diff --git a/internal/waf/checkpoints/cc.go b/internal/waf/checkpoints/cc.go index e848fc2..3ce0be5 100644 --- a/internal/waf/checkpoints/cc.go +++ b/internal/waf/checkpoints/cc.go @@ -3,12 +3,12 @@ package checkpoints import ( "github.com/TeaOSLab/EdgeNode/internal/utils/counters" "github.com/TeaOSLab/EdgeNode/internal/waf/requests" + "github.com/TeaOSLab/EdgeNode/internal/waf/utils" "github.com/iwind/TeaGo/maps" "github.com/iwind/TeaGo/types" "regexp" ) - // CCCheckpoint ${cc.arg} // TODO implement more traffic rules type CCCheckpoint struct { @@ -23,7 +23,7 @@ func (this *CCCheckpoint) Start() { } -func (this *CCCheckpoint) RequestValue(req requests.Request, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) { +func (this *CCCheckpoint) RequestValue(req requests.Request, param string, options maps.Map, ruleId int64) (value any, hasRequestBody bool, sysErr error, userErr error) { value = 0 periodString, ok := options["period"] @@ -103,7 +103,7 @@ func (this *CCCheckpoint) RequestValue(req requests.Request, param string, optio return } -func (this *CCCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) { +func (this *CCCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map, ruleId int64) (value any, hasRequestBody bool, sysErr error, userErr error) { if this.IsRequest() { return this.RequestValue(req, param, options, ruleId) } @@ -188,3 +188,7 @@ func (this *CCCheckpoint) Options() []OptionInterface { func (this *CCCheckpoint) Stop() { } + +func (this *CCCheckpoint) CacheLife() utils.CacheLife { + return utils.CacheDisabled +} diff --git a/internal/waf/checkpoints/cc2.go b/internal/waf/checkpoints/cc2.go index b58fdcb..915ad8b 100644 --- a/internal/waf/checkpoints/cc2.go +++ b/internal/waf/checkpoints/cc2.go @@ -6,6 +6,7 @@ import ( "fmt" "github.com/TeaOSLab/EdgeNode/internal/utils/counters" "github.com/TeaOSLab/EdgeNode/internal/waf/requests" + "github.com/TeaOSLab/EdgeNode/internal/waf/utils" "github.com/TeaOSLab/EdgeNode/internal/zero" "github.com/iwind/TeaGo/maps" "github.com/iwind/TeaGo/types" @@ -34,7 +35,7 @@ type CC2Checkpoint struct { Checkpoint } -func (this *CC2Checkpoint) RequestValue(req requests.Request, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) { +func (this *CC2Checkpoint) RequestValue(req requests.Request, param string, options maps.Map, ruleId int64) (value any, hasRequestBody bool, sysErr error, userErr error) { var keys = options.GetSlice("keys") var keyValues = []string{} var hasRemoteAddr = false @@ -104,10 +105,14 @@ func (this *CC2Checkpoint) RequestValue(req requests.Request, param string, opti return } -func (this *CC2Checkpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) { +func (this *CC2Checkpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map, ruleId int64) (value any, hasRequestBody bool, sysErr error, userErr error) { if this.IsRequest() { return this.RequestValue(req, param, options, ruleId) } return } + +func (this *CC2Checkpoint) CacheLife() utils.CacheLife { + return utils.CacheDisabled +} diff --git a/internal/waf/checkpoints/checkpoint_interface.go b/internal/waf/checkpoints/checkpoint_interface.go index 5deacbb..9f93b76 100644 --- a/internal/waf/checkpoints/checkpoint_interface.go +++ b/internal/waf/checkpoints/checkpoint_interface.go @@ -2,6 +2,7 @@ package checkpoints import ( "github.com/TeaOSLab/EdgeNode/internal/waf/requests" + "github.com/TeaOSLab/EdgeNode/internal/waf/utils" "github.com/iwind/TeaGo/maps" ) @@ -17,10 +18,10 @@ type CheckpointInterface interface { IsComposed() bool // RequestValue get request value - RequestValue(req requests.Request, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) + RequestValue(req requests.Request, param string, options maps.Map, ruleId int64) (value any, hasRequestBody bool, sysErr error, userErr error) // ResponseValue get response value - ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) + ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map, ruleId int64) (value any, hasRequestBody bool, sysErr error, userErr error) // ParamOptions param option list ParamOptions() *ParamOptions @@ -37,6 +38,9 @@ type CheckpointInterface interface { // SetPriority set priority SetPriority(priority int) - // get priority + // Priority get priority Priority() int + + // CacheLife regexp cache life + CacheLife() utils.CacheLife } diff --git a/internal/waf/checkpoints/request_all.go b/internal/waf/checkpoints/request_all.go index 9c08c5e..cba0849 100644 --- a/internal/waf/checkpoints/request_all.go +++ b/internal/waf/checkpoints/request_all.go @@ -2,6 +2,7 @@ package checkpoints import ( "github.com/TeaOSLab/EdgeNode/internal/waf/requests" + "github.com/TeaOSLab/EdgeNode/internal/waf/utils" "github.com/iwind/TeaGo/maps" ) @@ -10,7 +11,7 @@ type RequestAllCheckpoint struct { Checkpoint } -func (this *RequestAllCheckpoint) RequestValue(req requests.Request, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) { +func (this *RequestAllCheckpoint) RequestValue(req requests.Request, param string, options maps.Map, ruleId int64) (value any, hasRequestBody bool, sysErr error, userErr error) { var valueBytes = []byte{} if len(req.WAFRaw().RequestURI) > 0 { valueBytes = append(valueBytes, req.WAFRaw().RequestURI...) @@ -46,10 +47,14 @@ func (this *RequestAllCheckpoint) RequestValue(req requests.Request, param strin return } -func (this *RequestAllCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) { +func (this *RequestAllCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map, ruleId int64) (value any, hasRequestBody bool, sysErr error, userErr error) { value = "" if this.IsRequest() { return this.RequestValue(req, param, options, ruleId) } return } + +func (this *RequestAllCheckpoint) CacheLife() utils.CacheLife { + return utils.CacheShortLife +} diff --git a/internal/waf/checkpoints/request_arg.go b/internal/waf/checkpoints/request_arg.go index 8c3ff3a..745aac2 100644 --- a/internal/waf/checkpoints/request_arg.go +++ b/internal/waf/checkpoints/request_arg.go @@ -2,6 +2,7 @@ package checkpoints import ( "github.com/TeaOSLab/EdgeNode/internal/waf/requests" + "github.com/TeaOSLab/EdgeNode/internal/waf/utils" "github.com/iwind/TeaGo/maps" ) @@ -9,13 +10,17 @@ type RequestArgCheckpoint struct { Checkpoint } -func (this *RequestArgCheckpoint) RequestValue(req requests.Request, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) { +func (this *RequestArgCheckpoint) RequestValue(req requests.Request, param string, options maps.Map, ruleId int64) (value any, hasRequestBody bool, sysErr error, userErr error) { return req.WAFRaw().URL.Query().Get(param), hasRequestBody, nil, nil } -func (this *RequestArgCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) { +func (this *RequestArgCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map, ruleId int64) (value any, hasRequestBody bool, sysErr error, userErr error) { if this.IsRequest() { return this.RequestValue(req, param, options, ruleId) } return } + +func (this *RequestArgCheckpoint) CacheLife() utils.CacheLife { + return utils.CacheMiddleLife +} diff --git a/internal/waf/checkpoints/request_args.go b/internal/waf/checkpoints/request_args.go index 3ac2a74..ecd2e5e 100644 --- a/internal/waf/checkpoints/request_args.go +++ b/internal/waf/checkpoints/request_args.go @@ -2,6 +2,7 @@ package checkpoints import ( "github.com/TeaOSLab/EdgeNode/internal/waf/requests" + "github.com/TeaOSLab/EdgeNode/internal/waf/utils" "github.com/iwind/TeaGo/maps" ) @@ -9,14 +10,18 @@ type RequestArgsCheckpoint struct { Checkpoint } -func (this *RequestArgsCheckpoint) RequestValue(req requests.Request, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) { +func (this *RequestArgsCheckpoint) RequestValue(req requests.Request, param string, options maps.Map, ruleId int64) (value any, hasRequestBody bool, sysErr error, userErr error) { value = req.WAFRaw().URL.RawQuery return } -func (this *RequestArgsCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) { +func (this *RequestArgsCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map, ruleId int64) (value any, hasRequestBody bool, sysErr error, userErr error) { if this.IsRequest() { return this.RequestValue(req, param, options, ruleId) } return } + +func (this *RequestArgsCheckpoint) CacheLife() utils.CacheLife { + return utils.CacheMiddleLife +} diff --git a/internal/waf/checkpoints/request_body.go b/internal/waf/checkpoints/request_body.go index c7f271b..26d30c9 100644 --- a/internal/waf/checkpoints/request_body.go +++ b/internal/waf/checkpoints/request_body.go @@ -2,6 +2,7 @@ package checkpoints import ( "github.com/TeaOSLab/EdgeNode/internal/waf/requests" + "github.com/TeaOSLab/EdgeNode/internal/waf/utils" "github.com/iwind/TeaGo/maps" ) @@ -10,7 +11,7 @@ type RequestBodyCheckpoint struct { Checkpoint } -func (this *RequestBodyCheckpoint) RequestValue(req requests.Request, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) { +func (this *RequestBodyCheckpoint) RequestValue(req requests.Request, param string, options maps.Map, ruleId int64) (value any, hasRequestBody bool, sysErr error, userErr error) { if this.RequestBodyIsEmpty(req) { value = "" return @@ -37,9 +38,13 @@ func (this *RequestBodyCheckpoint) RequestValue(req requests.Request, param stri return bodyData, hasRequestBody, nil, nil } -func (this *RequestBodyCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) { +func (this *RequestBodyCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map, ruleId int64) (value any, hasRequestBody bool, sysErr error, userErr error) { if this.IsRequest() { return this.RequestValue(req, param, options, ruleId) } return } + +func (this *RequestBodyCheckpoint) CacheLife() utils.CacheLife { + return utils.CacheDisabled +} diff --git a/internal/waf/checkpoints/request_cname.go b/internal/waf/checkpoints/request_cname.go index 82c0c2f..cbb5a51 100644 --- a/internal/waf/checkpoints/request_cname.go +++ b/internal/waf/checkpoints/request_cname.go @@ -2,6 +2,7 @@ package checkpoints import ( "github.com/TeaOSLab/EdgeNode/internal/waf/requests" + "github.com/TeaOSLab/EdgeNode/internal/waf/utils" "github.com/iwind/TeaGo/maps" ) @@ -9,14 +10,18 @@ type RequestCNAMECheckpoint struct { Checkpoint } -func (this *RequestCNAMECheckpoint) RequestValue(req requests.Request, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) { +func (this *RequestCNAMECheckpoint) RequestValue(req requests.Request, param string, options maps.Map, ruleId int64) (value any, hasRequestBody bool, sysErr error, userErr error) { value = req.Format("${cname}") return } -func (this *RequestCNAMECheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) { +func (this *RequestCNAMECheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map, ruleId int64) (value any, hasRequestBody bool, sysErr error, userErr error) { if this.IsRequest() { return this.RequestValue(req, param, options, ruleId) } return } + +func (this *RequestCNAMECheckpoint) CacheLife() utils.CacheLife { + return utils.CacheLongLife +} diff --git a/internal/waf/checkpoints/request_content_type.go b/internal/waf/checkpoints/request_content_type.go index a935c94..8bdb612 100644 --- a/internal/waf/checkpoints/request_content_type.go +++ b/internal/waf/checkpoints/request_content_type.go @@ -2,6 +2,7 @@ package checkpoints import ( "github.com/TeaOSLab/EdgeNode/internal/waf/requests" + "github.com/TeaOSLab/EdgeNode/internal/waf/utils" "github.com/iwind/TeaGo/maps" ) @@ -9,14 +10,18 @@ type RequestContentTypeCheckpoint struct { Checkpoint } -func (this *RequestContentTypeCheckpoint) RequestValue(req requests.Request, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) { +func (this *RequestContentTypeCheckpoint) RequestValue(req requests.Request, param string, options maps.Map, ruleId int64) (value any, hasRequestBody bool, sysErr error, userErr error) { value = req.WAFRaw().Header.Get("Content-Type") return } -func (this *RequestContentTypeCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) { +func (this *RequestContentTypeCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map, ruleId int64) (value any, hasRequestBody bool, sysErr error, userErr error) { if this.IsRequest() { return this.RequestValue(req, param, options, ruleId) } return } + +func (this *RequestContentTypeCheckpoint) CacheLife() utils.CacheLife { + return utils.CacheLongLife +} diff --git a/internal/waf/checkpoints/request_cookie.go b/internal/waf/checkpoints/request_cookie.go index 5394c70..a0ad90e 100644 --- a/internal/waf/checkpoints/request_cookie.go +++ b/internal/waf/checkpoints/request_cookie.go @@ -2,6 +2,7 @@ package checkpoints import ( "github.com/TeaOSLab/EdgeNode/internal/waf/requests" + "github.com/TeaOSLab/EdgeNode/internal/waf/utils" "github.com/iwind/TeaGo/maps" ) @@ -9,7 +10,7 @@ type RequestCookieCheckpoint struct { Checkpoint } -func (this *RequestCookieCheckpoint) RequestValue(req requests.Request, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) { +func (this *RequestCookieCheckpoint) RequestValue(req requests.Request, param string, options maps.Map, ruleId int64) (value any, hasRequestBody bool, sysErr error, userErr error) { cookie, err := req.WAFRaw().Cookie(param) if err != nil { value = "" @@ -20,9 +21,13 @@ func (this *RequestCookieCheckpoint) RequestValue(req requests.Request, param st return } -func (this *RequestCookieCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) { +func (this *RequestCookieCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map, ruleId int64) (value any, hasRequestBody bool, sysErr error, userErr error) { if this.IsRequest() { return this.RequestValue(req, param, options, ruleId) } return } + +func (this *RequestCookieCheckpoint) CacheLife() utils.CacheLife { + return utils.CacheMiddleLife +} diff --git a/internal/waf/checkpoints/request_cookies.go b/internal/waf/checkpoints/request_cookies.go index de22ced..0ae40cf 100644 --- a/internal/waf/checkpoints/request_cookies.go +++ b/internal/waf/checkpoints/request_cookies.go @@ -2,6 +2,7 @@ package checkpoints import ( "github.com/TeaOSLab/EdgeNode/internal/waf/requests" + "github.com/TeaOSLab/EdgeNode/internal/waf/utils" "github.com/iwind/TeaGo/maps" "net/url" "strings" @@ -11,7 +12,7 @@ type RequestCookiesCheckpoint struct { Checkpoint } -func (this *RequestCookiesCheckpoint) RequestValue(req requests.Request, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) { +func (this *RequestCookiesCheckpoint) RequestValue(req requests.Request, param string, options maps.Map, ruleId int64) (value any, hasRequestBody bool, sysErr error, userErr error) { var cookies = []string{} for _, cookie := range req.WAFRaw().Cookies() { cookies = append(cookies, url.QueryEscape(cookie.Name)+"="+url.QueryEscape(cookie.Value)) @@ -20,9 +21,13 @@ func (this *RequestCookiesCheckpoint) RequestValue(req requests.Request, param s return } -func (this *RequestCookiesCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) { +func (this *RequestCookiesCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map, ruleId int64) (value any, hasRequestBody bool, sysErr error, userErr error) { if this.IsRequest() { return this.RequestValue(req, param, options, ruleId) } return } + +func (this *RequestCookiesCheckpoint) CacheLife() utils.CacheLife { + return utils.CacheShortLife +} diff --git a/internal/waf/checkpoints/request_form_arg.go b/internal/waf/checkpoints/request_form_arg.go index fdc4e0f..b6db12f 100644 --- a/internal/waf/checkpoints/request_form_arg.go +++ b/internal/waf/checkpoints/request_form_arg.go @@ -2,6 +2,7 @@ package checkpoints import ( "github.com/TeaOSLab/EdgeNode/internal/waf/requests" + "github.com/TeaOSLab/EdgeNode/internal/waf/utils" "github.com/iwind/TeaGo/maps" "net/url" ) @@ -11,7 +12,7 @@ type RequestFormArgCheckpoint struct { Checkpoint } -func (this *RequestFormArgCheckpoint) RequestValue(req requests.Request, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) { +func (this *RequestFormArgCheckpoint) RequestValue(req requests.Request, param string, options maps.Map, ruleId int64) (value any, hasRequestBody bool, sysErr error, userErr error) { hasRequestBody = true if this.RequestBodyIsEmpty(req) { @@ -41,9 +42,13 @@ func (this *RequestFormArgCheckpoint) RequestValue(req requests.Request, param s return values.Get(param), hasRequestBody, nil, nil } -func (this *RequestFormArgCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) { +func (this *RequestFormArgCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map, ruleId int64) (value any, hasRequestBody bool, sysErr error, userErr error) { if this.IsRequest() { return this.RequestValue(req, param, options, ruleId) } return } + +func (this *RequestFormArgCheckpoint) CacheLife() utils.CacheLife { + return utils.CacheMiddleLife +} diff --git a/internal/waf/checkpoints/request_general_header_length.go b/internal/waf/checkpoints/request_general_header_length.go index 62837d9..500bfe8 100644 --- a/internal/waf/checkpoints/request_general_header_length.go +++ b/internal/waf/checkpoints/request_general_header_length.go @@ -2,6 +2,7 @@ package checkpoints import ( "github.com/TeaOSLab/EdgeNode/internal/waf/requests" + "github.com/TeaOSLab/EdgeNode/internal/waf/utils" "github.com/iwind/TeaGo/maps" "github.com/iwind/TeaGo/types" ) @@ -14,7 +15,7 @@ func (this *RequestGeneralHeaderLengthCheckpoint) IsComposed() bool { return true } -func (this *RequestGeneralHeaderLengthCheckpoint) RequestValue(req requests.Request, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) { +func (this *RequestGeneralHeaderLengthCheckpoint) RequestValue(req requests.Request, param string, options maps.Map, ruleId int64) (value any, hasRequestBody bool, sysErr error, userErr error) { value = false var headers = options.GetSlice("headers") @@ -35,6 +36,10 @@ func (this *RequestGeneralHeaderLengthCheckpoint) RequestValue(req requests.Requ return } -func (this *RequestGeneralHeaderLengthCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) { +func (this *RequestGeneralHeaderLengthCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map, ruleId int64) (value any, hasRequestBody bool, sysErr error, userErr error) { return } + +func (this *RequestGeneralHeaderLengthCheckpoint) CacheLife() utils.CacheLife { + return utils.CacheDisabled +} diff --git a/internal/waf/checkpoints/request_geo_city_name.go b/internal/waf/checkpoints/request_geo_city_name.go index 01275b0..c4301e7 100644 --- a/internal/waf/checkpoints/request_geo_city_name.go +++ b/internal/waf/checkpoints/request_geo_city_name.go @@ -4,6 +4,7 @@ package checkpoints import ( "github.com/TeaOSLab/EdgeNode/internal/waf/requests" + "github.com/TeaOSLab/EdgeNode/internal/waf/utils" "github.com/iwind/TeaGo/maps" ) @@ -15,11 +16,15 @@ func (this *RequestGeoCityNameCheckpoint) IsComposed() bool { return false } -func (this *RequestGeoCityNameCheckpoint) RequestValue(req requests.Request, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) { +func (this *RequestGeoCityNameCheckpoint) RequestValue(req requests.Request, param string, options maps.Map, ruleId int64) (value any, hasRequestBody bool, sysErr error, userErr error) { value = req.Format("${geo.city.name}") return } -func (this *RequestGeoCityNameCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) { +func (this *RequestGeoCityNameCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map, ruleId int64) (value any, hasRequestBody bool, sysErr error, userErr error) { return this.RequestValue(req, param, options, ruleId) } + +func (this *RequestGeoCityNameCheckpoint) CacheLife() utils.CacheLife { + return utils.CacheLongLife +} diff --git a/internal/waf/checkpoints/request_geo_country_name.go b/internal/waf/checkpoints/request_geo_country_name.go index 527fe38..d055f3d 100644 --- a/internal/waf/checkpoints/request_geo_country_name.go +++ b/internal/waf/checkpoints/request_geo_country_name.go @@ -4,6 +4,7 @@ package checkpoints import ( "github.com/TeaOSLab/EdgeNode/internal/waf/requests" + "github.com/TeaOSLab/EdgeNode/internal/waf/utils" "github.com/iwind/TeaGo/maps" ) @@ -15,11 +16,15 @@ func (this *RequestGeoCountryNameCheckpoint) IsComposed() bool { return false } -func (this *RequestGeoCountryNameCheckpoint) RequestValue(req requests.Request, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) { +func (this *RequestGeoCountryNameCheckpoint) RequestValue(req requests.Request, param string, options maps.Map, ruleId int64) (value any, hasRequestBody bool, sysErr error, userErr error) { value = req.Format("${geo.country.name}") return } -func (this *RequestGeoCountryNameCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) { +func (this *RequestGeoCountryNameCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map, ruleId int64) (value any, hasRequestBody bool, sysErr error, userErr error) { return this.RequestValue(req, param, options, ruleId) } + +func (this *RequestGeoCountryNameCheckpoint) CacheLife() utils.CacheLife { + return utils.CacheLongLife +} diff --git a/internal/waf/checkpoints/request_geo_province_name.go b/internal/waf/checkpoints/request_geo_province_name.go index 1f25b99..4219632 100644 --- a/internal/waf/checkpoints/request_geo_province_name.go +++ b/internal/waf/checkpoints/request_geo_province_name.go @@ -4,6 +4,7 @@ package checkpoints import ( "github.com/TeaOSLab/EdgeNode/internal/waf/requests" + "github.com/TeaOSLab/EdgeNode/internal/waf/utils" "github.com/iwind/TeaGo/maps" ) @@ -15,11 +16,15 @@ func (this *RequestGeoProvinceNameCheckpoint) IsComposed() bool { return false } -func (this *RequestGeoProvinceNameCheckpoint) RequestValue(req requests.Request, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) { +func (this *RequestGeoProvinceNameCheckpoint) RequestValue(req requests.Request, param string, options maps.Map, ruleId int64) (value any, hasRequestBody bool, sysErr error, userErr error) { value = req.Format("${geo.province.name}") return } -func (this *RequestGeoProvinceNameCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) { +func (this *RequestGeoProvinceNameCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map, ruleId int64) (value any, hasRequestBody bool, sysErr error, userErr error) { return this.RequestValue(req, param, options, ruleId) } + +func (this *RequestGeoProvinceNameCheckpoint) CacheLife() utils.CacheLife { + return utils.CacheLongLife +} diff --git a/internal/waf/checkpoints/request_header.go b/internal/waf/checkpoints/request_header.go index ad82b3b..56024bd 100644 --- a/internal/waf/checkpoints/request_header.go +++ b/internal/waf/checkpoints/request_header.go @@ -2,6 +2,7 @@ package checkpoints import ( "github.com/TeaOSLab/EdgeNode/internal/waf/requests" + "github.com/TeaOSLab/EdgeNode/internal/waf/utils" "github.com/iwind/TeaGo/maps" "strings" ) @@ -10,7 +11,7 @@ type RequestHeaderCheckpoint struct { Checkpoint } -func (this *RequestHeaderCheckpoint) RequestValue(req requests.Request, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) { +func (this *RequestHeaderCheckpoint) RequestValue(req requests.Request, param string, options maps.Map, ruleId int64) (value any, hasRequestBody bool, sysErr error, userErr error) { v, found := req.WAFRaw().Header[param] if !found { value = "" @@ -20,9 +21,13 @@ func (this *RequestHeaderCheckpoint) RequestValue(req requests.Request, param st return } -func (this *RequestHeaderCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) { +func (this *RequestHeaderCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map, ruleId int64) (value any, hasRequestBody bool, sysErr error, userErr error) { if this.IsRequest() { return this.RequestValue(req, param, options, ruleId) } return } + +func (this *RequestHeaderCheckpoint) CacheLife() utils.CacheLife { + return utils.CacheMiddleLife +} diff --git a/internal/waf/checkpoints/request_headers.go b/internal/waf/checkpoints/request_headers.go index ac6f2d0..53487bd 100644 --- a/internal/waf/checkpoints/request_headers.go +++ b/internal/waf/checkpoints/request_headers.go @@ -2,6 +2,7 @@ package checkpoints import ( "github.com/TeaOSLab/EdgeNode/internal/waf/requests" + "github.com/TeaOSLab/EdgeNode/internal/waf/utils" "github.com/iwind/TeaGo/maps" "sort" "strings" @@ -11,7 +12,7 @@ type RequestHeadersCheckpoint struct { Checkpoint } -func (this *RequestHeadersCheckpoint) RequestValue(req requests.Request, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) { +func (this *RequestHeadersCheckpoint) RequestValue(req requests.Request, param string, options maps.Map, ruleId int64) (value any, hasRequestBody bool, sysErr error, userErr error) { var headers = []string{} for k, v := range req.WAFRaw().Header { for _, subV := range v { @@ -23,9 +24,13 @@ func (this *RequestHeadersCheckpoint) RequestValue(req requests.Request, param s return } -func (this *RequestHeadersCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) { +func (this *RequestHeadersCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map, ruleId int64) (value any, hasRequestBody bool, sysErr error, userErr error) { if this.IsRequest() { return this.RequestValue(req, param, options, ruleId) } return } + +func (this *RequestHeadersCheckpoint) CacheLife() utils.CacheLife { + return utils.CacheShortLife +} diff --git a/internal/waf/checkpoints/request_host.go b/internal/waf/checkpoints/request_host.go index 374357c..637f494 100644 --- a/internal/waf/checkpoints/request_host.go +++ b/internal/waf/checkpoints/request_host.go @@ -2,6 +2,7 @@ package checkpoints import ( "github.com/TeaOSLab/EdgeNode/internal/waf/requests" + "github.com/TeaOSLab/EdgeNode/internal/waf/utils" "github.com/iwind/TeaGo/maps" ) @@ -9,14 +10,18 @@ type RequestHostCheckpoint struct { Checkpoint } -func (this *RequestHostCheckpoint) RequestValue(req requests.Request, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) { +func (this *RequestHostCheckpoint) RequestValue(req requests.Request, param string, options maps.Map, ruleId int64) (value any, hasRequestBody bool, sysErr error, userErr error) { value = req.WAFRaw().Host return } -func (this *RequestHostCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) { +func (this *RequestHostCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map, ruleId int64) (value any, hasRequestBody bool, sysErr error, userErr error) { if this.IsRequest() { return this.RequestValue(req, param, options, ruleId) } return } + +func (this *RequestHostCheckpoint) CacheLife() utils.CacheLife { + return utils.CacheLongLife +} diff --git a/internal/waf/checkpoints/request_is_cname.go b/internal/waf/checkpoints/request_is_cname.go index 0328c27..1e92454 100644 --- a/internal/waf/checkpoints/request_is_cname.go +++ b/internal/waf/checkpoints/request_is_cname.go @@ -2,6 +2,7 @@ package checkpoints import ( "github.com/TeaOSLab/EdgeNode/internal/waf/requests" + "github.com/TeaOSLab/EdgeNode/internal/waf/utils" "github.com/iwind/TeaGo/maps" ) @@ -9,7 +10,7 @@ type RequestIsCNAMECheckpoint struct { Checkpoint } -func (this *RequestIsCNAMECheckpoint) RequestValue(req requests.Request, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) { +func (this *RequestIsCNAMECheckpoint) RequestValue(req requests.Request, param string, options maps.Map, ruleId int64) (value any, hasRequestBody bool, sysErr error, userErr error) { if req.Format("${cname}") == req.Format("${host}") { value = 1 } else { @@ -18,9 +19,13 @@ func (this *RequestIsCNAMECheckpoint) RequestValue(req requests.Request, param s return } -func (this *RequestIsCNAMECheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) { +func (this *RequestIsCNAMECheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map, ruleId int64) (value any, hasRequestBody bool, sysErr error, userErr error) { if this.IsRequest() { return this.RequestValue(req, param, options, ruleId) } return } + +func (this *RequestIsCNAMECheckpoint) CacheLife() utils.CacheLife { + return utils.CacheLongLife +} diff --git a/internal/waf/checkpoints/request_isp_name.go b/internal/waf/checkpoints/request_isp_name.go index 28ac4a5..09a2d76 100644 --- a/internal/waf/checkpoints/request_isp_name.go +++ b/internal/waf/checkpoints/request_isp_name.go @@ -4,6 +4,7 @@ package checkpoints import ( "github.com/TeaOSLab/EdgeNode/internal/waf/requests" + "github.com/TeaOSLab/EdgeNode/internal/waf/utils" "github.com/iwind/TeaGo/maps" ) @@ -15,11 +16,15 @@ func (this *RequestISPNameCheckpoint) IsComposed() bool { return false } -func (this *RequestISPNameCheckpoint) RequestValue(req requests.Request, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) { +func (this *RequestISPNameCheckpoint) RequestValue(req requests.Request, param string, options maps.Map, ruleId int64) (value any, hasRequestBody bool, sysErr error, userErr error) { value = req.Format("${isp.name}") return } -func (this *RequestISPNameCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) { +func (this *RequestISPNameCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map, ruleId int64) (value any, hasRequestBody bool, sysErr error, userErr error) { return this.RequestValue(req, param, options, ruleId) } + +func (this *RequestISPNameCheckpoint) CacheLife() utils.CacheLife { + return utils.CacheLongLife +} diff --git a/internal/waf/checkpoints/request_json_arg.go b/internal/waf/checkpoints/request_json_arg.go index 658dd61..eeddfbf 100644 --- a/internal/waf/checkpoints/request_json_arg.go +++ b/internal/waf/checkpoints/request_json_arg.go @@ -4,6 +4,7 @@ import ( "encoding/json" "github.com/TeaOSLab/EdgeNode/internal/utils" "github.com/TeaOSLab/EdgeNode/internal/waf/requests" + wafutils "github.com/TeaOSLab/EdgeNode/internal/waf/utils" "github.com/iwind/TeaGo/maps" "strings" ) @@ -13,7 +14,7 @@ type RequestJSONArgCheckpoint struct { Checkpoint } -func (this *RequestJSONArgCheckpoint) RequestValue(req requests.Request, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) { +func (this *RequestJSONArgCheckpoint) RequestValue(req requests.Request, param string, options maps.Map, ruleId int64) (value any, hasRequestBody bool, sysErr error, userErr error) { var bodyData = req.WAFGetCacheBody() hasRequestBody = true if len(bodyData) == 0 { @@ -28,7 +29,7 @@ func (this *RequestJSONArgCheckpoint) RequestValue(req requests.Request, param s } // TODO improve performance - var m interface{} = nil + var m any = nil err := json.Unmarshal(bodyData, &m) if err != nil || m == nil { return "", hasRequestBody, nil, err @@ -41,9 +42,13 @@ func (this *RequestJSONArgCheckpoint) RequestValue(req requests.Request, param s return "", hasRequestBody, nil, nil } -func (this *RequestJSONArgCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) { +func (this *RequestJSONArgCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map, ruleId int64) (value any, hasRequestBody bool, sysErr error, userErr error) { if this.IsRequest() { return this.RequestValue(req, param, options, ruleId) } return } + +func (this *RequestJSONArgCheckpoint) CacheLife() wafutils.CacheLife { + return wafutils.CacheMiddleLife +} diff --git a/internal/waf/checkpoints/request_length.go b/internal/waf/checkpoints/request_length.go index ad8e1a1..1cdff80 100644 --- a/internal/waf/checkpoints/request_length.go +++ b/internal/waf/checkpoints/request_length.go @@ -2,6 +2,7 @@ package checkpoints import ( "github.com/TeaOSLab/EdgeNode/internal/waf/requests" + "github.com/TeaOSLab/EdgeNode/internal/waf/utils" "github.com/iwind/TeaGo/maps" ) @@ -9,14 +10,18 @@ type RequestLengthCheckpoint struct { Checkpoint } -func (this *RequestLengthCheckpoint) RequestValue(req requests.Request, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) { +func (this *RequestLengthCheckpoint) RequestValue(req requests.Request, param string, options maps.Map, ruleId int64) (value any, hasRequestBody bool, sysErr error, userErr error) { value = req.WAFRaw().ContentLength return } -func (this *RequestLengthCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) { +func (this *RequestLengthCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map, ruleId int64) (value any, hasRequestBody bool, sysErr error, userErr error) { if this.IsRequest() { return this.RequestValue(req, param, options, ruleId) } return } + +func (this *RequestLengthCheckpoint) CacheLife() utils.CacheLife { + return utils.CacheShortLife +} diff --git a/internal/waf/checkpoints/request_method.go b/internal/waf/checkpoints/request_method.go index 0c9e7c7..ff95e34 100644 --- a/internal/waf/checkpoints/request_method.go +++ b/internal/waf/checkpoints/request_method.go @@ -2,6 +2,7 @@ package checkpoints import ( "github.com/TeaOSLab/EdgeNode/internal/waf/requests" + "github.com/TeaOSLab/EdgeNode/internal/waf/utils" "github.com/iwind/TeaGo/maps" ) @@ -9,14 +10,18 @@ type RequestMethodCheckpoint struct { Checkpoint } -func (this *RequestMethodCheckpoint) RequestValue(req requests.Request, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) { +func (this *RequestMethodCheckpoint) RequestValue(req requests.Request, param string, options maps.Map, ruleId int64) (value any, hasRequestBody bool, sysErr error, userErr error) { value = req.WAFRaw().Method return } -func (this *RequestMethodCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) { +func (this *RequestMethodCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map, ruleId int64) (value any, hasRequestBody bool, sysErr error, userErr error) { if this.IsRequest() { return this.RequestValue(req, param, options, ruleId) } return } + +func (this *RequestMethodCheckpoint) CacheLife() utils.CacheLife { + return utils.CacheLongLife +} diff --git a/internal/waf/checkpoints/request_path.go b/internal/waf/checkpoints/request_path.go index 7081010..caea5be 100644 --- a/internal/waf/checkpoints/request_path.go +++ b/internal/waf/checkpoints/request_path.go @@ -2,6 +2,7 @@ package checkpoints import ( "github.com/TeaOSLab/EdgeNode/internal/waf/requests" + "github.com/TeaOSLab/EdgeNode/internal/waf/utils" "github.com/iwind/TeaGo/maps" ) @@ -9,13 +10,17 @@ type RequestPathCheckpoint struct { Checkpoint } -func (this *RequestPathCheckpoint) RequestValue(req requests.Request, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) { +func (this *RequestPathCheckpoint) RequestValue(req requests.Request, param string, options maps.Map, ruleId int64) (value any, hasRequestBody bool, sysErr error, userErr error) { return req.WAFRaw().URL.Path, false, nil, nil } -func (this *RequestPathCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) { +func (this *RequestPathCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map, ruleId int64) (value any, hasRequestBody bool, sysErr error, userErr error) { if this.IsRequest() { return this.RequestValue(req, param, options, ruleId) } return } + +func (this *RequestPathCheckpoint) CacheLife() utils.CacheLife { + return utils.CacheMiddleLife +} diff --git a/internal/waf/checkpoints/request_proto.go b/internal/waf/checkpoints/request_proto.go index 8ca81db..a5a2847 100644 --- a/internal/waf/checkpoints/request_proto.go +++ b/internal/waf/checkpoints/request_proto.go @@ -2,6 +2,7 @@ package checkpoints import ( "github.com/TeaOSLab/EdgeNode/internal/waf/requests" + "github.com/TeaOSLab/EdgeNode/internal/waf/utils" "github.com/iwind/TeaGo/maps" ) @@ -9,14 +10,18 @@ type RequestProtoCheckpoint struct { Checkpoint } -func (this *RequestProtoCheckpoint) RequestValue(req requests.Request, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) { +func (this *RequestProtoCheckpoint) RequestValue(req requests.Request, param string, options maps.Map, ruleId int64) (value any, hasRequestBody bool, sysErr error, userErr error) { value = req.WAFRaw().Proto return } -func (this *RequestProtoCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) { +func (this *RequestProtoCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map, ruleId int64) (value any, hasRequestBody bool, sysErr error, userErr error) { if this.IsRequest() { return this.RequestValue(req, param, options, ruleId) } return } + +func (this *RequestProtoCheckpoint) CacheLife() utils.CacheLife { + return utils.CacheLongLife +} diff --git a/internal/waf/checkpoints/request_raw_remote_addr.go b/internal/waf/checkpoints/request_raw_remote_addr.go index 7de78ed..726ae42 100644 --- a/internal/waf/checkpoints/request_raw_remote_addr.go +++ b/internal/waf/checkpoints/request_raw_remote_addr.go @@ -2,6 +2,7 @@ package checkpoints import ( "github.com/TeaOSLab/EdgeNode/internal/waf/requests" + "github.com/TeaOSLab/EdgeNode/internal/waf/utils" "github.com/iwind/TeaGo/maps" "net" ) @@ -10,7 +11,7 @@ type RequestRawRemoteAddrCheckpoint struct { Checkpoint } -func (this *RequestRawRemoteAddrCheckpoint) RequestValue(req requests.Request, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) { +func (this *RequestRawRemoteAddrCheckpoint) RequestValue(req requests.Request, param string, options maps.Map, ruleId int64) (value any, hasRequestBody bool, sysErr error, userErr error) { host, _, err := net.SplitHostPort(req.WAFRaw().RemoteAddr) if err == nil { value = host @@ -20,9 +21,13 @@ func (this *RequestRawRemoteAddrCheckpoint) RequestValue(req requests.Request, p return } -func (this *RequestRawRemoteAddrCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) { +func (this *RequestRawRemoteAddrCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map, ruleId int64) (value any, hasRequestBody bool, sysErr error, userErr error) { if this.IsRequest() { return this.RequestValue(req, param, options, ruleId) } return } + +func (this *RequestRawRemoteAddrCheckpoint) CacheLife() utils.CacheLife { + return utils.CacheShortLife +} diff --git a/internal/waf/checkpoints/request_referer.go b/internal/waf/checkpoints/request_referer.go index b3d1b56..93b2c21 100644 --- a/internal/waf/checkpoints/request_referer.go +++ b/internal/waf/checkpoints/request_referer.go @@ -2,6 +2,7 @@ package checkpoints import ( "github.com/TeaOSLab/EdgeNode/internal/waf/requests" + "github.com/TeaOSLab/EdgeNode/internal/waf/utils" "github.com/iwind/TeaGo/maps" ) @@ -9,14 +10,18 @@ type RequestRefererCheckpoint struct { Checkpoint } -func (this *RequestRefererCheckpoint) RequestValue(req requests.Request, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) { +func (this *RequestRefererCheckpoint) RequestValue(req requests.Request, param string, options maps.Map, ruleId int64) (value any, hasRequestBody bool, sysErr error, userErr error) { value = req.WAFRaw().Referer() return } -func (this *RequestRefererCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) { +func (this *RequestRefererCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map, ruleId int64) (value any, hasRequestBody bool, sysErr error, userErr error) { if this.IsRequest() { return this.RequestValue(req, param, options, ruleId) } return } + +func (this *RequestRefererCheckpoint) CacheLife() utils.CacheLife { + return utils.CacheShortLife +} diff --git a/internal/waf/checkpoints/request_referer_block.go b/internal/waf/checkpoints/request_referer_block.go index 0e79e4d..4237f9a 100644 --- a/internal/waf/checkpoints/request_referer_block.go +++ b/internal/waf/checkpoints/request_referer_block.go @@ -5,6 +5,7 @@ package checkpoints import ( "github.com/TeaOSLab/EdgeCommon/pkg/configutils" "github.com/TeaOSLab/EdgeNode/internal/waf/requests" + "github.com/TeaOSLab/EdgeNode/internal/waf/utils" "github.com/iwind/TeaGo/maps" "github.com/iwind/TeaGo/types" "net/url" @@ -17,7 +18,7 @@ type RequestRefererBlockCheckpoint struct { // RequestValue 计算checkpoint值 // 选项:allowEmpty, allowSameDomain, allowDomains -func (this *RequestRefererBlockCheckpoint) RequestValue(req requests.Request, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) { +func (this *RequestRefererBlockCheckpoint) RequestValue(req requests.Request, param string, options maps.Map, ruleId int64) (value any, hasRequestBody bool, sysErr error, userErr error) { var checkOrigin = options.GetBool("checkOrigin") var referer = req.WAFRaw().Referer() if len(referer) == 0 && checkOrigin { @@ -94,6 +95,10 @@ func (this *RequestRefererBlockCheckpoint) RequestValue(req requests.Request, pa return } -func (this *RequestRefererBlockCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) { +func (this *RequestRefererBlockCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map, ruleId int64) (value any, hasRequestBody bool, sysErr error, userErr error) { return } + +func (this *RequestRefererBlockCheckpoint) CacheLife() utils.CacheLife { + return utils.CacheLongLife +} diff --git a/internal/waf/checkpoints/request_remote_addr.go b/internal/waf/checkpoints/request_remote_addr.go index fba247d..83f211b 100644 --- a/internal/waf/checkpoints/request_remote_addr.go +++ b/internal/waf/checkpoints/request_remote_addr.go @@ -2,6 +2,7 @@ package checkpoints import ( "github.com/TeaOSLab/EdgeNode/internal/waf/requests" + "github.com/TeaOSLab/EdgeNode/internal/waf/utils" "github.com/iwind/TeaGo/maps" ) @@ -9,14 +10,18 @@ type RequestRemoteAddrCheckpoint struct { Checkpoint } -func (this *RequestRemoteAddrCheckpoint) RequestValue(req requests.Request, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) { +func (this *RequestRemoteAddrCheckpoint) RequestValue(req requests.Request, param string, options maps.Map, ruleId int64) (value any, hasRequestBody bool, sysErr error, userErr error) { value = req.WAFRemoteIP() return } -func (this *RequestRemoteAddrCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) { +func (this *RequestRemoteAddrCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map, ruleId int64) (value any, hasRequestBody bool, sysErr error, userErr error) { if this.IsRequest() { return this.RequestValue(req, param, options, ruleId) } return } + +func (this *RequestRemoteAddrCheckpoint) CacheLife() utils.CacheLife { + return utils.CacheShortLife +} diff --git a/internal/waf/checkpoints/request_remote_port.go b/internal/waf/checkpoints/request_remote_port.go index 546b5e8..1f7c66a 100644 --- a/internal/waf/checkpoints/request_remote_port.go +++ b/internal/waf/checkpoints/request_remote_port.go @@ -2,6 +2,7 @@ package checkpoints import ( "github.com/TeaOSLab/EdgeNode/internal/waf/requests" + "github.com/TeaOSLab/EdgeNode/internal/waf/utils" "github.com/iwind/TeaGo/maps" "github.com/iwind/TeaGo/types" "net" @@ -11,7 +12,7 @@ type RequestRemotePortCheckpoint struct { Checkpoint } -func (this *RequestRemotePortCheckpoint) RequestValue(req requests.Request, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) { +func (this *RequestRemotePortCheckpoint) RequestValue(req requests.Request, param string, options maps.Map, ruleId int64) (value any, hasRequestBody bool, sysErr error, userErr error) { _, port, err := net.SplitHostPort(req.WAFRaw().RemoteAddr) if err == nil { value = types.Int(port) @@ -21,9 +22,13 @@ func (this *RequestRemotePortCheckpoint) RequestValue(req requests.Request, para return } -func (this *RequestRemotePortCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) { +func (this *RequestRemotePortCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map, ruleId int64) (value any, hasRequestBody bool, sysErr error, userErr error) { if this.IsRequest() { return this.RequestValue(req, param, options, ruleId) } return } + +func (this *RequestRemotePortCheckpoint) CacheLife() utils.CacheLife { + return utils.CacheMiddleLife +} diff --git a/internal/waf/checkpoints/request_remote_user.go b/internal/waf/checkpoints/request_remote_user.go index aa2e4fb..b25e676 100644 --- a/internal/waf/checkpoints/request_remote_user.go +++ b/internal/waf/checkpoints/request_remote_user.go @@ -2,6 +2,7 @@ package checkpoints import ( "github.com/TeaOSLab/EdgeNode/internal/waf/requests" + "github.com/TeaOSLab/EdgeNode/internal/waf/utils" "github.com/iwind/TeaGo/maps" ) @@ -9,7 +10,7 @@ type RequestRemoteUserCheckpoint struct { Checkpoint } -func (this *RequestRemoteUserCheckpoint) RequestValue(req requests.Request, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) { +func (this *RequestRemoteUserCheckpoint) RequestValue(req requests.Request, param string, options maps.Map, ruleId int64) (value any, hasRequestBody bool, sysErr error, userErr error) { username, _, ok := req.WAFRaw().BasicAuth() if !ok { value = "" @@ -19,9 +20,13 @@ func (this *RequestRemoteUserCheckpoint) RequestValue(req requests.Request, para return } -func (this *RequestRemoteUserCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) { +func (this *RequestRemoteUserCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map, ruleId int64) (value any, hasRequestBody bool, sysErr error, userErr error) { if this.IsRequest() { return this.RequestValue(req, param, options, ruleId) } return } + +func (this *RequestRemoteUserCheckpoint) CacheLife() utils.CacheLife { + return utils.CacheMiddleLife +} diff --git a/internal/waf/checkpoints/request_scheme.go b/internal/waf/checkpoints/request_scheme.go index bcedfee..cb4ad79 100644 --- a/internal/waf/checkpoints/request_scheme.go +++ b/internal/waf/checkpoints/request_scheme.go @@ -2,6 +2,7 @@ package checkpoints import ( "github.com/TeaOSLab/EdgeNode/internal/waf/requests" + "github.com/TeaOSLab/EdgeNode/internal/waf/utils" "github.com/iwind/TeaGo/maps" ) @@ -9,14 +10,18 @@ type RequestSchemeCheckpoint struct { Checkpoint } -func (this *RequestSchemeCheckpoint) RequestValue(req requests.Request, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) { +func (this *RequestSchemeCheckpoint) RequestValue(req requests.Request, param string, options maps.Map, ruleId int64) (value any, hasRequestBody bool, sysErr error, userErr error) { value = req.Format("${scheme}") return } -func (this *RequestSchemeCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) { +func (this *RequestSchemeCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map, ruleId int64) (value any, hasRequestBody bool, sysErr error, userErr error) { if this.IsRequest() { return this.RequestValue(req, param, options, ruleId) } return } + +func (this *RequestSchemeCheckpoint) CacheLife() utils.CacheLife { + return utils.CacheLongLife +} diff --git a/internal/waf/checkpoints/request_upload.go b/internal/waf/checkpoints/request_upload.go index af0a2f0..7941aca 100644 --- a/internal/waf/checkpoints/request_upload.go +++ b/internal/waf/checkpoints/request_upload.go @@ -3,6 +3,7 @@ package checkpoints import ( "bytes" "github.com/TeaOSLab/EdgeNode/internal/waf/requests" + "github.com/TeaOSLab/EdgeNode/internal/waf/utils" "github.com/iwind/TeaGo/lists" "github.com/iwind/TeaGo/maps" "github.com/iwind/TeaGo/types" @@ -22,7 +23,7 @@ type RequestUploadCheckpoint struct { Checkpoint } -func (this *RequestUploadCheckpoint) RequestValue(req requests.Request, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) { +func (this *RequestUploadCheckpoint) RequestValue(req requests.Request, param string, options maps.Map, ruleId int64) (value any, hasRequestBody bool, sysErr error, userErr error) { if this.RequestBodyIsEmpty(req) { value = "" return @@ -213,7 +214,7 @@ func (this *RequestUploadCheckpoint) RequestValue(req requests.Request, param st return } -func (this *RequestUploadCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) { +func (this *RequestUploadCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map, ruleId int64) (value any, hasRequestBody bool, sysErr error, userErr error) { if this.IsRequest() { return this.RequestValue(req, param, options, ruleId) } @@ -229,3 +230,7 @@ func (this *RequestUploadCheckpoint) ParamOptions() *ParamOptions { option.AddParam("表单字段名", "field") return option } + +func (this *RequestUploadCheckpoint) CacheLife() utils.CacheLife { + return utils.CacheMiddleLife +} diff --git a/internal/waf/checkpoints/request_uri.go b/internal/waf/checkpoints/request_uri.go index 2b03756..72444f6 100644 --- a/internal/waf/checkpoints/request_uri.go +++ b/internal/waf/checkpoints/request_uri.go @@ -2,6 +2,7 @@ package checkpoints import ( "github.com/TeaOSLab/EdgeNode/internal/waf/requests" + "github.com/TeaOSLab/EdgeNode/internal/waf/utils" "github.com/iwind/TeaGo/maps" ) @@ -9,7 +10,7 @@ type RequestURICheckpoint struct { Checkpoint } -func (this *RequestURICheckpoint) RequestValue(req requests.Request, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) { +func (this *RequestURICheckpoint) RequestValue(req requests.Request, param string, options maps.Map, ruleId int64) (value any, hasRequestBody bool, sysErr error, userErr error) { if len(req.WAFRaw().RequestURI) > 0 { value = req.WAFRaw().RequestURI } else if req.WAFRaw().URL != nil { @@ -18,9 +19,13 @@ func (this *RequestURICheckpoint) RequestValue(req requests.Request, param strin return } -func (this *RequestURICheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) { +func (this *RequestURICheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map, ruleId int64) (value any, hasRequestBody bool, sysErr error, userErr error) { if this.IsRequest() { return this.RequestValue(req, param, options, ruleId) } return } + +func (this *RequestURICheckpoint) CacheLife() utils.CacheLife { + return utils.CacheShortLife +} diff --git a/internal/waf/checkpoints/request_url.go b/internal/waf/checkpoints/request_url.go index 24f0a51..eecaeba 100644 --- a/internal/waf/checkpoints/request_url.go +++ b/internal/waf/checkpoints/request_url.go @@ -2,6 +2,7 @@ package checkpoints import ( "github.com/TeaOSLab/EdgeNode/internal/waf/requests" + "github.com/TeaOSLab/EdgeNode/internal/waf/utils" "github.com/iwind/TeaGo/maps" ) @@ -9,13 +10,17 @@ type RequestURLCheckpoint struct { Checkpoint } -func (this *RequestURLCheckpoint) RequestValue(req requests.Request, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) { +func (this *RequestURLCheckpoint) RequestValue(req requests.Request, param string, options maps.Map, ruleId int64) (value any, hasRequestBody bool, sysErr error, userErr error) { return req.Format("${requestURL}"), hasRequestBody, nil, nil } -func (this *RequestURLCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) { +func (this *RequestURLCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map, ruleId int64) (value any, hasRequestBody bool, sysErr error, userErr error) { if this.IsRequest() { return this.RequestValue(req, param, options, ruleId) } return } + +func (this *RequestURLCheckpoint) CacheLife() utils.CacheLife { + return utils.CacheShortLife +} diff --git a/internal/waf/checkpoints/request_user_agent.go b/internal/waf/checkpoints/request_user_agent.go index 814a7ff..1247f56 100644 --- a/internal/waf/checkpoints/request_user_agent.go +++ b/internal/waf/checkpoints/request_user_agent.go @@ -2,6 +2,7 @@ package checkpoints import ( "github.com/TeaOSLab/EdgeNode/internal/waf/requests" + "github.com/TeaOSLab/EdgeNode/internal/waf/utils" "github.com/iwind/TeaGo/maps" ) @@ -9,14 +10,18 @@ type RequestUserAgentCheckpoint struct { Checkpoint } -func (this *RequestUserAgentCheckpoint) RequestValue(req requests.Request, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) { +func (this *RequestUserAgentCheckpoint) RequestValue(req requests.Request, param string, options maps.Map, ruleId int64) (value any, hasRequestBody bool, sysErr error, userErr error) { value = req.WAFRaw().UserAgent() return } -func (this *RequestUserAgentCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) { +func (this *RequestUserAgentCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map, ruleId int64) (value any, hasRequestBody bool, sysErr error, userErr error) { if this.IsRequest() { return this.RequestValue(req, param, options, ruleId) } return } + +func (this *RequestUserAgentCheckpoint) CacheLife() utils.CacheLife { + return utils.CacheShortLife +} diff --git a/internal/waf/checkpoints/response_body.go b/internal/waf/checkpoints/response_body.go index 0ee8548..e6dc170 100644 --- a/internal/waf/checkpoints/response_body.go +++ b/internal/waf/checkpoints/response_body.go @@ -3,6 +3,7 @@ package checkpoints import ( "bytes" "github.com/TeaOSLab/EdgeNode/internal/waf/requests" + "github.com/TeaOSLab/EdgeNode/internal/waf/utils" "github.com/iwind/TeaGo/maps" "io" ) @@ -16,12 +17,12 @@ func (this *ResponseBodyCheckpoint) IsRequest() bool { return false } -func (this *ResponseBodyCheckpoint) RequestValue(req requests.Request, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) { +func (this *ResponseBodyCheckpoint) RequestValue(req requests.Request, param string, options maps.Map, ruleId int64) (value any, hasRequestBody bool, sysErr error, userErr error) { value = "" return } -func (this *ResponseBodyCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) { +func (this *ResponseBodyCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map, ruleId int64) (value any, hasRequestBody bool, sysErr error, userErr error) { if resp.ContentLength == 0 { value = "" return @@ -45,3 +46,7 @@ func (this *ResponseBodyCheckpoint) ResponseValue(req requests.Request, resp *re } return } + +func (this *ResponseBodyCheckpoint) CacheLife() utils.CacheLife { + return utils.CacheMiddleLife +} diff --git a/internal/waf/checkpoints/response_bytes_sent.go b/internal/waf/checkpoints/response_bytes_sent.go index b6ea98d..bbaf305 100644 --- a/internal/waf/checkpoints/response_bytes_sent.go +++ b/internal/waf/checkpoints/response_bytes_sent.go @@ -2,6 +2,7 @@ package checkpoints import ( "github.com/TeaOSLab/EdgeNode/internal/waf/requests" + "github.com/TeaOSLab/EdgeNode/internal/waf/utils" "github.com/iwind/TeaGo/maps" ) @@ -14,15 +15,19 @@ func (this *ResponseBytesSentCheckpoint) IsRequest() bool { return false } -func (this *ResponseBytesSentCheckpoint) RequestValue(req requests.Request, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) { +func (this *ResponseBytesSentCheckpoint) RequestValue(req requests.Request, param string, options maps.Map, ruleId int64) (value any, hasRequestBody bool, sysErr error, userErr error) { value = 0 return } -func (this *ResponseBytesSentCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) { +func (this *ResponseBytesSentCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map, ruleId int64) (value any, hasRequestBody bool, sysErr error, userErr error) { value = 0 if resp != nil { value = resp.ContentLength } return } + +func (this *ResponseBytesSentCheckpoint) CacheLife() utils.CacheLife { + return utils.CacheShortLife +} diff --git a/internal/waf/checkpoints/response_general_header_length.go b/internal/waf/checkpoints/response_general_header_length.go index cea2fbf..4d3dc53 100644 --- a/internal/waf/checkpoints/response_general_header_length.go +++ b/internal/waf/checkpoints/response_general_header_length.go @@ -2,6 +2,7 @@ package checkpoints import ( "github.com/TeaOSLab/EdgeNode/internal/waf/requests" + "github.com/TeaOSLab/EdgeNode/internal/waf/utils" "github.com/iwind/TeaGo/maps" "github.com/iwind/TeaGo/types" ) @@ -18,11 +19,11 @@ func (this *ResponseGeneralHeaderLengthCheckpoint) IsComposed() bool { return true } -func (this *ResponseGeneralHeaderLengthCheckpoint) RequestValue(req requests.Request, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) { +func (this *ResponseGeneralHeaderLengthCheckpoint) RequestValue(req requests.Request, param string, options maps.Map, ruleId int64) (value any, hasRequestBody bool, sysErr error, userErr error) { return } -func (this *ResponseGeneralHeaderLengthCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) { +func (this *ResponseGeneralHeaderLengthCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map, ruleId int64) (value any, hasRequestBody bool, sysErr error, userErr error) { value = false headers := options.GetSlice("headers") @@ -42,3 +43,7 @@ func (this *ResponseGeneralHeaderLengthCheckpoint) ResponseValue(req requests.Re return } + +func (this *ResponseGeneralHeaderLengthCheckpoint) CacheLife() utils.CacheLife { + return utils.CacheMiddleLife +} diff --git a/internal/waf/checkpoints/response_header.go b/internal/waf/checkpoints/response_header.go index 30d356a..a9a3a45 100644 --- a/internal/waf/checkpoints/response_header.go +++ b/internal/waf/checkpoints/response_header.go @@ -2,6 +2,7 @@ package checkpoints import ( "github.com/TeaOSLab/EdgeNode/internal/waf/requests" + "github.com/TeaOSLab/EdgeNode/internal/waf/utils" "github.com/iwind/TeaGo/maps" ) @@ -14,12 +15,12 @@ func (this *ResponseHeaderCheckpoint) IsRequest() bool { return false } -func (this *ResponseHeaderCheckpoint) RequestValue(req requests.Request, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) { +func (this *ResponseHeaderCheckpoint) RequestValue(req requests.Request, param string, options maps.Map, ruleId int64) (value any, hasRequestBody bool, sysErr error, userErr error) { value = "" return } -func (this *ResponseHeaderCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) { +func (this *ResponseHeaderCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map, ruleId int64) (value any, hasRequestBody bool, sysErr error, userErr error) { if resp != nil && resp.Header != nil { value = resp.Header.Get(param) } else { @@ -27,3 +28,7 @@ func (this *ResponseHeaderCheckpoint) ResponseValue(req requests.Request, resp * } return } + +func (this *ResponseHeaderCheckpoint) CacheLife() utils.CacheLife { + return utils.CacheMiddleLife +} diff --git a/internal/waf/checkpoints/response_status.go b/internal/waf/checkpoints/response_status.go index 0f74723..c5e2383 100644 --- a/internal/waf/checkpoints/response_status.go +++ b/internal/waf/checkpoints/response_status.go @@ -2,6 +2,7 @@ package checkpoints import ( "github.com/TeaOSLab/EdgeNode/internal/waf/requests" + "github.com/TeaOSLab/EdgeNode/internal/waf/utils" "github.com/iwind/TeaGo/maps" ) @@ -14,14 +15,18 @@ func (this *ResponseStatusCheckpoint) IsRequest() bool { return false } -func (this *ResponseStatusCheckpoint) RequestValue(req requests.Request, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) { +func (this *ResponseStatusCheckpoint) RequestValue(req requests.Request, param string, options maps.Map, ruleId int64) (value any, hasRequestBody bool, sysErr error, userErr error) { value = 0 return } -func (this *ResponseStatusCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) { +func (this *ResponseStatusCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map, ruleId int64) (value any, hasRequestBody bool, sysErr error, userErr error) { if resp != nil { value = resp.StatusCode } return } + +func (this *ResponseStatusCheckpoint) CacheLife() utils.CacheLife { + return utils.CacheLongLife +} diff --git a/internal/waf/checkpoints/sample_request.go b/internal/waf/checkpoints/sample_request.go index 972cdef..f17db18 100644 --- a/internal/waf/checkpoints/sample_request.go +++ b/internal/waf/checkpoints/sample_request.go @@ -2,6 +2,7 @@ package checkpoints import ( "github.com/TeaOSLab/EdgeNode/internal/waf/requests" + "github.com/TeaOSLab/EdgeNode/internal/waf/utils" "github.com/iwind/TeaGo/maps" ) @@ -10,13 +11,17 @@ type SampleRequestCheckpoint struct { Checkpoint } -func (this *SampleRequestCheckpoint) RequestValue(req requests.Request, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) { +func (this *SampleRequestCheckpoint) RequestValue(req requests.Request, param string, options maps.Map, ruleId int64) (value any, hasRequestBody bool, sysErr error, userErr error) { return } -func (this *SampleRequestCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) { +func (this *SampleRequestCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map, ruleId int64) (value any, hasRequestBody bool, sysErr error, userErr error) { if this.IsRequest() { return this.RequestValue(req, param, options, ruleId) } return } + +func (this *SampleRequestCheckpoint) CacheLife() utils.CacheLife { + return utils.CacheMiddleLife +} diff --git a/internal/waf/checkpoints/sample_response.go b/internal/waf/checkpoints/sample_response.go index 56fd4c3..10e5ebb 100644 --- a/internal/waf/checkpoints/sample_response.go +++ b/internal/waf/checkpoints/sample_response.go @@ -2,6 +2,7 @@ package checkpoints import ( "github.com/TeaOSLab/EdgeNode/internal/waf/requests" + "github.com/TeaOSLab/EdgeNode/internal/waf/utils" "github.com/iwind/TeaGo/maps" ) @@ -14,10 +15,14 @@ func (this *SampleResponseCheckpoint) IsRequest() bool { return false } -func (this *SampleResponseCheckpoint) RequestValue(req requests.Request, param string, options maps.Map, ruleId int64) (value interface{}, sysErr error, userErr error) { +func (this *SampleResponseCheckpoint) RequestValue(req requests.Request, param string, options maps.Map, ruleId int64) (value any, sysErr error, userErr error) { return } -func (this *SampleResponseCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) { +func (this *SampleResponseCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map, ruleId int64) (value any, hasRequestBody bool, sysErr error, userErr error) { return } + +func (this *SampleResponseCheckpoint) CacheLife() utils.CacheLife { + return utils.CacheMiddleLife +} diff --git a/internal/waf/requests/request.go b/internal/waf/requests/request.go index cdb17ce..03a4787 100644 --- a/internal/waf/requests/request.go +++ b/internal/waf/requests/request.go @@ -30,7 +30,7 @@ type Request interface { WAFClose() // WAFOnAction 动作回调 - WAFOnAction(action interface{}) (goNext bool) + WAFOnAction(action any) (goNext bool) // WAFFingerprint 读取连接指纹 WAFFingerprint() []byte diff --git a/internal/waf/requests/test_request.go b/internal/waf/requests/test_request.go index 656df62..5e76985 100644 --- a/internal/waf/requests/test_request.go +++ b/internal/waf/requests/test_request.go @@ -73,7 +73,7 @@ func (this *TestRequest) Format(s string) string { return s } -func (this *TestRequest) WAFOnAction(action interface{}) bool { +func (this *TestRequest) WAFOnAction(action any) bool { return true } diff --git a/internal/waf/rule.go b/internal/waf/rule.go index b331249..f68cac4 100644 --- a/internal/waf/rule.go +++ b/internal/waf/rule.go @@ -25,7 +25,7 @@ import ( var singleParamRegexp = regexp.MustCompile(`^\${[\w.-]+}$`) -// Rule +// Rule waf rule under rule set type Rule struct { Id int64 @@ -53,7 +53,9 @@ type Rule struct { ipList *values.StringList floatValue float64 - reg *re.Regexp + + reg *re.Regexp + regCacheLife utils.CacheLife } func NewRule() *Rule { @@ -161,6 +163,8 @@ func (this *Rule) Init() error { } this.singleCheckpoint = checkpoint this.Priority = checkpoint.Priority() + + this.regCacheLife = checkpoint.CacheLife() } else { var checkpoint = checkpoints.FindCheckpoint(prefix) if checkpoint == nil { @@ -169,6 +173,8 @@ func (this *Rule) Init() error { checkpoint.Init() this.singleCheckpoint = checkpoint this.Priority = checkpoint.Priority() + + this.regCacheLife = checkpoint.CacheLife() } return nil @@ -186,6 +192,10 @@ func (this *Rule) Init() error { } else { this.multipleCheckpoints[prefix] = checkpoint this.Priority = checkpoint.Priority() + + if this.regCacheLife <= 0 || checkpoint.CacheLife() < this.regCacheLife { + this.regCacheLife = checkpoint.CacheLife() + } } } else { var checkpoint = checkpoints.FindCheckpoint(prefix) @@ -195,8 +205,11 @@ func (this *Rule) Init() error { checkpoint.Init() this.multipleCheckpoints[prefix] = checkpoint this.Priority = checkpoint.Priority() + + this.regCacheLife = checkpoint.CacheLife() } } + return "" }) @@ -357,7 +370,7 @@ func (this *Rule) MatchResponse(req requests.Request, resp *requests.Response) ( return this.Test(value), hasRequestBody, nil } -func (this *Rule) Test(value interface{}) bool { +func (this *Rule) Test(value any) bool { // operator switch this.Operator { case RuleOperatorGt: @@ -393,7 +406,7 @@ func (this *Rule) Test(value interface{}) bool { stringList, ok := value.([]string) if ok { for _, s := range stringList { - if utils.MatchStringCache(this.reg, s) { + if utils.MatchStringCache(this.reg, s, this.regCacheLife) { return true } } @@ -403,11 +416,11 @@ func (this *Rule) Test(value interface{}) bool { // bytes byteSlice, ok := value.([]byte) if ok { - return utils.MatchBytesCache(this.reg, byteSlice) + return utils.MatchBytesCache(this.reg, byteSlice, this.regCacheLife) } // string - return utils.MatchStringCache(this.reg, types.String(value)) + return utils.MatchStringCache(this.reg, types.String(value), this.regCacheLife) case RuleOperatorNotMatch, RuleOperatorWildcardNotMatch: if value == nil { return true @@ -415,7 +428,7 @@ func (this *Rule) Test(value interface{}) bool { stringList, ok := value.([]string) if ok { for _, s := range stringList { - if utils.MatchStringCache(this.reg, s) { + if utils.MatchStringCache(this.reg, s, this.regCacheLife) { return false } } @@ -425,16 +438,16 @@ func (this *Rule) Test(value interface{}) bool { // bytes byteSlice, ok := value.([]byte) if ok { - return !utils.MatchBytesCache(this.reg, byteSlice) + return !utils.MatchBytesCache(this.reg, byteSlice, this.regCacheLife) } - return !utils.MatchStringCache(this.reg, types.String(value)) + return !utils.MatchStringCache(this.reg, types.String(value), this.regCacheLife) case RuleOperatorContains: if types.IsSlice(value) { _, isBytes := value.([]byte) if !isBytes { ok := false - lists.Each(value, func(k int, v interface{}) { + lists.Each(value, func(k int, v any) { if types.String(v) == this.Value { ok = true } @@ -704,7 +717,7 @@ func (this *Rule) ipToInt64(ip net.IP) int64 { return int64(binary.BigEndian.Uint32(ip)) } -func (this *Rule) execFilter(value interface{}) interface{} { +func (this *Rule) execFilter(value any) any { var goNext bool var err error diff --git a/internal/waf/utils/utils.go b/internal/waf/utils/utils.go index 9ab09d4..ac85432 100644 --- a/internal/waf/utils/utils.go +++ b/internal/waf/utils/utils.go @@ -3,21 +3,34 @@ package utils import ( "github.com/TeaOSLab/EdgeNode/internal/re" "github.com/TeaOSLab/EdgeNode/internal/ttlcache" + "github.com/TeaOSLab/EdgeNode/internal/utils/fasttime" "github.com/cespare/xxhash" "strconv" - "time" ) var cache = ttlcache.NewCache[int8]() +const ( + maxCacheDataSize = 1024 +) + +type CacheLife = int64 + +const ( + CacheDisabled CacheLife = 0 + CacheShortLife CacheLife = 600 + CacheMiddleLife CacheLife = 1800 + CacheLongLife CacheLife = 7200 +) + // MatchStringCache 正则表达式匹配字符串,并缓存结果 -func MatchStringCache(regex *re.Regexp, s string) bool { +func MatchStringCache(regex *re.Regexp, s string, cacheLife CacheLife) bool { if regex == nil { return false } - // 如果长度超过4096,大概率是不能重用的 - if len(s) > 4096 { + // 如果长度超过一定数量,大概率是不能重用的 + if cacheLife <= 0 || len(s) > maxCacheDataSize { return regex.MatchString(s) } @@ -29,21 +42,21 @@ func MatchStringCache(regex *re.Regexp, s string) bool { } var b = regex.MatchString(s) if b { - cache.Write(key, 1, time.Now().Unix()+1800) + cache.Write(key, 1, fasttime.Now().Unix()+cacheLife) } else { - cache.Write(key, 0, time.Now().Unix()+1800) + cache.Write(key, 0, fasttime.Now().Unix()+cacheLife) } return b } // MatchBytesCache 正则表达式匹配字节slice,并缓存结果 -func MatchBytesCache(regex *re.Regexp, byteSlice []byte) bool { +func MatchBytesCache(regex *re.Regexp, byteSlice []byte, cacheLife CacheLife) bool { if regex == nil { return false } - // 如果长度超过4096,大概率是不能重用的 - if len(byteSlice) > 4096 { + // 如果长度超过一定数量,大概率是不能重用的 + if cacheLife <= 0 || len(byteSlice) > maxCacheDataSize { return regex.Match(byteSlice) } @@ -58,9 +71,9 @@ func MatchBytesCache(regex *re.Regexp, byteSlice []byte) bool { } var b = regex.Match(byteSlice) if b { - cache.Write(key, 1, time.Now().Unix()+1800) + cache.Write(key, 1, fasttime.Now().Unix()+cacheLife) } else { - cache.Write(key, 0, time.Now().Unix()+1800) + cache.Write(key, 0, fasttime.Now().Unix()+cacheLife) } return b } diff --git a/internal/waf/utils/utils_test.go b/internal/waf/utils/utils_test.go index dabcc89..3aa9a29 100644 --- a/internal/waf/utils/utils_test.go +++ b/internal/waf/utils/utils_test.go @@ -14,16 +14,16 @@ import ( func TestMatchStringCache(t *testing.T) { regex := re.MustCompile(`\d+`) - t.Log(utils.MatchStringCache(regex, "123")) - t.Log(utils.MatchStringCache(regex, "123")) - t.Log(utils.MatchStringCache(regex, "123")) + t.Log(utils.MatchStringCache(regex, "123", utils.CacheShortLife)) + t.Log(utils.MatchStringCache(regex, "123", utils.CacheShortLife)) + t.Log(utils.MatchStringCache(regex, "123", utils.CacheShortLife)) } func TestMatchBytesCache(t *testing.T) { regex := re.MustCompile(`\d+`) - t.Log(utils.MatchBytesCache(regex, []byte("123"))) - t.Log(utils.MatchBytesCache(regex, []byte("123"))) - t.Log(utils.MatchBytesCache(regex, []byte("123"))) + t.Log(utils.MatchBytesCache(regex, []byte("123"), utils.CacheShortLife)) + t.Log(utils.MatchBytesCache(regex, []byte("123"), utils.CacheShortLife)) + t.Log(utils.MatchBytesCache(regex, []byte("123"), utils.CacheShortLife)) } func TestMatchRemoteCache(t *testing.T) { @@ -53,13 +53,13 @@ func TestMatchBytesCache_WithoutCache(t *testing.T) { func BenchmarkMatchStringCache(b *testing.B) { runtime.GOMAXPROCS(1) - var data = strings.Repeat("HELLO", 512) + var data = strings.Repeat("HELLO", 128) var regex = re.MustCompile(`(?iU)\b(eval|system|exec|execute|passthru|shell_exec|phpinfo)\b`) //b.Log(regex.Keywords()) - _ = utils.MatchStringCache(regex, data) + _ = utils.MatchStringCache(regex, data, utils.CacheShortLife) for i := 0; i < b.N; i++ { - _ = utils.MatchStringCache(regex, data) + _ = utils.MatchStringCache(regex, data, utils.CacheShortLife) } }