From 7e8c09a6848770b6ed002dc5b81784ccbfbe5808 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E5=88=98=E7=A5=A5=E8=B6=85?= Date: Wed, 19 Apr 2023 13:20:31 +0800 Subject: [PATCH] =?UTF-8?q?=E4=BC=98=E5=8C=96nftables=E9=9B=86=E5=90=88?= =?UTF-8?q?=E5=85=83=E7=B4=A0=E8=BF=87=E6=9C=9F=E6=97=B6=E9=97=B4=E5=88=A4?= =?UTF-8?q?=E6=96=AD?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- internal/firewalls/nftables/expration.go | 7 +++++-- internal/firewalls/nftables/expration_test.go | 8 ++++++++ 2 files changed, 13 insertions(+), 2 deletions(-) diff --git a/internal/firewalls/nftables/expration.go b/internal/firewalls/nftables/expration.go index e85ec62..04e393d 100644 --- a/internal/firewalls/nftables/expration.go +++ b/internal/firewalls/nftables/expration.go @@ -40,7 +40,10 @@ func (this *Expiration) Remove(key []byte) { func (this *Expiration) Contains(key []byte) bool { this.locker.RLock() - _, ok := this.m[string(key)] + expires, ok := this.m[string(key)] + if ok && expires.Year() > 2000 && time.Now().After(expires) { + ok = false + } this.locker.RUnlock() return ok } @@ -55,7 +58,7 @@ func (this *Expiration) gc() { var now = time.Now().Add(-10 * time.Second) // gc elements expired before 10 seconds ago for key, expires := range this.m { - if expires.Year() >= 2000 && now.After(expires) { + if expires.Year() > 2000 && now.After(expires) { delete(this.m, key) } } diff --git a/internal/firewalls/nftables/expration_test.go b/internal/firewalls/nftables/expration_test.go index cd894a4..c477b4d 100644 --- a/internal/firewalls/nftables/expration_test.go +++ b/internal/firewalls/nftables/expration_test.go @@ -17,6 +17,14 @@ func TestExpiration_Add(t *testing.T) { expiration.Add([]byte{'a', 'b', 'c'}, time.Now()) t.Log(expiration.Contains([]byte{'a', 'b', 'c'})) } + { + expiration.Add([]byte{'a', 'b', 'c'}, time.Now().Add(1*time.Second)) + t.Log(expiration.Contains([]byte{'a', 'b', 'c'})) + } + { + expiration.Add([]byte{'a', 'b', 'c'}, time.Time{}) + t.Log(expiration.Contains([]byte{'a', 'b', 'c'})) + } { expiration.Add([]byte{'a', 'b', 'c'}, time.Now().Add(-1*time.Second)) t.Log(expiration.Contains([]byte{'a', 'b', 'c'}))