diff --git a/internal/waf/checkpoints/cc.go b/internal/waf/checkpoints/cc.go index bdef428..b198fae 100644 --- a/internal/waf/checkpoints/cc.go +++ b/internal/waf/checkpoints/cc.go @@ -30,7 +30,7 @@ func (this *CCCheckpoint) Start() { this.cache = ttlcache.NewCache() } -func (this *CCCheckpoint) RequestValue(req requests.Request, param string, options maps.Map) (value interface{}, hasRequestBody bool, sysErr error, userErr error) { +func (this *CCCheckpoint) RequestValue(req requests.Request, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) { value = 0 if this.cache == nil { @@ -114,15 +114,15 @@ func (this *CCCheckpoint) RequestValue(req requests.Request, param string, optio if len(key) == 0 { key = req.WAFRemoteIP() } - value = this.cache.IncreaseInt64(key, int64(1), time.Now().Unix()+period, false) + value = this.cache.IncreaseInt64(types.String(ruleId)+"@"+key, int64(1), time.Now().Unix()+period, false) } return } -func (this *CCCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map) (value interface{}, hasRequestBody bool, sysErr error, userErr error) { +func (this *CCCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) { if this.IsRequest() { - return this.RequestValue(req, param, options) + return this.RequestValue(req, param, options, ruleId) } return } diff --git a/internal/waf/checkpoints/cc2.go b/internal/waf/checkpoints/cc2.go index f247d06..37bf6ea 100644 --- a/internal/waf/checkpoints/cc2.go +++ b/internal/waf/checkpoints/cc2.go @@ -32,7 +32,7 @@ type CC2Checkpoint struct { Checkpoint } -func (this *CC2Checkpoint) RequestValue(req requests.Request, param string, options maps.Map) (value interface{}, hasRequestBody bool, sysErr error, userErr error) { +func (this *CC2Checkpoint) RequestValue(req requests.Request, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) { var keys = options.GetSlice("keys") var keyValues = []string{} for _, key := range keys { @@ -66,11 +66,16 @@ func (this *CC2Checkpoint) RequestValue(req requests.Request, param string, opti } } - value = ccCache.IncreaseInt64("WAF-CC-"+strings.Join(keyValues, "@"), 1, time.Now().Unix()+period, false) + var ccKey = "WAF-CC-" + types.String(ruleId) + "-" + strings.Join(keyValues, "@") + value = ccCache.IncreaseInt64(ccKey, 1, time.Now().Unix()+period, false) return } -func (this *CC2Checkpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map) (value interface{}, hasRequestBody bool, sysErr error, userErr error) { +func (this *CC2Checkpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) { + if this.IsRequest() { + return this.RequestValue(req, param, options, ruleId) + } + return } diff --git a/internal/waf/checkpoints/cc_test.go b/internal/waf/checkpoints/cc_test.go index 249b477..fd90884 100644 --- a/internal/waf/checkpoints/cc_test.go +++ b/internal/waf/checkpoints/cc_test.go @@ -23,21 +23,21 @@ func TestCCCheckpoint_RequestValue(t *testing.T) { options := maps.Map{ "period": "5", } - t.Log(checkpoint.RequestValue(req, "requests", options)) - t.Log(checkpoint.RequestValue(req, "requests", options)) + t.Log(checkpoint.RequestValue(req, "requests", options, 1)) + t.Log(checkpoint.RequestValue(req, "requests", options, 1)) req.WAFRaw().RemoteAddr = "127.0.0.2" - t.Log(checkpoint.RequestValue(req, "requests", options)) + t.Log(checkpoint.RequestValue(req, "requests", options, 1)) req.WAFRaw().RemoteAddr = "127.0.0.1" - t.Log(checkpoint.RequestValue(req, "requests", options)) + t.Log(checkpoint.RequestValue(req, "requests", options, 1)) req.WAFRaw().RemoteAddr = "127.0.0.2" - t.Log(checkpoint.RequestValue(req, "requests", options)) + t.Log(checkpoint.RequestValue(req, "requests", options, 1)) req.WAFRaw().RemoteAddr = "127.0.0.2" - t.Log(checkpoint.RequestValue(req, "requests", options)) + t.Log(checkpoint.RequestValue(req, "requests", options, 1)) req.WAFRaw().RemoteAddr = "127.0.0.2" - t.Log(checkpoint.RequestValue(req, "requests", options)) + t.Log(checkpoint.RequestValue(req, "requests", options, 1)) } diff --git a/internal/waf/checkpoints/checkpoint_interface.go b/internal/waf/checkpoints/checkpoint_interface.go index 535e9e5..6afdd49 100644 --- a/internal/waf/checkpoints/checkpoint_interface.go +++ b/internal/waf/checkpoints/checkpoint_interface.go @@ -17,10 +17,10 @@ type CheckpointInterface interface { IsComposed() bool // RequestValue get request value - RequestValue(req requests.Request, param string, options maps.Map) (value interface{}, hasRequestBody bool, sysErr error, userErr error) + RequestValue(req requests.Request, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) // ResponseValue get response value - ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map) (value interface{}, hasRequestBody bool, sysErr error, userErr error) + ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) // ParamOptions param option list ParamOptions() *ParamOptions diff --git a/internal/waf/checkpoints/request_all.go b/internal/waf/checkpoints/request_all.go index 213ab0b..9aee689 100644 --- a/internal/waf/checkpoints/request_all.go +++ b/internal/waf/checkpoints/request_all.go @@ -11,7 +11,7 @@ type RequestAllCheckpoint struct { Checkpoint } -func (this *RequestAllCheckpoint) RequestValue(req requests.Request, param string, options maps.Map) (value interface{}, hasRequestBody bool, sysErr error, userErr error) { +func (this *RequestAllCheckpoint) RequestValue(req requests.Request, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) { valueBytes := []byte{} if len(req.WAFRaw().RequestURI) > 0 { valueBytes = append(valueBytes, req.WAFRaw().RequestURI...) @@ -47,10 +47,10 @@ func (this *RequestAllCheckpoint) RequestValue(req requests.Request, param strin return } -func (this *RequestAllCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map) (value interface{}, hasRequestBody bool, sysErr error, userErr error) { +func (this *RequestAllCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) { value = "" if this.IsRequest() { - return this.RequestValue(req, param, options) + return this.RequestValue(req, param, options, ruleId) } return } diff --git a/internal/waf/checkpoints/request_all_test.go b/internal/waf/checkpoints/request_all_test.go index 6f7ebec..6eaa6f8 100644 --- a/internal/waf/checkpoints/request_all_test.go +++ b/internal/waf/checkpoints/request_all_test.go @@ -18,7 +18,7 @@ func TestRequestAllCheckpoint_RequestValue(t *testing.T) { } checkpoint := new(RequestAllCheckpoint) - v, _, sysErr, userErr := checkpoint.RequestValue(requests.NewTestRequest(req), "", nil) + v, _, sysErr, userErr := checkpoint.RequestValue(requests.NewTestRequest(req), "", nil, 1) if sysErr != nil { t.Fatal(sysErr) } @@ -42,7 +42,7 @@ func TestRequestAllCheckpoint_RequestValue_Max(t *testing.T) { } checkpoint := new(RequestBodyCheckpoint) - value, _, err, _ := checkpoint.RequestValue(requests.NewTestRequest(req), "", nil) + value, _, err, _ := checkpoint.RequestValue(requests.NewTestRequest(req), "", nil, 1) if err != nil { t.Fatal(err) } @@ -65,6 +65,6 @@ func BenchmarkRequestAllCheckpoint_RequestValue(b *testing.B) { checkpoint := new(RequestAllCheckpoint) for i := 0; i < b.N; i++ { - _, _, _, _ = checkpoint.RequestValue(requests.NewTestRequest(req), "", nil) + _, _, _, _ = checkpoint.RequestValue(requests.NewTestRequest(req), "", nil, 1) } } diff --git a/internal/waf/checkpoints/request_arg.go b/internal/waf/checkpoints/request_arg.go index 4026be9..8c3ff3a 100644 --- a/internal/waf/checkpoints/request_arg.go +++ b/internal/waf/checkpoints/request_arg.go @@ -9,13 +9,13 @@ type RequestArgCheckpoint struct { Checkpoint } -func (this *RequestArgCheckpoint) RequestValue(req requests.Request, param string, options maps.Map) (value interface{}, hasRequestBody bool, sysErr error, userErr error) { +func (this *RequestArgCheckpoint) RequestValue(req requests.Request, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) { return req.WAFRaw().URL.Query().Get(param), hasRequestBody, nil, nil } -func (this *RequestArgCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map) (value interface{}, hasRequestBody bool, sysErr error, userErr error) { +func (this *RequestArgCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) { if this.IsRequest() { - return this.RequestValue(req, param, options) + return this.RequestValue(req, param, options, ruleId) } return } diff --git a/internal/waf/checkpoints/request_arg_test.go b/internal/waf/checkpoints/request_arg_test.go index 6ac84f6..541d69a 100644 --- a/internal/waf/checkpoints/request_arg_test.go +++ b/internal/waf/checkpoints/request_arg_test.go @@ -15,7 +15,7 @@ func TestArgParam_RequestValue(t *testing.T) { req := requests.NewTestRequest(rawReq) checkpoint := new(RequestArgCheckpoint) - t.Log(checkpoint.RequestValue(req, "name", nil)) - t.Log(checkpoint.ResponseValue(req, nil, "name", nil)) - t.Log(checkpoint.RequestValue(req, "name2", nil)) + t.Log(checkpoint.RequestValue(req, "name", nil, 1)) + t.Log(checkpoint.ResponseValue(req, nil, "name", nil, 1)) + t.Log(checkpoint.RequestValue(req, "name2", nil, 1)) } diff --git a/internal/waf/checkpoints/request_args.go b/internal/waf/checkpoints/request_args.go index 237c443..3ac2a74 100644 --- a/internal/waf/checkpoints/request_args.go +++ b/internal/waf/checkpoints/request_args.go @@ -9,14 +9,14 @@ type RequestArgsCheckpoint struct { Checkpoint } -func (this *RequestArgsCheckpoint) RequestValue(req requests.Request, param string, options maps.Map) (value interface{}, hasRequestBody bool, sysErr error, userErr error) { +func (this *RequestArgsCheckpoint) RequestValue(req requests.Request, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) { value = req.WAFRaw().URL.RawQuery return } -func (this *RequestArgsCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map) (value interface{}, hasRequestBody bool, sysErr error, userErr error) { +func (this *RequestArgsCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) { if this.IsRequest() { - return this.RequestValue(req, param, options) + return this.RequestValue(req, param, options, ruleId) } return } diff --git a/internal/waf/checkpoints/request_body.go b/internal/waf/checkpoints/request_body.go index cdc1ac2..d957269 100644 --- a/internal/waf/checkpoints/request_body.go +++ b/internal/waf/checkpoints/request_body.go @@ -11,7 +11,7 @@ type RequestBodyCheckpoint struct { Checkpoint } -func (this *RequestBodyCheckpoint) RequestValue(req requests.Request, param string, options maps.Map) (value interface{}, hasRequestBody bool, sysErr error, userErr error) { +func (this *RequestBodyCheckpoint) RequestValue(req requests.Request, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) { if this.RequestBodyIsEmpty(req) { value = "" return @@ -38,9 +38,9 @@ func (this *RequestBodyCheckpoint) RequestValue(req requests.Request, param stri return bodyData, hasRequestBody, nil, nil } -func (this *RequestBodyCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map) (value interface{}, hasRequestBody bool, sysErr error, userErr error) { +func (this *RequestBodyCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) { if this.IsRequest() { - return this.RequestValue(req, param, options) + return this.RequestValue(req, param, options, ruleId) } return } diff --git a/internal/waf/checkpoints/request_body_test.go b/internal/waf/checkpoints/request_body_test.go index 63e00e5..124c57e 100644 --- a/internal/waf/checkpoints/request_body_test.go +++ b/internal/waf/checkpoints/request_body_test.go @@ -17,7 +17,7 @@ func TestRequestBodyCheckpoint_RequestValue(t *testing.T) { } var req = requests.NewTestRequest(rawReq) checkpoint := new(RequestBodyCheckpoint) - t.Log(checkpoint.RequestValue(req, "", nil)) + t.Log(checkpoint.RequestValue(req, "", nil, 1)) body, err := ioutil.ReadAll(rawReq.Body) if err != nil { @@ -34,7 +34,7 @@ func TestRequestBodyCheckpoint_RequestValue_Max(t *testing.T) { } checkpoint := new(RequestBodyCheckpoint) - value, _, err, _ := checkpoint.RequestValue(requests.NewTestRequest(req), "", nil) + value, _, err, _ := checkpoint.RequestValue(requests.NewTestRequest(req), "", nil, 1) if err != nil { t.Fatal(err) } diff --git a/internal/waf/checkpoints/request_content_type.go b/internal/waf/checkpoints/request_content_type.go index 3a5fa7f..a935c94 100644 --- a/internal/waf/checkpoints/request_content_type.go +++ b/internal/waf/checkpoints/request_content_type.go @@ -9,14 +9,14 @@ type RequestContentTypeCheckpoint struct { Checkpoint } -func (this *RequestContentTypeCheckpoint) RequestValue(req requests.Request, param string, options maps.Map) (value interface{}, hasRequestBody bool, sysErr error, userErr error) { +func (this *RequestContentTypeCheckpoint) RequestValue(req requests.Request, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) { value = req.WAFRaw().Header.Get("Content-Type") return } -func (this *RequestContentTypeCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map) (value interface{}, hasRequestBody bool, sysErr error, userErr error) { +func (this *RequestContentTypeCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) { if this.IsRequest() { - return this.RequestValue(req, param, options) + return this.RequestValue(req, param, options, ruleId) } return } diff --git a/internal/waf/checkpoints/request_cookie.go b/internal/waf/checkpoints/request_cookie.go index 5986e61..5394c70 100644 --- a/internal/waf/checkpoints/request_cookie.go +++ b/internal/waf/checkpoints/request_cookie.go @@ -9,7 +9,7 @@ type RequestCookieCheckpoint struct { Checkpoint } -func (this *RequestCookieCheckpoint) RequestValue(req requests.Request, param string, options maps.Map) (value interface{}, hasRequestBody bool, sysErr error, userErr error) { +func (this *RequestCookieCheckpoint) RequestValue(req requests.Request, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) { cookie, err := req.WAFRaw().Cookie(param) if err != nil { value = "" @@ -20,9 +20,9 @@ func (this *RequestCookieCheckpoint) RequestValue(req requests.Request, param st return } -func (this *RequestCookieCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map) (value interface{}, hasRequestBody bool, sysErr error, userErr error) { +func (this *RequestCookieCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) { if this.IsRequest() { - return this.RequestValue(req, param, options) + return this.RequestValue(req, param, options, ruleId) } return } diff --git a/internal/waf/checkpoints/request_cookies.go b/internal/waf/checkpoints/request_cookies.go index d499b6a..de22ced 100644 --- a/internal/waf/checkpoints/request_cookies.go +++ b/internal/waf/checkpoints/request_cookies.go @@ -11,7 +11,7 @@ type RequestCookiesCheckpoint struct { Checkpoint } -func (this *RequestCookiesCheckpoint) RequestValue(req requests.Request, param string, options maps.Map) (value interface{}, hasRequestBody bool, sysErr error, userErr error) { +func (this *RequestCookiesCheckpoint) RequestValue(req requests.Request, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) { var cookies = []string{} for _, cookie := range req.WAFRaw().Cookies() { cookies = append(cookies, url.QueryEscape(cookie.Name)+"="+url.QueryEscape(cookie.Value)) @@ -20,9 +20,9 @@ func (this *RequestCookiesCheckpoint) RequestValue(req requests.Request, param s return } -func (this *RequestCookiesCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map) (value interface{}, hasRequestBody bool, sysErr error, userErr error) { +func (this *RequestCookiesCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) { if this.IsRequest() { - return this.RequestValue(req, param, options) + return this.RequestValue(req, param, options, ruleId) } return } diff --git a/internal/waf/checkpoints/request_form_arg.go b/internal/waf/checkpoints/request_form_arg.go index 4d0a3da..041f35c 100644 --- a/internal/waf/checkpoints/request_form_arg.go +++ b/internal/waf/checkpoints/request_form_arg.go @@ -12,7 +12,7 @@ type RequestFormArgCheckpoint struct { Checkpoint } -func (this *RequestFormArgCheckpoint) RequestValue(req requests.Request, param string, options maps.Map) (value interface{}, hasRequestBody bool, sysErr error, userErr error) { +func (this *RequestFormArgCheckpoint) RequestValue(req requests.Request, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) { hasRequestBody = true if this.RequestBodyIsEmpty(req) { @@ -42,9 +42,9 @@ func (this *RequestFormArgCheckpoint) RequestValue(req requests.Request, param s return values.Get(param), hasRequestBody, nil, nil } -func (this *RequestFormArgCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map) (value interface{}, hasRequestBody bool, sysErr error, userErr error) { +func (this *RequestFormArgCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) { if this.IsRequest() { - return this.RequestValue(req, param, options) + return this.RequestValue(req, param, options, ruleId) } return } diff --git a/internal/waf/checkpoints/request_form_arg_test.go b/internal/waf/checkpoints/request_form_arg_test.go index 5da0624..a60aa66 100644 --- a/internal/waf/checkpoints/request_form_arg_test.go +++ b/internal/waf/checkpoints/request_form_arg_test.go @@ -19,10 +19,10 @@ func TestRequestFormArgCheckpoint_RequestValue(t *testing.T) { req.WAFRaw().Header.Set("Content-Type", "application/x-www-form-urlencoded") checkpoint := new(RequestFormArgCheckpoint) - t.Log(checkpoint.RequestValue(req, "name", nil)) - t.Log(checkpoint.RequestValue(req, "age", nil)) - t.Log(checkpoint.RequestValue(req, "Hello", nil)) - t.Log(checkpoint.RequestValue(req, "encoded", nil)) + t.Log(checkpoint.RequestValue(req, "name", nil, 1)) + t.Log(checkpoint.RequestValue(req, "age", nil, 1)) + t.Log(checkpoint.RequestValue(req, "Hello", nil, 1)) + t.Log(checkpoint.RequestValue(req, "encoded", nil, 1)) body, err := ioutil.ReadAll(req.WAFRaw().Body) if err != nil { diff --git a/internal/waf/checkpoints/request_general_header_length.go b/internal/waf/checkpoints/request_general_header_length.go index 55de1dc..62837d9 100644 --- a/internal/waf/checkpoints/request_general_header_length.go +++ b/internal/waf/checkpoints/request_general_header_length.go @@ -14,7 +14,7 @@ func (this *RequestGeneralHeaderLengthCheckpoint) IsComposed() bool { return true } -func (this *RequestGeneralHeaderLengthCheckpoint) RequestValue(req requests.Request, param string, options maps.Map) (value interface{}, hasRequestBody bool, sysErr error, userErr error) { +func (this *RequestGeneralHeaderLengthCheckpoint) RequestValue(req requests.Request, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) { value = false var headers = options.GetSlice("headers") @@ -35,6 +35,6 @@ func (this *RequestGeneralHeaderLengthCheckpoint) RequestValue(req requests.Requ return } -func (this *RequestGeneralHeaderLengthCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map) (value interface{}, hasRequestBody bool, sysErr error, userErr error) { +func (this *RequestGeneralHeaderLengthCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) { return } diff --git a/internal/waf/checkpoints/request_geo_city_name.go b/internal/waf/checkpoints/request_geo_city_name.go index bb38b8f..01275b0 100644 --- a/internal/waf/checkpoints/request_geo_city_name.go +++ b/internal/waf/checkpoints/request_geo_city_name.go @@ -15,11 +15,11 @@ func (this *RequestGeoCityNameCheckpoint) IsComposed() bool { return false } -func (this *RequestGeoCityNameCheckpoint) RequestValue(req requests.Request, param string, options maps.Map) (value interface{}, hasRequestBody bool, sysErr error, userErr error) { +func (this *RequestGeoCityNameCheckpoint) RequestValue(req requests.Request, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) { value = req.Format("${geo.city.name}") return } -func (this *RequestGeoCityNameCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map) (value interface{}, hasRequestBody bool, sysErr error, userErr error) { - return this.RequestValue(req, param, options) +func (this *RequestGeoCityNameCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) { + return this.RequestValue(req, param, options, ruleId) } diff --git a/internal/waf/checkpoints/request_geo_country_name.go b/internal/waf/checkpoints/request_geo_country_name.go index b11c317..527fe38 100644 --- a/internal/waf/checkpoints/request_geo_country_name.go +++ b/internal/waf/checkpoints/request_geo_country_name.go @@ -15,11 +15,11 @@ func (this *RequestGeoCountryNameCheckpoint) IsComposed() bool { return false } -func (this *RequestGeoCountryNameCheckpoint) RequestValue(req requests.Request, param string, options maps.Map) (value interface{}, hasRequestBody bool, sysErr error, userErr error) { +func (this *RequestGeoCountryNameCheckpoint) RequestValue(req requests.Request, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) { value = req.Format("${geo.country.name}") return } -func (this *RequestGeoCountryNameCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map) (value interface{}, hasRequestBody bool, sysErr error, userErr error) { - return this.RequestValue(req, param, options) +func (this *RequestGeoCountryNameCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) { + return this.RequestValue(req, param, options, ruleId) } diff --git a/internal/waf/checkpoints/request_geo_province_name.go b/internal/waf/checkpoints/request_geo_province_name.go index 460c1d8..1f25b99 100644 --- a/internal/waf/checkpoints/request_geo_province_name.go +++ b/internal/waf/checkpoints/request_geo_province_name.go @@ -15,11 +15,11 @@ func (this *RequestGeoProvinceNameCheckpoint) IsComposed() bool { return false } -func (this *RequestGeoProvinceNameCheckpoint) RequestValue(req requests.Request, param string, options maps.Map) (value interface{}, hasRequestBody bool, sysErr error, userErr error) { +func (this *RequestGeoProvinceNameCheckpoint) RequestValue(req requests.Request, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) { value = req.Format("${geo.province.name}") return } -func (this *RequestGeoProvinceNameCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map) (value interface{}, hasRequestBody bool, sysErr error, userErr error) { - return this.RequestValue(req, param, options) +func (this *RequestGeoProvinceNameCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) { + return this.RequestValue(req, param, options, ruleId) } diff --git a/internal/waf/checkpoints/request_header.go b/internal/waf/checkpoints/request_header.go index e73e9ce..ad82b3b 100644 --- a/internal/waf/checkpoints/request_header.go +++ b/internal/waf/checkpoints/request_header.go @@ -10,7 +10,7 @@ type RequestHeaderCheckpoint struct { Checkpoint } -func (this *RequestHeaderCheckpoint) RequestValue(req requests.Request, param string, options maps.Map) (value interface{}, hasRequestBody bool, sysErr error, userErr error) { +func (this *RequestHeaderCheckpoint) RequestValue(req requests.Request, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) { v, found := req.WAFRaw().Header[param] if !found { value = "" @@ -20,9 +20,9 @@ func (this *RequestHeaderCheckpoint) RequestValue(req requests.Request, param st return } -func (this *RequestHeaderCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map) (value interface{}, hasRequestBody bool, sysErr error, userErr error) { +func (this *RequestHeaderCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) { if this.IsRequest() { - return this.RequestValue(req, param, options) + return this.RequestValue(req, param, options, ruleId) } return } diff --git a/internal/waf/checkpoints/request_headers.go b/internal/waf/checkpoints/request_headers.go index cfee677..ac6f2d0 100644 --- a/internal/waf/checkpoints/request_headers.go +++ b/internal/waf/checkpoints/request_headers.go @@ -11,7 +11,7 @@ type RequestHeadersCheckpoint struct { Checkpoint } -func (this *RequestHeadersCheckpoint) RequestValue(req requests.Request, param string, options maps.Map) (value interface{}, hasRequestBody bool, sysErr error, userErr error) { +func (this *RequestHeadersCheckpoint) RequestValue(req requests.Request, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) { var headers = []string{} for k, v := range req.WAFRaw().Header { for _, subV := range v { @@ -23,9 +23,9 @@ func (this *RequestHeadersCheckpoint) RequestValue(req requests.Request, param s return } -func (this *RequestHeadersCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map) (value interface{}, hasRequestBody bool, sysErr error, userErr error) { +func (this *RequestHeadersCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) { if this.IsRequest() { - return this.RequestValue(req, param, options) + return this.RequestValue(req, param, options, ruleId) } return } diff --git a/internal/waf/checkpoints/request_host.go b/internal/waf/checkpoints/request_host.go index c45c091..374357c 100644 --- a/internal/waf/checkpoints/request_host.go +++ b/internal/waf/checkpoints/request_host.go @@ -9,14 +9,14 @@ type RequestHostCheckpoint struct { Checkpoint } -func (this *RequestHostCheckpoint) RequestValue(req requests.Request, param string, options maps.Map) (value interface{}, hasRequestBody bool, sysErr error, userErr error) { +func (this *RequestHostCheckpoint) RequestValue(req requests.Request, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) { value = req.WAFRaw().Host return } -func (this *RequestHostCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map) (value interface{}, hasRequestBody bool, sysErr error, userErr error) { +func (this *RequestHostCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) { if this.IsRequest() { - return this.RequestValue(req, param, options) + return this.RequestValue(req, param, options, ruleId) } return } diff --git a/internal/waf/checkpoints/request_host_test.go b/internal/waf/checkpoints/request_host_test.go index b9274a7..5f66ae0 100644 --- a/internal/waf/checkpoints/request_host_test.go +++ b/internal/waf/checkpoints/request_host_test.go @@ -16,5 +16,5 @@ func TestRequestHostCheckpoint_RequestValue(t *testing.T) { req.WAFRaw().Header.Set("Host", "cloud.teaos.cn") checkpoint := new(RequestHostCheckpoint) - t.Log(checkpoint.RequestValue(req, "", nil)) + t.Log(checkpoint.RequestValue(req, "", nil, 1)) } diff --git a/internal/waf/checkpoints/request_isp_name.go b/internal/waf/checkpoints/request_isp_name.go index 2f9f214..28ac4a5 100644 --- a/internal/waf/checkpoints/request_isp_name.go +++ b/internal/waf/checkpoints/request_isp_name.go @@ -15,11 +15,11 @@ func (this *RequestISPNameCheckpoint) IsComposed() bool { return false } -func (this *RequestISPNameCheckpoint) RequestValue(req requests.Request, param string, options maps.Map) (value interface{}, hasRequestBody bool, sysErr error, userErr error) { +func (this *RequestISPNameCheckpoint) RequestValue(req requests.Request, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) { value = req.Format("${isp.name}") return } -func (this *RequestISPNameCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map) (value interface{}, hasRequestBody bool, sysErr error, userErr error) { - return this.RequestValue(req, param, options) +func (this *RequestISPNameCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) { + return this.RequestValue(req, param, options, ruleId) } diff --git a/internal/waf/checkpoints/request_json_arg.go b/internal/waf/checkpoints/request_json_arg.go index 374a122..e65666e 100644 --- a/internal/waf/checkpoints/request_json_arg.go +++ b/internal/waf/checkpoints/request_json_arg.go @@ -14,7 +14,7 @@ type RequestJSONArgCheckpoint struct { Checkpoint } -func (this *RequestJSONArgCheckpoint) RequestValue(req requests.Request, param string, options maps.Map) (value interface{}, hasRequestBody bool, sysErr error, userErr error) { +func (this *RequestJSONArgCheckpoint) RequestValue(req requests.Request, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) { var bodyData = req.WAFGetCacheBody() hasRequestBody = true if len(bodyData) == 0 { @@ -42,9 +42,9 @@ func (this *RequestJSONArgCheckpoint) RequestValue(req requests.Request, param s return "", hasRequestBody, nil, nil } -func (this *RequestJSONArgCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map) (value interface{}, hasRequestBody bool, sysErr error, userErr error) { +func (this *RequestJSONArgCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) { if this.IsRequest() { - return this.RequestValue(req, param, options) + return this.RequestValue(req, param, options, ruleId) } return } diff --git a/internal/waf/checkpoints/request_json_arg_test.go b/internal/waf/checkpoints/request_json_arg_test.go index 63fae0b..d968bc1 100644 --- a/internal/waf/checkpoints/request_json_arg_test.go +++ b/internal/waf/checkpoints/request_json_arg_test.go @@ -24,12 +24,12 @@ func TestRequestJSONArgCheckpoint_RequestValue_Map(t *testing.T) { //req.Header.Set("Content-Type", "application/x-www-form-urlencoded") checkpoint := new(RequestJSONArgCheckpoint) - t.Log(checkpoint.RequestValue(req, "name", nil)) - t.Log(checkpoint.RequestValue(req, "age", nil)) - t.Log(checkpoint.RequestValue(req, "Hello", nil)) - t.Log(checkpoint.RequestValue(req, "", nil)) - t.Log(checkpoint.RequestValue(req, "books", nil)) - t.Log(checkpoint.RequestValue(req, "books.1", nil)) + t.Log(checkpoint.RequestValue(req, "name", nil, 1)) + t.Log(checkpoint.RequestValue(req, "age", nil, 1)) + t.Log(checkpoint.RequestValue(req, "Hello", nil, 1)) + t.Log(checkpoint.RequestValue(req, "", nil, 1)) + t.Log(checkpoint.RequestValue(req, "books", nil, 1)) + t.Log(checkpoint.RequestValue(req, "books.1", nil, 1)) body, err := ioutil.ReadAll(req.WAFRaw().Body) if err != nil { @@ -54,12 +54,12 @@ func TestRequestJSONArgCheckpoint_RequestValue_Array(t *testing.T) { //req.Header.Set("Content-Type", "application/x-www-form-urlencoded") checkpoint := new(RequestJSONArgCheckpoint) - t.Log(checkpoint.RequestValue(req, "0.name", nil)) - t.Log(checkpoint.RequestValue(req, "0.age", nil)) - t.Log(checkpoint.RequestValue(req, "0.Hello", nil)) - t.Log(checkpoint.RequestValue(req, "", nil)) - t.Log(checkpoint.RequestValue(req, "0.books", nil)) - t.Log(checkpoint.RequestValue(req, "0.books.1", nil)) + t.Log(checkpoint.RequestValue(req, "0.name", nil, 1)) + t.Log(checkpoint.RequestValue(req, "0.age", nil, 1)) + t.Log(checkpoint.RequestValue(req, "0.Hello", nil, 1)) + t.Log(checkpoint.RequestValue(req, "", nil, 1)) + t.Log(checkpoint.RequestValue(req, "0.books", nil, 1)) + t.Log(checkpoint.RequestValue(req, "0.books.1", nil, 1)) body, err := ioutil.ReadAll(req.WAFRaw().Body) if err != nil { @@ -84,12 +84,12 @@ func TestRequestJSONArgCheckpoint_RequestValue_Error(t *testing.T) { //req.Header.Set("Content-Type", "application/x-www-form-urlencoded") checkpoint := new(RequestJSONArgCheckpoint) - t.Log(checkpoint.RequestValue(req, "0.name", nil)) - t.Log(checkpoint.RequestValue(req, "0.age", nil)) - t.Log(checkpoint.RequestValue(req, "0.Hello", nil)) - t.Log(checkpoint.RequestValue(req, "", nil)) - t.Log(checkpoint.RequestValue(req, "0.books", nil)) - t.Log(checkpoint.RequestValue(req, "0.books.1", nil)) + t.Log(checkpoint.RequestValue(req, "0.name", nil, 1)) + t.Log(checkpoint.RequestValue(req, "0.age", nil, 1)) + t.Log(checkpoint.RequestValue(req, "0.Hello", nil, 1)) + t.Log(checkpoint.RequestValue(req, "", nil, 1)) + t.Log(checkpoint.RequestValue(req, "0.books", nil, 1)) + t.Log(checkpoint.RequestValue(req, "0.books.1", nil, 1)) body, err := ioutil.ReadAll(req.WAFRaw().Body) if err != nil { diff --git a/internal/waf/checkpoints/request_length.go b/internal/waf/checkpoints/request_length.go index e1f5b4a..ad8e1a1 100644 --- a/internal/waf/checkpoints/request_length.go +++ b/internal/waf/checkpoints/request_length.go @@ -9,14 +9,14 @@ type RequestLengthCheckpoint struct { Checkpoint } -func (this *RequestLengthCheckpoint) RequestValue(req requests.Request, param string, options maps.Map) (value interface{}, hasRequestBody bool, sysErr error, userErr error) { +func (this *RequestLengthCheckpoint) RequestValue(req requests.Request, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) { value = req.WAFRaw().ContentLength return } -func (this *RequestLengthCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map) (value interface{}, hasRequestBody bool, sysErr error, userErr error) { +func (this *RequestLengthCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) { if this.IsRequest() { - return this.RequestValue(req, param, options) + return this.RequestValue(req, param, options, ruleId) } return } diff --git a/internal/waf/checkpoints/request_method.go b/internal/waf/checkpoints/request_method.go index 6887b00..0c9e7c7 100644 --- a/internal/waf/checkpoints/request_method.go +++ b/internal/waf/checkpoints/request_method.go @@ -9,14 +9,14 @@ type RequestMethodCheckpoint struct { Checkpoint } -func (this *RequestMethodCheckpoint) RequestValue(req requests.Request, param string, options maps.Map) (value interface{}, hasRequestBody bool, sysErr error, userErr error) { +func (this *RequestMethodCheckpoint) RequestValue(req requests.Request, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) { value = req.WAFRaw().Method return } -func (this *RequestMethodCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map) (value interface{}, hasRequestBody bool, sysErr error, userErr error) { +func (this *RequestMethodCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) { if this.IsRequest() { - return this.RequestValue(req, param, options) + return this.RequestValue(req, param, options, ruleId) } return } diff --git a/internal/waf/checkpoints/request_path.go b/internal/waf/checkpoints/request_path.go index 8468b07..7081010 100644 --- a/internal/waf/checkpoints/request_path.go +++ b/internal/waf/checkpoints/request_path.go @@ -9,13 +9,13 @@ type RequestPathCheckpoint struct { Checkpoint } -func (this *RequestPathCheckpoint) RequestValue(req requests.Request, param string, options maps.Map) (value interface{}, hasRequestBody bool, sysErr error, userErr error) { +func (this *RequestPathCheckpoint) RequestValue(req requests.Request, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) { return req.WAFRaw().URL.Path, false, nil, nil } -func (this *RequestPathCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map) (value interface{}, hasRequestBody bool, sysErr error, userErr error) { +func (this *RequestPathCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) { if this.IsRequest() { - return this.RequestValue(req, param, options) + return this.RequestValue(req, param, options, ruleId) } return } diff --git a/internal/waf/checkpoints/request_path_test.go b/internal/waf/checkpoints/request_path_test.go index 88f47cb..2121ce7 100644 --- a/internal/waf/checkpoints/request_path_test.go +++ b/internal/waf/checkpoints/request_path_test.go @@ -14,5 +14,5 @@ func TestRequestPathCheckpoint_RequestValue(t *testing.T) { req := requests.NewTestRequest(rawReq) checkpoint := new(RequestPathCheckpoint) - t.Log(checkpoint.RequestValue(req, "", nil)) + t.Log(checkpoint.RequestValue(req, "", nil, 1)) } diff --git a/internal/waf/checkpoints/request_proto.go b/internal/waf/checkpoints/request_proto.go index b2e94f4..8ca81db 100644 --- a/internal/waf/checkpoints/request_proto.go +++ b/internal/waf/checkpoints/request_proto.go @@ -9,14 +9,14 @@ type RequestProtoCheckpoint struct { Checkpoint } -func (this *RequestProtoCheckpoint) RequestValue(req requests.Request, param string, options maps.Map) (value interface{}, hasRequestBody bool, sysErr error, userErr error) { +func (this *RequestProtoCheckpoint) RequestValue(req requests.Request, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) { value = req.WAFRaw().Proto return } -func (this *RequestProtoCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map) (value interface{}, hasRequestBody bool, sysErr error, userErr error) { +func (this *RequestProtoCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) { if this.IsRequest() { - return this.RequestValue(req, param, options) + return this.RequestValue(req, param, options, ruleId) } return } diff --git a/internal/waf/checkpoints/request_raw_remote_addr.go b/internal/waf/checkpoints/request_raw_remote_addr.go index e6ee90a..7de78ed 100644 --- a/internal/waf/checkpoints/request_raw_remote_addr.go +++ b/internal/waf/checkpoints/request_raw_remote_addr.go @@ -10,7 +10,7 @@ type RequestRawRemoteAddrCheckpoint struct { Checkpoint } -func (this *RequestRawRemoteAddrCheckpoint) RequestValue(req requests.Request, param string, options maps.Map) (value interface{}, hasRequestBody bool, sysErr error, userErr error) { +func (this *RequestRawRemoteAddrCheckpoint) RequestValue(req requests.Request, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) { host, _, err := net.SplitHostPort(req.WAFRaw().RemoteAddr) if err == nil { value = host @@ -20,9 +20,9 @@ func (this *RequestRawRemoteAddrCheckpoint) RequestValue(req requests.Request, p return } -func (this *RequestRawRemoteAddrCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map) (value interface{}, hasRequestBody bool, sysErr error, userErr error) { +func (this *RequestRawRemoteAddrCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) { if this.IsRequest() { - return this.RequestValue(req, param, options) + return this.RequestValue(req, param, options, ruleId) } return } diff --git a/internal/waf/checkpoints/request_referer.go b/internal/waf/checkpoints/request_referer.go index a4da2b7..b3d1b56 100644 --- a/internal/waf/checkpoints/request_referer.go +++ b/internal/waf/checkpoints/request_referer.go @@ -9,14 +9,14 @@ type RequestRefererCheckpoint struct { Checkpoint } -func (this *RequestRefererCheckpoint) RequestValue(req requests.Request, param string, options maps.Map) (value interface{}, hasRequestBody bool, sysErr error, userErr error) { +func (this *RequestRefererCheckpoint) RequestValue(req requests.Request, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) { value = req.WAFRaw().Referer() return } -func (this *RequestRefererCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map) (value interface{}, hasRequestBody bool, sysErr error, userErr error) { +func (this *RequestRefererCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) { if this.IsRequest() { - return this.RequestValue(req, param, options) + return this.RequestValue(req, param, options, ruleId) } return } diff --git a/internal/waf/checkpoints/request_referer_block.go b/internal/waf/checkpoints/request_referer_block.go index 732d68a..571403d 100644 --- a/internal/waf/checkpoints/request_referer_block.go +++ b/internal/waf/checkpoints/request_referer_block.go @@ -17,7 +17,7 @@ type RequestRefererBlockCheckpoint struct { // RequestValue 计算checkpoint值 // 选项:allowEmpty, allowSameDomain, allowDomains -func (this *RequestRefererBlockCheckpoint) RequestValue(req requests.Request, param string, options maps.Map) (value interface{}, hasRequestBody bool, sysErr error, userErr error) { +func (this *RequestRefererBlockCheckpoint) RequestValue(req requests.Request, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) { var referer = req.WAFRaw().Referer() if len(referer) == 0 { @@ -61,6 +61,6 @@ func (this *RequestRefererBlockCheckpoint) RequestValue(req requests.Request, pa return } -func (this *RequestRefererBlockCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map) (value interface{}, hasRequestBody bool, sysErr error, userErr error) { +func (this *RequestRefererBlockCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) { return } diff --git a/internal/waf/checkpoints/request_remote_addr.go b/internal/waf/checkpoints/request_remote_addr.go index b88e6ef..fba247d 100644 --- a/internal/waf/checkpoints/request_remote_addr.go +++ b/internal/waf/checkpoints/request_remote_addr.go @@ -9,14 +9,14 @@ type RequestRemoteAddrCheckpoint struct { Checkpoint } -func (this *RequestRemoteAddrCheckpoint) RequestValue(req requests.Request, param string, options maps.Map) (value interface{}, hasRequestBody bool, sysErr error, userErr error) { +func (this *RequestRemoteAddrCheckpoint) RequestValue(req requests.Request, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) { value = req.WAFRemoteIP() return } -func (this *RequestRemoteAddrCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map) (value interface{}, hasRequestBody bool, sysErr error, userErr error) { +func (this *RequestRemoteAddrCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) { if this.IsRequest() { - return this.RequestValue(req, param, options) + return this.RequestValue(req, param, options, ruleId) } return } diff --git a/internal/waf/checkpoints/request_remote_port.go b/internal/waf/checkpoints/request_remote_port.go index 9279fb9..546b5e8 100644 --- a/internal/waf/checkpoints/request_remote_port.go +++ b/internal/waf/checkpoints/request_remote_port.go @@ -11,7 +11,7 @@ type RequestRemotePortCheckpoint struct { Checkpoint } -func (this *RequestRemotePortCheckpoint) RequestValue(req requests.Request, param string, options maps.Map) (value interface{}, hasRequestBody bool, sysErr error, userErr error) { +func (this *RequestRemotePortCheckpoint) RequestValue(req requests.Request, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) { _, port, err := net.SplitHostPort(req.WAFRaw().RemoteAddr) if err == nil { value = types.Int(port) @@ -21,9 +21,9 @@ func (this *RequestRemotePortCheckpoint) RequestValue(req requests.Request, para return } -func (this *RequestRemotePortCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map) (value interface{}, hasRequestBody bool, sysErr error, userErr error) { +func (this *RequestRemotePortCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) { if this.IsRequest() { - return this.RequestValue(req, param, options) + return this.RequestValue(req, param, options, ruleId) } return } diff --git a/internal/waf/checkpoints/request_remote_user.go b/internal/waf/checkpoints/request_remote_user.go index 705c385..aa2e4fb 100644 --- a/internal/waf/checkpoints/request_remote_user.go +++ b/internal/waf/checkpoints/request_remote_user.go @@ -9,7 +9,7 @@ type RequestRemoteUserCheckpoint struct { Checkpoint } -func (this *RequestRemoteUserCheckpoint) RequestValue(req requests.Request, param string, options maps.Map) (value interface{}, hasRequestBody bool, sysErr error, userErr error) { +func (this *RequestRemoteUserCheckpoint) RequestValue(req requests.Request, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) { username, _, ok := req.WAFRaw().BasicAuth() if !ok { value = "" @@ -19,9 +19,9 @@ func (this *RequestRemoteUserCheckpoint) RequestValue(req requests.Request, para return } -func (this *RequestRemoteUserCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map) (value interface{}, hasRequestBody bool, sysErr error, userErr error) { +func (this *RequestRemoteUserCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) { if this.IsRequest() { - return this.RequestValue(req, param, options) + return this.RequestValue(req, param, options, ruleId) } return } diff --git a/internal/waf/checkpoints/request_scheme.go b/internal/waf/checkpoints/request_scheme.go index 65b116b..bcedfee 100644 --- a/internal/waf/checkpoints/request_scheme.go +++ b/internal/waf/checkpoints/request_scheme.go @@ -9,14 +9,14 @@ type RequestSchemeCheckpoint struct { Checkpoint } -func (this *RequestSchemeCheckpoint) RequestValue(req requests.Request, param string, options maps.Map) (value interface{}, hasRequestBody bool, sysErr error, userErr error) { +func (this *RequestSchemeCheckpoint) RequestValue(req requests.Request, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) { value = req.Format("${scheme}") return } -func (this *RequestSchemeCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map) (value interface{}, hasRequestBody bool, sysErr error, userErr error) { +func (this *RequestSchemeCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) { if this.IsRequest() { - return this.RequestValue(req, param, options) + return this.RequestValue(req, param, options, ruleId) } return } diff --git a/internal/waf/checkpoints/request_scheme_test.go b/internal/waf/checkpoints/request_scheme_test.go index 8738a3d..49bf153 100644 --- a/internal/waf/checkpoints/request_scheme_test.go +++ b/internal/waf/checkpoints/request_scheme_test.go @@ -14,5 +14,5 @@ func TestRequestSchemeCheckpoint_RequestValue(t *testing.T) { req := requests.NewTestRequest(rawReq) checkpoint := new(RequestSchemeCheckpoint) - t.Log(checkpoint.RequestValue(req, "", nil)) + t.Log(checkpoint.RequestValue(req, "", nil, 1)) } diff --git a/internal/waf/checkpoints/request_upload.go b/internal/waf/checkpoints/request_upload.go index 6df97d3..cf1498a 100644 --- a/internal/waf/checkpoints/request_upload.go +++ b/internal/waf/checkpoints/request_upload.go @@ -17,7 +17,7 @@ type RequestUploadCheckpoint struct { Checkpoint } -func (this *RequestUploadCheckpoint) RequestValue(req requests.Request, param string, options maps.Map) (value interface{}, hasRequestBody bool, sysErr error, userErr error) { +func (this *RequestUploadCheckpoint) RequestValue(req requests.Request, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) { if this.RequestBodyIsEmpty(req) { value = "" return @@ -122,9 +122,9 @@ func (this *RequestUploadCheckpoint) RequestValue(req requests.Request, param st return } -func (this *RequestUploadCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map) (value interface{}, hasRequestBody bool, sysErr error, userErr error) { +func (this *RequestUploadCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) { if this.IsRequest() { - return this.RequestValue(req, param, options) + return this.RequestValue(req, param, options, ruleId) } return } diff --git a/internal/waf/checkpoints/request_upload_test.go b/internal/waf/checkpoints/request_upload_test.go index d3fa899..eed421f 100644 --- a/internal/waf/checkpoints/request_upload_test.go +++ b/internal/waf/checkpoints/request_upload_test.go @@ -88,11 +88,11 @@ func TestRequestUploadCheckpoint_RequestValue(t *testing.T) { req.WAFRaw().Header.Add("Content-Type", writer.FormDataContentType()) checkpoint := new(RequestUploadCheckpoint) - t.Log(checkpoint.RequestValue(req, "field", nil)) - t.Log(checkpoint.RequestValue(req, "minSize", nil)) - t.Log(checkpoint.RequestValue(req, "maxSize", nil)) - t.Log(checkpoint.RequestValue(req, "name", nil)) - t.Log(checkpoint.RequestValue(req, "ext", nil)) + t.Log(checkpoint.RequestValue(req, "field", nil, 1)) + t.Log(checkpoint.RequestValue(req, "minSize", nil, 1)) + t.Log(checkpoint.RequestValue(req, "maxSize", nil, 1)) + t.Log(checkpoint.RequestValue(req, "name", nil, 1)) + t.Log(checkpoint.RequestValue(req, "ext", nil, 1)) data, err := ioutil.ReadAll(req.WAFRaw().Body) if err != nil { diff --git a/internal/waf/checkpoints/request_uri.go b/internal/waf/checkpoints/request_uri.go index 49417ff..2b03756 100644 --- a/internal/waf/checkpoints/request_uri.go +++ b/internal/waf/checkpoints/request_uri.go @@ -9,7 +9,7 @@ type RequestURICheckpoint struct { Checkpoint } -func (this *RequestURICheckpoint) RequestValue(req requests.Request, param string, options maps.Map) (value interface{}, hasRequestBody bool, sysErr error, userErr error) { +func (this *RequestURICheckpoint) RequestValue(req requests.Request, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) { if len(req.WAFRaw().RequestURI) > 0 { value = req.WAFRaw().RequestURI } else if req.WAFRaw().URL != nil { @@ -18,9 +18,9 @@ func (this *RequestURICheckpoint) RequestValue(req requests.Request, param strin return } -func (this *RequestURICheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map) (value interface{}, hasRequestBody bool, sysErr error, userErr error) { +func (this *RequestURICheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) { if this.IsRequest() { - return this.RequestValue(req, param, options) + return this.RequestValue(req, param, options, ruleId) } return } diff --git a/internal/waf/checkpoints/request_url.go b/internal/waf/checkpoints/request_url.go index dfc5287..24f0a51 100644 --- a/internal/waf/checkpoints/request_url.go +++ b/internal/waf/checkpoints/request_url.go @@ -9,13 +9,13 @@ type RequestURLCheckpoint struct { Checkpoint } -func (this *RequestURLCheckpoint) RequestValue(req requests.Request, param string, options maps.Map) (value interface{}, hasRequestBody bool, sysErr error, userErr error) { +func (this *RequestURLCheckpoint) RequestValue(req requests.Request, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) { return req.Format("${requestURL}"), hasRequestBody, nil, nil } -func (this *RequestURLCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map) (value interface{}, hasRequestBody bool, sysErr error, userErr error) { +func (this *RequestURLCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) { if this.IsRequest() { - return this.RequestValue(req, param, options) + return this.RequestValue(req, param, options, ruleId) } return } diff --git a/internal/waf/checkpoints/request_user_agent.go b/internal/waf/checkpoints/request_user_agent.go index ee894d3..814a7ff 100644 --- a/internal/waf/checkpoints/request_user_agent.go +++ b/internal/waf/checkpoints/request_user_agent.go @@ -9,14 +9,14 @@ type RequestUserAgentCheckpoint struct { Checkpoint } -func (this *RequestUserAgentCheckpoint) RequestValue(req requests.Request, param string, options maps.Map) (value interface{}, hasRequestBody bool, sysErr error, userErr error) { +func (this *RequestUserAgentCheckpoint) RequestValue(req requests.Request, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) { value = req.WAFRaw().UserAgent() return } -func (this *RequestUserAgentCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map) (value interface{}, hasRequestBody bool, sysErr error, userErr error) { +func (this *RequestUserAgentCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) { if this.IsRequest() { - return this.RequestValue(req, param, options) + return this.RequestValue(req, param, options, ruleId) } return } diff --git a/internal/waf/checkpoints/response_body.go b/internal/waf/checkpoints/response_body.go index 02e4c35..cc7f24a 100644 --- a/internal/waf/checkpoints/response_body.go +++ b/internal/waf/checkpoints/response_body.go @@ -16,12 +16,12 @@ func (this *ResponseBodyCheckpoint) IsRequest() bool { return false } -func (this *ResponseBodyCheckpoint) RequestValue(req requests.Request, param string, options maps.Map) (value interface{}, hasRequestBody bool, sysErr error, userErr error) { +func (this *ResponseBodyCheckpoint) RequestValue(req requests.Request, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) { value = "" return } -func (this *ResponseBodyCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map) (value interface{}, hasRequestBody bool, sysErr error, userErr error) { +func (this *ResponseBodyCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) { if resp.ContentLength == 0 { value = "" return diff --git a/internal/waf/checkpoints/response_body_test.go b/internal/waf/checkpoints/response_body_test.go index 97959fe..85d68e0 100644 --- a/internal/waf/checkpoints/response_body_test.go +++ b/internal/waf/checkpoints/response_body_test.go @@ -16,10 +16,10 @@ func TestResponseBodyCheckpoint_ResponseValue(t *testing.T) { resp.Body = ioutil.NopCloser(bytes.NewBuffer([]byte("Hello, World"))) checkpoint := new(ResponseBodyCheckpoint) - t.Log(checkpoint.ResponseValue(nil, resp, "", nil)) - t.Log(checkpoint.ResponseValue(nil, resp, "", nil)) - t.Log(checkpoint.ResponseValue(nil, resp, "", nil)) - t.Log(checkpoint.ResponseValue(nil, resp, "", nil)) + t.Log(checkpoint.ResponseValue(nil, resp, "", nil, 1)) + t.Log(checkpoint.ResponseValue(nil, resp, "", nil, 1)) + t.Log(checkpoint.ResponseValue(nil, resp, "", nil, 1)) + t.Log(checkpoint.ResponseValue(nil, resp, "", nil, 1)) data, err := ioutil.ReadAll(resp.Body) if err != nil { diff --git a/internal/waf/checkpoints/response_bytes_sent.go b/internal/waf/checkpoints/response_bytes_sent.go index 5e017a9..b6ea98d 100644 --- a/internal/waf/checkpoints/response_bytes_sent.go +++ b/internal/waf/checkpoints/response_bytes_sent.go @@ -14,12 +14,12 @@ func (this *ResponseBytesSentCheckpoint) IsRequest() bool { return false } -func (this *ResponseBytesSentCheckpoint) RequestValue(req requests.Request, param string, options maps.Map) (value interface{}, hasRequestBody bool, sysErr error, userErr error) { +func (this *ResponseBytesSentCheckpoint) RequestValue(req requests.Request, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) { value = 0 return } -func (this *ResponseBytesSentCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map) (value interface{}, hasRequestBody bool, sysErr error, userErr error) { +func (this *ResponseBytesSentCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) { value = 0 if resp != nil { value = resp.ContentLength diff --git a/internal/waf/checkpoints/response_general_header_length.go b/internal/waf/checkpoints/response_general_header_length.go index 11376bb..11eb299 100644 --- a/internal/waf/checkpoints/response_general_header_length.go +++ b/internal/waf/checkpoints/response_general_header_length.go @@ -18,12 +18,12 @@ func (this *ResponseGeneralHeaderLengthCheckpoint) IsComposed() bool { return true } -func (this *ResponseGeneralHeaderLengthCheckpoint) RequestValue(req requests.Request, param string, options maps.Map) (value interface{}, hasRequestBody bool, sysErr error, userErr error) { +func (this *ResponseGeneralHeaderLengthCheckpoint) RequestValue(req requests.Request, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) { return } -func (this *ResponseGeneralHeaderLengthCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map) (value interface{}, hasRequestBody bool, sysErr error, userErr error) { +func (this *ResponseGeneralHeaderLengthCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) { value = false headers := options.GetSlice("headers") diff --git a/internal/waf/checkpoints/response_header.go b/internal/waf/checkpoints/response_header.go index cd321df..30d356a 100644 --- a/internal/waf/checkpoints/response_header.go +++ b/internal/waf/checkpoints/response_header.go @@ -14,12 +14,12 @@ func (this *ResponseHeaderCheckpoint) IsRequest() bool { return false } -func (this *ResponseHeaderCheckpoint) RequestValue(req requests.Request, param string, options maps.Map) (value interface{}, hasRequestBody bool, sysErr error, userErr error) { +func (this *ResponseHeaderCheckpoint) RequestValue(req requests.Request, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) { value = "" return } -func (this *ResponseHeaderCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map) (value interface{}, hasRequestBody bool, sysErr error, userErr error) { +func (this *ResponseHeaderCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) { if resp != nil && resp.Header != nil { value = resp.Header.Get(param) } else { diff --git a/internal/waf/checkpoints/response_header_test.go b/internal/waf/checkpoints/response_header_test.go index 60e733b..f41fc6c 100644 --- a/internal/waf/checkpoints/response_header_test.go +++ b/internal/waf/checkpoints/response_header_test.go @@ -13,5 +13,5 @@ func TestResponseHeaderCheckpoint_ResponseValue(t *testing.T) { resp.Header.Set("Hello", "World") checkpoint := new(ResponseHeaderCheckpoint) - t.Log(checkpoint.ResponseValue(nil, resp, "Hello", nil)) + t.Log(checkpoint.ResponseValue(nil, resp, "Hello", nil, 1)) } diff --git a/internal/waf/checkpoints/response_status.go b/internal/waf/checkpoints/response_status.go index b17ca02..0f74723 100644 --- a/internal/waf/checkpoints/response_status.go +++ b/internal/waf/checkpoints/response_status.go @@ -14,12 +14,12 @@ func (this *ResponseStatusCheckpoint) IsRequest() bool { return false } -func (this *ResponseStatusCheckpoint) RequestValue(req requests.Request, param string, options maps.Map) (value interface{}, hasRequestBody bool, sysErr error, userErr error) { +func (this *ResponseStatusCheckpoint) RequestValue(req requests.Request, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) { value = 0 return } -func (this *ResponseStatusCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map) (value interface{}, hasRequestBody bool, sysErr error, userErr error) { +func (this *ResponseStatusCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) { if resp != nil { value = resp.StatusCode } diff --git a/internal/waf/checkpoints/response_status_test.go b/internal/waf/checkpoints/response_status_test.go index 252360d..89e86be 100644 --- a/internal/waf/checkpoints/response_status_test.go +++ b/internal/waf/checkpoints/response_status_test.go @@ -11,5 +11,5 @@ func TestResponseStatusCheckpoint_ResponseValue(t *testing.T) { resp.StatusCode = 200 checkpoint := new(ResponseStatusCheckpoint) - t.Log(checkpoint.ResponseValue(nil, resp, "", nil)) + t.Log(checkpoint.ResponseValue(nil, resp, "", nil, 1)) } diff --git a/internal/waf/checkpoints/sample_request.go b/internal/waf/checkpoints/sample_request.go index 33357c5..972cdef 100644 --- a/internal/waf/checkpoints/sample_request.go +++ b/internal/waf/checkpoints/sample_request.go @@ -10,13 +10,13 @@ type SampleRequestCheckpoint struct { Checkpoint } -func (this *SampleRequestCheckpoint) RequestValue(req requests.Request, param string, options maps.Map) (value interface{}, hasRequestBody bool, sysErr error, userErr error) { +func (this *SampleRequestCheckpoint) RequestValue(req requests.Request, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) { return } -func (this *SampleRequestCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map) (value interface{}, hasRequestBody bool, sysErr error, userErr error) { +func (this *SampleRequestCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) { if this.IsRequest() { - return this.RequestValue(req, param, options) + return this.RequestValue(req, param, options, ruleId) } return } diff --git a/internal/waf/checkpoints/sample_response.go b/internal/waf/checkpoints/sample_response.go index 27c0609..56fd4c3 100644 --- a/internal/waf/checkpoints/sample_response.go +++ b/internal/waf/checkpoints/sample_response.go @@ -2,9 +2,10 @@ package checkpoints import ( "github.com/TeaOSLab/EdgeNode/internal/waf/requests" + "github.com/iwind/TeaGo/maps" ) -// just a sample checkpoint, copy and change it for your new checkpoint +// SampleResponseCheckpoint just a sample checkpoint, copy and change it for your new checkpoint type SampleResponseCheckpoint struct { Checkpoint } @@ -13,10 +14,10 @@ func (this *SampleResponseCheckpoint) IsRequest() bool { return false } -func (this *SampleResponseCheckpoint) RequestValue(req *requests.Request, param string, options map[string]string) (value interface{}, sysErr error, userErr error) { +func (this *SampleResponseCheckpoint) RequestValue(req requests.Request, param string, options maps.Map, ruleId int64) (value interface{}, sysErr error, userErr error) { return } -func (this *SampleResponseCheckpoint) ResponseValue(req *requests.Request, resp *requests.Response, param string, options map[string]string) (value interface{}, sysErr error, userErr error) { +func (this *SampleResponseCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) { return } diff --git a/internal/waf/rule.go b/internal/waf/rule.go index c21c8e0..4367313 100644 --- a/internal/waf/rule.go +++ b/internal/waf/rule.go @@ -26,6 +26,8 @@ var singleParamRegexp = regexp.MustCompile("^\\${[\\w.-]+}$") // Rule type Rule struct { + Id int64 + Description string `yaml:"description" json:"description"` Param string `yaml:"param" json:"param"` // such as ${arg.name} or ${args}, can be composite as ${arg.firstName}${arg.lastName} ParamFilters []*ParamFilter `yaml:"paramFilters" json:"paramFilters"` @@ -186,7 +188,7 @@ func (this *Rule) Init() error { func (this *Rule) MatchRequest(req requests.Request) (b bool, hasRequestBody bool, err error) { if this.singleCheckpoint != nil { - value, hasCheckedRequestBody, err, _ := this.singleCheckpoint.RequestValue(req, this.singleParam, this.CheckpointOptions) + value, hasCheckedRequestBody, err, _ := this.singleCheckpoint.RequestValue(req, this.singleParam, this.CheckpointOptions, this.Id) if hasCheckedRequestBody { hasRequestBody = true } @@ -216,7 +218,7 @@ func (this *Rule) MatchRequest(req requests.Request) (b bool, hasRequestBody boo } if len(pieces) == 1 { - value1, hasCheckRequestBody, err1, _ := point.RequestValue(req, "", this.CheckpointOptions) + value1, hasCheckRequestBody, err1, _ := point.RequestValue(req, "", this.CheckpointOptions, this.Id) if hasCheckRequestBody { hasRequestBody = true } @@ -226,7 +228,7 @@ func (this *Rule) MatchRequest(req requests.Request) (b bool, hasRequestBody boo return types.String(value1) } - value1, hasCheckRequestBody, err1, _ := point.RequestValue(req, pieces[1], this.CheckpointOptions) + value1, hasCheckRequestBody, err1, _ := point.RequestValue(req, pieces[1], this.CheckpointOptions, this.Id) if hasCheckRequestBody { hasRequestBody = true } @@ -247,7 +249,7 @@ func (this *Rule) MatchResponse(req requests.Request, resp *requests.Response) ( if this.singleCheckpoint != nil { // if is request param if this.singleCheckpoint.IsRequest() { - value, hasCheckRequestBody, err, _ := this.singleCheckpoint.RequestValue(req, this.singleParam, this.CheckpointOptions) + value, hasCheckRequestBody, err, _ := this.singleCheckpoint.RequestValue(req, this.singleParam, this.CheckpointOptions, this.Id) if hasCheckRequestBody { hasRequestBody = true } @@ -264,7 +266,7 @@ func (this *Rule) MatchResponse(req requests.Request, resp *requests.Response) ( } // response param - value, hasCheckRequestBody, err, _ := this.singleCheckpoint.ResponseValue(req, resp, this.singleParam, this.CheckpointOptions) + value, hasCheckRequestBody, err, _ := this.singleCheckpoint.ResponseValue(req, resp, this.singleParam, this.CheckpointOptions, this.Id) if hasCheckRequestBody { hasRequestBody = true } @@ -290,7 +292,7 @@ func (this *Rule) MatchResponse(req requests.Request, resp *requests.Response) ( if len(pieces) == 1 { if point.IsRequest() { - value1, hasCheckRequestBody, err1, _ := point.RequestValue(req, "", this.CheckpointOptions) + value1, hasCheckRequestBody, err1, _ := point.RequestValue(req, "", this.CheckpointOptions, this.Id) if hasCheckRequestBody { hasRequestBody = true } @@ -299,7 +301,7 @@ func (this *Rule) MatchResponse(req requests.Request, resp *requests.Response) ( } return types.String(value1) } else { - value1, hasCheckRequestBody, err1, _ := point.ResponseValue(req, resp, "", this.CheckpointOptions) + value1, hasCheckRequestBody, err1, _ := point.ResponseValue(req, resp, "", this.CheckpointOptions, this.Id) if hasCheckRequestBody { hasRequestBody = true } @@ -311,7 +313,7 @@ func (this *Rule) MatchResponse(req requests.Request, resp *requests.Response) ( } if point.IsRequest() { - value1, hasCheckRequestBody, err1, _ := point.RequestValue(req, pieces[1], this.CheckpointOptions) + value1, hasCheckRequestBody, err1, _ := point.RequestValue(req, pieces[1], this.CheckpointOptions, this.Id) if hasCheckRequestBody { hasRequestBody = true } @@ -320,7 +322,7 @@ func (this *Rule) MatchResponse(req requests.Request, resp *requests.Response) ( } return types.String(value1) } else { - value1, hasCheckRequestBody, err1, _ := point.ResponseValue(req, resp, pieces[1], this.CheckpointOptions) + value1, hasCheckRequestBody, err1, _ := point.ResponseValue(req, resp, pieces[1], this.CheckpointOptions, this.Id) if hasCheckRequestBody { hasRequestBody = true } diff --git a/internal/waf/waf_manager.go b/internal/waf/waf_manager.go index 01e4381..4652b11 100644 --- a/internal/waf/waf_manager.go +++ b/internal/waf/waf_manager.go @@ -97,6 +97,7 @@ func (this *WAFManager) ConvertWAF(policy *firewallconfigs.HTTPFirewallPolicy) ( // rules for _, rule := range set.Rules { r := &Rule{ + Id: rule.Id, Description: rule.Description, Param: rule.Param, ParamFilters: []*ParamFilter{}, @@ -154,6 +155,7 @@ func (this *WAFManager) ConvertWAF(policy *firewallconfigs.HTTPFirewallPolicy) ( // rules for _, rule := range set.Rules { r := &Rule{ + Id: rule.Id, Description: rule.Description, Param: rule.Param, Operator: rule.Operator,