midoks
/
mdserver-web
mirror of https://github.com/midoks/mdserver-web
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
Simple Linux Panel
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
3283 Commits
8 Branches
70 Tags
40 MiB
 
 
 
 
 
 
Tag: Branch: Tree: cc9c3a009f
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'cc9c3a009f'
${ noResults }
mdserver-web/plugins/op_waf/js/op_waf.js

1647 lines
79 KiB
Raw Blame History

function owPost(method, args, callback){
var loadT = layer.msg('正在获取...', { icon: 16, time: 0, shade: 0.3 });
$.post('/plugins/run', {name:'op_waf', func:method, args:JSON.stringify(args)}, function(data) {
layer.close(loadT);
if (!data.status){
layer.msg(data.msg,{icon:0,time:2000,shade: [0.3, '#000']});
return;
}
if(typeof(callback) == 'function'){
callback(data);
}
},'json');
}
function getRuleByName(rule_name, callback){
owPost('get_rule', {rule_name:rule_name}, function(data){
callback(data);
});
}
function setRequestCode(ruleName, statusCode){
layer.open({
type: 1,
title: "设置响应代码【" + ruleName + "】",
area: '300px',
shift: 5,
closeBtn: 2,
shadeClose: true,
content: '<div class="bt-form pd20 pb70">\
<div class="line">\
<span class="tname">响应代码</span>\
<div class="info-r">\
<select id="statusCode" class="bt-input-text mr5" style="width:150px;">\
<option value="200" '+ (statusCode == 200 ? 'selected' : '') + '>正常(200)</option>\
<option value="404" '+ (statusCode == 404 ? 'selected' : '') + '>文件不存在(404)</option>\
<option value="403" '+ (statusCode == 403 ? 'selected' : '') + '>拒绝访问(403)</option>\
<option value="444" '+ (statusCode == 444 ? 'selected' : '') + '>关闭连接(444)</option>\
<option value="500" '+ (statusCode == 500 ? 'selected' : '') + '>应用程序错误(500)</option>\
<option value="502" '+ (statusCode == 502 ? 'selected' : '') + '>连接超时(502)</option>\
<option value="503" '+ (statusCode == 503 ? 'selected' : '') + '>服务器不可用(503)</option>\
</select>\
</div>\
</div>\
<div class="bt-form-submit-btn">\
<button type="button" class="btn btn-success btn-sm btn-title" onclick="setState(\''+ ruleName + '\')">确定</button>\
</div>\
</div>'
});
}
function setState(ruleName){
var statusCode = $('#statusCode').val();
owPost('set_obj_status', {obj:ruleName,statusCode:statusCode},function(data){
var rdata = $.parseJSON(data.data);
if (rdata.status){
layer.msg(rdata.msg,{icon:0,time:2000,shade: [0.3, '#000']});
wafGloabl();
} else {
layer.msg('设置失败!',{icon:0,time:2000,shade: [0.3, '#000']});
}
});
}
function setObjOpen(ruleName){
owPost('set_obj_open', {obj:ruleName},function(data){
var rdata = $.parseJSON(data.data);
if (rdata.status){
layer.msg(rdata.msg,{icon:0,time:2000,shade: [0.3, '#000']});
wafGloabl();
} else {
layer.msg('设置失败!',{icon:0,time:2000,shade: [0.3, '#000']});
}
});
}
//保存CC规则
function saveCcRule(siteName,is_open_global, type) {
var increase = "0";
if(type == 2){
// set_aicc_open('start');
increase = "0";
}else{
// set_aicc_open('stop');
increase = type;
}
increase = "0";
var pdata = {
siteName:siteName,
cycle: $("input[name='cc_cycle']").val(),
limit: $("input[name='cc_limit']").val(),
endtime: $("input[name='cc_endtime']").val(),
is_open_global:is_open_global,
increase:increase
}
console.log(pdata);
var act = 'set_cc_conf';
if (siteName != 'undefined') act = 'set_site_cc_conf';
owPost(act, pdata, function(data){
var rdata = $.parseJSON(data.data);
layer.msg(rdata.msg, { icon: rdata.status ? 1 : 2 });
setTimeout(function(){
if (siteName != 'undefined') {
siteWafConfig(siteName, 1);
} else {
wafGloabl();
}
},1000);
});
}
function setCcRule(cycle, limit, endtime, siteName, increase){
var incstr = '<li style="color:red;">此处设置仅对当前站点有效。</li>';
if (siteName == 'undefined') {
incstr = '<li style="color:red;">此处设置的是初始值,新添加站点时将继承,对现有站点无效。</li>';
}
// <div class="line">\
// <span class="tname">增强模式</span>\
// <div class="info-r">\
// <select class="bt-input-text mr5" style="width:80px" name="enhance_mode">\
// <option value="0" '+ (enhance_mode == 0?'selected':'') +'>关闭</option>\
// <option value="1" '+ (enhance_mode == 1?'selected':'') +'>开启</option>\
// </select>\
// </div>\
// </div>\
// <div class="line" style="display:'+ (siteName == 'undefined'?'block':'none') +'">\
// <span class="tname">四层防御</span>\
// <div class="info-r">\
// <select class="bt-input-text mr5" style="width:80px" name="cc_four_defense">\
// <option value="0">关闭</option>\
// <option value="1">开启</option>\
// </select>\
// </div>\
// </div>\
//<li><font style="color:red;">增强模式:CC防御加强版,开启后可能会影响用户体验,建议在用户受到CC攻击时开启。</font></li>\
create_l = layer.open({
type: 1,
title: "设置CC规则",
area: '540px',
closeBtn: 2,
shadeClose: false,
content: '<form class="bt-form pd20 pb70">\
<div class="line">\
<span class="tname">周期</span>\
<div class="info-r"><input class="bt-input-text" name="cc_cycle" type="number" value="'+ cycle + '" /> 秒</div>\
</div>\
<div class="line">\
<span class="tname">频率</span>\
<div class="info-r"><input class="bt-input-text" name="cc_limit" type="number" value="'+ limit + '" /> 次</div>\
</div>\
<div class="line">\
<span class="tname">封锁时间</span>\
<div class="info-r"><input class="bt-input-text" name="cc_endtime" type="number" value="'+ endtime + '" /> 秒</div>\
</div>\
<ul class="help-info-text c7 ptb10">'+ incstr + '\
<li><font style="color:red;">'+ cycle + '</font> 秒内累计请求同一URL超过 <font style="color:red;">' + limit + '</font> 次,触发CC防御,封锁此IP <font style="color:red;">' + endtime + '</font> 秒</li>\
<li>请不要设置过于严格的CC规则,以免影响正常用户体验</li>\
<li><font style="color:red;display:'+ (siteName == 'undefined'?'display: inline-block;':'none') +';">全局应用:全局设置当前CC规则,且覆盖当前全部站点的CC规则</font></li>\
</ul>\
<div class="bt-form-submit-btn"><button type="button" class="btn btn-danger btn-sm btn_cc_all" style="margin-right:10px;display:'+ (siteName == 'undefined'?'display: inline-block;':'none') +';">全局应用</button><button type="button" class="btn btn-success btn-sm btn_cc_present">应用</button></div>\
</form>',
success:function(layero,index){
$('.btn_cc_all').click(function(){
saveCcRule(siteName,1,$('[name="enhance_mode"]').val());
});
$('.btn_cc_present').click(function(){
saveCcRule(siteName,0,$('[name="enhance_mode"]').val());
});
}
});
}
//设置retry规则
function setRetry(retry_cycle, retry, retry_time, siteName) {
create_layer = layer.open({
type: 1,
title: "设置恶意容忍规则",
area: '500px',
closeBtn: 2,
shadeClose: false,
content: '<form class="bt-form pd20 pb70">\
<div class="line">\
<span class="tname">周期</span>\
<div class="info-r"><input class="bt-input-text" name="retry_cycle" type="number" value="'+ retry_cycle + '" /> 秒</div>\
</div>\
<div class="line">\
<span class="tname">频率</span>\
<div class="info-r"><input class="bt-input-text" name="retry" type="number" value="'+ retry + '" /> 次</div>\
</div>\
<div class="line">\
<span class="tname">封锁时间</span>\
<div class="info-r"><input class="bt-input-text" name="retry_time" type="number" value="'+ retry_time + '" /> 秒</div>\
</div>\
<ul class="help-info-text c7 ptb10">\
<li><font style="color:red;">'+ retry_cycle + '</font> 秒内累计恶意请求超过 <font style="color:red;">' + retry + '</font> 次,封锁 <font style="color:red;">' + retry_time + '</font> 秒</li>\
<li><font style="color:red;">全局应用:全局设置当前恶意容忍规则,且覆盖当前全部站点的恶意容忍规则</li>\
</ul>\
<div class="bt-form-submit-btn"><button type="button" class="btn btn-danger btn-sm btn_retry_all" style="margin-right:10px;display:'+ (siteName == undefined?'inline-block;':'none') +';">全局应用</button><button type="button" class="btn btn-success btn-sm btn_retry_present">应用</button></div>\
</form>',
success:function(){
$('.btn_retry_all').click(function(){
saveRetry(siteName,1);
});
$('.btn_retry_present').click(function(){
saveRetry(siteName,0);
});
}
});
}
//保存retry规则
function saveRetry(siteName,type) {
var pdata = {
siteName: siteName,
retry: $("input[name='retry']").val(),
retry_time: $("input[name='retry_time']").val(),
retry_cycle: $("input[name='retry_cycle']").val(),
is_open_global:type
}
var act = 'set_retry';
if (siteName != undefined) act = 'set_site_retry';
owPost(act, pdata, function(data){
var rdata = $.parseJSON(data.data);
layer.msg(rdata.msg, { icon: rdata.status ? 1 : 2 });
layer.close(create_layer);
wafGloablRefresh(1000);
});
}
function addRule(ruleName) {
var pdata = {
'ruleValue': $("input[name='ruleValue']").val(),
'ps': $("input[name='rulePs']").val(),
'ruleName': ruleName
}
owPost('add_rule', pdata, function(data){
var rdata = $.parseJSON(data.data);
layer.msg(rdata.msg, { icon: rdata.status ? 1 : 2 });
if (rdata.status) {
setTimeout(function(){
setObjConf(ruleName, 1);
},1000);
}
});
// var loadT = layer.msg('正在添加,请稍候..', { icon: 16, time: 0 });
// $.post('/plugin?action=a&name=btwaf&s=add_rule', pdata, function (rdata) {
// layer.close(loadT);
// layer.msg(rdata.msg, { icon: rdata.status ? 1 : 2 });
// if (rdata.status) {
// set_obj_conf(ruleName, 1);
// }
// });
}
function modifyRule(index, ruleName) {
var ruleValue = $('.rule_body_' + index).text();
$('.rule_body_' + index).html('<textarea class="bt-input-text" name="rule_body_' + index + '" style="margin: 0px; height: 70px; width: 99%;line-height:20px">' + ruleValue + '</textarea>');
var rulePs = $('.rule_ps_' + index).text();
$('.rule_ps_' + index).html('<input class="bt-input-text" type="text" name="rule_ps_' + index + '" value="' + rulePs + '" />');
$('.rule_modify_' + index).html('<a class="btlink" onclick="modifyRuleSave(' + index + ',\'' + ruleName + '\')">保存</a> | <a class="btlink modr_cancel_' + index + '">取消</a>');
$(".modr_cancel_" + index).click(function () {
$('.rule_body_' + index).html(ruleValue);
$('.rule_ps_' + index).html(rulePs);
$('.rule_modify_' + index).html('<a class="btlink" onclick="modifyRule(' + index + ',\'' + ruleName + '\')">编辑</a>');
})
}
function modifyRuleSave(index, ruleName) {
var pdata = {
index: index,
ruleName: ruleName,
ruleBody: $("textarea[name='rule_body_" + index + "']").val(),
rulePs: $("input[name='rule_ps_" + index + "']").val()
}
owPost('modify_rule', pdata, function(data){
var rdata = $.parseJSON(data.data);
layer.msg(rdata.msg, { icon: rdata.status ? 1 : 2 });
if (rdata.status) {
setTimeout(function(){
setObjConf(ruleName, 1);
},1000);
}
});
}
function removeRule(ruleName, index) {
var pdata = {
'index': index,
'ruleName': ruleName
}
safeMessage('删除规则', '您真的要删除这条过滤规则吗?', function () {
owPost('remove_rule', pdata, function(data){
var rdata = $.parseJSON(data.data);
layer.msg(rdata.msg, { icon: rdata.status ? 1 : 2 });
if (rdata.status) {
setTimeout(function(){
setObjConf(ruleName, 1);
},1000);
}
});
});
}
function setRuleState(ruleName, index) {
var pdata = {
'index': index,
'ruleName': ruleName
}
owPost('set_rule_state', pdata, function(data){
var rdata = $.parseJSON(data.data);
layer.msg(rdata.msg, { icon: rdata.status ? 1 : 2 });
if (rdata.status) {
setTimeout(function(){
setObjConf(ruleName, 1);
},1000);
}
});
}
//设置规则
function setObjConf(ruleName, type) {
if (type == undefined) {
create_l = layer.open({
type: 1,
title: "编辑规则【" + ruleName + "】",
area: ['700px', '530px'],
closeBtn: 2,
shadeClose: false,
content: '<div class="pd15">\
<div style="border-bottom:#ccc 1px solid;margin-bottom:10px;padding-bottom:10px">\
<input class="bt-input-text" name="ruleValue" type="text" value="" style="width:470px;margin-right:12px;" placeholder="规则内容,请使用正则表达式">\
<input class="bt-input-text mr5" name="rulePs" type="text" style="width:120px;" placeholder="描述">\
<button class="btn btn-success btn-sm va0 pull-right" onclick="addRule(\''+ ruleName + '\');">添加</button>\</div>\
<div class="divtable">\
<div id="jc-file-table" class="table_head_fix" style="max-height:300px;overflow:auto;border:#ddd 1px solid">\
<table class="table table-hover" style="border:none">\
<thead>\
<tr>\
<th width="360">规则</th>\
<th>说明</th>\
<th>操作</th>\
<th style="text-align: right;">状态</th>\
</tr>\
</thead>\
<tbody id="set_obj_conf_con" class="gztr"></tbody>\
</table>\
</div>\
</div>\
<ul class="help-info-text c7 ptb10">\
<li style="color:red;">注意:如果您不了解正则表达式,请不要随意修改规则内容</li>\
<li>您可以添加或修改规则内容,但请使用正则表达式</li>\
<li>内置规则允许修改,但不可以直接删除,您可以设置规则状态来定义防火墙是否使用此规则</li>\
</ul></div>'
});
tableFixed("jc-file-table");
}
getRuleByName(ruleName, function(data){
var tmp = $.parseJSON(data.data);
var rdata = $.parseJSON(tmp.data);
var tbody = ''
for (var i = 0; i < rdata.length; i++) {
var removeRule = ''
if (rdata[i][3] != 0) removeRule = ' | <a class="btlink" onclick="removeRule(\'' + ruleName + '\',' + i + ')">删除</a>';
tbody += '<tr>\
<td class="rule_body_'+ i + '">' + rdata[i][1] + '</td>\
<td class="rule_ps_'+ i + '">' + rdata[i][2] + '</td>\
<td class="rule_modify_'+ i + '"><a class="btlink" onclick="modifyRule(' + i + ',\'' + ruleName + '\')">编辑</a>' + removeRule + '</td>\
<td class="text-right">\
<div class="pull-right">\
<input class="btswitch btswitch-ios" id="closeua_'+ i + '" type="checkbox" ' + (rdata[i][0] ? 'checked' : '') + '>\
<label class="btswitch-btn" style="width:2.0em;height:1.2em;margin-bottom: 0" for="closeua_'+ i + '" onclick="setRuleState(\'' + ruleName + '\',' + i + ')"></label>\
</div>\
</td>\
</tr>'
}
$("#set_obj_conf_con").html(tbody);
});
}
//常用扫描器
function scanRule() {
getRuleByName('scan_black', function(data){
var tmp = $.parseJSON(data.data);
var rdata = $.parseJSON(tmp.data);
create_l = layer.open({
type: 1,
title: "常用扫描器过滤规则",
area: '650px',
closeBtn: 2,
shadeClose: false,
content: '<form class="bt-form pd20 pb70">\
<div class="line">\
<span class="tname">Header</span>\
<div class="info-r"><textarea style="margin: 0px;width:475px;height: 75px;line-height:20px" class="bt-input-text" name="scan_header" >'+ rdata.header + '</textarea></div>\
</div>\
<div class="line">\
<span class="tname">Cookie</span>\
<div class="info-r"><textarea style="margin: 0px;width:475px;height: 75px;line-height:20px" class="bt-input-text" name="scan_cookie" >'+ rdata.cookie + '</textarea></div>\
</div>\
<div class="line">\
<span class="tname">Args</span>\
<div class="info-r"><textarea style="margin: 0px;width:475px;height: 75px;line-height:20px" class="bt-input-text" name="scan_args" >'+ rdata.args + '</textarea></div>\
</div>\
<ul class="help-info-text c7 ptb10">\
<li>会同时过滤key和value,请谨慎设置</li>\
<li>请使用正则表达式,提交前应先备份原有表达式</li>\
</ul>\
<div class="bt-form-submit-btn">\
<button type="button" class="btn btn-success btn-sm btn-title" onclick="saveScanRule()">确定</button>\
</div>\
</form>'
});
});
}
//保存扫描器规则
function saveScanRule() {
pdata = {
header: $("textarea[name='scan_header']").val(),
cookie: $("textarea[name='scan_cookie']").val(),
args: $("textarea[name='scan_args']").val()
}
owPost('save_scan_rule', pdata,function(data){
var rdata = $.parseJSON(data.data);
layer.msg(rdata.msg, { icon: rdata.status ? 1 : 2 });
layer.close(create_l);
wafGloablRefresh(1000);
});
}
//添加IP段到IP白名单
function addIpWhite() {
var pdata = {
start_ip: $("input[name='start_ip']").val(),
end_ip: $("input[name='end_ip']").val()
}
if (pdata['start_ip'].split('.').length < 4 || pdata['end_ip'].split('.').length < 4) {
layer.msg('起始IP或结束IP格式不正确!');
return;
}
owPost('add_ip_white', pdata, function(data){
var rdata = $.parseJSON(data.data);
layer.msg(rdata.msg, { icon: rdata.status ? 1 : 2 });
if (rdata.status) {
setTimeout(function(){
ipWhite(1);
},1000);
}
});
}
//从IP白名单删除IP段
function removeIpWhite(index) {
owPost('remove_ip_white', { index: index }, function(data){
var rdata = $.parseJSON(data.data);
if (rdata.status) {
setTimeout(function(){
ipWhite(1);
},1000);
}
layer.msg(rdata.msg, { icon: rdata.status ? 1 : 2 });
});
}
function funDownload(content, filename) {
// 创建隐藏的可下载链接
var eleLink = document.createElement('a');
eleLink.download = filename;
eleLink.style.display = 'none';
// 字符内容转变成blob地址
var blob = new Blob([content]);
eleLink.href = URL.createObjectURL(blob);
// 触发点击
document.body.appendChild(eleLink);
eleLink.click();
// 然后移除
document.body.removeChild(eleLink);
}
function outputLayer(rdata, name, type) {
window.Load_layer = layer.open({
type: 1,
title: type ? "导出数据" : "导入数据",
area: ['400px', '370px'],
shadeClose: false,
content: '<div class="soft-man-con" style="padding:10px;">' +
'<div class="line">' +
'<div class="ml0" style="position:relative;" id="focus_tips">' +
'<textarea class="bt-input-text mr20 config" name="config" style="width: 300px; height: 250px; line-height: 22px; display: none;" id="lead_data">' + (rdata != '' ? JSON.stringify(rdata) : '') + '</textarea>' +
'<div class="placeholder c9" style="top: 15px; left: 15px; display:' + (rdata == "" ? "block;" : "none;") + '">导入格式如下:' +
(name == 'ip_white' || name == 'ip_black' ? "[[[127, 0, 0, 1],[127, 0, 0, 255]]]" : "[\"^/test\",\"^/web\"]") +
'</div>' +
'</div>' +
'</div>' +
'<div class="line "><div class="ml0">' +
(type ? '<button name="btn_save_to" class="btn btn-success btn-sm mr5 btn_save_to" >导出配置</button>' : '<button name="btn_save" class="btn btn-success btn-sm mr5 btn_save">保存</button>') +
'</div></div>' +
'</div>'
});
var lead_error = CodeMirror.fromTextArea(document.getElementById("lead_data"), {
mode: 'html',
matchBrackets: true,
matchtags: true,
autoMatchParens: true
});
setTimeout(function () {
$('.btn_save').on('click', function () {
importData(name, lead_error.getValue());
})
$('.btn_save_to').on('click', function () {
funDownload(lead_error.getValue(), name + '.json');
});
$('#focus_tips').on('click', function () {
$('.placeholder').hide();
});
}, 100);
}
//导出数据
function outputData(name, callback) {
var loadT = layer.msg('正在导出数据..', { icon: 16, time: 0 });
owPost('output_data', { s_Name: name } , function(data){
var tmp = $.parseJSON(data.data);
var rdata = $.parseJSON(tmp.data);
if (callback) callback(rdata,res);
outputLayer(rdata, name, true);
});
}
//导入数据
function importData(name, pdata, callback) {
owPost('import_data', { s_Name: name, pdata: pdata } , function(data){
var rdata = $.parseJSON(data.data);
if (callback) callback();
layer.msg(rdata.msg, { icon: rdata.status ? 1 : 2 });
});
}
function fileInput(name) {
outputLayer('', name, false);
}
//IP白名单
function ipWhite(type) {
if (type == undefined) {
create_l = layer.open({
type: 1,
title: "管理IP白名单",
area: ['500px', '500px'],
closeBtn: 2,
shadeClose: false,
content: '<div class="pd15 ipv4_list">\
<div style="border-bottom:#ccc 1px solid;margin-bottom:10px;padding-bottom:10px">\
<input class="bt-input-text" name="start_ip" type="text" value="" style="width:180px;margin-right:15px;margin-left:5px" placeholder="起始IP地址">\
<input class="bt-input-text mr5" name="end_ip" type="text" style="width:180px;margin-left:5px;margin-right:20px" placeholder="结束IP地址">\
<button class="btn btn-success btn-sm va0 pull-right" onclick="addIpWhite();">添加</button>\</div>\
<div class="divtable">\
<div id="ipWhite" style="max-height:300px;overflow:auto;border:#ddd 1px solid">\
<table class="table table-hover" style="border:none">\
<thead>\
<tr>\
<th>超始IP</th>\
<th>结束IP</th>\
<th style="text-align: right;">操作</th>\
</tr>\
</thead>\
<tbody id="ip_white_con" class="gztr"></tbody>\
</table>\
</div>\
</div>\
<div style="width:100%" class="mt5">\
<button class="btn btn-success btn-sm va0 mr5 mt10" onclick="fileInput(\'ip_white\')" >导入</button>\
<button class="btn btn-success btn-sm va0 mt10" onclick="outputData(\'ip_white\')">导出</button>\
</div>\
<ul class="help-info-text c7 ptb10">\
<li>所有规则对白名单中的IP段无效,包括IP黑名单和URL黑名单,IP白名单具备最高优先权</li>\
</ul>\
</div>\
<div class="pd15 ipv6_list">\
</div>',
success:function(index,layero){
// $('.tab_list .tab_block').click(function(){
// $(this).addClass('active').siblings().removeClass('active');
// console.log($(this).index());
// if($(this).index() === 0){
// $('.ipv4_list').show().next().hide();
// }else{
// $('.ipv4_list').hide().next().show();
// }
// });
// <div class="tab_list"><div class="tab_block active">IPv4白名单</div><div class="tab_block">IPv6白名单</div></div>\
}
});
tableFixed("ipWhite");
}
getRuleByName('ip_white', function(data){
var tmp = $.parseJSON(data.data);
var rdata = $.parseJSON(tmp.data);
var tbody = ''
for (var i = 0; i < rdata.length; i++) {
tbody += '<tr>\
<td>'+ rdata[i][0].join('.') + '</td>\
<td>'+ rdata[i][1].join('.') + '</td>\
<td class="text-right"><a class="btlink" onclick="removeIpWhite('+ i + ')">删除</a></td>\
</tr>'
}
$("#ip_white_con").html(tbody);
});
}
// 获取IPV4黑名单
function getIpv4Address(callback){
getRuleByName('ip_black', function(data){
var tmp = $.parseJSON(data.data);
var rdata = $.parseJSON(tmp.data);
callback(rdata);
});
}
// 获取IPV6黑名单
function getIpv6Address(callback){
getRuleByName('ipv6_black', function(data){
var tmp = $.parseJSON(data.data);
var rdata = $.parseJSON(tmp.data);
callback(rdata);
});
}
// 添加ipv6请求
function addIpv6Req(ip,callback){
var ip = ip.replace(/:/g, '_');
owPost('set_ipv6_black', {addr:ip}, function(data){
var rdata = $.parseJSON(data.data);
if(callback) callback(rdata);
});
}
// 添加ipv6请求
function removeIpv6Black(ip,callback){
var ip = ip.replace(/:/g, '_');
owPost('del_ipv6_black', {addr:ip}, function(data){
var rdata = $.parseJSON(data.data);
layer.msg(rdata.msg,{icon:rdata.status?1:2});
$('.tab_list .tab_block:eq(1)').click();
if(callback) callback(rdata);
});
}
//添加IP段到IP黑名单
function addIpBlack() {
var pdata = {
start_ip: $("input[name='start_ip']").val(),
end_ip: $("input[name='end_ip']").val()
}
if (pdata['start_ip'].split('.').length < 4 || pdata['end_ip'].split('.').length < 4) {
layer.msg('起始IP或结束IP格式不正确!');
return;
}
owPost('add_ip_black', pdata, function(data){
var rdata = $.parseJSON(data.data);
if (rdata.status) {
ipBlack(1);
}
layer.msg(rdata.msg, { icon: rdata.status ? 1 : 2 });
});
}
//从IP黑名单删除IP段
function removeIpBlack(index) {
owPost('remove_ip_black', { index: index }, function (data) {
var rdata = $.parseJSON(data.data);
if (rdata.status) {
ipBlack(1);
}
layer.msg(rdata.msg, { icon: rdata.status ? 1 : 2 });
});
}
//IP黑名单
function ipBlack(type) {
if (type == undefined) {
create_l = layer.open({
type: 1,
title: "管理IP黑名单",
area: ['500px', '500px'],
closeBtn: 2,
shadeClose: false,
content: '<div class="tab_list"><div class="tab_block active">IPv4黑名单</div><div class="tab_block">IPv6黑名单</div></div>\
<div class="pd15 ipv4_block">\
<div style="border-bottom:#ccc 1px solid;margin-bottom:10px;padding-bottom:10px">\
<input class="bt-input-text" name="start_ip" type="text" value="" style="width:150px;margin-right:15px;margin-left:5px" placeholder="起始IP地址">\
<input class="bt-input-text mr5" name="end_ip" type="text" style="width:150px;margin-left:5px;margin-right:20px" placeholder="结束IP地址">\
<button class="btn btn-success btn-sm va0 pull-right" onclick="addIpBlack();">添加</button>\</div>\
<div class="divtable">\
<div id="ipBlack" style="max-height:300px;overflow:auto;border:#ddd 1px solid">\
<table class="table table-hover" style="border:none">\
<thead>\
<tr>\
<th>超始IP</th>\
<th>结束IP</th>\
<th style="text-align: right;">操作</th>\
</tr>\
</thead>\
<tbody id="ip_black_con" class="gztr"></tbody>\
</table>\
</div>\
<div style="width:100%" class="mt10">\
<button class="btn btn-success btn-sm va0 mr5 mt10" onclick="fileInput(\'ip_black\')" >导入</button>\
<button class="btn btn-success btn-sm va0 mt10" onclick="outputData(\'ip_black\')">导出</button>\
</div>\
</div>\
<ul class="help-info-text c7 ptb10">\
<li>黑名单中的IP段将被禁止访问,IP白名单中已存在的除外</li>\
</ul>\
</div>\
<div class="pd15 ipv6_block">\
<div style="border-bottom:#ccc 1px solid;margin-bottom:10px;padding-bottom:10px">\
<input class="bt-input-text" name="ipv6_address" type="text" style="width:380px;margin-right:15px;margin-left:5px" placeholder="ipv6地址">\
<button class="btn btn-success btn-sm va0 btn_add_ipv6" style="margin-left:15px;">添加</button>\
</div>\
<div class="divtable">\
<div id="ipv6_black" style="max-height:300px;overflow:auto;border:#ddd 1px solid">\
<table class="table table-hover" style="border:none">\
<thead><tr><th>IPv6地址</th><th style="text-align: right;">操作</th></tr></thead>\
<tbody id="ipv6_black_con" class="gztr"></tbody>\
</table>\
</div>\
</div>\
<ul class="help-info-text c7 ptb10">\
<li>黑名单中的IP段将被禁止访问,IP白名单中已存在的除外</li>\
</ul>\
</div>',
success:function(index,layero){
$('.tab_list .tab_block').click(function(){
$(this).addClass('active').siblings().removeClass('active');
if($(this).index() === 0){
$('.ipv4_block').show().next().hide();
getIpv4Address(function(rdata){
var tbody = ''
for (var i = 0; i < rdata.length; i++) {
tbody += '<tr>\
<td>'+ rdata[i][0].join('.') + '</td>\
<td>'+ rdata[i][1].join('.') + '</td>\
<td class="text-right"><a class="btlink" onclick="removeIpBlack('+ i + ')">删除</a></td>\
</tr>'
}
$("#ip_black_con").html(tbody);
});
}else{
$('.ipv4_block').hide().next().show();
getIpv6Address(function(res){
var tbody = '',rdata = res;
for (var i = 0; i < rdata.length; i++) {
tbody += '<tr>\
<td>'+ rdata[i] + '</td>\
<td class="text-right"><a class="btlink" onclick="removeIpv6Black(\''+ rdata[i] + '\')">删除</a></td>\
</tr>'
}
$("#ipv6_black_con").html(tbody);
});
}
});
$('.btn_add_ipv6').click(function(){
var ipv6 = $('[name="ipv6_address"]').val();
addIpv6Req(ipv6, function(res){
layer.msg(res.msg,{icon:res.status?1:2});
if(res.status){
$('[name="ipv6_address"]').val('');
$('.tab_list .tab_block:eq(1)').click();
}
});
});
$('.tab_list .tab_block:eq(0)').click();
}
});
tableFixed("ipBlack");
} else {
$('.tab_list .tab_block:eq(0)').click();
}
}
function wafScreen(){
owPost('waf_srceen', {}, function(data){
var rdata = $.parseJSON(data.data);
var con = '<div class="wavbox alert alert-success" style="margin-right:16px">总拦截<span>'+rdata.total+'</span>次</div>';
con += '<div class="wavbox alert alert-info" style="margin-right:16px">安全防护<span>0</span>天</div>';
con += '<div class="screen">\
<div class="line"><span class="name">POST渗透</span><span class="val">'+rdata.rules.post+'</span></div>\
<div class="line"><span class="name">GET渗透</span><span class="val">0</span></div>\
<div class="line"><span class="name">CC攻击</span><span class="val">'+rdata.rules.cc+'</span></div>\
<div class="line"><span class="name">恶意User-Agent</span><span class="val">'+rdata.rules.user_agent+'</span></div>\
<div class="line"><span class="name">Cookie渗透</span><span class="val">'+rdata.rules.cookie+'</span></div>\
<div class="line"><span class="name">恶意扫描</span><span class="val">0</span></div>\
<div class="line"><span class="name">恶意HEAD请求</span><span class="val">0</span></div>\
<div class="line"><span class="name">URI自定义拦截</span><span class="val">0</span></div>\
<div class="line"><span class="name">URI保护</span><span class="val">0</span></div>\
<div class="line"><span class="name">恶意文件上传</span><span class="val">0</span></div>\
<div class="line"><span class="name">禁止的扩展名</span><span class="val">0</span></div>\
<div class="line"><span class="name">禁止PHP脚本</span><span class="val">0</span></div>\
</div>';
con += '<div style="width:660px;"><ul class="help-info-text c7">\
<li>在此处关闭防火墙后,所有站点将失去保护</li>\
<li>网站防火墙会使nginx有一定的性能损失(&lt;5% 10C静态并发测试结果)</li>\
<li>网站防火墙仅主要针对网站渗透攻击,暂时不具备系统加固功能</li>\
</ul></div>';
$(".soft-man-con").html(con);
});
}
function wafGloablRefresh(time){
setTimeout(function(){
wafGloabl();
}, time);
}
function wafGloabl(){
owPost('waf_conf', {}, function(data){
var rdata = $.parseJSON(data.data);
var con = '<div class="divtable">\
<table class="table table-hover waftable">\
<thead><tr><th width="18%">名称</th>\
<th width="44%">描述</th>\
<th width="10%">响应</th>\
<th style="text-align: center;" width="10%">状态</th>\
<th style="text-align: right;">操作</th></tr>\
</thead>\
<tbody>\
<tr><td>CC防御</td>\
<td>防御CC攻击,具体防御参数请到站点配置中调整</td>\
<td><a class="btlink" onclick="setRequestCode(\'cc\','+rdata.cc.status+')">'+rdata.cc.status+'</a></td>\
<td><div class="ssh-item">\
<input class="btswitch btswitch-ios" id="closecc" type="checkbox" '+(rdata.cc.open ? 'checked' : '')+'>\
<label class="btswitch-btn" for="closecc" onclick="setObjOpen(\'cc\')"></label></div>\
</td>\
<td class="text-right"><a class="btlink" onclick="setCcRule('+rdata.cc.cycle+','+rdata.cc.limit+','+rdata.cc.endtime+',\'undefined\','+rdata.cc.increase+')">初始规则</a></td>\
</tr>\
<tr>\
<td>恶意容忍度</td>\
<td>封锁连续恶意请求,请到站点配置中调整容忍阈值</td>\
<td><a class="btlink" onclick="setRequestCode(\'cc\','+ rdata.cc.status + ')">' + rdata.cc.status + '</a></td>\
<td style="text-align: center;">--</td>\
<td class="text-right"><a class="btlink" onclick="setRetry('+ rdata.retry.retry_cycle + ',' + rdata.retry.retry + ',' + rdata.retry.retry_time + ')">初始规则</a></td>\
</tr>\
<tr>\
<td>GET-URI过滤</td>\
<td>'+ rdata.get.ps + '</td>\
<td><a class="btlink" onclick="setRequestCode(\'get\',' + rdata.get.status + ')">' + rdata.get.status + '</a></td>\
<td><div class="ssh-item">\
<input class="btswitch btswitch-ios" id="closeget" type="checkbox" '+ (rdata.get.open ? 'checked' : '') + '>\
<label class="btswitch-btn" for="closeget" onclick="setObjOpen(\'get\')"></label>\
</div></td>\
<td class="text-right"><a class="btlink" onclick="setObjConf(\'url\')">规则</a> | <a class="btlink" href="javascript:;" onclick="onlineEditFile(0,\''+rdata['reqfile_path']+'/get.html\')">响应内容</a></td>\
</tr>\
<tr>\
<td>GET-参数过滤</td><td>'+ rdata.get.ps + '</td><td><a class="btlink" onclick="setRequestCode(\'get\',' + rdata.get.status + ')">' + rdata.get.status + '</a></td><td><div class="ssh-item">\
<input class="btswitch btswitch-ios" id="closeget" type="checkbox" '+ (rdata.get.open ? 'checked' : '') + '>\
<label class="btswitch-btn" for="closeget" onclick="setObjOpen(\'get\')"></label>\
</div></td><td class="text-right"><a class="btlink" onclick="setObjConf(\'args\')">规则</a> | <a class="btlink" href="javascript:;" onclick="onlineEditFile(0,\''+rdata['reqfile_path']+'/get.html\')">响应内容</a></td>\
</tr>\
<tr>\
<td>POST过滤</td><td>'+ rdata.post.ps + '</td><td><a class="btlink" onclick="setRequestCode(\'post\',' + rdata.post.status + ')">' + rdata.post.status + '</a></td><td><div class="ssh-item">\
<input class="btswitch btswitch-ios" id="closepost" type="checkbox" '+ (rdata.post.open ? 'checked' : '') + '>\
<label class="btswitch-btn" for="closepost" onclick="setObjOpen(\'post\')"></label>\
</div></td><td class="text-right"><a class="btlink" onclick="setObjConf(\'post\')">规则</a> | <a class="btlink" href="javascript:;" onclick="onlineEditFile(0,\''+rdata['reqfile_path']+'/post.html\')">响应内容</a></td>\
</tr>\
<tr>\
<td>User-Agent过滤</td><td>'+ rdata['user-agent'].ps + '</td><td><a class="btlink" onclick="setRequestCode(\'user-agent\',' + rdata['user-agent'].status + ')">' + rdata['user-agent'].status + '</a></td><td><div class="ssh-item">\
<input class="btswitch btswitch-ios" id="closeua" type="checkbox" '+ (rdata['user-agent'].open ? 'checked' : '') + '>\
<label class="btswitch-btn" for="closeua" onclick="setObjOpen(\'user-agent\')"></label>\
</div></td><td class="text-right"><a class="btlink" onclick="setObjConf(\'user_agent\')">规则</a> | <a class="btlink" href="javascript:;" onclick="onlineEditFile(0,\''+rdata['reqfile_path']+'/user_agent.html\')">响应内容</a></td>\
</tr>\
<tr>\
<td>Cookie过滤</td><td>'+ rdata.cookie.ps + '</td><td><a class="btlink" onclick="setRequestCode(\'cookie\',' + rdata.cookie.status + ')">' + rdata.cookie.status + '</a></td><td><div class="ssh-item">\
<input class="btswitch btswitch-ios" id="closecookie" type="checkbox" '+ (rdata.cookie.open ? 'checked' : '') + '>\
<label class="btswitch-btn" for="closecookie" onclick="setObjOpen(\'cookie\')"></label>\
</div></td><td class="text-right"><a class="btlink" onclick="setObjConf(\'cookie\')">规则</a> | <a class="btlink" href="javascript:;" onclick="onlineEditFile(0,\''+rdata['reqfile_path']+'/cookie.html\')">响应内容</a></td>\
</tr>\
<tr>\
<td>常见扫描器</td><td>'+ rdata.scan.ps + '</td><td><a class="btlink" onclick="setRequestCode(\'scan\',' + rdata.scan.status + ')">' + rdata.scan.status + '</a></td><td><div class="ssh-item">\
<input class="btswitch btswitch-ios" id="closescan" type="checkbox" '+ (rdata.scan.open ? 'checked' : '') + '>\
<label class="btswitch-btn" for="closescan" onclick="setObjOpen(\'scan\')"></label>\
</div></td><td class="text-right"><a class="btlink" onclick="scanRule()">设置</a></td>\
</tr>\
<tr>\
<td>IP白名单</td><td>所有规则对IP白名单无效</td><td style="text-align: center;">--</td>\
<td style="text-align: center;">--</td>\
<td class="text-right"><a class="btlink" onclick="ipWhite()">设置</a></td>\
</tr>\
<tr>\
<td>IP黑名单</td><td>禁止访问的IP</td><td><a class="btlink" onclick="setRequestCode(\'cc\','+ rdata.cc.status + ')">' + rdata.cc.status + '</a></td>\
<td style="text-align: center;">--</td>\
<td class="text-right"><a class="btlink" onclick="ipBlack()">设置</a></td>\
</tr>\
<tr>\
<td>其它</td><td>'+ rdata.other.ps + '</td><td>--</td>\
<td style="text-align: center;">--</td>\
<td class="text-right"><a class="btlink" href="javascript:;" onclick="onlineEditFile(0,\''+rdata['reqfile_path']+'/other.html\')">响应内容</a></td>\
</tr>\
</tbody>\
</table>\
</div>';
con += '<div style="width:645px;margin-top:10px;"><ul class="help-info-text c7">\
<li>继承: 全局设置将在站点配置中自动继承为默认值</li>\
<li>优先级: IP白名单>IP黑名单>URL白名单>URL黑名单>CC防御>禁止国外IP访问>User-Agent>URI过滤>URL参数>Cookie>POST</li>\
</ul></div>';
$(".soft-man-con").html(con);
});
}
//返回css
function back_css(v) {
if (v > 0) {
return 'tipsval'
}
else {
return 'tipsval tipsvalnull'
}
}
//查看网站日志
function siteWafLog(siteName) {
var loadT = layer.msg('正在处理,请稍候..', { icon: 16, time: 0 });
owPost('get_logs_list', { siteName: siteName } , function (data) {
var tmp = $.parseJSON(data.data);
var rdata = tmp.data;
var selectLogDay = "";
var day = rdata[0];
for (var i = 0; i < rdata.length; i++) {
selectLogDay += '<option value="' + rdata[i] + '">' + rdata[i] + '</option>';
}
if (rdata == "") {
layer.msg("暂无日志记录", { icon: 6, shade: 0.3, time: 1000 });
return
}
layer.open({
type: 1,
title: "日志【" + siteName + "】",
area: ['880px', '500px'],
closeBtn: 2,
shadeClose: false,
content: '<div class="lib-box pd15 lib-box-log">\
<div class="lib-con-title" style="height:40px"><select id="selectLogDay" class="bt-input-text" onchange="siteLogCon(\''+ siteName + '\',this.options[this.options.selectedIndex].value,1)">' + selectLogDay + '</select></div>\
<div class="lib-con">\
<div class="divtable">\
<div id="site_waf_log" style="max-height:400px;overflow:auto;border:#ddd 1px solid">\
<table class="table table-hover" style="border:none;">\
<thead><tr><th width="150">时间</th><th width="120">用户IP</th><th width="70">类型</th><th>URI地址</th><th class="tdhide">User-Agent</th><th width="60">状态</th><th width="100">过滤器</th><th class="tdhide">过滤规则</th><th width="100" class="text-right">操作</th></tr></thead>\
<tbody id="LogDayCon"></tbody>\
</table>\
</div>\
</div>\
<div class="page pull-right" id="size_log_page" style="margin-top:10px"></div>\
</div>\
</div>'
});
siteLogCon(siteName, day, 1);
tableFixed("site_waf_log");
});
}
//日志内容
function siteLogCon(siteName, day, page) {
if (!page) page = 1;
var last = page - 1;
var next = page + 1;
var pagehtml = '';
$("#site_waf_log").scrollTop(0);
owPost('get_safe_logs', { siteName: siteName, toDate: day, p: page }, function(data){
var tmp = $.parseJSON(data.data);
if (!tmp.status){
layer.msg(rdata.msg, { icon: rdata.status ? 1 : 2 });
return;
}
var rdata = tmp.data;
var con = '';
for (var i = 0; i < rdata.length; i++) {
con += '<tr>\
<td class="td0">'+ escapeHTML(rdata[i][0]) + '</td>\
<td class="td1"><a class="btlink" href="javascript:add_log_ip_black(\''+ escapeHTML(rdata[i][1]) + '\');" title="加入黑名单">' + escapeHTML(rdata[i][1]) + '</a></td>\
<td class="td2">'+ escapeHTML(rdata[i][2]) + '</td>\
<td class="td3"><span class="td3txt">'+ escapeHTML(rdata[i][3]) + '</span></td>\
<td class="tdhide td4">'+ escapeHTML(rdata[i][4]) + '</td><td>已拦截</td>\
<td class="td5"><span class="filtertext">'+ escapeHTML(rdata[i][5]) + '</span></td>\
<td class="tdhide td6">'+ escapeHTML(rdata[i][6]) + '</td>\
<td class="text-right"><a href="javascript:;" class="btlink submit_msg" data-index="'+ i +'">误报</a> | <a href="javascript:;" class="btlink btwaf_details" data-index="'+ i +'">详细</a></td>\
</tr>'
}
$("#LogDayCon").html(con);
pagehtml = '<a class="Pstart" onclick="site_log_con(\'' + siteName + '\',\'' + day + '\',1)">首页</a><a class="prevPage" onclick="site_log_con(\'' + siteName + '\',\'' + day + '\',' + last + ')">上一页</a><a class="nextPage" onclick="site_log_con(\'' + siteName + '\',\'' + day + '\',' + next + ')">下一页</a><a class="Pcount">第 ' + page + ' 页</a>';
$("#size_log_page").html(pagehtml);
if (rdata.length < 1) $(".nextPage").hide();
if (last < 1) $(".prevPage").hide();
// 发送误报请求
$(".submit_msg").click(function () {
var _this = $(this);
var res = rdata[$(this).attr('data-index')];
layer.confirm('是否确定提交误报反馈?', { title: '误报反馈',closeBtn:2,icon:3}, function () {
var url_address = res[3];
var rule_arry = res[6].split(" &gt;&gt; ");
var pdata = { url_rule: url_address };
var loadT = layer.msg('正在添加URL白名单..', { icon: 16, time: 0 });
$.post('/plugin?action=a&name=btwaf&s=add_url_white', pdata, function (rdata) {
layer.msg(rdata.msg, { icon: rdata.status ? 1 : 2 });
layer.close(loadT);
if (rule_arry[1] != undefined){ $.get('https://www.bt.cn/Api/add_waf_logs?data=' + rule_arry[1],function(rdata){},'jsonp')}
});
});
})
// 详情
$(".btwaf_details").click(function () {
var res = rdata[$(this).attr('data-index')];
var time = res[0]; //时间
var ip_address = res[1]; //IP地址
var req_type = res[2]; // 请求类型
var url_address = res[3]; // 请求类型
var user_agent = res[4]; // 请求类型
var filters = res[5]; //过滤器
var filter_rule = ''; //过滤规则
var rule_arry = res[6].split(" &gt;&gt; ");
var incoming_value = '',risk_value = ''; //传入值,风险值
if(rule_arry.length == 0) filter_rule = rule_arry[0]
incoming_value = rule_arry[1] == undefined?'空':rule_arry[1];
risk_value = incoming_value.match(new RegExp(rule_arry[0].replace(/\//g,'\\/'),'i'));
risk_value = risk_value?risk_value[0]:'空';
layer.open({
type: 1,
title: time + "详情",
area: '600px',
closeBtn: 2,
shadeClose: false,
content: '<div class="pd15 lib-box">\
<table class="table" style="border:#ddd 1px solid; margin-bottom:10px">\
<tbody><tr><th>时间</th><td>'+ escapeHTML(time) + '</td><th>用户IP</th><td><a class="btlink" href="javascript:add_log_ip_black(\'' + escapeHTML(ip_address) + '\')" title="加入黑名单">' + escapeHTML(ip_address) + '</a></td></tr><tr><th>类型</th><td>' + escapeHTML(req_type) + '</td><th>过滤器</th><td>' + escapeHTML(filters) + '</td></tr></tbody></table>\
<div><b style="margin-left:10px">URI地址</b></div>\
<div class="lib-con pull-left mt10"><div class="divpre">'+ escapeHTML(url_address) + '</div></div>\
<div><b style="margin-left:10px">User-Agent</b></div>\
<div class="lib-con pull-left mt10"><div class="divpre">'+ escapeHTML(user_agent) + '</div></div>\
<div><b style="margin-left:10px">过滤规则</b></div>\
<div class="lib-con pull-left mt10"><div class="divpre">'+ escapeHTML(rule_arry[0]) + '</div></div>\
<div><b style="margin-left:10px">传入值</b></div>\
<div class="lib-con pull-left mt10"><div class="divpre">'+ escapeHTML(incoming_value) + '</div></div>\
<div><b style="margin-left:10px">风险值</b></div>\
<div class="lib-con pull-left mt10"><div class="divpre">'+ escapeHTML(risk_value) + '</div></div>\
</div>'
})
})
$("#LogDayCon td").click(function () {
$(this).parents("tr").addClass("active").siblings().removeClass("active");
});
});
}
function html_encode(value) {
return $('<div></div>').html(value).text();
}
function html_decode(value) {
return $('<div></div>').text(value).html();
}
//添加站点过滤规则
function addSiteRule(siteName, ruleName) {
var pdata = {
ruleValue: $("input[name='site_rule_value']").val(),
siteName: siteName,
ruleName: ruleName
}
if (pdata['ruleValue'] == '') {
layer.msg('过滤规则不能为空');
$("input[name='site_rule_value']").focus();
return;
}
owPost('add_site_rule', pdata, function(data){
var rdata = $.parseJSON(data.data);
layer.msg(rdata.msg, { icon: rdata.status ? 1 : 2 });
if (rdata.status) {
setTimeout(function(){
siteRuleAdmin(siteName, ruleName, 1);
},1000);
}
});
}
//删除站点过滤规则
function removeSiteRule(siteName, ruleName, index) {
var pdata = {
index: index,
siteName: siteName,
ruleName: ruleName
}
owPost('remove_site_rule', pdata, function(data){
var rdata = $.parseJSON(data.data);
layer.msg(rdata.msg, { icon: rdata.status ? 1 : 2 });
if (rdata.status) {
if (ruleName == 'url_tell') {
site_url_tell(siteName, 1);
return;
}
if (ruleName == 'url_rule') {
site_url_rule(siteName, 1);
return;
}
setTimeout(function(){
siteRuleAdmin(siteName, ruleName, 1);
},1000);
}
});
}
//网站规则管理
function siteRuleAdmin(siteName, ruleName, type) {
var placeho = '';
var ps = '';
var title = '';
switch (ruleName) {
case 'disable_php_path':
placeho = 'URI地址,支持正则表达式';
ps = '<li>此处请不要包含URI参数,一般针对目录URL,示例:/admin</li>'
title = '禁止运行PHP的URL地址'
break;
case 'disable_path':
placeho = 'URI地址,支持正则表达式';
ps = '<li>此处请不要包含URI参数,一般针对目录URL,示例:/admin</li>'
title = '禁止访问的URL地址'
break;
case 'disable_ext':
placeho = '扩展名,不包含点(.),示例:sql';
ps = '<li>直接填要被禁止访问的扩展名,如我希望禁止访问*.sql文件:sql</li>'
title = '禁止访问的扩展名'
break;
case 'disable_upload_ext':
placeho = '扩展名,不包含点(.),示例:sql';
ps = '<li>直接填要被禁止访问的扩展名,如我希望禁止上传*.php文件:php</li>'
title = '禁止上传的文件类型'
break;
}
if (type == undefined) {
create_l = layer.open({
type: 1,
title: "管理网站过滤规则【" + title + "】",
area: ['500px', '500px'],
closeBtn: 2,
shadeClose: false,
content: '<div class="pd15">\
<div style="border-bottom:#ccc 1px solid;margin-bottom:10px;padding-bottom:10px">\
<input class="bt-input-text" name="site_rule_value" type="text" value="" style="width:400px;margin-right:15px;margin-left:5px" placeholder="'+ placeho + '">\
<button class="btn btn-success btn-sm va0 pull-right" onclick="addSiteRule(\''+ siteName + '\',\'' + ruleName + '\');">添加</button>\</div>\
<div class="divtable">\
<div id="siteRuleAdmin" class="siteRuleAdmin" style="max-height:273px;overflow:auto;border:#ddd 1px solid">\
<table class="table table-hover" style="border:none">\
<thead>\
<tr>\
<th>规则</th>\
<th style="text-align: right;">操作</th>\
</tr>\
</thead>\
<tbody id="site_rule_admin_con" class="gztr"></tbody>\
</table>\
</div>\
</div>\
<ul class="help-info-text c7 ptb10">\
<li>除正则表达式语句外规则值对大小写不敏感,建议统一使用小写</li>'+ ps + '\
</ul></div>'
});
tableFixed("siteRuleAdmin");
}
owPost('get_site_rule', { siteName: siteName, ruleName: ruleName }, function(data){
var tmp = $.parseJSON(data.data);
var rdata = $.parseJSON(tmp.data);
var tbody = ''
for (var i = 0; i < rdata.length; i++) {
tbody += '<tr>\
<td>'+ rdata[i] + '</td>\
<td class="text-right"><a class="btlink" onclick="removeSiteRule(\''+ siteName + '\',\'' + ruleName + '\',' + i + ')">删除</a></td>\
</tr>'
}
$("#site_rule_admin_con").html(tbody);
});
}
//CDN-Header配置
function cdnHeader(siteName, type) {
if (type == undefined) {
create_l = layer.open({
type: 1,
title: "管理网站【" + siteName + "】CDN-Headers",
area: ['500px', '500px'],
closeBtn: 2,
shadeClose: false,
content: '<div class="pd15">\
<div style="border-bottom:#ccc 1px solid;margin-bottom:10px;padding-bottom:10px">\
<input class="bt-input-text" name="cdn_header_key" type="text" value="" style="width:400px;margin-right:15px;margin-left:5px" placeholder="header名称">\
<button class="btn btn-success btn-sm va0 pull-right" onclick="addCdnHeader(\''+ siteName + '\');">添加</button>\</div>\
<div class="divtable">\
<div id="cdnHeader" style="max-height:300px;overflow:auto;border:#ddd 1px solid">\
<table class="table table-hover" style="border:none">\
<thead>\
<tr>\
<th>header</th>\
<th style="text-align: right;">操作</th>\
</tr>\
</thead>\
<tbody id="cdn_header_con" class="gztr"></tbody>\
</table>\
</div>\
</div>\
<ul class="help-info-text c7 ptb10">\
<li>防火墙将尝试在以上header中获取客户IP</li>\
</ul></div>'
});
tableFixed("cdnHeader");
}
owPost('get_site_config_byname', { siteName: siteName }, function(data){
var tmp = $.parseJSON(data.data);
var t1 = tmp.data;
var rdata = t1['cdn_header'];
var tbody = ''
for (var i = 0; i < rdata.length; i++) {
tbody += '<tr>\
<td>'+ rdata[i] + '</td>\
<td class="text-right"><a class="btlink" onclick="removeCdnHeader(\''+ siteName + '\',\'' + rdata[i] + '\')">删除</a></td>\
</tr>'
}
$("#cdn_header_con").html(tbody);
});
}
//添加CDN-Header
function addCdnHeader(siteName) {
var pdata = {
cdn_header: $("input[name='cdn_header_key']").val(),
siteName: siteName
}
if (pdata['cdn_header'] == '') {
layer.msg('header不能为空');
$("input[name='cdn_header_key']").focus();
return;
}
owPost('add_site_cdn_header', pdata, function(data){
var rdata = $.parseJSON(data);
layer.msg(rdata.msg, { icon: rdata.status ? 1 : 2 });
if (rdata.status) {
setTimeout(function(){
cdnHeader(siteName, 1);
},1000);
}
});
}
//删除CDN-Header
function removeCdnHeader(siteName, cdn_header_key) {
owPost('remove_site_cdn_header', { siteName: siteName, cdn_header: cdn_header_key }, function(data){
var rdata = $.parseJSON(data.data);
layer.msg(rdata.msg, { icon: rdata.status ? 1 : 2 });
if (rdata.status) {
setTimeout(function(){
cdnHeader(siteName, 1);
},1000);
}
});
}
//设置网站防御功能
function setSiteObjState(siteName, obj) {
// var loadT = layer.msg('正在处理,请稍候..', { icon: 16, time: 0 });
owPost('set_site_obj_open', { siteName: siteName, obj: obj } , function(data){
var rdata = $.parseJSON(data.data);
layer.msg(rdata.msg, { icon: rdata.status ? 1 : 2 });
setTimeout(function(){
siteWafConfig(siteName, 1);
// siteConfig();
},1000);
});
// $.post('/plugin?action=a&name=btwaf&s=set_site_obj_open', { siteName: siteName, obj: obj }, function (rdata) {
// layer.close(loadT);
// site_waf_config(siteName, 1);
// siteconfig();
// layer.msg(rdata.msg, { icon: rdata.status ? 1 : 2 });
// });
}
//网站规则设置
function setSiteObjConf(siteName, ruleName, type) {
if (type == undefined) {
create_l = layer.open({
type: 1,
title: "编辑网站【" + siteName + "】规则【" + ruleName + "】",
area: ['700px', '530px'],
closeBtn: 2,
shadeClose: false,
content: '<div class="pd15">\
<div class="divtable">\
<div id="SetSiteObjConf" class="table_head_fix" style="max-height:375px;overflow:auto;border:#ddd 1px solid">\
<table class="table table-hover" style="border:none">\
<thead>\
<tr>\
<th width="450">规则</th>\
<th>说明</th>\
<th style="text-align: right;">状态</th>\
</tr>\
</thead>\
<tbody id="set_site_obj_conf_con" class="gztr"></tbody>\
</table>\
</div>\
</div>\
<ul class="help-info-text c7 ptb10">\
<li>此处继承全局设置中已启用的规则</li>\
<li>此处的设置仅对当前站点有效</li>\
</ul></div>'
});
tableFixed("SetSiteObjConf");
}
getRuleByName(ruleName, function(data){
var tmp = $.parseJSON(data.data);
var rdata = $.parseJSON(tmp.data);
var tbody = '';
var tbody = '';
for (var i = 0; i < rdata.length; i++) {
if (rdata[i][0] == -1) continue;
tbody += '<tr>\
<td>'+ rdata[i][1] + '</td>\
<td>'+ rdata[i][2] + '</td>\
<td style="text-align: right;">\
<div class="pull-right"><input class="btswitch btswitch-ios" id="close_'+ i + '" type="checkbox" ' + (rdata[i][0] ? 'checked' : '') + '>\
<label class="btswitch-btn" for="close_'+ i + '" style="width:2em;height:1.2em;margin-bottom: 0" for="closeua_' + i + '" onclick="set_site_rule_state(\'' + siteName + '\',\'' + ruleName + '\',' + i + ')"></label></div>\
</td>\
</tr>'
}
$("#set_site_obj_conf_con").html(tbody)
});
}
//网站设置
function siteWafConfig(siteName, type) {
if (type == undefined) {
create_2 = layer.open({
type: 1,
title: "网站配置【" + siteName + "】",
area: ['700px', '500px'],
closeBtn: 2,
shadeClose: false,
content: '<div id="s_w_c"></div>'
});
}
owPost('get_site_config_byname', { siteName: siteName }, function(data){
var tmp = $.parseJSON(data.data);
var rdata = tmp.data;
nginx_config = rdata;
var con = '<div class="pd15">\
<div class="lib-con-title">\
<span>网站防火墙开关</span>\
<div class="ssh-item" style="margin-right:20px;">\
<input class="btswitch btswitch-ios" id="closewaf_open" type="checkbox" '+ (rdata.open ? 'checked' : '') + '>\
<label class="btswitch-btn" for="closewaf_open" onclick="setSiteObjState(\''+ siteName + '\',\'open\')" style="width:2.4em;height:1.4em;margin-bottom: 0"></label>\
</div>\
</div>\
<div class="lib-con">\
<div class="divtable">\
<table class="table table-hover waftable">\
<thead>\
<tr>\
<th>名称</th>\
<th>描述</th>\
<th width="80">状态</th>\
<th style="text-align: right;">操作</th>\
</tr>\
</thead>\
<tbody>\
<tr>\
<td>CC防御</td>\
<td><font style="color:red;">'+ rdata.cc.cycle + '</font> 秒内,请求同一URI累计超过 <font style="color:red;">' + rdata.cc.limit + '</font> 次,封锁IP <font style="color:red;">' + rdata.cc.endtime + '</font> 秒</td>\
<td>\
<div class="ssh-item" style="margin-left:0">\
<input class="btswitch btswitch-ios" id="closecc" type="checkbox" '+ (rdata.cc.open ? 'checked' : '') + '>\
<label class="btswitch-btn" for="closecc" onclick="setSiteObjState(\''+ siteName + '\',\'cc\')"></label>\
</div>\
</td>\
<td class="text-right"><a class="btlink" onclick="setCcRule('+ rdata.cc.cycle + ',' + rdata.cc.limit + ',' + rdata.cc.endtime + ',\'' + siteName + '\',' + rdata.cc.increase + ')">设置</a></td>\
</tr>\
<tr>\
<td>恶意容忍设置</td>\
<td><font style="color:red;">'+ rdata.retry.retry_cycle + '</font> 秒内,累计超过 <font style="color:red;">' + rdata.retry.retry + '</font> 次恶意请求,封锁IP <font style="color:red;">' + rdata.retry.retry_time + '</font> 秒</td>\
<td style="text-align: left;">&nbsp;&nbsp;--</td>\
<td class="text-right"><a class="btlink" onclick="setRetry('+ rdata.retry.retry_cycle + ',' + rdata.retry.retry + ',' + rdata.retry.retry_time + ',\'' + siteName + '\')">设置</a></td>\
</tr>\
<tr>\
<td>GET-URI过滤</td>\
<td>'+ rdata.get.ps + '</td>\
<td>\
<div class="ssh-item" style="margin-left:0">\
<input class="btswitch btswitch-ios" id="closeget" type="checkbox" '+ (rdata.get ? 'checked' : '') + '>\
<label class="btswitch-btn" for="closeget" onclick="setSiteObjState(\''+ siteName + '\',\'get\')"></label>\
</div>\
</td>\
<td class="text-right"><a class="btlink" onclick="setSiteObjConf(\''+ siteName + '\',\'url\')">规则</a></td>\
</tr>\
<td>GET-参数过滤</td>\
<td>'+ rdata.get.ps + '</td>\
<td>\
<div class="ssh-item" style="margin-left:0">\
<input class="btswitch btswitch-ios" id="closeargs" type="checkbox" '+ (rdata.get ? 'checked' : '') + '>\
<label class="btswitch-btn" for="closeargs" onclick="setSiteObjState(\''+ siteName + '\',\'get\')"></label>\
</div>\
</td>\
<td class="text-right"><a class="btlink" onclick="setSiteObjConf(\''+ siteName + '\',\'args\')">规则</a></td>\
</tr>\
<tr>\
<td>POST过滤</td>\
<td>'+ rdata.post.ps + '</td>\
<td>\
<div class="ssh-item" style="margin-left:0">\
<input class="btswitch btswitch-ios" id="closepost" type="checkbox" '+ (rdata.post ? 'checked' : '') + '>\
<label class="btswitch-btn" for="closepost" onclick="setSiteObjState(\''+ siteName + '\',\'post\')"></label>\
</div>\
</td>\
<td class="text-right"><a class="btlink" onclick="setSiteObjConf(\''+ siteName + '\',\'post\')">规则</a></td>\
</tr>\
<tr>\
<td>User-Agent过滤</td>\
<td>'+ rdata['user-agent'].ps + '</td>\
<td>\
<div class="ssh-item" style="margin-left:0">\
<input class="btswitch btswitch-ios" id="closeua" type="checkbox" '+ (rdata['user-agent'] ? 'checked' : '') + '>\
<label class="btswitch-btn" for="closeua" onclick="setSiteObjState(\''+ siteName + '\',\'user-agent\')"></label>\
</div>\
</td>\
<td class="text-right"><a class="btlink" onclick="setSiteObjConf(\''+ siteName + '\',\'user_agent\')">规则</a></td>\
</tr>\
<tr>\
<td>Cookie过滤</td>\
<td>'+ rdata.cookie.ps + '</td>\
<td>\
<div class="ssh-item" style="margin-left:0">\
<input class="btswitch btswitch-ios" id="closecookie" type="checkbox" '+ (rdata.cookie ? 'checked' : '') + '>\
<label class="btswitch-btn" for="closecookie" onclick="setSiteObjState(\''+ siteName + '\',\'cookie\')"></label>\
</div>\
</td>\
<td class="text-right"><a class="btlink" onclick="setSiteObjConf(\''+ siteName + '\',\'cookie\')">规则</a></td>\
</tr>\
<tr>\
<td>常见扫描器</td><td>'+ rdata.scan.ps + '</td>\
<td>\
<div class="ssh-item" style="margin-left:0">\
<input class="btswitch btswitch-ios" id="closescan" type="checkbox" '+ (rdata.scan ? 'checked' : '') + '>\
<label class="btswitch-btn" for="closescan" onclick="setSiteObjState(\''+ siteName + '\',\'scan\')"></label>\
</div>\
</td>\
<td class="text-right"><a class="btlink" onclick="scanRule()">设置</a></td>\
</tr>\
<tr>\
<td>使用CDN</td>\
<td>该站点使用了CDN,启用后方可正确获取客户IP</td>\
<td>\
<div class="ssh-item" style="margin-left:0">\
<input class="btswitch btswitch-ios" id="closecdn" type="checkbox" '+ (rdata.cdn ? 'checked' : '') + '>\
<label class="btswitch-btn" for="closecdn" onclick="setSiteObjState(\''+ siteName + '\',\'cdn\')"></label>\
</div>\
</td>\
<td class="text-right"><a class="btlink" onclick="cdnHeader(\''+ siteName + '\')">设置</a></td>\
</tr>\
<tr>\
<td>禁止扩展名</td>\
<td>禁止访问指定扩展名</td>\
<td style="text-align: left;">&nbsp;&nbsp;--</td>\
<td class="text-right"><a class="btlink" onclick="siteRuleAdmin(\''+ siteName + '\',\'disable_ext\')">设置</a></td>\
</tr>\
<tr>\
<td>禁止上传的文件类型</td>\
<td>禁止上传指定的文件类型</td>\
<td style="text-align: left;">&nbsp;&nbsp;--</td>\
<td class="text-right"><a class="btlink" onclick="siteRuleAdmin(\''+ siteName + '\',\'disable_upload_ext\')">设置</a></td>\
</tr>\
</tbody>\
</table>\
</div>\
</div>\
<ul class="help-info-text c7">\
<li>注意: 此处大部分配置,仅对当前站点有效!</li>\
</ul>\
</div>';
$("#s_w_c").html(con);
});
}
function wafSite(){
owPost('get_site_config', {}, function(data){
var tmp = $.parseJSON(data.data);
var rdata = $.parseJSON(tmp.data);
var tbody = '';
var i = 0;
$.each(rdata, function (k, v) {
i += 1;
tbody += '<tr>\
<td><a onclick="siteWafConfig(\''+ k + '\')" class="sitename btlink" title="' + k + '">' + k + '</a></td>\
<td>\
<input onclick="setSiteObjState(\''+ k + '\',\'get\')" type="checkbox" ' + (v.get ? 'checked' : '') + '><span class="' + back_css(v.total[1].value) + '" title="拦截GET渗透次数:' + v.total[1].value + '">' + v.total[1].value + '</span>\
</td>\
<td>\
<input onclick="setSiteObjState(\''+ k + '\',\'post\')" type="checkbox" ' + (v.post ? 'checked' : '') + '><span class="' + back_css(v.total[0].value) + '" title="拦截POST渗透次数:' + v.total[0].value + '">' + v.total[0].value + '</span>\
</td>\
<td>\
<input onclick="setSiteObjState(\''+ k + '\',\'user-agent\')" type="checkbox" ' + (v['user-agent'] ? 'checked' : '') + '><span class="' + back_css(v.total[3].value) + '" title="拦截恶意User-Agent次数:' + v.total[3].value + '">' + v.total[3].value + '</span>\
</td>\
<td>\
<input onclick="setSiteObjState(\''+ k + '\',\'cookie\')" type="checkbox" ' + (v.cookie ? 'checked' : '') + '><span class="' + back_css(v.total[4].value) + '" title="拦截Cookie渗透次数:' + v.total[4].value + '">' + v.total[4].value + '</span>\
</td>\
<td>\
<input onclick="setSiteObjState(\''+ k + '\',\'cdn\')" type="checkbox" ' + (v.cdn ? 'checked' : '') + '>\
</td>\
<td>\
<input onclick="setSiteObjState(\''+ k + '\',\'cc\')" type="checkbox" ' + (v.cc.open ? 'checked' : '') + '><span class="' + back_css(v.total[2].value) + '" title="拦截CC攻击次数:' + v.total[2].value + '">' + v.total[2].value + '</span>\
</td>\
<td>\
<div class="ssh-item" style="margin-left:0">\
<input class="btswitch btswitch-ios" id="closeget_'+ i + '" type="checkbox" ' + (v.open ? 'checked' : '') + '>\
<label class="btswitch-btn" for="closeget_'+ i + '" onclick="setSiteObjState(\'' + k + '\',\'open\')"></label>\
</div>\
</td>\
<td class="text-right"><a onclick="siteWafLog(\''+ k + '\')" class="btlink ' + (v.log_size > 0 ? 'dot' : '') + '">日志</a> | <a onclick="siteWafConfig(\'' + k + '\')" class="btlink">设置</a></td>\
</tr>'
});
var con = '<div class="lib-box">\
<div class="lib-con">\
<div class="divtable">\
<div id="siteCon_fix" style="max-height:580px; overflow:auto;border:#ddd 1px solid">\
<table class="table table-hover waftable" style="border:none">\
<thead>\
<tr>\
<th>站点</th>\
<th>GET</th>\
<th>POST</th>\
<th>UA</th>\
<th>Cookie</th>\
<th title="这个网站使用了CDN或其它代理时请勾选">CDN</th>\
<th>CC防御</th>\
<th>状态</th>\
<th style="text-align: right;">操作</th>\
</tr>\
</thead>\
<tbody>'+ tbody + '</tbody>\
</table>\
</div>\
</div>\
</div>\
</div>';
$(".soft-man-con").html(con);
tableFixed("siteCon_fix");
});
}
function wafHistory(){
var con = '<button class="btn btn-success btn-sm" onclick="UncoverAll()">解封所有</button>';
con += '<div class="divtable mt10">\
<table class="table table-hover waftable" style="color:#fff;">\
<thead><tr><th width="18%">开始时间</th>\
<th width="44%">IP</th>\
<th width="10%">站点</th>\
<th width="10%">封锁原因</th>\
<th width="10%">封锁时长</th>\
<th style="text-align: center;" width="10%">状态</th>\
</thead>\
</table>\
</div>';
$(".soft-man-con").html(con);
}
function wafLogs(){
var con = '<div class="divtable">\
<table class="table table-hover waftable" style="color:#fff;">\
<thead><tr><th width="18%">名称</th>\
<th width="44%">描述</th>\
<th width="10%">响应</th>\
<th style="text-align: center;" width="10%">状态</th>\
<th style="text-align: right;">操作</th></tr>\
</thead>\
</table>\
</div>';
$(".soft-man-con").html(con);
}