waf debug1

class/core/config_api.py

@@ -15,7 +15,7 @@ from flask import request
 
 class config_api:
 
-    __version = '0.9.13'
+    __version = '0.9.13.1'
 
     def __init__(self):
         pass

plugins/op_waf/waf/lua/common.lua

@@ -15,7 +15,6 @@ local rpath = cpath.."/rule/"
 
 function _M.new(self)
 
-
     local self = {
         waf_root = waf_root,
         cpath = cpath,
@@ -26,7 +25,6 @@ function _M.new(self)
         server_name = '',
         params = nil
     }
-
     return setmetatable(self, mt)
 end
 
@@ -518,6 +516,35 @@ function _M.write_log(self, name, rule)
 end
 
 
+function _M.get_real_ip(self, server_name)
+    local client_ip = "unknown"
+    self:D("client_ip[0]:"..client_ip)
+    if self.site_config[server_name] then
+        if self.site_config[server_name]['cdn'] then
+            for _,v in ipairs(self.site_config[server_name]['cdn_header'])
+            do
+                if request_header[v] ~= nil and request_header[v] ~= "" then
+                    local header_tmp = request_header[v]
+                    if type(header_tmp) == "table" then header_tmp = header_tmp[1] end
+                    client_ip = split(header_tmp,',')[1]
+                    break;
+                end
+            end 
+        end
+    end
+
+    if string.match(client_ip,"%d+%.%d+%.%d+%.%d+") == nil or not self:is_ipaddr(client_ip) then
+        client_ip = ngx.var.remote_addr
+        self:D("client_ip[2]:"..client_ip)
+        if client_ip == nil then
+            client_ip = "unknown"
+        end
+    end
+
+    self:D("client_ip:"..client_ip)
+    return client_ip
+end
+
 function _M.get_client_ip(self)
     local client_ip = "unknown"
     local server_name = self.params['server_name']

plugins/op_waf/waf/lua/init.lua

@@ -9,7 +9,7 @@ local waf_root = "{$WAF_ROOT}"
 config = C:read_file_body_decode(waf_root.."/waf/"..'config.json')
 local site_config = C:read_file_body_decode(waf_root.."/waf/"..'site.json')
 C:setConfData(config, site_config)
-
+C:setDebug(true)
 
 
 local get_html = C:read_file_body(config["reqfile_path"] .. '/' .. config["get"]["reqfile"])
@@ -25,14 +25,12 @@ local cookie_rules = C:read_file('cookie')
 
 
 local server_name = string.gsub(C:get_server_name(),'_','.')
-
-
--- C:D("sss:"..C:get_server_name())
 function initParams()
     local data = {}
     data['server_name'] = server_name
-    -- data['ip'] = C:get_client_ip()
-    -- data['ipn'] = C:arrip(data['ip'])
+    C:D("server_name:init")
+    data['ip'] = C:get_real_ip(server_name)
+    data['ipn'] = C:arrip(data['ip'])
     data['request_header'] = ngx.req.get_headers()
     data['uri'] = ngx.unescape_uri(ngx.var.uri)
     data['uri_request_args'] = ngx.req.get_uri_args()
@@ -44,12 +42,10 @@ end
 
 local params = initParams()
 C:setParams(params)
-C:setDebug(true)
 
-local server_name = params["server_name"]
-params['ip'] = C:get_client_ip()
-params['ipn'] = C:arrip(params['ip'])
-C:D(server_name)
+
+C:D("server_name:"..server_name)
+C:D("ip demo:".. params['ip'])
 
 function get_return_state(rstate,rmsg)
     result = {}
@@ -60,6 +56,9 @@ end
 
 function get_waf_drop_ip()
     local data =  ngx.shared.drop_ip:get_keys(0)
+
+    C:D("[get_waf_drop_ip]data:"..data)
+
     return data
 end