/waf

Simple golang tcp reverse proxy with filter

Primary LanguageGoGNU General Public License v3.0GPL-3.0

waf

Simple golang tcp reverse proxy with filter

Since added the limitation of connection per ip,

it could easily block the non-proxies tcp/http flood.

Proxied tcp/http flood need some time to block.

Function

  • Anti-cc
    • Limit the connections per ip
    • Limit the packets per connection
    • Limit the packets per second of every ip
  • Block IP system
    • Auto block ip trigger the limitation
    • Unblock all ip every 30 second(might be change)
    • Unban the blocked ip until you want
  • Check validity of request
    • Under development
  • Block injection
    • Unfinished
  • Filter the sensitive url
    • Unfinished
  • Log system
    • Under development

Usage

You can change the setting:

	// You can edit this
	waf_port                 = "0.0.0.0:80"     //your waf address
	real_port                = "localhost:1337" //your real address
	pps_per_ip_limit         = 10               //Limit the packets per second of ip
	connection_limit         = 10               //Limit the connections of ip
	banned_time      float64 = 60               //Blocking time of the banned ip

Then build it and use it

TODO

  • Anti-cc
  • Block IP system
  • Check validity of request
  • Block injection
  • Filter the sensitive url
  • Log system

Experiment

Tested with 1400+ socks4 proxies, it takes some time to block all the ips.

Attack side (4c8g) using socks4 cc

Server side (2c2g) using apache2 http server