From 897c28034dcd80cfdbc4f14a5706430e9a048594 Mon Sep 17 00:00:00 2001 From: midoks Date: Thu, 13 Oct 2022 22:18:57 +0800 Subject: [PATCH] up --- plugins/op_waf/index.py | 4 ++-- plugins/op_waf/t/index.py | 4 ++-- plugins/op_waf/waf/lua/common.lua | 12 +++++++----- plugins/op_waf/waf/lua/init.lua | 23 +++++++++++++++++++++-- 4 files changed, 32 insertions(+), 11 deletions(-) diff --git a/plugins/op_waf/index.py b/plugins/op_waf/index.py index a94db4c2b..13f981bec 100755 --- a/plugins/op_waf/index.py +++ b/plugins/op_waf/index.py @@ -258,7 +258,7 @@ def autoMakeLuaConf(): for x in conf_list: autoMakeLuaConfSingle(x) - import_list = ['config', 'site'] + import_list = ['config', 'site', 'domains'] for x in import_list: autoMakeLuaImportSingle(x) @@ -772,7 +772,7 @@ def setSiteRetry(): def setCcConf(): args = getArgs() data = checkArgs(args, ['siteName', 'cycle', 'limit', - 'endtime', 'is_open_global', 'increase']) + 'endtime', 'is_open_global']) if not data[0]: return data[1] diff --git a/plugins/op_waf/t/index.py b/plugins/op_waf/t/index.py index 63cb5c4f1..96415d835 100644 --- a/plugins/op_waf/t/index.py +++ b/plugins/op_waf/t/index.py @@ -197,9 +197,9 @@ def test_OK(): def test_start(): - # test_OK() + test_OK() # test_Dir() - test_UA() + # test_UA() # test_POST() # test_scan() # test_CC() diff --git a/plugins/op_waf/waf/lua/common.lua b/plugins/op_waf/waf/lua/common.lua index 98f7de3ad..68b9008bf 100644 --- a/plugins/op_waf/waf/lua/common.lua +++ b/plugins/op_waf/waf/lua/common.lua @@ -500,11 +500,13 @@ end function _M.write_log(self, name, rule) + local config = self.config local ip = self.params['ip'] - local retry = self.config['retry']['retry'] - local retry_time = self.config['retry']['retry_time'] - local retry_cycle = self.config['retry']['retry_cycle'] + + local retry = config['retry']['retry'] + local retry_time = config['retry']['retry_time'] + local retry_cycle = config['retry']['retry_cycle'] local count, _ = ngx.shared.drop_ip:get(ip) if count then @@ -513,8 +515,8 @@ function _M.write_log(self, name, rule) ngx.shared.drop_ip:set(ip,1,retry_cycle) end - if self.config['log'] ~= true or self:is_site_config('log') ~= true then return false end - local method = ngx.req.get_method() + if config['log'] ~= true or self:is_site_config('log') ~= true then return false end + local method = self.params['method'] if error_rule then rule = error_rule error_rule = nil diff --git a/plugins/op_waf/waf/lua/init.lua b/plugins/op_waf/waf/lua/init.lua index f8c4c9dde..dd82a3f47 100644 --- a/plugins/op_waf/waf/lua/init.lua +++ b/plugins/op_waf/waf/lua/init.lua @@ -27,7 +27,26 @@ local user_agent_rules = require "rule_user_agent" local post_rules = require "rule_post" local cookie_rules = require "rule_cookie" -local server_name = string.gsub(C:get_server_name(),'_','.') + +function get_server_name() + local request_name = ngx.var.server_name + -- local my_name = ngx.shared.limit:get(c_name) + -- if my_name then return my_name end + local config_domains = require "domains" + for _,v in ipairs(config_domains) + do + for _,cd_name in ipairs(v['domains']) + do + if request_name == cd_name then + -- ngx.shared.limit:set(c_name,v['name'],3600) + return v['name'] + end + end + end + return request_name +end + +local server_name = string.gsub(get_server_name(),'_','.') local function initParams() local data = {} @@ -161,7 +180,7 @@ end local function waf_get_args() if not config['get']['open'] or not C:is_site_config('get') then return false end - if C:is_ngx_match(args_rules, params['uri_request_args'],'args') then + if C:ngx_match_list(args_rules, params['uri_request_args']) then C:write_log('args','regular') C:return_html(config['get']['status'], get_html) return true