WAF多个相同Key的cc2统计规则不再重复累加

2025-11-12 22:40:25 +08:00 · 2022-07-25 09:34:34 +08:00
parent e15d491b97
commit 4b55895428
57 changed files with 189 additions and 179 deletions
--- a/internal/waf/checkpoints/cc.go
+++ b/internal/waf/checkpoints/cc.go
@@ -30,7 +30,7 @@ func (this *CCCheckpoint) Start() {
 	this.cache = ttlcache.NewCache()
 }
-func (this *CCCheckpoint) RequestValue(req requests.Request, param string, options maps.Map) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
+func (this *CCCheckpoint) RequestValue(req requests.Request, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
 	value = 0
 	if this.cache == nil {
@@ -114,15 +114,15 @@ func (this *CCCheckpoint) RequestValue(req requests.Request, param string, optio
 		if len(key) == 0 {
 			key = req.WAFRemoteIP()
 		}
-		value = this.cache.IncreaseInt64(key, int64(1), time.Now().Unix()+period, false)
+		value = this.cache.IncreaseInt64(types.String(ruleId)+"@"+key, int64(1), time.Now().Unix()+period, false)
 	}
 	return
 }
-func (this *CCCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
+func (this *CCCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
 	if this.IsRequest() {
-		return this.RequestValue(req, param, options)
+		return this.RequestValue(req, param, options, ruleId)
 	}
 	return
 }
--- a/internal/waf/checkpoints/cc2.go
+++ b/internal/waf/checkpoints/cc2.go
@@ -32,7 +32,7 @@ type CC2Checkpoint struct {
 	Checkpoint
 }
-func (this *CC2Checkpoint) RequestValue(req requests.Request, param string, options maps.Map) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
+func (this *CC2Checkpoint) RequestValue(req requests.Request, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
 	var keys = options.GetSlice("keys")
 	var keyValues = []string{}
 	for _, key := range keys {
@@ -66,11 +66,16 @@ func (this *CC2Checkpoint) RequestValue(req requests.Request, param string, opti
 		}
 	}
-	value = ccCache.IncreaseInt64("WAF-CC-"+strings.Join(keyValues, "@"), 1, time.Now().Unix()+period, false)
+	var ccKey = "WAF-CC-" + types.String(ruleId) + "-" + strings.Join(keyValues, "@")
 	value = ccCache.IncreaseInt64(ccKey, 1, time.Now().Unix()+period, false)
 	return
 }
-func (this *CC2Checkpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
+func (this *CC2Checkpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
 	if this.IsRequest() {
 		return this.RequestValue(req, param, options, ruleId)
 	}
 	return
 }
--- a/internal/waf/checkpoints/cc_test.go
+++ b/internal/waf/checkpoints/cc_test.go
@@ -23,21 +23,21 @@ func TestCCCheckpoint_RequestValue(t *testing.T) {
 	options := maps.Map{
 		"period": "5",
 	}
-	t.Log(checkpoint.RequestValue(req, "requests", options))
+	t.Log(checkpoint.RequestValue(req, "requests", options, 1))
-	t.Log(checkpoint.RequestValue(req, "requests", options))
+	t.Log(checkpoint.RequestValue(req, "requests", options, 1))
 	req.WAFRaw().RemoteAddr = "127.0.0.2"
-	t.Log(checkpoint.RequestValue(req, "requests", options))
+	t.Log(checkpoint.RequestValue(req, "requests", options, 1))
 	req.WAFRaw().RemoteAddr = "127.0.0.1"
-	t.Log(checkpoint.RequestValue(req, "requests", options))
+	t.Log(checkpoint.RequestValue(req, "requests", options, 1))
 	req.WAFRaw().RemoteAddr = "127.0.0.2"
-	t.Log(checkpoint.RequestValue(req, "requests", options))
+	t.Log(checkpoint.RequestValue(req, "requests", options, 1))
 	req.WAFRaw().RemoteAddr = "127.0.0.2"
-	t.Log(checkpoint.RequestValue(req, "requests", options))
+	t.Log(checkpoint.RequestValue(req, "requests", options, 1))
 	req.WAFRaw().RemoteAddr = "127.0.0.2"
-	t.Log(checkpoint.RequestValue(req, "requests", options))
+	t.Log(checkpoint.RequestValue(req, "requests", options, 1))
 }
--- a/internal/waf/checkpoints/checkpoint_interface.go
+++ b/internal/waf/checkpoints/checkpoint_interface.go
@@ -17,10 +17,10 @@ type CheckpointInterface interface {
 	IsComposed() bool
 	// RequestValue get request value
-	RequestValue(req requests.Request, param string, options maps.Map) (value interface{}, hasRequestBody bool, sysErr error, userErr error)
+	RequestValue(req requests.Request, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error)
 	// ResponseValue get response value
-	ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map) (value interface{}, hasRequestBody bool, sysErr error, userErr error)
+	ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error)
 	// ParamOptions param option list
 	ParamOptions() *ParamOptions
--- a/internal/waf/checkpoints/request_all.go
+++ b/internal/waf/checkpoints/request_all.go
@@ -11,7 +11,7 @@ type RequestAllCheckpoint struct {
 	Checkpoint
 }
-func (this *RequestAllCheckpoint) RequestValue(req requests.Request, param string, options maps.Map) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
+func (this *RequestAllCheckpoint) RequestValue(req requests.Request, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
 	valueBytes := []byte{}
 	if len(req.WAFRaw().RequestURI) > 0 {
 		valueBytes = append(valueBytes, req.WAFRaw().RequestURI...)
@@ -47,10 +47,10 @@ func (this *RequestAllCheckpoint) RequestValue(req requests.Request, param strin
 	return
 }
-func (this *RequestAllCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
+func (this *RequestAllCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
 	value = ""
 	if this.IsRequest() {
-		return this.RequestValue(req, param, options)
+		return this.RequestValue(req, param, options, ruleId)
 	}
 	return
 }
--- a/internal/waf/checkpoints/request_all_test.go
+++ b/internal/waf/checkpoints/request_all_test.go
@@ -18,7 +18,7 @@ func TestRequestAllCheckpoint_RequestValue(t *testing.T) {
 	}
 	checkpoint := new(RequestAllCheckpoint)
-	v, _, sysErr, userErr := checkpoint.RequestValue(requests.NewTestRequest(req), "", nil)
+	v, _, sysErr, userErr := checkpoint.RequestValue(requests.NewTestRequest(req), "", nil, 1)
 	if sysErr != nil {
 		t.Fatal(sysErr)
 	}
@@ -42,7 +42,7 @@ func TestRequestAllCheckpoint_RequestValue_Max(t *testing.T) {
 	}
 	checkpoint := new(RequestBodyCheckpoint)
-	value, _, err, _ := checkpoint.RequestValue(requests.NewTestRequest(req), "", nil)
+	value, _, err, _ := checkpoint.RequestValue(requests.NewTestRequest(req), "", nil, 1)
 	if err != nil {
 		t.Fatal(err)
 	}
@@ -65,6 +65,6 @@ func BenchmarkRequestAllCheckpoint_RequestValue(b *testing.B) {
 	checkpoint := new(RequestAllCheckpoint)
 	for i := 0; i < b.N; i++ {
-		_, _, _, _ = checkpoint.RequestValue(requests.NewTestRequest(req), "", nil)
+		_, _, _, _ = checkpoint.RequestValue(requests.NewTestRequest(req), "", nil, 1)
 	}
 }
--- a/internal/waf/checkpoints/request_arg.go
+++ b/internal/waf/checkpoints/request_arg.go
@@ -9,13 +9,13 @@ type RequestArgCheckpoint struct {
 	Checkpoint
 }
-func (this *RequestArgCheckpoint) RequestValue(req requests.Request, param string, options maps.Map) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
+func (this *RequestArgCheckpoint) RequestValue(req requests.Request, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
 	return req.WAFRaw().URL.Query().Get(param), hasRequestBody, nil, nil
 }
-func (this *RequestArgCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
+func (this *RequestArgCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
 	if this.IsRequest() {
-		return this.RequestValue(req, param, options)
+		return this.RequestValue(req, param, options, ruleId)
 	}
 	return
 }
--- a/internal/waf/checkpoints/request_arg_test.go
+++ b/internal/waf/checkpoints/request_arg_test.go
@@ -15,7 +15,7 @@ func TestArgParam_RequestValue(t *testing.T) {
 	req := requests.NewTestRequest(rawReq)
 	checkpoint := new(RequestArgCheckpoint)
-	t.Log(checkpoint.RequestValue(req, "name", nil))
+	t.Log(checkpoint.RequestValue(req, "name", nil, 1))
-	t.Log(checkpoint.ResponseValue(req, nil, "name", nil))
+	t.Log(checkpoint.ResponseValue(req, nil, "name", nil, 1))
-	t.Log(checkpoint.RequestValue(req, "name2", nil))
+	t.Log(checkpoint.RequestValue(req, "name2", nil, 1))
 }
--- a/internal/waf/checkpoints/request_args.go
+++ b/internal/waf/checkpoints/request_args.go
@@ -9,14 +9,14 @@ type RequestArgsCheckpoint struct {
 	Checkpoint
 }
-func (this *RequestArgsCheckpoint) RequestValue(req requests.Request, param string, options maps.Map) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
+func (this *RequestArgsCheckpoint) RequestValue(req requests.Request, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
 	value = req.WAFRaw().URL.RawQuery
 	return
 }
-func (this *RequestArgsCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
+func (this *RequestArgsCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
 	if this.IsRequest() {
-		return this.RequestValue(req, param, options)
+		return this.RequestValue(req, param, options, ruleId)
 	}
 	return
 }
--- a/internal/waf/checkpoints/request_body.go
+++ b/internal/waf/checkpoints/request_body.go
@@ -11,7 +11,7 @@ type RequestBodyCheckpoint struct {
 	Checkpoint
 }
-func (this *RequestBodyCheckpoint) RequestValue(req requests.Request, param string, options maps.Map) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
+func (this *RequestBodyCheckpoint) RequestValue(req requests.Request, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
 	if this.RequestBodyIsEmpty(req) {
 		value = ""
 		return
@@ -38,9 +38,9 @@ func (this *RequestBodyCheckpoint) RequestValue(req requests.Request, param stri
 	return bodyData, hasRequestBody, nil, nil
 }
-func (this *RequestBodyCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
+func (this *RequestBodyCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
 	if this.IsRequest() {
-		return this.RequestValue(req, param, options)
+		return this.RequestValue(req, param, options, ruleId)
 	}
 	return
 }
--- a/internal/waf/checkpoints/request_body_test.go
+++ b/internal/waf/checkpoints/request_body_test.go
@@ -17,7 +17,7 @@ func TestRequestBodyCheckpoint_RequestValue(t *testing.T) {
 	}
 	var req = requests.NewTestRequest(rawReq)
 	checkpoint := new(RequestBodyCheckpoint)
-	t.Log(checkpoint.RequestValue(req, "", nil))
+	t.Log(checkpoint.RequestValue(req, "", nil, 1))
 	body, err := ioutil.ReadAll(rawReq.Body)
 	if err != nil {
@@ -34,7 +34,7 @@ func TestRequestBodyCheckpoint_RequestValue_Max(t *testing.T) {
 	}
 	checkpoint := new(RequestBodyCheckpoint)
-	value, _, err, _ := checkpoint.RequestValue(requests.NewTestRequest(req), "", nil)
+	value, _, err, _ := checkpoint.RequestValue(requests.NewTestRequest(req), "", nil, 1)
 	if err != nil {
 		t.Fatal(err)
 	}
--- a/internal/waf/checkpoints/request_content_type.go
+++ b/internal/waf/checkpoints/request_content_type.go
@@ -9,14 +9,14 @@ type RequestContentTypeCheckpoint struct {
 	Checkpoint
 }
-func (this *RequestContentTypeCheckpoint) RequestValue(req requests.Request, param string, options maps.Map) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
+func (this *RequestContentTypeCheckpoint) RequestValue(req requests.Request, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
 	value = req.WAFRaw().Header.Get("Content-Type")
 	return
 }
-func (this *RequestContentTypeCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
+func (this *RequestContentTypeCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
 	if this.IsRequest() {
-		return this.RequestValue(req, param, options)
+		return this.RequestValue(req, param, options, ruleId)
 	}
 	return
 }
--- a/internal/waf/checkpoints/request_cookie.go
+++ b/internal/waf/checkpoints/request_cookie.go
@@ -9,7 +9,7 @@ type RequestCookieCheckpoint struct {
 	Checkpoint
 }
-func (this *RequestCookieCheckpoint) RequestValue(req requests.Request, param string, options maps.Map) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
+func (this *RequestCookieCheckpoint) RequestValue(req requests.Request, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
 	cookie, err := req.WAFRaw().Cookie(param)
 	if err != nil {
 		value = ""
@@ -20,9 +20,9 @@ func (this *RequestCookieCheckpoint) RequestValue(req requests.Request, param st
 	return
 }
-func (this *RequestCookieCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
+func (this *RequestCookieCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
 	if this.IsRequest() {
-		return this.RequestValue(req, param, options)
+		return this.RequestValue(req, param, options, ruleId)
 	}
 	return
 }
--- a/internal/waf/checkpoints/request_cookies.go
+++ b/internal/waf/checkpoints/request_cookies.go
@@ -11,7 +11,7 @@ type RequestCookiesCheckpoint struct {
 	Checkpoint
 }
-func (this *RequestCookiesCheckpoint) RequestValue(req requests.Request, param string, options maps.Map) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
+func (this *RequestCookiesCheckpoint) RequestValue(req requests.Request, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
 	var cookies = []string{}
 	for _, cookie := range req.WAFRaw().Cookies() {
 		cookies = append(cookies, url.QueryEscape(cookie.Name)+"="+url.QueryEscape(cookie.Value))
@@ -20,9 +20,9 @@ func (this *RequestCookiesCheckpoint) RequestValue(req requests.Request, param s
 	return
 }
-func (this *RequestCookiesCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
+func (this *RequestCookiesCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
 	if this.IsRequest() {
-		return this.RequestValue(req, param, options)
+		return this.RequestValue(req, param, options, ruleId)
 	}
 	return
 }
--- a/internal/waf/checkpoints/request_form_arg.go
+++ b/internal/waf/checkpoints/request_form_arg.go
@@ -12,7 +12,7 @@ type RequestFormArgCheckpoint struct {
 	Checkpoint
 }
-func (this *RequestFormArgCheckpoint) RequestValue(req requests.Request, param string, options maps.Map) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
+func (this *RequestFormArgCheckpoint) RequestValue(req requests.Request, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
 	hasRequestBody = true
 	if this.RequestBodyIsEmpty(req) {
@@ -42,9 +42,9 @@ func (this *RequestFormArgCheckpoint) RequestValue(req requests.Request, param s
 	return values.Get(param), hasRequestBody, nil, nil
 }
-func (this *RequestFormArgCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
+func (this *RequestFormArgCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
 	if this.IsRequest() {
-		return this.RequestValue(req, param, options)
+		return this.RequestValue(req, param, options, ruleId)
 	}
 	return
 }
--- a/internal/waf/checkpoints/request_form_arg_test.go
+++ b/internal/waf/checkpoints/request_form_arg_test.go
@@ -19,10 +19,10 @@ func TestRequestFormArgCheckpoint_RequestValue(t *testing.T) {
 	req.WAFRaw().Header.Set("Content-Type", "application/x-www-form-urlencoded")
 	checkpoint := new(RequestFormArgCheckpoint)
-	t.Log(checkpoint.RequestValue(req, "name", nil))
+	t.Log(checkpoint.RequestValue(req, "name", nil, 1))
-	t.Log(checkpoint.RequestValue(req, "age", nil))
+	t.Log(checkpoint.RequestValue(req, "age", nil, 1))
-	t.Log(checkpoint.RequestValue(req, "Hello", nil))
+	t.Log(checkpoint.RequestValue(req, "Hello", nil, 1))
-	t.Log(checkpoint.RequestValue(req, "encoded", nil))
+	t.Log(checkpoint.RequestValue(req, "encoded", nil, 1))
 	body, err := ioutil.ReadAll(req.WAFRaw().Body)
 	if err != nil {
--- a/internal/waf/checkpoints/request_general_header_length.go
+++ b/internal/waf/checkpoints/request_general_header_length.go
@@ -14,7 +14,7 @@ func (this *RequestGeneralHeaderLengthCheckpoint) IsComposed() bool {
 	return true
 }
-func (this *RequestGeneralHeaderLengthCheckpoint) RequestValue(req requests.Request, param string, options maps.Map) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
+func (this *RequestGeneralHeaderLengthCheckpoint) RequestValue(req requests.Request, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
 	value = false
 	var headers = options.GetSlice("headers")
@@ -35,6 +35,6 @@ func (this *RequestGeneralHeaderLengthCheckpoint) RequestValue(req requests.Requ
 	return
 }
-func (this *RequestGeneralHeaderLengthCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
+func (this *RequestGeneralHeaderLengthCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
 	return
 }
--- a/internal/waf/checkpoints/request_geo_city_name.go
+++ b/internal/waf/checkpoints/request_geo_city_name.go
@@ -15,11 +15,11 @@ func (this *RequestGeoCityNameCheckpoint) IsComposed() bool {
 	return false
 }
-func (this *RequestGeoCityNameCheckpoint) RequestValue(req requests.Request, param string, options maps.Map) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
+func (this *RequestGeoCityNameCheckpoint) RequestValue(req requests.Request, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
 	value = req.Format("${geo.city.name}")
 	return
 }
-func (this *RequestGeoCityNameCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
+func (this *RequestGeoCityNameCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
-	return this.RequestValue(req, param, options)
+	return this.RequestValue(req, param, options, ruleId)
 }
--- a/internal/waf/checkpoints/request_geo_country_name.go
+++ b/internal/waf/checkpoints/request_geo_country_name.go
@@ -15,11 +15,11 @@ func (this *RequestGeoCountryNameCheckpoint) IsComposed() bool {
 	return false
 }
-func (this *RequestGeoCountryNameCheckpoint) RequestValue(req requests.Request, param string, options maps.Map) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
+func (this *RequestGeoCountryNameCheckpoint) RequestValue(req requests.Request, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
 	value = req.Format("${geo.country.name}")
 	return
 }
-func (this *RequestGeoCountryNameCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
+func (this *RequestGeoCountryNameCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
-	return this.RequestValue(req, param, options)
+	return this.RequestValue(req, param, options, ruleId)
 }
--- a/internal/waf/checkpoints/request_geo_province_name.go
+++ b/internal/waf/checkpoints/request_geo_province_name.go
@@ -15,11 +15,11 @@ func (this *RequestGeoProvinceNameCheckpoint) IsComposed() bool {
 	return false
 }
-func (this *RequestGeoProvinceNameCheckpoint) RequestValue(req requests.Request, param string, options maps.Map) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
+func (this *RequestGeoProvinceNameCheckpoint) RequestValue(req requests.Request, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
 	value = req.Format("${geo.province.name}")
 	return
 }
-func (this *RequestGeoProvinceNameCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
+func (this *RequestGeoProvinceNameCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
-	return this.RequestValue(req, param, options)
+	return this.RequestValue(req, param, options, ruleId)
 }
--- a/internal/waf/checkpoints/request_header.go
+++ b/internal/waf/checkpoints/request_header.go
@@ -10,7 +10,7 @@ type RequestHeaderCheckpoint struct {
 	Checkpoint
 }
-func (this *RequestHeaderCheckpoint) RequestValue(req requests.Request, param string, options maps.Map) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
+func (this *RequestHeaderCheckpoint) RequestValue(req requests.Request, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
 	v, found := req.WAFRaw().Header[param]
 	if !found {
 		value = ""
@@ -20,9 +20,9 @@ func (this *RequestHeaderCheckpoint) RequestValue(req requests.Request, param st
 	return
 }
-func (this *RequestHeaderCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
+func (this *RequestHeaderCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
 	if this.IsRequest() {
-		return this.RequestValue(req, param, options)
+		return this.RequestValue(req, param, options, ruleId)
 	}
 	return
 }
--- a/internal/waf/checkpoints/request_headers.go
+++ b/internal/waf/checkpoints/request_headers.go
@@ -11,7 +11,7 @@ type RequestHeadersCheckpoint struct {
 	Checkpoint
 }
-func (this *RequestHeadersCheckpoint) RequestValue(req requests.Request, param string, options maps.Map) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
+func (this *RequestHeadersCheckpoint) RequestValue(req requests.Request, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
 	var headers = []string{}
 	for k, v := range req.WAFRaw().Header {
 		for _, subV := range v {
@@ -23,9 +23,9 @@ func (this *RequestHeadersCheckpoint) RequestValue(req requests.Request, param s
 	return
 }
-func (this *RequestHeadersCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
+func (this *RequestHeadersCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
 	if this.IsRequest() {
-		return this.RequestValue(req, param, options)
+		return this.RequestValue(req, param, options, ruleId)
 	}
 	return
 }
--- a/internal/waf/checkpoints/request_host.go
+++ b/internal/waf/checkpoints/request_host.go
@@ -9,14 +9,14 @@ type RequestHostCheckpoint struct {
 	Checkpoint
 }
-func (this *RequestHostCheckpoint) RequestValue(req requests.Request, param string, options maps.Map) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
+func (this *RequestHostCheckpoint) RequestValue(req requests.Request, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
 	value = req.WAFRaw().Host
 	return
 }
-func (this *RequestHostCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
+func (this *RequestHostCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
 	if this.IsRequest() {
-		return this.RequestValue(req, param, options)
+		return this.RequestValue(req, param, options, ruleId)
 	}
 	return
 }
--- a/internal/waf/checkpoints/request_host_test.go
+++ b/internal/waf/checkpoints/request_host_test.go
@@ -16,5 +16,5 @@ func TestRequestHostCheckpoint_RequestValue(t *testing.T) {
 	req.WAFRaw().Header.Set("Host", "cloud.teaos.cn")
 	checkpoint := new(RequestHostCheckpoint)
-	t.Log(checkpoint.RequestValue(req, "", nil))
+	t.Log(checkpoint.RequestValue(req, "", nil, 1))
 }
--- a/internal/waf/checkpoints/request_isp_name.go
+++ b/internal/waf/checkpoints/request_isp_name.go
@@ -15,11 +15,11 @@ func (this *RequestISPNameCheckpoint) IsComposed() bool {
 	return false
 }
-func (this *RequestISPNameCheckpoint) RequestValue(req requests.Request, param string, options maps.Map) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
+func (this *RequestISPNameCheckpoint) RequestValue(req requests.Request, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
 	value = req.Format("${isp.name}")
 	return
 }
-func (this *RequestISPNameCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
+func (this *RequestISPNameCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
-	return this.RequestValue(req, param, options)
+	return this.RequestValue(req, param, options, ruleId)
 }
--- a/internal/waf/checkpoints/request_json_arg.go
+++ b/internal/waf/checkpoints/request_json_arg.go
@@ -14,7 +14,7 @@ type RequestJSONArgCheckpoint struct {
 	Checkpoint
 }
-func (this *RequestJSONArgCheckpoint) RequestValue(req requests.Request, param string, options maps.Map) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
+func (this *RequestJSONArgCheckpoint) RequestValue(req requests.Request, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
 	var bodyData = req.WAFGetCacheBody()
 	hasRequestBody = true
 	if len(bodyData) == 0 {
@@ -42,9 +42,9 @@ func (this *RequestJSONArgCheckpoint) RequestValue(req requests.Request, param s
 	return "", hasRequestBody, nil, nil
 }
-func (this *RequestJSONArgCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
+func (this *RequestJSONArgCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
 	if this.IsRequest() {
-		return this.RequestValue(req, param, options)
+		return this.RequestValue(req, param, options, ruleId)
 	}
 	return
 }
--- a/internal/waf/checkpoints/request_json_arg_test.go
+++ b/internal/waf/checkpoints/request_json_arg_test.go
@@ -24,12 +24,12 @@ func TestRequestJSONArgCheckpoint_RequestValue_Map(t *testing.T) {
 	//req.Header.Set("Content-Type", "application/x-www-form-urlencoded")
 	checkpoint := new(RequestJSONArgCheckpoint)
-	t.Log(checkpoint.RequestValue(req, "name", nil))
+	t.Log(checkpoint.RequestValue(req, "name", nil, 1))
-	t.Log(checkpoint.RequestValue(req, "age", nil))
+	t.Log(checkpoint.RequestValue(req, "age", nil, 1))
-	t.Log(checkpoint.RequestValue(req, "Hello", nil))
+	t.Log(checkpoint.RequestValue(req, "Hello", nil, 1))
-	t.Log(checkpoint.RequestValue(req, "", nil))
+	t.Log(checkpoint.RequestValue(req, "", nil, 1))
-	t.Log(checkpoint.RequestValue(req, "books", nil))
+	t.Log(checkpoint.RequestValue(req, "books", nil, 1))
-	t.Log(checkpoint.RequestValue(req, "books.1", nil))
+	t.Log(checkpoint.RequestValue(req, "books.1", nil, 1))
 	body, err := ioutil.ReadAll(req.WAFRaw().Body)
 	if err != nil {
@@ -54,12 +54,12 @@ func TestRequestJSONArgCheckpoint_RequestValue_Array(t *testing.T) {
 	//req.Header.Set("Content-Type", "application/x-www-form-urlencoded")
 	checkpoint := new(RequestJSONArgCheckpoint)
-	t.Log(checkpoint.RequestValue(req, "0.name", nil))
+	t.Log(checkpoint.RequestValue(req, "0.name", nil, 1))
-	t.Log(checkpoint.RequestValue(req, "0.age", nil))
+	t.Log(checkpoint.RequestValue(req, "0.age", nil, 1))
-	t.Log(checkpoint.RequestValue(req, "0.Hello", nil))
+	t.Log(checkpoint.RequestValue(req, "0.Hello", nil, 1))
-	t.Log(checkpoint.RequestValue(req, "", nil))
+	t.Log(checkpoint.RequestValue(req, "", nil, 1))
-	t.Log(checkpoint.RequestValue(req, "0.books", nil))
+	t.Log(checkpoint.RequestValue(req, "0.books", nil, 1))
-	t.Log(checkpoint.RequestValue(req, "0.books.1", nil))
+	t.Log(checkpoint.RequestValue(req, "0.books.1", nil, 1))
 	body, err := ioutil.ReadAll(req.WAFRaw().Body)
 	if err != nil {
@@ -84,12 +84,12 @@ func TestRequestJSONArgCheckpoint_RequestValue_Error(t *testing.T) {
 	//req.Header.Set("Content-Type", "application/x-www-form-urlencoded")
 	checkpoint := new(RequestJSONArgCheckpoint)
-	t.Log(checkpoint.RequestValue(req, "0.name", nil))
+	t.Log(checkpoint.RequestValue(req, "0.name", nil, 1))
-	t.Log(checkpoint.RequestValue(req, "0.age", nil))
+	t.Log(checkpoint.RequestValue(req, "0.age", nil, 1))
-	t.Log(checkpoint.RequestValue(req, "0.Hello", nil))
+	t.Log(checkpoint.RequestValue(req, "0.Hello", nil, 1))
-	t.Log(checkpoint.RequestValue(req, "", nil))
+	t.Log(checkpoint.RequestValue(req, "", nil, 1))
-	t.Log(checkpoint.RequestValue(req, "0.books", nil))
+	t.Log(checkpoint.RequestValue(req, "0.books", nil, 1))
-	t.Log(checkpoint.RequestValue(req, "0.books.1", nil))
+	t.Log(checkpoint.RequestValue(req, "0.books.1", nil, 1))
 	body, err := ioutil.ReadAll(req.WAFRaw().Body)
 	if err != nil {
--- a/internal/waf/checkpoints/request_length.go
+++ b/internal/waf/checkpoints/request_length.go
@@ -9,14 +9,14 @@ type RequestLengthCheckpoint struct {
 	Checkpoint
 }
-func (this *RequestLengthCheckpoint) RequestValue(req requests.Request, param string, options maps.Map) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
+func (this *RequestLengthCheckpoint) RequestValue(req requests.Request, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
 	value = req.WAFRaw().ContentLength
 	return
 }
-func (this *RequestLengthCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
+func (this *RequestLengthCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
 	if this.IsRequest() {
-		return this.RequestValue(req, param, options)
+		return this.RequestValue(req, param, options, ruleId)
 	}
 	return
 }
--- a/internal/waf/checkpoints/request_method.go
+++ b/internal/waf/checkpoints/request_method.go
@@ -9,14 +9,14 @@ type RequestMethodCheckpoint struct {
 	Checkpoint
 }
-func (this *RequestMethodCheckpoint) RequestValue(req requests.Request, param string, options maps.Map) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
+func (this *RequestMethodCheckpoint) RequestValue(req requests.Request, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
 	value = req.WAFRaw().Method
 	return
 }
-func (this *RequestMethodCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
+func (this *RequestMethodCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
 	if this.IsRequest() {
-		return this.RequestValue(req, param, options)
+		return this.RequestValue(req, param, options, ruleId)
 	}
 	return
 }
--- a/internal/waf/checkpoints/request_path.go
+++ b/internal/waf/checkpoints/request_path.go
@@ -9,13 +9,13 @@ type RequestPathCheckpoint struct {
 	Checkpoint
 }
-func (this *RequestPathCheckpoint) RequestValue(req requests.Request, param string, options maps.Map) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
+func (this *RequestPathCheckpoint) RequestValue(req requests.Request, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
 	return req.WAFRaw().URL.Path, false, nil, nil
 }
-func (this *RequestPathCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
+func (this *RequestPathCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
 	if this.IsRequest() {
-		return this.RequestValue(req, param, options)
+		return this.RequestValue(req, param, options, ruleId)
 	}
 	return
 }
--- a/internal/waf/checkpoints/request_path_test.go
+++ b/internal/waf/checkpoints/request_path_test.go
@@ -14,5 +14,5 @@ func TestRequestPathCheckpoint_RequestValue(t *testing.T) {
 	req := requests.NewTestRequest(rawReq)
 	checkpoint := new(RequestPathCheckpoint)
-	t.Log(checkpoint.RequestValue(req, "", nil))
+	t.Log(checkpoint.RequestValue(req, "", nil, 1))
 }
--- a/internal/waf/checkpoints/request_proto.go
+++ b/internal/waf/checkpoints/request_proto.go
@@ -9,14 +9,14 @@ type RequestProtoCheckpoint struct {
 	Checkpoint
 }
-func (this *RequestProtoCheckpoint) RequestValue(req requests.Request, param string, options maps.Map) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
+func (this *RequestProtoCheckpoint) RequestValue(req requests.Request, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
 	value = req.WAFRaw().Proto
 	return
 }
-func (this *RequestProtoCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
+func (this *RequestProtoCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
 	if this.IsRequest() {
-		return this.RequestValue(req, param, options)
+		return this.RequestValue(req, param, options, ruleId)
 	}
 	return
 }
--- a/internal/waf/checkpoints/request_raw_remote_addr.go
+++ b/internal/waf/checkpoints/request_raw_remote_addr.go
@@ -10,7 +10,7 @@ type RequestRawRemoteAddrCheckpoint struct {
 	Checkpoint
 }
-func (this *RequestRawRemoteAddrCheckpoint) RequestValue(req requests.Request, param string, options maps.Map) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
+func (this *RequestRawRemoteAddrCheckpoint) RequestValue(req requests.Request, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
 	host, _, err := net.SplitHostPort(req.WAFRaw().RemoteAddr)
 	if err == nil {
 		value = host
@@ -20,9 +20,9 @@ func (this *RequestRawRemoteAddrCheckpoint) RequestValue(req requests.Request, p
 	return
 }
-func (this *RequestRawRemoteAddrCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
+func (this *RequestRawRemoteAddrCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
 	if this.IsRequest() {
-		return this.RequestValue(req, param, options)
+		return this.RequestValue(req, param, options, ruleId)
 	}
 	return
 }
--- a/internal/waf/checkpoints/request_referer.go
+++ b/internal/waf/checkpoints/request_referer.go
@@ -9,14 +9,14 @@ type RequestRefererCheckpoint struct {
 	Checkpoint
 }
-func (this *RequestRefererCheckpoint) RequestValue(req requests.Request, param string, options maps.Map) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
+func (this *RequestRefererCheckpoint) RequestValue(req requests.Request, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
 	value = req.WAFRaw().Referer()
 	return
 }
-func (this *RequestRefererCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
+func (this *RequestRefererCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
 	if this.IsRequest() {
-		return this.RequestValue(req, param, options)
+		return this.RequestValue(req, param, options, ruleId)
 	}
 	return
 }
--- a/internal/waf/checkpoints/request_referer_block.go
+++ b/internal/waf/checkpoints/request_referer_block.go
@@ -17,7 +17,7 @@ type RequestRefererBlockCheckpoint struct {
 // RequestValue 计算checkpoint值
 // 选项：allowEmpty, allowSameDomain, allowDomains
-func (this *RequestRefererBlockCheckpoint) RequestValue(req requests.Request, param string, options maps.Map) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
+func (this *RequestRefererBlockCheckpoint) RequestValue(req requests.Request, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
 	var referer = req.WAFRaw().Referer()
 	if len(referer) == 0 {
@@ -61,6 +61,6 @@ func (this *RequestRefererBlockCheckpoint) RequestValue(req requests.Request, pa
 	return
 }
-func (this *RequestRefererBlockCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
+func (this *RequestRefererBlockCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
 	return
 }
--- a/internal/waf/checkpoints/request_remote_addr.go
+++ b/internal/waf/checkpoints/request_remote_addr.go
@@ -9,14 +9,14 @@ type RequestRemoteAddrCheckpoint struct {
 	Checkpoint
 }
-func (this *RequestRemoteAddrCheckpoint) RequestValue(req requests.Request, param string, options maps.Map) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
+func (this *RequestRemoteAddrCheckpoint) RequestValue(req requests.Request, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
 	value = req.WAFRemoteIP()
 	return
 }
-func (this *RequestRemoteAddrCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
+func (this *RequestRemoteAddrCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
 	if this.IsRequest() {
-		return this.RequestValue(req, param, options)
+		return this.RequestValue(req, param, options, ruleId)
 	}
 	return
 }
--- a/internal/waf/checkpoints/request_remote_port.go
+++ b/internal/waf/checkpoints/request_remote_port.go
@@ -11,7 +11,7 @@ type RequestRemotePortCheckpoint struct {
 	Checkpoint
 }
-func (this *RequestRemotePortCheckpoint) RequestValue(req requests.Request, param string, options maps.Map) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
+func (this *RequestRemotePortCheckpoint) RequestValue(req requests.Request, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
 	_, port, err := net.SplitHostPort(req.WAFRaw().RemoteAddr)
 	if err == nil {
 		value = types.Int(port)
@@ -21,9 +21,9 @@ func (this *RequestRemotePortCheckpoint) RequestValue(req requests.Request, para
 	return
 }
-func (this *RequestRemotePortCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
+func (this *RequestRemotePortCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
 	if this.IsRequest() {
-		return this.RequestValue(req, param, options)
+		return this.RequestValue(req, param, options, ruleId)
 	}
 	return
 }
--- a/internal/waf/checkpoints/request_remote_user.go
+++ b/internal/waf/checkpoints/request_remote_user.go
@@ -9,7 +9,7 @@ type RequestRemoteUserCheckpoint struct {
 	Checkpoint
 }
-func (this *RequestRemoteUserCheckpoint) RequestValue(req requests.Request, param string, options maps.Map) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
+func (this *RequestRemoteUserCheckpoint) RequestValue(req requests.Request, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
 	username, _, ok := req.WAFRaw().BasicAuth()
 	if !ok {
 		value = ""
@@ -19,9 +19,9 @@ func (this *RequestRemoteUserCheckpoint) RequestValue(req requests.Request, para
 	return
 }
-func (this *RequestRemoteUserCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
+func (this *RequestRemoteUserCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
 	if this.IsRequest() {
-		return this.RequestValue(req, param, options)
+		return this.RequestValue(req, param, options, ruleId)
 	}
 	return
 }
--- a/internal/waf/checkpoints/request_scheme.go
+++ b/internal/waf/checkpoints/request_scheme.go
@@ -9,14 +9,14 @@ type RequestSchemeCheckpoint struct {
 	Checkpoint
 }
-func (this *RequestSchemeCheckpoint) RequestValue(req requests.Request, param string, options maps.Map) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
+func (this *RequestSchemeCheckpoint) RequestValue(req requests.Request, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
 	value = req.Format("${scheme}")
 	return
 }
-func (this *RequestSchemeCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
+func (this *RequestSchemeCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
 	if this.IsRequest() {
-		return this.RequestValue(req, param, options)
+		return this.RequestValue(req, param, options, ruleId)
 	}
 	return
 }
--- a/internal/waf/checkpoints/request_scheme_test.go
+++ b/internal/waf/checkpoints/request_scheme_test.go
@@ -14,5 +14,5 @@ func TestRequestSchemeCheckpoint_RequestValue(t *testing.T) {
 	req := requests.NewTestRequest(rawReq)
 	checkpoint := new(RequestSchemeCheckpoint)
-	t.Log(checkpoint.RequestValue(req, "", nil))
+	t.Log(checkpoint.RequestValue(req, "", nil, 1))
 }
--- a/internal/waf/checkpoints/request_upload.go
+++ b/internal/waf/checkpoints/request_upload.go
@@ -17,7 +17,7 @@ type RequestUploadCheckpoint struct {
 	Checkpoint
 }
-func (this *RequestUploadCheckpoint) RequestValue(req requests.Request, param string, options maps.Map) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
+func (this *RequestUploadCheckpoint) RequestValue(req requests.Request, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
 	if this.RequestBodyIsEmpty(req) {
 		value = ""
 		return
@@ -122,9 +122,9 @@ func (this *RequestUploadCheckpoint) RequestValue(req requests.Request, param st
 	return
 }
-func (this *RequestUploadCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
+func (this *RequestUploadCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
 	if this.IsRequest() {
-		return this.RequestValue(req, param, options)
+		return this.RequestValue(req, param, options, ruleId)
 	}
 	return
 }
--- a/internal/waf/checkpoints/request_upload_test.go
+++ b/internal/waf/checkpoints/request_upload_test.go
@@ -88,11 +88,11 @@ func TestRequestUploadCheckpoint_RequestValue(t *testing.T) {
 	req.WAFRaw().Header.Add("Content-Type", writer.FormDataContentType())
 	checkpoint := new(RequestUploadCheckpoint)
-	t.Log(checkpoint.RequestValue(req, "field", nil))
+	t.Log(checkpoint.RequestValue(req, "field", nil, 1))
-	t.Log(checkpoint.RequestValue(req, "minSize", nil))
+	t.Log(checkpoint.RequestValue(req, "minSize", nil, 1))
-	t.Log(checkpoint.RequestValue(req, "maxSize", nil))
+	t.Log(checkpoint.RequestValue(req, "maxSize", nil, 1))
-	t.Log(checkpoint.RequestValue(req, "name", nil))
+	t.Log(checkpoint.RequestValue(req, "name", nil, 1))
-	t.Log(checkpoint.RequestValue(req, "ext", nil))
+	t.Log(checkpoint.RequestValue(req, "ext", nil, 1))
 	data, err := ioutil.ReadAll(req.WAFRaw().Body)
 	if err != nil {
--- a/internal/waf/checkpoints/request_uri.go
+++ b/internal/waf/checkpoints/request_uri.go
@@ -9,7 +9,7 @@ type RequestURICheckpoint struct {
 	Checkpoint
 }
-func (this *RequestURICheckpoint) RequestValue(req requests.Request, param string, options maps.Map) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
+func (this *RequestURICheckpoint) RequestValue(req requests.Request, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
 	if len(req.WAFRaw().RequestURI) > 0 {
 		value = req.WAFRaw().RequestURI
 	} else if req.WAFRaw().URL != nil {
@@ -18,9 +18,9 @@ func (this *RequestURICheckpoint) RequestValue(req requests.Request, param strin
 	return
 }
-func (this *RequestURICheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
+func (this *RequestURICheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
 	if this.IsRequest() {
-		return this.RequestValue(req, param, options)
+		return this.RequestValue(req, param, options, ruleId)
 	}
 	return
 }
--- a/internal/waf/checkpoints/request_url.go
+++ b/internal/waf/checkpoints/request_url.go
@@ -9,13 +9,13 @@ type RequestURLCheckpoint struct {
 	Checkpoint
 }
-func (this *RequestURLCheckpoint) RequestValue(req requests.Request, param string, options maps.Map) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
+func (this *RequestURLCheckpoint) RequestValue(req requests.Request, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
 	return req.Format("${requestURL}"), hasRequestBody, nil, nil
 }
-func (this *RequestURLCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
+func (this *RequestURLCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
 	if this.IsRequest() {
-		return this.RequestValue(req, param, options)
+		return this.RequestValue(req, param, options, ruleId)
 	}
 	return
 }
--- a/internal/waf/checkpoints/request_user_agent.go
+++ b/internal/waf/checkpoints/request_user_agent.go
@@ -9,14 +9,14 @@ type RequestUserAgentCheckpoint struct {
 	Checkpoint
 }
-func (this *RequestUserAgentCheckpoint) RequestValue(req requests.Request, param string, options maps.Map) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
+func (this *RequestUserAgentCheckpoint) RequestValue(req requests.Request, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
 	value = req.WAFRaw().UserAgent()
 	return
 }
-func (this *RequestUserAgentCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
+func (this *RequestUserAgentCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
 	if this.IsRequest() {
-		return this.RequestValue(req, param, options)
+		return this.RequestValue(req, param, options, ruleId)
 	}
 	return
 }
--- a/internal/waf/checkpoints/response_body.go
+++ b/internal/waf/checkpoints/response_body.go
@@ -16,12 +16,12 @@ func (this *ResponseBodyCheckpoint) IsRequest() bool {
 	return false
 }
-func (this *ResponseBodyCheckpoint) RequestValue(req requests.Request, param string, options maps.Map) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
+func (this *ResponseBodyCheckpoint) RequestValue(req requests.Request, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
 	value = ""
 	return
 }
-func (this *ResponseBodyCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
+func (this *ResponseBodyCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
 	if resp.ContentLength == 0 {
 		value = ""
 		return
--- a/internal/waf/checkpoints/response_body_test.go
+++ b/internal/waf/checkpoints/response_body_test.go
@@ -16,10 +16,10 @@ func TestResponseBodyCheckpoint_ResponseValue(t *testing.T) {
 	resp.Body = ioutil.NopCloser(bytes.NewBuffer([]byte("Hello, World")))
 	checkpoint := new(ResponseBodyCheckpoint)
-	t.Log(checkpoint.ResponseValue(nil, resp, "", nil))
+	t.Log(checkpoint.ResponseValue(nil, resp, "", nil, 1))
-	t.Log(checkpoint.ResponseValue(nil, resp, "", nil))
+	t.Log(checkpoint.ResponseValue(nil, resp, "", nil, 1))
-	t.Log(checkpoint.ResponseValue(nil, resp, "", nil))
+	t.Log(checkpoint.ResponseValue(nil, resp, "", nil, 1))
-	t.Log(checkpoint.ResponseValue(nil, resp, "", nil))
+	t.Log(checkpoint.ResponseValue(nil, resp, "", nil, 1))
 	data, err := ioutil.ReadAll(resp.Body)
 	if err != nil {
--- a/internal/waf/checkpoints/response_bytes_sent.go
+++ b/internal/waf/checkpoints/response_bytes_sent.go
@@ -14,12 +14,12 @@ func (this *ResponseBytesSentCheckpoint) IsRequest() bool {
 	return false
 }
-func (this *ResponseBytesSentCheckpoint) RequestValue(req requests.Request, param string, options maps.Map) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
+func (this *ResponseBytesSentCheckpoint) RequestValue(req requests.Request, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
 	value = 0
 	return
 }
-func (this *ResponseBytesSentCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
+func (this *ResponseBytesSentCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
 	value = 0
 	if resp != nil {
 		value = resp.ContentLength
--- a/internal/waf/checkpoints/response_general_header_length.go
+++ b/internal/waf/checkpoints/response_general_header_length.go
@@ -18,12 +18,12 @@ func (this *ResponseGeneralHeaderLengthCheckpoint) IsComposed() bool {
 	return true
 }
-func (this *ResponseGeneralHeaderLengthCheckpoint) RequestValue(req requests.Request, param string, options maps.Map) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
+func (this *ResponseGeneralHeaderLengthCheckpoint) RequestValue(req requests.Request, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
 	return
 }
-func (this *ResponseGeneralHeaderLengthCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
+func (this *ResponseGeneralHeaderLengthCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
 	value = false
 	headers := options.GetSlice("headers")
--- a/internal/waf/checkpoints/response_header.go
+++ b/internal/waf/checkpoints/response_header.go
@@ -14,12 +14,12 @@ func (this *ResponseHeaderCheckpoint) IsRequest() bool {
 	return false
 }
-func (this *ResponseHeaderCheckpoint) RequestValue(req requests.Request, param string, options maps.Map) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
+func (this *ResponseHeaderCheckpoint) RequestValue(req requests.Request, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
 	value = ""
 	return
 }
-func (this *ResponseHeaderCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
+func (this *ResponseHeaderCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
 	if resp != nil && resp.Header != nil {
 		value = resp.Header.Get(param)
 	} else {
--- a/internal/waf/checkpoints/response_header_test.go
+++ b/internal/waf/checkpoints/response_header_test.go
@@ -13,5 +13,5 @@ func TestResponseHeaderCheckpoint_ResponseValue(t *testing.T) {
 	resp.Header.Set("Hello", "World")
 	checkpoint := new(ResponseHeaderCheckpoint)
-	t.Log(checkpoint.ResponseValue(nil, resp, "Hello", nil))
+	t.Log(checkpoint.ResponseValue(nil, resp, "Hello", nil, 1))
 }
--- a/internal/waf/checkpoints/response_status.go
+++ b/internal/waf/checkpoints/response_status.go
@@ -14,12 +14,12 @@ func (this *ResponseStatusCheckpoint) IsRequest() bool {
 	return false
 }
-func (this *ResponseStatusCheckpoint) RequestValue(req requests.Request, param string, options maps.Map) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
+func (this *ResponseStatusCheckpoint) RequestValue(req requests.Request, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
 	value = 0
 	return
 }
-func (this *ResponseStatusCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
+func (this *ResponseStatusCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
 	if resp != nil {
 		value = resp.StatusCode
 	}
--- a/internal/waf/checkpoints/response_status_test.go
+++ b/internal/waf/checkpoints/response_status_test.go
@@ -11,5 +11,5 @@ func TestResponseStatusCheckpoint_ResponseValue(t *testing.T) {
 	resp.StatusCode = 200
 	checkpoint := new(ResponseStatusCheckpoint)
-	t.Log(checkpoint.ResponseValue(nil, resp, "", nil))
+	t.Log(checkpoint.ResponseValue(nil, resp, "", nil, 1))
 }
--- a/internal/waf/checkpoints/sample_request.go
+++ b/internal/waf/checkpoints/sample_request.go
@@ -10,13 +10,13 @@ type SampleRequestCheckpoint struct {
 	Checkpoint
 }
-func (this *SampleRequestCheckpoint) RequestValue(req requests.Request, param string, options maps.Map) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
+func (this *SampleRequestCheckpoint) RequestValue(req requests.Request, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
 	return
 }
-func (this *SampleRequestCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
+func (this *SampleRequestCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
 	if this.IsRequest() {
-		return this.RequestValue(req, param, options)
+		return this.RequestValue(req, param, options, ruleId)
 	}
 	return
 }
--- a/internal/waf/checkpoints/sample_response.go
+++ b/internal/waf/checkpoints/sample_response.go
@@ -2,9 +2,10 @@ package checkpoints
 import (
 	"github.com/TeaOSLab/EdgeNode/internal/waf/requests"
 	"github.com/iwind/TeaGo/maps"
 )
-// just a sample checkpoint, copy and change it for your new checkpoint
+// SampleResponseCheckpoint just a sample checkpoint, copy and change it for your new checkpoint
 type SampleResponseCheckpoint struct {
 	Checkpoint
 }
@@ -13,10 +14,10 @@ func (this *SampleResponseCheckpoint) IsRequest() bool {
 	return false
 }
-func (this *SampleResponseCheckpoint) RequestValue(req *requests.Request, param string, options map[string]string) (value interface{}, sysErr error, userErr error) {
+func (this *SampleResponseCheckpoint) RequestValue(req requests.Request, param string, options maps.Map, ruleId int64) (value interface{}, sysErr error, userErr error) {
 	return
 }
-func (this *SampleResponseCheckpoint) ResponseValue(req *requests.Request, resp *requests.Response, param string, options map[string]string) (value interface{}, sysErr error, userErr error) {
+func (this *SampleResponseCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
 	return
 }
--- a/internal/waf/rule.go
+++ b/internal/waf/rule.go
@@ -26,6 +26,8 @@ var singleParamRegexp = regexp.MustCompile("^\\${[\\w.-]+}$")
 // Rule
 type Rule struct {
 	Id int64
 	Description       string                 `yaml:"description" json:"description"`
 	Param             string                 `yaml:"param" json:"param"` // such as ${arg.name} or ${args}, can be composite as ${arg.firstName}${arg.lastName}
 	ParamFilters      []*ParamFilter         `yaml:"paramFilters" json:"paramFilters"`
@@ -186,7 +188,7 @@ func (this *Rule) Init() error {
 func (this *Rule) MatchRequest(req requests.Request) (b bool, hasRequestBody bool, err error) {
 	if this.singleCheckpoint != nil {
-		value, hasCheckedRequestBody, err, _ := this.singleCheckpoint.RequestValue(req, this.singleParam, this.CheckpointOptions)
+		value, hasCheckedRequestBody, err, _ := this.singleCheckpoint.RequestValue(req, this.singleParam, this.CheckpointOptions, this.Id)
 		if hasCheckedRequestBody {
 			hasRequestBody = true
 		}
@@ -216,7 +218,7 @@ func (this *Rule) MatchRequest(req requests.Request) (b bool, hasRequestBody boo
 		}
 		if len(pieces) == 1 {
-			value1, hasCheckRequestBody, err1, _ := point.RequestValue(req, "", this.CheckpointOptions)
+			value1, hasCheckRequestBody, err1, _ := point.RequestValue(req, "", this.CheckpointOptions, this.Id)
 			if hasCheckRequestBody {
 				hasRequestBody = true
 			}
@@ -226,7 +228,7 @@ func (this *Rule) MatchRequest(req requests.Request) (b bool, hasRequestBody boo
 			return types.String(value1)
 		}
-		value1, hasCheckRequestBody, err1, _ := point.RequestValue(req, pieces[1], this.CheckpointOptions)
+		value1, hasCheckRequestBody, err1, _ := point.RequestValue(req, pieces[1], this.CheckpointOptions, this.Id)
 		if hasCheckRequestBody {
 			hasRequestBody = true
 		}
@@ -247,7 +249,7 @@ func (this *Rule) MatchResponse(req requests.Request, resp *requests.Response) (
 	if this.singleCheckpoint != nil {
 		// if is request param
 		if this.singleCheckpoint.IsRequest() {
-			value, hasCheckRequestBody, err, _ := this.singleCheckpoint.RequestValue(req, this.singleParam, this.CheckpointOptions)
+			value, hasCheckRequestBody, err, _ := this.singleCheckpoint.RequestValue(req, this.singleParam, this.CheckpointOptions, this.Id)
 			if hasCheckRequestBody {
 				hasRequestBody = true
 			}
@@ -264,7 +266,7 @@ func (this *Rule) MatchResponse(req requests.Request, resp *requests.Response) (
 		}
 		// response param
-		value, hasCheckRequestBody, err, _ := this.singleCheckpoint.ResponseValue(req, resp, this.singleParam, this.CheckpointOptions)
+		value, hasCheckRequestBody, err, _ := this.singleCheckpoint.ResponseValue(req, resp, this.singleParam, this.CheckpointOptions, this.Id)
 		if hasCheckRequestBody {
 			hasRequestBody = true
 		}
@@ -290,7 +292,7 @@ func (this *Rule) MatchResponse(req requests.Request, resp *requests.Response) (
 		if len(pieces) == 1 {
 			if point.IsRequest() {
-				value1, hasCheckRequestBody, err1, _ := point.RequestValue(req, "", this.CheckpointOptions)
+				value1, hasCheckRequestBody, err1, _ := point.RequestValue(req, "", this.CheckpointOptions, this.Id)
 				if hasCheckRequestBody {
 					hasRequestBody = true
 				}
@@ -299,7 +301,7 @@ func (this *Rule) MatchResponse(req requests.Request, resp *requests.Response) (
 				}
 				return types.String(value1)
 			} else {
-				value1, hasCheckRequestBody, err1, _ := point.ResponseValue(req, resp, "", this.CheckpointOptions)
+				value1, hasCheckRequestBody, err1, _ := point.ResponseValue(req, resp, "", this.CheckpointOptions, this.Id)
 				if hasCheckRequestBody {
 					hasRequestBody = true
 				}
@@ -311,7 +313,7 @@ func (this *Rule) MatchResponse(req requests.Request, resp *requests.Response) (
 		}
 		if point.IsRequest() {
-			value1, hasCheckRequestBody, err1, _ := point.RequestValue(req, pieces[1], this.CheckpointOptions)
+			value1, hasCheckRequestBody, err1, _ := point.RequestValue(req, pieces[1], this.CheckpointOptions, this.Id)
 			if hasCheckRequestBody {
 				hasRequestBody = true
 			}
@@ -320,7 +322,7 @@ func (this *Rule) MatchResponse(req requests.Request, resp *requests.Response) (
 			}
 			return types.String(value1)
 		} else {
-			value1, hasCheckRequestBody, err1, _ := point.ResponseValue(req, resp, pieces[1], this.CheckpointOptions)
+			value1, hasCheckRequestBody, err1, _ := point.ResponseValue(req, resp, pieces[1], this.CheckpointOptions, this.Id)
 			if hasCheckRequestBody {
 				hasRequestBody = true
 			}
--- a/internal/waf/waf_manager.go
+++ b/internal/waf/waf_manager.go
@@ -97,6 +97,7 @@ func (this *WAFManager) ConvertWAF(policy *firewallconfigs.HTTPFirewallPolicy) (
 				// rules
 				for _, rule := range set.Rules {
 					r := &Rule{
 						Id:                rule.Id,
 						Description:       rule.Description,
 						Param:             rule.Param,
 						ParamFilters:      []*ParamFilter{},
@@ -154,6 +155,7 @@ func (this *WAFManager) ConvertWAF(policy *firewallconfigs.HTTPFirewallPolicy) (
 				// rules
 				for _, rule := range set.Rules {
 					r := &Rule{
 						Id:                rule.Id,
 						Description:       rule.Description,
 						Param:             rule.Param,
 						Operator:          rule.Operator,