简化IP名单中创建IP操作/支持IP以CIDR方式显示

internal/db/models/ip_item_dao.go

@@ -14,6 +14,7 @@ import (
 	"github.com/iwind/TeaGo/lists"
 	"github.com/iwind/TeaGo/types"
 	"net"
+	"strings"
 	"time"
 )
 
@@ -155,6 +156,59 @@ func (this *IPItemDAO) DisableIPItemsWithIP(tx *dbs.Tx, ipFrom string, ipTo stri
 	return nil
 }
 
+// DisableIPItemsWithIPValue 禁用某个IP相关条目
+func (this *IPItemDAO) DisableIPItemsWithIPValue(tx *dbs.Tx, value string, sourceUserId int64, listId int64) error {
+	if len(value) == 0 {
+		return errors.New("invalid 'value'")
+	}
+
+	var query = this.Query(tx).
+		Result("id", "listId").
+		Attr("value", value).
+		State(IPItemStateEnabled)
+
+	if listId > 0 {
+		query.Attr("listId", listId)
+	}
+
+	if sourceUserId > 0 {
+		query.Attr("sourceUserId", sourceUserId)
+	}
+
+	ones, err := query.FindAll()
+	if err != nil {
+		return err
+	}
+
+	var itemIds = []int64{}
+	for _, one := range ones {
+		var item = one.(*IPItem)
+		var itemId = int64(item.Id)
+		itemIds = append(itemIds, itemId)
+	}
+
+	for _, itemId := range itemIds {
+		version, err := SharedIPListDAO.IncreaseVersion(tx)
+		if err != nil {
+			return err
+		}
+
+		_, err = this.Query(tx).
+			Pk(itemId).
+			Set("state", IPItemStateDisabled).
+			Set("version", version).
+			Update()
+		if err != nil {
+			return err
+		}
+	}
+
+	if len(itemIds) > 0 {
+		return this.NotifyUpdate(tx, itemIds[len(itemIds)-1])
+	}
+	return nil
+}
+
 // DisableIPItemsWithListId 禁用某个IP名单内的所有IP
 func (this *IPItemDAO) DisableIPItemsWithListId(tx *dbs.Tx, listId int64) error {
 	for {
@@ -236,9 +290,46 @@ func (this *IPItemDAO) DeleteOldItem(tx *dbs.Tx, listId int64, ipFrom string, ip
 	return nil
 }
 
+// DeleteOldItemWithValue 根据IP删除以前的旧记录
+func (this *IPItemDAO) DeleteOldItemWithValue(tx *dbs.Tx, listId int64, value string) error {
+	if len(value) == 0 {
+		return nil
+	}
+	ones, err := this.Query(tx).
+		ResultPk().
+		UseIndex("ipFrom").
+		Attr("listId", listId).
+		Attr("value", value).
+		Attr("state", IPItemStateEnabled).
+		FindAll()
+	if err != nil {
+		return err
+	}
+
+	for _, one := range ones {
+		var itemId = int64(one.(*IPItem).Id)
+		version, err := SharedIPListDAO.IncreaseVersion(tx)
+		if err != nil {
+			return err
+		}
+
+		err = this.Query(tx).
+			Pk(itemId).
+			Set("version", version).
+			Set("state", IPItemStateDisabled).
+			UpdateQuickly()
+		if err != nil {
+			return err
+		}
+	}
+
+	return nil
+}
+
 // CreateIPItem 创建IP
 func (this *IPItemDAO) CreateIPItem(tx *dbs.Tx,
 	listId int64,
+	value string,
 	ipFrom string,
 	ipTo string,
 	expiredAt int64,
@@ -253,6 +344,15 @@ func (this *IPItemDAO) CreateIPItem(tx *dbs.Tx,
 	sourceHTTPFirewallRuleGroupId int64,
 	sourceHTTPFirewallRuleSetId int64,
 	shouldNotify bool) (int64, error) {
+	// generate 'itemType'
+	if itemType != IPItemTypeAll && len(ipFrom) > 0 {
+		if iputils.IsIPv4(ipFrom) {
+			itemType = IPItemTypeIPv4
+		} else if iputils.IsIPv6(ipFrom) {
+			itemType = IPItemTypeIPv6
+		}
+	}
+
 	version, err := SharedIPListDAO.IncreaseVersion(tx)
 	if err != nil {
 		return 0, err
@@ -260,6 +360,7 @@ func (this *IPItemDAO) CreateIPItem(tx *dbs.Tx,
 
 	var op = NewIPItemOperator()
 	op.ListId = listId
+	op.Value = value
 	op.IpFrom = ipFrom
 	op.IpTo = ipTo
 
@@ -318,11 +419,20 @@ func (this *IPItemDAO) CreateIPItem(tx *dbs.Tx,
 }
 
 // UpdateIPItem 修改IP
-func (this *IPItemDAO) UpdateIPItem(tx *dbs.Tx, itemId int64, ipFrom string, ipTo string, expiredAt int64, reason string, itemType IPItemType, eventLevel string) error {
+func (this *IPItemDAO) UpdateIPItem(tx *dbs.Tx, itemId int64, value string, ipFrom string, ipTo string, expiredAt int64, reason string, itemType IPItemType, eventLevel string) error {
 	if itemId <= 0 {
 		return errors.New("invalid itemId")
 	}
 
+	// generate 'itemType'
+	if itemType != IPItemTypeAll && len(ipFrom) > 0 {
+		if iputils.IsIPv4(ipFrom) {
+			itemType = IPItemTypeIPv4
+		} else if iputils.IsIPv6(ipFrom) {
+			itemType = IPItemTypeIPv6
+		}
+	}
+
 	listId, err := this.Query(tx).
 		Pk(itemId).
 		Result("listId").
@@ -341,6 +451,7 @@ func (this *IPItemDAO) UpdateIPItem(tx *dbs.Tx, itemId int64, ipFrom string, ipT
 
 	var op = NewIPItemOperator()
 	op.Id = itemId
+	op.Value = value
 	op.IpFrom = ipFrom
 	op.IpTo = ipTo
 
@@ -711,6 +822,60 @@ func (this *IPItemDAO) CleanExpiredIPItems(tx *dbs.Tx) error {
 	return nil
 }
 
+// ParseIPValue 解析IP值
+func (this *IPItemDAO) ParseIPValue(value string) (newValue string, ipFrom string, ipTo string, ok bool) {
+	if len(value) == 0 {
+		return
+	}
+
+	newValue = value
+
+	// ip1-ip2
+	if strings.Contains(value, "-") {
+		var pieces = strings.Split(value, "-")
+		if len(pieces) != 2 {
+			return
+		}
+
+		ipFrom = strings.TrimSpace(pieces[0])
+		ipTo = strings.TrimSpace(pieces[1])
+
+		if !iputils.IsValid(ipFrom) || !iputils.IsValid(ipTo) {
+			return
+		}
+
+		if !iputils.IsSameVersion(ipFrom, ipTo) {
+			return
+		}
+
+		if iputils.CompareIP(ipFrom, ipTo) > 0 {
+			ipFrom, ipTo = ipTo, ipFrom
+			newValue = ipFrom + "-" + ipTo
+		}
+
+		ok = true
+		return
+	}
+
+	// ip/mask
+	if strings.Contains(value, "/") {
+		cidr, err := iputils.ParseCIDR(value)
+		if err != nil {
+			return
+		}
+		return newValue, cidr.From().String(), cidr.To().String(), true
+	}
+
+	// single value
+	if iputils.IsValid(value) {
+		ipFrom = value
+		ok = true
+		return
+	}
+
+	return
+}
+
 // NotifyUpdate 通知更新
 func (this *IPItemDAO) NotifyUpdate(tx *dbs.Tx, itemId int64) error {
 	// 获取ListId

internal/db/models/ip_item_dao_test.go

@@ -51,7 +51,8 @@ func TestIPItemDAO_CreateManyIPs(t *testing.T) {
 	var dao = models.NewIPItemDAO()
 	var n = 10
 	for i := 0; i < n; i++ {
-		itemId, err := dao.CreateIPItem(tx, firewallconfigs.GlobalListId, "192."+types.String(rands.Int(0, 255))+"."+types.String(rands.Int(0, 255))+"."+types.String(rands.Int(0, 255)), "", time.Now().Unix()+86400, "test", models.IPItemTypeIPv4, "warning", 0, 0, 0, 0, 0, 0, 0, false)
+		var ip = "192." + types.String(rands.Int(0, 255)) + "." + types.String(rands.Int(0, 255)) + "." + types.String(rands.Int(0, 255))
+		itemId, err := dao.CreateIPItem(tx, firewallconfigs.GlobalListId, ip, ip, "", time.Now().Unix()+86400, "test", models.IPItemTypeIPv4, "warning", 0, 0, 0, 0, 0, 0, 0, false)
 		if err != nil {
 			t.Fatal(err)
 		}
@@ -74,3 +75,16 @@ func TestIPItemDAO_DisableIPItemsWithIP(t *testing.T) {
 	}
 	t.Log("ok")
 }
+
+func TestIPItemDAO_ParseIPValue(t *testing.T) {
+	var dao = models.NewIPItemDAO()
+	t.Log(dao.ParseIPValue("192.168.1.100"))
+	t.Log(dao.ParseIPValue("192.168.1.100-192.168.1.200"))
+	t.Log(dao.ParseIPValue("192.168.1.200-192.168.1.100"))
+	t.Log(dao.ParseIPValue("192.168.1.100/24"))
+	t.Log(dao.ParseIPValue("::1"))
+	t.Log(dao.ParseIPValue("192.168.1.100-::2"))
+	t.Log(dao.ParseIPValue("192"))
+	t.Log(dao.ParseIPValue("192.168.1.200/256"))
+	t.Log(dao.ParseIPValue("192.168.1.200-"))
+}

internal/db/models/ip_item_model.go

@@ -5,6 +5,7 @@ import "github.com/iwind/TeaGo/dbs"
 const (
 	IPItemField_Id                            dbs.FieldName = "id"                            // ID
 	IPItemField_ListId                        dbs.FieldName = "listId"                        // 所属名单ID
+	IPItemField_Value                         dbs.FieldName = "value"                         // 原始值
 	IPItemField_Type                          dbs.FieldName = "type"                          // 类型
 	IPItemField_IpFrom                        dbs.FieldName = "ipFrom"                        // 开始IP
 	IPItemField_IpTo                          dbs.FieldName = "ipTo"                          // 结束IP
@@ -32,6 +33,7 @@ const (
 type IPItem struct {
 	Id                            uint64 `field:"id"`                            // ID
 	ListId                        uint32 `field:"listId"`                        // 所属名单ID
+	Value                         string `field:"value"`                         // 原始值
 	Type                          string `field:"type"`                          // 类型
 	IpFrom                        string `field:"ipFrom"`                        // 开始IP
 	IpTo                          string `field:"ipTo"`                          // 结束IP
@@ -58,6 +60,7 @@ type IPItem struct {
 type IPItemOperator struct {
 	Id                            any // ID
 	ListId                        any // 所属名单ID
+	Value                         any // 原始值
 	Type                          any // 类型
 	IpFrom                        any // 开始IP
 	IpTo                          any // 结束IP

internal/db/models/ip_item_model_ext.go

@@ -1 +1,15 @@
 package models
+
+// ComposeValue 组合原始值
+func (this *IPItem) ComposeValue() string {
+	if len(this.Value) > 0 {
+		return this.Value
+	}
+
+	// 兼容以往版本
+	if len(this.IpTo) > 0 {
+		return this.IpFrom + "-" + this.IpTo
+	}
+
+	return this.IpFrom
+}

internal/db/models/server_bandwidth_stat_dao_test.go

@@ -16,7 +16,7 @@ import (
 func TestServerBandwidthStatDAO_UpdateServerBandwidth(t *testing.T) {
 	var dao = models.NewServerBandwidthStatDAO()
 	var tx *dbs.Tx
-	err := dao.UpdateServerBandwidth(tx, 1, 1, 0, 0, timeutil.Format("Ymd"), timeutil.FormatTime("Hi", time.Now().Unix()/300*300), 1024, 300, 0, 0, 0, 0, 0)
+	err := dao.UpdateServerBandwidth(tx, 1, 1, 0, 0, timeutil.Format("Ymd"), timeutil.FormatTime("Hi", time.Now().Unix()/300*300), 1024, 300, 0, 0, 0, 0, 0, 0)
 	if err != nil {
 		t.Fatal(err)
 	}
@@ -33,7 +33,7 @@ func TestSeverBandwidthStatDAO_InsertManyStats(t *testing.T) {
 		}
 		var day = timeutil.Format("Ymd", time.Now().AddDate(0, 0, -rands.Int(0, 200)))
 		var minute = fmt.Sprintf("%02d%02d", rands.Int(0, 23), rands.Int(0, 59))
-		err := dao.UpdateServerBandwidth(tx, 1, int64(rands.Int(1, 10000)), 0, 0, day, minute, 1024, 300, 0, 0, 0, 0, 0)
+		err := dao.UpdateServerBandwidth(tx, 1, int64(rands.Int(1, 10000)), 0, 0, day, minute, 1024, 300, 0, 0, 0, 0, 0, 0)
 		if err != nil {
 			t.Fatal(err)
 		}

internal/rpc/services/service_http_firewall_policy.go

@@ -743,6 +743,7 @@ func (this *HTTPFirewallPolicyService) CheckHTTPFirewallPolicyIPStatus(ctx conte
 					IpList:    &pb.IPList{Name: listName, Id: listId},
 					IpItem: &pb.IPItem{
 						Id:         int64(item.Id),
+						Value:      item.ComposeValue(),
 						IpFrom:     item.IpFrom,
 						IpTo:       item.IpTo,
 						ExpiredAt:  int64(item.ExpiredAt),
@@ -798,6 +799,7 @@ func (this *HTTPFirewallPolicyService) CheckHTTPFirewallPolicyIPStatus(ctx conte
 					IpList:    &pb.IPList{Name: listName, Id: listId},
 					IpItem: &pb.IPItem{
 						Id:         int64(item.Id),
+						Value:      item.ComposeValue(),
 						IpFrom:     item.IpFrom,
 						IpTo:       item.IpTo,
 						ExpiredAt:  int64(item.ExpiredAt),

internal/rpc/services/service_ip_item.go

@@ -6,6 +6,7 @@ import (
 	"github.com/TeaOSLab/EdgeAPI/internal/errors"
 	rpcutils "github.com/TeaOSLab/EdgeAPI/internal/rpc/utils"
 	"github.com/TeaOSLab/EdgeAPI/internal/utils"
+	"github.com/TeaOSLab/EdgeCommon/pkg/iputils"
 	"github.com/TeaOSLab/EdgeCommon/pkg/rpc/pb"
 	"github.com/TeaOSLab/EdgeCommon/pkg/serverconfigs/firewallconfigs"
 	"net"
@@ -25,20 +26,32 @@ func (this *IPItemService) CreateIPItem(ctx context.Context, req *pb.CreateIPIte
 		return nil, err
 	}
 
-	if len(req.IpFrom) == 0 {
+	if len(req.Value) > 0 {
-		return nil, errors.New("'ipFrom' should not be empty")
+		newValue, ipFrom, ipTo, ok := models.SharedIPItemDAO.ParseIPValue(req.Value)
+		if !ok {
+			return nil, errors.New("invalid 'value' format")
 		}
 
-	var ipFrom = net.ParseIP(req.IpFrom)
+		req.Value = newValue
-	if ipFrom == nil {
+		req.IpFrom = ipFrom
+		req.IpTo = ipTo
+	} else if req.Type != models.IPItemTypeAll {
+		if !iputils.IsValid(req.IpFrom) {
 			return nil, errors.New("invalid 'ipFrom'")
 		}
-
 		if len(req.IpTo) > 0 {
-		ipTo := net.ParseIP(req.IpTo)
+			if !iputils.IsValid(req.IpTo) {
-		if ipTo == nil {
 				return nil, errors.New("invalid 'ipTo'")
 			}
+
+			if !iputils.IsSameVersion(req.IpFrom, req.IpTo) {
+				return nil, errors.New("'ipFrom' and 'ipTo' should be in same version")
+			}
+
+			if iputils.CompareIP(req.IpFrom, req.IpTo) > 0 {
+				req.IpFrom, req.IpTo = req.IpTo, req.IpFrom
+			}
+		}
 	}
 
 	var tx = this.NullTx()
@@ -64,7 +77,7 @@ func (this *IPItemService) CreateIPItem(ctx context.Context, req *pb.CreateIPIte
 		return nil, err
 	}
 
-	itemId, err := models.SharedIPItemDAO.CreateIPItem(tx, req.IpListId, req.IpFrom, req.IpTo, req.ExpiredAt, req.Reason, req.Type, req.EventLevel, req.NodeId, req.ServerId, req.SourceNodeId, req.SourceServerId, req.SourceHTTPFirewallPolicyId, req.SourceHTTPFirewallRuleGroupId, req.SourceHTTPFirewallRuleSetId, true)
+	itemId, err := models.SharedIPItemDAO.CreateIPItem(tx, req.IpListId, req.Value, req.IpFrom, req.IpTo, req.ExpiredAt, req.Reason, req.Type, req.EventLevel, req.NodeId, req.ServerId, req.SourceNodeId, req.SourceServerId, req.SourceHTTPFirewallPolicyId, req.SourceHTTPFirewallRuleGroupId, req.SourceHTTPFirewallRuleSetId, true)
 	if err != nil {
 		return nil, err
 	}
@@ -84,19 +97,30 @@ func (this *IPItemService) CreateIPItems(ctx context.Context, req *pb.CreateIPIt
 
 	// 校验
 	for _, item := range req.IpItems {
-		if len(item.IpFrom) == 0 {
+		if len(item.Value) > 0 {
-			return nil, errors.New("'ipFrom' should not be empty")
+			newValue, ipFrom, ipTo, ok := models.SharedIPItemDAO.ParseIPValue(item.Value)
+			if !ok {
+				return nil, errors.New("invalid 'value': " + item.Value)
 			}
-
+			item.Value = newValue
-		var ipFrom = net.ParseIP(item.IpFrom)
+			item.IpFrom = ipFrom
-		if ipFrom == nil {
+			item.IpTo = ipTo
-			return nil, errors.New("invalid 'ipFrom'")
+		} else if item.Type != models.IPItemTypeAll {
+			if !iputils.IsValid(item.IpFrom) {
+				return nil, errors.New("invalid 'ipFrom': " + item.IpFrom)
 			}
-
 			if len(item.IpTo) > 0 {
-			ipTo := net.ParseIP(item.IpTo)
+				if !iputils.IsValid(item.IpTo) {
-			if ipTo == nil {
+					return nil, errors.New("invalid 'ipTo': " + item.IpTo)
-				return nil, errors.New("invalid 'ipTo'")
+				}
+
+				if !iputils.IsSameVersion(item.IpFrom, item.IpTo) {
+					return nil, errors.New("'ipFrom' (" + item.IpFrom + ") and 'ipTo' (" + item.IpTo + ") should be in same version")
+				}
+
+				if iputils.CompareIP(item.IpFrom, item.IpTo) > 0 {
+					item.IpFrom, item.IpTo = item.IpTo, item.IpFrom
+				}
 			}
 		}
 
@@ -117,21 +141,21 @@ func (this *IPItemService) CreateIPItems(ctx context.Context, req *pb.CreateIPIt
 	}
 
 	// 创建
-	// TODO 需要区分不同的用户
 	var ipItemIds = []int64{}
 	for index, item := range req.IpItems {
 		var shouldNotify = index == len(req.IpItems)-1
 
 		// 删除以前的
+		if len(item.Value) > 0 {
+			err = models.SharedIPItemDAO.DeleteOldItemWithValue(tx, item.IpListId, item.Value)
+		} else {
 			err = models.SharedIPItemDAO.DeleteOldItem(tx, item.IpListId, item.IpFrom, item.IpTo)
+		}
 		if err != nil {
 			return nil, err
 		}
 
-		itemId, err := models.SharedIPItemDAO.CreateIPItem(tx, item.IpListId, item.IpFrom, item.IpTo, item.ExpiredAt, item.Reason, item.Type, item.EventLevel, item.NodeId, item.ServerId, item.SourceNodeId, item.SourceServerId, item.SourceHTTPFirewallPolicyId, item.SourceHTTPFirewallRuleGroupId, item.SourceHTTPFirewallRuleSetId, shouldNotify)
+		itemId, err := models.SharedIPItemDAO.CreateIPItem(tx, item.IpListId, item.Value, item.IpFrom, item.IpTo, item.ExpiredAt, item.Reason, item.Type, item.EventLevel, item.NodeId, item.ServerId, item.SourceNodeId, item.SourceServerId, item.SourceHTTPFirewallPolicyId, item.SourceHTTPFirewallRuleGroupId, item.SourceHTTPFirewallRuleSetId, shouldNotify)
-		if err != nil {
-			return nil, err
-		}
 		if err != nil {
 			return nil, err
 		}
@@ -153,6 +177,34 @@ func (this *IPItemService) UpdateIPItem(ctx context.Context, req *pb.UpdateIPIte
 
 	var tx = this.NullTx()
 
+	// validate ip
+	if len(req.Value) > 0 {
+		newValue, ipFrom, ipTo, ok := models.SharedIPItemDAO.ParseIPValue(req.Value)
+		if !ok {
+			return nil, errors.New("invalid 'value' format")
+		}
+		req.Value = newValue
+		req.IpFrom = ipFrom
+		req.IpTo = ipTo
+	} else if req.Type != models.IPItemTypeAll {
+		if !iputils.IsValid(req.IpFrom) {
+			return nil, errors.New("invalid 'ipFrom'")
+		}
+		if len(req.IpTo) > 0 {
+			if !iputils.IsValid(req.IpTo) {
+				return nil, errors.New("invalid 'ipTo'")
+			}
+
+			if !iputils.IsSameVersion(req.IpFrom, req.IpTo) {
+				return nil, errors.New("'ipFrom' and 'ipTo' should be in same version")
+			}
+
+			if iputils.CompareIP(req.IpFrom, req.IpTo) > 0 {
+				req.IpFrom, req.IpTo = req.IpTo, req.IpFrom
+			}
+		}
+	}
+
 	if userId > 0 {
 		listId, err := models.SharedIPItemDAO.FindItemListId(tx, req.IpItemId)
 		if err != nil {
@@ -169,7 +221,7 @@ func (this *IPItemService) UpdateIPItem(ctx context.Context, req *pb.UpdateIPIte
 		req.Type = models.IPItemTypeIPv4
 	}
 
-	err = models.SharedIPItemDAO.UpdateIPItem(tx, req.IpItemId, req.IpFrom, req.IpTo, req.ExpiredAt, req.Reason, req.Type, req.EventLevel)
+	err = models.SharedIPItemDAO.UpdateIPItem(tx, req.IpItemId, req.Value, req.IpFrom, req.IpTo, req.ExpiredAt, req.Reason, req.Type, req.EventLevel)
 	if err != nil {
 		return nil, err
 	}
@@ -187,12 +239,34 @@ func (this *IPItemService) DeleteIPItem(ctx context.Context, req *pb.DeleteIPIte
 
 	var tx = this.NullTx()
 
+	if req.IpItemId <= 0 && len(req.Value) == 0 && len(req.IpFrom) == 0 {
+		return nil, errors.New("one of 'ipItemId', 'value' or 'ipFrom' params required")
+	}
+
 	// 如果是使用IPItemId删除
 	if req.IpItemId > 0 {
 		err = models.SharedIPItemDAO.DisableIPItem(tx, req.IpItemId, userId)
 		if err != nil {
 			return nil, err
 		}
+		return this.Success()
+	}
+
+	// 使用value删除
+	if len(req.Value) > 0 {
+		// 检查IP列表
+		if req.IpListId > 0 && userId > 0 && req.IpListId != firewallconfigs.GlobalListId {
+			err = models.SharedIPListDAO.CheckUserIPList(tx, userId, req.IpListId)
+			if err != nil {
+				return nil, err
+			}
+		}
+
+		err = models.SharedIPItemDAO.DisableIPItemsWithIPValue(tx, req.Value, userId, req.IpListId)
+		if err != nil {
+			return nil, err
+		}
+		return this.Success()
 	}
 
 	// 如果是使用ipFrom+ipTo删除
@@ -209,6 +283,7 @@ func (this *IPItemService) DeleteIPItem(ctx context.Context, req *pb.DeleteIPIte
 		if err != nil {
 			return nil, err
 		}
+		return this.Success()
 	}
 
 	return this.Success()
@@ -345,6 +420,7 @@ func (this *IPItemService) ListIPItemsWithListId(ctx context.Context, req *pb.Li
 
 		result = append(result, &pb.IPItem{
 			Id:                            int64(item.Id),
+			Value:                         item.ComposeValue(),
 			IpFrom:                        item.IpFrom,
 			IpTo:                          item.IpTo,
 			Version:                       int64(item.Version),
@@ -402,6 +478,7 @@ func (this *IPItemService) FindEnabledIPItem(ctx context.Context, req *pb.FindEn
 
 	return &pb.FindEnabledIPItemResponse{IpItem: &pb.IPItem{
 		Id:         int64(item.Id),
+		Value:      item.ComposeValue(),
 		IpFrom:     item.IpFrom,
 		IpTo:       item.IpTo,
 		Version:    int64(item.Version),
@@ -456,6 +533,7 @@ func (this *IPItemService) ListIPItemsAfterVersion(ctx context.Context, req *pb.
 
 		result = append(result, &pb.IPItem{
 			Id:         int64(item.Id),
+			Value:      item.ComposeValue(),
 			IpFrom:     item.IpFrom,
 			IpTo:       item.IpTo,
 			Version:    int64(item.Version),
@@ -520,6 +598,7 @@ func (this *IPItemService) CheckIPItemStatus(ctx context.Context, req *pb.CheckI
 			IsAllowed: isAllowed,
 			IpItem: &pb.IPItem{
 				Id:         int64(item.Id),
+				Value:      item.ComposeValue(),
 				IpFrom:     item.IpFrom,
 				IpTo:       item.IpTo,
 				CreatedAt:  int64(item.CreatedAt),
@@ -675,6 +754,7 @@ func (this *IPItemService) ListAllEnabledIPItems(ctx context.Context, req *pb.Li
 
 		var pbItem = &pb.IPItem{
 			Id:                            int64(item.Id),
+			Value:                         item.ComposeValue(),
 			IpFrom:                        item.IpFrom,
 			IpTo:                          item.IpTo,
 			Version:                       int64(item.Version),

internal/setup/sql.json

@@ -103742,7 +103742,7 @@
       "name": "edgeIPItems",
       "engine": "InnoDB",
       "charset": "utf8mb4_general_ci",
-      "definition": "CREATE TABLE `edgeIPItems` (\n  `id` bigint(20) unsigned NOT NULL AUTO_INCREMENT COMMENT 'ID',\n  `listId` int(11) unsigned DEFAULT '0' COMMENT '所属名单ID',\n  `type` varchar(64) DEFAULT 'ipv4' COMMENT '类型',\n  `ipFrom` varchar(64) DEFAULT NULL COMMENT '开始IP',\n  `ipTo` varchar(64) DEFAULT NULL COMMENT '结束IP',\n  `ipFromLong` bigint(20) unsigned DEFAULT '0' COMMENT '开始IP整型（弃用）',\n  `ipToLong` bigint(20) unsigned DEFAULT '0' COMMENT '结束IP整型（弃用）',\n  `version` bigint(20) unsigned DEFAULT '0' COMMENT '版本',\n  `createdAt` bigint(11) unsigned DEFAULT '0' COMMENT '创建时间',\n  `updatedAt` bigint(11) unsigned DEFAULT '0' COMMENT '修改时间',\n  `reason` varchar(255) DEFAULT NULL COMMENT '加入说明',\n  `eventLevel` varchar(64) DEFAULT NULL COMMENT '事件级别',\n  `state` tinyint(1) unsigned DEFAULT '1' COMMENT '状态',\n  `expiredAt` bigint(11) unsigned DEFAULT '0' COMMENT '过期时间',\n  `serverId` int(11) unsigned DEFAULT '0' COMMENT '有效范围服务ID',\n  `nodeId` int(11) unsigned DEFAULT '0' COMMENT '有效范围节点ID',\n  `sourceNodeId` int(11) unsigned DEFAULT '0' COMMENT '来源节点ID',\n  `sourceServerId` int(11) unsigned DEFAULT '0' COMMENT '来源服务ID',\n  `sourceHTTPFirewallPolicyId` int(11) unsigned DEFAULT '0' COMMENT '来源策略ID',\n  `sourceHTTPFirewallRuleGroupId` int(11) unsigned DEFAULT '0' COMMENT '来源规则集分组ID',\n  `sourceHTTPFirewallRuleSetId` int(11) unsigned DEFAULT '0' COMMENT '来源规则集ID',\n  `sourceUserId` bigint(11) unsigned DEFAULT '0' COMMENT '用户ID',\n  `isRead` tinyint(1) unsigned DEFAULT '1' COMMENT '是否已读',\n  PRIMARY KEY (`id`),\n  KEY `listId` (`listId`),\n  KEY `ipFrom` (`ipFrom`),\n  KEY `serverId` (`serverId`),\n  KEY `expiredAt_state` (`expiredAt`,`state`) USING BTREE,\n  KEY `isRead` (`expiredAt`,`isRead`) USING BTREE,\n  KEY `createdAt` (`createdAt`),\n  KEY `sourceUserId` (`sourceUserId`),\n  KEY `version` (`version`)\n) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 COMMENT='IP'",
+      "definition": "CREATE TABLE `edgeIPItems` (\n  `id` bigint(20) unsigned NOT NULL AUTO_INCREMENT COMMENT 'ID',\n  `listId` int(11) unsigned DEFAULT '0' COMMENT '所属名单ID',\n  `value` varchar(255) DEFAULT NULL COMMENT '原始值',\n  `type` varchar(64) DEFAULT 'ipv4' COMMENT '类型',\n  `ipFrom` varchar(64) DEFAULT NULL COMMENT '开始IP',\n  `ipTo` varchar(64) DEFAULT NULL COMMENT '结束IP',\n  `ipFromLong` bigint(20) unsigned DEFAULT '0' COMMENT '开始IP整型（弃用）',\n  `ipToLong` bigint(20) unsigned DEFAULT '0' COMMENT '结束IP整型（弃用）',\n  `version` bigint(20) unsigned DEFAULT '0' COMMENT '版本',\n  `createdAt` bigint(11) unsigned DEFAULT '0' COMMENT '创建时间',\n  `updatedAt` bigint(11) unsigned DEFAULT '0' COMMENT '修改时间',\n  `reason` varchar(255) DEFAULT NULL COMMENT '加入说明',\n  `eventLevel` varchar(64) DEFAULT NULL COMMENT '事件级别',\n  `state` tinyint(1) unsigned DEFAULT '1' COMMENT '状态',\n  `expiredAt` bigint(11) unsigned DEFAULT '0' COMMENT '过期时间',\n  `serverId` int(11) unsigned DEFAULT '0' COMMENT '有效范围服务ID',\n  `nodeId` int(11) unsigned DEFAULT '0' COMMENT '有效范围节点ID',\n  `sourceNodeId` int(11) unsigned DEFAULT '0' COMMENT '来源节点ID',\n  `sourceServerId` int(11) unsigned DEFAULT '0' COMMENT '来源服务ID',\n  `sourceHTTPFirewallPolicyId` int(11) unsigned DEFAULT '0' COMMENT '来源策略ID',\n  `sourceHTTPFirewallRuleGroupId` int(11) unsigned DEFAULT '0' COMMENT '来源规则集分组ID',\n  `sourceHTTPFirewallRuleSetId` int(11) unsigned DEFAULT '0' COMMENT '来源规则集ID',\n  `sourceUserId` bigint(11) unsigned DEFAULT '0' COMMENT '用户ID',\n  `isRead` tinyint(1) unsigned DEFAULT '1' COMMENT '是否已读',\n  PRIMARY KEY (`id`),\n  KEY `listId` (`listId`),\n  KEY `ipFrom` (`ipFrom`),\n  KEY `serverId` (`serverId`),\n  KEY `expiredAt_state` (`expiredAt`,`state`) USING BTREE,\n  KEY `isRead` (`expiredAt`,`isRead`) USING BTREE,\n  KEY `createdAt` (`createdAt`),\n  KEY `sourceUserId` (`sourceUserId`),\n  KEY `version` (`version`),\n  KEY `value` (`value`)\n) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 COMMENT='IP'",
       "fields": [
         {
           "name": "id",
@@ -103752,6 +103752,10 @@
           "name": "listId",
           "definition": "int(11) unsigned DEFAULT '0' COMMENT '所属名单ID'"
         },
+        {
+          "name": "value",
+          "definition": "varchar(255) COMMENT '原始值'"
+        },
         {
           "name": "type",
           "definition": "varchar(64) DEFAULT 'ipv4' COMMENT '类型'"
@@ -103873,6 +103877,10 @@
         {
           "name": "version",
           "definition": "KEY `version` (`version`) USING BTREE"
+        },
+        {
+          "name": "value",
+          "definition": "KEY `value` (`value`) USING BTREE"
         }
       ],
       "records": []