WAF动作record_ip返回403/优化关闭连接方法

internal/waf/action_base.go

@@ -2,20 +2,5 @@
 
 package waf
 
-import "net/http"
-
 type BaseAction struct {
 }
-
-// CloseConn 关闭连接
-func (this *BaseAction) CloseConn(writer http.ResponseWriter) error {
-	// 断开连接
-	hijack, ok := writer.(http.Hijacker)
-	if ok {
-		conn, _, err := hijack.Hijack()
-		if err == nil {
-			return conn.Close()
-		}
-	}
-	return nil
-}

internal/waf/action_get_302.go

@@ -66,7 +66,7 @@ func (this *Get302Action) Perform(waf *WAF, group *RuleGroup, set *RuleSet, requ
 
 	// 关闭连接
 	if request.WAFRaw().ProtoMajor == 1 {
-		_ = this.CloseConn(writer)
+		request.WAFClose()
 	}
 
 	return true

internal/waf/action_post_307.go

@@ -82,7 +82,7 @@ func (this *Post307Action) Perform(waf *WAF, group *RuleGroup, set *RuleSet, req
 	http.Redirect(writer, request.WAFRaw(), request.WAFRaw().URL.String(), http.StatusTemporaryRedirect)
 
 	if request.WAFRaw().ProtoMajor == 1 {
-		_ = this.CloseConn(writer)
+		request.WAFClose()
 	}
 
 	return true

internal/waf/action_record_ip.go

@@ -90,7 +90,9 @@ func (this *RecordIPAction) Perform(waf *WAF, group *RuleGroup, set *RuleSet, re
 	expiredAt := time.Now().Unix() + int64(timeout)
 
 	if this.Type == "black" {
-		_ = this.CloseConn(writer)
+		writer.WriteHeader(http.StatusForbidden)
+
+		request.WAFClose()
 
 		SharedIPBlackList.Add(IPTypeAll, request.WAFRemoteIP(), expiredAt)
 	} else {