private AnalyzeResult AnalyzeHttpHeader(HeaderStruct Header) { //实例化http的GET请求的分析结果 AnalyzeResult GetMethodResult = new AnalyzeResult(); //判断该请求是否有为黑名单,是否设置了访问流量限制和访问频率限制 LimitList LimitJudge = new LimitList(); FrequenceLimit FrequenceJudge = new FrequenceLimit(); FlowLimit FlowJudge = new FlowLimit(); GetMethodResult.RequestHeader = Header; GetMethodResult.RequestContents = string.Empty; if (!LimitJudge.IsLimitVisitor(Header.HostIp)) { GetMethodResult.ResultReport = "该主机已被设置为黑名单,无法访问"; return(GetMethodResult); } if (LimitJudge.GetLimitVisitorTotalRate(Header.HostIp) > 0) { if (!FrequenceJudge.IsOverTimesNum(LimitJudge.GetLimitVisitorTotalRate(Header.HostIp), Header.HostIp)) { GetMethodResult.ResultReport = "请求过于频繁,系统自动判定为异常请求!请稍后再试!"; return(GetMethodResult); } } else if (LimitJudge.GetLimitVisitorTotalRate(Header.HostIp) == 0) { GetMethodResult.ResultReport = "数据库出错"; return(GetMethodResult); } IPAddress CheckIPAddress = null; if (!IPAddress.TryParse(Header.HostIp, out CheckIPAddress)) { GetMethodResult.ResultReport = "请求报文的IP地址不合法!"; return(GetMethodResult); } HttpRequestFilter Filter = new HttpRequestFilter(); Header.URL = Filter.URLFilter(Header.URL); //过滤URL特殊字符 if (Header.URL == "URL字符过滤异常") { GetMethodResult.ResultReport = Header.URL; return(GetMethodResult); } GetMethodResult.ResultReport = "请求过滤成功"; return(GetMethodResult); }
//执行防火墙功能的数据库设置 private string CompleteSetting(SetWafManager SetLimitRequest) { Boolean Result = true; LimitList LimitSetting = new LimitList(); string HostIp = SetLimitRequest.Visitor_IP; int Flow_TotalRate = (SetLimitRequest.Flow_TotalRate == null ? 0 : int.Parse(SetLimitRequest.Flow_TotalRate)); int Visitor_TotalRate = (SetLimitRequest.Visitor_TotalRate == null ? 0:int.Parse(SetLimitRequest.Visitor_TotalRate)); Boolean Visit_Limit = SetLimitRequest.Visit_Limit; if (string.IsNullOrEmpty(HostIp)) { return("IP地址不能为空"); } if (Flow_TotalRate > 0) { Result = LimitSetting.SetFlowTotalRate(HostIp, Flow_TotalRate); } if (!Result || Flow_TotalRate < 0) { return("流量设置出错"); } if (Visitor_TotalRate > 0) { Result = LimitSetting.SetVisitorTotalRate(HostIp, Visitor_TotalRate); } if (!Result || Visitor_TotalRate < 0) { return("访问频率设置出错"); } if (Visit_Limit == true || Visit_Limit == false) { Result = LimitSetting.SetLimitVisitor(HostIp, Visit_Limit); } if (!Result) { return("名单限制设置失败"); } return("设置成功"); }
//调用方法执行获取数据库中防火墙功能设置历史的记录 private string[] GetLimitList() { LimitList LimitSetting = new LimitList(); return(LimitSetting.GetLimitDataList()); }
private AnalyzeResult AnalyzeHttpRequest(HttpRequestBase Request, HeaderStruct Header) //该方法用于分析http请求的头部信息 { //实例化http的POST请求的分析结果 AnalyzeResult PostAnalyzeResult = new AnalyzeResult(); //判断该请求是否有为黑名单,是否设置了访问流量限制和访问频率限制 LimitList LimitJudge = new LimitList(); FrequenceLimit FrequenceJudge = new FrequenceLimit(); FlowLimit FlowJudge = new FlowLimit(); if (!LimitJudge.IsLimitVisitor(Header.HostIp)) { PostAnalyzeResult.ResultReport = "该主机已被设置为黑名单,无法访问"; return(PostAnalyzeResult); } if (LimitJudge.GetLimitVisitorTotalRate(Header.HostIp) > 0) { if (!FrequenceJudge.IsOverTimesNum(LimitJudge.GetLimitVisitorTotalRate(Header.HostIp), Header.HostIp)) { PostAnalyzeResult.ResultReport = "请求过于频繁,系统自动判定为异常请求!请稍后再试!"; return(PostAnalyzeResult); } } else if (LimitJudge.GetLimitVisitorTotalRate(Header.HostIp) == 0) { PostAnalyzeResult.ResultReport = "数据库出错"; return(PostAnalyzeResult); } if (LimitJudge.GetLimitFlowTotalRate(Header.HostIp) > 0) { if (!FlowJudge.IsOverFlow(LimitJudge.GetLimitFlowTotalRate(Header.HostIp), Header.TotalBytes, Header.HostIp)) { PostAnalyzeResult.ResultReport = "请求信息量太大,系统自动判定为异常请求!请稍后再试!"; return(PostAnalyzeResult); } } else if (LimitJudge.GetLimitFlowTotalRate(Header.HostIp) == 0) { PostAnalyzeResult.ResultReport = "数据库错误"; return(PostAnalyzeResult); } IPAddress CheckIPAddress = null; if (!IPAddress.TryParse(Header.HostIp, out CheckIPAddress)) { PostAnalyzeResult.ResultReport = "请求报文的IP地址不合法!"; return(PostAnalyzeResult); } //获取请求字符串,并判断请求长度是否合法 if (Request.ContentLength > (Int32.MaxValue) / 50) { PostAnalyzeResult.ResultReport = "请求内容太大,丢弃请求!"; return(PostAnalyzeResult); } //通过流到字符的转化,将请求内容获取到RequestContent变量 Stream RequestStream = Request.InputStream; StreamReader MyStream = new StreamReader(RequestStream, Encoding.UTF8); string RequestContent = MyStream.ReadToEnd(); HttpRequestFilter Filter = new HttpRequestFilter(); RequestContent = Filter.HTMLFilter(RequestContent); //过滤HTML标签 RequestContent = Filter.SqlFilter(RequestContent); //过滤sql关键字 RequestContent = Filter.SpecialCharFilter(RequestContent); //过滤特殊字符 RequestContent = Filter.XSSFilter(RequestContent); //过滤XSS脚本 if (RequestContent == "HTML标签过滤异常" || RequestContent == "特殊字符过滤异常" || RequestContent == "SQL字符过滤异常" || RequestContent == "XSS过滤异常") { PostAnalyzeResult.ResultReport = RequestContent; return(PostAnalyzeResult); } Header.URL = Filter.URLFilter(Header.URL); //过滤URL特殊字符 if (Header.URL == "URL字符过滤异常") { PostAnalyzeResult.ResultReport = Header.URL; return(PostAnalyzeResult); } PostAnalyzeResult.ResultReport = "请求过滤成功"; PostAnalyzeResult.RequestHeader = Header; PostAnalyzeResult.RequestContents = RequestContent; return(PostAnalyzeResult); }