EdgeNode/internal/waf/action_record_ip.go

package waf

import (
	"github.com/TeaOSLab/EdgeCommon/pkg/rpc/pb"
	"github.com/TeaOSLab/EdgeCommon/pkg/serverconfigs/firewallconfigs"
	"github.com/TeaOSLab/EdgeCommon/pkg/serverconfigs/ipconfigs"
	teaconst "github.com/TeaOSLab/EdgeNode/internal/const"
	"github.com/TeaOSLab/EdgeNode/internal/events"
	"github.com/TeaOSLab/EdgeNode/internal/goman"
	"github.com/TeaOSLab/EdgeNode/internal/remotelogs"
	"github.com/TeaOSLab/EdgeNode/internal/rpc"
	memutils "github.com/TeaOSLab/EdgeNode/internal/utils/mem"
	"github.com/TeaOSLab/EdgeNode/internal/waf/requests"
	"github.com/iwind/TeaGo/types"
	"net/http"
	"strings"
	"time"
)

type recordIPTask struct {
	ip        string
	listId    int64
	expiresAt int64
	level     string
	serverId  int64

	reason string

	sourceServerId                int64
	sourceHTTPFirewallPolicyId    int64
	sourceHTTPFirewallRuleGroupId int64
	sourceHTTPFirewallRuleSetId   int64
}

var recordIPTaskChan = make(chan *recordIPTask, 512)

func init() {
	if !teaconst.IsMain {
		return
	}

	var memGB = memutils.SystemMemoryGB()
	if memGB > 16 {
		recordIPTaskChan = make(chan *recordIPTask, 4<<10)
	} else if memGB > 8 {
		recordIPTaskChan = make(chan *recordIPTask, 2<<10)
	} else if memGB > 4 {
		recordIPTaskChan = make(chan *recordIPTask, 1<<10)
	}

	events.On(events.EventLoaded, func() {
		goman.New(func() {
			rpcClient, err := rpc.SharedRPC()
			if err != nil {
				remotelogs.Error("WAF_RECORD_IP_ACTION", "create rpc client failed: "+err.Error())
				return
			}

			const maxItems = 512 // 每次上传的最大IP数

			for {
				var pbItemMap = map[string]*pb.CreateIPItemsRequest_IPItem{} // ip => IPItem

				func() {
					for {
						select {
						case task := <-recordIPTaskChan:
							var ipType = "ipv4"
							if strings.Contains(task.ip, ":") {
								ipType = "ipv6"
							}
							var reason = task.reason
							if len(reason) == 0 {
								reason = "触发WAF规则自动加入"
							}

							pbItemMap[task.ip] = &pb.CreateIPItemsRequest_IPItem{
								IpListId:                      task.listId,
								Value:                         task.ip,
								IpFrom:                        task.ip,
								IpTo:                          "",
								ExpiredAt:                     task.expiresAt,
								Reason:                        reason,
								Type:                          ipType,
								EventLevel:                    task.level,
								ServerId:                      task.serverId,
								SourceNodeId:                  teaconst.NodeId,
								SourceServerId:                task.sourceServerId,
								SourceHTTPFirewallPolicyId:    task.sourceHTTPFirewallPolicyId,
								SourceHTTPFirewallRuleGroupId: task.sourceHTTPFirewallRuleGroupId,
								SourceHTTPFirewallRuleSetId:   task.sourceHTTPFirewallRuleSetId,
							}

							if len(pbItemMap) >= maxItems {
								return
							}
						default:
							return
						}
					}
				}()

				if len(pbItemMap) > 0 {
					var pbItems = []*pb.CreateIPItemsRequest_IPItem{}
					for _, pbItem := range pbItemMap {
						pbItems = append(pbItems, pbItem)
					}

					for i := 0; i < 5; /* max tries */ i++ {
						_, err = rpcClient.IPItemRPC.CreateIPItems(rpcClient.Context(), &pb.CreateIPItemsRequest{IpItems: pbItems})
						if err != nil {
							remotelogs.Error("WAF_RECORD_IP_ACTION", "create ip item failed: "+err.Error())
							time.Sleep(1 * time.Second)
						} else {
							break
						}
					}
				} else {
					time.Sleep(1 * time.Second)
				}
			}
		})
	})
}

type RecordIPAction struct {
	BaseAction

	Type            string `yaml:"type" json:"type"`
	IPListId        int64  `yaml:"ipListId" json:"ipListId"`
	IPListIsDeleted bool   `yaml:"ipListIsDeleted" json:"ipListIsDeleted"`
	Level           string `yaml:"level" json:"level"`
	Timeout         int32  `yaml:"timeout" json:"timeout"`
	Scope           string `yaml:"scope" json:"scope"`
}

func (this *RecordIPAction) Init(waf *WAF) error {
	return nil
}

func (this *RecordIPAction) Code() string {
	return ActionRecordIP
}

func (this *RecordIPAction) IsAttack() bool {
	return this.Type == ipconfigs.IPListTypeBlack
}

func (this *RecordIPAction) WillChange() bool {
	return this.Type == ipconfigs.IPListTypeBlack
}

func (this *RecordIPAction) Perform(waf *WAF, group *RuleGroup, set *RuleSet, request requests.Request, writer http.ResponseWriter) PerformResult {
	var ipListId = this.IPListId

	if ipListId <= 0 || firewallconfigs.IsGlobalListId(ipListId) {
		// server or policy list ids
		switch this.Type {
		case ipconfigs.IPListTypeWhite:
			ipListId = waf.AllowListId
		case ipconfigs.IPListTypeBlack:
			ipListId = waf.DenyListId
		case ipconfigs.IPListTypeGrey:
			ipListId = waf.GreyListId
		}

		// global list ids
		if ipListId <= 0 {
			ipListId = firewallconfigs.FindGlobalListIdWithType(this.Type)
			if ipListId <= 0 {
				ipListId = firewallconfigs.GlobalBlackListId
			}
		}
	}

	// 是否已删除
	var ipListIsAvailable = (firewallconfigs.IsGlobalListId(ipListId)) || (ipListId > 0 && !this.IPListIsDeleted && !ExistDeletedIPList(ipListId))

	// 是否在本地白名单中
	if SharedIPWhiteList.Contains("set:"+types.String(set.Id), this.Scope, request.WAFServerId(), request.WAFRemoteIP()) {
		return PerformResult{
			ContinueRequest: true,
			IsAllowed:       true,
			AllowScope:      AllowScopeGlobal,
		}
	}

	var timeout = this.Timeout
	var isForever = false
	if timeout <= 0 {
		isForever = true
		timeout = 86400 // 1天
	}
	var expiresAt = time.Now().Unix() + int64(timeout)

	var isGrey bool
	var isWhite bool

	if this.Type == ipconfigs.IPListTypeBlack {
		request.ProcessResponseHeaders(writer.Header(), http.StatusForbidden)
		writer.WriteHeader(http.StatusForbidden)

		request.WAFClose()

		// 先加入本地的黑名单
		if ipListIsAvailable {
			SharedIPBlackList.Add(IPTypeAll, this.Scope, request.WAFServerId(), request.WAFRemoteIP(), expiresAt)
		}
	} else if this.Type == ipconfigs.IPListTypeGrey {
		isGrey = true
	} else {
		isWhite = true

		// 加入本地白名单
		if ipListIsAvailable {
			SharedIPWhiteList.Add("set:"+types.String(set.Id), this.Scope, request.WAFServerId(), request.WAFRemoteIP(), expiresAt)
		}
	}

	// 上报
	if ipListId > 0 && ipListIsAvailable {
		var serverId int64
		if this.Scope == firewallconfigs.FirewallScopeServer {
			serverId = request.WAFServerId()
		}

		var realExpiresAt = expiresAt
		if isForever {
			realExpiresAt = 0
		}

		select {
		case recordIPTaskChan <- &recordIPTask{
			ip:                            request.WAFRemoteIP(),
			listId:                        ipListId,
			expiresAt:                     realExpiresAt,
			level:                         this.Level,
			serverId:                      serverId,
			sourceServerId:                request.WAFServerId(),
			sourceHTTPFirewallPolicyId:    waf.Id,
			sourceHTTPFirewallRuleGroupId: group.Id,
			sourceHTTPFirewallRuleSetId:   set.Id,
		}:
		default:

		}
	}

	return PerformResult{
		ContinueRequest: isWhite || isGrey,
		IsAllowed:       isWhite,
		AllowScope:      AllowScopeGlobal,
	}
}
WAF增加多个动作 2021-07-18 15:51:49 +08:00			`package waf`

			`import (`
			`"github.com/TeaOSLab/EdgeCommon/pkg/rpc/pb"`
WAF规则匹配后的IP也会上报/实现IP全局名单/将名单存储到本地数据库，提升读写速度 2021-11-17 16:16:09 +08:00			`"github.com/TeaOSLab/EdgeCommon/pkg/serverconfigs/firewallconfigs"`
IP名单优化 * 增加IP灰名单，用于仅记录并观察IP * 优化IP名单同步版本号管理 * WAF记录IP动作优先记录到网站和策略相关的IP名单中 2024-05-05 19:10:46 +08:00			`"github.com/TeaOSLab/EdgeCommon/pkg/serverconfigs/ipconfigs"`
IP名单中IP创建时保存相关节点、服务、WAF策略信息 2021-11-16 16:11:05 +08:00			`teaconst "github.com/TeaOSLab/EdgeNode/internal/const"`
WAF增加多个动作 2021-07-18 15:51:49 +08:00			`"github.com/TeaOSLab/EdgeNode/internal/events"`
优化系统goroutine使用，减少goroutine数量，增加goman查看goroutine数量指令 2021-12-08 15:17:45 +08:00			`"github.com/TeaOSLab/EdgeNode/internal/goman"`
WAF增加多个动作 2021-07-18 15:51:49 +08:00			`"github.com/TeaOSLab/EdgeNode/internal/remotelogs"`
			`"github.com/TeaOSLab/EdgeNode/internal/rpc"`
上传IP增加失败重试 2024-05-07 17:55:28 +08:00			`memutils "github.com/TeaOSLab/EdgeNode/internal/utils/mem"`
WAF增加多个动作 2021-07-18 15:51:49 +08:00			`"github.com/TeaOSLab/EdgeNode/internal/waf/requests"`
IP名单中IP创建时保存相关节点、服务、WAF策略信息 2021-11-16 16:11:05 +08:00			`"github.com/iwind/TeaGo/types"`
WAF增加多个动作 2021-07-18 15:51:49 +08:00			`"net/http"`
			`"strings"`
			`"time"`
			`)`

			`type recordIPTask struct {`
			`ip string`
			`listId int64`
修复WAF记录IP动作时无法不超时的Bug 2022-12-06 11:01:34 +08:00			`expiresAt int64`
WAF增加多个动作 2021-07-18 15:51:49 +08:00			`level string`
WAF规则匹配后的IP也会上报/实现IP全局名单/将名单存储到本地数据库，提升读写速度 2021-11-17 16:16:09 +08:00			`serverId int64`
IP名单中IP创建时保存相关节点、服务、WAF策略信息 2021-11-16 16:11:05 +08:00
实现自动SYN Flood防护 2022-01-10 19:54:10 +08:00			`reason string`

IP名单中IP创建时保存相关节点、服务、WAF策略信息 2021-11-16 16:11:05 +08:00			`sourceServerId int64`
			`sourceHTTPFirewallPolicyId int64`
			`sourceHTTPFirewallRuleGroupId int64`
			`sourceHTTPFirewallRuleSetId int64`
WAF增加多个动作 2021-07-18 15:51:49 +08:00			`}`

上传IP增加失败重试 2024-05-07 17:55:28 +08:00			`var recordIPTaskChan = make(chan *recordIPTask, 512)`
WAF增加多个动作 2021-07-18 15:51:49 +08:00
			`func init() {`
执行一般命令时不运行init()中内容 2023-03-10 15:14:14 +08:00			`if !teaconst.IsMain {`
			`return`
			`}`

上传IP增加失败重试 2024-05-07 17:55:28 +08:00			`var memGB = memutils.SystemMemoryGB()`
			`if memGB > 16 {`
			`recordIPTaskChan = make(chan *recordIPTask, 4<<10)`
			`} else if memGB > 8 {`
			`recordIPTaskChan = make(chan *recordIPTask, 2<<10)`
			`} else if memGB > 4 {`
			`recordIPTaskChan = make(chan *recordIPTask, 1<<10)`
			`}`

WAF增加多个动作 2021-07-18 15:51:49 +08:00			`events.On(events.EventLoaded, func() {`
优化系统goroutine使用，减少goroutine数量，增加goman查看goroutine数量指令 2021-12-08 15:17:45 +08:00			`goman.New(func() {`
WAF增加多个动作 2021-07-18 15:51:49 +08:00			`rpcClient, err := rpc.SharedRPC()`
			`if err != nil {`
			`remotelogs.Error("WAF_RECORD_IP_ACTION", "create rpc client failed: "+err.Error())`
			`return`
			`}`

优化WAF黑名单处理 2023-03-31 21:37:15 +08:00			`const maxItems = 512 // 每次上传的最大IP数`

			`for {`
优化IP名单上传程序 2023-04-01 20:51:49 +08:00			`var pbItemMap = map[string]*pb.CreateIPItemsRequest_IPItem{} // ip => IPItem`
优化WAF黑名单处理 2023-03-31 21:37:15 +08:00
			`func() {`
			`for {`
			`select {`
			`case task := <-recordIPTaskChan:`
			`var ipType = "ipv4"`
			`if strings.Contains(task.ip, ":") {`
			`ipType = "ipv6"`
			`}`
			`var reason = task.reason`
			`if len(reason) == 0 {`
			`reason = "触发WAF规则自动加入"`
			`}`

优化IP名单上传程序 2023-04-01 20:51:49 +08:00			`pbItemMap[task.ip] = &pb.CreateIPItemsRequest_IPItem{`
优化WAF黑名单处理 2023-03-31 21:37:15 +08:00			`IpListId: task.listId,`
上传封禁IP时同时传入原始IP值 2024-04-13 16:49:45 +08:00			`Value: task.ip,`
优化WAF黑名单处理 2023-03-31 21:37:15 +08:00			`IpFrom: task.ip,`
			`IpTo: "",`
			`ExpiredAt: task.expiresAt,`
			`Reason: reason,`
			`Type: ipType,`
			`EventLevel: task.level,`
			`ServerId: task.serverId,`
			`SourceNodeId: teaconst.NodeId,`
			`SourceServerId: task.sourceServerId,`
			`SourceHTTPFirewallPolicyId: task.sourceHTTPFirewallPolicyId,`
			`SourceHTTPFirewallRuleGroupId: task.sourceHTTPFirewallRuleGroupId,`
			`SourceHTTPFirewallRuleSetId: task.sourceHTTPFirewallRuleSetId,`
优化IP名单上传程序 2023-04-01 20:51:49 +08:00			`}`
优化WAF黑名单处理 2023-03-31 21:37:15 +08:00
优化IP名单上传程序 2023-04-01 20:51:49 +08:00			`if len(pbItemMap) >= maxItems {`
优化WAF黑名单处理 2023-03-31 21:37:15 +08:00			`return`
			`}`
			`default:`
			`return`
			`}`
			`}`
			`}()`

优化IP名单上传程序 2023-04-01 20:51:49 +08:00			`if len(pbItemMap) > 0 {`
			`var pbItems = []*pb.CreateIPItemsRequest_IPItem{}`
			`for _, pbItem := range pbItemMap {`
			`pbItems = append(pbItems, pbItem)`
			`}`
上传IP增加失败重试 2024-05-07 17:55:28 +08:00
			`for i := 0; i < 5; /* max tries */ i++ {`
			`_, err = rpcClient.IPItemRPC.CreateIPItems(rpcClient.Context(), &pb.CreateIPItemsRequest{IpItems: pbItems})`
			`if err != nil {`
			`remotelogs.Error("WAF_RECORD_IP_ACTION", "create ip item failed: "+err.Error())`
			`time.Sleep(1 * time.Second)`
			`} else {`
			`break`
			`}`
优化WAF黑名单处理 2023-03-31 21:37:15 +08:00			`}`
			`} else {`
			`time.Sleep(1 * time.Second)`
WAF增加多个动作 2021-07-18 15:51:49 +08:00			`}`
			`}`
优化系统goroutine使用，减少goroutine数量，增加goman查看goroutine数量指令 2021-12-08 15:17:45 +08:00			`})`
WAF增加多个动作 2021-07-18 15:51:49 +08:00			`})`
			`}`

			`type RecordIPAction struct {`
			`BaseAction`

优化删除IP名单时操作 2023-09-13 17:17:05 +08:00			Type string `yaml:"type" json:"type"`
			IPListId int64 `yaml:"ipListId" json:"ipListId"`
			IPListIsDeleted bool `yaml:"ipListIsDeleted" json:"ipListIsDeleted"`
			Level string `yaml:"level" json:"level"`
			Timeout int32 `yaml:"timeout" json:"timeout"`
			Scope string `yaml:"scope" json:"scope"`
WAF增加多个动作 2021-07-18 15:51:49 +08:00			`}`

			`func (this RecordIPAction) Init(waf WAF) error {`
			`return nil`
			`}`

			`func (this *RecordIPAction) Code() string {`
			`return ActionRecordIP`
			`}`

			`func (this *RecordIPAction) IsAttack() bool {`
IP名单优化 * 增加IP灰名单，用于仅记录并观察IP * 优化IP名单同步版本号管理 * WAF记录IP动作优先记录到网站和策略相关的IP名单中 2024-05-05 19:10:46 +08:00			`return this.Type == ipconfigs.IPListTypeBlack`
WAF增加多个动作 2021-07-18 15:51:49 +08:00			`}`

			`func (this *RecordIPAction) WillChange() bool {`
IP名单优化 * 增加IP灰名单，用于仅记录并观察IP * 优化IP名单同步版本号管理 * WAF记录IP动作优先记录到网站和策略相关的IP名单中 2024-05-05 19:10:46 +08:00			`return this.Type == ipconfigs.IPListTypeBlack`
WAF增加多个动作 2021-07-18 15:51:49 +08:00			`}`

WAF允许动作默认跳过所有规则 2024-01-20 20:54:41 +08:00			`func (this RecordIPAction) Perform(waf WAF, group RuleGroup, set RuleSet, request requests.Request, writer http.ResponseWriter) PerformResult {`
WAF记录IP动作中IP名单如果为空时，默认为全局黑名单 2023-10-15 09:34:50 +08:00			`var ipListId = this.IPListId`
IP名单优化 * 增加IP灰名单，用于仅记录并观察IP * 优化IP名单同步版本号管理 * WAF记录IP动作优先记录到网站和策略相关的IP名单中 2024-05-05 19:10:46 +08:00
			`if ipListId <= 0 \|\| firewallconfigs.IsGlobalListId(ipListId) {`
			`// server or policy list ids`
			`switch this.Type {`
			`case ipconfigs.IPListTypeWhite:`
			`ipListId = waf.AllowListId`
			`case ipconfigs.IPListTypeBlack:`
			`ipListId = waf.DenyListId`
			`case ipconfigs.IPListTypeGrey:`
			`ipListId = waf.GreyListId`
			`}`

			`// global list ids`
			`if ipListId <= 0 {`
			`ipListId = firewallconfigs.FindGlobalListIdWithType(this.Type)`
			`if ipListId <= 0 {`
			`ipListId = firewallconfigs.GlobalBlackListId`
			`}`
			`}`
WAF记录IP动作中IP名单如果为空时，默认为全局黑名单 2023-10-15 09:34:50 +08:00			`}`

优化删除IP名单时操作 2023-09-13 17:17:05 +08:00			`// 是否已删除`
IP名单优化 * 增加IP灰名单，用于仅记录并观察IP * 优化IP名单同步版本号管理 * WAF记录IP动作优先记录到网站和策略相关的IP名单中 2024-05-05 19:10:46 +08:00			`var ipListIsAvailable = (firewallconfigs.IsGlobalListId(ipListId)) \|\| (ipListId > 0 && !this.IPListIsDeleted && !ExistDeletedIPList(ipListId))`
优化删除IP名单时操作 2023-09-13 17:17:05 +08:00
WAF增加多个动作 2021-07-18 15:51:49 +08:00			`// 是否在本地白名单中`
IP名单中IP创建时保存相关节点、服务、WAF策略信息 2021-11-16 16:11:05 +08:00			`if SharedIPWhiteList.Contains("set:"+types.String(set.Id), this.Scope, request.WAFServerId(), request.WAFRemoteIP()) {`
WAF允许动作默认跳过所有规则 2024-01-20 20:54:41 +08:00			`return PerformResult{`
			`ContinueRequest: true,`
			`IsAllowed: true,`
			`AllowScope: AllowScopeGlobal,`
			`}`
WAF增加多个动作 2021-07-18 15:51:49 +08:00			`}`

修复WAF记录IP动作时无法不超时的Bug 2022-12-06 11:01:34 +08:00			`var timeout = this.Timeout`
			`var isForever = false`
WAF增加多个动作 2021-07-18 15:51:49 +08:00			`if timeout <= 0 {`
修复WAF记录IP动作时无法不超时的Bug 2022-12-06 11:01:34 +08:00			`isForever = true`
WAF增加多个动作 2021-07-18 15:51:49 +08:00			`timeout = 86400 // 1天`
			`}`
修复WAF记录IP动作时无法不超时的Bug 2022-12-06 11:01:34 +08:00			`var expiresAt = time.Now().Unix() + int64(timeout)`
WAF增加多个动作 2021-07-18 15:51:49 +08:00
IP名单优化 * 增加IP灰名单，用于仅记录并观察IP * 优化IP名单同步版本号管理 * WAF记录IP动作优先记录到网站和策略相关的IP名单中 2024-05-05 19:10:46 +08:00			`var isGrey bool`
			`var isWhite bool`

			`if this.Type == ipconfigs.IPListTypeBlack {`
WAF在输出内容时也加入自定义的响应报头 2023-06-11 10:46:20 +08:00			`request.ProcessResponseHeaders(writer.Header(), http.StatusForbidden)`
WAF动作record_ip返回403/优化关闭连接方法 2021-10-12 09:06:28 +08:00			`writer.WriteHeader(http.StatusForbidden)`

			`request.WAFClose()`
WAF增加多个动作 2021-07-18 15:51:49 +08:00
WAF动作支持有效范围 2021-10-18 20:08:43 +08:00			`// 先加入本地的黑名单`
优化删除IP名单时操作 2023-09-13 17:17:05 +08:00			`if ipListIsAvailable {`
			`SharedIPBlackList.Add(IPTypeAll, this.Scope, request.WAFServerId(), request.WAFRemoteIP(), expiresAt)`
			`}`
IP名单优化 * 增加IP灰名单，用于仅记录并观察IP * 优化IP名单同步版本号管理 * WAF记录IP动作优先记录到网站和策略相关的IP名单中 2024-05-05 19:10:46 +08:00			`} else if this.Type == ipconfigs.IPListTypeGrey {`
			`isGrey = true`
WAF增加多个动作 2021-07-18 15:51:49 +08:00			`} else {`
IP名单优化 * 增加IP灰名单，用于仅记录并观察IP * 优化IP名单同步版本号管理 * WAF记录IP动作优先记录到网站和策略相关的IP名单中 2024-05-05 19:10:46 +08:00			`isWhite = true`

WAF增加多个动作 2021-07-18 15:51:49 +08:00			`// 加入本地白名单`
优化删除IP名单时操作 2023-09-13 17:17:05 +08:00			`if ipListIsAvailable {`
			`SharedIPWhiteList.Add("set:"+types.String(set.Id), this.Scope, request.WAFServerId(), request.WAFRemoteIP(), expiresAt)`
			`}`
WAF增加多个动作 2021-07-18 15:51:49 +08:00			`}`

			`// 上报`
WAF记录IP动作中IP名单如果为空时，默认为全局黑名单 2023-10-15 09:34:50 +08:00			`if ipListId > 0 && ipListIsAvailable {`
WAF规则匹配后的IP也会上报/实现IP全局名单/将名单存储到本地数据库，提升读写速度 2021-11-17 16:16:09 +08:00			`var serverId int64`
优化WAF * 信息加密使用struct代替map，以缩短加密后内容长度 * 拦截动作、人机识别动作增加是否尝试全局封禁选项 * JSCookie识别动作增加默认设置选项 * 人机识别中传入info参数异常时，尝试跳转到来源地址，避免直接提示invalid request 2024-04-07 14:31:22 +08:00			`if this.Scope == firewallconfigs.FirewallScopeServer {`
WAF规则匹配后的IP也会上报/实现IP全局名单/将名单存储到本地数据库，提升读写速度 2021-11-17 16:16:09 +08:00			`serverId = request.WAFServerId()`
			`}`

修复WAF记录IP动作时无法不超时的Bug 2022-12-06 11:01:34 +08:00			`var realExpiresAt = expiresAt`
			`if isForever {`
			`realExpiresAt = 0`
			`}`

WAF增加多个动作 2021-07-18 15:51:49 +08:00			`select {`
			`case recordIPTaskChan <- &recordIPTask{`
IP名单中IP创建时保存相关节点、服务、WAF策略信息 2021-11-16 16:11:05 +08:00			`ip: request.WAFRemoteIP(),`
WAF记录IP动作中IP名单如果为空时，默认为全局黑名单 2023-10-15 09:34:50 +08:00			`listId: ipListId,`
修复WAF记录IP动作时无法不超时的Bug 2022-12-06 11:01:34 +08:00			`expiresAt: realExpiresAt,`
IP名单中IP创建时保存相关节点、服务、WAF策略信息 2021-11-16 16:11:05 +08:00			`level: this.Level,`
WAF规则匹配后的IP也会上报/实现IP全局名单/将名单存储到本地数据库，提升读写速度 2021-11-17 16:16:09 +08:00			`serverId: serverId,`
IP名单中IP创建时保存相关节点、服务、WAF策略信息 2021-11-16 16:11:05 +08:00			`sourceServerId: request.WAFServerId(),`
			`sourceHTTPFirewallPolicyId: waf.Id,`
			`sourceHTTPFirewallRuleGroupId: group.Id,`
			`sourceHTTPFirewallRuleSetId: set.Id,`
WAF增加多个动作 2021-07-18 15:51:49 +08:00			`}:`
			`default:`

			`}`
			`}`

WAF允许动作默认跳过所有规则 2024-01-20 20:54:41 +08:00			`return PerformResult{`
IP名单优化 * 增加IP灰名单，用于仅记录并观察IP * 优化IP名单同步版本号管理 * WAF记录IP动作优先记录到网站和策略相关的IP名单中 2024-05-05 19:10:46 +08:00			`ContinueRequest: isWhite \|\| isGrey,`
WAF允许动作默认跳过所有规则 2024-01-20 20:54:41 +08:00			`IsAllowed: isWhite,`
			`AllowScope: AllowScopeGlobal,`
			`}`
WAF增加多个动作 2021-07-18 15:51:49 +08:00			`}`