loveshell · Apr 28, 2015 · May 14, 2015 · May 14, 2015 · May 14, 2015 · May 19, 2015
Showing with 19 additions and 14 deletions.

+3 −3 README.md

+8 −6 init.lua

+8 −4 waf.lua

+0 −1 wafconf/post
diff --git a/README.md b/README.md
@@ -64,7 +64,7 @@ nginx安装路径假设为:/usr/local/nginx/conf/
         whiteModule = "on" 
         --是否开启URL白名单
         black_fileExt={"php","jsp"}
-        --填写可上传文件后缀类型
+        --填写不允许上传文件后缀类型
         ipWhitelist={"127.0.0.1"}
         --ip白名单，多个ip用逗号分隔
         ipBlocklist={"1.0.0.1"}
@@ -106,8 +106,8 @@ nginx安装路径假设为:/usr/local/nginx/conf/
 
 	过滤规则在wafconf下，可根据需求自行调整，每条规则需换行,或者用|分割
 
-		global是全局过滤文件，里面的规则对post和get都过滤		
-		get是只在get请求过滤的规则		
+		args里面的规则get参数进行过滤的
+		url是只在get请求url过滤的规则		
 		post是只在post请求过滤的规则		
 		whitelist是白名单，里面的url匹配到不做过滤		
 		user-agent是对user-agent的过滤规则

diff --git a/init.lua b/init.lua
@@ -15,10 +15,7 @@ attacklog = optionIsOn(attacklog)
 CCDeny = optionIsOn(CCDeny)
 Redirect=optionIsOn(Redirect)
 function getClientIp()
-        IP = ngx.req.get_headers()["X-Real-IP"]
-        if IP == nil then
-                IP  = ngx.var.remote_addr 
-        end
+        IP  = ngx.var.remote_addr 
         if IP == nil then
                 IP  = "unknown"
         end
@@ -112,9 +109,14 @@ function args()
         local args = ngx.req.get_uri_args()
         for key, val in pairs(args) do
             if type(val)=='table' then
-                if val ~= false then
-                    data=table.concat(val, " ")
+                 local t={}
+                 for k,v in pairs(val) do
+                    if v == true then
+                        v=""
+                    end
+                    table.insert(t,v)
                 end
+                data=table.concat(t, " ")
             else
                 data=val
             end

diff --git a/waf.lua b/waf.lua
@@ -1,5 +1,6 @@
 local content_length=tonumber(ngx.req.get_headers()['content-length'])
 local method=ngx.req.get_method()
+local ngxmatch=ngx.re.match
 if whiteip() then
 elseif blockip() then
 elseif denycc() then
@@ -41,12 +42,12 @@ elseif PostCheck then
 	   	        return true
     	    	end
 		size = size + len(data)
-		local m = ngx.re.match(data,'Content-Disposition: form-data;(.+)filename="(.+)\\.(.*)"','ijo')
+		local m = ngxmatch(data,[[Content-Disposition: form-data;(.+)filename="(.+)\\.(.*)"]],'ijo')
         	if m then
             		fileExtCheck(m[3])
             		filetranslate = true
         	else
-            		if ngx.re.find(data,"Content-Disposition:",'isjo') then
+            		if ngxmatch(data,"Content-Disposition:",'isjo') then
                 		filetranslate = false
             		end
             		if filetranslate==false then
@@ -68,13 +69,16 @@ elseif PostCheck then
 				return
 			end
 			for key, val in pairs(args) do
-				if type(val) == "table" or val == false then
+				if type(val) == "table" then
+					if type(val[1]) == "boolean" then
+						return
+					end
 					data=table.concat(val, ", ")
 				else
 					data=val
 				end
 				if data and type(data) ~= "boolean" and body(data) then
-                  return true
+                			body(key)
 				end
 			end
 		end

diff --git a/wafconf/post b/wafconf/post
@@ -1,4 +1,3 @@
-\.\./
 select.+(from|limit)
 (?:(union(.*?)select))
 having|rongjitest