实现自动SYN Flood防护

2025-11-04 05:00:24 +08:00 · 2022-01-10 19:54:18 +08:00
parent 4eb74e30e0
commit ee2fe6cce2
9 changed files with 332 additions and 255 deletions
--- a/pkg/nodeconfigs/node_config.go
+++ b/pkg/nodeconfigs/node_config.go
@@ -70,6 +70,9 @@ type NodeConfig struct {

 	// 自动白名单
 	allowedIPMap map[string]bool
+
+	// syn flood
+	synFlood *firewallconfigs.SYNFloodConfig
 }

 // SharedNodeConfig 取得当前节点配置单例
@@ -162,6 +165,9 @@ func (this *NodeConfig) Init() (err error, serverErrors []*ServerError) {
 	for _, policy := range this.HTTPFirewallPolicies {
 		if policy.IsOn {
 			this.firewallPolicies = append(this.firewallPolicies, policy)
+			if policy.SYNFlood != nil && policy.SYNFlood.IsOn {
+				this.synFlood = policy.SYNFlood
+			}
 		}
 	}
 	for _, server := range this.Servers {
@@ -344,3 +350,8 @@ func (this *NodeConfig) IPIsAutoAllowed(ip string) bool {
 	_, ok := this.allowedIPMap[ip]
 	return ok
 }
+
+// SYNFloodConfig 获取SYN Flood配置
+func (this *NodeConfig) SYNFloodConfig() *firewallconfigs.SYNFloodConfig {
+	return this.synFlood
+}