Commit abd1f236 by Joneq

完成url包含和正则匹配判断,完成时间段header判断

parent 4f5da803
Showing with 39 additions and 2 deletions
...@@ -49,7 +49,30 @@ end ...@@ -49,7 +49,30 @@ end
-------黑名单Url -------黑名单Url
function _Wafcheck.BlackUrl(url,redis) function _Wafcheck.BlackUrl(url,redis)
local is_exist ,err = redis:sismember('ichunt_waf_black_url', url)
----local is_exist ,err = redis:sismember('ichunt_waf_black_url', url)
---- 20220722 去除原有是否存在判断,换成检验是否包含
local is_exist = 0
local allUrl = redis:smembers('ichunt_waf_black_url')
for k, v in pairs(allUrl) do
--查找包含了,就403
if v ~= nil and type(v) == 'string' and string.find (ngx.var.request_uri,v, 1) ~= nil then
is_exist = 1
break
end
--如果正则匹配到了,就403
local ismatch,err = string.match(ngx.var.request_uri, v)
if ismatch ~= nil then
is_exist = 1
break
end
end
if is_exist == 1 then if is_exist == 1 then
return "exist" return "exist"
end end
...@@ -59,9 +82,23 @@ end ...@@ -59,9 +82,23 @@ end
-------黑名单header -------黑名单header
function _Wafcheck.BlackHeader(header,redis) function _Wafcheck.BlackHeader(header,redis)
local is_exist ,err = redis:sismember('ichunt_waf_black_header', header) local is_exist ,err = redis:sismember('ichunt_waf_black_header', header)
if is_exist == 1 then if is_exist == 1 then
return "exist"
--如果有黑名单header的起始时间,则做时间范围判断,如果没有,就是以前的永久数据,直接屏蔽
local headerBlackBeginTimeKey = 'ichunt_waf_black_header_'..header..'_begin_time'
if red:get(headerBlackBeginTimeKey) == ngx.null then
return "exist"
end
--如果有时间限制,在时间范围内,就403
local headerBlackEndTimeKey = 'ichunt_waf_black_header_'..header..'_end_time'
if ngx.time() >= tonumber(red:get(headerBlackBeginTimeKey)) and ngx.time() <= tonumber(red:get(headerBlackEndTimeKey)) then
return "exist"
end
end end
return "continue" return "continue"
end end
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or sign in to comment