Merge pull request #335 from bjdgyc/go1.22

升级go版本添加acl协议支持
2025-08-08 16:43:25 +08:00 · 2024-09-03 17:56:36 +08:00
parent d796a6850a 415f312f40
commit cd21ffd7ab
15 changed files with 92 additions and 31 deletions
--- a/server/dbdata/db.go
+++ b/server/dbdata/db.go
@@ -147,7 +147,7 @@ func addInitData() error {
 		Name:         "all",
 		AllowLan:     true,
 		ClientDns:    []ValData{{Val: "114.114.114.114"}},
-		RouteInclude: []ValData{{Val: All}},
+		RouteInclude: []ValData{{Val: ALL}},
 		Status:       1,
 	}
 	err = SetGroup(&g1)
--- a/server/dbdata/group.go
+++ b/server/dbdata/group.go
@@ -10,6 +10,7 @@ import (
 	"time"

 	"github.com/bjdgyc/anylink/base"
+	"github.com/songgao/water/waterutil"
 	"golang.org/x/text/language"
 	"golang.org/x/text/message"
 )
@@ -17,7 +18,10 @@ import (
 const (
 	Allow = "allow"
 	Deny  = "deny"
-	All   = "all"
+	ALL   = "all"
+	TCP   = "tcp"
+	UDP   = "udp"
+	ICMP  = "icmp"
 )

 // 域名分流最大字符2万
@@ -25,12 +29,14 @@ const DsMaxLen = 20000

 type GroupLinkAcl struct {
 	// 自上而下匹配 默认 allow * *
-	Action string          `json:"action"` // allow、deny
-	Val    string          `json:"val"`
-	Port   string          `json:"port"` // 兼容单端口历史数据类型uint16
-	Ports  map[uint16]int8 `json:"ports"`
-	IpNet  *net.IPNet      `json:"ip_net"`
-	Note   string          `json:"note"`
+	Action   string               `json:"action"`      // allow、deny
+	Protocol string               `json:"protocol"`    // 支持 ALL、TCP、UDP、ICMP 协议
+	IpProto  waterutil.IPProtocol `json:"ip_protocol"` // 判断协议使用
+	Val      string               `json:"val"`
+	Port     string               `json:"port"` // 兼容单端口历史数据类型uint16
+	Ports    map[uint16]int8      `json:"ports"`
+	IpNet    *net.IPNet           `json:"ip_net"`
+	Note     string               `json:"note"`
 }

 type ValData struct {
@@ -114,7 +120,7 @@ func SetGroup(g *Group) error {
 	routeInclude := []ValData{}
 	for _, v := range g.RouteInclude {
 		if v.Val != "" {
-			if v.Val == All {
+			if v.Val == ALL {
 				routeInclude = append(routeInclude, v)
 				continue
 			}
@@ -164,6 +170,16 @@ func SetGroup(g *Group) error {
 			}
 			v.IpNet = ipNet

+			// 设置协议数据
+			switch v.Protocol {
+			case TCP:
+				v.IpProto = waterutil.TCP
+			case UDP:
+				v.IpProto = waterutil.UDP
+			case ICMP:
+				v.IpProto = waterutil.ICMP
+			}
+
 			portsStr := v.Port
 			v.Port = strings.TrimSpace(portsStr)
 			// switch vp := v.Port.(type) {
--- a/server/dbdata/policy.go
+++ b/server/dbdata/policy.go
@@ -27,7 +27,7 @@ func SetPolicy(p *Policy) error {
 	routeInclude := []ValData{}
 	for _, v := range p.RouteInclude {
 		if v.Val != "" {
-			if v.Val == All {
+			if v.Val == ALL {
 				routeInclude = append(routeInclude, v)
 				continue
 			}
--- a/server/dbdata/tables.go
+++ b/server/dbdata/tables.go
@@ -67,12 +67,12 @@ type Setting struct {
 type AccessAudit struct {
 	Id          int       `json:"id" xorm:"pk autoincr not null"`
 	Username    string    `json:"username" xorm:"varchar(60) not null"`
-	Protocol    uint8     `json:"protocol" xorm:"not null"`
+	Protocol    uint8     `json:"protocol" xorm:"Int not null"`
 	Src         string    `json:"src" xorm:"varchar(60) not null"`
-	SrcPort     uint16    `json:"src_port" xorm:"not null"`
+	SrcPort     uint16    `json:"src_port" xorm:"Int not null"`
 	Dst         string    `json:"dst" xorm:"varchar(60) not null"`
-	DstPort     uint16    `json:"dst_port" xorm:"not null"`
-	AccessProto uint8     `json:"access_proto" xorm:"default 0"`                // 访问协议
+	DstPort     uint16    `json:"dst_port" xorm:"Int not null"`
+	AccessProto uint8     `json:"access_proto" xorm:"Int default 0"`            // 访问协议
 	Info        string    `json:"info" xorm:"varchar(255) not null default ''"` // 详情
 	CreatedAt   time.Time `json:"created_at" xorm:"DateTime"`
 }