| Title | Date | Excerpt | Tags | Team | Sponsor | Mentor | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Custom WAF Generator |
2023-02-28 |
Unified UI using which customer can generate custom WAF bundle. |
|
|
|
Main purpose of this project is to have a unified tool/UI using which customer can create custom WAF bundles as per their WAF product requirement.
F5 has diversified products like BIG-IP, Nginx App Protect (NAP) and F5 Distributed Cloud (F5 XC) covering needs as per customer requirements. Currently we don't have a way for customers to generate custom WAF signatures. Waf custom signature Generator (WafGen) aims to make this workflow smooth and ridiculously easy by allowing them to create custom WAF bundles as per user inputs and per WAF engine.
WafGen offers a unified GUI that allows customers to generate custom WAF bundle for all 3 flavors of WAF.
Application is written in flask, deployed as k8s service and finally published on F5 XC load balancer over internet so users can access the application.
API collection is readily available in repo so users can use them and below are some details about API implementation.
| Valid API Endpoints | Allowed HTTP Methods | param options |
|---|---|---|
| / | GET & POST | |
| /download_file/[target] | GET | target = bigip/nap/xc |
Below is the sample form data payload for sending POST request to API Endpoint /
"formdata": [
{
"key": "name",
"value": "custom-waf-sig",
"type": "default"
},
{
"key": "target",
"value": "xc",
"type": "default"
},
{
"key": "apply_to",
"value": "Request",
"type": "default"
},
{
"key": "attack_type",
"value": "Abuse of functionality",
"type": "default"
},
{
"key": "rule",
"value": "Header",
"type": "default"
},
{
"key": "key",
"value": "custom-hdr",
"type": "default"
},
{
"key": "val",
"value": "<script>",
"type": "default"
},
{
"key": "accuracy",
"value": "HIGH",
"type": "default"
},
{
"key": "priority",
"value": "HIGH",
"type": "default"
}
]
Below are the steps for creating custom WAF bundle through UI:
- Open browser and navigate to
https://wafgen.f5-hyd-demo.com. - Provide all user inputs and then click on
Submitbutton. - From page, users can either
copyordownloadthe populated WAF signature data. - Next as a optional step, customers can import this bundle in any of the WAF engines and add it to their WAF configuration (Note: this is not covered as part of the project).
If users don't want to use publicly available DNS, they can deploy this application locally in below ways:
- Build docker image using Dockerfile and create container from it. Refer docker build and run docs for more info.
- In docker enginer user's can run
docker run --name wafgen -d -p 80:8000 registry.gitlab.com/sbmmsra/waf-signature-generatorto run it as container and expose it on 80 port. - We can also run this code as k8s service by simply running
kubectl apply -f custom_waf_flask.ymlwhich will bring up k8s deployment and service (NOTE:you should have access to k8s cluser using kubeconfig and svc is available on port 8000).
This project provides a unified UI to create custom WAF bundle as per customer WAF requirements.
Python, Flask, Jinja2 and html
https://web.microsoftstream.com/video/01ab1231-26ab-4bc2-86b6-3a1c2e22f9f1
Reach out to the principal researchers if you are interested in supporting this project.
| Role | Skills |
|---|---|
| UI Developer | html, css, Node, JS |
| API Developer | API, Flask, JS, Node |