修复acl表结构

2025-08-07 21:28:50 +08:00 · 2024-04-22 16:47:06 +08:00
parent 1b066ef602
commit cb902a6b9b
3 changed files with 27 additions and 26 deletions
--- a/server/dbdata/group.go
+++ b/server/dbdata/group.go
@@ -27,7 +27,7 @@ type GroupLinkAcl struct {
 	// 自上而下匹配 默认 allow * *
 	Action string          `json:"action"` // allow、deny
 	Val    string          `json:"val"`
-	Port   interface{}     `json:"port"` //兼容单端口历史数据类型uint16
+	Port   string          `json:"port"` // 兼容单端口历史数据类型uint16
 	Ports  map[uint16]int8 `json:"ports"`
 	IpNet  *net.IPNet      `json:"ip_net"`
 	Note   string          `json:"note"`
@@ -164,13 +164,14 @@ func SetGroup(g *Group) error {
 			}
 			v.IpNet = ipNet

-			portsStr := ""
-			switch vp := v.Port.(type) {
-				case float64:
-					portsStr = strconv.Itoa(int(vp))
-				case string:
-					portsStr = vp
-			}
+			portsStr := v.Port
+			v.Port = strings.TrimSpace(portsStr)
+			// switch vp := v.Port.(type) {
+			// case float64:
+			// 	portsStr = strconv.Itoa(int(vp))
+			// case string:
+			// 	portsStr = vp
+			// }

 			if regexp.MustCompile(`^\d{1,5}(-\d{1,5})?(,\d{1,5}(-\d{1,5})?)*$`).MatchString(portsStr) {
 				ports := map[uint16]int8{}
--- a/server/handler/payload.go
+++ b/server/handler/payload.go
@@ -90,23 +90,23 @@ func checkLinkAcl(group *dbdata.Group, pl *sessdata.Payload) bool {
 		if v.IpNet.Contains(ipDst) {

 			// 放行允许ip的ping
-			if v.Ports == nil || len(v.Ports) == 0 {
-				//单端口历史数据兼容
-				port := uint16(v.Port.(float64))
-				if port == ipPort || port == 0 || ipProto == waterutil.ICMP {
-					if v.Action == dbdata.Allow {
-						return true
-					} else {
-						return false
-					}
-				}
-			} else {
-				if dbdata.ContainsInPorts(v.Ports, ipPort) || dbdata.ContainsInPorts(v.Ports, 0) || ipProto == waterutil.ICMP {
-					if v.Action == dbdata.Allow {
-						return true
-					} else {
-						return false
-					}
+			// if v.Ports == nil || len(v.Ports) == 0 {
+			// 	//单端口历史数据兼容
+			// 	port := uint16(v.Port.(float64))
+			// 	if port == ipPort || port == 0 || ipProto == waterutil.ICMP {
+			// 		if v.Action == dbdata.Allow {
+			// 			return true
+			// 		} else {
+			// 			return false
+			// 		}
+			// 	}
+			// } else {
+
+			if dbdata.ContainsInPorts(v.Ports, ipPort) || dbdata.ContainsInPorts(v.Ports, 0) || ipProto == waterutil.ICMP {
+				if v.Action == dbdata.Allow {
+					return true
+				} else {
+					return false
 				}
 			}
 		}