leftyer/SamWaf
1
0
Fork 0
mirror of https://gitee.com/samwaf/SamWaf.git synced 2025-12-06 06:58:54 +08:00
Code Issues Packages Projects Releases Wiki Activity

整体业务接口重新梳理封装

Browse Source
This commit is contained in:
samwaf
2022-11-01 18:01:19 +08:00
parent 5669ef3660
commit 6fd146cc42
30 changed files with 814 additions and 625 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
.idea/SamWaf.iml generated
View File

@@ -1,5 +1,6 @@
<?xml version="1.0" encoding="UTF-8"?>
<module type="WEB_MODULE" version="4">
<component name="Go" enabled="true" />
<component name="NewModuleRootManager">
<content url="file://$MODULE_DIR$" />
<orderEntry type="inheritedJdk" />

19
api/entrance.go Normal file
View File

@@ -0,0 +1,19 @@
package api
import "SamWaf/service/waf_service"
type APIGroup struct {
WafHostAPi
WafStatApi
WafLogAPi
WafRuleAPi
WafEngineApi
}
var APIGroupAPP = new(APIGroup)
var (
wafHostService = waf_service.WafHostServiceApp
wafLogService = waf_service.WafLogServiceApp
wafStatService = waf_service.WafStatServiceApp
wafRuleService = waf_service.WafRuleServiceApp
)

16
api/waf_engine.go Normal file
View File

@@ -0,0 +1,16 @@
package api
import (
"SamWaf/global"
"SamWaf/model/common/response"
"github.com/gin-gonic/gin"
)
type WafEngineApi struct {
}
func (w *WafEngineApi) ResetWaf(c *gin.Context) {
//重启WAF引擎
global.GWAF_CHAN_ENGINE <- 1
response.OkWithMessage("重启指令发起成功", c)
}

110
api/waf_host.go Normal file
View File

@@ -0,0 +1,110 @@
package api
import (
"SamWaf/global"
"SamWaf/model/common/response"
"SamWaf/model/request"
"errors"
"github.com/gin-gonic/gin"
"gorm.io/gorm"
)
type WafHostAPi struct {
}
func (w *WafHostAPi) AddApi(c *gin.Context) {
var req request.WafHostAddReq
err := c.ShouldBind(&req)
if err == nil {
err = wafHostService.CheckIsExistApi(req)
if err != nil {
response.FailWithMessage("当前网站和端口已经存在", c)
}
err = wafHostService.AddApi(req)
if err == nil {
response.OkWithMessage("添加成功", c)
} else {
response.FailWithMessage("添加失败", c)
}
} else {
response.FailWithMessage("解析失败", c)
}
}
func (w *WafHostAPi) GetDetailApi(c *gin.Context) {
var req request.WafHostDetailReq
err := c.ShouldBind(&req)
if err == nil {
wafHost := wafHostService.GetDetailApi(req)
response.OkWithDetailed(wafHost, "获取成功", c)
} else {
response.FailWithMessage("解析失败", c)
}
}
func (w *WafHostAPi) GetListApi(c *gin.Context) {
var req request.WafHostSearchReq
err := c.ShouldBind(&req)
if err == nil {
wafHosts, total, _ := wafHostService.GetListApi(req)
response.OkWithDetailed(response.PageResult{
List: wafHosts,
Total: total,
PageIndex: req.PageIndex,
PageSize: req.PageSize,
}, "获取成功", c)
} else {
response.FailWithMessage("解析失败", c)
}
}
func (w *WafHostAPi) DelHostApi(c *gin.Context) {
var req request.WafHostDelReq
err := c.ShouldBind(&req)
if err == nil {
err = wafHostService.DelHostApi(req)
if err != nil && errors.Is(err, gorm.ErrRecordNotFound) {
response.FailWithMessage("请检测参数", c)
} else if err != nil {
response.FailWithMessage("发生错误", c)
} else {
response.FailWithMessage("删除成功", c)
}
} else {
response.FailWithMessage("解析失败", c)
}
}
func (w *WafHostAPi) ModifyHostApi(c *gin.Context) {
var req request.WafHostEditReq
err := c.ShouldBind(&req)
if err == nil {
err = wafHostService.ModifyApi(req)
if err != nil {
response.FailWithMessage("编辑发生错误", c)
} else {
response.FailWithMessage("编辑成功", c)
}
} else {
response.FailWithMessage("解析失败", c)
}
}
func (w *WafHostAPi) ModifyGuardStatusApi(c *gin.Context) {
var req request.WafHostGuardStatusReq
err := c.ShouldBind(&req)
if err == nil {
err = wafHostService.ModifyGuardStatusApi(req)
if err != nil {
response.FailWithMessage("更新状态发生错误", c)
} else {
wafHost := wafHostService.GetDetailByCodeApi(req.CODE)
//发送状态改变通知
global.GWAF_CHAN_HOST <- wafHost
response.FailWithMessage("状态更新成功", c)
}
} else {
response.FailWithMessage("解析失败", c)
}
}

36
api/waf_log.go Normal file
View File

@@ -0,0 +1,36 @@
package api
import (
"SamWaf/model/common/response"
"SamWaf/model/request"
"github.com/gin-gonic/gin"
)
type WafLogAPi struct {
}
func (w *WafLogAPi) GetDetailApi(c *gin.Context) {
var req request.WafAttackLogDetailReq
err := c.ShouldBind(&req)
if err == nil {
wafLog, _ := wafLogService.GetDetailApi(req)
response.OkWithDetailed(wafLog, "获取成功", c)
} else {
response.FailWithMessage("解析失败", c)
}
}
func (w *WafLogAPi) GetListApi(c *gin.Context) {
var req request.WafAttackLogSearch
err := c.ShouldBind(&req)
if err == nil {
wafLogs, total, _ := wafLogService.GetListApi(req)
response.OkWithDetailed(response.PageResult{
List: wafLogs,
Total: total,
PageIndex: req.PageIndex,
PageSize: req.PageSize,
}, "获取成功", c)
} else {
response.FailWithMessage("解析失败", c)
}
}

138
api/waf_rule.go Normal file
View File

@@ -0,0 +1,138 @@
package api
import (
"SamWaf/model"
"SamWaf/model/common/response"
"SamWaf/model/request"
"SamWaf/utils"
"errors"
"github.com/gin-gonic/gin"
uuid "github.com/satori/go.uuid"
"gorm.io/gorm"
"strings"
)
type WafRuleAPi struct {
}
func (w *WafRuleAPi) AddApi(c *gin.Context) {
ruleHelper := &utils.RuleHelper{}
var req request.WafRuleAddReq
err := c.ShouldBind(&req)
if err == nil {
var ruleTool = model.RuleTool{}
ruleInfo, err := ruleTool.LoadRule(req.RuleJson)
if err != nil {
response.FailWithMessage("规则解析错误", c)
return
}
err = wafRuleService.CheckIsExistApi(ruleInfo.RuleBase.RuleName, ruleInfo.RuleBase.RuleDomainCode)
if err != nil {
response.FailWithMessage("当前规则名称已存在", c)
}
chsName := ruleInfo.RuleBase.RuleName
var ruleCode = uuid.NewV4().String()
ruleInfo.RuleBase.RuleName = strings.Replace(ruleCode, "-", "", -1)
var ruleContent = ruleTool.GenRuleInfo(ruleInfo, chsName)
if req.IsManualRule == 1 {
ruleContent = ruleInfo.RuleContent
//检查规则是否合法
err = ruleHelper.CheckRuleAvailable(ruleContent)
if err != nil {
response.FailWithMessage("规则校验失败", c)
return
}
}
err = wafRuleService.AddApi(req, ruleCode, chsName, ruleInfo.RuleBase.RuleDomainCode, ruleContent)
if err == nil {
response.OkWithMessage("添加成功", c)
} else {
response.FailWithMessage("添加失败", c)
}
} else {
response.FailWithMessage("解析失败", c)
}
}
func (w *WafRuleAPi) GetDetailApi(c *gin.Context) {
var req request.WafRuleDetailReq
err := c.ShouldBind(&req)
if err == nil {
wafHost := wafRuleService.GetDetailApi(req)
response.OkWithDetailed(wafHost, "获取成功", c)
} else {
response.FailWithMessage("解析失败", c)
}
}
func (w *WafRuleAPi) GetListApi(c *gin.Context) {
var req request.WafRuleSearchReq
err := c.ShouldBind(&req)
if err == nil {
wafRules, total, _ := wafRuleService.GetListApi(req)
response.OkWithDetailed(response.PageResult{
List: wafRules,
Total: total,
PageIndex: req.PageIndex,
PageSize: req.PageSize,
}, "获取成功", c)
} else {
response.FailWithMessage("解析失败", c)
}
}
func (w *WafRuleAPi) DelRuleApi(c *gin.Context) {
var req request.WafRuleDelReq
err := c.ShouldBind(&req)
if err == nil {
err = wafRuleService.DelRuleApi(req)
if err != nil && errors.Is(err, gorm.ErrRecordNotFound) {
response.FailWithMessage("请检测参数", c)
} else if err != nil {
response.FailWithMessage("发生错误", c)
} else {
response.FailWithMessage("删除成功", c)
}
} else {
response.FailWithMessage("解析失败", c)
}
}
func (w *WafRuleAPi) ModifyRuleApi(c *gin.Context) {
ruleHelper := &utils.RuleHelper{}
var req request.WafRuleEditReq
err := c.ShouldBind(&req)
if err == nil {
var ruleTool = model.RuleTool{}
ruleInfo, err := ruleTool.LoadRule(req.RuleJson)
if err != nil {
response.FailWithMessage("解析错误", c)
return
}
rule := wafRuleService.GetDetailByCodeApi(req.CODE)
var ruleName = ruleInfo.RuleBase.RuleName //中文名
ruleInfo.RuleBase.RuleName = strings.Replace(rule.RuleCode, "-", "", -1)
var ruleContent = ruleTool.GenRuleInfo(ruleInfo, ruleName)
if req.IsManualRule == 1 {
ruleContent = ruleInfo.RuleContent
//检查规则是否合法
err = ruleHelper.CheckRuleAvailable(ruleContent)
if err != nil {
response.FailWithMessage("规则校验失败", c)
return
}
}
err = wafRuleService.ModifyApi(req, ruleName, ruleInfo.RuleBase.RuleDomainCode, ruleContent)
if err != nil {
response.FailWithMessage("编辑发生错误", c)
} else {
response.FailWithMessage("编辑成功", c)
}
} else {
response.FailWithMessage("解析失败", c)
}
}

15
api/waf_stat.go Normal file
View File

@@ -0,0 +1,15 @@
package api
import (
"SamWaf/model/common/response"
"github.com/gin-gonic/gin"
)
type WafStatApi struct {
}
func (w *WafStatApi) StatHomeApi(c *gin.Context) {
wafStat, _ := wafStatService.StatHomeApi()
response.OkWithDetailed(wafStat, "获取成功", c)
}

19
global/global.go
View File

@@ -1,6 +1,7 @@
package global
import (
"SamWaf/model"
"github.com/bytedance/godlp/dlpheader"
"gorm.io/gorm"
"time"
@@ -12,12 +13,14 @@ const (
)
var (
GWAF_LOCAL_DB *gorm.DB //通用本地数据库,尊重用户隐私
GWAF_REMOTE_DB *gorm.DB //仅当用户使用云数据库
GWAF_LOCAL_SERVER_PORT int = 26666 // 本地local端口
GWAF_USER_CODE string // 当前识别号
GWAF_TENANT_ID string // 当前租户ID
GWAF_RELEASE bool = false // 当前是否为发行版
GWAF_LAST_UPDATE_TIME time.Time // 上次时间
GWAF_DLP dlpheader.EngineAPI // 脱敏引擎
GWAF_LOCAL_DB *gorm.DB //通用本地数据库,尊重用户隐私
GWAF_REMOTE_DB *gorm.DB //仅当用户使用云数据库
GWAF_LOCAL_SERVER_PORT int = 26666 // 本地local端口
GWAF_USER_CODE string // 当前识别号
GWAF_TENANT_ID string // 当前租户ID
GWAF_RELEASE bool = false // 当前是否为发行版
GWAF_LAST_UPDATE_TIME time.Time // 上次时间
GWAF_DLP dlpheader.EngineAPI // 脱敏引擎
GWAF_CHAN_HOST = make(chan model.Hosts, 10) //主机链
GWAF_CHAN_ENGINE = make(chan int, 10) //引擎链
)

585
localserver.go
View File

@@ -2,26 +2,24 @@ package main
import (
"SamWaf/global"
"SamWaf/innerbean"
"SamWaf/model"
"SamWaf/model/common/response"
"SamWaf/model/request"
response2 "SamWaf/model/response"
"SamWaf/utils"
"SamWaf/utils/zlog"
"SamWaf/router"
"SamWaf/vue"
"errors"
assetfs "github.com/elazarl/go-bindata-assetfs"
"github.com/gin-gonic/gin"
uuid "github.com/satori/go.uuid"
"gorm.io/gorm"
"log"
"net/http"
"strconv"
"strings"
"time"
)
func InitRouter(r *gin.Engine) {
RouterGroup := r.Group("")
router.ApiGroupApp.InitHostRouter(RouterGroup)
router.ApiGroupApp.InitLogRouter(RouterGroup)
router.ApiGroupApp.InitRuleRouter(RouterGroup)
router.ApiGroupApp.InitEngineRouter(RouterGroup)
router.ApiGroupApp.InitStatRouter(RouterGroup)
}
func Cors() gin.HandlerFunc {
return func(c *gin.Context) {
method := c.Request.Method
@@ -52,568 +50,7 @@ func StartLocalServer() {
if global.GWAF_RELEASE {
index(r)
}
ruleHelper := &utils.RuleHelper{}
r.GET("/samwaf/resetWAF", func(c *gin.Context) {
/*defer func() {
c.JSON(http.StatusOK, response.Response{
HostCode: -1,
Data: "",
Msg: "重启指令失败",
})
}()*/
//重启WAF引擎
engineChan <- 1
c.JSON(http.StatusOK, response.Response{
Code: 200,
Data: "",
Msg: "已发起重启指令",
})
})
r.GET("/samwaf/wafstat", func(c *gin.Context) {
c.JSON(http.StatusOK, response.Response{
Code: 200,
Data: response2.WafStat{
AttackCountOfToday: 0,
VisitCountOfToday: 0,
AttackCountOfYesterday: 0,
VisitCountOfYesterday: 0,
AttackCountOfLastWeekToday: 0,
VisitCountOfLastWeekToday: 0,
NormalIpCountOfToday: 0,
IllegalIpCountOfToday: 0,
NormalCountryCountOfToday: 0,
IllegalCountryCountOfToday: 0,
NormalProvinceCountOfToday: 0,
IllegalProvinceCountOfToday: 0,
NormalCityCountOfToday: 0,
IllegalCityCountOfToday: 0,
},
Msg: "统计信息",
})
})
var waf_attack request.WafAttackLogSearch
r.GET("/samwaf/waflog/attack/list", func(c *gin.Context) {
err := c.ShouldBind(&waf_attack)
if err == nil {
var total int64 = 0
var weblogs []innerbean.WebLog
global.GWAF_LOCAL_DB.Debug().Limit(waf_attack.PageSize).Offset(waf_attack.PageSize * (waf_attack.PageIndex - 1)).Order("create_time desc").Find(&weblogs)
global.GWAF_LOCAL_DB.Debug().Model(&innerbean.WebLog{}).Count(&total)
c.JSON(http.StatusOK, response.Response{
Code: 200,
Data: response.PageResult{
List: weblogs,
Total: total,
PageIndex: waf_attack.PageIndex,
PageSize: waf_attack.PageSize,
},
Msg: "获取成功",
})
}
})
var waf_attack_detail_req request.WafAttackLogDetailReq
r.GET("/samwaf/waflog/attack/detail", func(c *gin.Context) {
err := c.ShouldBind(&waf_attack_detail_req)
if err == nil {
var weblog innerbean.WebLog
global.GWAF_LOCAL_DB.Debug().Where("REQ_UUID=?", waf_attack_detail_req.REQ_UUID).Find(&weblog)
c.JSON(http.StatusOK, response.Response{
Code: 200,
Data: weblog,
Msg: "获取成功",
})
}
})
var waf_host_req request.WafHostSearchReq
r.GET("/samwaf/wafhost/host/list", func(c *gin.Context) {
err := c.ShouldBind(&waf_host_req)
if err == nil {
var total int64 = 0
var webhosts []model.Hosts
global.GWAF_LOCAL_DB.Debug().Limit(waf_host_req.PageSize).Offset(waf_host_req.PageSize * (waf_host_req.PageIndex - 1)).Find(&webhosts)
global.GWAF_LOCAL_DB.Debug().Model(&model.Hosts{}).Count(&total)
c.JSON(http.StatusOK, response.Response{
Code: 200,
Data: response.PageResult{
List: webhosts,
Total: total,
PageIndex: waf_attack.PageIndex,
PageSize: waf_attack.PageSize,
},
Msg: "获取成功",
})
}
})
var waf_host_detail_req request.WafHostDetailReq
r.GET("/samwaf/wafhost/host/detail", func(c *gin.Context) {
err := c.ShouldBind(&waf_host_detail_req)
if err == nil {
var webhost model.Hosts
global.GWAF_LOCAL_DB.Debug().Where("CODE=?", waf_host_detail_req.CODE).Find(&webhost)
c.JSON(http.StatusOK, response.Response{
Code: 200,
Data: webhost,
Msg: "获取成功",
})
}
})
var waf_host_add_req request.WafHostAddReq
r.POST("/samwaf/wafhost/host/add", func(c *gin.Context) {
err := c.ShouldBind(&waf_host_add_req)
if err == nil {
if (!errors.Is(global.GWAF_LOCAL_DB.First(&model.Hosts{}, "host = ? and port= ?", waf_host_add_req.Host, waf_host_add_req.Port).Error, gorm.ErrRecordNotFound)) {
c.JSON(http.StatusOK, response.Response{
Code: 404,
Msg: "当前网站和端口已经存在", //可以后续考虑再次加入已存在的host的返回前台进行编辑
})
return
}
var waf_host = &model.Hosts{
USER_CODE: global.GWAF_USER_CODE,
Tenant_id: global.GWAF_TENANT_ID,
Code: uuid.NewV4().String(),
Host: waf_host_add_req.Host,
Port: waf_host_add_req.Port,
Ssl: waf_host_add_req.Ssl,
GUARD_STATUS: 0,
REMOTE_SYSTEM: waf_host_add_req.REMOTE_SYSTEM,
REMOTE_APP: waf_host_add_req.REMOTE_APP,
Remote_host: waf_host_add_req.Remote_host,
Remote_port: waf_host_add_req.Remote_port,
Certfile: waf_host_add_req.Certfile,
Keyfile: waf_host_add_req.Keyfile,
REMARKS: waf_host_add_req.REMARKS,
CREATE_TIME: time.Now(),
UPDATE_TIME: time.Now(),
}
//waf_host_add_req.USER_CODE =
global.GWAF_LOCAL_DB.Debug().Create(waf_host)
c.JSON(http.StatusOK, response.Response{
Code: 200,
Data: "",
Msg: "添加成功",
})
} else {
zlog.Debug("添加解析失败")
c.JSON(http.StatusOK, response.Response{
Code: -1,
Data: err.Error(),
Msg: "添加失败",
})
return
}
})
var waf_host_del_req request.WafHostDelReq
r.GET("/samwaf/wafhost/host/del", func(c *gin.Context) {
err := c.ShouldBind(&waf_host_del_req)
if err == nil {
var webhost model.Hosts
err = global.GWAF_LOCAL_DB.Where("CODE = ?", waf_host_del_req.CODE).First(&webhost).Error
if err != nil && errors.Is(err, gorm.ErrRecordNotFound) {
c.JSON(http.StatusOK, response.Response{
Code: -1,
Data: err.Error(),
Msg: "请检测参数",
})
return
}
if err != nil {
c.JSON(http.StatusOK, response.Response{
Code: -1,
Data: err.Error(),
Msg: "发生错误",
})
return
}
err = global.GWAF_LOCAL_DB.Where("CODE = ?", waf_host_del_req.CODE).Delete(model.Hosts{}).Error
if err != nil {
c.JSON(http.StatusOK, response.Response{
Code: -1,
Data: err.Error(),
Msg: "删除失败",
})
return
}
c.JSON(http.StatusOK, response.Response{
Code: 200,
Data: "",
Msg: "删除成功",
})
}
})
var waf_host_edit_req request.WafHostEditReq
r.POST("/samwaf/wafhost/host/edit", func(c *gin.Context) {
err := c.ShouldBind(&waf_host_edit_req)
if err == nil {
var webhost model.Hosts
global.GWAF_LOCAL_DB.Debug().Where("host = ? and port= ?", waf_host_edit_req.Host, waf_host_edit_req.Port).Find(&webhost)
if webhost.Id != 0 && webhost.Code != waf_host_edit_req.CODE {
c.JSON(http.StatusOK, response.Response{
Code: 404,
Msg: "当前网站和端口已经存在", //可以后续考虑再次加入已存在的host的返回前台进行编辑
})
return
}
hostMap := map[string]interface{}{
"Host": waf_host_edit_req.Host,
"Port": waf_host_edit_req.Port,
"Ssl": waf_host_edit_req.Ssl,
"GUARD_STATUS": 0,
"REMOTE_SYSTEM": waf_host_edit_req.REMOTE_SYSTEM,
"REMOTE_APP": waf_host_edit_req.REMOTE_APP,
"Remote_host": waf_host_edit_req.Remote_host,
"Remote_port": waf_host_edit_req.Remote_port,
"REMARKS": waf_host_edit_req.REMARKS,
"Certfile": waf_host_edit_req.Certfile,
"Keyfile": waf_host_edit_req.Keyfile,
"UPDATE_TIME": time.Now(),
}
//var edit_waf_host model.Hosts
//global.GWAF_LOCAL_DB.Debug().Where("CODE=?", waf_host_edit_req.CODE).Find(edit_waf_host)
err = global.GWAF_LOCAL_DB.Debug().Model(model.Hosts{}).Where("CODE=?", waf_host_edit_req.CODE).Updates(hostMap).Error
if err != nil {
c.JSON(http.StatusOK, response.Response{
Code: 200,
Data: err.Error(),
Msg: "编辑失败",
})
} else {
c.JSON(http.StatusOK, response.Response{
Code: 200,
Data: "",
Msg: "编辑成功",
})
}
} else {
zlog.Debug("添加解析失败")
c.JSON(http.StatusOK, response.Response{
Code: -1,
Data: err.Error(),
Msg: "编辑失败",
})
return
}
})
var waf_host_guard_status_req request.WafHostGuardStatusReq
r.GET("/samwaf/wafhost/host/guardstatus", func(c *gin.Context) {
err := c.ShouldBind(&waf_host_guard_status_req)
if err == nil {
hostMap := map[string]interface{}{
"GUARD_STATUS": waf_host_guard_status_req.GUARD_STATUS,
"UPDATE_TIME": time.Now(),
}
err = global.GWAF_LOCAL_DB.Debug().Model(model.Hosts{}).Where("CODE=?", waf_host_guard_status_req.CODE).Updates(hostMap).Error
if err != nil {
c.JSON(http.StatusOK, response.Response{
Code: 200,
Data: err.Error(),
Msg: "状态失败",
})
} else {
var webHost model.Hosts
err = global.GWAF_LOCAL_DB.Where("CODE = ?", waf_host_guard_status_req.CODE).First(&webHost).Error
//发送状态改变通知
hostChan <- webHost
c.JSON(http.StatusOK, response.Response{
Code: 200,
Data: "",
Msg: "状态成功",
})
}
} else {
zlog.Debug("状态解析失败")
c.JSON(http.StatusOK, response.Response{
Code: -1,
Data: err.Error(),
Msg: "状态失败",
})
return
}
})
var waf_rule_detail_req request.WafRuleDetailReq
r.GET("/samwaf/wafhost/rule/detail", func(c *gin.Context) {
err := c.ShouldBind(&waf_rule_detail_req)
if err == nil {
var rules model.Rules
global.GWAF_LOCAL_DB.Debug().Where("RULE_CODE=?", waf_rule_detail_req.CODE).Find(&rules)
c.JSON(http.StatusOK, response.Response{
Code: 200,
Data: rules,
Msg: "获取成功",
})
}
})
var waf_rule_search_req request.WafRuleSearchReq
r.GET("/samwaf/wafhost/rule/list", func(c *gin.Context) {
err := c.ShouldBind(&waf_rule_search_req)
if err == nil {
var total int64 = 0
var rules []model.Rules
global.GWAF_LOCAL_DB.Debug().Where("user_code=? and rule_status= 1", global.GWAF_USER_CODE).Limit(waf_rule_search_req.PageSize).Offset(waf_rule_search_req.PageSize * (waf_rule_search_req.PageIndex - 1)).Find(&rules)
global.GWAF_LOCAL_DB.Debug().Model(&model.Rules{}).Count(&total)
c.JSON(http.StatusOK, response.Response{
Code: 200,
Data: response.PageResult{
List: rules,
Total: total,
PageIndex: waf_attack.PageIndex,
PageSize: waf_attack.PageSize,
},
Msg: "获取成功",
})
}
})
var waf_rule_add_req request.WafRuleAddReq
r.POST("/samwaf/wafhost/rule/add", func(c *gin.Context) {
err := c.ShouldBind(&waf_rule_add_req)
if err == nil {
var rule_tool = model.RuleTool{}
rule_info, err := rule_tool.LoadRule(waf_rule_add_req.RuleJson)
if err != nil {
c.JSON(http.StatusOK, response.Response{
Code: -1,
Msg: "解析错误",
})
return
}
var rulename = rule_info.RuleBase.RuleName //中文名
if (!errors.Is(global.GWAF_LOCAL_DB.First(&model.Rules{}, "rule_name = ? and rule_code = ?", rulename, rule_info.RuleBase.RuleDomainCode).Error, gorm.ErrRecordNotFound)) {
c.JSON(http.StatusOK, response.Response{
Code: 404,
Msg: "当前规则名称已存在", //可以后续考虑再次加入已存在的返回,前台进行编辑
})
return
}
var rule_code = uuid.NewV4().String()
rule_info.RuleBase.RuleName = strings.Replace(rule_code, "-", "", -1)
var ruleContent = rule_tool.GenRuleInfo(rule_info, rulename)
if waf_rule_add_req.IsManualRule == 1 {
ruleContent = rule_info.RuleContent
//检查规则是否合法
err = ruleHelper.CheckRuleAvailable(ruleContent)
if err != nil {
c.JSON(http.StatusOK, response.Response{
Code: -1,
Data: err.Error(),
Msg: "规则校验失败",
})
return
}
}
var waf_rule = &model.Rules{
TenantId: global.GWAF_TENANT_ID,
HostCode: rule_info.RuleBase.RuleDomainCode, //网站CODE
RuleCode: rule_code,
RuleName: rulename,
RuleContent: ruleContent,
RuleContentJSON: waf_rule_add_req.RuleJson, //TODO 后续考虑是否应该再从结构转一次
RuleVersionName: "初版",
RuleVersion: 1,
UserCode: global.GWAF_USER_CODE,
IsPublicRule: 0,
IsManualRule: waf_rule_add_req.IsManualRule,
RuleStatus: 1,
}
//waf_host_add_req.USER_CODE =
global.GWAF_LOCAL_DB.Debug().Create(waf_rule)
c.JSON(http.StatusOK, response.Response{
Code: 200,
Data: "",
Msg: "添加成功",
})
} else {
log.Println("添加解析失败")
c.JSON(http.StatusOK, response.Response{
Code: -1,
Data: err.Error(),
Msg: "添加失败",
})
return
}
})
var waf_rule_edit_req request.WafRuleEditReq
r.POST("/samwaf/wafhost/rule/edit", func(c *gin.Context) {
err := c.ShouldBind(&waf_rule_edit_req)
if err == nil {
var ruleTool = model.RuleTool{}
ruleInfo, err := ruleTool.LoadRule(waf_rule_edit_req.RuleJson)
if err != nil {
c.JSON(http.StatusOK, response.Response{
Code: -1,
Msg: "解析错误",
})
return
}
var ruleName = ruleInfo.RuleBase.RuleName //中文名
var rule model.Rules
global.GWAF_LOCAL_DB.Debug().Where("rule_name = ? and host_code= ?",
ruleName, ruleInfo.RuleBase.RuleDomainCode).Find(&rule)
if rule.Id != 0 && rule.RuleCode != waf_rule_edit_req.CODE {
c.JSON(http.StatusOK, response.Response{
Code: 404,
Msg: "当前规则名称已经存在", //可以后续考虑再次加入已存在的返回,前台进行编辑
})
return
}
global.GWAF_LOCAL_DB.Debug().Where("rule_code=?", waf_rule_edit_req.CODE).Find(&rule)
ruleInfo.RuleBase.RuleName = strings.Replace(rule.RuleCode, "-", "", -1)
var ruleContent = ruleTool.GenRuleInfo(ruleInfo, ruleName)
if waf_rule_edit_req.IsManualRule == 1 {
ruleContent = ruleInfo.RuleContent
//检查规则是否合法
err = ruleHelper.CheckRuleAvailable(ruleContent)
if err != nil {
c.JSON(http.StatusOK, response.Response{
Code: -1,
Data: err.Error(),
Msg: "规则校验失败",
})
return
}
}
ruleMap := map[string]interface{}{
"HostCode": ruleInfo.RuleBase.RuleDomainCode, //TODO 注意字典名称
"RuleName": ruleName,
"RuleContent": ruleContent,
"RuleContentJSON": waf_rule_edit_req.RuleJson, //TODO 后续考虑是否应该再从结构转一次
"RuleVersionName": "初版",
"RuleVersion": rule.RuleVersion + 1,
"User_code": global.GWAF_USER_CODE,
"IsPublicRule": 0,
"IsManualRule": waf_rule_edit_req.IsManualRule,
"RuleStatus": "1",
//"UPDATE_TIME": time.Now(),
}
err = global.GWAF_LOCAL_DB.Debug().Model(model.Rules{}).Where("rule_code=?", waf_rule_edit_req.CODE).Updates(ruleMap).Error
if err != nil {
c.JSON(http.StatusOK, response.Response{
Code: 200,
Data: err.Error(),
Msg: "编辑失败",
})
} else {
c.JSON(http.StatusOK, response.Response{
Code: 200,
Data: "",
Msg: "编辑成功",
})
}
} else {
log.Println("添加解析失败")
c.JSON(http.StatusOK, response.Response{
Code: -1,
Data: err.Error(),
Msg: "编辑失败",
})
return
}
})
var waf_rule_del_req request.WafRuleDelReq
r.GET("/samwaf/wafhost/rule/del", func(c *gin.Context) {
err := c.ShouldBind(&waf_rule_del_req)
if err == nil {
var rule model.Rules
err = global.GWAF_LOCAL_DB.Where("rule_code = ?", waf_rule_del_req.CODE).First(&rule).Error
if err != nil && errors.Is(err, gorm.ErrRecordNotFound) {
c.JSON(http.StatusOK, response.Response{
Code: -1,
Data: err.Error(),
Msg: "请检测参数",
})
return
}
if err != nil {
c.JSON(http.StatusOK, response.Response{
Code: -1,
Data: err.Error(),
Msg: "发生错误",
})
return
}
rule_map := map[string]interface{}{
"RuleStatus": "999",
"RuleVersion": 999999,
}
err = global.GWAF_LOCAL_DB.Model(model.Rules{}).Where("rule_code = ?", waf_rule_del_req.CODE).Updates(rule_map).Error
if err != nil {
c.JSON(http.StatusOK, response.Response{
Code: -1,
Data: err.Error(),
Msg: "删除失败",
})
return
}
c.JSON(http.StatusOK, response.Response{
Code: 200,
Data: "",
Msg: "删除成功",
})
}
})
InitRouter(r)
r.Run(":" + strconv.Itoa(global.GWAF_LOCAL_SERVER_PORT)) // listen and serve on 0.0.0.0:8080 (for windows "localhost:8080")
log.Println("本地 port:%d", global.GWAF_LOCAL_SERVER_PORT)

4
localwaf/src/pages/dashboard/base/components/TopPanel.vue
View File

@@ -110,9 +110,9 @@ export default {
.get('/wafstat', {
})
.then((res) => {
let resdata = res.data
let resdata = res
console.log(resdata)
if (resdata.code === 200) {
if (resdata.code === 0) {
//const { list = [] } = resdata.data.list;

4
localwaf/src/pages/waf-host/host/detail/index.vue
View File

@@ -130,9 +130,9 @@
}
})
.then((res) => {
let resdata = res.data
let resdata = res
console.log(resdata)
if (resdata.code === 200) {
if (resdata.code === 0) {
//const { list = [] } = resdata.data.list;

24
localwaf/src/pages/waf-host/host/index.vue
View File

@@ -389,9 +389,9 @@
}
})
.then((res) => {
let resdata = res.data
let resdata = res
console.log(resdata)
if (resdata.code === 200) {
if (resdata.code === 0) {
//const { list = [] } = resdata.data.list;
@@ -475,9 +475,9 @@
...postdata
})
.then((res) => {
let resdata = res.data
let resdata = res
console.log(resdata)
if (resdata.code === 200) {
if (resdata.code === 0) {
that.$message.success(resdata.msg);
that.addFormVisible = false;
that.pagination.current = 1
@@ -511,9 +511,9 @@
...postdata
})
.then((res) => {
let resdata = res.data
let resdata = res
console.log(resdata)
if (resdata.code === 200) {
if (resdata.code === 0) {
that.$message.success(resdata.msg);
that.editFormVisible = false;
that.pagination.current = 1
@@ -559,9 +559,9 @@
}
})
.then((res) => {
let resdata = res.data
let resdata = res
console.log(resdata)
if (resdata.code === 200) {
if (resdata.code === 0) {
that.pagination.current = 1
that.getList("")
@@ -593,9 +593,9 @@
}
})
.then((res) => {
let resdata = res.data
let resdata = res
console.log(resdata)
if (resdata.code === 200) {
if (resdata.code === 0) {
that.detail_data = resdata.data;
that.detail_data.ssl = that.detail_data.ssl.toString()
that.formEditData = {
@@ -647,9 +647,9 @@
}
})
.then((res) => {
let resdata = res.data
let resdata = res
console.log(resdata)
if (resdata.code === 200) {
if (resdata.code === 0) {
that.getList("")
that.$message.close(msg);
that.$message.success(resdata.msg)

8
localwaf/src/pages/waf-host/rule/edit/index.vue
View File

@@ -455,9 +455,9 @@
}
})
.then((res) => {
let resdata = res.data
let resdata = res
console.log(resdata)
if (resdata.code === 200) {
if (resdata.code === 0) {
//const { list = [] } = resdata.data;
@@ -499,9 +499,9 @@
...postdata
})
.then((res) => {
let resdata = res.data
let resdata = res
console.log(resdata)
if (resdata.code === 200) {
if (resdata.code === 0) {
that.$message.success(resdata.msg);
this.$router.push(
{

20
localwaf/src/pages/waf-host/rule/index.vue
View File

@@ -190,9 +190,9 @@ export default Vue.extend({
}
})
.then((res) => {
let resdata = res.data
let resdata = res
console.log(resdata)
if (resdata.code === 200) {
if (resdata.code === 0) {
this.data = resdata.data.list;
this.pagination = {
...this.pagination,
@@ -262,9 +262,9 @@ export default Vue.extend({
...postdata
})
.then((res) => {
let resdata = res.data
let resdata = res
console.log(resdata)
if (resdata.code === 200) {
if (resdata.code === 0) {
that.$message.success(resdata.msg);
that.addFormVisible = false;
that.pagination.current = 1
@@ -294,9 +294,9 @@ export default Vue.extend({
...postdata
})
.then((res) => {
let resdata = res.data
let resdata = res
console.log(resdata)
if (resdata.code === 200) {
if (resdata.code === 0) {
that.$message.success(resdata.msg);
that.editFormVisible = false;
that.pagination.current = 1
@@ -341,9 +341,9 @@ export default Vue.extend({
}
})
.then((res) => {
let resdata = res.data
let resdata = res
console.log(resdata)
if (resdata.code === 200) {
if (resdata.code === 0) {
that.pagination.current = 1
that.getList("")
@@ -375,9 +375,9 @@ export default Vue.extend({
}
})
.then((res) => {
let resdata = res.data
let resdata = res
console.log(resdata)
if (resdata.code === 200) {
if (resdata.code === 0) {
that.detail_data = resdata.data;
that.detail_data.ssl = that.detail_data.ssl.toString()
that.formEditData = {...that.detail_data}

8
localwaf/src/pages/waf-log/attack/detail/index.vue
View File

@@ -1,4 +1,4 @@
<template>
<template>
<div class="detail-base">
<t-card title="防御情况" class="container-base-margin-top">
<t-steps class="detail-base-info-steps" layout="horizontal" theme="dot" :current="2">
@@ -84,7 +84,7 @@
</t-card>
</div>
</div>
</template>
<script lang="ts">
import {
@@ -142,9 +142,9 @@
}
})
.then((res) => {
let resdata = res.data
let resdata = res
console.log(resdata)
if (resdata.code === 200) {
if (resdata.code === 0) {
//const { list = [] } = resdata.data.list;

4
localwaf/src/pages/waf-log/attack/index.vue
View File

@@ -214,9 +214,9 @@ export default Vue.extend({
}
})
.then((res) => {
let resdata = res.data
let resdata = res
console.log(resdata)
if (resdata.code === 200) {
if (resdata.code === 0) {
//const { list = [] } = resdata.data.list;

2
main.go
View File

@@ -106,7 +106,7 @@ func main() {
}
break
case host := <-hostChan:
case host := <-global.GWAF_CHAN_HOST:
hostTarget[host.Host+":"+strconv.Itoa(host.Port)].Host.GUARD_STATUS = host.GUARD_STATUS
zlog.Debug("规则", zap.Any("主机", host))

47
model/common/response/response.go
View File

@@ -1,7 +1,54 @@
package response
import (
"github.com/gin-gonic/gin"
"net/http"
)
type Response struct {
Code int `json:"code"`
Data interface{} `json:"data"`
Msg string `json:"msg"`
}
const (
ERROR = 7
SUCCESS = 0
)
func Result(code int, data interface{}, msg string, c *gin.Context) {
// 开始时间
c.JSON(http.StatusOK, Response{
code,
data,
msg,
})
}
func Ok(c *gin.Context) {
Result(SUCCESS, map[string]interface{}{}, "操作成功", c)
}
func OkWithMessage(message string, c *gin.Context) {
Result(SUCCESS, map[string]interface{}{}, message, c)
}
func OkWithData(data interface{}, c *gin.Context) {
Result(SUCCESS, data, "查询成功", c)
}
func OkWithDetailed(data interface{}, message string, c *gin.Context) {
Result(SUCCESS, data, message, c)
}
func Fail(c *gin.Context) {
Result(ERROR, map[string]interface{}{}, "操作失败", c)
}
func FailWithMessage(message string, c *gin.Context) {
Result(ERROR, map[string]interface{}{}, message, c)
}
func FailWithDetailed(data interface{}, message string, c *gin.Context) {
Result(ERROR, data, message, c)
}

11
router/entrance.go Normal file
View File

@@ -0,0 +1,11 @@
package router
type ApiGroup struct {
HostRouter
LogRouter
RuleRouter
EngineRouter
StatRouter
}
var ApiGroupApp = new(ApiGroup)

16
router/waf_engine.go Normal file
View File

@@ -0,0 +1,16 @@
package router
import (
"SamWaf/api"
"github.com/gin-gonic/gin"
)
type EngineRouter struct {
}
func (receiver *EngineRouter) InitEngineRouter(group *gin.RouterGroup) {
engineApi := api.APIGroupAPP.WafEngineApi
wafEngineRouter := group.Group("")
wafEngineRouter.GET("/samwaf/resetWAF", engineApi.ResetWaf)
}

20
router/waf_host.go Normal file
View File

@@ -0,0 +1,20 @@
package router
import (
"SamWaf/api"
"github.com/gin-gonic/gin"
)
type HostRouter struct {
}
func (receiver *HostRouter) InitHostRouter(group *gin.RouterGroup) {
hostApi := api.APIGroupAPP.WafHostAPi
hostRouter := group.Group("")
hostRouter.GET("/samwaf/wafhost/host/list", hostApi.GetListApi)
hostRouter.GET("/samwaf/wafhost/host/detail", hostApi.GetDetailApi)
hostRouter.POST("/samwaf/wafhost/host/add", hostApi.AddApi)
hostRouter.GET("/samwaf/wafhost/host/del", hostApi.DelHostApi)
hostRouter.POST("/samwaf/wafhost/host/edit", hostApi.ModifyHostApi)
hostRouter.POST("/samwaf/wafhost/host/guardstatus", hostApi.ModifyGuardStatusApi)
}

16
router/waf_log.go Normal file
View File

@@ -0,0 +1,16 @@
package router
import (
"SamWaf/api"
"github.com/gin-gonic/gin"
)
type LogRouter struct {
}
func (receiver *LogRouter) InitLogRouter(group *gin.RouterGroup) {
logApi := api.APIGroupAPP.WafLogAPi
wafLogRouter := group.Group("")
wafLogRouter.GET("/samwaf/waflog/attack/list", logApi.GetListApi)
wafLogRouter.GET("/samwaf/waflog/attack/detail", logApi.GetDetailApi)
}

19
router/waf_rule.go Normal file
View File

@@ -0,0 +1,19 @@
package router
import (
"SamWaf/api"
"github.com/gin-gonic/gin"
)
type RuleRouter struct {
}
func (receiver *RuleRouter) InitRuleRouter(group *gin.RouterGroup) {
ruleApi := api.APIGroupAPP.WafRuleAPi
wafRuleRouter := group.Group("")
wafRuleRouter.GET("/samwaf/wafhost/rule/list", ruleApi.GetListApi)
wafRuleRouter.GET("/samwaf/wafhost/rule/detail", ruleApi.GetDetailApi)
wafRuleRouter.POST("/samwaf/wafhost/rule/add", ruleApi.AddApi)
wafRuleRouter.GET("/samwaf/wafhost/rule/del", ruleApi.DelRuleApi)
wafRuleRouter.POST("/samwaf/wafhost/rule/edit", ruleApi.ModifyRuleApi)
}

15
router/waf_stat.go Normal file
View File

@@ -0,0 +1,15 @@
package router
import (
"SamWaf/api"
"github.com/gin-gonic/gin"
)
type StatRouter struct {
}
func (receiver *StatRouter) InitStatRouter(group *gin.RouterGroup) {
statApi := api.APIGroupAPP.WafStatApi
wafStatRouter := group.Group("")
wafStatRouter.GET("/samwaf/wafstat", statApi.StatHomeApi)
}

7
service/waf_service/entrance.go Normal file
View File

@@ -0,0 +1,7 @@
package waf_service
var (
wafLogService = WafLogService{}
wafHostService = WafHostService{}
wafStatService = WafStatService{}
)

101
service/waf_service/waf_host.go Normal file
View File

@@ -0,0 +1,101 @@
package waf_service
import (
"SamWaf/global"
"SamWaf/model"
"SamWaf/model/request"
"errors"
uuid "github.com/satori/go.uuid"
"time"
)
type WafHostService struct{}
var WafHostServiceApp = new(WafHostService)
func (receiver *WafHostService) AddApi(wafHostAddReq request.WafHostAddReq) error {
var wafHost = &model.Hosts{
USER_CODE: global.GWAF_USER_CODE,
Tenant_id: global.GWAF_TENANT_ID,
Code: uuid.NewV4().String(),
Host: wafHostAddReq.Host,
Port: wafHostAddReq.Port,
Ssl: wafHostAddReq.Ssl,
GUARD_STATUS: 0,
REMOTE_SYSTEM: wafHostAddReq.REMOTE_SYSTEM,
REMOTE_APP: wafHostAddReq.REMOTE_APP,
Remote_host: wafHostAddReq.Remote_host,
Remote_port: wafHostAddReq.Remote_port,
Certfile: wafHostAddReq.Certfile,
Keyfile: wafHostAddReq.Keyfile,
REMARKS: wafHostAddReq.REMARKS,
CREATE_TIME: time.Now(),
UPDATE_TIME: time.Now(),
}
global.GWAF_LOCAL_DB.Debug().Create(wafHost)
return nil
}
func (receiver *WafHostService) CheckIsExistApi(wafHostAddReq request.WafHostAddReq) error {
return global.GWAF_LOCAL_DB.First(&model.Hosts{}, "host = ? and port= ?", wafHostAddReq.Host, wafHostAddReq.Port).Error
}
func (receiver *WafHostService) ModifyApi(wafHostEditReq request.WafHostEditReq) error {
var webHost model.Hosts
global.GWAF_LOCAL_DB.Debug().Where("host = ? and port= ?", wafHostEditReq.Host, wafHostEditReq.Port).Find(&webHost)
if webHost.Id != 0 && webHost.Code != wafHostEditReq.CODE {
return errors.New("当前网站和端口已经存在")
}
hostMap := map[string]interface{}{
"Host": wafHostEditReq.Host,
"Port": wafHostEditReq.Port,
"Ssl": wafHostEditReq.Ssl,
//"GUARD_STATUS": 0,
"REMOTE_SYSTEM": wafHostEditReq.REMOTE_SYSTEM,
"REMOTE_APP": wafHostEditReq.REMOTE_APP,
"Remote_host": wafHostEditReq.Remote_host,
"Remote_port": wafHostEditReq.Remote_port,
"REMARKS": wafHostEditReq.REMARKS,
"Certfile": wafHostEditReq.Certfile,
"Keyfile": wafHostEditReq.Keyfile,
"UPDATE_TIME": time.Now(),
}
err := global.GWAF_LOCAL_DB.Debug().Model(model.Hosts{}).Where("CODE=?", wafHostEditReq.CODE).Updates(hostMap).Error
return err
}
func (receiver *WafHostService) GetDetailApi(req request.WafHostDetailReq) model.Hosts {
var webHost model.Hosts
global.GWAF_LOCAL_DB.Debug().Where("CODE=?", req.CODE).Find(&webHost)
return webHost
}
func (receiver *WafHostService) GetDetailByCodeApi(code string) model.Hosts {
var webHost model.Hosts
global.GWAF_LOCAL_DB.Debug().Where("CODE=?", code).Find(&webHost)
return webHost
}
func (receiver *WafHostService) GetListApi(wafHostSearchReq request.WafHostSearchReq) ([]model.Hosts, int64, error) {
var webHosts []model.Hosts
var total int64 = 0
global.GWAF_LOCAL_DB.Debug().Limit(wafHostSearchReq.PageSize).Offset(wafHostSearchReq.PageSize * (wafHostSearchReq.PageIndex - 1)).Find(&webHosts)
global.GWAF_LOCAL_DB.Debug().Model(&model.Hosts{}).Count(&total)
return webHosts, total, nil
}
func (receiver *WafHostService) DelHostApi(req request.WafHostDelReq) error {
var webhost model.Hosts
err := global.GWAF_LOCAL_DB.Where("CODE = ?", req.CODE).First(&webhost).Error
if err != nil {
return err
}
err = global.GWAF_LOCAL_DB.Where("CODE = ?", req.CODE).Delete(model.Hosts{}).Error
return err
}
func (receiver *WafHostService) ModifyGuardStatusApi(req request.WafHostGuardStatusReq) error {
hostMap := map[string]interface{}{
"GUARD_STATUS": req.GUARD_STATUS,
"UPDATE_TIME": time.Now(),
}
err := global.GWAF_LOCAL_DB.Debug().Model(model.Hosts{}).Where("CODE=?", req.CODE).Updates(hostMap).Error
return err
}

32
service/waf_service/waf_log.go Normal file
View File

@@ -0,0 +1,32 @@
package waf_service
import (
"SamWaf/global"
"SamWaf/innerbean"
"SamWaf/model/request"
)
type WafLogService struct{}
var WafLogServiceApp = new(WafLogService)
func (receiver *WafLogService) AddApi(log innerbean.WebLog) error {
global.GWAF_LOCAL_DB.Create(log)
return nil
}
func (receiver *WafLogService) ModifyApi(log innerbean.WebLog) error {
return nil
}
func (receiver *WafLogService) GetDetailApi(wafAttackDetailReq request.WafAttackLogDetailReq) (innerbean.WebLog, error) {
var weblog innerbean.WebLog
global.GWAF_LOCAL_DB.Debug().Where("REQ_UUID=?", wafAttackDetailReq.REQ_UUID).Find(&weblog)
return weblog, nil
}
func (receiver *WafLogService) GetListApi(log request.WafAttackLogSearch) ([]innerbean.WebLog, int64, error) {
var total int64 = 0
var weblogs []innerbean.WebLog
global.GWAF_LOCAL_DB.Debug().Limit(log.PageSize).Offset(log.PageSize * (log.PageIndex - 1)).Order("create_time desc").Find(&weblogs)
global.GWAF_LOCAL_DB.Debug().Model(&innerbean.WebLog{}).Count(&total)
return weblogs, total, nil
}

102
service/waf_service/waf_rule.go Normal file
View File

@@ -0,0 +1,102 @@
package waf_service
import (
"SamWaf/global"
"SamWaf/model"
"SamWaf/model/request"
"errors"
)
type WafRuleService struct{}
var WafRuleServiceApp = new(WafRuleService)
func (receiver *WafRuleService) AddApi(wafRuleAddReq request.WafRuleAddReq, ruleCode string, chsName string, hostCode string, ruleContent string) error {
var wafRule = &model.Rules{
TenantId: global.GWAF_TENANT_ID,
HostCode: hostCode, //网站CODE
RuleCode: ruleCode,
RuleName: chsName,
RuleContent: ruleContent,
RuleContentJSON: wafRuleAddReq.RuleJson, //TODO 后续考虑是否应该再从结构转一次
RuleVersionName: "初版",
RuleVersion: 1,
UserCode: global.GWAF_USER_CODE,
IsPublicRule: 0,
IsManualRule: wafRuleAddReq.IsManualRule,
RuleStatus: 1,
}
global.GWAF_LOCAL_DB.Debug().Create(wafRule)
return nil
}
func (receiver *WafRuleService) CheckIsExistApi(ruleName string, ruleCode string) error {
return global.GWAF_LOCAL_DB.First(&model.Rules{}, "rule_name = ? and rule_code = ?", ruleName, ruleCode).Error
}
func (receiver *WafRuleService) ModifyApi(wafRuleEditReq request.WafRuleEditReq, chsName string, hostCode string, ruleContent string) error {
var rule model.Rules
global.GWAF_LOCAL_DB.Debug().Where("rule_name = ? and host_code= ?",
chsName, hostCode).Find(&rule)
if rule.Id != 0 && rule.RuleCode != wafRuleEditReq.CODE {
return errors.New("当前规则名称已经存在")
}
global.GWAF_LOCAL_DB.Debug().Where("rule_code=?", wafRuleEditReq.CODE).Find(&rule)
ruleMap := map[string]interface{}{
"HostCode": hostCode,
"RuleName": chsName,
"RuleContent": ruleContent,
"RuleContentJSON": wafRuleEditReq.RuleJson,
"RuleVersionName": "初版",
"RuleVersion": rule.RuleVersion + 1,
"User_code": global.GWAF_USER_CODE,
"IsPublicRule": 0,
"IsManualRule": wafRuleEditReq.IsManualRule,
"RuleStatus": "1",
//"UPDATE_TIME": time.Now(),
}
err := global.GWAF_LOCAL_DB.Debug().Model(model.Rules{}).Where("rule_code=?", wafRuleEditReq.CODE).Updates(ruleMap).Error
return err
}
func (receiver *WafRuleService) GetDetailApi(wafRuleDetailReq request.WafRuleDetailReq) model.Rules {
var rules model.Rules
global.GWAF_LOCAL_DB.Debug().Where("RULE_CODE=?", wafRuleDetailReq.CODE).Find(&rules)
return rules
}
func (receiver *WafRuleService) GetDetailByCodeApi(ruleCode string) model.Rules {
var webRule model.Rules
global.GWAF_LOCAL_DB.Debug().Where("rule_code=?", ruleCode).Find(&webRule)
return webRule
}
func (receiver *WafRuleService) GetListApi(wafRuleSearchReq request.WafRuleSearchReq) ([]model.Rules, int64, error) {
var total int64 = 0
var rules []model.Rules
global.GWAF_LOCAL_DB.Debug().Where("user_code=? and rule_status= 1", global.GWAF_USER_CODE).Limit(wafRuleSearchReq.PageSize).Offset(wafRuleSearchReq.PageSize * (wafRuleSearchReq.PageIndex - 1)).Find(&rules)
global.GWAF_LOCAL_DB.Debug().Model(&model.Rules{}).Count(&total)
return rules, total, nil
}
func (receiver *WafRuleService) DelRuleApi(req request.WafRuleDelReq) error {
var rule model.Rules
err := global.GWAF_LOCAL_DB.Where("rule_code = ?", req.CODE).First(&rule).Error
if err != nil {
return errors.New("请检测参数")
}
ruleMap := map[string]interface{}{
"RuleStatus": "999",
"RuleVersion": 999999,
}
err = global.GWAF_LOCAL_DB.Model(model.Rules{}).Where("rule_code = ?", req.CODE).Updates(ruleMap).Error
if err != nil {
return errors.New("删除失败")
}
return nil
}

28
service/waf_service/waf_stat.go Normal file
View File

@@ -0,0 +1,28 @@
package waf_service
import response2 "SamWaf/model/response"
type WafStatService struct{}
var WafStatServiceApp = new(WafStatService)
func (receiver *WafStatService) StatHomeApi() (response2.WafStat, error) {
return response2.WafStat{
AttackCountOfToday: 0,
VisitCountOfToday: 0,
AttackCountOfYesterday: 0,
VisitCountOfYesterday: 0,
AttackCountOfLastWeekToday: 0,
VisitCountOfLastWeekToday: 0,
NormalIpCountOfToday: 0,
IllegalIpCountOfToday: 0,
NormalCountryCountOfToday: 0,
IllegalCountryCountOfToday: 0,
NormalProvinceCountOfToday: 0,
IllegalProvinceCountOfToday: 0,
NormalCityCountOfToday: 0,
IllegalCityCountOfToday: 0,
},
nil
}

12
wafengine.go
View File

@@ -58,12 +58,12 @@ var (
//allCertificate = map[int] map[string] string{}
esHelper utils.EsHelper
phttphandler *baseHandle
hostRuleChan = make(chan []model.Rules, 10) //规则链
engineChan = make(chan int, 10) //引擎链
hostChan = make(chan model.Hosts, 10) //主机链
engineCurrentStatus int = 0 // 当前waf引擎状态
pluginIpRateLimiter *plugin.IPRateLimiter //ip限流
phttphandler *baseHandle
hostRuleChan = make(chan []model.Rules, 10) //规则链
engineChan = make(chan int, 10) //引擎链
//hostChan = make(chan model.Hosts, 10) //主机链
engineCurrentStatus int = 0 // 当前waf引擎状态
pluginIpRateLimiter *plugin.IPRateLimiter //ip限流
)