WAF增加“在IP列表内”操作符/优化部分操作符代号

2025-11-04 07:40:56 +08:00 · 2023-01-08 10:15:46 +08:00
parent 8e68da7725
commit a2e6aaaa18
4 changed files with 14 additions and 38 deletions
--- a/internal/waf/rule.go
+++ b/internal/waf/rule.go
@@ -50,6 +50,7 @@ type Rule struct {
 	ipRangeListValue *values.IPRangeList
 	stringValues     []string
 	ipList           *values.StringList
 	floatValue float64
 	reg        *re.Regexp
@@ -122,6 +123,8 @@ func (this *Rule) Init() error {
 		if !this.isIP {
 			return errors.New("value should be a valid ip")
 		}
 	case RuleOperatorInIPList:
 		this.ipList = values.ParseStringList(this.Value, true)
 	case RuleOperatorIPRange, RuleOperatorNotIPRange:
 		this.ipRangeListValue = values.ParseIPRangeList(this.Value)
 	}
@@ -584,12 +587,12 @@ func (this *Rule) Test(value interface{}) bool {
 	case RuleOperatorNotIPRange:
 		return !this.containsIP(value)
 	case RuleOperatorIPMod:
-		pieces := strings.SplitN(this.Value, ",", 2)
+		var pieces = strings.SplitN(this.Value, ",", 2)
 		if len(pieces) == 1 {
-			rem := types.Int64(pieces[0])
+			var rem = types.Int64(pieces[0])
 			return this.ipToInt64(net.ParseIP(types.String(value)))%10 == rem
 		}
-		div := types.Int64(pieces[0])
+		var div = types.Int64(pieces[0])
 		if div == 0 {
 			return false
 		}
@@ -599,6 +602,11 @@ func (this *Rule) Test(value interface{}) bool {
 		return this.ipToInt64(net.ParseIP(types.String(value)))%10 == types.Int64(this.Value)
 	case RuleOperatorIPMod100:
 		return this.ipToInt64(net.ParseIP(types.String(value)))%100 == types.Int64(this.Value)
 	case RuleOperatorInIPList:
 		if this.ipList != nil {
 			return this.ipList.Contains(types.String(value))
 		}
 		return false
 	}
 	return false
 }
--- a/internal/waf/rule_operator.go
+++ b/internal/waf/rule_operator.go
@@ -18,8 +18,9 @@ const (
 	RuleOperatorNotContains  RuleOperator = "not contains"
 	RuleOperatorPrefix       RuleOperator = "prefix"
 	RuleOperatorSuffix       RuleOperator = "suffix"
-	RuleOperatorContainsAny  RuleOperator = "containsAny"
+	RuleOperatorContainsAny  RuleOperator = "contains any"
-	RuleOperatorContainsAll  RuleOperator = "containsAll"
+	RuleOperatorContainsAll  RuleOperator = "contains all"
 	RuleOperatorInIPList     RuleOperator = "in ip list"
 	RuleOperatorHasKey       RuleOperator = "has key" // has key in slice or map
 	RuleOperatorVersionGt    RuleOperator = "version gt"
 	RuleOperatorVersionLt    RuleOperator = "version lt"
--- a/internal/waf/values/ip_list.go
+++ b/internal/waf/values/ip_list.go
@@ -1,7 +0,0 @@
 // Copyright 2022 Liuxiangchao iwind.liu@gmail.com. All rights reserved. Official site: https://goedge.cn .
 package values
 func ParseIPList(v string) *StringList {
 	return ParseStringList(v, false)
 }
--- a/internal/waf/values/ip_list_test.go
+++ b/internal/waf/values/ip_list_test.go
@@ -1,26 +0,0 @@
 // Copyright 2022 Liuxiangchao iwind.liu@gmail.com. All rights reserved. Official site: https://goedge.cn .
 package values_test
 import (
 	"github.com/TeaOSLab/EdgeNode/internal/waf/values"
 	"github.com/iwind/TeaGo/assert"
 	"testing"
 )
 func TestParseIPList(t *testing.T) {
 	var a = assert.NewAssertion(t)
 	{
 		var list = values.ParseIPList("")
 		a.IsFalse(list.Contains("192.168.1.100"))
 	}
 	{
 		var list = values.ParseIPList(`
 192.168.1.1
 192.168.1.101`)
 		a.IsFalse(list.Contains("192.168.1.100"))
 		a.IsTrue(list.Contains("192.168.1.101"))
 	}
 }