pkg/serverconfigs/firewallconfigs/http_firewall_rule_set.go

package firewallconfigs

import (
	"github.com/iwind/TeaGo/logs"
	"github.com/iwind/TeaGo/maps"
)

// HTTPFirewallActionConfig 单个动作配置
type HTTPFirewallActionConfig struct {
	Code    HTTPFirewallActionString `yaml:"code" json:"code"`
	Options maps.Map                 `yaml:"options" json:"options"`
}

// HTTPFirewallRuleSet 规则集定义
type HTTPFirewallRuleSet struct {
	Id          int64                  `yaml:"id" json:"id"`
	IsOn        bool                   `yaml:"isOn" json:"isOn"`
	Name        string                 `yaml:"name" json:"name"`
	Code        string                 `yaml:"code" json:"code"`
	Description string                 `yaml:"description" json:"description"`
	Connector   string                 `yaml:"connector" json:"connector"`
	RuleRefs    []*HTTPFirewallRuleRef `yaml:"ruleRefs" json:"ruleRefs"`
	Rules       []*HTTPFirewallRule    `yaml:"rules" json:"rules"`
	IgnoreLocal bool                   `yaml:"ignoreLocal" json:"ignoreLocal"`

	Actions []*HTTPFirewallActionConfig `yaml:"actions" json:"actions"`

	//Action        string   `yaml:"action" json:"action"`               // deprecated, v0.2.5
	//ActionOptions maps.Map `yaml:"actionOptions" json:"actionOptions"` // deprecated, v0.2.5
}

// Init 初始化
func (this *HTTPFirewallRuleSet) Init() error {
	for _, rule := range this.Rules {
		err := rule.Init()
		if err != nil {
			logs.Println("ERROR", "validate rule '"+rule.Summary()+"' failed: "+err.Error())

			// 这里不阻断执行，因为先前有些用户填写了错误的规则
		}
	}

	return nil
}

// AddRule 添加规则
func (this *HTTPFirewallRuleSet) AddRule(rule *HTTPFirewallRule) {
	this.Rules = append(this.Rules, rule)
}
实现WAF策略部分功能 2020-10-06 21:02:21 +08:00			`package firewallconfigs`

WAF规则校验错误不阻断执行 2021-09-25 19:41:10 +08:00			`import (`
			`"github.com/iwind/TeaGo/logs"`
			`"github.com/iwind/TeaGo/maps"`
			`)`
实现WAF策略部分功能 2020-10-06 21:02:21 +08:00
WAF支持更多动作 2021-07-14 22:46:31 +08:00			`// HTTPFirewallActionConfig 单个动作配置`
			`type HTTPFirewallActionConfig struct {`
			Code HTTPFirewallActionString `yaml:"code" json:"code"`
			Options maps.Map `yaml:"options" json:"options"`
			`}`

			`// HTTPFirewallRuleSet 规则集定义`
实现WAF策略部分功能 2020-10-06 21:02:21 +08:00			`type HTTPFirewallRuleSet struct {`
WAF支持更多动作 2021-07-14 22:46:31 +08:00			Id int64 `yaml:"id" json:"id"`
			IsOn bool `yaml:"isOn" json:"isOn"`
			Name string `yaml:"name" json:"name"`
			Code string `yaml:"code" json:"code"`
			Description string `yaml:"description" json:"description"`
			Connector string `yaml:"connector" json:"connector"`
			RuleRefs []*HTTPFirewallRuleRef `yaml:"ruleRefs" json:"ruleRefs"`
			Rules []*HTTPFirewallRule `yaml:"rules" json:"rules"`
支持规则集忽略局域网IP 2021-12-02 16:08:29 +08:00			IgnoreLocal bool `yaml:"ignoreLocal" json:"ignoreLocal"`
WAF支持更多动作 2021-07-14 22:46:31 +08:00
			Actions []*HTTPFirewallActionConfig `yaml:"actions" json:"actions"`

			//Action string `yaml:"action" json:"action"` // deprecated, v0.2.5
			//ActionOptions maps.Map `yaml:"actionOptions" json:"actionOptions"` // deprecated, v0.2.5
实现WAF策略部分功能 2020-10-06 21:02:21 +08:00			`}`

WAF支持更多动作 2021-07-14 22:46:31 +08:00			`// Init 初始化`
实现WAF策略部分功能 2020-10-06 21:02:21 +08:00			`func (this *HTTPFirewallRuleSet) Init() error {`
			`for _, rule := range this.Rules {`
			`err := rule.Init()`
			`if err != nil {`
WAF规则校验错误不阻断执行 2021-09-25 19:41:10 +08:00			`logs.Println("ERROR", "validate rule '"+rule.Summary()+"' failed: "+err.Error())`

			`// 这里不阻断执行，因为先前有些用户填写了错误的规则`
实现WAF策略部分功能 2020-10-06 21:02:21 +08:00			`}`
			`}`
WAF支持更多动作 2021-07-14 22:46:31 +08:00
实现WAF策略部分功能 2020-10-06 21:02:21 +08:00			`return nil`
			`}`

WAF支持更多动作 2021-07-14 22:46:31 +08:00			`// AddRule 添加规则`
实现WAF策略部分功能 2020-10-06 21:02:21 +08:00			`func (this HTTPFirewallRuleSet) AddRule(rule HTTPFirewallRule) {`
			`this.Rules = append(this.Rules, rule)`
			`}`