TRKJ/EdgeAdmin
2
0
Fork 0
mirror of https://github.com/TeaOSLab/EdgeAdmin.git synced 2025-11-04 13:10:26 +08:00
Code Issues Packages Projects Releases Wiki Activity
Files
2e9182933e98730d6b247f9723e829517f2054e6
EdgeAdmin/internal/web/actions/default/servers/components/waf/policy.go

109 lines
2.9 KiB
Go
Raw Normal View History

实现WAF策略部分功能
2020-10-06 21:02:37 +08:00
package waf
import (
"github.com/TeaOSLab/EdgeAdmin/internal/web/actions/actionutils"
优化代码
2020-12-23 09:52:31 +08:00
"github.com/TeaOSLab/EdgeCommon/pkg/rpc/dao"
[WAF]规则中增加请求Header长度限制和响应Header长度限制
2020-11-18 19:35:32 +08:00
"github.com/TeaOSLab/EdgeCommon/pkg/rpc/pb"
WAF策略增加观察模式和通过模式
2021-09-30 11:30:36 +08:00
"github.com/TeaOSLab/EdgeCommon/pkg/serverconfigs/firewallconfigs"
实现WAF策略部分功能
2020-10-06 21:02:37 +08:00
"github.com/iwind/TeaGo/maps"
)
type PolicyAction struct {
actionutils.ParentAction
}
func (this *PolicyAction) Init() {
this.Nav("", "", "index")
}
func (this *PolicyAction) RunGet(params struct {
FirewallPolicyId int64
}) {
优化代码
2020-12-23 09:52:31 +08:00
firewallPolicy, err := dao.SharedHTTPFirewallPolicyDAO.FindEnabledHTTPFirewallPolicyConfig(this.AdminContext(), params.FirewallPolicyId)
实现WAF策略部分功能
2020-10-06 21:02:37 +08:00
if err != nil {
this.ErrorPage(err)
return
}
if firewallPolicy == nil {
this.NotFound("firewallPolicy", params.FirewallPolicyId)
return
}
internalGroups := []maps.Map{}
if firewallPolicy.Inbound != nil {
for _, group := range firewallPolicy.Inbound.Groups {
internalGroups = append(internalGroups, maps.Map{
"name": group.Name,
"isOn": group.IsOn,
})
}
}
if firewallPolicy.Outbound != nil {
for _, group := range firewallPolicy.Outbound.Groups {
internalGroups = append(internalGroups, maps.Map{
"name": group.Name,
"isOn": group.IsOn,
})
}
}
WAF模板中有新的规则时,可以在界面上收到提醒并点击加入
2021-10-25 12:02:03 +08:00
// 检查是否有升级
var templatePolicy = firewallconfigs.HTTPFirewallTemplate()
var upgradeItems = []string{}
if templatePolicy.Inbound != nil {
for _, group := range templatePolicy.Inbound.Groups {
if len(group.Code) == 0 {
continue
}
var oldGroup = firewallPolicy.FindRuleGroupWithCode(group.Code)
if oldGroup == nil {
upgradeItems = append(upgradeItems, group.Name)
continue
}
for _, set := range group.Sets {
if len(set.Code) == 0 {
continue
}
var oldSet = oldGroup.FindRuleSetWithCode(set.Code)
if oldSet == nil {
upgradeItems = append(upgradeItems, group.Name+" -- "+set.Name)
continue
}
}
}
}
this.Data["upgradeItems"] = upgradeItems
WAF策略增加观察模式和通过模式
2021-09-30 11:30:36 +08:00
// 模式
if len(firewallPolicy.Mode) == 0 {
firewallPolicy.Mode = firewallconfigs.FirewallModeDefend
}
实现WAF策略部分功能
2020-10-06 21:02:37 +08:00
this.Data["firewallPolicy"] = maps.Map{
[waf]可以配置阻止动作的状态码和提示内容
2020-11-22 16:54:31 +08:00
"id": firewallPolicy.Id,
"name": firewallPolicy.Name,
"isOn": firewallPolicy.IsOn,
"description": firewallPolicy.Description,
WAF策略增加观察模式和通过模式
2021-09-30 11:30:36 +08:00
"mode": firewallPolicy.Mode,
"modeInfo": firewallconfigs.FindFirewallMode(firewallPolicy.Mode),
[waf]可以配置阻止动作的状态码和提示内容
2020-11-22 16:54:31 +08:00
"groups": internalGroups,
"blockOptions": firewallPolicy.BlockOptions,
实现WAF策略部分功能
2020-10-06 21:02:37 +08:00
}
集群可以设置默认的WAF策略、缓存策略
2020-12-17 15:50:44 +08:00
// 正在使用此策略的集群
clustersResp, err := this.RPC().NodeClusterRPC().FindAllEnabledNodeClustersWithHTTPFirewallPolicyId(this.AdminContext(), &pb.FindAllEnabledNodeClustersWithHTTPFirewallPolicyIdRequest{HttpFirewallPolicyId: params.FirewallPolicyId})
[WAF]规则中增加请求Header长度限制和响应Header长度限制
2020-11-18 19:35:32 +08:00
if err != nil {
this.ErrorPage(err)
return
}
集群可以设置默认的WAF策略、缓存策略
2020-12-17 15:50:44 +08:00
clusterMaps := []maps.Map{}
for _, cluster := range clustersResp.NodeClusters {
clusterMaps = append(clusterMaps, maps.Map{
"id": cluster.Id,
"name": cluster.Name,
[WAF]规则中增加请求Header长度限制和响应Header长度限制
2020-11-18 19:35:32 +08:00
})
}
集群可以设置默认的WAF策略、缓存策略
2020-12-17 15:50:44 +08:00
this.Data["clusters"] = clusterMaps
[WAF]规则中增加请求Header长度限制和响应Header长度限制
2020-11-18 19:35:32 +08:00
实现WAF策略部分功能
2020-10-06 21:02:37 +08:00
this.Show()
}
Reference in New Issue Copy Permalink