增加攻击拦截统计

2025-11-07 02:20:25 +08:00 · 2021-07-13 11:04:38 +08:00
parent fcae16bb55
commit fb91c40e09
5 changed files with 28 additions and 5 deletions
--- a/internal/nodes/http_request.go
+++ b/internal/nodes/http_request.go
@@ -67,6 +67,7 @@ type HTTPRequest struct {
 	cacheRef             *serverconfigs.HTTPCacheRef       // 缓存设置
 	cacheKey             string                            // 缓存使用的Key
 	isCached             bool                              // 是否已经被缓存
+	isAttack             bool                              // 是否是攻击请求

 	// WAF相关
 	firewallPolicyId    int64
@@ -243,9 +244,13 @@ func (this *HTTPRequest) doEnd() {
 	// TODO 增加是否开启开关
 	if this.Server != nil {
 		if this.isCached {
-			stats.SharedTrafficStatManager.Add(this.Server.Id, this.Host, this.writer.sentBodyBytes, this.writer.sentBodyBytes, 1, 1)
+			stats.SharedTrafficStatManager.Add(this.Server.Id, this.Host, this.writer.sentBodyBytes, this.writer.sentBodyBytes, 1, 1, 0, 0)
 		} else {
-			stats.SharedTrafficStatManager.Add(this.Server.Id, this.Host, this.writer.sentBodyBytes, 0, 1, 0)
+			if this.isAttack {
+				stats.SharedTrafficStatManager.Add(this.Server.Id, this.Host, this.writer.sentBodyBytes, 0, 1, 0, 1, this.writer.sentBodyBytes)
+			} else {
+				stats.SharedTrafficStatManager.Add(this.Server.Id, this.Host, this.writer.sentBodyBytes, 0, 1, 0, 0, 0)
+			}
 		}
 	}

--- a/internal/nodes/http_request_waf.go
+++ b/internal/nodes/http_request_waf.go
@@ -164,6 +164,10 @@ func (this *HTTPRequest) checkWAFRequest(firewallPolicy *firewallconfigs.HTTPFir
 			this.firewallRuleGroupId = types.Int64(ruleGroup.Id)
 			this.firewallRuleSetId = types.Int64(ruleSet.Id)

+			if ruleSet.Action == waf.ActionBlock {
+				this.isAttack = true
+			}
+
 			// 添加统计
 			stats.SharedHTTPRequestStatManager.AddFirewallRuleGroupId(this.Server.Id, this.firewallRuleGroupId, ruleSet.Action)
 		}
@@ -216,6 +220,10 @@ func (this *HTTPRequest) checkWAFResponse(firewallPolicy *firewallconfigs.HTTPFi
 			this.firewallRuleGroupId = types.Int64(ruleGroup.Id)
 			this.firewallRuleSetId = types.Int64(ruleSet.Id)

+			if ruleSet.Action == waf.ActionBlock {
+				this.isAttack = true
+			}
+
 			// 添加统计
 			stats.SharedHTTPRequestStatManager.AddFirewallRuleGroupId(this.Server.Id, this.firewallRuleGroupId, ruleSet.Action)
 		}
--- a/internal/nodes/listener_tcp.go
+++ b/internal/nodes/listener_tcp.go
@@ -80,7 +80,7 @@ func (this *TCPListener) handleConn(conn net.Conn) error {
 				}

 				// 记录流量
-				stats.SharedTrafficStatManager.Add(firstServer.Id, "", int64(n), 0, 0, 0)
+				stats.SharedTrafficStatManager.Add(firstServer.Id, "", int64(n), 0, 0, 0, 0, 0)
 			}
 			if err != nil {
 				closer()
--- a/internal/nodes/listener_udp.go
+++ b/internal/nodes/listener_udp.go
@@ -164,7 +164,7 @@ func NewUDPConn(serverId int64, addr net.Addr, proxyConn *net.UDPConn, serverCon
 				}

 				// 记录流量
-				stats.SharedTrafficStatManager.Add(serverId, "", int64(n), 0, 0, 0)
+				stats.SharedTrafficStatManager.Add(serverId, "", int64(n), 0, 0, 0, 0, 0)
 			}
 			if err != nil {
 				conn.isOk = false
--- a/internal/stats/traffic_stat_manager.go
+++ b/internal/stats/traffic_stat_manager.go
@@ -24,6 +24,8 @@ type TrafficItem struct {
 	CachedBytes         int64
 	CountRequests       int64
 	CountCachedRequests int64
+	CountAttackRequests int64
+	AttackBytes         int64
 }

 // TrafficStatManager 区域流量统计
@@ -84,7 +86,7 @@ func (this *TrafficStatManager) Start(configFunc func() *nodeconfigs.NodeConfig)
 }

 // Add 添加流量
-func (this *TrafficStatManager) Add(serverId int64, domain string, bytes int64, cachedBytes int64, countRequests int64, countCachedRequests int64) {
+func (this *TrafficStatManager) Add(serverId int64, domain string, bytes int64, cachedBytes int64, countRequests int64, countCachedRequests int64, countAttacks int64, attackBytes int64) {
 	if bytes == 0 {
 		return
 	}
@@ -106,6 +108,8 @@ func (this *TrafficStatManager) Add(serverId int64, domain string, bytes int64,
 	item.CachedBytes += cachedBytes
 	item.CountRequests += countRequests
 	item.CountCachedRequests += countCachedRequests
+	item.CountAttackRequests += countAttacks
+	item.AttackBytes += attackBytes

 	// 单个域名流量
 	var domainKey = strconv.FormatInt(timestamp, 10) + "@" + strconv.FormatInt(serverId, 10) + "@" + domain
@@ -118,6 +122,8 @@ func (this *TrafficStatManager) Add(serverId int64, domain string, bytes int64,
 	domainItem.CachedBytes += cachedBytes
 	domainItem.CountRequests += countRequests
 	domainItem.CountCachedRequests += countCachedRequests
+	domainItem.CountAttackRequests += countAttacks
+	domainItem.AttackBytes += attackBytes

 	this.locker.Unlock()
 }
@@ -160,6 +166,8 @@ func (this *TrafficStatManager) Upload() error {
 			CachedBytes:         item.CachedBytes,
 			CountRequests:       item.CountRequests,
 			CountCachedRequests: item.CountCachedRequests,
+			CountAttackRequests: item.CountAttackRequests,
+			AttackBytes:         item.AttackBytes,
 			CreatedAt:           timestamp,
 		})
 	}
@@ -181,6 +189,8 @@ func (this *TrafficStatManager) Upload() error {
 			CachedBytes:         item.CachedBytes,
 			CountRequests:       item.CountRequests,
 			CountCachedRequests: item.CountCachedRequests,
+			CountAttackRequests: item.CountAttackRequests,
+			AttackBytes:         item.AttackBytes,
 			CreatedAt:           types.Int64(pieces[0]),
 		})
 	}