Skip to content
Toggle navigation
P
Projects
G
Groups
S
Snippets
Help
CnChunfeng
/
ichunt_lua_waf
This project
Loading...
Sign in
Toggle navigation
Go to a project
Project
Repository
Issues
0
Merge Requests
0
Pipelines
Wiki
Snippets
Settings
Activity
Graph
Charts
Create a new issue
Jobs
Commits
Issue Boards
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Charts
Commit
cdd4c698
authored
Oct 19, 2020
by
Joneq
Browse files
Options
_('Browse Files')
Download
Email Patches
Plain Diff
修改代码
parent
944f98de
Hide whitespace changes
Inline
Side-by-side
Showing
5 changed files
with
11 additions
and
10 deletions
localstring.lua
redirect.lua
reqhandle.lua
waf.lua
wafcheck.lua
localstring.lua
View file @
cdd4c698
...
@@ -7,7 +7,7 @@ local _Lstring= {}
...
@@ -7,7 +7,7 @@ local _Lstring= {}
--------切分字符串
--------切分字符串
function
_Lstring
.
Split
(
s
elf
,
s
zFullString
,
szSeparator
)
function
_Lstring
.
Split
(
szFullString
,
szSeparator
)
local
nFindStartIndex
=
1
local
nFindStartIndex
=
1
local
nSplitIndex
=
1
local
nSplitIndex
=
1
local
nSplitArray
=
{}
local
nSplitArray
=
{}
...
...
redirect.lua
View file @
cdd4c698
...
@@ -7,7 +7,7 @@ local _ReM = {}
...
@@ -7,7 +7,7 @@ local _ReM = {}
------跳转到google验证页面
------跳转到google验证页面
function
_ReM
.
checkgoogle
(
self
)
function
_ReM
.
checkgoogle
()
source_url
=
ngx
.
encode_base64
(
ngx
.
var
.
scheme
..
'://'
..
source_url
=
ngx
.
encode_base64
(
ngx
.
var
.
scheme
..
'://'
..
ngx
.
var
.
host
..
':'
..
ngx
.
var
.
server_port
..
ngx
.
var
.
request_uri
)
ngx
.
var
.
host
..
':'
..
ngx
.
var
.
server_port
..
ngx
.
var
.
request_uri
)
dest
=
'http://passport.ichunt.com/static/login.html'
..
'?continue='
..
source_url
dest
=
'http://passport.ichunt.com/static/login.html'
..
'?continue='
..
source_url
...
...
reqhandle.lua
View file @
cdd4c698
...
@@ -7,7 +7,7 @@ local _Reqhandle= {}
...
@@ -7,7 +7,7 @@ local _Reqhandle= {}
--------去除一些网站自己的白名单
--------去除一些网站自己的白名单
function
_Reqhandle
.
Selfwhiteurl
(
self
)
function
_Reqhandle
.
Selfwhiteurl
()
local
l_str
=
string.reverse
(
ngx
.
var
.
request_uri
)
local
l_str
=
string.reverse
(
ngx
.
var
.
request_uri
)
local
l_a
,
l_b
=
string.find
(
l_str
,
'?'
)
local
l_a
,
l_b
=
string.find
(
l_str
,
'?'
)
...
@@ -40,7 +40,7 @@ end
...
@@ -40,7 +40,7 @@ end
--------获取真实ip
--------获取真实ip
function
_Reqhandle
.
GetRealIp
(
self
)
function
_Reqhandle
.
GetRealIp
()
if
tonumber
(
ngx
.
var
.
server_name_id
)
==
1
then
if
tonumber
(
ngx
.
var
.
server_name_id
)
==
1
then
user_ip
=
ngx
.
var
.
remote_addr
user_ip
=
ngx
.
var
.
remote_addr
...
...
waf.lua
View file @
cdd4c698
...
@@ -103,6 +103,7 @@ end
...
@@ -103,6 +103,7 @@ end
-- 黑名单存在直接302
-- 黑名单存在直接302
if
wafcheck
.
BlackIp
(
user_ip
)
==
'exist'
or
wafcheck
.
BlackUrl
(
temp_uri
)
==
'exist'
or
wafcheck
.
BlackHeader
(
user_ip
)
==
'exist'
then
if
wafcheck
.
BlackIp
(
user_ip
)
==
'exist'
or
wafcheck
.
BlackUrl
(
temp_uri
)
==
'exist'
or
wafcheck
.
BlackHeader
(
user_ip
)
==
'exist'
then
red
:
close
()
red
:
close
()
...
...
wafcheck.lua
View file @
cdd4c698
...
@@ -7,7 +7,7 @@ local _Wafcheck= {}
...
@@ -7,7 +7,7 @@ local _Wafcheck= {}
--------白名单ip-----------
--------白名单ip-----------
function
_Wafcheck
.
WhiteIp
(
self
,
user_ip
)
function
_Wafcheck
.
WhiteIp
(
user_ip
)
is_exist
,
err
=
red
:
sismember
(
'ichunt_waf_white_ip'
,
user_ip
)
is_exist
,
err
=
red
:
sismember
(
'ichunt_waf_white_ip'
,
user_ip
)
if
is_exist
==
1
then
if
is_exist
==
1
then
return
"exist"
return
"exist"
...
@@ -17,7 +17,7 @@ end
...
@@ -17,7 +17,7 @@ end
--------白名单url-----------
--------白名单url-----------
function
_Wafcheck
.
WhiteUrl
(
self
,
url
)
function
_Wafcheck
.
WhiteUrl
(
url
)
is_exist
,
err
=
red
:
sismember
(
'ichunt_waf_white_url'
,
url
)
is_exist
,
err
=
red
:
sismember
(
'ichunt_waf_white_url'
,
url
)
if
is_exist
==
1
then
if
is_exist
==
1
then
return
"exist"
return
"exist"
...
@@ -27,7 +27,7 @@ end
...
@@ -27,7 +27,7 @@ end
--------白名单header-----------
--------白名单header-----------
function
_Wafcheck
.
WhiteHeader
(
self
,
header
)
function
_Wafcheck
.
WhiteHeader
(
header
)
is_exist
,
err
=
red
:
sismember
(
'ichunt_waf_white_header'
,
header
)
is_exist
,
err
=
red
:
sismember
(
'ichunt_waf_white_header'
,
header
)
if
is_exist
==
1
then
if
is_exist
==
1
then
return
"exist"
return
"exist"
...
@@ -38,7 +38,7 @@ end
...
@@ -38,7 +38,7 @@ end
-------黑名单Ip
-------黑名单Ip
function
_Wafcheck
.
BlackIp
(
self
,
user_ip
)
function
_Wafcheck
.
BlackIp
(
user_ip
)
is_exist
,
err
=
red
:
sismember
(
'ichunt_waf_black_ip'
,
user_ip
)
is_exist
,
err
=
red
:
sismember
(
'ichunt_waf_black_ip'
,
user_ip
)
if
is_exist
==
1
then
if
is_exist
==
1
then
return
"exist"
return
"exist"
...
@@ -48,7 +48,7 @@ end
...
@@ -48,7 +48,7 @@ end
-------黑名单Url
-------黑名单Url
function
_Wafcheck
.
BlackUrl
(
self
,
url
)
function
_Wafcheck
.
BlackUrl
(
url
)
is_exist
,
err
=
red
:
sismember
(
'ichunt_waf_black_url'
,
url
)
is_exist
,
err
=
red
:
sismember
(
'ichunt_waf_black_url'
,
url
)
if
is_exist
==
1
then
if
is_exist
==
1
then
return
"exist"
return
"exist"
...
@@ -58,7 +58,7 @@ end
...
@@ -58,7 +58,7 @@ end
-------黑名单header
-------黑名单header
function
_Wafcheck
.
BlackHeader
(
self
,
header
)
function
_Wafcheck
.
BlackHeader
(
header
)
is_exist
,
err
=
red
:
sismember
(
'ichunt_waf_black_header'
,
header
)
is_exist
,
err
=
red
:
sismember
(
'ichunt_waf_black_header'
,
header
)
if
is_exist
==
1
then
if
is_exist
==
1
then
return
"exist"
return
"exist"
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment
