TRKJ/EdgeAPI
2
0
Fork 0
mirror of https://github.com/TeaOSLab/EdgeAPI.git synced 2025-11-07 02:20:24 +08:00
Code Issues Packages Projects Releases Wiki Activity

WAF策略增加是否使用本地防火墙设置

Browse Source
This commit is contained in:
GoEdgeLab
2022-01-09 17:05:36 +08:00
parent 43e33c772c
commit e23cb9e516
3 changed files with 52 additions and 46 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
internal/db/models/http_firewall_policy_dao.go
View File

@@ -249,7 +249,7 @@ func (this *HTTPFirewallPolicyDAO) UpdateFirewallPolicyInbound(tx *dbs.Tx, polic
}
// UpdateFirewallPolicy 修改策略
func (this *HTTPFirewallPolicyDAO) UpdateFirewallPolicy(tx *dbs.Tx, policyId int64, isOn bool, name string, description string, inboundJSON []byte, outboundJSON []byte, blockOptionsJSON []byte, mode firewallconfigs.FirewallMode) error {
func (this *HTTPFirewallPolicyDAO) UpdateFirewallPolicy(tx *dbs.Tx, policyId int64, isOn bool, name string, description string, inboundJSON []byte, outboundJSON []byte, blockOptionsJSON []byte, mode firewallconfigs.FirewallMode, useLocalFirewall bool) error {
if policyId <= 0 {
return errors.New("invalid policyId")
}
@@ -272,6 +272,7 @@ func (this *HTTPFirewallPolicyDAO) UpdateFirewallPolicy(tx *dbs.Tx, policyId int
if len(blockOptionsJSON) > 0 {
op.BlockOptions = blockOptionsJSON
}
op.UseLocalFirewall = useLocalFirewall
err := this.Save(tx, op)
if err != nil {
return err
@@ -339,6 +340,7 @@ func (this *HTTPFirewallPolicyDAO) ComposeFirewallPolicy(tx *dbs.Tx, policyId in
config.IsOn = policy.IsOn == 1
config.Name = policy.Name
config.Description = policy.Description
config.UseLocalFirewall = policy.UseLocalFirewall == 1
if len(policy.Mode) == 0 {
policy.Mode = firewallconfigs.FirewallModeDefend

62
internal/db/models/http_firewall_policy_model.go
View File

@@ -2,39 +2,41 @@ package models
// HTTPFirewallPolicy HTTP防火墙
type HTTPFirewallPolicy struct {
Id uint32 `field:"id"` // ID
TemplateId uint32 `field:"templateId"` // 模版ID
AdminId uint32 `field:"adminId"` // 管理员ID
UserId uint32 `field:"userId"` // 用户ID
ServerId uint32 `field:"serverId"` // 服务ID
GroupId uint32 `field:"groupId"` // 服务分组ID
State uint8 `field:"state"` // 状态
CreatedAt uint64 `field:"createdAt"` // 创建时间
IsOn uint8 `field:"isOn"` // 是否启用
Name string `field:"name"` // 名称
Description string `field:"description"` // 描述
Inbound string `field:"inbound"` // 入站规则
Outbound string `field:"outbound"` // 出站规则
BlockOptions string `field:"blockOptions"` // BLOCK选项
Mode string `field:"mode"` // 模式
Id uint32 `field:"id"` // ID
TemplateId uint32 `field:"templateId"` // 模版ID
AdminId uint32 `field:"adminId"` // 管理员ID
UserId uint32 `field:"userId"` // 用户ID
ServerId uint32 `field:"serverId"` // 服务ID
GroupId uint32 `field:"groupId"` // 服务分组ID
State uint8 `field:"state"` // 状态
CreatedAt uint64 `field:"createdAt"` // 创建时间
IsOn uint8 `field:"isOn"` // 是否启用
Name string `field:"name"` // 名称
Description string `field:"description"` // 描述
Inbound string `field:"inbound"` // 入站规则
Outbound string `field:"outbound"` // 出站规则
BlockOptions string `field:"blockOptions"` // BLOCK选项
Mode string `field:"mode"` // 模式
UseLocalFirewall uint8 `field:"useLocalFirewall"` // 是否自动使用本地防火墙
}
type HTTPFirewallPolicyOperator struct {
Id interface{} // ID
TemplateId interface{} // 模版ID
AdminId interface{} // 管理员ID
UserId interface{} // 用户ID
ServerId interface{} // 服务ID
GroupId interface{} // 服务分组ID
State interface{} // 状态
CreatedAt interface{} // 创建时间
IsOn interface{} // 是否启用
Name interface{} // 名称
Description interface{} // 描述
Inbound interface{} // 入站规则
Outbound interface{} // 出站规则
BlockOptions interface{} // BLOCK选项
Mode interface{} // 模式
Id interface{} // ID
TemplateId interface{} // 模版ID
AdminId interface{} // 管理员ID
UserId interface{} // 用户ID
ServerId interface{} // 服务ID
GroupId interface{} // 服务分组ID
State interface{} // 状态
CreatedAt interface{} // 创建时间
IsOn interface{} // 是否启用
Name interface{} // 名称
Description interface{} // 描述
Inbound interface{} // 入站规则
Outbound interface{} // 出站规则
BlockOptions interface{} // BLOCK选项
Mode interface{} // 模式
UseLocalFirewall interface{} // 是否自动使用本地防火墙
}
func NewHTTPFirewallPolicyOperator() *HTTPFirewallPolicyOperator {

32
internal/rpc/services/service_http_firewall_policy.go
View File

@@ -37,13 +37,14 @@ func (this *HTTPFirewallPolicyService) FindAllEnabledHTTPFirewallPolicies(ctx co
result := []*pb.HTTPFirewallPolicy{}
for _, p := range policies {
result = append(result, &pb.HTTPFirewallPolicy{
Id: int64(p.Id),
Name: p.Name,
Description: p.Description,
IsOn: p.IsOn == 1,
InboundJSON: []byte(p.Inbound),
OutboundJSON: []byte(p.Outbound),
Mode: p.Mode,
Id: int64(p.Id),
Name: p.Name,
Description: p.Description,
IsOn: p.IsOn == 1,
InboundJSON: []byte(p.Inbound),
OutboundJSON: []byte(p.Outbound),
Mode: p.Mode,
UseLocalFirewall: p.UseLocalFirewall == 1,
})
}
@@ -284,7 +285,7 @@ func (this *HTTPFirewallPolicyService) UpdateHTTPFirewallPolicy(ctx context.Cont
return nil, err
}
err = models.SharedHTTPFirewallPolicyDAO.UpdateFirewallPolicy(tx, req.HttpFirewallPolicyId, req.IsOn, req.Name, req.Description, inboundConfigJSON, outboundConfigJSON, req.BlockOptionsJSON, req.Mode)
err = models.SharedHTTPFirewallPolicyDAO.UpdateFirewallPolicy(tx, req.HttpFirewallPolicyId, req.IsOn, req.Name, req.Description, inboundConfigJSON, outboundConfigJSON, req.BlockOptionsJSON, req.Mode, req.UseLocalFirewall)
if err != nil {
return nil, err
}
@@ -377,13 +378,14 @@ func (this *HTTPFirewallPolicyService) ListEnabledHTTPFirewallPolicies(ctx conte
result := []*pb.HTTPFirewallPolicy{}
for _, p := range policies {
result = append(result, &pb.HTTPFirewallPolicy{
Id: int64(p.Id),
Name: p.Name,
Description: p.Description,
IsOn: p.IsOn == 1,
InboundJSON: []byte(p.Inbound),
OutboundJSON: []byte(p.Outbound),
Mode: p.Mode,
Id: int64(p.Id),
Name: p.Name,
Description: p.Description,
IsOn: p.IsOn == 1,
InboundJSON: []byte(p.Inbound),
OutboundJSON: []byte(p.Outbound),
Mode: p.Mode,
UseLocalFirewall: p.UseLocalFirewall == 1,
})
}