请教：CC防护没起作用

[lesvere]

twaf_access_rule.json

  {
      "host":"adminer.domain.com",
      "port":80,
      "path":"/",
      "forward":"adminers",
      "forward_addr": "10.0.3.6",
      "forward_port": 8080,
      "uuid":"7705b968d3c9b54989deb8b1304ff7ad",
      "policy": "twaf_policy_conf"
  }

twaf_policy_conf.json

  {
      ...
      "twaf_limit_conn": {
          "state":true,
          "trigger_thr":{    
              "req_flow_max":10,
              "req_count_max":1
          },
          "clean_thr":{
              "new_conn_max":40,
              "conn_max":100,
              "req_max":50,
              "uri_frequency_max": 3000
          },
          "attacks": 0,
          "action":"DENY",
          "action_meta":403
      }
  }

实际测试 ab -n 50 -c 8 http://adminer.domain.com/

http code 均为 200，并不为配置中的 403.

请问，是我哪里操作有问题么？

版本为当前 github 中 master 分支。

[lesvere]

以下为 openwaf_access.log

...
10.0.0.1 - - [04/Jun/2022:15:53:31 +0800] "GET /api/stat HTTP/1.0" 200 812 "-" "ApacheBench/2.3" - 172.18.0.8:80 "waf-statis.domain.com" 0.003 twaf_policy_conf 0bf5aae3d189b492dd7a8b45f0d5d393 -
10.0.0.1 - - [04/Jun/2022:15:53:31 +0800] "GET /api/stat HTTP/1.0" 200 812 "-" "ApacheBench/2.3" - 172.18.0.8:80 "waf-statis.domain.com" 0.002 twaf_policy_conf 3bb14a83772c3e1790414d902c11f329 -
10.0.0.1 - - [04/Jun/2022:15:53:31 +0800] "GET /api/stat HTTP/1.0" 200 812 "-" "ApacheBench/2.3" - 172.18.0.8:80 "waf-statis.domain.com" 0.001 twaf_policy_conf d3c5dfd0fcf3ea57cdbbdb4b48b0ca5d -
10.0.0.1 - - [04/Jun/2022:15:53:31 +0800] "GET /api/stat HTTP/1.0" 200 810 "-" "ApacheBench/2.3" - 172.18.0.8:80 "waf-statis.domain.com" 0.012 twaf_policy_conf 87fcff80fdf109045a38b0ab24afcd47 -
10.0.0.1 - - [04/Jun/2022:15:53:31 +0800] "GET /api/stat HTTP/1.0" 200 810 "-" "ApacheBench/2.3" - 172.18.0.8:80 "waf-statis.domain.com" 0.016 twaf_policy_conf 41c7d49907592a0f9e17a121e07dc52e -
10.0.0.1 - - [04/Jun/2022:15:53:31 +0800] "GET /api/stat HTTP/1.0" 200 812 "-" "ApacheBench/2.3" - 172.18.0.8:80 "waf-statis.domain.com" 0.003 twaf_policy_conf da3437ccaae6cc8b62d4d3f13d54388d -
10.0.0.1 - - [04/Jun/2022:15:53:31 +0800] "GET /api/stat HTTP/1.0" 200 812 "-" "ApacheBench/2.3" - 172.18.0.8:80 "waf-statis.domain.com" 0.010 twaf_policy_conf 8a91132ade1bf8f69b5045fa9494d237 -
10.0.0.1 - - [04/Jun/2022:15:53:31 +0800] "GET /api/stat HTTP/1.0" 200 812 "-" "ApacheBench/2.3" - 172.18.0.8:80 "waf-statis.domain.com" 0.010 twaf_policy_conf 269ff6c763ef68a51f29e7cca96c6c62 -
10.0.0.1 - - [04/Jun/2022:15:53:31 +0800] "GET /api/stat HTTP/1.0" 200 812 "-" "ApacheBench/2.3" - 172.18.0.8:80 "waf-statis.domain.com" 0.008 twaf_policy_conf 3c884dbe4c10910b7e2f443f55d4c1bd -

10.0.0.1 - - [04/Jun/2022:16:00:51 +0800] "GET /?server=mysql HTTP/1.1" 200 5281 "http://adminer.domain.com/?server=mysql&username=root" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.0.0 Safari/537.36" - 172.18.0.8:80 "adminer.domain.com" 0.027 twaf_policy_conf efedd207ed7c02b31e54849511b56645 -
10.0.0.1 - - [04/Jun/2022:16:00:52 +0800] "GET /adminer.css?v=3237994901 HTTP/1.1" 200 16060 "http://adminer.domain.com/?server=mysql" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.0.0 Safari/537.36" - 172.18.0.8:80 "adminer.domain.com" 0.002 twaf_policy_conf e88a995f3eb5578dc57641357c1d1f25 -
10.0.0.1 - - [04/Jun/2022:16:00:52 +0800] "GET /adminer.css?v=3237994901 HTTP/1.1" 200 16060 "http://adminer.domain.com/adminer.css?v=3237994901" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.0.0 Safari/537.36" - 172.18.0.8:80 "adminer.domain.com" 0.002 twaf_policy_conf 8794a7e71aaf89e44700b5e657058c7d -

以下为ab日志：

☁  ~  ab -n 50 -c 8 http://adminer.domain.com/
This is ApacheBench, Version 2.3 <$Revision: 1879490 $>
Copyright 1996 Adam Twiss, Zeus Technology Ltd, http://www.zeustech.net/
Licensed to The Apache Software Foundation, http://www.apache.org/

Benchmarking adminer.domain.com (be patient).....done


Server Software:
Server Hostname:        adminer.domain.com
Server Port:            80

Document Path:          /
Document Length:        4503 bytes

Concurrency Level:      8
Time taken for tests:   0.836 seconds
Complete requests:      50
Failed requests:        9
   (Connect: 0, Receive: 0, Length: 9, Exceptions: 0)
Total transferred:      263644 bytes
HTML transferred:       225144 bytes
Requests per second:    59.84 [#/sec] (mean)
Time per request:       133.696 [ms] (mean)
Time per request:       16.712 [ms] (mean, across all concurrent requests)
Transfer rate:          308.12 [Kbytes/sec] received

Connection Times (ms)
              min  mean[+/-sd] median   max
Connect:        0    0   0.3      0       1
Processing:    23  121  30.6    124     168
Waiting:       22  120  30.6    123     167
Total:         23  121  30.5    124     170

Percentage of the requests served within a certain time (ms)
  50%    124
  66%    129
  75%    132
  80%    134
  90%    158
  95%    163
  98%    170
  99%    170
 100%    170 (longest request)

[lesvere]

我竟然产生了，放到生产去跑的想法。罪过。

[lesvere]

nginx -s reload pid飞了。