增加IP灰名单，用于仅记录并观察IP

2026-01-03 04:26:34 +08:00 · 2024-05-05 19:08:06 +08:00
parent ec3d36de39
commit ea03586e7f
6 changed files with 164 additions and 59 deletions
--- a/internal/db/models/ip_list_dao.go
+++ b/internal/db/models/ip_list_dao.go
@@ -22,8 +22,8 @@ const (
 )

 var listTypeCacheMap = map[int64]*IPList{} // listId => *IPList
-var DefaultGlobalIPList = &IPList{
-	Id:       uint32(firewallconfigs.GlobalListId),
+var DefaultGlobalBlackIPList = &IPList{
+	Id:       uint32(firewallconfigs.GlobalBlackListId),
 	Name:     "系统黑名单",
 	IsPublic: true,
 	IsGlobal: true,
@@ -32,6 +32,26 @@ var DefaultGlobalIPList = &IPList{
 	IsOn:     true,
 }

+var DefaultGlobalWhiteIPList = &IPList{
+	Id:       uint32(firewallconfigs.GlobalWhiteListId),
+	Name:     "系统白名单",
+	IsPublic: true,
+	IsGlobal: true,
+	Type:     "white",
+	State:    IPListStateEnabled,
+	IsOn:     true,
+}
+
+var DefaultGlobalGreyIPList = &IPList{
+	Id:       uint32(firewallconfigs.GlobalGreyListId),
+	Name:     "系统灰名单",
+	IsPublic: true,
+	IsGlobal: true,
+	Type:     "grey",
+	State:    IPListStateEnabled,
+	IsOn:     true,
+}
+
 var ipListCodeRegexp = regexp.MustCompile(`^[a-zA-Z0-9_-]+$`)

 type IPListDAO dbs.DAO
@@ -79,8 +99,9 @@ func (this *IPListDAO) DisableIPList(tx *dbs.Tx, listId int64) error {

 // FindEnabledIPList 查找启用中的条目
 func (this *IPListDAO) FindEnabledIPList(tx *dbs.Tx, id int64, cacheMap *utils.CacheMap) (*IPList, error) {
-	if id == firewallconfigs.GlobalListId {
-		return DefaultGlobalIPList, nil
+	globalList, ok := this.findGlobalList(id)
+	if ok {
+		return globalList, nil
 	}

 	var cacheKey = this.Table + ":FindEnabledIPList:" + types.String(id)
@@ -116,9 +137,9 @@ func (this *IPListDAO) FindIPListName(tx *dbs.Tx, id int64) (string, error) {

 // FindIPListCacheable 获取名单
 func (this *IPListDAO) FindIPListCacheable(tx *dbs.Tx, listId int64) (*IPList, error) {
-	// 全局黑名单
-	if listId == firewallconfigs.GlobalListId {
-		return DefaultGlobalIPList, nil
+	globalList, ok := this.findGlobalList(listId)
+	if ok {
+		return globalList, nil
 	}

 	// 检查缓存
@@ -165,7 +186,21 @@ func (this *IPListDAO) CreateIPList(tx *dbs.Tx, userId int64, serverId int64, li
 	if err != nil {
 		return 0, err
 	}
-	return types.Int64(op.Id), nil
+	var newListId = types.Int64(op.Id)
+
+	// 防止和全局名单ID冲突
+	if lists.ContainsInt64(firewallconfigs.FindGlobalListIds(), newListId) {
+		// 先删除
+		err = this.Query(tx).Pk(newListId).DeleteQuickly()
+		if err != nil {
+			return 0, err
+		}
+
+		// 自动创建下一个
+		return this.CreateIPList(tx, userId, serverId, listType, name, code, timeoutJSON, description, isPublic, isGlobal)
+	}
+
+	return newListId, nil
 }

 // UpdateIPList 修改名单
@@ -372,3 +407,17 @@ func (this *IPListDAO) FindIPListIdWithCode(tx *dbs.Tx, listCode string) (int64,
 func (this *IPListDAO) ValidateIPListCode(code string) bool {
 	return ipListCodeRegexp.MatchString(code)
 }
+
+// 查找ID对应的全局名单
+func (this *IPListDAO) findGlobalList(id int64) (list *IPList, ok bool) {
+	switch id {
+	case firewallconfigs.GlobalBlackListId:
+		return DefaultGlobalBlackIPList, true
+	case firewallconfigs.GlobalWhiteListId:
+		return DefaultGlobalWhiteIPList, true
+	case firewallconfigs.GlobalGreyListId:
+		return DefaultGlobalGreyIPList, true
+	}
+
+	return
+}