TRKJ/EdgeCommon
2
0
Fork 0
mirror of https://github.com/TeaOSLab/EdgeCommon.git synced 2025-11-09 00:20:25 +08:00
Code Issues Packages Projects Releases Wiki Activity

WAF策略模板将部分拦截动作(block)改为显示网页(page)

Browse Source
This commit is contained in:
GoEdgeLab
2023-12-09 19:25:06 +08:00
parent e12a379f4d
commit 771fb61eed
1 changed files with 13 additions and 13 deletions
Download Patch File Download Diff File Expand all files Collapse all files

26
pkg/serverconfigs/firewallconfigs/http_firewall_template.go
View File

@@ -66,7 +66,8 @@ func HTTPFirewallTemplate() *HTTPFirewallPolicy {
set.Connector = HTTPFirewallRuleConnectorOr set.Connector = HTTPFirewallRuleConnectorOr
set.Actions = []*HTTPFirewallActionConfig{ set.Actions = []*HTTPFirewallActionConfig{
{ {
Code: HTTPFirewallActionBlock, Code: HTTPFirewallActionPage,
Options: maps.Map{"status": 403, "body": ""},
}, },
} }
set.AddRule(&HTTPFirewallRule{ set.AddRule(&HTTPFirewallRule{
@@ -99,7 +100,8 @@ func HTTPFirewallTemplate() *HTTPFirewallPolicy {
set.Connector = HTTPFirewallRuleConnectorOr set.Connector = HTTPFirewallRuleConnectorOr
set.Actions = []*HTTPFirewallActionConfig{ set.Actions = []*HTTPFirewallActionConfig{
{ {
Code: HTTPFirewallActionBlock, Code: HTTPFirewallActionPage,
Options: maps.Map{"status": 403, "body": ""},
}, },
} }
set.AddRule(&HTTPFirewallRule{ set.AddRule(&HTTPFirewallRule{
@@ -131,7 +133,8 @@ func HTTPFirewallTemplate() *HTTPFirewallPolicy {
set.Connector = HTTPFirewallRuleConnectorOr set.Connector = HTTPFirewallRuleConnectorOr
set.Actions = []*HTTPFirewallActionConfig{ set.Actions = []*HTTPFirewallActionConfig{
{ {
Code: HTTPFirewallActionBlock, Code: HTTPFirewallActionPage,
Options: maps.Map{"status": 403, "body": ""},
}, },
} }
set.AddRule(&HTTPFirewallRule{ set.AddRule(&HTTPFirewallRule{
@@ -171,14 +174,15 @@ func HTTPFirewallTemplate() *HTTPFirewallPolicy {
set.Connector = HTTPFirewallRuleConnectorOr set.Connector = HTTPFirewallRuleConnectorOr
set.Actions = []*HTTPFirewallActionConfig{ set.Actions = []*HTTPFirewallActionConfig{
{ {
Code: HTTPFirewallActionBlock, Code: HTTPFirewallActionPage,
Options: maps.Map{"status": 403, "body": ""},
}, },
} }
set.AddRule(&HTTPFirewallRule{ set.AddRule(&HTTPFirewallRule{
IsOn: true, IsOn: true,
Param: "${requestURI}", Param: "${requestURI}",
Operator: HTTPFirewallRuleOperatorMatch, Operator: HTTPFirewallRuleOperatorMatch,
Value: `((\.+)(/+)){2,}`, // TODO more keywords here Value: `((\.+)(/+)){2,}`,
IsCaseInsensitive: false, IsCaseInsensitive: false,
}) })
group.AddRuleSet(set) group.AddRuleSet(set)
@@ -459,10 +463,8 @@ func HTTPFirewallTemplate() *HTTPFirewallPolicy {
set.Connector = HTTPFirewallRuleConnectorAnd set.Connector = HTTPFirewallRuleConnectorAnd
set.Actions = []*HTTPFirewallActionConfig{ set.Actions = []*HTTPFirewallActionConfig{
{ {
Code: HTTPFirewallActionBlock, Code: HTTPFirewallActionPage,
Options: maps.Map{ Options: maps.Map{"status": 403, "body": ""},
"timeout": 1800,
},
}, },
} }
@@ -498,10 +500,8 @@ func HTTPFirewallTemplate() *HTTPFirewallPolicy {
set.Connector = HTTPFirewallRuleConnectorAnd set.Connector = HTTPFirewallRuleConnectorAnd
set.Actions = []*HTTPFirewallActionConfig{ set.Actions = []*HTTPFirewallActionConfig{
{ {
Code: HTTPFirewallActionBlock, Code: HTTPFirewallActionPage,
Options: maps.Map{ Options: maps.Map{"status": 403, "body": ""},
"timeout": 60,
},
}, },
} }