TRKJ/EdgeAPI
2
0
Fork 0
mirror of https://github.com/TeaOSLab/EdgeAPI.git synced 2025-12-16 07:46:35 +08:00
Code Issues Packages Projects Releases Wiki Activity

IP测试时同时也检查绑定的IP名单

Browse Source
This commit is contained in:
GoEdgeLab
2021-07-13 15:49:16 +08:00
parent 8962b6a0bb
commit 9c94c1df5f
1 changed files with 92 additions and 44 deletions
Download Patch File Download Diff File Expand all files Collapse all files

136
internal/rpc/services/service_http_firewall_policy.go
View File

@@ -667,29 +667,53 @@ func (this *HTTPFirewallPolicyService) CheckHTTPFirewallPolicyIPStatus(ctx conte
firewallPolicy.Inbound.AllowListRef != nil && firewallPolicy.Inbound.AllowListRef != nil &&
firewallPolicy.Inbound.AllowListRef.IsOn && firewallPolicy.Inbound.AllowListRef.IsOn &&
firewallPolicy.Inbound.AllowListRef.ListId > 0 { firewallPolicy.Inbound.AllowListRef.ListId > 0 {
item, err := models.SharedIPItemDAO.FindEnabledItemContainsIP(tx, firewallPolicy.Inbound.AllowListRef.ListId, ipLong)
if err != nil { var listIds = []int64{}
return nil, err if firewallPolicy.Inbound.AllowListRef.ListId > 0 {
listIds = append(listIds, firewallPolicy.Inbound.AllowListRef.ListId)
} }
if item != nil { if len(firewallPolicy.Inbound.PublicAllowListRefs) > 0 {
return &pb.CheckHTTPFirewallPolicyIPStatusResponse{ for _, ref := range firewallPolicy.Inbound.PublicAllowListRefs {
IsOk: true, if !ref.IsOn {
Error: "", continue
IsFound: true, }
IsAllowed: true,
IpList: &pb.IPList{Name: "白名单", Id: firewallPolicy.Inbound.AllowListRef.ListId}, listIds = append(listIds, ref.ListId)
IpItem: &pb.IPItem{ }
Id: int64(item.Id), }
IpFrom: item.IpFrom,
IpTo: item.IpTo, for _, listId := range listIds {
ExpiredAt: int64(item.ExpiredAt), item, err := models.SharedIPItemDAO.FindEnabledItemContainsIP(tx, listId, ipLong)
Reason: item.Reason, if err != nil {
Type: item.Type, return nil, err
EventLevel: item.EventLevel, }
}, if item != nil {
RegionCountry: nil, listName, err := models.SharedIPListDAO.FindIPListName(tx, listId)
RegionProvince: nil, if err != nil {
}, nil return nil, err
}
if len(listName) == 0 {
listName = "白名单"
}
return &pb.CheckHTTPFirewallPolicyIPStatusResponse{
IsOk: true,
Error: "",
IsFound: true,
IsAllowed: true,
IpList: &pb.IPList{Name: listName, Id: listId},
IpItem: &pb.IPItem{
Id: int64(item.Id),
IpFrom: item.IpFrom,
IpTo: item.IpTo,
ExpiredAt: int64(item.ExpiredAt),
Reason: item.Reason,
Type: item.Type,
EventLevel: item.EventLevel,
},
RegionCountry: nil,
RegionProvince: nil,
}, nil
}
} }
} }
@@ -699,29 +723,53 @@ func (this *HTTPFirewallPolicyService) CheckHTTPFirewallPolicyIPStatus(ctx conte
firewallPolicy.Inbound.AllowListRef != nil && firewallPolicy.Inbound.AllowListRef != nil &&
firewallPolicy.Inbound.AllowListRef.IsOn && firewallPolicy.Inbound.AllowListRef.IsOn &&
firewallPolicy.Inbound.AllowListRef.ListId > 0 { firewallPolicy.Inbound.AllowListRef.ListId > 0 {
item, err := models.SharedIPItemDAO.FindEnabledItemContainsIP(tx, firewallPolicy.Inbound.DenyListRef.ListId, ipLong)
if err != nil { var listIds = []int64{}
return nil, err if firewallPolicy.Inbound.DenyListRef.ListId > 0 {
listIds = append(listIds, firewallPolicy.Inbound.DenyListRef.ListId)
} }
if item != nil { if len(firewallPolicy.Inbound.PublicDenyListRefs) > 0 {
return &pb.CheckHTTPFirewallPolicyIPStatusResponse{ for _, ref := range firewallPolicy.Inbound.PublicDenyListRefs {
IsOk: true, if !ref.IsOn {
Error: "", continue
IsFound: true, }
IsAllowed: false,
IpList: &pb.IPList{Name: "黑名单", Id: firewallPolicy.Inbound.DenyListRef.ListId}, listIds = append(listIds, ref.ListId)
IpItem: &pb.IPItem{ }
Id: int64(item.Id), }
IpFrom: item.IpFrom,
IpTo: item.IpTo, for _, listId := range listIds {
ExpiredAt: int64(item.ExpiredAt), item, err := models.SharedIPItemDAO.FindEnabledItemContainsIP(tx, listId, ipLong)
Reason: item.Reason, if err != nil {
Type: item.Type, return nil, err
EventLevel: item.EventLevel, }
}, if item != nil {
RegionCountry: nil, listName, err := models.SharedIPListDAO.FindIPListName(tx, listId)
RegionProvince: nil, if err != nil {
}, nil return nil, err
}
if len(listName) == 0 {
listName = "黑名单"
}
return &pb.CheckHTTPFirewallPolicyIPStatusResponse{
IsOk: true,
Error: "",
IsFound: true,
IsAllowed: false,
IpList: &pb.IPList{Name: listName, Id: listId},
IpItem: &pb.IPItem{
Id: int64(item.Id),
IpFrom: item.IpFrom,
IpTo: item.IpTo,
ExpiredAt: int64(item.ExpiredAt),
Reason: item.Reason,
Type: item.Type,
EventLevel: item.EventLevel,
},
RegionCountry: nil,
RegionProvince: nil,
}, nil
}
} }
} }