Initial commit

.gitignore

+.DS_Store
+vendor
+.idea
+bin
\ No newline at end of file

.vscode/launch.json

+{
+    // Use IntelliSense to learn about possible attributes.
+    // Hover to view descriptions of existing attributes.
+    // For more information, visit: https://go.microsoft.com/fwlink/?linkid=830387
+    "version": "0.2.0",
+    "configurations": [
+        {
+            "name": "Launch Package",
+            "type": "go",
+            "request": "launch",
+            "mode": "auto",
+            "env": {
+                "IP_REPUTATION_URL": "http://127.0.0.1:8080/v3/scene/ip_reputation?resource=",
+                "MODE": "private"
+            },
+            "program": "cmd/main.go"
+        }
+
+    ],
+
+    
+}
\ No newline at end of file

Makefile

+VERSION = 0.1.0
+
+## 判断操作系统及内核架构
+UNAME_S := $(shell uname -s)
+UNAME_M := $(shell uname -m)
+
+#ifeq ($(UNAME_S),Linux)
+#	LDFLAGS = -extldflags "-static"
+#endif
+
+## 指定镜像仓库地址: "地址:端口/项目"
+REPOPREFIX?=localhost:32000
+
+## 指定镜像tag
+IMAGE_TAG?=v0.0.1
+
+## 指定国内源
+MIRROR_SOURCE?=mirrors.aliyun.com
+
+## holmes-packages的镜像tag
+FETCHTAG?=latest
+
+## base image的tag
+BASE_IMAGE_TAG?=latest
+
+## license版本: "sit"/"release"
+LICENSE_SECRET?=sit
+
+## 指定bin目录
+BIN_DIR = $(shell pwd)/bin/
+
+.PHONY: help
+help:
+	@fgrep -h "##" $(MAKEFILE_LIST) | fgrep -v fgrep | sed -e 's/\\$$//' | sed -e 's/##//'
+
+.PHONY: cluster-manager
+ai-gateway:
+	@echo "build ai-gateway"
+	go build -v \
+		-tags=jsoniter -o dist/ai-gateway gitlab.com/tensorsecurity-rd/ai-gateway/cmd
+	#upx --lzma --best dist/ai-gateway
+	docker build -t $(REPOPREFIX)/ai-gateway:$(IMAGE_TAG) -f ./build/Dockerfile .
\ No newline at end of file

README.md

+
+ai-soc gateway

api/ipInfo_router.go

+package api
+
+import (
+	"github.com/gin-gonic/gin"
+	"gitlab.com/tensorsecurity-rd/waf-console/internal/controller"
+)
+
+func SetIPInforRouter(e *gin.Engine) {
+	v1 := e.Group("api/v1")
+
+	// apiKey := os.Getenv("API_KEY")
+
+	// ipInforController := controller.NewIpInfoController(apiKey)
+
+	// v1.GET("ip/:ip", ipInforController.QueryIP)
+
+	systemController := controller.NewSystemController()
+	v1.GET("systemInfo", systemController.SystemInfo)
+}

api/router.go

+package api
+
+import (
+	"fmt"
+	"io"
+	"net/http"
+
+	"github.com/gin-gonic/gin"
+	"gitlab.com/security-rd/go-pkg/logging"
+	"gitlab.com/tensorsecurity-rd/waf-console/internal/config"
+	"gitlab.com/tensorsecurity-rd/waf-console/internal/utils"
+	"gitlab.com/tensorsecurity-rd/waf-console/pkg/generated/clientset/versioned"
+	"gorm.io/driver/mysql"
+	"gorm.io/gorm"
+	"k8s.io/client-go/rest"
+)
+
+const (
+	DB_USER     = "ivan"
+	DB_PASSWORD = "Mysql-ha@123"
+	DB_HOST     = "localhost"
+	DB_PORT     = "3306"
+	DB_NAME     = "waf"
+)
+
+func SetRouters() *gin.Engine {
+	var engine *gin.Engine
+	dns := fmt.Sprintf("%s:%s@tcp(%s:%s)/%s?charset=utf8mb4&parseTime=True&loc=Local", DB_USER, DB_PASSWORD, DB_HOST, DB_PORT, DB_NAME)
+	db, err := gorm.Open(mysql.Open(dns), &gorm.Config{})
+	if err != nil {
+		panic(err)
+	}
+
+	if !config.Conf.Debug {
+		// 生产模式
+		logging.Get().Info().Msg("release mode")
+		engine = ReleaseRouter()
+		engine.Use(
+		// middleware.RequestCostHandler(),
+		// middleware.CustomLogger(),
+		// middleware.CustomRecovery(),
+		// middleware.CorsHandler(),
+		)
+	} else {
+		// 开发调试模式
+		logging.Get().Info().Msg("debug mode")
+		engine = gin.New()
+		engine.Use(
+			// middleware.RequestCostHandler(),
+			gin.Logger(),
+			// middleware.CustomRecovery(),
+			// middleware.CorsHandler(),
+		)
+	}
+	// set up trusted agents
+	err = engine.SetTrustedProxies([]string{"127.0.0.1"})
+	if err != nil {
+		panic(err)
+	}
+	// ping
+	engine.GET("/ping", func(c *gin.Context) {
+		c.AbortWithStatusJSON(http.StatusOK, gin.H{
+			"message": "pong!",
+		})
+	})
+
+	// 设置 API 路由
+	// SetIPInforRouter(engine)
+	// loadkubeConfig()
+	// clientcmd.LoadFromFile("kubeconfig.yaml")
+	client := versioned.NewForConfigOrDie(&rest.Config{
+		Host: "https://127.0.0.1:6443",
+		TLSClientConfig: rest.TLSClientConfig{
+			Insecure: false,
+			CAData:   []byte(""),
+			CertData: []byte(""),
+			KeyData:  []byte(""),
+		},
+		// BearerToken: "1234567890",
+	})
+	SetWafRouter(engine, client, db)
+
+	// 统一处理 404
+	engine.NoRoute(func(c *gin.Context) {
+		utils.AssembleResponse(c, nil, err)
+		// response2.Resp().SetHttpCode(http.StatusNotFound).FailCode(c, errors.NotFound)
+	})
+
+	return engine
+}
+
+// ReleaseRouter 生产模式使用官方建议设置为 release 模式
+func ReleaseRouter() *gin.Engine {
+	// 切换到生产模式
+	gin.SetMode(gin.ReleaseMode)
+	// 禁用 gin 输出接口访问日志
+	gin.DefaultWriter = io.Discard
+
+	engine := gin.New()
+
+	return engine
+}

api/waf.go

+package api
+
+import (
+	"github.com/gin-gonic/gin"
+	"gitlab.com/tensorsecurity-rd/waf-console/internal/controller"
+	"gitlab.com/tensorsecurity-rd/waf-console/pkg/generated/clientset/versioned"
+	"gorm.io/gorm"
+)
+
+func SetWafRouter(e *gin.Engine, client *versioned.Clientset, db *gorm.DB) {
+	v1 := e.Group("v1/api")
+
+	wafController := controller.NewWafController(client, db)
+	v1.GET("waf/:gateway_name", wafController.Waf)
+	v1.POST("waf", wafController.CreateWaf)
+}

build/Dockerfile

+FROM ubuntu:22.04
+
+ARG MIRROR_SOURCE=mirrors.aliyun.com
+
+ADD dist/ai-gateway /
+
+RUN sed -i "s!archive.ubuntu.com/!${MIRROR_SOURCE}/!g" /etc/apt/sources.list \
+    && sed -i "s!ports.ubuntu.com/!${MIRROR_SOURCE}/!g" /etc/apt/sources.list \
+    && apt-get update -y \
+    && apt-get install -y ca-certificates \
+    && apt-get full-upgrade -y \
+    && apt-get clean \
+    && rm -rf /var/lib/apt/lists/*
+
+CMD /ai-gateway
\ No newline at end of file

build/app.py

+
+from flask import Flask, json, jsonify, logging
+
+app = Flask(__name__)
+
+@app.route('/')
+def hello_world():
+    return 'Hello, World!'
+
+@app.route('/v3/scene/ip_reputation', methods=['GET'])
+def get_data():
+    from flask import request
+    resource = request.args.get('resource', '')
+    print(f"resource: {resource}")
+    # Example data similar to your JSON structure
+    data = {
+        "data": [
+            {
+                "ioc": "159.203.93.255",
+                "host": "10.65.135.204",
+                "intelligence": [
+                    {
+                        "judgments": ["Exploit", "Spam", "Phishing", "DDoS", "APT"],
+                        "severity": "low",
+                        "ban": {
+                            "banned": 1,
+                            "reason": "The IP address belongs to DigitalOcean, LLC, it is recommended to assess and handle it accordingly."
+                        },
+                        "basic": {
+                            "carrier": "DigitalOcean, LLC",
+                            "location": {
+                                "country": "美国",
+                                "country_code": "US",
+                                "province": "新泽西州",
+                                "city": "克利夫顿",
+                                "lng": -74.16366,
+                                "lat": 40.858402
+                            }
+                        },
+                        "asn": {
+                            "number": "14061",
+                            "info": "DIGITALOCEAN-ASN - DigitalOcean, LLC, US"
+                        },
+                        "tags_classes": {
+                            "virus_family": [
+                                "Mirai"
+                            ],
+                            "industry": [
+                                "internet"
+                            ],
+                            "gangs": [
+                                "APT"
+                            ],
+                            "tags": [
+                                "APT",
+                                "海莲花"
+                            ],
+                            "tags_type": [
+                                "industry"
+                            ]
+                        },
+                        "scene": "Residence",
+                        "ioc_type": "ipv4",
+                        "confidence_level": "low",
+                        "is_malicious": True,
+                        "source_name": "微步在线-IP信誉",
+                        "update_time": 1719268503000
+                    }
+                ]
+            }
+        ],
+        "response_code": 0,
+        "verbose_msg": "success"
+    }
+    # Read JSON data from file
+    with open('data/data.json', 'r', encoding='utf-8') as f:
+        data = json.load(f)
+        
+    return jsonify(data)
+
+if __name__ == '__main__':
+    app.run(debug=True, port=8080)
\ No newline at end of file

build/data.json

+{
+    "data": [
+        {
+            "ioc": "159.203.93.255",
+            "host": "10.65.135.204",
+            "intelligence": [
+                {
+                    "judgments": [
+                        "Exploit",
+                        "Spam",
+                        "Phishing",
+                        "DDoS",
+                        "APT"
+                    ],
+                    "severity": "low",
+                    "ban": {
+                        "banned": 1,
+                        "reason": "The IP address belongs to DigitalOcean, LLC, it is recommended to assess and handle it accordingly."
+                    },
+                    "basic": {
+                        "carrier": "DigitalOcean, LLC",
+                        "location": {
+                            "country": "美国",
+                            "country_code": "US",
+                            "province": "新泽西州",
+                            "city": "克利夫顿",
+                            "lng": -74.16366,
+                            "lat": 40.858402
+                        }
+                    },
+                    "asn": {
+                        "number": "14061",
+                        "info": "DIGITALOCEAN-ASN - DigitalOcean, LLC, US"
+                    },
+                    "tags_classes": {
+                        "virus_family": [
+                            "Mirai"
+                        ],
+                        "industry": [
+                            "internet"
+                        ],
+                        "gangs": [
+                            "APT"
+                        ],
+                        "tags": [
+                            "APT",
+                            "海莲花"
+                        ],
+                        "tags_type": [
+                            "industry"
+                        ]
+                    },
+                    "scene": "Residence",
+                    "ioc_type": "ipv4",
+                    "confidence_level": "low",
+                    "is_malicious": false,
+                    "source_name": "微步在线-IP信誉",
+                    "update_time": 1719268503000
+                }
+            ]
+        }
+    ],
+    "response_code": 0,
+    "verbose_msg": "success"
+}
\ No newline at end of file

cmd/app/cmd.go

+package app
+
+import (
+	"os"
+
+	"github.com/spf13/cobra"
+	"gitlab.com/security-rd/go-pkg/logging"
+	"gitlab.com/tensorsecurity-rd/waf-console/api"
+	"gitlab.com/tensorsecurity-rd/waf-console/internal/config"
+)
+
+func NewRootCommand() *cobra.Command {
+	return &cobra.Command{
+		Use:   "waf-console",
+		Short: "Start waf-console service.",
+		Args:  cobra.ExactArgs(0),
+		RunE: func(cmd *cobra.Command, args []string) error {
+			debugMode := os.Getenv("DEBUG_MODE")
+			logging.Get().Info().Msgf("DEBUG_MODE: %s", debugMode)
+			if debugMode == "true" {
+				config.Conf.Debug = true
+			}
+
+			e := api.SetRouters()
+			return e.Run(":8080")
+		},
+	}
+}

cmd/app/config.go

+package app
+
+import (
+	"os"
+
+	"gitlab.com/security-rd/go-pkg/logging"
+	"gopkg.in/yaml.v2"
+)
+
+type Config struct {
+	RegionConfigs []RegionConfig `yaml:"region_configs"`
+}
+
+type RegionConfig struct {
+	RegionCode     string `yaml:"region_code"`
+	ApiServer      string `yaml:"api_server"`
+	CAData         string `yaml:"ca_data"`
+	Token          string `yaml:"token"`
+	ClientCertData string `yaml:"client_cert_data"`
+	ClientKeyData  string `yaml:"client_key_data"`
+}
+
+func LoadConfig() *Config {
+	configFile := "config.yaml"
+	if envFile := os.Getenv("CONFIG_FILE"); envFile != "" {
+		configFile = envFile
+	}
+
+	data, err := os.ReadFile(configFile)
+	if err != nil {
+		logging.Get().Error().Err(err).Msgf("Failed to read config file: %s", configFile)
+		return nil
+	}
+
+	var config Config
+	if err := yaml.Unmarshal(data, &config); err != nil {
+		logging.Get().Error().Err(err).Msg("Failed to parse config file")
+		return nil
+	}
+
+	return &config
+}

cmd/main.go

+package main
+
+import (
+	"os"
+
+	"github.com/rs/zerolog"
+	"gitlab.com/security-rd/go-pkg/logging"
+	"gitlab.com/tensorsecurity-rd/waf-console/cmd/app"
+)
+
+const (
+// weibuUrl = "https://api.threatbook.cn/v3/ip/query?apikey=d625206f5fdb49eeb98b0c30f46f4310a444f76d392540e8a0bb160d8a7d02c4&resource="
+// apiKey   = "d625206f5fdb49eeb98b0c30f46f4310a444f76d392540e8a0bb160d8a7d02c4"
+)
+
+func main() {
+	logLevel := zerolog.InfoLevel
+
+	logging.Get().SetLevel(logLevel)
+	logging.Get().Info().Msg("starting gateway")
+
+	rootCmd := app.NewRootCommand()
+	if err := rootCmd.Execute(); err != nil {
+		logging.Get().Err(err)
+		os.Exit(-1)
+	}
+}

config/config.yaml

+region_configs:
+  - region_code: cn-east-1
+    api_server: https://api.tensorsecurity.com
+    ca_data: ""
+    token: ""
+    client_cert_data: ""
+    client_key_data: ""

go.mod

+module gitlab.com/tensorsecurity-rd/waf-console
+
+go 1.22.1
+
+require (
+	github.com/gin-gonic/gin v1.10.0
+	gitlab.com/security-rd/go-pkg v0.2.5
+	gorm.io/driver/mysql v1.5.0
+	gorm.io/gorm v1.25.12
+	k8s.io/apimachinery v0.27.2
+	k8s.io/client-go v0.27.2
+	k8s.io/code-generator v0.20.15
+)
+
+require (
+	filippo.io/edwards25519 v1.1.0 // indirect
+	github.com/davecgh/go-spew v1.1.1 // indirect
+	github.com/emicklei/go-restful/v3 v3.10.1 // indirect
+	github.com/evanphx/json-patch v5.6.0+incompatible // indirect
+	github.com/go-logr/logr v1.2.4 // indirect
+	github.com/go-openapi/jsonpointer v0.19.6 // indirect
+	github.com/go-openapi/jsonreference v0.20.1 // indirect
+	github.com/go-openapi/swag v0.22.3 // indirect
+	github.com/go-sql-driver/mysql v1.8.1 // indirect
+	github.com/gogo/protobuf v1.3.2 // indirect
+	github.com/golang/protobuf v1.5.3 // indirect
+	github.com/google/gnostic v0.5.7-v3refs // indirect
+	github.com/google/go-cmp v0.6.0 // indirect
+	github.com/google/gofuzz v1.2.0 // indirect
+	github.com/google/uuid v1.3.0 // indirect
+	github.com/jinzhu/inflection v1.0.0 // indirect
+	github.com/jinzhu/now v1.1.5 // indirect
+	github.com/josharian/intern v1.0.0 // indirect
+	github.com/mailru/easyjson v0.7.7 // indirect
+	github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 // indirect
+	github.com/pkg/errors v0.9.1 // indirect
+	golang.org/x/mod v0.17.0 // indirect
+	golang.org/x/oauth2 v0.7.0 // indirect
+	golang.org/x/term v0.23.0 // indirect
+	golang.org/x/time v0.3.0 // indirect
+	golang.org/x/tools v0.21.1-0.20240508182429-e35e4ccd0d2d // indirect
+	google.golang.org/appengine v1.6.7 // indirect
+	gopkg.in/inf.v0 v0.9.1 // indirect
+	gopkg.in/yaml.v2 v2.4.0 // indirect
+	gopkg.in/yaml.v3 v3.0.1 // indirect
+	k8s.io/api v0.27.2 // indirect
+	k8s.io/gengo v0.0.0-20210813121822-485abfe95c7c // indirect
+	k8s.io/klog/v2 v2.90.1 // indirect
+	k8s.io/kube-openapi v0.0.0-20230501164219-8b0f38b5fd1f // indirect
+	k8s.io/utils v0.0.0-20230505201702-9f6742963106 // indirect
+	sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd // indirect
+	sigs.k8s.io/structured-merge-diff/v4 v4.2.3 // indirect
+	sigs.k8s.io/yaml v1.3.0 // indirect
+)
+
+require (
+	github.com/hashicorp/golang-lru/v2 v2.0.7
+	github.com/inconshreveable/mousetrap v1.1.0 // indirect
+)
+
+require (
+	github.com/bytedance/sonic v1.12.1 // indirect
+	github.com/bytedance/sonic/loader v0.2.0 // indirect
+	github.com/cloudwego/base64x v0.1.4 // indirect
+	github.com/cloudwego/iasm v0.2.0 // indirect
+	github.com/gabriel-vasile/mimetype v1.4.5 // indirect
+	github.com/gin-contrib/sse v0.1.0 // indirect
+	github.com/go-playground/locales v0.14.1 // indirect
+	github.com/go-playground/universal-translator v0.18.1 // indirect
+	github.com/go-playground/validator/v10 v10.22.0 // indirect
+	github.com/goccy/go-json v0.10.3 // indirect
+	github.com/json-iterator/go v1.1.12 // indirect
+	github.com/klauspost/cpuid/v2 v2.2.8 // indirect
+	github.com/leodido/go-urn v1.4.0 // indirect
+	github.com/mattn/go-colorable v0.1.13 // indirect
+	github.com/mattn/go-isatty v0.0.20 // indirect
+	github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd // indirect
+	github.com/modern-go/reflect2 v1.0.2 // indirect
+	github.com/pelletier/go-toml/v2 v2.2.2 // indirect
+	github.com/rs/zerolog v1.29.1 //
+	github.com/spf13/cobra v1.8.1
+	github.com/spf13/pflag v1.0.5 // indirect
+	github.com/twitchyliquid64/golang-asm v0.15.1 // indirect
+	github.com/ugorji/go/codec v1.2.12 // indirect
+	golang.org/x/arch v0.9.0 // indirect
+	golang.org/x/crypto v0.26.0 // indirect
+	golang.org/x/net v0.28.0 // indirect
+	golang.org/x/sys v0.24.0 // indirect
+	golang.org/x/text v0.21.0 // indirect
+	google.golang.org/protobuf v1.34.2 // indirect
+)
+
+replace gitlab.com/security-rd/go-pkg => scm.tensorsecurity.cn/tensorsecurity-rd/go-pkg v0.2.101

hack/boilerplate.go.txt

+/*
+Copyright 2021.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/

hack/tools.go

+package hack
+
+import _ "k8s.io/code-generator"

hack/update-codegen.sh

+#!/bin/bash
+
+set -o errexit
+set -o nounset
+set -o pipefail
+
+SCRIPT_ROOT=$(dirname ${BASH_SOURCE})/..
+CODEGEN_PKG=${CODEGEN_PKG:-$(cd ${SCRIPT_ROOT}; ls -d -1 ./vendor/k8s.io/code-generator 2>/dev/null || echo ../../../k8s.io/code-generator)}
+
+verify="${VERIFY:-}"
+
+set -x
+# Because go mod sux, we have to fake the vendor for generator in order to be able to build it...
+mv ${CODEGEN_PKG}/generate-groups.sh ${CODEGEN_PKG}/generate-groups.sh.orig
+sed 's/ go install/#go install/g' ${CODEGEN_PKG}/generate-groups.sh.orig > ${CODEGEN_PKG}/generate-groups.sh
+function cleanup {
+  mv ${CODEGEN_PKG}/generate-groups.sh.orig ${CODEGEN_PKG}/generate-groups.sh
+}
+trap cleanup EXIT
+
+go install -mod=vendor ./${CODEGEN_PKG}/cmd/{defaulter-gen,client-gen,lister-gen,informer-gen,deepcopy-gen}
+echo "${SCRIPT_ROOT}"
+bash ${CODEGEN_PKG}/generate-groups.sh "client,lister,informer" \
+gitlab.com/tensorsecurity-rd/waf-console/pkg/generated \
+gitlab.com/tensorsecurity-rd/waf-console/pkg/apis \
+"waf.security.io:v1alpha1" \
+--go-header-file "${SCRIPT_ROOT}"/hack/boilerplate.go.txt 
+#--go-header-file /home/robbie/workspace/cluster-manager/hack/boilerplate.go.txt 
+cp -r ./gitlab.com/tensorsecurity-rd/waf-console/pkg/generated ./pkg/
+rm -rf ./gitlab.com
+# for group in cluster; do
+#   bash ${CODEGEN_PKG}/generate-groups.sh "client,lister,informer" \
+#     open-cluster-management.io/api/client/${group} \
+#     open-cluster-management.io/api \
+#     "${group}:v1,v1alpha1,v1beta1" \
+#     --go-header-file ${SCRIPT_ROOT}/hack/boilerplate.txt \
+#     ${verify}
+# done