From 57cb00edf0f877d7f3d98ce1f54d2a354659b328 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=E5=88=98=E7=A5=A5=E8=B6=85?= <iwind.liu@gmail.com>
Date: Sun, 4 Sep 2022 17:06:19 +0800
Subject: [PATCH] =?UTF-8?q?=E4=BF=AE=E5=A4=8D=E6=97=A0=E6=B3=95=E6=B7=BB?=
 =?UTF-8?q?=E5=8A=A0IP=E5=88=B0=E6=9C=AC=E5=9C=B0=E9=98=B2=E7=81=AB?=
 =?UTF-8?q?=E5=A2=99=E7=9A=84=E9=97=AE=E9=A2=98?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 internal/firewalls/firewall_firewalld.go |  2 +-
 internal/firewalls/firewall_nftables.go  | 10 +++++-----
 2 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/internal/firewalls/firewall_firewalld.go b/internal/firewalls/firewall_firewalld.go
index 6ec1a15..81146bc 100644
--- a/internal/firewalls/firewall_firewalld.go
+++ b/internal/firewalls/firewall_firewalld.go
@@ -170,7 +170,7 @@ func (this *Firewalld) DropSourceIP(ip string, timeoutSeconds int, async bool) e
 	}
 
 	// 避免短时间内重复添加
-	if this.checkLatestIP(ip) {
+	if async && this.checkLatestIP(ip) {
 		return nil
 	}
 
diff --git a/internal/firewalls/firewall_nftables.go b/internal/firewalls/firewall_nftables.go
index 33517a0..3632b39 100644
--- a/internal/firewalls/firewall_nftables.go
+++ b/internal/firewalls/firewall_nftables.go
@@ -347,14 +347,14 @@ func (this *NFTablesFirewall) DropSourceIP(ip string, timeoutSeconds int, async
 		return errors.New("invalid ip '" + ip + "'")
 	}
 
-	// 避免短时间内重复添加
-	if this.checkLatestIP(ip) {
-		return nil
-	}
-
 	// 尝试关闭连接
 	conns.SharedMap.CloseIPConns(ip)
 
+	// 避免短时间内重复添加
+	if async && this.checkLatestIP(ip) {
+		return nil
+	}
+
 	if async {
 		select {
 		case this.dropIPQueue <- &blockIPItem{