From 9bd38094c3110f582433ebbbeebb1a1b864f35f0 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E5=88=98=E7=A5=A5=E8=B6=85?= Date: Mon, 19 Jul 2021 11:01:38 +0800 Subject: [PATCH] =?UTF-8?q?=E5=B0=86WAF=E6=A8=A1=E6=9D=BF=E4=B8=AD?= =?UTF-8?q?=E7=9A=84cc=E4=BF=AE=E6=94=B9=E4=B8=BAcc2?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- internal/waf/rule_set.go | 3 --- internal/waf/template.go | 8 +++++--- 2 files changed, 5 insertions(+), 6 deletions(-) diff --git a/internal/waf/rule_set.go b/internal/waf/rule_set.go index 38b6e15..7a0e40b 100644 --- a/internal/waf/rule_set.go +++ b/internal/waf/rule_set.go @@ -4,7 +4,6 @@ import ( "github.com/TeaOSLab/EdgeNode/internal/remotelogs" "github.com/TeaOSLab/EdgeNode/internal/waf/requests" "github.com/iwind/TeaGo/lists" - "github.com/iwind/TeaGo/logs" "github.com/iwind/TeaGo/maps" "github.com/iwind/TeaGo/utils/string" "net/http" @@ -127,7 +126,6 @@ func (this *RuleSet) PerformActions(waf *WAF, group *RuleGroup, req requests.Req return false } } - logs.Printf("perform1: %#v", instance) // TODO instance.Perform(waf, group, this, req, writer) } } @@ -142,7 +140,6 @@ func (this *RuleSet) PerformActions(waf *WAF, group *RuleGroup, req requests.Req return false } } - logs.Printf("perform2: %#v", instance) // TODO return instance.Perform(waf, group, this, req, writer) } } diff --git a/internal/waf/template.go b/internal/waf/template.go index 5bd06c3..334f488 100644 --- a/internal/waf/template.go +++ b/internal/waf/template.go @@ -367,7 +367,7 @@ func Template() *WAF { group.IsInbound = true group.Name = "CC攻击" group.Description = "Challenge Collapsar,防止短时间大量请求涌入,请谨慎开启和设置" - group.Code = "cc" + group.Code = "cc2" { set := NewRuleSet() @@ -378,11 +378,13 @@ func Template() *WAF { set.Connector = RuleConnectorAnd set.AddAction(ActionBlock, nil) set.AddRule(&Rule{ - Param: "${cc.requests}", + Param: "${cc2}", Operator: RuleOperatorGt, Value: "1000", CheckpointOptions: map[string]interface{}{ - "period": "60", + "period": "60", + "threshold": 1000, + "keys": []string{"${remoteAddr}", "${requestPath}"}, }, IsCaseInsensitive: false, })