github
/
ngx_lua_waf_oneinstack
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

[fix] Update lib.lua

pull/13/head
oneinstack 2020-03-14 16:47:46 +08:00
parent 6115198406
commit ae2e365496
3 changed files with 25 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
access.lua
View File

@ -16,7 +16,7 @@ local function waf_main()
elseif cookie_attack_check() then elseif cookie_attack_check() then
elseif url_attack_check() then elseif url_attack_check() then
elseif url_args_attack_check() then elseif url_args_attack_check() then
elseif post_attack_check() then -- elseif post_attack_check() then
else else
return return
end end

10
init.lua
View File

@ -160,6 +160,8 @@ function url_args_attack_check()
for key, val in pairs(REQ_ARGS) do for key, val in pairs(REQ_ARGS) do
if type(val) == "table" then if type(val) == "table" then
ARGS_DATA = string.lower(table.concat(val, " ")) ARGS_DATA = string.lower(table.concat(val, " "))
elseif type(val) == "boolean" then
ARGS_DATA = nil
else else
ARGS_DATA = string.lower(val) ARGS_DATA = string.lower(val)
end end
@ -198,7 +200,7 @@ end
-- deny post -- deny post
function post_attack_check() function post_attack_check()
if config_post_check == "on" then if config_post_check == "on" and ngx.var.request_method == "POST" then
local POST_RULES = get_rule("post") local POST_RULES = get_rule("post")
for _,rule in pairs(POST_RULES) do for _,rule in pairs(POST_RULES) do
-- local REQ_POST = ngx.req.get_post_args() -- local REQ_POST = ngx.req.get_post_args()
@ -206,17 +208,19 @@ function post_attack_check()
if err == "truncated" then if err == "truncated" then
log_record("Deny_POST_Many",ngx.var.request_uri,"-",rule) log_record("Deny_POST_Many",ngx.var.request_uri,"-",rule)
if config_waf_enable == "on" then if config_waf_enable == "on" then
waf_output() waf_output()
return true return true
end end
end end
for key, val in pairs(REQ_POST) do for key, val in pairs(REQ_POST) do
if type(val) == "table" then if type(val) == "table" then
POST_DATA = string.lower(table.concat(val, " ")) POST_DATA = string.lower(table.concat(val, " "))
elseif type(val) == "boolean" then
POST_DATA = nil
else else
POST_DATA = string.lower(val) POST_DATA = string.lower(val)
end end
if POST_DATA and type(POST_DATA) ~= "boolean" and rule ~="" and rulematch(unescape(POST_DATA),string.lower(rule),"jo") then if POST_DATA and rule ~="" and rulematch(unescape(POST_DATA),string.lower(rule),"jo") then
log_record("Deny_POST",ngx.var.request_uri,"-",rule) log_record("Deny_POST",ngx.var.request_uri,"-",rule)
if config_waf_enable == "on" then if config_waf_enable == "on" then
waf_output() waf_output()

24
lib.lua
View File

@ -72,15 +72,25 @@ function log_record(method,url,data,ruletag)
end end
-- test log -- test log
function write(logfile, msg) function test_log_record(data)
local fd,err = io.open(logfile,"a+") local cjson = require("cjson")
if fd == nil then local io = require "io"
ngx.log(ngx.ERR,"writefile msg : "..msg,err) local LOG_PATH = config_log_dir
local CLIENT_IP = get_client_ip()
local LOCAL_TIME = ngx.localtime()
local log_json_obj = {
client_ip = CLIENT_IP,
req_data = data,
}
local LOG_LINE = cjson.encode(log_json_obj)
local LOG_NAME = LOG_PATH..'/'.."test.log"
local file = io.open(LOG_NAME,"a")
if file == nil then
return return
end end
fd:write(msg) file:write(LOG_LINE.."\n")
fd:flush() file:flush()
fd:close() file:close()
end end
-- WAF return -- WAF return