From f980dba7ed5623f623c17acce4c5ba793dd2a4a4 Mon Sep 17 00:00:00 2001 From: midoks Date: Sat, 22 Oct 2022 21:36:12 +0800 Subject: [PATCH] up --- plugins/op_waf/index.py | 2 +- plugins/op_waf/js/op_waf.js | 10 +++- plugins/op_waf/waf/lua/common.lua | 18 ++++++ plugins/op_waf/waf/lua/init.lua | 99 +++++++++++++++---------------- 4 files changed, 74 insertions(+), 55 deletions(-) diff --git a/plugins/op_waf/index.py b/plugins/op_waf/index.py index 6bcc74335..9f26d8b15 100755 --- a/plugins/op_waf/index.py +++ b/plugins/op_waf/index.py @@ -146,7 +146,7 @@ def initSiteInfo(): site_contents_new[name] = site_contents[name] else: tmp = {} - tmp['cdn'] = True + tmp['cdn'] = False tmp['log'] = True tmp['get'] = True tmp['post'] = True diff --git a/plugins/op_waf/js/op_waf.js b/plugins/op_waf/js/op_waf.js index d61fd7447..c3b2bf1af 100755 --- a/plugins/op_waf/js/op_waf.js +++ b/plugins/op_waf/js/op_waf.js @@ -1632,7 +1632,7 @@ function wafSite(){ \ \ \ - 日志 | 设置\ + 日志 | 设置\ '; }); @@ -1769,12 +1769,18 @@ function wafLogs(){ \ \ \ +
\ \
\ '; $(".soft-man-con").html(html); // wafLogRequest(1); + $("#UncoverAll").click(function(){ + console.log("UncoverAll"); + }); + + //日期范围 laydate.render({ elem: '#time_choose', @@ -1797,7 +1803,7 @@ function wafLogs(){ $('#time_choose').attr("data-name",query_txt); $('#time_choose').addClass("cur"); - wsTableErrorLogRequest(1); + wafLogRequest(1); }, }); diff --git a/plugins/op_waf/waf/lua/common.lua b/plugins/op_waf/waf/lua/common.lua index 549988877..ce5f6d05e 100644 --- a/plugins/op_waf/waf/lua/common.lua +++ b/plugins/op_waf/waf/lua/common.lua @@ -134,6 +134,24 @@ function _M.D(self, msg) return true end +function _M.is_working(self,sign) + local work_status = ngx.shared.waf_limit:get(sign.."_working") + if work_status ~= nil and work_status == true then + return true + end + return false +end + +function _M.lock_working(self, sign) + local working_key = sign.."_working" + ngx.shared.waf_limit:set(working_key, true, 60) +end + +function _M.unlock_working(self, sign) + local working_key = sign.."_working" + ngx.shared.waf_limit:set(working_key, false) +end + local function write_file_clear(filename, body) fp = io.open(filename,'w') diff --git a/plugins/op_waf/waf/lua/init.lua b/plugins/op_waf/waf/lua/init.lua index 9bbe85c60..5f8594152 100644 --- a/plugins/op_waf/waf/lua/init.lua +++ b/plugins/op_waf/waf/lua/init.lua @@ -95,71 +95,66 @@ local function is_chekc_table(data,strings) return 2 end -local function save_ip_on(data) - locak_file=read_file_body(cpath2 .. 'stop_ip.lock') - if not locak_file then - C:write_file(cpath2 .. 'stop_ip.lock','1') +local function remove_waf_drop_ip() + ngx.header.content_type = "application/json" + local ip = params['uri_request_args']['ip'] + + if not ip or not C:is_ipaddr(ip) then + local data = get_return_state(-1, "格式错误") + ngx.say(json.encode(data)) + ngx.exit(200) + return true end - name='stop_ip' - local extime = 18000 - data = json.encode(data) - ngx.shared.waf_limit:set(cpath2 .. name,data,extime) - if not ngx.shared.waf_limit:get(cpath2 .. name .. '_lock') then - ngx.shared.waf_limit:set(cpath2 .. name .. '_lock',1,0.5) - C:write_file(cpath2 .. name .. '.json',data) + + local sign = "remove_waf_drop_ip" + if C:is_working(sign) then + local data = get_return_state(-1, "fail") + ngx.say(json.encode(data)) + ngx.exit(200) + return true end -end -local function remove_waf_drop_ip() - if not uri_request_args['ip'] or not C:is_ipaddr(uri_request_args['ip']) then return get_return_state(true,'格式错误') end - if ngx.shared.waf_limit:get(cpath2 .. 'stop_ip') then - ret=ngx.shared.waf_limit:get(cpath2 .. 'stop_ip') - ip_data=json.decode(ret) - result = is_chekc_table(ip_data,uri_request_args['ip']) - os.execute("sleep " .. 0.6) - ret2 = ngx.shared.waf_limit:get(cpath2 .. 'stop_ip') - ip_data2 = json.decode(ret2) - if result == 3 then - for k,v in pairs(ip_data2) - do - if uri_request_args['ip'] == v['ip'] then - v['time'] = 0 - end - end - end - save_ip_on(ip_data2) - end - ngx.shared.waf_drop_ip:delete(uri_request_args['ip']) - return get_return_state(true,uri_request_args['ip'] .. '已解封') + C:lock_working(sign) + ngx.shared.waf_drop_ip:delete(ip) + C:unlock_working(sign) + + local data = get_return_state(0, "ok") + ngx.say(json.encode(data)) + ngx.exit(200) end local function clean_waf_drop_ip() - if ngx.shared.waf_limit:get(cpath2 .. 'stop_ip') then - ret2 = ngx.shared.waf_limit:get(cpath2 .. 'stop_ip') - ip_data2 = json.decode(ret2) - for k,v in pairs(ip_data2) - do - v['time'] = 0 - end - save_ip_on(ip_data2) - os.execute("sleep " .. 2) - end - local data = get_waf_drop_ip() - for _,value in ipairs(data) - do - ngx.shared.waf_drop_ip:delete(value) + ngx.header.content_type = "application/json" + + local sign = "clean_waf_drop_ip" + if C:is_working(sign) then + local data = get_return_state(-1, "fail") + ngx.say(json.encode(data)) + ngx.exit(200) + return true end - return get_return_state(true,'已解封所有封锁IP') + + C:lock_working(sign) + ngx.shared.waf_drop_ip:flush_all() + C:unlock_working(sign) + + local data = get_return_state(0, "ok") + ngx.say(json.encode(data)) + ngx.exit(200) end local function min_route() if ngx.var.remote_addr ~= '127.0.0.1' then return false end + local uri = params['uri'] if uri == '/get_waf_drop_ip' then - C:return_message(0,get_waf_drop_ip()) + ngx.header.content_type = "application/json" + local data = get_return_state(0, get_waf_drop_ip()) + ngx.say(json.encode(data)) + ngx.exit(200) elseif uri == '/remove_waf_drop_ip' then - C:return_message(0,remove_waf_drop_ip()) - elseif uri == '/clean_waf_waf_waf_drop_ip' then - C:return_message(0,clean_waf_drop_ip()) + remove_waf_drop_ip() + elseif uri == '/clean_waf_drop_ip' then + clean_waf_drop_ip() end end