mirror of
https://github.com/TeaOSLab/EdgeAPI.git
synced 2025-11-07 10:40:25 +08:00
新创建WAF时增加默认选项
This commit is contained in:
GoEdgeLab
@@ -117,7 +117,7 @@ func (this *HTTPFirewallPolicyDAO) FindAllEnabledFirewallPolicies(tx *dbs.Tx) (r
|
|||||||
|
|
||||||
// CreateFirewallPolicy 创建策略
|
// CreateFirewallPolicy 创建策略
|
||||||
func (this *HTTPFirewallPolicyDAO) CreateFirewallPolicy(tx *dbs.Tx, userId int64, serverGroupId int64, serverId int64, isOn bool, name string, description string, inboundJSON []byte, outboundJSON []byte) (int64, error) {
|
func (this *HTTPFirewallPolicyDAO) CreateFirewallPolicy(tx *dbs.Tx, userId int64, serverGroupId int64, serverId int64, isOn bool, name string, description string, inboundJSON []byte, outboundJSON []byte) (int64, error) {
|
||||||
op := NewHTTPFirewallPolicyOperator()
|
var op = NewHTTPFirewallPolicyOperator()
|
||||||
op.UserId = userId
|
op.UserId = userId
|
||||||
op.GroupId = serverGroupId
|
op.GroupId = serverGroupId
|
||||||
op.ServerId = serverId
|
op.ServerId = serverId
|
||||||
@@ -131,14 +131,31 @@ func (this *HTTPFirewallPolicyDAO) CreateFirewallPolicy(tx *dbs.Tx, userId int64
|
|||||||
if len(outboundJSON) > 0 {
|
if len(outboundJSON) > 0 {
|
||||||
op.Outbound = outboundJSON
|
op.Outbound = outboundJSON
|
||||||
}
|
}
|
||||||
op.UseLocalFirewall = true
|
|
||||||
|
|
||||||
{
|
if userId <= 0 && serverGroupId <=0 && serverId <= 0 {
|
||||||
synFloodJSON, err := json.Marshal(firewallconfigs.DefaultSYNFloodConfig())
|
// synFlood
|
||||||
|
var synFloodConfig = firewallconfigs.DefaultSYNFloodConfig()
|
||||||
|
synFloodJSON, err := json.Marshal(synFloodConfig)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return 0, err
|
return 0, err
|
||||||
}
|
}
|
||||||
op.SynFlood = synFloodJSON
|
op.SynFlood = synFloodJSON
|
||||||
|
|
||||||
|
// block options
|
||||||
|
var blockOptions = firewallconfigs.DefaultHTTPFirewallBlockAction()
|
||||||
|
blockOptionsJSON, err := json.Marshal(blockOptions)
|
||||||
|
if err != nil {
|
||||||
|
return 0, err
|
||||||
|
}
|
||||||
|
op.BlockOptions = blockOptionsJSON
|
||||||
|
|
||||||
|
// captcha options
|
||||||
|
var captchaOptions = firewallconfigs.DefaultHTTPFirewallCaptchaAction()
|
||||||
|
captchaOptionsJSON, err := json.Marshal(captchaOptions)
|
||||||
|
if err != nil {
|
||||||
|
return 0, err
|
||||||
|
}
|
||||||
|
op.CaptchaOptions = captchaOptionsJSON
|
||||||
}
|
}
|
||||||
|
|
||||||
err := this.Save(tx, op)
|
err := this.Save(tx, op)
|
||||||
@@ -160,8 +177,8 @@ func (this *HTTPFirewallPolicyDAO) CreateDefaultFirewallPolicy(tx *dbs.Tx, name
|
|||||||
groupCodes = append(groupCodes, group.Code)
|
groupCodes = append(groupCodes, group.Code)
|
||||||
}
|
}
|
||||||
|
|
||||||
inboundConfig := &firewallconfigs.HTTPFirewallInboundConfig{IsOn: true}
|
var inboundConfig = &firewallconfigs.HTTPFirewallInboundConfig{IsOn: true}
|
||||||
outboundConfig := &firewallconfigs.HTTPFirewallOutboundConfig{IsOn: true}
|
var outboundConfig = &firewallconfigs.HTTPFirewallOutboundConfig{IsOn: true}
|
||||||
if templatePolicy.Inbound != nil {
|
if templatePolicy.Inbound != nil {
|
||||||
for _, group := range templatePolicy.Inbound.Groups {
|
for _, group := range templatePolicy.Inbound.Groups {
|
||||||
isOn := lists.ContainsString(groupCodes, group.Code)
|
isOn := lists.ContainsString(groupCodes, group.Code)
|
||||||
@@ -207,6 +224,7 @@ func (this *HTTPFirewallPolicyDAO) CreateDefaultFirewallPolicy(tx *dbs.Tx, name
|
|||||||
if err != nil {
|
if err != nil {
|
||||||
return 0, err
|
return 0, err
|
||||||
}
|
}
|
||||||
|
|
||||||
return policyId, nil
|
return policyId, nil
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|||||||
Reference in New Issue
Block a user