librewolf
/
bunkerized-nginx
mirror of https://github.com/bunkerity/bunkerized-nginx
4
0
Fork 1
Code Issues Projects Releases Wiki Activity

country fix (again) and init work on stream

This commit is contained in:
bunkerity 2023-04-25 16:05:08 +02:00
parent 94b97a6bb9
commit bd577cfb2e
17 changed files with 323 additions and 155 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
src/bw/lua/bunkerweb/helpers.lua
View File

@ -96,7 +96,7 @@ helpers.fill_ctx = function()
local data = {}
-- Common vars
data.kind = "http"
if not ngx.shared.cachestore then
if not ngx.shared.datastore_stream then
data.kind = "stream"
end
data.remote_addr = ngx.var.remote_addr

5
src/bw/lua/bunkerweb/plugin.lua
View File

@ -33,6 +33,11 @@ function plugin:initialize(id)
self.logger:log(ngx.ERR, "can't get IS_LOADING variable : " .. err)
end
self.is_loading = is_loading == "yes"
-- Kind of server
self.kind = "http"
if ngx.shared.datastore_stream then
self.kind = "stream"
end
end
function plugin:get_id()

136
src/common/confs/init-stream-lua.conf
View File

@ -1,118 +1,138 @@
init_by_lua_block {
local logger = require "logger"
local datastore = require "datastore"
local plugins = require "plugins"
local utils = require "utils"
local cjson = require "cjson"
local class = require "middleclass"
local clogger = require "bunkerweb.logger"
local helpers = require "bunkerweb.helpers"
local cdatastore = require "bunkerweb.datastore"
local cjson = require "cjson"
logger.log(ngx.NOTICE, "INIT-STREAM", "Init phase started")
-- Start init phase
local logger = clogger:new("INIT-STREAM")
local datastore = cdatastore:new()
logger:log(ngx.NOTICE, "init-stream phase started")
-- Remove previous data from the datastore
logger:log(ngx.NOTICE, "deleting old keys from datastore ...")
local data_keys = {"^plugin_", "^variable_", "^plugins$", "^api_", "^misc_"}
for i, key in pairs(data_keys) do
local ok, err = datastore:delete_all(key)
if not ok then
logger.log(ngx.ERR, "INIT-STREAM", "Can't delete " .. key .. " from datastore : " .. err)
logger:log(ngx.ERR, "can't delete " .. key .. " from datastore : " .. err)
return false
end
logger.log(ngx.INFO, "INIT-STREAM", "Deleted " .. key .. " from datastore")
logger:log(ngx.INFO, "deleted " .. key .. " from datastore")
end
logger:log(ngx.NOTICE, "deleted old keys from datastore")
-- Load variables into the datastore
logger:log(ngx.NOTICE, "saving variables into datastore ...")
local file = io.open("/etc/nginx/variables.env")
if not file then
logger.log(ngx.ERR, "INIT-STREAM", "Can't open /etc/nginx/variables.env file")
logger:log(ngx.ERR, "can't open /etc/nginx/variables.env file")
return false
end
file:close()
for line in io.lines("/etc/nginx/variables.env") do
local variable, value = line:match("(.+)=(.*)")
ok, err = datastore:set("variable_" .. variable, value)
local ok, err = datastore:set("variable_" .. variable, value)
if not ok then
logger.log(ngx.ERR, "INIT-STREAM", "Can't save variable " .. variable .. " into datastore")
logger:log(ngx.ERR, "can't save variable " .. variable .. " into datastore : " .. err)
return false
end
logger:log(ngx.INFO, "saved variable " .. variable .. "=" .. value .. " into datastore")
end
logger:log(ngx.NOTICE, "saved variables into datastore")
-- Set default values into the datastore
ok, err = datastore:set("plugins", cjson.encode({}))
if not ok then
logger.log(ngx.ERR, "INIT-STREAM", "Can't set default value for plugins into the datastore : " .. err)
return false
end
ok, err = utils.set_values()
if not ok then
logger.log(ngx.ERR, "INIT-STREAM", "Error while setting default values : " .. err)
return false
end
-- API setup
-- Set API values into the datastore
logger:log(ngx.NOTICE, "saving API values into datastore ...")
local value, err = datastore:get("variable_USE_API")
if not value then
logger.log(ngx.ERR, "INIT-STREAM", "Can't get variable USE_API from the datastore")
logger:log(ngx.ERR, "can't get variable USE_API from the datastore : " .. err)
return false
end
if value == "yes" then
value, err = datastore:get("variable_API_WHITELIST_IP")
local value, err = datastore:get("variable_API_WHITELIST_IP")
if not value then
logger.log(ngx.ERR, "INIT-STREAM", "Can't get variable API_WHITELIST_IP from the datastore")
logger:log(ngx.ERR, "can't get variable API_WHITELIST_IP from the datastore : " .. err)
return false
end
local whitelists = { data = {}}
local whitelists = {}
for whitelist in value:gmatch("%S+") do
table.insert(whitelists.data, whitelist)
table.insert(whitelists, whitelist)
end
ok, err = datastore:set("api_whitelist_ip", cjson.encode(whitelists))
local ok, err = datastore:set("api_whitelist_ip", cjson.encode(whitelists))
if not ok then
logger.log(ngx.ERR, "INIT-STREAM", "Can't save api_whitelist_ip to datastore : " .. err)
logger:log(ngx.ERR, "can't save API whitelist_ip to datastore : " .. err)
return false
end
logger:log(ngx.INFO, "saved API whitelist_ip into datastore")
end
logger:log(ngx.NOTICE, "saved API values into datastore")
-- Load plugins into the datastore
logger:log(ngx.NOTICE, "saving plugins into datastore ...")
local plugins = {}
local plugin_paths = {"/usr/share/bunkerweb/core", "/etc/bunkerweb/plugins"}
for i, plugin_path in ipairs(plugin_paths) do
local paths = io.popen("find -L " .. plugin_path .. " -maxdepth 1 -type d ! -path " .. plugin_path)
for path in paths:lines() do
plugin, err = plugins:load(path)
if not plugin then
logger.log(ngx.ERR, "INIT-STREAM", "Error while loading plugin from " .. path .. " : " .. err)
return false
local ok, plugin = helpers.load_plugin(path .. "/plugin.json")
if not ok then
logger:log(ngx.ERR, plugin)
else
local ok, err = datastore:set("plugin_" .. plugin.id, cjson.encode(plugin))
if not ok then
logger:log(ngx.ERR, "can't save " .. plugin.id .. " into datastore : " .. err)
else
table.insert(plugins, plugin)
table.sort(plugins, function (a, b)
return a.order < b.order
end)
logger:log(ngx.NOTICE, "loaded plugin " .. plugin.id .. " v" .. plugin.version)
end
end
logger.log(ngx.NOTICE, "INIT-STREAM", "Loaded plugin " .. plugin.id .. " v" .. plugin.version)
end
end
-- Call init method of plugins
local list, err = plugins:list()
if not list then
logger.log(ngx.ERR, "INIT-STREAM", "Can't list loaded plugins : " .. err)
list = {}
local ok, err = datastore:set("plugins", cjson.encode(plugins))
if not ok then
logger:log(ngx.ERR, "can't save plugins into datastore : " .. err)
return false
end
for i, plugin in ipairs(list) do
local ret, plugin_lua = pcall(require, plugin.id .. "/" .. plugin.id)
if ret then
local plugin_obj = plugin_lua.new()
if plugin_obj.init ~= nil then
ok, err = plugin_obj:init()
logger:log(ngx.NOTICE, "saved plugins into datastore")
-- Call init() methodatastore
logger:log(ngx.NOTICE, "calling init() methods of plugins ...")
for i, plugin in ipairs(plugins) do
-- Require call
local plugin_lua, err = helpers.require_plugin(plugin.id)
if plugin_lua == false then
logger:log(ngx.ERR, err)
elseif plugin_lua == nil then
logger:log(ngx.NOTICE, err)
else
-- Check if plugin has init method
if plugin_lua.init ~= nil then
-- New call
local ok, plugin_obj = helpers.new_plugin(plugin_lua)
if not ok then
logger.log(ngx.ERR, "INIT-STREAM", "Plugin " .. plugin.id .. " failed on init() : " .. err)
logger:log(ngx.ERR, plugin_obj)
else
logger.log(ngx.INFO, "INIT-STREAM", "Successfull init() call for plugin " .. plugin.id .. " : " .. err)
local ok, ret = helpers.call_plugin(plugin_obj, "init")
if not ok then
logger:log(ngx.ERR, ret)
elseif not ret.ret then
logger:log(ngx.ERR, plugin.id .. ":init() call failed : " .. ret.msg)
else
logger:log(ngx.NOTICE, plugin.id .. ":init() call successful : " .. ret.msg)
end
end
else
logger.log(ngx.INFO, "INIT-STREAM", "init() method not found in " .. plugin.id .. ", skipped execution")
end
else
if plugin_lua:match("not found") then
logger.log(ngx.INFO, "INIT-STREAM", "can't require " .. plugin.id .. " : not found")
else
logger.log(ngx.ERR, "INIT-STREAM", "can't require " .. plugin.id .. " : " .. plugin_lua)
logger:log(ngx.NOTICE, "skipped execution of " .. plugin.id .. " because method init() is not defined")
end
end
end
logger:log(ngx.NOTICE, "called init() methods of plugins")
logger.log(ngx.NOTICE, "INIT-STREAM", "Init phase ended")
logger:log(ngx.NOTICE, "init-stream phase ended")
}

2
src/common/confs/init-worker-lua.conf
View File

@ -5,7 +5,7 @@ init_worker_by_lua_block {
-- Our timer function
local ready_log = function(premature)
-- Instantiate objects
local logger = require "bunkerweb.logger":new("INIT")
local logger = require "bunkerweb.logger":new("INIT-STREAM")
local datastore = require "bunkerweb.datastore":new()
-- Don't print the ready log if we are in loading state
local is_loading, err = require "bunkerweb.utils".get_variable("IS_LOADING", false)

48
src/common/confs/init-worker-stream-lua.conf Normal file
View File

@ -0,0 +1,48 @@
lua_shared_dict ready_lock_stream 16k;
init_worker_by_lua_block {
-- Our timer function
local ready_log = function(premature)
-- Instantiate objects
local logger = require "bunkerweb.logger":new("INIT")
local datastore = require "bunkerweb.datastore":new()
-- Don't print the ready log if we are in loading state
local is_loading, err = require "bunkerweb.utils".get_variable("IS_LOADING", false)
if not is_loading then
logger:log(ngx.ERR, "utils.get_variable() failed : " .. err)
return
elseif is_loading == "yes" then
return
end
-- Instantiate lock
local lock = require "resty.lock":new("ready_lock_stream")
if not lock then
logger:log(ngx.ERR, "lock:new() failed : " .. err)
return
end
-- Acquire lock
local elapsed, err = lock:lock("ready")
if elapsed == nil then
logger:log(ngx.ERR, "lock:lock() failed : " .. err)
else
-- Display ready log
local ok, err = datastore:get("misc_ready")
if not ok and err ~= "not found" then
logger:log(ngx.ERR, "datastore:get() failed : " .. err)
elseif not ok and err == "not found" then
logger:log(ngx.NOTICE, "BunkerWeb is ready to fool hackers ! 🚀")
local ok, err = datastore:set("misc_ready", "ok")
if not ok then
logger:log(ngx.ERR, "datastore:set() failed : " .. err)
end
end
end
-- Release lock
lock:unlock()
end
-- Start timer
ngx.timer.at(5, ready_log)
}

80
src/common/confs/server-stream/log-stream-lua.conf
View File

@ -1,44 +1,74 @@
log_by_lua_block {
local utils = require "utils"
local logger = require "logger"
local datastore = require "datastore"
local plugins = require "plugins"
local class = require "middleclass"
local clogger = require "bunkerweb.logger"
local helpers = require "bunkerweb.helpers"
local cdatastore = require "bunkerweb.datastore"
local cjson = require "cjson"
logger.log(ngx.INFO, "LOG", "Log phase started")
-- Start log phase
local logger = clogger:new("LOG")
local datastore = cdatastore:new()
logger:log(ngx.INFO, "log phase started")
-- List all plugins
local list, err = plugins:list()
if not list then
logger.log(ngx.ERR, "LOG", "Can't list loaded plugins : " .. err)
list = {}
-- Fill ctx
logger:log(ngx.INFO, "filling ngx.ctx ...")
local ok, ret, errors = helpers.fill_ctx()
if not ok then
logger:log(ngx.ERR, "fill_ctx() failed : " .. ret)
elseif errors then
for i, error in ipairs(errors) do
logger:log(ngx.ERR, "fill_ctx() error " .. tostring(i) .. " : " .. error)
end
end
logger:log(ngx.INFO, "ngx.ctx filled (ret = " .. ret .. ")")
-- Call log method of plugins
for i, plugin in ipairs(list) do
local ret, plugin_lua = pcall(require, plugin.id .. "/" .. plugin.id)
if ret then
local plugin_obj = plugin_lua.new()
if plugin_obj.log ~= nil then
logger.log(ngx.INFO, "LOG", "Executing log() of " .. plugin.id)
local ok, err = plugin_obj:log()
-- Get plugins
local plugins, err = datastore:get("plugins")
if not plugins then
logger:log(ngx.ERR, "can't get plugins from datastore : " .. err)
return false
end
plugins = cjson.decode(plugins)
-- Call log_stream() methods
logger:log(ngx.INFO, "calling log_stream() methods of plugins ...")
for i, plugin in ipairs(plugins) do
-- Require call
local plugin_lua, err = helpers.require_plugin(plugin.id)
if plugin_lua == false then
logger:log(ngx.ERR, err)
elseif plugin_lua == nil then
logger:log(ngx.INFO, err)
else
-- Check if plugin has log method
if plugin_lua.log_stream ~= nil then
-- New call
local ok, plugin_obj = helpers.new_plugin(plugin_lua)
if not ok then
logger.log(ngx.ERR, "LOG", "Error while calling log() on plugin " .. plugin.id .. " : " .. err)
logger:log(ngx.ERR, plugin_obj)
else
logger.log(ngx.INFO, "LOG", "Return value from " .. plugin.id .. ".log() is : " .. err)
local ok, ret = helpers.call_plugin(plugin_obj, "log_stream")
if not ok then
logger:log(ngx.ERR, ret)
elseif not ret.ret then
logger:log(ngx.ERR, plugin.id .. ":log_stream() call failed : " .. ret.msg)
else
logger:log(ngx.INFO, plugin.id .. ":log_stream() call successful : " .. ret.msg)
end
end
else
logger.log(ngx.INFO, "LOG", "log() method not found in " .. plugin.id .. ", skipped execution")
logger:log(ngx.INFO, "skipped execution of " .. plugin.id .. " because method log_stream() is not defined")
end
end
end
logger:log(ngx.INFO, "called log_stream() methods of plugins")
-- Display reason at info level
local reason = utils.get_reason()
if reason then
logger.log(ngx.INFO, "LOG", "Client was denied with reason : " .. reason)
if ngx.ctx.reason then
logger:log(ngx.INFO, "client was denied with reason : " .. reason)
end
logger.log(ngx.INFO, "LOG", "Log phase ended")
logger:log(ngx.INFO, "log phase ended")
}

143
src/common/confs/server-stream/preread-stream-lua.conf
View File

@ -1,81 +1,100 @@
preread_by_lua_block {
local logger = require "logger"
local datastore = require "datastore"
local plugins = require "plugins"
local utils = require "utils"
local redisutils = require "redisutils"
local class = require "middleclass"
local clogger = require "bunkerweb.logger"
local helpers = require "bunkerweb.helpers"
local utils = require "bunkerweb.utils"
local cdatastore = require "bunkerweb.datastore"
local cclusterstore = require "bunkerweb.clusterstore"
local cjson = require "cjson"
logger.log(ngx.INFO, "PREREAD", "Preread phase started")
-- Start preread phase
local logger = clogger:new("PREREAD")
local datastore = cdatastore:new()
logger:log(ngx.INFO, "preread phase started")
-- Fill ctx
logger:log(ngx.INFO, "filling ngx.ctx ...")
local ok, ret, errors = helpers.fill_ctx()
if not ok then
logger:log(ngx.ERR, "fill_ctx() failed : " .. ret)
elseif errors then
for i, error in ipairs(errors) do
logger:log(ngx.ERR, "fill_ctx() error " .. tostring(i) .. " : " .. error)
end
end
logger:log(ngx.INFO, "ngx.ctx filled (ret = " .. ret .. ")")
-- Process bans as soon as possible
local banned = nil
-- Redis case
local use_redis = utils.get_variable("USE_REDIS")
if use_redis == "yes" then
local redis_banned, reason = redisutils.ban(ngx.var.remote_addr)
if redis_banned == nil then
logger.log(ngx.ERR, "ACCESS", "Error while checking ban from redis, falling back to local : " .. reason)
elseif not redis_banned then
banned = false
else
banned = reason
end
end
-- Local case
local banned, reason, ttl = utils.is_banned(ngx.ctx.bw.remote_addr)
if banned == nil then
local reason, err = datastore:get("bans_ip_" .. ngx.var.remote_addr)
if reason then
banned = reason
logger:log(ngx.ERR, "can't check if IP " .. ngx.ctx.bw.remote_addr .. " is banned : " .. reason)
elseif banned then
logger:log(ngx.WARN, "IP " .. ngx.ctx.bw.remote_addr .. " is banned with reason " .. reason .. " (" .. tostring(ttl) .. "s remaining)")
return ngx.exit(utils.get_deny_status())
else
logger:log(ngx.INFO, "IP " .. ngx.ctx.bw.remote_addr .. " is not banned")
end
-- Get plugins
local plugins, err = datastore:get("plugins")
if not plugins then
logger:log(ngx.ERR, "can't get plugins from datastore : " .. err)
return false
end
plugins = cjson.decode(plugins)
-- Call preread() methods
logger:log(ngx.INFO, "calling preread() methods of plugins ...")
local status = nil
for i, plugin in ipairs(plugins) do
-- Require call
local plugin_lua, err = helpers.require_plugin(plugin.id)
if plugin_lua == false then
logger:log(ngx.ERR, err)
elseif plugin_lua == nil then
logger:log(ngx.INFO, err)
else
banned = false
end
end
-- Deny request
if banned then
logger.log(ngx.WARN, "ACCESS", "IP " .. ngx.var.remote_addr .. " is banned with reason : " .. banned)
ngx.exit(utils.get_deny_status())
end
-- List all plugins
local list, err = plugins:list()
if not list then
logger.log(ngx.ERR, "PREREAD", "Can't list loaded plugins : " .. err)
list = {}
end
-- Call preread method of plugins
for i, plugin in ipairs(list) do
local ret, plugin_lua = pcall(require, plugin.id .. "/" .. plugin.id)
if ret then
local plugin_obj = plugin_lua.new()
if plugin_obj.preread ~= nil then
logger.log(ngx.INFO, "PREREAD", "Executing preread() of " .. plugin.id)
local ok, err, ret, value = plugin_obj:preread()
-- Check if plugin has preread method
if plugin_lua.preread ~= nil then
-- New call
local ok, plugin_obj = helpers.new_plugin(plugin_lua)
if not ok then
logger.log(ngx.ERR, "PREREAD", "Error while calling preread() on plugin " .. plugin.id .. " : " .. err)
logger:log(ngx.ERR, plugin_obj)
else
logger.log(ngx.INFO, "PREREAD", "Return value from " .. plugin.id .. ".preread() is : " .. err)
end
if ret then
if type(value) == "number" then
if value == utils.get_deny_status() then
logger.log(ngx.WARN, "PREREAD", "Denied access from " .. plugin.id .. " : " .. err)
ngx.var.reason = plugin.id
else
logger.log(ngx.NOTICE, "PREREAD", plugin.id .. " returned status " .. tostring(value) .. " : " .. err)
end
return ngx.exit(value)
local ok, ret = helpers.call_plugin(plugin_obj, "preread")
if not ok then
logger:log(ngx.ERR, ret)
elseif not ret.ret then
logger:log(ngx.ERR, plugin.id .. ":preread() call failed : " .. ret.msg)
else
return value
logger:log(ngx.INFO, plugin.id .. ":preread() call successful : " .. ret.msg)
end
if ret.status then
if ret.status == utils.get_deny_status() then
ngx.ctx.reason = plugin.id
logger:log(ngx.WARN, "denied access from " .. plugin.id .. " : " .. ret.msg)
else
logger:log(ngx.NOTICE, plugin.id .. " returned status " .. tostring(ret.status) .. " : " .. ret.msg)
end
status = ret.status
break
end
end
else
logger.log(ngx.INFO, "PREREAD", "preread() method not found in " .. plugin.id .. ", skipped execution")
logger:log(ngx.INFO, "skipped execution of " .. plugin.id .. " because method preread() is not defined")
end
end
end
logger:log(ngx.INFO, "called preread() methods of plugins")
logger.log(ngx.INFO, "PREREAD", "Preread phase ended")
logger:log(ngx.INFO, "preread phase ended")
-- Return status if needed
if status then
return ngx.exit(status)
end
return true
}

3
src/common/confs/server-stream/server-stream.conf
View File

@ -14,9 +14,6 @@ server {
# reason variable
set $reason '';
# stream flag
set $is_stream 'yes';
# include LUA files
include {{ NGINX_PREFIX }}preread-stream-lua.conf;
include {{ NGINX_PREFIX }}log-stream-lua.conf;

17
src/common/confs/stream.conf
View File

@ -29,10 +29,17 @@ lua_ssl_trusted_certificate "/usr/share/bunkerweb/misc/root-ca.pem";
lua_ssl_verify_depth 2;
{% if has_variable(all, "SERVER_TYPE", "stream") +%}
lua_shared_dict datastore_stream {{ DATASTORE_MEMORY_SIZE }};
lua_shared_dict cachestore_stream {{ CACHESTORE_MEMORY_SIZE }};
lua_shared_dict cachestore_ipc_stream {{ CACHESTORE_IPC_MEMORY_SIZE }};
lua_shared_dict cachestore_miss_stream {{ CACHESTORE_MISS_MEMORY_SIZE }};
lua_shared_dict cachestore_locks_stream {{ CACHESTORE_LOCKS_MEMORY_SIZE }};
# LUA init block
include /etc/nginx/init-stream-lua.conf;
# LUA init worker block
include /etc/nginx/init-worker-stream-lua.conf;
# TODO add default stream server if that makes any sense ?
# server config(s)
@ -58,9 +65,19 @@ include /etc/nginx/init-stream-lua.conf;
{% endfor %}
{% for first_server in map_servers +%}
include /etc/nginx/{{ first_server }}/server-stream.conf;
{% if all[first_server + "_REVERSE_PROXY_HOST"] != "" +%}
upstream {{ first_server }} {
server {{ all[first_server + "_REVERSE_PROXY_HOST"] }};
}
{% endif %}
{% endfor %}
{% elif MULTISITE == "no" and SERVER_NAME != "" and SERVER_TYPE == "stream" +%}
include /etc/nginx/server-stream.conf;
{% if REVERSE_PROXY_HOST != "" +%}
upstream {{ SERVER_NAME.split(" ")[0] }} {
server {{ REVERSE_PROXY_HOST }};
}
{% endif %}
{% endif %}
{% endif %}

4
src/common/core/badbehavior/badbehavior.lua
View File

@ -45,6 +45,10 @@ function badbehavior:log_default()
return self:log()
end
function badbehavior:log_stream()
return self:log()
end
function badbehavior.increase(premature, ip, count_time, ban_time, threshold, use_redis)
-- Instantiate objects
local logger = require "bunkerweb.logger":new("badbehavior")

1
src/common/core/blacklist/blacklist.lua
View File

@ -245,7 +245,6 @@ function blacklist:is_blacklisted_ip()
if ngx.ctx.bw.ip_is_global then
local asn, err = utils.get_asn(ngx.ctx.bw.remote_addr)
if not asn then
self.logger:log(ngx.ERR, "7")
return nil, err
end
local ignore = false

17
src/common/core/bunkernet/bunkernet.lua
View File

@ -11,7 +11,7 @@ function bunkernet:initialize()
-- Call parent initialize
plugin.initialize(self, "bunkernet")
-- Get BunkerNet ID
if ngx.get_phase() ~= "init" and self.variables["USE_BUNKERNET"] == "yes" then
if ngx.get_phase() ~= "init" and self.variables["USE_BUNKERNET"] == "yes" and not self.is_loading then
local id, err = self.datastore:get("plugin_bunkernet_id")
if id then
self.bunkernet_id = id
@ -23,6 +23,9 @@ end
function bunkernet:init()
-- Check if init is needed
if self.is_loading then
return self:ret(true, "bunkerweb is loading")
end
local init_needed, err = utils.has_variable("USE_BUNKERNET", "yes")
if init_needed == nil then
return self:ret(false, "can't check USE_BUNKERNET variable : " .. err)
@ -73,6 +76,10 @@ function bunkernet:init()
end
function bunkernet:log(bypass_use_bunkernet)
-- Check if not loading is needed
if self.is_loading then
return self:ret(true, "bunkerweb is loading")
end
if not bypass_use_bunkernet then
-- Check if BunkerNet is enabled
if self.variables["USE_BUNKERNET"] ~= "yes" then
@ -118,6 +125,10 @@ function bunkernet:log(bypass_use_bunkernet)
end
function bunkernet:log_default()
-- Check if not loading is needed
if self.is_loading then
return self:ret(true, "bunkerweb is loading")
end
-- Check if BunkerNet is activated
local check, err = utils.has_variable("USE_BUNKERNET", "yes")
if check == nil then
@ -138,6 +149,10 @@ function bunkernet:log_default()
return self:log(true)
end
function bunkernet:log_stream()
return self:log()
end
function bunkernet:request(method, url, data)
local httpc, err = http.new()
if not httpc then

3
src/common/core/country/country.lua
View File

@ -26,6 +26,7 @@ function country:access()
-- Check if IP is in cache
local ok, data = self:is_in_cache(ngx.ctx.bw.remote_addr)
if data then
data = cjson.decode(data)
if data.result == "ok" then
return self:ret(true, "client IP " .. ngx.ctx.bw.remote_addr .. " is in country cache (not blacklisted, country = " .. data.country .. ")")
end
@ -95,7 +96,7 @@ function country:is_in_cache(ip)
if not ok then
return false, data
end
return true, cjson.decode(data)
return true, data
end
function country:add_to_cache(ip, country, result)

9
src/common/core/limit/plugin.json
View File

@ -60,6 +60,15 @@
"label": "Maximum number of HTTP/2 streams",
"regex": "^\\d+$",
"type": "text"
},
"LIMIT_CONN_MAX_STREAM": {
"context": "multisite",
"default": "10",
"help": "Maximum number of connections per IP when using stream.",
"id": "limit-conn-max-stream",
"label": "Maximum number of stream connections",
"regex": "^\\d+$",
"type": "text"
}
}
}

2
src/common/core/reverseproxy/confs/server-stream/reverse-proxy.conf
View File

@ -5,7 +5,7 @@
proxy_protocol on;
{% endif +%}
set $backend "{{ host }}";
set $backend "{{ SERVER_NAME.split(" ")[0] }}";
proxy_pass $backend;
{% endif %}

2
src/common/core/reverseproxy/plugin.json
View File

@ -29,7 +29,7 @@
"help": "Full URL of the proxied resource (proxy_pass).",
"id": "reverse-proxy-host",
"label": "Reverse proxy host",
"regex": "^(https?:\\/\\/[-\\w@:%.+~#=]+[-\\w()!@:%+.~#?&\\/=$]*)?$",
"regex": "^.*$",
"type": "text",
"multiple": "reverse-proxy"
},

4
src/common/core/reversescan/reversescan.lua
View File

@ -49,6 +49,10 @@ function reversescan:access()
return self:ret(true, "no port open for IP " .. ngx.ctx.bw.remote_addr)
end
function reversescan:preread()
return self:access()
end
function reversescan:scan(ip, port, timeout)
local tcpsock = ngx.socket.tcp()
tcpsock:settimeout(timeout)