Compare commits
10 Commits
| Author | SHA1 | Date | |
|---|---|---|---|
|
0f5f03c9ed | ||
|
|
1181a0585b | ||
|
|
fd6fa929de | ||
|
|
73888c98a8 | ||
|
|
04ebfbea8a | ||
|
|
2b650fd285 | ||
|
|
515a590681 | ||
|
|
62f9d1f09a | ||
|
|
25c11f3d69 | ||
|
|
fde18c3b82 |
@@ -65,7 +65,8 @@ var sharedWritingFileKeyLocker = sync.Mutex{}
|
||||
|
||||
var maxOpenFiles = NewMaxOpenFiles()
|
||||
|
||||
const maxOpenFilesSlowCost = 500 * time.Microsecond // 0.5ms
|
||||
const maxOpenFilesSlowCost = 5000 * time.Microsecond // 0.5ms
|
||||
const protectingLoadWhenDump = false
|
||||
|
||||
// FileStorage 文件缓存
|
||||
// 文件结构:
|
||||
|
||||
@@ -438,16 +438,18 @@ func (this *MemoryStorage) startFlush() {
|
||||
if statCount == 100 {
|
||||
statCount = 0
|
||||
|
||||
loadStat, err := load.Avg()
|
||||
if err == nil && loadStat != nil {
|
||||
if loadStat.Load1 > 10 {
|
||||
writeDelayMS = 100
|
||||
} else if loadStat.Load1 > 3 {
|
||||
writeDelayMS = 50
|
||||
} else if loadStat.Load1 > 2 {
|
||||
writeDelayMS = 10
|
||||
} else {
|
||||
writeDelayMS = 0
|
||||
if protectingLoadWhenDump {
|
||||
loadStat, err := load.Avg()
|
||||
if err == nil && loadStat != nil {
|
||||
if loadStat.Load1 > 10 {
|
||||
writeDelayMS = 100
|
||||
} else if loadStat.Load1 > 3 {
|
||||
writeDelayMS = 50
|
||||
} else if loadStat.Load1 > 2 {
|
||||
writeDelayMS = 10
|
||||
} else {
|
||||
writeDelayMS = 0
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
@@ -9,7 +9,8 @@ import (
|
||||
// APIConfig 节点API配置
|
||||
type APIConfig struct {
|
||||
RPC struct {
|
||||
Endpoints []string `yaml:"endpoints"`
|
||||
Endpoints []string `yaml:"endpoints"`
|
||||
DisableUpdate bool `yaml:"disableUpdate"`
|
||||
} `yaml:"rpc"`
|
||||
NodeId string `yaml:"nodeId"`
|
||||
Secret string `yaml:"secret"`
|
||||
@@ -30,7 +31,7 @@ func LoadAPIConfig() (*APIConfig, error) {
|
||||
return config, nil
|
||||
}
|
||||
|
||||
// 保存到文件
|
||||
// WriteFile 保存到文件
|
||||
func (this *APIConfig) WriteFile(path string) error {
|
||||
data, err := yaml.Marshal(this)
|
||||
if err != nil {
|
||||
|
||||
@@ -1,11 +1,15 @@
|
||||
package configs
|
||||
package configs_test
|
||||
|
||||
import "testing"
|
||||
import (
|
||||
"github.com/TeaOSLab/EdgeNode/internal/configs"
|
||||
_ "github.com/iwind/TeaGo/bootstrap"
|
||||
"testing"
|
||||
)
|
||||
|
||||
func TestLoadAPIConfig(t *testing.T) {
|
||||
config, err := LoadAPIConfig()
|
||||
config, err := configs.LoadAPIConfig()
|
||||
if err != nil {
|
||||
t.Fatal(err)
|
||||
}
|
||||
t.Log(config)
|
||||
t.Logf("%+v", config)
|
||||
}
|
||||
|
||||
@@ -1,10 +1,11 @@
|
||||
package configs
|
||||
|
||||
// 集群配置
|
||||
// ClusterConfig 集群配置
|
||||
type ClusterConfig struct {
|
||||
RPC struct {
|
||||
Endpoints []string `yaml:"endpoints"`
|
||||
Endpoints []string `yaml:"endpoints"`
|
||||
DisableUpdate bool `yaml:"disableUpdate"`
|
||||
} `yaml:"rpc"`
|
||||
ClusterId string `yaml:"clusterId"`
|
||||
Secret string `yaml:"secret"`
|
||||
Secret string `yaml:"secret"`
|
||||
}
|
||||
|
||||
@@ -1,7 +1,7 @@
|
||||
package teaconst
|
||||
|
||||
const (
|
||||
Version = "0.4.9"
|
||||
Version = "0.4.10"
|
||||
|
||||
ProductName = "Edge Node"
|
||||
ProcessName = "edge-node"
|
||||
|
||||
@@ -75,6 +75,24 @@ func (this *Firewalld) AllowPort(port int, protocol string) error {
|
||||
return nil
|
||||
}
|
||||
|
||||
func (this *Firewalld) AllowPortRangesPermanently(portRanges [][2]int, protocol string) error {
|
||||
for _, portRange := range portRanges {
|
||||
var port = this.PortRangeString(portRange, protocol)
|
||||
|
||||
{
|
||||
var cmd = exec.Command(this.exe, "--add-port="+port, "--permanent")
|
||||
this.pushCmd(cmd)
|
||||
}
|
||||
|
||||
{
|
||||
var cmd = exec.Command(this.exe, "--add-port="+port)
|
||||
this.pushCmd(cmd)
|
||||
}
|
||||
}
|
||||
|
||||
return nil
|
||||
}
|
||||
|
||||
func (this *Firewalld) RemovePort(port int, protocol string) error {
|
||||
if !this.isReady {
|
||||
return nil
|
||||
@@ -84,6 +102,30 @@ func (this *Firewalld) RemovePort(port int, protocol string) error {
|
||||
return nil
|
||||
}
|
||||
|
||||
func (this *Firewalld) RemovePortRangePermanently(portRange [2]int, protocol string) error {
|
||||
var port = this.PortRangeString(portRange, protocol)
|
||||
|
||||
{
|
||||
var cmd = exec.Command(this.exe, "--remove-port="+port, "--permanent")
|
||||
this.pushCmd(cmd)
|
||||
}
|
||||
|
||||
{
|
||||
var cmd = exec.Command(this.exe, "--remove-port="+port)
|
||||
this.pushCmd(cmd)
|
||||
}
|
||||
|
||||
return nil
|
||||
}
|
||||
|
||||
func (this *Firewalld) PortRangeString(portRange [2]int, protocol string) string {
|
||||
if portRange[0] == portRange[1] {
|
||||
return types.String(portRange[0]) + "/" + protocol
|
||||
} else {
|
||||
return types.String(portRange[0]) + "-" + types.String(portRange[1]) + "/" + protocol
|
||||
}
|
||||
}
|
||||
|
||||
func (this *Firewalld) RejectSourceIP(ip string, timeoutSeconds int) error {
|
||||
if !this.isReady {
|
||||
return nil
|
||||
|
||||
@@ -79,7 +79,7 @@ func TestIPItem_Memory(t *testing.T) {
|
||||
for i := 0; i < 2_000_000; i ++ {
|
||||
list.Add(&IPItem{
|
||||
Type: "ip",
|
||||
Id: int64(i),
|
||||
Id: uint64(i),
|
||||
IPFrom: utils.IP2Long("192.168.1.1"),
|
||||
IPTo: 0,
|
||||
ExpiredAt: time.Now().Unix(),
|
||||
|
||||
@@ -28,6 +28,8 @@ type IPListDB struct {
|
||||
cleanTicker *time.Ticker
|
||||
|
||||
dir string
|
||||
|
||||
isClosed bool
|
||||
}
|
||||
|
||||
func NewIPListDB() (*IPListDB, error) {
|
||||
@@ -56,6 +58,12 @@ func (this *IPListDB) init() error {
|
||||
return err
|
||||
}
|
||||
db.SetMaxOpenConns(1)
|
||||
|
||||
//_, err = db.Exec("VACUUM")
|
||||
//if err != nil {
|
||||
// return err
|
||||
//}
|
||||
|
||||
this.db = db
|
||||
|
||||
// 初始化数据库
|
||||
@@ -117,6 +125,7 @@ ON "` + this.itemTableName + `" (
|
||||
|
||||
goman.New(func() {
|
||||
events.On(events.EventQuit, func() {
|
||||
_ = this.Close()
|
||||
this.cleanTicker.Stop()
|
||||
})
|
||||
|
||||
@@ -133,11 +142,19 @@ ON "` + this.itemTableName + `" (
|
||||
|
||||
// DeleteExpiredItems 删除过期的条目
|
||||
func (this *IPListDB) DeleteExpiredItems() error {
|
||||
if this.isClosed {
|
||||
return nil
|
||||
}
|
||||
|
||||
_, err := this.deleteExpiredItemsStmt.Exec(time.Now().Unix() - 7*86400)
|
||||
return err
|
||||
}
|
||||
|
||||
func (this *IPListDB) AddItem(item *pb.IPItem) error {
|
||||
if this.isClosed {
|
||||
return nil
|
||||
}
|
||||
|
||||
_, err := this.deleteItemStmt.Exec(item.Id)
|
||||
if err != nil {
|
||||
return err
|
||||
@@ -147,6 +164,10 @@ func (this *IPListDB) AddItem(item *pb.IPItem) error {
|
||||
}
|
||||
|
||||
func (this *IPListDB) ReadItems(offset int64, size int64) (items []*pb.IPItem, err error) {
|
||||
if this.isClosed {
|
||||
return
|
||||
}
|
||||
|
||||
rows, err := this.selectItemsStmt.Query(offset, size)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
@@ -169,6 +190,10 @@ func (this *IPListDB) ReadItems(offset int64, size int64) (items []*pb.IPItem, e
|
||||
|
||||
// ReadMaxVersion 读取当前最大版本号
|
||||
func (this *IPListDB) ReadMaxVersion() int64 {
|
||||
if this.isClosed {
|
||||
return 0
|
||||
}
|
||||
|
||||
row := this.selectMaxVersionStmt.QueryRow()
|
||||
if row == nil {
|
||||
return 0
|
||||
@@ -182,6 +207,8 @@ func (this *IPListDB) ReadMaxVersion() int64 {
|
||||
}
|
||||
|
||||
func (this *IPListDB) Close() error {
|
||||
this.isClosed = true
|
||||
|
||||
if this.db != nil {
|
||||
_ = this.deleteExpiredItemsStmt.Close()
|
||||
_ = this.deleteItemStmt.Close()
|
||||
|
||||
@@ -53,6 +53,11 @@ func TestIPListDB_ReadItems(t *testing.T) {
|
||||
if err != nil {
|
||||
t.Fatal(err)
|
||||
}
|
||||
|
||||
defer func() {
|
||||
_ = db.Close()
|
||||
}()
|
||||
|
||||
items, err := db.ReadItems(0, 2)
|
||||
if err != nil {
|
||||
t.Fatal(err)
|
||||
|
||||
@@ -144,7 +144,7 @@ func TestIPList_Contains(t *testing.T) {
|
||||
list := NewIPList()
|
||||
for i := 0; i < 255; i++ {
|
||||
list.AddDelay(&IPItem{
|
||||
Id: int64(i),
|
||||
Id: uint64(i),
|
||||
IPFrom: utils.IP2Long(strconv.Itoa(i) + ".168.0.1"),
|
||||
IPTo: utils.IP2Long(strconv.Itoa(i) + ".168.255.1"),
|
||||
ExpiredAt: 0,
|
||||
@@ -152,7 +152,7 @@ func TestIPList_Contains(t *testing.T) {
|
||||
}
|
||||
for i := 0; i < 255; i++ {
|
||||
list.AddDelay(&IPItem{
|
||||
Id: int64(1000 + i),
|
||||
Id: uint64(1000 + i),
|
||||
IPFrom: utils.IP2Long("192.167.2." + strconv.Itoa(i)),
|
||||
})
|
||||
}
|
||||
@@ -172,7 +172,7 @@ func TestIPList_Contains_Many(t *testing.T) {
|
||||
list := NewIPList()
|
||||
for i := 0; i < 1_000_000; i++ {
|
||||
list.AddDelay(&IPItem{
|
||||
Id: int64(i),
|
||||
Id: uint64(i),
|
||||
IPFrom: utils.IP2Long(strconv.Itoa(rands.Int(0, 255)) + "." + strconv.Itoa(rands.Int(0, 255)) + "." + strconv.Itoa(rands.Int(0, 255)) + "." + strconv.Itoa(rands.Int(0, 255))),
|
||||
IPTo: utils.IP2Long(strconv.Itoa(rands.Int(0, 255)) + "." + strconv.Itoa(rands.Int(0, 255)) + "." + strconv.Itoa(rands.Int(0, 255)) + "." + strconv.Itoa(rands.Int(0, 255))),
|
||||
ExpiredAt: 0,
|
||||
@@ -217,7 +217,7 @@ func TestIPList_ContainsIPStrings(t *testing.T) {
|
||||
list := NewIPList()
|
||||
for i := 0; i < 255; i++ {
|
||||
list.Add(&IPItem{
|
||||
Id: int64(i),
|
||||
Id: uint64(i),
|
||||
IPFrom: utils.IP2Long(strconv.Itoa(i) + ".168.0.1"),
|
||||
IPTo: utils.IP2Long(strconv.Itoa(i) + ".168.255.1"),
|
||||
ExpiredAt: 0,
|
||||
@@ -305,7 +305,7 @@ func BenchmarkIPList_Contains(b *testing.B) {
|
||||
var list = NewIPList()
|
||||
for i := 1; i < 200_000; i++ {
|
||||
list.AddDelay(&IPItem{
|
||||
Id: int64(i),
|
||||
Id: uint64(i),
|
||||
IPFrom: utils.IP2Long(strconv.Itoa(rands.Int(0, 255)) + "." + strconv.Itoa(rands.Int(0, 255)) + ".0.1"),
|
||||
IPTo: utils.IP2Long(strconv.Itoa(rands.Int(0, 255)) + "." + strconv.Itoa(rands.Int(0, 255)) + ".0.1"),
|
||||
ExpiredAt: time.Now().Unix() + 60,
|
||||
|
||||
@@ -129,9 +129,8 @@ func (this *ClientConn) Close() error {
|
||||
err := this.rawConn.Close()
|
||||
|
||||
// 单个服务并发数限制
|
||||
if this.hasLimit {
|
||||
sharedClientConnLimiter.Remove(this.rawConn.RemoteAddr().String())
|
||||
}
|
||||
// 不能加条件限制,因为服务配置随时有变化
|
||||
sharedClientConnLimiter.Remove(this.rawConn.RemoteAddr().String())
|
||||
|
||||
return err
|
||||
}
|
||||
|
||||
@@ -177,7 +177,8 @@ func (this *HTTPRequest) checkWAFRequest(firewallPolicy *firewallconfigs.HTTPFir
|
||||
if countryId > 0 && lists.ContainsInt64(regionConfig.DenyCountryIds, countryId) {
|
||||
this.firewallPolicyId = firewallPolicy.Id
|
||||
|
||||
this.writer.WriteHeader(http.StatusForbidden)
|
||||
this.writeCode(http.StatusForbidden)
|
||||
this.writer.Flush()
|
||||
this.writer.Close()
|
||||
|
||||
// 停止日志
|
||||
@@ -197,7 +198,8 @@ func (this *HTTPRequest) checkWAFRequest(firewallPolicy *firewallconfigs.HTTPFir
|
||||
if provinceId > 0 && lists.ContainsInt64(regionConfig.DenyProvinceIds, provinceId) {
|
||||
this.firewallPolicyId = firewallPolicy.Id
|
||||
|
||||
this.writer.WriteHeader(http.StatusForbidden)
|
||||
this.writeCode(http.StatusForbidden)
|
||||
this.writer.Flush()
|
||||
this.writer.Close()
|
||||
|
||||
// 停止日志
|
||||
|
||||
@@ -5,11 +5,14 @@ import (
|
||||
"errors"
|
||||
"github.com/TeaOSLab/EdgeCommon/pkg/nodeconfigs"
|
||||
"github.com/TeaOSLab/EdgeCommon/pkg/serverconfigs"
|
||||
"github.com/TeaOSLab/EdgeNode/internal/firewalls"
|
||||
"github.com/TeaOSLab/EdgeNode/internal/goman"
|
||||
"github.com/TeaOSLab/EdgeNode/internal/remotelogs"
|
||||
"github.com/TeaOSLab/EdgeNode/internal/utils"
|
||||
"github.com/iwind/TeaGo/Tea"
|
||||
"github.com/iwind/TeaGo/lists"
|
||||
"github.com/iwind/TeaGo/maps"
|
||||
"github.com/iwind/TeaGo/types"
|
||||
"net/url"
|
||||
"os/exec"
|
||||
"regexp"
|
||||
@@ -31,15 +34,19 @@ type ListenerManager struct {
|
||||
retryListenerMap map[string]*Listener // 需要重试的监听器 addr => Listener
|
||||
ticker *time.Ticker
|
||||
|
||||
lastPortStrings string
|
||||
firewalld *firewalls.Firewalld
|
||||
lastPortStrings string
|
||||
lastTCPPortRanges [][2]int
|
||||
lastUDPPortRanges [][2]int
|
||||
}
|
||||
|
||||
// NewListenerManager 获取新对象
|
||||
func NewListenerManager() *ListenerManager {
|
||||
manager := &ListenerManager{
|
||||
var manager = &ListenerManager{
|
||||
listenersMap: map[string]*Listener{},
|
||||
retryListenerMap: map[string]*Listener{},
|
||||
ticker: time.NewTicker(1 * time.Minute),
|
||||
firewalld: firewalls.NewFirewalld(),
|
||||
}
|
||||
|
||||
// 提升测试效率
|
||||
@@ -147,7 +154,7 @@ func (this *ListenerManager) Start(node *nodeconfigs.NodeConfig) error {
|
||||
}
|
||||
|
||||
// 加入到firewalld
|
||||
this.addToFirewalld(groupAddrs)
|
||||
go this.addToFirewalld(groupAddrs)
|
||||
|
||||
return nil
|
||||
}
|
||||
@@ -226,8 +233,14 @@ func (this *ListenerManager) addToFirewalld(groupAddrs []string) {
|
||||
return
|
||||
}
|
||||
|
||||
if this.firewalld == nil || !this.firewalld.IsReady() {
|
||||
return
|
||||
}
|
||||
|
||||
// 组合端口号
|
||||
var ports = []string{}
|
||||
var portStrings = []string{}
|
||||
var udpPorts = []int{}
|
||||
var tcpPorts = []int{}
|
||||
for _, addr := range groupAddrs {
|
||||
var protocol = "tcp"
|
||||
if strings.HasPrefix(addr, "udp") {
|
||||
@@ -237,52 +250,72 @@ func (this *ListenerManager) addToFirewalld(groupAddrs []string) {
|
||||
var lastIndex = strings.LastIndex(addr, ":")
|
||||
if lastIndex > 0 {
|
||||
var portString = addr[lastIndex+1:]
|
||||
ports = append(ports, portString+"/"+protocol)
|
||||
portStrings = append(portStrings, portString+"/"+protocol)
|
||||
|
||||
switch protocol {
|
||||
case "tcp":
|
||||
tcpPorts = append(tcpPorts, types.Int(portString))
|
||||
case "udp":
|
||||
udpPorts = append(udpPorts, types.Int(portString))
|
||||
}
|
||||
}
|
||||
}
|
||||
if len(ports) == 0 {
|
||||
if len(portStrings) == 0 {
|
||||
return
|
||||
}
|
||||
|
||||
// 检查是否有变化
|
||||
sort.Strings(ports)
|
||||
var newPortStrings = strings.Join(ports, ",")
|
||||
sort.Strings(portStrings)
|
||||
var newPortStrings = strings.Join(portStrings, ",")
|
||||
if newPortStrings == this.lastPortStrings {
|
||||
return
|
||||
}
|
||||
this.lastPortStrings = newPortStrings
|
||||
|
||||
firewallCmd, err := exec.LookPath("firewall-cmd")
|
||||
if err != nil || len(firewallCmd) == 0 {
|
||||
return
|
||||
remotelogs.Println("FIREWALLD", "opening ports automatically ...")
|
||||
defer func() {
|
||||
remotelogs.Println("FIREWALLD", "open ports successfully")
|
||||
}()
|
||||
|
||||
// 合并端口
|
||||
var tcpPortRanges = utils.MergePorts(tcpPorts)
|
||||
var udpPortRanges = utils.MergePorts(udpPorts)
|
||||
|
||||
defer func() {
|
||||
this.lastTCPPortRanges = tcpPortRanges
|
||||
this.lastUDPPortRanges = udpPortRanges
|
||||
}()
|
||||
|
||||
// 删除老的不存在的端口
|
||||
var tcpPortRangesMap = map[string]bool{}
|
||||
var udpPortRangesMap = map[string]bool{}
|
||||
for _, portRange := range tcpPortRanges {
|
||||
tcpPortRangesMap[this.firewalld.PortRangeString(portRange, "tcp")] = true
|
||||
}
|
||||
for _, portRange := range udpPortRanges {
|
||||
udpPortRangesMap[this.firewalld.PortRangeString(portRange, "udp")] = true
|
||||
}
|
||||
|
||||
// 检查状态
|
||||
err = exec.Command(firewallCmd, "--state").Run()
|
||||
if err != nil {
|
||||
return
|
||||
}
|
||||
|
||||
remotelogs.Println("FIREWALLD", "open ports automatically")
|
||||
for _, port := range ports {
|
||||
{
|
||||
// TODO 需要支持sudo
|
||||
var cmd = exec.Command(firewallCmd, "--add-port="+port, "--permanent")
|
||||
err = cmd.Run()
|
||||
if err != nil {
|
||||
remotelogs.Warn("FIREWALLD", "'"+cmd.String()+"': "+err.Error())
|
||||
return
|
||||
}
|
||||
}
|
||||
|
||||
{
|
||||
// TODO 需要支持sudo
|
||||
var cmd = exec.Command(firewallCmd, "--add-port="+port)
|
||||
err = cmd.Run()
|
||||
if err != nil {
|
||||
remotelogs.Warn("FIREWALLD", "'"+cmd.String()+"': "+err.Error())
|
||||
return
|
||||
}
|
||||
for _, portRange := range this.lastTCPPortRanges {
|
||||
var s = this.firewalld.PortRangeString(portRange, "tcp")
|
||||
_, ok := tcpPortRangesMap[s]
|
||||
if ok {
|
||||
continue
|
||||
}
|
||||
remotelogs.Println("FIREWALLD", "remove port '"+s+"'")
|
||||
_ = this.firewalld.RemovePortRangePermanently(portRange, "tcp")
|
||||
}
|
||||
for _, portRange := range this.lastUDPPortRanges {
|
||||
var s = this.firewalld.PortRangeString(portRange, "udp")
|
||||
_, ok := udpPortRangesMap[s]
|
||||
if ok {
|
||||
continue
|
||||
}
|
||||
remotelogs.Println("FIREWALLD", "remove port '"+s+"'")
|
||||
_ = this.firewalld.RemovePortRangePermanently(portRange, "udp")
|
||||
}
|
||||
|
||||
// 添加新的
|
||||
_ = this.firewalld.AllowPortRangesPermanently(tcpPortRanges, "tcp")
|
||||
_ = this.firewalld.AllowPortRangesPermanently(udpPortRanges, "udp")
|
||||
}
|
||||
|
||||
@@ -635,11 +635,13 @@ func (this *Node) checkClusterConfig() error {
|
||||
if len(resp.Endpoints) == 0 {
|
||||
resp.Endpoints = []string{}
|
||||
}
|
||||
apiConfig := &configs.APIConfig{
|
||||
var apiConfig = &configs.APIConfig{
|
||||
RPC: struct {
|
||||
Endpoints []string `yaml:"endpoints"`
|
||||
Endpoints []string `yaml:"endpoints"`
|
||||
DisableUpdate bool `yaml:"disableUpdate"`
|
||||
}{
|
||||
Endpoints: resp.Endpoints,
|
||||
Endpoints: resp.Endpoints,
|
||||
DisableUpdate: false,
|
||||
},
|
||||
NodeId: resp.UniqueId,
|
||||
Secret: resp.Secret,
|
||||
|
||||
@@ -68,6 +68,8 @@ func (this *NodeStatusExecutor) update() {
|
||||
status.BuildVersionCode = utils.VersionToLong(teaconst.Version)
|
||||
status.OS = runtime.GOOS
|
||||
status.Arch = runtime.GOARCH
|
||||
exe, _ := os.Executable()
|
||||
status.ExePath = exe
|
||||
status.ConfigVersion = sharedNodeConfig.Version
|
||||
status.IsActive = true
|
||||
status.ConnectionCount = sharedListenerManager.TotalActiveConnections()
|
||||
|
||||
@@ -63,6 +63,16 @@ func (this *SyncAPINodesTask) Stop() {
|
||||
}
|
||||
|
||||
func (this *SyncAPINodesTask) Loop() error {
|
||||
config, err := configs.LoadAPIConfig()
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
// 是否禁止自动升级
|
||||
if config.RPC.DisableUpdate {
|
||||
return nil
|
||||
}
|
||||
|
||||
var tr = trackers.Begin("SYNC_API_NODES")
|
||||
defer tr.End()
|
||||
|
||||
@@ -76,7 +86,7 @@ func (this *SyncAPINodesTask) Loop() error {
|
||||
return err
|
||||
}
|
||||
|
||||
newEndpoints := []string{}
|
||||
var newEndpoints = []string{}
|
||||
for _, node := range resp.ApiNodes {
|
||||
if !node.IsOn {
|
||||
continue
|
||||
@@ -85,16 +95,12 @@ func (this *SyncAPINodesTask) Loop() error {
|
||||
}
|
||||
|
||||
// 和现有的对比
|
||||
config, err := configs.LoadAPIConfig()
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
if this.isSame(newEndpoints, config.RPC.Endpoints) {
|
||||
return nil
|
||||
}
|
||||
|
||||
// 测试是否有API节点可用
|
||||
hasOk := this.testEndpoints(newEndpoints)
|
||||
var hasOk = this.testEndpoints(newEndpoints)
|
||||
if !hasOk {
|
||||
return nil
|
||||
}
|
||||
|
||||
@@ -343,9 +343,11 @@ func (this *HTTPRequestStatManager) Upload() error {
|
||||
if strings.Contains(err.Error(), "string field contains invalid UTF-8") {
|
||||
for _, system := range pbSystems {
|
||||
system.Name = utils.ToValidUTF8string(system.Name)
|
||||
system.Version = utils.ToValidUTF8string(system.Version)
|
||||
}
|
||||
for _, browser := range pbBrowsers {
|
||||
browser.Name = utils.ToValidUTF8string(browser.Name)
|
||||
browser.Version = utils.ToValidUTF8string(browser.Version)
|
||||
}
|
||||
|
||||
// 再次尝试
|
||||
|
||||
@@ -7,6 +7,7 @@ import (
|
||||
"context"
|
||||
"github.com/iwind/TeaGo/logs"
|
||||
"net"
|
||||
"sort"
|
||||
"syscall"
|
||||
)
|
||||
|
||||
@@ -38,3 +39,34 @@ func ParseAddrHost(addr string) string {
|
||||
}
|
||||
return host
|
||||
}
|
||||
|
||||
// MergePorts 聚合端口
|
||||
// 返回 [ [fromPort, toPort], ... ]
|
||||
func MergePorts(ports []int) [][2]int {
|
||||
if len(ports) == 0 {
|
||||
return nil
|
||||
}
|
||||
|
||||
sort.Ints(ports)
|
||||
|
||||
var result = [][2]int{}
|
||||
var lastRange = [2]int{0, 0}
|
||||
var lastPort = -1
|
||||
for _, port := range ports {
|
||||
if port <= 0 /** 只处理有效的端口 **/ || port == lastPort /** 去重 **/ {
|
||||
continue
|
||||
}
|
||||
|
||||
if lastPort < 0 || port != lastPort+1 {
|
||||
lastRange = [2]int{port, port}
|
||||
result = append(result, lastRange)
|
||||
} else { // 如果是连续的
|
||||
lastRange[1] = port
|
||||
result[len(result)-1] = lastRange
|
||||
}
|
||||
|
||||
lastPort = port
|
||||
}
|
||||
|
||||
return result
|
||||
}
|
||||
|
||||
@@ -12,3 +12,15 @@ func TestParseAddrHost(t *testing.T) {
|
||||
t.Log(addr + " => " + utils.ParseAddrHost(addr))
|
||||
}
|
||||
}
|
||||
|
||||
func TestMergePorts(t *testing.T) {
|
||||
for _, ports := range [][]int{
|
||||
{},
|
||||
{80},
|
||||
{80, 83, 85},
|
||||
{80, 81, 83, 85, 86, 87, 88, 90},
|
||||
{0, 0, 1, 1, 2, 2, 2, 3, 3, 3},
|
||||
} {
|
||||
t.Log(ports, "=>", utils.MergePorts(ports))
|
||||
}
|
||||
}
|
||||
|
||||
@@ -30,7 +30,7 @@ func (this *CCCheckpoint) Start() {
|
||||
this.cache = ttlcache.NewCache()
|
||||
}
|
||||
|
||||
func (this *CCCheckpoint) RequestValue(req requests.Request, param string, options maps.Map) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
|
||||
func (this *CCCheckpoint) RequestValue(req requests.Request, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
|
||||
value = 0
|
||||
|
||||
if this.cache == nil {
|
||||
@@ -114,15 +114,15 @@ func (this *CCCheckpoint) RequestValue(req requests.Request, param string, optio
|
||||
if len(key) == 0 {
|
||||
key = req.WAFRemoteIP()
|
||||
}
|
||||
value = this.cache.IncreaseInt64(key, int64(1), time.Now().Unix()+period, false)
|
||||
value = this.cache.IncreaseInt64(types.String(ruleId)+"@"+key, int64(1), time.Now().Unix()+period, false)
|
||||
}
|
||||
|
||||
return
|
||||
}
|
||||
|
||||
func (this *CCCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
|
||||
func (this *CCCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
|
||||
if this.IsRequest() {
|
||||
return this.RequestValue(req, param, options)
|
||||
return this.RequestValue(req, param, options, ruleId)
|
||||
}
|
||||
return
|
||||
}
|
||||
|
||||
@@ -32,7 +32,7 @@ type CC2Checkpoint struct {
|
||||
Checkpoint
|
||||
}
|
||||
|
||||
func (this *CC2Checkpoint) RequestValue(req requests.Request, param string, options maps.Map) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
|
||||
func (this *CC2Checkpoint) RequestValue(req requests.Request, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
|
||||
var keys = options.GetSlice("keys")
|
||||
var keyValues = []string{}
|
||||
for _, key := range keys {
|
||||
@@ -66,11 +66,16 @@ func (this *CC2Checkpoint) RequestValue(req requests.Request, param string, opti
|
||||
}
|
||||
}
|
||||
|
||||
value = ccCache.IncreaseInt64("WAF-CC-"+strings.Join(keyValues, "@"), 1, time.Now().Unix()+period, false)
|
||||
var ccKey = "WAF-CC-" + types.String(ruleId) + "-" + strings.Join(keyValues, "@")
|
||||
value = ccCache.IncreaseInt64(ccKey, 1, time.Now().Unix()+period, false)
|
||||
|
||||
return
|
||||
}
|
||||
|
||||
func (this *CC2Checkpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
|
||||
func (this *CC2Checkpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
|
||||
if this.IsRequest() {
|
||||
return this.RequestValue(req, param, options, ruleId)
|
||||
}
|
||||
|
||||
return
|
||||
}
|
||||
|
||||
@@ -23,21 +23,21 @@ func TestCCCheckpoint_RequestValue(t *testing.T) {
|
||||
options := maps.Map{
|
||||
"period": "5",
|
||||
}
|
||||
t.Log(checkpoint.RequestValue(req, "requests", options))
|
||||
t.Log(checkpoint.RequestValue(req, "requests", options))
|
||||
t.Log(checkpoint.RequestValue(req, "requests", options, 1))
|
||||
t.Log(checkpoint.RequestValue(req, "requests", options, 1))
|
||||
|
||||
req.WAFRaw().RemoteAddr = "127.0.0.2"
|
||||
t.Log(checkpoint.RequestValue(req, "requests", options))
|
||||
t.Log(checkpoint.RequestValue(req, "requests", options, 1))
|
||||
|
||||
req.WAFRaw().RemoteAddr = "127.0.0.1"
|
||||
t.Log(checkpoint.RequestValue(req, "requests", options))
|
||||
t.Log(checkpoint.RequestValue(req, "requests", options, 1))
|
||||
|
||||
req.WAFRaw().RemoteAddr = "127.0.0.2"
|
||||
t.Log(checkpoint.RequestValue(req, "requests", options))
|
||||
t.Log(checkpoint.RequestValue(req, "requests", options, 1))
|
||||
|
||||
req.WAFRaw().RemoteAddr = "127.0.0.2"
|
||||
t.Log(checkpoint.RequestValue(req, "requests", options))
|
||||
t.Log(checkpoint.RequestValue(req, "requests", options, 1))
|
||||
|
||||
req.WAFRaw().RemoteAddr = "127.0.0.2"
|
||||
t.Log(checkpoint.RequestValue(req, "requests", options))
|
||||
t.Log(checkpoint.RequestValue(req, "requests", options, 1))
|
||||
}
|
||||
|
||||
@@ -17,10 +17,10 @@ type CheckpointInterface interface {
|
||||
IsComposed() bool
|
||||
|
||||
// RequestValue get request value
|
||||
RequestValue(req requests.Request, param string, options maps.Map) (value interface{}, hasRequestBody bool, sysErr error, userErr error)
|
||||
RequestValue(req requests.Request, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error)
|
||||
|
||||
// ResponseValue get response value
|
||||
ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map) (value interface{}, hasRequestBody bool, sysErr error, userErr error)
|
||||
ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error)
|
||||
|
||||
// ParamOptions param option list
|
||||
ParamOptions() *ParamOptions
|
||||
|
||||
@@ -11,7 +11,7 @@ type RequestAllCheckpoint struct {
|
||||
Checkpoint
|
||||
}
|
||||
|
||||
func (this *RequestAllCheckpoint) RequestValue(req requests.Request, param string, options maps.Map) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
|
||||
func (this *RequestAllCheckpoint) RequestValue(req requests.Request, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
|
||||
valueBytes := []byte{}
|
||||
if len(req.WAFRaw().RequestURI) > 0 {
|
||||
valueBytes = append(valueBytes, req.WAFRaw().RequestURI...)
|
||||
@@ -47,10 +47,10 @@ func (this *RequestAllCheckpoint) RequestValue(req requests.Request, param strin
|
||||
return
|
||||
}
|
||||
|
||||
func (this *RequestAllCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
|
||||
func (this *RequestAllCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
|
||||
value = ""
|
||||
if this.IsRequest() {
|
||||
return this.RequestValue(req, param, options)
|
||||
return this.RequestValue(req, param, options, ruleId)
|
||||
}
|
||||
return
|
||||
}
|
||||
|
||||
@@ -18,7 +18,7 @@ func TestRequestAllCheckpoint_RequestValue(t *testing.T) {
|
||||
}
|
||||
|
||||
checkpoint := new(RequestAllCheckpoint)
|
||||
v, _, sysErr, userErr := checkpoint.RequestValue(requests.NewTestRequest(req), "", nil)
|
||||
v, _, sysErr, userErr := checkpoint.RequestValue(requests.NewTestRequest(req), "", nil, 1)
|
||||
if sysErr != nil {
|
||||
t.Fatal(sysErr)
|
||||
}
|
||||
@@ -42,7 +42,7 @@ func TestRequestAllCheckpoint_RequestValue_Max(t *testing.T) {
|
||||
}
|
||||
|
||||
checkpoint := new(RequestBodyCheckpoint)
|
||||
value, _, err, _ := checkpoint.RequestValue(requests.NewTestRequest(req), "", nil)
|
||||
value, _, err, _ := checkpoint.RequestValue(requests.NewTestRequest(req), "", nil, 1)
|
||||
if err != nil {
|
||||
t.Fatal(err)
|
||||
}
|
||||
@@ -65,6 +65,6 @@ func BenchmarkRequestAllCheckpoint_RequestValue(b *testing.B) {
|
||||
|
||||
checkpoint := new(RequestAllCheckpoint)
|
||||
for i := 0; i < b.N; i++ {
|
||||
_, _, _, _ = checkpoint.RequestValue(requests.NewTestRequest(req), "", nil)
|
||||
_, _, _, _ = checkpoint.RequestValue(requests.NewTestRequest(req), "", nil, 1)
|
||||
}
|
||||
}
|
||||
|
||||
@@ -9,13 +9,13 @@ type RequestArgCheckpoint struct {
|
||||
Checkpoint
|
||||
}
|
||||
|
||||
func (this *RequestArgCheckpoint) RequestValue(req requests.Request, param string, options maps.Map) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
|
||||
func (this *RequestArgCheckpoint) RequestValue(req requests.Request, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
|
||||
return req.WAFRaw().URL.Query().Get(param), hasRequestBody, nil, nil
|
||||
}
|
||||
|
||||
func (this *RequestArgCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
|
||||
func (this *RequestArgCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
|
||||
if this.IsRequest() {
|
||||
return this.RequestValue(req, param, options)
|
||||
return this.RequestValue(req, param, options, ruleId)
|
||||
}
|
||||
return
|
||||
}
|
||||
|
||||
@@ -15,7 +15,7 @@ func TestArgParam_RequestValue(t *testing.T) {
|
||||
req := requests.NewTestRequest(rawReq)
|
||||
|
||||
checkpoint := new(RequestArgCheckpoint)
|
||||
t.Log(checkpoint.RequestValue(req, "name", nil))
|
||||
t.Log(checkpoint.ResponseValue(req, nil, "name", nil))
|
||||
t.Log(checkpoint.RequestValue(req, "name2", nil))
|
||||
t.Log(checkpoint.RequestValue(req, "name", nil, 1))
|
||||
t.Log(checkpoint.ResponseValue(req, nil, "name", nil, 1))
|
||||
t.Log(checkpoint.RequestValue(req, "name2", nil, 1))
|
||||
}
|
||||
|
||||
@@ -9,14 +9,14 @@ type RequestArgsCheckpoint struct {
|
||||
Checkpoint
|
||||
}
|
||||
|
||||
func (this *RequestArgsCheckpoint) RequestValue(req requests.Request, param string, options maps.Map) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
|
||||
func (this *RequestArgsCheckpoint) RequestValue(req requests.Request, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
|
||||
value = req.WAFRaw().URL.RawQuery
|
||||
return
|
||||
}
|
||||
|
||||
func (this *RequestArgsCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
|
||||
func (this *RequestArgsCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
|
||||
if this.IsRequest() {
|
||||
return this.RequestValue(req, param, options)
|
||||
return this.RequestValue(req, param, options, ruleId)
|
||||
}
|
||||
return
|
||||
}
|
||||
|
||||
@@ -11,7 +11,7 @@ type RequestBodyCheckpoint struct {
|
||||
Checkpoint
|
||||
}
|
||||
|
||||
func (this *RequestBodyCheckpoint) RequestValue(req requests.Request, param string, options maps.Map) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
|
||||
func (this *RequestBodyCheckpoint) RequestValue(req requests.Request, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
|
||||
if this.RequestBodyIsEmpty(req) {
|
||||
value = ""
|
||||
return
|
||||
@@ -38,9 +38,9 @@ func (this *RequestBodyCheckpoint) RequestValue(req requests.Request, param stri
|
||||
return bodyData, hasRequestBody, nil, nil
|
||||
}
|
||||
|
||||
func (this *RequestBodyCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
|
||||
func (this *RequestBodyCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
|
||||
if this.IsRequest() {
|
||||
return this.RequestValue(req, param, options)
|
||||
return this.RequestValue(req, param, options, ruleId)
|
||||
}
|
||||
return
|
||||
}
|
||||
|
||||
@@ -17,7 +17,7 @@ func TestRequestBodyCheckpoint_RequestValue(t *testing.T) {
|
||||
}
|
||||
var req = requests.NewTestRequest(rawReq)
|
||||
checkpoint := new(RequestBodyCheckpoint)
|
||||
t.Log(checkpoint.RequestValue(req, "", nil))
|
||||
t.Log(checkpoint.RequestValue(req, "", nil, 1))
|
||||
|
||||
body, err := ioutil.ReadAll(rawReq.Body)
|
||||
if err != nil {
|
||||
@@ -34,7 +34,7 @@ func TestRequestBodyCheckpoint_RequestValue_Max(t *testing.T) {
|
||||
}
|
||||
|
||||
checkpoint := new(RequestBodyCheckpoint)
|
||||
value, _, err, _ := checkpoint.RequestValue(requests.NewTestRequest(req), "", nil)
|
||||
value, _, err, _ := checkpoint.RequestValue(requests.NewTestRequest(req), "", nil, 1)
|
||||
if err != nil {
|
||||
t.Fatal(err)
|
||||
}
|
||||
|
||||
@@ -9,14 +9,14 @@ type RequestContentTypeCheckpoint struct {
|
||||
Checkpoint
|
||||
}
|
||||
|
||||
func (this *RequestContentTypeCheckpoint) RequestValue(req requests.Request, param string, options maps.Map) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
|
||||
func (this *RequestContentTypeCheckpoint) RequestValue(req requests.Request, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
|
||||
value = req.WAFRaw().Header.Get("Content-Type")
|
||||
return
|
||||
}
|
||||
|
||||
func (this *RequestContentTypeCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
|
||||
func (this *RequestContentTypeCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
|
||||
if this.IsRequest() {
|
||||
return this.RequestValue(req, param, options)
|
||||
return this.RequestValue(req, param, options, ruleId)
|
||||
}
|
||||
return
|
||||
}
|
||||
|
||||
@@ -9,7 +9,7 @@ type RequestCookieCheckpoint struct {
|
||||
Checkpoint
|
||||
}
|
||||
|
||||
func (this *RequestCookieCheckpoint) RequestValue(req requests.Request, param string, options maps.Map) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
|
||||
func (this *RequestCookieCheckpoint) RequestValue(req requests.Request, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
|
||||
cookie, err := req.WAFRaw().Cookie(param)
|
||||
if err != nil {
|
||||
value = ""
|
||||
@@ -20,9 +20,9 @@ func (this *RequestCookieCheckpoint) RequestValue(req requests.Request, param st
|
||||
return
|
||||
}
|
||||
|
||||
func (this *RequestCookieCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
|
||||
func (this *RequestCookieCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
|
||||
if this.IsRequest() {
|
||||
return this.RequestValue(req, param, options)
|
||||
return this.RequestValue(req, param, options, ruleId)
|
||||
}
|
||||
return
|
||||
}
|
||||
|
||||
@@ -11,7 +11,7 @@ type RequestCookiesCheckpoint struct {
|
||||
Checkpoint
|
||||
}
|
||||
|
||||
func (this *RequestCookiesCheckpoint) RequestValue(req requests.Request, param string, options maps.Map) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
|
||||
func (this *RequestCookiesCheckpoint) RequestValue(req requests.Request, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
|
||||
var cookies = []string{}
|
||||
for _, cookie := range req.WAFRaw().Cookies() {
|
||||
cookies = append(cookies, url.QueryEscape(cookie.Name)+"="+url.QueryEscape(cookie.Value))
|
||||
@@ -20,9 +20,9 @@ func (this *RequestCookiesCheckpoint) RequestValue(req requests.Request, param s
|
||||
return
|
||||
}
|
||||
|
||||
func (this *RequestCookiesCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
|
||||
func (this *RequestCookiesCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
|
||||
if this.IsRequest() {
|
||||
return this.RequestValue(req, param, options)
|
||||
return this.RequestValue(req, param, options, ruleId)
|
||||
}
|
||||
return
|
||||
}
|
||||
|
||||
@@ -12,7 +12,7 @@ type RequestFormArgCheckpoint struct {
|
||||
Checkpoint
|
||||
}
|
||||
|
||||
func (this *RequestFormArgCheckpoint) RequestValue(req requests.Request, param string, options maps.Map) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
|
||||
func (this *RequestFormArgCheckpoint) RequestValue(req requests.Request, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
|
||||
hasRequestBody = true
|
||||
|
||||
if this.RequestBodyIsEmpty(req) {
|
||||
@@ -42,9 +42,9 @@ func (this *RequestFormArgCheckpoint) RequestValue(req requests.Request, param s
|
||||
return values.Get(param), hasRequestBody, nil, nil
|
||||
}
|
||||
|
||||
func (this *RequestFormArgCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
|
||||
func (this *RequestFormArgCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
|
||||
if this.IsRequest() {
|
||||
return this.RequestValue(req, param, options)
|
||||
return this.RequestValue(req, param, options, ruleId)
|
||||
}
|
||||
return
|
||||
}
|
||||
|
||||
@@ -19,10 +19,10 @@ func TestRequestFormArgCheckpoint_RequestValue(t *testing.T) {
|
||||
req.WAFRaw().Header.Set("Content-Type", "application/x-www-form-urlencoded")
|
||||
|
||||
checkpoint := new(RequestFormArgCheckpoint)
|
||||
t.Log(checkpoint.RequestValue(req, "name", nil))
|
||||
t.Log(checkpoint.RequestValue(req, "age", nil))
|
||||
t.Log(checkpoint.RequestValue(req, "Hello", nil))
|
||||
t.Log(checkpoint.RequestValue(req, "encoded", nil))
|
||||
t.Log(checkpoint.RequestValue(req, "name", nil, 1))
|
||||
t.Log(checkpoint.RequestValue(req, "age", nil, 1))
|
||||
t.Log(checkpoint.RequestValue(req, "Hello", nil, 1))
|
||||
t.Log(checkpoint.RequestValue(req, "encoded", nil, 1))
|
||||
|
||||
body, err := ioutil.ReadAll(req.WAFRaw().Body)
|
||||
if err != nil {
|
||||
|
||||
@@ -14,7 +14,7 @@ func (this *RequestGeneralHeaderLengthCheckpoint) IsComposed() bool {
|
||||
return true
|
||||
}
|
||||
|
||||
func (this *RequestGeneralHeaderLengthCheckpoint) RequestValue(req requests.Request, param string, options maps.Map) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
|
||||
func (this *RequestGeneralHeaderLengthCheckpoint) RequestValue(req requests.Request, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
|
||||
value = false
|
||||
|
||||
var headers = options.GetSlice("headers")
|
||||
@@ -35,6 +35,6 @@ func (this *RequestGeneralHeaderLengthCheckpoint) RequestValue(req requests.Requ
|
||||
return
|
||||
}
|
||||
|
||||
func (this *RequestGeneralHeaderLengthCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
|
||||
func (this *RequestGeneralHeaderLengthCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
|
||||
return
|
||||
}
|
||||
|
||||
@@ -15,11 +15,11 @@ func (this *RequestGeoCityNameCheckpoint) IsComposed() bool {
|
||||
return false
|
||||
}
|
||||
|
||||
func (this *RequestGeoCityNameCheckpoint) RequestValue(req requests.Request, param string, options maps.Map) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
|
||||
func (this *RequestGeoCityNameCheckpoint) RequestValue(req requests.Request, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
|
||||
value = req.Format("${geo.city.name}")
|
||||
return
|
||||
}
|
||||
|
||||
func (this *RequestGeoCityNameCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
|
||||
return this.RequestValue(req, param, options)
|
||||
func (this *RequestGeoCityNameCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
|
||||
return this.RequestValue(req, param, options, ruleId)
|
||||
}
|
||||
|
||||
@@ -15,11 +15,11 @@ func (this *RequestGeoCountryNameCheckpoint) IsComposed() bool {
|
||||
return false
|
||||
}
|
||||
|
||||
func (this *RequestGeoCountryNameCheckpoint) RequestValue(req requests.Request, param string, options maps.Map) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
|
||||
func (this *RequestGeoCountryNameCheckpoint) RequestValue(req requests.Request, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
|
||||
value = req.Format("${geo.country.name}")
|
||||
return
|
||||
}
|
||||
|
||||
func (this *RequestGeoCountryNameCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
|
||||
return this.RequestValue(req, param, options)
|
||||
func (this *RequestGeoCountryNameCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
|
||||
return this.RequestValue(req, param, options, ruleId)
|
||||
}
|
||||
|
||||
@@ -15,11 +15,11 @@ func (this *RequestGeoProvinceNameCheckpoint) IsComposed() bool {
|
||||
return false
|
||||
}
|
||||
|
||||
func (this *RequestGeoProvinceNameCheckpoint) RequestValue(req requests.Request, param string, options maps.Map) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
|
||||
func (this *RequestGeoProvinceNameCheckpoint) RequestValue(req requests.Request, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
|
||||
value = req.Format("${geo.province.name}")
|
||||
return
|
||||
}
|
||||
|
||||
func (this *RequestGeoProvinceNameCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
|
||||
return this.RequestValue(req, param, options)
|
||||
func (this *RequestGeoProvinceNameCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
|
||||
return this.RequestValue(req, param, options, ruleId)
|
||||
}
|
||||
|
||||
@@ -10,7 +10,7 @@ type RequestHeaderCheckpoint struct {
|
||||
Checkpoint
|
||||
}
|
||||
|
||||
func (this *RequestHeaderCheckpoint) RequestValue(req requests.Request, param string, options maps.Map) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
|
||||
func (this *RequestHeaderCheckpoint) RequestValue(req requests.Request, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
|
||||
v, found := req.WAFRaw().Header[param]
|
||||
if !found {
|
||||
value = ""
|
||||
@@ -20,9 +20,9 @@ func (this *RequestHeaderCheckpoint) RequestValue(req requests.Request, param st
|
||||
return
|
||||
}
|
||||
|
||||
func (this *RequestHeaderCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
|
||||
func (this *RequestHeaderCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
|
||||
if this.IsRequest() {
|
||||
return this.RequestValue(req, param, options)
|
||||
return this.RequestValue(req, param, options, ruleId)
|
||||
}
|
||||
return
|
||||
}
|
||||
|
||||
@@ -11,7 +11,7 @@ type RequestHeadersCheckpoint struct {
|
||||
Checkpoint
|
||||
}
|
||||
|
||||
func (this *RequestHeadersCheckpoint) RequestValue(req requests.Request, param string, options maps.Map) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
|
||||
func (this *RequestHeadersCheckpoint) RequestValue(req requests.Request, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
|
||||
var headers = []string{}
|
||||
for k, v := range req.WAFRaw().Header {
|
||||
for _, subV := range v {
|
||||
@@ -23,9 +23,9 @@ func (this *RequestHeadersCheckpoint) RequestValue(req requests.Request, param s
|
||||
return
|
||||
}
|
||||
|
||||
func (this *RequestHeadersCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
|
||||
func (this *RequestHeadersCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
|
||||
if this.IsRequest() {
|
||||
return this.RequestValue(req, param, options)
|
||||
return this.RequestValue(req, param, options, ruleId)
|
||||
}
|
||||
return
|
||||
}
|
||||
|
||||
@@ -9,14 +9,14 @@ type RequestHostCheckpoint struct {
|
||||
Checkpoint
|
||||
}
|
||||
|
||||
func (this *RequestHostCheckpoint) RequestValue(req requests.Request, param string, options maps.Map) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
|
||||
func (this *RequestHostCheckpoint) RequestValue(req requests.Request, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
|
||||
value = req.WAFRaw().Host
|
||||
return
|
||||
}
|
||||
|
||||
func (this *RequestHostCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
|
||||
func (this *RequestHostCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
|
||||
if this.IsRequest() {
|
||||
return this.RequestValue(req, param, options)
|
||||
return this.RequestValue(req, param, options, ruleId)
|
||||
}
|
||||
return
|
||||
}
|
||||
|
||||
@@ -16,5 +16,5 @@ func TestRequestHostCheckpoint_RequestValue(t *testing.T) {
|
||||
req.WAFRaw().Header.Set("Host", "cloud.teaos.cn")
|
||||
|
||||
checkpoint := new(RequestHostCheckpoint)
|
||||
t.Log(checkpoint.RequestValue(req, "", nil))
|
||||
t.Log(checkpoint.RequestValue(req, "", nil, 1))
|
||||
}
|
||||
|
||||
@@ -15,11 +15,11 @@ func (this *RequestISPNameCheckpoint) IsComposed() bool {
|
||||
return false
|
||||
}
|
||||
|
||||
func (this *RequestISPNameCheckpoint) RequestValue(req requests.Request, param string, options maps.Map) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
|
||||
func (this *RequestISPNameCheckpoint) RequestValue(req requests.Request, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
|
||||
value = req.Format("${isp.name}")
|
||||
return
|
||||
}
|
||||
|
||||
func (this *RequestISPNameCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
|
||||
return this.RequestValue(req, param, options)
|
||||
func (this *RequestISPNameCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
|
||||
return this.RequestValue(req, param, options, ruleId)
|
||||
}
|
||||
|
||||
@@ -14,7 +14,7 @@ type RequestJSONArgCheckpoint struct {
|
||||
Checkpoint
|
||||
}
|
||||
|
||||
func (this *RequestJSONArgCheckpoint) RequestValue(req requests.Request, param string, options maps.Map) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
|
||||
func (this *RequestJSONArgCheckpoint) RequestValue(req requests.Request, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
|
||||
var bodyData = req.WAFGetCacheBody()
|
||||
hasRequestBody = true
|
||||
if len(bodyData) == 0 {
|
||||
@@ -42,9 +42,9 @@ func (this *RequestJSONArgCheckpoint) RequestValue(req requests.Request, param s
|
||||
return "", hasRequestBody, nil, nil
|
||||
}
|
||||
|
||||
func (this *RequestJSONArgCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
|
||||
func (this *RequestJSONArgCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
|
||||
if this.IsRequest() {
|
||||
return this.RequestValue(req, param, options)
|
||||
return this.RequestValue(req, param, options, ruleId)
|
||||
}
|
||||
return
|
||||
}
|
||||
|
||||
@@ -24,12 +24,12 @@ func TestRequestJSONArgCheckpoint_RequestValue_Map(t *testing.T) {
|
||||
//req.Header.Set("Content-Type", "application/x-www-form-urlencoded")
|
||||
|
||||
checkpoint := new(RequestJSONArgCheckpoint)
|
||||
t.Log(checkpoint.RequestValue(req, "name", nil))
|
||||
t.Log(checkpoint.RequestValue(req, "age", nil))
|
||||
t.Log(checkpoint.RequestValue(req, "Hello", nil))
|
||||
t.Log(checkpoint.RequestValue(req, "", nil))
|
||||
t.Log(checkpoint.RequestValue(req, "books", nil))
|
||||
t.Log(checkpoint.RequestValue(req, "books.1", nil))
|
||||
t.Log(checkpoint.RequestValue(req, "name", nil, 1))
|
||||
t.Log(checkpoint.RequestValue(req, "age", nil, 1))
|
||||
t.Log(checkpoint.RequestValue(req, "Hello", nil, 1))
|
||||
t.Log(checkpoint.RequestValue(req, "", nil, 1))
|
||||
t.Log(checkpoint.RequestValue(req, "books", nil, 1))
|
||||
t.Log(checkpoint.RequestValue(req, "books.1", nil, 1))
|
||||
|
||||
body, err := ioutil.ReadAll(req.WAFRaw().Body)
|
||||
if err != nil {
|
||||
@@ -54,12 +54,12 @@ func TestRequestJSONArgCheckpoint_RequestValue_Array(t *testing.T) {
|
||||
//req.Header.Set("Content-Type", "application/x-www-form-urlencoded")
|
||||
|
||||
checkpoint := new(RequestJSONArgCheckpoint)
|
||||
t.Log(checkpoint.RequestValue(req, "0.name", nil))
|
||||
t.Log(checkpoint.RequestValue(req, "0.age", nil))
|
||||
t.Log(checkpoint.RequestValue(req, "0.Hello", nil))
|
||||
t.Log(checkpoint.RequestValue(req, "", nil))
|
||||
t.Log(checkpoint.RequestValue(req, "0.books", nil))
|
||||
t.Log(checkpoint.RequestValue(req, "0.books.1", nil))
|
||||
t.Log(checkpoint.RequestValue(req, "0.name", nil, 1))
|
||||
t.Log(checkpoint.RequestValue(req, "0.age", nil, 1))
|
||||
t.Log(checkpoint.RequestValue(req, "0.Hello", nil, 1))
|
||||
t.Log(checkpoint.RequestValue(req, "", nil, 1))
|
||||
t.Log(checkpoint.RequestValue(req, "0.books", nil, 1))
|
||||
t.Log(checkpoint.RequestValue(req, "0.books.1", nil, 1))
|
||||
|
||||
body, err := ioutil.ReadAll(req.WAFRaw().Body)
|
||||
if err != nil {
|
||||
@@ -84,12 +84,12 @@ func TestRequestJSONArgCheckpoint_RequestValue_Error(t *testing.T) {
|
||||
//req.Header.Set("Content-Type", "application/x-www-form-urlencoded")
|
||||
|
||||
checkpoint := new(RequestJSONArgCheckpoint)
|
||||
t.Log(checkpoint.RequestValue(req, "0.name", nil))
|
||||
t.Log(checkpoint.RequestValue(req, "0.age", nil))
|
||||
t.Log(checkpoint.RequestValue(req, "0.Hello", nil))
|
||||
t.Log(checkpoint.RequestValue(req, "", nil))
|
||||
t.Log(checkpoint.RequestValue(req, "0.books", nil))
|
||||
t.Log(checkpoint.RequestValue(req, "0.books.1", nil))
|
||||
t.Log(checkpoint.RequestValue(req, "0.name", nil, 1))
|
||||
t.Log(checkpoint.RequestValue(req, "0.age", nil, 1))
|
||||
t.Log(checkpoint.RequestValue(req, "0.Hello", nil, 1))
|
||||
t.Log(checkpoint.RequestValue(req, "", nil, 1))
|
||||
t.Log(checkpoint.RequestValue(req, "0.books", nil, 1))
|
||||
t.Log(checkpoint.RequestValue(req, "0.books.1", nil, 1))
|
||||
|
||||
body, err := ioutil.ReadAll(req.WAFRaw().Body)
|
||||
if err != nil {
|
||||
|
||||
@@ -9,14 +9,14 @@ type RequestLengthCheckpoint struct {
|
||||
Checkpoint
|
||||
}
|
||||
|
||||
func (this *RequestLengthCheckpoint) RequestValue(req requests.Request, param string, options maps.Map) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
|
||||
func (this *RequestLengthCheckpoint) RequestValue(req requests.Request, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
|
||||
value = req.WAFRaw().ContentLength
|
||||
return
|
||||
}
|
||||
|
||||
func (this *RequestLengthCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
|
||||
func (this *RequestLengthCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
|
||||
if this.IsRequest() {
|
||||
return this.RequestValue(req, param, options)
|
||||
return this.RequestValue(req, param, options, ruleId)
|
||||
}
|
||||
return
|
||||
}
|
||||
|
||||
@@ -9,14 +9,14 @@ type RequestMethodCheckpoint struct {
|
||||
Checkpoint
|
||||
}
|
||||
|
||||
func (this *RequestMethodCheckpoint) RequestValue(req requests.Request, param string, options maps.Map) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
|
||||
func (this *RequestMethodCheckpoint) RequestValue(req requests.Request, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
|
||||
value = req.WAFRaw().Method
|
||||
return
|
||||
}
|
||||
|
||||
func (this *RequestMethodCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
|
||||
func (this *RequestMethodCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
|
||||
if this.IsRequest() {
|
||||
return this.RequestValue(req, param, options)
|
||||
return this.RequestValue(req, param, options, ruleId)
|
||||
}
|
||||
return
|
||||
}
|
||||
|
||||
@@ -9,13 +9,13 @@ type RequestPathCheckpoint struct {
|
||||
Checkpoint
|
||||
}
|
||||
|
||||
func (this *RequestPathCheckpoint) RequestValue(req requests.Request, param string, options maps.Map) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
|
||||
func (this *RequestPathCheckpoint) RequestValue(req requests.Request, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
|
||||
return req.WAFRaw().URL.Path, false, nil, nil
|
||||
}
|
||||
|
||||
func (this *RequestPathCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
|
||||
func (this *RequestPathCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
|
||||
if this.IsRequest() {
|
||||
return this.RequestValue(req, param, options)
|
||||
return this.RequestValue(req, param, options, ruleId)
|
||||
}
|
||||
return
|
||||
}
|
||||
|
||||
@@ -14,5 +14,5 @@ func TestRequestPathCheckpoint_RequestValue(t *testing.T) {
|
||||
|
||||
req := requests.NewTestRequest(rawReq)
|
||||
checkpoint := new(RequestPathCheckpoint)
|
||||
t.Log(checkpoint.RequestValue(req, "", nil))
|
||||
t.Log(checkpoint.RequestValue(req, "", nil, 1))
|
||||
}
|
||||
|
||||
@@ -9,14 +9,14 @@ type RequestProtoCheckpoint struct {
|
||||
Checkpoint
|
||||
}
|
||||
|
||||
func (this *RequestProtoCheckpoint) RequestValue(req requests.Request, param string, options maps.Map) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
|
||||
func (this *RequestProtoCheckpoint) RequestValue(req requests.Request, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
|
||||
value = req.WAFRaw().Proto
|
||||
return
|
||||
}
|
||||
|
||||
func (this *RequestProtoCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
|
||||
func (this *RequestProtoCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
|
||||
if this.IsRequest() {
|
||||
return this.RequestValue(req, param, options)
|
||||
return this.RequestValue(req, param, options, ruleId)
|
||||
}
|
||||
return
|
||||
}
|
||||
|
||||
@@ -10,7 +10,7 @@ type RequestRawRemoteAddrCheckpoint struct {
|
||||
Checkpoint
|
||||
}
|
||||
|
||||
func (this *RequestRawRemoteAddrCheckpoint) RequestValue(req requests.Request, param string, options maps.Map) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
|
||||
func (this *RequestRawRemoteAddrCheckpoint) RequestValue(req requests.Request, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
|
||||
host, _, err := net.SplitHostPort(req.WAFRaw().RemoteAddr)
|
||||
if err == nil {
|
||||
value = host
|
||||
@@ -20,9 +20,9 @@ func (this *RequestRawRemoteAddrCheckpoint) RequestValue(req requests.Request, p
|
||||
return
|
||||
}
|
||||
|
||||
func (this *RequestRawRemoteAddrCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
|
||||
func (this *RequestRawRemoteAddrCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
|
||||
if this.IsRequest() {
|
||||
return this.RequestValue(req, param, options)
|
||||
return this.RequestValue(req, param, options, ruleId)
|
||||
}
|
||||
return
|
||||
}
|
||||
|
||||
@@ -9,14 +9,14 @@ type RequestRefererCheckpoint struct {
|
||||
Checkpoint
|
||||
}
|
||||
|
||||
func (this *RequestRefererCheckpoint) RequestValue(req requests.Request, param string, options maps.Map) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
|
||||
func (this *RequestRefererCheckpoint) RequestValue(req requests.Request, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
|
||||
value = req.WAFRaw().Referer()
|
||||
return
|
||||
}
|
||||
|
||||
func (this *RequestRefererCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
|
||||
func (this *RequestRefererCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
|
||||
if this.IsRequest() {
|
||||
return this.RequestValue(req, param, options)
|
||||
return this.RequestValue(req, param, options, ruleId)
|
||||
}
|
||||
return
|
||||
}
|
||||
|
||||
@@ -17,7 +17,7 @@ type RequestRefererBlockCheckpoint struct {
|
||||
|
||||
// RequestValue 计算checkpoint值
|
||||
// 选项:allowEmpty, allowSameDomain, allowDomains
|
||||
func (this *RequestRefererBlockCheckpoint) RequestValue(req requests.Request, param string, options maps.Map) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
|
||||
func (this *RequestRefererBlockCheckpoint) RequestValue(req requests.Request, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
|
||||
var referer = req.WAFRaw().Referer()
|
||||
|
||||
if len(referer) == 0 {
|
||||
@@ -61,6 +61,6 @@ func (this *RequestRefererBlockCheckpoint) RequestValue(req requests.Request, pa
|
||||
return
|
||||
}
|
||||
|
||||
func (this *RequestRefererBlockCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
|
||||
func (this *RequestRefererBlockCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
|
||||
return
|
||||
}
|
||||
|
||||
@@ -9,14 +9,14 @@ type RequestRemoteAddrCheckpoint struct {
|
||||
Checkpoint
|
||||
}
|
||||
|
||||
func (this *RequestRemoteAddrCheckpoint) RequestValue(req requests.Request, param string, options maps.Map) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
|
||||
func (this *RequestRemoteAddrCheckpoint) RequestValue(req requests.Request, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
|
||||
value = req.WAFRemoteIP()
|
||||
return
|
||||
}
|
||||
|
||||
func (this *RequestRemoteAddrCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
|
||||
func (this *RequestRemoteAddrCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
|
||||
if this.IsRequest() {
|
||||
return this.RequestValue(req, param, options)
|
||||
return this.RequestValue(req, param, options, ruleId)
|
||||
}
|
||||
return
|
||||
}
|
||||
|
||||
@@ -11,7 +11,7 @@ type RequestRemotePortCheckpoint struct {
|
||||
Checkpoint
|
||||
}
|
||||
|
||||
func (this *RequestRemotePortCheckpoint) RequestValue(req requests.Request, param string, options maps.Map) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
|
||||
func (this *RequestRemotePortCheckpoint) RequestValue(req requests.Request, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
|
||||
_, port, err := net.SplitHostPort(req.WAFRaw().RemoteAddr)
|
||||
if err == nil {
|
||||
value = types.Int(port)
|
||||
@@ -21,9 +21,9 @@ func (this *RequestRemotePortCheckpoint) RequestValue(req requests.Request, para
|
||||
return
|
||||
}
|
||||
|
||||
func (this *RequestRemotePortCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
|
||||
func (this *RequestRemotePortCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
|
||||
if this.IsRequest() {
|
||||
return this.RequestValue(req, param, options)
|
||||
return this.RequestValue(req, param, options, ruleId)
|
||||
}
|
||||
return
|
||||
}
|
||||
|
||||
@@ -9,7 +9,7 @@ type RequestRemoteUserCheckpoint struct {
|
||||
Checkpoint
|
||||
}
|
||||
|
||||
func (this *RequestRemoteUserCheckpoint) RequestValue(req requests.Request, param string, options maps.Map) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
|
||||
func (this *RequestRemoteUserCheckpoint) RequestValue(req requests.Request, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
|
||||
username, _, ok := req.WAFRaw().BasicAuth()
|
||||
if !ok {
|
||||
value = ""
|
||||
@@ -19,9 +19,9 @@ func (this *RequestRemoteUserCheckpoint) RequestValue(req requests.Request, para
|
||||
return
|
||||
}
|
||||
|
||||
func (this *RequestRemoteUserCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
|
||||
func (this *RequestRemoteUserCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
|
||||
if this.IsRequest() {
|
||||
return this.RequestValue(req, param, options)
|
||||
return this.RequestValue(req, param, options, ruleId)
|
||||
}
|
||||
return
|
||||
}
|
||||
|
||||
@@ -9,14 +9,14 @@ type RequestSchemeCheckpoint struct {
|
||||
Checkpoint
|
||||
}
|
||||
|
||||
func (this *RequestSchemeCheckpoint) RequestValue(req requests.Request, param string, options maps.Map) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
|
||||
func (this *RequestSchemeCheckpoint) RequestValue(req requests.Request, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
|
||||
value = req.Format("${scheme}")
|
||||
return
|
||||
}
|
||||
|
||||
func (this *RequestSchemeCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
|
||||
func (this *RequestSchemeCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
|
||||
if this.IsRequest() {
|
||||
return this.RequestValue(req, param, options)
|
||||
return this.RequestValue(req, param, options, ruleId)
|
||||
}
|
||||
return
|
||||
}
|
||||
|
||||
@@ -14,5 +14,5 @@ func TestRequestSchemeCheckpoint_RequestValue(t *testing.T) {
|
||||
|
||||
req := requests.NewTestRequest(rawReq)
|
||||
checkpoint := new(RequestSchemeCheckpoint)
|
||||
t.Log(checkpoint.RequestValue(req, "", nil))
|
||||
t.Log(checkpoint.RequestValue(req, "", nil, 1))
|
||||
}
|
||||
|
||||
@@ -17,7 +17,7 @@ type RequestUploadCheckpoint struct {
|
||||
Checkpoint
|
||||
}
|
||||
|
||||
func (this *RequestUploadCheckpoint) RequestValue(req requests.Request, param string, options maps.Map) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
|
||||
func (this *RequestUploadCheckpoint) RequestValue(req requests.Request, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
|
||||
if this.RequestBodyIsEmpty(req) {
|
||||
value = ""
|
||||
return
|
||||
@@ -122,9 +122,9 @@ func (this *RequestUploadCheckpoint) RequestValue(req requests.Request, param st
|
||||
return
|
||||
}
|
||||
|
||||
func (this *RequestUploadCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
|
||||
func (this *RequestUploadCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
|
||||
if this.IsRequest() {
|
||||
return this.RequestValue(req, param, options)
|
||||
return this.RequestValue(req, param, options, ruleId)
|
||||
}
|
||||
return
|
||||
}
|
||||
|
||||
@@ -88,11 +88,11 @@ func TestRequestUploadCheckpoint_RequestValue(t *testing.T) {
|
||||
req.WAFRaw().Header.Add("Content-Type", writer.FormDataContentType())
|
||||
|
||||
checkpoint := new(RequestUploadCheckpoint)
|
||||
t.Log(checkpoint.RequestValue(req, "field", nil))
|
||||
t.Log(checkpoint.RequestValue(req, "minSize", nil))
|
||||
t.Log(checkpoint.RequestValue(req, "maxSize", nil))
|
||||
t.Log(checkpoint.RequestValue(req, "name", nil))
|
||||
t.Log(checkpoint.RequestValue(req, "ext", nil))
|
||||
t.Log(checkpoint.RequestValue(req, "field", nil, 1))
|
||||
t.Log(checkpoint.RequestValue(req, "minSize", nil, 1))
|
||||
t.Log(checkpoint.RequestValue(req, "maxSize", nil, 1))
|
||||
t.Log(checkpoint.RequestValue(req, "name", nil, 1))
|
||||
t.Log(checkpoint.RequestValue(req, "ext", nil, 1))
|
||||
|
||||
data, err := ioutil.ReadAll(req.WAFRaw().Body)
|
||||
if err != nil {
|
||||
|
||||
@@ -9,7 +9,7 @@ type RequestURICheckpoint struct {
|
||||
Checkpoint
|
||||
}
|
||||
|
||||
func (this *RequestURICheckpoint) RequestValue(req requests.Request, param string, options maps.Map) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
|
||||
func (this *RequestURICheckpoint) RequestValue(req requests.Request, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
|
||||
if len(req.WAFRaw().RequestURI) > 0 {
|
||||
value = req.WAFRaw().RequestURI
|
||||
} else if req.WAFRaw().URL != nil {
|
||||
@@ -18,9 +18,9 @@ func (this *RequestURICheckpoint) RequestValue(req requests.Request, param strin
|
||||
return
|
||||
}
|
||||
|
||||
func (this *RequestURICheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
|
||||
func (this *RequestURICheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
|
||||
if this.IsRequest() {
|
||||
return this.RequestValue(req, param, options)
|
||||
return this.RequestValue(req, param, options, ruleId)
|
||||
}
|
||||
return
|
||||
}
|
||||
|
||||
@@ -9,13 +9,13 @@ type RequestURLCheckpoint struct {
|
||||
Checkpoint
|
||||
}
|
||||
|
||||
func (this *RequestURLCheckpoint) RequestValue(req requests.Request, param string, options maps.Map) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
|
||||
func (this *RequestURLCheckpoint) RequestValue(req requests.Request, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
|
||||
return req.Format("${requestURL}"), hasRequestBody, nil, nil
|
||||
}
|
||||
|
||||
func (this *RequestURLCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
|
||||
func (this *RequestURLCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
|
||||
if this.IsRequest() {
|
||||
return this.RequestValue(req, param, options)
|
||||
return this.RequestValue(req, param, options, ruleId)
|
||||
}
|
||||
return
|
||||
}
|
||||
|
||||
@@ -9,14 +9,14 @@ type RequestUserAgentCheckpoint struct {
|
||||
Checkpoint
|
||||
}
|
||||
|
||||
func (this *RequestUserAgentCheckpoint) RequestValue(req requests.Request, param string, options maps.Map) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
|
||||
func (this *RequestUserAgentCheckpoint) RequestValue(req requests.Request, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
|
||||
value = req.WAFRaw().UserAgent()
|
||||
return
|
||||
}
|
||||
|
||||
func (this *RequestUserAgentCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
|
||||
func (this *RequestUserAgentCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
|
||||
if this.IsRequest() {
|
||||
return this.RequestValue(req, param, options)
|
||||
return this.RequestValue(req, param, options, ruleId)
|
||||
}
|
||||
return
|
||||
}
|
||||
|
||||
@@ -16,12 +16,12 @@ func (this *ResponseBodyCheckpoint) IsRequest() bool {
|
||||
return false
|
||||
}
|
||||
|
||||
func (this *ResponseBodyCheckpoint) RequestValue(req requests.Request, param string, options maps.Map) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
|
||||
func (this *ResponseBodyCheckpoint) RequestValue(req requests.Request, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
|
||||
value = ""
|
||||
return
|
||||
}
|
||||
|
||||
func (this *ResponseBodyCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
|
||||
func (this *ResponseBodyCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
|
||||
if resp.ContentLength == 0 {
|
||||
value = ""
|
||||
return
|
||||
|
||||
@@ -16,10 +16,10 @@ func TestResponseBodyCheckpoint_ResponseValue(t *testing.T) {
|
||||
resp.Body = ioutil.NopCloser(bytes.NewBuffer([]byte("Hello, World")))
|
||||
|
||||
checkpoint := new(ResponseBodyCheckpoint)
|
||||
t.Log(checkpoint.ResponseValue(nil, resp, "", nil))
|
||||
t.Log(checkpoint.ResponseValue(nil, resp, "", nil))
|
||||
t.Log(checkpoint.ResponseValue(nil, resp, "", nil))
|
||||
t.Log(checkpoint.ResponseValue(nil, resp, "", nil))
|
||||
t.Log(checkpoint.ResponseValue(nil, resp, "", nil, 1))
|
||||
t.Log(checkpoint.ResponseValue(nil, resp, "", nil, 1))
|
||||
t.Log(checkpoint.ResponseValue(nil, resp, "", nil, 1))
|
||||
t.Log(checkpoint.ResponseValue(nil, resp, "", nil, 1))
|
||||
|
||||
data, err := ioutil.ReadAll(resp.Body)
|
||||
if err != nil {
|
||||
|
||||
@@ -14,12 +14,12 @@ func (this *ResponseBytesSentCheckpoint) IsRequest() bool {
|
||||
return false
|
||||
}
|
||||
|
||||
func (this *ResponseBytesSentCheckpoint) RequestValue(req requests.Request, param string, options maps.Map) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
|
||||
func (this *ResponseBytesSentCheckpoint) RequestValue(req requests.Request, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
|
||||
value = 0
|
||||
return
|
||||
}
|
||||
|
||||
func (this *ResponseBytesSentCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
|
||||
func (this *ResponseBytesSentCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
|
||||
value = 0
|
||||
if resp != nil {
|
||||
value = resp.ContentLength
|
||||
|
||||
@@ -18,12 +18,12 @@ func (this *ResponseGeneralHeaderLengthCheckpoint) IsComposed() bool {
|
||||
return true
|
||||
}
|
||||
|
||||
func (this *ResponseGeneralHeaderLengthCheckpoint) RequestValue(req requests.Request, param string, options maps.Map) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
|
||||
func (this *ResponseGeneralHeaderLengthCheckpoint) RequestValue(req requests.Request, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
|
||||
|
||||
return
|
||||
}
|
||||
|
||||
func (this *ResponseGeneralHeaderLengthCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
|
||||
func (this *ResponseGeneralHeaderLengthCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
|
||||
value = false
|
||||
|
||||
headers := options.GetSlice("headers")
|
||||
|
||||
@@ -14,12 +14,12 @@ func (this *ResponseHeaderCheckpoint) IsRequest() bool {
|
||||
return false
|
||||
}
|
||||
|
||||
func (this *ResponseHeaderCheckpoint) RequestValue(req requests.Request, param string, options maps.Map) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
|
||||
func (this *ResponseHeaderCheckpoint) RequestValue(req requests.Request, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
|
||||
value = ""
|
||||
return
|
||||
}
|
||||
|
||||
func (this *ResponseHeaderCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
|
||||
func (this *ResponseHeaderCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
|
||||
if resp != nil && resp.Header != nil {
|
||||
value = resp.Header.Get(param)
|
||||
} else {
|
||||
|
||||
@@ -13,5 +13,5 @@ func TestResponseHeaderCheckpoint_ResponseValue(t *testing.T) {
|
||||
resp.Header.Set("Hello", "World")
|
||||
|
||||
checkpoint := new(ResponseHeaderCheckpoint)
|
||||
t.Log(checkpoint.ResponseValue(nil, resp, "Hello", nil))
|
||||
t.Log(checkpoint.ResponseValue(nil, resp, "Hello", nil, 1))
|
||||
}
|
||||
|
||||
@@ -14,12 +14,12 @@ func (this *ResponseStatusCheckpoint) IsRequest() bool {
|
||||
return false
|
||||
}
|
||||
|
||||
func (this *ResponseStatusCheckpoint) RequestValue(req requests.Request, param string, options maps.Map) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
|
||||
func (this *ResponseStatusCheckpoint) RequestValue(req requests.Request, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
|
||||
value = 0
|
||||
return
|
||||
}
|
||||
|
||||
func (this *ResponseStatusCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
|
||||
func (this *ResponseStatusCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
|
||||
if resp != nil {
|
||||
value = resp.StatusCode
|
||||
}
|
||||
|
||||
@@ -11,5 +11,5 @@ func TestResponseStatusCheckpoint_ResponseValue(t *testing.T) {
|
||||
resp.StatusCode = 200
|
||||
|
||||
checkpoint := new(ResponseStatusCheckpoint)
|
||||
t.Log(checkpoint.ResponseValue(nil, resp, "", nil))
|
||||
t.Log(checkpoint.ResponseValue(nil, resp, "", nil, 1))
|
||||
}
|
||||
|
||||
@@ -10,13 +10,13 @@ type SampleRequestCheckpoint struct {
|
||||
Checkpoint
|
||||
}
|
||||
|
||||
func (this *SampleRequestCheckpoint) RequestValue(req requests.Request, param string, options maps.Map) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
|
||||
func (this *SampleRequestCheckpoint) RequestValue(req requests.Request, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
|
||||
return
|
||||
}
|
||||
|
||||
func (this *SampleRequestCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
|
||||
func (this *SampleRequestCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
|
||||
if this.IsRequest() {
|
||||
return this.RequestValue(req, param, options)
|
||||
return this.RequestValue(req, param, options, ruleId)
|
||||
}
|
||||
return
|
||||
}
|
||||
|
||||
@@ -2,9 +2,10 @@ package checkpoints
|
||||
|
||||
import (
|
||||
"github.com/TeaOSLab/EdgeNode/internal/waf/requests"
|
||||
"github.com/iwind/TeaGo/maps"
|
||||
)
|
||||
|
||||
// just a sample checkpoint, copy and change it for your new checkpoint
|
||||
// SampleResponseCheckpoint just a sample checkpoint, copy and change it for your new checkpoint
|
||||
type SampleResponseCheckpoint struct {
|
||||
Checkpoint
|
||||
}
|
||||
@@ -13,10 +14,10 @@ func (this *SampleResponseCheckpoint) IsRequest() bool {
|
||||
return false
|
||||
}
|
||||
|
||||
func (this *SampleResponseCheckpoint) RequestValue(req *requests.Request, param string, options map[string]string) (value interface{}, sysErr error, userErr error) {
|
||||
func (this *SampleResponseCheckpoint) RequestValue(req requests.Request, param string, options maps.Map, ruleId int64) (value interface{}, sysErr error, userErr error) {
|
||||
return
|
||||
}
|
||||
|
||||
func (this *SampleResponseCheckpoint) ResponseValue(req *requests.Request, resp *requests.Response, param string, options map[string]string) (value interface{}, sysErr error, userErr error) {
|
||||
func (this *SampleResponseCheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
|
||||
return
|
||||
}
|
||||
|
||||
@@ -26,6 +26,8 @@ var singleParamRegexp = regexp.MustCompile("^\\${[\\w.-]+}$")
|
||||
|
||||
// Rule
|
||||
type Rule struct {
|
||||
Id int64
|
||||
|
||||
Description string `yaml:"description" json:"description"`
|
||||
Param string `yaml:"param" json:"param"` // such as ${arg.name} or ${args}, can be composite as ${arg.firstName}${arg.lastName}
|
||||
ParamFilters []*ParamFilter `yaml:"paramFilters" json:"paramFilters"`
|
||||
@@ -186,7 +188,7 @@ func (this *Rule) Init() error {
|
||||
|
||||
func (this *Rule) MatchRequest(req requests.Request) (b bool, hasRequestBody bool, err error) {
|
||||
if this.singleCheckpoint != nil {
|
||||
value, hasCheckedRequestBody, err, _ := this.singleCheckpoint.RequestValue(req, this.singleParam, this.CheckpointOptions)
|
||||
value, hasCheckedRequestBody, err, _ := this.singleCheckpoint.RequestValue(req, this.singleParam, this.CheckpointOptions, this.Id)
|
||||
if hasCheckedRequestBody {
|
||||
hasRequestBody = true
|
||||
}
|
||||
@@ -216,7 +218,7 @@ func (this *Rule) MatchRequest(req requests.Request) (b bool, hasRequestBody boo
|
||||
}
|
||||
|
||||
if len(pieces) == 1 {
|
||||
value1, hasCheckRequestBody, err1, _ := point.RequestValue(req, "", this.CheckpointOptions)
|
||||
value1, hasCheckRequestBody, err1, _ := point.RequestValue(req, "", this.CheckpointOptions, this.Id)
|
||||
if hasCheckRequestBody {
|
||||
hasRequestBody = true
|
||||
}
|
||||
@@ -226,7 +228,7 @@ func (this *Rule) MatchRequest(req requests.Request) (b bool, hasRequestBody boo
|
||||
return types.String(value1)
|
||||
}
|
||||
|
||||
value1, hasCheckRequestBody, err1, _ := point.RequestValue(req, pieces[1], this.CheckpointOptions)
|
||||
value1, hasCheckRequestBody, err1, _ := point.RequestValue(req, pieces[1], this.CheckpointOptions, this.Id)
|
||||
if hasCheckRequestBody {
|
||||
hasRequestBody = true
|
||||
}
|
||||
@@ -247,7 +249,7 @@ func (this *Rule) MatchResponse(req requests.Request, resp *requests.Response) (
|
||||
if this.singleCheckpoint != nil {
|
||||
// if is request param
|
||||
if this.singleCheckpoint.IsRequest() {
|
||||
value, hasCheckRequestBody, err, _ := this.singleCheckpoint.RequestValue(req, this.singleParam, this.CheckpointOptions)
|
||||
value, hasCheckRequestBody, err, _ := this.singleCheckpoint.RequestValue(req, this.singleParam, this.CheckpointOptions, this.Id)
|
||||
if hasCheckRequestBody {
|
||||
hasRequestBody = true
|
||||
}
|
||||
@@ -264,7 +266,7 @@ func (this *Rule) MatchResponse(req requests.Request, resp *requests.Response) (
|
||||
}
|
||||
|
||||
// response param
|
||||
value, hasCheckRequestBody, err, _ := this.singleCheckpoint.ResponseValue(req, resp, this.singleParam, this.CheckpointOptions)
|
||||
value, hasCheckRequestBody, err, _ := this.singleCheckpoint.ResponseValue(req, resp, this.singleParam, this.CheckpointOptions, this.Id)
|
||||
if hasCheckRequestBody {
|
||||
hasRequestBody = true
|
||||
}
|
||||
@@ -290,7 +292,7 @@ func (this *Rule) MatchResponse(req requests.Request, resp *requests.Response) (
|
||||
|
||||
if len(pieces) == 1 {
|
||||
if point.IsRequest() {
|
||||
value1, hasCheckRequestBody, err1, _ := point.RequestValue(req, "", this.CheckpointOptions)
|
||||
value1, hasCheckRequestBody, err1, _ := point.RequestValue(req, "", this.CheckpointOptions, this.Id)
|
||||
if hasCheckRequestBody {
|
||||
hasRequestBody = true
|
||||
}
|
||||
@@ -299,7 +301,7 @@ func (this *Rule) MatchResponse(req requests.Request, resp *requests.Response) (
|
||||
}
|
||||
return types.String(value1)
|
||||
} else {
|
||||
value1, hasCheckRequestBody, err1, _ := point.ResponseValue(req, resp, "", this.CheckpointOptions)
|
||||
value1, hasCheckRequestBody, err1, _ := point.ResponseValue(req, resp, "", this.CheckpointOptions, this.Id)
|
||||
if hasCheckRequestBody {
|
||||
hasRequestBody = true
|
||||
}
|
||||
@@ -311,7 +313,7 @@ func (this *Rule) MatchResponse(req requests.Request, resp *requests.Response) (
|
||||
}
|
||||
|
||||
if point.IsRequest() {
|
||||
value1, hasCheckRequestBody, err1, _ := point.RequestValue(req, pieces[1], this.CheckpointOptions)
|
||||
value1, hasCheckRequestBody, err1, _ := point.RequestValue(req, pieces[1], this.CheckpointOptions, this.Id)
|
||||
if hasCheckRequestBody {
|
||||
hasRequestBody = true
|
||||
}
|
||||
@@ -320,7 +322,7 @@ func (this *Rule) MatchResponse(req requests.Request, resp *requests.Response) (
|
||||
}
|
||||
return types.String(value1)
|
||||
} else {
|
||||
value1, hasCheckRequestBody, err1, _ := point.ResponseValue(req, resp, pieces[1], this.CheckpointOptions)
|
||||
value1, hasCheckRequestBody, err1, _ := point.ResponseValue(req, resp, pieces[1], this.CheckpointOptions, this.Id)
|
||||
if hasCheckRequestBody {
|
||||
hasRequestBody = true
|
||||
}
|
||||
|
||||
@@ -97,6 +97,7 @@ func (this *WAFManager) ConvertWAF(policy *firewallconfigs.HTTPFirewallPolicy) (
|
||||
// rules
|
||||
for _, rule := range set.Rules {
|
||||
r := &Rule{
|
||||
Id: rule.Id,
|
||||
Description: rule.Description,
|
||||
Param: rule.Param,
|
||||
ParamFilters: []*ParamFilter{},
|
||||
@@ -154,6 +155,7 @@ func (this *WAFManager) ConvertWAF(policy *firewallconfigs.HTTPFirewallPolicy) (
|
||||
// rules
|
||||
for _, rule := range set.Rules {
|
||||
r := &Rule{
|
||||
Id: rule.Id,
|
||||
Description: rule.Description,
|
||||
Param: rule.Param,
|
||||
Operator: rule.Operator,
|
||||
|
||||
Reference in New Issue
Block a user