WAF区域封禁增加“允许搜索引擎”选项

2025-11-02 03:40:27 +08:00 · 2024-05-08 17:53:12 +08:00
parent c0ae5da1a1
commit 1658077150
5 changed files with 33 additions and 2 deletions
--- a/internal/web/actions/default/servers/components/waf/ipadmin/index.go
+++ b/internal/web/actions/default/servers/components/waf/ipadmin/index.go
@@ -41,12 +41,15 @@ func (this *IndexAction) RunGet(params struct {
 	var deniedCountryIds = []int64{}
 	var allowedCountryIds = []int64{}
 	var countryHTML string
+	var allowSearchEngine bool
 	if policyConfig.Inbound != nil && policyConfig.Inbound.Region != nil {
 		deniedCountryIds = policyConfig.Inbound.Region.DenyCountryIds
 		allowedCountryIds = policyConfig.Inbound.Region.AllowCountryIds
 		countryHTML = policyConfig.Inbound.Region.CountryHTML
+		allowSearchEngine = policyConfig.Inbound.Region.AllowSearchEngine
 	}
 	this.Data["countryHTML"] = countryHTML
+	this.Data["allowSearchEngine"] = allowSearchEngine

 	countriesResp, err := this.RPC().RegionCountryRPC().FindAllRegionCountries(this.AdminContext(), &pb.FindAllRegionCountriesRequest{})
 	if err != nil {
@@ -94,7 +97,8 @@ func (this *IndexAction) RunPost(params struct {
 	ExceptURLPatternsJSON []byte
 	OnlyURLPatternsJSON   []byte

-	CountryHTML string
+	CountryHTML       string
+	AllowSearchEngine bool

 	Must *actions.Must
 }) {
@@ -139,6 +143,7 @@ func (this *IndexAction) RunPost(params struct {
 		return
 	}
 	policyConfig.Inbound.Region.CountryHTML = params.CountryHTML
+	policyConfig.Inbound.Region.AllowSearchEngine = params.AllowSearchEngine

 	// 限制URL
 	var onlyURLPatterns = []*shared.URLPattern{}
--- a/internal/web/actions/default/servers/server/settings/waf/ipadmin/countries.go
+++ b/internal/web/actions/default/servers/server/settings/waf/ipadmin/countries.go
@@ -46,12 +46,15 @@ func (this *CountriesAction) RunGet(params struct {
 	var deniedCountryIds = []int64{}
 	var allowedCountryIds = []int64{}
 	var countryHTML = ""
+	var allowSearchEngine bool
 	if policyConfig.Inbound != nil && policyConfig.Inbound.Region != nil {
 		deniedCountryIds = policyConfig.Inbound.Region.DenyCountryIds
 		allowedCountryIds = policyConfig.Inbound.Region.AllowCountryIds
 		countryHTML = policyConfig.Inbound.Region.CountryHTML
+		allowSearchEngine = policyConfig.Inbound.Region.AllowSearchEngine
 	}
 	this.Data["countryHTML"] = countryHTML
+	this.Data["allowSearchEngine"] = allowSearchEngine

 	countriesResp, err := this.RPC().RegionCountryRPC().FindAllRegionCountries(this.AdminContext(), &pb.FindAllRegionCountriesRequest{})
 	if err != nil {
@@ -126,7 +129,8 @@ func (this *CountriesAction) RunPost(params struct {
 	ExceptURLPatternsJSON []byte
 	OnlyURLPatternsJSON   []byte

-	CountryHTML string
+	CountryHTML       string
+	AllowSearchEngine bool

 	Must *actions.Must
 }) {
@@ -179,6 +183,7 @@ func (this *CountriesAction) RunPost(params struct {
 	policyConfig.Inbound.Region.CountryOnlyURLPatterns = onlyURLPatterns

 	policyConfig.Inbound.Region.CountryHTML = params.CountryHTML
+	policyConfig.Inbound.Region.AllowSearchEngine = params.AllowSearchEngine

 	if len(params.CountryHTML) > 32<<10 {
 		this.Fail("提示内容长度不能超出32K")
--- a/web/views/@default/servers/components/waf/ipadmin/index.html
+++ b/web/views/@default/servers/components/waf/ipadmin/index.html
@@ -40,6 +40,13 @@
                    <p class="comment">当客户端所在区域被封禁时提示页面的HTML内容；不填则表示使用默认的提示内容；支持请求变量。</p>
                </td>
            </tr>
+            <tr>
+                <td>允许搜索引擎</td>
+                <td>
+                    <checkbox name="allowSearchEngine" v-model="allowSearchEngine"></checkbox>
+                    <p class="comment">选中后，表示如果请求来自常见搜索引擎的IP，则不受区域限制。</p>
+                </td>
+            </tr>
        </tbody>
    </table>
    <submit-btn></submit-btn>
--- a/web/views/@default/servers/groups/group/settings/waf/ipadmin/countries.html
+++ b/web/views/@default/servers/groups/group/settings/waf/ipadmin/countries.html
@@ -39,6 +39,13 @@
                    <td>限制URL &nbsp;<tip-icon content="只对这些URL做限制。"></tip-icon></td>
                    <td><url-patterns-box v-model="onlyURLPatterns"></url-patterns-box></td>
                </tr>
+                <tr>
+                    <td>允许搜索引擎</td>
+                    <td>
+                        <checkbox name="allowSearchEngine" v-model="allowSearchEngine"></checkbox>
+                        <p class="comment">选中后，表示如果请求来自常见搜索引擎的IP，则不受区域限制。</p>
+                    </td>
+                </tr>
            </tbody>
 		</table>
 		<submit-btn></submit-btn>
--- a/web/views/@default/servers/server/settings/waf/ipadmin/countries.html
+++ b/web/views/@default/servers/server/settings/waf/ipadmin/countries.html
@@ -51,6 +51,13 @@
                        <p class="comment">当客户端所在区域被封禁时提示页面的HTML内容；不填则表示使用默认的提示内容；支持请求变量。</p>
                    </td>
                </tr>
+                <tr>
+                    <td>允许搜索引擎</td>
+                    <td>
+                        <checkbox name="allowSearchEngine" v-model="allowSearchEngine"></checkbox>
+                        <p class="comment">选中后，表示如果请求来自常见搜索引擎的IP，则不受区域限制。</p>
+                    </td>
+                </tr>
            </tbody>
 		</table>
 		<submit-btn></submit-btn>