WAF策略可以自定义默认的区域/省份封禁提示

2025-12-31 02:26:35 +08:00 · 2023-08-10 10:30:50 +08:00
parent 549fca93e6
commit f5450e37be
4 changed files with 23 additions and 3 deletions
--- a/internal/db/models/http_firewall_policy_dao.go
+++ b/internal/db/models/http_firewall_policy_dao.go
@@ -293,7 +293,9 @@ func (this *HTTPFirewallPolicyDAO) UpdateFirewallPolicy(tx *dbs.Tx,
 	useLocalFirewall bool,
 	synFloodConfig *firewallconfigs.SYNFloodConfig,
 	logConfig *firewallconfigs.HTTPFirewallPolicyLogConfig,
-	maxRequestBodySize int64) error {
+	maxRequestBodySize int64,
+	denyCountryHTML string,
+	denyProvinceHTML string) error {
 	if policyId <= 0 {
 		return errors.New("invalid policyId")
 	}
@@ -342,6 +344,8 @@ func (this *HTTPFirewallPolicyDAO) UpdateFirewallPolicy(tx *dbs.Tx,

 	op.UseLocalFirewall = useLocalFirewall
 	op.MaxRequestBodySize = maxRequestBodySize
+	op.DenyCountryHTML = denyCountryHTML
+	op.DenyProvinceHTML = denyProvinceHTML

 	err := this.Save(tx, op)
 	if err != nil {
@@ -420,6 +424,8 @@ func (this *HTTPFirewallPolicyDAO) ComposeFirewallPolicy(tx *dbs.Tx, policyId in
 	config.Description = policy.Description
 	config.UseLocalFirewall = policy.UseLocalFirewall == 1
 	config.MaxRequestBodySize = int64(policy.MaxRequestBodySize)
+	config.DenyCountryHTML = policy.DenyCountryHTML
+	config.DenyProvinceHTML = policy.DenyProvinceHTML

 	if len(policy.Mode) == 0 {
 		policy.Mode = firewallconfigs.FirewallModeDefend
--- a/internal/db/models/http_firewall_policy_model.go
+++ b/internal/db/models/http_firewall_policy_model.go
@@ -23,6 +23,8 @@ const (
 	HTTPFirewallPolicyField_SynFlood           dbs.FieldName = "synFlood"           // SynFlood防御设置
 	HTTPFirewallPolicyField_Log                dbs.FieldName = "log"                // 日志配置
 	HTTPFirewallPolicyField_MaxRequestBodySize dbs.FieldName = "maxRequestBodySize" // 可以检查的最大请求内容尺寸
+	HTTPFirewallPolicyField_DenyCountryHTML    dbs.FieldName = "denyCountryHTML"    // 区域封禁提示
+	HTTPFirewallPolicyField_DenyProvinceHTML   dbs.FieldName = "denyProvinceHTML"   // 省份封禁提示
 )

 // HTTPFirewallPolicy HTTP防火墙
@@ -47,6 +49,8 @@ type HTTPFirewallPolicy struct {
 	SynFlood           dbs.JSON `field:"synFlood"`           // SynFlood防御设置
 	Log                dbs.JSON `field:"log"`                // 日志配置
 	MaxRequestBodySize uint32   `field:"maxRequestBodySize"` // 可以检查的最大请求内容尺寸
+	DenyCountryHTML    string   `field:"denyCountryHTML"`    // 区域封禁提示
+	DenyProvinceHTML   string   `field:"denyProvinceHTML"`   // 省份封禁提示
 }

 type HTTPFirewallPolicyOperator struct {
@@ -70,6 +74,8 @@ type HTTPFirewallPolicyOperator struct {
 	SynFlood           any // SynFlood防御设置
 	Log                any // 日志配置
 	MaxRequestBodySize any // 可以检查的最大请求内容尺寸
+	DenyCountryHTML    any // 区域封禁提示
+	DenyProvinceHTML   any // 省份封禁提示
 }

 func NewHTTPFirewallPolicyOperator() *HTTPFirewallPolicyOperator {