up

3 years ago · 1411bb1639
parent be875d9d8c
commit 1411bb1639
8 changed files with 120 additions and 17 deletions
--- a/plugins/op_waf/class/luamaker.py
+++ b/plugins/op_waf/class/luamaker.py
@ -0,0 +1,56 @@
+import sys
+import os
+
+
+class luamaker:
+    """
+    lua 处理器
+    """
+    @staticmethod
+    def makeLuaTable(table):
+        """
+        table 转换为 lua table 字符串
+        """
+        _tableMask = {}
+        _keyMask = {}
+
+        def analysisTable(_table, _indent, _parent):
+            if isinstance(_table, tuple):
+                _table = list(_table)
+            if isinstance(_table, list):
+                _table = dict(zip(range(1, len(_table) + 1), _table))
+            if isinstance(_table, dict):
+                _tableMask[id(_table)] = _parent
+                cell = []
+                thisIndent = _indent + "    "
+                for k in _table:
+                    if sys.version_info[0] == 2:
+                        if type(k) not in [int, float, bool, list, dict, tuple]:
+                            k = k.encode()
+
+                    if not (isinstance(k, str) or isinstance(k, int) or isinstance(k, float)):
+                        return
+                    key = isinstance(
+                        k, int) and "[" + str(k) + "]" or "[\"" + str(k) + "\"]"
+                    if _parent + key in _keyMask.keys():
+                        return
+                    _keyMask[_parent + key] = True
+                    var = None
+                    v = _table[k]
+                    if sys.version_info[0] == 2:
+                        if type(v) not in [int, float, bool, list, dict, tuple]:
+                            v = v.encode()
+                    if isinstance(v, str):
+                        var = "\"" + v + "\""
+                    elif isinstance(v, bool):
+                        var = v and "true" or "false"
+                    elif isinstance(v, int) or isinstance(v, float):
+                        var = str(v)
+                    else:
+                        var = analysisTable(v, thisIndent, _parent + key)
+                    cell.append(thisIndent + key + " = " + str(var))
+                lineJoin = ",\n"
+                return "{\n" + lineJoin.join(cell) + "\n" + _indent + "}"
+            else:
+                pass
+        return analysisTable(table, "", "root")
--- a/plugins/op_waf/conf/luawaf.conf
+++ b/plugins/op_waf/conf/luawaf.conf
@ -1,7 +1,7 @@
 lua_shared_dict limit 30m;
 lua_shared_dict drop_ip 10m;
 lua_shared_dict drop_sum 10m;
-lua_package_path "{$WAF_PATH}/lua/?.lua;{$ROOT_PATH}/openresty/lualib/?.lua;;";
+lua_package_path "{$WAF_PATH}/conf/?.lua;{$WAF_PATH}/lua/?.lua;{$ROOT_PATH}/openresty/lualib/?.lua;;";


 init_worker_by_lua_file {$WAF_PATH}/lua/init_worker.lua;
--- a/plugins/op_waf/index.py
+++ b/plugins/op_waf/index.py
@ -52,6 +52,16 @@ def checkArgs(data, ck=[]):
    return (True, mw.returnJson(True, 'ok'))


+sys.path.append(getPluginDir() + "/class")
+from luamaker import luamaker
+
+
+def listToLuaFile(path, lists):
+    content = luamaker.makeLuaTable(lists)
+    content = "return " + content
+    mw.writeFile(path, content)
+
+
 def getConf():
    path = mw.getServerDir() + "/openresty/nginx/conf/nginx.conf"
    return path
@ -211,6 +221,36 @@ def contentReplace(content):
    return content


+def autoMakeLuaConfSingle(file):
+    path = getServerDir() + "/waf/rule/" + file + ".json"
+    to_path = getServerDir() + "/waf/conf/" + file + ".lua"
+    content = mw.readFile(path)
+    # print(content)
+    content = json.loads(content)
+    listToLuaFile(to_path, content)
+
+
+def autoMakeLuaImportSingle(file):
+    path = getServerDir() + "/waf/" + file + ".json"
+    to_path = getServerDir() + "/waf/conf/" + file + ".lua"
+    content = mw.readFile(path)
+    # print(content)
+    content = json.loads(content)
+    listToLuaFile(to_path, content)
+
+
+def autoMakeLuaConf():
+    conf_list = ['args', 'cookie', 'ip_black', 'ip_white',
+                 'ipv6_black', 'post', 'scan_black', 'url',
+                 'user_agent']
+    for x in conf_list:
+        autoMakeLuaConfSingle(x)
+
+    import_list = ['config', 'site']
+    for x in import_list:
+        autoMakeLuaImportSingle(x)
+
+
 def initDreplace():

    path = getServerDir()
@ -259,6 +299,7 @@ def initDreplace():
    initDomainInfo()
    initSiteInfo()
    initTotalInfo()
+    autoMakeLuaConf()

    if not mw.isAppleSystem():
        mw.execShell("chown -R www:www " + path)
--- a/plugins/op_waf/t/ngx_demo.sh
+++ b/plugins/op_waf/t/ngx_demo.sh
@ -6,6 +6,8 @@

 pid=`ps -ef|grep openresty | grep -v grep | awk '{print $2}'`

+
+# perf record -F 99 -p 45266 -g -- sleep 60 
 perf record -F 99 -p $pid -g -- sleep 60

 perf script -i perf.data &> perf.unfold
--- a/plugins/op_waf/t/test.sh
+++ b/plugins/op_waf/t/test.sh
@ -22,7 +22,7 @@ python3 index.py

 # yum -y kernel-devel kernel-headers gcc elfutils
 # stap -ve 'probe begin { log("hello systemtap!") exit() }'
-stap -e 'probe vfs.add_to_page_cache {printf("dev=%d, devname=%s, ino=%d, index=%d, nrpages=%d\n", dev, devname, ino, index, nrpages )}'
+# stap -e 'probe vfs.add_to_page_cache {printf("dev=%d, devname=%s, ino=%d, index=%d, nrpages=%d\n", dev, devname, ino, index, nrpages )}'
 # git clone https://github.com/openresty/openresty-systemtap-toolkit
 # http://openresty.org/en/build-systemtap.html

@ -33,22 +33,22 @@ stap -e 'probe vfs.add_to_page_cache {printf("dev=%d, devname=%s, ino=%d, index=
 # ./ngx-active-reqs -p 383774


-wget -O kernel-debuginfo-$(uname -r).rpm http://debuginfo.centos.org/8/x86_64/kernel-debuginfo-$(uname -r).rpm
+# wget -O kernel-debuginfo-$(uname -r).rpm http://debuginfo.centos.org/8/x86_64/kernel-debuginfo-$(uname -r).rpm

-wget -O kernel-debuginfo-4.18.0-348.el8.x86_64.rpm http://debuginfo.centos.org/8/x86_64/Packages/kernel-debuginfo-4.18.0-348.el8.x86_64.rpm
-wget -O kernel-debuginfo-common-x86_64-4.18.0-348.el8.x86_64.rpm http://debuginfo.centos.org/8/x86_64/Packages/kernel-debuginfo-common-x86_64-4.18.0-348.el8.x86_64.rpm
+# wget -O kernel-debuginfo-4.18.0-348.el8.x86_64.rpm http://debuginfo.centos.org/8/x86_64/Packages/kernel-debuginfo-4.18.0-348.el8.x86_64.rpm
+# wget -O kernel-debuginfo-common-x86_64-4.18.0-348.el8.x86_64.rpm http://debuginfo.centos.org/8/x86_64/Packages/kernel-debuginfo-common-x86_64-4.18.0-348.el8.x86_64.rpm

-rpm -ivh kernel-debuginfo-4.18.0-348.el8.x86_64.rpm
-rpm -ivh kernel-debuginfo-common-x86_64-4.18.0-348.el8.x86_64.rpm
+# rpm -ivh kernel-debuginfo-4.18.0-348.el8.x86_64.rpm
+# rpm -ivh kernel-debuginfo-common-x86_64-4.18.0-348.el8.x86_64.rpm
 # uname -r 

 # yum install kernel-devel-4.18.0-358.el8.x86_64
 # yum install kernel-debuginfo-4.18.0-358.el8.x86_64

-yum search kernel-debuginfo
-kernel-devel
+# yum search kernel-debuginfo
+# kernel-devel

-rpm -ivh kernel-debuginfo-4.18.0-358.el8.x86_64
+# rpm -ivh kernel-debuginfo-4.18.0-358.el8.x86_64
 # yum install systemtap -y
 # yum install perf -y

@ -56,11 +56,11 @@ rpm -ivh kernel-debuginfo-4.18.0-358.el8.x86_64
 # perf record -F 99  -p 4452 -g -o test.data -- sleep 100


-perf record -F 99  -p 153145 -g -o test.data -- sleep 100
+# perf record -F 99  -p 153145 -g -o test.data -- sleep 100

-perf script -i test.data &> perf.unfold
-./FlameGraph/stackcollapse-perf.pl perf.unfold &> perf.folded
-./FlameGraph/flamegraph.pl perf.folded > perf.svg
+# perf script -i test.data &> perf.unfold
+# ./FlameGraph/stackcollapse-perf.pl perf.unfold &> perf.folded
+# ./FlameGraph/flamegraph.pl perf.folded > perf.svg

 #
 # git clone https://github.com/brendangregg/FlameGraph.git
--- a/plugins/op_waf/waf/conf/readme.md
+++ b/plugins/op_waf/waf/conf/readme.md
@ -0,0 +1 @@
+自动生成配置文件
--- a/plugins/op_waf/waf/lua/init.lua
+++ b/plugins/op_waf/waf/lua/init.lua
@ -6,11 +6,15 @@ local C = __C:new()

 local waf_root = "{$WAF_ROOT}"

-config = C:read_file_body_decode(waf_root.."/waf/"..'config.json')
-local site_config = C:read_file_body_decode(waf_root.."/waf/"..'site.json')
+-- config = C:read_file_body_decode(waf_root.."/waf/"..'config.json')
+local config = require "config"
+-- config = C:read_file_body_decode(waf_root.."/waf/"..'site.json')
+local site_config = require "site"
 C:setConfData(config, site_config)
 C:setDebug(true)

+-- C:D("conf"..C:to_json(config))
+

 local get_html = C:read_file_body(config["reqfile_path"] .. '/' .. config["get"]["reqfile"])
 local post_html = C:read_file_body(config["reqfile_path"] .. '/' .. config["post"]["reqfile"])
--- a/plugins/webstats/install.sh
+++ b/plugins/webstats/install.sh
@ -89,7 +89,6 @@ Install_App()
 	# https://github.com/P3TERX/GeoLite.mmdb
 	pip install geoip2
 	if [ ! -f $serverPath/webstats/GeoLite2-City.mmdb ];then
-		# pip install geoip2
 		wget --no-check-certificate -O $serverPath/webstats/GeoLite2-City.mmdb https://git.io/GeoLite2-City.mmdb
 	fi