From ff5e3a3e14eb1335d7f63c25570b1062db6ce4b2 Mon Sep 17 00:00:00 2001
From: GoEdgeLab <goedgecloud@gmail.com>
Date: Tue, 19 Oct 2021 09:21:58 +0800
Subject: [PATCH] =?UTF-8?q?=E4=BF=AE=E5=A4=8DIP=E9=BB=91=E5=90=8D=E5=8D=95?=
 =?UTF-8?q?=E4=B8=BA=E6=9C=8D=E5=8A=A1=E6=97=B6=E4=B8=8D=E7=94=9F=E6=95=88?=
 =?UTF-8?q?=E7=9A=84=E9=97=AE=E9=A2=98?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 internal/nodes/http_request_waf.go | 15 +++++++++++++++
 1 file changed, 15 insertions(+)

diff --git a/internal/nodes/http_request_waf.go b/internal/nodes/http_request_waf.go
index bbbb7da..82c2140 100644
--- a/internal/nodes/http_request_waf.go
+++ b/internal/nodes/http_request_waf.go
@@ -22,10 +22,25 @@ func (this *HTTPRequest) doWAFRequest() (blocked bool) {
 	if conn != nil {
 		trafficConn, ok := conn.(*TrafficConn)
 		if ok && trafficConn.IsClosed() {
+			this.disableLog = true
 			return true
 		}
 	}
 
+	// 检查是否在临时黑名单中
+	if waf.SharedIPBlackList.Contains(waf.IPTypeAll, firewallconfigs.FirewallScopeService, this.Server.Id, this.WAFRemoteIP()) {
+		this.disableLog = true
+
+		if conn != nil {
+			trafficConn, ok := conn.(*TrafficConn)
+			if ok && !trafficConn.IsClosed() {
+				_ = trafficConn.Close()
+			}
+		}
+
+		return true
+	}
+
 	// 当前服务的独立设置
 	if this.web.FirewallPolicy != nil && this.web.FirewallPolicy.IsOn {
 		blocked, breakChecking := this.checkWAFRequest(this.web.FirewallPolicy)