robin/waf-platform
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 1 Wiki Activity
Files
4d275c921d9cc03370e3ba4e4f2d433aa46a153e
waf-platform/EdgeAdmin/internal/web/actions/default/dashboard/boards/wafLogs.go

143 lines
4.1 KiB
Go
Raw Blame History

// Copyright 2021 Liuxiangchao iwind.liu@gmail.com. All rights reserved.
//go:build plus
package boards
import (
"github.com/TeaOSLab/EdgeAdmin/internal/web/actions/actionutils"
"github.com/TeaOSLab/EdgeCommon/pkg/iplibrary"
"github.com/TeaOSLab/EdgeCommon/pkg/rpc/pb"
"github.com/iwind/TeaGo/lists"
"github.com/iwind/TeaGo/maps"
timeutil "github.com/iwind/TeaGo/utils/time"
)
type WafLogsAction struct {
actionutils.ParentAction
}
func (this *WafLogsAction) RunPost(params struct{}) {
resp, err := this.RPC().HTTPAccessLogRPC().ListHTTPAccessLogs(this.AdminContext(), &pb.ListHTTPAccessLogsRequest{
Partition: -1,
HasFirewallPolicy: true,
Reverse: false,
Day: timeutil.Format("Ymd"),
Size: 5,
})
if err != nil {
this.ErrorPage(err)
return
}
this.Data["accessLogs"] = resp.HttpAccessLogs
var ipList = []string{}
var wafMaps = []maps.Map{}
for _, accessLog := range resp.HttpAccessLogs {
// IP
if len(accessLog.RemoteAddr) > 0 {
if !lists.ContainsString(ipList, accessLog.RemoteAddr) {
ipList = append(ipList, accessLog.RemoteAddr)
}
}
// WAF信息集合
if accessLog.FirewallPolicyId > 0 && accessLog.FirewallRuleGroupId > 0 && accessLog.FirewallRuleSetId > 0 {
// 检查Set是否已经存在
var existSet = false
for _, wafMap := range wafMaps {
if wafMap.GetInt64("setId") == accessLog.FirewallRuleSetId {
existSet = true
break
}
}
if !existSet {
wafMaps = append(wafMaps, maps.Map{
"policyId": accessLog.FirewallPolicyId,
"groupId": accessLog.FirewallRuleGroupId,
"setId": accessLog.FirewallRuleSetId,
})
}
}
}
// 根据IP查询区域
this.Data["regions"] = iplibrary.LookupIPSummaries(ipList)
// WAF相关
var wafInfos = map[int64]maps.Map{} // set id => WAF Map
var wafPolicyCacheMap = map[int64]*pb.HTTPFirewallPolicy{} // id => *pb.HTTPFirewallPolicy
var wafGroupCacheMap = map[int64]*pb.HTTPFirewallRuleGroup{} // id => *pb.HTTPFirewallRuleGroup
var wafSetCacheMap = map[int64]*pb.HTTPFirewallRuleSet{} // id => *pb.HTTPFirewallRuleSet
for _, wafMap := range wafMaps {
var policyId = wafMap.GetInt64("policyId")
var groupId = wafMap.GetInt64("groupId")
var setId = wafMap.GetInt64("setId")
if policyId > 0 {
pbPolicy, ok := wafPolicyCacheMap[policyId]
if !ok {
policyResp, err := this.RPC().HTTPFirewallPolicyRPC().FindEnabledHTTPFirewallPolicy(this.AdminContext(), &pb.FindEnabledHTTPFirewallPolicyRequest{HttpFirewallPolicyId: policyId})
if err != nil {
this.ErrorPage(err)
return
}
pbPolicy = policyResp.HttpFirewallPolicy
wafPolicyCacheMap[policyId] = pbPolicy
}
if pbPolicy != nil {
wafMap = maps.Map{
"policy": maps.Map{
"id": pbPolicy.Id,
"name": pbPolicy.Name,
"serverId": pbPolicy.ServerId,
},
}
if groupId > 0 {
pbGroup, ok := wafGroupCacheMap[groupId]
if !ok {
groupResp, err := this.RPC().HTTPFirewallRuleGroupRPC().FindEnabledHTTPFirewallRuleGroup(this.AdminContext(), &pb.FindEnabledHTTPFirewallRuleGroupRequest{FirewallRuleGroupId: groupId})
if err != nil {
this.ErrorPage(err)
return
}
pbGroup = groupResp.FirewallRuleGroup
wafGroupCacheMap[groupId] = pbGroup
}
if pbGroup != nil {
wafMap["group"] = maps.Map{
"id": pbGroup.Id,
"name": pbGroup.Name,
}
if setId > 0 {
pbSet, ok := wafSetCacheMap[setId]
if !ok {
setResp, err := this.RPC().HTTPFirewallRuleSetRPC().FindEnabledHTTPFirewallRuleSet(this.AdminContext(), &pb.FindEnabledHTTPFirewallRuleSetRequest{FirewallRuleSetId: setId})
if err != nil {
this.ErrorPage(err)
return
}
pbSet = setResp.FirewallRuleSet
wafSetCacheMap[setId] = pbSet
}
if pbSet != nil {
wafMap["set"] = maps.Map{
"id": pbSet.Id,
"name": pbSet.Name,
}
}
}
}
}
}
}
wafInfos[setId] = wafMap
}
this.Data["wafInfos"] = wafInfos
this.Success()
}
Reference in New Issue View Git Blame Copy Permalink