diff --git a/pkg/rpc/pb/service_http_firewall_rule_group.pb.go b/pkg/rpc/pb/service_http_firewall_rule_group.pb.go index 5daa105..77a9a2a 100644 --- a/pkg/rpc/pb/service_http_firewall_rule_group.pb.go +++ b/pkg/rpc/pb/service_http_firewall_rule_group.pb.go @@ -363,6 +363,62 @@ func (x *FindHTTPFirewallRuleGroupConfigResponse) GetFirewallRuleGroupJSON() []b return nil } +// 修改分组的规则集 +type UpdateHTTPFirewallRuleGroupSetsRequest struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + FirewallRuleGroupId int64 `protobuf:"varint,1,opt,name=firewallRuleGroupId,proto3" json:"firewallRuleGroupId,omitempty"` + FirewallRuleSetsJSON []byte `protobuf:"bytes,2,opt,name=firewallRuleSetsJSON,proto3" json:"firewallRuleSetsJSON,omitempty"` +} + +func (x *UpdateHTTPFirewallRuleGroupSetsRequest) Reset() { + *x = UpdateHTTPFirewallRuleGroupSetsRequest{} + if protoimpl.UnsafeEnabled { + mi := &file_service_http_firewall_rule_group_proto_msgTypes[6] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) + } +} + +func (x *UpdateHTTPFirewallRuleGroupSetsRequest) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*UpdateHTTPFirewallRuleGroupSetsRequest) ProtoMessage() {} + +func (x *UpdateHTTPFirewallRuleGroupSetsRequest) ProtoReflect() protoreflect.Message { + mi := &file_service_http_firewall_rule_group_proto_msgTypes[6] + if protoimpl.UnsafeEnabled && x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use UpdateHTTPFirewallRuleGroupSetsRequest.ProtoReflect.Descriptor instead. +func (*UpdateHTTPFirewallRuleGroupSetsRequest) Descriptor() ([]byte, []int) { + return file_service_http_firewall_rule_group_proto_rawDescGZIP(), []int{6} +} + +func (x *UpdateHTTPFirewallRuleGroupSetsRequest) GetFirewallRuleGroupId() int64 { + if x != nil { + return x.FirewallRuleGroupId + } + return 0 +} + +func (x *UpdateHTTPFirewallRuleGroupSetsRequest) GetFirewallRuleSetsJSON() []byte { + if x != nil { + return x.FirewallRuleSetsJSON + } + return nil +} + var File_service_http_firewall_rule_group_proto protoreflect.FileDescriptor var file_service_http_firewall_rule_group_proto_rawDesc = []byte{ @@ -411,37 +467,52 @@ var file_service_http_firewall_rule_group_proto_rawDesc = []byte{ 0x6e, 0x73, 0x65, 0x12, 0x34, 0x0a, 0x15, 0x66, 0x69, 0x72, 0x65, 0x77, 0x61, 0x6c, 0x6c, 0x52, 0x75, 0x6c, 0x65, 0x47, 0x72, 0x6f, 0x75, 0x70, 0x4a, 0x53, 0x4f, 0x4e, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0c, 0x52, 0x15, 0x66, 0x69, 0x72, 0x65, 0x77, 0x61, 0x6c, 0x6c, 0x52, 0x75, 0x6c, 0x65, - 0x47, 0x72, 0x6f, 0x75, 0x70, 0x4a, 0x53, 0x4f, 0x4e, 0x32, 0xcc, 0x03, 0x0a, 0x1c, 0x48, 0x54, - 0x54, 0x50, 0x46, 0x69, 0x72, 0x65, 0x77, 0x61, 0x6c, 0x6c, 0x52, 0x75, 0x6c, 0x65, 0x47, 0x72, - 0x6f, 0x75, 0x70, 0x53, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x12, 0x63, 0x0a, 0x1f, 0x75, 0x70, + 0x47, 0x72, 0x6f, 0x75, 0x70, 0x4a, 0x53, 0x4f, 0x4e, 0x22, 0x8e, 0x01, 0x0a, 0x26, 0x55, 0x70, 0x64, 0x61, 0x74, 0x65, 0x48, 0x54, 0x54, 0x50, 0x46, 0x69, 0x72, 0x65, 0x77, 0x61, 0x6c, 0x6c, - 0x52, 0x75, 0x6c, 0x65, 0x47, 0x72, 0x6f, 0x75, 0x70, 0x49, 0x73, 0x4f, 0x6e, 0x12, 0x2a, 0x2e, - 0x70, 0x62, 0x2e, 0x55, 0x70, 0x64, 0x61, 0x74, 0x65, 0x48, 0x54, 0x54, 0x50, 0x46, 0x69, 0x72, - 0x65, 0x77, 0x61, 0x6c, 0x6c, 0x52, 0x75, 0x6c, 0x65, 0x47, 0x72, 0x6f, 0x75, 0x70, 0x49, 0x73, - 0x4f, 0x6e, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x14, 0x2e, 0x70, 0x62, 0x2e, 0x52, - 0x50, 0x43, 0x55, 0x70, 0x64, 0x61, 0x74, 0x65, 0x53, 0x75, 0x63, 0x63, 0x65, 0x73, 0x73, 0x12, - 0x6e, 0x0a, 0x1b, 0x63, 0x72, 0x65, 0x61, 0x74, 0x65, 0x48, 0x54, 0x54, 0x50, 0x46, 0x69, 0x72, - 0x65, 0x77, 0x61, 0x6c, 0x6c, 0x52, 0x75, 0x6c, 0x65, 0x47, 0x72, 0x6f, 0x75, 0x70, 0x12, 0x26, - 0x2e, 0x70, 0x62, 0x2e, 0x43, 0x72, 0x65, 0x61, 0x74, 0x65, 0x48, 0x54, 0x54, 0x50, 0x46, 0x69, - 0x72, 0x65, 0x77, 0x61, 0x6c, 0x6c, 0x52, 0x75, 0x6c, 0x65, 0x47, 0x72, 0x6f, 0x75, 0x70, 0x52, - 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x27, 0x2e, 0x70, 0x62, 0x2e, 0x43, 0x72, 0x65, 0x61, - 0x74, 0x65, 0x48, 0x54, 0x54, 0x50, 0x46, 0x69, 0x72, 0x65, 0x77, 0x61, 0x6c, 0x6c, 0x52, 0x75, - 0x6c, 0x65, 0x47, 0x72, 0x6f, 0x75, 0x70, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x12, - 0x5b, 0x0a, 0x1b, 0x75, 0x70, 0x64, 0x61, 0x74, 0x65, 0x48, 0x54, 0x54, 0x50, 0x46, 0x69, 0x72, - 0x65, 0x77, 0x61, 0x6c, 0x6c, 0x52, 0x75, 0x6c, 0x65, 0x47, 0x72, 0x6f, 0x75, 0x70, 0x12, 0x26, + 0x52, 0x75, 0x6c, 0x65, 0x47, 0x72, 0x6f, 0x75, 0x70, 0x53, 0x65, 0x74, 0x73, 0x52, 0x65, 0x71, + 0x75, 0x65, 0x73, 0x74, 0x12, 0x30, 0x0a, 0x13, 0x66, 0x69, 0x72, 0x65, 0x77, 0x61, 0x6c, 0x6c, + 0x52, 0x75, 0x6c, 0x65, 0x47, 0x72, 0x6f, 0x75, 0x70, 0x49, 0x64, 0x18, 0x01, 0x20, 0x01, 0x28, + 0x03, 0x52, 0x13, 0x66, 0x69, 0x72, 0x65, 0x77, 0x61, 0x6c, 0x6c, 0x52, 0x75, 0x6c, 0x65, 0x47, + 0x72, 0x6f, 0x75, 0x70, 0x49, 0x64, 0x12, 0x32, 0x0a, 0x14, 0x66, 0x69, 0x72, 0x65, 0x77, 0x61, + 0x6c, 0x6c, 0x52, 0x75, 0x6c, 0x65, 0x53, 0x65, 0x74, 0x73, 0x4a, 0x53, 0x4f, 0x4e, 0x18, 0x02, + 0x20, 0x01, 0x28, 0x0c, 0x52, 0x14, 0x66, 0x69, 0x72, 0x65, 0x77, 0x61, 0x6c, 0x6c, 0x52, 0x75, + 0x6c, 0x65, 0x53, 0x65, 0x74, 0x73, 0x4a, 0x53, 0x4f, 0x4e, 0x32, 0xb1, 0x04, 0x0a, 0x1c, 0x48, + 0x54, 0x54, 0x50, 0x46, 0x69, 0x72, 0x65, 0x77, 0x61, 0x6c, 0x6c, 0x52, 0x75, 0x6c, 0x65, 0x47, + 0x72, 0x6f, 0x75, 0x70, 0x53, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x12, 0x63, 0x0a, 0x1f, 0x75, + 0x70, 0x64, 0x61, 0x74, 0x65, 0x48, 0x54, 0x54, 0x50, 0x46, 0x69, 0x72, 0x65, 0x77, 0x61, 0x6c, + 0x6c, 0x52, 0x75, 0x6c, 0x65, 0x47, 0x72, 0x6f, 0x75, 0x70, 0x49, 0x73, 0x4f, 0x6e, 0x12, 0x2a, 0x2e, 0x70, 0x62, 0x2e, 0x55, 0x70, 0x64, 0x61, 0x74, 0x65, 0x48, 0x54, 0x54, 0x50, 0x46, 0x69, - 0x72, 0x65, 0x77, 0x61, 0x6c, 0x6c, 0x52, 0x75, 0x6c, 0x65, 0x47, 0x72, 0x6f, 0x75, 0x70, 0x52, - 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x14, 0x2e, 0x70, 0x62, 0x2e, 0x52, 0x50, 0x43, 0x55, - 0x70, 0x64, 0x61, 0x74, 0x65, 0x53, 0x75, 0x63, 0x63, 0x65, 0x73, 0x73, 0x12, 0x7a, 0x0a, 0x1f, - 0x66, 0x69, 0x6e, 0x64, 0x48, 0x54, 0x54, 0x50, 0x46, 0x69, 0x72, 0x65, 0x77, 0x61, 0x6c, 0x6c, - 0x52, 0x75, 0x6c, 0x65, 0x47, 0x72, 0x6f, 0x75, 0x70, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x12, - 0x2a, 0x2e, 0x70, 0x62, 0x2e, 0x46, 0x69, 0x6e, 0x64, 0x48, 0x54, 0x54, 0x50, 0x46, 0x69, 0x72, - 0x65, 0x77, 0x61, 0x6c, 0x6c, 0x52, 0x75, 0x6c, 0x65, 0x47, 0x72, 0x6f, 0x75, 0x70, 0x43, 0x6f, - 0x6e, 0x66, 0x69, 0x67, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x2b, 0x2e, 0x70, 0x62, - 0x2e, 0x46, 0x69, 0x6e, 0x64, 0x48, 0x54, 0x54, 0x50, 0x46, 0x69, 0x72, 0x65, 0x77, 0x61, 0x6c, + 0x72, 0x65, 0x77, 0x61, 0x6c, 0x6c, 0x52, 0x75, 0x6c, 0x65, 0x47, 0x72, 0x6f, 0x75, 0x70, 0x49, + 0x73, 0x4f, 0x6e, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x14, 0x2e, 0x70, 0x62, 0x2e, + 0x52, 0x50, 0x43, 0x55, 0x70, 0x64, 0x61, 0x74, 0x65, 0x53, 0x75, 0x63, 0x63, 0x65, 0x73, 0x73, + 0x12, 0x6e, 0x0a, 0x1b, 0x63, 0x72, 0x65, 0x61, 0x74, 0x65, 0x48, 0x54, 0x54, 0x50, 0x46, 0x69, + 0x72, 0x65, 0x77, 0x61, 0x6c, 0x6c, 0x52, 0x75, 0x6c, 0x65, 0x47, 0x72, 0x6f, 0x75, 0x70, 0x12, + 0x26, 0x2e, 0x70, 0x62, 0x2e, 0x43, 0x72, 0x65, 0x61, 0x74, 0x65, 0x48, 0x54, 0x54, 0x50, 0x46, + 0x69, 0x72, 0x65, 0x77, 0x61, 0x6c, 0x6c, 0x52, 0x75, 0x6c, 0x65, 0x47, 0x72, 0x6f, 0x75, 0x70, + 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x27, 0x2e, 0x70, 0x62, 0x2e, 0x43, 0x72, 0x65, + 0x61, 0x74, 0x65, 0x48, 0x54, 0x54, 0x50, 0x46, 0x69, 0x72, 0x65, 0x77, 0x61, 0x6c, 0x6c, 0x52, + 0x75, 0x6c, 0x65, 0x47, 0x72, 0x6f, 0x75, 0x70, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, + 0x12, 0x5b, 0x0a, 0x1b, 0x75, 0x70, 0x64, 0x61, 0x74, 0x65, 0x48, 0x54, 0x54, 0x50, 0x46, 0x69, + 0x72, 0x65, 0x77, 0x61, 0x6c, 0x6c, 0x52, 0x75, 0x6c, 0x65, 0x47, 0x72, 0x6f, 0x75, 0x70, 0x12, + 0x26, 0x2e, 0x70, 0x62, 0x2e, 0x55, 0x70, 0x64, 0x61, 0x74, 0x65, 0x48, 0x54, 0x54, 0x50, 0x46, + 0x69, 0x72, 0x65, 0x77, 0x61, 0x6c, 0x6c, 0x52, 0x75, 0x6c, 0x65, 0x47, 0x72, 0x6f, 0x75, 0x70, + 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x14, 0x2e, 0x70, 0x62, 0x2e, 0x52, 0x50, 0x43, + 0x55, 0x70, 0x64, 0x61, 0x74, 0x65, 0x53, 0x75, 0x63, 0x63, 0x65, 0x73, 0x73, 0x12, 0x7a, 0x0a, + 0x1f, 0x66, 0x69, 0x6e, 0x64, 0x48, 0x54, 0x54, 0x50, 0x46, 0x69, 0x72, 0x65, 0x77, 0x61, 0x6c, 0x6c, 0x52, 0x75, 0x6c, 0x65, 0x47, 0x72, 0x6f, 0x75, 0x70, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, - 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x42, 0x06, 0x5a, 0x04, 0x2e, 0x2f, 0x70, 0x62, - 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33, + 0x12, 0x2a, 0x2e, 0x70, 0x62, 0x2e, 0x46, 0x69, 0x6e, 0x64, 0x48, 0x54, 0x54, 0x50, 0x46, 0x69, + 0x72, 0x65, 0x77, 0x61, 0x6c, 0x6c, 0x52, 0x75, 0x6c, 0x65, 0x47, 0x72, 0x6f, 0x75, 0x70, 0x43, + 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x2b, 0x2e, 0x70, + 0x62, 0x2e, 0x46, 0x69, 0x6e, 0x64, 0x48, 0x54, 0x54, 0x50, 0x46, 0x69, 0x72, 0x65, 0x77, 0x61, + 0x6c, 0x6c, 0x52, 0x75, 0x6c, 0x65, 0x47, 0x72, 0x6f, 0x75, 0x70, 0x43, 0x6f, 0x6e, 0x66, 0x69, + 0x67, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x12, 0x63, 0x0a, 0x1f, 0x75, 0x70, 0x64, + 0x61, 0x74, 0x65, 0x48, 0x54, 0x54, 0x50, 0x46, 0x69, 0x72, 0x65, 0x77, 0x61, 0x6c, 0x6c, 0x52, + 0x75, 0x6c, 0x65, 0x47, 0x72, 0x6f, 0x75, 0x70, 0x53, 0x65, 0x74, 0x73, 0x12, 0x2a, 0x2e, 0x70, + 0x62, 0x2e, 0x55, 0x70, 0x64, 0x61, 0x74, 0x65, 0x48, 0x54, 0x54, 0x50, 0x46, 0x69, 0x72, 0x65, + 0x77, 0x61, 0x6c, 0x6c, 0x52, 0x75, 0x6c, 0x65, 0x47, 0x72, 0x6f, 0x75, 0x70, 0x53, 0x65, 0x74, + 0x73, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x14, 0x2e, 0x70, 0x62, 0x2e, 0x52, 0x50, + 0x43, 0x55, 0x70, 0x64, 0x61, 0x74, 0x65, 0x53, 0x75, 0x63, 0x63, 0x65, 0x73, 0x73, 0x42, 0x06, + 0x5a, 0x04, 0x2e, 0x2f, 0x70, 0x62, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33, } var ( @@ -456,7 +527,7 @@ func file_service_http_firewall_rule_group_proto_rawDescGZIP() []byte { return file_service_http_firewall_rule_group_proto_rawDescData } -var file_service_http_firewall_rule_group_proto_msgTypes = make([]protoimpl.MessageInfo, 6) +var file_service_http_firewall_rule_group_proto_msgTypes = make([]protoimpl.MessageInfo, 7) var file_service_http_firewall_rule_group_proto_goTypes = []interface{}{ (*UpdateHTTPFirewallRuleGroupIsOnRequest)(nil), // 0: pb.UpdateHTTPFirewallRuleGroupIsOnRequest (*CreateHTTPFirewallRuleGroupRequest)(nil), // 1: pb.CreateHTTPFirewallRuleGroupRequest @@ -464,19 +535,22 @@ var file_service_http_firewall_rule_group_proto_goTypes = []interface{}{ (*UpdateHTTPFirewallRuleGroupRequest)(nil), // 3: pb.UpdateHTTPFirewallRuleGroupRequest (*FindHTTPFirewallRuleGroupConfigRequest)(nil), // 4: pb.FindHTTPFirewallRuleGroupConfigRequest (*FindHTTPFirewallRuleGroupConfigResponse)(nil), // 5: pb.FindHTTPFirewallRuleGroupConfigResponse - (*RPCUpdateSuccess)(nil), // 6: pb.RPCUpdateSuccess + (*UpdateHTTPFirewallRuleGroupSetsRequest)(nil), // 6: pb.UpdateHTTPFirewallRuleGroupSetsRequest + (*RPCUpdateSuccess)(nil), // 7: pb.RPCUpdateSuccess } var file_service_http_firewall_rule_group_proto_depIdxs = []int32{ 0, // 0: pb.HTTPFirewallRuleGroupService.updateHTTPFirewallRuleGroupIsOn:input_type -> pb.UpdateHTTPFirewallRuleGroupIsOnRequest 1, // 1: pb.HTTPFirewallRuleGroupService.createHTTPFirewallRuleGroup:input_type -> pb.CreateHTTPFirewallRuleGroupRequest 3, // 2: pb.HTTPFirewallRuleGroupService.updateHTTPFirewallRuleGroup:input_type -> pb.UpdateHTTPFirewallRuleGroupRequest 4, // 3: pb.HTTPFirewallRuleGroupService.findHTTPFirewallRuleGroupConfig:input_type -> pb.FindHTTPFirewallRuleGroupConfigRequest - 6, // 4: pb.HTTPFirewallRuleGroupService.updateHTTPFirewallRuleGroupIsOn:output_type -> pb.RPCUpdateSuccess - 2, // 5: pb.HTTPFirewallRuleGroupService.createHTTPFirewallRuleGroup:output_type -> pb.CreateHTTPFirewallRuleGroupResponse - 6, // 6: pb.HTTPFirewallRuleGroupService.updateHTTPFirewallRuleGroup:output_type -> pb.RPCUpdateSuccess - 5, // 7: pb.HTTPFirewallRuleGroupService.findHTTPFirewallRuleGroupConfig:output_type -> pb.FindHTTPFirewallRuleGroupConfigResponse - 4, // [4:8] is the sub-list for method output_type - 0, // [0:4] is the sub-list for method input_type + 6, // 4: pb.HTTPFirewallRuleGroupService.updateHTTPFirewallRuleGroupSets:input_type -> pb.UpdateHTTPFirewallRuleGroupSetsRequest + 7, // 5: pb.HTTPFirewallRuleGroupService.updateHTTPFirewallRuleGroupIsOn:output_type -> pb.RPCUpdateSuccess + 2, // 6: pb.HTTPFirewallRuleGroupService.createHTTPFirewallRuleGroup:output_type -> pb.CreateHTTPFirewallRuleGroupResponse + 7, // 7: pb.HTTPFirewallRuleGroupService.updateHTTPFirewallRuleGroup:output_type -> pb.RPCUpdateSuccess + 5, // 8: pb.HTTPFirewallRuleGroupService.findHTTPFirewallRuleGroupConfig:output_type -> pb.FindHTTPFirewallRuleGroupConfigResponse + 7, // 9: pb.HTTPFirewallRuleGroupService.updateHTTPFirewallRuleGroupSets:output_type -> pb.RPCUpdateSuccess + 5, // [5:10] is the sub-list for method output_type + 0, // [0:5] is the sub-list for method input_type 0, // [0:0] is the sub-list for extension type_name 0, // [0:0] is the sub-list for extension extendee 0, // [0:0] is the sub-list for field type_name @@ -561,6 +635,18 @@ func file_service_http_firewall_rule_group_proto_init() { return nil } } + file_service_http_firewall_rule_group_proto_msgTypes[6].Exporter = func(v interface{}, i int) interface{} { + switch v := v.(*UpdateHTTPFirewallRuleGroupSetsRequest); i { + case 0: + return &v.state + case 1: + return &v.sizeCache + case 2: + return &v.unknownFields + default: + return nil + } + } } type x struct{} out := protoimpl.TypeBuilder{ @@ -568,7 +654,7 @@ func file_service_http_firewall_rule_group_proto_init() { GoPackagePath: reflect.TypeOf(x{}).PkgPath(), RawDescriptor: file_service_http_firewall_rule_group_proto_rawDesc, NumEnums: 0, - NumMessages: 6, + NumMessages: 7, NumExtensions: 0, NumServices: 1, }, @@ -602,6 +688,8 @@ type HTTPFirewallRuleGroupServiceClient interface { UpdateHTTPFirewallRuleGroup(ctx context.Context, in *UpdateHTTPFirewallRuleGroupRequest, opts ...grpc.CallOption) (*RPCUpdateSuccess, error) // 获取分组配置 FindHTTPFirewallRuleGroupConfig(ctx context.Context, in *FindHTTPFirewallRuleGroupConfigRequest, opts ...grpc.CallOption) (*FindHTTPFirewallRuleGroupConfigResponse, error) + // 修改分组的规则集 + UpdateHTTPFirewallRuleGroupSets(ctx context.Context, in *UpdateHTTPFirewallRuleGroupSetsRequest, opts ...grpc.CallOption) (*RPCUpdateSuccess, error) } type hTTPFirewallRuleGroupServiceClient struct { @@ -648,6 +736,15 @@ func (c *hTTPFirewallRuleGroupServiceClient) FindHTTPFirewallRuleGroupConfig(ctx return out, nil } +func (c *hTTPFirewallRuleGroupServiceClient) UpdateHTTPFirewallRuleGroupSets(ctx context.Context, in *UpdateHTTPFirewallRuleGroupSetsRequest, opts ...grpc.CallOption) (*RPCUpdateSuccess, error) { + out := new(RPCUpdateSuccess) + err := c.cc.Invoke(ctx, "/pb.HTTPFirewallRuleGroupService/updateHTTPFirewallRuleGroupSets", in, out, opts...) + if err != nil { + return nil, err + } + return out, nil +} + // HTTPFirewallRuleGroupServiceServer is the server API for HTTPFirewallRuleGroupService service. type HTTPFirewallRuleGroupServiceServer interface { // 设置是否启用分组 @@ -658,6 +755,8 @@ type HTTPFirewallRuleGroupServiceServer interface { UpdateHTTPFirewallRuleGroup(context.Context, *UpdateHTTPFirewallRuleGroupRequest) (*RPCUpdateSuccess, error) // 获取分组配置 FindHTTPFirewallRuleGroupConfig(context.Context, *FindHTTPFirewallRuleGroupConfigRequest) (*FindHTTPFirewallRuleGroupConfigResponse, error) + // 修改分组的规则集 + UpdateHTTPFirewallRuleGroupSets(context.Context, *UpdateHTTPFirewallRuleGroupSetsRequest) (*RPCUpdateSuccess, error) } // UnimplementedHTTPFirewallRuleGroupServiceServer can be embedded to have forward compatible implementations. @@ -676,6 +775,9 @@ func (*UnimplementedHTTPFirewallRuleGroupServiceServer) UpdateHTTPFirewallRuleGr func (*UnimplementedHTTPFirewallRuleGroupServiceServer) FindHTTPFirewallRuleGroupConfig(context.Context, *FindHTTPFirewallRuleGroupConfigRequest) (*FindHTTPFirewallRuleGroupConfigResponse, error) { return nil, status.Errorf(codes.Unimplemented, "method FindHTTPFirewallRuleGroupConfig not implemented") } +func (*UnimplementedHTTPFirewallRuleGroupServiceServer) UpdateHTTPFirewallRuleGroupSets(context.Context, *UpdateHTTPFirewallRuleGroupSetsRequest) (*RPCUpdateSuccess, error) { + return nil, status.Errorf(codes.Unimplemented, "method UpdateHTTPFirewallRuleGroupSets not implemented") +} func RegisterHTTPFirewallRuleGroupServiceServer(s *grpc.Server, srv HTTPFirewallRuleGroupServiceServer) { s.RegisterService(&_HTTPFirewallRuleGroupService_serviceDesc, srv) @@ -753,6 +855,24 @@ func _HTTPFirewallRuleGroupService_FindHTTPFirewallRuleGroupConfig_Handler(srv i return interceptor(ctx, in, info, handler) } +func _HTTPFirewallRuleGroupService_UpdateHTTPFirewallRuleGroupSets_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) { + in := new(UpdateHTTPFirewallRuleGroupSetsRequest) + if err := dec(in); err != nil { + return nil, err + } + if interceptor == nil { + return srv.(HTTPFirewallRuleGroupServiceServer).UpdateHTTPFirewallRuleGroupSets(ctx, in) + } + info := &grpc.UnaryServerInfo{ + Server: srv, + FullMethod: "/pb.HTTPFirewallRuleGroupService/UpdateHTTPFirewallRuleGroupSets", + } + handler := func(ctx context.Context, req interface{}) (interface{}, error) { + return srv.(HTTPFirewallRuleGroupServiceServer).UpdateHTTPFirewallRuleGroupSets(ctx, req.(*UpdateHTTPFirewallRuleGroupSetsRequest)) + } + return interceptor(ctx, in, info, handler) +} + var _HTTPFirewallRuleGroupService_serviceDesc = grpc.ServiceDesc{ ServiceName: "pb.HTTPFirewallRuleGroupService", HandlerType: (*HTTPFirewallRuleGroupServiceServer)(nil), @@ -773,6 +893,10 @@ var _HTTPFirewallRuleGroupService_serviceDesc = grpc.ServiceDesc{ MethodName: "findHTTPFirewallRuleGroupConfig", Handler: _HTTPFirewallRuleGroupService_FindHTTPFirewallRuleGroupConfig_Handler, }, + { + MethodName: "updateHTTPFirewallRuleGroupSets", + Handler: _HTTPFirewallRuleGroupService_UpdateHTTPFirewallRuleGroupSets_Handler, + }, }, Streams: []grpc.StreamDesc{}, Metadata: "service_http_firewall_rule_group.proto", diff --git a/pkg/rpc/pb/service_http_firewall_rule_set.pb.go b/pkg/rpc/pb/service_http_firewall_rule_set.pb.go new file mode 100644 index 0000000..8ef06ae --- /dev/null +++ b/pkg/rpc/pb/service_http_firewall_rule_set.pb.go @@ -0,0 +1,624 @@ +// Code generated by protoc-gen-go. DO NOT EDIT. +// versions: +// protoc-gen-go v1.25.0 +// protoc v3.12.3 +// source: service_http_firewall_rule_set.proto + +package pb + +import ( + context "context" + proto "github.com/golang/protobuf/proto" + grpc "google.golang.org/grpc" + codes "google.golang.org/grpc/codes" + status "google.golang.org/grpc/status" + protoreflect "google.golang.org/protobuf/reflect/protoreflect" + protoimpl "google.golang.org/protobuf/runtime/protoimpl" + reflect "reflect" + sync "sync" +) + +const ( + // Verify that this generated code is sufficiently up-to-date. + _ = protoimpl.EnforceVersion(20 - protoimpl.MinVersion) + // Verify that runtime/protoimpl is sufficiently up-to-date. + _ = protoimpl.EnforceVersion(protoimpl.MaxVersion - 20) +) + +// This is a compile-time assertion that a sufficiently up-to-date version +// of the legacy proto package is being used. +const _ = proto.ProtoPackageIsVersion4 + +// 根据配置创建或修改规则集 +type CreateOrUpdateHTTPFirewallRuleSetFromConfigRequest struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + FirewallRuleSetConfigJSON []byte `protobuf:"bytes,1,opt,name=firewallRuleSetConfigJSON,proto3" json:"firewallRuleSetConfigJSON,omitempty"` +} + +func (x *CreateOrUpdateHTTPFirewallRuleSetFromConfigRequest) Reset() { + *x = CreateOrUpdateHTTPFirewallRuleSetFromConfigRequest{} + if protoimpl.UnsafeEnabled { + mi := &file_service_http_firewall_rule_set_proto_msgTypes[0] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) + } +} + +func (x *CreateOrUpdateHTTPFirewallRuleSetFromConfigRequest) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*CreateOrUpdateHTTPFirewallRuleSetFromConfigRequest) ProtoMessage() {} + +func (x *CreateOrUpdateHTTPFirewallRuleSetFromConfigRequest) ProtoReflect() protoreflect.Message { + mi := &file_service_http_firewall_rule_set_proto_msgTypes[0] + if protoimpl.UnsafeEnabled && x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use CreateOrUpdateHTTPFirewallRuleSetFromConfigRequest.ProtoReflect.Descriptor instead. +func (*CreateOrUpdateHTTPFirewallRuleSetFromConfigRequest) Descriptor() ([]byte, []int) { + return file_service_http_firewall_rule_set_proto_rawDescGZIP(), []int{0} +} + +func (x *CreateOrUpdateHTTPFirewallRuleSetFromConfigRequest) GetFirewallRuleSetConfigJSON() []byte { + if x != nil { + return x.FirewallRuleSetConfigJSON + } + return nil +} + +type CreateOrUpdateHTTPFirewallRuleSetFromConfigResponse struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + FirewallRuleSetId int64 `protobuf:"varint,1,opt,name=firewallRuleSetId,proto3" json:"firewallRuleSetId,omitempty"` +} + +func (x *CreateOrUpdateHTTPFirewallRuleSetFromConfigResponse) Reset() { + *x = CreateOrUpdateHTTPFirewallRuleSetFromConfigResponse{} + if protoimpl.UnsafeEnabled { + mi := &file_service_http_firewall_rule_set_proto_msgTypes[1] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) + } +} + +func (x *CreateOrUpdateHTTPFirewallRuleSetFromConfigResponse) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*CreateOrUpdateHTTPFirewallRuleSetFromConfigResponse) ProtoMessage() {} + +func (x *CreateOrUpdateHTTPFirewallRuleSetFromConfigResponse) ProtoReflect() protoreflect.Message { + mi := &file_service_http_firewall_rule_set_proto_msgTypes[1] + if protoimpl.UnsafeEnabled && x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use CreateOrUpdateHTTPFirewallRuleSetFromConfigResponse.ProtoReflect.Descriptor instead. +func (*CreateOrUpdateHTTPFirewallRuleSetFromConfigResponse) Descriptor() ([]byte, []int) { + return file_service_http_firewall_rule_set_proto_rawDescGZIP(), []int{1} +} + +func (x *CreateOrUpdateHTTPFirewallRuleSetFromConfigResponse) GetFirewallRuleSetId() int64 { + if x != nil { + return x.FirewallRuleSetId + } + return 0 +} + +// 设置开启状态 +type UpdateHTTPFirewallRuleSetIsOnRequest struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + FirewallRuleSetId int64 `protobuf:"varint,1,opt,name=firewallRuleSetId,proto3" json:"firewallRuleSetId,omitempty"` + IsOn bool `protobuf:"varint,2,opt,name=isOn,proto3" json:"isOn,omitempty"` +} + +func (x *UpdateHTTPFirewallRuleSetIsOnRequest) Reset() { + *x = UpdateHTTPFirewallRuleSetIsOnRequest{} + if protoimpl.UnsafeEnabled { + mi := &file_service_http_firewall_rule_set_proto_msgTypes[2] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) + } +} + +func (x *UpdateHTTPFirewallRuleSetIsOnRequest) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*UpdateHTTPFirewallRuleSetIsOnRequest) ProtoMessage() {} + +func (x *UpdateHTTPFirewallRuleSetIsOnRequest) ProtoReflect() protoreflect.Message { + mi := &file_service_http_firewall_rule_set_proto_msgTypes[2] + if protoimpl.UnsafeEnabled && x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use UpdateHTTPFirewallRuleSetIsOnRequest.ProtoReflect.Descriptor instead. +func (*UpdateHTTPFirewallRuleSetIsOnRequest) Descriptor() ([]byte, []int) { + return file_service_http_firewall_rule_set_proto_rawDescGZIP(), []int{2} +} + +func (x *UpdateHTTPFirewallRuleSetIsOnRequest) GetFirewallRuleSetId() int64 { + if x != nil { + return x.FirewallRuleSetId + } + return 0 +} + +func (x *UpdateHTTPFirewallRuleSetIsOnRequest) GetIsOn() bool { + if x != nil { + return x.IsOn + } + return false +} + +// 查找规则集配置 +type FindHTTPFirewallRuleSetConfigRequest struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + FirewallRuleSetId int64 `protobuf:"varint,1,opt,name=firewallRuleSetId,proto3" json:"firewallRuleSetId,omitempty"` +} + +func (x *FindHTTPFirewallRuleSetConfigRequest) Reset() { + *x = FindHTTPFirewallRuleSetConfigRequest{} + if protoimpl.UnsafeEnabled { + mi := &file_service_http_firewall_rule_set_proto_msgTypes[3] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) + } +} + +func (x *FindHTTPFirewallRuleSetConfigRequest) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*FindHTTPFirewallRuleSetConfigRequest) ProtoMessage() {} + +func (x *FindHTTPFirewallRuleSetConfigRequest) ProtoReflect() protoreflect.Message { + mi := &file_service_http_firewall_rule_set_proto_msgTypes[3] + if protoimpl.UnsafeEnabled && x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use FindHTTPFirewallRuleSetConfigRequest.ProtoReflect.Descriptor instead. +func (*FindHTTPFirewallRuleSetConfigRequest) Descriptor() ([]byte, []int) { + return file_service_http_firewall_rule_set_proto_rawDescGZIP(), []int{3} +} + +func (x *FindHTTPFirewallRuleSetConfigRequest) GetFirewallRuleSetId() int64 { + if x != nil { + return x.FirewallRuleSetId + } + return 0 +} + +type FindHTTPFirewallRuleSetConfigResponse struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + FirewallRuleSetJSON []byte `protobuf:"bytes,1,opt,name=firewallRuleSetJSON,proto3" json:"firewallRuleSetJSON,omitempty"` +} + +func (x *FindHTTPFirewallRuleSetConfigResponse) Reset() { + *x = FindHTTPFirewallRuleSetConfigResponse{} + if protoimpl.UnsafeEnabled { + mi := &file_service_http_firewall_rule_set_proto_msgTypes[4] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) + } +} + +func (x *FindHTTPFirewallRuleSetConfigResponse) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*FindHTTPFirewallRuleSetConfigResponse) ProtoMessage() {} + +func (x *FindHTTPFirewallRuleSetConfigResponse) ProtoReflect() protoreflect.Message { + mi := &file_service_http_firewall_rule_set_proto_msgTypes[4] + if protoimpl.UnsafeEnabled && x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use FindHTTPFirewallRuleSetConfigResponse.ProtoReflect.Descriptor instead. +func (*FindHTTPFirewallRuleSetConfigResponse) Descriptor() ([]byte, []int) { + return file_service_http_firewall_rule_set_proto_rawDescGZIP(), []int{4} +} + +func (x *FindHTTPFirewallRuleSetConfigResponse) GetFirewallRuleSetJSON() []byte { + if x != nil { + return x.FirewallRuleSetJSON + } + return nil +} + +var File_service_http_firewall_rule_set_proto protoreflect.FileDescriptor + +var file_service_http_firewall_rule_set_proto_rawDesc = []byte{ + 0x0a, 0x24, 0x73, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x5f, 0x68, 0x74, 0x74, 0x70, 0x5f, 0x66, + 0x69, 0x72, 0x65, 0x77, 0x61, 0x6c, 0x6c, 0x5f, 0x72, 0x75, 0x6c, 0x65, 0x5f, 0x73, 0x65, 0x74, + 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x12, 0x02, 0x70, 0x62, 0x1a, 0x12, 0x72, 0x70, 0x63, 0x5f, + 0x6d, 0x65, 0x73, 0x73, 0x61, 0x67, 0x65, 0x73, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x22, 0x72, + 0x0a, 0x32, 0x43, 0x72, 0x65, 0x61, 0x74, 0x65, 0x4f, 0x72, 0x55, 0x70, 0x64, 0x61, 0x74, 0x65, + 0x48, 0x54, 0x54, 0x50, 0x46, 0x69, 0x72, 0x65, 0x77, 0x61, 0x6c, 0x6c, 0x52, 0x75, 0x6c, 0x65, + 0x53, 0x65, 0x74, 0x46, 0x72, 0x6f, 0x6d, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x52, 0x65, 0x71, + 0x75, 0x65, 0x73, 0x74, 0x12, 0x3c, 0x0a, 0x19, 0x66, 0x69, 0x72, 0x65, 0x77, 0x61, 0x6c, 0x6c, + 0x52, 0x75, 0x6c, 0x65, 0x53, 0x65, 0x74, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x4a, 0x53, 0x4f, + 0x4e, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0c, 0x52, 0x19, 0x66, 0x69, 0x72, 0x65, 0x77, 0x61, 0x6c, + 0x6c, 0x52, 0x75, 0x6c, 0x65, 0x53, 0x65, 0x74, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x4a, 0x53, + 0x4f, 0x4e, 0x22, 0x63, 0x0a, 0x33, 0x43, 0x72, 0x65, 0x61, 0x74, 0x65, 0x4f, 0x72, 0x55, 0x70, + 0x64, 0x61, 0x74, 0x65, 0x48, 0x54, 0x54, 0x50, 0x46, 0x69, 0x72, 0x65, 0x77, 0x61, 0x6c, 0x6c, + 0x52, 0x75, 0x6c, 0x65, 0x53, 0x65, 0x74, 0x46, 0x72, 0x6f, 0x6d, 0x43, 0x6f, 0x6e, 0x66, 0x69, + 0x67, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x12, 0x2c, 0x0a, 0x11, 0x66, 0x69, 0x72, + 0x65, 0x77, 0x61, 0x6c, 0x6c, 0x52, 0x75, 0x6c, 0x65, 0x53, 0x65, 0x74, 0x49, 0x64, 0x18, 0x01, + 0x20, 0x01, 0x28, 0x03, 0x52, 0x11, 0x66, 0x69, 0x72, 0x65, 0x77, 0x61, 0x6c, 0x6c, 0x52, 0x75, + 0x6c, 0x65, 0x53, 0x65, 0x74, 0x49, 0x64, 0x22, 0x68, 0x0a, 0x24, 0x55, 0x70, 0x64, 0x61, 0x74, + 0x65, 0x48, 0x54, 0x54, 0x50, 0x46, 0x69, 0x72, 0x65, 0x77, 0x61, 0x6c, 0x6c, 0x52, 0x75, 0x6c, + 0x65, 0x53, 0x65, 0x74, 0x49, 0x73, 0x4f, 0x6e, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x12, + 0x2c, 0x0a, 0x11, 0x66, 0x69, 0x72, 0x65, 0x77, 0x61, 0x6c, 0x6c, 0x52, 0x75, 0x6c, 0x65, 0x53, + 0x65, 0x74, 0x49, 0x64, 0x18, 0x01, 0x20, 0x01, 0x28, 0x03, 0x52, 0x11, 0x66, 0x69, 0x72, 0x65, + 0x77, 0x61, 0x6c, 0x6c, 0x52, 0x75, 0x6c, 0x65, 0x53, 0x65, 0x74, 0x49, 0x64, 0x12, 0x12, 0x0a, + 0x04, 0x69, 0x73, 0x4f, 0x6e, 0x18, 0x02, 0x20, 0x01, 0x28, 0x08, 0x52, 0x04, 0x69, 0x73, 0x4f, + 0x6e, 0x22, 0x54, 0x0a, 0x24, 0x46, 0x69, 0x6e, 0x64, 0x48, 0x54, 0x54, 0x50, 0x46, 0x69, 0x72, + 0x65, 0x77, 0x61, 0x6c, 0x6c, 0x52, 0x75, 0x6c, 0x65, 0x53, 0x65, 0x74, 0x43, 0x6f, 0x6e, 0x66, + 0x69, 0x67, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x12, 0x2c, 0x0a, 0x11, 0x66, 0x69, 0x72, + 0x65, 0x77, 0x61, 0x6c, 0x6c, 0x52, 0x75, 0x6c, 0x65, 0x53, 0x65, 0x74, 0x49, 0x64, 0x18, 0x01, + 0x20, 0x01, 0x28, 0x03, 0x52, 0x11, 0x66, 0x69, 0x72, 0x65, 0x77, 0x61, 0x6c, 0x6c, 0x52, 0x75, + 0x6c, 0x65, 0x53, 0x65, 0x74, 0x49, 0x64, 0x22, 0x59, 0x0a, 0x25, 0x46, 0x69, 0x6e, 0x64, 0x48, + 0x54, 0x54, 0x50, 0x46, 0x69, 0x72, 0x65, 0x77, 0x61, 0x6c, 0x6c, 0x52, 0x75, 0x6c, 0x65, 0x53, + 0x65, 0x74, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, + 0x12, 0x30, 0x0a, 0x13, 0x66, 0x69, 0x72, 0x65, 0x77, 0x61, 0x6c, 0x6c, 0x52, 0x75, 0x6c, 0x65, + 0x53, 0x65, 0x74, 0x4a, 0x53, 0x4f, 0x4e, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0c, 0x52, 0x13, 0x66, + 0x69, 0x72, 0x65, 0x77, 0x61, 0x6c, 0x6c, 0x52, 0x75, 0x6c, 0x65, 0x53, 0x65, 0x74, 0x4a, 0x53, + 0x4f, 0x4e, 0x32, 0x94, 0x03, 0x0a, 0x1a, 0x48, 0x54, 0x54, 0x50, 0x46, 0x69, 0x72, 0x65, 0x77, + 0x61, 0x6c, 0x6c, 0x52, 0x75, 0x6c, 0x65, 0x53, 0x65, 0x74, 0x53, 0x65, 0x72, 0x76, 0x69, 0x63, + 0x65, 0x12, 0x9e, 0x01, 0x0a, 0x2b, 0x63, 0x72, 0x65, 0x61, 0x74, 0x65, 0x4f, 0x72, 0x55, 0x70, + 0x64, 0x61, 0x74, 0x65, 0x48, 0x54, 0x54, 0x50, 0x46, 0x69, 0x72, 0x65, 0x77, 0x61, 0x6c, 0x6c, + 0x52, 0x75, 0x6c, 0x65, 0x53, 0x65, 0x74, 0x46, 0x72, 0x6f, 0x6d, 0x43, 0x6f, 0x6e, 0x66, 0x69, + 0x67, 0x12, 0x36, 0x2e, 0x70, 0x62, 0x2e, 0x43, 0x72, 0x65, 0x61, 0x74, 0x65, 0x4f, 0x72, 0x55, + 0x70, 0x64, 0x61, 0x74, 0x65, 0x48, 0x54, 0x54, 0x50, 0x46, 0x69, 0x72, 0x65, 0x77, 0x61, 0x6c, + 0x6c, 0x52, 0x75, 0x6c, 0x65, 0x53, 0x65, 0x74, 0x46, 0x72, 0x6f, 0x6d, 0x43, 0x6f, 0x6e, 0x66, + 0x69, 0x67, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x37, 0x2e, 0x70, 0x62, 0x2e, 0x43, + 0x72, 0x65, 0x61, 0x74, 0x65, 0x4f, 0x72, 0x55, 0x70, 0x64, 0x61, 0x74, 0x65, 0x48, 0x54, 0x54, + 0x50, 0x46, 0x69, 0x72, 0x65, 0x77, 0x61, 0x6c, 0x6c, 0x52, 0x75, 0x6c, 0x65, 0x53, 0x65, 0x74, + 0x46, 0x72, 0x6f, 0x6d, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, + 0x73, 0x65, 0x12, 0x5f, 0x0a, 0x1d, 0x75, 0x70, 0x64, 0x61, 0x74, 0x65, 0x48, 0x54, 0x54, 0x50, + 0x46, 0x69, 0x72, 0x65, 0x77, 0x61, 0x6c, 0x6c, 0x52, 0x75, 0x6c, 0x65, 0x53, 0x65, 0x74, 0x49, + 0x73, 0x4f, 0x6e, 0x12, 0x28, 0x2e, 0x70, 0x62, 0x2e, 0x55, 0x70, 0x64, 0x61, 0x74, 0x65, 0x48, + 0x54, 0x54, 0x50, 0x46, 0x69, 0x72, 0x65, 0x77, 0x61, 0x6c, 0x6c, 0x52, 0x75, 0x6c, 0x65, 0x53, + 0x65, 0x74, 0x49, 0x73, 0x4f, 0x6e, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x14, 0x2e, + 0x70, 0x62, 0x2e, 0x52, 0x50, 0x43, 0x55, 0x70, 0x64, 0x61, 0x74, 0x65, 0x53, 0x75, 0x63, 0x63, + 0x65, 0x73, 0x73, 0x12, 0x74, 0x0a, 0x1d, 0x66, 0x69, 0x6e, 0x64, 0x48, 0x54, 0x54, 0x50, 0x46, + 0x69, 0x72, 0x65, 0x77, 0x61, 0x6c, 0x6c, 0x52, 0x75, 0x6c, 0x65, 0x53, 0x65, 0x74, 0x43, 0x6f, + 0x6e, 0x66, 0x69, 0x67, 0x12, 0x28, 0x2e, 0x70, 0x62, 0x2e, 0x46, 0x69, 0x6e, 0x64, 0x48, 0x54, + 0x54, 0x50, 0x46, 0x69, 0x72, 0x65, 0x77, 0x61, 0x6c, 0x6c, 0x52, 0x75, 0x6c, 0x65, 0x53, 0x65, + 0x74, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x29, + 0x2e, 0x70, 0x62, 0x2e, 0x46, 0x69, 0x6e, 0x64, 0x48, 0x54, 0x54, 0x50, 0x46, 0x69, 0x72, 0x65, + 0x77, 0x61, 0x6c, 0x6c, 0x52, 0x75, 0x6c, 0x65, 0x53, 0x65, 0x74, 0x43, 0x6f, 0x6e, 0x66, 0x69, + 0x67, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x42, 0x06, 0x5a, 0x04, 0x2e, 0x2f, 0x70, + 0x62, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33, +} + +var ( + file_service_http_firewall_rule_set_proto_rawDescOnce sync.Once + file_service_http_firewall_rule_set_proto_rawDescData = file_service_http_firewall_rule_set_proto_rawDesc +) + +func file_service_http_firewall_rule_set_proto_rawDescGZIP() []byte { + file_service_http_firewall_rule_set_proto_rawDescOnce.Do(func() { + file_service_http_firewall_rule_set_proto_rawDescData = protoimpl.X.CompressGZIP(file_service_http_firewall_rule_set_proto_rawDescData) + }) + return file_service_http_firewall_rule_set_proto_rawDescData +} + +var file_service_http_firewall_rule_set_proto_msgTypes = make([]protoimpl.MessageInfo, 5) +var file_service_http_firewall_rule_set_proto_goTypes = []interface{}{ + (*CreateOrUpdateHTTPFirewallRuleSetFromConfigRequest)(nil), // 0: pb.CreateOrUpdateHTTPFirewallRuleSetFromConfigRequest + (*CreateOrUpdateHTTPFirewallRuleSetFromConfigResponse)(nil), // 1: pb.CreateOrUpdateHTTPFirewallRuleSetFromConfigResponse + (*UpdateHTTPFirewallRuleSetIsOnRequest)(nil), // 2: pb.UpdateHTTPFirewallRuleSetIsOnRequest + (*FindHTTPFirewallRuleSetConfigRequest)(nil), // 3: pb.FindHTTPFirewallRuleSetConfigRequest + (*FindHTTPFirewallRuleSetConfigResponse)(nil), // 4: pb.FindHTTPFirewallRuleSetConfigResponse + (*RPCUpdateSuccess)(nil), // 5: pb.RPCUpdateSuccess +} +var file_service_http_firewall_rule_set_proto_depIdxs = []int32{ + 0, // 0: pb.HTTPFirewallRuleSetService.createOrUpdateHTTPFirewallRuleSetFromConfig:input_type -> pb.CreateOrUpdateHTTPFirewallRuleSetFromConfigRequest + 2, // 1: pb.HTTPFirewallRuleSetService.updateHTTPFirewallRuleSetIsOn:input_type -> pb.UpdateHTTPFirewallRuleSetIsOnRequest + 3, // 2: pb.HTTPFirewallRuleSetService.findHTTPFirewallRuleSetConfig:input_type -> pb.FindHTTPFirewallRuleSetConfigRequest + 1, // 3: pb.HTTPFirewallRuleSetService.createOrUpdateHTTPFirewallRuleSetFromConfig:output_type -> pb.CreateOrUpdateHTTPFirewallRuleSetFromConfigResponse + 5, // 4: pb.HTTPFirewallRuleSetService.updateHTTPFirewallRuleSetIsOn:output_type -> pb.RPCUpdateSuccess + 4, // 5: pb.HTTPFirewallRuleSetService.findHTTPFirewallRuleSetConfig:output_type -> pb.FindHTTPFirewallRuleSetConfigResponse + 3, // [3:6] is the sub-list for method output_type + 0, // [0:3] is the sub-list for method input_type + 0, // [0:0] is the sub-list for extension type_name + 0, // [0:0] is the sub-list for extension extendee + 0, // [0:0] is the sub-list for field type_name +} + +func init() { file_service_http_firewall_rule_set_proto_init() } +func file_service_http_firewall_rule_set_proto_init() { + if File_service_http_firewall_rule_set_proto != nil { + return + } + file_rpc_messages_proto_init() + if !protoimpl.UnsafeEnabled { + file_service_http_firewall_rule_set_proto_msgTypes[0].Exporter = func(v interface{}, i int) interface{} { + switch v := v.(*CreateOrUpdateHTTPFirewallRuleSetFromConfigRequest); i { + case 0: + return &v.state + case 1: + return &v.sizeCache + case 2: + return &v.unknownFields + default: + return nil + } + } + file_service_http_firewall_rule_set_proto_msgTypes[1].Exporter = func(v interface{}, i int) interface{} { + switch v := v.(*CreateOrUpdateHTTPFirewallRuleSetFromConfigResponse); i { + case 0: + return &v.state + case 1: + return &v.sizeCache + case 2: + return &v.unknownFields + default: + return nil + } + } + file_service_http_firewall_rule_set_proto_msgTypes[2].Exporter = func(v interface{}, i int) interface{} { + switch v := v.(*UpdateHTTPFirewallRuleSetIsOnRequest); i { + case 0: + return &v.state + case 1: + return &v.sizeCache + case 2: + return &v.unknownFields + default: + return nil + } + } + file_service_http_firewall_rule_set_proto_msgTypes[3].Exporter = func(v interface{}, i int) interface{} { + switch v := v.(*FindHTTPFirewallRuleSetConfigRequest); i { + case 0: + return &v.state + case 1: + return &v.sizeCache + case 2: + return &v.unknownFields + default: + return nil + } + } + file_service_http_firewall_rule_set_proto_msgTypes[4].Exporter = func(v interface{}, i int) interface{} { + switch v := v.(*FindHTTPFirewallRuleSetConfigResponse); i { + case 0: + return &v.state + case 1: + return &v.sizeCache + case 2: + return &v.unknownFields + default: + return nil + } + } + } + type x struct{} + out := protoimpl.TypeBuilder{ + File: protoimpl.DescBuilder{ + GoPackagePath: reflect.TypeOf(x{}).PkgPath(), + RawDescriptor: file_service_http_firewall_rule_set_proto_rawDesc, + NumEnums: 0, + NumMessages: 5, + NumExtensions: 0, + NumServices: 1, + }, + GoTypes: file_service_http_firewall_rule_set_proto_goTypes, + DependencyIndexes: file_service_http_firewall_rule_set_proto_depIdxs, + MessageInfos: file_service_http_firewall_rule_set_proto_msgTypes, + }.Build() + File_service_http_firewall_rule_set_proto = out.File + file_service_http_firewall_rule_set_proto_rawDesc = nil + file_service_http_firewall_rule_set_proto_goTypes = nil + file_service_http_firewall_rule_set_proto_depIdxs = nil +} + +// Reference imports to suppress errors if they are not otherwise used. +var _ context.Context +var _ grpc.ClientConnInterface + +// This is a compile-time assertion to ensure that this generated file +// is compatible with the grpc package it is being compiled against. +const _ = grpc.SupportPackageIsVersion6 + +// HTTPFirewallRuleSetServiceClient is the client API for HTTPFirewallRuleSetService service. +// +// For semantics around ctx use and closing/ending streaming RPCs, please refer to https://godoc.org/google.golang.org/grpc#ClientConn.NewStream. +type HTTPFirewallRuleSetServiceClient interface { + // 根据配置创建或修改规则集 + CreateOrUpdateHTTPFirewallRuleSetFromConfig(ctx context.Context, in *CreateOrUpdateHTTPFirewallRuleSetFromConfigRequest, opts ...grpc.CallOption) (*CreateOrUpdateHTTPFirewallRuleSetFromConfigResponse, error) + // 设置开启状态 + UpdateHTTPFirewallRuleSetIsOn(ctx context.Context, in *UpdateHTTPFirewallRuleSetIsOnRequest, opts ...grpc.CallOption) (*RPCUpdateSuccess, error) + // 查找规则集配置 + FindHTTPFirewallRuleSetConfig(ctx context.Context, in *FindHTTPFirewallRuleSetConfigRequest, opts ...grpc.CallOption) (*FindHTTPFirewallRuleSetConfigResponse, error) +} + +type hTTPFirewallRuleSetServiceClient struct { + cc grpc.ClientConnInterface +} + +func NewHTTPFirewallRuleSetServiceClient(cc grpc.ClientConnInterface) HTTPFirewallRuleSetServiceClient { + return &hTTPFirewallRuleSetServiceClient{cc} +} + +func (c *hTTPFirewallRuleSetServiceClient) CreateOrUpdateHTTPFirewallRuleSetFromConfig(ctx context.Context, in *CreateOrUpdateHTTPFirewallRuleSetFromConfigRequest, opts ...grpc.CallOption) (*CreateOrUpdateHTTPFirewallRuleSetFromConfigResponse, error) { + out := new(CreateOrUpdateHTTPFirewallRuleSetFromConfigResponse) + err := c.cc.Invoke(ctx, "/pb.HTTPFirewallRuleSetService/createOrUpdateHTTPFirewallRuleSetFromConfig", in, out, opts...) + if err != nil { + return nil, err + } + return out, nil +} + +func (c *hTTPFirewallRuleSetServiceClient) UpdateHTTPFirewallRuleSetIsOn(ctx context.Context, in *UpdateHTTPFirewallRuleSetIsOnRequest, opts ...grpc.CallOption) (*RPCUpdateSuccess, error) { + out := new(RPCUpdateSuccess) + err := c.cc.Invoke(ctx, "/pb.HTTPFirewallRuleSetService/updateHTTPFirewallRuleSetIsOn", in, out, opts...) + if err != nil { + return nil, err + } + return out, nil +} + +func (c *hTTPFirewallRuleSetServiceClient) FindHTTPFirewallRuleSetConfig(ctx context.Context, in *FindHTTPFirewallRuleSetConfigRequest, opts ...grpc.CallOption) (*FindHTTPFirewallRuleSetConfigResponse, error) { + out := new(FindHTTPFirewallRuleSetConfigResponse) + err := c.cc.Invoke(ctx, "/pb.HTTPFirewallRuleSetService/findHTTPFirewallRuleSetConfig", in, out, opts...) + if err != nil { + return nil, err + } + return out, nil +} + +// HTTPFirewallRuleSetServiceServer is the server API for HTTPFirewallRuleSetService service. +type HTTPFirewallRuleSetServiceServer interface { + // 根据配置创建或修改规则集 + CreateOrUpdateHTTPFirewallRuleSetFromConfig(context.Context, *CreateOrUpdateHTTPFirewallRuleSetFromConfigRequest) (*CreateOrUpdateHTTPFirewallRuleSetFromConfigResponse, error) + // 设置开启状态 + UpdateHTTPFirewallRuleSetIsOn(context.Context, *UpdateHTTPFirewallRuleSetIsOnRequest) (*RPCUpdateSuccess, error) + // 查找规则集配置 + FindHTTPFirewallRuleSetConfig(context.Context, *FindHTTPFirewallRuleSetConfigRequest) (*FindHTTPFirewallRuleSetConfigResponse, error) +} + +// UnimplementedHTTPFirewallRuleSetServiceServer can be embedded to have forward compatible implementations. +type UnimplementedHTTPFirewallRuleSetServiceServer struct { +} + +func (*UnimplementedHTTPFirewallRuleSetServiceServer) CreateOrUpdateHTTPFirewallRuleSetFromConfig(context.Context, *CreateOrUpdateHTTPFirewallRuleSetFromConfigRequest) (*CreateOrUpdateHTTPFirewallRuleSetFromConfigResponse, error) { + return nil, status.Errorf(codes.Unimplemented, "method CreateOrUpdateHTTPFirewallRuleSetFromConfig not implemented") +} +func (*UnimplementedHTTPFirewallRuleSetServiceServer) UpdateHTTPFirewallRuleSetIsOn(context.Context, *UpdateHTTPFirewallRuleSetIsOnRequest) (*RPCUpdateSuccess, error) { + return nil, status.Errorf(codes.Unimplemented, "method UpdateHTTPFirewallRuleSetIsOn not implemented") +} +func (*UnimplementedHTTPFirewallRuleSetServiceServer) FindHTTPFirewallRuleSetConfig(context.Context, *FindHTTPFirewallRuleSetConfigRequest) (*FindHTTPFirewallRuleSetConfigResponse, error) { + return nil, status.Errorf(codes.Unimplemented, "method FindHTTPFirewallRuleSetConfig not implemented") +} + +func RegisterHTTPFirewallRuleSetServiceServer(s *grpc.Server, srv HTTPFirewallRuleSetServiceServer) { + s.RegisterService(&_HTTPFirewallRuleSetService_serviceDesc, srv) +} + +func _HTTPFirewallRuleSetService_CreateOrUpdateHTTPFirewallRuleSetFromConfig_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) { + in := new(CreateOrUpdateHTTPFirewallRuleSetFromConfigRequest) + if err := dec(in); err != nil { + return nil, err + } + if interceptor == nil { + return srv.(HTTPFirewallRuleSetServiceServer).CreateOrUpdateHTTPFirewallRuleSetFromConfig(ctx, in) + } + info := &grpc.UnaryServerInfo{ + Server: srv, + FullMethod: "/pb.HTTPFirewallRuleSetService/CreateOrUpdateHTTPFirewallRuleSetFromConfig", + } + handler := func(ctx context.Context, req interface{}) (interface{}, error) { + return srv.(HTTPFirewallRuleSetServiceServer).CreateOrUpdateHTTPFirewallRuleSetFromConfig(ctx, req.(*CreateOrUpdateHTTPFirewallRuleSetFromConfigRequest)) + } + return interceptor(ctx, in, info, handler) +} + +func _HTTPFirewallRuleSetService_UpdateHTTPFirewallRuleSetIsOn_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) { + in := new(UpdateHTTPFirewallRuleSetIsOnRequest) + if err := dec(in); err != nil { + return nil, err + } + if interceptor == nil { + return srv.(HTTPFirewallRuleSetServiceServer).UpdateHTTPFirewallRuleSetIsOn(ctx, in) + } + info := &grpc.UnaryServerInfo{ + Server: srv, + FullMethod: "/pb.HTTPFirewallRuleSetService/UpdateHTTPFirewallRuleSetIsOn", + } + handler := func(ctx context.Context, req interface{}) (interface{}, error) { + return srv.(HTTPFirewallRuleSetServiceServer).UpdateHTTPFirewallRuleSetIsOn(ctx, req.(*UpdateHTTPFirewallRuleSetIsOnRequest)) + } + return interceptor(ctx, in, info, handler) +} + +func _HTTPFirewallRuleSetService_FindHTTPFirewallRuleSetConfig_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) { + in := new(FindHTTPFirewallRuleSetConfigRequest) + if err := dec(in); err != nil { + return nil, err + } + if interceptor == nil { + return srv.(HTTPFirewallRuleSetServiceServer).FindHTTPFirewallRuleSetConfig(ctx, in) + } + info := &grpc.UnaryServerInfo{ + Server: srv, + FullMethod: "/pb.HTTPFirewallRuleSetService/FindHTTPFirewallRuleSetConfig", + } + handler := func(ctx context.Context, req interface{}) (interface{}, error) { + return srv.(HTTPFirewallRuleSetServiceServer).FindHTTPFirewallRuleSetConfig(ctx, req.(*FindHTTPFirewallRuleSetConfigRequest)) + } + return interceptor(ctx, in, info, handler) +} + +var _HTTPFirewallRuleSetService_serviceDesc = grpc.ServiceDesc{ + ServiceName: "pb.HTTPFirewallRuleSetService", + HandlerType: (*HTTPFirewallRuleSetServiceServer)(nil), + Methods: []grpc.MethodDesc{ + { + MethodName: "createOrUpdateHTTPFirewallRuleSetFromConfig", + Handler: _HTTPFirewallRuleSetService_CreateOrUpdateHTTPFirewallRuleSetFromConfig_Handler, + }, + { + MethodName: "updateHTTPFirewallRuleSetIsOn", + Handler: _HTTPFirewallRuleSetService_UpdateHTTPFirewallRuleSetIsOn_Handler, + }, + { + MethodName: "findHTTPFirewallRuleSetConfig", + Handler: _HTTPFirewallRuleSetService_FindHTTPFirewallRuleSetConfig_Handler, + }, + }, + Streams: []grpc.StreamDesc{}, + Metadata: "service_http_firewall_rule_set.proto", +} diff --git a/pkg/rpc/protos/service_http_firewall_rule_group.proto b/pkg/rpc/protos/service_http_firewall_rule_group.proto index 24df3aa..1112236 100644 --- a/pkg/rpc/protos/service_http_firewall_rule_group.proto +++ b/pkg/rpc/protos/service_http_firewall_rule_group.proto @@ -17,6 +17,9 @@ service HTTPFirewallRuleGroupService { // 获取分组配置 rpc findHTTPFirewallRuleGroupConfig (FindHTTPFirewallRuleGroupConfigRequest) returns (FindHTTPFirewallRuleGroupConfigResponse); + + // 修改分组的规则集 + rpc updateHTTPFirewallRuleGroupSets (UpdateHTTPFirewallRuleGroupSetsRequest) returns (RPCUpdateSuccess); } // 设置是否启用分组 @@ -51,4 +54,10 @@ message FindHTTPFirewallRuleGroupConfigRequest { message FindHTTPFirewallRuleGroupConfigResponse { bytes firewallRuleGroupJSON = 1; +} + +// 修改分组的规则集 +message UpdateHTTPFirewallRuleGroupSetsRequest { + int64 firewallRuleGroupId = 1; + bytes firewallRuleSetsJSON = 2; } \ No newline at end of file diff --git a/pkg/rpc/protos/service_http_firewall_rule_set.proto b/pkg/rpc/protos/service_http_firewall_rule_set.proto new file mode 100644 index 0000000..f35d75b --- /dev/null +++ b/pkg/rpc/protos/service_http_firewall_rule_set.proto @@ -0,0 +1,41 @@ +syntax = "proto3"; +option go_package = "./pb"; + +package pb; + +import "rpc_messages.proto"; + +service HTTPFirewallRuleSetService { + // 根据配置创建或修改规则集 + rpc createOrUpdateHTTPFirewallRuleSetFromConfig (CreateOrUpdateHTTPFirewallRuleSetFromConfigRequest) returns (CreateOrUpdateHTTPFirewallRuleSetFromConfigResponse); + + // 设置开启状态 + rpc updateHTTPFirewallRuleSetIsOn (UpdateHTTPFirewallRuleSetIsOnRequest) returns (RPCUpdateSuccess); + + // 查找规则集配置 + rpc findHTTPFirewallRuleSetConfig (FindHTTPFirewallRuleSetConfigRequest) returns (FindHTTPFirewallRuleSetConfigResponse); +} + +// 根据配置创建或修改规则集 +message CreateOrUpdateHTTPFirewallRuleSetFromConfigRequest { + bytes firewallRuleSetConfigJSON = 1; +} + +message CreateOrUpdateHTTPFirewallRuleSetFromConfigResponse { + int64 firewallRuleSetId = 1; +} + +// 设置开启状态 +message UpdateHTTPFirewallRuleSetIsOnRequest { + int64 firewallRuleSetId = 1; + bool isOn = 2; +} + +// 查找规则集配置 +message FindHTTPFirewallRuleSetConfigRequest { + int64 firewallRuleSetId = 1; +} + +message FindHTTPFirewallRuleSetConfigResponse { + bytes firewallRuleSetJSON = 1; +} \ No newline at end of file diff --git a/pkg/serverconfigs/firewallconfigs/http_firewall_checkpoint_definition.go b/pkg/serverconfigs/firewallconfigs/http_firewall_checkpoint_definition.go new file mode 100644 index 0000000..787f78d --- /dev/null +++ b/pkg/serverconfigs/firewallconfigs/http_firewall_checkpoint_definition.go @@ -0,0 +1,23 @@ +package firewallconfigs + +type KeyValue struct { + Name string `json:"name"` + Value string `json:"value"` +} + +func NewKeyValue(name string, value string) *KeyValue { + return &KeyValue{ + Name: name, + Value: value, + } +} + +// check point definition +type HTTPFirewallCheckpointDefinition struct { + Name string `json:"name"` + Description string `json:"description"` + Prefix string `json:"prefix"` + IsRequest bool `json:"isRequest"` + Params []*KeyValue `json:"params"` + Options []OptionInterface `json:"options"` +} diff --git a/pkg/serverconfigs/firewallconfigs/http_firewall_checkpoints.go b/pkg/serverconfigs/firewallconfigs/http_firewall_checkpoints.go new file mode 100644 index 0000000..62473ef --- /dev/null +++ b/pkg/serverconfigs/firewallconfigs/http_firewall_checkpoints.go @@ -0,0 +1,279 @@ +package firewallconfigs + +import ( + "github.com/iwind/TeaGo/maps" + "regexp" +) + +// all check points list +var AllCheckpoints = []*HTTPFirewallCheckpointDefinition{ + { + Name: "客户端地址(IP)", + Prefix: "remoteAddr", + Description: "试图通过分析X-Forwarded-For等Header获取的客户端地址,比如192.168.1.100", + IsRequest: true, + }, + { + Name: "客户端源地址(IP)", + Prefix: "rawRemoteAddr", + Description: "直接连接的客户端地址,比如192.168.1.100", + IsRequest: true, + }, + { + Name: "客户端端口", + Prefix: "remotePort", + Description: "直接连接的客户端地址端口", + IsRequest: true, + }, + { + Name: "客户端用户名", + Prefix: "remoteUser", + Description: "通过BasicAuth登录的客户端用户名", + IsRequest: true, + }, + { + Name: "请求URI", + Prefix: "requestURI", + Description: "包含URL参数的请求URI,比如/hello/world?lang=go", + IsRequest: true, + }, + { + Name: "请求路径", + Prefix: "requestPath", + Description: "不包含URL参数的请求路径,比如/hello/world", + IsRequest: true, + }, + { + Name: "请求内容长度", + Prefix: "requestLength", + Description: "请求Header中的Content-Length", + IsRequest: true, + }, + { + Name: "请求体内容", + Prefix: "requestBody", + Description: "通常在POST或者PUT等操作时会附带请求体,最大限制32M", + IsRequest: true, + }, + { + Name: "请求URI和请求体组合", + Prefix: "requestAll", + Description: "${requestURI}和${requestBody}组合", + IsRequest: true, + }, + { + Name: "请求表单参数", + Prefix: "requestForm", + Description: "获取POST或者其他方法发送的表单参数,最大请求体限制32M", + IsRequest: true, + }, + { + Name: "上传文件", + Prefix: "requestUpload", + Description: "获取POST上传的文件信息,最大请求体限制32M", + Params: []*KeyValue{ + NewKeyValue("最小文件尺寸", "minSize"), + NewKeyValue("最大文件尺寸", "maxSize"), + NewKeyValue("扩展名(如.txt)", "ext"), + NewKeyValue("原始文件名", "name"), + NewKeyValue("表单字段名", "field"), + }, + IsRequest: true, + }, + { + Name: "请求JSON参数", + Prefix: "requestJSON", + Description: "获取POST或者其他方法发送的JSON,最大请求体限制32M,使用点(.)符号表示多级数据", + IsRequest: true, + }, + { + Name: "请求方法", + Prefix: "requestMethod", + Description: "比如GET、POST", + IsRequest: true, + }, + { + Name: "请求协议", + Prefix: "scheme", + Description: "比如http或https", + IsRequest: true, + }, + { + Name: "HTTP协议版本", + Prefix: "proto", + Description: "比如HTTP/1.1", + IsRequest: true, + }, + { + Name: "主机名", + Prefix: "host", + Description: "比如teaos.cn", + IsRequest: true, + }, + { + Name: "请求来源URL", + Prefix: "referer", + Description: "请求Header中的Referer值", + IsRequest: true, + }, + { + Name: "客户端信息", + Prefix: "userAgent", + Description: "比如Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko) Chrome/73.0.3683.103", + IsRequest: true, + }, + { + Name: "内容类型", + Prefix: "contentType", + Description: "请求Header的Content-Type", + IsRequest: true, + }, + { + Name: "所有cookie组合字符串", + Prefix: "cookies", + Description: "比如sid=IxZVPFhE&city=beijing&uid=18237", + IsRequest: true, + }, + { + Name: "单个cookie值", + Prefix: "cookie", + Description: "单个cookie值", + IsRequest: true, + }, + { + Name: "所有URL参数组合", + Prefix: "args", + Description: "比如name=lu&age=20", + IsRequest: true, + }, + { + Name: "单个URL参数值", + Prefix: "arg", + Description: "单个URL参数值", + IsRequest: true, + }, + { + Name: "所有Header信息", + Prefix: "headers", + Description: "使用\n隔开的Header信息字符串", + IsRequest: true, + }, + { + Name: "单个Header值", + Prefix: "header", + Description: "单个Header值", + IsRequest: true, + }, + { + Name: "CC统计", + Prefix: "cc", + Description: "统计某段时间段内的请求信息", + Params: []*KeyValue{ + NewKeyValue("请求数", "requests"), + }, + Options: []OptionInterface{ + &FieldOption{ + Type: "field", + Name: "统计周期", + Code: "period", + Value: "60", + IsRequired: false, + Size: 8, + Comment: "", + Placeholder: "", + RightLabel: "秒", + MaxLength: 8, + Validate: func(value string) (ok bool, message string) { + if regexp.MustCompile("^\\d+$").MatchString(value) { + ok = true + return + } + message = "周期需要是一个整数数字" + return + }, + }, + &OptionsOption{ + Type: "options", + Name: "用户识别读取来源", + Code: "userType", + Value: "", + IsRequired: false, + Size: 10, + Comment: "", + RightLabel: "", + Validate: nil, + Options: []maps.Map{ + { + "name": "IP", + "value": "ip", + }, + { + "name": "Cookie", + "value": "cookie", + }, + { + "name": "URL参数", + "value": "get", + }, + { + "name": "POST参数", + "value": "post", + }, + { + "name": "HTTP Header", + "value": "header", + }, + }, + }, + &FieldOption{ + Type: "field", + Name: "用户识别字段", + Code: "userField", + Comment: "识别用户的唯一性字段,在用户读取来源不是IP时使用", + }, + &FieldOption{ + Type: "field", + Name: "字段读取位置", + Code: "userIndex", + Size: 5, + MaxLength: 5, + Comment: "读取用户识别字段的位置,从0开始,比如user12345的数字ID 12345的位置就是5,在用户读取来源不是IP时使用", + }, + }, + IsRequest: true, + }, + { + Name: "响应状态码", + Prefix: "status", + Description: "响应状态码,比如200、404、500", + IsRequest: false, + }, + { + Name: "响应Header", + Prefix: "responseHeader", + Description: "响应Header值", + IsRequest: false, + }, + { + Name: "响应内容", + Prefix: "responseBody", + Description: "响应内容字符串", + IsRequest: false, + }, + { + Name: "响应内容长度", + Prefix: "bytesSent", + Description: "响应内容长度,通过响应的Header Content-Length获取", + IsRequest: false, + }, +} + +// find a check point definition +func FindCheckpointDefinition(prefix string) *HTTPFirewallCheckpointDefinition { + for _, def := range AllCheckpoints { + if def.Prefix == prefix { + return def + } + } + return nil +} diff --git a/pkg/serverconfigs/firewallconfigs/http_firewall_policy.go b/pkg/serverconfigs/firewallconfigs/http_firewall_policy.go index 3478ed9..84733f7 100644 --- a/pkg/serverconfigs/firewallconfigs/http_firewall_policy.go +++ b/pkg/serverconfigs/firewallconfigs/http_firewall_policy.go @@ -42,7 +42,7 @@ func (this *HTTPFirewallPolicy) AllRuleGroups() []*HTTPFirewallRuleGroup { return result } -// 根据代号获取分组 +// 根据代号查找分组 func (this *HTTPFirewallPolicy) FindRuleGroupWithCode(code string) *HTTPFirewallRuleGroup { for _, g := range this.AllRuleGroups() { if g.Code == code { @@ -52,6 +52,16 @@ func (this *HTTPFirewallPolicy) FindRuleGroupWithCode(code string) *HTTPFirewall return nil } +// 根据ID查找分组 +func (this *HTTPFirewallPolicy) FindRuleGroup(groupId int64) *HTTPFirewallRuleGroup { + for _, g := range this.AllRuleGroups() { + if g.Id == groupId { + return g + } + } + return nil +} + // 删除某个分组 func (this *HTTPFirewallPolicy) RemoveRuleGroup(groupId int64) { if this.Inbound != nil { diff --git a/pkg/serverconfigs/firewallconfigs/http_firewall_rule.go b/pkg/serverconfigs/firewallconfigs/http_firewall_rule.go index c3b65b4..6e8e8f5 100644 --- a/pkg/serverconfigs/firewallconfigs/http_firewall_rule.go +++ b/pkg/serverconfigs/firewallconfigs/http_firewall_rule.go @@ -12,5 +12,6 @@ type HTTPFirewallRule struct { } func (this *HTTPFirewallRule) Init() error { + // TODO 执行更严谨的校验 return nil } diff --git a/pkg/serverconfigs/firewallconfigs/http_firewall_rule_group.go b/pkg/serverconfigs/firewallconfigs/http_firewall_rule_group.go index c65e6f3..05fcf4c 100644 --- a/pkg/serverconfigs/firewallconfigs/http_firewall_rule_group.go +++ b/pkg/serverconfigs/firewallconfigs/http_firewall_rule_group.go @@ -26,3 +26,13 @@ func (this *HTTPFirewallRuleGroup) Init() error { func (this *HTTPFirewallRuleGroup) AddRuleSet(ruleSet *HTTPFirewallRuleSet) { this.Sets = append(this.Sets, ruleSet) } + +// 根据ID查找规则集 +func (this *HTTPFirewallRuleGroup) FindRuleSet(ruleSetId int64) *HTTPFirewallRuleSet { + for _, set := range this.Sets { + if set.Id == ruleSetId { + return set + } + } + return nil +} diff --git a/pkg/serverconfigs/firewallconfigs/option.go b/pkg/serverconfigs/firewallconfigs/option.go new file mode 100644 index 0000000..254fd9c --- /dev/null +++ b/pkg/serverconfigs/firewallconfigs/option.go @@ -0,0 +1,4 @@ +package firewallconfigs + +type OptionInterface interface { +} diff --git a/pkg/serverconfigs/firewallconfigs/option_field.go b/pkg/serverconfigs/firewallconfigs/option_field.go new file mode 100644 index 0000000..04572a6 --- /dev/null +++ b/pkg/serverconfigs/firewallconfigs/option_field.go @@ -0,0 +1,24 @@ +package firewallconfigs + +// attach option +type FieldOption struct { + Type string `json:"type"` + Name string `json:"name"` + Code string `json:"code"` + Value string `json:"value"` // default value + IsRequired bool `json:"isRequired"` + Size int `json:"size"` + Comment string `json:"comment"` + Placeholder string `json:"placeholder"` + RightLabel string `json:"rightLabel"` + MaxLength int `json:"maxLength"` + Validate func(value string) (ok bool, message string) `json:"-"` +} + +func NewFieldOption(name string, code string) *FieldOption { + return &FieldOption{ + Type: "field", + Name: name, + Code: code, + } +} diff --git a/pkg/serverconfigs/firewallconfigs/option_options.go b/pkg/serverconfigs/firewallconfigs/option_options.go new file mode 100644 index 0000000..2fff77b --- /dev/null +++ b/pkg/serverconfigs/firewallconfigs/option_options.go @@ -0,0 +1,28 @@ +package firewallconfigs + +import "github.com/iwind/TeaGo/maps" + +type OptionsOption struct { + Type string `json:"type"` + Name string `json:"name"` + Code string `json:"code"` + Value string `json:"value"` // default value + IsRequired bool `json:"isRequired"` + Size int `json:"size"` + Comment string `json:"comment"` + RightLabel string `json:"rightLabel"` + Validate func(value string) (ok bool, message string) `json:"-"` + Options []maps.Map `json:"options"` +} + +func NewOptionsOption(name string, code string) *OptionsOption { + return &OptionsOption{ + Type: "options", + Name: name, + Code: code, + } +} + +func (this *OptionsOption) SetOptions(options []maps.Map) { + this.Options = options +}