TRKJ/EdgeNode
2
0
Fork 0
mirror of https://github.com/TeaOSLab/EdgeNode.git synced 2025-12-15 15:16:35 +08:00
Code Issues Packages Projects Releases Wiki Activity

实现WAF

Browse Source
This commit is contained in:
刘祥超
2020-10-08 15:06:42 +08:00
parent 6d2f18387f
commit 04b9a65d4d
110 changed files with 8179 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

51
internal/nodes/http_request_waf.go Normal file
View File

@@ -0,0 +1,51 @@
package nodes
import (
"github.com/TeaOSLab/EdgeNode/internal/waf"
"github.com/iwind/TeaGo/logs"
"net/http"
)
// 调用WAF
func (this *HTTPRequest) doWAFRequest() (blocked bool) {
w := sharedWAFManager.FindWAF(this.web.FirewallPolicy.Id)
if w == nil {
return
}
goNext, _, ruleSet, err := w.MatchRequest(this.RawReq, this.writer)
if err != nil {
logs.Error(err)
return
}
if ruleSet != nil {
if ruleSet.Action != waf.ActionAllow {
// TODO 记录日志
}
}
return !goNext
}
// call response waf
func (this *HTTPRequest) doWAFResponse(resp *http.Response) (blocked bool) {
w := sharedWAFManager.FindWAF(this.web.FirewallPolicy.Id)
if w == nil {
return
}
goNext, _, ruleSet, err := w.MatchResponse(this.RawReq, resp, this.writer)
if err != nil {
logs.Error(err)
return
}
if ruleSet != nil {
if ruleSet.Action != waf.ActionAllow {
// TODO 记录日志
}
}
return !goNext
}