实现基础的DDoS防护

2025-12-25 11:36:35 +08:00 · 2022-05-18 21:02:58 +08:00
parent dd900700e9
commit 2b6d749566
15 changed files with 2290 additions and 1294 deletions
--- a/pkg/rpc/protos/models/model_node_cluster.proto
+++ b/pkg/rpc/protos/models/model_node_cluster.proto
@@ -18,7 +18,6 @@ message NodeCluster {
 	bool isOn = 12;
 	string timeZone = 13;
 	int32 nodeMaxThreads = 14;
-	int32 nodeTCPMaxConnections = 15;
 	bool autoOpenPorts = 16;
 	bool isPinned = 17;
 }
--- a/pkg/rpc/protos/service_node.proto
+++ b/pkg/rpc/protos/service_node.proto
@@ -139,6 +139,15 @@ service NodeService {

 	// 修改DNS Resolver
 	rpc updateNodeDNSResolver(UpdateNodeDNSResolverRequest) returns (RPCSuccess);
+
+	// 获取节点的DDoS设置
+	rpc findNodeDDoSProtection(FindNodeDDoSProtectionRequest) returns (FindNodeDDoSProtectionResponse);
+
+	// 修改节点的DDoS设置
+	rpc updateNodeDDoSProtection(UpdateNodeDDoSProtectionRequest) returns (RPCSuccess);
+
+	// 取得节点的配置概要信息
+	rpc findEnabledNodeConfigInfo (FindEnabledNodeConfigInfoRequest) returns (FindEnabledNodeConfigInfoResponse);
 }

 // 创建节点
@@ -263,6 +272,7 @@ message FindCurrentNodeConfigResponse {
 	bool isChanged = 2;
 	bool isCompressed = 3;
 	int64 dataSize = 4;
+	int64 timestamp = 5;
 }

 // 节点stream
@@ -532,4 +542,33 @@ message FindNodeDNSResolverResponse {
 message UpdateNodeDNSResolverRequest {
 	int64 nodeId = 1;
 	bytes dnsResolverJSON = 2;
-}
+}
+
+// 获取节点的DDoS设置
+message FindNodeDDoSProtectionRequest {
+	int64 nodeId = 1;
+}
+
+message FindNodeDDoSProtectionResponse {
+	bytes ddosProtectionJSON = 1;
+}
+
+// 修改节点的DDOS设置
+message UpdateNodeDDoSProtectionRequest {
+	int64 nodeId = 1;
+	bytes ddosProtectionJSON = 2;
+}
+
+// 取得节点的配置概要信息
+message FindEnabledNodeConfigInfoRequest {
+	int64 nodeId = 1;
+}
+
+message FindEnabledNodeConfigInfoResponse {
+	bool hasDNSInfo = 1;
+	bool  hasCacheInfo = 2;
+	bool  hasThresholds = 3;
+	bool  hasSSH = 4;
+	bool  hasSystemSettings = 5;
+	bool hasDDoSProtection = 6;
+}
--- a/pkg/rpc/protos/service_node_cluster.proto
+++ b/pkg/rpc/protos/service_node_cluster.proto
@@ -121,6 +121,12 @@ service NodeClusterService {

 	// 设置集群WebP策略
 	rpc updateNodeClusterWebPPolicy(UpdateNodeClusterWebPPolicyRequest) returns (RPCSuccess);
+
+	// 获取集群的DDoS设置
+	rpc findNodeClusterDDoSProtection(FindNodeClusterDDoSProtectionRequest) returns (FindNodeClusterDDoSProtectionResponse);
+
+	// 修改集群的DDoS设置
+	rpc updateNodeClusterDDoSProtection(UpdateNodeClusterDDoSProtectionRequest) returns (RPCSuccess);
 }

 // 获取所有集群的信息
@@ -156,7 +162,7 @@ message UpdateNodeClusterRequest {
 	string installDir = 4;
 	string timeZone = 5;
 	int32 nodeMaxThreads = 6;
-	int32 nodeTCPMaxConnections = 7;
+
 	bool autoOpenPorts = 8;
 }

@@ -429,6 +435,7 @@ message FindEnabledNodeClusterConfigInfoResponse {
 	bool hasMetricItems = 6;
 	bool webpIsOn = 7;
 	bool hasSystemServices = 8;
+	bool hasDDoSProtection = 9;
 }

 // 设置集群是否置顶
@@ -450,4 +457,19 @@ message FindEnabledNodeClusterWebPPolicyResponse {
 message UpdateNodeClusterWebPPolicyRequest {
 	int64 nodeClusterId = 1;
 	bytes webpPolicyJSON = 2;
+}
+
+// 获取集群的DDoS设置
+message FindNodeClusterDDoSProtectionRequest {
+	int64 nodeClusterId = 1;
+}
+
+message FindNodeClusterDDoSProtectionResponse {
+	bytes ddosProtectionJSON = 1;
+}
+
+// 修改集群的DDOS设置
+message UpdateNodeClusterDDoSProtectionRequest {
+	int64 nodeClusterId = 1;
+	bytes ddosProtectionJSON = 2;
 }