Merge pull request #930 from bunkerity/dev

Add whitelist check for the default-server as well and fix bad behavior whitelist check

CHANGELOG.md

@@ -4,6 +4,7 @@
 
 - [LINUX] Support RHEL 9.3
 - [BUGFIX] Fix issues with the antibot feature ([#866](https://github.com/bunkerity/bunkerweb/issues/866), [#870](https://github.com/bunkerity/bunkerweb/issues/870))
+- [BUGFIX] Fix Bad behavior whitelist check in access phase
 - [UI] Add bans management page in the web UI
 - [UI] Add blocked requests page in the web UI
 - [UI] Add the possibility to clone a service in the web UI
@@ -13,6 +14,7 @@
 - [FEATURE] Add Redis Sentinel support for bwcli
 - [FEATURE] Add new Metrics core plugin that will allow metrics collection and retrieval of internal metrics
 - [FEATURE] Add setting DATABASE_LOG_LEVEL to control SQLAlchemy loggers separately from the main one
+- [FEATURE] Add whitelist check for the default-server as well
 - [MISC] Add a better custom certificate cache handling
 - [MISC] Updated Linux base images in Dockerfiles
 - [MISC] Add recommended dialects to databases string

src/common/core/badbehavior/badbehavior.lua

@@ -21,7 +21,7 @@ end
 
 function badbehavior:log()
 	-- Check if we are whitelisted
-	if is_whitelisted(self.ctx) == "yes" then
+	if is_whitelisted(self.ctx) then
 		return self:ret(true, "client is whitelisted")
 	end
 	-- Check if bad behavior is activated

src/common/core/order.json

@@ -42,6 +42,13 @@
     "reversescan"
   ],
   "log_stream": ["badbehavior", "bunkernet"],
-  "log_default": ["badbehavior", "bunkernet", "errors", "misc", "metrics"],
+  "log_default": [
+    "whitelist",
+    "badbehavior",
+    "bunkernet",
+    "errors",
+    "misc",
+    "metrics"
+  ],
   "timer": ["metrics"]
 }

src/common/core/whitelist/whitelist.lua

@@ -170,6 +170,10 @@ function whitelist:preread()
 	return self:access()
 end
 
+function whitelist:log_default()
+	return self:access()
+end
+
 function whitelist:kind_to_ele(kind)
 	if kind == "IP" then
 		return "ip" .. self.ctx.bw.remote_addr