修正自动使用本地防火墙延长封禁时间逻辑

2025-11-03 15:00:26 +08:00 · 2022-05-21 22:15:11 +08:00
parent 93f66ad698
commit 75c622e5b5
1 changed files with 8 additions and 6 deletions
--- a/internal/nodes/client_listener.go
+++ b/internal/nodes/client_listener.go
@@ -42,10 +42,10 @@ func (this *ClientListener) Accept() (net.Conn, error) {
 	ip, _, err := net.SplitHostPort(conn.RemoteAddr().String())
 	if err == nil {
 		canGoNext, _ := iplibrary.AllowIP(ip, 0)
 		var beingDenied = !waf.SharedIPWhiteList.Contains(waf.IPTypeAll, firewallconfigs.FirewallScopeGlobal, 0, ip) &&
 			waf.SharedIPBlackList.Contains(waf.IPTypeAll, firewallconfigs.FirewallScopeGlobal, 0, ip)
-		if !canGoNext ||
+		if !canGoNext || beingDenied {
 			(!waf.SharedIPWhiteList.Contains(waf.IPTypeAll, firewallconfigs.FirewallScopeGlobal, 0, ip) &&
 				waf.SharedIPBlackList.Contains(waf.IPTypeAll, firewallconfigs.FirewallScopeGlobal, 0, ip)) {
 			tcpConn, ok := conn.(*net.TCPConn)
 			if ok {
 				_ = tcpConn.SetLinger(0)
@@ -54,9 +54,11 @@ func (this *ClientListener) Accept() (net.Conn, error) {
 			_ = conn.Close()
 			// 使用本地防火墙延长封禁
-			var fw = firewalls.Firewall()
+			if beingDenied {
-			if fw != nil && !fw.IsMock() {
+				var fw = firewalls.Firewall()
-				_ = fw.DropSourceIP(ip, 60)
+				if fw != nil && !fw.IsMock() {
 					_ = fw.DropSourceIP(ip, 60)
 				}
 			}
 			return this.Accept()