增加攻击拦截统计

2025-12-28 16:36:36 +08:00 · 2021-07-13 11:04:38 +08:00
parent 102157c893
commit 0486f86898
5 changed files with 28 additions and 5 deletions
--- a/internal/nodes/http_request.go
+++ b/internal/nodes/http_request.go
@@ -67,6 +67,7 @@ type HTTPRequest struct {
 	cacheRef             *serverconfigs.HTTPCacheRef       // 缓存设置
 	cacheKey             string                            // 缓存使用的Key
 	isCached             bool                              // 是否已经被缓存
+	isAttack             bool                              // 是否是攻击请求

 	// WAF相关
 	firewallPolicyId    int64
@@ -243,9 +244,13 @@ func (this *HTTPRequest) doEnd() {
 	// TODO 增加是否开启开关
 	if this.Server != nil {
 		if this.isCached {
-			stats.SharedTrafficStatManager.Add(this.Server.Id, this.Host, this.writer.sentBodyBytes, this.writer.sentBodyBytes, 1, 1)
+			stats.SharedTrafficStatManager.Add(this.Server.Id, this.Host, this.writer.sentBodyBytes, this.writer.sentBodyBytes, 1, 1, 0, 0)
 		} else {
-			stats.SharedTrafficStatManager.Add(this.Server.Id, this.Host, this.writer.sentBodyBytes, 0, 1, 0)
+			if this.isAttack {
+				stats.SharedTrafficStatManager.Add(this.Server.Id, this.Host, this.writer.sentBodyBytes, 0, 1, 0, 1, this.writer.sentBodyBytes)
+			} else {
+				stats.SharedTrafficStatManager.Add(this.Server.Id, this.Host, this.writer.sentBodyBytes, 0, 1, 0, 0, 0)
+			}
 		}
 	}

--- a/internal/nodes/http_request_waf.go
+++ b/internal/nodes/http_request_waf.go
@@ -164,6 +164,10 @@ func (this *HTTPRequest) checkWAFRequest(firewallPolicy *firewallconfigs.HTTPFir
 			this.firewallRuleGroupId = types.Int64(ruleGroup.Id)
 			this.firewallRuleSetId = types.Int64(ruleSet.Id)

+			if ruleSet.Action == waf.ActionBlock {
+				this.isAttack = true
+			}
+
 			// 添加统计
 			stats.SharedHTTPRequestStatManager.AddFirewallRuleGroupId(this.Server.Id, this.firewallRuleGroupId, ruleSet.Action)
 		}
@@ -216,6 +220,10 @@ func (this *HTTPRequest) checkWAFResponse(firewallPolicy *firewallconfigs.HTTPFi
 			this.firewallRuleGroupId = types.Int64(ruleGroup.Id)
 			this.firewallRuleSetId = types.Int64(ruleSet.Id)

+			if ruleSet.Action == waf.ActionBlock {
+				this.isAttack = true
+			}
+
 			// 添加统计
 			stats.SharedHTTPRequestStatManager.AddFirewallRuleGroupId(this.Server.Id, this.firewallRuleGroupId, ruleSet.Action)
 		}
--- a/internal/nodes/listener_tcp.go
+++ b/internal/nodes/listener_tcp.go
@@ -80,7 +80,7 @@ func (this *TCPListener) handleConn(conn net.Conn) error {
 				}

 				// 记录流量
-				stats.SharedTrafficStatManager.Add(firstServer.Id, "", int64(n), 0, 0, 0)
+				stats.SharedTrafficStatManager.Add(firstServer.Id, "", int64(n), 0, 0, 0, 0, 0)
 			}
 			if err != nil {
 				closer()
--- a/internal/nodes/listener_udp.go
+++ b/internal/nodes/listener_udp.go
@@ -164,7 +164,7 @@ func NewUDPConn(serverId int64, addr net.Addr, proxyConn *net.UDPConn, serverCon
 				}

 				// 记录流量
-				stats.SharedTrafficStatManager.Add(serverId, "", int64(n), 0, 0, 0)
+				stats.SharedTrafficStatManager.Add(serverId, "", int64(n), 0, 0, 0, 0, 0)
 			}
 			if err != nil {
 				conn.isOk = false