优化连接关闭速度

internal/nodes/client_conn.go

@@ -48,11 +48,13 @@ type ClientConn struct {
 	isClosed bool
 }
 
-func NewClientConn(conn net.Conn) net.Conn {
-	tcpConn, ok := conn.(*net.TCPConn)
-	if ok {
-		// TODO 可以设置此值
-		_ = tcpConn.SetLinger(0)
+func NewClientConn(conn net.Conn, quickClose bool) net.Conn {
+	if quickClose {
+		tcpConn, ok := conn.(*net.TCPConn)
+		if ok {
+			// TODO 可以设置此值
+			_ = tcpConn.SetLinger(0)
+		}
 	}
 
 	return &ClientConn{rawConn: conn}

internal/nodes/client_conn_utils.go

@@ -0,0 +1,22 @@
+// Copyright 2021 Liuxiangchao iwind.liu@gmail.com. All rights reserved.
+
+package nodes
+
+import (
+	"net"
+)
+
+// 判断客户端连接是否已关闭
+func isClientConnClosed(conn net.Conn) bool {
+	if conn == nil {
+		return true
+	}
+	clientConn, ok := conn.(*ClientConn)
+	if ok {
+		return clientConn.IsClosed()
+	}
+
+	// TODO 解决tls.Conn无法获取底层连接对象的问题
+
+	return false
+}

internal/nodes/client_listener.go

@@ -11,10 +11,14 @@ import (
 // ClientListener 客户端网络监听
 type ClientListener struct {
 	rawListener net.Listener
+	quickClose  bool
 }
 
-func NewClientListener(listener net.Listener) net.Listener {
-	return &ClientListener{rawListener: listener}
+func NewClientListener(listener net.Listener, quickClose bool) net.Listener {
+	return &ClientListener{
+		rawListener: listener,
+		quickClose:  quickClose,
+	}
 }
 
 func (this *ClientListener) Accept() (net.Conn, error) {
@@ -25,15 +29,20 @@ func (this *ClientListener) Accept() (net.Conn, error) {
 	// 是否在WAF名单中
 	ip, _, err := net.SplitHostPort(conn.RemoteAddr().String())
 	if err == nil {
-		if !waf.SharedIPWhiteList.Contains(waf.IPTypeAll, firewallconfigs.FirewallScopeGlobal, 0, ip) && waf.SharedIPBlackList.Contains(waf.IPTypeAll, firewallconfigs.FirewallScopeGlobal, 0, ip) {
-			defer func() {
-				_ = conn.Close()
-			}()
-			return conn, nil
+		if !waf.SharedIPWhiteList.Contains(waf.IPTypeAll, firewallconfigs.FirewallScopeGlobal, 0, ip) &&
+			waf.SharedIPBlackList.Contains(waf.IPTypeAll, firewallconfigs.FirewallScopeGlobal, 0, ip) {
+
+			tcpConn, ok := conn.(*net.TCPConn)
+			if ok {
+				_ = tcpConn.SetLinger(0)
+			}
+
+			_ = conn.Close()
+			return this.Accept()
 		}
 	}
 
-	return NewClientConn(conn), nil
+	return NewClientConn(conn, this.quickClose), nil
 }
 
 func (this *ClientListener) Close() error {

internal/nodes/http_request_waf.go

@@ -20,22 +20,18 @@ func (this *HTTPRequest) doWAFRequest() (blocked bool) {
 	// 当前连接是否已关闭
 	var conn = this.RawReq.Context().Value(HTTPConnContextKey)
 	if conn != nil {
-		trafficConn, ok := conn.(*ClientConn)
-		if ok && trafficConn.IsClosed() {
+		if isClientConnClosed(conn.(net.Conn)) {
 			this.disableLog = true
 			return true
 		}
 	}
 
 	// 检查是否在临时黑名单中
-	if waf.SharedIPBlackList.Contains(waf.IPTypeAll, firewallconfigs.FirewallScopeService, this.Server.Id, this.WAFRemoteIP()) {
+	var remoteAddr = this.WAFRemoteIP()
+	if waf.SharedIPBlackList.Contains(waf.IPTypeAll, firewallconfigs.FirewallScopeService, this.Server.Id, remoteAddr) || waf.SharedIPBlackList.Contains(waf.IPTypeAll, firewallconfigs.FirewallScopeGlobal, 0, remoteAddr) {
 		this.disableLog = true
-
 		if conn != nil {
-			trafficConn, ok := conn.(*ClientConn)
-			if ok && !trafficConn.IsClosed() {
-				_ = trafficConn.Close()
-			}
+			_ = conn.(net.Conn).Close()
 		}
 
 		return true

internal/nodes/listener.go

@@ -59,7 +59,7 @@ func (this *Listener) listenTCP() error {
 	if err != nil {
 		return err
 	}
-	netListener = NewClientListener(netListener)
+	netListener = NewClientListener(netListener, protocol.IsHTTPFamily() || protocol.IsHTTPSFamily())
 	events.On(events.EventQuit, func() {
 		remotelogs.Println("LISTENER", "quit "+this.group.FullAddr())
 		_ = netListener.Close()