github.com/opentelekomcloud/gophertelekomcloud@v0.9.3/openstack/waf-premium/v1/rules/CreateIgnore.go

github.com/opentelekomcloud/gophertelekomcloud@v0.9.3/openstack/waf-premium/v1/rules/CreateIgnore.go (about)

     1  package rules
     2  
     3  import (
     4  	"github.com/opentelekomcloud/gophertelekomcloud"
     5  	"github.com/opentelekomcloud/gophertelekomcloud/internal/build"
     6  	"github.com/opentelekomcloud/gophertelekomcloud/internal/extract"
     7  )
     8  
     9  type CreateIgnoreOpts struct {
    10  	// Domain names to be protected. If the array length is 0, this rule will take effect
    11  	// for all domain names that are protected by the policies this rule belongs to.
    12  	Domains []string `json:"domain" required:"true"`
    13  	// Condition list
    14  	Conditions []IgnoreCondition `json:"conditions" required:"true"`
    15  	// The value is fixed at 1, indicating v2 false alarm masking rules.
    16  	Mode int `json:"mode" required:"true"`
    17  	// Items to be masked. You can provide multiple items and separate them with semicolons (;).
    18  	Rule string `json:"rule" required:"true"`
    19  	// To ignore attacks of a specific field, specify the field in the Advanced settings area.
    20  	// After you add the rule, WAF will stop blocking attacks of the specified field.
    21  	// This parameter is not included if all modules are bypassed.
    22  	Advanced []AdvancedIgnoreObject `json:"advanced"`
    23  	// Description of the rule
    24  	Description string `json:"description,omitempty"`
    25  }
    26  
    27  type IgnoreCondition struct {
    28  	// Field type. The value can be url, ip, params, cookie, or header.
    29  	Category string `json:"category,omitempty"`
    30  	// Content. The array length is limited to 1.
    31  	// The content format varies depending on the field type.
    32  	// For example, if the field type is ip, the value must be an IP address or IP address range.
    33  	// If the field type is url, the value must be in the standard URL format.
    34  	// IF the field type is params, cookie, or header, the content format is not limited.
    35  	Contents []string `json:"contents,omitempty"`
    36  	// The matching logic varies depending on the field type. For example,
    37  	// if the field type is ip, the logic can be equal or not_equal.
    38  	// If the field type is url, params, cookie, or header,
    39  	// the logic can be equal, not_equal, contain, not_contain, prefix, not_prefix,
    40  	// suffix, not_suffix.
    41  	LogicOperation string `json:"logic_operation,omitempty"`
    42  	// If the field type is ip and the subfield is the client IP address,
    43  	// the index parameter is not required. If the subfield type is X-Forwarded-For,
    44  	// the value is x-forwarded-for; If the field type is params, header,
    45  	// or cookie, and the subfield is user-defined, the value of index is the user-defined subfield.
    46  	Index string `json:"index,omitempty"`
    47  }
    48  
    49  type AdvancedIgnoreObject struct {
    50  	// Field type. The following field types are supported: Params, Cookie, Header, Body, and Multipart.
    51  	// When you select Params, Cookie, or Header, you can set this parameter to all or configure subfields as required.
    52  	// When you select Body or Multipart, set this parameter to all.
    53  	Index string `json:"index,omitempty"`
    54  	// Subfield of the specified field type. The default value is all.
    55  	Contents []string `json:"contents,omitempty"`
    56  }
    57  
    58  // CreateIgnore will create a global protection whitelist (formerly false alarm masking) rule on the values in CreateOpts.
    59  func CreateIgnore(client *golangsdk.ServiceClient, policyId string, opts CreateIgnoreOpts) (*IgnoreRule, error) {
    60  	b, err := build.RequestBody(opts, "")
    61  	if err != nil {
    62  		return nil, err
    63  	}
    64  
    65  	// POST /v1/{project_id}/waf/policy/{policy_id}/ignore
    66  	raw, err := client.Post(client.ServiceURL("waf", "policy", policyId, "ignore"), b,
    67  		nil, &golangsdk.RequestOpts{
    68  			OkCodes:     []int{200},
    69  			MoreHeaders: map[string]string{"Content-Type": "application/json;charset=utf8"},
    70  		})
    71  	if err != nil {
    72  		return nil, err
    73  	}
    74  
    75  	var res IgnoreRule
    76  	err = extract.Into(raw.Body, &res)
    77  	return &res, err
    78  }
    79  
    80  type IgnoreRule struct {
    81  	// Rule ID.
    82  	ID string `json:"id"`
    83  	// Policy ID.
    84  	PolicyId string `json:"policyid"`
    85  	// Time the rule is created. The value is a 13-digit timestamp in ms.
    86  	CreatedAt int64 `json:"timestamp"`
    87  	// Rule description.
    88  	Description string `json:"description"`
    89  	// Rule status. The value can be:
    90  	// 0: The rule is disabled.
    91  	// 1: The rule is enabled.
    92  	Status int `json:"status"`
    93  	// Masked items.
    94  	Rule string `json:"rule"`
    95  	// The value is fixed at 1, indicating v2 false alarm masking rules are used.
    96  	Mode int `json:"mode"`
    97  	// Condition list.
    98  	Conditions []IgnoreCondition `json:"conditions"`
    99  	// Advanced settings.
   100  	Advanced []AdvancedIgnoreObject `json:"advanced"`
   101  	// Domain names.
   102  	Domains []string `json:"domain"`
   103  }