From 3ebb6695587843b5690607d8757f378912f207f2 Mon Sep 17 00:00:00 2001 From: bjd Date: Tue, 12 Jan 2021 17:30:31 +0800 Subject: [PATCH] =?UTF-8?q?=E5=A2=9E=E5=8A=A0=E4=BA=86CIDR=E5=88=A4?= =?UTF-8?q?=E6=96=AD=E5=92=8C=E8=BF=94=E5=9B=9E=E6=95=B0=E6=8D=AE=E7=9A=84?= =?UTF-8?q?debug=E4=BF=A1=E6=81=AF?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- base/app_ver.go | 2 +- conf/server.toml | 2 +- dbdata/group.go | 58 ++++++++++++++++++++---------------------- handler/link_cstp.go | 4 +-- handler/link_tunnel.go | 12 ++++++--- 5 files changed, 39 insertions(+), 39 deletions(-) diff --git a/base/app_ver.go b/base/app_ver.go index ac15019..77d6a69 100644 --- a/base/app_ver.go +++ b/base/app_ver.go @@ -2,5 +2,5 @@ package base const ( APP_NAME = "AnyLink" - APP_VER = "0.0.7" + APP_VER = "0.0.8" ) diff --git a/conf/server.toml b/conf/server.toml index 0be2290..533bf62 100644 --- a/conf/server.toml +++ b/conf/server.toml @@ -22,7 +22,7 @@ admin_pass = "$2a$10$UQ7C.EoPifDeJh6d8.31TeSPQU7hM/NOM2nixmBucJpAuXDQNqNke" jwt_secret = "" -#vpn服务对外地址 +#vpn服务对外地址,影响开通邮件二维码 link_addr = "vpn.xx.com" #前台服务监听地址 diff --git a/dbdata/group.go b/dbdata/group.go index 81780c8..360950e 100644 --- a/dbdata/group.go +++ b/dbdata/group.go @@ -4,7 +4,6 @@ import ( "errors" "fmt" "net" - "strings" "time" "github.com/bjdgyc/anylink/base" @@ -20,11 +19,12 @@ type GroupLinkAcl struct { Action string `json:"action"` // allow、deny Val string `json:"val"` Port uint8 `json:"port"` - IpNet *net.IPNet `json:"-"` + IpNet *net.IPNet `json:"ip_net"` } type ValData struct { - Val string `json:"val"` + Val string `json:"val"` + IpMask string `json:"ip_mask"` } type Group struct { @@ -70,15 +70,18 @@ func SetGroup(g *Group) error { } } if len(clientDns) == 0 { - return errors.New("DNS错误") + return errors.New("DNS 错误") } g.ClientDns = clientDns routeInclude := []ValData{} for _, v := range g.RouteInclude { if v.Val != "" { - v1, _ := parseIpNet(v.Val) - vn := ValData{Val: v1} + ipMask, _, err := parseIpNet(v.Val) + if err != nil { + return errors.New("RouteInclude 错误" + err.Error()) + } + vn := ValData{Val: v.Val, IpMask: ipMask} routeInclude = append(routeInclude, vn) } } @@ -86,8 +89,11 @@ func SetGroup(g *Group) error { routeExclude := []ValData{} for _, v := range g.RouteExclude { if v.Val != "" { - v1, _ := parseIpNet(v.Val) - vn := ValData{Val: v1} + ipMask, _, err := parseIpNet(v.Val) + if err != nil { + return errors.New("RouteExclude 错误" + err.Error()) + } + vn := ValData{Val: v.Val, IpMask: ipMask} routeExclude = append(routeExclude, vn) } } @@ -96,13 +102,13 @@ func SetGroup(g *Group) error { linkAcl := []GroupLinkAcl{} for _, v := range g.LinkAcl { if v.Val != "" { - v1, v2 := parseIpNet(v.Val) - if v2 != nil { - vn := v - vn.Val = v1 - vn.IpNet = v2 - linkAcl = append(linkAcl, vn) + _, ipNet, err := parseIpNet(v.Val) + if err != nil { + return errors.New("GroupLinkAcl 错误" + err.Error()) } + vn := v + vn.IpNet = ipNet + linkAcl = append(linkAcl, vn) } } g.LinkAcl = linkAcl @@ -113,24 +119,14 @@ func SetGroup(g *Group) error { return err } -func parseIpNet(s string) (string, *net.IPNet) { - ips := strings.Split(s, "/") - if len(ips) != 2 { - return "", nil - } - ip := net.ParseIP(ips[0]) - mask := net.ParseIP(ips[1]) - - if strings.Contains(ips[0], ".") { - ip = ip.To4() - mask = mask.To4() +func parseIpNet(s string) (string, *net.IPNet, error) { + ip, ipNet, err := net.ParseCIDR(s) + if err != nil { + return "", nil, err } - ipmask := net.IPMask(mask) - ip0 := ip.Mask(ipmask) + mask := net.IP(ipNet.Mask) + ipMask := fmt.Sprintf("%s/%s", ip, mask) - ipNetS := fmt.Sprintf("%s/%s", ip0, mask) - ipNet := &net.IPNet{IP: ip0, Mask: ipmask} - - return ipNetS, ipNet + return ipMask, ipNet, nil } diff --git a/handler/link_cstp.go b/handler/link_cstp.go index 7edf3ba..e84d3e5 100644 --- a/handler/link_cstp.go +++ b/handler/link_cstp.go @@ -49,12 +49,12 @@ func LinkCstp(conn net.Conn, cSess *sessdata.ConnSession) { switch hdata[6] { case 0x07: // KEEPALIVE // do nothing - base.Debug("recv keepalive", cSess.IpAddr) + // base.Debug("recv keepalive", cSess.IpAddr) case 0x05: // DISCONNECT base.Debug("DISCONNECT", cSess.IpAddr) return case 0x03: // DPD-REQ - base.Debug("recv DPD-REQ", cSess.IpAddr) + // base.Debug("recv DPD-REQ", cSess.IpAddr) if payloadOut(cSess, sessdata.LTypeIPData, 0x04, nil) { return } diff --git a/handler/link_tunnel.go b/handler/link_tunnel.go index 21b2175..d6f51bb 100644 --- a/handler/link_tunnel.go +++ b/handler/link_tunnel.go @@ -1,6 +1,7 @@ package handler import ( + "bytes" "fmt" "log" "net" @@ -86,11 +87,11 @@ func LinkTunnel(w http.ResponseWriter, r *http.Request) { } // 允许的路由 for _, v := range cSess.Group.RouteInclude { - w.Header().Add("X-CSTP-Split-Include", v.Val) + w.Header().Add("X-CSTP-Split-Include", v.IpMask) } // 不允许的路由 for _, v := range cSess.Group.RouteExclude { - w.Header().Add("X-CSTP-Split-Exclude", v.Val) + w.Header().Add("X-CSTP-Split-Exclude", v.IpMask) } w.Header().Set("X-CSTP-Lease-Duration", fmt.Sprintf("%d", base.Cfg.IpLease)) // ip地址租期 @@ -130,8 +131,11 @@ func LinkTunnel(w http.ResponseWriter, r *http.Request) { // w.Header().Set("X-CSTP-Post-Auth-XML", ``) w.WriteHeader(http.StatusOK) - // h := w.Header().Clone() - // h.Write(os.Stdout) + h := w.Header().Clone() + headers := make([]byte, 0) + buf := bytes.NewBuffer(headers) + h.Write(buf) + base.Debug(string(buf.Bytes())) hj := w.(http.Hijacker) conn, _, err := hj.Hijack()