WAF增加多个动作

2026-01-03 04:26:35 +08:00 · 2021-07-18 15:51:49 +08:00
parent fb91c40e09
commit 13f619e142
98 changed files with 1999 additions and 903 deletions
--- a/internal/waf/action_get_302.go
+++ b/internal/waf/action_get_302.go
@@ -0,0 +1,71 @@
+package waf
+
+import (
+	"github.com/TeaOSLab/EdgeNode/internal/remotelogs"
+	"github.com/TeaOSLab/EdgeNode/internal/utils"
+	"github.com/TeaOSLab/EdgeNode/internal/waf/requests"
+	"github.com/iwind/TeaGo/maps"
+	"net/http"
+	"net/url"
+	"time"
+)
+
+const (
+	Get302Path = "/WAF/VERIFY/GET"
+)
+
+// Get302Action
+// 原理：  origin url --> 302 verify url --> origin url
+// TODO 将来支持meta refresh验证
+type Get302Action struct {
+	BaseAction
+
+	Life int32 `yaml:"life" json:"life"`
+}
+
+func (this *Get302Action) Init(waf *WAF) error {
+	return nil
+}
+
+func (this *Get302Action) Code() string {
+	return ActionGet302
+}
+
+func (this *Get302Action) IsAttack() bool {
+	return false
+}
+
+func (this *Get302Action) WillChange() bool {
+	return true
+}
+
+func (this *Get302Action) Perform(waf *WAF, group *RuleGroup, set *RuleSet, request requests.Request, writer http.ResponseWriter) (allow bool) {
+	// 仅限于Get
+	if request.WAFRaw().Method != http.MethodGet {
+		return true
+	}
+
+	// 是否已经在白名单中
+	if SharedIPWhiteList.Contains("set:"+set.Id, request.WAFRemoteIP()) {
+		return true
+	}
+
+	var m = maps.Map{
+		"url":       request.WAFRaw().URL.String(),
+		"timestamp": time.Now().Unix(),
+		"life":      this.Life,
+		"setId":     set.Id,
+	}
+	info, err := utils.SimpleEncryptMap(m)
+	if err != nil {
+		remotelogs.Error("WAF_GET_302_ACTION", "encode info failed: "+err.Error())
+		return true
+	}
+
+	http.Redirect(writer, request.WAFRaw(), Get302Path+"?info="+url.QueryEscape(info), http.StatusFound)
+
+	// 关闭连接
+	_ = this.CloseConn(writer)
+
+	return true
+}