增加sql的waf功能

2022-03-03 16:16:53 +08:00
parent 5910cb2983
commit fcace799df
54 changed files with 12617 additions and 73 deletions
--- a/log.lua
+++ b/log.lua
@@ -1,21 +1,24 @@
-require 'config'
+require "config"

-
-local optionIsOn = function (options) return options == "on" and true or false end
+local optionIsOn = function(options)
+    return options == "on" and true or false
+end
 local Attacklog = optionIsOn(attacklog)
 local logpath = logdir

 local function getClientIp()
-    IP  = ngx.var.remote_addr 
+    IP = ngx.var.remote_addr
    if IP == nil then
-            IP  = "unknown"
+        IP = "unknown"
    end
    return IP
 end

-local function write(logfile,msg)
-    local fd = io.open(logfile,"ab")
-    if fd == nil then return end
+local function write(logfile, msg)
+    local fd = io.open(logfile, "ab")
+    if fd == nil then
+        return
+    end
    fd:write(msg)
    fd:flush()
    fd:close()
@@ -23,19 +26,38 @@ end

 function log(data, ruletag, fp)
    if Attacklog then
-        local fingerprint = fp or ''
+        local fingerprint = fp or ""
        local realIp = getClientIp()
        local method = ngx.var.request_method
        local ua = ngx.var.http_user_agent
-        local servername=ngx.var.server_name
+        local servername = ngx.var.server_name
        local url = ngx.var.request_uri
-        local time=ngx.localtime()
-        if ua  then
-            line = realIp.." ["..time.."] \""..method.." "..servername..url.."\" \""..ruletag.."\"  \""..ua.."\" \""..data.."\" \""..fingerprint.."\"\n"
+        local time = ngx.localtime()
+        if ua then
+            line =
+                realIp ..
+                " [" ..
+                    time ..
+                        '] "' ..
+                            method ..
+                                " " ..
+                                    servername ..
+                                        url ..
+                                            '" "' ..
+                                                ruletag ..
+                                                    '"  "' .. ua .. '" "' .. data .. '" "' .. fingerprint .. '"\n'
        else
-            line = realIp.." ["..time.."] \""..method.." "..servername..url.."\" \""..ruletag.."\" - \""..data.."\" \""..fingerprint.."\"\n"
+            line =
+                realIp ..
+                " [" ..
+                    time ..
+                        '] "' ..
+                            method ..
+                                " " ..
+                                    servername ..
+                                        url .. '" "' .. ruletag .. '" - "' .. data .. '" "' .. fingerprint .. '"\n'
        end
-        local filename = logpath..'/'..servername.."_"..ngx.today().."_sec.log"
-        write(filename,line)
+        local filename = logpath .. "/" .. servername .. "_" .. ngx.today() .. "_sec.log"
+        write(filename, line)
    end
-end
+end