diff --git a/jxwaf/__init__.pyc b/jxwaf/__init__.pyc deleted file mode 100644 index 774fd91b..00000000 Binary files a/jxwaf/__init__.pyc and /dev/null differ diff --git a/jxwaf/admin.pyc b/jxwaf/admin.pyc deleted file mode 100644 index 381e718c..00000000 Binary files a/jxwaf/admin.pyc and /dev/null differ diff --git a/jxwaf/migrations/__init__.pyc b/jxwaf/migrations/__init__.pyc index 6a85c7f2..cc65b7a0 100644 Binary files a/jxwaf/migrations/__init__.pyc and b/jxwaf/migrations/__init__.pyc differ diff --git a/jxwaf/models.pyc b/jxwaf/models.pyc deleted file mode 100644 index 6ae3dfeb..00000000 Binary files a/jxwaf/models.pyc and /dev/null differ diff --git a/jxwaf/views.py b/jxwaf/views.py index 33fbed89..b581001f 100644 --- a/jxwaf/views.py +++ b/jxwaf/views.py @@ -276,7 +276,8 @@ def waf_update(request): domain_data['proxy_ip'] = waf_domain_result.proxy_ip.split(",") global_data['domain_set'] = domain_data try: - protection_result = waf_protection.objects.get(Q(user_id=user_result.user_id) & Q(domain=waf_domain_result.domain)) + protection_result = waf_protection.objects.get( + Q(user_id=user_result.user_id) & Q(domain=waf_domain_result.domain)) except Exception, e: data_result = {} data_result['result'] = False @@ -527,7 +528,8 @@ def waf_update(request): try: jxwaf_website_default_data = waf_default_config.objects.get(user_id=user_result.user_id) except: - waf_default_config.objects.create(user_id=user_result.user_id, type='false', owasp_code='404', owasp_html='') + waf_default_config.objects.create(user_id=user_result.user_id, type='false', owasp_code='404', + owasp_html='') jxwaf_website_default_data = waf_default_config.objects.get(user_id=user_result.user_id) jxwaf_website_default['type'] = jxwaf_website_default_data.type jxwaf_website_default['owasp_code'] = jxwaf_website_default_data.owasp_code @@ -555,3 +557,85 @@ def waf_update(request): data_result['message'] = str(e) return JsonResponse(data_result, safe=False) + +def waf_update_repair(request): + data_result = {} + data = {} + error_domain = [] + try: + waf_api_key = request.POST['api_key'] + waf_api_password = request.POST['api_password'] + operator = request.POST['operator'] + if operator != 'check' and operator != 'repair': + data_result['result'] = False + data_result['errCode'] = 400 + data_result['message'] = "param error" + return JsonResponse(data_result, safe=False) + except Exception, e: + data_result['result'] = False + data_result['errCode'] = 400 + data_result['message'] = "param error" + return JsonResponse(data_result, safe=False) + try: + user_result = jxwaf_user.objects.get(Q(user_id=waf_api_key) & Q(api_password=waf_api_password)) + except: + data_result['result'] = False + data_result['errCode'] = 401 + data_result['message'] = "api_key or api_password error" + return JsonResponse(data_result, safe=False) + try: + waf_domain_results = waf_domain.objects.filter(user_id=user_result.user_id) + for waf_domain_result in waf_domain_results: + source_ip = [] + for process_domain in waf_domain_result.source_ip.split(","): + if isIP(process_domain.strip()): + source_ip.append(process_domain.strip()) + else: + try: + resolve_ips = dns.resolver.query(process_domain.strip(), 'A') + for i in resolve_ips.response.answer: + for j in i.items: + if j.rdtype == 1: + source_ip.append(j.address) + except: + error_domain.append(waf_domain_result.domain) + try: + protection_result = waf_protection.objects.get( + Q(user_id=user_result.user_id) & Q(domain=waf_domain_result.domain)) + waf_page_custom_result = waf_page_custom.objects.get( + Q(user_id=user_result.user_id) & Q(domain=waf_domain_result.domain)) + waf_cc_protection_result = waf_cc_protection.objects.get( + Q(user_id=user_result.user_id) & Q(domain=waf_domain_result.domain)) + waf_cc_attack_ip_conf_result = waf_cc_attack_ip_conf.objects.get( + Q(user_id=user_result.user_id) & Q(domain=waf_domain_result.domain)) + waf_owasp_check_result = waf_owasp_check.objects.get( + Q(user_id=user_result.user_id) & Q(domain=waf_domain_result.domain)) + waf_evil_ip_conf_result = waf_evil_ip_conf.objects.get( + Q(user_id=user_result.user_id) & Q(domain=waf_domain_result.domain)) + except Exception, e: + error_domain.append(waf_domain_result.domain) + if operator == 'repair': + for domain in error_domain: + waf_domain.objects.filter(domain=domain).filter(user_id=user_result.user_id).delete() + waf_protection.objects.filter(domain=domain).filter(user_id=user_result.user_id).delete() + waf_cc_protection.objects.filter(domain=domain).filter(user_id=user_result.user_id).delete() + waf_cc_attack_ip_conf.objects.filter(domain=domain).filter(user_id=user_result.user_id).delete() + waf_ip_rule.objects.filter(domain=domain).filter(user_id=user_result.user_id).delete() + waf_evil_ip_conf.objects.filter(domain=domain).filter(user_id=user_result.user_id).delete() + waf_owasp_check.objects.filter(domain=domain).filter(user_id=user_result.user_id).delete() + waf_custom_rule.objects.filter(domain=domain).filter(user_id=user_result.user_id).delete() + waf_page_custom.objects.filter(domain=domain).filter(user_id=user_result.user_id).delete() + if len(error_domain) == 0: + data_result['result'] = True + data_result['message'] = "error_domain count is 0" + else: + data_result['result'] = True + data_result['message'] = "error_domain count is "+str(len(error_domain)) + data_result['error_domain'] = error_domain + return JsonResponse(data_result, safe=False) + except Exception, e: + data_result = {} + data_result['result'] = False + data_result['errCode'] = 504 + data_result['message'] = str(e) + return JsonResponse(data_result, safe=False) diff --git a/jxwaf/views.pyc b/jxwaf/views.pyc deleted file mode 100644 index 0a5c8b21..00000000 Binary files a/jxwaf/views.pyc and /dev/null differ diff --git a/jxwaf/waf_cc.pyc b/jxwaf/waf_cc.pyc deleted file mode 100644 index f238fa84..00000000 Binary files a/jxwaf/waf_cc.pyc and /dev/null differ diff --git a/jxwaf/waf_domain.pyc b/jxwaf/waf_domain.pyc deleted file mode 100644 index 4dd694db..00000000 Binary files a/jxwaf/waf_domain.pyc and /dev/null differ diff --git a/jxwaf/waf_test.pyc b/jxwaf/waf_test.pyc deleted file mode 100644 index 23e53710..00000000 Binary files a/jxwaf/waf_test.pyc and /dev/null differ diff --git a/jxwaf2018/__init__.pyc b/jxwaf2018/__init__.pyc deleted file mode 100644 index 603d0f6b..00000000 Binary files a/jxwaf2018/__init__.pyc and /dev/null differ diff --git a/jxwaf2018/settings.pyc b/jxwaf2018/settings.pyc deleted file mode 100644 index 63aa2f13..00000000 Binary files a/jxwaf2018/settings.pyc and /dev/null differ diff --git a/jxwaf2018/urls.py b/jxwaf2018/urls.py index 37e5dbc2..9ea9ff35 100644 --- a/jxwaf2018/urls.py +++ b/jxwaf2018/urls.py @@ -156,6 +156,7 @@ url(r'^waf/waf_get_default_config$', waf_get_default_config), url(r'^waf/waf_edit_default_config$', waf_edit_default_config), url(r'^waf/waf_create_default_config$', waf_create_default_config), + url(r'^waf/waf_update_repair', waf_update_repair), # api url(r'^api/waf_get_domain_list$', api_get_domain_list), diff --git a/jxwaf2018/urls.pyc b/jxwaf2018/urls.pyc deleted file mode 100644 index c34e9cee..00000000 Binary files a/jxwaf2018/urls.pyc and /dev/null differ diff --git a/jxwaf2018/wsgi.pyc b/jxwaf2018/wsgi.pyc deleted file mode 100644 index cfd4a33a..00000000 Binary files a/jxwaf2018/wsgi.pyc and /dev/null differ