From 64601e42c1170c9c43986f1a594642c84dce6c75 Mon Sep 17 00:00:00 2001
From: midoks <midoks@163.com>
Date: Sat, 15 Oct 2022 23:16:25 +0800
Subject: [PATCH] up

---
 plugins/op_waf/conf/luawaf.conf       |  1 -
 plugins/op_waf/index.py               |  7 +++++
 plugins/op_waf/install.sh             |  4 ++-
 plugins/op_waf/tool_task.py           | 23 ++++++++++-----
 plugins/op_waf/waf/lua/common.lua     | 41 +++++++--------------------
 plugins/op_waf/waf/lua/init.lua       |  3 ++
 plugins/op_waf/waf/lua/waf.lua        |  1 -
 plugins/op_waf/waf/wafconf/blockip    |  1 -
 plugins/op_waf/waf/wafconf/post       | 18 ------------
 plugins/op_waf/waf/wafconf/returnhtml | 39 -------------------------
 plugins/op_waf/waf/wafconf/url        |  9 ------
 plugins/op_waf/waf/wafconf/user-agent |  1 -
 plugins/op_waf/waf/wafconf/whiteip    |  2 --
 13 files changed, 39 insertions(+), 111 deletions(-)
 delete mode 100644 plugins/op_waf/waf/lua/waf.lua
 delete mode 100644 plugins/op_waf/waf/wafconf/blockip
 delete mode 100644 plugins/op_waf/waf/wafconf/post
 delete mode 100644 plugins/op_waf/waf/wafconf/returnhtml
 delete mode 100644 plugins/op_waf/waf/wafconf/url
 delete mode 100644 plugins/op_waf/waf/wafconf/user-agent
 delete mode 100644 plugins/op_waf/waf/wafconf/whiteip

diff --git a/plugins/op_waf/conf/luawaf.conf b/plugins/op_waf/conf/luawaf.conf
index 1e196d8d9..167206b49 100755
--- a/plugins/op_waf/conf/luawaf.conf
+++ b/plugins/op_waf/conf/luawaf.conf
@@ -7,4 +7,3 @@ init_worker_by_lua_file {$WAF_PATH}/lua/init_worker.lua;
 access_by_lua_file  {$WAF_PATH}/lua/init.lua;
 
 # init_by_lua_file  {$WAF_PATH}/lua/init.lua;
-# access_by_lua_file {$WAF_PATH}/lua/waf.lua;
diff --git a/plugins/op_waf/index.py b/plugins/op_waf/index.py
index 13f981bec..c561c4500 100755
--- a/plugins/op_waf/index.py
+++ b/plugins/op_waf/index.py
@@ -329,6 +329,9 @@ def start():
     conf = conf.replace('#include luawaf.conf;', "include luawaf.conf;")
     mw.writeFile(path, conf)
 
+    import tool_task
+    tool_task.createBgTask()
+
     mw.restartWeb()
     return 'ok'
 
@@ -339,6 +342,10 @@ def stop():
     conf = conf.replace('include luawaf.conf;', "#include luawaf.conf;")
 
     mw.writeFile(path, conf)
+
+    import tool_task
+    tool_task.removeBgTask()
+
     mw.restartWeb()
     return 'ok'
 
diff --git a/plugins/op_waf/install.sh b/plugins/op_waf/install.sh
index 5ab5a09bb..b11bc9e03 100755
--- a/plugins/op_waf/install.sh
+++ b/plugins/op_waf/install.sh
@@ -27,7 +27,9 @@ Install_of(){
 Uninstall_of(){
 
 	cd ${rootPath} && python3 ${rootPath}/plugins/op_waf/index.py stop
-	rm -rf $serverPath/op_waf
+	if [ "$?" == "0" ];then
+		rm -rf $serverPath/op_waf
+	fi
 }
 
 
diff --git a/plugins/op_waf/tool_task.py b/plugins/op_waf/tool_task.py
index 8c6b6321c..43e7263db 100644
--- a/plugins/op_waf/tool_task.py
+++ b/plugins/op_waf/tool_task.py
@@ -52,7 +52,7 @@ def createBgTask():
     removeBgTask()
     args = {
         "period": "minute-n",
-        "minute-n": "3",
+        "minute-n": "1",
     }
     createBgTaskByName(getPluginName(), args)
 
@@ -71,7 +71,7 @@ def createBgTaskByName(name, args):
             print("计划任务已经存在!")
             return True
     import crontab_api
-    api = crontab_api.crontab_api()
+    cron_api = crontab_api.crontab_api()
 
     period = args['period']
     _hour = ''
@@ -87,16 +87,18 @@ def createBgTaskByName(name, args):
         _where1 = args['minute-n']
         _minute = ''
 
+    mw_dir = mw.getRunDir()
     cmd = '''
+mw_dir=%s
 rname=%s
 plugin_path=%s
 script_path=%s
 logs_file=$plugin_path/${rname}.log
-''' % (name, getServerDir(), getPluginDir())
+''' % (mw_dir, name, getServerDir(), getPluginDir())
     cmd += 'echo "★【`date +"%Y-%m-%d %H:%M:%S"`】 STSRT★" >> $logs_file' + "\n"
     cmd += 'echo ">>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>" >> $logs_file' + "\n"
-    cmd += 'echo "python3 $script_path/tool_task.py run >> $logs_file 2>&1"' + "\n"
-    cmd += 'python3 $script_path/tool_task.py run >> $logs_file 2>&1' + "\n"
+    cmd += 'echo "cd $mw_dir && source bin/activate && python3 $script_path/tool_task.py run >> $logs_file 2>&1"' + "\n"
+    cmd += 'cd $mw_dir && source bin/activate && python3 $script_path/tool_task.py run >> $logs_file 2>&1' + "\n"
     cmd += 'echo "【`date +"%Y-%m-%d %H:%M:%S"`】 END★" >> $logs_file' + "\n"
     cmd += 'echo "<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<" >> $logs_file' + "\n"
 
@@ -115,7 +117,7 @@ logs_file=$plugin_path/${rname}.log
         'urladdress': '',
     }
 
-    task_id = api.add(params)
+    task_id = cron_api.add(params)
     if task_id > 0:
         cfg["task_id"] = task_id
         cfg["name"] = name
@@ -144,8 +146,15 @@ def removeBgTask():
     return False
 
 
+def getCpuUsed():
+    import psutil
+    used = psutil.cpu_percent(interval=1)
+    path = getServerDir() + "/cpu.info"
+    mw.writeFile(path, str(int(used)))
+
+
 def run():
-    print('op lua run ok')
+    getCpuUsed()
 
 if __name__ == "__main__":
     if len(sys.argv) > 1:
diff --git a/plugins/op_waf/waf/lua/common.lua b/plugins/op_waf/waf/lua/common.lua
index 3f74d9b76..113455cc0 100644
--- a/plugins/op_waf/waf/lua/common.lua
+++ b/plugins/op_waf/waf/lua/common.lua
@@ -4,9 +4,9 @@ local _M = { _VERSION = '0.02' }
 local mt = { __index = _M }
 
 local json = require "cjson"
-local ngx_match = ngx.re.find
 
-local debug_mode = true
+local ngx_match = ngx.re.find
+local debug_mode = false
 
 local waf_root = "{$WAF_ROOT}"
 local cpath = waf_root.."/waf/"
@@ -259,24 +259,6 @@ function _M.write_to_file(self, logstr)
 end
 
 
-function _M.write_drop_ip(self, is_drop, drop_time)
-    local filename = self.logdir .. 'waf_drop_ip.log'
-
-    local fp = io.open(filename,'ab')
-    local server_name = self.params["server_name"]
-    local ip = self.params["server_name"]
-    local request_uri = self.params["request_uri"]
-
-    if fp == nil then return false end
-    local logtmp = {os.time(),ip,server_name,request_uri,drop_time,is_drop}
-    local logstr = json.encode(logtmp) .. "\n"
-    fp:write(logstr)
-    fp:flush()
-    fp:close()
-    return true
-end
-
-
 function _M.continue_key(self,key)
     key = tostring(key)
     if string.len(key) > 64 then return false end;
@@ -525,7 +507,6 @@ function _M.write_log(self, name, rule)
 
     local count = ngx.shared.waf_drop_ip:get(ip)
 
-    self:D("count:"..tostring(count))
     if (count > retry) then
         local safe_count,_ = ngx.shared.waf_drop_sum:get(ip)
         if not safe_count then
@@ -539,25 +520,23 @@ function _M.write_log(self, name, rule)
         local logtmp = {
             ngx.localtime(),
             ip,
-            method,ngx.var.request_uri, 
-            ngx.var.http_user_agent, 
-            name, 
+            method,ngx.var.request_uri,
+            ngx.var.http_user_agent,
+            name,
             retry_cycle .. '秒以内累计超过'..retry..'次以上非法请求,封锁'.. lock_time ..'秒'
         }
         local logstr = json.encode(logtmp) .. "\n"
         retry_times = retry + 1
         ngx.shared.waf_drop_ip:set(ip, retry_times, lock_time)
-
-        self:write_drop_ip('inc',lock_time)
         self:write_to_file(logstr)
     else
         local logtmp = {
             ngx.localtime(),
-            ip, 
-            method, 
-            ngx.var.request_uri, 
-            ngx.var.http_user_agent, 
-            name, 
+            ip,
+            method,
+            ngx.var.request_uri,
+            ngx.var.http_user_agent,
+            name,
             rule
         }
         local logstr = json.encode(logtmp) .. "\n"
diff --git a/plugins/op_waf/waf/lua/init.lua b/plugins/op_waf/waf/lua/init.lua
index 601023725..4a320b44f 100644
--- a/plugins/op_waf/waf/lua/init.lua
+++ b/plugins/op_waf/waf/lua/init.lua
@@ -13,6 +13,9 @@ local config_domains = require "domains"
 C:setConfData(config, site_config)
 C:setDebug(true)
 
+-- local ngx_os = require "os"
+-- C:("msss".. ngx_os.name)
+
 
 local get_html = require "html_get"
 local post_html = require "html_post"
diff --git a/plugins/op_waf/waf/lua/waf.lua b/plugins/op_waf/waf/lua/waf.lua
deleted file mode 100644
index d86c145a1..000000000
--- a/plugins/op_waf/waf/lua/waf.lua
+++ /dev/null
@@ -1 +0,0 @@
-waf()
\ No newline at end of file
diff --git a/plugins/op_waf/waf/wafconf/blockip b/plugins/op_waf/waf/wafconf/blockip
deleted file mode 100644
index 7cefeda0f..000000000
--- a/plugins/op_waf/waf/wafconf/blockip
+++ /dev/null
@@ -1 +0,0 @@
-10.0.68.75
diff --git a/plugins/op_waf/waf/wafconf/post b/plugins/op_waf/waf/wafconf/post
deleted file mode 100644
index 1f0a492e1..000000000
--- a/plugins/op_waf/waf/wafconf/post
+++ /dev/null
@@ -1,18 +0,0 @@
-select.+(from|limit)
-(?:(union(.*?)select))
-\b(or|xor|and)\b.*(=|<|>|'|")
-having|load_file
-sleep\((\s*)(\d*)(\s*)\)
-benchmark\((.*)\,(.*)\)
-base64_decode\(
-(?:from\W+information_schema\W)
-into(\s+)+(?:dump|out)file\s*
-group\s+by.+\(
-xwork.MethodAccessor
-(?:define|eval|file_get_contents|include|require|require_once|shell_exec|phpinfo|system|passthru|preg_\w+|execute|echo|print|print_r|var_dump|(fp)open|alert|showmodaldialog)\(
-xwork\.MethodAccessor
-(gopher|doc|php|glob|file|phar|zlib|ftp|ldap|dict|ogg|data)\:\/
-java\.lang
-\$_(GET|post|cookie|files|session|env|phplib|GLOBALS|SERVER)\[
-\<(iframe|script|body|img|layer|div|meta|style|base|object|input)
-(onmouseover|onerror|onload)\=
diff --git a/plugins/op_waf/waf/wafconf/returnhtml b/plugins/op_waf/waf/wafconf/returnhtml
deleted file mode 100644
index 90685778f..000000000
--- a/plugins/op_waf/waf/wafconf/returnhtml
+++ /dev/null
@@ -1,39 +0,0 @@
-<!doctype html>
-<html>
-<head>
-<meta charset="utf-8">
-<title>网站防火墙</title>
-<style>
-*{margin:0;padding:0;color:#444}
-body{font-size:14px;font-family:"宋体"}
-.main{width:600px;margin:10% auto;}
-.title{background: #20a53a;color: #fff;font-size: 16px;height: 40px;line-height: 40px;padding-left: 20px;}
-.content{background-color:#f3f7f9; height:280px;border:1px dashed #c6d9b6;padding:20px}
-.t1{border-bottom: 1px dashed #c6d9b6;color: #ff4000;font-weight: bold; margin: 0 0 20px; padding-bottom: 18px;}
-.t2{margin-bottom:8px; font-weight:bold}
-ol{margin:0 0 20px 22px;padding:0;}
-ol li{line-height:30px}
-</style>
-</head>
-
-<body>
-	<div class="main">
-		<div class="title">网站防火墙</div>
-		<div class="content">
-			<p class="t1">您的请求带有不合法参数，已被网站管理员设置拦截！</p>
-			<p class="t2">可能原因：</p>
-			<ol>
-				<li>您提交的内容包含危险的攻击请求</li>
-			</ol>
-			<p class="t2">如何解决：</p>
-			<ol>
-				<li>检查提交内容；</li>
-				<li>如网站托管，请联系空间提供商；</li>
-				<li>普通网站访客，请联系网站管理员；</li>
-				<li>这是误报，请联系网站管理员；</li>
-			</ol>
-		</div>
-	</div>
-</body>
-</html>
-
diff --git a/plugins/op_waf/waf/wafconf/url b/plugins/op_waf/waf/wafconf/url
deleted file mode 100644
index b5e3c6774..000000000
--- a/plugins/op_waf/waf/wafconf/url
+++ /dev/null
@@ -1,9 +0,0 @@
-\.(svn|htaccess|mysql_history|bash_history|git|DS_Store|idea|user\.ini)
-\.(bak|inc|old|mdb|sh|sql|php~|swp|java|class)$
-(vhost|bbs|host|wwwroot|www|site|root|backup|data|ftp|db|admin|website|web).*\.(rar|sql|zip|tar\.gz|tar)
-(elastic|jmx-console|jmxinvokerservlet)
-java\.lang
-/CSV/
-/(hack|shell|spy|phpspy)\.php$
-(manager|host-manager)/html$
-/(attachments|upimg|images|css|uploadfiles|html|uploads|templets|static|template|data|forumdata|upload|includes|cache|avatar)/(\\w+).(php|jsp)
diff --git a/plugins/op_waf/waf/wafconf/user-agent b/plugins/op_waf/waf/wafconf/user-agent
deleted file mode 100644
index f2c231cf5..000000000
--- a/plugins/op_waf/waf/wafconf/user-agent
+++ /dev/null
@@ -1 +0,0 @@
-(HTTrack|Apache-HttpClient|harvest|audit|dirbuster|pangolin|nmap|sqln|hydra|Parser|libwww|BBBike|sqlmap|w3af|owasp|Nikto|fimap|havij|zmeu|BabyKrokodil|netsparker|httperf|bench| SF/)
diff --git a/plugins/op_waf/waf/wafconf/whiteip b/plugins/op_waf/waf/wafconf/whiteip
deleted file mode 100644
index b729147d4..000000000
--- a/plugins/op_waf/waf/wafconf/whiteip
+++ /dev/null
@@ -1,2 +0,0 @@
-127.0.0.1
-^192\.168\.