diff --git a/internal/iplibrary/manager_ip_list.go b/internal/iplibrary/manager_ip_list.go index f24e240..c41cfd6 100644 --- a/internal/iplibrary/manager_ip_list.go +++ b/internal/iplibrary/manager_ip_list.go @@ -6,6 +6,7 @@ import ( "github.com/TeaOSLab/EdgeNode/internal/remotelogs" "github.com/TeaOSLab/EdgeNode/internal/rpc" "github.com/TeaOSLab/EdgeNode/internal/utils" + "github.com/TeaOSLab/EdgeNode/internal/waf" "github.com/iwind/TeaGo/Tea" "sync" "time" @@ -125,6 +126,16 @@ func (this *IPListManager) fetch() (hasNext bool, err error) { if item.IsDeleted { list.Delete(item.Id) + // 从临时名单中删除 + if len(item.IpFrom) > 0 && len(item.IpTo) == 0 { + switch item.ListType { + case "black": + waf.SharedIPBlackList.RemoveIP(item.IpFrom) + case "white": + waf.SharedIPWhiteList.RemoveIP(item.IpFrom) + } + } + // 操作事件 SharedActionManager.DeleteItem(item.ListType, item) diff --git a/internal/waf/ip_list.go b/internal/waf/ip_list.go index 7fb0747..6f71e23 100644 --- a/internal/waf/ip_list.go +++ b/internal/waf/ip_list.go @@ -80,6 +80,14 @@ func (this *IPList) Contains(ipType string, scope firewallconfigs.FirewallScope, return ok } +// RemoveIP 删除IP +// 暂时没办法清除某个服务相关的IP +func (this *IPList) RemoveIP(ip string) { + this.locker.Lock() + delete(this.ipMap, "*@"+ip+"@"+IPTypeAll) + this.locker.Unlock() +} + func (this *IPList) remove(id int64) { this.locker.Lock() ip, ok := this.idMap[id] diff --git a/internal/waf/ip_list_test.go b/internal/waf/ip_list_test.go index 3da3e17..0877aa4 100644 --- a/internal/waf/ip_list_test.go +++ b/internal/waf/ip_list_test.go @@ -39,6 +39,7 @@ func TestIPList_Contains(t *testing.T) { for i := 0; i < 1_0000; i++ { list.Add(IPTypeAll, firewallconfigs.FirewallScopeGlobal, 1, "192.168.1."+strconv.Itoa(i), time.Now().Unix()+3600) } + //list.RemoveIP("192.168.1.100") a.IsTrue(list.Contains(IPTypeAll, firewallconfigs.FirewallScopeGlobal, 1, "192.168.1.100")) a.IsFalse(list.Contains(IPTypeAll, firewallconfigs.FirewallScopeGlobal, 1, "192.168.2.100")) }