
|
|
||||||
// Block动作配置
|
// Block动作配置
|
||||||
if IsNotNull(policy.BlockOptions) {
|
if IsNotNull(policy.BlockOptions) {
|
||||||
var blockAction = &firewallconfigs.HTTPFirewallBlockAction{}
|
var blockAction = firewallconfigs.NewHTTPFirewallBlockAction()
|
||||||
err = json.Unmarshal(policy.BlockOptions, blockAction)
|
err = json.Unmarshal(policy.BlockOptions, blockAction)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return config, err
|
return config, err
|
||||||
@@ -538,7 +550,7 @@ func (this *HTTPFirewallPolicyDAO) ComposeFirewallPolicy(tx *dbs.Tx, policyId in
|
|||||||
|
|
||||||
// Page动作配置
|
// Page动作配置
|
||||||
if IsNotNull(policy.PageOptions) {
|
if IsNotNull(policy.PageOptions) {
|
||||||
var pageAction = firewallconfigs.DefaultHTTPFirewallPageAction()
|
var pageAction = firewallconfigs.NewHTTPFirewallPageAction()
|
||||||
err = json.Unmarshal(policy.PageOptions, pageAction)
|
err = json.Unmarshal(policy.PageOptions, pageAction)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return config, err
|
return config, err
|
||||||
@@ -548,7 +560,7 @@ func (this *HTTPFirewallPolicyDAO) ComposeFirewallPolicy(tx *dbs.Tx, policyId in
|
|||||||
|
|
||||||
// Captcha动作配置
|
// Captcha动作配置
|
||||||
if IsNotNull(policy.CaptchaOptions) {
|
if IsNotNull(policy.CaptchaOptions) {
|
||||||
var captchaAction = &firewallconfigs.HTTPFirewallCaptchaAction{}
|
var captchaAction = firewallconfigs.NewHTTPFirewallCaptchaAction()
|
||||||
err = json.Unmarshal(policy.CaptchaOptions, captchaAction)
|
err = json.Unmarshal(policy.CaptchaOptions, captchaAction)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return config, err
|
return config, err
|
||||||
@@ -556,6 +568,16 @@ func (this *HTTPFirewallPolicyDAO) ComposeFirewallPolicy(tx *dbs.Tx, policyId in
|
|||||||
config.CaptchaOptions = captchaAction
|
config.CaptchaOptions = captchaAction
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// JSCookie动作配置
|
||||||
|
if IsNotNull(policy.JsCookieOptions) {
|
||||||
|
var jsCookieAction = firewallconfigs.NewHTTPFirewallJavascriptCookieAction()
|
||||||
|
err = json.Unmarshal(policy.JsCookieOptions, jsCookieAction)
|
||||||
|
if err != nil {
|
||||||
|
return config, err
|
||||||
|
}
|
||||||
|
config.JSCookieOptions = jsCookieAction
|
||||||
|
}
|
||||||
|
|
||||||
// syn flood
|
// syn flood
|
||||||
if IsNotNull(policy.SynFlood) {
|
if IsNotNull(policy.SynFlood) {
|
||||||
var synFloodConfig = &firewallconfigs.SYNFloodConfig{}
|
var synFloodConfig = &firewallconfigs.SYNFloodConfig{}
|
||||||
|
|||||||
@@ -19,6 +19,7 @@ const (
|
|||||||
HTTPFirewallPolicyField_BlockOptions dbs.FieldName = "blockOptions" // BLOCK动作选项
|
HTTPFirewallPolicyField_BlockOptions dbs.FieldName = "blockOptions" // BLOCK动作选项
|
||||||
HTTPFirewallPolicyField_PageOptions dbs.FieldName = "pageOptions" // PAGE动作选项
|
HTTPFirewallPolicyField_PageOptions dbs.FieldName = "pageOptions" // PAGE动作选项
|
||||||
HTTPFirewallPolicyField_CaptchaOptions dbs.FieldName = "captchaOptions" // 验证码动作选项
|
HTTPFirewallPolicyField_CaptchaOptions dbs.FieldName = "captchaOptions" // 验证码动作选项
|
||||||
|
HTTPFirewallPolicyField_JsCookieOptions dbs.FieldName = "jsCookieOptions" // JSCookie动作选项
|
||||||
HTTPFirewallPolicyField_Mode dbs.FieldName = "mode" // 模式
|
HTTPFirewallPolicyField_Mode dbs.FieldName = "mode" // 模式
|
||||||
HTTPFirewallPolicyField_UseLocalFirewall dbs.FieldName = "useLocalFirewall" // 是否自动使用本地防火墙
|
HTTPFirewallPolicyField_UseLocalFirewall dbs.FieldName = "useLocalFirewall" // 是否自动使用本地防火墙
|
||||||
HTTPFirewallPolicyField_SynFlood dbs.FieldName = "synFlood" // SynFlood防御设置
|
HTTPFirewallPolicyField_SynFlood dbs.FieldName = "synFlood" // SynFlood防御设置
|
||||||
@@ -46,6 +47,7 @@ type HTTPFirewallPolicy struct {
|
|||||||
BlockOptions dbs.JSON `field:"blockOptions"` // BLOCK动作选项
|
BlockOptions dbs.JSON `field:"blockOptions"` // BLOCK动作选项
|
||||||
PageOptions dbs.JSON `field:"pageOptions"` // PAGE动作选项
|
PageOptions dbs.JSON `field:"pageOptions"` // PAGE动作选项
|
||||||
CaptchaOptions dbs.JSON `field:"captchaOptions"` // 验证码动作选项
|
CaptchaOptions dbs.JSON `field:"captchaOptions"` // 验证码动作选项
|
||||||
|
JsCookieOptions dbs.JSON `field:"jsCookieOptions"` // JSCookie动作选项
|
||||||
Mode string `field:"mode"` // 模式
|
Mode string `field:"mode"` // 模式
|
||||||
UseLocalFirewall uint8 `field:"useLocalFirewall"` // 是否自动使用本地防火墙
|
UseLocalFirewall uint8 `field:"useLocalFirewall"` // 是否自动使用本地防火墙
|
||||||
SynFlood dbs.JSON `field:"synFlood"` // SynFlood防御设置
|
SynFlood dbs.JSON `field:"synFlood"` // SynFlood防御设置
|
||||||
@@ -72,6 +74,7 @@ type HTTPFirewallPolicyOperator struct {
|
|||||||
BlockOptions any // BLOCK动作选项
|
BlockOptions any // BLOCK动作选项
|
||||||
PageOptions any // PAGE动作选项
|
PageOptions any // PAGE动作选项
|
||||||
CaptchaOptions any // 验证码动作选项
|
CaptchaOptions any // 验证码动作选项
|
||||||
|
JsCookieOptions any // JSCookie动作选项
|
||||||
Mode any // 模式
|
Mode any // 模式
|
||||||
UseLocalFirewall any // 是否自动使用本地防火墙
|
UseLocalFirewall any // 是否自动使用本地防火墙
|
||||||
SynFlood any // SynFlood防御设置
|
SynFlood any // SynFlood防御设置
|
||||||
|
|||||||
@@ -304,7 +304,7 @@ func (this *HTTPFirewallPolicyService) UpdateHTTPFirewallPolicy(ctx context.Cont
|
|||||||
req.MaxRequestBodySize = 0
|
req.MaxRequestBodySize = 0
|
||||||
}
|
}
|
||||||
|
|
||||||
err = models.SharedHTTPFirewallPolicyDAO.UpdateFirewallPolicy(tx, req.HttpFirewallPolicyId, req.IsOn, req.Name, req.Description, inboundConfigJSON, outboundConfigJSON, req.BlockOptionsJSON, req.PageOptionsJSON, req.CaptchaOptionsJSON, req.Mode, req.UseLocalFirewall, synFloodConfig, logConfig, req.MaxRequestBodySize, req.DenyCountryHTML, req.DenyProvinceHTML)
|
err = models.SharedHTTPFirewallPolicyDAO.UpdateFirewallPolicy(tx, req.HttpFirewallPolicyId, req.IsOn, req.Name, req.Description, inboundConfigJSON, outboundConfigJSON, req.BlockOptionsJSON, req.PageOptionsJSON, req.CaptchaOptionsJSON, req.JsCookieOptionsJSON, req.Mode, req.UseLocalFirewall, synFloodConfig, logConfig, req.MaxRequestBodySize, req.DenyCountryHTML, req.DenyProvinceHTML)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return nil, err
|
return nil, err
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -102722,7 +102722,7 @@
|
|||||||
"name": "edgeHTTPFirewallPolicies",
|
"name": "edgeHTTPFirewallPolicies",
|
||||||
"engine": "InnoDB",
|
"engine": "InnoDB",
|
||||||
"charset": "utf8mb4_general_ci",
|
"charset": "utf8mb4_general_ci",
|
||||||
"definition": "CREATE TABLE `edgeHTTPFirewallPolicies` (\n `id` int(11) unsigned NOT NULL AUTO_INCREMENT COMMENT 'ID',\n `templateId` int(11) unsigned DEFAULT '0' COMMENT '模版ID',\n `adminId` int(11) unsigned DEFAULT '0' COMMENT '管理员ID',\n `userId` int(11) unsigned DEFAULT '0' COMMENT '用户ID',\n `serverId` int(11) unsigned DEFAULT '0' COMMENT '服务ID',\n `groupId` int(11) unsigned DEFAULT '0' COMMENT '服务分组ID',\n `state` tinyint(1) unsigned DEFAULT '1' COMMENT '状态',\n `createdAt` bigint(11) unsigned DEFAULT '0' COMMENT '创建时间',\n `isOn` tinyint(1) unsigned DEFAULT '1' COMMENT '是否启用',\n `name` varchar(255) DEFAULT NULL COMMENT '名称',\n `description` varchar(1024) DEFAULT NULL COMMENT '描述',\n `inbound` json DEFAULT NULL COMMENT '入站规则',\n `outbound` json DEFAULT NULL COMMENT '出站规则',\n `blockOptions` json DEFAULT NULL COMMENT 'BLOCK动作选项',\n `pageOptions` json DEFAULT NULL COMMENT 'PAGE动作选项',\n `captchaOptions` json DEFAULT NULL COMMENT '验证码动作选项',\n `mode` varchar(32) DEFAULT 'defend' COMMENT '模式',\n `useLocalFirewall` tinyint(1) unsigned DEFAULT '1' COMMENT '是否自动使用本地防火墙',\n `synFlood` json DEFAULT NULL COMMENT 'SynFlood防御设置',\n `log` json DEFAULT NULL COMMENT '日志配置',\n `maxRequestBodySize` int(11) unsigned DEFAULT '0' COMMENT '可以检查的最大请求内容尺寸',\n `denyCountryHTML` text COMMENT '区域封禁提示',\n `denyProvinceHTML` text COMMENT '省份封禁提示',\n PRIMARY KEY (`id`),\n KEY `userId` (`userId`),\n KEY `serverId` (`serverId`)\n) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 COMMENT='HTTP防火墙'",
|
"definition": "CREATE TABLE `edgeHTTPFirewallPolicies` (\n `id` int(11) unsigned NOT NULL AUTO_INCREMENT COMMENT 'ID',\n `templateId` int(11) unsigned DEFAULT '0' COMMENT '模版ID',\n `adminId` int(11) unsigned DEFAULT '0' COMMENT '管理员ID',\n `userId` int(11) unsigned DEFAULT '0' COMMENT '用户ID',\n `serverId` int(11) unsigned DEFAULT '0' COMMENT '服务ID',\n `groupId` int(11) unsigned DEFAULT '0' COMMENT '服务分组ID',\n `state` tinyint(1) unsigned DEFAULT '1' COMMENT '状态',\n `createdAt` bigint(11) unsigned DEFAULT '0' COMMENT '创建时间',\n `isOn` tinyint(1) unsigned DEFAULT '1' COMMENT '是否启用',\n `name` varchar(255) DEFAULT NULL COMMENT '名称',\n `description` varchar(1024) DEFAULT NULL COMMENT '描述',\n `inbound` json DEFAULT NULL COMMENT '入站规则',\n `outbound` json DEFAULT NULL COMMENT '出站规则',\n `blockOptions` json DEFAULT NULL COMMENT 'BLOCK动作选项',\n `pageOptions` json DEFAULT NULL COMMENT 'PAGE动作选项',\n `captchaOptions` json DEFAULT NULL COMMENT '验证码动作选项',\n `jsCookieOptions` json DEFAULT NULL COMMENT 'JSCookie动作选项',\n `mode` varchar(32) DEFAULT 'defend' COMMENT '模式',\n `useLocalFirewall` tinyint(1) unsigned DEFAULT '1' COMMENT '是否自动使用本地防火墙',\n `synFlood` json DEFAULT NULL COMMENT 'SynFlood防御设置',\n `log` json DEFAULT NULL COMMENT '日志配置',\n `maxRequestBodySize` int(11) unsigned DEFAULT '0' COMMENT '可以检查的最大请求内容尺寸',\n `denyCountryHTML` text COMMENT '区域封禁提示',\n `denyProvinceHTML` text COMMENT '省份封禁提示',\n PRIMARY KEY (`id`),\n KEY `userId` (`userId`),\n KEY `serverId` (`serverId`)\n) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 COMMENT='HTTP防火墙'",
|
||||||
"fields": [
|
"fields": [
|
||||||
{
|
{
|
||||||
"name": "id",
|
"name": "id",
|
||||||
@@ -102788,6 +102788,10 @@
|
|||||||
"name": "captchaOptions",
|
"name": "captchaOptions",
|
||||||
"definition": "json COMMENT '验证码动作选项'"
|
"definition": "json COMMENT '验证码动作选项'"
|
||||||
},
|
},
|
||||||
|
{
|
||||||
|
"name": "jsCookieOptions",
|
||||||
|
"definition": "json COMMENT 'JSCookie动作选项'"
|
||||||
|
},
|
||||||
{
|
{
|
||||||
"name": "mode",
|
"name": "mode",
|
||||||
"definition": "varchar(32) DEFAULT 'defend' COMMENT '模式'"
|
"definition": "varchar(32) DEFAULT 'defend' COMMENT '模式'"
|
||||||
@@ -103738,7 +103742,7 @@
|
|||||||
"name": "edgeIPItems",
|
"name": "edgeIPItems",
|
||||||
"engine": "InnoDB",
|
"engine": "InnoDB",
|
||||||
"charset": "utf8mb4_general_ci",
|
"charset": "utf8mb4_general_ci",
|
||||||
"definition": "CREATE TABLE `edgeIPItems` (\n `id` bigint(20) unsigned NOT NULL AUTO_INCREMENT COMMENT 'ID',\n `listId` int(11) unsigned DEFAULT '0' COMMENT '所属名单ID',\n `type` varchar(64) DEFAULT 'ipv4' COMMENT '类型',\n `ipFrom` varchar(64) DEFAULT NULL COMMENT '开始IP',\n `ipTo` varchar(64) DEFAULT NULL COMMENT '结束IP',\n `ipFromLong` bigint(20) unsigned DEFAULT '0' COMMENT '开始IP整型',\n `ipToLong` bigint(20) unsigned DEFAULT '0' COMMENT '结束IP整型',\n `version` bigint(20) unsigned DEFAULT '0' COMMENT '版本',\n `createdAt` bigint(11) unsigned DEFAULT '0' COMMENT '创建时间',\n `updatedAt` bigint(11) unsigned DEFAULT '0' COMMENT '修改时间',\n `reason` varchar(255) DEFAULT NULL COMMENT '加入说明',\n `eventLevel` varchar(64) DEFAULT NULL COMMENT '事件级别',\n `state` tinyint(1) unsigned DEFAULT '1' COMMENT '状态',\n `expiredAt` bigint(11) unsigned DEFAULT '0' COMMENT '过期时间',\n `serverId` int(11) unsigned DEFAULT '0' COMMENT '有效范围服务ID',\n `nodeId` int(11) unsigned DEFAULT '0' COMMENT '有效范围节点ID',\n `sourceNodeId` int(11) unsigned DEFAULT '0' COMMENT '来源节点ID',\n `sourceServerId` int(11) unsigned DEFAULT '0' COMMENT '来源服务ID',\n `sourceHTTPFirewallPolicyId` int(11) unsigned DEFAULT '0' COMMENT '来源策略ID',\n `sourceHTTPFirewallRuleGroupId` int(11) unsigned DEFAULT '0' COMMENT '来源规则集分组ID',\n `sourceHTTPFirewallRuleSetId` int(11) unsigned DEFAULT '0' COMMENT '来源规则集ID',\n `sourceUserId` bigint(11) unsigned DEFAULT '0' COMMENT '用户ID',\n `isRead` tinyint(1) unsigned DEFAULT '1' COMMENT '是否已读',\n PRIMARY KEY (`id`),\n KEY `listId` (`listId`),\n KEY `ipFrom` (`ipFrom`),\n KEY `serverId` (`serverId`),\n KEY `expiredAt_state` (`expiredAt`,`state`) USING BTREE,\n KEY `isRead` (`expiredAt`,`isRead`) USING BTREE,\n KEY `createdAt` (`createdAt`),\n KEY `sourceUserId` (`sourceUserId`),\n KEY `version` (`version`)\n) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 COMMENT='IP'",
|
"definition": "CREATE TABLE `edgeIPItems` (\n `id` bigint(20) unsigned NOT NULL AUTO_INCREMENT COMMENT 'ID',\n `listId` int(11) unsigned DEFAULT '0' COMMENT '所属名单ID',\n `type` varchar(64) DEFAULT 'ipv4' COMMENT '类型',\n `ipFrom` varchar(64) DEFAULT NULL COMMENT '开始IP',\n `ipTo` varchar(64) DEFAULT NULL COMMENT '结束IP',\n `ipFromLong` bigint(20) unsigned DEFAULT '0' COMMENT '开始IP整型(弃用)',\n `ipToLong` bigint(20) unsigned DEFAULT '0' COMMENT '结束IP整型(弃用)',\n `version` bigint(20) unsigned DEFAULT '0' COMMENT '版本',\n `createdAt` bigint(11) unsigned DEFAULT '0' COMMENT '创建时间',\n `updatedAt` bigint(11) unsigned DEFAULT '0' COMMENT '修改时间',\n `reason` varchar(255) DEFAULT NULL COMMENT '加入说明',\n `eventLevel` varchar(64) DEFAULT NULL COMMENT '事件级别',\n `state` tinyint(1) unsigned DEFAULT '1' COMMENT '状态',\n `expiredAt` bigint(11) unsigned DEFAULT '0' COMMENT '过期时间',\n `serverId` int(11) unsigned DEFAULT '0' COMMENT '有效范围服务ID',\n `nodeId` int(11) unsigned DEFAULT '0' COMMENT '有效范围节点ID',\n `sourceNodeId` int(11) unsigned DEFAULT '0' COMMENT '来源节点ID',\n `sourceServerId` int(11) unsigned DEFAULT '0' COMMENT '来源服务ID',\n `sourceHTTPFirewallPolicyId` int(11) unsigned DEFAULT '0' COMMENT '来源策略ID',\n `sourceHTTPFirewallRuleGroupId` int(11) unsigned DEFAULT '0' COMMENT '来源规则集分组ID',\n `sourceHTTPFirewallRuleSetId` int(11) unsigned DEFAULT '0' COMMENT '来源规则集ID',\n `sourceUserId` bigint(11) unsigned DEFAULT '0' COMMENT '用户ID',\n `isRead` tinyint(1) unsigned DEFAULT '1' COMMENT '是否已读',\n PRIMARY KEY (`id`),\n KEY `listId` (`listId`),\n KEY `ipFrom` (`ipFrom`),\n KEY `serverId` (`serverId`),\n KEY `expiredAt_state` (`expiredAt`,`state`) USING BTREE,\n KEY `isRead` (`expiredAt`,`isRead`) USING BTREE,\n KEY `createdAt` (`createdAt`),\n KEY `sourceUserId` (`sourceUserId`),\n KEY `version` (`version`)\n) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 COMMENT='IP'",
|
||||||
"fields": [
|
"fields": [
|
||||||
{
|
{
|
||||||
"name": "id",
|
"name": "id",
|
||||||
@@ -103762,11 +103766,11 @@
|
|||||||
},
|
},
|
||||||
{
|
{
|
||||||
"name": "ipFromLong",
|
"name": "ipFromLong",
|
||||||
"definition": "bigint(20) unsigned DEFAULT '0' COMMENT '开始IP整型'"
|
"definition": "bigint(20) unsigned DEFAULT '0' COMMENT '开始IP整型(弃用)'"
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
"name": "ipToLong",
|
"name": "ipToLong",
|
||||||
"definition": "bigint(20) unsigned DEFAULT '0' COMMENT '结束IP整型'"
|
"definition": "bigint(20) unsigned DEFAULT '0' COMMENT '结束IP整型(弃用)'"
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
"name": "version",
|
"name": "version",
|
||||||
@@ -109864,7 +109868,7 @@
|
|||||||
"name": "edgeNodeClusters",
|
"name": "edgeNodeClusters",
|
||||||
"engine": "InnoDB",
|
"engine": "InnoDB",
|
||||||
"charset": "utf8mb4_general_ci",
|
"charset": "utf8mb4_general_ci",
|
||||||
"definition": "CREATE TABLE `edgeNodeClusters` (\n `id` int(11) unsigned NOT NULL AUTO_INCREMENT COMMENT 'ID',\n `adminId` int(11) unsigned DEFAULT '0' COMMENT '管理员ID',\n `userId` int(11) unsigned DEFAULT '0' COMMENT '用户ID',\n `isOn` tinyint(1) unsigned DEFAULT '1' COMMENT '是否启用',\n `name` varchar(255) DEFAULT NULL COMMENT '名称',\n `useAllAPINodes` tinyint(1) unsigned DEFAULT '1' COMMENT '是否使用所有API节点',\n `apiNodes` json DEFAULT NULL COMMENT '使用的API节点',\n `installDir` varchar(512) DEFAULT NULL COMMENT '安装目录',\n `order` int(11) unsigned DEFAULT '0' COMMENT '排序',\n `createdAt` bigint(11) unsigned DEFAULT '0' COMMENT '创建时间',\n `grantId` int(11) unsigned DEFAULT '0' COMMENT '默认认证方式',\n `sshParams` json DEFAULT NULL COMMENT 'SSH默认参数',\n `state` tinyint(1) unsigned DEFAULT '1' COMMENT '状态',\n `autoRegister` tinyint(1) unsigned DEFAULT '1' COMMENT '是否开启自动注册',\n `uniqueId` varchar(32) DEFAULT NULL COMMENT '唯一ID',\n `secret` varchar(32) DEFAULT NULL COMMENT '密钥',\n `healthCheck` json DEFAULT NULL COMMENT '健康检查',\n `dnsName` varchar(255) DEFAULT NULL COMMENT 'DNS名称',\n `dnsDomainId` int(11) unsigned DEFAULT '0' COMMENT '域名ID',\n `dns` json DEFAULT NULL COMMENT 'DNS配置',\n `toa` json DEFAULT NULL COMMENT 'TOA配置',\n `cachePolicyId` int(11) unsigned DEFAULT '0' COMMENT '缓存策略ID',\n `httpFirewallPolicyId` int(11) unsigned DEFAULT '0' COMMENT 'WAF策略ID',\n `accessLog` json DEFAULT NULL COMMENT '访问日志设置',\n `systemServices` json DEFAULT NULL COMMENT '系统服务设置',\n `timeZone` varchar(64) DEFAULT NULL COMMENT '时区',\n `nodeMaxThreads` int(11) unsigned DEFAULT '0' COMMENT '节点最大线程数',\n `ddosProtection` json DEFAULT NULL COMMENT 'DDoS防护设置',\n `autoOpenPorts` tinyint(1) unsigned DEFAULT '1' COMMENT '是否自动尝试开放端口',\n `isPinned` tinyint(1) unsigned DEFAULT '0' COMMENT '是否置顶',\n `webp` json DEFAULT NULL COMMENT 'WebP设置',\n `uam` json DEFAULT NULL COMMENT 'UAM设置',\n `clock` json DEFAULT NULL COMMENT '时钟配置',\n `globalServerConfig` json DEFAULT NULL COMMENT '全局服务配置',\n `autoRemoteStart` tinyint(1) unsigned DEFAULT '1' COMMENT '自动远程启动',\n `autoInstallNftables` tinyint(1) unsigned DEFAULT '0' COMMENT '自动安装nftables',\n `isAD` tinyint(1) unsigned DEFAULT '0' COMMENT '是否为高防集群',\n `httpPages` json DEFAULT NULL COMMENT '自定义页面设置',\n `cc` json DEFAULT NULL COMMENT 'CC设置',\n `http3` json DEFAULT NULL COMMENT 'HTTP3设置',\n `autoSystemTuning` tinyint(1) unsigned DEFAULT '1' COMMENT '是否自动调整系统参数',\n `networkSecurity` json DEFAULT NULL COMMENT '网络安全策略',\n PRIMARY KEY (`id`),\n KEY `uniqueId` (`uniqueId`),\n KEY `grantId` (`grantId`),\n KEY `dnsDomainId` (`dnsDomainId`),\n KEY `cachePolicyId` (`cachePolicyId`),\n KEY `httpFirewallPolicyId` (`httpFirewallPolicyId`)\n) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 COMMENT='节点集群'",
|
"definition": "CREATE TABLE `edgeNodeClusters` (\n `id` int(11) unsigned NOT NULL AUTO_INCREMENT COMMENT 'ID',\n `adminId` int(11) unsigned DEFAULT '0' COMMENT '管理员ID',\n `userId` int(11) unsigned DEFAULT '0' COMMENT '用户ID',\n `isOn` tinyint(1) unsigned DEFAULT '1' COMMENT '是否启用',\n `name` varchar(255) DEFAULT NULL COMMENT '名称',\n `useAllAPINodes` tinyint(1) unsigned DEFAULT '1' COMMENT '是否使用所有API节点',\n `apiNodes` json DEFAULT NULL COMMENT '使用的API节点',\n `installDir` varchar(512) DEFAULT NULL COMMENT '安装目录',\n `order` int(11) unsigned DEFAULT '0' COMMENT '排序',\n `createdAt` bigint(11) unsigned DEFAULT '0' COMMENT '创建时间',\n `grantId` int(11) unsigned DEFAULT '0' COMMENT '默认认证方式',\n `sshParams` json DEFAULT NULL COMMENT 'SSH默认参数',\n `state` tinyint(1) unsigned DEFAULT '1' COMMENT '状态',\n `autoRegister` tinyint(1) unsigned DEFAULT '1' COMMENT '是否开启自动注册',\n `uniqueId` varchar(32) DEFAULT NULL COMMENT '唯一ID',\n `secret` varchar(32) DEFAULT NULL COMMENT '密钥',\n `healthCheck` json DEFAULT NULL COMMENT '健康检查',\n `dnsName` varchar(255) DEFAULT NULL COMMENT 'DNS名称',\n `dnsDomainId` int(11) unsigned DEFAULT '0' COMMENT '域名ID',\n `dns` json DEFAULT NULL COMMENT 'DNS配置',\n `toa` json DEFAULT NULL COMMENT 'TOA配置',\n `cachePolicyId` int(11) unsigned DEFAULT '0' COMMENT '缓存策略ID',\n `httpFirewallPolicyId` int(11) unsigned DEFAULT '0' COMMENT 'WAF策略ID',\n `accessLog` json DEFAULT NULL COMMENT '访问日志设置',\n `systemServices` json DEFAULT NULL COMMENT '系统服务设置',\n `timeZone` varchar(64) DEFAULT NULL COMMENT '时区',\n `nodeMaxThreads` int(11) unsigned DEFAULT '0' COMMENT '节点最大线程数',\n `ddosProtection` json DEFAULT NULL COMMENT 'DDoS防护设置',\n `autoOpenPorts` tinyint(1) unsigned DEFAULT '1' COMMENT '是否自动尝试开放端口',\n `isPinned` tinyint(1) unsigned DEFAULT '0' COMMENT '是否置顶',\n `webp` json DEFAULT NULL COMMENT 'WebP设置',\n `uam` json DEFAULT NULL COMMENT 'UAM设置',\n `clock` json DEFAULT NULL COMMENT '时钟配置',\n `globalServerConfig` json DEFAULT NULL COMMENT '全局服务配置',\n `autoRemoteStart` tinyint(1) unsigned DEFAULT '1' COMMENT '自动远程启动',\n `autoInstallNftables` tinyint(1) unsigned DEFAULT '0' COMMENT '自动安装nftables',\n `isAD` tinyint(1) unsigned DEFAULT '0' COMMENT '是否为高防集群',\n `httpPages` json DEFAULT NULL COMMENT '自定义页面设置',\n `cc` json DEFAULT NULL COMMENT 'CC设置',\n `http3` json DEFAULT NULL COMMENT 'HTTP3设置',\n `autoSystemTuning` tinyint(1) unsigned DEFAULT '1' COMMENT '是否自动调整系统参数',\n `networkSecurity` json DEFAULT NULL COMMENT '网络安全策略',\n `autoTrimDisks` tinyint(1) unsigned DEFAULT '1' COMMENT '是否自动执行TRIM',\n PRIMARY KEY (`id`),\n KEY `uniqueId` (`uniqueId`),\n KEY `grantId` (`grantId`),\n KEY `dnsDomainId` (`dnsDomainId`),\n KEY `cachePolicyId` (`cachePolicyId`),\n KEY `httpFirewallPolicyId` (`httpFirewallPolicyId`)\n) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 COMMENT='节点集群'",
|
||||||
"fields": [
|
"fields": [
|
||||||
{
|
{
|
||||||
"name": "id",
|
"name": "id",
|
||||||
@@ -110033,6 +110037,10 @@
|
|||||||
{
|
{
|
||||||
"name": "networkSecurity",
|
"name": "networkSecurity",
|
||||||
"definition": "json COMMENT '网络安全策略'"
|
"definition": "json COMMENT '网络安全策略'"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"name": "autoTrimDisks",
|
||||||
|
"definition": "tinyint(1) unsigned DEFAULT '1' COMMENT '是否自动执行TRIM'"
|
||||||
}
|
}
|
||||||
],
|
],
|
||||||
"indexes": [
|
"indexes": [
|
||||||
|
|||||||
@@ -513,7 +513,7 @@ func upgradeV0_3_7(db *dbs.DB) error {
|
|||||||
// v0.4.0
|
// v0.4.0
|
||||||
func upgradeV0_4_0(db *dbs.DB) error {
|
func upgradeV0_4_0(db *dbs.DB) error {
|
||||||
// 升级SYN Flood配置
|
// 升级SYN Flood配置
|
||||||
synFloodJSON, err := json.Marshal(firewallconfigs.DefaultSYNFloodConfig())
|
synFloodJSON, err := json.Marshal(firewallconfigs.NewSYNFloodConfig())
|
||||||
if err == nil {
|
if err == nil {
|
||||||
_, err := db.Exec("UPDATE edgeHTTPFirewallPolicies SET synFlood=? WHERE synFlood IS NULL AND state=1", string(synFloodJSON))
|
_, err := db.Exec("UPDATE edgeHTTPFirewallPolicies SET synFlood=? WHERE synFlood IS NULL AND state=1", string(synFloodJSON))
|
||||||
if err != nil {
|
if err != nil {
|
||||||
|
|||||||
Reference in New Issue
Block a user