From cbdf7304811eb1cbe18f719284f6dbbba4db34bd Mon Sep 17 00:00:00 2001 From: wsczx Date: Fri, 23 Aug 2024 17:57:32 +0800 Subject: [PATCH 01/10] =?UTF-8?q?=E4=BF=AE=E5=A4=8D=E6=9B=B4=E6=8D=A2?= =?UTF-8?q?=E8=87=AA=E5=AE=9A=E4=B9=89=E9=A6=96=E9=A1=B5=E7=8A=B6=E6=80=81?= =?UTF-8?q?=E7=A0=81=E4=B8=8D=E7=94=9F=E6=95=88=E7=9A=84Bug?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- server/handler/link_home.go | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/server/handler/link_home.go b/server/handler/link_home.go index f79e717c..8edb86d9 100644 --- a/server/handler/link_home.go +++ b/server/handler/link_home.go @@ -28,11 +28,11 @@ func LinkHome(w http.ResponseWriter, r *http.Request) { return } - if index.Homecode > 0 { + if index.Homecode != http.StatusOK { w.WriteHeader(index.Homecode) - } else { - w.WriteHeader(http.StatusOK) + return } + w.WriteHeader(http.StatusOK) // if index.Homeindex == "" { // index.Homeindex = "AnyLink 是一个企业级远程办公 SSL VPN 软件,可以支持多人同时在线使用。" From 7160c3cab7f3563f10e0e4cb44f804f2b80a5c36 Mon Sep 17 00:00:00 2001 From: wsczx Date: Fri, 30 Aug 2024 19:33:27 +0800 Subject: [PATCH 02/10] =?UTF-8?q?=E9=82=AE=E4=BB=B6=E6=A8=A1=E6=9D=BF?= =?UTF-8?q?=E4=B8=AD=E5=A2=9E=E5=8A=A0LimitTime=E8=BF=87=E6=9C=9F=E6=97=B6?= =?UTF-8?q?=E9=97=B4=E5=AD=97=E6=AE=B5?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- server/admin/api_user.go | 8 ++++++++ server/dbdata/db.go | 1 + 2 files changed, 9 insertions(+) diff --git a/server/admin/api_user.go b/server/admin/api_user.go index 80a56934..19a56f90 100644 --- a/server/admin/api_user.go +++ b/server/admin/api_user.go @@ -220,6 +220,7 @@ type userAccountMailData struct { Username string Nickname string PinCode string + LimitTime string OtpImg string OtpImgBase64 string DisableOtp bool @@ -276,6 +277,13 @@ func userAccountMail(user *dbdata.User) error { OtpImgBase64: "data:image/png;base64," + otpData, DisableOtp: user.DisableOtp, } + + if user.LimitTime == nil { + data.LimitTime = "无限制" + } else { + data.LimitTime = user.LimitTime.Local().Format("2006-01-02") + } + w := bytes.NewBufferString("") t, _ := template.New("auth_complete").Parse(htmlBody) err = t.Execute(w, data) diff --git a/server/dbdata/db.go b/server/dbdata/db.go index c59d6618..15d9b013 100644 --- a/server/dbdata/db.go +++ b/server/dbdata/db.go @@ -184,6 +184,7 @@ const accountMail = `

您好:

用户组: {{.Group}}
用户名: {{.Username}}
用户PIN码: {{.PinCode}}
+ 用户过期时间: {{.LimitTime}}
{{if .DisableOtp}} {{else}} From 415f312f409bf1ecb36b837793b71e4153826172 Mon Sep 17 00:00:00 2001 From: bjdgyc Date: Tue, 3 Sep 2024 17:55:19 +0800 Subject: [PATCH 03/10] =?UTF-8?q?=E5=8D=87=E7=BA=A7go=E7=89=88=E6=9C=AC=20?= =?UTF-8?q?=20=E6=B7=BB=E5=8A=A0acl=E5=8D=8F=E8=AE=AE=E6=94=AF=E6=8C=81?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- README.md | 2 +- build_docker.sh | 2 ++ build_test.sh | 3 ++- docker/Dockerfile | 3 ++- docker/init_release.sh | 8 ++++++-- server/dbdata/db.go | 2 +- server/dbdata/group.go | 32 ++++++++++++++++++++++++-------- server/dbdata/policy.go | 2 +- server/dbdata/tables.go | 8 ++++---- server/go.mod | 2 +- server/go.sum | 23 +++++++++++++++++++++++ server/handler/link_tunnel.go | 2 +- server/handler/payload.go | 17 ++++++++++++----- version | 2 +- web/src/pages/group/List.vue | 15 +++++++++++---- 15 files changed, 92 insertions(+), 31 deletions(-) diff --git a/README.md b/README.md index fa363445..0fce86ed 100644 --- a/README.md +++ b/README.md @@ -453,7 +453,7 @@ ipv4_end = "10.1.2.200" - [三方文档-男孩的天职](https://note.youdao.com/s/X4AxyWfL) - [三方文档-issues](https://github.com/bjdgyc/anylink/issues) - [三方文档-思有云](https://www.ioiox.com/archives/128.html) -- [三方文档-杨杨得亿](https://yangpin.link/archives/1633.html) [Windows电脑连接步骤-杨杨得亿](https://yangpin.link/archives/1697.html) +- [三方文档-杨杨得亿](https://yangpin.link/archives/1897.html) [Windows电脑连接步骤-杨杨得亿](https://yangpin.link/archives/1697.html) ## Support Client diff --git a/build_docker.sh b/build_docker.sh index 8e286135..8a9701e8 100644 --- a/build_docker.sh +++ b/build_docker.sh @@ -19,3 +19,5 @@ echo "docker tag latest $ver" docker tag bjdgyc/anylink:latest bjdgyc/anylink:$ver +# docker tag bjdgyc/anylink:$ver registry.cn-hangzhou.aliyuncs.com/bjdgyc/anylink:test-$ver +# docker push registry.cn-hangzhou.aliyuncs.com/bjdgyc/anylink:test-$ver diff --git a/build_test.sh b/build_test.sh index 5ac0f01f..ff063fd8 100644 --- a/build_test.sh +++ b/build_test.sh @@ -42,9 +42,10 @@ go build -v -o anylink $flags -ldflags "$ldflags" EOF ) +# golang:1.20-alpine3.19 #使用 musl-dev 编译 docker run -q --rm -v $PWD/server:/app -v $gopath:/go -w /app --platform=linux/amd64 \ - golang:1.20-alpine3.19 sh -c "$dockercmd" + golang:1.22-alpine3.19 sh -c "$dockercmd" #arm64编译 #docker run -q --rm -v $PWD/server:/app -v $gopath:/go -w /app --platform=linux/arm64 \ diff --git a/docker/Dockerfile b/docker/Dockerfile index cb66a2ca..909e352c 100644 --- a/docker/Dockerfile +++ b/docker/Dockerfile @@ -13,7 +13,8 @@ # 需要先编译出ui文件后 再执行docker编译 # server -FROM golang:1.20-alpine3.19 as builder_golang +# golang:1.20-alpine3.19 +FROM golang:1.22-alpine3.19 as builder_golang ARG CN="no" ARG appVer="appVer" diff --git a/docker/init_release.sh b/docker/init_release.sh index cbb42c11..1d2df885 100644 --- a/docker/init_release.sh +++ b/docker/init_release.sh @@ -9,12 +9,16 @@ if [[ $CN == "yes" ]]; then export GOPROXY=https://goproxy.cn fi + +# docker 启动使用 4.19 以上内核 +apk add --no-cache ca-certificates bash iproute2 tzdata iptables + # alpine:3.19 兼容老版 iptables -apk add --no-cache iptables iptables-legacy +apk add --no-cache iptables-legacy rm /sbin/iptables ln -s /sbin/iptables-legacy /sbin/iptables -apk add --no-cache ca-certificates bash iproute2 tzdata + chmod +x /app/docker_entrypoint.sh mkdir /app/log diff --git a/server/dbdata/db.go b/server/dbdata/db.go index c59d6618..dae957c5 100644 --- a/server/dbdata/db.go +++ b/server/dbdata/db.go @@ -147,7 +147,7 @@ func addInitData() error { Name: "all", AllowLan: true, ClientDns: []ValData{{Val: "114.114.114.114"}}, - RouteInclude: []ValData{{Val: All}}, + RouteInclude: []ValData{{Val: ALL}}, Status: 1, } err = SetGroup(&g1) diff --git a/server/dbdata/group.go b/server/dbdata/group.go index b4f3bfae..0d2f8220 100644 --- a/server/dbdata/group.go +++ b/server/dbdata/group.go @@ -10,6 +10,7 @@ import ( "time" "github.com/bjdgyc/anylink/base" + "github.com/songgao/water/waterutil" "golang.org/x/text/language" "golang.org/x/text/message" ) @@ -17,7 +18,10 @@ import ( const ( Allow = "allow" Deny = "deny" - All = "all" + ALL = "all" + TCP = "tcp" + UDP = "udp" + ICMP = "icmp" ) // 域名分流最大字符2万 @@ -25,12 +29,14 @@ const DsMaxLen = 20000 type GroupLinkAcl struct { // 自上而下匹配 默认 allow * * - Action string `json:"action"` // allow、deny - Val string `json:"val"` - Port string `json:"port"` // 兼容单端口历史数据类型uint16 - Ports map[uint16]int8 `json:"ports"` - IpNet *net.IPNet `json:"ip_net"` - Note string `json:"note"` + Action string `json:"action"` // allow、deny + Protocol string `json:"protocol"` // 支持 ALL、TCP、UDP、ICMP 协议 + IpProto waterutil.IPProtocol `json:"ip_protocol"` // 判断协议使用 + Val string `json:"val"` + Port string `json:"port"` // 兼容单端口历史数据类型uint16 + Ports map[uint16]int8 `json:"ports"` + IpNet *net.IPNet `json:"ip_net"` + Note string `json:"note"` } type ValData struct { @@ -114,7 +120,7 @@ func SetGroup(g *Group) error { routeInclude := []ValData{} for _, v := range g.RouteInclude { if v.Val != "" { - if v.Val == All { + if v.Val == ALL { routeInclude = append(routeInclude, v) continue } @@ -164,6 +170,16 @@ func SetGroup(g *Group) error { } v.IpNet = ipNet + // 设置协议数据 + switch v.Protocol { + case TCP: + v.IpProto = waterutil.TCP + case UDP: + v.IpProto = waterutil.UDP + case ICMP: + v.IpProto = waterutil.ICMP + } + portsStr := v.Port v.Port = strings.TrimSpace(portsStr) // switch vp := v.Port.(type) { diff --git a/server/dbdata/policy.go b/server/dbdata/policy.go index e2e3b7be..a7594b05 100644 --- a/server/dbdata/policy.go +++ b/server/dbdata/policy.go @@ -27,7 +27,7 @@ func SetPolicy(p *Policy) error { routeInclude := []ValData{} for _, v := range p.RouteInclude { if v.Val != "" { - if v.Val == All { + if v.Val == ALL { routeInclude = append(routeInclude, v) continue } diff --git a/server/dbdata/tables.go b/server/dbdata/tables.go index 7ba82a62..7c2e8cfd 100644 --- a/server/dbdata/tables.go +++ b/server/dbdata/tables.go @@ -67,12 +67,12 @@ type Setting struct { type AccessAudit struct { Id int `json:"id" xorm:"pk autoincr not null"` Username string `json:"username" xorm:"varchar(60) not null"` - Protocol uint8 `json:"protocol" xorm:"not null"` + Protocol uint8 `json:"protocol" xorm:"Int not null"` Src string `json:"src" xorm:"varchar(60) not null"` - SrcPort uint16 `json:"src_port" xorm:"not null"` + SrcPort uint16 `json:"src_port" xorm:"Int not null"` Dst string `json:"dst" xorm:"varchar(60) not null"` - DstPort uint16 `json:"dst_port" xorm:"not null"` - AccessProto uint8 `json:"access_proto" xorm:"default 0"` // 访问协议 + DstPort uint16 `json:"dst_port" xorm:"Int not null"` + AccessProto uint8 `json:"access_proto" xorm:"Int default 0"` // 访问协议 Info string `json:"info" xorm:"varchar(255) not null default ''"` // 详情 CreatedAt time.Time `json:"created_at" xorm:"DateTime"` } diff --git a/server/go.mod b/server/go.mod index 96916424..67cbe084 100644 --- a/server/go.mod +++ b/server/go.mod @@ -1,6 +1,6 @@ module github.com/bjdgyc/anylink -go 1.20 +go 1.22 require ( github.com/arl/statsviz v0.6.0 diff --git a/server/go.sum b/server/go.sum index 4a5d1f76..45731525 100644 --- a/server/go.sum +++ b/server/go.sum @@ -25,11 +25,14 @@ github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc/go.mod h1:J7Y8Yc github.com/deckarep/golang-set v1.8.0 h1:sk9/l/KqpunDwP7pSjUg0keiOOLEnOBHzykLrsPppp4= github.com/deckarep/golang-set v1.8.0/go.mod h1:5nI87KwE7wgsBU1F4GKAw2Qod7p5kyS383rP6+o6qqo= github.com/dustin/go-humanize v1.0.0 h1:VSnTsYCnlFHaM2/igO1h6X3HA71jcobQuxemgkq4zYo= +github.com/dustin/go-humanize v1.0.0/go.mod h1:HtrtbFcZ19U5GC7JDqmcUSB87Iq5E25KnS6fMYU6eOk= github.com/fatih/color v1.14.1 h1:qfhVLaG5s+nCROl1zJsZRxFeYrHLqWroPOQ8BWiNb4w= +github.com/fatih/color v1.14.1/go.mod h1:2oHN61fhTpgcxD3TSWCgKDiH1+x4OiDVVGH8WlgGZGg= github.com/felixge/httpsnoop v1.0.4 h1:NFTV2Zj1bL4mc9sqWACXbQFVBBg2W3GPvqp8/ESS2Wg= github.com/felixge/httpsnoop v1.0.4/go.mod h1:m8KPJKqk1gH5J9DgRY2ASl2lWCfGKXixSwevea8zH2U= github.com/fogleman/gg v1.2.1-0.20190220221249-0403632d5b90/go.mod h1:R/bRT+9gY/C5z7JzPU0zXsXHKM4/ayA+zqcVNZzPa1k= github.com/frankban/quicktest v1.14.6 h1:7Xjx+VpznH+oBnejlPUj8oUpdxnVs4f8XU8WnHkI4W8= +github.com/frankban/quicktest v1.14.6/go.mod h1:4ptaffx2x8+WTWXmUCuVU6aPUX1/Mz7zb5vbUoiM6w0= github.com/fsnotify/fsnotify v1.4.7/go.mod h1:jwhsz4b93w/PPRr/qN1Yymfu8t87LnFCMoQvtojpjFo= github.com/fsnotify/fsnotify v1.7.0 h1:8JEhPFa5W2WU7YfeZzPNqzMP6Lwt7L2715Ggo0nosvA= github.com/fsnotify/fsnotify v1.7.0/go.mod h1:40Bi/Hjc2AVfZrqy+aj+yEI+/bRxZnMJyTJwOpGvigM= @@ -65,6 +68,7 @@ github.com/google/go-cmp v0.5.2/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/ github.com/google/go-cmp v0.5.4/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= github.com/google/go-cmp v0.5.9/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY= github.com/google/go-cmp v0.6.0 h1:ofyhxvXcZhMsU5ulbFiLKl/XBFqE1GSq7atu8tAmTRI= +github.com/google/go-cmp v0.6.0/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY= github.com/google/go-querystring v1.1.0 h1:AnCroh3fv4ZBgVIf1Iwtovgjaw/GiKJo8M8yD/fhyJ8= github.com/google/go-querystring v1.1.0/go.mod h1:Kcdr2DB4koayq7X8pmAG4sNG59So17icRSOU623lUBU= github.com/google/gofuzz v1.0.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg= @@ -83,6 +87,7 @@ github.com/hashicorp/go-cleanhttp v0.5.2 h1:035FKYIWjmULyFRBKPs8TBQoi0x6d9G4xc9n github.com/hashicorp/go-cleanhttp v0.5.2/go.mod h1:kO/YDlP8L1346E6Sodw+PrpBSV4/SoxCXGY6BqNFT48= github.com/hashicorp/go-hclog v0.9.2/go.mod h1:5CU+agLiy3J7N7QjHK5d05KxGsuXiQLrjA0H7acj2lQ= github.com/hashicorp/go-hclog v1.5.0 h1:bI2ocEMgcVlz55Oj1xZNBsVi900c7II+fWDyV9o+13c= +github.com/hashicorp/go-hclog v1.5.0/go.mod h1:W4Qnvbt70Wk/zYJryRzDRU/4r0kIg0PVHBcfoyhpF5M= github.com/hashicorp/go-retryablehttp v0.7.5 h1:bJj+Pj19UZMIweq/iie+1u5YCdGrnxCT9yvm0e+Nd5M= github.com/hashicorp/go-retryablehttp v0.7.5/go.mod h1:Jy/gPYAdjqffZ/yFGCFV2doI5wjtH1ewM9u8iYVjtX8= github.com/hashicorp/hcl v1.0.0 h1:0Anlzjpi4vEasTeNFn2mLJgTSwt0+6sfsiTG8qcWGx4= @@ -103,10 +108,12 @@ github.com/json-iterator/go v1.1.12 h1:PV8peI4a0ysnczrg+LtxykD8LfKY9ML6u2jnxaEnr github.com/json-iterator/go v1.1.12/go.mod h1:e30LSqwooZae/UwlEbR2852Gd8hjQvJoHmT4TnhNGBo= github.com/jung-kurt/gofpdf v1.0.3-0.20190309125859-24315acbbda5/go.mod h1:7Id9E/uU8ce6rXgefFLlgrJj/GYY22cpxn+r32jIOes= github.com/kballard/go-shellquote v0.0.0-20180428030007-95032a82bc51 h1:Z9n2FFNUXsshfwJMBgNA0RU6/i7WVaAegv3PtuIHPMs= +github.com/kballard/go-shellquote v0.0.0-20180428030007-95032a82bc51/go.mod h1:CzGEWj7cYgsdH8dAjBGEr58BoE7ScuLd+fwFZ44+/x8= github.com/kr/pretty v0.1.0/go.mod h1:dAy3ld7l9f0ibDNOQOHHMYYIIbhfbHSm3C4ZsoJORNo= github.com/kr/pretty v0.2.1/go.mod h1:ipq/a2n7PKx3OHsz4KJII5eveXtPO4qwEXGdVfWzfnI= github.com/kr/pretty v0.3.0/go.mod h1:640gp4NfQd8pI5XOwp5fnNeVWj67G7CFk/SaSQn7NBk= github.com/kr/pretty v0.3.1 h1:flRD4NNwYAUpkphVc1HcthR4KEIFJ65n8Mw5qdRn3LE= +github.com/kr/pretty v0.3.1/go.mod h1:hoEshYVHaxMs3cyo3Yncou5ZscifuDolrwPKZanG3xk= github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ= github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI= github.com/kr/text v0.2.0 h1:5Nx0Ya0ZqY2ygV366QzturHI13Jq95ApcVaJBhpS+AY= @@ -118,7 +125,9 @@ github.com/lib/pq v1.10.9/go.mod h1:AlVN5x4E4T544tWzH6hKfbfQvm3HdbOxrmggDNAPY9o= github.com/magiconair/properties v1.8.7 h1:IeQXZAiQcpL9mgcAe1Nu6cX9LLw6ExEHKjN0VQdvPDY= github.com/magiconair/properties v1.8.7/go.mod h1:Dhd985XPs7jluiymwWYZ0G4Z61jb3vdS329zhj2hYo0= github.com/mattn/go-colorable v0.1.13 h1:fFA4WZxdEF4tXPZVKMLwD8oUnCTTo08duU7wxecdEvA= +github.com/mattn/go-colorable v0.1.13/go.mod h1:7S9/ev0klgBDR4GtXTXX8a3vIGJpMovkB8vQcUbaXHg= github.com/mattn/go-isatty v0.0.20 h1:xfD0iDuEKnDkl03q4limB+vH+GxLEtL/jb4xVJSWWEY= +github.com/mattn/go-isatty v0.0.20/go.mod h1:W+V8PltTTMOvKvAeJH7IuucS94S2C6jfK/D7dTCTo3Y= github.com/mattn/go-sqlite3 v1.14.22 h1:2gZY6PC6kBnID23Tichd1K+Z0oS6nE/XwU+Vz/5o4kU= github.com/mattn/go-sqlite3 v1.14.22/go.mod h1:Uh1q+B4BYcTPb+yiD3kU8Ct7aC0hY9fxUwlHK0RXw+Y= github.com/miekg/dns v1.1.58 h1:ca2Hdkz+cDg/7eNF6V56jjzuZ4aCAE+DbVkILdQWG/4= @@ -160,6 +169,7 @@ github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZN github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2 h1:Jamvg5psRIccs7FGNTlIRMkT8wgtp5eCXdBlqhYGL6U= github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= github.com/remyoudompheng/bigfft v0.0.0-20200410134404-eec4a21b6bb0 h1:OdAsTTz6OkFY5QxjkYwrChwuRruF69c169dPK26NUlk= +github.com/remyoudompheng/bigfft v0.0.0-20200410134404-eec4a21b6bb0/go.mod h1:qqbHyh8v60DhA7CoWK5oRCqLrMHRGoxYCSS9EjAz6Eo= github.com/richardlehane/mscfb v1.0.4 h1:WULscsljNPConisD5hR0+OyZjwK46Pfyr6mPu5ZawpM= github.com/richardlehane/mscfb v1.0.4/go.mod h1:YzVpcZg9czvAuhk9T+a3avCpcFPMUWm7gK3DypaEsUk= github.com/richardlehane/msoleps v1.0.1/go.mod h1:BWev5JBpU9Ko2WAgmZEuiz4/u3ZYTKbjLycmwiWUfWg= @@ -170,6 +180,7 @@ github.com/robfig/cron/v3 v3.0.1/go.mod h1:eQICP3HwyT7UooqI/z+Ov+PtYAWygg1TEWWzG github.com/rogpeppe/go-internal v1.6.1/go.mod h1:xXDCJY+GAPziupqXw64V24skbSoqbTEfhy4qGm1nDQc= github.com/rogpeppe/go-internal v1.8.1/go.mod h1:JeRgkft04UBgHMgCIwADu4Pn6Mtm5d4nPKWu0nJ5d+o= github.com/rogpeppe/go-internal v1.11.0 h1:cWPaGQEPrBb5/AsnsZesgZZ9yb1OQ+GOISoDNXVBh4M= +github.com/rogpeppe/go-internal v1.11.0/go.mod h1:ddIwULY96R17DhadqLgMfk9H9tvdUzkipdSkR5nkCZA= github.com/russross/blackfriday/v2 v2.1.0/go.mod h1:+Rmxgy9KzJVeS9/2gXHxylqXiyQDYRxCVz55jmeOWTM= github.com/sagikazarmark/locafero v0.4.0 h1:HApY1R9zGo4DBgr7dqsTH/JJxLTTsOt7u6keLGt6kNQ= github.com/sagikazarmark/locafero v0.4.0/go.mod h1:Pe1W6UlPYUk/+wc/6KFhbORCfqzgYEpgQ3O5fPuL3H4= @@ -264,6 +275,7 @@ golang.org/x/image v0.0.0-20180708004352-c73c2afc3b81/go.mod h1:ux5Hcp/YLpHSI86h golang.org/x/image v0.0.0-20190227222117-0694c2d4d067/go.mod h1:kZ7UVZpmo3dzQBMxlp+ypCbDeSB+sBbTgSJuh5dn5js= golang.org/x/image v0.0.0-20190802002840-cff245a6509b/go.mod h1:FeLwcggjj3mMvU+oOTbSwawSJRM1uh48EjtB4UJZlP0= golang.org/x/image v0.14.0 h1:tNgSxAFe3jC4uYqvZdTr84SZoM1KfwdC9SKIFrLjFn4= +golang.org/x/image v0.14.0/go.mod h1:HUYqC05R2ZcZ3ejNQsIHQDQiwWM4JBqmm6MKANTp4LE= golang.org/x/lint v0.0.0-20200302205851-738671d3881b/go.mod h1:3xt1FjdF8hUf6vQPIChWIBhFzV8gjjsPE/fR3IyQdNY= golang.org/x/mobile v0.0.0-20190719004257-d2bd2a29d028/go.mod h1:E/iHnbuqvinMTCcRqshq8CkpyQDoeVncDDYHnLhea+o= golang.org/x/mod v0.1.0/go.mod h1:0QHyrYULN0/3qlju5TqG8bIK38QM8yzMo5ekMj3DlcY= @@ -363,6 +375,7 @@ gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7/go.mod h1:dt/ZhP58zS4L8KSrWD gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= gopkg.in/yaml.v2 v2.4.0 h1:D8xgwECY7CYvx+Y2n4sBz93Jn9JRvxdiyyo8CTfuKaY= +gopkg.in/yaml.v2 v2.4.0/go.mod h1:RDklbk79AGWmwhnvt/jBztapEOGDOx6ZbXqjP6csGnQ= gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= gopkg.in/yaml.v3 v3.0.0/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA= @@ -370,15 +383,25 @@ gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= layeh.com/radius v0.0.0-20231213012653-1006025d24f8 h1:orYXpi6BJZdvgytfHH4ybOe4wHnLbbS71Cmd8mWdZjs= layeh.com/radius v0.0.0-20231213012653-1006025d24f8/go.mod h1:QRf+8aRqXc019kHkpcs/CTgyWXFzf+bxlsyuo2nAl1o= lukechampine.com/uint128 v1.2.0 h1:mBi/5l91vocEN8otkC5bDLhi2KdCticRiwbdB0O+rjI= +lukechampine.com/uint128 v1.2.0/go.mod h1:c4eWIwlEGaxC/+H1VguhU4PHXNWDCDMUlWdIWl2j1gk= modernc.org/cc/v3 v3.40.0 h1:P3g79IUS/93SYhtoeaHW+kRCIrYaxJ27MFPv+7kaTOw= +modernc.org/cc/v3 v3.40.0/go.mod h1:/bTg4dnWkSXowUO6ssQKnOV0yMVxDYNIsIrzqTFDGH0= modernc.org/ccgo/v3 v3.16.13 h1:Mkgdzl46i5F/CNR/Kj80Ri59hC8TKAhZrYSaqvkwzUw= +modernc.org/ccgo/v3 v3.16.13/go.mod h1:2Quk+5YgpImhPjv2Qsob1DnZ/4som1lJTodubIcoUkY= modernc.org/libc v1.22.2 h1:4U7v51GyhlWqQmwCHj28Rdq2Yzwk55ovjFrdPjs8Hb0= +modernc.org/libc v1.22.2/go.mod h1:uvQavJ1pZ0hIoC/jfqNoMLURIMhKzINIWypNM17puug= modernc.org/mathutil v1.5.0 h1:rV0Ko/6SfM+8G+yKiyI830l3Wuz1zRutdslNoQ0kfiQ= +modernc.org/mathutil v1.5.0/go.mod h1:mZW8CKdRPY1v87qxC/wUdX5O1qDzXMP5TH3wjfpga6E= modernc.org/memory v1.4.0 h1:crykUfNSnMAXaOJnnxcSzbUGMqkLWjklJKkBK2nwZwk= +modernc.org/memory v1.4.0/go.mod h1:PkUhL0Mugw21sHPeskwZW4D6VscE/GQJOnIpCnW6pSU= modernc.org/opt v0.1.3 h1:3XOZf2yznlhC+ibLltsDGzABUGVx8J6pnFMS3E4dcq4= +modernc.org/opt v0.1.3/go.mod h1:WdSiB5evDcignE70guQKxYUl14mgWtbClRi5wmkkTX0= modernc.org/sqlite v1.20.4 h1:J8+m2trkN+KKoE7jglyHYYYiaq5xmz2HoHJIiBlRzbE= +modernc.org/sqlite v1.20.4/go.mod h1:zKcGyrICaxNTMEHSr1HQ2GUraP0j+845GYw37+EyT6A= modernc.org/strutil v1.1.3 h1:fNMm+oJklMGYfU9Ylcywl0CO5O6nTfaowNsh2wpPjzY= +modernc.org/strutil v1.1.3/go.mod h1:MEHNA7PdEnEwLvspRMtWTNnp2nnyvMfkimT1NKNAGbw= modernc.org/token v1.0.1 h1:A3qvTqOwexpfZZeyI0FeGPDlSWX5pjZu9hF4lU+EKWg= +modernc.org/token v1.0.1/go.mod h1:UGzOrNV1mAFSEB63lOFHIpNRUVMvYTc6yu1SMY/XTDM= rsc.io/pdf v0.1.1/go.mod h1:n8OzWcQ6Sp37PL01nO98y4iUCRdTGarVfzxY20ICaU4= xorm.io/builder v0.3.13 h1:a3jmiVVL19psGeXx8GIurTp7p0IIgqeDmwhcR6BAOAo= xorm.io/builder v0.3.13/go.mod h1:aUW0S9eb9VCaPohFCH3j7czOx1PMW3i1HrSzbLYGBSE= diff --git a/server/handler/link_tunnel.go b/server/handler/link_tunnel.go index cf618b05..a4f1b214 100644 --- a/server/handler/link_tunnel.go +++ b/server/handler/link_tunnel.go @@ -138,7 +138,7 @@ func LinkTunnel(w http.ResponseWriter, r *http.Request) { // 允许的路由 for _, v := range cSess.Group.RouteInclude { - if strings.ToLower(v.Val) == dbdata.All { + if strings.ToLower(v.Val) == dbdata.ALL { continue } HttpAddHeader(w, "X-CSTP-Split-Include", v.IpMask) diff --git a/server/handler/payload.go b/server/handler/payload.go index 2356ec5b..3eeefd04 100644 --- a/server/handler/payload.go +++ b/server/handler/payload.go @@ -102,11 +102,18 @@ func checkLinkAcl(group *dbdata.Group, pl *sessdata.Payload) bool { // } // } else { - if dbdata.ContainsInPorts(v.Ports, ipPort) || dbdata.ContainsInPorts(v.Ports, 0) || ipProto == waterutil.ICMP { - if v.Action == dbdata.Allow { - return true - } else { - return false + // 先判断协议 + // 兼容旧数据 v.Protocol == "" + if v.Protocol == "" || v.Protocol == dbdata.ALL || v.IpProto == ipProto { + // 全部通过 + if dbdata.ContainsInPorts(v.Ports, ipPort) || dbdata.ContainsInPorts(v.Ports, 0) { + if v.Action == dbdata.Allow { + // log.Println(dbdata.Allow, v.Ports) + return true + } else { + // log.Println(dbdata.Deny, v.Ports) + return false + } } } } diff --git a/version b/version index aac2daca..ed0d9e99 100644 --- a/version +++ b/version @@ -1 +1 @@ -0.12.1 \ No newline at end of file +0.13.1 \ No newline at end of file diff --git a/web/src/pages/group/List.vue b/web/src/pages/group/List.vue index 38b94f80..1d117423 100644 --- a/web/src/pages/group/List.vue +++ b/web/src/pages/group/List.vue @@ -401,7 +401,8 @@ 输入CIDR格式如: 192.168.3.0/24 - 端口0表示所有端口,多个端口用','号分隔,连续端口:1234-5678 + 协议支持 all,tcp,udp,icmp + 端口0表示所有端口,多个端口:80,443,连续端口:1234-5678 - + + + + + + - + + @@ -692,7 +699,7 @@ export default { }, addDomain(arr) { console.log("arr", arr) - arr.push({val: "", action: "allow", port: "0", note: ""}); + arr.push({protocol:"all", val: "", action: "allow", port: "0", note: ""}); }, submitForm(formName) { this.$refs[formName].validate((valid) => { From 5b498cbc591d2a293852a862c1f97fece059261d Mon Sep 17 00:00:00 2001 From: bjdgyc Date: Wed, 4 Sep 2024 13:13:31 +0800 Subject: [PATCH 04/10] =?UTF-8?q?=E6=B7=BB=E5=8A=A0acl=E5=8D=8F=E8=AE=AE?= =?UTF-8?q?=E6=94=AF=E6=8C=81?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- server/handler/payload.go | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-) diff --git a/server/handler/payload.go b/server/handler/payload.go index 3eeefd04..26bcfca7 100644 --- a/server/handler/payload.go +++ b/server/handler/payload.go @@ -105,7 +105,15 @@ func checkLinkAcl(group *dbdata.Group, pl *sessdata.Payload) bool { // 先判断协议 // 兼容旧数据 v.Protocol == "" if v.Protocol == "" || v.Protocol == dbdata.ALL || v.IpProto == ipProto { - // 全部通过 + if ipProto == waterutil.ICMP { + // icmp 不判断端口 + if v.Action == dbdata.Allow { + return true + } else { + return false + } + } + if dbdata.ContainsInPorts(v.Ports, ipPort) || dbdata.ContainsInPorts(v.Ports, 0) { if v.Action == dbdata.Allow { // log.Println(dbdata.Allow, v.Ports) From 76779de80a3687571a322301fa9d330482e25a92 Mon Sep 17 00:00:00 2001 From: bjdgyc Date: Wed, 4 Sep 2024 16:59:16 +0800 Subject: [PATCH 05/10] =?UTF-8?q?=E6=B7=BB=E5=8A=A0acl=E5=8D=8F=E8=AE=AE?= =?UTF-8?q?=E6=94=AF=E6=8C=81?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- server/dbdata/group.go | 3 +++ server/handler/payload.go | 39 +++++++++++++++++++-------------------- 2 files changed, 22 insertions(+), 20 deletions(-) diff --git a/server/dbdata/group.go b/server/dbdata/group.go index 0d2f8220..a25240fe 100644 --- a/server/dbdata/group.go +++ b/server/dbdata/group.go @@ -178,6 +178,9 @@ func SetGroup(g *Group) error { v.IpProto = waterutil.UDP case ICMP: v.IpProto = waterutil.ICMP + default: + // 其他类型都是 all + v.Protocol = ALL } portsStr := v.Port diff --git a/server/handler/payload.go b/server/handler/payload.go index 26bcfca7..576ada39 100644 --- a/server/handler/payload.go +++ b/server/handler/payload.go @@ -86,27 +86,26 @@ func checkLinkAcl(group *dbdata.Group, pl *sessdata.Payload) bool { } for _, v := range group.LinkAcl { - // 循环判断ip和端口 - if v.IpNet.Contains(ipDst) { - - // 放行允许ip的ping - // if v.Ports == nil || len(v.Ports) == 0 { - // //单端口历史数据兼容 - // port := uint16(v.Port.(float64)) - // if port == ipPort || port == 0 || ipProto == waterutil.ICMP { - // if v.Action == dbdata.Allow { - // return true - // } else { - // return false - // } - // } - // } else { - - // 先判断协议 - // 兼容旧数据 v.Protocol == "" - if v.Protocol == "" || v.Protocol == dbdata.ALL || v.IpProto == ipProto { + // 放行允许ip的ping + // if v.Ports == nil || len(v.Ports) == 0 { + // //单端口历史数据兼容 + // port := uint16(v.Port.(float64)) + // if port == ipPort || port == 0 || ipProto == waterutil.ICMP { + // if v.Action == dbdata.Allow { + // return true + // } else { + // return false + // } + // } + // } else { + + // 先判断协议 + // 兼容旧数据 v.Protocol == "" + if v.Protocol == "" || v.Protocol == dbdata.ALL || v.IpProto == ipProto { + // 循环判断ip和端口 + if v.IpNet.Contains(ipDst) { + // icmp 不判断端口 if ipProto == waterutil.ICMP { - // icmp 不判断端口 if v.Action == dbdata.Allow { return true } else { From ad1885798b5310fb6a88a9335b7ce1e96e2c36a6 Mon Sep 17 00:00:00 2001 From: bjdgyc Date: Wed, 4 Sep 2024 17:00:29 +0800 Subject: [PATCH 06/10] =?UTF-8?q?=E6=B7=BB=E5=8A=A0acl=E5=8D=8F=E8=AE=AE?= =?UTF-8?q?=E6=94=AF=E6=8C=81?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- doc/README.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/doc/README.md b/doc/README.md index 5d01634a..0af86ee8 100644 --- a/doc/README.md +++ b/doc/README.md @@ -49,6 +49,8 @@ | 杨杨得亿 | | | Thanataos | | | 憨大叔 | | +| 明月 | | +| Amis | | From 567f0e8adbd39c1b9647c8f111c8f30b262ee30e Mon Sep 17 00:00:00 2001 From: bjdgyc Date: Fri, 6 Sep 2024 17:13:38 +0800 Subject: [PATCH 07/10] =?UTF-8?q?=E4=BF=AE=E5=A4=8D=E5=8D=8F=E8=AE=AE?= =?UTF-8?q?=E5=B1=95=E7=A4=BA?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- web/src/pages/group/List.vue | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/web/src/pages/group/List.vue b/web/src/pages/group/List.vue index 1d117423..7ba74a0f 100644 --- a/web/src/pages/group/List.vue +++ b/web/src/pages/group/List.vue @@ -422,7 +422,12 @@ - + + + + + + From 2ba36258857ac64a313696195a73615f7071dd79 Mon Sep 17 00:00:00 2001 From: bjdgyc Date: Mon, 9 Sep 2024 15:11:36 +0800 Subject: [PATCH 08/10] =?UTF-8?q?=E4=BF=AE=E5=A4=8D=E5=8D=8F=E8=AE=AE?= =?UTF-8?q?=E5=B1=95=E7=A4=BA?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- version | 2 +- web/src/pages/group/List.vue | 7 +------ 2 files changed, 2 insertions(+), 7 deletions(-) diff --git a/version b/version index ed0d9e99..e96a8711 100644 --- a/version +++ b/version @@ -1 +1 @@ -0.13.1 \ No newline at end of file +0.12.2 \ No newline at end of file diff --git a/web/src/pages/group/List.vue b/web/src/pages/group/List.vue index 7ba74a0f..17c7fb68 100644 --- a/web/src/pages/group/List.vue +++ b/web/src/pages/group/List.vue @@ -422,12 +422,7 @@ - - - - - - + From e8a8773005a887a0b69c7b44e100a324de97b2d6 Mon Sep 17 00:00:00 2001 From: bjdgyc Date: Mon, 9 Sep 2024 16:52:32 +0800 Subject: [PATCH 09/10] =?UTF-8?q?=E6=9D=83=E9=99=90=20=E6=B7=BB=E5=8A=A0?= =?UTF-8?q?=E6=8B=96=E6=8B=BD=E5=8A=9F=E8=83=BD?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- web/src/pages/group/List.vue | 25 ++++++++++++++++++++++--- 1 file changed, 22 insertions(+), 3 deletions(-) diff --git a/web/src/pages/group/List.vue b/web/src/pages/group/List.vue index 17c7fb68..8c4d9973 100644 --- a/web/src/pages/group/List.vue +++ b/web/src/pages/group/List.vue @@ -191,7 +191,7 @@ :close-on-click-modal="false" title="用户组" :visible.sync="user_edit_dialog" - width="750px" + width="850px" @close='closeDialog' center> @@ -410,9 +410,17 @@ + + + - + + + + + + @@ -438,6 +446,8 @@ @click.prevent="removeDomain(ruleForm.link_acl,index)"> + + @@ -512,10 +522,11 @@