feat(waf): 添加防火墙日志功能

- 新增 WafLog 结构体和相关 API- 实现 WafLog 的数据库操作和业务逻辑
- 在全局限制操作中添加日志记录- 配置 WafLog 的消息队列任务

api/v1/admin/wafLog.go

@@ -0,0 +1,15 @@
+package admin
+
+type WafLog struct {
+	Id         int    `json:"id" form:"id" gorm:"column:id;primary_key;AUTO_INCREMENT;not null"`
+	Uid        int    `json:"uid" form:"uid" gorm:"column:uid;default:0;not null"`
+	Name       string `json:"name" form:"name" gorm:"column:name"`
+	RequestIp  string `json:"request_ip" form:"request_ip" gorm:"column:request_ip"`
+	RuleId     int    `json:"rule_id" form:"rule_id" gorm:"column:rule_id;default:0"`
+	HostId     int    `json:"host_id" form:"host_id" gorm:"column:host_id;default:0"`
+	UserAgent  string `json:"user_agent" form:"user_agent" gorm:"column:user_agent"`
+	Api        string `json:"api" form:"api" gorm:"column:api"`
+	ApiName    string `json:"api_name" form:"api_name" gorm:"column:api_name"`
+	ApiType    string `json:"api_type" form:"api_type" gorm:"column:api_type"`
+	ExtraData  interface{} `json:"extra_data" form:"extra_data" gorm:"column:extra_data"`
+}

cmd/server/wire/wire.go

@@ -61,6 +61,7 @@ var repositorySet = wire.NewSet(
 	adminRep.NewGatewayIpAdminRepository,
 	flexCdnRep.NewCcIpListRepository,
 	adminRep.NewLogRepository,
+	adminRep.NewWafLogRepository,
 
 )
 
@@ -102,6 +103,7 @@ var serviceSet = wire.NewSet(
 	waf.NewBuildAudunService,
 	waf.NewZzybgpService,
 	admin.NewLogService,
+	admin.NewWafLogService,
 )
 
 var handlerSet = wire.NewSet(
@@ -127,6 +129,7 @@ var handlerSet = wire.NewSet(
 	wafHandler.NewCcIpListHandler,
 	wafHandler.NewCdnLogHandler,
 	adminHandler.NewLogHandler,
+	adminHandler.NewWafLogHandler,
 )
 
 

cmd/server/wire/wire_gen.go

@@ -101,7 +101,9 @@ func NewWire(viperViper *viper.Viper, logger *log.Logger) (*app.App, func(), err
 	buildAudunService := waf2.NewBuildAudunService(serviceService, aoDunService, gatewayipRepository, hostService)
 	zzybgpService := waf2.NewZzybgpService(serviceService, gatewayipRepository, hostService, aoDunService)
 	globalLimitService := waf2.NewGlobalLimitService(serviceService, globalLimitRepository, duedateService, crawlerService, viperViper, requiredService, parserService, hostService, hostRepository, cdnService, cdnRepository, tcpforwardingRepository, udpForWardingRepository, webForwardingRepository, allowAndDenyIpService, allowAndDenyIpRepository, tcpforwardingService, udpForWardingService, webForwardingService, gatewayipRepository, gatewayipService, buildAudunService, zzybgpService)
-	globalLimitHandler := waf3.NewGlobalLimitHandler(handlerHandler, globalLimitService)
+	wafLogRepository := admin.NewWafLogRepository(repositoryRepository)
+	wafLogService := admin2.NewWafLogService(serviceService, wafLogRepository, globalLimitRepository)
+	globalLimitHandler := waf3.NewGlobalLimitHandler(handlerHandler, globalLimitService, wafLogService)
 	adminRepository := admin.NewAdminRepository(repositoryRepository)
 	adminService := admin2.NewAdminService(serviceService, adminRepository)
 	adminHandler := admin3.NewAdminHandler(handlerHandler, adminService)
@@ -125,11 +127,11 @@ func NewWire(viperViper *viper.Viper, logger *log.Logger) (*app.App, func(), err
 
 // wire.go:
 
-var repositorySet = wire.NewSet(repository.NewDB, repository.NewRedis, repository.NewCasbinEnforcer, repository.NewMongoClient, repository.NewMongoDB, repository.NewRabbitMQ, repository.NewRepository, repository.NewTransaction, admin.NewAdminRepository, admin.NewUserRepository, repository.NewGameShieldRepository, repository.NewGameShieldPublicIpRepository, waf.NewWebForwardingRepository, waf.NewTcpforwardingRepository, waf.NewUdpForWardingRepository, repository.NewGameShieldUserIpRepository, repository.NewGameShieldBackendRepository, repository.NewGameShieldSdkIpRepository, repository.NewHostRepository, waf.NewGlobalLimitRepository, repository.NewGatewayGroupRepository, repository.NewGateWayGroupIpRepository, flexCdn.NewCdnRepository, waf.NewAllowAndDenyIpRepository, flexCdn.NewProxyRepository, flexCdn.NewCcRepository, repository.NewExpiredRepository, repository.NewLogRepository, waf.NewGatewayipRepository, admin.NewGatewayIpAdminRepository, flexCdn.NewCcIpListRepository, admin.NewLogRepository)
+var repositorySet = wire.NewSet(repository.NewDB, repository.NewRedis, repository.NewCasbinEnforcer, repository.NewMongoClient, repository.NewMongoDB, repository.NewRabbitMQ, repository.NewRepository, repository.NewTransaction, admin.NewAdminRepository, admin.NewUserRepository, repository.NewGameShieldRepository, repository.NewGameShieldPublicIpRepository, waf.NewWebForwardingRepository, waf.NewTcpforwardingRepository, waf.NewUdpForWardingRepository, repository.NewGameShieldUserIpRepository, repository.NewGameShieldBackendRepository, repository.NewGameShieldSdkIpRepository, repository.NewHostRepository, waf.NewGlobalLimitRepository, repository.NewGatewayGroupRepository, repository.NewGateWayGroupIpRepository, flexCdn.NewCdnRepository, waf.NewAllowAndDenyIpRepository, flexCdn.NewProxyRepository, flexCdn.NewCcRepository, repository.NewExpiredRepository, repository.NewLogRepository, waf.NewGatewayipRepository, admin.NewGatewayIpAdminRepository, flexCdn.NewCcIpListRepository, admin.NewLogRepository, admin.NewWafLogRepository)
 
-var serviceSet = wire.NewSet(service.NewService, admin2.NewUserService, admin2.NewGatewayIpAdminService, admin2.NewAdminService, gameShield.NewGameShieldService, service.NewAoDunService, service.NewGameShieldPublicIpService, service.NewDuedateService, service.NewFormatterService, service.NewParserService, service.NewRequiredService, service.NewCrawlerService, waf2.NewWebForwardingService, waf2.NewTcpforwardingService, waf2.NewUdpForWardingService, service.NewGameShieldUserIpService, gameShield.NewGameShieldBackendService, service.NewGameShieldSdkIpService, service.NewHostService, waf2.NewGlobalLimitService, service.NewGatewayGroupService, waf2.NewWafFormatterService, service.NewGateWayGroupIpService, service.NewRequestService, flexCdn2.NewCdnService, waf2.NewAllowAndDenyIpService, flexCdn2.NewProxyService, flexCdn2.NewSslCertService, flexCdn2.NewWebsocketService, waf2.NewCcService, service.NewLogService, waf2.NewGatewayipService, waf2.NewCcIpListService, waf2.NewCdnLogService, waf2.NewBuildAudunService, waf2.NewZzybgpService, admin2.NewLogService)
+var serviceSet = wire.NewSet(service.NewService, admin2.NewUserService, admin2.NewGatewayIpAdminService, admin2.NewAdminService, gameShield.NewGameShieldService, service.NewAoDunService, service.NewGameShieldPublicIpService, service.NewDuedateService, service.NewFormatterService, service.NewParserService, service.NewRequiredService, service.NewCrawlerService, waf2.NewWebForwardingService, waf2.NewTcpforwardingService, waf2.NewUdpForWardingService, service.NewGameShieldUserIpService, gameShield.NewGameShieldBackendService, service.NewGameShieldSdkIpService, service.NewHostService, waf2.NewGlobalLimitService, service.NewGatewayGroupService, waf2.NewWafFormatterService, service.NewGateWayGroupIpService, service.NewRequestService, flexCdn2.NewCdnService, waf2.NewAllowAndDenyIpService, flexCdn2.NewProxyService, flexCdn2.NewSslCertService, flexCdn2.NewWebsocketService, waf2.NewCcService, service.NewLogService, waf2.NewGatewayipService, waf2.NewCcIpListService, waf2.NewCdnLogService, waf2.NewBuildAudunService, waf2.NewZzybgpService, admin2.NewLogService, admin2.NewWafLogService)
 
-var handlerSet = wire.NewSet(handler.NewHandler, admin3.NewUserHandler, admin3.NewAdminHandler, admin3.NewGatewayIpAdminHandler, handler.NewGameShieldHandler, handler.NewGameShieldPublicIpHandler, waf3.NewWebForwardingHandler, waf3.NewTcpforwardingHandler, waf3.NewUdpForWardingHandler, handler.NewGameShieldUserIpHandler, handler.NewGameShieldBackendHandler, handler.NewGameShieldSdkIpHandler, handler.NewHostHandler, waf3.NewGlobalLimitHandler, handler.NewGatewayGroupHandler, handler.NewGateWayGroupIpHandler, waf3.NewAllowAndDenyIpHandler, waf3.NewCcHandler, waf3.NewGatewayipHandler, waf3.NewCcIpListHandler, waf3.NewCdnLogHandler, admin3.NewLogHandler)
+var handlerSet = wire.NewSet(handler.NewHandler, admin3.NewUserHandler, admin3.NewAdminHandler, admin3.NewGatewayIpAdminHandler, handler.NewGameShieldHandler, handler.NewGameShieldPublicIpHandler, waf3.NewWebForwardingHandler, waf3.NewTcpforwardingHandler, waf3.NewUdpForWardingHandler, handler.NewGameShieldUserIpHandler, handler.NewGameShieldBackendHandler, handler.NewGameShieldSdkIpHandler, handler.NewHostHandler, waf3.NewGlobalLimitHandler, handler.NewGatewayGroupHandler, handler.NewGateWayGroupIpHandler, waf3.NewAllowAndDenyIpHandler, waf3.NewCcHandler, waf3.NewGatewayipHandler, waf3.NewCcIpListHandler, waf3.NewCdnLogHandler, admin3.NewLogHandler, admin3.NewWafLogHandler)
 
 // 限流器依赖集
 var limiterSet = wire.NewSet(limiter.NewLimiter, middleware.NewRateLimitMiddleware)

cmd/task/wire/wire.go

@@ -14,6 +14,7 @@ import (
 	"github.com/go-nunu/nunu-layout-advanced/internal/service/api/flexCdn"
 	"github.com/go-nunu/nunu-layout-advanced/internal/service/api/gameShield"
 	"github.com/go-nunu/nunu-layout-advanced/internal/service/api/waf"
+	admin2 "github.com/go-nunu/nunu-layout-advanced/internal/service/admin"
 	"github.com/go-nunu/nunu-layout-advanced/internal/task"
 	"github.com/go-nunu/nunu-layout-advanced/pkg/app"
 	"github.com/go-nunu/nunu-layout-advanced/pkg/jwt"
@@ -52,6 +53,7 @@ var repositorySet = wire.NewSet(
 	repository.NewLogRepository,
 	flexCdn2.NewCcRepository,
 	flexCdn2.NewCcIpListRepository,
+	admin.NewWafLogRepository,
 )
 
 var taskSet = wire.NewSet(
@@ -100,6 +102,8 @@ var serviceSet = wire.NewSet(
 	waf.NewCcIpListService,
 	waf.NewBuildAudunService,
 	waf.NewZzybgpService,
+	admin2.NewWafLogService,
+
 )
 
 // build App

cmd/task/wire/wire_gen.go

@@ -14,6 +14,7 @@ import (
 	"github.com/go-nunu/nunu-layout-advanced/internal/repository/api/waf"
 	"github.com/go-nunu/nunu-layout-advanced/internal/server"
 	"github.com/go-nunu/nunu-layout-advanced/internal/service"
+	admin2 "github.com/go-nunu/nunu-layout-advanced/internal/service/admin"
 	flexCdn2 "github.com/go-nunu/nunu-layout-advanced/internal/service/api/flexCdn"
 	"github.com/go-nunu/nunu-layout-advanced/internal/service/api/gameShield"
 	waf2 "github.com/go-nunu/nunu-layout-advanced/internal/service/api/waf"
@@ -101,7 +102,7 @@ func NewWire(viperViper *viper.Viper, logger *log.Logger) (*app.App, func(), err
 
 // wire.go:
 
-var repositorySet = wire.NewSet(repository.NewDB, repository.NewRedis, repository.NewMongoClient, repository.NewCasbinEnforcer, repository.NewMongoDB, repository.NewRabbitMQ, repository.NewRepository, repository.NewTransaction, admin.NewUserRepository, repository.NewGameShieldRepository, repository.NewGameShieldBackendRepository, repository.NewGameShieldPublicIpRepository, repository.NewHostRepository, repository.NewGameShieldUserIpRepository, repository.NewGameShieldSdkIpRepository, waf.NewWebForwardingRepository, waf.NewTcpforwardingRepository, waf.NewUdpForWardingRepository, waf.NewGlobalLimitRepository, repository.NewGatewayGroupRepository, repository.NewGateWayGroupIpRepository, flexCdn.NewCdnRepository, repository.NewExpiredRepository, flexCdn.NewProxyRepository, waf.NewGatewayipRepository, repository.NewLogRepository, flexCdn.NewCcRepository, flexCdn.NewCcIpListRepository)
+var repositorySet = wire.NewSet(repository.NewDB, repository.NewRedis, repository.NewMongoClient, repository.NewCasbinEnforcer, repository.NewMongoDB, repository.NewRabbitMQ, repository.NewRepository, repository.NewTransaction, admin.NewUserRepository, repository.NewGameShieldRepository, repository.NewGameShieldBackendRepository, repository.NewGameShieldPublicIpRepository, repository.NewHostRepository, repository.NewGameShieldUserIpRepository, repository.NewGameShieldSdkIpRepository, waf.NewWebForwardingRepository, waf.NewTcpforwardingRepository, waf.NewUdpForWardingRepository, waf.NewGlobalLimitRepository, repository.NewGatewayGroupRepository, repository.NewGateWayGroupIpRepository, flexCdn.NewCdnRepository, repository.NewExpiredRepository, flexCdn.NewProxyRepository, waf.NewGatewayipRepository, repository.NewLogRepository, flexCdn.NewCcRepository, flexCdn.NewCcIpListRepository, admin.NewWafLogRepository)
 
 var taskSet = wire.NewSet(task.NewTask, task.NewUserTask, task.NewGameShieldTask, task.NewWafTask)
 
@@ -109,7 +110,7 @@ var jobSet = wire.NewSet(job.NewJob, job.NewUserJob, job.NewWhitelistJob)
 
 var serverSet = wire.NewSet(server.NewTaskServer, server.NewJobServer)
 
-var serviceSet = wire.NewSet(service.NewService, service.NewAoDunService, gameShield.NewGameShieldService, service.NewCrawlerService, service.NewGameShieldPublicIpService, service.NewDuedateService, service.NewFormatterService, service.NewParserService, service.NewRequiredService, service.NewHostService, gameShield.NewGameShieldBackendService, service.NewGameShieldSdkIpService, service.NewGameShieldUserIpService, waf2.NewWafFormatterService, flexCdn2.NewCdnService, service.NewRequestService, waf2.NewTcpforwardingService, waf2.NewUdpForWardingService, waf2.NewWebForwardingService, flexCdn2.NewProxyService, flexCdn2.NewSslCertService, flexCdn2.NewWebsocketService, waf2.NewCcService, waf2.NewGatewayipService, service.NewLogService, waf2.NewCcIpListService, waf2.NewBuildAudunService, waf2.NewZzybgpService)
+var serviceSet = wire.NewSet(service.NewService, service.NewAoDunService, gameShield.NewGameShieldService, service.NewCrawlerService, service.NewGameShieldPublicIpService, service.NewDuedateService, service.NewFormatterService, service.NewParserService, service.NewRequiredService, service.NewHostService, gameShield.NewGameShieldBackendService, service.NewGameShieldSdkIpService, service.NewGameShieldUserIpService, waf2.NewWafFormatterService, flexCdn2.NewCdnService, service.NewRequestService, waf2.NewTcpforwardingService, waf2.NewUdpForWardingService, waf2.NewWebForwardingService, flexCdn2.NewProxyService, flexCdn2.NewSslCertService, flexCdn2.NewWebsocketService, waf2.NewCcService, waf2.NewGatewayipService, service.NewLogService, waf2.NewCcIpListService, waf2.NewBuildAudunService, waf2.NewZzybgpService, admin2.NewWafLogService)
 
 // build App
 func newApp(task2 *server.TaskServer,

config/local.yml

@@ -139,6 +139,15 @@ rabbitmq:
       consumer_count: 3
       prefetch_count: 1
 
+    # 记录日志任务
+    waf_Log:
+      exchange: "wafLog_topic_exchange_test" # Topic 类型的交换机
+      exchange_type: "topic"              # 显式指定交换机类型
+      queue: "wafLog_queue_test"
+      routing_key: "wafLog.*"   # 消费者监听的绑定键，能接收所有 domain 相关的任务
+      consumer_count: 3
+      prefetch_count: 1
+
 addServerIp:
   宁波:
     - 192.168.14.111

config/prod.yml

@@ -147,6 +147,15 @@ rabbitmq:
       consumer_count: 3
       prefetch_count: 1
 
+    # 记录日志任务
+    waf_Log:
+      exchange: "wafLog_topic_exchange" # Topic 类型的交换机
+      exchange_type: "topic"              # 显式指定交换机类型
+      queue: "wafLog_queue"
+      routing_key: "wafLog.*"   # 消费者监听的绑定键，能接收所有 domain 相关的任务
+      consumer_count: 3
+      prefetch_count: 1
+
 #    addServerIp: 启动网关组IP
 addServerIp:
   宁波:

internal/handler/admin/waflog.go

@@ -0,0 +1,26 @@
+package admin
+
+import (
+	"github.com/gin-gonic/gin"
+	"github.com/go-nunu/nunu-layout-advanced/internal/handler"
+	"github.com/go-nunu/nunu-layout-advanced/internal/service/admin"
+)
+
+type WafLogHandler struct {
+	*handler.Handler
+	wafLogService admin.WafLogService
+}
+
+func NewWafLogHandler(
+    handler *handler.Handler,
+    wafLogService admin.WafLogService,
+) *WafLogHandler {
+	return &WafLogHandler{
+		Handler:      handler,
+		wafLogService: wafLogService,
+	}
+}
+
+func (h *WafLogHandler) GetWafLog(ctx *gin.Context) {
+
+}

internal/handler/api/waf/globallimit.go

@@ -1,9 +1,12 @@
 package waf
 
 import (
+	"context"
 	"github.com/gin-gonic/gin"
 	v1 "github.com/go-nunu/nunu-layout-advanced/api/v1"
+	adminApi "github.com/go-nunu/nunu-layout-advanced/api/v1/admin"
 	"github.com/go-nunu/nunu-layout-advanced/internal/handler"
+	"github.com/go-nunu/nunu-layout-advanced/internal/service/admin"
 	"github.com/go-nunu/nunu-layout-advanced/internal/service/api/waf"
 	"net/http"
 )
@@ -11,15 +14,18 @@ import (
 type GlobalLimitHandler struct {
 	*handler.Handler
 	globalLimitService waf.GlobalLimitService
+	wafLogService      admin.WafLogService
 }
 
 func NewGlobalLimitHandler(
 	handler *handler.Handler,
 	globalLimitService waf.GlobalLimitService,
+	wafLogService admin.WafLogService,
 ) *GlobalLimitHandler {
 	return &GlobalLimitHandler{
 		Handler:            handler,
 		globalLimitService: globalLimitService,
+		wafLogService:      wafLogService,
 	}
 }
 
@@ -38,6 +44,20 @@ func (h *GlobalLimitHandler) AddGlobalLimit(ctx *gin.Context) {
 		v1.HandleError(ctx, http.StatusInternalServerError, err, err.Error())
 		return
 	}
+
+
+	err = h.wafLogService.AddWafLog(ctx, adminApi.WafLog{
+		Uid:        req.Uid,
+		RequestIp:  ctx.ClientIP(),
+		UserAgent:  ctx.Request.UserAgent(),
+		Api:        ctx.Request.URL.Path,
+		HostId:     req.HostId,
+		ExtraData:  req,
+	})
+	if err != nil {
+		v1.HandleError(ctx, http.StatusInternalServerError, err, err.Error())
+		return
+	}
 	v1.HandleSuccess(ctx, nil)
 }
 
@@ -52,7 +72,25 @@ func (h *GlobalLimitHandler) EditGlobalLimit(ctx *gin.Context) {
 		v1.HandleError(ctx, http.StatusInternalServerError, err, err.Error())
 		return
 	}
+
 	v1.HandleSuccess(ctx, nil)
+
+	logData := adminApi.WafLog{
+		Uid:        req.Uid,
+		RequestIp:  ctx.ClientIP(), // 复制 ClientIP
+		UserAgent:  ctx.Request.UserAgent(), // 复制 UserAgent
+		Api:        ctx.Request.URL.Path, // 复制 Path
+		HostId:     req.HostId,
+		ExtraData:  req,
+	}
+
+	// 2. 启动一个新的 goroutine 在后台记录日志
+	go func() {
+		err := h.wafLogService.AddWafLog(context.Background(), logData) // 注意：这里可能需要一个后台 context
+		if err != nil {
+
+		}
+	}()
 }
 
 func (h *GlobalLimitHandler) DeleteGlobalLimit(ctx *gin.Context) {
@@ -66,6 +104,22 @@ func (h *GlobalLimitHandler) DeleteGlobalLimit(ctx *gin.Context) {
 		v1.HandleError(ctx, http.StatusInternalServerError, err, err.Error())
 		return
 	}
+
+
+
+	err = h.wafLogService.AddWafLog(ctx, adminApi.WafLog{
+		Uid:        req.Uid,
+		RequestIp:  ctx.ClientIP(),
+		UserAgent:  ctx.Request.UserAgent(),
+		Api:        ctx.Request.URL.Path,
+		HostId:     req.HostId,
+		ExtraData:  req,
+	})
+	if err != nil {
+		v1.HandleError(ctx, http.StatusInternalServerError, err, err.Error())
+		return
+	}
+
 	v1.HandleSuccess(ctx, nil)
 }
 

internal/model/waflog.go

@@ -0,0 +1,26 @@
+package model
+
+import (
+	"encoding/json"
+	"time"
+)
+
+type WafLog struct {
+	Id         int    `json:"id" form:"id" gorm:"column:id;primary_key;AUTO_INCREMENT;not null"`
+	Uid        int    `json:"uid" form:"uid" gorm:"column:uid;default:0;not null"`
+	Name       string `json:"name" form:"name" gorm:"column:name"`
+	RequestIp  string `json:"request_ip" form:"request_ip" gorm:"column:request_ip"`
+	RuleId     int    `json:"rule_id" form:"rule_id" gorm:"column:rule_id;default:0"`
+	HostId     int    `json:"host_id" form:"host_id" gorm:"column:host_id;default:0"`
+	UserAgent  string `json:"user_agent" form:"user_agent" gorm:"column:user_agent"`
+	Api        string `json:"api" form:"api" gorm:"column:api"`
+	ApiName    string `json:"api_name" form:"api_name" gorm:"column:api_name"`
+	ApiType    string `json:"api_type" form:"api_type" gorm:"column:api_type"`
+	ExtraData  json.RawMessage `json:"extra_data" form:"extra_data" gorm:"column:extra_data"`
+	CreatedAt  time.Time `json:"created_at" form:"created_at" gorm:"column:created_at"`
+	UpdatedAt  time.Time `json:"updated_at" form:"updated_at" gorm:"column:updated_at"`
+}
+
+func (m *WafLog) TableName() string {
+    return "waf_log"
+}

internal/repository/admin/waflog.go

@@ -0,0 +1,39 @@
+package admin
+
+import (
+    "context"
+	"github.com/go-nunu/nunu-layout-advanced/internal/model"
+	"github.com/go-nunu/nunu-layout-advanced/internal/repository"
+)
+
+type WafLogRepository interface {
+	GetWafLog(ctx context.Context, id int64) (*model.WafLog, error)
+	GetWafLogList(ctx context.Context) ([]model.WafLog, error)
+	AddWafLog(ctx context.Context, log *model.WafLog) error
+}
+
+func NewWafLogRepository(
+	repository *repository.Repository,
+) WafLogRepository {
+	return &wafLogRepository{
+		Repository: repository,
+	}
+}
+
+type wafLogRepository struct {
+	*repository.Repository
+}
+
+func (r *wafLogRepository) GetWafLog(ctx context.Context, id int64) (*model.WafLog, error) {
+	var res model.WafLog
+	return &res, r.DBWithName(ctx,"admin").Where("id = ?", id).First(&res).Error
+}
+
+func (r *wafLogRepository) GetWafLogList(ctx context.Context) ([]model.WafLog, error) {
+	var res []model.WafLog
+	return res, r.DBWithName(ctx,"admin").Find(&res).Error
+}
+
+func (r *wafLogRepository) AddWafLog(ctx context.Context, log *model.WafLog) error {
+	return r.DBWithName(ctx,"admin").Create(log).Error
+}

internal/server/http.go

@@ -194,5 +194,18 @@ func NewHTTPServer(
 		}
 	}
 
+	//api := s.Group("/api")
+	//{
+	//	apiAuthRouter := api.Group("/").Use(middleware.StrictAuth(jwt, logger), middleware.AuthMiddleware(e))
+	//	{
+	//		apiAuthRouter.GET("/gatewayIp/get", gatewayIpAdminHandler.GetGatewayIpAdmin)
+	//		apiAuthRouter.GET("/gatewayIp/getList", gatewayIpAdminHandler.GetGatewayIpAdminList)
+	//		apiAuthRouter.POST("/gatewayIp/add", gatewayIpAdminHandler.AddGatewayIpAdmin)
+	//		apiAuthRouter.PUT("/gatewayIp/edit", gatewayIpAdminHandler.EditGatewayIpAdmin)
+	//	}
+	//
+	//
+	//}
+
 	return s
 }

internal/service/admin/waflog.go

@@ -0,0 +1,143 @@
+package admin
+
+import (
+	"context"
+	"encoding/json"
+	"github.com/go-nunu/nunu-layout-advanced/internal/model"
+	adminRep "github.com/go-nunu/nunu-layout-advanced/internal/repository/admin"
+	adminApi "github.com/go-nunu/nunu-layout-advanced/api/v1/admin"
+	"github.com/go-nunu/nunu-layout-advanced/internal/repository/api/waf"
+	"github.com/go-nunu/nunu-layout-advanced/internal/service"
+	"strings"
+)
+
+type WafLogService interface {
+	GetWafLog(ctx context.Context, id int64) (*model.WafLog, error)
+	GetWafLogList(ctx context.Context) ([]model.WafLog, error)
+	AddWafLog(ctx context.Context, req adminApi.WafLog) error
+}
+func NewWafLogService(
+    service *service.Service,
+    wafLogRepository adminRep.WafLogRepository,
+	globalLimitRepository waf.GlobalLimitRepository,
+) WafLogService {
+	return &wafLogService{
+		Service:        service,
+		wafLogRepository: wafLogRepository,
+		globalLimitRepository: globalLimitRepository,
+	}
+}
+
+type wafLogService struct {
+	*service.Service
+	wafLogRepository adminRep.WafLogRepository
+	globalLimitRepository waf.GlobalLimitRepository
+}
+
+var ApiDescriptionMap = map[string]string{
+
+	"/webForward/get": "获取web详情",
+	"/webForward/getList" : "获取web列表",
+	"/webForward/add" : "添加web",
+	"/webForward/update" : "更新web",
+	"/webForward/delete" : "删除web",
+
+	"/tcpForward/add" : "添加tcp",
+	"/tcpForward/update" : "更新tcp",
+	"/tcpForward/delete" : "删除tcp",
+	"/tcpForward/getList" : "获取tcp列表",
+	"/tcpForward/get" : "获取tcp详情",
+
+	"/udpForward/add" : "添加udp",
+	"/udpForward/update" : "更新udp",
+	"/udpForward/delete" : "删除udp",
+	"/udpForward/getList" : "获取udp列表",
+	"/udpForward/get" : "获取udp详情",
+
+	"/globalLimit/add" : "添加实例",
+	"/globalLimit/edit" : "编辑实例",
+	"/globalLimit/delete" : "删除实例",
+
+	"/allowAndDeny/get" : "获取黑白名单详情",
+	"/allowAndDeny/getList" : "获取黑白名单列表",
+	"/allowAndDeny/add" : "添加黑白名单",
+	"/allowAndDeny/edit" : "编辑黑白名单",
+	"/allowAndDeny/delete" : "删除黑白名单",
+
+	"/cc/getList" : "获取CC列表",
+	"/cc/editState" : "删除CC黑名单",
+
+	"/ccIpList/getList" : "获取CC白名单列表",
+	"/ccIpList/add" : "添加CC白名单",
+	"/ccIpList/edit" : "编辑CC白名单",
+	"/ccIpList/delete" : "删除CC白名单",
+
+}
+func (s *wafLogService) getFirstPathSegment(path string) (segment []string, ok bool) {
+	// 1. 为了统一处理，先去掉路径最前面的 "/"
+	// 这样 "/v1/admin" 会变成 "v1/admin"，而 "v1/admin" 保持不变
+	trimmedPath := strings.TrimPrefix(path, "/")
+
+	// 如果去掉 "/" 后字符串为空（比如原路径是 "/" 或 ""），则无法提取
+	if trimmedPath == "" {
+		return nil, false
+	}
+
+	// 2. 使用 "/" 作为分隔符来切割字符串
+	// "v1/admin/menus" 会被切割成一个字符串切片 (slice): ["v1", "admin", "menus"]
+	parts := strings.Split(trimmedPath, "/")
+
+	// 3. 只要切片不为空，第一个元素就是我们需要的值
+	// len(parts) > 0 这个检查可以保证程序不会因为空切片而出错
+	if len(parts) > 0 {
+		return parts, true
+	}
+
+	return nil, false
+}
+
+func (s *wafLogService) GetWafLog(ctx context.Context, id int64) (*model.WafLog, error) {
+	return s.wafLogRepository.GetWafLog(ctx, id)
+}
+
+func (s *wafLogService) GetWafLogList(ctx context.Context) ([]model.WafLog, error) {
+	return s.wafLogRepository.GetWafLogList(ctx)
+}
+
+func (s *wafLogService) AddWafLog(ctx context.Context, req adminApi.WafLog) error {
+	if req.Api != "" {
+		api := strings.TrimPrefix(req.Api, "/v1")
+
+		if _, ok := ApiDescriptionMap[api]; ok {
+			req.ApiName = ApiDescriptionMap[api]
+		}
+
+		apiType, ok := s.getFirstPathSegment(req.Api)
+		if ok {
+			req.ApiType = apiType[len(apiType)-1]
+		}
+
+	}
+	userInfo, err := s.globalLimitRepository.GetUserInfo(ctx, int64(req.Uid))
+	if err != nil {
+		return err
+	}
+	req.Name = userInfo.Username
+	extraData, err := json.Marshal(req.ExtraData)
+	if err != nil {
+		return err
+	}
+	return s.wafLogRepository.AddWafLog(ctx, &model.WafLog{
+		Uid:        req.Uid,
+		Name:       req.Name,
+		RequestIp:  req.RequestIp,
+		RuleId:     req.RuleId,
+		HostId:     req.HostId,
+		UserAgent:  req.UserAgent,
+		Api:        req.Api,
+		ApiType:    req.ApiType,
+		ApiName:    req.ApiName,
+		ExtraData:  extraData,
+
+	})
+}