rules

package
v0.9.3 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Apr 23, 2024 License: Apache-2.0 Imports: 3 Imported by: 1

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func DeleteAntiCrawlerRule 

func DeleteAntiCrawlerRule(client *golangsdk.ServiceClient, policyId, ruleId string) (err error)

DeleteAntiCrawlerRule is used to delete a JavaScript anti-crawler rule.

func DeleteAntiLeakageRule 

func DeleteAntiLeakageRule(client *golangsdk.ServiceClient, policyId, ruleId string) (err error)

DeleteAntiLeakageRule is used to delete an information leakage prevention rule.

func DeleteAntiTamperRule 

func DeleteAntiTamperRule(client *golangsdk.ServiceClient, policyId, ruleId string) (err error)

DeleteAntiTamperRule is used to delete a web tamper protection rule.

func DeleteBlacklistRule 

func DeleteBlacklistRule(client *golangsdk.ServiceClient, policyId, ruleId string) (err error)

DeleteBlacklistRule is used to delete an IP address blacklist or whitelist rule.

func DeleteCcRule 

func DeleteCcRule(client *golangsdk.ServiceClient, policyId, ruleId string) (err error)

DeleteCcRule is used to delete a CC attack protection rule.

func DeleteCustomRule 

func DeleteCustomRule(client *golangsdk.ServiceClient, policyId, ruleId string) (err error)

DeleteCustomRule is used to delete a precise protection rule.

func DeleteGeoIpRule 

func DeleteGeoIpRule(client *golangsdk.ServiceClient, policyId, ruleId string) (err error)

DeleteGeoIpRule is used to delete a geolocation access control rule.

func DeleteIgnoreRule 

func DeleteIgnoreRule(client *golangsdk.ServiceClient, policyId, ruleId string) (err error)

DeleteIgnoreRule is used to deleting a global protection whitelist (false alarm masking) rule.

func DeleteKnownAttackSourceRule 

func DeleteKnownAttackSourceRule(client *golangsdk.ServiceClient, policyId, ruleId string) (err error)

DeleteKnownAttackSourceRule is used to delete a known attack source rule.

func DeletePrivacyRule 

func DeletePrivacyRule(client *golangsdk.ServiceClient, policyId, ruleId string) (err error)

DeletePrivacyRule is used to delete a data masking rule.

func DeleteReferenceTable 

func DeleteReferenceTable(client *golangsdk.ServiceClient, tableId string) (err error)

DeleteReferenceTable is used to delete a reference table.

Types

type AdvancedIgnoreObject 

type AdvancedIgnoreObject struct {
	// Field type. The following field types are supported: Params, Cookie, Header, Body, and Multipart.
	// When you select Params, Cookie, or Header, you can set this parameter to all or configure subfields as required.
	// When you select Body or Multipart, set this parameter to all.
	Index string `json:"index,omitempty"`
	// Subfield of the specified field type. The default value is all.
	Contents []string `json:"contents,omitempty"`
}

type AntiCrawlerRule 

type AntiCrawlerRule struct {
	// Rule ID.
	ID string `json:"id"`
	// Policy ID.
	PolicyId string `json:"policyid"`
	// Timestamp the rule is created.
	CreatedAt int64 `json:"timestamp"`
	// URL to which the rule applies.
	Url string `json:"url"`
	// Rule matching logic
	// 1: Include
	// 2: Not include
	// 3: Equal
	// 4: Not equal
	// 5: Prefix is
	// 6: Prefix is not
	// 7: Suffix is
	// 8: Suffix is not
	Logic int `json:"logic"`
	// Rule name.
	Name string `json:"name"`
	// JavaScript anti-crawler rule type.
	// anticrawler_specific_url: used to protect a specific path specified by the rule.
	// anticrawler_except_url: used to protect all paths except the one specified by the rule.
	Type string `json:"type"`
	// Rule status. The value can be 0 or 1.
	Status int `json:"status"`
}

func CreateAntiCrawler 

func CreateAntiCrawler(client *golangsdk.ServiceClient, policyId string, opts CreateAntiCrawlerOpts) (*AntiCrawlerRule, error)

CreateAntiCrawler will create a JavaScript anti-crawler rule on the values in CreateOpts.

func GetAntiCrawler 

func GetAntiCrawler(client *golangsdk.ServiceClient, policyId, ruleId string) (*AntiCrawlerRule, error)

GetAntiCrawler is used to query a JavaScript anti-crawler rule by ID.

func ListAntiCrawlers 

func ListAntiCrawlers(client *golangsdk.ServiceClient, policyId string, opts ListAntiCrawlerOpts) ([]AntiCrawlerRule, error)

ListAntiCrawlers is used to query the list of JavaScript anti-crawler rules.

func UpdateAntiCrawler 

func UpdateAntiCrawler(client *golangsdk.ServiceClient, policyId, ruleId string, opts UpdateAntiCrawlerOpts) (*AntiCrawlerRule, error)

UpdateAntiCrawler is used to update a JavaScript anti-crawler rule.

type AntiLeakageRule 

type AntiLeakageRule struct {
	// Rule ID.
	ID string `json:"id"`
	// Policy ID.
	PolicyId string `json:"policyid"`
	// URL to which the rule applies.
	Url string `json:"url"`
	// Sensitive information type in the information leakage prevention rule.
	// sensitive: The rule masks sensitive user information, such as ID code,
	// phone numbers, and email addresses.
	// code: The rule blocks response pages of specified HTTP response code.
	Category string `json:"category"`
	// Content corresponding to the sensitive information type.
	Contents []string `json:"contents"`
	// Time the rule is created. The value is a 13-digit timestamp in ms.
	CreatedAt int64 `json:"timestamp"`
	// Rule status. The value can be:
	// 0: The rule is disabled.
	// 1: The rule is enabled.
	Status *int `json:"status"`
	// Rule description.
	Description string `json:"description"`
}

func CreateAntiLeakage 

func CreateAntiLeakage(client *golangsdk.ServiceClient, policyId string, opts CreateAntiLeakageOpts) (*AntiLeakageRule, error)

CreateAntiLeakage will create an information leakage protection rule on the values in CreateOpts.

func GetAntiLeakage 

func GetAntiLeakage(client *golangsdk.ServiceClient, policyId, ruleId string) (*AntiLeakageRule, error)

GetAntiLeakage is used to query an information leakage prevention rule by ID.

func ListAntiLeakage 

func ListAntiLeakage(client *golangsdk.ServiceClient, policyId string, opts ListAntiLeakageOpts) ([]AntiLeakageRule, error)

ListAntiLeakage is used to query the list of information leakage prevention rules.

func UpdateAntiLeakage 

func UpdateAntiLeakage(client *golangsdk.ServiceClient, policyId, ruleId string, opts UpdateAntiLeakageOpts) (*AntiLeakageRule, error)

UpdateAntiLeakage is used to update an information leakage prevention rule.

type AntiTamperRule 

type AntiTamperRule struct {
	// Rule ID.
	ID string `json:"id"`
	// Policy ID.
	PolicyId string `json:"policyid"`
	// Time the rule is created. The value is a 13-digit timestamp in ms.
	CreatedAt int64 `json:"timestamp"`
	// Rule description.
	Description string `json:"description"`
	// Rule status. The value can be:
	// 0: The rule is disabled.
	// 1: The rule is enabled.
	// Rule description.
	Status *int `json:"status"`
	// The domain name of the website protected with the web tamper protection rule.
	// The domain name is in the format of xxx.xxx.com, such as www.example.com.
	Hostname string `json:"hostname"`
	// URL for the web tamper protection rule.
	Url string `json:"url"`
}

func CreateAntiTamper 

func CreateAntiTamper(client *golangsdk.ServiceClient, policyId string, opts CreateAntiTamperOpts) (*AntiTamperRule, error)

CreateAntiTamper will create a web tamper protection rule on the values in CreateAntiTamperOpts.

func GetAntiTamper 

func GetAntiTamper(client *golangsdk.ServiceClient, policyId, ruleId string) (*AntiTamperRule, error)

GetAntiTamper s used to query a web tamper protection rule by ID.

func ListAntiTamper 

func ListAntiTamper(client *golangsdk.ServiceClient, policyId string, opts ListAntiTamperOpts) ([]AntiTamperRule, error)

ListAntiTamper is used to query the list of web tamper protection rules.

func UpdateAntiTamperCache 

func UpdateAntiTamperCache(client *golangsdk.ServiceClient, policyId, ruleId string) (*AntiTamperRule, error)

UpdateAntiTamperCache is used to updating the cache for a web tamper protection Rule.

type BlacklistCreateOpts 

type BlacklistCreateOpts struct {
	// Rule name.
	Name string `json:"name,omitempty"`
	// Rule description.
	Description string `json:"description,omitempty"`
	// IP addresses or an IP address range.
	// IP addresses: IP addresses to be added to the blacklist or whitelist,
	// for example, 192.x.x.3 -IP address range: IP address and subnet mask, for example, 10.x.x.0/24
	Addresses string `json:"addr" required:"true"`
	// Protective action. The value can be:
	// 0: WAF blocks the requests that hit the rule.
	// 1: WAF allows the requests that hit the rule.
	// 2: WAF only logs the requests that hit the rule.
	Action *int `json:"white" required:"true"`
	// ID of a known attack source rule. This parameter can be configured only when white is set to 0.
	FollowedActionId string `json:"followed_action_id,omitempty"`
}

type BlacklistRule 

type BlacklistRule struct {
	// Rule ID.
	ID string `json:"id"`
	// Rule name.
	Name string `json:"name"`
	// Policy ID.
	PolicyId string `json:"policyid"`
	// Rule creation time.
	CreatedAt int64 `json:"timestamp"`
	// Rule description.
	Description string `json:"description"`
	// Rule status. The value can be:
	// 0: The rule is disabled.
	// 1: The rule is enabled.
	Status *int `json:"status"`
	// Blacklisted or whitelisted IP addresses
	Addresses string `json:"addr"`
	// Protective action. The value can be:
	// 0: WAF blocks the requests that hit the rule.
	// 1: WAF allows the requests that hit the rule.
	// 2: WAF only logs the requests that hit the rule.
	Action *int `json:"white"`
	// ID of the known attack source rule.
	FollowedActionId string `json:"followed_action_id"`
}

func CreateBlacklist 

func CreateBlacklist(client *golangsdk.ServiceClient, policyId string, opts BlacklistCreateOpts) (*BlacklistRule, error)

CreateBlacklist will create a blacklist or whitelist rule on the values in WhitelistCreateOpts.

func GetBlacklist 

func GetBlacklist(client *golangsdk.ServiceClient, policyId, ruleId string) (*BlacklistRule, error)

GetBlacklist is used to query a blacklist or whitelist rule by ID.

func ListBlacklists 

func ListBlacklists(client *golangsdk.ServiceClient, policyId string, opts ListBlacklistOpts) ([]BlacklistRule, error)

ListBlacklists is used to query the list of blacklist and whitelist rules.

func UpdateBlacklist 

func UpdateBlacklist(client *golangsdk.ServiceClient, policyId, ruleId string, opts UpdateBlacklistOpts) (*BlacklistRule, error)

UpdateBlacklist is used to update an IP address blacklist or whitelist rule.

type CcActionObject 

type CcActionObject struct {
	// Action type:
	// captcha: Verification code.
	// WAF requires visitors to enter a correct verification code to continue their
	// access to requested page on your website.
	// block: WAF blocks the requests. When tag_type is set to other, the value can only be block.
	// log: WAF logs the event only.
	// dynamic_block: In the previous rate limit period,
	// if the request frequency exceeds the value of Rate Limit Frequency,
	// the request is blocked. In the next rate limit period,
	// if the request frequency exceeds the value of Permit Frequency,
	// the request is still blocked.
	// Note: The dynamic_block protection action can be set only when the
	// advanced protection mode is enabled for the CC protection rule.
	Category string `json:"category" required:"true"`
	// Block page information. When protection action category is set to block or dynamic_block,
	// you need to set the returned block page.
	// If you want to use the default block page, this parameter can be excluded.
	// If you want to use a custom block page, set this parameter.
	Detail *CcDetailObject `json:"detail"`
}

type CcConditionsObject 

type CcConditionsObject struct {
	// Field type. The value can be url, ip, params, cookie, or header.
	Category string `json:"category" required:"true"`
	// Logic for matching the condition.
	// If the category is url, the optional operations are:
	// `contain`, `not_contain`, `equal`, `not_equal`, `prefix`, `not_prefix`, `suffix`, `not_suffix`,
	// `contain_any`, `not_contain_all`, `equal_any`, `not_equal_all`, `equal_any`,
	// `not_equal_all`, `prefix_any`, `not_prefix_all`, `suffix_any`, `not_suffix_all`,
	// `len_greater`, `len_less`, `len_equal` and `len_not_equal`
	// If the category is ip, the optional operations are:
	// `equal`, `not_equal`, `equal_any` and `not_equal_all`
	// If the category is params, cookie and header, the optional operations are:
	// `contain`, `not_contain`, `equal`, `not_equal`, `prefix`, `not_prefix`, `suffix`, `not_suffix`,
	// `contain_any`, `not_contain_all`, `equal_any`, `not_equal_all`, `equal_any`, `not_equal_all`,
	// `prefix_any`, `not_prefix_all`, `suffix_any`, `not_suffix_all`, `len_greater`, `len_less`,
	// `len_equal`, `len_not_equal`, `num_greater`, `num_less`, `num_equal`, `num_not_equal`,
	// `exist` and `not_exist`
	LogicOperation string `json:"logic_operation" required:"true"`
	// Content of the conditions.
	// This parameter is mandatory when the suffix of logic_operation is not any or all.
	Contents []string `json:"contents"`
	// Reference table ID. It can be obtained by calling the API Querying the Reference Table List.
	// This parameter is mandatory when the suffix of logic_operation is any or all.
	// The reference table type must be the same as the category type.
	ValueListId string `json:"value_list_id"`
	// Subfield. When category is set to params, cookie, or header,
	// set this parameter based on site requirements.
	// This parameter is mandatory.
	Index string `json:"index"`
}

type CcDetailObject 

type CcDetailObject struct {
	// Returned page.
	Response *CcResponseObject `json:"response"`
}

type CcResponseObject 

type CcResponseObject struct {
	// Content type. The value can only be application/json, text/html, or text/xml.
	ContentType string `json:"content_type"`
	// Protection page content.
	Content string `json:"content"`
}

type CcRule 

type CcRule struct {
	// Rule ID.
	ID string `json:"id"`
	// Policy ID.
	PolicyId string `json:"policyid"`
	// When the value of mode is 0, this parameter has a return value.
	Url string `json:"url"`
	// Whether a prefix is used for the path.
	// If the protected URL ends with an asterisk (*), a path prefix is used.
	Prefix bool `json:"prefix"`
	// Mode.
	// 0: Standard.
	// 1: Advanced.
	Mode int `json:"mode"`
	// Rule status. The value can be 0 or 1.
	// 0: The rule is disabled.
	// 1: The rule is enabled.
	Status int `json:"status"`
	// Rate limit conditions of the CC protection rule.
	Conditions []CcConditionsObject `json:"conditions"`
	// Protection action to take if the number of requests reaches the upper limit.
	Action CcActionObject `json:"action"`
	// Rate limit mode.
	TagType string `json:"tag_type"`
	// User identifier.
	// This parameter is mandatory when the rate limit mode is set to user (cookie or header).
	TagIndex string `json:"tag_index"`
	// User tag.
	TagCondition CcTagConditionObject `json:"tag_condition"`
	// Rate limit frequency based on the number of requests. The value ranges from 1 to 2,147,483,647.
	LimitNum int64 `json:"limit_num"`
	// Rate limit period, in seconds. The value ranges from 1 to 3,600.
	LimitPeriod int `json:"limit_period"`
	// Allowable frequency based on the number of requests.
	UnlockNum int64 `json:"unlock_num"`
	// Block duration, in seconds.
	LockTime int64 `json:"lock_time"`
	// Rule description.
	Description string `json:"description"`
	// This parameter is reserved and can be ignored currently.
	TotalNum int `json:"total_num"`
	// This parameter is reserved and can be ignored currently.
	UnAggregation bool `json:"unaggregation"`
	// Rule aging time. This parameter is reserved and can be ignored currently.
	AgingTime int `json:"aging_time"`
	// Rule creation object. This parameter is reserved and can be ignored currently.
	Producer int `json:"producer"`
	// Timestamp the rule is created.
	CreatedAt int64 `json:"timestamp"`
}

func CreateCc 

func CreateCc(client *golangsdk.ServiceClient, policyId string, opts CreateCcOpts) (*CcRule, error)

CreateCc will create a cc rule on the values in CreateOpts.

func GetCc 

func GetCc(client *golangsdk.ServiceClient, policyId, ruleId string) (*CcRule, error)

GetCc is used to query a CC attack protection rule by ID.

func ListCcs 

func ListCcs(client *golangsdk.ServiceClient, policyId string, opts ListCcOpts) ([]CcRule, error)

ListCcs is used to query the list of CC attack protection rules.

func UpdateCc 

func UpdateCc(client *golangsdk.ServiceClient, policyId, ruleId string, opts CreateCcOpts) (*CcRule, error)

UpdateCc is used to update a CC attack protection rule.

type CcTagConditionObject 

type CcTagConditionObject struct {
	// User identifier. The value is fixed at referer.
	Category string `json:"category"`
	// Content of the user identifier field.
	Contents []string `json:"contents"`
}

type ChangeStatusOpts 

type ChangeStatusOpts struct {
	// Rule status. The value can be:
	// 0: The rule is disabled.
	// 1: The rule is enabled.
	Status int `json:"status" required:"true"`
}

type CreateAntiCrawlerOpts 

type CreateAntiCrawlerOpts struct {
	// URL to which the rule applies.
	Url string `json:"url" required:"true"`
	// Rule matching logic
	// 1: Include
	// 2: Not include
	// 3: Equal
	// 4: Not equal
	// 5: Prefix is
	// 6: Prefix is not
	// 7: Suffix is
	// 8: Suffix is not
	Logic int `json:"logic" required:"true"`
	// Rule name.
	Name string `json:"name" required:"true"`
	// JavaScript anti-crawler rule type.
	// anticrawler_specific_url: used to protect a specific path specified by the rule.
	// anticrawler_except_url: used to protect all paths except the one specified by the rule.
	Type string `json:"type" required:"true"`
}

type CreateAntiLeakageOpts 

type CreateAntiLeakageOpts struct {
	// URL to which the rule applies.
	Url string `json:"url" required:"true"`
	// Sensitive information type in the information leakage prevention rule.
	// sensitive: The rule masks sensitive user information, such as ID code, phone numbers,
	// and email addresses.
	// code: The rule blocks response pages of specified HTTP response code.
	Category string `json:"category" required:"true"`
	// Content corresponding to the sensitive information type. Multiple options can be set.
	// When category is set to code, the pages that contain the following HTTP response codes
	// will be blocked: 400, 401, 402, 403, 404, 405, 500, 501, 502, 503, 504 and 507.
	// When category is set to sensitive, parameters phone, id_card, and email can be set.
	Contents []string `json:"contents" required:"true"`
	// Rule description.
	Description string `json:"description"`
}

type CreateAntiTamperOpts 

type CreateAntiTamperOpts struct {
	// Protected website. It can be obtained by calling the ListHost API
	// in cloud mode (the value of the hostname field in the response body).
	Hostname string `json:"hostname" required:"true"`
	// URL protected by the web tamper protection rule.
	// The value must be in the standard URL format, for example, /admin
	Url string `json:"url" required:"true"`
	// Rule description.
	Description string `json:"description"`
}

type CreateCcOpts 

type CreateCcOpts struct {
	// Protection mode of the CC attack protection rule, which corresponds to the Mode
	// field in the Add CC Attack Protection Rule dialog box on the WAF console.
	// 0: standard. Only the protected paths of domain names can be specified.
	// 1: The path, IP address, cookie, header, and params fields can all be set.
	Mode *int `json:"mode" required:"true"`
	// Path to be protected in the CC attack protection rule.
	// This parameter is mandatory when the CC attack protection rule is in standard mode (i.e. the value of mode is 0).
	Url string `json:"url" required:"true"`
	// Rate limit conditions of the CC protection rule.
	// This parameter is mandatory when the CC protection rule is in advanced mode (i.e. the value of mode is 1).
	Conditions []CcConditionsObject `json:"conditions"`
	// Protection action to take if the number of requests reaches the upper limit.
	Action *CcActionObject `json:"action" required:"true"`
	// Rate limit mode.
	// ip: IP-based rate limiting. Website visitors are identified by IP address.
	// cookie: User-based rate limiting. Website visitors are identified by the cookie key value.
	// header: User-based rate limiting. Website visitors are identified by the header field.
	// other: Website visitors are identified by the Referer field (user-defined request source).
	TagType string `json:"tag_type" required:"true"`
	// User identifier. This parameter is mandatory when the rate limit mode is set to user (cookie or header).
	// cookie: Set the cookie field name.
	// You need to configure an attribute variable name in the cookie that can uniquely identify
	// a web visitor based on your website requirements. This field does not support regular expressions.
	// Only complete matches are supported. For example, if a website uses the name field
	// in the cookie to uniquely identify a website visitor, select name.
	// header: Set the user-defined HTTP header you want to protect.
	// You need to configure the HTTP header that can identify web visitors based on your website requirements.
	TagIndex string `json:"tag_index"`
	// User tag. This parameter is mandatory when the rate limit mode is set to other.
	// other: A website visitor is identified by the Referer field (user-defined request source).
	TagCondition *CcTagConditionObject `json:"tag_condition"`
	// Rate limit frequency based on the number of requests. The value ranges from 1 to 2,147,483,647.
	LimitNum int64 `json:"limit_num" required:"true"`
	// Rate limit period, in seconds. The value ranges from 1 to 3,600.
	LimitPeriod int64 `json:"limit_period" required:"true"`
	// Allowable frequency based on the number of requests. The value ranges from 0 to 2,147,483,647.
	// This parameter is required only when the protection action type is dynamic_block.
	UnlockNum int64 `json:"unlock_num"`
	// Block duration, in seconds. The value ranges from 0 to 65,535.
	// Specifies the period within which access is blocked. An error page is displayed in this period.
	LockTime *int `json:"lock_time,omitempty"`
	// Rule description.
	Description string `json:"description"`
}

type CreateCustomOpts 

type CreateCustomOpts struct {
	// Time the precise protection rule takes effect.
	// false: The rule takes effect immediately.
	// true: The effective time is customized.
	Time *bool `json:"time" required:"true"`
	// Timestamp (ms) when the precise protection rule takes effect.
	// This parameter is returned only when time is true.
	Start int64 `json:"start,omitempty"`
	// Timestamp (ms) when the precise protection rule expires.
	// This parameter is returned only when time is true.
	Terminal int64 `json:"terminal,omitempty"`
	// Rule description.
	Description string `json:"description,omitempty"`
	// Match condition List.
	Conditions []CustomConditionsObject `json:"conditions,omitempty"`
	// Protective action of the precise protection rule.
	Action *CustomActionObject `json:"action" required:"true"`
	// Priority of a rule. A small value indicates a high priority. If two rules are assigned with the same priority,
	// the rule added earlier has higher priority. Value range: 0 to 1000.
	Priority *int `json:"priority" required:"true"`
}

type CreateGeoIpOpts 

type CreateGeoIpOpts struct {
	// Applicable regions. The value can be the region code.
	GeoIp string `json:"geoip" required:"true"`
	// Protective action. The value can be:
	// 0: WAF blocks the requests that hit the rule.
	// 1: WAF allows the requests that hit the rule.
	// 2: WAF only logs the requests that hit the rule.
	Action *int `json:"white" required:"true"`
	// Rule name. Currently, the console does not support configuring
	// names for geolocation access control rule. Ignore this parameter.
	Name string `json:"name" required:"true"`
	// Rule description.
	Description string `json:"description"`
}

type CreateIgnoreOpts 

type CreateIgnoreOpts struct {
	// Domain names to be protected. If the array length is 0, this rule will take effect
	// for all domain names that are protected by the policies this rule belongs to.
	Domains []string `json:"domain" required:"true"`
	// Condition list
	Conditions []IgnoreCondition `json:"conditions" required:"true"`
	// The value is fixed at 1, indicating v2 false alarm masking rules.
	Mode int `json:"mode" required:"true"`
	// Items to be masked. You can provide multiple items and separate them with semicolons (;).
	Rule string `json:"rule" required:"true"`
	// To ignore attacks of a specific field, specify the field in the Advanced settings area.
	// After you add the rule, WAF will stop blocking attacks of the specified field.
	// This parameter is not included if all modules are bypassed.
	Advanced []AdvancedIgnoreObject `json:"advanced"`
	// Description of the rule
	Description string `json:"description,omitempty"`
}

type CreateKnownAttackSourceOpts 

type CreateKnownAttackSourceOpts struct {
	// Type of the know attack source rule.
	// Enumeration values:
	// long_ip_block
	// long_cookie_block
	// long_params_block
	// short_ip_block
	// short_cookie_block
	// short_params_block
	Category string `json:"category" required:"true"`
	// Block duration, in seconds. If prefix long is selected for the rule type,
	// the value for block_time ranges from 301 to 1800.
	// If prefix short is selected for the rule type,
	// the value for block_time ranges from 0 to 300.
	BlockTime *int `json:"block_time" required:"true"`
	// Rule description.
	Description string `json:"description"`
}

type CreatePrivacyOpts 

type CreatePrivacyOpts struct {
	// URL protected by the data masking rule.
	// The value must be in the standard URL format, for example, /admin.
	Url string `json:"url" required:"true"`
	// Masked field.
	// Enumeration values:
	// params
	// cookie
	// header
	// form
	Category string `json:"category" required:"true"`
	// Name of the masked field.
	Name string `json:"index" required:"true"`
	// Rule description.
	Description string `json:"description"`
}

type CreateReferenceTableOpts 

type CreateReferenceTableOpts struct {
	// Reference table name. The value can contain a maximum of 64 characters.
	// Only digits, letters, hyphens (-), underscores (_), and periods (.) are allowed.
	Name string `json:"name" required:"true"`
	// Reference table type. For details, see the enumeration values as followed.
	// Enumeration values:
	// url
	// params
	// ip
	// cookie
	// referer
	// user-agent
	// header
	// response_code
	// response_header
	// response_body
	Type string `json:"type" required:"true"`
	// Value of the reference table.
	Values []string `json:"values"`
}

type CustomActionObject 

type CustomActionObject struct {
	// Operation type
	// block: WAF blocks attacks.
	// pass: WAF allows requests.
	// log: WAF only logs detected attacks.
	Category string `json:"category" required:"true"`
	// ID of a known attack source rule.
	// This parameter can be configured only when category is set to block.
	FollowedActionId string `json:"followed_action_id,omitempty"`
}

type CustomConditionsObject 

type CustomConditionsObject struct {
	// Field type. The value can be url, ip, params, cookie, or header.
	Category string `json:"category,omitempty"`
	// Logic for matching the condition.
	// If the category is url, the optional operations are:
	// `contain`, `not_contain`, `equal`, `not_equal`, `prefix`, `not_prefix`, `suffix`, `not_suffix`,
	// `contain_any`, `not_contain_all`, `equal_any`, `not_equal_all`, `equal_any`,
	// `not_equal_all`, `prefix_any`, `not_prefix_all`, `suffix_any`, `not_suffix_all`,
	// `len_greater`, `len_less`, `len_equal` and `len_not_equal`
	// If the category is ip, the optional operations are:
	// `equal`, `not_equal`, `equal_any` and `not_equal_all`
	// If the category is params, cookie and header, the optional operations are:
	// `contain`, `not_contain`, `equal`, `not_equal`, `prefix`, `not_prefix`, `suffix`, `not_suffix`,
	// `contain_any`, `not_contain_all`, `equal_any`, `not_equal_all`, `equal_any`, `not_equal_all`,
	// `prefix_any`, `not_prefix_all`, `suffix_any`, `not_suffix_all`, `len_greater`, `len_less`,
	// `len_equal`, `len_not_equal`, `num_greater`, `num_less`, `num_equal`, `num_not_equal`,
	// `exist` and `not_exist`
	LogicOperation string `json:"logic_operation,omitempty"`
	// Content of the conditions.
	// This parameter is mandatory when the suffix of logic_operation is not any or all.
	Contents []string `json:"contents,omitempty"`
	// Reference table ID. It can be obtained by calling the API Querying the Reference Table List.
	// This parameter is mandatory when the suffix of logic_operation is any or all.
	// The reference table type must be the same as the category type.
	ValueListId string `json:"value_list_id,omitempty"`
	// Subfield. When category is set to params, cookie, or header,
	// set this parameter based on site requirements.
	// This parameter is mandatory.
	Index string `json:"index,omitempty"`
}

type CustomRule 

type CustomRule struct {
	// Rule ID.
	ID string `json:"id"`
	// Policy ID.
	PolicyId string `json:"policyid"`
	// Rule description.
	Description string `json:"description"`
	// Rule status. The value can be 0 or 1.
	Status *int `json:"status"`
	// List of matching conditions. All conditions must be met.
	Conditions []CustomConditionsObject `json:"conditions"`
	// Protective action of the precise protection rule.
	Action *CustomActionObject `json:"action"`
	// Priority of a rule. A small value indicates a high priority.
	// If two rules are assigned with the same priority,
	// the rule added earlier has higher priority. Value range: 0 to 1000.
	Priority int `json:"priority"`
	// Timestamp when the precise protection rule is created.
	CreatedAt int64 `json:"timestamp"`
	// Timestamp (ms) when the precise protection rule takes effect.
	// This parameter is returned only when time is true.
	Start int64 `json:"start"`
	// Timestamp (ms) when the precise protection rule expires.
	// This parameter is returned only when time is true.
	Terminal int64 `json:"terminal"`
	// This parameter is reserved and can be ignored currently.
	ActionMode *bool `json:"action_mode"`
	// Rule aging time. This parameter is reserved and can be ignored currently.
	AgingTime int `json:"aging_time"`
	// Rule creation object. This parameter is reserved and can be ignored currently.
	Producer int `json:"producer"`
}

func CreateCustom 

func CreateCustom(client *golangsdk.ServiceClient, policyId string, opts CreateCustomOpts) (*CustomRule, error)

CreateCustom will create a precise protection rule on the values in CreateOpts.

func GetCustom 

func GetCustom(client *golangsdk.ServiceClient, policyId, ruleId string) (*CustomRule, error)

GetCustom is used to query a precise protection rule by ID.

func ListCustoms 

func ListCustoms(client *golangsdk.ServiceClient, policyId string, opts ListCustomOpts) ([]CustomRule, error)

ListCustoms is used to query the list of CC attack protection rules.

func UpdateCustom 

func UpdateCustom(client *golangsdk.ServiceClient, policyId, ruleId string, opts CreateCustomOpts) (*CustomRule, error)

UpdateCustom is used to update a precise protection rule.

type GeoIpRule 

type GeoIpRule struct {
	// Rule ID.
	ID string `json:"id"`
	// Policy ID.
	PolicyId string `json:"policyid"`
	// Rule name.
	Name string `json:"name"`
	// List of geographical locations hit the geolocation access control rule.
	GeoTagList []string `json:"geoTagList"`
	// Applicable regions.
	GeoIp string `json:"geoip"`
	// Protective action.
	Action int `json:"white"`
	// Rule status.
	Status *int `json:"status"`
	// Time the rule is created. The value is a 13-digit timestamp in ms.
	CreatedAt int64 `json:"timestamp"`
	// Rule description.
	Description string `json:"description"`
}

func CreateGeoIp 

func CreateGeoIp(client *golangsdk.ServiceClient, policyId string, opts CreateGeoIpOpts) (*GeoIpRule, error)

CreateGeoIp will create a geolocation access control rule on the values in CreateOpts.

func GetGeoIp 

func GetGeoIp(client *golangsdk.ServiceClient, policyId, ruleId string) (*GeoIpRule, error)

GetGeoIp is used to query a geolocation access control rule by ID.

func ListGeoIp 

func ListGeoIp(client *golangsdk.ServiceClient, policyId string, opts ListGeoIpOpts) ([]GeoIpRule, error)

ListGeoIp is used to query the list of false alarm masking rules.

func UpdateGeoIp 

func UpdateGeoIp(client *golangsdk.ServiceClient, policyId, ruleId string, opts UpdateGeoIpOpts) (*GeoIpRule, error)

UpdateGeoIp is used to update a geolocation access control rule.

type IgnoreCondition 

type IgnoreCondition struct {
	// Field type. The value can be url, ip, params, cookie, or header.
	Category string `json:"category,omitempty"`
	// Content. The array length is limited to 1.
	// The content format varies depending on the field type.
	// For example, if the field type is ip, the value must be an IP address or IP address range.
	// If the field type is url, the value must be in the standard URL format.
	// IF the field type is params, cookie, or header, the content format is not limited.
	Contents []string `json:"contents,omitempty"`
	// The matching logic varies depending on the field type. For example,
	// if the field type is ip, the logic can be equal or not_equal.
	// If the field type is url, params, cookie, or header,
	// the logic can be equal, not_equal, contain, not_contain, prefix, not_prefix,
	// suffix, not_suffix.
	LogicOperation string `json:"logic_operation,omitempty"`
	// If the field type is ip and the subfield is the client IP address,
	// the index parameter is not required. If the subfield type is X-Forwarded-For,
	// the value is x-forwarded-for; If the field type is params, header,
	// or cookie, and the subfield is user-defined, the value of index is the user-defined subfield.
	Index string `json:"index,omitempty"`
}

type IgnoreRule 

type IgnoreRule struct {
	// Rule ID.
	ID string `json:"id"`
	// Policy ID.
	PolicyId string `json:"policyid"`
	// Time the rule is created. The value is a 13-digit timestamp in ms.
	CreatedAt int64 `json:"timestamp"`
	// Rule description.
	Description string `json:"description"`
	// Rule status. The value can be:
	// 0: The rule is disabled.
	// 1: The rule is enabled.
	Status int `json:"status"`
	// Masked items.
	Rule string `json:"rule"`
	// The value is fixed at 1, indicating v2 false alarm masking rules are used.
	Mode int `json:"mode"`
	// Condition list.
	Conditions []IgnoreCondition `json:"conditions"`
	// Advanced settings.
	Advanced []AdvancedIgnoreObject `json:"advanced"`
	// Domain names.
	Domains []string `json:"domain"`
}

func CreateIgnore 

func CreateIgnore(client *golangsdk.ServiceClient, policyId string, opts CreateIgnoreOpts) (*IgnoreRule, error)

CreateIgnore will create a global protection whitelist (formerly false alarm masking) rule on the values in CreateOpts.

func GetIgnore 

func GetIgnore(client *golangsdk.ServiceClient, policyId, ruleId string) (*IgnoreRule, error)

GetIgnore is used to querying a global protection whitelist (formerly false alarm masking) rule by ID.

func ListIgnore 

func ListIgnore(client *golangsdk.ServiceClient, policyId string, opts ListIgnoreOpts) ([]IgnoreRule, error)

ListIgnore is used to query the list of false alarm masking rules.

func UpdateIgnore 

func UpdateIgnore(client *golangsdk.ServiceClient, policyId, ruleId string, opts CreateIgnoreOpts) (*IgnoreRule, error)

UpdateIgnore is used to update a global protection whitelist (false alarm masking) rule.

type KnownAttackSourceRule 

type KnownAttackSourceRule struct {
	// Rule ID.
	ID string `json:"id"`
	// Policy ID.
	PolicyId string `json:"policyid"`
	// Time the rule is created. The value is a 13-digit timestamp in ms.
	CreatedAt int64 `json:"timestamp"`
	// Type of the know attack source rule.
	Category string `json:"category"`
	// Rule description.
	Description string `json:"description"`
	// Block duration, in seconds.
	BlockTime int `json:"block_time"`
}

func CreateKnownAttackSource 

func CreateKnownAttackSource(client *golangsdk.ServiceClient, policyId string, opts CreateKnownAttackSourceOpts) (*KnownAttackSourceRule, error)

CreateKnownAttackSource will create a known attack source rule on the values in CreateKnownAttackSourceOpts.

func GetKnownAttackSource 

func GetKnownAttackSource(client *golangsdk.ServiceClient, policyId, ruleId string) (*KnownAttackSourceRule, error)

GetKnownAttackSource is used to query a known attack source rule by ID.

func ListKnownAttackSource 

func ListKnownAttackSource(client *golangsdk.ServiceClient, policyId string, opts ListKnownAttackSourceOpts) ([]KnownAttackSourceRule, error)

ListKnownAttackSource is used to query the list of known attack source rules.

func UpdateKnownAttackSource 

func UpdateKnownAttackSource(client *golangsdk.ServiceClient, policyId, ruleId string, opts UpdateKnownAttackSourceOpts) (*KnownAttackSourceRule, error)

UpdateKnownAttackSource is used update a known attack source rule.

type ListAntiCrawlerOpts 

type ListAntiCrawlerOpts struct {
	// Number of records on each page.
	// The maximum value is 100. If this parameter is not specified, the default value -1 is used.
	// All policies are queried regardless of the value of Page
	PageSize int64 `q:"pagesize,omitempty"`
	// Page. Default value: 1
	Page int `q:"page,omitempty"`
	// JavaScript anti-crawler rule protection mode.
	// anticrawler_except_url: In this mode, all paths are protected except the one specified in the queried anti-crawler rule.
	// anticrawler_specific_url: In this mode, the path specified in the queried rule is protected.
	Type string `q:"type,omitempty"`
}

type ListAntiLeakageOpts 

type ListAntiLeakageOpts struct {
	// Number of records on each page.
	// The maximum value is 100. If this parameter is not specified, the default value -1 is used.
	// All policies are queried regardless of the value of Page
	PageSize int64 `q:"pagesize,omitempty"`
	// Page. Default value: 1
	Page int `q:"page,omitempty"`
}

type ListAntiTamperOpts 

type ListAntiTamperOpts struct {
	// Number of records on each page.
	// The maximum value is 100. If this parameter is not specified, the default value -1 is used.
	// All policies are queried regardless of the value of Page
	PageSize int64 `q:"pagesize,omitempty"`
	// Page. Default value: 1
	Page int `q:"page,omitempty"`
}

type ListBlacklistOpts 

type ListBlacklistOpts struct {
	// Number of records on each page.
	// The maximum value is 100. If this parameter is not specified, the default value -1 is used.
	// All policies are queried regardless of the value of Page
	PageSize int64 `q:"pagesize,omitempty"`
	// Page. Default value: 1
	Page int `q:"page,omitempty"`
	// Rule name, Fuzzy search is supported.
	Name string `q:"name,omitempty"`
}

type ListCcOpts 

type ListCcOpts struct {
	// Number of records on each page.
	// The maximum value is 100. If this parameter is not specified, the default value -1 is used.
	// All policies are queried regardless of the value of Page
	PageSize int64 `q:"pagesize,omitempty"`
	// Page. Default value: 1
	Page int `q:"page,omitempty"`
}

type ListCustomOpts 

type ListCustomOpts struct {
	// Number of records on each page.
	// The maximum value is 100. If this parameter is not specified, the default value -1 is used.
	// All policies are queried regardless of the value of Page
	PageSize int64 `q:"pagesize,omitempty"`
	// Page. Default value: 1
	Page int `q:"page,omitempty"`
}

type ListGeoIpOpts 

type ListGeoIpOpts struct {
	// Number of records on each page.
	// The maximum value is 100. If this parameter is not specified, the default value -1 is used.
	// All policies are queried regardless of the value of Page
	PageSize int64 `q:"pagesize,omitempty"`
	// Page. Default value: 1
	Page int `q:"page,omitempty"`
}

type ListIgnoreOpts 

type ListIgnoreOpts struct {
	// Number of records on each page.
	// The maximum value is 100. If this parameter is not specified, the default value -1 is used.
	// All policies are queried regardless of the value of Page
	PageSize int64 `q:"pagesize,omitempty"`
	// Page. Default value: 1
	Page int `q:"page,omitempty"`
}

type ListKnownAttackSourceOpts 

type ListKnownAttackSourceOpts struct {
	// Number of records on each page.
	// The maximum value is 100. If this parameter is not specified, the default value -1 is used.
	// All policies are queried regardless of the value of Page
	PageSize int64 `q:"pagesize,omitempty"`
	// Page. Default value: 1
	Page int `q:"page,omitempty"`
}

type ListPrivacyOpts 

type ListPrivacyOpts struct {
	// Number of records on each page.
	// The maximum value is 100. If this parameter is not specified, the default value -1 is used.
	// All policies are queried regardless of the value of Page
	PageSize int64 `q:"pagesize,omitempty"`
	// Page. Default value: 1
	Page int `q:"page,omitempty"`
}

type ListReferenceTableOpts 

type ListReferenceTableOpts struct {
	// Number of records on each page.
	// The maximum value is 100. If this parameter is not specified, the default value -1 is used.
	// All policies are queried regardless of the value of Page
	PageSize int64 `q:"pagesize,omitempty"`
	// Page. Default value: 1
	Page int `q:"page,omitempty"`
	// Reference table name, Fuzzy search is supported.
	Name string `q:"name,omitempty"`
}

type PrivacyRule 

type PrivacyRule struct {
	// Rule ID.
	ID string `json:"id"`
	// Policy ID.
	PolicyId string `json:"policyid"`
	// Time the rule is created. The value is a 13-digit timestamp in ms.
	CreatedAt int64 `json:"timestamp"`
	// Rule status. The value can be:
	// 0: The rule is disabled.
	// 1: The rule is enabled.
	Status *int `json:"status"`
	// URL protected by the data masking rule.
	Url string `json:"url"`
	// Masked field.
	// Enumeration values:
	// params
	// cookie
	// header
	// form
	Category string `json:"category"`
	// Name of the masked field.
	Name string `json:"index"`
	// Rule description.
	Description string `json:"description"`
}

func CreatePrivacy 

func CreatePrivacy(client *golangsdk.ServiceClient, policyId string, opts CreatePrivacyOpts) (*PrivacyRule, error)

CreatePrivacy will create a data masking rule on the values in CreateOpts.

func GetPrivacy 

func GetPrivacy(client *golangsdk.ServiceClient, policyId, ruleId string) (*PrivacyRule, error)

GetPrivacy is used to query a data masking rule by ID.

func ListPrivacy 

func ListPrivacy(client *golangsdk.ServiceClient, policyId string, opts ListPrivacyOpts) ([]PrivacyRule, error)

ListPrivacy is used to query the data masking rule list.

func UpdatePrivacy 

func UpdatePrivacy(client *golangsdk.ServiceClient, policyId, ruleId string, opts UpdatePrivacyOpts) (*PrivacyRule, error)

UpdatePrivacy is used to update the data masking rule list.

type ReferenceTable 

type ReferenceTable struct {
	// ID of a reference table.
	ID string `json:"id"`
	// Reference table name.
	Name string `json:"name"`
	// Type
	Type string `json:"type"`
	// Reference table timestamp.
	CreatedAt int64 `json:"timestamp"`
	// Value of the reference table.
	Values []string `json:"values"`
	// Reference table description.
	Description string `json:"description"`
	Producer    int    `json:"producer"`
}

func CreateReferenceTable 

func CreateReferenceTable(client *golangsdk.ServiceClient, opts CreateReferenceTableOpts) (*ReferenceTable, error)

CreateReferenceTable will create a reference table on the values in CreateOpts.

func GetReferenceTable 

func GetReferenceTable(client *golangsdk.ServiceClient, tableId string) (*ReferenceTable, error)

GetReferenceTable is used to query a reference table by ID.

func ListReferenceTable 

func ListReferenceTable(client *golangsdk.ServiceClient, opts ListReferenceTableOpts) ([]ReferenceTable, error)

ListReferenceTable is used to query the reference table list.

func UpdateReferenceTable 

func UpdateReferenceTable(client *golangsdk.ServiceClient, tableId string, opts UpdateReferenceTableOpts) (*ReferenceTable, error)

UpdateReferenceTable is used to modify a reference table.

type RuleStatus 

type RuleStatus struct {
	// Rule ID.
	Id string `json:"id"`
	// Policy ID.
	PolicyId string `json:"policyid"`
	// Time when the rule was created.
	CreatedAt int64 `json:"timestamp"`
	// Rule Description.
	Description string `json:"description"`
	// Status. The options are 0 and 1. 0: Disabled. 1: Enabled.
	Status int `json:"status"`
}

func ChangeRuleStatus 

func ChangeRuleStatus(client *golangsdk.ServiceClient, PolicyId, Ruletype, RuleId string, opts ChangeStatusOpts) (*RuleStatus, error)

ChangeRuleStatus is used to change the status of a policy rule.

type UpdateAntiCrawlerOpts 

type UpdateAntiCrawlerOpts struct {
	// URL to which the rule applies.
	Url string `json:"url" required:"true"`
	// Rule matching logic
	// 1: Include
	// 2: Not include
	// 3: Equal
	// 4: Not equal
	// 5: Prefix is
	// 6: Prefix is not
	// 7: Suffix is
	// 8: Suffix is not
	Logic int `json:"logic" required:"true"`
	// Rule name.
	Name string `json:"name" required:"true"`
}

type UpdateAntiLeakageOpts 

type UpdateAntiLeakageOpts struct {
	// URL to which the rule applies.
	Url string `json:"url" required:"true"`
	// Sensitive information type in the information leakage prevention rule.
	// sensitive: The rule masks sensitive user information, such as ID code, phone numbers, and email addresses.
	// code: The rule blocks response pages of specified HTTP response code.
	Category string `json:"category" required:"true"`
	// Content corresponding to the sensitive information type. Multiple options can be set.
	// When category is set to code, the pages that contain the following HTTP response codes
	// will be blocked: 400, 401, 402, 403, 404, 405, 500, 501, 502, 503, 504 and 507.
	// When category is set to sensitive, parameters phone, id_card, and email can be set.
	Contents []string `json:"contents" required:"true"`
	// Rule description
	Description string `json:"description"`
}

type UpdateBlacklistOpts 

type UpdateBlacklistOpts struct {
	// Rule name.
	Name string `json:"name,omitempty"`
	// Rule description.
	Description string `json:"description,omitempty"`
	// IP addresses or an IP address range.
	// IP addresses: IP addresses to be added to the blacklist or whitelist,
	// for example, 192.x.x.3
	// IP address range: IP address and subnet mask,
	// for example, 10.x.x.0/24
	Addresses string `json:"addr,omitempty" required:"true"`
	// Protective action. The value can be:
	// 0: WAF blocks the requests that hit the rule.
	// 1: WAF allows the requests that hit the rule.
	// 2: WAF only logs the requests that hit the rule.
	Action *int `json:"white" required:"true"`
	// ID of a known attack source rule. This parameter can be configured only when white is set to 0.
	FollowedActionId string `json:"followed_action_id,omitempty"`
}

type UpdateGeoIpOpts 

type UpdateGeoIpOpts struct {
	// Applicable regions.
	GeoIp string `json:"geoip" required:"true"`
	// Protective action. The value can be:
	// 0: WAF blocks the requests that hit the rule.
	// 1: WAF allows the requests that hit the rule.
	// 2: WAF only logs the requests that hit the rule.
	Action *int `json:"white" required:"true"`
	// Name of the masked field
	Name string `json:"name"`
	// Rule description
	Description string `json:"description"`
}

type UpdateKnownAttackSourceOpts 

type UpdateKnownAttackSourceOpts struct {
	// Block duration, in seconds.
	// If prefix long is selected for the rule type, the value for block_time ranges from 301 to 1800.
	// If prefix short is selected for the rule type, the value for block_time ranges from 0 to 300.
	BlockTime *int `json:"block_time" required:"true"`
	// Rule description
	Description string `json:"description"`
}

type UpdatePrivacyOpts 

type UpdatePrivacyOpts struct {
	// URL to which the rule applies.
	Url string `json:"url" required:"true"`
	// Masked field
	// Enumeration values:
	// params
	// cookie
	// header
	// form
	Category string `json:"category" required:"true"`
	// Name of the masked field
	Name string `json:"index" required:"true"`
	// Rule description
	Description string `json:"description"`
}

type UpdateReferenceTableOpts 

type UpdateReferenceTableOpts struct {
	// Reference table name. The value can contain a maximum of 64 characters.
	// Only digits, letters, hyphens (-), underscores (_), and periods (.) are allowed
	Name string `json:"name" required:"true"`
	// Reference table type.
	Type string `json:"type" required:"true"`
	// Value of the reference table.
	Values []string `json:"values"`
	// Reference table description.
	Description string `json:"description"`
}

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.