コード例 #1
0
        private AnalyzeResult AnalyzeHttpHeader(HeaderStruct Header)
        {
            //实例化http的GET请求的分析结果
            AnalyzeResult GetMethodResult = new AnalyzeResult();
            //判断该请求是否有为黑名单,是否设置了访问流量限制和访问频率限制
            LimitList      LimitJudge     = new LimitList();
            FrequenceLimit FrequenceJudge = new FrequenceLimit();
            FlowLimit      FlowJudge      = new FlowLimit();

            GetMethodResult.RequestHeader   = Header;
            GetMethodResult.RequestContents = string.Empty;

            if (!LimitJudge.IsLimitVisitor(Header.HostIp))
            {
                GetMethodResult.ResultReport = "该主机已被设置为黑名单,无法访问";
                return(GetMethodResult);
            }

            if (LimitJudge.GetLimitVisitorTotalRate(Header.HostIp) > 0)
            {
                if (!FrequenceJudge.IsOverTimesNum(LimitJudge.GetLimitVisitorTotalRate(Header.HostIp), Header.HostIp))
                {
                    GetMethodResult.ResultReport = "请求过于频繁,系统自动判定为异常请求!请稍后再试!";
                    return(GetMethodResult);
                }
            }
            else if (LimitJudge.GetLimitVisitorTotalRate(Header.HostIp) == 0)
            {
                GetMethodResult.ResultReport = "数据库出错";
                return(GetMethodResult);
            }

            IPAddress CheckIPAddress = null;

            if (!IPAddress.TryParse(Header.HostIp, out CheckIPAddress))
            {
                GetMethodResult.ResultReport = "请求报文的IP地址不合法!";
                return(GetMethodResult);
            }

            HttpRequestFilter Filter = new HttpRequestFilter();

            Header.URL = Filter.URLFilter(Header.URL);                                      //过滤URL特殊字符
            if (Header.URL == "URL字符过滤异常")
            {
                GetMethodResult.ResultReport = Header.URL;
                return(GetMethodResult);
            }

            GetMethodResult.ResultReport = "请求过滤成功";
            return(GetMethodResult);
        }
コード例 #2
0
ファイル: SetWafManager.cs プロジェクト: ColdPros/FireWall-2
        //执行防火墙功能的数据库设置
        private string CompleteSetting(SetWafManager SetLimitRequest)
        {
            Boolean   Result            = true;
            LimitList LimitSetting      = new LimitList();
            string    HostIp            = SetLimitRequest.Visitor_IP;
            int       Flow_TotalRate    = (SetLimitRequest.Flow_TotalRate == null ? 0 : int.Parse(SetLimitRequest.Flow_TotalRate));
            int       Visitor_TotalRate = (SetLimitRequest.Visitor_TotalRate == null ? 0:int.Parse(SetLimitRequest.Visitor_TotalRate));
            Boolean   Visit_Limit       = SetLimitRequest.Visit_Limit;

            if (string.IsNullOrEmpty(HostIp))
            {
                return("IP地址不能为空");
            }

            if (Flow_TotalRate > 0)
            {
                Result = LimitSetting.SetFlowTotalRate(HostIp, Flow_TotalRate);
            }
            if (!Result || Flow_TotalRate < 0)
            {
                return("流量设置出错");
            }

            if (Visitor_TotalRate > 0)
            {
                Result = LimitSetting.SetVisitorTotalRate(HostIp, Visitor_TotalRate);
            }
            if (!Result || Visitor_TotalRate < 0)
            {
                return("访问频率设置出错");
            }

            if (Visit_Limit == true || Visit_Limit == false)
            {
                Result = LimitSetting.SetLimitVisitor(HostIp, Visit_Limit);
            }
            if (!Result)
            {
                return("名单限制设置失败");
            }

            return("设置成功");
        }
コード例 #3
0
ファイル: SetWafManager.cs プロジェクト: ColdPros/FireWall-2
        //调用方法执行获取数据库中防火墙功能设置历史的记录
        private string[] GetLimitList()
        {
            LimitList LimitSetting = new LimitList();

            return(LimitSetting.GetLimitDataList());
        }
コード例 #4
0
        private AnalyzeResult AnalyzeHttpRequest(HttpRequestBase Request, HeaderStruct Header)      //该方法用于分析http请求的头部信息
        {
            //实例化http的POST请求的分析结果
            AnalyzeResult PostAnalyzeResult = new AnalyzeResult();
            //判断该请求是否有为黑名单,是否设置了访问流量限制和访问频率限制
            LimitList      LimitJudge     = new LimitList();
            FrequenceLimit FrequenceJudge = new FrequenceLimit();
            FlowLimit      FlowJudge      = new FlowLimit();

            if (!LimitJudge.IsLimitVisitor(Header.HostIp))
            {
                PostAnalyzeResult.ResultReport = "该主机已被设置为黑名单,无法访问";
                return(PostAnalyzeResult);
            }

            if (LimitJudge.GetLimitVisitorTotalRate(Header.HostIp) > 0)
            {
                if (!FrequenceJudge.IsOverTimesNum(LimitJudge.GetLimitVisitorTotalRate(Header.HostIp), Header.HostIp))
                {
                    PostAnalyzeResult.ResultReport = "请求过于频繁,系统自动判定为异常请求!请稍后再试!";
                    return(PostAnalyzeResult);
                }
            }
            else if (LimitJudge.GetLimitVisitorTotalRate(Header.HostIp) == 0)
            {
                PostAnalyzeResult.ResultReport = "数据库出错";
                return(PostAnalyzeResult);
            }

            if (LimitJudge.GetLimitFlowTotalRate(Header.HostIp) > 0)
            {
                if (!FlowJudge.IsOverFlow(LimitJudge.GetLimitFlowTotalRate(Header.HostIp), Header.TotalBytes, Header.HostIp))
                {
                    PostAnalyzeResult.ResultReport = "请求信息量太大,系统自动判定为异常请求!请稍后再试!";
                    return(PostAnalyzeResult);
                }
            }
            else if (LimitJudge.GetLimitFlowTotalRate(Header.HostIp) == 0)
            {
                PostAnalyzeResult.ResultReport = "数据库错误";
                return(PostAnalyzeResult);
            }

            IPAddress CheckIPAddress = null;

            if (!IPAddress.TryParse(Header.HostIp, out CheckIPAddress))
            {
                PostAnalyzeResult.ResultReport = "请求报文的IP地址不合法!";
                return(PostAnalyzeResult);
            }

            //获取请求字符串,并判断请求长度是否合法
            if (Request.ContentLength > (Int32.MaxValue) / 50)
            {
                PostAnalyzeResult.ResultReport = "请求内容太大,丢弃请求!";
                return(PostAnalyzeResult);
            }

            //通过流到字符的转化,将请求内容获取到RequestContent变量
            Stream       RequestStream  = Request.InputStream;
            StreamReader MyStream       = new StreamReader(RequestStream, Encoding.UTF8);
            string       RequestContent = MyStream.ReadToEnd();

            HttpRequestFilter Filter = new HttpRequestFilter();

            RequestContent = Filter.HTMLFilter(RequestContent);                             //过滤HTML标签
            RequestContent = Filter.SqlFilter(RequestContent);                              //过滤sql关键字
            RequestContent = Filter.SpecialCharFilter(RequestContent);                      //过滤特殊字符
            RequestContent = Filter.XSSFilter(RequestContent);                              //过滤XSS脚本

            if (RequestContent == "HTML标签过滤异常" || RequestContent == "特殊字符过滤异常" ||
                RequestContent == "SQL字符过滤异常" || RequestContent == "XSS过滤异常")
            {
                PostAnalyzeResult.ResultReport = RequestContent;
                return(PostAnalyzeResult);
            }

            Header.URL = Filter.URLFilter(Header.URL);                                      //过滤URL特殊字符
            if (Header.URL == "URL字符过滤异常")
            {
                PostAnalyzeResult.ResultReport = Header.URL;
                return(PostAnalyzeResult);
            }

            PostAnalyzeResult.ResultReport    = "请求过滤成功";
            PostAnalyzeResult.RequestHeader   = Header;
            PostAnalyzeResult.RequestContents = RequestContent;
            return(PostAnalyzeResult);
        }