up

plugins/op_waf/index.py

@@ -146,7 +146,7 @@ def initSiteInfo():
             site_contents_new[name] = site_contents[name]
         else:
             tmp = {}
-            tmp['cdn'] = True
+            tmp['cdn'] = False
             tmp['log'] = True
             tmp['get'] = True
             tmp['post'] = True

plugins/op_waf/js/op_waf.js

@@ -1632,7 +1632,7 @@ function wafSite(){
                             <label class="btswitch-btn" for="closeget_'+ i + '" onclick="setSiteObjState(\'' + k + '\',\'open\')"></label>\
                         </div>\
                     </td>\
-                    <td class="text-right"><a onclick="siteWafLog(\''+ k + '\')" class="btlink ' + (v.log_size > 0 ? 'dot' : '') + '">日志</a> | <a onclick="siteWafConfig(\'' + k + '\')" class="btlink">设置</a></td>\
+                    <td class="text-right"><a onclick="wafLogs(\''+ k + '\')" class="btlink ' + (v.log_size > 0 ? 'dot' : '') + '">日志</a> | <a onclick="siteWafConfig(\'' + k + '\')" class="btlink">设置</a></td>\
                 </tr>';
         });
 
@@ -1769,12 +1769,18 @@ function wafLogs(){
                         </div>\
                         <span class="last-span"><input data-name="" type="text" id="time_choose" lay-key="1000001_'+randstr+'" class="form-control btn-group-sm" autocomplete="off" placeholder="自定义时间" style="display: inline-block;font-size: 12px;padding: 0 10px;height:30px;width: 200px;"></span>\
                     </div>\
+                    <div style="float:right;"><button id="UncoverAll" class="btn btn-success btn-sm">解封所有</button></div>\
                 </div>\
                 <div class="divtable mtb10" id="ws_table"></div>\
             </div>';
     $(".soft-man-con").html(html);
     // wafLogRequest(1);
 
+    $("#UncoverAll").click(function(){
+        console.log("UncoverAll");
+    });
+
+
     //日期范围
     laydate.render({
         elem: '#time_choose',
@@ -1797,7 +1803,7 @@ function wafLogs(){
             $('#time_choose').attr("data-name",query_txt);
             $('#time_choose').addClass("cur");
 
-            wsTableErrorLogRequest(1);
+            wafLogRequest(1);
         },
     });
 

plugins/op_waf/waf/lua/common.lua

@@ -134,6 +134,24 @@ function _M.D(self, msg)
     return true
 end
 
+function _M.is_working(self,sign)
+    local work_status = ngx.shared.waf_limit:get(sign.."_working")
+    if work_status ~= nil and work_status == true then
+        return true 
+    end
+    return false
+end
+
+function _M.lock_working(self, sign)
+    local working_key = sign.."_working"
+    ngx.shared.waf_limit:set(working_key, true, 60)
+end
+
+function _M.unlock_working(self, sign)
+    local working_key = sign.."_working"
+    ngx.shared.waf_limit:set(working_key, false)
+end
+
 
 local function write_file_clear(filename, body)
     fp = io.open(filename,'w')

plugins/op_waf/waf/lua/init.lua

@@ -95,71 +95,66 @@ local function is_chekc_table(data,strings)
     return 2
 end
 
-local function save_ip_on(data)
+local function remove_waf_drop_ip()
-    locak_file=read_file_body(cpath2 .. 'stop_ip.lock')
+    ngx.header.content_type = "application/json"
-    if not locak_file then
+    local ip = params['uri_request_args']['ip']
-        C:write_file(cpath2 .. 'stop_ip.lock','1')
+
+    if not ip or not C:is_ipaddr(ip) then 
+        local data = get_return_state(-1, "格式错误")
+        ngx.say(json.encode(data))
+        ngx.exit(200)
+        return true
     end
-    name='stop_ip'
+    
-    local extime = 18000
+    local sign = "remove_waf_drop_ip"
-    data = json.encode(data)
+    if C:is_working(sign) then 
-    ngx.shared.waf_limit:set(cpath2 .. name,data,extime)
+        local data = get_return_state(-1, "fail")
-    if not ngx.shared.waf_limit:get(cpath2 .. name .. '_lock') then
+        ngx.say(json.encode(data))
-        ngx.shared.waf_limit:set(cpath2 .. name .. '_lock',1,0.5)
+        ngx.exit(200)
-        C:write_file(cpath2 .. name .. '.json',data)
+        return true
     end
-end
 
-local function remove_waf_drop_ip()
+    C:lock_working(sign)
-    if not uri_request_args['ip'] or not C:is_ipaddr(uri_request_args['ip']) then return get_return_state(true,'格式错误') end
+    ngx.shared.waf_drop_ip:delete(ip)
-    if ngx.shared.waf_limit:get(cpath2 .. 'stop_ip') then
+    C:unlock_working(sign)
-        ret=ngx.shared.waf_limit:get(cpath2 .. 'stop_ip')
+
-        ip_data=json.decode(ret)
+    local data = get_return_state(0, "ok")
-        result = is_chekc_table(ip_data,uri_request_args['ip'])
+    ngx.say(json.encode(data))
-        os.execute("sleep " .. 0.6)
+    ngx.exit(200)
-        ret2 = ngx.shared.waf_limit:get(cpath2 .. 'stop_ip')
-        ip_data2 = json.decode(ret2)
-        if result == 3 then
-            for k,v in pairs(ip_data2)
-            do
-                if uri_request_args['ip'] == v['ip'] then 
-                    v['time'] = 0
-                end
-            end
-        end
-        save_ip_on(ip_data2)
-    end
-    ngx.shared.waf_drop_ip:delete(uri_request_args['ip'])
-    return get_return_state(true,uri_request_args['ip'] .. '已解封')
 end
 
 local function clean_waf_drop_ip()
-    if ngx.shared.waf_limit:get(cpath2 .. 'stop_ip') then
+    ngx.header.content_type = "application/json"
-        ret2 = ngx.shared.waf_limit:get(cpath2 .. 'stop_ip')
+
-        ip_data2 = json.decode(ret2)
+    local sign = "clean_waf_drop_ip"
-        for k,v in pairs(ip_data2)
+    if C:is_working(sign) then 
-        do
+        local data = get_return_state(-1, "fail")
-            v['time'] = 0
+        ngx.say(json.encode(data))
-        end
+        ngx.exit(200)
-        save_ip_on(ip_data2)
+        return true
-        os.execute("sleep " .. 2)
-    end
-    local data = get_waf_drop_ip()
-    for _,value in ipairs(data)
-    do
-        ngx.shared.waf_drop_ip:delete(value)
     end
-    return get_return_state(true,'已解封所有封锁IP')
+
+    C:lock_working(sign)
+    ngx.shared.waf_drop_ip:flush_all()
+    C:unlock_working(sign)
+
+    local data = get_return_state(0, "ok")
+    ngx.say(json.encode(data))
+    ngx.exit(200)
 end
 
 local function min_route()
     if ngx.var.remote_addr ~= '127.0.0.1' then return false end
+    local uri = params['uri']
     if uri == '/get_waf_drop_ip' then
-        C:return_message(0,get_waf_drop_ip())
+        ngx.header.content_type = "application/json"
+        local data = get_return_state(0, get_waf_drop_ip())
+        ngx.say(json.encode(data))
+        ngx.exit(200)
     elseif uri == '/remove_waf_drop_ip' then
-        C:return_message(0,remove_waf_drop_ip())
+        remove_waf_drop_ip()
-    elseif uri == '/clean_waf_waf_waf_drop_ip' then
+    elseif uri == '/clean_waf_drop_ip' then
-        C:return_message(0,clean_waf_drop_ip())
+        clean_waf_drop_ip()
     end
 end