github.com/opentelekomcloud/gophertelekomcloud@v0.9.3/openstack/waf-premium/v1/rules/CreateCustom.go (about) 1 package rules 2 3 import ( 4 "github.com/opentelekomcloud/gophertelekomcloud" 5 "github.com/opentelekomcloud/gophertelekomcloud/internal/build" 6 "github.com/opentelekomcloud/gophertelekomcloud/internal/extract" 7 ) 8 9 type CreateCustomOpts struct { 10 // Time the precise protection rule takes effect. 11 // false: The rule takes effect immediately. 12 // true: The effective time is customized. 13 Time *bool `json:"time" required:"true"` 14 // Timestamp (ms) when the precise protection rule takes effect. 15 // This parameter is returned only when time is true. 16 Start int64 `json:"start,omitempty"` 17 // Timestamp (ms) when the precise protection rule expires. 18 // This parameter is returned only when time is true. 19 Terminal int64 `json:"terminal,omitempty"` 20 // Rule description. 21 Description string `json:"description,omitempty"` 22 // Match condition List. 23 Conditions []CustomConditionsObject `json:"conditions,omitempty"` 24 // Protective action of the precise protection rule. 25 Action *CustomActionObject `json:"action" required:"true"` 26 // Priority of a rule. A small value indicates a high priority. If two rules are assigned with the same priority, 27 // the rule added earlier has higher priority. Value range: 0 to 1000. 28 Priority *int `json:"priority" required:"true"` 29 } 30 31 type CustomConditionsObject struct { 32 // Field type. The value can be url, ip, params, cookie, or header. 33 Category string `json:"category,omitempty"` 34 // Logic for matching the condition. 35 // If the category is url, the optional operations are: 36 // `contain`, `not_contain`, `equal`, `not_equal`, `prefix`, `not_prefix`, `suffix`, `not_suffix`, 37 // `contain_any`, `not_contain_all`, `equal_any`, `not_equal_all`, `equal_any`, 38 // `not_equal_all`, `prefix_any`, `not_prefix_all`, `suffix_any`, `not_suffix_all`, 39 // `len_greater`, `len_less`, `len_equal` and `len_not_equal` 40 // If the category is ip, the optional operations are: 41 // `equal`, `not_equal`, `equal_any` and `not_equal_all` 42 // If the category is params, cookie and header, the optional operations are: 43 // `contain`, `not_contain`, `equal`, `not_equal`, `prefix`, `not_prefix`, `suffix`, `not_suffix`, 44 // `contain_any`, `not_contain_all`, `equal_any`, `not_equal_all`, `equal_any`, `not_equal_all`, 45 // `prefix_any`, `not_prefix_all`, `suffix_any`, `not_suffix_all`, `len_greater`, `len_less`, 46 // `len_equal`, `len_not_equal`, `num_greater`, `num_less`, `num_equal`, `num_not_equal`, 47 // `exist` and `not_exist` 48 LogicOperation string `json:"logic_operation,omitempty"` 49 // Content of the conditions. 50 // This parameter is mandatory when the suffix of logic_operation is not any or all. 51 Contents []string `json:"contents,omitempty"` 52 // Reference table ID. It can be obtained by calling the API Querying the Reference Table List. 53 // This parameter is mandatory when the suffix of logic_operation is any or all. 54 // The reference table type must be the same as the category type. 55 ValueListId string `json:"value_list_id,omitempty"` 56 // Subfield. When category is set to params, cookie, or header, 57 // set this parameter based on site requirements. 58 // This parameter is mandatory. 59 Index string `json:"index,omitempty"` 60 } 61 62 type CustomActionObject struct { 63 // Operation type 64 // block: WAF blocks attacks. 65 // pass: WAF allows requests. 66 // log: WAF only logs detected attacks. 67 Category string `json:"category" required:"true"` 68 // ID of a known attack source rule. 69 // This parameter can be configured only when category is set to block. 70 FollowedActionId string `json:"followed_action_id,omitempty"` 71 } 72 73 // CreateCustom will create a precise protection rule on the values in CreateOpts. 74 func CreateCustom(client *golangsdk.ServiceClient, policyId string, opts CreateCustomOpts) (*CustomRule, error) { 75 b, err := build.RequestBody(opts, "") 76 if err != nil { 77 return nil, err 78 } 79 80 // POST /v1/{project_id}/waf/policy/{policy_id}/custom 81 raw, err := client.Post(client.ServiceURL("waf", "policy", policyId, "custom"), b, 82 nil, &golangsdk.RequestOpts{ 83 OkCodes: []int{200}, 84 MoreHeaders: map[string]string{"Content-Type": "application/json;charset=utf8"}, 85 }) 86 if err != nil { 87 return nil, err 88 } 89 90 var res CustomRule 91 err = extract.Into(raw.Body, &res) 92 return &res, err 93 } 94 95 type CustomRule struct { 96 // Rule ID. 97 ID string `json:"id"` 98 // Policy ID. 99 PolicyId string `json:"policyid"` 100 // Rule description. 101 Description string `json:"description"` 102 // Rule status. The value can be 0 or 1. 103 Status *int `json:"status"` 104 // List of matching conditions. All conditions must be met. 105 Conditions []CustomConditionsObject `json:"conditions"` 106 // Protective action of the precise protection rule. 107 Action *CustomActionObject `json:"action"` 108 // Priority of a rule. A small value indicates a high priority. 109 // If two rules are assigned with the same priority, 110 // the rule added earlier has higher priority. Value range: 0 to 1000. 111 Priority int `json:"priority"` 112 // Timestamp when the precise protection rule is created. 113 CreatedAt int64 `json:"timestamp"` 114 // Timestamp (ms) when the precise protection rule takes effect. 115 // This parameter is returned only when time is true. 116 Start int64 `json:"start"` 117 // Timestamp (ms) when the precise protection rule expires. 118 // This parameter is returned only when time is true. 119 Terminal int64 `json:"terminal"` 120 // This parameter is reserved and can be ignored currently. 121 ActionMode *bool `json:"action_mode"` 122 // Rule aging time. This parameter is reserved and can be ignored currently. 123 AgingTime int `json:"aging_time"` 124 // Rule creation object. This parameter is reserved and can be ignored currently. 125 Producer int `json:"producer"` 126 }