search

teler-sh / teler-waf

teler-waf is a Go HTTP middleware that protects local web services from OWASP Top 10 threats, known vulnerabilities, malicious actors, botnets, unwanted crawlers, and brute force attacks.
https://test.teler.sh
Apache License 2.0
344 stars 32 forks source link

refactor: use pcre regexp engine for custom rule #92

Closed dwisiswant0 closed 1 year ago

dwisiswant0 commented 1 year ago

IMPORTANT: Please do not create a PR without creating an issue first!

(Any change needs to be discussed before proceeding. Failure to do so may result in the rejection of the pull request).

Summary

Supporting PCRE pattern for custom rule condition.

Proposed of changes

This PR fixes/implements the following bugs/features:

How has this been tested?

Proof:

Before

$ go test -run "^$" -bench "^BenchmarkInitializeCustomRule" -cpu=4 -count 10 | tee /tmp/old.txt 
goos: linux
goarch: amd64
pkg: github.com/kitabisa/teler-waf
cpu: 11th Gen Intel(R) Core(TM) i9-11900H @ 2.50GHz
BenchmarkInitializeCustomRules-4           1    2137316062 ns/op    51628184 B/op     137066 allocs/op
BenchmarkInitializeCustomRules-4          64      16842722 ns/op    40538818 B/op      86929 allocs/op
BenchmarkInitializeCustomRules-4          58      19287922 ns/op    40538565 B/op      86927 allocs/op
BenchmarkInitializeCustomRules-4          61      18448952 ns/op    40539070 B/op      86928 allocs/op
BenchmarkInitializeCustomRules-4          61      20377034 ns/op    40539019 B/op      86929 allocs/op
BenchmarkInitializeCustomRules-4          62      17853707 ns/op    40538648 B/op      86927 allocs/op
BenchmarkInitializeCustomRules-4          66      18291841 ns/op    40538705 B/op      86928 allocs/op
BenchmarkInitializeCustomRules-4          55      18771989 ns/op    40538675 B/op      86928 allocs/op
BenchmarkInitializeCustomRules-4          54      19569256 ns/op    40538421 B/op      86926 allocs/op
BenchmarkInitializeCustomRules-4          57      18205604 ns/op    40538455 B/op      86926 allocs/op
PASS
ok      github.com/kitabisa/teler-waf   14.273s

After

$ go test -run "^$" -bench "^BenchmarkInitializeCustomRule" -cpu=4 -count 10 | tee /tmp/new.txt 
goos: linux
goarch: amd64
pkg: github.com/kitabisa/teler-waf
cpu: 11th Gen Intel(R) Core(TM) i9-11900H @ 2.50GHz
BenchmarkInitializeCustomRules-4           1    1843819726 ns/op    51602368 B/op     137023 allocs/op
BenchmarkInitializeCustomRules-4          61      19268530 ns/op    40536153 B/op      86902 allocs/op
BenchmarkInitializeCustomRules-4          52      19921854 ns/op    40535659 B/op      86901 allocs/op
BenchmarkInitializeCustomRules-4          62      17659282 ns/op    40535529 B/op      86900 allocs/op
BenchmarkInitializeCustomRules-4          56      18588371 ns/op    40535385 B/op      86900 allocs/op
BenchmarkInitializeCustomRules-4          52      19926338 ns/op    40535689 B/op      86901 allocs/op
BenchmarkInitializeCustomRules-4          69      19771510 ns/op    40535983 B/op      86902 allocs/op
BenchmarkInitializeCustomRules-4          52      20148745 ns/op    40535630 B/op      86901 allocs/op
BenchmarkInitializeCustomRules-4          66      18331248 ns/op    40535946 B/op      86902 allocs/op
BenchmarkInitializeCustomRules-4          58      17675152 ns/op    40536178 B/op      86902 allocs/op
PASS
ok      github.com/kitabisa/teler-waf   13.790s

Conclusion

$ benchstat old.txt new.txt 
goos: linux
goarch: amd64
pkg: github.com/kitabisa/teler-waf
cpu: 11th Gen Intel(R) Core(TM) i9-11900H @ 2.50GHz
                        │   old.txt   │            new.txt            │
                        │   sec/op    │   sec/op     vs base          │
InitializeCustomRules-4   18.61m ± 9%   19.52m ± 9%  ~ (p=0.579 n=10)

                        │   old.txt    │               new.txt               │
                        │     B/op     │     B/op      vs base               │
InitializeCustomRules-4   38.66Mi ± 0%   38.66Mi ± 0%  -0.01% (p=0.001 n=10)

                        │   old.txt   │              new.txt               │
                        │  allocs/op  │  allocs/op   vs base               │
InitializeCustomRules-4   86.93k ± 0%   86.90k ± 0%  -0.03% (p=0.001 n=10)

Closing issues

Fixes #83

Checklist:

codecov-commenter commented 1 year ago

Codecov Report

Patch coverage: 80.00% and project coverage change: -0.97% :warning:

Comparison is base (d700f3b) 79.88% compared to head (024aca9) 78.91%. Report is 8 commits behind head on master.

Additional details and impacted files ```diff @@ Coverage Diff @@ ## master #92 +/- ## ========================================== - Coverage 79.88% 78.91% -0.97% ========================================== Files 5 5 Lines 1059 1034 -25 ========================================== - Hits 846 816 -30 - Misses 162 164 +2 - Partials 51 54 +3 ``` | [Files Changed](https://app.codecov.io/gh/kitabisa/teler-waf/pull/92?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=kitabisa) | Coverage Δ | | |---|---|---| | [analyze.go](https://app.codecov.io/gh/kitabisa/teler-waf/pull/92?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=kitabisa#diff-YW5hbHl6ZS5nbw==) | `74.84% <80.00%> (+0.06%)` | :arrow_up: | | [teler.go](https://app.codecov.io/gh/kitabisa/teler-waf/pull/92?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=kitabisa#diff-dGVsZXIuZ28=) | `77.41% <80.00%> (-2.79%)` | :arrow_down: |

:umbrella: View full report in Codecov by Sentry.
:loudspeaker: Have feedback on the report? Share it here.