From a7f58ebc9f8d75ecad96f9ed9502eb9746206b99 Mon Sep 17 00:00:00 2001 From: GoEdgeLab Date: Thu, 7 Dec 2023 11:43:34 +0800 Subject: [PATCH] =?UTF-8?q?WAF=E6=93=8D=E4=BD=9C=E7=AC=A6=E5=A2=9E?= =?UTF-8?q?=E5=8A=A0=E5=8C=85=E5=90=AB=E4=BB=BB=E4=B8=80=E5=8D=95=E8=AF=8D?= =?UTF-8?q?=E3=80=81=E5=8C=85=E5=90=AB=E6=89=80=E6=9C=89=E5=8D=95=E8=AF=8D?= =?UTF-8?q?=E3=80=81=E4=B8=8D=E5=8C=85=E5=90=AB=E4=BB=BB=E4=B8=80=E5=8D=95?= =?UTF-8?q?=E8=AF=8D?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../http_firewall_rule_operator.go | 68 +++++++++++++------ 1 file changed, 46 insertions(+), 22 deletions(-) diff --git a/pkg/serverconfigs/firewallconfigs/http_firewall_rule_operator.go b/pkg/serverconfigs/firewallconfigs/http_firewall_rule_operator.go index f6af197..e9851af 100644 --- a/pkg/serverconfigs/firewallconfigs/http_firewall_rule_operator.go +++ b/pkg/serverconfigs/firewallconfigs/http_firewall_rule_operator.go @@ -4,28 +4,31 @@ type HTTPFirewallRuleOperator = string type HTTPFirewallRuleCaseInsensitive = string const ( - HTTPFirewallRuleOperatorGt HTTPFirewallRuleOperator = "gt" - HTTPFirewallRuleOperatorGte HTTPFirewallRuleOperator = "gte" - HTTPFirewallRuleOperatorLt HTTPFirewallRuleOperator = "lt" - HTTPFirewallRuleOperatorLte HTTPFirewallRuleOperator = "lte" - HTTPFirewallRuleOperatorEq HTTPFirewallRuleOperator = "eq" - HTTPFirewallRuleOperatorNeq HTTPFirewallRuleOperator = "neq" - HTTPFirewallRuleOperatorEqString HTTPFirewallRuleOperator = "eq string" - HTTPFirewallRuleOperatorNeqString HTTPFirewallRuleOperator = "neq string" - HTTPFirewallRuleOperatorMatch HTTPFirewallRuleOperator = "match" - HTTPFirewallRuleOperatorNotMatch HTTPFirewallRuleOperator = "not match" - HTTPFirewallRuleOperatorWildcardMatch HTTPFirewallRuleOperator = "wildcard match" - HTTPFirewallRuleOperatorWildcardNotMatch HTTPFirewallRuleOperator = "wildcard not match" - HTTPFirewallRuleOperatorContains HTTPFirewallRuleOperator = "contains" - HTTPFirewallRuleOperatorNotContains HTTPFirewallRuleOperator = "not contains" - HTTPFirewallRuleOperatorPrefix HTTPFirewallRuleOperator = "prefix" - HTTPFirewallRuleOperatorSuffix HTTPFirewallRuleOperator = "suffix" - HTTPFirewallRuleOperatorContainsAny HTTPFirewallRuleOperator = "contains any" - HTTPFirewallRuleOperatorContainsAll HTTPFirewallRuleOperator = "contains all" - HTTPFirewallRuleOperatorHasKey HTTPFirewallRuleOperator = "has key" // has key in slice or map - HTTPFirewallRuleOperatorVersionGt HTTPFirewallRuleOperator = "version gt" - HTTPFirewallRuleOperatorVersionLt HTTPFirewallRuleOperator = "version lt" - HTTPFirewallRuleOperatorVersionRange HTTPFirewallRuleOperator = "version range" + HTTPFirewallRuleOperatorGt HTTPFirewallRuleOperator = "gt" + HTTPFirewallRuleOperatorGte HTTPFirewallRuleOperator = "gte" + HTTPFirewallRuleOperatorLt HTTPFirewallRuleOperator = "lt" + HTTPFirewallRuleOperatorLte HTTPFirewallRuleOperator = "lte" + HTTPFirewallRuleOperatorEq HTTPFirewallRuleOperator = "eq" + HTTPFirewallRuleOperatorNeq HTTPFirewallRuleOperator = "neq" + HTTPFirewallRuleOperatorEqString HTTPFirewallRuleOperator = "eq string" + HTTPFirewallRuleOperatorNeqString HTTPFirewallRuleOperator = "neq string" + HTTPFirewallRuleOperatorMatch HTTPFirewallRuleOperator = "match" + HTTPFirewallRuleOperatorNotMatch HTTPFirewallRuleOperator = "not match" + HTTPFirewallRuleOperatorWildcardMatch HTTPFirewallRuleOperator = "wildcard match" + HTTPFirewallRuleOperatorWildcardNotMatch HTTPFirewallRuleOperator = "wildcard not match" + HTTPFirewallRuleOperatorContains HTTPFirewallRuleOperator = "contains" + HTTPFirewallRuleOperatorNotContains HTTPFirewallRuleOperator = "not contains" + HTTPFirewallRuleOperatorContainsAnyWord HTTPFirewallRuleOperator = "contains any word" + HTTPFirewallRuleOperatorContainsAllWords HTTPFirewallRuleOperator = "contains all word" + HTTPFirewallRuleOperatorNotContainsAnyWord HTTPFirewallRuleOperator = "not contains any word" + HTTPFirewallRuleOperatorPrefix HTTPFirewallRuleOperator = "prefix" + HTTPFirewallRuleOperatorSuffix HTTPFirewallRuleOperator = "suffix" + HTTPFirewallRuleOperatorContainsAny HTTPFirewallRuleOperator = "contains any" + HTTPFirewallRuleOperatorContainsAll HTTPFirewallRuleOperator = "contains all" + HTTPFirewallRuleOperatorHasKey HTTPFirewallRuleOperator = "has key" // has key in slice or map + HTTPFirewallRuleOperatorVersionGt HTTPFirewallRuleOperator = "version gt" + HTTPFirewallRuleOperatorVersionLt HTTPFirewallRuleOperator = "version lt" + HTTPFirewallRuleOperatorVersionRange HTTPFirewallRuleOperator = "version range" HTTPFirewallRuleOperatorContainsBinary HTTPFirewallRuleOperator = "contains binary" // contains binary HTTPFirewallRuleOperatorNotContainsBinary HTTPFirewallRuleOperator = "not contains binary" // not contains binary @@ -141,6 +144,27 @@ var AllRuleOperators = []*RuleOperatorDefinition{ CaseInsensitive: HTTPFirewallRuleCaseInsensitiveNo, DataType: "string", }, + { + Name: "包含任一单词", + Code: HTTPFirewallRuleOperatorContainsAnyWord, + Description: "包含某个独立单词,对比值中每行一个单词,比如mozilla firefox里包含了mozilla和firefox两个单词,但是不包含fire和fox这两个单词", + CaseInsensitive: HTTPFirewallRuleCaseInsensitiveNo, + DataType: "strings", + }, + { + Name: "包含所有单词", + Code: HTTPFirewallRuleOperatorContainsAllWords, + Description: "包含所有的独立单词,对比值中每行一个单词,比如mozilla firefox里包含了mozilla和firefox两个单词,但是不包含fire和fox这两个单词", + CaseInsensitive: HTTPFirewallRuleCaseInsensitiveNo, + DataType: "strings", + }, + { + Name: "不包含任一单词", + Code: HTTPFirewallRuleOperatorNotContainsAnyWord, + Description: "不包含某个独立单词,对比值中每行一个单词,比如mozilla firefox里包含了mozilla和firefox两个单词,但是不包含fire和fox这两个单词", + CaseInsensitive: HTTPFirewallRuleCaseInsensitiveNo, + DataType: "strings", + }, { Name: "包含二进制数据", Code: HTTPFirewallRuleOperatorContainsBinary,