WAF模板中增加空Agent和随机字符拦截规则

pkg/rpc/pb/service_http_firewall_rule_group.pb.go

@@ -514,6 +514,62 @@ func (x *UpdateHTTPFirewallRuleGroupSetsRequest) GetFirewallRuleSetsJSON() []byt
 	return nil
 }
 
+// 添加规则集
+type AddHTTPFirewallRuleGroupSetRequest struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	FirewallRuleGroupId       int64  `protobuf:"varint,1,opt,name=firewallRuleGroupId,proto3" json:"firewallRuleGroupId,omitempty"`
+	FirewallRuleSetConfigJSON []byte `protobuf:"bytes,2,opt,name=firewallRuleSetConfigJSON,proto3" json:"firewallRuleSetConfigJSON,omitempty"`
+}
+
+func (x *AddHTTPFirewallRuleGroupSetRequest) Reset() {
+	*x = AddHTTPFirewallRuleGroupSetRequest{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_service_http_firewall_rule_group_proto_msgTypes[9]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *AddHTTPFirewallRuleGroupSetRequest) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*AddHTTPFirewallRuleGroupSetRequest) ProtoMessage() {}
+
+func (x *AddHTTPFirewallRuleGroupSetRequest) ProtoReflect() protoreflect.Message {
+	mi := &file_service_http_firewall_rule_group_proto_msgTypes[9]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use AddHTTPFirewallRuleGroupSetRequest.ProtoReflect.Descriptor instead.
+func (*AddHTTPFirewallRuleGroupSetRequest) Descriptor() ([]byte, []int) {
+	return file_service_http_firewall_rule_group_proto_rawDescGZIP(), []int{9}
+}
+
+func (x *AddHTTPFirewallRuleGroupSetRequest) GetFirewallRuleGroupId() int64 {
+	if x != nil {
+		return x.FirewallRuleGroupId
+	}
+	return 0
+}
+
+func (x *AddHTTPFirewallRuleGroupSetRequest) GetFirewallRuleSetConfigJSON() []byte {
+	if x != nil {
+		return x.FirewallRuleSetConfigJSON
+	}
+	return nil
+}
+
 var File_service_http_firewall_rule_group_proto protoreflect.FileDescriptor
 
 var file_service_http_firewall_rule_group_proto_rawDesc = []byte{
@@ -588,52 +644,67 @@ var file_service_http_firewall_rule_group_proto_rawDesc = []byte{
 	0x75, 0x6c, 0x65, 0x47, 0x72, 0x6f, 0x75, 0x70, 0x49, 0x64, 0x12, 0x32, 0x0a, 0x14, 0x66, 0x69,
 	0x72, 0x65, 0x77, 0x61, 0x6c, 0x6c, 0x52, 0x75, 0x6c, 0x65, 0x53, 0x65, 0x74, 0x73, 0x4a, 0x53,
 	0x4f, 0x4e, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0c, 0x52, 0x14, 0x66, 0x69, 0x72, 0x65, 0x77, 0x61,
-	0x6c, 0x6c, 0x52, 0x75, 0x6c, 0x65, 0x53, 0x65, 0x74, 0x73, 0x4a, 0x53, 0x4f, 0x4e, 0x32, 0xb4,
+	0x6c, 0x6c, 0x52, 0x75, 0x6c, 0x65, 0x53, 0x65, 0x74, 0x73, 0x4a, 0x53, 0x4f, 0x4e, 0x22, 0x94,
-	0x05, 0x0a, 0x1c, 0x48, 0x54, 0x54, 0x50, 0x46, 0x69, 0x72, 0x65, 0x77, 0x61, 0x6c, 0x6c, 0x52,
+	0x01, 0x0a, 0x22, 0x41, 0x64, 0x64, 0x48, 0x54, 0x54, 0x50, 0x46, 0x69, 0x72, 0x65, 0x77, 0x61,
-	0x75, 0x6c, 0x65, 0x47, 0x72, 0x6f, 0x75, 0x70, 0x53, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x12,
+	0x6c, 0x6c, 0x52, 0x75, 0x6c, 0x65, 0x47, 0x72, 0x6f, 0x75, 0x70, 0x53, 0x65, 0x74, 0x52, 0x65,
-	0x5d, 0x0a, 0x1f, 0x75, 0x70, 0x64, 0x61, 0x74, 0x65, 0x48, 0x54, 0x54, 0x50, 0x46, 0x69, 0x72,
+	0x71, 0x75, 0x65, 0x73, 0x74, 0x12, 0x30, 0x0a, 0x13, 0x66, 0x69, 0x72, 0x65, 0x77, 0x61, 0x6c,
-	0x65, 0x77, 0x61, 0x6c, 0x6c, 0x52, 0x75, 0x6c, 0x65, 0x47, 0x72, 0x6f, 0x75, 0x70, 0x49, 0x73,
+	0x6c, 0x52, 0x75, 0x6c, 0x65, 0x47, 0x72, 0x6f, 0x75, 0x70, 0x49, 0x64, 0x18, 0x01, 0x20, 0x01,
-	0x4f, 0x6e, 0x12, 0x2a, 0x2e, 0x70, 0x62, 0x2e, 0x55, 0x70, 0x64, 0x61, 0x74, 0x65, 0x48, 0x54,
+	0x28, 0x03, 0x52, 0x13, 0x66, 0x69, 0x72, 0x65, 0x77, 0x61, 0x6c, 0x6c, 0x52, 0x75, 0x6c, 0x65,
-	0x54, 0x50, 0x46, 0x69, 0x72, 0x65, 0x77, 0x61, 0x6c, 0x6c, 0x52, 0x75, 0x6c, 0x65, 0x47, 0x72,
+	0x47, 0x72, 0x6f, 0x75, 0x70, 0x49, 0x64, 0x12, 0x3c, 0x0a, 0x19, 0x66, 0x69, 0x72, 0x65, 0x77,
-	0x6f, 0x75, 0x70, 0x49, 0x73, 0x4f, 0x6e, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x0e,
+	0x61, 0x6c, 0x6c, 0x52, 0x75, 0x6c, 0x65, 0x53, 0x65, 0x74, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67,
-	0x2e, 0x70, 0x62, 0x2e, 0x52, 0x50, 0x43, 0x53, 0x75, 0x63, 0x63, 0x65, 0x73, 0x73, 0x12, 0x6e,
+	0x4a, 0x53, 0x4f, 0x4e, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0c, 0x52, 0x19, 0x66, 0x69, 0x72, 0x65,
-	0x0a, 0x1b, 0x63, 0x72, 0x65, 0x61, 0x74, 0x65, 0x48, 0x54, 0x54, 0x50, 0x46, 0x69, 0x72, 0x65,
+	0x77, 0x61, 0x6c, 0x6c, 0x52, 0x75, 0x6c, 0x65, 0x53, 0x65, 0x74, 0x43, 0x6f, 0x6e, 0x66, 0x69,
-	0x77, 0x61, 0x6c, 0x6c, 0x52, 0x75, 0x6c, 0x65, 0x47, 0x72, 0x6f, 0x75, 0x70, 0x12, 0x26, 0x2e,
+	0x67, 0x4a, 0x53, 0x4f, 0x4e, 0x32, 0x8b, 0x06, 0x0a, 0x1c, 0x48, 0x54, 0x54, 0x50, 0x46, 0x69,
-	0x70, 0x62, 0x2e, 0x43, 0x72, 0x65, 0x61, 0x74, 0x65, 0x48, 0x54, 0x54, 0x50, 0x46, 0x69, 0x72,
+	0x72, 0x65, 0x77, 0x61, 0x6c, 0x6c, 0x52, 0x75, 0x6c, 0x65, 0x47, 0x72, 0x6f, 0x75, 0x70, 0x53,
-	0x65, 0x77, 0x61, 0x6c, 0x6c, 0x52, 0x75, 0x6c, 0x65, 0x47, 0x72, 0x6f, 0x75, 0x70, 0x52, 0x65,
+	0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x12, 0x5d, 0x0a, 0x1f, 0x75, 0x70, 0x64, 0x61, 0x74, 0x65,
-	0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x27, 0x2e, 0x70, 0x62, 0x2e, 0x43, 0x72, 0x65, 0x61, 0x74,
-	0x65, 0x48, 0x54, 0x54, 0x50, 0x46, 0x69, 0x72, 0x65, 0x77, 0x61, 0x6c, 0x6c, 0x52, 0x75, 0x6c,
-	0x65, 0x47, 0x72, 0x6f, 0x75, 0x70, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x12, 0x55,
-	0x0a, 0x1b, 0x75, 0x70, 0x64, 0x61, 0x74, 0x65, 0x48, 0x54, 0x54, 0x50, 0x46, 0x69, 0x72, 0x65,
-	0x77, 0x61, 0x6c, 0x6c, 0x52, 0x75, 0x6c, 0x65, 0x47, 0x72, 0x6f, 0x75, 0x70, 0x12, 0x26, 0x2e,
-	0x70, 0x62, 0x2e, 0x55, 0x70, 0x64, 0x61, 0x74, 0x65, 0x48, 0x54, 0x54, 0x50, 0x46, 0x69, 0x72,
-	0x65, 0x77, 0x61, 0x6c, 0x6c, 0x52, 0x75, 0x6c, 0x65, 0x47, 0x72, 0x6f, 0x75, 0x70, 0x52, 0x65,
-	0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x0e, 0x2e, 0x70, 0x62, 0x2e, 0x52, 0x50, 0x43, 0x53, 0x75,
-	0x63, 0x63, 0x65, 0x73, 0x73, 0x12, 0x8f, 0x01, 0x0a, 0x26, 0x66, 0x69, 0x6e, 0x64, 0x45, 0x6e,
-	0x61, 0x62, 0x6c, 0x65, 0x64, 0x48, 0x54, 0x54, 0x50, 0x46, 0x69, 0x72, 0x65, 0x77, 0x61, 0x6c,
-	0x6c, 0x52, 0x75, 0x6c, 0x65, 0x47, 0x72, 0x6f, 0x75, 0x70, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67,
-	0x12, 0x31, 0x2e, 0x70, 0x62, 0x2e, 0x46, 0x69, 0x6e, 0x64, 0x45, 0x6e, 0x61, 0x62, 0x6c, 0x65,
-	0x64, 0x48, 0x54, 0x54, 0x50, 0x46, 0x69, 0x72, 0x65, 0x77, 0x61, 0x6c, 0x6c, 0x52, 0x75, 0x6c,
-	0x65, 0x47, 0x72, 0x6f, 0x75, 0x70, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x52, 0x65, 0x71, 0x75,
-	0x65, 0x73, 0x74, 0x1a, 0x32, 0x2e, 0x70, 0x62, 0x2e, 0x46, 0x69, 0x6e, 0x64, 0x45, 0x6e, 0x61,
-	0x62, 0x6c, 0x65, 0x64, 0x48, 0x54, 0x54, 0x50, 0x46, 0x69, 0x72, 0x65, 0x77, 0x61, 0x6c, 0x6c,
-	0x52, 0x75, 0x6c, 0x65, 0x47, 0x72, 0x6f, 0x75, 0x70, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x52,
-	0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x12, 0x7d, 0x0a, 0x20, 0x66, 0x69, 0x6e, 0x64, 0x45,
-	0x6e, 0x61, 0x62, 0x6c, 0x65, 0x64, 0x48, 0x54, 0x54, 0x50, 0x46, 0x69, 0x72, 0x65, 0x77, 0x61,
-	0x6c, 0x6c, 0x52, 0x75, 0x6c, 0x65, 0x47, 0x72, 0x6f, 0x75, 0x70, 0x12, 0x2b, 0x2e, 0x70, 0x62,
-	0x2e, 0x46, 0x69, 0x6e, 0x64, 0x45, 0x6e, 0x61, 0x62, 0x6c, 0x65, 0x64, 0x48, 0x54, 0x54, 0x50,
-	0x46, 0x69, 0x72, 0x65, 0x77, 0x61, 0x6c, 0x6c, 0x52, 0x75, 0x6c, 0x65, 0x47, 0x72, 0x6f, 0x75,
-	0x70, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x2c, 0x2e, 0x70, 0x62, 0x2e, 0x46, 0x69,
-	0x6e, 0x64, 0x45, 0x6e, 0x61, 0x62, 0x6c, 0x65, 0x64, 0x48, 0x54, 0x54, 0x50, 0x46, 0x69, 0x72,
-	0x65, 0x77, 0x61, 0x6c, 0x6c, 0x52, 0x75, 0x6c, 0x65, 0x47, 0x72, 0x6f, 0x75, 0x70, 0x52, 0x65,
-	0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x12, 0x5d, 0x0a, 0x1f, 0x75, 0x70, 0x64, 0x61, 0x74, 0x65,
 	0x48, 0x54, 0x54, 0x50, 0x46, 0x69, 0x72, 0x65, 0x77, 0x61, 0x6c, 0x6c, 0x52, 0x75, 0x6c, 0x65,
-	0x47, 0x72, 0x6f, 0x75, 0x70, 0x53, 0x65, 0x74, 0x73, 0x12, 0x2a, 0x2e, 0x70, 0x62, 0x2e, 0x55,
+	0x47, 0x72, 0x6f, 0x75, 0x70, 0x49, 0x73, 0x4f, 0x6e, 0x12, 0x2a, 0x2e, 0x70, 0x62, 0x2e, 0x55,
 	0x70, 0x64, 0x61, 0x74, 0x65, 0x48, 0x54, 0x54, 0x50, 0x46, 0x69, 0x72, 0x65, 0x77, 0x61, 0x6c,
-	0x6c, 0x52, 0x75, 0x6c, 0x65, 0x47, 0x72, 0x6f, 0x75, 0x70, 0x53, 0x65, 0x74, 0x73, 0x52, 0x65,
+	0x6c, 0x52, 0x75, 0x6c, 0x65, 0x47, 0x72, 0x6f, 0x75, 0x70, 0x49, 0x73, 0x4f, 0x6e, 0x52, 0x65,
 	0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x0e, 0x2e, 0x70, 0x62, 0x2e, 0x52, 0x50, 0x43, 0x53, 0x75,
-	0x63, 0x63, 0x65, 0x73, 0x73, 0x42, 0x06, 0x5a, 0x04, 0x2e, 0x2f, 0x70, 0x62, 0x62, 0x06, 0x70,
+	0x63, 0x63, 0x65, 0x73, 0x73, 0x12, 0x6e, 0x0a, 0x1b, 0x63, 0x72, 0x65, 0x61, 0x74, 0x65, 0x48,
-	0x72, 0x6f, 0x74, 0x6f, 0x33,
+	0x54, 0x54, 0x50, 0x46, 0x69, 0x72, 0x65, 0x77, 0x61, 0x6c, 0x6c, 0x52, 0x75, 0x6c, 0x65, 0x47,
+	0x72, 0x6f, 0x75, 0x70, 0x12, 0x26, 0x2e, 0x70, 0x62, 0x2e, 0x43, 0x72, 0x65, 0x61, 0x74, 0x65,
+	0x48, 0x54, 0x54, 0x50, 0x46, 0x69, 0x72, 0x65, 0x77, 0x61, 0x6c, 0x6c, 0x52, 0x75, 0x6c, 0x65,
+	0x47, 0x72, 0x6f, 0x75, 0x70, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x27, 0x2e, 0x70,
+	0x62, 0x2e, 0x43, 0x72, 0x65, 0x61, 0x74, 0x65, 0x48, 0x54, 0x54, 0x50, 0x46, 0x69, 0x72, 0x65,
+	0x77, 0x61, 0x6c, 0x6c, 0x52, 0x75, 0x6c, 0x65, 0x47, 0x72, 0x6f, 0x75, 0x70, 0x52, 0x65, 0x73,
+	0x70, 0x6f, 0x6e, 0x73, 0x65, 0x12, 0x55, 0x0a, 0x1b, 0x75, 0x70, 0x64, 0x61, 0x74, 0x65, 0x48,
+	0x54, 0x54, 0x50, 0x46, 0x69, 0x72, 0x65, 0x77, 0x61, 0x6c, 0x6c, 0x52, 0x75, 0x6c, 0x65, 0x47,
+	0x72, 0x6f, 0x75, 0x70, 0x12, 0x26, 0x2e, 0x70, 0x62, 0x2e, 0x55, 0x70, 0x64, 0x61, 0x74, 0x65,
+	0x48, 0x54, 0x54, 0x50, 0x46, 0x69, 0x72, 0x65, 0x77, 0x61, 0x6c, 0x6c, 0x52, 0x75, 0x6c, 0x65,
+	0x47, 0x72, 0x6f, 0x75, 0x70, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x0e, 0x2e, 0x70,
+	0x62, 0x2e, 0x52, 0x50, 0x43, 0x53, 0x75, 0x63, 0x63, 0x65, 0x73, 0x73, 0x12, 0x8f, 0x01, 0x0a,
+	0x26, 0x66, 0x69, 0x6e, 0x64, 0x45, 0x6e, 0x61, 0x62, 0x6c, 0x65, 0x64, 0x48, 0x54, 0x54, 0x50,
+	0x46, 0x69, 0x72, 0x65, 0x77, 0x61, 0x6c, 0x6c, 0x52, 0x75, 0x6c, 0x65, 0x47, 0x72, 0x6f, 0x75,
+	0x70, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x12, 0x31, 0x2e, 0x70, 0x62, 0x2e, 0x46, 0x69, 0x6e,
+	0x64, 0x45, 0x6e, 0x61, 0x62, 0x6c, 0x65, 0x64, 0x48, 0x54, 0x54, 0x50, 0x46, 0x69, 0x72, 0x65,
+	0x77, 0x61, 0x6c, 0x6c, 0x52, 0x75, 0x6c, 0x65, 0x47, 0x72, 0x6f, 0x75, 0x70, 0x43, 0x6f, 0x6e,
+	0x66, 0x69, 0x67, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x32, 0x2e, 0x70, 0x62, 0x2e,
+	0x46, 0x69, 0x6e, 0x64, 0x45, 0x6e, 0x61, 0x62, 0x6c, 0x65, 0x64, 0x48, 0x54, 0x54, 0x50, 0x46,
+	0x69, 0x72, 0x65, 0x77, 0x61, 0x6c, 0x6c, 0x52, 0x75, 0x6c, 0x65, 0x47, 0x72, 0x6f, 0x75, 0x70,
+	0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x12, 0x7d,
+	0x0a, 0x20, 0x66, 0x69, 0x6e, 0x64, 0x45, 0x6e, 0x61, 0x62, 0x6c, 0x65, 0x64, 0x48, 0x54, 0x54,
+	0x50, 0x46, 0x69, 0x72, 0x65, 0x77, 0x61, 0x6c, 0x6c, 0x52, 0x75, 0x6c, 0x65, 0x47, 0x72, 0x6f,
+	0x75, 0x70, 0x12, 0x2b, 0x2e, 0x70, 0x62, 0x2e, 0x46, 0x69, 0x6e, 0x64, 0x45, 0x6e, 0x61, 0x62,
+	0x6c, 0x65, 0x64, 0x48, 0x54, 0x54, 0x50, 0x46, 0x69, 0x72, 0x65, 0x77, 0x61, 0x6c, 0x6c, 0x52,
+	0x75, 0x6c, 0x65, 0x47, 0x72, 0x6f, 0x75, 0x70, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a,
+	0x2c, 0x2e, 0x70, 0x62, 0x2e, 0x46, 0x69, 0x6e, 0x64, 0x45, 0x6e, 0x61, 0x62, 0x6c, 0x65, 0x64,
+	0x48, 0x54, 0x54, 0x50, 0x46, 0x69, 0x72, 0x65, 0x77, 0x61, 0x6c, 0x6c, 0x52, 0x75, 0x6c, 0x65,
+	0x47, 0x72, 0x6f, 0x75, 0x70, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x12, 0x5d, 0x0a,
+	0x1f, 0x75, 0x70, 0x64, 0x61, 0x74, 0x65, 0x48, 0x54, 0x54, 0x50, 0x46, 0x69, 0x72, 0x65, 0x77,
+	0x61, 0x6c, 0x6c, 0x52, 0x75, 0x6c, 0x65, 0x47, 0x72, 0x6f, 0x75, 0x70, 0x53, 0x65, 0x74, 0x73,
+	0x12, 0x2a, 0x2e, 0x70, 0x62, 0x2e, 0x55, 0x70, 0x64, 0x61, 0x74, 0x65, 0x48, 0x54, 0x54, 0x50,
+	0x46, 0x69, 0x72, 0x65, 0x77, 0x61, 0x6c, 0x6c, 0x52, 0x75, 0x6c, 0x65, 0x47, 0x72, 0x6f, 0x75,
+	0x70, 0x53, 0x65, 0x74, 0x73, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x0e, 0x2e, 0x70,
+	0x62, 0x2e, 0x52, 0x50, 0x43, 0x53, 0x75, 0x63, 0x63, 0x65, 0x73, 0x73, 0x12, 0x55, 0x0a, 0x1b,
+	0x61, 0x64, 0x64, 0x48, 0x54, 0x54, 0x50, 0x46, 0x69, 0x72, 0x65, 0x77, 0x61, 0x6c, 0x6c, 0x52,
+	0x75, 0x6c, 0x65, 0x47, 0x72, 0x6f, 0x75, 0x70, 0x53, 0x65, 0x74, 0x12, 0x26, 0x2e, 0x70, 0x62,
+	0x2e, 0x41, 0x64, 0x64, 0x48, 0x54, 0x54, 0x50, 0x46, 0x69, 0x72, 0x65, 0x77, 0x61, 0x6c, 0x6c,
+	0x52, 0x75, 0x6c, 0x65, 0x47, 0x72, 0x6f, 0x75, 0x70, 0x53, 0x65, 0x74, 0x52, 0x65, 0x71, 0x75,
+	0x65, 0x73, 0x74, 0x1a, 0x0e, 0x2e, 0x70, 0x62, 0x2e, 0x52, 0x50, 0x43, 0x53, 0x75, 0x63, 0x63,
+	0x65, 0x73, 0x73, 0x42, 0x06, 0x5a, 0x04, 0x2e, 0x2f, 0x70, 0x62, 0x62, 0x06, 0x70, 0x72, 0x6f,
+	0x74, 0x6f, 0x33,
 }
 
 var (
@@ -648,7 +719,7 @@ func file_service_http_firewall_rule_group_proto_rawDescGZIP() []byte {
 	return file_service_http_firewall_rule_group_proto_rawDescData
 }
 
-var file_service_http_firewall_rule_group_proto_msgTypes = make([]protoimpl.MessageInfo, 9)
+var file_service_http_firewall_rule_group_proto_msgTypes = make([]protoimpl.MessageInfo, 10)
 var file_service_http_firewall_rule_group_proto_goTypes = []interface{}{
 	(*UpdateHTTPFirewallRuleGroupIsOnRequest)(nil),         // 0: pb.UpdateHTTPFirewallRuleGroupIsOnRequest
 	(*CreateHTTPFirewallRuleGroupRequest)(nil),             // 1: pb.CreateHTTPFirewallRuleGroupRequest
@@ -659,25 +730,28 @@ var file_service_http_firewall_rule_group_proto_goTypes = []interface{}{
 	(*FindEnabledHTTPFirewallRuleGroupRequest)(nil),        // 6: pb.FindEnabledHTTPFirewallRuleGroupRequest
 	(*FindEnabledHTTPFirewallRuleGroupResponse)(nil),       // 7: pb.FindEnabledHTTPFirewallRuleGroupResponse
 	(*UpdateHTTPFirewallRuleGroupSetsRequest)(nil),         // 8: pb.UpdateHTTPFirewallRuleGroupSetsRequest
-	(*HTTPFirewallRuleGroup)(nil),                          // 9: pb.HTTPFirewallRuleGroup
+	(*AddHTTPFirewallRuleGroupSetRequest)(nil),             // 9: pb.AddHTTPFirewallRuleGroupSetRequest
-	(*RPCSuccess)(nil),                                     // 10: pb.RPCSuccess
+	(*HTTPFirewallRuleGroup)(nil),                          // 10: pb.HTTPFirewallRuleGroup
+	(*RPCSuccess)(nil),                                     // 11: pb.RPCSuccess
 }
 var file_service_http_firewall_rule_group_proto_depIdxs = []int32{
-	9,  // 0: pb.FindEnabledHTTPFirewallRuleGroupResponse.firewallRuleGroup:type_name -> pb.HTTPFirewallRuleGroup
+	10, // 0: pb.FindEnabledHTTPFirewallRuleGroupResponse.firewallRuleGroup:type_name -> pb.HTTPFirewallRuleGroup
 	0,  // 1: pb.HTTPFirewallRuleGroupService.updateHTTPFirewallRuleGroupIsOn:input_type -> pb.UpdateHTTPFirewallRuleGroupIsOnRequest
 	1,  // 2: pb.HTTPFirewallRuleGroupService.createHTTPFirewallRuleGroup:input_type -> pb.CreateHTTPFirewallRuleGroupRequest
 	3,  // 3: pb.HTTPFirewallRuleGroupService.updateHTTPFirewallRuleGroup:input_type -> pb.UpdateHTTPFirewallRuleGroupRequest
 	4,  // 4: pb.HTTPFirewallRuleGroupService.findEnabledHTTPFirewallRuleGroupConfig:input_type -> pb.FindEnabledHTTPFirewallRuleGroupConfigRequest
 	6,  // 5: pb.HTTPFirewallRuleGroupService.findEnabledHTTPFirewallRuleGroup:input_type -> pb.FindEnabledHTTPFirewallRuleGroupRequest
 	8,  // 6: pb.HTTPFirewallRuleGroupService.updateHTTPFirewallRuleGroupSets:input_type -> pb.UpdateHTTPFirewallRuleGroupSetsRequest
-	10, // 7: pb.HTTPFirewallRuleGroupService.updateHTTPFirewallRuleGroupIsOn:output_type -> pb.RPCSuccess
+	9,  // 7: pb.HTTPFirewallRuleGroupService.addHTTPFirewallRuleGroupSet:input_type -> pb.AddHTTPFirewallRuleGroupSetRequest
-	2,  // 8: pb.HTTPFirewallRuleGroupService.createHTTPFirewallRuleGroup:output_type -> pb.CreateHTTPFirewallRuleGroupResponse
+	11, // 8: pb.HTTPFirewallRuleGroupService.updateHTTPFirewallRuleGroupIsOn:output_type -> pb.RPCSuccess
-	10, // 9: pb.HTTPFirewallRuleGroupService.updateHTTPFirewallRuleGroup:output_type -> pb.RPCSuccess
+	2,  // 9: pb.HTTPFirewallRuleGroupService.createHTTPFirewallRuleGroup:output_type -> pb.CreateHTTPFirewallRuleGroupResponse
-	5,  // 10: pb.HTTPFirewallRuleGroupService.findEnabledHTTPFirewallRuleGroupConfig:output_type -> pb.FindEnabledHTTPFirewallRuleGroupConfigResponse
+	11, // 10: pb.HTTPFirewallRuleGroupService.updateHTTPFirewallRuleGroup:output_type -> pb.RPCSuccess
-	7,  // 11: pb.HTTPFirewallRuleGroupService.findEnabledHTTPFirewallRuleGroup:output_type -> pb.FindEnabledHTTPFirewallRuleGroupResponse
+	5,  // 11: pb.HTTPFirewallRuleGroupService.findEnabledHTTPFirewallRuleGroupConfig:output_type -> pb.FindEnabledHTTPFirewallRuleGroupConfigResponse
-	10, // 12: pb.HTTPFirewallRuleGroupService.updateHTTPFirewallRuleGroupSets:output_type -> pb.RPCSuccess
+	7,  // 12: pb.HTTPFirewallRuleGroupService.findEnabledHTTPFirewallRuleGroup:output_type -> pb.FindEnabledHTTPFirewallRuleGroupResponse
-	7,  // [7:13] is the sub-list for method output_type
+	11, // 13: pb.HTTPFirewallRuleGroupService.updateHTTPFirewallRuleGroupSets:output_type -> pb.RPCSuccess
-	1,  // [1:7] is the sub-list for method input_type
+	11, // 14: pb.HTTPFirewallRuleGroupService.addHTTPFirewallRuleGroupSet:output_type -> pb.RPCSuccess
+	8,  // [8:15] is the sub-list for method output_type
+	1,  // [1:8] is the sub-list for method input_type
 	1,  // [1:1] is the sub-list for extension type_name
 	1,  // [1:1] is the sub-list for extension extendee
 	0,  // [0:1] is the sub-list for field type_name
@@ -799,6 +873,18 @@ func file_service_http_firewall_rule_group_proto_init() {
 				return nil
 			}
 		}
+		file_service_http_firewall_rule_group_proto_msgTypes[9].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*AddHTTPFirewallRuleGroupSetRequest); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
 	}
 	type x struct{}
 	out := protoimpl.TypeBuilder{
@@ -806,7 +892,7 @@ func file_service_http_firewall_rule_group_proto_init() {
 			GoPackagePath: reflect.TypeOf(x{}).PkgPath(),
 			RawDescriptor: file_service_http_firewall_rule_group_proto_rawDesc,
 			NumEnums:      0,
-			NumMessages:   9,
+			NumMessages:   10,
 			NumExtensions: 0,
 			NumServices:   1,
 		},
@@ -844,6 +930,8 @@ type HTTPFirewallRuleGroupServiceClient interface {
 	FindEnabledHTTPFirewallRuleGroup(ctx context.Context, in *FindEnabledHTTPFirewallRuleGroupRequest, opts ...grpc.CallOption) (*FindEnabledHTTPFirewallRuleGroupResponse, error)
 	// 修改分组的规则集
 	UpdateHTTPFirewallRuleGroupSets(ctx context.Context, in *UpdateHTTPFirewallRuleGroupSetsRequest, opts ...grpc.CallOption) (*RPCSuccess, error)
+	// 添加规则集
+	AddHTTPFirewallRuleGroupSet(ctx context.Context, in *AddHTTPFirewallRuleGroupSetRequest, opts ...grpc.CallOption) (*RPCSuccess, error)
 }
 
 type hTTPFirewallRuleGroupServiceClient struct {
@@ -908,6 +996,15 @@ func (c *hTTPFirewallRuleGroupServiceClient) UpdateHTTPFirewallRuleGroupSets(ctx
 	return out, nil
 }
 
+func (c *hTTPFirewallRuleGroupServiceClient) AddHTTPFirewallRuleGroupSet(ctx context.Context, in *AddHTTPFirewallRuleGroupSetRequest, opts ...grpc.CallOption) (*RPCSuccess, error) {
+	out := new(RPCSuccess)
+	err := c.cc.Invoke(ctx, "/pb.HTTPFirewallRuleGroupService/addHTTPFirewallRuleGroupSet", in, out, opts...)
+	if err != nil {
+		return nil, err
+	}
+	return out, nil
+}
+
 // HTTPFirewallRuleGroupServiceServer is the server API for HTTPFirewallRuleGroupService service.
 type HTTPFirewallRuleGroupServiceServer interface {
 	// 设置是否启用分组
@@ -922,6 +1019,8 @@ type HTTPFirewallRuleGroupServiceServer interface {
 	FindEnabledHTTPFirewallRuleGroup(context.Context, *FindEnabledHTTPFirewallRuleGroupRequest) (*FindEnabledHTTPFirewallRuleGroupResponse, error)
 	// 修改分组的规则集
 	UpdateHTTPFirewallRuleGroupSets(context.Context, *UpdateHTTPFirewallRuleGroupSetsRequest) (*RPCSuccess, error)
+	// 添加规则集
+	AddHTTPFirewallRuleGroupSet(context.Context, *AddHTTPFirewallRuleGroupSetRequest) (*RPCSuccess, error)
 }
 
 // UnimplementedHTTPFirewallRuleGroupServiceServer can be embedded to have forward compatible implementations.
@@ -946,6 +1045,9 @@ func (*UnimplementedHTTPFirewallRuleGroupServiceServer) FindEnabledHTTPFirewallR
 func (*UnimplementedHTTPFirewallRuleGroupServiceServer) UpdateHTTPFirewallRuleGroupSets(context.Context, *UpdateHTTPFirewallRuleGroupSetsRequest) (*RPCSuccess, error) {
 	return nil, status.Errorf(codes.Unimplemented, "method UpdateHTTPFirewallRuleGroupSets not implemented")
 }
+func (*UnimplementedHTTPFirewallRuleGroupServiceServer) AddHTTPFirewallRuleGroupSet(context.Context, *AddHTTPFirewallRuleGroupSetRequest) (*RPCSuccess, error) {
+	return nil, status.Errorf(codes.Unimplemented, "method AddHTTPFirewallRuleGroupSet not implemented")
+}
 
 func RegisterHTTPFirewallRuleGroupServiceServer(s *grpc.Server, srv HTTPFirewallRuleGroupServiceServer) {
 	s.RegisterService(&_HTTPFirewallRuleGroupService_serviceDesc, srv)
@@ -1059,6 +1161,24 @@ func _HTTPFirewallRuleGroupService_UpdateHTTPFirewallRuleGroupSets_Handler(srv i
 	return interceptor(ctx, in, info, handler)
 }
 
+func _HTTPFirewallRuleGroupService_AddHTTPFirewallRuleGroupSet_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) {
+	in := new(AddHTTPFirewallRuleGroupSetRequest)
+	if err := dec(in); err != nil {
+		return nil, err
+	}
+	if interceptor == nil {
+		return srv.(HTTPFirewallRuleGroupServiceServer).AddHTTPFirewallRuleGroupSet(ctx, in)
+	}
+	info := &grpc.UnaryServerInfo{
+		Server:     srv,
+		FullMethod: "/pb.HTTPFirewallRuleGroupService/AddHTTPFirewallRuleGroupSet",
+	}
+	handler := func(ctx context.Context, req interface{}) (interface{}, error) {
+		return srv.(HTTPFirewallRuleGroupServiceServer).AddHTTPFirewallRuleGroupSet(ctx, req.(*AddHTTPFirewallRuleGroupSetRequest))
+	}
+	return interceptor(ctx, in, info, handler)
+}
+
 var _HTTPFirewallRuleGroupService_serviceDesc = grpc.ServiceDesc{
 	ServiceName: "pb.HTTPFirewallRuleGroupService",
 	HandlerType: (*HTTPFirewallRuleGroupServiceServer)(nil),
@@ -1087,6 +1207,10 @@ var _HTTPFirewallRuleGroupService_serviceDesc = grpc.ServiceDesc{
 			MethodName: "updateHTTPFirewallRuleGroupSets",
 			Handler:    _HTTPFirewallRuleGroupService_UpdateHTTPFirewallRuleGroupSets_Handler,
 		},
+		{
+			MethodName: "addHTTPFirewallRuleGroupSet",
+			Handler:    _HTTPFirewallRuleGroupService_AddHTTPFirewallRuleGroupSet_Handler,
+		},
 	},
 	Streams:  []grpc.StreamDesc{},
 	Metadata: "service_http_firewall_rule_group.proto",

pkg/rpc/protos/service_http_firewall_rule_group.proto

@@ -24,6 +24,9 @@ service HTTPFirewallRuleGroupService {
 
 	// 修改分组的规则集
 	rpc updateHTTPFirewallRuleGroupSets (UpdateHTTPFirewallRuleGroupSetsRequest) returns (RPCSuccess);
+
+	// 添加规则集
+	rpc addHTTPFirewallRuleGroupSet(AddHTTPFirewallRuleGroupSetRequest) returns (RPCSuccess);
 }
 
 // 设置是否启用分组
@@ -73,4 +76,10 @@ message FindEnabledHTTPFirewallRuleGroupResponse {
 message UpdateHTTPFirewallRuleGroupSetsRequest {
 	int64 firewallRuleGroupId = 1;
 	bytes firewallRuleSetsJSON = 2;
+}
+
+// 添加规则集
+message AddHTTPFirewallRuleGroupSetRequest {
+	int64 firewallRuleGroupId = 1;
+	bytes firewallRuleSetConfigJSON = 2;
 }

pkg/serverconfigs/firewallconfigs/http_firewall_rule_group.go

@@ -1,6 +1,6 @@
 package firewallconfigs
 
-// 规则组
+// HTTPFirewallRuleGroup 规则组
 type HTTPFirewallRuleGroup struct {
 	Id          int64                     `yaml:"id" json:"id"`
 	IsOn        bool                      `yaml:"isOn" json:"isOn"`
@@ -11,7 +11,7 @@ type HTTPFirewallRuleGroup struct {
 	Sets        []*HTTPFirewallRuleSet    `yaml:"sets" json:"sets"`
 }
 
-// 初始化
+// Init 初始化
 func (this *HTTPFirewallRuleGroup) Init() error {
 	for _, set := range this.Sets {
 		err := set.Init()
@@ -22,12 +22,12 @@ func (this *HTTPFirewallRuleGroup) Init() error {
 	return nil
 }
 
-// 添加规则集
+// AddRuleSet 添加规则集
 func (this *HTTPFirewallRuleGroup) AddRuleSet(ruleSet *HTTPFirewallRuleSet) {
 	this.Sets = append(this.Sets, ruleSet)
 }
 
-// 根据ID查找规则集
+// FindRuleSet 根据ID查找规则集
 func (this *HTTPFirewallRuleGroup) FindRuleSet(ruleSetId int64) *HTTPFirewallRuleSet {
 	for _, set := range this.Sets {
 		if set.Id == ruleSetId {
@@ -36,3 +36,13 @@ func (this *HTTPFirewallRuleGroup) FindRuleSet(ruleSetId int64) *HTTPFirewallRul
 	}
 	return nil
 }
+
+// FindRuleSetWithCode 根据Code查找规则集
+func (this *HTTPFirewallRuleGroup) FindRuleSetWithCode(code string) *HTTPFirewallRuleSet {
+	for _, set := range this.Sets {
+		if set.Code == code {
+			return set
+		}
+	}
+	return nil
+}

pkg/serverconfigs/firewallconfigs/http_firewall_template.go

@@ -433,6 +433,30 @@ func HTTPFirewallTemplate() *HTTPFirewallPolicy {
 			group.AddRuleSet(set)
 		}
 
+		{
+			set := &HTTPFirewallRuleSet{}
+			set.IsOn = true
+			set.Name = "空Agent"
+			set.Code = "20002"
+			set.Connector = HTTPFirewallRuleConnectorOr
+			set.Actions = []*HTTPFirewallActionConfig{
+				{
+					Code: HTTPFirewallActionBlock,
+				},
+			}
+
+			// 空Agent
+			set.AddRule(&HTTPFirewallRule{
+				IsOn:              true,
+				Param:             "${userAgent}",
+				Operator:          HTTPFirewallRuleOperatorEqString,
+				Value:             "",
+				IsCaseInsensitive: false,
+			})
+
+			group.AddRuleSet(set)
+		}
+
 		policy.Inbound.Groups = append(policy.Inbound.Groups, group)
 	}
 
@@ -507,7 +531,7 @@ func HTTPFirewallTemplate() *HTTPFirewallPolicy {
 			set.IsOn = true
 			set.Name = "CC请求数"
 			set.Description = "限制单IP在一定时间内的总体请求数"
-			set.Code = "8001"
+			set.Code = "8002"
 			set.Connector = HTTPFirewallRuleConnectorAnd
 			set.Actions = []*HTTPFirewallActionConfig{
 				{
@@ -561,6 +585,33 @@ func HTTPFirewallTemplate() *HTTPFirewallPolicy {
 			group.AddRuleSet(set)
 		}
 
+		{
+			set := &HTTPFirewallRuleSet{}
+			set.IsOn = true
+			set.Name = "随机URL攻击"
+			set.Description = "限制用户使用随机URL访问网站"
+			set.Code = "8003"
+			set.Connector = HTTPFirewallRuleConnectorAnd
+			set.Actions = []*HTTPFirewallActionConfig{
+				{
+					Code: HTTPFirewallActionBlock,
+					Options: maps.Map{
+						"timeout": 600,
+					},
+				},
+			}
+
+			set.AddRule(&HTTPFirewallRule{
+				IsOn:              true,
+				Param:             "${args}",
+				Operator:          HTTPFirewallRuleOperatorMatch,
+				Value:             `^[0-9a-zA-Z_\-.]{12,}$`,
+				IsCaseInsensitive: false,
+			})
+
+			group.AddRuleSet(set)
+		}
+
 		policy.Inbound.Groups = append(policy.Inbound.Groups, group)
 	}