From cb902a6b9bddf5f02025033657a634e3e432e08e Mon Sep 17 00:00:00 2001 From: bjdgyc Date: Mon, 22 Apr 2024 16:47:06 +0800 Subject: [PATCH] =?UTF-8?q?=E4=BF=AE=E5=A4=8Dacl=E8=A1=A8=E7=BB=93?= =?UTF-8?q?=E6=9E=84?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- server/dbdata/group.go | 17 +++++++++-------- server/handler/payload.go | 34 +++++++++++++++++----------------- web/src/pages/group/List.vue | 2 +- 3 files changed, 27 insertions(+), 26 deletions(-) diff --git a/server/dbdata/group.go b/server/dbdata/group.go index ce28ddb..fa2270e 100644 --- a/server/dbdata/group.go +++ b/server/dbdata/group.go @@ -27,7 +27,7 @@ type GroupLinkAcl struct { // 自上而下匹配 默认 allow * * Action string `json:"action"` // allow、deny Val string `json:"val"` - Port interface{} `json:"port"` //兼容单端口历史数据类型uint16 + Port string `json:"port"` // 兼容单端口历史数据类型uint16 Ports map[uint16]int8 `json:"ports"` IpNet *net.IPNet `json:"ip_net"` Note string `json:"note"` @@ -164,13 +164,14 @@ func SetGroup(g *Group) error { } v.IpNet = ipNet - portsStr := "" - switch vp := v.Port.(type) { - case float64: - portsStr = strconv.Itoa(int(vp)) - case string: - portsStr = vp - } + portsStr := v.Port + v.Port = strings.TrimSpace(portsStr) + // switch vp := v.Port.(type) { + // case float64: + // portsStr = strconv.Itoa(int(vp)) + // case string: + // portsStr = vp + // } if regexp.MustCompile(`^\d{1,5}(-\d{1,5})?(,\d{1,5}(-\d{1,5})?)*$`).MatchString(portsStr) { ports := map[uint16]int8{} diff --git a/server/handler/payload.go b/server/handler/payload.go index 9bc9d31..2356ec5 100644 --- a/server/handler/payload.go +++ b/server/handler/payload.go @@ -90,23 +90,23 @@ func checkLinkAcl(group *dbdata.Group, pl *sessdata.Payload) bool { if v.IpNet.Contains(ipDst) { // 放行允许ip的ping - if v.Ports == nil || len(v.Ports) == 0 { - //单端口历史数据兼容 - port := uint16(v.Port.(float64)) - if port == ipPort || port == 0 || ipProto == waterutil.ICMP { - if v.Action == dbdata.Allow { - return true - } else { - return false - } - } - } else { - if dbdata.ContainsInPorts(v.Ports, ipPort) || dbdata.ContainsInPorts(v.Ports, 0) || ipProto == waterutil.ICMP { - if v.Action == dbdata.Allow { - return true - } else { - return false - } + // if v.Ports == nil || len(v.Ports) == 0 { + // //单端口历史数据兼容 + // port := uint16(v.Port.(float64)) + // if port == ipPort || port == 0 || ipProto == waterutil.ICMP { + // if v.Action == dbdata.Allow { + // return true + // } else { + // return false + // } + // } + // } else { + + if dbdata.ContainsInPorts(v.Ports, ipPort) || dbdata.ContainsInPorts(v.Ports, 0) || ipProto == waterutil.ICMP { + if v.Action == dbdata.Allow { + return true + } else { + return false } } } diff --git a/web/src/pages/group/List.vue b/web/src/pages/group/List.vue index 10d5cf1..cc8fc55 100644 --- a/web/src/pages/group/List.vue +++ b/web/src/pages/group/List.vue @@ -344,7 +344,7 @@ - 输入CIDR格式如: 192.168.3.0/24 端口0表示所有端口,多个端口用,号分隔,连续端口:1234-5678 + 输入CIDR格式如: 192.168.3.0/24 端口0表示所有端口,多个端口用','号分隔,连续端口:1234-5678