mirror of
https://github.com/TeaOSLab/EdgeCommon.git
synced 2026-03-19 05:15:38 +08:00
WAF策略增加JSCookie动作选项
This commit is contained in:
GoEdgeLab
@@ -12,12 +12,15 @@ type HTTPFirewallBlockAction struct {
|
||||
Timeout int32 `yaml:"timeout" json:"timeout"` // 最小封禁时长
|
||||
TimeoutMax int32 `yaml:"timeoutMax" json:"timeoutMax"` // 最大封禁时长
|
||||
Scope FirewallScope `yaml:"scope" json:"scope"`
|
||||
|
||||
FailBlockScopeAll bool `yaml:"failBlockScopeAll" json:"failBlockScopeAll"`
|
||||
}
|
||||
|
||||
func DefaultHTTPFirewallBlockAction() *HTTPFirewallBlockAction {
|
||||
func NewHTTPFirewallBlockAction() *HTTPFirewallBlockAction {
|
||||
return &HTTPFirewallBlockAction{
|
||||
StatusCode: http.StatusForbidden,
|
||||
Body: "Blocked By WAF",
|
||||
Timeout: 300,
|
||||
StatusCode: http.StatusForbidden,
|
||||
Body: "Blocked By WAF",
|
||||
Timeout: 300,
|
||||
FailBlockScopeAll: true,
|
||||
}
|
||||
}
|
||||
|
||||
@@ -38,7 +38,7 @@ type HTTPFirewallCaptchaAction struct {
|
||||
GeeTestConfig GeeTestConfig `yaml:"geeTestConfig" json:"geeTestConfig"`
|
||||
}
|
||||
|
||||
func DefaultHTTPFirewallCaptchaAction() *HTTPFirewallCaptchaAction {
|
||||
func NewHTTPFirewallCaptchaAction() *HTTPFirewallCaptchaAction {
|
||||
return &HTTPFirewallCaptchaAction{
|
||||
Life: 600,
|
||||
MaxFails: 100,
|
||||
|
||||
@@ -3,6 +3,8 @@
|
||||
package firewallconfigs
|
||||
|
||||
type HTTPFirewallGet302Action struct {
|
||||
IsPrior bool `yaml:"isPrior" json:"isPrior"`
|
||||
|
||||
Life int32 `yaml:"life" json:"life"`
|
||||
Scope FirewallScope `yaml:"scope" json:"scope"`
|
||||
}
|
||||
|
||||
@@ -3,7 +3,21 @@
|
||||
package firewallconfigs
|
||||
|
||||
type HTTPFirewallJavascriptCookieAction struct {
|
||||
Life int32 `yaml:"life" json:"life"` // 有效期
|
||||
MaxFails int `yaml:"maxFails" json:"maxFails"` // 最大失败次数
|
||||
FailBlockTimeout int `yaml:"failBlockTimeout" json:"failBlockTimeout"` // 失败拦截时间
|
||||
IsPrior bool `yaml:"isPrior" json:"isPrior"`
|
||||
|
||||
Life int32 `yaml:"life" json:"life"` // 有效期
|
||||
MaxFails int `yaml:"maxFails" json:"maxFails"` // 最大失败次数
|
||||
FailBlockTimeout int `yaml:"failBlockTimeout" json:"failBlockTimeout"` // 失败拦截时间
|
||||
Scope string `yaml:"scope" json:"scope"`
|
||||
FailBlockScopeAll bool `yaml:"failBlockScopeAll" json:"failBlockScopeAll"`
|
||||
}
|
||||
|
||||
func NewHTTPFirewallJavascriptCookieAction() *HTTPFirewallJavascriptCookieAction {
|
||||
return &HTTPFirewallJavascriptCookieAction{
|
||||
Life: 600,
|
||||
MaxFails: 100,
|
||||
FailBlockTimeout: 3600,
|
||||
Scope: FirewallScopeServer,
|
||||
FailBlockScopeAll: true,
|
||||
}
|
||||
}
|
||||
|
||||
@@ -3,6 +3,8 @@
|
||||
package firewallconfigs
|
||||
|
||||
type HTTPFirewallPost307Action struct {
|
||||
IsPrior bool `yaml:"isPrior" json:"isPrior"`
|
||||
|
||||
Life int32 `yaml:"life" json:"life"`
|
||||
Scope FirewallScope `yaml:"scope" json:"scope"`
|
||||
}
|
||||
|
||||
@@ -13,7 +13,7 @@ type HTTPFirewallPageAction struct {
|
||||
}
|
||||
|
||||
|
||||
func DefaultHTTPFirewallPageAction() *HTTPFirewallPageAction {
|
||||
func NewHTTPFirewallPageAction() *HTTPFirewallPageAction {
|
||||
return &HTTPFirewallPageAction{
|
||||
Status: http.StatusForbidden,
|
||||
Body: `<!DOCTYPE html>
|
||||
|
||||
@@ -6,16 +6,20 @@ const DefaultMaxRequestBodySize int64 = 256 << 10
|
||||
|
||||
// HTTPFirewallPolicy 防火墙策略
|
||||
type HTTPFirewallPolicy struct {
|
||||
Id int64 `yaml:"id" json:"id"`
|
||||
IsOn bool `yaml:"isOn" json:"isOn"`
|
||||
ServerId int64 `yaml:"serverId" json:"serverId"` // 所属网站ID
|
||||
Name string `yaml:"name" json:"name"`
|
||||
Description string `yaml:"description" json:"description"`
|
||||
Inbound *HTTPFirewallInboundConfig `yaml:"inbound" json:"inbound"`
|
||||
Outbound *HTTPFirewallOutboundConfig `yaml:"outbound" json:"outbound"`
|
||||
BlockOptions *HTTPFirewallBlockAction `yaml:"blockOptions" json:"blockOptions"`
|
||||
CaptchaOptions *HTTPFirewallCaptchaAction `yaml:"captchaOptions" json:"captchaOptions"`
|
||||
PageOptions *HTTPFirewallPageAction `yaml:"pageOptions" json:"pageOptions"`
|
||||
Id int64 `yaml:"id" json:"id"`
|
||||
IsOn bool `yaml:"isOn" json:"isOn"`
|
||||
ServerId int64 `yaml:"serverId" json:"serverId"` // 所属网站ID
|
||||
Name string `yaml:"name" json:"name"`
|
||||
Description string `yaml:"description" json:"description"`
|
||||
Inbound *HTTPFirewallInboundConfig `yaml:"inbound" json:"inbound"`
|
||||
Outbound *HTTPFirewallOutboundConfig `yaml:"outbound" json:"outbound"`
|
||||
BlockOptions *HTTPFirewallBlockAction `yaml:"blockOptions" json:"blockOptions"`
|
||||
CaptchaOptions *HTTPFirewallCaptchaAction `yaml:"captchaOptions" json:"captchaOptions"`
|
||||
PageOptions *HTTPFirewallPageAction `yaml:"pageOptions" json:"pageOptions"`
|
||||
Get302Options *HTTPFirewallGet302Action `yaml:"get302Options" json:"get302Options"`
|
||||
Post307Options *HTTPFirewallPost307Action `yaml:"post307Options" json:"post307Options"`
|
||||
JSCookieOptions *HTTPFirewallJavascriptCookieAction `yaml:"jsCookieOptions" json:"jsCookieOptions"`
|
||||
|
||||
Mode FirewallMode `yaml:"mode" json:"mode"`
|
||||
UseLocalFirewall bool `yaml:"useLocalFirewall" json:"useLocalFirewall"`
|
||||
SYNFlood *SYNFloodConfig `yaml:"synFlood" json:"synFlood"`
|
||||
|
||||
@@ -11,7 +11,7 @@ type SYNFloodConfig struct {
|
||||
IgnoreLocal bool `yaml:"ignoreLocal" json:"ignoreLocal"` // 忽略本地IP
|
||||
}
|
||||
|
||||
func DefaultSYNFloodConfig() *SYNFloodConfig {
|
||||
func NewSYNFloodConfig() *SYNFloodConfig {
|
||||
return &SYNFloodConfig{
|
||||
IsOn: false,
|
||||
MinAttempts: 10,
|
||||
|
||||
Reference in New Issue
Block a user