From e948d1b4c9e443c9c16c7a48e74d26f8ae118a98 Mon Sep 17 00:00:00 2001
From: GoEdgeLab <goedgecloud@gmail.com>
Date: Mon, 10 Jan 2022 10:27:08 +0800
Subject: [PATCH] =?UTF-8?q?WAF=E6=A8=A1=E6=9D=BF--=E7=88=AC=E8=99=AB?=
 =?UTF-8?q?=E5=B7=A5=E5=85=B7=E5=A2=9E=E5=8A=A0=E7=99=BD=E5=90=8D=E5=8D=95?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../firewallconfigs/http_firewall_template.go          | 10 +++++++++-
 1 file changed, 9 insertions(+), 1 deletion(-)

diff --git a/pkg/serverconfigs/firewallconfigs/http_firewall_template.go b/pkg/serverconfigs/firewallconfigs/http_firewall_template.go
index 0eadc65..8c435a1 100644
--- a/pkg/serverconfigs/firewallconfigs/http_firewall_template.go
+++ b/pkg/serverconfigs/firewallconfigs/http_firewall_template.go
@@ -446,7 +446,7 @@ func HTTPFirewallTemplate() *HTTPFirewallPolicy {
 			set.IsOn = true
 			set.Name = "爬虫工具"
 			set.Code = "20003"
-			set.Connector = HTTPFirewallRuleConnectorOr
+			set.Connector = HTTPFirewallRuleConnectorAnd
 			set.Actions = []*HTTPFirewallActionConfig{
 				{
 					Code: HTTPFirewallActionBlock,
@@ -460,6 +460,14 @@ func HTTPFirewallTemplate() *HTTPFirewallPolicy {
 				Value:             `python|pycurl|http-client|httpclient|apachebench|nethttp|http_request|java|perl|ruby|scrapy|php|rust`,
 				IsCaseInsensitive: true,
 			})
+			set.AddRule(&HTTPFirewallRule{
+				IsOn:              true,
+				Param:             "${userAgent}",
+				Operator:          HTTPFirewallRuleOperatorNotMatch,
+				Value:             `goedge`,
+				IsCaseInsensitive: true,
+				Description:       "User-Agent白名单",
+			})
 
 			group.AddRuleSet(set)
 		}