TRKJ/EdgeNode
2
0
Fork 0
mirror of https://github.com/TeaOSLab/EdgeNode.git synced 2025-12-31 18:46:36 +08:00
Code Issues Packages Projects Releases Wiki Activity

记录WAF日志

Browse Source
This commit is contained in:
GoEdgeLab
2020-11-02 15:49:30 +08:00
parent 6e2f5f976f
commit 8cd370ee69
5 changed files with 86 additions and 33 deletions
Download Patch File Download Diff File Expand all files Collapse all files

17
internal/nodes/http_request_waf.go
View File

@@ -3,6 +3,7 @@ package nodes
import (
"github.com/TeaOSLab/EdgeNode/internal/waf"
"github.com/iwind/TeaGo/logs"
"github.com/iwind/TeaGo/types"
"net/http"
)
@@ -13,7 +14,7 @@ func (this *HTTPRequest) doWAFRequest() (blocked bool) {
return
}
goNext, _, ruleSet, err := w.MatchRequest(this.RawReq, this.writer)
goNext, ruleGroup, ruleSet, err := w.MatchRequest(this.RawReq, this.writer)
if err != nil {
logs.Error(err)
return
@@ -21,8 +22,12 @@ func (this *HTTPRequest) doWAFRequest() (blocked bool) {
if ruleSet != nil {
if ruleSet.Action != waf.ActionAllow {
// TODO 记录日志
this.firewallPolicyId = this.web.FirewallPolicy.Id
this.firewallRuleGroupId = types.Int64(ruleGroup.Id)
this.firewallRuleSetId = types.Int64(ruleSet.Id)
}
this.logAttrs["waf.action"] = ruleSet.Action
}
return !goNext
@@ -35,7 +40,7 @@ func (this *HTTPRequest) doWAFResponse(resp *http.Response) (blocked bool) {
return
}
goNext, _, ruleSet, err := w.MatchResponse(this.RawReq, resp, this.writer)
goNext, ruleGroup, ruleSet, err := w.MatchResponse(this.RawReq, resp, this.writer)
if err != nil {
logs.Error(err)
return
@@ -43,8 +48,12 @@ func (this *HTTPRequest) doWAFResponse(resp *http.Response) (blocked bool) {
if ruleSet != nil {
if ruleSet.Action != waf.ActionAllow {
// TODO 记录日志
this.firewallPolicyId = this.web.FirewallPolicy.Id
this.firewallRuleGroupId = types.Int64(ruleGroup.Id)
this.firewallRuleSetId = types.Int64(ruleSet.Id)
}
this.logAttrs["waf.action"] = ruleSet.Action
}
return !goNext