Initial commit (code only without large binaries)
This commit is contained in:
robin
@@ -0,0 +1,175 @@
|
||||
package firewallconfigs
|
||||
|
||||
import (
|
||||
"github.com/TeaOSLab/EdgeCommon/pkg/serverconfigs/ipconfigs"
|
||||
)
|
||||
|
||||
// HTTPFirewallInboundConfig HTTP防火墙入口配置
|
||||
type HTTPFirewallInboundConfig struct {
|
||||
IsOn bool `yaml:"isOn" json:"isOn"`
|
||||
GroupRefs []*HTTPFirewallRuleGroupRef `yaml:"groupRefs" json:"groupRefs"`
|
||||
Groups []*HTTPFirewallRuleGroup `yaml:"groups" json:"groups"`
|
||||
|
||||
// 地区相关
|
||||
Region *HTTPFirewallRegionConfig `yaml:"region" json:"region"`
|
||||
|
||||
// IP名单
|
||||
AllowListRef *ipconfigs.IPListRef `yaml:"whiteListRef" json:"whiteListRef"`
|
||||
DenyListRef *ipconfigs.IPListRef `yaml:"blackListRef" json:"blackListRef"`
|
||||
GreyListRef *ipconfigs.IPListRef `yaml:"greyListRef" json:"greyListRef"`
|
||||
|
||||
// 绑定的IP名单
|
||||
PublicAllowListRefs []*ipconfigs.IPListRef `yaml:"publicWhiteListRefs" json:"publicWhiteListRefs"`
|
||||
PublicDenyListRefs []*ipconfigs.IPListRef `yaml:"publicBlackListRefs" json:"publicBlackListRefs"`
|
||||
PublicGreyListRefs []*ipconfigs.IPListRef `yaml:"publicGreyListRefs" json:"publicGreyListRefs"`
|
||||
|
||||
allAllowListRefs []*ipconfigs.IPListRef
|
||||
allDenyListRefs []*ipconfigs.IPListRef
|
||||
allGreyListRefs []*ipconfigs.IPListRef
|
||||
}
|
||||
|
||||
// Init 初始化
|
||||
func (this *HTTPFirewallInboundConfig) Init() error {
|
||||
for _, group := range this.Groups {
|
||||
err := group.Init()
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
}
|
||||
|
||||
if this.Region != nil {
|
||||
err := this.Region.Init()
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
}
|
||||
|
||||
this.allAllowListRefs = []*ipconfigs.IPListRef{}
|
||||
if this.AllowListRef != nil {
|
||||
this.allAllowListRefs = append(this.allAllowListRefs, this.AllowListRef)
|
||||
}
|
||||
if len(this.PublicAllowListRefs) > 0 {
|
||||
this.allAllowListRefs = append(this.allAllowListRefs, this.PublicAllowListRefs...)
|
||||
}
|
||||
|
||||
this.allDenyListRefs = []*ipconfigs.IPListRef{}
|
||||
if this.DenyListRef != nil {
|
||||
this.allDenyListRefs = append(this.allDenyListRefs, this.DenyListRef)
|
||||
}
|
||||
if len(this.PublicDenyListRefs) > 0 {
|
||||
this.allDenyListRefs = append(this.allDenyListRefs, this.PublicDenyListRefs...)
|
||||
}
|
||||
|
||||
this.allGreyListRefs = []*ipconfigs.IPListRef{}
|
||||
if this.GreyListRef != nil {
|
||||
this.allGreyListRefs = append(this.allGreyListRefs, this.GreyListRef)
|
||||
}
|
||||
if len(this.PublicGreyListRefs) > 0 {
|
||||
this.allGreyListRefs = append(this.allGreyListRefs, this.PublicGreyListRefs...)
|
||||
}
|
||||
|
||||
return nil
|
||||
}
|
||||
|
||||
// FindGroupWithCode 根据Code查找Group
|
||||
func (this *HTTPFirewallInboundConfig) FindGroupWithCode(code string) *HTTPFirewallRuleGroup {
|
||||
for _, group := range this.Groups {
|
||||
if group.Code == code {
|
||||
return group
|
||||
}
|
||||
}
|
||||
return nil
|
||||
}
|
||||
|
||||
// RemoveRuleGroup 删除某个分组
|
||||
func (this *HTTPFirewallInboundConfig) RemoveRuleGroup(groupId int64) {
|
||||
groups := []*HTTPFirewallRuleGroup{}
|
||||
refs := []*HTTPFirewallRuleGroupRef{}
|
||||
for _, g := range this.Groups {
|
||||
if g.Id == groupId {
|
||||
continue
|
||||
}
|
||||
groups = append(groups, g)
|
||||
}
|
||||
for _, ref := range this.GroupRefs {
|
||||
if ref.GroupId == groupId {
|
||||
continue
|
||||
}
|
||||
refs = append(refs, ref)
|
||||
}
|
||||
this.Groups = groups
|
||||
this.GroupRefs = refs
|
||||
}
|
||||
|
||||
// AddPublicList 绑定公用的IP名单
|
||||
func (this *HTTPFirewallInboundConfig) AddPublicList(listId int64, listType string) {
|
||||
var refs []*ipconfigs.IPListRef
|
||||
switch listType {
|
||||
case ipconfigs.IPListTypeBlack:
|
||||
refs = this.PublicDenyListRefs
|
||||
case ipconfigs.IPListTypeWhite:
|
||||
refs = this.PublicAllowListRefs
|
||||
case ipconfigs.IPListTypeGrey:
|
||||
refs = this.PublicGreyListRefs
|
||||
}
|
||||
var found = false
|
||||
for _, ref := range refs {
|
||||
if ref.ListId == listId {
|
||||
found = true
|
||||
ref.IsOn = true
|
||||
break
|
||||
}
|
||||
}
|
||||
if !found {
|
||||
refs = append(refs, &ipconfigs.IPListRef{
|
||||
IsOn: true,
|
||||
ListId: listId,
|
||||
})
|
||||
}
|
||||
switch listType {
|
||||
case ipconfigs.IPListTypeBlack:
|
||||
this.PublicDenyListRefs = refs
|
||||
case ipconfigs.IPListTypeWhite:
|
||||
this.PublicAllowListRefs = refs
|
||||
case ipconfigs.IPListTypeGrey:
|
||||
this.PublicGreyListRefs = refs
|
||||
}
|
||||
}
|
||||
|
||||
// RemovePublicList 解绑公用的IP名单
|
||||
func (this *HTTPFirewallInboundConfig) RemovePublicList(listId int64, listType string) {
|
||||
var refs []*ipconfigs.IPListRef
|
||||
switch listType {
|
||||
case ipconfigs.IPListTypeBlack:
|
||||
refs = this.PublicDenyListRefs
|
||||
case ipconfigs.IPListTypeWhite:
|
||||
refs = this.PublicAllowListRefs
|
||||
case ipconfigs.IPListTypeGrey:
|
||||
refs = this.PublicGreyListRefs
|
||||
}
|
||||
var newRefs = []*ipconfigs.IPListRef{}
|
||||
for _, ref := range refs {
|
||||
if ref.ListId == listId {
|
||||
continue
|
||||
}
|
||||
newRefs = append(newRefs, ref)
|
||||
}
|
||||
switch listType {
|
||||
case ipconfigs.IPListTypeBlack:
|
||||
this.PublicDenyListRefs = newRefs
|
||||
case ipconfigs.IPListTypeWhite:
|
||||
this.PublicAllowListRefs = newRefs
|
||||
case ipconfigs.IPListTypeGrey:
|
||||
this.PublicGreyListRefs = newRefs
|
||||
}
|
||||
}
|
||||
|
||||
// AllAllowListRefs 获取所有允许的IP名单
|
||||
func (this *HTTPFirewallInboundConfig) AllAllowListRefs() []*ipconfigs.IPListRef {
|
||||
return this.allAllowListRefs
|
||||
}
|
||||
|
||||
// AllDenyListRefs 获取所有禁止的IP名单
|
||||
func (this *HTTPFirewallInboundConfig) AllDenyListRefs() []*ipconfigs.IPListRef {
|
||||
return this.allDenyListRefs
|
||||
}
|
||||
Reference in New Issue
Block a user