From e36b214cf07e299498ab487a3cd661c8cbc989e3 Mon Sep 17 00:00:00 2001 From: GoEdgeLab Date: Fri, 5 Nov 2021 14:39:08 +0800 Subject: [PATCH] =?UTF-8?q?=E4=BF=AE=E5=A4=8Dfirewalld=E6=97=A0=E6=B3=95?= =?UTF-8?q?=E5=88=A0=E9=99=A4=E8=A7=84=E5=88=99=E7=9A=84Bug?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- internal/iplibrary/action_firewalld.go | 12 +++++++----- internal/iplibrary/action_ipset.go | 2 +- 2 files changed, 8 insertions(+), 6 deletions(-) diff --git a/internal/iplibrary/action_firewalld.go b/internal/iplibrary/action_firewalld.go index 866f898..c57148d 100644 --- a/internal/iplibrary/action_firewalld.go +++ b/internal/iplibrary/action_firewalld.go @@ -11,7 +11,7 @@ import ( "time" ) -// Firewalld动作管理 +// FirewalldAction Firewalld动作管理 // 常用命令: // - 查询列表: firewall-cmd --list-all // - 添加IP:firewall-cmd --add-rich-rule="rule family='ipv4' source address='192.168.2.32' reject" --timeout=30s @@ -126,10 +126,12 @@ func (this *FirewalldAction) runActionSingleIP(action string, listType IPListTyp } args := []string{opt} - if item.ExpiredAt > timestamp { - args = append(args, "--timeout="+fmt.Sprintf("%d", item.ExpiredAt-timestamp)+"s") - } else { - // TODO 思考是否需要permanent,不然--reload之后会丢失 + if action == "addItem" { + if item.ExpiredAt > timestamp { + args = append(args, "--timeout="+fmt.Sprintf("%d", item.ExpiredAt-timestamp)+"s") + } else { + // TODO 思考是否需要permanent,不然--reload之后会丢失 + } } if runtime.GOOS == "darwin" { diff --git a/internal/iplibrary/action_ipset.go b/internal/iplibrary/action_ipset.go index e6b76b3..1110f75 100644 --- a/internal/iplibrary/action_ipset.go +++ b/internal/iplibrary/action_ipset.go @@ -11,7 +11,7 @@ import ( "time" ) -// IPSet动作 +// IPSetAction IPSet动作 // 相关命令: // - 利用Firewalld管理set: // - 添加:firewall-cmd --permanent --new-ipset=edge_ip_list --type=hash:ip --option="timeout=0"