TRKJ/EdgeNode
2
0
Fork 0
mirror of https://github.com/TeaOSLab/EdgeNode.git synced 2025-11-06 10:00:25 +08:00
Code Issues Packages Projects Releases Wiki Activity

WAF cc防护增加“检查请求来源指纹”选项

Browse Source
This commit is contained in:
GoEdgeLab
2023-03-10 10:41:16 +08:00
parent 86decd04cb
commit b0850b6032
2 changed files with 10 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
internal/nodes/http_request_waf.go
View File

@@ -404,6 +404,11 @@ func (this *HTTPRequest) WAFOnAction(action interface{}) (goNext bool) {
} }
func (this *HTTPRequest) WAFFingerprint() []byte { func (this *HTTPRequest) WAFFingerprint() []byte {
// 目前只有HTTPS请求才有指纹
if !this.IsHTTPS {
return nil
}
var requestConn = this.RawReq.Context().Value(HTTPConnContextKey) var requestConn = this.RawReq.Context().Value(HTTPConnContextKey)
if requestConn == nil { if requestConn == nil {
return nil return nil

6
internal/waf/checkpoints/cc2.go
View File

@@ -76,7 +76,11 @@ func (this *CC2Checkpoint) RequestValue(req requests.Request, param string, opti
value = ccCache.IncreaseInt64(ccKey, 1, expiresAt, false) value = ccCache.IncreaseInt64(ccKey, 1, expiresAt, false)
// 基于指纹统计 // 基于指纹统计
if hasRemoteAddr { var enableFingerprint = true
if options.Has("enableFingerprint") && !options.GetBool("enableFingerprint") {
enableFingerprint = false
}
if hasRemoteAddr && enableFingerprint {
var fingerprint = req.WAFFingerprint() var fingerprint = req.WAFFingerprint()
if len(fingerprint) > 0 { if len(fingerprint) > 0 {
var fpKeyValues = []string{} var fpKeyValues = []string{}