diff --git a/internal/iplibrary/ip_list.go b/internal/iplibrary/ip_list.go index 529ba96..d444a1c 100644 --- a/internal/iplibrary/ip_list.go +++ b/internal/iplibrary/ip_list.go @@ -169,6 +169,10 @@ func (this *IPList) sortItems() { // 不加锁的情况下查找Item func (this *IPList) lookupIP(ip uint64) *IPItem { + if len(this.sortedItems) == 0 { + return nil + } + var count = len(this.sortedItems) var resultIndex = -1 sort.Search(count, func(i int) bool { diff --git a/internal/iplibrary/ip_list_test.go b/internal/iplibrary/ip_list_test.go index 467dfa5..5be4c61 100644 --- a/internal/iplibrary/ip_list_test.go +++ b/internal/iplibrary/ip_list_test.go @@ -302,16 +302,20 @@ func TestTooManyLists(t *testing.T) { func BenchmarkIPList_Contains(b *testing.B) { runtime.GOMAXPROCS(1) - list := NewIPList() - for i := 1; i < 194; i++ { - list.Add(&IPItem{ + var list = NewIPList() + for i := 1; i < 200_000; i++ { + list.AddDelay(&IPItem{ Id: int64(i), - IPFrom: utils.IP2Long(strconv.Itoa(i%255) + "." + strconv.Itoa(i%255) + ".0.1"), - IPTo: utils.IP2Long(strconv.Itoa(i%255) + "." + strconv.Itoa(i%255) + ".0.1"), + IPFrom: utils.IP2Long(strconv.Itoa(rands.Int(0, 255)) + "." + strconv.Itoa(rands.Int(0, 255)) + ".0.1"), + IPTo: utils.IP2Long(strconv.Itoa(rands.Int(0, 255)) + "." + strconv.Itoa(rands.Int(0, 255)) + ".0.1"), ExpiredAt: time.Now().Unix() + 60, }) } + list.Sort() + b.Log(len(list.itemsMap), "ip") + + b.ResetTimer() for i := 0; i < b.N; i++ { _ = list.Contains(utils.IP2Long("192.168.1.100")) } diff --git a/internal/nodes/client_listener.go b/internal/nodes/client_listener.go index bea258e..e0f155a 100644 --- a/internal/nodes/client_listener.go +++ b/internal/nodes/client_listener.go @@ -50,8 +50,10 @@ func (this *ClientListener) Accept() (net.Conn, error) { ip, _, err := net.SplitHostPort(conn.RemoteAddr().String()) if err == nil { canGoNext, _ := iplibrary.AllowIP(ip, 0) - if !canGoNext || (!waf.SharedIPWhiteList.Contains(waf.IPTypeAll, firewallconfigs.FirewallScopeGlobal, 0, ip) && - waf.SharedIPBlackList.Contains(waf.IPTypeAll, firewallconfigs.FirewallScopeGlobal, 0, ip)) { + + if !canGoNext || + (!waf.SharedIPWhiteList.Contains(waf.IPTypeAll, firewallconfigs.FirewallScopeGlobal, 0, ip) && + waf.SharedIPBlackList.Contains(waf.IPTypeAll, firewallconfigs.FirewallScopeGlobal, 0, ip)) { tcpConn, ok := conn.(*net.TCPConn) if ok { _ = tcpConn.SetLinger(0)