Documentation
¶
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type CustomsSpec ¶
type CustomsSpec string
CustomsSpec defines a custom WAF rule.
func (*CustomsSpec) Type ¶
func (rule *CustomsSpec) Type() RuleType
Type returns the type of the custom rule.
type GeoIPBlockerSpec ¶
type GeoIPBlockerSpec struct {
DBPath string `json:"dbPath" jsonschema:"required"`
DBUpdateCron string `json:"dbUpdateCron,omitempty"`
AllowedCountries []string `json:"allowedCountries,omitempty"`
DeniedCountries []string `json:"deniedCountries,omitempty"`
}
func (*GeoIPBlockerSpec) Type ¶
func (blocker *GeoIPBlockerSpec) Type() RuleType
type IPBlockerSpec ¶
type IPBlockerSpec struct {
WhiteList []string `json:"whitelist,omitempty"`
BlackList []string `json:"blacklist,omitempty"`
}
IPBlockerSpec defines the specification for IP blocking.
func (*IPBlockerSpec) Type ¶
func (blocker *IPBlockerSpec) Type() RuleType
type OwaspRulesSpec ¶
type OwaspRulesSpec []string
OwaspRulesSpec defines the specification for OWASP rules.
func (*OwaspRulesSpec) Type ¶
func (owasp *OwaspRulesSpec) Type() RuleType
Type returns the type of the OWASP rule.
type PreWAFProcessor ¶
type PreWAFProcessor func(ctx *context.Context, tx types.Transaction, req *httpprot.Request) *WAFResult
PreWAFProcessor defines a function type for preprocessing requests before applying WAF rules.
type Rule ¶
type Rule interface {
// Type returns the type of the rule.
Type() RuleType
}
Rule defines the interface for a WAF rule.
type RuleGroupSpec ¶
type RuleGroupSpec struct {
Name string `json:"name" jsonschema:"required"`
// LoadOwaspCrs indicates whether to load the OWASP Core Rule Set.
// Please check https://github.com/corazawaf/coraza-coreruleset for more details.
LoadOwaspCrs bool `json:"loadOwaspCrs,omitempty"`
Rules RuleSpec `json:"rules" jsonschema:"required"`
}
RuleGroupSpec defines the specification for a WAF rule group.
type RuleSpec ¶
type RuleSpec struct {
// OwaspRules defines the OWASP rules to be applied.
// See the example of https://github.com/corazawaf/coraza-coreruleset for more details.
OwaspRules *OwaspRulesSpec `json:"owaspRules,omitempty"`
Customs *CustomsSpec `json:"customRules,omitempty"`
IPBlocker *IPBlockerSpec `json:"ipBlocker,omitempty"`
GeoIPBlocker *GeoIPBlockerSpec `json:"geoIPBlocker,omitempty"`
}
RuleSpec defines a WAF rule.
type RuleType ¶
type RuleType string
RuleType defines the type of WAF rule.
const ( // TypeCustoms defines the type for custom WAF rules. TypeCustoms RuleType = "Customs" // TypeOwaspRules defines the type for OWASP rules. TypeOwaspRules RuleType = "OwaspRules" // TypeSQLInjection defines the type for SQL injection rules. TypeSQLInjection RuleType = "SQLInjection" // TypeIPBlocker defines the type for IP blocking rules. TypeIPBlocker RuleType = "IPBlocker" // TypeGeoIPBlocker defines the type for GeoIP blocking rules. TypeGeoIPBlocker RuleType = "GeoIPBlocker" )
type WAFResult ¶
type WAFResult struct {
// Interruption indicates whether the request was interrupted by the WAF.
Interruption *types.Interruption
Message string `json:"message,omitempty"`
Result WAFResultType `json:"result,omitempty"`
}
WAFResult defines the result structure for WAF rules.
type WAFResultType ¶
type WAFResultType string
WAFResultType defines the type of WAF result.
const ( // ResultOk indicates that the request is allowed. In easegress, this is empty string. ResultOk WAFResultType = "" // ResultBlocked indicates that the request is blocked. ResultBlocked WAFResultType = "blocked" // ResultError indicates that an internal error occurred while processing the request. ResultError WAFResultType = "internalError" )
Click to show internal directories.
Click to hide internal directories.