优化IP名单

* 增加IP灰名单，用于仅记录并观察IP
2025-11-03 20:40:26 +08:00 · 2024-05-05 18:56:25 +08:00
parent c4d45456b8
commit 71c7b7dcc7
27 changed files with 259 additions and 22 deletions
--- a/web/views/@default/servers/components/waf/ipadmin/@menu.html
+++ b/web/views/@default/servers/components/waf/ipadmin/@menu.html
@@ -4,5 +4,6 @@
 	<span class="item disabled">|</span>
 	<menu-item :href="'/servers/components/waf/ipadmin/lists?firewallPolicyId=' + firewallPolicyId + '&type=white'" :active="subMenuItem == 'white'">白名单</menu-item>
 	<menu-item :href="'/servers/components/waf/ipadmin/lists?firewallPolicyId=' + firewallPolicyId + '&type=black'" :active="subMenuItem == 'black'">黑名单</menu-item>
+    <menu-item :href="'/servers/components/waf/ipadmin/lists?firewallPolicyId=' + firewallPolicyId + '&type=grey'" :active="subMenuItem == 'grey'">灰名单</menu-item>
    <menu-item :href="'/servers/components/waf/ipadmin/test?firewallPolicyId=' + firewallPolicyId" :active="subMenuItem == 'test'">IP检查</menu-item>
 </second-menu>
--- a/web/views/@default/servers/iplists/@list_menu.html
+++ b/web/views/@default/servers/iplists/@list_menu.html
@@ -1,4 +1,6 @@
 <first-menu>
+    <menu-item :href="'/servers/iplists'">IP列表</menu-item>
+    <raquo-item></raquo-item>
    <menu-item :href="'/servers/iplists/lists?type=' + list.type">{{list.typeName}}</menu-item>
    <span class="disabled item">|</span>
    <menu-item :href="'/servers/iplists/list?listId=' + list.id" code="list">"{{list.name}}"详情</menu-item>
--- a/web/views/@default/servers/iplists/@menu.html
+++ b/web/views/@default/servers/iplists/@menu.html
@@ -1,10 +1,11 @@
 <first-menu>
    <menu-item href="/servers/iplists" code="index">IP列表</menu-item>
    <span class="disabled item">|</span>
-    <menu-item href="/servers/iplists/lists?type=black" :active="type == 'black'">公共黑名单</menu-item>
-    <menu-item href="/servers/iplists/lists?type=white" :active="type == 'white'">公共白名单</menu-item>
+    <menu-item href="/servers/iplists/lists?type=black" :active="type == 'black'">黑名单</menu-item>
+    <menu-item href="/servers/iplists/lists?type=white" :active="type == 'white'">白名单</menu-item>
+    <menu-item href="/servers/iplists/lists?type=grey" :active="type == 'grey'">灰名单</menu-item>
    <span class="item disabled" v-if="type.length > 0">|</span>
    <menu-item @click.prevent="createList" v-if="type.length > 0">[创建名单]</menu-item>
    <span class="item disabled" v-if="type.length > 0">|</span>
-    <span class="item" v-if="type.length > 0"><tip-icon content="全局名单自动生效；非全局名单可以在WAF策略里引用。"></tip-icon></span>
+    <span class="item" v-if="type.length > 0"><tip-icon content="创建名单时可以选择“全局有效”就会成为全局有效名单，全局有效名单对所有网站自动生效；非全局有效名单可以在WAF策略里引用。<br/><br/>黑名单：其中的IP将会被禁止访问。<br/>白名单：其中的IP将会自动放行，优先级高于黑名单。<br/>灰名单：其中的IP仅作为记录和观察使用，不影响黑名单和白名单的作用。"></tip-icon></span>
 </first-menu>
--- a/web/views/@default/servers/iplists/bindHTTPFirewallPopup.html
+++ b/web/views/@default/servers/iplists/bindHTTPFirewallPopup.html
@@ -22,6 +22,7 @@
        <td class="center">
            <span v-if="list.type == 'black'">黑名单</span>
            <span v-if="list.type == 'white'">白名单</span>
+            <span v-if="list.type == 'grey'">灰名单</span>
        </td>
        <td>{{list.description}}</td>
        <td class="center">
--- a/web/views/@default/servers/iplists/createIPPopup.html
+++ b/web/views/@default/servers/iplists/createIPPopup.html
@@ -2,6 +2,7 @@

 <h3 v-if="list.type == 'white'">添加IP到白名单</h3>
 <h3 v-if="list.type == 'black'">添加IP到黑名单</h3>
+<h3 v-if="list.type == 'grey'">添加IP到灰名单</h3>

 <form method="post" class="ui form" data-tea-action="$" data-tea-success="success">
 	<input type="hidden" name="listId" :value="listId"/>
--- a/web/views/@default/servers/iplists/createPopup.html
+++ b/web/views/@default/servers/iplists/createPopup.html
@@ -1,6 +1,7 @@
 {$layout "layout_popup"}

-<h3>创建<var v-if="type == 'black'">黑名单</var><var v-if="type == 'white'">白名单</var></h3>
+<h3>创建<var v-if="type == 'black'">黑名单</var><var v-if="type == 'white'">白名单</var><var v-if="type == 'grey'">灰名单</var>
+</h3>

 <form class="ui form" data-tea-action="$" data-tea-success="success">
    <csrf-token></csrf-token>
@@ -24,7 +25,11 @@
                <select class="ui dropdown auto-width" name="type" v-model="type">
                    <option value="black">黑名单</option>
                    <option value="white">白名单</option>
+                    <option value="grey">灰名单</option>
                </select>
+                <p class="comment" v-if="type == 'black'">黑名单中的IP将会被禁止访问。</p>
+                <p class="comment" v-if="type == 'white'">白名单中的IP将会自动放行，优先级高于黑名单。</p>
+                <p class="comment" v-if="type == 'grey'">灰名单中的IP仅作为记录和观察使用，不影响黑名单和白名单的作用。</p>
            </td>
        </tr>
        <tr>
--- a/web/views/@default/servers/iplists/index.html
+++ b/web/views/@default/servers/iplists/index.html
@@ -12,6 +12,7 @@
                <option value="">[类型]</option>
                <option value="black">黑名单</option>
                <option value="white">白名单</option>
+                <option value="grey">灰名单</option>
            </select>
        </div>
        <div class="ui field">
--- a/web/views/@default/servers/iplists/lists.html
+++ b/web/views/@default/servers/iplists/lists.html
@@ -38,8 +38,9 @@
            <div v-if="list.isGlobal" style="margin-top: 0.3em"><grey-label>全局</grey-label></div>
        </td>
        <td class="center">
-            <span v-if="list.type == 'black'">黑名单</span>
-            <span v-if="list.type == 'white'">白名单</span>
+            <span v-if="list.type == 'black'"><span class="red">黑名单</span></span>
+            <span v-if="list.type == 'white'"><span class="green">白名单</span></span>
+            <span v-if="list.type == 'grey'"><span class="grey">灰名单</span></span>
        </td>
        <td>{{list.description}}</td>
        <td class="center">
--- a/web/views/@default/servers/iplists/lists.js
+++ b/web/views/@default/servers/iplists/lists.js
@@ -1,7 +1,7 @@
 Tea.context(function () {
 	this.createList = function () {
 		teaweb.popup(Tea.url(".createPopup", {type: this.type}), {
-			height: "30em",
+			height: "32em",
 			callback: function (resp) {
 				teaweb.success("保存成功", function () {
 					window.location = "/servers/iplists/lists?type=" + resp.data.list.type
--- a/web/views/@default/servers/iplists/selectPopup.html
+++ b/web/views/@default/servers/iplists/selectPopup.html
@@ -21,6 +21,7 @@
        <td class="center">
            <span v-if="list.type == 'black'">黑名单</span>
            <span v-if="list.type == 'white'">白名单</span>
+            <span v-if="list.type == 'grey'">灰名单</span>
        </td>
        <td>{{list.description}}</td>
        <td class="center">
--- a/web/views/@default/servers/server/settings/waf/@menu.html
+++ b/web/views/@default/servers/server/settings/waf/@menu.html
@@ -7,5 +7,6 @@
    <menu-item :href="'/servers/server/settings/waf/ipadmin/provinces?serverId=' + serverId + '&firewallPolicyId='+firewallPolicyId" code="province">省份封禁</menu-item>
    <menu-item :href="'/servers/server/settings/waf/ipadmin/allowList?serverId=' + serverId + '&firewallPolicyId='+firewallPolicyId" code="allowList">白名单</menu-item>
    <menu-item :href="'/servers/server/settings/waf/ipadmin/denyList?serverId=' + serverId + '&firewallPolicyId='+firewallPolicyId" code="denyList">黑名单</menu-item>
+    <menu-item :href="'/servers/server/settings/waf/ipadmin/greyList?serverId=' + serverId + '&firewallPolicyId='+firewallPolicyId" code="greyList">灰名单</menu-item>
    <menu-item :href="'/servers/server/settings/waf/ipadmin/test?serverId=' + serverId + '&firewallPolicyId='+firewallPolicyId" code="test">IP检查</menu-item>
 </first-menu>
--- a/web/views/@default/servers/server/settings/waf/ipadmin/greyList.html
+++ b/web/views/@default/servers/server/settings/waf/ipadmin/greyList.html
@@ -0,0 +1,26 @@
+{$layout}
+{$template "../../settings_menu"}
+{$template "/left_menu_with_menu"}
+
+<div class="right-box with-menu">
+    {$template "../menu"}
+
+    <warning-message v-if="!featureIsOn">尚未为当前用户开通此功能。</warning-message>
+
+    {$ if .featureIsOn}
+    <second-menu>
+        <menu-item @click.prevent="createIP('grey')">添加IP</menu-item>
+        <span class="item">|</span>
+        <div class="item"><ip-list-bind-box :v-http-firewall-policy-id="firewallPolicyId" :v-type="'grey'"></ip-list-bind-box></div>
+        <span class="item">|</span>
+        <span class="item">ID: {{listId}} &nbsp; <tip-icon content="ID可以用于使用API操作此IP名单；灰名单中的IP仅作为记录和观察使用，不影响黑名单和白名单的作用。"></tip-icon></span>
+    </second-menu>
+
+    <warning-message v-if="!wafIsOn">当前WAF未启用，设置将在<a :href="'/servers/server/settings/waf?serverId=' + serverId">[启用]</a>后生效。</warning-message>
+
+    <p class="comment" v-if="items.length == 0">暂时还没有IP。</p>
+    <ip-list-table v-if="items.length > 0" :v-items="items" @update-item="updateItem" @delete-item="deleteItem"></ip-list-table>
+
+    <div class="page" v-html="page"></div>
+    {$end}
+</div>
--- a/web/views/@default/servers/server/settings/waf/ipadmin/greyList.js
+++ b/web/views/@default/servers/server/settings/waf/ipadmin/greyList.js
@@ -0,0 +1,38 @@
+Tea.context(function () {
+	this.updateItem = function (itemId) {
+		teaweb.popup(Tea.url(".updateIPPopup?listId=" + this.listId, {itemId: itemId}), {
+			height: "30em",
+			callback: function () {
+				teaweb.success("保存成功", function () {
+					teaweb.reload()
+				})
+			}
+		})
+	}
+
+	this.deleteItem = function (itemId) {
+		let that = this
+		teaweb.confirm("确定要删除这个IP吗？", function () {
+			that.$post(".deleteIP")
+				.params({
+					"listId": this.listId,
+					"itemId": itemId
+				})
+				.refresh()
+		})
+	}
+
+	/**
+	 * 添加IP名单菜单
+	 */
+	this.createIP = function (type) {
+		teaweb.popup("/servers/iplists/createIPPopup?listId=" + this.listId + '&type=' + type, {
+			height: "30em",
+			callback: function () {
+				teaweb.success("保存成功", function () {
+					teaweb.reload()
+				})
+			}
+		})
+	}
+})