7x31
/
anylink
mirror of https://github.com/bjdgyc/anylink.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #314 from bjdgyc/dev 

支持分割DNS功能
This commit is contained in:
bjdgyc 2024-04-24 17:56:18 +08:00 committed by GitHub
parent 2828d1038d a7c6791c1e
commit 7329603c47
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
7 changed files with 481 additions and 384 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
server/admin/api_group.go
View File

@ -75,6 +75,10 @@ func GroupDetail(w http.ResponseWriter, r *http.Request) {
if len(data.Auth) == 0 { if len(data.Auth) == 0 {
data.Auth["type"] = "local" data.Auth["type"] = "local"
} }
// 兼容旧数据
if data.SplitDns == nil {
data.SplitDns = []dbdata.ValData{}
}
RespSucess(w, data) RespSucess(w, data)
} }

1
server/conf/profile.xml
View File

@ -9,6 +9,7 @@
<RestrictTunnelProtocols>IPSec</RestrictTunnelProtocols> <RestrictTunnelProtocols>IPSec</RestrictTunnelProtocols>
<BypassDownloader>true</BypassDownloader> <BypassDownloader>true</BypassDownloader>
<AutoUpdate UserControllable="false">false</AutoUpdate> <AutoUpdate UserControllable="false">false</AutoUpdate>
<LocalLanAccess UserControllable="true">true</LocalLanAccess>
<WindowsVPNEstablishment>AllowRemoteUsers</WindowsVPNEstablishment> <WindowsVPNEstablishment>AllowRemoteUsers</WindowsVPNEstablishment>
<LinuxVPNEstablishment>AllowRemoteUsers</LinuxVPNEstablishment> <LinuxVPNEstablishment>AllowRemoteUsers</LinuxVPNEstablishment>
<CertEnrollmentPin>pinAllowed</CertEnrollmentPin> <CertEnrollmentPin>pinAllowed</CertEnrollmentPin>

15
server/dbdata/group.go
View File

@ -215,6 +215,7 @@ func SetGroup(g *Group) error {
// DNS 判断 // DNS 判断
clientDns := []ValData{} clientDns := []ValData{}
for _, v := range g.ClientDns { for _, v := range g.ClientDns {
v.Val = strings.TrimSpace(v.Val)
if v.Val != "" { if v.Val != "" {
ip := net.ParseIP(v.Val) ip := net.ParseIP(v.Val)
if ip.String() != v.Val { if ip.String() != v.Val {
@ -229,6 +230,20 @@ func SetGroup(g *Group) error {
return errors.New("默认路由必须设置一个DNS") return errors.New("默认路由必须设置一个DNS")
} }
g.ClientDns = clientDns g.ClientDns = clientDns
splitDns := []ValData{}
for _, v := range g.SplitDns {
v.Val = strings.TrimSpace(v.Val)
if v.Val != "" {
ValidateDomainName(v.Val)
if !ValidateDomainName(v.Val) {
return errors.New("域名 错误")
}
splitDns = append(splitDns, v)
}
}
g.SplitDns = splitDns
// 域名拆分隧道,不能同时填写 // 域名拆分隧道,不能同时填写
g.DsIncludeDomains = strings.TrimSpace(g.DsIncludeDomains) g.DsIncludeDomains = strings.TrimSpace(g.DsIncludeDomains)
g.DsExcludeDomains = strings.TrimSpace(g.DsExcludeDomains) g.DsExcludeDomains = strings.TrimSpace(g.DsExcludeDomains)

1
server/dbdata/tables.go
View File

@ -11,6 +11,7 @@ type Group struct {
Note string `json:"note" xorm:"varchar(255)"` Note string `json:"note" xorm:"varchar(255)"`
AllowLan bool `json:"allow_lan" xorm:"Bool"` AllowLan bool `json:"allow_lan" xorm:"Bool"`
ClientDns []ValData `json:"client_dns" xorm:"Text"` ClientDns []ValData `json:"client_dns" xorm:"Text"`
SplitDns []ValData `json:"split_dns" xorm:"Text"`
RouteInclude []ValData `json:"route_include" xorm:"Text"` RouteInclude []ValData `json:"route_include" xorm:"Text"`
RouteExclude []ValData `json:"route_exclude" xorm:"Text"` RouteExclude []ValData `json:"route_exclude" xorm:"Text"`
DsExcludeDomains string `json:"ds_exclude_domains" xorm:"Text"` DsExcludeDomains string `json:"ds_exclude_domains" xorm:"Text"`

13
server/handler/link_tunnel.go
View File

@ -86,7 +86,7 @@ func LinkTunnel(w http.ResponseWriter, r *http.Request) {
} }
cSess.CstpDpd = cstpDpd cSess.CstpDpd = cstpDpd
dtlsPort := "4433" dtlsPort := "443"
if strings.Contains(base.Cfg.ServerDTLSAddr, ":") { if strings.Contains(base.Cfg.ServerDTLSAddr, ":") {
ss := strings.Split(base.Cfg.ServerDTLSAddr, ":") ss := strings.Split(base.Cfg.ServerDTLSAddr, ":")
dtlsPort = ss[1] dtlsPort = ss[1]
@ -131,6 +131,11 @@ func LinkTunnel(w http.ResponseWriter, r *http.Request) {
for _, v := range cSess.Group.ClientDns { for _, v := range cSess.Group.ClientDns {
HttpAddHeader(w, "X-CSTP-DNS", v.Val) HttpAddHeader(w, "X-CSTP-DNS", v.Val)
} }
// 分割dns
for _, v := range cSess.Group.SplitDns {
HttpAddHeader(w, "X-CSTP-Split-DNS", v.Val)
}
// 允许的路由 // 允许的路由
for _, v := range cSess.Group.RouteInclude { for _, v := range cSess.Group.RouteInclude {
if strings.ToLower(v.Val) == dbdata.All { if strings.ToLower(v.Val) == dbdata.All {
@ -156,9 +161,9 @@ func LinkTunnel(w http.ResponseWriter, r *http.Request) {
HttpSetHeader(w, "X-CSTP-Keep", "true") HttpSetHeader(w, "X-CSTP-Keep", "true")
HttpSetHeader(w, "X-CSTP-Tunnel-All-DNS", "false") HttpSetHeader(w, "X-CSTP-Tunnel-All-DNS", "false")
HttpSetHeader(w, "X-CSTP-Rekey-Time", "43200") // 172800 HttpSetHeader(w, "X-CSTP-Rekey-Time", "86400") // 172800
HttpSetHeader(w, "X-CSTP-Rekey-Method", "new-tunnel") HttpSetHeader(w, "X-CSTP-Rekey-Method", "new-tunnel")
HttpSetHeader(w, "X-DTLS-Rekey-Time", "43200") HttpSetHeader(w, "X-DTLS-Rekey-Time", "86400")
HttpSetHeader(w, "X-DTLS-Rekey-Method", "new-tunnel") HttpSetHeader(w, "X-DTLS-Rekey-Method", "new-tunnel")
HttpSetHeader(w, "X-CSTP-DPD", fmt.Sprintf("%d", cstpDpd)) HttpSetHeader(w, "X-CSTP-DPD", fmt.Sprintf("%d", cstpDpd))
@ -180,7 +185,7 @@ func LinkTunnel(w http.ResponseWriter, r *http.Request) {
HttpSetHeader(w, "X-CSTP-Routing-Filtering-Ignore", "false") HttpSetHeader(w, "X-CSTP-Routing-Filtering-Ignore", "false")
HttpSetHeader(w, "X-CSTP-Quarantine", "false") HttpSetHeader(w, "X-CSTP-Quarantine", "false")
HttpSetHeader(w, "X-CSTP-Disable-Always-On-VPN", "false") HttpSetHeader(w, "X-CSTP-Disable-Always-On-VPN", "false")
HttpSetHeader(w, "X-CSTP-Client-Bypass-Protocol", "false") HttpSetHeader(w, "X-CSTP-Client-Bypass-Protocol", "true")
HttpSetHeader(w, "X-CSTP-TCP-Keepalive", "false") HttpSetHeader(w, "X-CSTP-TCP-Keepalive", "false")
// 设置域名拆分隧道(移动端不支持) // 设置域名拆分隧道(移动端不支持)
if mobile != "mobile" { if mobile != "mobile" {

2
version
View File

@ -1 +1 @@
0.11.4 0.12.1

223
web/src/pages/group/List.vue
View File

@ -50,7 +50,8 @@
label="带宽限制" label="带宽限制"
width="90"> width="90">
<template slot-scope="scope"> <template slot-scope="scope">
<el-row v-if="scope.row.bandwidth > 0">{{ convertBandwidth(scope.row.bandwidth, 'BYTE', 'Mbps') }} Mbps</el-row> <el-row v-if="scope.row.bandwidth > 0">{{ convertBandwidth(scope.row.bandwidth, 'BYTE', 'Mbps') }} Mbps
</el-row>
<el-row v-else>不限</el-row> <el-row v-else>不限</el-row>
</template> </template>
</el-table-column> </el-table-column>
@ -69,12 +70,20 @@
label="路由包含" label="路由包含"
width="180"> width="180">
<template slot-scope="scope"> <template slot-scope="scope">
<el-row v-for="(item,inx) in scope.row.route_include.slice(0, readMinRows)" :key="inx">{{ item.val }}</el-row> <el-row v-for="(item,inx) in scope.row.route_include.slice(0, readMinRows)" :key="inx">{{
item.val
}}
</el-row>
<div v-if="scope.row.route_include.length > readMinRows"> <div v-if="scope.row.route_include.length > readMinRows">
<div v-if="readMore[`ri_${ scope.row.id }`]"> <div v-if="readMore[`ri_${ scope.row.id }`]">
<el-row v-for="(item,inx) in scope.row.route_include.slice(readMinRows)" :key="inx">{{ item.val }}</el-row> <el-row v-for="(item,inx) in scope.row.route_include.slice(readMinRows)" :key="inx">{{
item.val
}}
</el-row>
</div> </div>
<el-button size="mini" type="text" @click="toggleMore(`ri_${ scope.row.id }`)">{{ readMore[`ri_${ scope.row.id }`] ? "▲ 收起" : "▼ 更多" }}</el-button> <el-button size="mini" type="text" @click="toggleMore(`ri_${ scope.row.id }`)">
{{ readMore[`ri_${scope.row.id}`] ? "▲ 收起" : "▼ 更多" }}
</el-button>
</div> </div>
</template> </template>
</el-table-column> </el-table-column>
@ -84,12 +93,20 @@
label="路由排除" label="路由排除"
width="180"> width="180">
<template slot-scope="scope"> <template slot-scope="scope">
<el-row v-for="(item,inx) in scope.row.route_exclude.slice(0, readMinRows)" :key="inx">{{ item.val }}</el-row> <el-row v-for="(item,inx) in scope.row.route_exclude.slice(0, readMinRows)" :key="inx">{{
item.val
}}
</el-row>
<div v-if="scope.row.route_exclude.length > readMinRows"> <div v-if="scope.row.route_exclude.length > readMinRows">
<div v-if="readMore[`re_${ scope.row.id }`]"> <div v-if="readMore[`re_${ scope.row.id }`]">
<el-row v-for="(item,inx) in scope.row.route_exclude.slice(readMinRows)" :key="inx">{{ item.val }}</el-row> <el-row v-for="(item,inx) in scope.row.route_exclude.slice(readMinRows)" :key="inx">{{
item.val
}}
</el-row>
</div> </div>
<el-button size="mini" type="text" @click="toggleMore(`re_${ scope.row.id }`)">{{ readMore[`re_${ scope.row.id }`] ? "▲ 收起" : "▼ 更多" }}</el-button> <el-button size="mini" type="text" @click="toggleMore(`re_${ scope.row.id }`)">
{{ readMore[`re_${scope.row.id}`] ? "▲ 收起" : "▼ 更多" }}
</el-button>
</div> </div>
</template> </template>
</el-table-column> </el-table-column>
@ -108,7 +125,9 @@
{{ item.action }} => {{ item.val }} : {{ item.port }} {{ item.action }} => {{ item.val }} : {{ item.port }}
</el-row> </el-row>
</div> </div>
<el-button size="mini" type="text" @click="toggleMore(`la_${ scope.row.id }`)">{{ readMore[`la_${ scope.row.id }`] ? "▲ 收起" : "▼ 更多" }}</el-button> <el-button size="mini" type="text" @click="toggleMore(`la_${ scope.row.id }`)">
{{ readMore[`la_${scope.row.id}`] ? "▲ 收起" : "▼ 更多" }}
</el-button>
</div> </div>
</template> </template>
</el-table-column> </el-table-column>
@ -192,7 +211,8 @@
</el-form-item> </el-form-item>
<el-form-item label="带宽限制" prop="bandwidth_format" style="width:260px;"> <el-form-item label="带宽限制" prop="bandwidth_format" style="width:260px;">
<el-input v-model="ruleForm.bandwidth_format" oninput="value= value.match(/\d+(\.\d{0,2})?/) ? value.match(/\d+(\.\d{0,2})?/)[0] : ''"> <el-input v-model="ruleForm.bandwidth_format"
oninput="value= value.match(/\d+(\.\d{0,2})?/) ? value.match(/\d+(\.\d{0,2})?/)[0] : ''">
<template slot="append">Mbps</template> <template slot="append">Mbps</template>
</el-input> </el-input>
</el-form-item> </el-form-item>
@ -229,6 +249,30 @@
</el-col> </el-col>
</el-row> </el-row>
</el-form-item> </el-form-item>
<el-form-item label="分割DNS" prop="split_dns">
<el-row class="msg-info">
<el-col :span="20">一般留空如果输入域名只有配置的域名(包含子域名)走配置的dns</el-col>
<el-col :span="4">
<el-button size="mini" type="success" icon="el-icon-plus" circle
@click.prevent="addDomain(ruleForm.split_dns)"></el-button>
</el-col>
</el-row>
<el-row v-for="(item,index) in ruleForm.split_dns"
:key="index" style="margin-bottom: 5px" :gutter="10">
<el-col :span="10">
<el-input v-model="item.val"></el-input>
</el-col>
<el-col :span="12">
<el-input v-model="item.note" placeholder="备注"></el-input>
</el-col>
<el-col :span="2">
<el-button size="mini" type="danger" icon="el-icon-minus" circle
@click.prevent="removeDomain(ruleForm.split_dns,index)"></el-button>
</el-col>
</el-row>
</el-form-item>
<el-form-item label="状态" prop="status"> <el-form-item label="状态" prop="status">
<el-radio-group v-model="ruleForm.status"> <el-radio-group v-model="ruleForm.status">
<el-radio :label="1" border>启用</el-radio> <el-radio :label="1" border>启用</el-radio>
@ -246,38 +290,50 @@
</el-radio-group> </el-radio-group>
</el-form-item> </el-form-item>
<template v-if="ruleForm.auth.type == 'radius'"> <template v-if="ruleForm.auth.type == 'radius'">
<el-form-item label="服务器地址" prop="auth.radius.addr" :rules="this.ruleForm.auth.type== 'radius' ? this.rules['auth.radius.addr'] : [{ required: false }]"> <el-form-item label="服务器地址" prop="auth.radius.addr"
:rules="this.ruleForm.auth.type== 'radius' ? this.rules['auth.radius.addr'] : [{ required: false }]">
<el-input v-model="ruleForm.auth.radius.addr" placeholder="例如 ip:1812"></el-input> <el-input v-model="ruleForm.auth.radius.addr" placeholder="例如 ip:1812"></el-input>
</el-form-item> </el-form-item>
<el-form-item label="密钥" prop="auth.radius.secret" :rules="this.ruleForm.auth.type== 'radius' ? this.rules['auth.radius.secret'] : [{ required: false }]"> <el-form-item label="密钥" prop="auth.radius.secret"
:rules="this.ruleForm.auth.type== 'radius' ? this.rules['auth.radius.secret'] : [{ required: false }]">
<el-input v-model="ruleForm.auth.radius.secret" placeholder=""></el-input> <el-input v-model="ruleForm.auth.radius.secret" placeholder=""></el-input>
</el-form-item> </el-form-item>
</template> </template>
<template v-if="ruleForm.auth.type == 'ldap'"> <template v-if="ruleForm.auth.type == 'ldap'">
<el-form-item label="服务器地址" prop="auth.ldap.addr" :rules="this.ruleForm.auth.type== 'ldap' ? this.rules['auth.ldap.addr'] : [{ required: false }]"> <el-form-item label="服务器地址" prop="auth.ldap.addr"
:rules="this.ruleForm.auth.type== 'ldap' ? this.rules['auth.ldap.addr'] : [{ required: false }]">
<el-input v-model="ruleForm.auth.ldap.addr" placeholder="例如 ip:389 / 域名:389"></el-input> <el-input v-model="ruleForm.auth.ldap.addr" placeholder="例如 ip:389 / 域名:389"></el-input>
</el-form-item> </el-form-item>
<el-form-item label="开启TLS" prop="auth.ldap.tls"> <el-form-item label="开启TLS" prop="auth.ldap.tls">
<el-switch v-model="ruleForm.auth.ldap.tls"></el-switch> <el-switch v-model="ruleForm.auth.ldap.tls"></el-switch>
</el-form-item> </el-form-item>
<el-form-item label="管理员 DN" prop="auth.ldap.bind_name" :rules="this.ruleForm.auth.type== 'ldap' ? this.rules['auth.ldap.bind_name'] : [{ required: false }]"> <el-form-item label="管理员 DN" prop="auth.ldap.bind_name"
<el-input v-model="ruleForm.auth.ldap.bind_name" placeholder="例如 CN=bindadmin,DC=abc,DC=COM"></el-input> :rules="this.ruleForm.auth.type== 'ldap' ? this.rules['auth.ldap.bind_name'] : [{ required: false }]">
<el-input v-model="ruleForm.auth.ldap.bind_name"
placeholder="例如 CN=bindadmin,DC=abc,DC=COM"></el-input>
</el-form-item> </el-form-item>
<el-form-item label="管理员密码" prop="auth.ldap.bind_pwd" :rules="this.ruleForm.auth.type== 'ldap' ? this.rules['auth.ldap.bind_pwd'] : [{ required: false }]"> <el-form-item label="管理员密码" prop="auth.ldap.bind_pwd"
:rules="this.ruleForm.auth.type== 'ldap' ? this.rules['auth.ldap.bind_pwd'] : [{ required: false }]">
<el-input type="password" v-model="ruleForm.auth.ldap.bind_pwd" placeholder=""></el-input> <el-input type="password" v-model="ruleForm.auth.ldap.bind_pwd" placeholder=""></el-input>
</el-form-item> </el-form-item>
<el-form-item label="Base DN" prop="auth.ldap.base_dn" :rules="this.ruleForm.auth.type== 'ldap' ? this.rules['auth.ldap.base_dn'] : [{ required: false }]"> <el-form-item label="Base DN" prop="auth.ldap.base_dn"
:rules="this.ruleForm.auth.type== 'ldap' ? this.rules['auth.ldap.base_dn'] : [{ required: false }]">
<el-input v-model="ruleForm.auth.ldap.base_dn" placeholder="例如 DC=abc,DC=com"></el-input> <el-input v-model="ruleForm.auth.ldap.base_dn" placeholder="例如 DC=abc,DC=com"></el-input>
</el-form-item> </el-form-item>
<el-form-item label="用户对象类" prop="auth.ldap.object_class" :rules="this.ruleForm.auth.type== 'ldap' ? this.rules['auth.ldap.object_class'] : [{ required: false }]"> <el-form-item label="用户对象类" prop="auth.ldap.object_class"
<el-input v-model="ruleForm.auth.ldap.object_class" placeholder="例如 person / user / posixAccount"></el-input> :rules="this.ruleForm.auth.type== 'ldap' ? this.rules['auth.ldap.object_class'] : [{ required: false }]">
<el-input v-model="ruleForm.auth.ldap.object_class"
placeholder="例如 person / user / posixAccount"></el-input>
</el-form-item> </el-form-item>
<el-form-item label="用户唯一ID" prop="auth.ldap.search_attr" :rules="this.ruleForm.auth.type== 'ldap' ? this.rules['auth.ldap.search_attr'] : [{ required: false }]"> <el-form-item label="用户唯一ID" prop="auth.ldap.search_attr"
<el-input v-model="ruleForm.auth.ldap.search_attr" placeholder="例如 sAMAccountName / uid / cn"></el-input> :rules="this.ruleForm.auth.type== 'ldap' ? this.rules['auth.ldap.search_attr'] : [{ required: false }]">
<el-input v-model="ruleForm.auth.ldap.search_attr"
placeholder="例如 sAMAccountName / uid / cn"></el-input>
</el-form-item> </el-form-item>
<el-form-item label="受限用户组" prop="auth.ldap.member_of"> <el-form-item label="受限用户组" prop="auth.ldap.member_of">
<el-input v-model="ruleForm.auth.ldap.member_of" placeholder="选填, 只允许指定组登入, 例如 CN=HomeWork,DC=abc,DC=com"></el-input> <el-input v-model="ruleForm.auth.ldap.member_of"
placeholder="选填, 只允许指定组登入, 例如 CN=HomeWork,DC=abc,DC=com"></el-input>
</el-form-item> </el-form-item>
</template> </template>
</el-tab-pane> </el-tab-pane>
@ -344,7 +400,9 @@
<el-tab-pane label="权限控制" name="link_acl"> <el-tab-pane label="权限控制" name="link_acl">
<el-form-item label="权限控制" prop="link_acl"> <el-form-item label="权限控制" prop="link_acl">
<el-row class="msg-info"> <el-row class="msg-info">
<el-col :span="22">输入CIDR格式如: 192.168.3.0/24 端口0表示所有端口,多个端口用','号分隔,连续端口:1234-5678</el-col> <el-col :span="22">输入CIDR格式如: 192.168.3.0/24
端口0表示所有端口,多个端口用','号分隔,连续端口:1234-5678
</el-col>
<el-col :span="2"> <el-col :span="2">
<el-button size="mini" type="success" icon="el-icon-plus" circle <el-button size="mini" type="success" icon="el-icon-plus" circle
@click.prevent="addDomain(ruleForm.link_acl)"></el-button> @click.prevent="addDomain(ruleForm.link_acl)"></el-button>
@ -361,10 +419,11 @@
</el-select> </el-select>
</el-input> </el-input>
</el-col> </el-col>
<el-col :span="6"> <el-col :span="8">
<el-input type="textarea" :autosize="{ minRows: 1, maxRows: 2}" v-model="item.port" placeholder="多端口,号分隔"></el-input> <!-- type="textarea" :autosize="{ minRows: 1, maxRows: 2}" -->
<el-input v-model="item.port" placeholder="多端口,号分隔"></el-input>
</el-col> </el-col>
<el-col :span="6"> <el-col :span="4">
<el-input v-model="item.note" placeholder="备注"></el-input> <el-input v-model="item.note" placeholder="备注"></el-input>
</el-col> </el-col>
<el-col :span="2"> <el-col :span="2">
@ -377,10 +436,12 @@
<el-tab-pane label="域名拆分隧道" name="ds_domains"> <el-tab-pane label="域名拆分隧道" name="ds_domains">
<el-form-item label="包含域名" prop="ds_include_domains"> <el-form-item label="包含域名" prop="ds_include_domains">
<el-input type="textarea" :rows="5" v-model="ruleForm.ds_include_domains" placeholder="输入域名用,号分隔,默认匹配所有子域名, 如baidu.com,163.com"></el-input> <el-input type="textarea" :rows="5" v-model="ruleForm.ds_include_domains"
placeholder="输入域名用,号分隔,默认匹配所有子域名, 如baidu.com,163.com"></el-input>
</el-form-item> </el-form-item>
<el-form-item label="排除域名" prop="ds_exclude_domains"> <el-form-item label="排除域名" prop="ds_exclude_domains">
<el-input type="textarea" :rows="5" v-model="ruleForm.ds_exclude_domains" placeholder="输入域名用,号分隔,默认匹配所有子域名, 如baidu.com,163.com"></el-input> <el-input type="textarea" :rows="5" v-model="ruleForm.ds_exclude_domains"
placeholder="输入域名用,号分隔,默认匹配所有子域名, 如baidu.com,163.com"></el-input>
<div class="msg-info">域名拆分隧道仅支持AnyConnect的windows和MacOS桌面客户端不支持移动端.</div> <div class="msg-info">域名拆分隧道仅支持AnyConnect的windows和MacOS桌面客户端不支持移动端.</div>
</el-form-item> </el-form-item>
</el-tab-pane> </el-tab-pane>
@ -404,7 +465,8 @@
center> center>
<el-form :model="authLoginForm" :rules="authLoginRules" ref="authLoginForm" label-width="100px"> <el-form :model="authLoginForm" :rules="authLoginRules" ref="authLoginForm" label-width="100px">
<el-form-item label="账号" prop="name"> <el-form-item label="账号" prop="name">
<el-input v-model="authLoginForm.name" ref="authLoginFormName" @keydown.enter.native="testAuthLogin"></el-input> <el-input v-model="authLoginForm.name" ref="authLoginFormName"
@keydown.enter.native="testAuthLogin"></el-input>
</el-form-item> </el-form-item>
<el-form-item label="密码" prop="pwd"> <el-form-item label="密码" prop="pwd">
<el-input type="password" v-model="authLoginForm.pwd" @keydown.enter.native="testAuthLogin"></el-input> <el-input type="password" v-model="authLoginForm.pwd" @keydown.enter.native="testAuthLogin"></el-input>
@ -425,8 +487,12 @@
center> center>
<el-form ref="ipEditForm" label-width="80px"> <el-form ref="ipEditForm" label-width="80px">
<el-form-item label="路由表" prop="ip_list"> <el-form-item label="路由表" prop="ip_list">
<el-input type="textarea" :rows="10" v-model="ipEditForm.ip_list" placeholder="每行一条路由192.168.1.0/24,备注 或 192.168.1.0/24"></el-input> <el-input type="textarea" :rows="10" v-model="ipEditForm.ip_list"
<div class="msg-info">当前共 {{ ipEditForm.ip_list.trim() === '' ? 0 : ipEditForm.ip_list.trim().split("\n").length }} AnyConnect客户端最多支持{{ this.maxRouteRows }}条路由</div> placeholder="每行一条路由192.168.1.0/24,备注 或 192.168.1.0/24"></el-input>
<div class="msg-info">当前共
{{ ipEditForm.ip_list.trim() === '' ? 0 : ipEditForm.ip_list.trim().split("\n").length }}
AnyConnect客户端最多支持{{ this.maxRouteRows }}条路由
</div>
</el-form-item> </el-form-item>
<el-form-item> <el-form-item>
<el-button type="primary" @click="ipEdit()" :loading="ipEditLoading">更新</el-button> <el-button type="primary" @click="ipEdit()" :loading="ipEditLoading">更新</el-button>
@ -457,22 +523,22 @@ export default {
page: 1, page: 1,
tableData: [], tableData: [],
count: 10, count: 10,
activeTab : "general", activeTab: "general",
readMore: {}, readMore: {},
readMinRows : 5, readMinRows: 5,
maxRouteRows : 2500, maxRouteRows: 2500,
defAuth : { defAuth: {
type:'local', type: 'local',
radius:{addr:"", secret:""}, radius: {addr: "", secret: ""},
ldap:{ ldap: {
addr:"", addr: "",
tls:false, tls: false,
base_dn:"", base_dn: "",
object_class:"person", object_class: "person",
search_attr:"sAMAccountName", search_attr: "sAMAccountName",
member_of:"", member_of: "",
bind_name:"", bind_name: "",
bind_pwd:"", bind_pwd: "",
}, },
}, },
ruleForm: { ruleForm: {
@ -480,24 +546,25 @@ export default {
bandwidth_format: '0', bandwidth_format: '0',
status: 1, status: 1,
allow_lan: true, allow_lan: true,
client_dns: [{val: '114.114.114.114'}], client_dns: [{val: '114.114.114.114', note: '默认dns'}],
split_dns: [],
route_include: [{val: 'all', note: '默认全局代理'}], route_include: [{val: 'all', note: '默认全局代理'}],
route_exclude: [], route_exclude: [],
link_acl: [], link_acl: [],
auth : {}, auth: {},
}, },
authLoginDialog : false, authLoginDialog: false,
ipListDialog : false, ipListDialog: false,
authLoginLoading : false, authLoginLoading: false,
authLoginForm : { authLoginForm: {
name : "", name: "",
pwd : "", pwd: "",
}, },
ipEditForm: { ipEditForm: {
ip_list: "", ip_list: "",
type : "", type: "",
}, },
ipEditLoading : false, ipEditLoading: false,
authLoginRules: { authLoginRules: {
name: [ name: [
{required: true, message: '请输入账号', trigger: 'blur'}, {required: true, message: '请输入账号', trigger: 'blur'},
@ -548,11 +615,11 @@ export default {
}, },
methods: { methods: {
setAuthData(row) { setAuthData(row) {
if (! row) { if (!row) {
this.ruleForm.auth = JSON.parse(JSON.stringify(this.defAuth)); this.ruleForm.auth = JSON.parse(JSON.stringify(this.defAuth));
return ; return;
} }
if (row.auth.type == "ldap" && ! row.auth.ldap.object_class) { if (row.auth.type == "ldap" && !row.auth.ldap.object_class) {
row.auth.ldap.object_class = this.defAuth.ldap.object_class; row.auth.ldap.object_class = this.defAuth.ldap.object_class;
} }
this.ruleForm.auth = Object.assign(JSON.parse(JSON.stringify(this.defAuth)), row.auth); this.ruleForm.auth = Object.assign(JSON.parse(JSON.stringify(this.defAuth)), row.auth);
@ -624,7 +691,8 @@ export default {
// arr.pop() // arr.pop()
}, },
addDomain(arr) { addDomain(arr) {
arr.push({val: "", action: "allow", port: 0}); console.log("arr", arr)
arr.push({val: "", action: "allow", port: "0", note: ""});
}, },
submitForm(formName) { submitForm(formName) {
this.$refs[formName].validate((valid) => { this.$refs[formName].validate((valid) => {
@ -656,9 +724,11 @@ export default {
return false; return false;
} }
this.authLoginLoading = true; this.authLoginLoading = true;
axios.post('/group/auth_login', {name:this.authLoginForm.name, axios.post('/group/auth_login', {
pwd:this.authLoginForm.pwd, name: this.authLoginForm.name,
auth:this.ruleForm.auth}).then(resp => { pwd: this.authLoginForm.pwd,
auth: this.ruleForm.auth
}).then(resp => {
const rdata = resp.data; const rdata = resp.data;
if (rdata.code === 0) { if (rdata.code === 0) {
this.$message.success("登录成功"); this.$message.success("登录成功");
@ -731,7 +801,7 @@ export default {
isValidCIDR(input) { isValidCIDR(input) {
const cidrRegex = /^((25[0-5]|2[0-4]\d|[01]?\d\d?)\.){3}(25[0-5]|2[0-4]\d|[01]?\d\d?)\/([12]?\d|3[0-2])$/; const cidrRegex = /^((25[0-5]|2[0-4]\d|[01]?\d\d?)\.){3}(25[0-5]|2[0-4]\d|[01]?\d\d?)\/([12]?\d|3[0-2])$/;
if (!cidrRegex.test(input)) { if (!cidrRegex.test(input)) {
return { valid: false, suggestion: null }; return {valid: false, suggestion: null};
} }
const [ip, mask] = input.split('/'); const [ip, mask] = input.split('/');
const maskNum = parseInt(mask); const maskNum = parseInt(mask);
@ -746,10 +816,10 @@ export default {
networkIPParts.push(parseInt(octet, 2)); networkIPParts.push(parseInt(octet, 2));
} }
const suggestedIP = networkIPParts.join('.'); const suggestedIP = networkIPParts.join('.');
return { valid: false, suggestion: `${suggestedIP}/${mask}` }; return {valid: false, suggestion: `${suggestedIP}/${mask}`};
} }
} }
return { valid: true, suggestion: null }; return {valid: true, suggestion: null};
}, },
resetForm(formName) { resetForm(formName) {
this.$refs[formName].resetFields(); this.$refs[formName].resetFields();
@ -766,7 +836,7 @@ export default {
}, },
beforeTabLeave() { beforeTabLeave() {
var isSwitch = true var isSwitch = true
if (! this.user_edit_dialog) { if (!this.user_edit_dialog) {
return isSwitch; return isSwitch;
} }
this.$refs['ruleForm'].validate((valid) => { this.$refs['ruleForm'].validate((valid) => {
@ -813,19 +883,20 @@ export default {
width: 80px; width: 80px;
} }
::v-deep .valgin-dialog{ ::v-deep .valgin-dialog {
display: flex; display: flex;
flex-direction: column; flex-direction: column;
margin:0 !important; margin: 0 !important;
position:absolute; position: absolute;
top:50%; top: 50%;
left:50%; left: 50%;
transform:translate(-50%,-50%); transform: translate(-50%, -50%);
max-height:calc(100% - 30px); max-height: calc(100% - 30px);
max-width:calc(100% - 30px); max-width: calc(100% - 30px);
} }
::v-deep .valgin-dialog .el-dialog__body{
flex:1; ::v-deep .valgin-dialog .el-dialog__body {
flex: 1;
overflow: auto; overflow: auto;
} }
</style> </style>