# HTTPFirewallPolicyService > HTTP防火墙(WAF)服务 --- ## checkHTTPFirewallPolicyIPStatus > 检查IP状态 - 角色:`admin`, `user` - HTTP:`POST https://backend.dooki.cloud/HTTPFirewallPolicyService/checkHTTPFirewallPolicyIPStatus` - RPC:`rpc checkHTTPFirewallPolicyIPStatus (CheckHTTPFirewallPolicyIPStatusRequest) returns (CheckHTTPFirewallPolicyIPStatusResponse);` **请求对象 (`CheckHTTPFirewallPolicyIPStatusRequest`)** ```json { "httpFirewallPolicyId": "int64", "ip": "string" } ``` **响应对象 (`CheckHTTPFirewallPolicyIPStatusResponse`)** ```json { "isOk": "bool // 是否查询成功", "error": "string // 错误信息", "isFound": "bool // 是否找到", "isAllowed": "bool // 是否允许访问", "ipList": "IPList // 匹配的IPList", "ipItem": "IPItem // 匹配的IPItem", "regionCountry": "RegionCountry // 匹配到封禁的地区", "regionProvince": "RegionProvince // 匹配到封禁的省份" } ``` **调用示例** ```bash curl -X POST "https://backend.dooki.cloud/HTTPFirewallPolicyService/checkHTTPFirewallPolicyIPStatus" \ -H "Content-Type: application/json" \ -H "X-Edge-Access-Token: " \ -d '{ ... }' ``` --- ## countAllEnabledHTTPFirewallPolicies > 计算可用的防火墙策略数量 - 角色:`admin` - HTTP:`POST https://backend.dooki.cloud/HTTPFirewallPolicyService/countAllEnabledHTTPFirewallPolicies` - RPC:`rpc countAllEnabledHTTPFirewallPolicies (CountAllEnabledHTTPFirewallPoliciesRequest) returns (RPCCountResponse);` **请求对象 (`CountAllEnabledHTTPFirewallPoliciesRequest`)** ```json { "keyword": "string // 关键词", "nodeClusterId": "int64 // 集群ID" } ``` **响应对象 (`RPCCountResponse`)** ```json { "count": "int64 // 数量" } ``` **调用示例** ```bash curl -X POST "https://backend.dooki.cloud/HTTPFirewallPolicyService/countAllEnabledHTTPFirewallPolicies" \ -H "Content-Type: application/json" \ -H "X-Edge-Access-Token: " \ -d '{ ... }' ``` --- ## createEmptyHTTPFirewallPolicy > 创建空防火墙策略 - 角色:`admin`, `user` - HTTP:`POST https://backend.dooki.cloud/HTTPFirewallPolicyService/createEmptyHTTPFirewallPolicy` - RPC:`rpc createEmptyHTTPFirewallPolicy (CreateEmptyHTTPFirewallPolicyRequest) returns (CreateEmptyHTTPFirewallPolicyResponse);` **请求对象 (`CreateEmptyHTTPFirewallPolicyRequest`)** ```json { "isOn": "bool // 是否启用", "name": "string // 名称", "description": "string // 描述(备注)", "serverId": "int64 // 服务ID(网站ID)", "serverGroupId": "int64 // 服务分组ID(网站分组ID)" } ``` **响应对象 (`CreateEmptyHTTPFirewallPolicyResponse`)** ```json { "httpFirewallPolicyId": "int64" } ``` **调用示例** ```bash curl -X POST "https://backend.dooki.cloud/HTTPFirewallPolicyService/createEmptyHTTPFirewallPolicy" \ -H "Content-Type: application/json" \ -H "X-Edge-Access-Token: " \ -d '{ ... }' ``` --- ## createHTTPFirewallPolicy > 创建防火墙策略 - 角色:`admin`, `user` - HTTP:`POST https://backend.dooki.cloud/HTTPFirewallPolicyService/createHTTPFirewallPolicy` - RPC:`rpc createHTTPFirewallPolicy (CreateHTTPFirewallPolicyRequest) returns (CreateHTTPFirewallPolicyResponse);` **请求对象 (`CreateHTTPFirewallPolicyRequest`)** ```json { "isOn": "bool // 是否启用", "name": "string // 名称", "description": "string // 描述(备注)", "httpFirewallGroupCodes": "[]string", "serverId": "int64 // 服务ID(网站ID)", "serverGroupId": "int64 // 服务分组ID(网站分组ID)" } ``` **响应对象 (`CreateHTTPFirewallPolicyResponse`)** ```json { "httpFirewallPolicyId": "int64" } ``` **调用示例** ```bash curl -X POST "https://backend.dooki.cloud/HTTPFirewallPolicyService/createHTTPFirewallPolicy" \ -H "Content-Type: application/json" \ -H "X-Edge-Access-Token: " \ -d '{ ... }' ``` --- ## deleteHTTPFirewallPolicy > 删除某个防火墙策略 - 角色:`admin` - HTTP:`POST https://backend.dooki.cloud/HTTPFirewallPolicyService/deleteHTTPFirewallPolicy` - RPC:`rpc deleteHTTPFirewallPolicy (DeleteHTTPFirewallPolicyRequest) returns (RPCSuccess);` **请求对象 (`DeleteHTTPFirewallPolicyRequest`)** ```json { "httpFirewallPolicyId": "int64" } ``` **响应对象 (`RPCSuccess`)** ```json {} ``` **调用示例** ```bash curl -X POST "https://backend.dooki.cloud/HTTPFirewallPolicyService/deleteHTTPFirewallPolicy" \ -H "Content-Type: application/json" \ -H "X-Edge-Access-Token: " \ -d '{ ... }' ``` --- ## findAllEnabledHTTPFirewallPolicies > 获取所有可用策略 - 角色:`admin` - HTTP:`POST https://backend.dooki.cloud/HTTPFirewallPolicyService/findAllEnabledHTTPFirewallPolicies` - RPC:`rpc findAllEnabledHTTPFirewallPolicies (FindAllEnabledHTTPFirewallPoliciesRequest) returns (FindAllEnabledHTTPFirewallPoliciesResponse);` **请求对象 (`FindAllEnabledHTTPFirewallPoliciesRequest`)** ```json {} ``` **响应对象 (`FindAllEnabledHTTPFirewallPoliciesResponse`)** ```json { "firewallPolicies": "[]HTTPFirewallPolicy" } ``` **调用示例** ```bash curl -X POST "https://backend.dooki.cloud/HTTPFirewallPolicyService/findAllEnabledHTTPFirewallPolicies" \ -H "Content-Type: application/json" \ -H "X-Edge-Access-Token: " \ -d '{ ... }' ``` --- ## findEnabledHTTPFirewallPolicy > 获取防火墙的基本信息 - 角色:`admin`, `user` - HTTP:`POST https://backend.dooki.cloud/HTTPFirewallPolicyService/findEnabledHTTPFirewallPolicy` - RPC:`rpc findEnabledHTTPFirewallPolicy (FindEnabledHTTPFirewallPolicyRequest) returns (FindEnabledHTTPFirewallPolicyResponse);` **请求对象 (`FindEnabledHTTPFirewallPolicyRequest`)** ```json { "httpFirewallPolicyId": "int64" } ``` **响应对象 (`FindEnabledHTTPFirewallPolicyResponse`)** ```json { "httpFirewallPolicy": "HTTPFirewallPolicy" } ``` **调用示例** ```bash curl -X POST "https://backend.dooki.cloud/HTTPFirewallPolicyService/findEnabledHTTPFirewallPolicy" \ -H "Content-Type: application/json" \ -H "X-Edge-Access-Token: " \ -d '{ ... }' ``` --- ## findEnabledHTTPFirewallPolicyConfig > 查找单个防火墙配置 - 角色:`admin`, `user` - HTTP:`POST https://backend.dooki.cloud/HTTPFirewallPolicyService/findEnabledHTTPFirewallPolicyConfig` - RPC:`rpc findEnabledHTTPFirewallPolicyConfig (FindEnabledHTTPFirewallPolicyConfigRequest) returns (FindEnabledHTTPFirewallPolicyConfigResponse);` **请求对象 (`FindEnabledHTTPFirewallPolicyConfigRequest`)** ```json { "httpFirewallPolicyId": "int64" } ``` **响应对象 (`FindEnabledHTTPFirewallPolicyConfigResponse`)** ```json { "httpFirewallPolicyJSON": "bytes" } ``` **调用示例** ```bash curl -X POST "https://backend.dooki.cloud/HTTPFirewallPolicyService/findEnabledHTTPFirewallPolicyConfig" \ -H "Content-Type: application/json" \ -H "X-Edge-Access-Token: " \ -d '{ ... }' ``` --- ## findServerIdWithHTTPFirewallPolicyId > 获取防火墙对应的网站ID - 角色:`admin`, `user` - HTTP:`POST https://backend.dooki.cloud/HTTPFirewallPolicyService/findServerIdWithHTTPFirewallPolicyId` - RPC:`rpc findServerIdWithHTTPFirewallPolicyId(FindServerIdWithHTTPFirewallPolicyIdRequest) returns (FindServerIdWithHTTPFirewallPolicyIdResponse);` **请求对象 (`FindServerIdWithHTTPFirewallPolicyIdRequest`)** ```json { "httpFirewallPolicyId": "int64 // 防火墙策略ID" } ``` **响应对象 (`FindServerIdWithHTTPFirewallPolicyIdResponse`)** ```json { "serverId": "int64 // 防火墙策略对应的网站ID,公共的防火墙策略的网站ID为0" } ``` **调用示例** ```bash curl -X POST "https://backend.dooki.cloud/HTTPFirewallPolicyService/findServerIdWithHTTPFirewallPolicyId" \ -H "Content-Type: application/json" \ -H "X-Edge-Access-Token: " \ -d '{ ... }' ``` --- ## importHTTPFirewallPolicy > 导入策略数据 - 角色:`admin` - HTTP:`POST https://backend.dooki.cloud/HTTPFirewallPolicyService/importHTTPFirewallPolicy` - RPC:`rpc importHTTPFirewallPolicy (ImportHTTPFirewallPolicyRequest) returns (RPCSuccess);` **请求对象 (`ImportHTTPFirewallPolicyRequest`)** ```json { "httpFirewallPolicyId": "int64", "httpFirewallPolicyJSON": "bytes" } ``` **响应对象 (`RPCSuccess`)** ```json {} ``` **调用示例** ```bash curl -X POST "https://backend.dooki.cloud/HTTPFirewallPolicyService/importHTTPFirewallPolicy" \ -H "Content-Type: application/json" \ -H "X-Edge-Access-Token: " \ -d '{ ... }' ``` --- ## listEnabledHTTPFirewallPolicies > 列出单页的防火墙策略 - 角色:`admin` - HTTP:`POST https://backend.dooki.cloud/HTTPFirewallPolicyService/listEnabledHTTPFirewallPolicies` - RPC:`rpc listEnabledHTTPFirewallPolicies (ListEnabledHTTPFirewallPoliciesRequest) returns (ListEnabledHTTPFirewallPoliciesResponse);` **请求对象 (`ListEnabledHTTPFirewallPoliciesRequest`)** ```json { "offset": "int64 // 读取位置", "size": "int64 // 数量,通常不能小于0", "keyword": "string // 关键词", "nodeClusterId": "int64 // 集群ID" } ``` **响应对象 (`ListEnabledHTTPFirewallPoliciesResponse`)** ```json { "httpFirewallPolicies": "[]HTTPFirewallPolicy" } ``` **调用示例** ```bash curl -X POST "https://backend.dooki.cloud/HTTPFirewallPolicyService/listEnabledHTTPFirewallPolicies" \ -H "Content-Type: application/json" \ -H "X-Edge-Access-Token: " \ -d '{ ... }' ``` --- ## updateHTTPFirewallInboundConfig > 修改inbound信息 - 角色:`admin`, `user` - HTTP:`POST https://backend.dooki.cloud/HTTPFirewallPolicyService/updateHTTPFirewallInboundConfig` - RPC:`rpc updateHTTPFirewallInboundConfig (UpdateHTTPFirewallInboundConfigRequest) returns (RPCSuccess);` **请求对象 (`UpdateHTTPFirewallInboundConfigRequest`)** ```json { "httpFirewallPolicyId": "int64", "inboundJSON": "bytes" } ``` **响应对象 (`RPCSuccess`)** ```json {} ``` **调用示例** ```bash curl -X POST "https://backend.dooki.cloud/HTTPFirewallPolicyService/updateHTTPFirewallInboundConfig" \ -H "Content-Type: application/json" \ -H "X-Edge-Access-Token: " \ -d '{ ... }' ``` --- ## updateHTTPFirewallPolicy > 修改防火墙策略 - 角色:`admin` - HTTP:`POST https://backend.dooki.cloud/HTTPFirewallPolicyService/updateHTTPFirewallPolicy` - RPC:`rpc updateHTTPFirewallPolicy (UpdateHTTPFirewallPolicyRequest) returns (RPCSuccess);` **请求对象 (`UpdateHTTPFirewallPolicyRequest`)** ```json { "httpFirewallPolicyId": "int64", "isOn": "bool // 是否启用", "name": "string // 名称", "description": "string // 描述(备注)", "firewallGroupCodes": "[]string", "blockOptionsJSON": "bytes // 阻止动作配置", "pageOptionsJSON": "bytes // 显示网页动作配置", "captchaOptionsJSON": "bytes // 验证码动作配置", "jsCookieOptionsJSON": "bytes // JSCookie动作配置", "mode": "string", "useLocalFirewall": "bool // 是否使用本地防火墙", "synFloodJSON": "bytes // SYN Flood相关配置", "LogJSON": "bytes // 日志相关配置", "maxRequestBodySize": "int64 // 最大文件尺寸,单位为字节", "denyCountryHTML": "string // 区域封禁提示", "denyProvinceHTML": "string // 省份封禁提示" } ``` **响应对象 (`RPCSuccess`)** ```json {} ``` **调用示例** ```bash curl -X POST "https://backend.dooki.cloud/HTTPFirewallPolicyService/updateHTTPFirewallPolicy" \ -H "Content-Type: application/json" \ -H "X-Edge-Access-Token: " \ -d '{ ... }' ``` --- ## updateHTTPFirewallPolicyGroups > 修改分组信息 - 角色:`admin`, `user` - HTTP:`POST https://backend.dooki.cloud/HTTPFirewallPolicyService/updateHTTPFirewallPolicyGroups` - RPC:`rpc updateHTTPFirewallPolicyGroups (UpdateHTTPFirewallPolicyGroupsRequest) returns (RPCSuccess);` **请求对象 (`UpdateHTTPFirewallPolicyGroupsRequest`)** ```json { "httpFirewallPolicyId": "int64", "inboundJSON": "bytes", "outboundJSON": "bytes" } ``` **响应对象 (`RPCSuccess`)** ```json {} ``` **调用示例** ```bash curl -X POST "https://backend.dooki.cloud/HTTPFirewallPolicyService/updateHTTPFirewallPolicyGroups" \ -H "Content-Type: application/json" \ -H "X-Edge-Access-Token: " \ -d '{ ... }' ``` ---