IP名单中IP创建时保存相关节点、服务、WAF策略信息

2025-11-03 23:20:25 +08:00 · 2021-11-16 16:11:05 +08:00
parent d8edc0d2bf
commit 79c2cb7b73
13 changed files with 62 additions and 50 deletions
--- a/internal/waf/action_record_ip.go
+++ b/internal/waf/action_record_ip.go
@@ -2,10 +2,12 @@ package waf

 import (
 	"github.com/TeaOSLab/EdgeCommon/pkg/rpc/pb"
+	teaconst "github.com/TeaOSLab/EdgeNode/internal/const"
 	"github.com/TeaOSLab/EdgeNode/internal/events"
 	"github.com/TeaOSLab/EdgeNode/internal/remotelogs"
 	"github.com/TeaOSLab/EdgeNode/internal/rpc"
 	"github.com/TeaOSLab/EdgeNode/internal/waf/requests"
+	"github.com/iwind/TeaGo/types"
 	"net/http"
 	"strings"
 	"time"
@@ -16,6 +18,11 @@ type recordIPTask struct {
 	listId    int64
 	expiredAt int64
 	level     string
+
+	sourceServerId                int64
+	sourceHTTPFirewallPolicyId    int64
+	sourceHTTPFirewallRuleGroupId int64
+	sourceHTTPFirewallRuleSetId   int64
 }

 var recordIPTaskChan = make(chan *recordIPTask, 1024)
@@ -35,13 +42,18 @@ func init() {
 					ipType = "ipv6"
 				}
 				_, err = rpcClient.IPItemRPC().CreateIPItem(rpcClient.Context(), &pb.CreateIPItemRequest{
-					IpListId:   task.listId,
-					IpFrom:     task.ip,
-					IpTo:       "",
-					ExpiredAt:  task.expiredAt,
-					Reason:     "触发WAF规则自动加入",
-					Type:       ipType,
-					EventLevel: task.level,
+					IpListId:                      task.listId,
+					IpFrom:                        task.ip,
+					IpTo:                          "",
+					ExpiredAt:                     task.expiredAt,
+					Reason:                        "触发WAF规则自动加入",
+					Type:                          ipType,
+					EventLevel:                    task.level,
+					SourceNodeId:                  teaconst.NodeId,
+					SourceServerId:                task.sourceServerId,
+					SourceHTTPFirewallPolicyId:    task.sourceHTTPFirewallPolicyId,
+					SourceHTTPFirewallRuleGroupId: task.sourceHTTPFirewallRuleGroupId,
+					SourceHTTPFirewallRuleSetId:   task.sourceHTTPFirewallRuleSetId,
 				})
 				if err != nil {
 					remotelogs.Error("WAF_RECORD_IP_ACTION", "create ip item failed: "+err.Error())
@@ -79,7 +91,7 @@ func (this *RecordIPAction) WillChange() bool {

 func (this *RecordIPAction) Perform(waf *WAF, group *RuleGroup, set *RuleSet, request requests.Request, writer http.ResponseWriter) (allow bool) {
 	// 是否在本地白名单中
-	if SharedIPWhiteList.Contains("set:"+set.Id, this.Scope, request.WAFServerId(), request.WAFRemoteIP()) {
+	if SharedIPWhiteList.Contains("set:"+types.String(set.Id), this.Scope, request.WAFServerId(), request.WAFRemoteIP()) {
 		return true
 	}

@@ -98,17 +110,21 @@ func (this *RecordIPAction) Perform(waf *WAF, group *RuleGroup, set *RuleSet, re
 		SharedIPBlackList.Add(IPTypeAll, this.Scope, request.WAFServerId(), request.WAFRemoteIP(), expiredAt)
 	} else {
 		// 加入本地白名单
-		SharedIPWhiteList.Add("set:"+set.Id, this.Scope, request.WAFServerId(), request.WAFRemoteIP(), expiredAt)
+		SharedIPWhiteList.Add("set:"+types.String(set.Id), this.Scope, request.WAFServerId(), request.WAFRemoteIP(), expiredAt)
 	}

 	// 上报
 	if this.IPListId > 0 {
 		select {
 		case recordIPTaskChan <- &recordIPTask{
-			ip:        request.WAFRemoteIP(),
-			listId:    this.IPListId,
-			expiredAt: expiredAt,
-			level:     this.Level,
+			ip:                            request.WAFRemoteIP(),
+			listId:                        this.IPListId,
+			expiredAt:                     expiredAt,
+			level:                         this.Level,
+			sourceServerId:                request.WAFServerId(),
+			sourceHTTPFirewallPolicyId:    waf.Id,
+			sourceHTTPFirewallRuleGroupId: group.Id,
+			sourceHTTPFirewallRuleSetId:   set.Id,
 		}:
 		default: