diff --git a/internal/db/models/http_firewall_policy_dao.go b/internal/db/models/http_firewall_policy_dao.go index 2779e7e8..149db490 100644 --- a/internal/db/models/http_firewall_policy_dao.go +++ b/internal/db/models/http_firewall_policy_dao.go @@ -134,7 +134,7 @@ func (this *HTTPFirewallPolicyDAO) CreateFirewallPolicy(tx *dbs.Tx, userId int64 if userId <= 0 && serverGroupId <= 0 && serverId <= 0 { // synFlood - var synFloodConfig = firewallconfigs.DefaultSYNFloodConfig() + var synFloodConfig = firewallconfigs.NewSYNFloodConfig() synFloodJSON, err := json.Marshal(synFloodConfig) if err != nil { return 0, err @@ -142,7 +142,7 @@ func (this *HTTPFirewallPolicyDAO) CreateFirewallPolicy(tx *dbs.Tx, userId int64 op.SynFlood = synFloodJSON // block options - var blockOptions = firewallconfigs.DefaultHTTPFirewallBlockAction() + var blockOptions = firewallconfigs.NewHTTPFirewallBlockAction() blockOptionsJSON, err := json.Marshal(blockOptions) if err != nil { return 0, err @@ -150,7 +150,7 @@ func (this *HTTPFirewallPolicyDAO) CreateFirewallPolicy(tx *dbs.Tx, userId int64 op.BlockOptions = blockOptionsJSON // page options - var pageOptions = firewallconfigs.DefaultHTTPFirewallPageAction() + var pageOptions = firewallconfigs.NewHTTPFirewallPageAction() pageOptionsJSON, err := json.Marshal(pageOptions) if err != nil { return 0, err @@ -158,12 +158,20 @@ func (this *HTTPFirewallPolicyDAO) CreateFirewallPolicy(tx *dbs.Tx, userId int64 op.PageOptions = pageOptionsJSON // captcha options - var captchaOptions = firewallconfigs.DefaultHTTPFirewallCaptchaAction() + var captchaOptions = firewallconfigs.NewHTTPFirewallCaptchaAction() captchaOptionsJSON, err := json.Marshal(captchaOptions) if err != nil { return 0, err } op.CaptchaOptions = captchaOptionsJSON + + // jscookie options + var jsCookieOptions = firewallconfigs.NewHTTPFirewallJavascriptCookieAction() + jsCookieOptionsJSON, err := json.Marshal(jsCookieOptions) + if err != nil { + return 0, err + } + op.JsCookieOptions = jsCookieOptionsJSON } err := this.Save(tx, op) @@ -323,6 +331,7 @@ func (this *HTTPFirewallPolicyDAO) UpdateFirewallPolicy(tx *dbs.Tx, blockOptionsJSON []byte, pageOptionsJSON []byte, captchaOptionsJSON []byte, + jsCookieOptionsJSON []byte, mode firewallconfigs.FirewallMode, useLocalFirewall bool, synFloodConfig *firewallconfigs.SYNFloodConfig, @@ -358,6 +367,9 @@ func (this *HTTPFirewallPolicyDAO) UpdateFirewallPolicy(tx *dbs.Tx, if IsNotNull(captchaOptionsJSON) { op.CaptchaOptions = captchaOptionsJSON } + if IsNotNull(jsCookieOptionsJSON) { + op.JsCookieOptions = jsCookieOptionsJSON + } if synFloodConfig != nil { synFloodConfigJSON, err := json.Marshal(synFloodConfig) @@ -528,7 +540,7 @@ func (this *HTTPFirewallPolicyDAO) ComposeFirewallPolicy(tx *dbs.Tx, policyId in // Block动作配置 if IsNotNull(policy.BlockOptions) { - var blockAction = &firewallconfigs.HTTPFirewallBlockAction{} + var blockAction = firewallconfigs.NewHTTPFirewallBlockAction() err = json.Unmarshal(policy.BlockOptions, blockAction) if err != nil { return config, err @@ -538,7 +550,7 @@ func (this *HTTPFirewallPolicyDAO) ComposeFirewallPolicy(tx *dbs.Tx, policyId in // Page动作配置 if IsNotNull(policy.PageOptions) { - var pageAction = firewallconfigs.DefaultHTTPFirewallPageAction() + var pageAction = firewallconfigs.NewHTTPFirewallPageAction() err = json.Unmarshal(policy.PageOptions, pageAction) if err != nil { return config, err @@ -548,7 +560,7 @@ func (this *HTTPFirewallPolicyDAO) ComposeFirewallPolicy(tx *dbs.Tx, policyId in // Captcha动作配置 if IsNotNull(policy.CaptchaOptions) { - var captchaAction = &firewallconfigs.HTTPFirewallCaptchaAction{} + var captchaAction = firewallconfigs.NewHTTPFirewallCaptchaAction() err = json.Unmarshal(policy.CaptchaOptions, captchaAction) if err != nil { return config, err @@ -556,6 +568,16 @@ func (this *HTTPFirewallPolicyDAO) ComposeFirewallPolicy(tx *dbs.Tx, policyId in config.CaptchaOptions = captchaAction } + // JSCookie动作配置 + if IsNotNull(policy.JsCookieOptions) { + var jsCookieAction = firewallconfigs.NewHTTPFirewallJavascriptCookieAction() + err = json.Unmarshal(policy.JsCookieOptions, jsCookieAction) + if err != nil { + return config, err + } + config.JSCookieOptions = jsCookieAction + } + // syn flood if IsNotNull(policy.SynFlood) { var synFloodConfig = &firewallconfigs.SYNFloodConfig{} diff --git a/internal/db/models/http_firewall_policy_model.go b/internal/db/models/http_firewall_policy_model.go index f1d20979..d10fae1e 100644 --- a/internal/db/models/http_firewall_policy_model.go +++ b/internal/db/models/http_firewall_policy_model.go @@ -19,6 +19,7 @@ const ( HTTPFirewallPolicyField_BlockOptions dbs.FieldName = "blockOptions" // BLOCK动作选项 HTTPFirewallPolicyField_PageOptions dbs.FieldName = "pageOptions" // PAGE动作选项 HTTPFirewallPolicyField_CaptchaOptions dbs.FieldName = "captchaOptions" // 验证码动作选项 + HTTPFirewallPolicyField_JsCookieOptions dbs.FieldName = "jsCookieOptions" // JSCookie动作选项 HTTPFirewallPolicyField_Mode dbs.FieldName = "mode" // 模式 HTTPFirewallPolicyField_UseLocalFirewall dbs.FieldName = "useLocalFirewall" // 是否自动使用本地防火墙 HTTPFirewallPolicyField_SynFlood dbs.FieldName = "synFlood" // SynFlood防御设置 @@ -46,6 +47,7 @@ type HTTPFirewallPolicy struct { BlockOptions dbs.JSON `field:"blockOptions"` // BLOCK动作选项 PageOptions dbs.JSON `field:"pageOptions"` // PAGE动作选项 CaptchaOptions dbs.JSON `field:"captchaOptions"` // 验证码动作选项 + JsCookieOptions dbs.JSON `field:"jsCookieOptions"` // JSCookie动作选项 Mode string `field:"mode"` // 模式 UseLocalFirewall uint8 `field:"useLocalFirewall"` // 是否自动使用本地防火墙 SynFlood dbs.JSON `field:"synFlood"` // SynFlood防御设置 @@ -72,6 +74,7 @@ type HTTPFirewallPolicyOperator struct { BlockOptions any // BLOCK动作选项 PageOptions any // PAGE动作选项 CaptchaOptions any // 验证码动作选项 + JsCookieOptions any // JSCookie动作选项 Mode any // 模式 UseLocalFirewall any // 是否自动使用本地防火墙 SynFlood any // SynFlood防御设置 diff --git a/internal/rpc/services/service_http_firewall_policy.go b/internal/rpc/services/service_http_firewall_policy.go index f3d5c184..ab5e0cd2 100644 --- a/internal/rpc/services/service_http_firewall_policy.go +++ b/internal/rpc/services/service_http_firewall_policy.go @@ -304,7 +304,7 @@ func (this *HTTPFirewallPolicyService) UpdateHTTPFirewallPolicy(ctx context.Cont req.MaxRequestBodySize = 0 } - err = models.SharedHTTPFirewallPolicyDAO.UpdateFirewallPolicy(tx, req.HttpFirewallPolicyId, req.IsOn, req.Name, req.Description, inboundConfigJSON, outboundConfigJSON, req.BlockOptionsJSON, req.PageOptionsJSON, req.CaptchaOptionsJSON, req.Mode, req.UseLocalFirewall, synFloodConfig, logConfig, req.MaxRequestBodySize, req.DenyCountryHTML, req.DenyProvinceHTML) + err = models.SharedHTTPFirewallPolicyDAO.UpdateFirewallPolicy(tx, req.HttpFirewallPolicyId, req.IsOn, req.Name, req.Description, inboundConfigJSON, outboundConfigJSON, req.BlockOptionsJSON, req.PageOptionsJSON, req.CaptchaOptionsJSON, req.JsCookieOptionsJSON, req.Mode, req.UseLocalFirewall, synFloodConfig, logConfig, req.MaxRequestBodySize, req.DenyCountryHTML, req.DenyProvinceHTML) if err != nil { return nil, err } diff --git a/internal/setup/sql.json b/internal/setup/sql.json index 61e50762..09cb6975 100644 --- a/internal/setup/sql.json +++ b/internal/setup/sql.json @@ -102722,7 +102722,7 @@ "name": "edgeHTTPFirewallPolicies", "engine": "InnoDB", "charset": "utf8mb4_general_ci", - "definition": "CREATE TABLE `edgeHTTPFirewallPolicies` (\n `id` int(11) unsigned NOT NULL AUTO_INCREMENT COMMENT 'ID',\n `templateId` int(11) unsigned DEFAULT '0' COMMENT '模版ID',\n `adminId` int(11) unsigned DEFAULT '0' COMMENT '管理员ID',\n `userId` int(11) unsigned DEFAULT '0' COMMENT '用户ID',\n `serverId` int(11) unsigned DEFAULT '0' COMMENT '服务ID',\n `groupId` int(11) unsigned DEFAULT '0' COMMENT '服务分组ID',\n `state` tinyint(1) unsigned DEFAULT '1' COMMENT '状态',\n `createdAt` bigint(11) unsigned DEFAULT '0' COMMENT '创建时间',\n `isOn` tinyint(1) unsigned DEFAULT '1' COMMENT '是否启用',\n `name` varchar(255) DEFAULT NULL COMMENT '名称',\n `description` varchar(1024) DEFAULT NULL COMMENT '描述',\n `inbound` json DEFAULT NULL COMMENT '入站规则',\n `outbound` json DEFAULT NULL COMMENT '出站规则',\n `blockOptions` json DEFAULT NULL COMMENT 'BLOCK动作选项',\n `pageOptions` json DEFAULT NULL COMMENT 'PAGE动作选项',\n `captchaOptions` json DEFAULT NULL COMMENT '验证码动作选项',\n `mode` varchar(32) DEFAULT 'defend' COMMENT '模式',\n `useLocalFirewall` tinyint(1) unsigned DEFAULT '1' COMMENT '是否自动使用本地防火墙',\n `synFlood` json DEFAULT NULL COMMENT 'SynFlood防御设置',\n `log` json DEFAULT NULL COMMENT '日志配置',\n `maxRequestBodySize` int(11) unsigned DEFAULT '0' COMMENT '可以检查的最大请求内容尺寸',\n `denyCountryHTML` text COMMENT '区域封禁提示',\n `denyProvinceHTML` text COMMENT '省份封禁提示',\n PRIMARY KEY (`id`),\n KEY `userId` (`userId`),\n KEY `serverId` (`serverId`)\n) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 COMMENT='HTTP防火墙'", + "definition": "CREATE TABLE `edgeHTTPFirewallPolicies` (\n `id` int(11) unsigned NOT NULL AUTO_INCREMENT COMMENT 'ID',\n `templateId` int(11) unsigned DEFAULT '0' COMMENT '模版ID',\n `adminId` int(11) unsigned DEFAULT '0' COMMENT '管理员ID',\n `userId` int(11) unsigned DEFAULT '0' COMMENT '用户ID',\n `serverId` int(11) unsigned DEFAULT '0' COMMENT '服务ID',\n `groupId` int(11) unsigned DEFAULT '0' COMMENT '服务分组ID',\n `state` tinyint(1) unsigned DEFAULT '1' COMMENT '状态',\n `createdAt` bigint(11) unsigned DEFAULT '0' COMMENT '创建时间',\n `isOn` tinyint(1) unsigned DEFAULT '1' COMMENT '是否启用',\n `name` varchar(255) DEFAULT NULL COMMENT '名称',\n `description` varchar(1024) DEFAULT NULL COMMENT '描述',\n `inbound` json DEFAULT NULL COMMENT '入站规则',\n `outbound` json DEFAULT NULL COMMENT '出站规则',\n `blockOptions` json DEFAULT NULL COMMENT 'BLOCK动作选项',\n `pageOptions` json DEFAULT NULL COMMENT 'PAGE动作选项',\n `captchaOptions` json DEFAULT NULL COMMENT '验证码动作选项',\n `jsCookieOptions` json DEFAULT NULL COMMENT 'JSCookie动作选项',\n `mode` varchar(32) DEFAULT 'defend' COMMENT '模式',\n `useLocalFirewall` tinyint(1) unsigned DEFAULT '1' COMMENT '是否自动使用本地防火墙',\n `synFlood` json DEFAULT NULL COMMENT 'SynFlood防御设置',\n `log` json DEFAULT NULL COMMENT '日志配置',\n `maxRequestBodySize` int(11) unsigned DEFAULT '0' COMMENT '可以检查的最大请求内容尺寸',\n `denyCountryHTML` text COMMENT '区域封禁提示',\n `denyProvinceHTML` text COMMENT '省份封禁提示',\n PRIMARY KEY (`id`),\n KEY `userId` (`userId`),\n KEY `serverId` (`serverId`)\n) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 COMMENT='HTTP防火墙'", "fields": [ { "name": "id", @@ -102788,6 +102788,10 @@ "name": "captchaOptions", "definition": "json COMMENT '验证码动作选项'" }, + { + "name": "jsCookieOptions", + "definition": "json COMMENT 'JSCookie动作选项'" + }, { "name": "mode", "definition": "varchar(32) DEFAULT 'defend' COMMENT '模式'" @@ -103738,7 +103742,7 @@ "name": "edgeIPItems", "engine": "InnoDB", "charset": "utf8mb4_general_ci", - "definition": "CREATE TABLE `edgeIPItems` (\n `id` bigint(20) unsigned NOT NULL AUTO_INCREMENT COMMENT 'ID',\n `listId` int(11) unsigned DEFAULT '0' COMMENT '所属名单ID',\n `type` varchar(64) DEFAULT 'ipv4' COMMENT '类型',\n `ipFrom` varchar(64) DEFAULT NULL COMMENT '开始IP',\n `ipTo` varchar(64) DEFAULT NULL COMMENT '结束IP',\n `ipFromLong` bigint(20) unsigned DEFAULT '0' COMMENT '开始IP整型',\n `ipToLong` bigint(20) unsigned DEFAULT '0' COMMENT '结束IP整型',\n `version` bigint(20) unsigned DEFAULT '0' COMMENT '版本',\n `createdAt` bigint(11) unsigned DEFAULT '0' COMMENT '创建时间',\n `updatedAt` bigint(11) unsigned DEFAULT '0' COMMENT '修改时间',\n `reason` varchar(255) DEFAULT NULL COMMENT '加入说明',\n `eventLevel` varchar(64) DEFAULT NULL COMMENT '事件级别',\n `state` tinyint(1) unsigned DEFAULT '1' COMMENT '状态',\n `expiredAt` bigint(11) unsigned DEFAULT '0' COMMENT '过期时间',\n `serverId` int(11) unsigned DEFAULT '0' COMMENT '有效范围服务ID',\n `nodeId` int(11) unsigned DEFAULT '0' COMMENT '有效范围节点ID',\n `sourceNodeId` int(11) unsigned DEFAULT '0' COMMENT '来源节点ID',\n `sourceServerId` int(11) unsigned DEFAULT '0' COMMENT '来源服务ID',\n `sourceHTTPFirewallPolicyId` int(11) unsigned DEFAULT '0' COMMENT '来源策略ID',\n `sourceHTTPFirewallRuleGroupId` int(11) unsigned DEFAULT '0' COMMENT '来源规则集分组ID',\n `sourceHTTPFirewallRuleSetId` int(11) unsigned DEFAULT '0' COMMENT '来源规则集ID',\n `sourceUserId` bigint(11) unsigned DEFAULT '0' COMMENT '用户ID',\n `isRead` tinyint(1) unsigned DEFAULT '1' COMMENT '是否已读',\n PRIMARY KEY (`id`),\n KEY `listId` (`listId`),\n KEY `ipFrom` (`ipFrom`),\n KEY `serverId` (`serverId`),\n KEY `expiredAt_state` (`expiredAt`,`state`) USING BTREE,\n KEY `isRead` (`expiredAt`,`isRead`) USING BTREE,\n KEY `createdAt` (`createdAt`),\n KEY `sourceUserId` (`sourceUserId`),\n KEY `version` (`version`)\n) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 COMMENT='IP'", + "definition": "CREATE TABLE `edgeIPItems` (\n `id` bigint(20) unsigned NOT NULL AUTO_INCREMENT COMMENT 'ID',\n `listId` int(11) unsigned DEFAULT '0' COMMENT '所属名单ID',\n `type` varchar(64) DEFAULT 'ipv4' COMMENT '类型',\n `ipFrom` varchar(64) DEFAULT NULL COMMENT '开始IP',\n `ipTo` varchar(64) DEFAULT NULL COMMENT '结束IP',\n `ipFromLong` bigint(20) unsigned DEFAULT '0' COMMENT '开始IP整型(弃用)',\n `ipToLong` bigint(20) unsigned DEFAULT '0' COMMENT '结束IP整型(弃用)',\n `version` bigint(20) unsigned DEFAULT '0' COMMENT '版本',\n `createdAt` bigint(11) unsigned DEFAULT '0' COMMENT '创建时间',\n `updatedAt` bigint(11) unsigned DEFAULT '0' COMMENT '修改时间',\n `reason` varchar(255) DEFAULT NULL COMMENT '加入说明',\n `eventLevel` varchar(64) DEFAULT NULL COMMENT '事件级别',\n `state` tinyint(1) unsigned DEFAULT '1' COMMENT '状态',\n `expiredAt` bigint(11) unsigned DEFAULT '0' COMMENT '过期时间',\n `serverId` int(11) unsigned DEFAULT '0' COMMENT '有效范围服务ID',\n `nodeId` int(11) unsigned DEFAULT '0' COMMENT '有效范围节点ID',\n `sourceNodeId` int(11) unsigned DEFAULT '0' COMMENT '来源节点ID',\n `sourceServerId` int(11) unsigned DEFAULT '0' COMMENT '来源服务ID',\n `sourceHTTPFirewallPolicyId` int(11) unsigned DEFAULT '0' COMMENT '来源策略ID',\n `sourceHTTPFirewallRuleGroupId` int(11) unsigned DEFAULT '0' COMMENT '来源规则集分组ID',\n `sourceHTTPFirewallRuleSetId` int(11) unsigned DEFAULT '0' COMMENT '来源规则集ID',\n `sourceUserId` bigint(11) unsigned DEFAULT '0' COMMENT '用户ID',\n `isRead` tinyint(1) unsigned DEFAULT '1' COMMENT '是否已读',\n PRIMARY KEY (`id`),\n KEY `listId` (`listId`),\n KEY `ipFrom` (`ipFrom`),\n KEY `serverId` (`serverId`),\n KEY `expiredAt_state` (`expiredAt`,`state`) USING BTREE,\n KEY `isRead` (`expiredAt`,`isRead`) USING BTREE,\n KEY `createdAt` (`createdAt`),\n KEY `sourceUserId` (`sourceUserId`),\n KEY `version` (`version`)\n) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 COMMENT='IP'", "fields": [ { "name": "id", @@ -103762,11 +103766,11 @@ }, { "name": "ipFromLong", - "definition": "bigint(20) unsigned DEFAULT '0' COMMENT '开始IP整型'" + "definition": "bigint(20) unsigned DEFAULT '0' COMMENT '开始IP整型(弃用)'" }, { "name": "ipToLong", - "definition": "bigint(20) unsigned DEFAULT '0' COMMENT '结束IP整型'" + "definition": "bigint(20) unsigned DEFAULT '0' COMMENT '结束IP整型(弃用)'" }, { "name": "version", @@ -109864,7 +109868,7 @@ "name": "edgeNodeClusters", "engine": "InnoDB", "charset": "utf8mb4_general_ci", - "definition": "CREATE TABLE `edgeNodeClusters` (\n `id` int(11) unsigned NOT NULL AUTO_INCREMENT COMMENT 'ID',\n `adminId` int(11) unsigned DEFAULT '0' COMMENT '管理员ID',\n `userId` int(11) unsigned DEFAULT '0' COMMENT '用户ID',\n `isOn` tinyint(1) unsigned DEFAULT '1' COMMENT '是否启用',\n `name` varchar(255) DEFAULT NULL COMMENT '名称',\n `useAllAPINodes` tinyint(1) unsigned DEFAULT '1' COMMENT '是否使用所有API节点',\n `apiNodes` json DEFAULT NULL COMMENT '使用的API节点',\n `installDir` varchar(512) DEFAULT NULL COMMENT '安装目录',\n `order` int(11) unsigned DEFAULT '0' COMMENT '排序',\n `createdAt` bigint(11) unsigned DEFAULT '0' COMMENT '创建时间',\n `grantId` int(11) unsigned DEFAULT '0' COMMENT '默认认证方式',\n `sshParams` json DEFAULT NULL COMMENT 'SSH默认参数',\n `state` tinyint(1) unsigned DEFAULT '1' COMMENT '状态',\n `autoRegister` tinyint(1) unsigned DEFAULT '1' COMMENT '是否开启自动注册',\n `uniqueId` varchar(32) DEFAULT NULL COMMENT '唯一ID',\n `secret` varchar(32) DEFAULT NULL COMMENT '密钥',\n `healthCheck` json DEFAULT NULL COMMENT '健康检查',\n `dnsName` varchar(255) DEFAULT NULL COMMENT 'DNS名称',\n `dnsDomainId` int(11) unsigned DEFAULT '0' COMMENT '域名ID',\n `dns` json DEFAULT NULL COMMENT 'DNS配置',\n `toa` json DEFAULT NULL COMMENT 'TOA配置',\n `cachePolicyId` int(11) unsigned DEFAULT '0' COMMENT '缓存策略ID',\n `httpFirewallPolicyId` int(11) unsigned DEFAULT '0' COMMENT 'WAF策略ID',\n `accessLog` json DEFAULT NULL COMMENT '访问日志设置',\n `systemServices` json DEFAULT NULL COMMENT '系统服务设置',\n `timeZone` varchar(64) DEFAULT NULL COMMENT '时区',\n `nodeMaxThreads` int(11) unsigned DEFAULT '0' COMMENT '节点最大线程数',\n `ddosProtection` json DEFAULT NULL COMMENT 'DDoS防护设置',\n `autoOpenPorts` tinyint(1) unsigned DEFAULT '1' COMMENT '是否自动尝试开放端口',\n `isPinned` tinyint(1) unsigned DEFAULT '0' COMMENT '是否置顶',\n `webp` json DEFAULT NULL COMMENT 'WebP设置',\n `uam` json DEFAULT NULL COMMENT 'UAM设置',\n `clock` json DEFAULT NULL COMMENT '时钟配置',\n `globalServerConfig` json DEFAULT NULL COMMENT '全局服务配置',\n `autoRemoteStart` tinyint(1) unsigned DEFAULT '1' COMMENT '自动远程启动',\n `autoInstallNftables` tinyint(1) unsigned DEFAULT '0' COMMENT '自动安装nftables',\n `isAD` tinyint(1) unsigned DEFAULT '0' COMMENT '是否为高防集群',\n `httpPages` json DEFAULT NULL COMMENT '自定义页面设置',\n `cc` json DEFAULT NULL COMMENT 'CC设置',\n `http3` json DEFAULT NULL COMMENT 'HTTP3设置',\n `autoSystemTuning` tinyint(1) unsigned DEFAULT '1' COMMENT '是否自动调整系统参数',\n `networkSecurity` json DEFAULT NULL COMMENT '网络安全策略',\n PRIMARY KEY (`id`),\n KEY `uniqueId` (`uniqueId`),\n KEY `grantId` (`grantId`),\n KEY `dnsDomainId` (`dnsDomainId`),\n KEY `cachePolicyId` (`cachePolicyId`),\n KEY `httpFirewallPolicyId` (`httpFirewallPolicyId`)\n) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 COMMENT='节点集群'", + "definition": "CREATE TABLE `edgeNodeClusters` (\n `id` int(11) unsigned NOT NULL AUTO_INCREMENT COMMENT 'ID',\n `adminId` int(11) unsigned DEFAULT '0' COMMENT '管理员ID',\n `userId` int(11) unsigned DEFAULT '0' COMMENT '用户ID',\n `isOn` tinyint(1) unsigned DEFAULT '1' COMMENT '是否启用',\n `name` varchar(255) DEFAULT NULL COMMENT '名称',\n `useAllAPINodes` tinyint(1) unsigned DEFAULT '1' COMMENT '是否使用所有API节点',\n `apiNodes` json DEFAULT NULL COMMENT '使用的API节点',\n `installDir` varchar(512) DEFAULT NULL COMMENT '安装目录',\n `order` int(11) unsigned DEFAULT '0' COMMENT '排序',\n `createdAt` bigint(11) unsigned DEFAULT '0' COMMENT '创建时间',\n `grantId` int(11) unsigned DEFAULT '0' COMMENT '默认认证方式',\n `sshParams` json DEFAULT NULL COMMENT 'SSH默认参数',\n `state` tinyint(1) unsigned DEFAULT '1' COMMENT '状态',\n `autoRegister` tinyint(1) unsigned DEFAULT '1' COMMENT '是否开启自动注册',\n `uniqueId` varchar(32) DEFAULT NULL COMMENT '唯一ID',\n `secret` varchar(32) DEFAULT NULL COMMENT '密钥',\n `healthCheck` json DEFAULT NULL COMMENT '健康检查',\n `dnsName` varchar(255) DEFAULT NULL COMMENT 'DNS名称',\n `dnsDomainId` int(11) unsigned DEFAULT '0' COMMENT '域名ID',\n `dns` json DEFAULT NULL COMMENT 'DNS配置',\n `toa` json DEFAULT NULL COMMENT 'TOA配置',\n `cachePolicyId` int(11) unsigned DEFAULT '0' COMMENT '缓存策略ID',\n `httpFirewallPolicyId` int(11) unsigned DEFAULT '0' COMMENT 'WAF策略ID',\n `accessLog` json DEFAULT NULL COMMENT '访问日志设置',\n `systemServices` json DEFAULT NULL COMMENT '系统服务设置',\n `timeZone` varchar(64) DEFAULT NULL COMMENT '时区',\n `nodeMaxThreads` int(11) unsigned DEFAULT '0' COMMENT '节点最大线程数',\n `ddosProtection` json DEFAULT NULL COMMENT 'DDoS防护设置',\n `autoOpenPorts` tinyint(1) unsigned DEFAULT '1' COMMENT '是否自动尝试开放端口',\n `isPinned` tinyint(1) unsigned DEFAULT '0' COMMENT '是否置顶',\n `webp` json DEFAULT NULL COMMENT 'WebP设置',\n `uam` json DEFAULT NULL COMMENT 'UAM设置',\n `clock` json DEFAULT NULL COMMENT '时钟配置',\n `globalServerConfig` json DEFAULT NULL COMMENT '全局服务配置',\n `autoRemoteStart` tinyint(1) unsigned DEFAULT '1' COMMENT '自动远程启动',\n `autoInstallNftables` tinyint(1) unsigned DEFAULT '0' COMMENT '自动安装nftables',\n `isAD` tinyint(1) unsigned DEFAULT '0' COMMENT '是否为高防集群',\n `httpPages` json DEFAULT NULL COMMENT '自定义页面设置',\n `cc` json DEFAULT NULL COMMENT 'CC设置',\n `http3` json DEFAULT NULL COMMENT 'HTTP3设置',\n `autoSystemTuning` tinyint(1) unsigned DEFAULT '1' COMMENT '是否自动调整系统参数',\n `networkSecurity` json DEFAULT NULL COMMENT '网络安全策略',\n `autoTrimDisks` tinyint(1) unsigned DEFAULT '1' COMMENT '是否自动执行TRIM',\n PRIMARY KEY (`id`),\n KEY `uniqueId` (`uniqueId`),\n KEY `grantId` (`grantId`),\n KEY `dnsDomainId` (`dnsDomainId`),\n KEY `cachePolicyId` (`cachePolicyId`),\n KEY `httpFirewallPolicyId` (`httpFirewallPolicyId`)\n) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 COMMENT='节点集群'", "fields": [ { "name": "id", @@ -110033,6 +110037,10 @@ { "name": "networkSecurity", "definition": "json COMMENT '网络安全策略'" + }, + { + "name": "autoTrimDisks", + "definition": "tinyint(1) unsigned DEFAULT '1' COMMENT '是否自动执行TRIM'" } ], "indexes": [ diff --git a/internal/setup/sql_upgrade.go b/internal/setup/sql_upgrade.go index 06a7aaa6..d8e91cb1 100644 --- a/internal/setup/sql_upgrade.go +++ b/internal/setup/sql_upgrade.go @@ -513,7 +513,7 @@ func upgradeV0_3_7(db *dbs.DB) error { // v0.4.0 func upgradeV0_4_0(db *dbs.DB) error { // 升级SYN Flood配置 - synFloodJSON, err := json.Marshal(firewallconfigs.DefaultSYNFloodConfig()) + synFloodJSON, err := json.Marshal(firewallconfigs.NewSYNFloodConfig()) if err == nil { _, err := db.Exec("UPDATE edgeHTTPFirewallPolicies SET synFlood=? WHERE synFlood IS NULL AND state=1", string(synFloodJSON)) if err != nil {