feat(waf): 添加 WAF 日志记录功能

- 在 AllowAndDenyIpHandler、CcHandler、CcIpListHandler、TcpforwardingHandler、UdpForWardingHandler 和 WebForwardingHandler 中添加日志记录功能
- 新增 WafLogService 接口和相关实现，用于批量添加 WAF 日志
- 在 wafLogJob 中实现定时刷新缓冲区和批量处理日志的功能
- 优化日志处理逻辑，确保线程安全和高效处理

cmd/server/wire/wire_gen.go

@@ -91,18 +91,18 @@ func NewWire(viperViper *viper.Viper, logger *log.Logger) (*app.App, func(), err
 	ccIpListService := waf2.NewCcIpListService(serviceService, ccIpListRepository, cdnService, webForwardingRepository)
 	ccService := waf2.NewCcService(serviceService, ccRepository, webForwardingRepository, cdnService, ccIpListService)
 	webForwardingService := waf2.NewWebForwardingService(serviceService, requiredService, webForwardingRepository, crawlerService, parserService, wafFormatterService, aoDunService, rabbitMQ, gatewayipService, globalLimitRepository, cdnService, proxyService, sslCertService, websocketService, ccService, ccIpListService)
-	webForwardingHandler := waf3.NewWebForwardingHandler(handlerHandler, webForwardingService)
+	wafLogRepository := admin.NewWafLogRepository(repositoryRepository)
+	wafLogService := admin2.NewWafLogService(serviceService, wafLogRepository, globalLimitRepository, rabbitMQ)
+	webForwardingHandler := waf3.NewWebForwardingHandler(handlerHandler, webForwardingService, wafLogService)
 	tcpforwardingService := waf2.NewTcpforwardingService(serviceService, tcpforwardingRepository, parserService, requiredService, crawlerService, globalLimitRepository, hostRepository, wafFormatterService, cdnService, proxyService)
-	tcpforwardingHandler := waf3.NewTcpforwardingHandler(handlerHandler, tcpforwardingService)
+	tcpforwardingHandler := waf3.NewTcpforwardingHandler(handlerHandler, tcpforwardingService, wafLogService)
 	udpForWardingService := waf2.NewUdpForWardingService(serviceService, udpForWardingRepository, requiredService, parserService, crawlerService, globalLimitRepository, hostRepository, wafFormatterService, cdnService, proxyService)
-	udpForWardingHandler := waf3.NewUdpForWardingHandler(handlerHandler, udpForWardingService)
+	udpForWardingHandler := waf3.NewUdpForWardingHandler(handlerHandler, udpForWardingService, wafLogService)
 	allowAndDenyIpRepository := waf.NewAllowAndDenyIpRepository(repositoryRepository)
 	allowAndDenyIpService := waf2.NewAllowAndDenyIpService(serviceService, allowAndDenyIpRepository, wafFormatterService, gatewayipService)
 	buildAudunService := waf2.NewBuildAudunService(serviceService, aoDunService, gatewayipRepository, hostService)
 	zzybgpService := waf2.NewZzybgpService(serviceService, gatewayipRepository, hostService, aoDunService)
 	globalLimitService := waf2.NewGlobalLimitService(serviceService, globalLimitRepository, duedateService, crawlerService, viperViper, requiredService, parserService, hostService, hostRepository, cdnService, cdnRepository, tcpforwardingRepository, udpForWardingRepository, webForwardingRepository, allowAndDenyIpService, allowAndDenyIpRepository, tcpforwardingService, udpForWardingService, webForwardingService, gatewayipRepository, gatewayipService, buildAudunService, zzybgpService)
-	wafLogRepository := admin.NewWafLogRepository(repositoryRepository)
-	wafLogService := admin2.NewWafLogService(serviceService, wafLogRepository, globalLimitRepository, rabbitMQ)
 	globalLimitHandler := waf3.NewGlobalLimitHandler(handlerHandler, globalLimitService, wafLogService)
 	adminRepository := admin.NewAdminRepository(repositoryRepository)
 	adminService := admin2.NewAdminService(serviceService, adminRepository)
@@ -110,9 +110,9 @@ func NewWire(viperViper *viper.Viper, logger *log.Logger) (*app.App, func(), err
 	gatewayIpAdminRepository := admin.NewGatewayIpAdminRepository(repositoryRepository)
 	gatewayIpAdminService := admin2.NewGatewayIpAdminService(serviceService, gatewayIpAdminRepository, viperViper, requestService)
 	gatewayIpAdminHandler := admin3.NewGatewayIpAdminHandler(handlerHandler, gatewayIpAdminService)
-	allowAndDenyIpHandler := waf3.NewAllowAndDenyIpHandler(handlerHandler, allowAndDenyIpService)
-	ccHandler := waf3.NewCcHandler(handlerHandler, ccService)
-	ccIpListHandler := waf3.NewCcIpListHandler(handlerHandler, ccIpListService)
+	allowAndDenyIpHandler := waf3.NewAllowAndDenyIpHandler(handlerHandler, allowAndDenyIpService, wafLogService)
+	ccHandler := waf3.NewCcHandler(handlerHandler, ccService, wafLogService)
+	ccIpListHandler := waf3.NewCcIpListHandler(handlerHandler, ccIpListService, wafLogService)
 	cdnLogService := waf2.NewCdnLogService(serviceService, tcpforwardingRepository, udpForWardingRepository, webForwardingRepository, cdnService, ccIpListService)
 	cdnLogHandler := waf3.NewCdnLogHandler(handlerHandler, cdnLogService)
 	adminLogRepository := admin.NewLogRepository(repositoryRepository)

internal/handler/api/waf/allowanddenyip.go

@@ -3,7 +3,9 @@ package waf
 import (
 	"github.com/gin-gonic/gin"
 	v1 "github.com/go-nunu/nunu-layout-advanced/api/v1"
+	adminApi "github.com/go-nunu/nunu-layout-advanced/api/v1/admin"
 	"github.com/go-nunu/nunu-layout-advanced/internal/handler"
+	"github.com/go-nunu/nunu-layout-advanced/internal/service/admin"
 	"github.com/go-nunu/nunu-layout-advanced/internal/service/api/waf"
 	"net/http"
 )
@@ -11,15 +13,18 @@ import (
 type AllowAndDenyIpHandler struct {
 	*handler.Handler
 	allowAndDenyIpService waf.AllowAndDenyIpService
+	wafLogService         admin.WafLogService
 }
 
 func NewAllowAndDenyIpHandler(
     handler *handler.Handler,
     allowAndDenyIpService waf.AllowAndDenyIpService,
+	wafLogService admin.WafLogService,
 ) *AllowAndDenyIpHandler {
 	return &AllowAndDenyIpHandler{
 		Handler:      handler,
 		allowAndDenyIpService: allowAndDenyIpService,
+		wafLogService : wafLogService,
 	}
 }
 
@@ -57,11 +62,21 @@ func (h *AllowAndDenyIpHandler) AddAllowAndDenyIp(ctx *gin.Context) {
 		v1.HandleError(ctx, http.StatusBadRequest, v1.ErrBadRequest, err.Error())
 		return
 	}
-	err := h.allowAndDenyIpService.AddAllowAndDenyIps(ctx,req)
+	id,err := h.allowAndDenyIpService.AddAllowAndDenyIps(ctx,req)
 	if err != nil {
 		v1.HandleError(ctx, http.StatusInternalServerError, err, err.Error())
 		return
 	}
+
+	go  h.wafLogService.PublishIpWafLogTask(ctx,adminApi.WafLog{
+		Uid:        req.Uid,
+		RequestIp:  ctx.ClientIP(), // 复制 ClientIP
+		UserAgent:  ctx.Request.UserAgent(), // 复制 UserAgent
+		Api:        ctx.Request.URL.Path, // 复制 Path
+		HostId:     req.HostId,
+		RuleId:     id,
+		ExtraData:  req,
+	})
 	v1.HandleSuccess(ctx, nil)
 	
 }
@@ -77,6 +92,16 @@ func (h *AllowAndDenyIpHandler) EditAllowAndDenyIp(ctx *gin.Context) {
 		v1.HandleError(ctx, http.StatusInternalServerError, err, err.Error())
 		return
 	}
+
+	go  h.wafLogService.PublishIpWafLogTask(ctx,adminApi.WafLog{
+		Uid:        req.Uid,
+		RequestIp:  ctx.ClientIP(), // 复制 ClientIP
+		UserAgent:  ctx.Request.UserAgent(), // 复制 UserAgent
+		Api:        ctx.Request.URL.Path, // 复制 Path
+		HostId:     req.HostId,
+		RuleId:     req.Id,
+		ExtraData:  req,
+	})
 	v1.HandleSuccess(ctx, nil)
 }
 
@@ -91,5 +116,14 @@ func (h *AllowAndDenyIpHandler) DeleteAllowAndDenyIp(ctx *gin.Context) {
 		v1.HandleError(ctx, http.StatusInternalServerError, err, err.Error())
 		return
 	}
+
+	go  h.wafLogService.PublishIpWafLogTask(ctx,adminApi.WafLog{
+		Uid:        req.Uid,
+		RequestIp:  ctx.ClientIP(), // 复制 ClientIP
+		UserAgent:  ctx.Request.UserAgent(), // 复制 UserAgent
+		Api:        ctx.Request.URL.Path, // 复制 Path
+		HostId:     req.HostId,
+		ExtraData:  req,
+	})
 	v1.HandleSuccess(ctx, nil)
 }

internal/handler/api/waf/cc.go

@@ -3,7 +3,9 @@ package waf
 import (
 	"github.com/gin-gonic/gin"
 	v1 "github.com/go-nunu/nunu-layout-advanced/api/v1"
+	adminApi "github.com/go-nunu/nunu-layout-advanced/api/v1/admin"
 	"github.com/go-nunu/nunu-layout-advanced/internal/handler"
+	"github.com/go-nunu/nunu-layout-advanced/internal/service/admin"
 	"github.com/go-nunu/nunu-layout-advanced/internal/service/api/waf"
 	"net/http"
 )
@@ -11,15 +13,18 @@ import (
 type CcHandler struct {
 	*handler.Handler
 	ccService waf.CcService
+	wafLogService admin.WafLogService
 }
 
 func NewCcHandler(
     handler *handler.Handler,
     ccService waf.CcService,
+	wafLogService admin.WafLogService,
 ) *CcHandler {
 	return &CcHandler{
 		Handler:      handler,
 		ccService: ccService,
+		wafLogService : wafLogService,
 	}
 }
 
@@ -48,6 +53,15 @@ func (h *CcHandler) EditCcState(ctx *gin.Context) {
 		v1.HandleError(ctx, http.StatusInternalServerError, err, err.Error())
 		return
 	}
+
+	go  h.wafLogService.PublishIpWafLogTask(ctx,adminApi.WafLog{
+		Uid:       int(req.Uid),
+		RequestIp: ctx.ClientIP(), // 复制 ClientIP
+		UserAgent: ctx.Request.UserAgent(), // 复制 UserAgent
+		Api:       ctx.Request.URL.Path, // 复制 Path
+		HostId: int(req.HostId),
+		ExtraData: req,
+	})
 	v1.HandleSuccess(ctx, nil)
 }
 
@@ -62,5 +76,14 @@ func (h *CcHandler) AddWhiteOneClick (ctx *gin.Context) {
 		v1.HandleError(ctx, http.StatusInternalServerError, err, err.Error())
 		return
 	}
+
+	go  h.wafLogService.PublishIpWafLogTask(ctx,adminApi.WafLog{
+		Uid:       int(req.Uid),
+		RequestIp: ctx.ClientIP(), // 复制 ClientIP
+		UserAgent: ctx.Request.UserAgent(), // 复制 UserAgent
+		Api:       ctx.Request.URL.Path, // 复制 Path
+		HostId: int(req.HostId),
+		ExtraData: req,
+	})
 	v1.HandleSuccess(ctx, nil)
 }

internal/handler/api/waf/cciplist.go

@@ -3,7 +3,9 @@ package waf
 import (
 	"github.com/gin-gonic/gin"
 	v1 "github.com/go-nunu/nunu-layout-advanced/api/v1"
+	adminApi "github.com/go-nunu/nunu-layout-advanced/api/v1/admin"
 	"github.com/go-nunu/nunu-layout-advanced/internal/handler"
+	"github.com/go-nunu/nunu-layout-advanced/internal/service/admin"
 	"github.com/go-nunu/nunu-layout-advanced/internal/service/api/waf"
 	"net/http"
 )
@@ -11,15 +13,18 @@ import (
 type CcIpListHandler struct {
 	*handler.Handler
 	ccIpListService waf.CcIpListService
+	wafLogService admin.WafLogService
 }
 
 func NewCcIpListHandler(
     handler *handler.Handler,
     ccIpListService waf.CcIpListService,
+	wafLogService admin.WafLogService,
 ) *CcIpListHandler {
 	return &CcIpListHandler{
 		Handler:      handler,
 		ccIpListService: ccIpListService,
+		wafLogService : wafLogService,
 	}
 }
 
@@ -48,6 +53,16 @@ func (h *CcIpListHandler) AddCcIpList(ctx *gin.Context) {
 		v1.HandleError(ctx, http.StatusInternalServerError, err, err.Error())
 		return
 	}
+
+
+	go  h.wafLogService.PublishIpWafLogTask(ctx,adminApi.WafLog{
+		Uid:       int(req.Uid),
+		RequestIp: ctx.ClientIP(), // 复制 ClientIP
+		UserAgent: ctx.Request.UserAgent(), // 复制 UserAgent
+		Api:       ctx.Request.URL.Path, // 复制 Path
+		HostId: int(req.HostId),
+		ExtraData: req,
+	})
 	v1.HandleSuccess(ctx, nil)
 
 }
@@ -63,6 +78,15 @@ func (h *CcIpListHandler) DelCcIpList(ctx *gin.Context) {
 		v1.HandleError(ctx, http.StatusInternalServerError, err, err.Error())
 		return
 	}
+
+	go  h.wafLogService.PublishIpWafLogTask(ctx,adminApi.WafLog{
+		Uid:       int(req.Uid),
+		RequestIp: ctx.ClientIP(), // 复制 ClientIP
+		UserAgent: ctx.Request.UserAgent(), // 复制 UserAgent
+		Api:       ctx.Request.URL.Path, // 复制 Path
+		HostId: int(req.HostId),
+		ExtraData: req,
+	})
 	v1.HandleSuccess(ctx, nil)
 }
 

internal/handler/api/waf/tcpforwarding.go

@@ -3,7 +3,9 @@ package waf
 import (
 	"github.com/gin-gonic/gin"
 	v1 "github.com/go-nunu/nunu-layout-advanced/api/v1"
+	adminApi "github.com/go-nunu/nunu-layout-advanced/api/v1/admin"
 	"github.com/go-nunu/nunu-layout-advanced/internal/handler"
+	"github.com/go-nunu/nunu-layout-advanced/internal/service/admin"
 	"github.com/go-nunu/nunu-layout-advanced/internal/service/api/waf"
 	"github.com/mcuadros/go-defaults"
 	"net/http"
@@ -12,15 +14,18 @@ import (
 type TcpforwardingHandler struct {
 	*handler.Handler
 	tcpforwardingService waf.TcpforwardingService
+	wafLogService admin.WafLogService
 }
 
 func NewTcpforwardingHandler(
 	handler *handler.Handler,
 	tcpforwardingService waf.TcpforwardingService,
+	wafLogService admin.WafLogService,
 ) *TcpforwardingHandler {
 	return &TcpforwardingHandler{
 		Handler:              handler,
 		tcpforwardingService: tcpforwardingService,
+		wafLogService:        wafLogService,
 	}
 }
 
@@ -36,6 +41,7 @@ func (h *TcpforwardingHandler) GetTcpforwarding(ctx *gin.Context) {
 		v1.HandleError(ctx, http.StatusInternalServerError, err, err.Error())
 		return
 	}
+
 	v1.HandleSuccess(ctx, res)
 
 }
@@ -48,11 +54,23 @@ func (h *TcpforwardingHandler) AddTcpForwarding(ctx *gin.Context) {
 		return
 	}
 	defaults.SetDefaults(req)
-	err := h.tcpforwardingService.AddTcpForwarding(ctx, req)
+	id, err := h.tcpforwardingService.AddTcpForwarding(ctx, req)
 	if err != nil {
 		v1.HandleError(ctx, http.StatusInternalServerError, err, err.Error())
 		return
 	}
+
+
+	go  h.wafLogService.PublishIpWafLogTask(ctx,adminApi.WafLog{
+		Uid:        req.Uid,
+		RequestIp:  ctx.ClientIP(), // 复制 ClientIP
+		UserAgent:  ctx.Request.UserAgent(), // 复制 UserAgent
+		Api:        ctx.Request.URL.Path, // 复制 Path
+		HostId:     req.HostId,
+		RuleId:     id,
+		ExtraData:  req,
+	})
+
 	v1.HandleSuccess(ctx, nil)
 }
 
@@ -64,11 +82,22 @@ func (h *TcpforwardingHandler) EditTcpForwarding(ctx *gin.Context) {
 		return
 	}
 	defaults.SetDefaults(req)
-	 err := h.tcpforwardingService.EditTcpForwarding(ctx, req)
+	err := h.tcpforwardingService.EditTcpForwarding(ctx, req)
 	if err != nil {
 		v1.HandleError(ctx, http.StatusInternalServerError, err, err.Error())
 		return
 	}
+
+
+	go  h.wafLogService.PublishIpWafLogTask(ctx,adminApi.WafLog{
+		Uid:        req.Uid,
+		RequestIp:  ctx.ClientIP(), // 复制 ClientIP
+		UserAgent:  ctx.Request.UserAgent(), // 复制 UserAgent
+		Api:        ctx.Request.URL.Path, // 复制 Path
+		HostId:     req.HostId,
+		RuleId:     req.TcpForwardingData.Id,
+		ExtraData:  req,
+	})
 	v1.HandleSuccess(ctx, nil)
 }
 
@@ -84,6 +113,16 @@ func (h *TcpforwardingHandler) DeleteTcpForwarding(ctx *gin.Context) {
 		v1.HandleError(ctx, http.StatusInternalServerError, err, err.Error())
 		return
 	}
+
+
+	go  h.wafLogService.PublishIpWafLogTask(ctx,adminApi.WafLog{
+		Uid:        req.Uid,
+		RequestIp:  ctx.ClientIP(), // 复制 ClientIP
+		UserAgent:  ctx.Request.UserAgent(), // 复制 UserAgent
+		Api:        ctx.Request.URL.Path, // 复制 Path
+		HostId:     req.HostId,
+		ExtraData:  req,
+	})
 	v1.HandleSuccess(ctx, nil)
 }
 

internal/handler/api/waf/udpforwarding.go

@@ -3,7 +3,9 @@ package waf
 import (
 	"github.com/gin-gonic/gin"
 	v1 "github.com/go-nunu/nunu-layout-advanced/api/v1"
+	adminApi "github.com/go-nunu/nunu-layout-advanced/api/v1/admin"
 	"github.com/go-nunu/nunu-layout-advanced/internal/handler"
+	"github.com/go-nunu/nunu-layout-advanced/internal/service/admin"
 	"github.com/go-nunu/nunu-layout-advanced/internal/service/api/waf"
 	"github.com/mcuadros/go-defaults"
 	"net/http"
@@ -12,15 +14,18 @@ import (
 type UdpForWardingHandler struct {
 	*handler.Handler
 	udpForWardingService waf.UdpForWardingService
+	wafLogService admin.WafLogService
 }
 
 func NewUdpForWardingHandler(
 	handler *handler.Handler,
 	udpForWardingService waf.UdpForWardingService,
+	wafLogService admin.WafLogService,
 ) *UdpForWardingHandler {
 	return &UdpForWardingHandler{
 		Handler:              handler,
 		udpForWardingService: udpForWardingService,
+		wafLogService:        wafLogService,
 	}
 }
 
@@ -47,11 +52,21 @@ func (h *UdpForWardingHandler) AddUdpForWarding(ctx *gin.Context) {
 		return
 	}
 	defaults.SetDefaults(req)
-	 err := h.udpForWardingService.AddUdpForwarding(ctx, req)
+	id, err := h.udpForWardingService.AddUdpForwarding(ctx, req)
 	if err != nil {
 		v1.HandleError(ctx, http.StatusInternalServerError, err, err.Error())
 		return
 	}
+
+	req.UdpForwardingData.Id = id
+	go  h.wafLogService.PublishIpWafLogTask(ctx,adminApi.WafLog{
+		Uid:        req.Uid,
+		RequestIp:  ctx.ClientIP(), // 复制 ClientIP
+		UserAgent:  ctx.Request.UserAgent(), // 复制 UserAgent
+		Api:        ctx.Request.URL.Path, // 复制 Path
+		HostId:     req.HostId,
+		ExtraData:  req,
+	})
 	v1.HandleSuccess(ctx, nil)
 
 }
@@ -69,6 +84,15 @@ func (h *UdpForWardingHandler) EditUdpForWarding(ctx *gin.Context) {
 		v1.HandleError(ctx, http.StatusInternalServerError, err, err.Error())
 		return
 	}
+
+	go  h.wafLogService.PublishIpWafLogTask(ctx,adminApi.WafLog{
+		Uid:        req.Uid,
+		RequestIp:  ctx.ClientIP(), // 复制 ClientIP
+		UserAgent:  ctx.Request.UserAgent(), // 复制 UserAgent
+		Api:        ctx.Request.URL.Path, // 复制 Path
+		HostId:     req.HostId,
+		ExtraData:  req,
+	})
 	v1.HandleSuccess(ctx, nil)
 }
 
@@ -84,6 +108,15 @@ func (h *UdpForWardingHandler) DeleteUdpForWarding(ctx *gin.Context) {
 		v1.HandleError(ctx, http.StatusInternalServerError, err, err.Error())
 		return
 	}
+
+	go  h.wafLogService.PublishIpWafLogTask(ctx,adminApi.WafLog{
+		Uid:        req.Uid,
+		RequestIp:  ctx.ClientIP(), // 复制 ClientIP
+		UserAgent:  ctx.Request.UserAgent(), // 复制 UserAgent
+		Api:        ctx.Request.URL.Path, // 复制 Path
+		HostId:     req.HostId,
+		ExtraData:  req,
+	})
 	v1.HandleSuccess(ctx, nil)
 }
 

internal/handler/api/waf/webforwarding.go

@@ -3,7 +3,9 @@ package waf
 import (
 	"github.com/gin-gonic/gin"
 	v1 "github.com/go-nunu/nunu-layout-advanced/api/v1"
+	adminApi "github.com/go-nunu/nunu-layout-advanced/api/v1/admin"
 	"github.com/go-nunu/nunu-layout-advanced/internal/handler"
+	"github.com/go-nunu/nunu-layout-advanced/internal/service/admin"
 	"github.com/go-nunu/nunu-layout-advanced/internal/service/api/waf"
 	"github.com/mcuadros/go-defaults"
 	"net/http"
@@ -12,15 +14,18 @@ import (
 type WebForwardingHandler struct {
 	*handler.Handler
 	webForwardingService waf.WebForwardingService
+	wafLogService admin.WafLogService
 }
 
 func NewWebForwardingHandler(
 	handler *handler.Handler,
 	webForwardingService waf.WebForwardingService,
+	wafLogService admin.WafLogService,
 ) *WebForwardingHandler {
 	return &WebForwardingHandler{
 		Handler:              handler,
 		webForwardingService: webForwardingService,
+		wafLogService : wafLogService,
 	}
 }
 
@@ -48,11 +53,22 @@ func (h *WebForwardingHandler) AddWebForwarding(ctx *gin.Context) {
 		return
 	}
 	defaults.SetDefaults(req)
-	 err := h.webForwardingService.AddWebForwarding(ctx, req)
+	id, err := h.webForwardingService.AddWebForwarding(ctx, req)
 	if err != nil {
 		v1.HandleError(ctx, http.StatusInternalServerError, err, nil)
 		return
 	}
+
+
+	go  h.wafLogService.PublishIpWafLogTask(ctx,adminApi.WafLog{
+		Uid:        req.Uid,
+		RequestIp:  ctx.ClientIP(), // 复制 ClientIP
+		UserAgent:  ctx.Request.UserAgent(), // 复制 UserAgent
+		Api:        ctx.Request.URL.Path, // 复制 Path
+		HostId:     req.HostId,
+		RuleId:     id,
+		ExtraData:  req,
+	})
 	v1.HandleSuccess(ctx, nil)
 }
 
@@ -69,6 +85,16 @@ func (h *WebForwardingHandler) EditWebForwarding(ctx *gin.Context) {
 		v1.HandleError(ctx, http.StatusInternalServerError, err, err.Error())
 		return
 	}
+
+	go  h.wafLogService.PublishIpWafLogTask(ctx,adminApi.WafLog{
+		Uid:        req.Uid,
+		RequestIp:  ctx.ClientIP(), // 复制 ClientIP
+		UserAgent:  ctx.Request.UserAgent(), // 复制 UserAgent
+		Api:        ctx.Request.URL.Path, // 复制 Path
+		HostId:     req.HostId,
+		RuleId:     req.WebForwardingData.Id,
+		ExtraData:  req,
+	})
 	v1.HandleSuccess(ctx, nil)
 }
 
@@ -84,6 +110,15 @@ func (h *WebForwardingHandler) DeleteWebForwarding(ctx *gin.Context) {
 		v1.HandleError(ctx, http.StatusInternalServerError, err, err.Error())
 		return
 	}
+
+	go  h.wafLogService.PublishIpWafLogTask(ctx,adminApi.WafLog{
+		Uid:        req.Uid,
+		RequestIp:  ctx.ClientIP(), // 复制 ClientIP
+		UserAgent:  ctx.Request.UserAgent(), // 复制 UserAgent
+		Api:        ctx.Request.URL.Path, // 复制 Path
+		HostId:     req.HostId,
+		ExtraData:  req,
+	})
 	v1.HandleSuccess(ctx, nil)
 }
 

internal/job/wafLog.go

@@ -24,24 +24,21 @@ func NewWafLogJob(job *Job,
 	wafLogService admin.WafLogService,
 ) WafLogJob {
 	return &wafLogJob{
-		Job:          job,
+		Job:           job,
 		wafLogService: wafLogService,
-		buffer:       make([]*adminApi.WafLog, 0, 100), // 预分配100条容量的缓冲区
-		bufferMutex:  &sync.Mutex{},
-		lastFlushTime: time.Now(),
+		buffer:        make([]*adminApi.WafLog, 0, 100), // 预分配100条容量的缓冲区
+		bufferMutex:   &sync.Mutex{},
 	}
 }
 
 type wafLogJob struct {
 	*Job
 	wafLogService admin.WafLogService
-	buffer       []*adminApi.WafLog  // 消息缓冲区
-	bufferMutex  *sync.Mutex        // 缓冲区锁
-	lastFlushTime time.Time         // 上次刷新时间
+	buffer        []*adminApi.WafLog // 消息缓冲区
+	bufferMutex   *sync.Mutex        // 缓冲区锁
+	lastFlushTime time.Time          // 上次刷新时间
 }
 
-
-
 // AddWafLogConsumer 启动WAF日志消费者并启动定时批处理器
 func (j *wafLogJob) AddWafLogConsumer(ctx context.Context) {
 	// 启动一个定时器，定期检查是否需要刷新缓冲区（处理积压的消息）
@@ -51,15 +48,16 @@ func (j *wafLogJob) AddWafLogConsumer(ctx context.Context) {
 			select {
 			case <-ctx.Done():
 				ticker.Stop()
-				// 确保关闭前处理剩余的消息
-				j.checkAndFlushBuffer(ctx)
+				// 优雅停机：确保在关闭前处理缓冲区中所有剩余的消息
+				j.checkAndFlushBuffer(ctx, true)
 				return
 			case <-ticker.C:
-				j.checkAndFlushBuffer(ctx)
+				// 定时检查是否需要刷新
+				j.checkAndFlushBuffer(ctx, false)
 			}
 		}
 	}()
-	
+
 	// 启动消费者
 	j.consume(ctx, "waf_log", "waf_log_consumer", j.handleDomainMessage)
 }
@@ -73,8 +71,9 @@ func (j *wafLogJob) consume(ctx context.Context, taskName, consumerName string,
 func (j *wafLogJob) handleDomainMessage(ctx context.Context, logger *zap.Logger, d amqp091.Delivery) error {
 	var payload adminApi.WafLog
 	if err := json.Unmarshal(d.Body, &payload); err != nil {
-		logger.Error("解析添加日志消息失败", zap.Error(err), zap.ByteString("body", d.Body))
-		return nil // 返回 nil 以避免消息重入队列，因为这是一个格式错误
+		logger.Error("解析添加日志消息失败, 消息将被丢弃", zap.Error(err), zap.ByteString("body", d.Body))
+		// 返回 nil 以 ack 此消息，防止格式错误的消息反复投递
+		return nil
 	}
 
 	logger.Info("收到添加日志任务",
@@ -83,70 +82,93 @@ func (j *wafLogJob) handleDomainMessage(ctx context.Context, logger *zap.Logger,
 		zap.String("routing_key", d.RoutingKey),
 	)
 
-	// 将消息添加到缓冲区
+	var batchToProcess []*adminApi.WafLog
+
+	// --- 锁开始 ---
 	j.bufferMutex.Lock()
-	defer j.bufferMutex.Unlock()
-	
-	// 如果是第一条消息，初始化刷新时间
 	if len(j.buffer) == 0 {
-		j.lastFlushTime = time.Now()
+		j.lastFlushTime = time.Now() // 如果是第一条消息，重置计时器
 	}
-	
-	// 添加到缓冲区
 	j.buffer = append(j.buffer, &payload)
-	
-	// 如果缓冲区达到100条，立即刷新
+
+	// 如果缓冲区达到数量阈值，准备刷新
 	if len(j.buffer) >= 100 {
-		return j.flushBuffer(ctx, logger)
+		// 从缓冲区取出数据准备处理
+		batchToProcess = j.flushBufferUnlocked(logger)
 	}
-	
+	j.bufferMutex.Unlock()
+	// --- 锁结束 ---
+
+	// 在锁外执行耗时的批量处理操作
+	if batchToProcess != nil {
+		j.processBatch(ctx, logger, batchToProcess)
+	}
+
+	// 始终返回 nil，因为批量处理的成功与否不应该影响单条消息的确认
 	return nil
 }
 
-// checkAndFlushBuffer 检查缓冲区是否需要刷新
-func (j *wafLogJob) checkAndFlushBuffer(ctx context.Context) {
+// checkAndFlushBuffer 检查并根据条件（时间、数量、强制）刷新缓冲区
+// forceFlush 参数用于程序退出前的强制刷新
+func (j *wafLogJob) checkAndFlushBuffer(ctx context.Context, forceFlush bool) {
+	var batchToProcess []*adminApi.WafLog
+
+	// --- 锁开始 ---
 	j.bufferMutex.Lock()
-	defer j.bufferMutex.Unlock()
-	
-	// 如果缓冲区为空，则不需要刷新
+	// 如果缓冲区为空，则不需要做任何事
 	if len(j.buffer) == 0 {
+		j.bufferMutex.Unlock()
 		return
 	}
-	
-	// 如果距离上次刷新时间超过5秒，或者缓冲区中有超过20条消息，则刷新缓冲区
-	if time.Since(j.lastFlushTime) > 5*time.Second || len(j.buffer) >= 20 {
-		// 创建一个新的logger代替j.logger
-		logger := zap.NewNop()
-		j.flushBuffer(ctx, logger)
+
+	// 检查是否满足刷新条件：强制刷新 或 超过时间阈值 或 超过数量阈值
+	if forceFlush || time.Since(j.lastFlushTime) > 5*time.Second || len(j.buffer) >= 20 {
+		// 注意: 此处可以传递一个真实logger，以便观察由定时器触发的刷新操作
+		logger := zap.NewNop() // 或者使用 j.Job.logger
+		batchToProcess = j.flushBufferUnlocked(logger)
 	}
-}
+	j.bufferMutex.Unlock()
+	// --- 锁结束 ---
 
-// flushBuffer 刷新缓冲区中的消息
-func (j *wafLogJob) flushBuffer(ctx context.Context, logger *zap.Logger) error {
-	if len(j.buffer) == 0 {
-		return nil
+	// 在锁外执行耗时的批量处理操作
+	if batchToProcess != nil {
+		// 注意: 此处可以传递一个真实logger
+		logger := zap.NewNop() // 或者使用 j.Job.logger
+		j.processBatch(ctx, logger, batchToProcess)
 	}
-	
-	// 复制当前缓冲区数据，然后清空缓冲区
+}
+
+// flushBufferUnlocked 从缓冲区复制数据并清空缓冲区。
+// **重要**: 此方法不包含锁，必须在调用方加锁保护。
+func (j *wafLogJob) flushBufferUnlocked(logger *zap.Logger) []*adminApi.WafLog {
 	messageCount := len(j.buffer)
-	logger.Info("开始批量处理WAF日志", zap.Int("日志数量", messageCount))
-	
-	// 复制一份数据进行处理
-	batch := make([]*adminApi.WafLog, len(j.buffer))
+	logger.Info("准备批量处理WAF日志", zap.Int("日志数量", messageCount))
+
+	// 复制一份数据用于处理
+	batch := make([]*adminApi.WafLog, messageCount)
 	copy(batch, j.buffer)
-	
-	// 清空缓冲区并更新刷新时间
+
+	// 清空缓冲区 (通过切片重置) 并更新刷新时间
 	j.buffer = j.buffer[:0]
 	j.lastFlushTime = time.Now()
-	
-	// 批量处理消息
+
+	return batch
+}
+
+// processBatch 执行实际的批量写入操作
+func (j *wafLogJob) processBatch(ctx context.Context, logger *zap.Logger, batch []*adminApi.WafLog) {
+	if len(batch) == 0 {
+		return
+	}
+
+	logger.Info("开始批量处理WAF日志", zap.Int("数量", len(batch)))
+
+	// 实际执行批量处理
 	err := j.wafLogService.BatchAddWafLog(ctx, batch)
-	
 	if err != nil {
-		logger.Error("批量处理WAF日志失败", zap.Error(err), zap.Int("数量", messageCount))
+		logger.Error("批量处理WAF日志失败", zap.Error(err), zap.Int("数量", len(batch)))
+		// 此处可以根据业务需求增加失败重试或告警逻辑
 	} else {
-		logger.Info("成功批量处理WAF日志", zap.Int("数量", messageCount))
+		logger.Info("成功批量处理WAF日志", zap.Int("数量", len(batch)))
 	}
-	
-	return err
-}
+}

internal/repository/api/waf/allowanddenyip.go

@@ -9,7 +9,7 @@ import (
 
 type AllowAndDenyIpRepository interface {
 	GetAllowAndDenyIp(ctx context.Context, id int64) (*model.AllowAndDenyIp, error)
-	AddAllowAndDenyIps(ctx context.Context, req model.AllowAndDenyIp) error
+	AddAllowAndDenyIps(ctx context.Context, req model.AllowAndDenyIp) (int, error)
 	EditAllowAndDenyIps(ctx context.Context, req model.AllowAndDenyIp) error
 	DeleteAllowAndDenyIps(ctx context.Context, id int64) error
 	GetAllowAndDenyIpsAllByHostId(ctx context.Context, hostId int64) ([]*model.AllowAndDenyIp, error)
@@ -37,11 +37,11 @@ func (r *allowAndDenyIpRepository) GetAllowAndDenyIp(ctx context.Context, id int
 	return &res, nil
 }
 
-func (r *allowAndDenyIpRepository) AddAllowAndDenyIps(ctx context.Context, req model.AllowAndDenyIp) error {
+func (r *allowAndDenyIpRepository) AddAllowAndDenyIps(ctx context.Context, req model.AllowAndDenyIp) (int, error) {
 	if err := r.Db.WithContext(ctx).Create(&req).Error; err != nil {
-		return fmt.Errorf("create error: %v", err)
+		return 0, fmt.Errorf("create error: %v", err)
 	}
-	return nil
+	return req.Id, nil
 }
 
 func (r *allowAndDenyIpRepository) EditAllowAndDenyIps(ctx context.Context, req model.AllowAndDenyIp) error {

internal/service/api/waf/allowanddenyip.go

@@ -12,7 +12,7 @@ import (
 type AllowAndDenyIpService interface {
 	GetAllowAndDenyIp(ctx context.Context, id int64) (*model.AllowAndDenyIp, error)
 	GetAllowAndDenyIpsAllByHostId(ctx context.Context, hostId int64) ([]*model.AllowAndDenyIp, error)
-	AddAllowAndDenyIps(ctx context.Context, req v1.AllowAndDenyIpRequest) error
+	AddAllowAndDenyIps(ctx context.Context, req v1.AllowAndDenyIpRequest) (int, error)
 	EditAllowAndDenyIps(ctx context.Context, req v1.AllowAndDenyIpRequest) error
 	DeleteAllowAndDenyIps(ctx context.Context, req v1.DelAllowAndDenyIpRequest) error
 }
@@ -54,20 +54,20 @@ func (s *allowAndDenyIpService) GetAllowAndDenyIpsAllByHostId(ctx context.Contex
 	return res, nil
 }
 
-func (s *allowAndDenyIpService) AddAllowAndDenyIps(ctx context.Context, req v1.AllowAndDenyIpRequest) error {
+func (s *allowAndDenyIpService) AddAllowAndDenyIps(ctx context.Context, req v1.AllowAndDenyIpRequest) (int, error) {
 	// 判断ip是否存在
 	err := s.IsExistIp(ctx, int64(req.HostId), req.Ip)
 	if err != nil {
-		return err
+		return 0, err
 	}
 
 
 	gatewayGroupIps, err := s.gatewayIp.GetGatewayipOnlyIpByHostIdAll(ctx, int64(req.HostId), int64(req.Uid))
 	if err != nil {
-		return err
+		return 0, err
 	}
 	if len(gatewayGroupIps) == 0 {
-		return fmt.Errorf("请先配置实例")
+		return 0, fmt.Errorf("请先配置实例")
 	}
 
 	color := "black"
@@ -79,15 +79,16 @@ func (s *allowAndDenyIpService) AddAllowAndDenyIps(ctx context.Context, req v1.A
 	for _, v := range gatewayGroupIps {
 		go s.wafformatter.PublishIpWhitelistTask([]string{req.Ip}, "add",v,color)
 	}
-	if err := s.allowAndDenyIpRepository.AddAllowAndDenyIps(ctx, model.AllowAndDenyIp{
+	id, err := s.allowAndDenyIpRepository.AddAllowAndDenyIps(ctx, model.AllowAndDenyIp{
 		Ip:         req.Ip,
 		HostId:     req.HostId,
 		AllowOrDeny: req.AllowOrDeny,
 		Uid:        req.Uid,
-	}); err != nil {
-		return err
+	});
+	if err != nil {
+		return 0, err
 	}
-	return nil
+	return id, nil
 }
 
 func (s *allowAndDenyIpService) EditAllowAndDenyIps(ctx context.Context, req v1.AllowAndDenyIpRequest) error {

internal/service/api/waf/tcpforwarding.go

@@ -18,7 +18,7 @@ import (
 
 type TcpforwardingService interface {
 	GetTcpforwarding(ctx context.Context, req v1.GetForwardingRequest) (v1.TcpForwardingDataRequest, error)
-	AddTcpForwarding(ctx context.Context, req *v1.TcpForwardingRequest)  error
+	AddTcpForwarding(ctx context.Context, req *v1.TcpForwardingRequest)  (int, error)
 	EditTcpForwarding(ctx context.Context, req *v1.TcpForwardingRequest)  error
 	DeleteTcpForwarding(ctx context.Context, req v1.DeleteTcpForwardingRequest) error
 	GetTcpForwardingAllIpsByHostId(ctx context.Context, req v1.GetForwardingRequest) ([]v1.TcpForwardingDataRequest, error)
@@ -172,25 +172,25 @@ func (s *tcpforwardingService) prepareWafData(ctx context.Context, req *v1.TcpFo
 	return require, formData, nil
 }
 
-func (s *tcpforwardingService) AddTcpForwarding(ctx context.Context, req *v1.TcpForwardingRequest)  error {
+func (s *tcpforwardingService) AddTcpForwarding(ctx context.Context, req *v1.TcpForwardingRequest)  (int, error) {
 	require, formData, err := s.prepareWafData(ctx, req)
 	if err != nil {
-		return err
+		return 0, err
 	}
 	err = s.wafformatter.validateWafPortCount(ctx, require.HostId)
 	if err != nil {
-		return err
+		return 0, err
 	}
 	// 验证端口重复
 	err = s.wafformatter.VerifyPort(ctx, "tcp", int64(req.TcpForwardingData.Id),req.TcpForwardingData.Port, int64(require.HostId), "")
 	if err != nil {
-		return err
+		return 0, err
 	}
 
 
 	tcpId, err := s.cdn.CreateWebsite(ctx, formData)
 	if err != nil {
-		return err
+		return 0, err
 	}
 
 	// 添加源站
@@ -202,7 +202,7 @@ func (s *tcpforwardingService) AddTcpForwarding(ctx context.Context, req *v1.Tcp
 			Comment:     req.TcpForwardingData.Comment,
 		})
 		if err != nil {
-			return err
+			return 0, err
 		}
 		cdnOriginIds[v] = id
 	}
@@ -211,7 +211,7 @@ func (s *tcpforwardingService) AddTcpForwarding(ctx context.Context, req *v1.Tcp
 	for _, v := range cdnOriginIds {
 		err = s.cdn.AddServerOrigin(ctx, tcpId, v)
 		if err != nil {
-			return err
+			return 0, err
 		}
 	}
 
@@ -222,7 +222,7 @@ func (s *tcpforwardingService) AddTcpForwarding(ctx context.Context, req *v1.Tcp
 			Version: 1,
 		})
 		if err != nil {
-			return err
+			return 0, err
 		}
 	}
 
@@ -230,11 +230,11 @@ func (s *tcpforwardingService) AddTcpForwarding(ctx context.Context, req *v1.Tcp
 
 	id, err := s.tcpforwardingRepository.AddTcpforwarding(ctx, tcpModel)
 	if err != nil {
-		return  err
+		return 0, err
 	}
 	TcpRuleModel := s.buildTcpRuleModel(&req.TcpForwardingData, require, id, cdnOriginIds)
 	if _, err = s.tcpforwardingRepository.AddTcpforwardingIps(ctx, *TcpRuleModel); err != nil {
-		return err
+		return 0, err
 	}
 
 
@@ -244,7 +244,7 @@ func (s *tcpforwardingService) AddTcpForwarding(ctx context.Context, req *v1.Tcp
 		for _, v := range req.TcpForwardingData.BackendList {
 			ip, _, err := net.SplitHostPort(v)
 			if err != nil {
-				return err
+				return 0, err
 			}
 			ips = append(ips, ip)
 		}
@@ -252,7 +252,7 @@ func (s *tcpforwardingService) AddTcpForwarding(ctx context.Context, req *v1.Tcp
 	}
 
 
-	return  nil
+	return id,nil
 }
 
 func (s *tcpforwardingService) EditTcpForwarding(ctx context.Context, req *v1.TcpForwardingRequest) error {

internal/service/api/waf/udpforwarding.go

@@ -18,7 +18,7 @@ import (
 
 type UdpForWardingService interface {
 	GetUdpForWarding(ctx context.Context,req v1.GetForwardingRequest) (v1.UdpForwardingDataRequest, error)
-	AddUdpForwarding(ctx context.Context, req *v1.UdpForwardingRequest) error
+	AddUdpForwarding(ctx context.Context, req *v1.UdpForwardingRequest) (int, error)
 	EditUdpForwarding(ctx context.Context, req *v1.UdpForwardingRequest) error
 	DeleteUdpForwarding(ctx context.Context, req v1.DeleteUdpForwardingRequest) error
 	GetUdpForwardingWafUdpAllIps(ctx context.Context, req v1.GetForwardingRequest) ([]v1.UdpForwardingDataRequest, error)
@@ -166,26 +166,26 @@ func (s *udpForWardingService) prepareWafData(ctx context.Context, req *v1.UdpFo
 	return require, formData, nil
 }
 
-func (s *udpForWardingService) AddUdpForwarding(ctx context.Context, req *v1.UdpForwardingRequest) error {
+func (s *udpForWardingService) AddUdpForwarding(ctx context.Context, req *v1.UdpForwardingRequest) (int, error) {
 	require, formData, err := s.prepareWafData(ctx, req)
 	if err != nil {
-		return err
+		return 0, err
 	}
 	err = s.wafformatter.validateWafPortCount(ctx, require.HostId)
 	if err != nil {
-		return err
+		return 0, err
 	}
 
 
 	// 验证端口重复
 	err = s.wafformatter.VerifyPort(ctx, "udp", int64(req.UdpForwardingData.Id), req.UdpForwardingData.Port, int64(require.HostId), "")
 	if err != nil {
-		return err
+		return 0, err
 	}
 
 	udpId, err := s.cdn.CreateWebsite(ctx, formData)
 	if err != nil {
-		return err
+		return 0, err
 	}
 
 	// 添加源站
@@ -197,7 +197,7 @@ func (s *udpForWardingService) AddUdpForwarding(ctx context.Context, req *v1.Udp
 			Comment:     req.UdpForwardingData.Comment,
 		})
 		if err != nil {
-			return err
+			return 0, err
 		}
 		cdnOriginIds[v] = id
 	}
@@ -207,7 +207,7 @@ func (s *udpForWardingService) AddUdpForwarding(ctx context.Context, req *v1.Udp
 	for _, v := range cdnOriginIds {
 		err = s.cdn.AddServerOrigin(ctx, udpId, v)
 		if err != nil {
-			return err
+			return 0, err
 		}
 	}
 
@@ -219,7 +219,7 @@ func (s *udpForWardingService) AddUdpForwarding(ctx context.Context, req *v1.Udp
 			Version: 1,
 		})
 		if err != nil {
-			return err
+			return 0, err
 		}
 	}
 
@@ -227,11 +227,11 @@ func (s *udpForWardingService) AddUdpForwarding(ctx context.Context, req *v1.Udp
 
 	id, err := s.udpForWardingRepository.AddUdpForwarding(ctx, udpModel)
 	if err != nil {
-		return err
+		return 0, err
 	}
 	udpRuleModel := s.buildUdpRuleModel(&req.UdpForwardingData, require, id, cdnOriginIds)
 	if _, err = s.udpForWardingRepository.AddUdpForwardingIps(ctx, *udpRuleModel); err != nil {
-		return err
+		return 0, err
 	}
 
 	// 异步任务：将IP添加到白名单
@@ -240,14 +240,14 @@ func (s *udpForWardingService) AddUdpForwarding(ctx context.Context, req *v1.Udp
 		for _, v := range req.UdpForwardingData.BackendList {
 			ip, _, err := net.SplitHostPort(v)
 			if err != nil {
-				return err
+				return 0, err
 			}
 			ips = append(ips, ip)
 		}
 		go s.wafformatter.PublishIpWhitelistTask(ips, "add","","white")
 	}
 
-	return nil
+	return id, nil
 }
 
 func (s *udpForWardingService) EditUdpForwarding(ctx context.Context, req *v1.UdpForwardingRequest) error {

internal/service/api/waf/webforwarding.go

@@ -19,7 +19,7 @@ import (
 type WebForwardingService interface {
 	GetWebForwarding(ctx context.Context, req v1.GetForwardingRequest) (v1.WebForwardingDataRequest, error)
 	GetWebForwardingWafWebAllIps(ctx context.Context, req v1.GetForwardingRequest) ([]v1.WebForwardingDataRequest, error)
-	AddWebForwarding(ctx context.Context, req *v1.WebForwardingRequest) error
+	AddWebForwarding(ctx context.Context, req *v1.WebForwardingRequest) (int, error)
 	EditWebForwarding(ctx context.Context, req *v1.WebForwardingRequest) error
 	DeleteWebForwarding(ctx context.Context, req v1.DeleteWebForwardingRequest) error
 }
@@ -341,10 +341,10 @@ func (s webForwardingService) FindDifferenceList(oldList, newList []v1.BackendLi
 	return added, removed
 }
 
-func (s *webForwardingService) AddWebForwarding(ctx context.Context, req *v1.WebForwardingRequest) error {
+func (s *webForwardingService) AddWebForwarding(ctx context.Context, req *v1.WebForwardingRequest) (int, error) {
 	require, formData, err := s.prepareWafData(ctx, req)
 	if err != nil {
-		return err
+		return 0, err
 	}
 
 	// 验证域名限制
@@ -355,12 +355,12 @@ func (s *webForwardingService) AddWebForwarding(ctx context.Context, req *v1.Web
 		Uid: req.Uid,
 	})
 	if err != nil {
-		return err
+		return 0, err
 	}
 
 	err = s.wafformatter.validateWafPortCount(ctx, require.HostId)
 	if err != nil {
-		return err
+		return 0, err
 	}
 
 	var protocol string
@@ -372,7 +372,7 @@ func (s *webForwardingService) AddWebForwarding(ctx context.Context, req *v1.Web
 	// 验证端口重复
 	err = s.wafformatter.VerifyPort(ctx, protocol, int64(req.WebForwardingData.Id), req.WebForwardingData.Port, int64(require.HostId), req.WebForwardingData.Domain)
 	if err != nil {
-		return err
+		return 0, err
 	}
 
 
@@ -387,13 +387,13 @@ func (s *webForwardingService) AddWebForwarding(ctx context.Context, req *v1.Web
 			Description:  req.WebForwardingData.Comment,
 		})
 		if err != nil {
-			return err
+			return 0, err
 		}
 		req.WebForwardingData.SslCertId = sslCertId
 		req.WebForwardingData.SslPolicyId = formData.HttpsJSON.SslPolicyRef.SslPolicyId
 		err = s.sslCert.EditSslPolicy(ctx, formData.HttpsJSON.SslPolicyRef.SslPolicyId, []int64{sslCertId}, "add")
 		if err != nil {
-			return err
+			return 0, err
 		}
 	}
 
@@ -401,12 +401,12 @@ func (s *webForwardingService) AddWebForwarding(ctx context.Context, req *v1.Web
 	// 添加网站
 	formDataSend, err := s.BulidFormData(ctx, formData)
 	if err != nil {
-		return err
+		return 0, err
 	}
 
 	webId, err := s.cdn.CreateWebsite(ctx, formDataSend)
 	if err != nil {
-		return err
+		return 0, err
 	}
 	backendList := make(map[string]string)
 	for _, k := range req.WebForwardingData.BackendList {
@@ -417,10 +417,10 @@ func (s *webForwardingService) AddWebForwarding(ctx context.Context, req *v1.Web
 	// 开启websocket
 	websocketId, err := s.websocket.AddWebsocket(ctx)
 	if err != nil {
-		return err
+		return 0, err
 	}
 	if err := s.websocket.EnableOrDisable(ctx, webId, websocketId, true, false); err != nil {
-		return err
+		return 0, err
 	}
 
 
@@ -441,7 +441,7 @@ func (s *webForwardingService) AddWebForwarding(ctx context.Context, req *v1.Web
 			Comment:     req.WebForwardingData.Comment,
 		})
 		if err != nil {
-			return err
+			return 0, err
 		}
 		cdnOriginIds[v.Addr] = id
 	}
@@ -450,7 +450,7 @@ func (s *webForwardingService) AddWebForwarding(ctx context.Context, req *v1.Web
 	for _, v := range cdnOriginIds {
 		err = s.cdn.AddServerOrigin(ctx, webId, v)
 		if err != nil {
-			return err
+			return 0, err
 		}
 	}
 
@@ -462,28 +462,28 @@ func (s *webForwardingService) AddWebForwarding(ctx context.Context, req *v1.Web
 			Version: 1,
 		})
 		if err != nil {
-			return err
+			return 0, err
 		}
 	}
 
 	// 开启访问日志
 	err = s.EditLog(ctx, webId)
 	if err != nil {
-		return err
+		return 0, err
 	}
 
 	// 开启CC
 	if req.WebForwardingData.CcConfig.IsOn {
 		err = s.cc.EditCcConfig(ctx, webId, req.WebForwardingData.CcConfig)
 		if err != nil {
-			return err
+			return 0, err
 		}
 	}
 
 
 	// 开启waf防火墙
 	if err = s.ccIpList.AddCcIpListPolicy(ctx, webId, int64(require.GroupId)); err != nil {
-		return err
+		return 0, err
 	}
 
 
@@ -492,25 +492,25 @@ func (s *webForwardingService) AddWebForwarding(ctx context.Context, req *v1.Web
 
 	id, err := s.webForwardingRepository.AddWebForwarding(ctx, webModel)
 	if err != nil {
-		return err
+		return 0, err
 	}
 	webRuleModel := s.buildWebRuleModel(&req.WebForwardingData, require, id, cdnOriginIds)
 	if _, err = s.webForwardingRepository.AddWebForwardingIps(ctx, *webRuleModel); err != nil {
-		return err
+		return 0, err
 	}
 
 	if req.WebForwardingData.Domain != "" {
 		// 异步任务：将域名添加到白名单
 		doMain, err := s.wafformatter.ConvertToWildcardDomain(ctx, req.WebForwardingData.Domain)
 		if err != nil {
-			return err
+			return 0, err
 		}
 		if len(require.GatewayIps) == 0 {
-			return fmt.Errorf("网关组不存在")
+			return 0, fmt.Errorf("网关组不存在")
 		}
 		firstIp, err := s.gatewayIp.GetGatewayipByHostIdFirst(ctx, int64(require.HostId), int64(require.Uid))
 		if err != nil {
-			return err
+			return 0, err
 		}
 		go s.wafformatter.PublishDomainWhitelistTask(doMain, firstIp, "add")
 
@@ -522,14 +522,14 @@ func (s *webForwardingService) AddWebForwarding(ctx context.Context, req *v1.Web
 		for _, v := range req.WebForwardingData.BackendList {
 			ip, _, err := net.SplitHostPort(v.Addr)
 			if err != nil {
-				return err
+				return 0, err
 			}
 			ips = append(ips, ip)
 		}
 		go s.wafformatter.PublishIpWhitelistTask(ips, "add", "", "white")
 	}
 
-	return nil
+	return id, nil
 }
 
 func (s *webForwardingService) EditWebForwarding(ctx context.Context, req *v1.WebForwardingRequest) error {