From 1a6b05f81b5e9aa6a0cfe8cbbdf605ab29ca7da5 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=E5=88=98=E7=A5=A5=E8=B6=85?= <iwind.liu@gmail.com>
Date: Mon, 9 Nov 2020 11:02:29 +0800
Subject: [PATCH] =?UTF-8?q?=E5=9C=A8=E5=AF=B9IP=E5=B0=81=E7=A6=81=E6=97=B6?=
 =?UTF-8?q?=EF=BC=8C=E4=B8=8D=E5=86=99=E5=85=A5=E8=AE=BF=E9=97=AE=E6=97=A5?=
 =?UTF-8?q?=E5=BF=97?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 internal/nodes/http_request.go     |  2 ++
 internal/nodes/http_request_log.go |  4 ++++
 internal/nodes/http_request_waf.go | 12 ++++++++++++
 3 files changed, 18 insertions(+)

diff --git a/internal/nodes/http_request.go b/internal/nodes/http_request.go
index db6253d..c6cca69 100644
--- a/internal/nodes/http_request.go
+++ b/internal/nodes/http_request.go
@@ -66,6 +66,8 @@ type HTTPRequest struct {
 	firewallRuleId      int64
 
 	logAttrs map[string]string
+
+	disableLog bool // 此请求中关闭Log
 }
 
 // 初始化
diff --git a/internal/nodes/http_request_log.go b/internal/nodes/http_request_log.go
index 0de7026..50fd3a0 100644
--- a/internal/nodes/http_request_log.go
+++ b/internal/nodes/http_request_log.go
@@ -13,6 +13,10 @@ var requestId int64 = 1_0000_0000_0000_0000
 
 // 日志
 func (this *HTTPRequest) log() {
+	if this.disableLog {
+		return
+	}
+
 	// 计算请求时间
 	this.requestCost = time.Since(this.requestFromTime).Seconds()
 
diff --git a/internal/nodes/http_request_waf.go b/internal/nodes/http_request_waf.go
index aec3816..7563e07 100644
--- a/internal/nodes/http_request_waf.go
+++ b/internal/nodes/http_request_waf.go
@@ -34,6 +34,9 @@ func (this *HTTPRequest) doWAFRequest() (blocked bool) {
 			this.writer.WriteHeader(http.StatusForbidden)
 			this.writer.Close()
 
+			// 停止日志
+			this.disableLog = true
+
 			return true
 		}
 	}
@@ -54,6 +57,10 @@ func (this *HTTPRequest) doWAFRequest() (blocked bool) {
 							// TODO 可以配置对封禁的处理方式等
 							this.writer.WriteHeader(http.StatusForbidden)
 							this.writer.Close()
+
+							// 停止日志
+							this.disableLog = true
+
 							return true
 						}
 					}
@@ -65,6 +72,10 @@ func (this *HTTPRequest) doWAFRequest() (blocked bool) {
 							// TODO 可以配置对封禁的处理方式等
 							this.writer.WriteHeader(http.StatusForbidden)
 							this.writer.Close()
+
+							// 停止日志
+							this.disableLog = true
+
 							return true
 						}
 					}
@@ -73,6 +84,7 @@ func (this *HTTPRequest) doWAFRequest() (blocked bool) {
 		}
 	}
 
+	// 规则测试
 	w := sharedWAFManager.FindWAF(this.web.FirewallPolicy.Id)
 	if w == nil {
 		return