优化

6 years ago · d9859fd662
parent cf126d5d24
commit d9859fd662
3 changed files with 45 additions and 25 deletions
--- a/plugins/op_waf/index.py
+++ b/plugins/op_waf/index.py
@ -192,7 +192,24 @@ def setObjStatus():
    return public.returnJson(True, '设置成功!')

 def setRetry():
-    pass
+    args = getArgs()
+    data = checkArgs(args, ['retry', 'retry_time','retry_cycle','is_open_global'])
+    if not data[0]:
+        return data[1]
+
+    conf = getJsonPath('config')
+    content = public.readFile(conf)
+    cobj = json.loads(content)
+
+    cobj['retry'] = args
+
+    cjson = public.getJson(cobj)
+    public.writeFile(conf, cjson)
+
+    return public.returnJson(True, '设置成功!', [])
+
+def setSiteRetry():
+    return public.returnJson(True, '设置成功!', [])


 def setObjOpen():
@ -252,6 +269,8 @@ if __name__ == "__main__":
        print setObjOpen()
    elif func == 'set_retry':
        print setRetry()
+    elif func == 'set_site_retry':
+        print setSiteRetry()
    elif func == 'waf_srceen':
        print getWafSrceen()
    elif func == 'waf_conf':
--- a/plugins/op_waf/js/op_waf.js
+++ b/plugins/op_waf/js/op_waf.js
@ -18,7 +18,7 @@ function owPost(method, args, callback){
 function getRuleByName(rule_name, callback){
    owPost('get_rule', {rule_name:rule_name}, function(data){
        callback(data);
-    })
+    });
 }


@ -177,7 +177,7 @@ function setCcRule(cycle, limit, endtime, siteName, increase){

 //设置retry规则
 function setRetry(retry_cycle, retry, retry_time, siteName) {
-    layer.open({
+    create_layer = layer.open({
        type: 1,
        title: "设置恶意容忍规则",
        area: '500px',
@ -226,23 +226,15 @@ function saveRetry(siteName,type) {

    var act = 'set_retry';
    if (siteName != undefined) act = 'set_site_retry';
-    var loadT = layer.msg('正在保存，请稍候..', { icon: 16, time: 0 });
-    $.post('/plugin?action=a&name=btwaf&s=' + act, pdata, function (rdata) {
-        layer.close(loadT);
-        if (rdata.status) {
-            layer.close(create_l);
-            if (siteName != 'undefined') {
-                site_waf_config(siteName, 1);
-            } else {
-                wafconfig();
-            }
-        }
+    owPost(act, pdata, function(data){
+        var rdata = $.parseJSON(data.data);
        layer.msg(rdata.msg, { icon: rdata.status ? 1 : 2 });
+        layer.close(create_layer);
+        wafGloablRefresh(1000);
    });
 }


-
 //URL白名单
 function urlWhite(type) {
    if (type == undefined) {
@ -388,11 +380,14 @@ function setObjConf(ruleName, type) {
                <li>内置规则允许修改,但不可以直接删除,您可以设置规则状态来定义防火墙是否使用此规则</li>\
            </ul></div>'
        });
-        tableFixed("jc-file-table")
+        tableFixed("jc-file-table");
    }
    var loadT = layer.msg('正在获取配置规则，请稍候..', { icon: 16, time: 0 });
-    $.post('/plugin?action=a&name=btwaf&s=get_rule', { ruleName: ruleName }, function (rdata) {
-        layer.close(loadT);
+
+
+    getRuleByName(ruleName, function(data){
+        var tmp = $.parseJSON(data.data);
+        var rdata = $.parseJSON(tmp.data);
        var tbody = ''
        for (var i = 0; i < rdata.length; i++) {
            var removeRule = ''
@ -409,7 +404,7 @@ function setObjConf(ruleName, type) {
                    </td>\
                </tr>'
        }
-        $("#set_obj_conf_con").html(tbody)
+        $("#set_obj_conf_con").html(tbody);
    });
 }

@ -447,6 +442,12 @@ function wafScreen(){
    });
 }

+function wafGloablRefresh(time){
+    setTimeout(function(){
+        wafGloabl();
+    }, time);
+}
+

 function wafGloabl(){
    owPost('waf_conf', {}, function(data){
@ -475,7 +476,7 @@ function wafGloabl(){
                        <td>封锁连续恶意请求，请到站点配置中调整容忍阈值</td>\
                        <td><a class="btlink" onclick="setRequestCode(\'cc\','+ rdata.cc.status + ')">' + rdata.cc.status + '</a></td>\
                        <td style="text-align: center;">--</td>\
-                        <td class="text-right"><a class="btlink" onclick="setRetry('+ rdata.retry_cycle + ',' + rdata.retry + ',' + rdata.retry_time + ')">初始规则</a></td>\
+                        <td class="text-right"><a class="btlink" onclick="setRetry('+ rdata.retry.retry_cycle + ',' + rdata.retry.retry + ',' + rdata.retry.retry_time + ')">初始规则</a></td>\
                    </tr>\
                    <tr>\
                        <td>GET-URI过滤</td>\
@ -491,25 +492,25 @@ function wafGloabl(){
                        <td>GET-参数过滤</td><td>'+ rdata.get.ps + '</td><td><a class="btlink" onclick="setRequestCode(\'get\',' + rdata.get.status + ')">' + rdata.get.status + '</a></td><td><div class="ssh-item">\
                            <input class="btswitch btswitch-ios" id="closeget" type="checkbox" '+ (rdata.get.open ? 'checked' : '') + '>\
                            <label class="btswitch-btn" for="closeget" onclick="setObjOpen(\'get\')"></label>\
-                        </div></td><td class="text-right"><a class="btlink" onclick="set_obj_conf(\'args\')">规则</a> | <a class="btlink" href="javascript:;" onclick="onlineEditFile(0,\''+rdata['reqfile_path']+'/get.html\')">响应内容</a></td>\
+                        </div></td><td class="text-right"><a class="btlink" onclick="setObjConf(\'args\')">规则</a> | <a class="btlink" href="javascript:;" onclick="onlineEditFile(0,\''+rdata['reqfile_path']+'/get.html\')">响应内容</a></td>\
                    </tr>\
                    <tr>\
                        <td>POST过滤</td><td>'+ rdata.post.ps + '</td><td><a class="btlink" onclick="setRequestCode(\'post\',' + rdata.post.status + ')">' + rdata.post.status + '</a></td><td><div class="ssh-item">\
                            <input class="btswitch btswitch-ios" id="closepost" type="checkbox" '+ (rdata.post.open ? 'checked' : '') + '>\
                            <label class="btswitch-btn" for="closepost" onclick="setObjOpen(\'post\')"></label>\
-                        </div></td><td class="text-right"><a class="btlink" onclick="set_obj_conf(\'post\')">规则</a> | <a class="btlink" href="javascript:;" onclick="onlineEditFile(0,\''+rdata['reqfile_path']+'/post.html\')">响应内容</a></td>\
+                        </div></td><td class="text-right"><a class="btlink" onclick="setObjConf(\'post\')">规则</a> | <a class="btlink" href="javascript:;" onclick="onlineEditFile(0,\''+rdata['reqfile_path']+'/post.html\')">响应内容</a></td>\
                    </tr>\
                    <tr>\
                        <td>User-Agent过滤</td><td>'+ rdata['user-agent'].ps + '</td><td><a class="btlink" onclick="setRequestCode(\'user-agent\',' + rdata['user-agent'].status + ')">' + rdata['user-agent'].status + '</a></td><td><div class="ssh-item">\
                            <input class="btswitch btswitch-ios" id="closeua" type="checkbox" '+ (rdata['user-agent'].open ? 'checked' : '') + '>\
                            <label class="btswitch-btn" for="closeua" onclick="setObjOpen(\'user-agent\')"></label>\
-                        </div></td><td class="text-right"><a class="btlink" onclick="set_obj_conf(\'user_agent\')">规则</a> | <a class="btlink" href="javascript:;" onclick="onlineEditFile(0,\''+rdata['reqfile_path']+'/user_agent.html\')">响应内容</a></td>\
+                        </div></td><td class="text-right"><a class="btlink" onclick="setObjConf(\'user_agent\')">规则</a> | <a class="btlink" href="javascript:;" onclick="onlineEditFile(0,\''+rdata['reqfile_path']+'/user_agent.html\')">响应内容</a></td>\
                    </tr>\
                    <tr>\
                        <td>Cookie过滤</td><td>'+ rdata.cookie.ps + '</td><td><a class="btlink" onclick="setRequestCode(\'cookie\',' + rdata.cookie.status + ')">' + rdata.cookie.status + '</a></td><td><div class="ssh-item">\
                            <input class="btswitch btswitch-ios" id="closecookie" type="checkbox" '+ (rdata.cookie.open ? 'checked' : '') + '>\
                            <label class="btswitch-btn" for="closecookie" onclick="setObjOpen(\'cookie\')"></label>\
-                        </div></td><td class="text-right"><a class="btlink" onclick="set_obj_conf(\'cookie\')">规则</a> | <a class="btlink" href="javascript:;" onclick="onlineEditFile(0,\''+rdata['reqfile_path']+'/cookie.html\')">响应内容</a></td>\
+                        </div></td><td class="text-right"><a class="btlink" onclick="setObjConf(\'cookie\')">规则</a> | <a class="btlink" href="javascript:;" onclick="onlineEditFile(0,\''+rdata['reqfile_path']+'/cookie.html\')">响应内容</a></td>\
                    </tr>\
                    <tr>\
                        <td>常见扫描器</td><td>'+ rdata.scan.ps + '</td><td><a class="btlink" onclick="setRequestCode(\'scan\',' + rdata.scan.status + ')">' + rdata.scan.status + '</a></td><td><div class="ssh-item">\
--- a/plugins/op_waf/waf/config.json
+++ b/plugins/op_waf/waf/config.json
@ -1 +1 @@
-{"reqfile_path": "/Users/midoks/Desktop/fwww/server/openresty/nginx/conf/waf/html", "retry": 6, "log": true, "retry_cycle": 60, "scan": {"status": 444, "ps": "\u8fc7\u6ee4\u5e38\u89c1\u626b\u63cf\u6d4b\u8bd5\u5de5\u5177\u7684\u6e17\u900f\u6d4b\u8bd5", "open": true, "reqfile": ""}, "cc": {"status": 444, "ps": "\u8fc7\u8651CC\u653b\u51fb", "limit": 120, "endtime": 300, "open": true, "reqfile": "", "cycle": 60}, "body_character_string": [], "start_time": 1556095983.425878, "get": {"status": 403, "ps": "\u8fc7\u6ee4uri\u3001uri\u53c2\u6570\u4e2d\u5e38\u89c1sql\u6ce8\u5165\u3001xss\u7b49\u653b\u51fb", "open": true, "reqfile": "get.html"}, "body_regular": [], "log_save": 30, "user-agent": {"status": 403, "ps": "\u901a\u5e38\u7528\u4e8e\u8fc7\u6ee4\u6d4f\u89c8\u5668\u3001\u8718\u86db\u53ca\u4e00\u4e9b\u81ea\u52a8\u626b\u63cf\u5668", "open": true, "reqfile": "user_agent.html"}, "logs_path": "/www/wwwlogs/btwaf", "other": {"status": 403, "ps": "\u5176\u5b83\u975e\u901a\u7528\u8fc7\u6ee4", "reqfile": "other.html"}, "cookie": {"status": 403, "ps": "\u8fc7\u6ee4\u5229\u7528Cookie\u53d1\u8d77\u7684\u6e17\u900f\u653b\u51fb", "open": true, "reqfile": "cookie.html"}, "retry_time": 180, "post": {"status": 403, "ps": "\u8fc7\u6ee4POST\u53c2\u6570\u4e2d\u5e38\u89c1sql\u6ce8\u5165\u3001xss\u7b49\u653b\u51fb", "open": true, "reqfile": "post.html"}, "open": true}
+{"reqfile_path": "/Users/midoks/Desktop/fwww/server/openresty/nginx/conf/waf/html", "retry": {"retry_time": "180", "is_open_global": "0", "retry": "6", "retry_cycle": "60"}, "log": true, "retry_cycle": 60, "scan": {"status": 444, "ps": "\u8fc7\u6ee4\u5e38\u89c1\u626b\u63cf\u6d4b\u8bd5\u5de5\u5177\u7684\u6e17\u900f\u6d4b\u8bd5", "open": true, "reqfile": ""}, "cc": {"status": 444, "ps": "\u8fc7\u8651CC\u653b\u51fb", "limit": 120, "endtime": 300, "open": true, "reqfile": "", "cycle": 60}, "body_character_string": [], "start_time": 1556095983.425878, "get": {"status": 403, "ps": "\u8fc7\u6ee4uri\u3001uri\u53c2\u6570\u4e2d\u5e38\u89c1sql\u6ce8\u5165\u3001xss\u7b49\u653b\u51fb", "open": true, "reqfile": "get.html"}, "body_regular": [], "log_save": 30, "user-agent": {"status": 403, "ps": "\u901a\u5e38\u7528\u4e8e\u8fc7\u6ee4\u6d4f\u89c8\u5668\u3001\u8718\u86db\u53ca\u4e00\u4e9b\u81ea\u52a8\u626b\u63cf\u5668", "open": true, "reqfile": "user_agent.html"}, "logs_path": "/www/wwwlogs/btwaf", "other": {"status": 403, "ps": "\u5176\u5b83\u975e\u901a\u7528\u8fc7\u6ee4", "reqfile": "other.html"}, "cookie": {"status": 403, "ps": "\u8fc7\u6ee4\u5229\u7528Cookie\u53d1\u8d77\u7684\u6e17\u900f\u653b\u51fb", "open": true, "reqfile": "cookie.html"}, "retry_time": 180, "post": {"status": 403, "ps": "\u8fc7\u6ee4POST\u53c2\u6570\u4e2d\u5e38\u89c1sql\u6ce8\u5165\u3001xss\u7b49\u653b\u51fb", "open": true, "reqfile": "post.html"}, "open": true}