From a0065ade42735243e089dcad8f6495861e766a97 Mon Sep 17 00:00:00 2001
From: bjdgyc <bjdgyc@163.com>
Date: Thu, 26 Aug 2021 15:33:56 +0800
Subject: [PATCH] =?UTF-8?q?=E4=BF=AE=E6=94=B9=E5=AE=A1=E8=AE=A1=E5=8F=82?=
 =?UTF-8?q?=E6=95=B0?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 server/base/config.go          |  2 +-
 server/conf/server-sample.toml |  2 +-
 server/handler/payload.go      | 10 +++++-----
 server/sessdata/session.go     |  6 +++++-
 4 files changed, 12 insertions(+), 8 deletions(-)

diff --git a/server/base/config.go b/server/base/config.go
index adf9a6f..f86282e 100644
--- a/server/base/config.go
+++ b/server/base/config.go
@@ -55,7 +55,7 @@ var configs = []config{
 	{Typ: cfgInt, Name: "mobile_dpd", Usage: "移动端死链接检测时间(秒)", ValInt: 60},
 	{Typ: cfgInt, Name: "session_timeout", Usage: "session过期时间(秒)", ValInt: 3600},
 	// {Typ: cfgInt, Name: "auth_timeout", Usage: "auth_timeout", ValInt: 0},
-	{Typ: cfgInt, Name: "audit_interval", Usage: "审计去重间隔(秒),0关闭", ValInt: 0},
+	{Typ: cfgInt, Name: "audit_interval", Usage: "审计去重间隔(秒),-1关闭", ValInt: -1},
 }
 
 var envs = map[string]string{}
diff --git a/server/conf/server-sample.toml b/server/conf/server-sample.toml
index 3be1a12..0539481 100644
--- a/server/conf/server-sample.toml
+++ b/server/conf/server-sample.toml
@@ -62,7 +62,7 @@ mobile_dpd = 50
 #session过期时间，用于断线重连，0永不过期
 session_timeout = 3600
 auth_timeout = 0
-
+audit_interval = -1
 
 
 
diff --git a/server/handler/payload.go b/server/handler/payload.go
index 4cee71f..acc27d6 100644
--- a/server/handler/payload.go
+++ b/server/handler/payload.go
@@ -100,15 +100,11 @@ func checkLinkAcl(group *dbdata.Group, pl *sessdata.Payload) bool {
 
 // 访问日志审计
 func logAudit(cSess *sessdata.ConnSession, pl *sessdata.Payload) {
-	if base.Cfg.AuditInterval <= 0 {
+	if base.Cfg.AuditInterval < 0 {
 		return
 	}
 
-	ipSrc := waterutil.IPv4Source(pl.Data)
-	ipDst := waterutil.IPv4Destination(pl.Data)
-	ipPort := waterutil.IPv4DestinationPort(pl.Data)
 	ipProto := waterutil.IPv4Protocol(pl.Data)
-
 	// 只统计 tcp和udp 的访问
 	switch ipProto {
 	case waterutil.TCP:
@@ -117,6 +113,10 @@ func logAudit(cSess *sessdata.ConnSession, pl *sessdata.Payload) {
 		return
 	}
 
+	ipSrc := waterutil.IPv4Source(pl.Data)
+	ipDst := waterutil.IPv4Destination(pl.Data)
+	ipPort := waterutil.IPv4DestinationPort(pl.Data)
+
 	b := getByte34()
 	key := *b
 	copy(key[:16], ipSrc)
diff --git a/server/sessdata/session.go b/server/sessdata/session.go
index 764b08c..97d6e3e 100644
--- a/server/sessdata/session.go
+++ b/server/sessdata/session.go
@@ -186,10 +186,14 @@ func (s *Session) NewConn() *ConnSession {
 		PayloadIn:      make(chan *Payload, 64),
 		PayloadOutCstp: make(chan *Payload, 64),
 		PayloadOutDtls: make(chan *Payload, 64),
-		IpAuditMap:     make(map[string]int64, 512),
 		dSess:          &atomic.Value{},
 	}
 
+	// ip 审计
+	if base.Cfg.AuditInterval >= 0 {
+		cSess.IpAuditMap = make(map[string]int64, 512)
+	}
+
 	dSess := &DtlsSession{
 		isActive: -1,
 	}