完成url包含和正则匹配判断，完成时间段header判断

abd1f236 · Joneq · 4f5da803 · abd1f236
Commit abd1f236 authored Jul 25, 2022 by Joneq
Showing with 39 additions and 2 deletions
wafcheck.lua
--- a/wafcheck.lua
+++ b/wafcheck.lua
@@ -49,7 +49,30 @@ end

 -------黑名单Url
 function _Wafcheck.BlackUrl(url,redis)
-    local is_exist ,err = redis:sismember('ichunt_waf_black_url', url)
+
+    ----local is_exist ,err = redis:sismember('ichunt_waf_black_url', url)
+    ---- 20220722 去除原有是否存在判断，换成检验是否包含
+    local is_exist = 0
+
+    local allUrl = redis:smembers('ichunt_waf_black_url')
+
+    for k, v in pairs(allUrl) do
+
+        --查找包含了，就403
+        if v ~= nil and type(v) == 'string' and string.find (ngx.var.request_uri,v, 1) ~= nil then
+            is_exist = 1
+            break
+        end
+
+        --如果正则匹配到了，就403
+        local ismatch,err = string.match(ngx.var.request_uri, v)
+        if ismatch ~= nil then
+            is_exist = 1
+            break
+        end
+	end
+    
+        
    if is_exist == 1 then
        return "exist"
    end
@@ -59,9 +82,23 @@ end

 -------黑名单header
 function _Wafcheck.BlackHeader(header,redis)
+
    local is_exist ,err = redis:sismember('ichunt_waf_black_header', header)
    if is_exist == 1 then
-        return "exist"
+        
+        --如果有黑名单header的起始时间，则做时间范围判断，如果没有，就是以前的永久数据，直接屏蔽
+        local headerBlackBeginTimeKey = 'ichunt_waf_black_header_'..header..'_begin_time'
+        
+        if red:get(headerBlackBeginTimeKey) == ngx.null then
+            return "exist"
+        end
+
+        --如果有时间限制，在时间范围内，就403
+        local headerBlackEndTimeKey = 'ichunt_waf_black_header_'..header..'_end_time'
+        if ngx.time() >= tonumber(red:get(headerBlackBeginTimeKey)) and ngx.time() <= tonumber(red:get(headerBlackEndTimeKey))  then
+            return "exist"
+        end
+
    end
    return "continue"
 end