Documentation
¶
Index ¶
- Constants
- Variables
- func GenForbiddenHttpResponse(req *bfe_basic.Request, eventId string) *bfe_http.Response
- type ClusterConfigs
- type ConfBasic
- type ConfModWaf
- type GlobalParam
- type GlobalParamConf
- type GlobalParamConfFile
- type GlobalParamFile
- type HealthCheckerConf
- type HealthCheckerConfFile
- type ModuleWaf
- func (m *ModuleWaf) Init(cbs *bfe_module.BfeCallbacks, whs *web_monitor.WebHandlers, cr string) error
- func (m *ModuleWaf) LoadConfig(confPath string, confRoot string) error
- func (m *ModuleWaf) Name() string
- func (m *ModuleWaf) ProductParamLoad(path string) error
- func (m *ModuleWaf) WafClientDataLoad(path string) error
- func (m *ModuleWaf) WafInstancesLoad(path string) error
- type ModuleWafState
- type MonitorStates
- type Peeker
- type ProductParamConf
- type ProductParamConfFile
- type ProductParamTable
- type ProductParams
- type WafClient
- func (c *WafClient) AddRefCount()
- func (c *WafClient) Close() error
- func (c *WafClient) DecRefCount()
- func (c *WafClient) Detect(req *bfe_basic.Request, wafReq *http.Request, param *WafParam) (bool, string)
- func (c *WafClient) GetDetectParam(bodySize int64) (time.Duration, int)
- func (c *WafClient) GetRefCount() int
- func (c *WafClient) IsAvailable() bool
- func (c *WafClient) SetDeleteTag()
- func (c *WafClient) UpdateInstanceConf(instConf *WafInstance)
- func (c *WafClient) UpdateWafGlobalParam(wafGlobalParam *GlobalParam)
- func (c *WafClient) WafServerAddress() string
- func (c *WafClient) WillBeDeleted() bool
- type WafClientPool
- type WafDetectResult
- type WafInstance
- type WafInstancesConf
- type WafInstancesConfFile
- type WafParam
Constants ¶
View Source
const ( DELAY_STAT_INTERVAL = 20 // delay stat interval DELAY_BUCKET_SIZE = 1 // delay bucket size DELAY_BUCKET_NUM = 20 // delay bucket num )
delay_counter.DelayRecent parameters
View Source
const ( ModUnifiedWaf = "mod_unified_waf" KP_SD_MOD_WAF = "waf_client" KP_SD_MOD_WAF_DIFF = "waf_client_diff" KP_MOD_WAF_DELAY = "waf_client_delay" KP_MOD_WAF_PEEK_DELAY = "waf_client_delay_peek_body" KP_MOD_WAF_COMP_DELAY = "waf_client_delay_call_competition" TO_DELETE_CLIENTS = "waf_client.to_delete_clients" ACTIVE_CLIENTS = "waf_client.active_clients" DELETED_CLIENTS = "waf_client.deleted_clients" ADDED_CLIENTS = "waf_client.added_clients" )
View Source
const ( DEFAULT_POOL_SIZE = 8 // default waf client connection pool size DEFAULT_CONCURRENCY = 2000 // default waf client concurrency )
View Source
const (
DIFF_COUNTER_INTERVAL = 20
)
View Source
const NoneWafName = "None"
Variables ¶
View Source
var COUNTER_KEYS = []string{ bfe_basic.REQ_NO_CHECK, bfe_basic.REQ_FORBIDDEN, bfe_basic.REQ_OK, bfe_basic.REQ_TIMEOUT, bfe_basic.REQ_OTHER, bfe_basic.NET_ERR, }
View Source
var (
ERR_WAF_FORBIDDEN = errors.New("FORBIDDEN_BY_WAF") // request forbidden by waf
)
Functions ¶
Types ¶
type ClusterConfigs ¶
type ClusterConfigs struct {
WafCluster []WafInstance `json:"WafCluster"`
}
waf instance config for waf clusters
type ConfModWaf ¶
type ConfModWaf struct {
Basic ConfBasic
ConfigPath struct {
ModWafDataPath string // configure path for mod_unified_waf.data
ProductParamPath string // configure path for product_param.data
WafInstancesPath string // configure path for waf_instances.data
}
Log struct {
OpenDebug bool
}
}
func (*ConfModWaf) Check ¶
func (cfg *ConfModWaf) Check(confRoot string) error
check also fix some configure value
type GlobalParam ¶
type GlobalParam struct {
WafClient struct {
ConnectTimeout int // connect timeout for waf client
Concurrency int // how many concurrency call for one waf client
//ConnPoolSize int //connection pool size
MaxWaitCount int //max wait rate for request waiting for token
}
WafDetect struct {
RetryMax int // max retry number in each request detecting
ReqTimeout int // total timeout for a request detecting
}
HealthChecker HealthCheckerConf
}
global param for mod_unified_waf
func (*GlobalParam) GetReqTimeout ¶
func (p *GlobalParam) GetReqTimeout(bodySize int) int
type GlobalParamConf ¶
type GlobalParamConf struct {
Version string
Config GlobalParam
}
func WafDataParamLoadAndCheck ¶
func WafDataParamLoadAndCheck(filename string) (*GlobalParamConf, error)
reload_trigger adaptor interface
type GlobalParamConfFile ¶
type GlobalParamConfFile struct {
Version *string // version string
Config *GlobalParamFile // global param for mod_unified_waf
}
global param in config file
func (*GlobalParamConfFile) Check ¶
func (cfg *GlobalParamConfFile) Check() error
type GlobalParamFile ¶
type GlobalParamFile struct {
WafClient struct {
ConnectTimeout int // connect timeout for waf client
Concurrency int // how many concurrency call for one waf client
MaxWaitCount int //max wait rate for request waiting for token
}
WafDetect struct {
ReqTimeout int // total timeout for a request detecting
RetryMax int // max retry number in each request detecting
}
HealthChecker HealthCheckerConfFile
}
global param for mod_unified_waf
func (*GlobalParamFile) Check ¶
func (p *GlobalParamFile) Check() error
type HealthCheckerConf ¶
type HealthCheckerConf struct {
HealthCheckInterval int64 //health check interval(ms)
}
type HealthCheckerConfFile ¶
type HealthCheckerConfFile struct {
HealthCheckInterval int64 //health check interval(ms)
}
type ModuleWaf ¶
type ModuleWaf struct {
// contains filtered or unexported fields
}
func NewModuleWaf ¶
func NewModuleWaf() *ModuleWaf
func (*ModuleWaf) Init ¶
func (m *ModuleWaf) Init(cbs *bfe_module.BfeCallbacks, whs *web_monitor.WebHandlers, cr string) error
func (*ModuleWaf) LoadConfig ¶
load configure from conf file
func (*ModuleWaf) ProductParamLoad ¶
for product_param.data
func (*ModuleWaf) WafClientDataLoad ¶
for mod_unified_waf.data
func (*ModuleWaf) WafInstancesLoad ¶
type ModuleWafState ¶
type ModuleWafState struct {
}
type MonitorStates ¶
type MonitorStates struct {
// contains filtered or unexported fields
}
func NewMonitorStates ¶
func NewMonitorStates() *MonitorStates
type ProductParamConf ¶
type ProductParamConf struct {
Version string
Config ProductParams
}
func ProductParamLoadAndCheck ¶
func ProductParamLoadAndCheck(filename string) (ProductParamConf, error)
reload_trigger adaptor interface
type ProductParamConfFile ¶
type ProductParamConfFile struct {
Version *string // version string
Config *ProductParams // product param
}
product parameters in config file
func (*ProductParamConfFile) Check ¶
func (cfg *ProductParamConfFile) Check() error
type ProductParamTable ¶
type ProductParamTable struct {
// contains filtered or unexported fields
}
func NewProductParamTable ¶
func NewProductParamTable() *ProductParamTable
func (*ProductParamTable) GetRequestWafParam ¶
func (t *ProductParamTable) GetRequestWafParam(req *bfe_basic.Request) *WafParam
func (*ProductParamTable) Update ¶
func (t *ProductParamTable) Update(param ProductParams, ver string)
func (*ProductParamTable) Version ¶
func (t *ProductParamTable) Version() string
type ProductParams ¶
each product's waf param key is product name
type WafClient ¶
type WafClient struct {
HCConf HealthCheckerConf
// contains filtered or unexported fields
}
func NewWafClient ¶
func NewWafClient(wafEntries *waf_impl.WafImplMethodBundle, addr string, instConf *WafInstance, wafParam *GlobalParam, poolSize int, m *MonitorStates) (*WafClient, error)
func (*WafClient) AddRefCount ¶
func (c *WafClient) AddRefCount()
func (*WafClient) DecRefCount ¶
func (c *WafClient) DecRefCount()
func (*WafClient) GetDetectParam ¶
func (*WafClient) GetRefCount ¶
func (*WafClient) IsAvailable ¶
func (*WafClient) SetDeleteTag ¶
func (c *WafClient) SetDeleteTag()
func (*WafClient) UpdateInstanceConf ¶
func (c *WafClient) UpdateInstanceConf(instConf *WafInstance)
func (*WafClient) UpdateWafGlobalParam ¶
func (c *WafClient) UpdateWafGlobalParam(wafGlobalParam *GlobalParam)
func (*WafClient) WafServerAddress ¶
func (*WafClient) WillBeDeleted ¶
type WafClientPool ¶
type WafClientPool struct {
// contains filtered or unexported fields
}
func NewWafClientPool ¶
func NewWafClientPool(m *MonitorStates) *WafClientPool
func (*WafClientPool) Alloc ¶
func (p *WafClientPool) Alloc() (*WafClient, error)
func (*WafClientPool) Release ¶
func (p *WafClientPool) Release(client *WafClient)
func (*WafClientPool) SetConfBasic ¶
func (p *WafClientPool) SetConfBasic(confBasic ConfBasic) error
func (*WafClientPool) Update ¶
func (p *WafClientPool) Update(instances []WafInstance)
func (*WafClientPool) UpdateWafParam ¶
func (p *WafClientPool) UpdateWafParam(data *GlobalParamConf)
type WafDetectResult ¶
func (*WafDetectResult) Blocked ¶
func (obj *WafDetectResult) Blocked() bool
func (*WafDetectResult) Passed ¶
func (obj *WafDetectResult) Passed() bool
type WafInstance ¶
type WafInstancesConf ¶
type WafInstancesConf struct {
Version string `json:"version"`
WafCluster []WafInstance `json:"WafCluster"`
}
func WafInstancesLoadAndCheck ¶
func WafInstancesLoadAndCheck(filename string) (WafInstancesConf, error)
reload_trigger adaptor interface
type WafInstancesConfFile ¶
type WafInstancesConfFile struct {
Version *string
Config *ClusterConfigs
}
global param in config file
func (*WafInstancesConfFile) Check ¶
func (cfg *WafInstancesConfFile) Check() error
Source Files
¶
Directories
Click to show internal directories.
Click to hide internal directories.