WAF策略增加是否使用本地防火墙设置

2025-11-04 16:00:24 +08:00 · 2022-01-09 17:05:36 +08:00
parent 43e33c772c
commit e23cb9e516
3 changed files with 52 additions and 46 deletions
--- a/internal/db/models/http_firewall_policy_dao.go
+++ b/internal/db/models/http_firewall_policy_dao.go
@@ -249,7 +249,7 @@ func (this *HTTPFirewallPolicyDAO) UpdateFirewallPolicyInbound(tx *dbs.Tx, polic
 }

 // UpdateFirewallPolicy 修改策略
-func (this *HTTPFirewallPolicyDAO) UpdateFirewallPolicy(tx *dbs.Tx, policyId int64, isOn bool, name string, description string, inboundJSON []byte, outboundJSON []byte, blockOptionsJSON []byte, mode firewallconfigs.FirewallMode) error {
+func (this *HTTPFirewallPolicyDAO) UpdateFirewallPolicy(tx *dbs.Tx, policyId int64, isOn bool, name string, description string, inboundJSON []byte, outboundJSON []byte, blockOptionsJSON []byte, mode firewallconfigs.FirewallMode, useLocalFirewall bool) error {
 	if policyId <= 0 {
 		return errors.New("invalid policyId")
 	}
@@ -272,6 +272,7 @@ func (this *HTTPFirewallPolicyDAO) UpdateFirewallPolicy(tx *dbs.Tx, policyId int
 	if len(blockOptionsJSON) > 0 {
 		op.BlockOptions = blockOptionsJSON
 	}
+	op.UseLocalFirewall = useLocalFirewall
 	err := this.Save(tx, op)
 	if err != nil {
 		return err
@@ -339,6 +340,7 @@ func (this *HTTPFirewallPolicyDAO) ComposeFirewallPolicy(tx *dbs.Tx, policyId in
 	config.IsOn = policy.IsOn == 1
 	config.Name = policy.Name
 	config.Description = policy.Description
+	config.UseLocalFirewall = policy.UseLocalFirewall == 1

 	if len(policy.Mode) == 0 {
 		policy.Mode = firewallconfigs.FirewallModeDefend
--- a/internal/db/models/http_firewall_policy_model.go
+++ b/internal/db/models/http_firewall_policy_model.go
@@ -17,6 +17,7 @@ type HTTPFirewallPolicy struct {
 	Outbound         string `field:"outbound"`         // 出站规则
 	BlockOptions     string `field:"blockOptions"`     // BLOCK选项
 	Mode             string `field:"mode"`             // 模式
+	UseLocalFirewall uint8  `field:"useLocalFirewall"` // 是否自动使用本地防火墙
 }

 type HTTPFirewallPolicyOperator struct {
@@ -35,6 +36,7 @@ type HTTPFirewallPolicyOperator struct {
 	Outbound         interface{} // 出站规则
 	BlockOptions     interface{} // BLOCK选项
 	Mode             interface{} // 模式
+	UseLocalFirewall interface{} // 是否自动使用本地防火墙
 }

 func NewHTTPFirewallPolicyOperator() *HTTPFirewallPolicyOperator {
--- a/internal/rpc/services/service_http_firewall_policy.go
+++ b/internal/rpc/services/service_http_firewall_policy.go
@@ -44,6 +44,7 @@ func (this *HTTPFirewallPolicyService) FindAllEnabledHTTPFirewallPolicies(ctx co
 			InboundJSON:      []byte(p.Inbound),
 			OutboundJSON:     []byte(p.Outbound),
 			Mode:             p.Mode,
+			UseLocalFirewall: p.UseLocalFirewall == 1,
 		})
 	}

@@ -284,7 +285,7 @@ func (this *HTTPFirewallPolicyService) UpdateHTTPFirewallPolicy(ctx context.Cont
 		return nil, err
 	}

-	err = models.SharedHTTPFirewallPolicyDAO.UpdateFirewallPolicy(tx, req.HttpFirewallPolicyId, req.IsOn, req.Name, req.Description, inboundConfigJSON, outboundConfigJSON, req.BlockOptionsJSON, req.Mode)
+	err = models.SharedHTTPFirewallPolicyDAO.UpdateFirewallPolicy(tx, req.HttpFirewallPolicyId, req.IsOn, req.Name, req.Description, inboundConfigJSON, outboundConfigJSON, req.BlockOptionsJSON, req.Mode, req.UseLocalFirewall)
 	if err != nil {
 		return nil, err
 	}
@@ -384,6 +385,7 @@ func (this *HTTPFirewallPolicyService) ListEnabledHTTPFirewallPolicies(ctx conte
 			InboundJSON:      []byte(p.Inbound),
 			OutboundJSON:     []byte(p.Outbound),
 			Mode:             p.Mode,
+			UseLocalFirewall: p.UseLocalFirewall == 1,
 		})
 	}