From 1b4dc7cbd3a1e50081ec400b6d5ff61d8f4d4b3a Mon Sep 17 00:00:00 2001
From: "lj2007331@gmail.com" <lj2007331@gmail.com>
Date: Wed, 27 Jun 2018 11:21:37 +0800
Subject: [PATCH] Add test write function

---
 init.lua         |  4 +++-
 lib.lua          | 14 +++++++++++++-
 wafconf/blackurl |  2 +-
 wafconf/whiteurl |  5 +++--
 4 files changed, 20 insertions(+), 5 deletions(-)

diff --git a/init.lua b/init.lua
index 921d2e5..94c7721 100644
--- a/init.lua
+++ b/init.lua
@@ -60,13 +60,15 @@ end
 function cc_attack_check()
     if config_cc_check == "on" then
         local USER_AGENT = get_user_agent()
-        local ATTACK_URL = ngx.var.host .. ngx.var.request_uri
+        --local ATTACK_URL = ngx.var.host .. ngx.var.request_uri
+        local ATTACK_URL = ngx.var.host .. ngx.var.uri
         local CC_TOKEN = get_client_ip() .. "." .. ngx.md5(ATTACK_URL .. USER_AGENT)
         local limit = ngx.shared.limit
         local CCcount=tonumber(string.match(config_cc_rate,'(.*)/'))
         local CCseconds=tonumber(string.match(config_cc_rate,'/(.*)'))
         local req,_ = limit:get(CC_TOKEN)
         if req then
+            --write('/data/wwwlogs/info.log',CC_TOKEN ..'\t'.. ATTACK_URL .. '\t'.. 'req: ' .. req .. "\n")
             if req > CCcount then
                 log_record('CC_Attack',ngx.var.request_uri,"-","-")
                 if config_waf_enable == "on" then
diff --git a/lib.lua b/lib.lua
index b30e3db..c61c393 100644
--- a/lib.lua
+++ b/lib.lua
@@ -48,7 +48,7 @@ function log_record(method,url,data,ruletag)
     local LOG_PATH = config_log_dir
     local CLIENT_IP = get_client_ip()
     local USER_AGENT = get_user_agent()
-    local SERVER_NAME = ngx.var.host 
+    local SERVER_NAME = ngx.var.host
     local LOCAL_TIME = ngx.localtime()
     local log_json_obj = {
                  client_ip = CLIENT_IP,
@@ -71,6 +71,18 @@ function log_record(method,url,data,ruletag)
     file:close()
 end
 
+--test log
+function write(logfile, msg)
+    local fd,err = io.open(logfile,"a+")
+    if fd == nil then
+        ngx.log(ngx.ERR,"writefile msg : "..msg,err)
+        return
+    end
+    fd:write(msg)
+    fd:flush()
+    fd:close()
+end
+
 --WAF return
 function waf_output()
     if config_waf_output == "redirect" then
diff --git a/wafconf/blackurl b/wafconf/blackurl
index 0eccfec..4cf0a99 100644
--- a/wafconf/blackurl
+++ b/wafconf/blackurl
@@ -1,6 +1,6 @@
 \.(htaccess|bash_history)
 \.(bak|inc|old|mdb|sql|backup|java|class|tgz|gz|tar|zip)$
-(phpmyadmin|jmx-console|admin-console|jmxinvokerservlet)
+(jmx-console|admin-console|jmxinvokerservlet)
 java\.lang
 \.svn\/
 /(attachments|upimg|images|css|uploadfiles|html|uploads|templets|static|template|data|inc|forumdata|upload|includes|cache|avatar)/(\\w+).(php|jsp)
diff --git a/wafconf/whiteurl b/wafconf/whiteurl
index 00b54a5..b1eb0f1 100644
--- a/wafconf/whiteurl
+++ b/wafconf/whiteurl
@@ -1,2 +1,3 @@
-\.(js|css)$
-\.(gif|jpg|jpeg|png|bmp|swf|flv|mp4|ico)$
+\.(js|css)
+\.(gif|jpg|jpeg|png|bmp|swf|flv|mp4|ico)
+403\.html