robin/waf-platform
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 1 Wiki Activity

1.4.5.2

Browse Source
This commit is contained in:
unknown
2026-02-04 20:27:13 +08:00
commit 3b042d1dad
9410 changed files with 1488147 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

37
EdgeCommon/pkg/rpc/jsons/bit_size_capacity.md Normal file
View File

@@ -0,0 +1,37 @@
# 比特位尺寸
## 定义
~~~json
{
"count": "数量",
"unit": "单位"
}
~~~
其中:
* `数量` - 必须是一个整数数字
* `单位` - 有以下几个值:
* `b` - 比特
* `kb` - Kb
* `mb` - Mb
* `gb` - Gb
* `tb` - Tb
* `pb` - Pb
* `eb` - Eb
## 示例
100Mb
~~~
{
"count": 100,
"unit": "mb"
}
~~~
32Gb
~~~
{
"count": 32,
"unit": "gb"
}
~~~

39
EdgeCommon/pkg/rpc/jsons/hsts.md Normal file
View File

@@ -0,0 +1,39 @@
# HSTS
## 定义
~~~json
{
"isOn": "是否启用",
"maxAge": "最大有效期,单位秒",
"includeSubDomains": "可选项,是否包含子域名",
"preload": "可选项,是否预加载",
"domains": ["可选项支持的域名1", "可选项支持的域名2" ...]
}
~~~
其中:
* `maxAge` 可以填写一天86400秒或者更长时间
* 如果不填写 `domains` 则支持所有域名
## 示例
### 不限制任何域名
~~~json
{
"isOn": true,
"maxAge": 86400,
"includeSubDomains":false,
"preload":false,
"domains":[]
}
~~~
### 限制域名
~~~json
{
"isOn": true,
"maxAge": 86400,
"includeSubDomains":false,
"preload":false,
"domains":["example.com", "www.example.com"]
}
~~~

43
EdgeCommon/pkg/rpc/jsons/http_access_log_ref.md Normal file
View File

@@ -0,0 +1,43 @@
# 访问日志引用
## 定义
~~~json
{
"isPrior": "是否覆盖父级应用",
"isOn": "是否启用配置",
"fields": ["字段1", "字段2", ...] // 可以留空
"status1": "是否启用状态1xx",
"status2": "是否启用状态2xx",
"status3": "是否启用状态3xx",
"status4": "是否启用状态4xx",
"status5": "是否启用状态5xx",
"enableClientClosed": "是否记录客户端关闭事件",
"firewallOnly": "是否只记录防火墙WAF相关日志"
}
~~~
### 字段值
* `1` - 请求Header
* `2` - 响应Header
* `3` - 请求URL参数
* `4` - Cookie
* `5` - 扩展信息
* `6` - Referer
* `7` - UserAgent
* `8` - 请求Body
* `9` - 响应Body目前不支持
## 示例
~~~json
{
"isPrior": true,
"isOn": true,
"fields": [],
"status1": true,
"status2": true,
"status3": true,
"status4": true,
"status5": true,
"enableClientClosed": true,
"firewallOnly": true
}
~~~

123
EdgeCommon/pkg/rpc/jsons/http_cache_config.md Normal file
View File

@@ -0,0 +1,123 @@
# HTTP缓存配置
## 定义
~~~json
{
"isPrior": "是否覆盖上级配置",
"isOn": "是否启用配置",
"addStatusHeader": "是否增加命中状态HeaderX-Cache",
"addAgeHeader": "是否增加Age Header",
"enableCacheControlMaxAge": "是否支持Cache-Control: max-age=...",
"disablePolicyRefs": "是否停用策略中定义的条件",
"purgeIsOn": "是否允许使用Purge方法清理",
"purgeKey": "Purge时使用的X-Edge-Purge-Key",
"stale": "陈旧缓存使用策略",
"key": "主域名配置",
"cacheRefs": ["缓存条件1", "缓存条件2", ...]
}
~~~
其中:
* `缓存条件` - 参考 {json:http_cache_ref}
* `主域名配置` 参考本文“主域名”配置部分
## 示例
### 无缓存条件
~~~json
{
"isPrior": true,
"isOn": true,
"addStatusHeader": true,
"addAgeHeader": true,
"enableCacheControlMaxAge": true,
"disablePolicyRefs": false,
"purgeIsOn": false,
"purgeKey": "",
"stale": null,
"cacheRefs": []
}
~~~
### 加入缓存条件
~~~json
{
"isPrior": true,
"isOn": true,
"addStatusHeader": true,
"addAgeHeader": true,
"enableCacheControlMaxAge": true,
"disablePolicyRefs": false,
"purgeIsOn": false,
"purgeKey": "",
"stale": null,
"cacheRefs": [
{
"id": 0,
"isOn": true,
"key": "${scheme}://${host}${requestPath}${isArgs}${args}",
"life": {"count": 2, "unit": "hour"},
"status": [200],
"maxSize": {"count": 32, "unit": "mb"},
"minSize": {"count": 0, "unit": "kb"},
"skipCacheControlValues": ["private", "no-cache", "no-store"],
"skipSetCookie": true,
"enableRequestCachePragma": false,
"conds": {
"isOn": true,
"connector": "or",
"groups": [
{
"isOn": true,
"connector": "and",
"conds": [
{
"type": "url-extension",
"isRequest": true,
"param": "${requestPathLowerExtension}",
"operator": "in",
"value": "[\".css\",\".png\",\".js\",\".woff2\"]",
"isReverse": false,
"isCaseInsensitive": false,
"typeName": "URL扩展名"
}
],
"isReverse": false,
"description": ""
}
]
},
"allowChunkedEncoding": true,
"allowPartialContent": false,
"isReverse": false,
"methods": []
}
]
}
~~~
## 主域名配置
~~~json
{
"isOn": "true|false",
"scheme": "https|http",
"host": "域名,必须是当前网站已绑定的域名"
}
~~~
### 示例
#### 不使用主域名
~~~json
{
"isOn": false
}
~~~
#### 使用主域名
~~~json
{
"isOn": true,
"scheme": "https",
"host": "example.com"
}
~~~
如果启用主域名,则缓存键值中的域名会被自动换成主域名,清理缓存的时候也需要使用此主域名。

91
EdgeCommon/pkg/rpc/jsons/http_cache_ref.md Normal file
View File

@@ -0,0 +1,91 @@
# 缓存条件设置
## 定义
~~~json
{
"isOn": "是否启用配置",
"key": "每个缓存的Key规则里面可以有变量",
"life": "缓存时长",
"expiresTime": "客户端过期时间",
"status": ["缓存的状态码1", "缓存的状态码2", ...],
"minSize": "能够缓存的最小尺寸",
"maxSize": "能够缓存的最大尺寸",
"methods": ["支持的请求方法1", "支持的请求方法2", ...],
"skipCacheControlValues": "可以跳过的响应的Cache-Control值",
"skipSetCookie": "是否跳过响应的Set-Cookie Header",
"enableRequestCachePragma": "是否支持客户端的Pragma: no-cache",
"allowChunkedEncoding": "是否允许分片内容",
"allowPartialContent": "支持分段内容缓存",
"conds": "请求条件",
"isReverse": "是否为反向条件,反向条件的不缓存"
}
~~~
## 示例
~~~json
{
"isOn": true,
"key": "${scheme}://${host}${requestURI}",
"life": {
"count": 1,
"unit": "day"
},
"expiresTime": {
"isPrior": true,
"isOn": true,
"overwrite": true,
"autoCalculate": false,
"duration": {
"count": 1,
"unit": "day"
}
},
"status": [
200
],
"minSize": {
"count": 0,
"unit": "kb"
},
"maxSize": {
"count": 32,
"unit": "mb"
},
"methods": [],
"skipCacheControlValues": [
"private",
"no-cache",
"no-store"
],
"skipSetCookie": true,
"enableRequestCachePragma": false,
"allowChunkedEncoding": true,
"allowPartialContent": false,
"conds": {
"isOn": true,
"connector": "or",
"groups": [
{
"isOn": true,
"connector": "and",
"conds": [
{
"type": "url-extension",
"isRequest": true,
"param": "${requestPathLowerExtension}",
"operator": "in",
"value": "[\".css\",\".png\",\".js\",\".woff2\"]",
"isReverse": false,
"isCaseInsensitive": false,
"typeName": "URL扩展名"
}
],
"isReverse": false,
"description": ""
}
]
},
"cachePolicy": null,
"isReverse": false,
"id": 1
}
~~~

22
EdgeCommon/pkg/rpc/jsons/http_firewall_ref.md Normal file
View File

@@ -0,0 +1,22 @@
# HTTP防火墙即WAF引用
## 定义
~~~json
{
"isPrior": "是否覆盖上级配置",
"isOn": "是否启用配置",
"firewallPolicyId": "WAF策略ID",
"ignoreGlobalRules": "是否忽略系统定义的全局规则",
"defaultCaptchaType": "默认人机识别方式可以选none不设置、default默认、oneClick单击验证、slide滑动解锁、geetest极验"
}
~~~
## 示例
~~~json
{
"isPrior": true,
"isOn": true,
"firewallPolicyId": 123,
"ignoreGlobalRules": false,
"defaultCaptchaType": "none"
}
~~~

49
EdgeCommon/pkg/rpc/jsons/http_protocol.md Normal file
View File

@@ -0,0 +1,49 @@
# HTTP协议配置
## 定义
~~~json
{
"isOn": "是否启用",
"listen": [
{
"protocol": "协议",
"host": "主机地址,通常为空",
"portRange": "端口或者端口范围"
},
...
]
}
~~~
## 示例
### 监听80端口
~~~json
{
"isOn": true,
"listen": [
{
"protocol": "http",
"host": "",
"portRange": "80"
}
]
}
~~~
### 监听80和8080端口
~~~json
{
"isOn": true,
"listen": [
{
"protocol": "http",
"portRange": "80"
},
{
"protocol": "http",
"portRange": "8080"
}
]
}
~~~

31
EdgeCommon/pkg/rpc/jsons/http_remote_addr_config.md Normal file
View File

@@ -0,0 +1,31 @@
# HTTP获取客户端IP地址方式配置
## 定义
~~~json
{
"isPrior": "是否覆盖父级应用",
"isOn": "是否启用配置",
"value": "自定义值变量",
"isCustomized": "是否自定义"
}
~~~
## 示例
### 不启用自定义
~~~json
{
"isPrior": false,
"isOn": false,
"value": "",
"isCustomized": false
}
~~~
### 启用自定义
~~~json
{
"isPrior": true,
"isOn": true,
"value": "${remoteAddr}",
"isCustomized": true
}
~~~

16
EdgeCommon/pkg/rpc/jsons/http_stat_stat_ref.md Normal file
View File

@@ -0,0 +1,16 @@
# 统计引用
## 定义
~~~json
{
"isPrior": "是否覆盖父级配置",
"isOn": "是否启用配置"
}
~~~
## 示例
~~~json
{
"isPrior": true,
"isOn": true
}
~~~

21
EdgeCommon/pkg/rpc/jsons/http_websocket_ref.md Normal file
View File

@@ -0,0 +1,21 @@
# WebSocket引用
## 定义
~~~json
{
"isPrior": "是否覆盖上级配置true|false",
"isOn": "是否启用true|false",
"websocketId": "Websocket配置ID"
}
~~~
其中:
* `Websocket配置ID` - 需要调用 `HTTPWebsocketService.CreateHTTPWebsocketRequest()` 生成
## 示例
~~~json
{
"isPrior": true,
"isOn": true,
"websocketId": 123
}
~~~

67
EdgeCommon/pkg/rpc/jsons/https_protocol.md Normal file
View File

@@ -0,0 +1,67 @@
# HTTPS协议配置
## 定义
~~~json
{
"isOn": "是否启用",
"listen": [
{
"protocol": "协议",
"host": "主机地址,通常为空",
"portRange": "端口或者端口范围"
},
...
],
"sslPolicyRef": {
"isOn": "启用SSL策略",
"sslPolicyId": "SSL策略ID"
}
}
~~~
其中 `SSL策略ID` 通过 `/SSLPolicyService/createSSLPolicy` 接口创建。
## 示例
### 监听443端口
~~~json
{
"isOn": true,
"listen": [
{
"protocol": "https",
"host": "",
"portRange": "443"
}
],
"sslPolicyRef": {
"isOn": true,
"sslPolicyId": 123
}
}
~~~
其中SSL策略ID `123` 通过 `/SSLPolicyService/createSSLPolicy` 接口创建。
### 监听443和8443端口
~~~json
{
"isOn": true,
"listen": [
{
"protocol": "https",
"portRange": "443"
},
{
"protocol": "https",
"portRange": "8443"
}
],
"sslPolicyRef": {
"isOn": true,
"sslPolicyId": 123
}
}
~~~
其中SSL策略ID `123` 通过 `/SSLPolicyService/createSSLPolicy` 接口创建。

30
EdgeCommon/pkg/rpc/jsons/network_address.md Normal file
View File

@@ -0,0 +1,30 @@
# 网络地址定义
## 定义
~~~json
{
"protocol": "协议",
"host": "主机地址,通常为空",
"portRange": "端口或者端口范围"
}
~~~
## 示例
对于 `http://example.com`
~~~json
{
"protocol": "http",
"host": "example.com",
"portRange": "80"
}
~~~
对于 `https://example.com`
~~~json
{
"protocol": "https",
"host": "example.com",
"portRange": "443"
}
~~~

33
EdgeCommon/pkg/rpc/jsons/origin_refs.md Normal file
View File

@@ -0,0 +1,33 @@
# 源站引用列表
## 定义
~~~json
[
{
"isOn": "是否启用",
"originId": "源站ID 1"
},
{
"isOn": "是否启用",
"originId": "源站ID 2"
},
...
]
~~~
其中:
* `originId` - 源站ID可以通过 `/OriginService/createOrigin` 接口创建源站后获得
## 示例
~~~json
[
{
"isOn": true,
"originId": 1
},
{
"isOn": true,
"originId": 2,
}
]
~~~

19
EdgeCommon/pkg/rpc/jsons/reverse_proxy_ref.md Normal file
View File

@@ -0,0 +1,19 @@
# 反向代理引用
## 定义
~~~json
{
"isOn": "是否启用",
"isPrior": "是否覆盖上级配置,用于路由规则",
"reverseProxyId": "反向代理ID"
}
~~~
其中:
* `reverseProxyId` - 反向代理ID可以通过 `/ReverseProxyService/createReverseProxy` 创建
## 示例
~~~json
{
"isOn": true,
"reverseProxyId": 123
}
~~~

27
EdgeCommon/pkg/rpc/jsons/scheduling.md Normal file
View File

@@ -0,0 +1,27 @@
# 反向代理调度
## 定义
~~~json
{
"code": "调度方法代号",
"options": "调度选项"
}
~~~
其中:
* `code` 调度方法代号
* `random` - 随机
* `roundRobin` - 轮询
* `hash` - Hash算法
* `key` - 自定义Key可以使用请求变量比如 `${remoteAddr}`
* `sticky` - Sticky算法
* `type` - 类型cookie、header、argument
* `param` - 参数值
## 示例
~~~json
{
"code": "random",
"options": null
}
~~~

9
EdgeCommon/pkg/rpc/jsons/server_name.md Normal file
View File

@@ -0,0 +1,9 @@
# 域名信息
## 示例
~~~json
{
"name": "example.com",
"type": "full"
}
~~~

48
EdgeCommon/pkg/rpc/jsons/server_names.md Normal file
View File

@@ -0,0 +1,48 @@
# 域名信息列表
## 定义
~~~
[ 域名信息1, 域名信息2, ... ]
~~~
其中 `域名信息N` 等是单个域名信息定义,具体请参考 {json:server_name}
## 示例
### 示例1单个域名
~~~json
[
{
"name": "example.com",
"type": "full"
}
]
~~~
### 示例2多个域名
~~~json
[
{
"name": "example.com",
"type": "full"
},
{
"name": "google.com",
"type": "full"
},
{
"name": "facebook.com",
"type": "full"
}
]
~~~
### 示例3域名合集
域名合集效果跟多个域名是一样的,只不过在界面上以一个目录的形式呈现。
~~~json
[
{
"name": "",
"type": "full",
"subNames": ["example.com", "google.com", "facebook.com"]
}
]
~~~

37
EdgeCommon/pkg/rpc/jsons/size_capacity.md Normal file
View File

@@ -0,0 +1,37 @@
# 容量
## 定义
~~~json
{
"count": "数量",
"unit": "单位"
}
~~~
其中:
* `数量` - 必须是一个整数数字
* `单位` - 有以下几个值:
* `byte` - 字节
* `kb` - KB
* `mb` - MB
* `gb` - GB
* `tb` - TB
* `pb` - PB
* `eb` - EB
## 示例
100MB
~~~
{
"count": 100,
"unit": "mb"
}
~~~
32GB
~~~
{
"count": 32,
"unit": "gb"
}
~~~

35
EdgeCommon/pkg/rpc/jsons/ssl_cert_refs.md Normal file
View File

@@ -0,0 +1,35 @@
# SSL证书引用
可以用来引用一组证书。
## 定义
~~~json
[
{
"isOn": "是否启用",
"certId": "证书ID 1"
},
{
"isOn": "是否启用",
"certId": "证书ID 2"
},
...
]
~~~
## 示例
~~~json
[
{
"isOn": true,
"certId": 12345
},
{
"isOn": true,
"certId": 12346
}
]
~~~
其中:
* `certId` - 证书的ID

63
EdgeCommon/pkg/rpc/jsons/tcp_protocol.md Normal file
View File

@@ -0,0 +1,63 @@
# TCP协议配置
## 定义
~~~json
{
"isOn": "是否启用",
"listen": [
{
"protocol": "协议",
"host": "主机地址,通常为空",
"portRange": "端口或者端口范围"
},
...
]
}
~~~
## 示例
### 监听1234端口
~~~json
{
"isOn": true,
"listen": [
{
"protocol": "tcp",
"host": "",
"portRange": "1234"
}
]
}
~~~
### 监听1234和2345端口
~~~json
{
"isOn": true,
"listen": [
{
"protocol": "tcp",
"portRange": "1234"
},
{
"protocol": "tcp",
"portRange": "2345"
}
]
}
~~~
### 监听1234到1240之间的所有端口
~~~json
{
"isOn": true,
"listen": [
{
"protocol": "tcp",
"host": "",
"portRange": "1234-1240"
}
]
}
~~~

68
EdgeCommon/pkg/rpc/jsons/tls_protocol.md Normal file
View File

@@ -0,0 +1,68 @@
# TLS协议配置
## 定义
~~~json
{
"isOn": "是否启用",
"listen": [
{
"protocol": "协议",
"host": "主机地址,通常为空",
"portRange": "端口或者端口范围"
},
...
],
"sslPolicyRef": {
"isOn": "启用SSL策略",
"sslPolicyId": "SSL策略ID"
}
}
~~~
其中 `SSL策略ID` 通过 `/SSLPolicyService/createSSLPolicy` 接口创建。
## 示例
### 监听8443端口
~~~json
{
"isOn": true,
"listen": [
{
"protocol": "tls",
"host": "",
"portRange": "8443"
}
],
"sslPolicyRef": {
"isOn": true,
"sslPolicyId": 123
}
}
~~~
其中SSL策略ID `123` 通过 `/SSLPolicyService/createSSLPolicy` 接口创建。
### 监听8443和8543端口
~~~json
{
"isOn": true,
"listen": [
{
"protocol": "tls",
"portRange": "8443"
},
{
"protocol": "tls",
"portRange": "8543"
}
],
"sslPolicyRef": {
"isOn": true,
"sslPolicyId": 123
}
}
~~~
其中SSL策略ID `123` 通过 `/SSLPolicyService/createSSLPolicy` 接口创建。

63
EdgeCommon/pkg/rpc/jsons/udp_protocol.md Normal file
View File

@@ -0,0 +1,63 @@
# UDP协议配置
## 定义
~~~json
{
"isOn": "是否启用",
"listen": [
{
"protocol": "协议",
"host": "主机地址,通常为空",
"portRange": "端口或者端口范围"
},
...
]
}
~~~
## 示例
### 监听1234端口
~~~json
{
"isOn": true,
"listen": [
{
"protocol": "udp",
"host": "",
"portRange": "1234"
}
]
}
~~~
### 监听1234和2345端口
~~~json
{
"isOn": true,
"listen": [
{
"protocol": "udp",
"portRange": "1234"
},
{
"protocol": "udp",
"portRange": "2345"
}
]
}
~~~
### 监听1234到1240之间的所有端口
~~~json
{
"isOn": true,
"listen": [
{
"protocol": "udp",
"host": "",
"portRange": "1234-1240"
}
]
}
~~~