From f138e7fdf8f315e8c66e92ce2a019fc8dbf3113c Mon Sep 17 00:00:00 2001
From: zhengkunwang223 <zhengkun@fit2cloud.com>
Date: Wed, 23 Aug 2023 10:38:20 +0800
Subject: [PATCH] =?UTF-8?q?feat:=20=E5=A2=9E=E5=8A=A0=E5=8D=97=E5=A2=99=20?=
 =?UTF-8?q?Web=20=E5=BA=94=E7=94=A8=E9=98=B2=E7=81=AB=E5=A2=99?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 apps/uuwaf/2.5.1/data.yml           |  25 +++++++++
 apps/uuwaf/2.5.1/docker-compose.yml |  55 +++++++++++++++++++
 apps/uuwaf/README.md                |  81 ++++++++++++++++++++++++++++
 apps/uuwaf/data.yml                 |  20 +++++++
 apps/uuwaf/logo.png                 | Bin 0 -> 30848 bytes
 5 files changed, 181 insertions(+)
 create mode 100644 apps/uuwaf/2.5.1/data.yml
 create mode 100644 apps/uuwaf/2.5.1/docker-compose.yml
 create mode 100644 apps/uuwaf/README.md
 create mode 100644 apps/uuwaf/data.yml
 create mode 100644 apps/uuwaf/logo.png

diff --git a/apps/uuwaf/2.5.1/data.yml b/apps/uuwaf/2.5.1/data.yml
new file mode 100644
index 000000000..b23b2e218
--- /dev/null
+++ b/apps/uuwaf/2.5.1/data.yml
@@ -0,0 +1,25 @@
+additionalProperties:
+  formFields:
+    - default: 80
+      disabled: true
+      envKey: PANEL_APP_PORT_HTTP1
+      labelEn: HTTP Port
+      labelZh: HTTP 端口
+      required: true
+      type: number
+    - default: 443
+      disabled: true
+      envKey: PANEL_APP_PORT_HTTPS2
+      labelEn: HTTPS Port
+      labelZh: HTTPS 端口
+      required: true
+      type: number
+    - default: 4443
+      edit: true
+      envKey: PANEL_APP_PORT_HTTPS
+      labelEn: Port
+      labelZh: 面板端口
+      required: true
+      rule: paramPort
+      type: number
+
diff --git a/apps/uuwaf/2.5.1/docker-compose.yml b/apps/uuwaf/2.5.1/docker-compose.yml
new file mode 100644
index 000000000..b7c0a8097
--- /dev/null
+++ b/apps/uuwaf/2.5.1/docker-compose.yml
@@ -0,0 +1,55 @@
+networks:
+  wafnet:
+    name: wafnet
+    driver: bridge
+    ipam:
+      driver: default
+      config:
+        - gateway: 172.22.0.1
+          subnet: 172.22.0.0/24
+    driver_opts:
+      com.docker.network.bridge.name: wafnet
+
+services:
+  uuwaf:
+    image: uusec/nanqiang:v2.5.1
+    ulimits:
+      nproc: 65535
+      nofile:
+        soft: 102400
+        hard: 102400
+    container_name: uuwaf
+    networks:
+      wafnet:
+        ipv4_address: 172.22.0.3
+    ports:
+      - ${PANEL_APP_PORT_HTTP1}:80
+      - ${PANEL_APP_PORT_HTTPS2}:443
+      - ${PANEL_APP_PORT_HTTPS}:4443
+    volumes:
+      - wafshared:/uuwaf
+    command: ["/run.sh"]
+    environment:
+      - TZ=Asia/Shanghai
+    links:
+      - wafdb
+    depends_on:
+      - wafdb
+
+  wafdb:
+    image: percona:8
+    container_name: wafdb
+    networks:
+      wafnet:
+        ipv4_address: 172.22.0.7
+    volumes:
+      - wafshared:/docker-entrypoint-initdb.d
+      - wafdata:/var/lib/mysql
+    environment:
+      - TZ=Asia/Shanghai
+      - INIT_ROCKSDB
+      - MYSQL_ROOT_PASSWORD=Safe3.WAF
+
+volumes:
+  wafshared:
+  wafdata:
diff --git a/apps/uuwaf/README.md b/apps/uuwaf/README.md
new file mode 100644
index 000000000..5606432b1
--- /dev/null
+++ b/apps/uuwaf/README.md
@@ -0,0 +1,81 @@
+# 南墙简介
+
+[![GitHub stars](https://img.shields.io/github/stars/Safe3/uuWAF.svg?label=关注&nbsp;南墙&style=for-the-badge)](https://github.com/Safe3/uuWAF)
+[![Chat](https://img.shields.io/badge/Discuss-加入讨论组-7289da.svg?style=for-the-badge)](https://github.com/Safe3/uuWAF/discussions)
+
+> **南墙**WEB应用防火墙（简称：`uuWAF`）一款社区驱动的免费、高性能、高扩展顶级Web应用安全防护产品。
+
+![](http://waf.uusec.com/_media/waf.png)
+
+🏠安装及使用请访问官网： https://waf.uusec.com/
+
+:heavy_exclamation_mark:注意：南墙 暂不开源，直接下载编译好的二进制文件安装即可，github仓库内主要为社区贡献的规则，每次 uuWAF 发布将自动更新。
+
+
+
+## :dart: 技术优势
+- :libra: 先进语义引擎
+
+  南墙采用业界领先的`SQL、XSS、RCE、LFI` 4种基于语义分析的检测引擎，结合多种深度解码引擎可对`base64、json、form-data`等HTTP内容真实还原，从而有效抵御各种绕过WAF的攻击方式，并且相比传统正则匹配具备准确率高、误报率低、效率高等特点，管理员无需维护庞杂的规则库，即可拦截多种攻击类型。
+
+- :ophiuchus: 智能0day防御
+
+  南墙创新性的运用机器学习技术，使用**异常检测算法**对http正常与攻击流量进行区分识别，并对正常流量进行白名单威胁建模。通过**机器学习算法**自动学习正常流量中的参数特征，并转化成对应的参数白名单规则库，可以在面对各种突发0day漏洞时，无需添加规则即可拦截攻击，免除网站管理者一出现漏洞就需挑灯夜战升级的痛苦。
+
+- :gemini: 高级规则引擎
+
+  南墙积极运用`nginx`和`luajit`的高性能、高灵活性特点，除了提供对普通用户友好性较好的传统规则创建模式，还提供了高扩展性、高灵活性的lua脚本规则编写功能，使得有一定编程功底的高级安全管理员可以创造出一系列传统WAF所不能实现的高级漏洞防护规则，用户可以编写一系列插件来扩展WAF现有功能。从而使得在拦截一些复杂漏洞时，可以更加得心应手。
+  
+  
+
+
+## :rocket: 一键安装
+
+南墙为你提供了强大灵活的扩展和安全规则的编写API，在管理后台发布后所有规则无需重启立即生效，远超市面上大部分免费WAF产品如`ModSecurity`，规则展示如下：
+
+![](http://waf.uusec.com/_media/rule.png)
+
+🏠请访问官网： https://waf.uusec.com/ 下载 南墙WAF使用说明书 了解规则API详情
+
+南墙安装及其简便，通常在几分钟内即可安装完毕，具体耗时视网络下载情况而定。
+
+注意：请尽量选择一台纯净Linux x86_64环境的服务器安装，因为安装过程会卸载旧的MySQL数据库并重新安装，如果没有备份，可造成旧的MySQL数据丢失，并且南墙采用云WAF反向代理模式，默认需要使用80、443端口。
+
+> 主机版安装方式如下：
+
+```bash
+sudo yum install -y ca-certificates
+sudo wget https://waf.uusec.com/waf-install && chmod +x waf-install && ./waf-install && rm -f ./waf-install
+```
+
+安装成功后会显示 “ 恭喜您，安装成功！”
+
+> Docker版安装方式如下： 
+
+```bash
+sudo curl https://waf.uusec.com/docker-compose.yml -o docker-compose.yml && docker compose up -d
+```
+
+
+
+## :gift_heart: 贡献 Rule
+
+参照: https://waf.uusec.com/#/guide/contribute
+
+
+
+
+## :kissing_heart: 加入讨论
+
+欢迎各位就 南墙 的各种bug或功能需求及使用问题，在如下渠道参与讨论
+
+- 问题提交：https://github.com/Safe3/uuWAF/issues
+
+- 讨论社区：https://github.com/Safe3/uuWAF/discussions
+
+- 官方 QQ 群：11500614
+
+- 官方微信群：微信扫描以下二维码加入
+
+  <img src="https://waf.uusec.com/_media/weixin.jpg" alt="微信群"  height="200px" />
+
diff --git a/apps/uuwaf/data.yml b/apps/uuwaf/data.yml
new file mode 100644
index 000000000..fb210df13
--- /dev/null
+++ b/apps/uuwaf/data.yml
@@ -0,0 +1,20 @@
+name: 南墙 Web 应用防火墙
+tags:
+  - 工具
+title: 一款社区驱动的免费、高性能、高扩展顶级 Web 应用和 API 安全防护产品
+type: 工具
+description: 一款社区驱动的免费、高性能、高扩展顶级 Web 应用和 API 安全防护产品
+additionalProperties:
+  key: uuwaf
+  name: 南墙 Web 应用防火墙
+  tags:
+    - Tool
+  shortDescZh: 一款社区驱动的免费、高性能、高扩展顶级 Web 应用和 API 安全防护产品
+  shortDescEn: A community-driven, free, high-performance, highly scalable top-tier Web application and API security protection product
+  type: tool
+  crossVersionUpdate: false
+  limit: 1
+  recommend: 0
+  website: https://waf.uusec.com/#/
+  github: https://github.com/Safe3/uuWAF
+  document: https://waf.uusec.com/#/?id=main
diff --git a/apps/uuwaf/logo.png b/apps/uuwaf/logo.png
new file mode 100644
index 0000000000000000000000000000000000000000..362333c3c2309806bb7410afd21c1e42b95cf100
GIT binary patch
literal 30848
zcmeI!_fr(f9suwq=cr2%1QbL-QNn>r5G13BNCp*2f&?Wg5>7!tPf!#vfP#pyk_C2&
zl7wY}B`SynB}r1k9SA79GdnYHt*du+Rqr2oKlD^j_qV6M^PTQb)l_w&jkUP|?+#uZ
z4kut~VPeZ14S(I-Y|Q?7?adYD!0vnO<S`tM_<)b$!NHufgxQ)K;mZ1@7jZZ?oQ;*e
zsg+*{O!P#$B50LvTOXc5`A4@34sMYASDzbSN-&42#kT7Fur_Y2kr%2xCpcgVRogLp
zW)m1RWA@lv9=O^bDcz1%ilTKQzn;7nL8&|#Nf3D#OUqNFSD4Z2C6Nj|N*1Koorn6O
zAmS;w(G99~rjZ<(`AGS8n2i52_K`t6MJv$8YI*66eker%DOQ3@<ltg;IA<sNdIzIa
z79wiHb=J&R{%!*Q4X_#kl!S+K6|oLps7VCt;X<p0;9NYtL=!2(Gl+YUE&(Y25LzyY
zQuwfD0j!gqPBMo}6yba&sL>ay(xDgWAypFpRQ`8>wR2%q4y0NVDo|kbU4!yuuy$TX
ziNp`06-MTP3l(XVr<rw-kFQWNKU^h;_3|;wbTJAK+95#iyg`3$hSW*J`TH1sxBgxB
z?-+i$1M6moUrAtHtWb_TGsb$@upUmVlZ#H!gmWaYR$-)80xs1;U*j<fH%yRXZVD!c
z!NoFI6Bm@b7bg9N5O>0PvQX(En52pnh%?IZ^!E?xuT<$(R#2@gqe>1Th(P5EXbUe?
zruV;V`1QqZRya=$ZRJBc_%I3=S|h~B7iHv2(u;JECQ-DL3oevF$h(nNJ*<a=mUjRt
z$HOJcFwp{S7D76Np)v)SiBlwnQTWj}e2i{AIG;I{MOuEt`dOj+3vh!v+AM>0u|rM%
zj7&WJ5uQf94iR<ex!N#s-#<&jT7;lnd8~_<UaEsownLSYv@A)aS^{~afl}n*1}l`x
zf%S4gd9qmJb~sy}o_`q5l!3CP;AW41iok?}XpID;eGfvBN612Oqa$;JNR2!*A#vze
z8d4{UHVH8bw_)9ESO@#k1J`oqj{#k=wYI}?vJ3KXv$L?WaPVP>5<@hYi%k-hMSuJ$
zgleHefvUWajjEKJ)=}|tRFFen5#6=(X=Uo-Mvva<1DhUVv|$9z&=U<|Fw|C)#RES!
zLv#mf(@EcRlT!-qD;EQ#FB!hc!4G|zGoi;{D;2r_Oz{NG!BnbmK=pRYf>z<DNuSL{
zuig)pfBCEq6gtvZMo!zUEZ@yn>W(x=mgK{egMv_UPmu17>f<?s=8$&w*^14rr8{F8
zlbPlZ&ZZE|*H3t+4UZtY<o5v?=UtjMd>NZZo>o`)G}x5Y9mt9KeIhZe*1Px?ai*<)
z7P|4o+0k$@sx0KiO8zxo*lp7QhvO`=G&yGP+~(!p!j;j^ZznM}Ix0zJU-2LNeSct}
zG{1Lzj;czS-VcttF74QOt*u7WwMHA#N%ybbPDC{Wk7C0bmcVhz8%>#U(WBJCzE-82
z11|^)sxoJ(CiUTtO+pRxl~#k%?U=O&-s`J7KIOxnVIMIuZN(<RuV;#WB+q>MG*kK0
z)o-b2BaugVnLpg2ZF{q1QF0}v`gyG3c+c@BHQl^NkH5`P2r~ZF7vTMuwx)#TLNt1>
z+}*{cJ8-O1UmfmGbSsE8h>5Mo*4EaZoNS76dAu`YccMl@d~zf@G-UQCPDUn&Cnf?#
zW_coHLLAPeC#I%KupJ(g&=WuDKO}}=Z=05V+>DKl$z^-*?meNXzos3YJ^1pJ+_B(b
zjc?Y=j)Q35hsh^$v%Gz#fn^#zmT9EH7%XZ?x4eCuc$Ohj#)XVOKo>tR<la#!_(r;{
zQGPRTWeV~!)9V+{NU2J7`YkM;Pb@uj&t>Y|m#gBdk9=D_*c<vkF&_NYsOQI{Gm8IK
zr-cXwKWZ-T_(MzWh@Q|+M_wh@4{3KaOOH6#qT*K>(NpP?nWfnqK7O4oF{-uSZ;`Be
zVotj}Xi{+|I7j6NrQwkgm3V_}Z&yqfFEshbt4DSgKhuznw|-hL6G-)m=GxbJ@@1WM
zpz27hJVZWYcyxj_a?d?_Mn;MQNmKofWb~1BMu4$EOwqH^?&4a9$8q~|6NEzsI%b=x
zX{HW>FQ4n0-k;DQq;JL8?N0i6t;dTNbMxlO34w$N&#8es@liWG*Ron)hgjav>m=)k
z^(oJ7ZhJepAkIqJr7&8<(X0KGXtHyGGyHL+<9Ohgz4tk5<T_)Ay3fC@kZO^uJUp``
zT5{s$ZQ-)APd&ko!@+!$VW-}t*pGdR-yGAu_<AU*Y{6VTR;zr!m0j3O<k5??cS>9H
zK3Nq?8)wwhcJES6K_yxvc6sbl4ru-6JojGtsP4n(x>t@?)x1CFsXd|LghcxUu%zt}
z;Ywj~t!NQva=5#0NjhqOw801WFL*n{<dwRuw#uicQo@4m6{xYU)+=vR49?$se&&_8
zpe~yQ%OB|Y;zI?EclxH*JHB6)V_SOS`OZF?p;PxpWircWHkKmwxvKO|ZkPboKjBF{
z+uH;Ef|)#g3PL^6#g9*Y@tlqOxW~618qO;u-XiRRFSaUq@UtcDi9S^DGgGRP%s=fe
zy!Mxomf>-}XRNekmAv=yMlQC$50~~&cLuJk5jrCmN;Qgel~ivytAtkIjSjgFFNfMC
zpPge=ZHPQ$;ScZG?V&ijf18o!^y+fDzw*l3C;Rl9$mmzkD=&D@I61UgRhXu_ygfhe
z6;&tQi&J!PFuU*dKvd26Okuw0Qc{2tG31cp=e!U0LT;Ik>@H8TSGs4(q8{Yo>gk*c
zmz!tFL3}pr5j#D3#MQD=vjT}zQ(OVX#CQVtT<`Sk>d~%JO|H{b8vWx96XW`Q9An?V
zuN7`%my)}quqc{(S=#oflVH&dDJ#^-4-+R;?a#fikK>04{;-zZt=*kXn^{J7b{unr
zcXbB|*Je-3&y8P<(XTNx>F$qm;Xmv(A~$!>%J#YzNz=yP#jHBz%Es5rg=0?*d>l5b
z{VhU^O^<W)2^xHM(opBvLtu}KQ&c!1qincOXxja;maX6P$O{MC+$7i9;1W^=J6&?F
z^<m9~io&0a0gJI`m)_-zZ=5R0agZ}Skoi^fRTtMZF*vWLpK~P&URsW$&Zm+_+V^cN
z1b8L}_Zcs6-sMZ#9l8h~KGr&lAGW0y^NJm8jF?|;BqyEityvsj*O(MIN(<0_p?x}s
zC8+FnVP9*Z?2&8d`?FP}y74b=j9hIb@f{q05rFspAyLUw9@6Zc8aS=2cX@3wJRMyQ
z`9dzq>alB63%J;P0`KBx{(0kGu>HUa6zvmzNt-RssnyOm!c%)hVt(P9ENQg<>I6$^
zvO@dQ4#h5)^}fEo^>r@aB#%qFmBEk14p3JozgwD#7&putuSV-btfg`}h18_Vy&bLd
z#X*swofB+k7VT{5sq66!H4dj4C@3pSnpO9j^!KUx{1sbw?<=~*(M##r2C2eUaAq^C
z;$o7rcf^S#PR^gNs%h{+>*amj{3#XOvzptz6wBIjiwa(b`!>8uNT8T?kqF$vUN!A6
zc_=$@{u=5V7ic<DIyc5C(FL~~!|q%5Kbqj}wIXcBj!9~1k*{BG!#l_7*CrMiJJeaO
z8fb=SYKFzfB`4m>yjA*_rtaADaOW#6ki`nEUI({e5_&t7z311V7iVc|ZBl0B9``E-
z7Z3mfKmZ5;0U!VbfB+Bx0zd!=00AHX1b_e#00KY&2mk>f00e*l5C8%|00;m9AOHk_
z01yBIKmZ5;0U!VbfB+Bx0zd!=00AHX1b_e#00KY&2mk>f00e*l5C8%|00;m9AOHk_
z01yBIKmZ5;0U!VbfB+Bx0zd!=00AHX1b_e#00KY&2mk>f00e*l5C8%|00;m9AOHk_
a01yBIKmZ5;0U!VbfB+Bx0zlyZP~bn%MaEzN

literal 0
HcmV?d00001