mdserver-web/plugins/op_waf/js/op_waf.js

1648 lines
79 KiB
JavaScript
Executable File
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

function owPost(method, args, callback){
var loadT = layer.msg('正在获取...', { icon: 16, time: 0, shade: 0.3 });
$.post('/plugins/run', {name:'op_waf', func:method, args:JSON.stringify(args)}, function(data) {
layer.close(loadT);
if (!data.status){
layer.msg(data.msg,{icon:0,time:2000,shade: [0.3, '#000']});
return;
}
if(typeof(callback) == 'function'){
callback(data);
}
},'json');
}
function getRuleByName(rule_name, callback){
owPost('get_rule', {rule_name:rule_name}, function(data){
callback(data);
});
}
function setRequestCode(ruleName, statusCode){
layer.open({
type: 1,
title: "设置响应代码【" + ruleName + "】",
area: '300px',
shift: 5,
closeBtn: 2,
shadeClose: true,
content: '<div class="bt-form pd20 pb70">\
<div class="line">\
<span class="tname">响应代码</span>\
<div class="info-r">\
<select id="statusCode" class="bt-input-text mr5" style="width:150px;">\
<option value="200" '+ (statusCode == 200 ? 'selected' : '') + '>正常(200)</option>\
<option value="404" '+ (statusCode == 404 ? 'selected' : '') + '>文件不存在(404)</option>\
<option value="403" '+ (statusCode == 403 ? 'selected' : '') + '>拒绝访问(403)</option>\
<option value="444" '+ (statusCode == 444 ? 'selected' : '') + '>关闭连接(444)</option>\
<option value="500" '+ (statusCode == 500 ? 'selected' : '') + '>应用程序错误(500)</option>\
<option value="502" '+ (statusCode == 502 ? 'selected' : '') + '>连接超时(502)</option>\
<option value="503" '+ (statusCode == 503 ? 'selected' : '') + '>服务器不可用(503)</option>\
</select>\
</div>\
</div>\
<div class="bt-form-submit-btn">\
<button type="button" class="btn btn-success btn-sm btn-title" onclick="setState(\''+ ruleName + '\')">确定</button>\
</div>\
</div>'
});
}
function setState(ruleName){
var statusCode = $('#statusCode').val();
owPost('set_obj_status', {obj:ruleName,statusCode:statusCode},function(data){
var rdata = $.parseJSON(data.data);
if (rdata.status){
layer.msg(rdata.msg,{icon:0,time:2000,shade: [0.3, '#000']});
wafGloabl();
} else {
layer.msg('设置失败!',{icon:0,time:2000,shade: [0.3, '#000']});
}
});
}
function setObjOpen(ruleName){
owPost('set_obj_open', {obj:ruleName},function(data){
var rdata = $.parseJSON(data.data);
if (rdata.status){
layer.msg(rdata.msg,{icon:0,time:2000,shade: [0.3, '#000']});
wafGloabl();
} else {
layer.msg('设置失败!',{icon:0,time:2000,shade: [0.3, '#000']});
}
});
}
//保存CC规则
function saveCcRule(siteName,is_open_global, type) {
var increase = "0";
if(type == 2){
// set_aicc_open('start');
increase = "0";
}else{
// set_aicc_open('stop');
increase = type;
}
increase = "0";
var pdata = {
siteName:siteName,
cycle: $("input[name='cc_cycle']").val(),
limit: $("input[name='cc_limit']").val(),
endtime: $("input[name='cc_endtime']").val(),
is_open_global:is_open_global,
increase:increase
}
console.log(pdata);
var act = 'set_cc_conf';
if (siteName != 'undefined') act = 'set_site_cc_conf';
owPost(act, pdata, function(data){
var rdata = $.parseJSON(data.data);
layer.msg(rdata.msg, { icon: rdata.status ? 1 : 2 });
setTimeout(function(){
if (siteName != 'undefined') {
siteWafConfig(siteName, 1);
} else {
wafGloabl();
}
},1000);
});
}
function setCcRule(cycle, limit, endtime, siteName, increase){
var incstr = '<li style="color:red;">此处设置仅对当前站点有效。</li>';
if (siteName == 'undefined') {
incstr = '<li style="color:red;">此处设置的是初始值,新添加站点时将继承,对现有站点无效。</li>';
}
// <div class="line">\
// <span class="tname">增强模式</span>\
// <div class="info-r">\
// <select class="bt-input-text mr5" style="width:80px" name="enhance_mode">\
// <option value="0" '+ (enhance_mode == 0?'selected':'') +'>关闭</option>\
// <option value="1" '+ (enhance_mode == 1?'selected':'') +'>开启</option>\
// </select>\
// </div>\
// </div>\
// <div class="line" style="display:'+ (siteName == 'undefined'?'block':'none') +'">\
// <span class="tname">四层防御</span>\
// <div class="info-r">\
// <select class="bt-input-text mr5" style="width:80px" name="cc_four_defense">\
// <option value="0">关闭</option>\
// <option value="1">开启</option>\
// </select>\
// </div>\
// </div>\
//<li><font style="color:red;">增强模式:CC防御加强版开启后可能会影响用户体验建议在用户受到CC攻击时开启。</font></li>\
create_l = layer.open({
type: 1,
title: "设置CC规则",
area: '540px',
closeBtn: 2,
shadeClose: false,
content: '<form class="bt-form pd20 pb70">\
<div class="line">\
<span class="tname">周期</span>\
<div class="info-r"><input class="bt-input-text" name="cc_cycle" type="number" value="'+ cycle + '" /> 秒</div>\
</div>\
<div class="line">\
<span class="tname">频率</span>\
<div class="info-r"><input class="bt-input-text" name="cc_limit" type="number" value="'+ limit + '" /> 次</div>\
</div>\
<div class="line">\
<span class="tname">封锁时间</span>\
<div class="info-r"><input class="bt-input-text" name="cc_endtime" type="number" value="'+ endtime + '" /> 秒</div>\
</div>\
<ul class="help-info-text c7 ptb10">'+ incstr + '\
<li><font style="color:red;">'+ cycle + '</font> 秒内累计请求同一URL超过 <font style="color:red;">' + limit + '</font> 次,触发CC防御,封锁此IP <font style="color:red;">' + endtime + '</font> 秒</li>\
<li>请不要设置过于严格的CC规则,以免影响正常用户体验</li>\
<li><font style="color:red;display:'+ (siteName == 'undefined'?'display: inline-block;':'none') +';">全局应用:全局设置当前CC规则且覆盖当前全部站点的CC规则</font></li>\
</ul>\
<div class="bt-form-submit-btn"><button type="button" class="btn btn-danger btn-sm btn_cc_all" style="margin-right:10px;display:'+ (siteName == 'undefined'?'display: inline-block;':'none') +';">全局应用</button><button type="button" class="btn btn-success btn-sm btn_cc_present">应用</button></div>\
</form>',
success:function(layero,index){
$('.btn_cc_all').click(function(){
saveCcRule(siteName,1,$('[name="enhance_mode"]').val());
});
$('.btn_cc_present').click(function(){
saveCcRule(siteName,0,$('[name="enhance_mode"]').val());
});
}
});
}
//设置retry规则
function setRetry(retry_cycle, retry, retry_time, siteName) {
create_layer = layer.open({
type: 1,
title: "设置恶意容忍规则",
area: '500px',
closeBtn: 2,
shadeClose: false,
content: '<form class="bt-form pd20 pb70">\
<div class="line">\
<span class="tname">周期</span>\
<div class="info-r"><input class="bt-input-text" name="retry_cycle" type="number" value="'+ retry_cycle + '" /> 秒</div>\
</div>\
<div class="line">\
<span class="tname">频率</span>\
<div class="info-r"><input class="bt-input-text" name="retry" type="number" value="'+ retry + '" /> 次</div>\
</div>\
<div class="line">\
<span class="tname">封锁时间</span>\
<div class="info-r"><input class="bt-input-text" name="retry_time" type="number" value="'+ retry_time + '" /> 秒</div>\
</div>\
<ul class="help-info-text c7 ptb10">\
<li><font style="color:red;">'+ retry_cycle + '</font> 秒内累计恶意请求超过 <font style="color:red;">' + retry + '</font> 次,封锁 <font style="color:red;">' + retry_time + '</font> 秒</li>\
<li><font style="color:red;">全局应用:全局设置当前恶意容忍规则,且覆盖当前全部站点的恶意容忍规则</li>\
</ul>\
<div class="bt-form-submit-btn"><button type="button" class="btn btn-danger btn-sm btn_retry_all" style="margin-right:10px;display:'+ (siteName == undefined?'inline-block;':'none') +';">全局应用</button><button type="button" class="btn btn-success btn-sm btn_retry_present">应用</button></div>\
</form>',
success:function(){
$('.btn_retry_all').click(function(){
saveRetry(siteName,1);
});
$('.btn_retry_present').click(function(){
saveRetry(siteName,0);
});
}
});
}
//保存retry规则
function saveRetry(siteName,type) {
var pdata = {
siteName: siteName,
retry: $("input[name='retry']").val(),
retry_time: $("input[name='retry_time']").val(),
retry_cycle: $("input[name='retry_cycle']").val(),
is_open_global:type
}
var act = 'set_retry';
if (siteName != undefined) act = 'set_site_retry';
owPost(act, pdata, function(data){
var rdata = $.parseJSON(data.data);
layer.msg(rdata.msg, { icon: rdata.status ? 1 : 2 });
layer.close(create_layer);
wafGloablRefresh(1000);
});
}
function addRule(ruleName) {
var pdata = {
'ruleValue': $("input[name='ruleValue']").val(),
'ps': $("input[name='rulePs']").val(),
'ruleName': ruleName
}
owPost('add_rule', pdata, function(data){
var rdata = $.parseJSON(data.data);
layer.msg(rdata.msg, { icon: rdata.status ? 1 : 2 });
if (rdata.status) {
setTimeout(function(){
setObjConf(ruleName, 1);
},1000);
}
});
// var loadT = layer.msg('正在添加,请稍候..', { icon: 16, time: 0 });
// $.post('/plugin?action=a&name=btwaf&s=add_rule', pdata, function (rdata) {
// layer.close(loadT);
// layer.msg(rdata.msg, { icon: rdata.status ? 1 : 2 });
// if (rdata.status) {
// set_obj_conf(ruleName, 1);
// }
// });
}
function modifyRule(index, ruleName) {
var ruleValue = $('.rule_body_' + index).text();
$('.rule_body_' + index).html('<textarea class="bt-input-text" name="rule_body_' + index + '" style="margin: 0px; height: 70px; width: 99%;line-height:20px">' + ruleValue + '</textarea>');
var rulePs = $('.rule_ps_' + index).text();
$('.rule_ps_' + index).html('<input class="bt-input-text" type="text" name="rule_ps_' + index + '" value="' + rulePs + '" />');
$('.rule_modify_' + index).html('<a class="btlink" onclick="modifyRuleSave(' + index + ',\'' + ruleName + '\')">保存</a> | <a class="btlink modr_cancel_' + index + '">取消</a>');
$(".modr_cancel_" + index).click(function () {
$('.rule_body_' + index).html(ruleValue);
$('.rule_ps_' + index).html(rulePs);
$('.rule_modify_' + index).html('<a class="btlink" onclick="modifyRule(' + index + ',\'' + ruleName + '\')">编辑</a>');
})
}
function modifyRuleSave(index, ruleName) {
var pdata = {
index: index,
ruleName: ruleName,
ruleBody: $("textarea[name='rule_body_" + index + "']").val(),
rulePs: $("input[name='rule_ps_" + index + "']").val()
}
owPost('modify_rule', pdata, function(data){
var rdata = $.parseJSON(data.data);
layer.msg(rdata.msg, { icon: rdata.status ? 1 : 2 });
if (rdata.status) {
setTimeout(function(){
setObjConf(ruleName, 1);
},1000);
}
});
}
function removeRule(ruleName, index) {
var pdata = {
'index': index,
'ruleName': ruleName
}
safeMessage('删除规则', '您真的要删除这条过滤规则吗?', function () {
owPost('remove_rule', pdata, function(data){
var rdata = $.parseJSON(data.data);
layer.msg(rdata.msg, { icon: rdata.status ? 1 : 2 });
if (rdata.status) {
setTimeout(function(){
setObjConf(ruleName, 1);
},1000);
}
});
});
}
function setRuleState(ruleName, index) {
var pdata = {
'index': index,
'ruleName': ruleName
}
owPost('set_rule_state', pdata, function(data){
var rdata = $.parseJSON(data.data);
layer.msg(rdata.msg, { icon: rdata.status ? 1 : 2 });
if (rdata.status) {
setTimeout(function(){
setObjConf(ruleName, 1);
},1000);
}
});
}
//设置规则
function setObjConf(ruleName, type) {
if (type == undefined) {
create_l = layer.open({
type: 1,
title: "编辑规则【" + ruleName + "】",
area: ['700px', '530px'],
closeBtn: 2,
shadeClose: false,
content: '<div class="pd15">\
<div style="border-bottom:#ccc 1px solid;margin-bottom:10px;padding-bottom:10px">\
<input class="bt-input-text" name="ruleValue" type="text" value="" style="width:470px;margin-right:12px;" placeholder="规则内容,请使用正则表达式">\
<input class="bt-input-text mr5" name="rulePs" type="text" style="width:120px;" placeholder="描述">\
<button class="btn btn-success btn-sm va0 pull-right" onclick="addRule(\''+ ruleName + '\');">添加</button>\</div>\
<div class="divtable">\
<div id="jc-file-table" class="table_head_fix" style="max-height:300px;overflow:auto;border:#ddd 1px solid">\
<table class="table table-hover" style="border:none">\
<thead>\
<tr>\
<th width="360">规则</th>\
<th>说明</th>\
<th>操作</th>\
<th style="text-align: right;">状态</th>\
</tr>\
</thead>\
<tbody id="set_obj_conf_con" class="gztr"></tbody>\
</table>\
</div>\
</div>\
<ul class="help-info-text c7 ptb10">\
<li style="color:red;">注意:如果您不了解正则表达式,请不要随意修改规则内容</li>\
<li>您可以添加或修改规则内容,但请使用正则表达式</li>\
<li>内置规则允许修改,但不可以直接删除,您可以设置规则状态来定义防火墙是否使用此规则</li>\
</ul></div>'
});
tableFixed("jc-file-table");
}
getRuleByName(ruleName, function(data){
var tmp = $.parseJSON(data.data);
var rdata = $.parseJSON(tmp.data);
var tbody = ''
for (var i = 0; i < rdata.length; i++) {
var removeRule = ''
if (rdata[i][3] != 0) removeRule = ' | <a class="btlink" onclick="removeRule(\'' + ruleName + '\',' + i + ')">删除</a>';
tbody += '<tr>\
<td class="rule_body_'+ i + '">' + rdata[i][1] + '</td>\
<td class="rule_ps_'+ i + '">' + rdata[i][2] + '</td>\
<td class="rule_modify_'+ i + '"><a class="btlink" onclick="modifyRule(' + i + ',\'' + ruleName + '\')">编辑</a>' + removeRule + '</td>\
<td class="text-right">\
<div class="pull-right">\
<input class="btswitch btswitch-ios" id="closeua_'+ i + '" type="checkbox" ' + (rdata[i][0] ? 'checked' : '') + '>\
<label class="btswitch-btn" style="width:2.0em;height:1.2em;margin-bottom: 0" for="closeua_'+ i + '" onclick="setRuleState(\'' + ruleName + '\',' + i + ')"></label>\
</div>\
</td>\
</tr>'
}
$("#set_obj_conf_con").html(tbody);
});
}
//常用扫描器
function scanRule() {
getRuleByName('scan_black', function(data){
var tmp = $.parseJSON(data.data);
var rdata = $.parseJSON(tmp.data);
create_l = layer.open({
type: 1,
title: "常用扫描器过滤规则",
area: '650px',
closeBtn: 2,
shadeClose: false,
content: '<form class="bt-form pd20 pb70">\
<div class="line">\
<span class="tname">Header</span>\
<div class="info-r"><textarea style="margin: 0px;width:475px;height: 75px;line-height:20px" class="bt-input-text" name="scan_header" >'+ rdata.header + '</textarea></div>\
</div>\
<div class="line">\
<span class="tname">Cookie</span>\
<div class="info-r"><textarea style="margin: 0px;width:475px;height: 75px;line-height:20px" class="bt-input-text" name="scan_cookie" >'+ rdata.cookie + '</textarea></div>\
</div>\
<div class="line">\
<span class="tname">Args</span>\
<div class="info-r"><textarea style="margin: 0px;width:475px;height: 75px;line-height:20px" class="bt-input-text" name="scan_args" >'+ rdata.args + '</textarea></div>\
</div>\
<ul class="help-info-text c7 ptb10">\
<li>会同时过滤key和value,请谨慎设置</li>\
<li>请使用正则表达式,提交前应先备份原有表达式</li>\
</ul>\
<div class="bt-form-submit-btn">\
<button type="button" class="btn btn-success btn-sm btn-title" onclick="saveScanRule()">确定</button>\
</div>\
</form>'
});
});
}
//保存扫描器规则
function saveScanRule() {
pdata = {
header: $("textarea[name='scan_header']").val(),
cookie: $("textarea[name='scan_cookie']").val(),
args: $("textarea[name='scan_args']").val()
}
owPost('save_scan_rule', pdata,function(data){
var rdata = $.parseJSON(data.data);
layer.msg(rdata.msg, { icon: rdata.status ? 1 : 2 });
layer.close(create_l);
wafGloablRefresh(1000);
});
}
//添加IP段到IP白名单
function addIpWhite() {
var pdata = {
start_ip: $("input[name='start_ip']").val(),
end_ip: $("input[name='end_ip']").val()
}
if (pdata['start_ip'].split('.').length < 4 || pdata['end_ip'].split('.').length < 4) {
layer.msg('起始IP或结束IP格式不正确!');
return;
}
owPost('add_ip_white', pdata, function(data){
var rdata = $.parseJSON(data.data);
layer.msg(rdata.msg, { icon: rdata.status ? 1 : 2 });
if (rdata.status) {
setTimeout(function(){
ipWhite(1);
},1000);
}
});
}
//从IP白名单删除IP段
function removeIpWhite(index) {
owPost('remove_ip_white', { index: index }, function(data){
var rdata = $.parseJSON(data.data);
if (rdata.status) {
setTimeout(function(){
ipWhite(1);
},1000);
}
layer.msg(rdata.msg, { icon: rdata.status ? 1 : 2 });
});
}
function funDownload(content, filename) {
// 创建隐藏的可下载链接
var eleLink = document.createElement('a');
eleLink.download = filename;
eleLink.style.display = 'none';
// 字符内容转变成blob地址
var blob = new Blob([content]);
eleLink.href = URL.createObjectURL(blob);
// 触发点击
document.body.appendChild(eleLink);
eleLink.click();
// 然后移除
document.body.removeChild(eleLink);
}
function outputLayer(rdata, name, type) {
window.Load_layer = layer.open({
type: 1,
title: type ? "导出数据" : "导入数据",
area: ['400px', '370px'],
shadeClose: false,
content: '<div class="soft-man-con" style="padding:10px;">' +
'<div class="line">' +
'<div class="ml0" style="position:relative;" id="focus_tips">' +
'<textarea class="bt-input-text mr20 config" name="config" style="width: 300px; height: 250px; line-height: 22px; display: none;" id="lead_data">' + (rdata != '' ? JSON.stringify(rdata) : '') + '</textarea>' +
'<div class="placeholder c9" style="top: 15px; left: 15px; display:' + (rdata == "" ? "block;" : "none;") + '">导入格式如下:' +
(name == 'ip_white' || name == 'ip_black' ? "[[[127, 0, 0, 1],[127, 0, 0, 255]]]" : "[\"^/test\",\"^/web\"]") +
'</div>' +
'</div>' +
'</div>' +
'<div class="line "><div class="ml0">' +
(type ? '<button name="btn_save_to" class="btn btn-success btn-sm mr5 btn_save_to" >导出配置</button>' : '<button name="btn_save" class="btn btn-success btn-sm mr5 btn_save">保存</button>') +
'</div></div>' +
'</div>'
});
var lead_error = CodeMirror.fromTextArea(document.getElementById("lead_data"), {
mode: 'html',
matchBrackets: true,
matchtags: true,
autoMatchParens: true
});
setTimeout(function () {
$('.btn_save').on('click', function () {
importData(name, lead_error.getValue());
})
$('.btn_save_to').on('click', function () {
funDownload(lead_error.getValue(), name + '.json');
});
$('#focus_tips').on('click', function () {
$('.placeholder').hide();
});
}, 100);
}
//导出数据
function outputData(name, callback) {
var loadT = layer.msg('正在导出数据..', { icon: 16, time: 0 });
owPost('output_data', { s_Name: name } , function(data){
var tmp = $.parseJSON(data.data);
var rdata = $.parseJSON(tmp.data);
if (callback) callback(rdata,res);
outputLayer(rdata, name, true);
});
}
//导入数据
function importData(name, pdata, callback) {
owPost('import_data', { s_Name: name, pdata: pdata } , function(data){
var rdata = $.parseJSON(data.data);
if (callback) callback();
layer.msg(rdata.msg, { icon: rdata.status ? 1 : 2 });
});
}
function fileInput(name) {
outputLayer('', name, false);
}
//IP白名单
function ipWhite(type) {
if (type == undefined) {
create_l = layer.open({
type: 1,
title: "管理IP白名单",
area: ['500px', '500px'],
closeBtn: 2,
shadeClose: false,
content: '<div class="pd15 ipv4_list">\
<div style="border-bottom:#ccc 1px solid;margin-bottom:10px;padding-bottom:10px">\
<input class="bt-input-text" name="start_ip" type="text" value="" style="width:180px;margin-right:15px;margin-left:5px" placeholder="起始IP地址">\
<input class="bt-input-text mr5" name="end_ip" type="text" style="width:180px;margin-left:5px;margin-right:20px" placeholder="结束IP地址">\
<button class="btn btn-success btn-sm va0 pull-right" onclick="addIpWhite();">添加</button>\</div>\
<div class="divtable">\
<div id="ipWhite" style="max-height:300px;overflow:auto;border:#ddd 1px solid">\
<table class="table table-hover" style="border:none">\
<thead>\
<tr>\
<th>超始IP</th>\
<th>结束IP</th>\
<th style="text-align: right;">操作</th>\
</tr>\
</thead>\
<tbody id="ip_white_con" class="gztr"></tbody>\
</table>\
</div>\
</div>\
<div style="width:100%" class="mt5">\
<button class="btn btn-success btn-sm va0 mr5 mt10" onclick="fileInput(\'ip_white\')" >导入</button>\
<button class="btn btn-success btn-sm va0 mt10" onclick="outputData(\'ip_white\')">导出</button>\
</div>\
<ul class="help-info-text c7 ptb10">\
<li>所有规则对白名单中的IP段无效,包括IP黑名单和URL黑名单,IP白名单具备最高优先权</li>\
</ul>\
</div>\
<div class="pd15 ipv6_list">\
</div>',
success:function(index,layero){
// $('.tab_list .tab_block').click(function(){
// $(this).addClass('active').siblings().removeClass('active');
// console.log($(this).index());
// if($(this).index() === 0){
// $('.ipv4_list').show().next().hide();
// }else{
// $('.ipv4_list').hide().next().show();
// }
// });
// <div class="tab_list"><div class="tab_block active">IPv4白名单</div><div class="tab_block">IPv6白名单</div></div>\
}
});
tableFixed("ipWhite");
}
getRuleByName('ip_white', function(data){
var tmp = $.parseJSON(data.data);
var rdata = $.parseJSON(tmp.data);
var tbody = ''
for (var i = 0; i < rdata.length; i++) {
tbody += '<tr>\
<td>'+ rdata[i][0].join('.') + '</td>\
<td>'+ rdata[i][1].join('.') + '</td>\
<td class="text-right"><a class="btlink" onclick="removeIpWhite('+ i + ')">删除</a></td>\
</tr>'
}
$("#ip_white_con").html(tbody);
});
}
// 获取IPV4黑名单
function getIpv4Address(callback){
getRuleByName('ip_black', function(data){
var tmp = $.parseJSON(data.data);
var rdata = $.parseJSON(tmp.data);
callback(rdata);
});
}
// 获取IPV6黑名单
function getIpv6Address(callback){
getRuleByName('ipv6_black', function(data){
var tmp = $.parseJSON(data.data);
var rdata = $.parseJSON(tmp.data);
callback(rdata);
});
}
// 添加ipv6请求
function addIpv6Req(ip,callback){
var ip = ip.replace(/:/g, '_');
owPost('set_ipv6_black', {addr:ip}, function(data){
var rdata = $.parseJSON(data.data);
if(callback) callback(rdata);
});
}
// 添加ipv6请求
function removeIpv6Black(ip,callback){
var ip = ip.replace(/:/g, '_');
owPost('del_ipv6_black', {addr:ip}, function(data){
var rdata = $.parseJSON(data.data);
layer.msg(rdata.msg,{icon:rdata.status?1:2});
$('.tab_list .tab_block:eq(1)').click();
if(callback) callback(rdata);
});
}
//添加IP段到IP黑名单
function addIpBlack() {
var pdata = {
start_ip: $("input[name='start_ip']").val(),
end_ip: $("input[name='end_ip']").val()
}
if (pdata['start_ip'].split('.').length < 4 || pdata['end_ip'].split('.').length < 4) {
layer.msg('起始IP或结束IP格式不正确!');
return;
}
owPost('add_ip_black', pdata, function(data){
var rdata = $.parseJSON(data.data);
if (rdata.status) {
ipBlack(1);
}
layer.msg(rdata.msg, { icon: rdata.status ? 1 : 2 });
});
}
//从IP黑名单删除IP段
function removeIpBlack(index) {
owPost('remove_ip_black', { index: index }, function (data) {
var rdata = $.parseJSON(data.data);
if (rdata.status) {
ipBlack(1);
}
layer.msg(rdata.msg, { icon: rdata.status ? 1 : 2 });
});
}
//IP黑名单
function ipBlack(type) {
if (type == undefined) {
create_l = layer.open({
type: 1,
title: "管理IP黑名单",
area: ['500px', '500px'],
closeBtn: 2,
shadeClose: false,
content: '<div class="tab_list"><div class="tab_block active">IPv4黑名单</div><div class="tab_block">IPv6黑名单</div></div>\
<div class="pd15 ipv4_block">\
<div style="border-bottom:#ccc 1px solid;margin-bottom:10px;padding-bottom:10px">\
<input class="bt-input-text" name="start_ip" type="text" value="" style="width:150px;margin-right:15px;margin-left:5px" placeholder="起始IP地址">\
<input class="bt-input-text mr5" name="end_ip" type="text" style="width:150px;margin-left:5px;margin-right:20px" placeholder="结束IP地址">\
<button class="btn btn-success btn-sm va0 pull-right" onclick="addIpBlack();">添加</button>\</div>\
<div class="divtable">\
<div id="ipBlack" style="max-height:300px;overflow:auto;border:#ddd 1px solid">\
<table class="table table-hover" style="border:none">\
<thead>\
<tr>\
<th>超始IP</th>\
<th>结束IP</th>\
<th style="text-align: right;">操作</th>\
</tr>\
</thead>\
<tbody id="ip_black_con" class="gztr"></tbody>\
</table>\
</div>\
<div style="width:100%" class="mt10">\
<button class="btn btn-success btn-sm va0 mr5 mt10" onclick="fileInput(\'ip_black\')" >导入</button>\
<button class="btn btn-success btn-sm va0 mt10" onclick="outputData(\'ip_black\')">导出</button>\
</div>\
</div>\
<ul class="help-info-text c7 ptb10">\
<li>黑名单中的IP段将被禁止访问,IP白名单中已存在的除外</li>\
</ul>\
</div>\
<div class="pd15 ipv6_block">\
<div style="border-bottom:#ccc 1px solid;margin-bottom:10px;padding-bottom:10px">\
<input class="bt-input-text" name="ipv6_address" type="text" style="width:380px;margin-right:15px;margin-left:5px" placeholder="ipv6地址">\
<button class="btn btn-success btn-sm va0 btn_add_ipv6" style="margin-left:15px;">添加</button>\
</div>\
<div class="divtable">\
<div id="ipv6_black" style="max-height:300px;overflow:auto;border:#ddd 1px solid">\
<table class="table table-hover" style="border:none">\
<thead><tr><th>IPv6地址</th><th style="text-align: right;">操作</th></tr></thead>\
<tbody id="ipv6_black_con" class="gztr"></tbody>\
</table>\
</div>\
</div>\
<ul class="help-info-text c7 ptb10">\
<li>黑名单中的IP段将被禁止访问,IP白名单中已存在的除外</li>\
</ul>\
</div>',
success:function(index,layero){
$('.tab_list .tab_block').click(function(){
$(this).addClass('active').siblings().removeClass('active');
if($(this).index() === 0){
$('.ipv4_block').show().next().hide();
getIpv4Address(function(rdata){
var tbody = ''
for (var i = 0; i < rdata.length; i++) {
tbody += '<tr>\
<td>'+ rdata[i][0].join('.') + '</td>\
<td>'+ rdata[i][1].join('.') + '</td>\
<td class="text-right"><a class="btlink" onclick="removeIpBlack('+ i + ')">删除</a></td>\
</tr>'
}
$("#ip_black_con").html(tbody);
});
}else{
$('.ipv4_block').hide().next().show();
getIpv6Address(function(res){
var tbody = '',rdata = res;
for (var i = 0; i < rdata.length; i++) {
tbody += '<tr>\
<td>'+ rdata[i] + '</td>\
<td class="text-right"><a class="btlink" onclick="removeIpv6Black(\''+ rdata[i] + '\')">删除</a></td>\
</tr>'
}
$("#ipv6_black_con").html(tbody);
});
}
});
$('.btn_add_ipv6').click(function(){
var ipv6 = $('[name="ipv6_address"]').val();
addIpv6Req(ipv6, function(res){
layer.msg(res.msg,{icon:res.status?1:2});
if(res.status){
$('[name="ipv6_address"]').val('');
$('.tab_list .tab_block:eq(1)').click();
}
});
});
$('.tab_list .tab_block:eq(0)').click();
}
});
tableFixed("ipBlack");
} else {
$('.tab_list .tab_block:eq(0)').click();
}
}
function wafScreen(){
owPost('waf_srceen', {}, function(data){
var rdata = $.parseJSON(data.data);
var con = '<div class="wavbox alert alert-success" style="margin-right:16px">总拦截<span>'+rdata.total+'</span>次</div>';
con += '<div class="wavbox alert alert-info" style="margin-right:16px">安全防护<span>0</span>天</div>';
con += '<div class="screen">\
<div class="line"><span class="name">POST渗透</span><span class="val">'+rdata.rules.post+'</span></div>\
<div class="line"><span class="name">GET渗透</span><span class="val">0</span></div>\
<div class="line"><span class="name">CC攻击</span><span class="val">'+rdata.rules.cc+'</span></div>\
<div class="line"><span class="name">恶意User-Agent</span><span class="val">'+rdata.rules.user_agent+'</span></div>\
<div class="line"><span class="name">Cookie渗透</span><span class="val">'+rdata.rules.cookie+'</span></div>\
<div class="line"><span class="name">恶意扫描</span><span class="val">0</span></div>\
<div class="line"><span class="name">恶意HEAD请求</span><span class="val">0</span></div>\
<div class="line"><span class="name">URI自定义拦截</span><span class="val">0</span></div>\
<div class="line"><span class="name">URI保护</span><span class="val">0</span></div>\
<div class="line"><span class="name">恶意文件上传</span><span class="val">0</span></div>\
<div class="line"><span class="name">禁止的扩展名</span><span class="val">0</span></div>\
<div class="line"><span class="name">禁止PHP脚本</span><span class="val">0</span></div>\
</div>';
con += '<div style="width:660px;"><ul class="help-info-text c7">\
<li>在此处关闭防火墙后,所有站点将失去保护</li>\
<li>网站防火墙会使nginx有一定的性能损失(&lt;5% 10C静态并发测试结果)</li>\
<li>网站防火墙仅主要针对网站渗透攻击,暂时不具备系统加固功能</li>\
</ul></div>';
$(".soft-man-con").html(con);
});
}
function wafGloablRefresh(time){
setTimeout(function(){
wafGloabl();
}, time);
}
function wafGloabl(){
owPost('waf_conf', {}, function(data){
var rdata = $.parseJSON(data.data);
var con = '<div class="divtable">\
<table class="table table-hover waftable">\
<thead><tr><th width="18%">名称</th>\
<th width="44%">描述</th>\
<th width="10%">响应</th>\
<th style="text-align: center;" width="10%">状态</th>\
<th style="text-align: right;">操作</th></tr>\
</thead>\
<tbody>\
<tr><td>CC防御</td>\
<td>防御CC攻击具体防御参数请到站点配置中调整</td>\
<td><a class="btlink" onclick="setRequestCode(\'cc\','+rdata.cc.status+')">'+rdata.cc.status+'</a></td>\
<td><div class="ssh-item">\
<input class="btswitch btswitch-ios" id="closecc" type="checkbox" '+(rdata.cc.open ? 'checked' : '')+'>\
<label class="btswitch-btn" for="closecc" onclick="setObjOpen(\'cc\')"></label></div>\
</td>\
<td class="text-right"><a class="btlink" onclick="setCcRule('+rdata.cc.cycle+','+rdata.cc.limit+','+rdata.cc.endtime+',\'undefined\','+rdata.cc.increase+')">初始规则</a></td>\
</tr>\
<tr>\
<td>恶意容忍度</td>\
<td>封锁连续恶意请求,请到站点配置中调整容忍阈值</td>\
<td><a class="btlink" onclick="setRequestCode(\'cc\','+ rdata.cc.status + ')">' + rdata.cc.status + '</a></td>\
<td style="text-align: center;">--</td>\
<td class="text-right"><a class="btlink" onclick="setRetry('+ rdata.retry.retry_cycle + ',' + rdata.retry.retry + ',' + rdata.retry.retry_time + ')">初始规则</a></td>\
</tr>\
<tr>\
<td>GET-URI过滤</td>\
<td>'+ rdata.get.ps + '</td>\
<td><a class="btlink" onclick="setRequestCode(\'get\',' + rdata.get.status + ')">' + rdata.get.status + '</a></td>\
<td><div class="ssh-item">\
<input class="btswitch btswitch-ios" id="closeget" type="checkbox" '+ (rdata.get.open ? 'checked' : '') + '>\
<label class="btswitch-btn" for="closeget" onclick="setObjOpen(\'get\')"></label>\
</div></td>\
<td class="text-right"><a class="btlink" onclick="setObjConf(\'url\')">规则</a> | <a class="btlink" href="javascript:;" onclick="onlineEditFile(0,\''+rdata['reqfile_path']+'/get.html\')">响应内容</a></td>\
</tr>\
<tr>\
<td>GET-参数过滤</td><td>'+ rdata.get.ps + '</td><td><a class="btlink" onclick="setRequestCode(\'get\',' + rdata.get.status + ')">' + rdata.get.status + '</a></td><td><div class="ssh-item">\
<input class="btswitch btswitch-ios" id="closeget" type="checkbox" '+ (rdata.get.open ? 'checked' : '') + '>\
<label class="btswitch-btn" for="closeget" onclick="setObjOpen(\'get\')"></label>\
</div></td><td class="text-right"><a class="btlink" onclick="setObjConf(\'args\')">规则</a> | <a class="btlink" href="javascript:;" onclick="onlineEditFile(0,\''+rdata['reqfile_path']+'/get.html\')">响应内容</a></td>\
</tr>\
<tr>\
<td>POST过滤</td><td>'+ rdata.post.ps + '</td><td><a class="btlink" onclick="setRequestCode(\'post\',' + rdata.post.status + ')">' + rdata.post.status + '</a></td><td><div class="ssh-item">\
<input class="btswitch btswitch-ios" id="closepost" type="checkbox" '+ (rdata.post.open ? 'checked' : '') + '>\
<label class="btswitch-btn" for="closepost" onclick="setObjOpen(\'post\')"></label>\
</div></td><td class="text-right"><a class="btlink" onclick="setObjConf(\'post\')">规则</a> | <a class="btlink" href="javascript:;" onclick="onlineEditFile(0,\''+rdata['reqfile_path']+'/post.html\')">响应内容</a></td>\
</tr>\
<tr>\
<td>User-Agent过滤</td><td>'+ rdata['user-agent'].ps + '</td><td><a class="btlink" onclick="setRequestCode(\'user-agent\',' + rdata['user-agent'].status + ')">' + rdata['user-agent'].status + '</a></td><td><div class="ssh-item">\
<input class="btswitch btswitch-ios" id="closeua" type="checkbox" '+ (rdata['user-agent'].open ? 'checked' : '') + '>\
<label class="btswitch-btn" for="closeua" onclick="setObjOpen(\'user-agent\')"></label>\
</div></td><td class="text-right"><a class="btlink" onclick="setObjConf(\'user_agent\')">规则</a> | <a class="btlink" href="javascript:;" onclick="onlineEditFile(0,\''+rdata['reqfile_path']+'/user_agent.html\')">响应内容</a></td>\
</tr>\
<tr>\
<td>Cookie过滤</td><td>'+ rdata.cookie.ps + '</td><td><a class="btlink" onclick="setRequestCode(\'cookie\',' + rdata.cookie.status + ')">' + rdata.cookie.status + '</a></td><td><div class="ssh-item">\
<input class="btswitch btswitch-ios" id="closecookie" type="checkbox" '+ (rdata.cookie.open ? 'checked' : '') + '>\
<label class="btswitch-btn" for="closecookie" onclick="setObjOpen(\'cookie\')"></label>\
</div></td><td class="text-right"><a class="btlink" onclick="setObjConf(\'cookie\')">规则</a> | <a class="btlink" href="javascript:;" onclick="onlineEditFile(0,\''+rdata['reqfile_path']+'/cookie.html\')">响应内容</a></td>\
</tr>\
<tr>\
<td>常见扫描器</td><td>'+ rdata.scan.ps + '</td><td><a class="btlink" onclick="setRequestCode(\'scan\',' + rdata.scan.status + ')">' + rdata.scan.status + '</a></td><td><div class="ssh-item">\
<input class="btswitch btswitch-ios" id="closescan" type="checkbox" '+ (rdata.scan.open ? 'checked' : '') + '>\
<label class="btswitch-btn" for="closescan" onclick="setObjOpen(\'scan\')"></label>\
</div></td><td class="text-right"><a class="btlink" onclick="scanRule()">设置</a></td>\
</tr>\
<tr>\
<td>IP白名单</td><td>所有规则对IP白名单无效</td><td style="text-align: center;">--</td>\
<td style="text-align: center;">--</td>\
<td class="text-right"><a class="btlink" onclick="ipWhite()">设置</a></td>\
</tr>\
<tr>\
<td>IP黑名单</td><td>禁止访问的IP</td><td><a class="btlink" onclick="setRequestCode(\'cc\','+ rdata.cc.status + ')">' + rdata.cc.status + '</a></td>\
<td style="text-align: center;">--</td>\
<td class="text-right"><a class="btlink" onclick="ipBlack()">设置</a></td>\
</tr>\
<tr>\
<td>其它</td><td>'+ rdata.other.ps + '</td><td>--</td>\
<td style="text-align: center;">--</td>\
<td class="text-right"><a class="btlink" href="javascript:;" onclick="onlineEditFile(0,\''+rdata['reqfile_path']+'/other.html\')">响应内容</a></td>\
</tr>\
</tbody>\
</table>\
</div>';
con += '<div style="width:645px;margin-top:10px;"><ul class="help-info-text c7">\
<li>继承: 全局设置将在站点配置中自动继承为默认值</li>\
<li>优先级: IP白名单>IP黑名单>URL白名单>URL黑名单>CC防御>禁止国外IP访问>User-Agent>URI过滤>URL参数>Cookie>POST</li>\
</ul></div>';
$(".soft-man-con").html(con);
});
}
//返回css
function back_css(v) {
if (v > 0) {
return 'tipsval'
}
else {
return 'tipsval tipsvalnull'
}
}
//查看网站日志
function siteWafLog(siteName) {
var loadT = layer.msg('正在处理,请稍候..', { icon: 16, time: 0 });
owPost('get_logs_list', { siteName: siteName } , function (data) {
var tmp = $.parseJSON(data.data);
var rdata = tmp.data;
var selectLogDay = "";
var day = rdata[0];
for (var i = 0; i < rdata.length; i++) {
selectLogDay += '<option value="' + rdata[i] + '">' + rdata[i] + '</option>';
}
if (rdata == "") {
layer.msg("暂无日志记录", { icon: 6, shade: 0.3, time: 1000 });
return
}
layer.open({
type: 1,
title: "日志【" + siteName + "】",
area: ['880px', '500px'],
closeBtn: 2,
shadeClose: false,
content: '<div class="lib-box pd15 lib-box-log">\
<div class="lib-con-title" style="height:40px"><select id="selectLogDay" class="bt-input-text" onchange="siteLogCon(\''+ siteName + '\',this.options[this.options.selectedIndex].value,1)">' + selectLogDay + '</select></div>\
<div class="lib-con">\
<div class="divtable">\
<div id="site_waf_log" style="max-height:400px;overflow:auto;border:#ddd 1px solid">\
<table class="table table-hover" style="border:none;">\
<thead><tr><th width="150">时间</th><th width="120">用户IP</th><th width="70">类型</th><th>URI地址</th><th class="tdhide">User-Agent</th><th width="60">状态</th><th width="100">过滤器</th><th class="tdhide">过滤规则</th><th width="100" class="text-right">操作</th></tr></thead>\
<tbody id="LogDayCon"></tbody>\
</table>\
</div>\
</div>\
<div class="page pull-right" id="size_log_page" style="margin-top:10px"></div>\
</div>\
</div>'
});
siteLogCon(siteName, day, 1);
tableFixed("site_waf_log");
});
}
//日志内容
function siteLogCon(siteName, day, page) {
if (!page) page = 1;
var last = page - 1;
var next = page + 1;
var pagehtml = '';
$("#site_waf_log").scrollTop(0);
owPost('get_safe_logs', { siteName: siteName, toDate: day, p: page }, function(data){
var tmp = $.parseJSON(data.data);
if (!tmp.status){
layer.msg(rdata.msg, { icon: rdata.status ? 1 : 2 });
return;
}
var rdata = tmp.data;
var con = '';
for (var i = 0; i < rdata.length; i++) {
con += '<tr>\
<td class="td0">'+ escapeHTML(rdata[i][0]) + '</td>\
<td class="td1"><a class="btlink" href="javascript:add_log_ip_black(\''+ escapeHTML(rdata[i][1]) + '\');" title="加入黑名单">' + escapeHTML(rdata[i][1]) + '</a></td>\
<td class="td2">'+ escapeHTML(rdata[i][2]) + '</td>\
<td class="td3"><span class="td3txt">'+ escapeHTML(rdata[i][3]) + '</span></td>\
<td class="tdhide td4">'+ escapeHTML(rdata[i][4]) + '</td><td>已拦截</td>\
<td class="td5"><span class="filtertext">'+ escapeHTML(rdata[i][5]) + '</span></td>\
<td class="tdhide td6">'+ escapeHTML(rdata[i][6]) + '</td>\
<td class="text-right"><a href="javascript:;" class="btlink submit_msg" data-index="'+ i +'">误报</a> | <a href="javascript:;" class="btlink btwaf_details" data-index="'+ i +'">详细</a></td>\
</tr>'
}
$("#LogDayCon").html(con);
pagehtml = '<a class="Pstart" onclick="site_log_con(\'' + siteName + '\',\'' + day + '\',1)">首页</a><a class="prevPage" onclick="site_log_con(\'' + siteName + '\',\'' + day + '\',' + last + ')">上一页</a><a class="nextPage" onclick="site_log_con(\'' + siteName + '\',\'' + day + '\',' + next + ')">下一页</a><a class="Pcount">第 ' + page + ' 页</a>';
$("#size_log_page").html(pagehtml);
if (rdata.length < 1) $(".nextPage").hide();
if (last < 1) $(".prevPage").hide();
// 发送误报请求
$(".submit_msg").click(function () {
var _this = $(this);
var res = rdata[$(this).attr('data-index')];
layer.confirm('是否确定提交误报反馈?', { title: '误报反馈',closeBtn:2,icon:3}, function () {
var url_address = res[3];
var rule_arry = res[6].split(" &gt;&gt; ");
var pdata = { url_rule: url_address };
var loadT = layer.msg('正在添加URL白名单..', { icon: 16, time: 0 });
$.post('/plugin?action=a&name=btwaf&s=add_url_white', pdata, function (rdata) {
layer.msg(rdata.msg, { icon: rdata.status ? 1 : 2 });
layer.close(loadT);
if (rule_arry[1] != undefined){ $.get('https://www.bt.cn/Api/add_waf_logs?data=' + rule_arry[1],function(rdata){},'jsonp')}
});
});
})
// 详情
$(".btwaf_details").click(function () {
var res = rdata[$(this).attr('data-index')];
var time = res[0]; //时间
var ip_address = res[1]; //IP地址
var req_type = res[2]; // 请求类型
var url_address = res[3]; // 请求类型
var user_agent = res[4]; // 请求类型
var filters = res[5]; //过滤器
var filter_rule = ''; //过滤规则
var rule_arry = res[6].split(" &gt;&gt; ");
var incoming_value = '',risk_value = ''; //传入值,风险值
if(rule_arry.length == 0) filter_rule = rule_arry[0]
incoming_value = rule_arry[1] == undefined?'空':rule_arry[1];
risk_value = incoming_value.match(new RegExp(rule_arry[0].replace(/\//g,'\\/'),'i'));
risk_value = risk_value?risk_value[0]:'空';
layer.open({
type: 1,
title: time + "详情",
area: '600px',
closeBtn: 2,
shadeClose: false,
content: '<div class="pd15 lib-box">\
<table class="table" style="border:#ddd 1px solid; margin-bottom:10px">\
<tbody><tr><th>时间</th><td>'+ escapeHTML(time) + '</td><th>用户IP</th><td><a class="btlink" href="javascript:add_log_ip_black(\'' + escapeHTML(ip_address) + '\')" title="加入黑名单">' + escapeHTML(ip_address) + '</a></td></tr><tr><th>类型</th><td>' + escapeHTML(req_type) + '</td><th>过滤器</th><td>' + escapeHTML(filters) + '</td></tr></tbody></table>\
<div><b style="margin-left:10px">URI地址</b></div>\
<div class="lib-con pull-left mt10"><div class="divpre">'+ escapeHTML(url_address) + '</div></div>\
<div><b style="margin-left:10px">User-Agent</b></div>\
<div class="lib-con pull-left mt10"><div class="divpre">'+ escapeHTML(user_agent) + '</div></div>\
<div><b style="margin-left:10px">过滤规则</b></div>\
<div class="lib-con pull-left mt10"><div class="divpre">'+ escapeHTML(rule_arry[0]) + '</div></div>\
<div><b style="margin-left:10px">传入值</b></div>\
<div class="lib-con pull-left mt10"><div class="divpre">'+ escapeHTML(incoming_value) + '</div></div>\
<div><b style="margin-left:10px">风险值</b></div>\
<div class="lib-con pull-left mt10"><div class="divpre">'+ escapeHTML(risk_value) + '</div></div>\
</div>'
})
})
$("#LogDayCon td").click(function () {
$(this).parents("tr").addClass("active").siblings().removeClass("active");
});
});
}
function html_encode(value) {
return $('<div></div>').html(value).text();
}
function html_decode(value) {
return $('<div></div>').text(value).html();
}
//添加站点过滤规则
function addSiteRule(siteName, ruleName) {
var pdata = {
ruleValue: $("input[name='site_rule_value']").val(),
siteName: siteName,
ruleName: ruleName
}
if (pdata['ruleValue'] == '') {
layer.msg('过滤规则不能为空');
$("input[name='site_rule_value']").focus();
return;
}
owPost('add_site_rule', pdata, function(data){
var rdata = $.parseJSON(data.data);
layer.msg(rdata.msg, { icon: rdata.status ? 1 : 2 });
if (rdata.status) {
setTimeout(function(){
siteRuleAdmin(siteName, ruleName, 1);
},1000);
}
});
}
//删除站点过滤规则
function removeSiteRule(siteName, ruleName, index) {
var pdata = {
index: index,
siteName: siteName,
ruleName: ruleName
}
owPost('remove_site_rule', pdata, function(data){
var rdata = $.parseJSON(data.data);
layer.msg(rdata.msg, { icon: rdata.status ? 1 : 2 });
if (rdata.status) {
if (ruleName == 'url_tell') {
site_url_tell(siteName, 1);
return;
}
if (ruleName == 'url_rule') {
site_url_rule(siteName, 1);
return;
}
setTimeout(function(){
siteRuleAdmin(siteName, ruleName, 1);
},1000);
}
});
}
//网站规则管理
function siteRuleAdmin(siteName, ruleName, type) {
var placeho = '';
var ps = '';
var title = '';
switch (ruleName) {
case 'disable_php_path':
placeho = 'URI地址,支持正则表达式';
ps = '<li>此处请不要包含URI参数,一般针对目录URL,示例:/admin</li>'
title = '禁止运行PHP的URL地址'
break;
case 'disable_path':
placeho = 'URI地址,支持正则表达式';
ps = '<li>此处请不要包含URI参数,一般针对目录URL,示例:/admin</li>'
title = '禁止访问的URL地址'
break;
case 'disable_ext':
placeho = '扩展名,不包含点(.)示例sql';
ps = '<li>直接填要被禁止访问的扩展名,如我希望禁止访问*.sql文件sql</li>'
title = '禁止访问的扩展名'
break;
case 'disable_upload_ext':
placeho = '扩展名,不包含点(.)示例sql';
ps = '<li>直接填要被禁止访问的扩展名,如我希望禁止上传*.php文件php</li>'
title = '禁止上传的文件类型'
break;
}
if (type == undefined) {
create_l = layer.open({
type: 1,
title: "管理网站过滤规则【" + title + "】",
area: ['500px', '500px'],
closeBtn: 2,
shadeClose: false,
content: '<div class="pd15">\
<div style="border-bottom:#ccc 1px solid;margin-bottom:10px;padding-bottom:10px">\
<input class="bt-input-text" name="site_rule_value" type="text" value="" style="width:400px;margin-right:15px;margin-left:5px" placeholder="'+ placeho + '">\
<button class="btn btn-success btn-sm va0 pull-right" onclick="addSiteRule(\''+ siteName + '\',\'' + ruleName + '\');">添加</button>\</div>\
<div class="divtable">\
<div id="siteRuleAdmin" class="siteRuleAdmin" style="max-height:273px;overflow:auto;border:#ddd 1px solid">\
<table class="table table-hover" style="border:none">\
<thead>\
<tr>\
<th>规则</th>\
<th style="text-align: right;">操作</th>\
</tr>\
</thead>\
<tbody id="site_rule_admin_con" class="gztr"></tbody>\
</table>\
</div>\
</div>\
<ul class="help-info-text c7 ptb10">\
<li>除正则表达式语句外规则值对大小写不敏感,建议统一使用小写</li>'+ ps + '\
</ul></div>'
});
tableFixed("siteRuleAdmin");
}
owPost('get_site_rule', { siteName: siteName, ruleName: ruleName }, function(data){
var tmp = $.parseJSON(data.data);
var rdata = $.parseJSON(tmp.data);
var tbody = ''
for (var i = 0; i < rdata.length; i++) {
tbody += '<tr>\
<td>'+ rdata[i] + '</td>\
<td class="text-right"><a class="btlink" onclick="removeSiteRule(\''+ siteName + '\',\'' + ruleName + '\',' + i + ')">删除</a></td>\
</tr>'
}
$("#site_rule_admin_con").html(tbody);
});
}
//CDN-Header配置
function cdnHeader(siteName, type) {
if (type == undefined) {
create_l = layer.open({
type: 1,
title: "管理网站【" + siteName + "】CDN-Headers",
area: ['500px', '500px'],
closeBtn: 2,
shadeClose: false,
content: '<div class="pd15">\
<div style="border-bottom:#ccc 1px solid;margin-bottom:10px;padding-bottom:10px">\
<input class="bt-input-text" name="cdn_header_key" type="text" value="" style="width:400px;margin-right:15px;margin-left:5px" placeholder="header名称">\
<button class="btn btn-success btn-sm va0 pull-right" onclick="addCdnHeader(\''+ siteName + '\');">添加</button>\</div>\
<div class="divtable">\
<div id="cdnHeader" style="max-height:300px;overflow:auto;border:#ddd 1px solid">\
<table class="table table-hover" style="border:none">\
<thead>\
<tr>\
<th>header</th>\
<th style="text-align: right;">操作</th>\
</tr>\
</thead>\
<tbody id="cdn_header_con" class="gztr"></tbody>\
</table>\
</div>\
</div>\
<ul class="help-info-text c7 ptb10">\
<li>防火墙将尝试在以上header中获取客户IP</li>\
</ul></div>'
});
tableFixed("cdnHeader");
}
owPost('get_site_config_byname', { siteName: siteName }, function(data){
var tmp = $.parseJSON(data.data);
var t1 = tmp.data;
var rdata = t1['cdn_header'];
var tbody = ''
for (var i = 0; i < rdata.length; i++) {
tbody += '<tr>\
<td>'+ rdata[i] + '</td>\
<td class="text-right"><a class="btlink" onclick="removeCdnHeader(\''+ siteName + '\',\'' + rdata[i] + '\')">删除</a></td>\
</tr>'
}
$("#cdn_header_con").html(tbody);
});
}
//添加CDN-Header
function addCdnHeader(siteName) {
var pdata = {
cdn_header: $("input[name='cdn_header_key']").val(),
siteName: siteName
}
if (pdata['cdn_header'] == '') {
layer.msg('header不能为空');
$("input[name='cdn_header_key']").focus();
return;
}
owPost('add_site_cdn_header', pdata, function(data){
var rdata = $.parseJSON(data);
layer.msg(rdata.msg, { icon: rdata.status ? 1 : 2 });
if (rdata.status) {
setTimeout(function(){
cdnHeader(siteName, 1);
},1000);
}
});
}
//删除CDN-Header
function removeCdnHeader(siteName, cdn_header_key) {
owPost('remove_site_cdn_header', { siteName: siteName, cdn_header: cdn_header_key }, function(data){
var rdata = $.parseJSON(data.data);
layer.msg(rdata.msg, { icon: rdata.status ? 1 : 2 });
if (rdata.status) {
setTimeout(function(){
cdnHeader(siteName, 1);
},1000);
}
});
}
//设置网站防御功能
function setSiteObjState(siteName, obj) {
// var loadT = layer.msg('正在处理,请稍候..', { icon: 16, time: 0 });
owPost('set_site_obj_open', { siteName: siteName, obj: obj } , function(data){
var rdata = $.parseJSON(data.data);
layer.msg(rdata.msg, { icon: rdata.status ? 1 : 2 });
setTimeout(function(){
siteWafConfig(siteName, 1);
// siteConfig();
},1000);
});
// $.post('/plugin?action=a&name=btwaf&s=set_site_obj_open', { siteName: siteName, obj: obj }, function (rdata) {
// layer.close(loadT);
// site_waf_config(siteName, 1);
// siteconfig();
// layer.msg(rdata.msg, { icon: rdata.status ? 1 : 2 });
// });
}
//网站规则设置
function setSiteObjConf(siteName, ruleName, type) {
if (type == undefined) {
create_l = layer.open({
type: 1,
title: "编辑网站【" + siteName + "】规则【" + ruleName + "】",
area: ['700px', '530px'],
closeBtn: 2,
shadeClose: false,
content: '<div class="pd15">\
<div class="divtable">\
<div id="SetSiteObjConf" class="table_head_fix" style="max-height:375px;overflow:auto;border:#ddd 1px solid">\
<table class="table table-hover" style="border:none">\
<thead>\
<tr>\
<th width="450">规则</th>\
<th>说明</th>\
<th style="text-align: right;">状态</th>\
</tr>\
</thead>\
<tbody id="set_site_obj_conf_con" class="gztr"></tbody>\
</table>\
</div>\
</div>\
<ul class="help-info-text c7 ptb10">\
<li>此处继承全局设置中已启用的规则</li>\
<li>此处的设置仅对当前站点有效</li>\
</ul></div>'
});
tableFixed("SetSiteObjConf");
}
getRuleByName(ruleName, function(data){
var tmp = $.parseJSON(data.data);
var rdata = $.parseJSON(tmp.data);
var tbody = '';
var tbody = '';
for (var i = 0; i < rdata.length; i++) {
if (rdata[i][0] == -1) continue;
tbody += '<tr>\
<td>'+ rdata[i][1] + '</td>\
<td>'+ rdata[i][2] + '</td>\
<td style="text-align: right;">\
<div class="pull-right"><input class="btswitch btswitch-ios" id="close_'+ i + '" type="checkbox" ' + (rdata[i][0] ? 'checked' : '') + '>\
<label class="btswitch-btn" for="close_'+ i + '" style="width:2em;height:1.2em;margin-bottom: 0" for="closeua_' + i + '" onclick="set_site_rule_state(\'' + siteName + '\',\'' + ruleName + '\',' + i + ')"></label></div>\
</td>\
</tr>'
}
$("#set_site_obj_conf_con").html(tbody)
});
}
//网站设置
function siteWafConfig(siteName, type) {
if (type == undefined) {
create_2 = layer.open({
type: 1,
title: "网站配置【" + siteName + "】",
area: ['700px', '500px'],
closeBtn: 2,
shadeClose: false,
content: '<div id="s_w_c"></div>'
});
}
owPost('get_site_config_byname', { siteName: siteName }, function(data){
var tmp = $.parseJSON(data.data);
var rdata = tmp.data;
nginx_config = rdata;
var con = '<div class="pd15">\
<div class="lib-con-title">\
<span>网站防火墙开关</span>\
<div class="ssh-item" style="margin-right:20px;">\
<input class="btswitch btswitch-ios" id="closewaf_open" type="checkbox" '+ (rdata.open ? 'checked' : '') + '>\
<label class="btswitch-btn" for="closewaf_open" onclick="setSiteObjState(\''+ siteName + '\',\'open\')" style="width:2.4em;height:1.4em;margin-bottom: 0"></label>\
</div>\
</div>\
<div class="lib-con">\
<div class="divtable">\
<table class="table table-hover waftable">\
<thead>\
<tr>\
<th>名称</th>\
<th>描述</th>\
<th width="80">状态</th>\
<th style="text-align: right;">操作</th>\
</tr>\
</thead>\
<tbody>\
<tr>\
<td>CC防御</td>\
<td><font style="color:red;">'+ rdata.cc.cycle + '</font> 秒内,请求同一URI累计超过 <font style="color:red;">' + rdata.cc.limit + '</font> 次,封锁IP <font style="color:red;">' + rdata.cc.endtime + '</font> 秒</td>\
<td>\
<div class="ssh-item" style="margin-left:0">\
<input class="btswitch btswitch-ios" id="closecc" type="checkbox" '+ (rdata.cc.open ? 'checked' : '') + '>\
<label class="btswitch-btn" for="closecc" onclick="setSiteObjState(\''+ siteName + '\',\'cc\')"></label>\
</div>\
</td>\
<td class="text-right"><a class="btlink" onclick="setCcRule('+ rdata.cc.cycle + ',' + rdata.cc.limit + ',' + rdata.cc.endtime + ',\'' + siteName + '\',' + rdata.cc.increase + ')">设置</a></td>\
</tr>\
<tr>\
<td>恶意容忍设置</td>\
<td><font style="color:red;">'+ rdata.retry.retry_cycle + '</font> 秒内,累计超过 <font style="color:red;">' + rdata.retry.retry + '</font> 次恶意请求,封锁IP <font style="color:red;">' + rdata.retry.retry_time + '</font> 秒</td>\
<td style="text-align: left;">&nbsp;&nbsp;--</td>\
<td class="text-right"><a class="btlink" onclick="setRetry('+ rdata.retry.retry_cycle + ',' + rdata.retry.retry + ',' + rdata.retry.retry_time + ',\'' + siteName + '\')">设置</a></td>\
</tr>\
<tr>\
<td>GET-URI过滤</td>\
<td>'+ rdata.get.ps + '</td>\
<td>\
<div class="ssh-item" style="margin-left:0">\
<input class="btswitch btswitch-ios" id="closeget" type="checkbox" '+ (rdata.get ? 'checked' : '') + '>\
<label class="btswitch-btn" for="closeget" onclick="setSiteObjState(\''+ siteName + '\',\'get\')"></label>\
</div>\
</td>\
<td class="text-right"><a class="btlink" onclick="setSiteObjConf(\''+ siteName + '\',\'url\')">规则</a></td>\
</tr>\
<td>GET-参数过滤</td>\
<td>'+ rdata.get.ps + '</td>\
<td>\
<div class="ssh-item" style="margin-left:0">\
<input class="btswitch btswitch-ios" id="closeargs" type="checkbox" '+ (rdata.get ? 'checked' : '') + '>\
<label class="btswitch-btn" for="closeargs" onclick="setSiteObjState(\''+ siteName + '\',\'get\')"></label>\
</div>\
</td>\
<td class="text-right"><a class="btlink" onclick="setSiteObjConf(\''+ siteName + '\',\'args\')">规则</a></td>\
</tr>\
<tr>\
<td>POST过滤</td>\
<td>'+ rdata.post.ps + '</td>\
<td>\
<div class="ssh-item" style="margin-left:0">\
<input class="btswitch btswitch-ios" id="closepost" type="checkbox" '+ (rdata.post ? 'checked' : '') + '>\
<label class="btswitch-btn" for="closepost" onclick="setSiteObjState(\''+ siteName + '\',\'post\')"></label>\
</div>\
</td>\
<td class="text-right"><a class="btlink" onclick="setSiteObjConf(\''+ siteName + '\',\'post\')">规则</a></td>\
</tr>\
<tr>\
<td>User-Agent过滤</td>\
<td>'+ rdata['user-agent'].ps + '</td>\
<td>\
<div class="ssh-item" style="margin-left:0">\
<input class="btswitch btswitch-ios" id="closeua" type="checkbox" '+ (rdata['user-agent'] ? 'checked' : '') + '>\
<label class="btswitch-btn" for="closeua" onclick="setSiteObjState(\''+ siteName + '\',\'user-agent\')"></label>\
</div>\
</td>\
<td class="text-right"><a class="btlink" onclick="setSiteObjConf(\''+ siteName + '\',\'user_agent\')">规则</a></td>\
</tr>\
<tr>\
<td>Cookie过滤</td>\
<td>'+ rdata.cookie.ps + '</td>\
<td>\
<div class="ssh-item" style="margin-left:0">\
<input class="btswitch btswitch-ios" id="closecookie" type="checkbox" '+ (rdata.cookie ? 'checked' : '') + '>\
<label class="btswitch-btn" for="closecookie" onclick="setSiteObjState(\''+ siteName + '\',\'cookie\')"></label>\
</div>\
</td>\
<td class="text-right"><a class="btlink" onclick="setSiteObjConf(\''+ siteName + '\',\'cookie\')">规则</a></td>\
</tr>\
<tr>\
<td>常见扫描器</td><td>'+ rdata.scan.ps + '</td>\
<td>\
<div class="ssh-item" style="margin-left:0">\
<input class="btswitch btswitch-ios" id="closescan" type="checkbox" '+ (rdata.scan ? 'checked' : '') + '>\
<label class="btswitch-btn" for="closescan" onclick="setSiteObjState(\''+ siteName + '\',\'scan\')"></label>\
</div>\
</td>\
<td class="text-right"><a class="btlink" onclick="scanRule()">设置</a></td>\
</tr>\
<tr>\
<td>使用CDN</td>\
<td>该站点使用了CDN,启用后方可正确获取客户IP</td>\
<td>\
<div class="ssh-item" style="margin-left:0">\
<input class="btswitch btswitch-ios" id="closecdn" type="checkbox" '+ (rdata.cdn ? 'checked' : '') + '>\
<label class="btswitch-btn" for="closecdn" onclick="setSiteObjState(\''+ siteName + '\',\'cdn\')"></label>\
</div>\
</td>\
<td class="text-right"><a class="btlink" onclick="cdnHeader(\''+ siteName + '\')">设置</a></td>\
</tr>\
<tr>\
<td>禁止扩展名</td>\
<td>禁止访问指定扩展名</td>\
<td style="text-align: left;">&nbsp;&nbsp;--</td>\
<td class="text-right"><a class="btlink" onclick="siteRuleAdmin(\''+ siteName + '\',\'disable_ext\')">设置</a></td>\
</tr>\
<tr>\
<td>禁止上传的文件类型</td>\
<td>禁止上传指定的文件类型</td>\
<td style="text-align: left;">&nbsp;&nbsp;--</td>\
<td class="text-right"><a class="btlink" onclick="siteRuleAdmin(\''+ siteName + '\',\'disable_upload_ext\')">设置</a></td>\
</tr>\
</tbody>\
</table>\
</div>\
</div>\
<ul class="help-info-text c7">\
<li>注意: 此处大部分配置,仅对当前站点有效!</li>\
</ul>\
</div>';
$("#s_w_c").html(con);
});
}
function wafSite(){
owPost('get_site_config', {}, function(data){
var tmp = $.parseJSON(data.data);
var rdata = $.parseJSON(tmp.data);
var tbody = '';
var i = 0;
$.each(rdata, function (k, v) {
i += 1;
tbody += '<tr>\
<td><a onclick="siteWafConfig(\''+ k + '\')" class="sitename btlink" title="' + k + '">' + k + '</a></td>\
<td>\
<input onclick="setSiteObjState(\''+ k + '\',\'get\')" type="checkbox" ' + (v.get ? 'checked' : '') + '><span class="' + back_css(v.total[1].value) + '" title="拦截GET渗透次数:' + v.total[1].value + '">' + v.total[1].value + '</span>\
</td>\
<td>\
<input onclick="setSiteObjState(\''+ k + '\',\'post\')" type="checkbox" ' + (v.post ? 'checked' : '') + '><span class="' + back_css(v.total[0].value) + '" title="拦截POST渗透次数:' + v.total[0].value + '">' + v.total[0].value + '</span>\
</td>\
<td>\
<input onclick="setSiteObjState(\''+ k + '\',\'user-agent\')" type="checkbox" ' + (v['user-agent'] ? 'checked' : '') + '><span class="' + back_css(v.total[3].value) + '" title="拦截恶意User-Agent次数:' + v.total[3].value + '">' + v.total[3].value + '</span>\
</td>\
<td>\
<input onclick="setSiteObjState(\''+ k + '\',\'cookie\')" type="checkbox" ' + (v.cookie ? 'checked' : '') + '><span class="' + back_css(v.total[4].value) + '" title="拦截Cookie渗透次数:' + v.total[4].value + '">' + v.total[4].value + '</span>\
</td>\
<td>\
<input onclick="setSiteObjState(\''+ k + '\',\'cdn\')" type="checkbox" ' + (v.cdn ? 'checked' : '') + '>\
</td>\
<td>\
<input onclick="setSiteObjState(\''+ k + '\',\'cc\')" type="checkbox" ' + (v.cc.open ? 'checked' : '') + '><span class="' + back_css(v.total[2].value) + '" title="拦截CC攻击次数:' + v.total[2].value + '">' + v.total[2].value + '</span>\
</td>\
<td>\
<div class="ssh-item" style="margin-left:0">\
<input class="btswitch btswitch-ios" id="closeget_'+ i + '" type="checkbox" ' + (v.open ? 'checked' : '') + '>\
<label class="btswitch-btn" for="closeget_'+ i + '" onclick="setSiteObjState(\'' + k + '\',\'open\')"></label>\
</div>\
</td>\
<td class="text-right"><a onclick="siteWafLog(\''+ k + '\')" class="btlink ' + (v.log_size > 0 ? 'dot' : '') + '">日志</a> | <a onclick="siteWafConfig(\'' + k + '\')" class="btlink">设置</a></td>\
</tr>'
});
var con = '<div class="lib-box">\
<div class="lib-con">\
<div class="divtable">\
<div id="siteCon_fix" style="max-height:580px; overflow:auto;border:#ddd 1px solid">\
<table class="table table-hover waftable" style="border:none">\
<thead>\
<tr>\
<th>站点</th>\
<th>GET</th>\
<th>POST</th>\
<th>UA</th>\
<th>Cookie</th>\
<th title="这个网站使用了CDN或其它代理时请勾选">CDN</th>\
<th>CC防御</th>\
<th>状态</th>\
<th style="text-align: right;">操作</th>\
</tr>\
</thead>\
<tbody>'+ tbody + '</tbody>\
</table>\
</div>\
</div>\
</div>\
</div>';
$(".soft-man-con").html(con);
tableFixed("siteCon_fix");
});
}
function wafHistory(){
var con = '<button class="btn btn-success btn-sm" onclick="UncoverAll()">解封所有</button>';
con += '<div class="divtable mt10">\
<table class="table table-hover waftable" style="color:#fff;">\
<thead><tr><th width="18%">开始时间</th>\
<th width="44%">IP</th>\
<th width="10%">站点</th>\
<th width="10%">封锁原因</th>\
<th width="10%">封锁时长</th>\
<th style="text-align: center;" width="10%">状态</th>\
</thead>\
</table>\
</div>';
$(".soft-man-con").html(con);
}
function wafLogs(){
var con = '<div class="divtable">\
<table class="table table-hover waftable" style="color:#fff;">\
<thead><tr><th width="18%">名称</th>\
<th width="44%">描述</th>\
<th width="10%">响应</th>\
<th style="text-align: center;" width="10%">状态</th>\
<th style="text-align: right;">操作</th></tr>\
</thead>\
</table>\
</div>';
$(".soft-man-con").html(con);
}