内网域名

Merge pull request #314 from bjdgyc/dev
支持分割DNS功能
2025-09-28 16:15:17 +08:00 · 2024-04-25 10:18:40 +08:00 · 2024-04-24 17:56:18 +08:00 · 2024-04-24 17:39:50 +08:00 · 2024-04-24 15:27:53 +08:00 · 2024-04-23 16:59:52 +08:00
50 changed files with 1574 additions and 866 deletions
--- a/.gitignore
+++ b/.gitignore
@@ -2,6 +2,7 @@
 .idea/
 anylink-deploy
 anylink-deploy.tar.gz
 anylink-deploy-*
 anylink
 anylink.db
--- a/README.md
+++ b/README.md
@@ -23,10 +23,10 @@ AnyLink 是一个企业级远程办公 sslvpn 的软件，可以支持多人同
 AnyLink 基于 [ietf-openconnect](https://tools.ietf.org/html/draft-mavrogiannopoulos-openconnect-02)
 协议开发，并且借鉴了 [ocserv](http://ocserv.gitlab.io/www/index.html) 的开发思路，使其可以同时兼容 AnyConnect 客户端。
-AnyLink 使用 TLS/DTLS 进行数据加密，因此需要 RSA 或 ECC 证书，可以通过 Let's Encrypt 和 TrustAsia 申请免费的 SSL 证书。
+AnyLink 使用 TLS/DTLS 进行数据加密，因此需要 RSA 或 ECC 证书，可以使用私有自签证书，可以通过 Let's Encrypt 和 TrustAsia 申请免费的 SSL 证书。
 AnyLink 服务端仅在 CentOS 7、CentOS 8、Ubuntu 18.04、Ubuntu 20.04 测试通过，如需要安装在其他系统，需要服务端支持 tun/tap
-功能、ip 设置命令。
+功能、ip 设置命令、iptables命令。
 ## Screenshot
@@ -48,17 +48,23 @@ AnyLink 服务端仅在 CentOS 7、CentOS 8、Ubuntu 18.04、Ubuntu 20.04 测试
 >
 > https://github.com/bjdgyc/anylink/releases
 > 
-> 如果不会安装，可以提供有偿远程协助服务。添加QQ联系我 68492170
+> https://gitee.com/bjdgyc/anylink/releases
 >
 > 如果不会安装，可以提供有偿远程协助服务(200 CNY)。添加QQ(68492170)联系我
 > 
 > 也可以添加QQ群 咨询群内大佬
 > 
 > 添加QQ群①(已满): 567510628
 > 
 > 添加QQ群②: 739072205
 ### 使用问题
-> 对于测试环境，可以使用 vpn.test.vqilu.cn 绑定host进行测试
+> 对于测试环境，可以直接进行测试，需要客户端取消勾选【阻止不受信任的服务器(Block connections to untrusted servers)】
 >
-> 对于线上环境，必须申请安全的 https 证书，不支持私有证书连接
+> 对于线上环境，尽量申请安全的https证书(跟nginx使用的pem证书类型一致)
 >
-> 服务端安装 yum install iproute 或者 apt-get install iproute2
+> 群共享文件有相关客户端软件下载，其他版本没有测试过，不保证使用正常
 >
 > 客户端请使用群共享文件的版本，其他版本没有测试过，不保证使用正常
 > 
 > 其他问题 [前往查看](doc/question.md)
 >
@@ -68,19 +74,23 @@ AnyLink 服务端仅在 CentOS 7、CentOS 8、Ubuntu 18.04、Ubuntu 20.04 测试
 ### 自行编译安装
-> 需要提前安装好 golang >= 1.20 和 nodejs = 16.x 和 yarn >= v1.22.x
+> 需要提前安装好 docker
 ```shell
 git clone https://github.com/bjdgyc/anylink.git
-# 编译参考软件版本
+# docker编译 参考软件版本(不需要安装)
 # go 1.20.12
 # node v16.20.2
 # yarn 1.22.19
 cd anylink
-sh build.sh
+
 # 编译前端
 bash build_web.sh
 # 编译 anylink-deploy 发布文件
 bash build.sh
 # 注意使用root权限运行
 cd anylink-deploy
@@ -102,10 +112,11 @@ sudo ./anylink
 - [x] 兼容 AnyConnect
 - [x] 兼容 OpenConnect
 - [x] 基于 tun 设备的 nat 访问模式
- [x] 基于 tap 设备的桥接访问模式
+- [x] 基于 tun 设备的桥接访问模式
 - [x] 基于 macvtap 设备的桥接访问模式
 - [x] 支持 [proxy protocol v1&v2](http://www.haproxy.org/download/2.2/doc/proxy-protocol.txt) 协议
 - [x] 用户组支持
 - [x] 用户组策略支持
 - [x] 多用户支持
 - [x] 用户策略支持
 - [x] TOTP 令牌支持
@@ -113,10 +124,16 @@ sudo ./anylink
 - [x] 流量速率限制
 - [x] 后台管理界面
 - [x] 访问权限管理
 - [x] 用户活动审计功能
 - [x] IP 访问审计功能
 - [x] 域名动态拆分隧道（域名路由功能）
 - [x] radius认证支持
 - [x] LDAP认证支持
 - [x] 空闲链接超时自动断开
 - [x] 流量压缩功能
 - [x] 出口 IP 自动放行
 - [x] 支持多服务的配置区分
 - [x] 支持私有自签证书
 - [ ] 基于 ipvtap 设备的桥接访问模式
 ## Config
@@ -161,6 +178,17 @@ sudo ./anylink
 ## Setting
 ### 依赖设置
 > 服务端依赖安装:
 >
 > centos: yum install iptables iproute
 >
 > ubuntu: apt-get install iptables iproute2
 ### link_mode 设置
 > 以下参数必须设置其中之一
 网络模式选择，需要配置 `link_mode` 参数，如 `link_mode="tun"`,`link_mode="macvtap"`,`link_mode="tap"(不推荐)` 等参数。
@@ -170,11 +198,13 @@ sudo ./anylink
 IP 层的数据互相转换，性能会有所下降。 如果需要在虚拟机内开启 tap
 模式，请确认虚拟机的网卡开启混杂模式。
-### tun 设置
+#### tun 设置
 1. 开启服务器转发
 ```shell
 # 新版本支持自动设置ip转发
 # file: /etc/sysctl.conf
 net.ipv4.ip_forward = 1
@@ -223,13 +253,49 @@ https://cloud.tencent.com/document/product/216/62007
 3. 使用 AnyConnect 客户端连接即可
-### macvtap 设置
+#### 桥接设置
 1. 设置配置文件
 > macvtap 设置相对比较简单，只需要配置相应的参数即可。
 > 
 > 网络要求：需要网络支持 ARP 传输，可通过 ARP 宣告普通内网 IP。
 > 
 > 网络限制：云环境下不能使用，网卡mac加白环境不能使用，802.1x认证网络不能使用
 > 
 > 以下参数可以通过执行 `ip a` 查看
 1.1 arp_proxy
 ```
 # file: /etc/sysctl.conf
 net.ipv4.conf.all.proxy_arp = 1
 #执行如下命令
 sysctl -w net.ipv4.conf.all.proxy_arp=1
 配置文件修改:
 # 首先关闭nat转发功能
 iptables_nat = false
 link_mode = "tun"
 #内网主网卡名称
 ipv4_master = "eth0"
 #以下网段需要跟ipv4_master网卡设置成一样
 ipv4_cidr = "10.1.2.0/24"
 ipv4_gateway = "10.1.2.99"
 ipv4_start = "10.1.2.100"
 ipv4_end = "10.1.2.200"
 ```
 1.2 macvtap
 ```
 # 命令行执行 master网卡需要打开混杂模式
@@ -356,25 +422,30 @@ ipv4_end = "10.1.2.200"
 请前往 [问题地址](doc/question.md) 查看具体信息
 <!--
 ## Discussion
 添加QQ群(1)(已满): 567510628
 添加QQ群(2): 739072205
 群共享文件有相关软件下载
 <!--
 添加微信群: 群共享文件有相关软件下载
 ![contact_me_qr](doc/screenshot/contact_me_qr.png)
 -->
 ## Support Document
 - [三方文档-男孩的天职](https://note.youdao.com/s/X4AxyWfL)
 - [三方文档-issues](https://github.com/bjdgyc/anylink/issues)
 - [三方文档-思有云](https://www.ioiox.com/archives/128.html)
 - [三方文档-啵品](https://yangpin.link/archives/1633.html)
 ## Support Client
 - [AnyConnect Secure Client](https://www.cisco.com/) (可通过群文件下载: Windows/macOS/Linux/Android/iOS)
 - [OpenConnect](https://gitlab.com/openconnect/openconnect) (Windows/macOS/Linux)
- [AnyLink Secure Client](https://github.com/tlslink/anylink-client) (Windows/macOS/Linux)
+- [三方 AnyLink Secure Client](https://github.com/tlslink/anylink-client) (Windows/macOS/Linux)
 - [三方客户端下载地址](https://cisco.yangpin.link) (Windows/macOS/Linux/Android/iOS)
 ## Contribution
--- a/build.sh
+++ b/build.sh
@@ -1,65 +1,28 @@
 #!/bin/bash
 set -x
 function RETVAL() {
  rt=$1
  if [ $rt != 0 ]; then
    echo $rt
    exit 1
  fi
 }
 #当前目录
 cpath=$(pwd)
-#ver=`cat server/base/app_ver.go | grep APP_VER | awk '{print $3}' | sed 's/"//g'`
+
 ver=$(cat version)
-echo "当前版本 $ver"
+echo $ver
-echo "编译前端项目"
+#前端编译 仅需要执行一次
-cd $cpath/web
+#bash ./build_web.sh
-#国内可替换源加快速度
+bash build_docker.sh
 #npx browserslist@latest --update-db
 yarn install --registry=https://registry.npmmirror.com
 yarn run build
 RETVAL $?
-echo "编译二进制文件"
+deploy="anylink-deploy-$ver"
-cd $cpath/server
+docker container rm $deploy
-rm -rf ui
+docker container create --name $deploy bjdgyc/anylink:$ver
-cp -rf $cpath/web/ui .
+rm -rf anylink-deploy anylink-deploy.tar.gz
 docker cp -a $deploy:/app ./anylink-deploy
 tar zcf ${deploy}.tar.gz anylink-deploy
 # -tags osusergo,netgo,sqlite_omit_load_extension
 flags="-v -trimpath"
-# -extldflags '-static'
+./anylink-deploy/anylink -v
 ldflags="-s -w -X main.appVer=$ver -X main.commitId=$(git rev-parse HEAD) -X main.date=$(date -Iseconds)"
 #国内可替换源加快速度
 export GOPROXY=https://goproxy.io
 go mod tidy
 go build -o anylink $flags -ldflags "$ldflags"
-cd $cpath
+echo "anylink 编译完成，目录: anylink-deploy"
 ls -lh anylink-deploy
 exit 0
 echo "整理部署文件"
 deploy="anylink-deploy"
 rm -rf $deploy ${deploy}.tar.gz
 mkdir $deploy
 mkdir $deploy/log
 cp -r server/anylink $deploy
 cp -r server/bridge-init.sh $deploy
 cp -r server/conf $deploy
 cp -r systemd $deploy
 cp -r LICENSE $deploy
 cp -r home $deploy
 tar zcvf ${deploy}.tar.gz $deploy
 #注意使用root权限运行
 #cd anylink-deploy
 #sudo ./anylink --conf="conf/server.toml"
--- a/build_docker.sh
+++ b/build_docker.sh
@@ -8,17 +8,17 @@ echo $ver
 # 生成时间 2024-01-30T21:41:27+08:00
 # date -Iseconds
-#docker run -it --rm -v $PWD/web:/app -w /app node:16-alpine \
+#bash ./build_web.sh
 #  sh -c "yarn install --registry=https://registry.npmmirror.com && yarn run build"
-# docker buildx build --platform linux/amd64,linux/arm64 本地不生成镜像
+# docker buildx build --platform linux/amd64,linux/arm64,linux/arm/v7 本地不生成镜像
-docker build -t bjdgyc/anylink:latest --progress=plain --build-arg CN="yes" --build-arg appVer=$ver \
+docker build -t bjdgyc/anylink:latest --no-cache --progress=plain \
-  --build-arg commitId=$(git rev-parse HEAD) -f docker/Dockerfile .
+  --build-arg CN="yes" --build-arg appVer=$ver --build-arg commitId=$(git rev-parse HEAD) \
  -f docker/Dockerfile .
 echo "docker tag latest $ver"
 docker tag bjdgyc/anylink:latest bjdgyc/anylink:$ver
-#exit 0
+exit 0
 docker tag bjdgyc/anylink:latest registry.cn-qingdao.aliyuncs.com/bjdgyc/anylink:latest
--- a/release_test.sh
+++ b/release_test.sh
@@ -17,8 +17,11 @@ cpath=$(pwd)
 ver=$(cat version)
 echo $ver
 #前端编译 仅需要执行一次
 #bash ./build_web.sh
 echo "copy二进制文件"
-cd $cpath/server
+
 # -tags osusergo,netgo,sqlite_omit_load_extension
 flags="-trimpath"
 ldflags="-s -w -extldflags '-static' -X main.appVer=$ver -X main.commitId=$(git rev-parse HEAD) -X main.buildDate=$(date --iso-8601=seconds)"
@@ -27,47 +30,42 @@ gopath=/go
 dockercmd=$(
  cat <<EOF
-sed -i 's/dl-cdn.alpinelinux.org/mirrors.tuna.tsinghua.edu.cn/g' /etc/apk/repositories
+sed -i 's/dl-cdn.alpinelinux.org/mirrors.ustc.edu.cn/g' /etc/apk/repositories
 apk add gcc g++ musl musl-dev tzdata
 export GOPROXY=https://goproxy.cn
 go mod tidy
 echo "build:"
 rm anylink
 export CGO_ENABLED=1
-go build -v -o anylink_amd64 $flags -ldflags "$ldflags"
+go build -v -o anylink $flags -ldflags "$ldflags"
-./anylink_amd64 -v
+./anylink -v
 EOF
 )
 #使用 musl-dev 编译
-docker run -q --rm -v $PWD:/app -v $gopath:/go -w /app --platform=linux/amd64 \
+docker run -q --rm -v $PWD/server:/app -v $gopath:/go -w /app --platform=linux/amd64 \
  golang:1.20-alpine3.19 sh -c "$dockercmd"
 exit 0
 #arm64编译
-docker run -q --rm -v $PWD:/app -v $gopath:/go -w /app --platform=linux/arm64 \
+#docker run -q --rm -v $PWD/server:/app -v $gopath:/go -w /app --platform=linux/arm64 \
-  golang:1.20-alpine3.19 go build -o anylink_arm64 $flags -ldflags "$ldflags"
+#  golang:1.20-alpine3.19 go build -o anylink_arm64 $flags -ldflags "$ldflags"
-./anylink_arm64 -v
+#exit 0
-exit 0
+#cd $cpath
 cd $cpath
 echo "整理部署文件"
-deploy="anylink-deploy"
+rm -rf anylink-deploy anylink-deploy.tar.gz
-rm -rf $deploy ${deploy}.tar.gz
+mkdir anylink-deploy
-mkdir $deploy
+mkdir anylink-deploy/log
 mkdir $deploy/log
-cp -r server/anylink $deploy
+cp -r server/anylink anylink-deploy
-cp -r server/bridge-init.sh $deploy
+cp -r server/conf anylink-deploy
 cp -r server/conf $deploy
-cp -r systemd $deploy
+cp -r index_template anylink-deploy
-cp -r LICENSE $deploy
+cp -r deploy anylink-deploy
-cp -r home $deploy
+cp -r LICENSE anylink-deploy
-tar zcvf ${deploy}.tar.gz $deploy
+tar zcvf anylink-deploy.tar.gz anylink-deploy
 #注意使用root权限运行
 #cd anylink-deploy
--- a/build_web.sh
+++ b/build_web.sh
@@ -0,0 +1,9 @@
 #!/bin/bash
 rm -rf web/ui server/ui
 docker run -it --rm -v $PWD/web:/app -w /app node:16-alpine \
  sh -c "yarn install --registry=https://registry.npmmirror.com && yarn run build"
 cp -r web/ui server/ui
--- a/doc/question.md
+++ b/doc/question.md
@@ -10,6 +10,10 @@
 > 请使用手机安装 freeotp ，然后扫描otp二维码，生成的数字即是动态码
 ### 用户策略问题
 > 只要有用户策略，组策略就不生效，相当于覆盖了组策略的配置
 ### 远程桌面连接
 > 本软件已经支持远程桌面里面连接anyconnect。
--- a/docker/init_build.sh
+++ b/docker/init_build.sh
@@ -4,7 +4,8 @@ set -x
 #TODO 本地打包时使用镜像
 if [[ $CN == "yes" ]]; then
-  sed -i 's/dl-cdn.alpinelinux.org/mirrors.tuna.tsinghua.edu.cn/g' /etc/apk/repositories
+  #sed -i 's/dl-cdn.alpinelinux.org/mirrors.tuna.tsinghua.edu.cn/g' /etc/apk/repositories
  sed -i 's/dl-cdn.alpinelinux.org/mirrors.ustc.edu.cn/g' /etc/apk/repositories
  export GOPROXY=https://goproxy.cn
 fi
@@ -20,7 +21,7 @@ go mod tidy
 echo "start build"
-ldflags="-s -w -X main.appVer=$appVer -X main.commitId=$commitId -X main.buildDate=$(date -Iseconds) -extldflags '-static' "
+ldflags="-s -w -X main.appVer=$appVer -X main.commitId=$commitId -X main.buildDate=$(date -Iseconds) -extldflags \"-static\" "
 export CGO_ENABLED=1
 go build -v -o anylink -trimpath -ldflags "$ldflags"
--- a/docker/init_release.sh
+++ b/docker/init_release.sh
@@ -4,7 +4,8 @@ set -x
 #TODO 本地打包时使用镜像
 if [[ $CN == "yes" ]]; then
-  sed -i 's/dl-cdn.alpinelinux.org/mirrors.tuna.tsinghua.edu.cn/g' /etc/apk/repositories
+  #sed -i 's/dl-cdn.alpinelinux.org/mirrors.tuna.tsinghua.edu.cn/g' /etc/apk/repositories
  sed -i 's/dl-cdn.alpinelinux.org/mirrors.ustc.edu.cn/g' /etc/apk/repositories
  export GOPROXY=https://goproxy.cn
 fi
--- a/index_template/自定义首页2.html
+++ b/index_template/自定义首页2.html
@@ -0,0 +1,165 @@
 <!DOCTYPE html>
 <html lang="zh-CN">
 <head>
    <meta charset=UTF-8">
    <title id="pageTitle">客户端下载</title>
    <meta name="viewport" content="width=device-width, initial-scale=1.0">
    <style type="text/css">
        body {
            background-color: #fff;
            background-image: linear-gradient(0deg, transparent 24%, rgba(207, 207, 207, 0.2) 25%, rgba(207, 207, 207, 0.2) 26%, transparent 27%, transparent 74%, rgba(207, 207, 207, 0.2) 75%, rgba(207, 207, 207, 0.2) 76%, transparent 77%, transparent),
            linear-gradient(90deg, transparent 24%, rgba(207, 207, 207, 0.2) 25%, rgba(207, 207, 207, 0.2) 26%, transparent 27%, transparent 74%, rgba(207, 207, 207, 0.2) 75%, rgba(207, 207, 207, 0.2) 76%, transparent 77%, transparent);
            background-size: 50px 50px;
            margin: 0;
            padding: 0;
            display: flex;
            justify-content: center;
            align-items: center;
            height: 100vh;
        }
        #box {
            background-color: #ffffff;
            box-shadow: 0 0 10px rgba(0, 0, 0, 0.1);
            position: relative;
            padding: 20px;
            border-radius: 8px;
            max-width: 550px;
            width: 100%;
            box-sizing: border-box;
        }
        h2 {
            color: #333;
            font-weight: 600;
            font-size: 28px;
            margin: 0 0 20px 0;
        }
        p {
            color: #666;
            font-size: 16px;
            line-height: 1.6;
            margin-top: 20px;
        }
        .button {
            background-color: #ddd;
            text-decoration: none;
            line-height: 44px;
            padding: 9px 42px;
            font-weight: 500;
            color: #fff;
            font-size: 16px;
            -webkit-transition: background-color 0.25s ease-out 0s;
            -moz-transition: background-color 0.25s ease-out 0s;
            transition: background-color 0.25s ease-out 0s;
            -moz-border-radius: 4px;
            -webkit-border-radius: 4px;
            border-radius: 4px;
        }
        .button:hover {
            background-color: #CCC;
            color: #444;
        }
        .button:active {
            background-color: #666;
            color: #eee;
        }
        .blue {
            background-color: #007BFF;
        }
        .deep-blue {
            background-color: #0056B3;
        }
        .green {
            background-color: #28A745;
        }
        .grey {
            background-color: #6C757D;
        }
        .black {
            background-color: #343A40;
        }
        .light-blue {
            background-color: #17A2B8;
        }
        .dark-grey {
            background-color: #495057;
        }
        @media (max-width: 768px) {
            h2 {
                font-size: 24px;
            }
            p {
                font-size: 14px;
            }
            .button {
                padding: 7px 35px;
            }
        }
    </style>
 </head>
 <body>
 <div id="app">
    <div id="box">
        <h2 id="title">请选择对应平台下载</h2>
        <p id="windowsTab">Windows 系统</p>
        <a id="linkWindowsX86_64" class="button blue" href="#">Win X86_64</a>
        <a id="linkWindowsARM64" class="button deep-blue" href="#">Win ARM64</a>
        <p id="mobileTab">移动端</p>
        <a id="linkAndroid" class="button green" href="#">Android</a>
        <a id="linkIphone" class="button grey" href="#" target="_blank">iPhone</a>
        <p id="macOSTab">MacOS 系统</p>
        <a id="linkMacos" class="button black" href="#">Mac Intel</a>
        <a id="linkMacosARM64" class="button blue" href="#">Mac ARM64</a>
        <p id="totpTab">TOTP 移动客户端</p>
        <a id="linkTotpAndroid" class="button light-blue" href="#">Android</a>
        <a id="linkTotpIphone" class="button dark-grey" href="#" target="_blank">iPhone</a>
    </div>
 </div>
 <script>
    const data = {
        links: {
            windowsX86_64: '/files/anyconnect-win-4.10.05111.msi',
            windowsARM64: '/files/anyconnect-win-4.10.05111.msi',
            android: '/files/CiscoSecureClientAnyConnect_v5.0.00247.apk',
            iphone: 'https://apps.apple.com/cn/app/cisco-anyconnect/id1135064690',
            macosIntel: '/files/anyconnect-macos-4.10.05111.dmg',
            macosARM64: '/files/anyconnect-macos-4.10.05111.dmg',
            totpAndroid: '/files/Authenticator_v5.10_apkpure.com.apk',
            totpIphone: 'https://apps.apple.com/cn/app/google-authenticator/id388497605',
        }
    };
    window.onload = function () {
        document.getElementById('linkWindowsX86_64').href = data.links.windowsX86_64;
        document.getElementById('linkWindowsARM64').href = data.links.windowsARM64;
        document.getElementById('linkAndroid').href = data.links.android;
        document.getElementById('linkIphone').href = data.links.iphone;
        document.getElementById('linkMacos').href = data.links.macosIntel;
        document.getElementById('linkMacosARM64').href = data.links.macosARM64;
        document.getElementById('linkTotpAndroid').href = data.links.totpAndroid;
        document.getElementById('linkTotpIphone').href = data.links.totpIphone;
    };
 </script>
 </body>
 </html>
--- a/server/admin/api_base.go
+++ b/server/admin/api_base.go
@@ -84,6 +84,7 @@ func authMiddleware(next http.Handler) http.Handler {
 		w.Header().Set("Access-Control-Allow-Methods", "GET,POST,OPTIONS")
 		w.Header().Set("Access-Control-Allow-Headers", "*")
 		if r.Method == http.MethodOptions {
 			// w.WriteHeader(http.StatusOK)
 			// 正式环境不支持 OPTIONS
 			w.WriteHeader(http.StatusForbidden)
 			return
--- a/server/admin/api_group.go
+++ b/server/admin/api_group.go
@@ -75,6 +75,10 @@ func GroupDetail(w http.ResponseWriter, r *http.Request) {
 	if len(data.Auth) == 0 {
 		data.Auth["type"] = "local"
 	}
 	// 兼容旧数据
 	if data.SplitDns == nil {
 		data.SplitDns = []dbdata.ValData{}
 	}
 	RespSucess(w, data)
 }
--- a/server/admin/api_user.go
+++ b/server/admin/api_user.go
@@ -17,6 +17,7 @@ import (
 	"github.com/bjdgyc/anylink/dbdata"
 	"github.com/bjdgyc/anylink/sessdata"
 	"github.com/skip2/go-qrcode"
 	mail "github.com/xhit/go-simple-mail/v2"
 )
 func UserList(w http.ResponseWriter, r *http.Request) {
@@ -213,6 +214,7 @@ type userAccountMailData struct {
 	PinCode      string
 	OtpImg       string
 	OtpImgBase64 string
 	DisableOtp   bool
 }
 func userAccountMail(user *dbdata.User) error {
@@ -264,6 +266,7 @@ func userAccountMail(user *dbdata.User) error {
 		PinCode:      user.PinCode,
 		OtpImg:       fmt.Sprintf("https://%s/otp_qr?id=%d&jwt=%s", setting.LinkAddr, user.Id, tokenString),
 		OtpImgBase64: "data:image/png;base64," + otpData,
 		DisableOtp:   user.DisableOtp,
 	}
 	w := bytes.NewBufferString("")
 	t, _ := template.New("auth_complete").Parse(htmlBody)
@@ -272,5 +275,19 @@ func userAccountMail(user *dbdata.User) error {
 		return err
 	}
 	// fmt.Println(w.String())
-	return SendMail(base.Cfg.Issuer+"平台通知", user.Email, w.String())
+
 	var attach *mail.File
 	if user.DisableOtp {
 		attach = nil
 	} else {
 		imgData, _ := userOtpQr(user.Id, false)
 		attach = &mail.File{
 			MimeType: "image/png",
 			Name:     "userOtpQr.png",
 			Data:     []byte(imgData),
 			Inline:   true,
 		}
 	}
 	return SendMail(base.Cfg.Issuer, user.Email, w.String(), attach)
 }
--- a/server/admin/common.go
+++ b/server/admin/common.go
@@ -43,7 +43,7 @@ func GetJwtData(jwtToken string) (map[string]interface{}, error) {
 	return claims, nil
 }
-func SendMail(subject, to, htmlBody string) error {
+func SendMail(subject, to, htmlBody string, attach *mail.File) error {
 	dataSmtp := &dbdata.SettingSmtp{}
 	err := dbdata.SettingGet(dataSmtp)
@@ -73,7 +73,7 @@ func SendMail(subject, to, htmlBody string) error {
 	// - PLAIN (default)
 	// - LOGIN
 	// - CRAM-MD5
-	server.Authentication = mail.AuthPlain
+	server.Authentication = mail.AuthAuto
 	// Variable to keep alive connection
 	server.KeepAlive = false
@@ -102,6 +102,10 @@ func SendMail(subject, to, htmlBody string) error {
 		AddTo(to).
 		SetSubject(subject)
 	if attach != nil {
 		email.Attach(attach)
 	}
 	email.SetBody(mail.TextHTML, htmlBody)
 	// Call Send and pass the client
--- a/server/admin/server.go
+++ b/server/admin/server.go
@@ -111,12 +111,6 @@ func StartAdmin() {
 		selectedCipherSuites = append(selectedCipherSuites, s.ID)
 	}
 	if tlscert, _, err := dbdata.ParseCert(); err != nil {
 		base.Fatal("证书加载失败", err)
 	} else {
 		dbdata.LoadCertificate(tlscert)
 	}
 	// 设置tls信息
 	tlsConfig := &tls.Config{
 		NextProtos:   []string{"http/1.1"},
--- a/server/base/cfg.go
+++ b/server/base/cfg.go
@@ -33,6 +33,7 @@ type ServerConfig struct {
 	// LinkAddr      string `json:"link_addr"`
 	Conf           string `json:"conf"`
 	Profile        string `json:"profile"`
 	ProfileName    string `json:"profile_name"`
 	ServerAddr     string `json:"server_addr"`
 	ServerDTLSAddr string `json:"server_dtls_addr"`
 	ServerDTLS     bool   `json:"server_dtls"`
--- a/server/base/config.go
+++ b/server/base/config.go
@@ -22,8 +22,9 @@ type config struct {
 var configs = []config{
 	{Typ: cfgStr, Name: "conf", Usage: "config file", ValStr: "./conf/server.toml", Short: "c"},
 	{Typ: cfgStr, Name: "profile", Usage: "profile.xml file", ValStr: "./conf/profile.xml"},
 	{Typ: cfgStr, Name: "profile_name", Usage: "profile name(用于区分不同服务端的配置)", ValStr: "anylink"},
 	{Typ: cfgStr, Name: "server_addr", Usage: "TCP服务监听地址(任意端口)", ValStr: ":443"},
-	{Typ: cfgBool, Name: "server_dtls", Usage: "开启DTLS", ValBool: true},
+	{Typ: cfgBool, Name: "server_dtls", Usage: "开启DTLS", ValBool: false},
 	{Typ: cfgStr, Name: "server_dtls_addr", Usage: "DTLS监听地址(任意端口)", ValStr: ":443"},
 	{Typ: cfgStr, Name: "admin_addr", Usage: "后台服务监听地址", ValStr: ":8800"},
 	{Typ: cfgBool, Name: "proxy_protocol", Usage: "TCP代理协议", ValBool: false},
@@ -53,12 +54,12 @@ var configs = []config{
 	{Typ: cfgInt, Name: "ip_lease", Usage: "IP租期(秒)", ValInt: 86400},
 	{Typ: cfgInt, Name: "max_client", Usage: "最大用户连接", ValInt: 200},
 	{Typ: cfgInt, Name: "max_user_client", Usage: "最大单用户连接", ValInt: 3},
-	{Typ: cfgInt, Name: "cstp_keepalive", Usage: "keepalive时间(秒)", ValInt: 5},
+	{Typ: cfgInt, Name: "cstp_keepalive", Usage: "keepalive时间(秒)", ValInt: 3},
-	{Typ: cfgInt, Name: "cstp_dpd", Usage: "死链接检测时间(秒)", ValInt: 12},
+	{Typ: cfgInt, Name: "cstp_dpd", Usage: "死链接检测时间(秒)", ValInt: 20},
-	{Typ: cfgInt, Name: "mobile_keepalive", Usage: "移动端keepalive接检测时间(秒)", ValInt: 10},
+	{Typ: cfgInt, Name: "mobile_keepalive", Usage: "移动端keepalive接检测时间(秒)", ValInt: 4},
-	{Typ: cfgInt, Name: "mobile_dpd", Usage: "移动端死链接检测时间(秒)", ValInt: 22},
+	{Typ: cfgInt, Name: "mobile_dpd", Usage: "移动端死链接检测时间(秒)", ValInt: 60},
 	{Typ: cfgInt, Name: "mtu", Usage: "最大传输单元MTU", ValInt: 1460},
-	{Typ: cfgInt, Name: "idle_timeout", Usage: "空闲链接超时时间(秒)-超时后断开链接，0关闭此功能", ValInt: 1800},
+	{Typ: cfgInt, Name: "idle_timeout", Usage: "空闲链接超时时间(秒)-超时后断开链接，0关闭此功能", ValInt: 0},
 	{Typ: cfgInt, Name: "session_timeout", Usage: "session过期时间(秒)-用于断线重连，0永不过期", ValInt: 3600},
 	// {Typ: cfgInt, Name: "auth_timeout", Usage: "auth_timeout", ValInt: 0},
 	{Typ: cfgInt, Name: "audit_interval", Usage: "审计去重间隔(秒),-1关闭", ValInt: 600},
--- a/server/base/mod.go
+++ b/server/base/mod.go
@@ -58,10 +58,9 @@ func CheckModOrLoad(mod string) {
 			// 文件存在
 			return
 		}
-		err = fmt.Errorf("[error] Linux tunFile is null %s", tunPath)
+		// err = fmt.Errorf("[error] Linux tunFile is null %s", tunPath)
-		log.Println(err)
+		// log.Println(err)
-		return
+		// return
 		// panic(err)
 	}
 	if InContainer {
@@ -76,7 +75,7 @@ func CheckModOrLoad(mod string) {
 	cmd := exec.Command("sh", "-c", cmdstr)
 	b, err := cmd.CombinedOutput()
 	if err != nil {
-		log.Println(string(b))
+		log.Println(mod, string(b))
 		panic(err)
 	}
 }
--- a/server/conf/profile.xml
+++ b/server/conf/profile.xml
@@ -9,6 +9,7 @@
        <RestrictTunnelProtocols>IPSec</RestrictTunnelProtocols>
        <BypassDownloader>true</BypassDownloader>
        <AutoUpdate UserControllable="false">false</AutoUpdate>
        <LocalLanAccess UserControllable="true">true</LocalLanAccess>
        <WindowsVPNEstablishment>AllowRemoteUsers</WindowsVPNEstablishment>
        <LinuxVPNEstablishment>AllowRemoteUsers</LinuxVPNEstablishment>
        <CertEnrollmentPin>pinAllowed</CertEnrollmentPin>
--- a/server/conf/server-sample.toml
+++ b/server/conf/server-sample.toml
@@ -11,7 +11,16 @@ cert_file = "./conf/vpn_cert.pem"
 cert_key = "./conf/vpn_cert.key"
 files_path = "./conf/files"
 profile = "./conf/profile.xml"
-#日志目录,为空写入标准输出
+#profile name(用于区分不同服务端的配置)
 #客户端存放位置
 #Windows 10
 #%ProgramData%Cisco\Cisco AnyConnect Secure Mobility Client\Profile
 #Mac Os X
 #/opt/cisco/anyconnect/profile
 #Linux
 #/opt/cisco/anyconnect/profile
 profile_name = "anylink"
 #日志目录,默认为空写入标准输出
 #log_path = "./log"
 log_path = ""
 log_level = "debug"
@@ -32,7 +41,7 @@ jwt_secret = "abcdef.0123456789.abcdef"
 #TCP服务监听地址(任意端口)
 server_addr = ":443"
 #开启 DTLS
-server_dtls = true
+server_dtls = false
 #UDP监听地址(任意端口)
 server_dtls_addr = ":443"
 #后台服务监听地址
@@ -44,6 +53,7 @@ proxy_protocol = false
 link_mode = "tun"
 #客户端分配的ip地址池
 #docker环境一般默认 eth0，其他情况根据实际网卡信息填写
 ipv4_master = "eth0"
 ipv4_cidr = "192.168.90.0/24"
 ipv4_gateway = "192.168.90.1"
@@ -61,10 +71,16 @@ ip_lease = 86400
 default_group = "one"
 #客户端失效检测时间(秒) dpd > keepalive
-cstp_keepalive = 5
+cstp_keepalive = 3
-cstp_dpd = 12
+cstp_dpd = 20
-mobile_keepalive = 10
+mobile_keepalive = 4
-mobile_dpd = 22
+mobile_dpd = 60
 # 根据实际情况修改
 #cstp_keepalive = 20
 #cstp_dpd = 30
 #mobile_keepalive = 40
 #mobile_dpd = 60
 #设置最大传输单元
 mtu = 1460
@@ -74,10 +90,10 @@ default_domain = "example.com"
 #default_domain = "example.com abc.example.com"
 #空闲链接超时时间(秒)-超时后断开链接，0关闭此功能
-idle_timeout = 1800
+idle_timeout = 0
 #session过期时间，用于断线重连，0永不过期
 session_timeout = 3600
-auth_timeout = 0
+#auth_timeout = 0
 audit_interval = 600
 show_sql = false
@@ -93,4 +109,5 @@ no_compress_limit = 256
 #客户端显示详细错误信息(线上环境慎开启)
 display_error = false
-
+#排除出口ip路由(出口ip不加密传输)
 exclude_export_ip = true
--- a/server/conf/server.toml
+++ b/server/conf/server.toml
@@ -10,6 +10,9 @@ db_source = "./conf/anylink.db"
 cert_file = "./conf/vpn_cert.pem"
 cert_key = "./conf/vpn_cert.key"
 files_path = "./conf/files"
 #日志目录,默认为空写入标准输出
 #log_path = "./log"
 log_level = "debug"
 #系统名称
@@ -26,7 +29,7 @@ jwt_secret = "abcdef.0123456789.abcdef"
 #TCP服务监听地址(任意端口)
 server_addr = ":443"
 #开启 DTLS
-server_dtls = true
+server_dtls = false
 #UDP监听地址(任意端口)
 server_dtls_addr = ":443"
 #后台服务监听地址
@@ -40,6 +43,7 @@ max_user_client = 3
 #虚拟网络类型[tun macvtap]
 link_mode = "tun"
 #客户端分配的ip地址池
 #docker环境一般默认 eth0，其他情况根据实际网卡信息填写
 ipv4_master = "eth0"
 ipv4_cidr = "192.168.90.0/24"
 ipv4_gateway = "192.168.90.1"
--- a/server/dbdata/db.go
+++ b/server/dbdata/db.go
@@ -1,6 +1,7 @@
 package dbdata
 import (
 	"net/http"
 	"time"
 	"github.com/bjdgyc/anylink/base"
@@ -121,6 +122,7 @@ func addInitData() error {
 	other := &SettingOther{
 		LinkAddr:    "vpn.xx.com",
 		Banner:      "您已接入公司网络，请按照公司规定使用。\n请勿进行非工作下载及视频行为！",
 		Homecode:    http.StatusOK,
 		Homeindex:   "AnyLink 是一个企业级远程办公 sslvpn 的软件，可以支持多人同时在线使用。",
 		AccountMail: accountMail,
 	}
@@ -142,7 +144,7 @@ func addInitData() error {
 	}
 	g1 := Group{
-		Name:         "ops",
+		Name:         "all",
 		AllowLan:     true,
 		ClientDns:    []ValData{{Val: "114.114.114.114"}},
 		RouteInclude: []ValData{{Val: All}},
@@ -153,6 +155,18 @@ func addInitData() error {
 		return err
 	}
 	g2 := Group{
 		Name:         "ops",
 		AllowLan:     true,
 		ClientDns:    []ValData{{Val: "114.114.114.114"}},
 		RouteInclude: []ValData{{Val: "10.0.0.0/8"}},
 		Status:       1,
 	}
 	err = SetGroup(&g2)
 	if err != nil {
 		return err
 	}
 	return nil
 }
@@ -160,6 +174,9 @@ func CheckErrNotFound(err error) bool {
 	return err == ErrNotFound
 }
 // base64 图片
 // 用户动态码(请妥善保存):<br/>
 // <img src="{{.OtpImgBase64}}"/><br/>
 const accountMail = `<p>您好:</p>
 <p>&nbsp;&nbsp;您的{{.Issuer}}账号已经审核开通。</p>
 <p>
@@ -167,12 +184,18 @@ const accountMail = `<p>您好:</p>
    用户组: <b>{{.Group}}</b> <br/>
    用户名: <b>{{.Username}}</b> <br/>
    用户PIN码: <b>{{.PinCode}}</b> <br/>
    {{if .DisableOtp}}
    <!-- nothing -->
    {{else}}
    <!-- 
    用户动态码(3天后失效):<br/>
-    <img src="{{.OtpImg}}"/>
+    <img src="{{.OtpImg}}"/><br/>
    -->
    用户动态码(请妥善保存):<br/>
-    <img src="{{.OtpImgBase64}}"/>
+    <img src="cid:userOtpQr.png" alt="userOtpQr" /><br/>
    {{end}}
 </p>
 <div>
    使用说明:
--- a/server/dbdata/group.go
+++ b/server/dbdata/group.go
@@ -5,6 +5,7 @@ import (
 	"fmt"
 	"net"
 	"regexp"
 	"strconv"
 	"strings"
 	"time"
@@ -26,7 +27,8 @@ type GroupLinkAcl struct {
 	// 自上而下匹配 默认 allow * *
 	Action string          `json:"action"` // allow、deny
 	Val    string          `json:"val"`
-	Port   uint16     `json:"port"`
+	Port   string          `json:"port"` // 兼容单端口历史数据类型uint16
 	Ports  map[uint16]int8 `json:"ports"`
 	IpNet  *net.IPNet      `json:"ip_net"`
 	Note   string          `json:"note"`
 }
@@ -161,14 +163,59 @@ func SetGroup(g *Group) error {
 				return errors.New("GroupLinkAcl 错误" + err.Error())
 			}
 			v.IpNet = ipNet
 			portsStr := v.Port
 			v.Port = strings.TrimSpace(portsStr)
 			// switch vp := v.Port.(type) {
 			// case float64:
 			// 	portsStr = strconv.Itoa(int(vp))
 			// case string:
 			// 	portsStr = vp
 			// }
 			if regexp.MustCompile(`^\d{1,5}(-\d{1,5})?(,\d{1,5}(-\d{1,5})?)*$`).MatchString(portsStr) {
 				ports := map[uint16]int8{}
 				for _, p := range strings.Split(portsStr, ",") {
 					if p == "" {
 						continue
 					}
 					if regexp.MustCompile(`^\d{1,5}-\d{1,5}$`).MatchString(p) {
 						rp := strings.Split(p, "-")
 						portfrom, err := strconv.Atoi(rp[0])
 						if err != nil {
 							return errors.New("端口:" + rp[0] + " 格式错误, " + err.Error())
 						}
 						portto, err := strconv.Atoi(rp[1])
 						if err != nil {
 							return errors.New("端口:" + rp[1] + " 格式错误, " + err.Error())
 						}
 						for i := portfrom; i <= portto; i++ {
 							ports[uint16(i)] = 1
 						}
 					} else {
 						port, err := strconv.Atoi(p)
 						if err != nil {
 							return errors.New("端口:" + p + " 格式错误, " + err.Error())
 						}
 						ports[uint16(port)] = 1
 					}
 				}
 				v.Ports = ports
 				linkAcl = append(linkAcl, v)
 			} else {
 				return errors.New("端口: " + portsStr + " 格式错误,请用逗号分隔的端口,比如: 22,80,443 连续端口用-,比如:1234-5678")
 			}
 		}
 	}
 	g.LinkAcl = linkAcl
 	// DNS 判断
 	clientDns := []ValData{}
 	for _, v := range g.ClientDns {
 		v.Val = strings.TrimSpace(v.Val)
 		if v.Val != "" {
 			ip := net.ParseIP(v.Val)
 			if ip.String() != v.Val {
@@ -183,6 +230,20 @@ func SetGroup(g *Group) error {
 		return errors.New("默认路由，必须设置一个DNS")
 	}
 	g.ClientDns = clientDns
 	splitDns := []ValData{}
 	for _, v := range g.SplitDns {
 		v.Val = strings.TrimSpace(v.Val)
 		if v.Val != "" {
 			ValidateDomainName(v.Val)
 			if !ValidateDomainName(v.Val) {
 				return errors.New("域名 错误")
 			}
 			splitDns = append(splitDns, v)
 		}
 	}
 	g.SplitDns = splitDns
 	// 域名拆分隧道，不能同时填写
 	g.DsIncludeDomains = strings.TrimSpace(g.DsIncludeDomains)
 	g.DsExcludeDomains = strings.TrimSpace(g.DsExcludeDomains)
@@ -238,6 +299,15 @@ func SetGroup(g *Group) error {
 	return err
 }
 func ContainsInPorts(ports map[uint16]int8, port uint16) bool {
 	_, ok := ports[port]
 	if ok {
 		return true
 	} else {
 		return false
 	}
 }
 func GroupAuthLogin(name, pwd string, authData map[string]interface{}) error {
 	g := &Group{Auth: authData}
 	authType := g.Auth["type"].(string)
--- a/server/dbdata/setting.go
+++ b/server/dbdata/setting.go
@@ -29,6 +29,7 @@ type SettingAuditLog struct {
 type SettingOther struct {
 	LinkAddr    string `json:"link_addr"`
 	Banner      string `json:"banner"`
 	Homecode    int    `json:"homecode"`
 	Homeindex   string `json:"homeindex"`
 	AccountMail string `json:"account_mail"`
 }
--- a/server/dbdata/tables.go
+++ b/server/dbdata/tables.go
@@ -11,6 +11,7 @@ type Group struct {
 	Note             string                 `json:"note" xorm:"varchar(255)"`
 	AllowLan         bool                   `json:"allow_lan" xorm:"Bool"`
 	ClientDns        []ValData              `json:"client_dns" xorm:"Text"`
 	SplitDns         []ValData              `json:"split_dns" xorm:"Text"`
 	RouteInclude     []ValData              `json:"route_include" xorm:"Text"`
 	RouteExclude     []ValData              `json:"route_exclude" xorm:"Text"`
 	DsExcludeDomains string                 `json:"ds_exclude_domains" xorm:"Text"`
--- a/server/dbdata/user_act_log.go
+++ b/server/dbdata/user_act_log.go
@@ -23,6 +23,8 @@ const (
 	UserLogoutAdmin    = 4 // 账号被管理员踢下线
 	UserLogoutExpire   = 5 // 账号过期被踢下线
 	UserIdleTimeout    = 6 // 用户空闲链接超时
 	UserLogoutOneAdmin = 7 // 账号被管理员一键下线
 )
 type UserActLogProcess struct {
@@ -64,6 +66,7 @@ var (
 			UserLogoutAdmin:    "账号被管理员踢下线",
 			UserLogoutExpire:   "账号过期被踢下线",
 			UserIdleTimeout:    "用户空闲链接超时",
 			UserLogoutOneAdmin: "账号被管理员一键下线",
 		},
 	}
 )
@@ -126,6 +129,9 @@ func (ua *UserActLogProcess) GetStatusOpsWithTag() interface{} {
 }
 func (ua *UserActLogProcess) GetInfoOpsById(id uint8) string {
 	if int(id) >= len(ua.InfoOps) {
 		return "未知的信息类型"
 	}
 	return ua.InfoOps[id]
 }
@@ -139,7 +145,7 @@ func (ua *UserActLogProcess) ParseUserAgent(userAgent string) (os_idx, client_id
 	os_idx = 0
 	if strings.Contains(userAgent, "windows") {
 		os_idx = 1
-	} else if strings.Contains(userAgent, "mac os") || strings.Contains(userAgent, "darwin_i386") {
+	} else if strings.Contains(userAgent, "mac os") || strings.Contains(userAgent, "darwin_i386") || strings.Contains(userAgent, "darwin_amd64") || strings.Contains(userAgent, "darwin_arm64") {
 		os_idx = 2
 	} else if strings.Contains(userAgent, "darwin_arm") || strings.Contains(userAgent, "apple") {
 		os_idx = 5
--- a/server/go.mod
+++ b/server/go.mod
@@ -8,7 +8,7 @@ require (
 	github.com/go-acme/lego/v4 v4.15.0
 	github.com/go-co-op/gocron v1.37.0
 	github.com/go-ldap/ldap v3.0.3+incompatible
-	github.com/go-sql-driver/mysql v1.7.1
+	github.com/go-sql-driver/mysql v1.8.0
 	github.com/gocarina/gocsv v0.0.0-20231116093920-b87c2d0e983a
 	github.com/golang-jwt/jwt/v4 v4.5.0
 	github.com/google/gopacket v1.1.19
@@ -32,10 +32,9 @@ require (
 	github.com/stretchr/testify v1.8.4
 	github.com/xhit/go-simple-mail/v2 v2.16.0
 	github.com/xlzd/gotp v0.1.0
-	github.com/xuri/excelize/v2 v2.8.0
+	github.com/xuri/excelize/v2 v2.8.1
-	go.uber.org/atomic v1.11.0
+	golang.org/x/crypto v0.21.0
-	golang.org/x/crypto v0.19.0
+	golang.org/x/net v0.22.0
 	golang.org/x/net v0.21.0
 	golang.org/x/text v0.14.0
 	golang.org/x/time v0.5.0
 	layeh.com/radius v0.0.0-20231213012653-1006025d24f8
@@ -43,11 +42,12 @@ require (
 )
 require (
-	github.com/aliyun/alibaba-cloud-sdk-go v1.62.680 // indirect
+	filippo.io/edwards25519 v1.1.0 // indirect
 	github.com/aliyun/alibaba-cloud-sdk-go v1.62.690 // indirect
 	github.com/cenkalti/backoff/v4 v4.2.1 // indirect
-	github.com/cloudflare/cloudflare-go v0.88.0 // indirect
+	github.com/cloudflare/cloudflare-go v0.89.0 // indirect
 	github.com/felixge/httpsnoop v1.0.4 // indirect
-	github.com/go-jose/go-jose/v3 v3.0.1 // indirect
+	github.com/go-jose/go-jose/v3 v3.0.3 // indirect
 	github.com/go-test/deep v1.1.0 // indirect
 	github.com/google/go-querystring v1.1.0 // indirect
 	github.com/google/uuid v1.6.0 // indirect
@@ -61,14 +61,15 @@ require (
 	github.com/sagikazarmark/locafero v0.4.0 // indirect
 	github.com/sagikazarmark/slog-shim v0.1.0 // indirect
 	github.com/sourcegraph/conc v0.3.0 // indirect
-	github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common v1.0.860 // indirect
+	github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common v1.0.873 // indirect
-	github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/dnspod v1.0.860 // indirect
+	github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/dnspod v1.0.873 // indirect
 	github.com/toorop/go-dkim v0.0.0-20240103092955-90b7d1423f92 // indirect
 	github.com/yusufpapurcu/wmi v1.2.4 // indirect
 	go.uber.org/atomic v1.11.0 // indirect
 	go.uber.org/multierr v1.11.0 // indirect
-	golang.org/x/exp v0.0.0-20240213143201-ec583247a57a // indirect
+	golang.org/x/exp v0.0.0-20240222234643-814bf88cf225 // indirect
-	golang.org/x/mod v0.15.0 // indirect
+	golang.org/x/mod v0.16.0 // indirect
-	golang.org/x/tools v0.18.0 // indirect
+	golang.org/x/tools v0.19.0 // indirect
 )
 require (
@@ -99,7 +100,7 @@ require (
 	github.com/tklauser/numcpus v0.7.0 // indirect
 	github.com/xuri/efp v0.0.0-20231025114914-d1ff6096ae53 // indirect
 	github.com/xuri/nfp v0.0.0-20230919160717-d98342af3f05 // indirect
-	golang.org/x/sys v0.17.0 // indirect
+	golang.org/x/sys v0.18.0 // indirect
 	gopkg.in/asn1-ber.v1 v1.0.0-20181015200546-f715ec2f112d // indirect
 	gopkg.in/ini.v1 v1.67.0 // indirect
 	gopkg.in/yaml.v3 v3.0.1 // indirect
--- a/server/go.sum
+++ b/server/go.sum
@@ -1,17 +1,19 @@
 dmitri.shuralyov.com/gpu/mtl v0.0.0-20190408044501-666a987793e9/go.mod h1:H6x//7gZCb22OMCxBHrMx7a5I7Hp++hsVxbQ4BYO7hU=
 filippo.io/edwards25519 v1.1.0 h1:FNf4tywRC1HmFuKW5xopWpigGjJKiJSV0Cqo0cJWDaA=
 filippo.io/edwards25519 v1.1.0/go.mod h1:BxyFTGdWcka3PhytdK4V28tE5sGfRvvvRV7EaN4VDT4=
 gitea.com/xorm/sqlfiddle v0.0.0-20180821085327-62ce714f951a h1:lSA0F4e9A2NcQSqGqTOXqu2aRi/XEQxDCBwM8yJtE6s=
 gitea.com/xorm/sqlfiddle v0.0.0-20180821085327-62ce714f951a/go.mod h1:EXuID2Zs0pAQhH8yz+DNjUbjppKQzKFAn28TMYPB6IU=
 github.com/BurntSushi/xgb v0.0.0-20160522181843-27f122750802/go.mod h1:IVnqGOEym/WlBOVXweHU+Q+/VP0lqqI8lqeDx9IjBqo=
 github.com/HdrHistogram/hdrhistogram-go v1.1.2/go.mod h1:yDgFjdqOqDEKOvasDdhWNXYg9BVp4O+o5f6V/ehm6Oo=
 github.com/ajstarks/svgo v0.0.0-20180226025133-644b8db467af/go.mod h1:K08gAheRH3/J6wwsYMMT4xOr94bZjxIelGM0+d/wbFw=
-github.com/aliyun/alibaba-cloud-sdk-go v1.62.680 h1:UhaUht5x8avOCBqcnfZvc04FwGsSiXMKXXQ3NwRk85Q=
+github.com/aliyun/alibaba-cloud-sdk-go v1.62.690 h1:9ChlXyXZxVeHXPlsUqquutxxmrEGhNmfQiOW/YKIbq8=
-github.com/aliyun/alibaba-cloud-sdk-go v1.62.680/go.mod h1:CJJYa1ZMxjlN/NbXEwmejEnBkhi0DV+Yb3B2lxf+74o=
+github.com/aliyun/alibaba-cloud-sdk-go v1.62.690/go.mod h1:CJJYa1ZMxjlN/NbXEwmejEnBkhi0DV+Yb3B2lxf+74o=
 github.com/arl/statsviz v0.6.0 h1:jbW1QJkEYQkufd//4NDYRSNBpwJNrdzPahF7ZmoGdyE=
 github.com/arl/statsviz v0.6.0/go.mod h1:0toboo+YGSUXDaS4g1D5TVS4dXs7S7YYT5J/qnW2h8s=
 github.com/cenkalti/backoff/v4 v4.2.1 h1:y4OZtCnogmCPw98Zjyt5a6+QwPLGkiQsYW5oUqylYbM=
 github.com/cenkalti/backoff/v4 v4.2.1/go.mod h1:Y3VNntkOUPxTVeUxJ/G5vcM//AlwfmyYozVcomhLiZE=
-github.com/cloudflare/cloudflare-go v0.88.0 h1:9CEnvaDMs8ydEBUSPChXmHDe2uJJKZoPpBO2QEr41gY=
+github.com/cloudflare/cloudflare-go v0.89.0 h1:3zoVntC8xmUR/weFEcNE1RizdW4LRZdQnJ/AN8DDa1U=
-github.com/cloudflare/cloudflare-go v0.88.0/go.mod h1:eyuehb1i6BNRc+ZwaTZAiRHeE+4jbKvHAns19oGeakg=
+github.com/cloudflare/cloudflare-go v0.89.0/go.mod h1:eyuehb1i6BNRc+ZwaTZAiRHeE+4jbKvHAns19oGeakg=
 github.com/coreos/go-iptables v0.7.0 h1:XWM3V+MPRr5/q51NuWSgU0fqMad64Zyxs8ZUoMsamr8=
 github.com/coreos/go-iptables v0.7.0/go.mod h1:Qe8Bv2Xik5FyTXwgIbLAnv2sWSBmvWdFETJConOQ//Q=
 github.com/cpuguy83/go-md2man/v2 v2.0.3/go.mod h1:tgQtvFlXSQOSOSIRvRPT7W67SCa46tRHOmNcaadrF8o=
@@ -36,15 +38,15 @@ github.com/go-acme/lego/v4 v4.15.0/go.mod h1:eeGhjW4zWT7Ccqa3sY7ayEqFLCAICx+mXgk
 github.com/go-co-op/gocron v1.37.0 h1:ZYDJGtQ4OMhTLKOKMIch+/CY70Brbb1dGdooLEhh7b0=
 github.com/go-co-op/gocron v1.37.0/go.mod h1:3L/n6BkO7ABj+TrfSVXLRzsP26zmikL4ISkLQ0O8iNY=
 github.com/go-gl/glfw v0.0.0-20190409004039-e6da0acd62b1/go.mod h1:vR7hzQXu2zJy9AVAgeJqvqgH9Q5CA+iKCZ2gyEVpxRU=
-github.com/go-jose/go-jose/v3 v3.0.1 h1:pWmKFVtt+Jl0vBZTIpz/eAKwsm6LkIxDVVbFHKkchhA=
+github.com/go-jose/go-jose/v3 v3.0.3 h1:fFKWeig/irsp7XD2zBxvnmA/XaRWp5V3CBsZXJF7G7k=
-github.com/go-jose/go-jose/v3 v3.0.1/go.mod h1:RNkWWRld676jZEYoV3+XK8L2ZnNSvIsxFMht0mSX+u8=
+github.com/go-jose/go-jose/v3 v3.0.3/go.mod h1:5b+7YgP7ZICgJDBdfjZaIt+H/9L9T/YQrVfLAMboGkQ=
 github.com/go-ldap/ldap v3.0.3+incompatible h1:HTeSZO8hWMS1Rgb2Ziku6b8a7qRIZZMHjsvuZyatzwk=
 github.com/go-ldap/ldap v3.0.3+incompatible/go.mod h1:qfd9rJvER9Q0/D/Sqn1DfHRoBp40uXYvFoEVrNEPqRc=
 github.com/go-ole/go-ole v1.2.6/go.mod h1:pprOEPIfldk/42T2oK7lQ4v4JSDwmV0As9GaiUsvbm0=
 github.com/go-ole/go-ole v1.3.0 h1:Dt6ye7+vXGIKZ7Xtk4s6/xVdGDQynvom7xCFEdWr6uE=
 github.com/go-ole/go-ole v1.3.0/go.mod h1:5LS6F96DhAwUc7C+1HLexzMXY1xGRSryjyPPKW6zv78=
-github.com/go-sql-driver/mysql v1.7.1 h1:lUIinVbN1DY0xBg0eMOzmmtGoHwWBbvnWubQUrtU8EI=
+github.com/go-sql-driver/mysql v1.8.0 h1:UtktXaU2Nb64z/pLiGIxY4431SJ4/dR5cjMmlVHgnT4=
-github.com/go-sql-driver/mysql v1.7.1/go.mod h1:OXbVy3sEdcQ2Doequ6Z5BW6fXNQTmx+9S1MCJN5yJMI=
+github.com/go-sql-driver/mysql v1.8.0/go.mod h1:wEBSXgmK//2ZFJyE+qWnIsVGmvmEKlqwuVSjsCm7DZg=
 github.com/go-test/deep v1.1.0 h1:WOcxcdHcvdgThNXjw0t76K42FXTU7HpNQWHpA2HHNlg=
 github.com/go-test/deep v1.1.0/go.mod h1:5C2ZWiW0ErCdrYzpqxLbTX7MG14M9iiw8DgHncVwcsE=
 github.com/gocarina/gocsv v0.0.0-20231116093920-b87c2d0e983a h1:RYfmiM0zluBJOiPDJseKLEN4BapJ42uSi9SZBQ2YyiA=
@@ -59,10 +61,10 @@ github.com/golang/protobuf v1.2.0/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5y
 github.com/golang/snappy v0.0.0-20180518054509-2e65f85255db/go.mod h1:/XxbfmMg8lxefKM7IXC3fBNl/7bRcc72aCRzEWrmP2Q=
 github.com/golang/snappy v0.0.4 h1:yAGX7huGHXlcLOEtBnF4w7FQwA26wojNCwOYAEhLjQM=
 github.com/golang/snappy v0.0.4/go.mod h1:/XxbfmMg8lxefKM7IXC3fBNl/7bRcc72aCRzEWrmP2Q=
 github.com/google/go-cmp v0.5.0/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
 github.com/google/go-cmp v0.5.2/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
 github.com/google/go-cmp v0.5.4/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
 github.com/google/go-cmp v0.5.9 h1:O2Tfq5qg4qc4AmwVlvv0oLiVAGB7enBSJ2x2DqQFi38=
 github.com/google/go-cmp v0.5.9/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY=
 github.com/google/go-querystring v1.1.0 h1:AnCroh3fv4ZBgVIf1Iwtovgjaw/GiKJo8M8yD/fhyJ8=
 github.com/google/go-querystring v1.1.0/go.mod h1:Kcdr2DB4koayq7X8pmAG4sNG59So17icRSOU623lUBU=
 github.com/google/gofuzz v1.0.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg=
@@ -198,7 +200,6 @@ github.com/stretchr/objx v0.4.0/go.mod h1:YvHI0jy2hoMjB+UWwv71VJQ9isScKT/TqJzVSS
 github.com/stretchr/objx v0.5.0/go.mod h1:Yh+to48EsGEfYuaHDzXPcE3xhTkx73EhmCGUpEOglKo=
 github.com/stretchr/testify v1.2.2/go.mod h1:a8OnRcib4nhh0OaRAV+Yts87kKdq0PP7pXfy6kDkUVs=
 github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI=
 github.com/stretchr/testify v1.6.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg=
 github.com/stretchr/testify v1.7.0/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg=
 github.com/stretchr/testify v1.7.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg=
 github.com/stretchr/testify v1.8.0/go.mod h1:yNjHg4UonilssWZ8iaSj1OCr/vHnekPRkoO+kdMU+MU=
@@ -209,10 +210,10 @@ github.com/subosito/gotenv v1.6.0 h1:9NlTDc1FTs4qu0DDq7AEtTPNw6SVm7uBMsUCUjABIf8
 github.com/subosito/gotenv v1.6.0/go.mod h1:Dk4QP5c2W3ibzajGcXpNraDfq2IrhjMIvMSWPKKo0FU=
 github.com/syndtr/goleveldb v1.0.0 h1:fBdIW9lB4Iz0n9khmH8w27SJ3QEJ7+IgjPEwGSZiFdE=
 github.com/syndtr/goleveldb v1.0.0/go.mod h1:ZVVdQEZoIme9iO1Ch2Jdy24qqXrMMOU6lpPAyBWyWuQ=
-github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common v1.0.860 h1:d5/YwGX6b5YgFU/0thsbs5aBp4aJJXBi7JyU1JHAaw0=
+github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common v1.0.873 h1:VdQ+lQ98CFwbmfQj02iMVWWzdwnKubuICIa2QhzQBJI=
-github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common v1.0.860/go.mod h1:r5r4xbfxSaeR04b166HGsBa/R4U3SueirEUpXGuw+Q0=
+github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common v1.0.873/go.mod h1:r5r4xbfxSaeR04b166HGsBa/R4U3SueirEUpXGuw+Q0=
-github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/dnspod v1.0.860 h1:PQ8wuVKhcjpYUW2gH3WWb92R3QF4YRWBCBZifp6SfHs=
+github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/dnspod v1.0.873 h1:qawAviStyrk6b2bHvRvKxmiiL8Cu6KujtzAHktLqdFI=
-github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/dnspod v1.0.860/go.mod h1:7gu9rKEmx7R/D0RvuaHmMqLLGBtIR6a6de9Yd5IwDBg=
+github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/dnspod v1.0.873/go.mod h1:wqyJy+a/L53zH8pRDNOF+7t9iZhSPANmYSuUfvVp9NE=
 github.com/tklauser/go-sysconf v0.3.13 h1:GBUpcahXSpR2xN01jhkNAbTLRk2Yzgggk8IM08lq3r4=
 github.com/tklauser/go-sysconf v0.3.13/go.mod h1:zwleP4Q4OehZHGn4CYZDipCgg9usW5IJePewFCGVEa0=
 github.com/tklauser/numcpus v0.7.0 h1:yjuerZP127QG9m5Zh/mSO4wqurYil27tHrqwRoRjpr4=
@@ -228,12 +229,10 @@ github.com/xhit/go-simple-mail/v2 v2.16.0 h1:ouGy/Ww4kuaqu2E2UrDw7SvLaziWTB60ICL
 github.com/xhit/go-simple-mail/v2 v2.16.0/go.mod h1:b7P5ygho6SYE+VIqpxA6QkYfv4teeyG4MKqB3utRu98=
 github.com/xlzd/gotp v0.1.0 h1:37blvlKCh38s+fkem+fFh7sMnceltoIEBYTVXyoa5Po=
 github.com/xlzd/gotp v0.1.0/go.mod h1:ndLJ3JKzi3xLmUProq4LLxCuECL93dG9WASNLpHz8qg=
 github.com/xuri/efp v0.0.0-20230802181842-ad255f2331ca/go.mod h1:ybY/Jr0T0GTCnYjKqmdwxyxn2BQf2RcQIIvex5QldPI=
 github.com/xuri/efp v0.0.0-20231025114914-d1ff6096ae53 h1:Chd9DkqERQQuHpXjR/HSV1jLZA6uaoiwwH3vSuF3IW0=
 github.com/xuri/efp v0.0.0-20231025114914-d1ff6096ae53/go.mod h1:ybY/Jr0T0GTCnYjKqmdwxyxn2BQf2RcQIIvex5QldPI=
-github.com/xuri/excelize/v2 v2.8.0 h1:Vd4Qy809fupgp1v7X+nCS/MioeQmYVVzi495UCTqB7U=
+github.com/xuri/excelize/v2 v2.8.1 h1:pZLMEwK8ep+CLIUWpWmvW8IWE/yxqG0I1xcN6cVMGuQ=
-github.com/xuri/excelize/v2 v2.8.0/go.mod h1:6iA2edBTKxKbZAa7X5bDhcCg51xdOn1Ar5sfoXRGrQg=
+github.com/xuri/excelize/v2 v2.8.1/go.mod h1:oli1E4C3Pa5RXg1TBXn4ENCXDV5JUMlBluUhG7c+CEE=
 github.com/xuri/nfp v0.0.0-20230819163627-dc951e3ffe1a/go.mod h1:WwHg+CVyzlv/TX9xqBFXEZAuxOPxn2k1GNHwG41IIUQ=
 github.com/xuri/nfp v0.0.0-20230919160717-d98342af3f05 h1:qhbILQo1K3mphbwKh1vNm4oGezE1eF9fQWmNiIpSfI4=
 github.com/xuri/nfp v0.0.0-20230919160717-d98342af3f05/go.mod h1:WwHg+CVyzlv/TX9xqBFXEZAuxOPxn2k1GNHwG41IIUQ=
 github.com/yuin/goldmark v1.4.13/go.mod h1:6yULJ656Px+3vBD8DxQVa3kxgyrAnzto9xy5taEt/CY=
@@ -246,34 +245,33 @@ go.uber.org/multierr v1.11.0 h1:blXXJkSxSSfBVBlC76pxqeO+LN3aDfLQo+309xJstO0=
 go.uber.org/multierr v1.11.0/go.mod h1:20+QtiLqy0Nd6FdQB9TLXag12DsQkrbs3htMFfDN80Y=
 golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w=
 golang.org/x/crypto v0.0.0-20190510104115-cbcb75029529/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI=
 golang.org/x/crypto v0.0.0-20190911031432-227b76d455e7/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI=
 golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI=
 golang.org/x/crypto v0.0.0-20210921155107-089bfa567519/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc=
 golang.org/x/crypto v0.12.0/go.mod h1:NF0Gs7EO5K4qLn+Ylc+fih8BSTeIjAP05siRnAh98yw=
 golang.org/x/crypto v0.13.0/go.mod h1:y6Z2r+Rw4iayiXXAIxJIDAJ1zMW4yaTpebo8fPOliYc=
 golang.org/x/crypto v0.18.0/go.mod h1:R0j02AL6hcrfOiy9T4ZYp/rcWeMxM3L6QYxlOuEG1mg=
 golang.org/x/crypto v0.19.0 h1:ENy+Az/9Y1vSrlrvBSyna3PITt4tiZLf7sgCjZBX7Wo=
 golang.org/x/crypto v0.19.0/go.mod h1:Iy9bg/ha4yyC70EfRS8jz+B6ybOBKMaSxLj6P6oBDfU=
 golang.org/x/crypto v0.21.0 h1:X31++rzVUdKhX5sWmSOFZxx8UW/ldWx55cbf08iNAMA=
 golang.org/x/crypto v0.21.0/go.mod h1:0BP7YvVV9gBbVKyeTG0Gyn+gZm94bibOW5BjDEYAOMs=
 golang.org/x/exp v0.0.0-20180321215751-8460e604b9de/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA=
 golang.org/x/exp v0.0.0-20180807140117-3d87b88a115f/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA=
 golang.org/x/exp v0.0.0-20190125153040-c74c464bbbf2/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA=
 golang.org/x/exp v0.0.0-20190306152737-a1d7652674e8/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA=
 golang.org/x/exp v0.0.0-20191030013958-a1ab85dbe136/go.mod h1:JXzH8nQsPlswgeRAPE3MuO9GYsAcnJvJ4vnMwN/5qkY=
-golang.org/x/exp v0.0.0-20240213143201-ec583247a57a h1:HinSgX1tJRX3KsL//Gxynpw5CTOAIPhgL4W8PNiIpVE=
+golang.org/x/exp v0.0.0-20240222234643-814bf88cf225 h1:LfspQV/FYTatPTr/3HzIcmiUFH7PGP+OQ6mgDYo3yuQ=
-golang.org/x/exp v0.0.0-20240213143201-ec583247a57a/go.mod h1:CxmFvTBINI24O/j8iY7H1xHzx2i4OsyguNBmN/uPtqc=
+golang.org/x/exp v0.0.0-20240222234643-814bf88cf225/go.mod h1:CxmFvTBINI24O/j8iY7H1xHzx2i4OsyguNBmN/uPtqc=
 golang.org/x/image v0.0.0-20180708004352-c73c2afc3b81/go.mod h1:ux5Hcp/YLpHSI86hEcLt0YII63i6oz57MZXIpbrjZUs=
 golang.org/x/image v0.0.0-20190227222117-0694c2d4d067/go.mod h1:kZ7UVZpmo3dzQBMxlp+ypCbDeSB+sBbTgSJuh5dn5js=
 golang.org/x/image v0.0.0-20190802002840-cff245a6509b/go.mod h1:FeLwcggjj3mMvU+oOTbSwawSJRM1uh48EjtB4UJZlP0=
-golang.org/x/image v0.11.0 h1:ds2RoQvBvYTiJkwpSFDwCcDFNX7DqjL2WsUgTNk0Ooo=
+golang.org/x/image v0.14.0 h1:tNgSxAFe3jC4uYqvZdTr84SZoM1KfwdC9SKIFrLjFn4=
 golang.org/x/image v0.11.0/go.mod h1:bglhjqbqVuEb9e9+eNR45Jfu7D+T4Qan+NhQk8Ck2P8=
 golang.org/x/lint v0.0.0-20200302205851-738671d3881b/go.mod h1:3xt1FjdF8hUf6vQPIChWIBhFzV8gjjsPE/fR3IyQdNY=
 golang.org/x/mobile v0.0.0-20190719004257-d2bd2a29d028/go.mod h1:E/iHnbuqvinMTCcRqshq8CkpyQDoeVncDDYHnLhea+o=
 golang.org/x/mod v0.1.0/go.mod h1:0QHyrYULN0/3qlju5TqG8bIK38QM8yzMo5ekMj3DlcY=
 golang.org/x/mod v0.1.1-0.20191105210325-c90efee705ee/go.mod h1:QqPTAvyqsEbceGzBzNggFXnrqF1CaUcvgkdR5Ot7KZg=
 golang.org/x/mod v0.6.0-dev.0.20220419223038-86c51ed26bb4/go.mod h1:jJ57K6gSWd91VN4djpZkiMVwK6gcyfeH4XE8wZrZaV4=
 golang.org/x/mod v0.8.0/go.mod h1:iBbtSCu2XBx23ZKBPSOrRkjjQPZFPuis4dIYUhu/chs=
-golang.org/x/mod v0.15.0 h1:SernR4v+D55NyBH2QiEQrlBAnj1ECL6AGrA5+dPaMY8=
+golang.org/x/mod v0.16.0 h1:QX4fJ0Rr5cPQCF7O9lh9Se4pmwfwskqZfq5moyldzic=
-golang.org/x/mod v0.15.0/go.mod h1:hTbmBsO62+eylJbnUtE2MGJUyE7QWk4xUqPFrRgJ+7c=
+golang.org/x/mod v0.16.0/go.mod h1:hTbmBsO62+eylJbnUtE2MGJUyE7QWk4xUqPFrRgJ+7c=
 golang.org/x/net v0.0.0-20180906233101-161cd47e91fd/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
 golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg=
 golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
@@ -283,8 +281,8 @@ golang.org/x/net v0.6.0/go.mod h1:2Tu9+aMcznHK/AK1HMvgo6xiTLG5rD5rZLDS+rp2Bjs=
 golang.org/x/net v0.10.0/go.mod h1:0qNGK6F8kojg2nk9dLZ2mShWaEBan6FAoqfSigmmuDg=
 golang.org/x/net v0.14.0/go.mod h1:PpSgVXXLK0OxS0F31C1/tv6XNguvCrnXIDrFMspZIUI=
 golang.org/x/net v0.20.0/go.mod h1:z8BVo6PvndSri0LbOE3hAn0apkU+1YvI6E70E9jsnvY=
-golang.org/x/net v0.21.0 h1:AQyQV4dYCvJ7vGmJyKki9+PBdyvhkSd8EIx/qb0AYv4=
+golang.org/x/net v0.22.0 h1:9sGLhx7iRIHEiX0oAJ3MRZMUCElJgy7Br1nO+AMN3Tc=
-golang.org/x/net v0.21.0/go.mod h1:bIjVDfnllIU7BJ2DNgfnXvpSvtn8VRwhlsaeUTyUS44=
+golang.org/x/net v0.22.0/go.mod h1:JKghWKKOSdJwpW2GEx0Ja7fmaKnMsbu+MWVZTokSYmg=
 golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
 golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
 golang.org/x/sync v0.0.0-20220722155255-886fb9371eb4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
@@ -305,8 +303,9 @@ golang.org/x/sys v0.8.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.11.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.12.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.16.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
 golang.org/x/sys v0.17.0 h1:25cE3gD+tdBA7lp7QfhuV+rJiE9YXTcS3VG1SqssI/Y=
 golang.org/x/sys v0.17.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
 golang.org/x/sys v0.18.0 h1:DBdB3niSjOA/O0blCZBqDefyWNYveAYMNF1Wum0DYQ4=
 golang.org/x/sys v0.18.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
 golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo=
 golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8=
 golang.org/x/term v0.5.0/go.mod h1:jMB1sMXY+tzblOD4FWmEbocvup2/aLOaQEp7JmGp78k=
@@ -314,6 +313,7 @@ golang.org/x/term v0.8.0/go.mod h1:xPskH00ivmX89bAKVGSKKtLOWNx2+17Eiy94tnKShWo=
 golang.org/x/term v0.11.0/go.mod h1:zC9APTIj3jG3FdV/Ons+XE1riIZXG4aZ4GTHiPZJPIU=
 golang.org/x/term v0.12.0/go.mod h1:owVbMEjm3cBLCHdkQu9b1opXd4ETQWc3BhuQGKgXgvU=
 golang.org/x/term v0.16.0/go.mod h1:yn7UURbUtPyrVJPGPq404EukNFxcm/foM+bV/bfcDsY=
 golang.org/x/term v0.17.0/go.mod h1:lLRBjIVuehSbZlaOtGMbcMncT+aqLLLmKrsjNrUguwk=
 golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
 golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
 golang.org/x/text v0.3.7/go.mod h1:u+2+/6zg+i71rQMx5EYifcz6MCKuco9NR6JIITiCfzQ=
@@ -333,8 +333,8 @@ golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtn
 golang.org/x/tools v0.0.0-20200130002326-2f3ba24bd6e7/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28=
 golang.org/x/tools v0.1.12/go.mod h1:hNGJHUnrk76NpqgfD5Aqm5Crs+Hm0VOH/i9J2+nxYbc=
 golang.org/x/tools v0.6.0/go.mod h1:Xwgl3UAJ/d3gWutnCtw505GrjyAbvKui8lOU390QaIU=
-golang.org/x/tools v0.18.0 h1:k8NLag8AGHnn+PHbl7g43CtqZAwG60vZkLqgyZgIHgQ=
+golang.org/x/tools v0.19.0 h1:tfGCXNR1OsFG+sVdLAitlpjAvD/I6dHDKnYrpEZUHkw=
-golang.org/x/tools v0.18.0/go.mod h1:GL7B4CwcLLeo59yx/9UWWuNOW1n3VZ4f5axWfML7Lcg=
+golang.org/x/tools v0.19.0/go.mod h1:qoJWxmGSIBmAeriMx19ogtrEPrGtDbPK634QFIcLAhc=
 golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
 golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
 golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
--- a/server/handler/dtls.go
+++ b/server/handler/dtls.go
@@ -32,8 +32,10 @@ func startDtls() {
 	logf := logging.NewDefaultLoggerFactory()
 	logf.Writer = base.GetBaseLw()
 	// logf.DefaultLogLevel = logging.LogLevelTrace
 	logf.DefaultLogLevel = logging.LogLevelInfo
 	if base.GetLogLevel() == base.LogLevelTrace {
 		// logf.DefaultLogLevel = logging.LogLevelTrace
 	}
 	// https://github.com/pion/dtls/pull/369
 	sessStore := &sessionStore{}
--- a/server/handler/link_auth.go
+++ b/server/handler/link_auth.go
@@ -17,7 +17,10 @@ import (
 	"github.com/bjdgyc/anylink/sessdata"
 )
-var profileHash = ""
+var (
 	profileHash = ""
 	certHash    = ""
 )
 func LinkAuth(w http.ResponseWriter, r *http.Request) {
 	// TODO 调试信息输出
@@ -46,10 +49,11 @@ func LinkAuth(w http.ResponseWriter, r *http.Request) {
 	cr := ClientRequest{}
 	err = xml.Unmarshal(body, &cr)
 	if err != nil {
 		base.Error(err)
 		w.WriteHeader(http.StatusBadRequest)
 		return
 	}
-	// fmt.Printf("%+v \n", cr)
+	base.Trace(fmt.Sprintf("%+v \n", cr))
 	// setCommonHeader(w)
 	if cr.Type == "logout" {
 		// 退出删除session信息
@@ -137,10 +141,10 @@ func LinkAuth(w http.ResponseWriter, r *http.Request) {
 	other := &dbdata.SettingOther{}
 	_ = dbdata.SettingGet(other)
 	rd := RequestData{SessionId: sess.Sid, SessionToken: sess.Sid + "@" + sess.Token,
-		Banner: other.Banner, ProfileHash: profileHash}
+		Banner: other.Banner, ProfileName: base.Cfg.ProfileName, ProfileHash: profileHash, CertHash: certHash}
 	w.WriteHeader(http.StatusOK)
 	tplRequest(tpl_complete, w, rd)
-	base.Debug("login", cr.Auth.Username, userAgent)
+	base.Info("login", cr.Auth.Username, userAgent)
 }
 const (
@@ -175,7 +179,9 @@ type RequestData struct {
 	SessionId    string
 	SessionToken string
 	Banner       string
 	ProfileName  string
 	ProfileHash  string
 	CertHash     string
 }
 var auth_request = `<?xml version="1.0" encoding="UTF-8"?>
@@ -221,13 +227,13 @@ var auth_complete = `<?xml version="1.0" encoding="UTF-8"?>
    </capabilities>
    <config client="vpn" type="private">
        <vpn-base-config>
-            <server-cert-hash>240B97A685B2BFA66AD699B90AAC49EA66495D69</server-cert-hash>
+            <server-cert-hash>{{.CertHash}}</server-cert-hash>
        </vpn-base-config>
        <opaque is-for="vpn-client"></opaque>
        <vpn-profile-manifest>
            <vpn rev="1.0">
                <file type="profile" service-type="user">
-                    <uri>/profile.xml</uri>
+                    <uri>/profile_{{.ProfileName}}.xml</uri>
                    <hash type="sha1">{{.ProfileHash}}</hash>
                </file>
            </vpn>
--- a/server/handler/link_base.go
+++ b/server/handler/link_base.go
@@ -2,8 +2,9 @@ package handler
 import (
 	"encoding/xml"
 	"log"
 	"os/exec"
 	"github.com/bjdgyc/anylink/base"
 )
 const BufferSize = 2048
@@ -46,7 +47,7 @@ func execCmd(cmdStrs []string) error {
 		cmd := exec.Command("sh", "-c", cmdStr)
 		b, err := cmd.CombinedOutput()
 		if err != nil {
-			log.Println(string(b))
+			base.Error(cmdStr, string(b))
 			return err
 		}
 	}
--- a/server/handler/link_cstp.go
+++ b/server/handler/link_cstp.go
@@ -25,9 +25,9 @@ func LinkCstp(conn net.Conn, bufRW *bufio.ReadWriter, cSess *sessdata.ConnSessio
 		n         int
 		dataLen   uint16
 		dead      = time.Second * time.Duration(cSess.CstpDpd+5)
-		idle      = time.Second * time.Duration(base.Cfg.IdleTimeout)
+		idle      = int64(base.Cfg.IdleTimeout)
 		checkIdle = base.Cfg.IdleTimeout > 0
-		lastTime  time.Time
+		lastTime  int64
 	)
 	go cstpWrite(conn, bufRW, cSess)
@@ -37,14 +37,14 @@ func LinkCstp(conn net.Conn, bufRW *bufio.ReadWriter, cSess *sessdata.ConnSessio
 		// 设置超时限制
 		err = conn.SetReadDeadline(utils.NowSec().Add(dead))
 		if err != nil {
-			base.Error("SetDeadline: ", cSess.Username, err)
+			base.Error("SetDeadline: ", cSess.Username, cSess.IpAddr, err)
 			return
 		}
 		// hdata := make([]byte, BufferSize)
 		pl := getPayload()
 		n, err = bufRW.Read(pl.Data)
 		if err != nil {
-			base.Error("read hdata: ", cSess.Username, err)
+			base.Warn("read hdata: ", cSess.Username, cSess.IpAddr, err)
 			return
 		}
@@ -61,7 +61,7 @@ func LinkCstp(conn net.Conn, bufRW *bufio.ReadWriter, cSess *sessdata.ConnSessio
 			// 判断超时时间
 			if checkIdle {
 				lastTime = cSess.LastDataTime.Load()
-				if lastTime.Before(utils.NowSec().Add(-idle)) {
+				if lastTime < (utils.NowSec().Unix() - idle) {
 					base.Warn("IdleTimeout", cSess.Username, cSess.IpAddr, conn.RemoteAddr(), "lastTime", lastTime)
 					sessdata.CloseSess(cSess.Sess.Token, dbdata.UserIdleTimeout)
 					return
@@ -69,13 +69,13 @@ func LinkCstp(conn net.Conn, bufRW *bufio.ReadWriter, cSess *sessdata.ConnSessio
 			}
 		case 0x05: // DISCONNECT
 			cSess.UserLogoutCode = dbdata.UserLogoutClient
-			base.Debug("DISCONNECT", cSess.Username, cSess.IpAddr, conn.RemoteAddr())
+			base.Info("DISCONNECT", cSess.Username, cSess.IpAddr, conn.RemoteAddr(), n, string(pl.Data[9:n]))
 			sessdata.CloseSess(cSess.Sess.Token, dbdata.UserLogoutClient)
 			return
 		case 0x03: // DPD-REQ
-			base.Trace("recv LinkCstp DPD-REQ", cSess.Username, cSess.IpAddr, conn.RemoteAddr())
+			base.Trace("recv LinkCstp DPD-REQ", cSess.Username, cSess.IpAddr, conn.RemoteAddr(), n, pl.Data[:n])
 			pl.PType = 0x04
-			pl.Data = pl.Data[:n]
+			// pl.Data = pl.Data[:n]
 			if payloadOutCstp(cSess, pl) {
 				return
 			}
@@ -113,7 +113,7 @@ func LinkCstp(conn net.Conn, bufRW *bufio.ReadWriter, cSess *sessdata.ConnSessio
 				return
 			}
 			// 只记录返回正确的数据时间
-			cSess.LastDataTime.Store(utils.NowSec())
+			cSess.LastDataTime.Store(utils.NowSec().Unix())
 		}
 	}
 }
@@ -169,14 +169,14 @@ func cstpWrite(conn net.Conn, bufRW *bufio.ReadWriter, cSess *sessdata.ConnSessi
 				binary.BigEndian.PutUint16(pl.Data[4:6], uint16(l))
 			}
 		} else {
-			// pl.Data = append(pl.Data[:0], plHeader...)
+			pl.Data = append(pl.Data[:0], plHeader...)
 			// 设置头类型
 			pl.Data[6] = pl.PType
 		}
 		n, err = conn.Write(pl.Data)
 		if err != nil {
-			base.Error("write err", cSess.Username, err)
+			base.Warn("write err", cSess.Username, cSess.IpAddr, err)
 			return
 		}
--- a/server/handler/link_dtls.go
+++ b/server/handler/link_dtls.go
@@ -36,14 +36,14 @@ func LinkDtls(conn net.Conn, cSess *sessdata.ConnSession) {
 	for {
 		err = conn.SetReadDeadline(utils.NowSec().Add(dead))
 		if err != nil {
-			base.Error("SetDeadline: ", cSess.Username, err)
+			base.Error("SetDeadline: ", cSess.Username, cSess.IpAddr, err)
 			return
 		}
 		pl := getPayload()
 		n, err = conn.Read(pl.Data)
 		if err != nil {
-			base.Error("read hdata: ", cSess.Username, err)
+			base.Warn("read hdata: ", cSess.Username, cSess.IpAddr, err)
 			return
 		}
@@ -59,11 +59,12 @@ func LinkDtls(conn net.Conn, cSess *sessdata.ConnSession) {
 			base.Trace("recv LinkDtls Keepalive", cSess.Username, cSess.IpAddr, conn.RemoteAddr())
 		case 0x05: // DISCONNECT
 			cSess.UserLogoutCode = dbdata.UserLogoutClient
-			base.Debug("DISCONNECT DTLS", cSess.Username, cSess.IpAddr, conn.RemoteAddr())
+			base.Info("DISCONNECT DTLS", cSess.Username, cSess.IpAddr, conn.RemoteAddr())
 			return
 		case 0x03: // DPD-REQ
-			base.Trace("recv LinkDtls DPD-REQ", cSess.Username, cSess.IpAddr, conn.RemoteAddr())
+			base.Trace("recv LinkDtls DPD-REQ", cSess.Username, cSess.IpAddr, conn.RemoteAddr(), n)
 			pl.PType = 0x04
 			// 从零开始 可以直接赋值
 			pl.Data = pl.Data[:n]
 			if payloadOutDtls(cSess, dSess, pl) {
 				return
@@ -95,7 +96,7 @@ func LinkDtls(conn net.Conn, cSess *sessdata.ConnSession) {
 				return
 			}
 			// 只记录返回正确的数据时间
-			cSess.LastDataTime.Store(utils.NowSec())
+			cSess.LastDataTime.Store(utils.NowSec().Unix())
 		}
 	}
@@ -150,12 +151,15 @@ func dtlsWrite(conn net.Conn, dSess *sessdata.DtlsSession, cSess *sessdata.ConnS
 			}
 		} else {
 			// 设置头类型
-			// pl.Data = append(pl.Data[:0], pl.PType)
+			if pl.PType == 0x04 {
 				pl.Data[0] = pl.PType
 			} else {
 				pl.Data = append(pl.Data[:0], pl.PType)
 			}
 		}
 		n, err := conn.Write(pl.Data)
 		if err != nil {
-			base.Error("write err", cSess.Username, err)
+			base.Warn("write err", cSess.Username, cSess.IpAddr, err)
 			return
 		}
--- a/server/handler/link_home.go
+++ b/server/handler/link_home.go
@@ -27,10 +27,16 @@ func LinkHome(w http.ResponseWriter, r *http.Request) {
 	if err := dbdata.SettingGet(index); err != nil {
 		return
 	}
 	if index.Homecode > 0 {
 		w.WriteHeader(index.Homecode)
 	} else {
 		w.WriteHeader(http.StatusOK)
 	if index.Homeindex == "" {
 		index.Homeindex = "AnyLink 是一个企业级远程办公 SSL VPN 软件，可以支持多人同时在线使用。"
 	}
 	// if index.Homeindex == "" {
 	// 	index.Homeindex = "AnyLink 是一个企业级远程办公 SSL VPN 软件，可以支持多人同时在线使用。"
 	// }
 	fmt.Fprintln(w, index.Homeindex)
 }
--- a/server/handler/link_tun.go
+++ b/server/handler/link_tun.go
@@ -4,12 +4,16 @@ import (
 	"fmt"
 	"github.com/bjdgyc/anylink/base"
 	"github.com/bjdgyc/anylink/pkg/utils"
 	"github.com/bjdgyc/anylink/sessdata"
 	"github.com/coreos/go-iptables/iptables"
 	"github.com/songgao/water"
 )
 func checkTun() {
 	// 测试ip命令
 	base.CheckModOrLoad("tun")
 	// 测试tun
 	cfg := water.Config{
 		DeviceType: water.TUN,
@@ -21,16 +25,14 @@ func checkTun() {
 	}
 	defer ifce.Close()
 	// 测试ip命令
 	base.CheckModOrLoad("tun")
 	cmdstr1 := fmt.Sprintf("ip link set dev %s up mtu %s multicast off", ifce.Name(), "1399")
 	err = execCmd([]string{cmdstr1})
 	if err != nil {
 		base.Fatal("testTun err: ", err)
 	}
 	// 开启服务器转发
-	if err := execCmd([]string{"sysctl -w net.ipv4.ip_forward=1"}); err != nil {
+	err = execCmd([]string{"sysctl -w net.ipv4.ip_forward=1"})
 	if err != nil {
 		base.Fatal(err)
 	}
 	if base.Cfg.IptablesNat {
@@ -44,15 +46,29 @@ func checkTun() {
 		// 修复 rockyos nat 不生效
 		base.CheckModOrLoad("iptable_filter")
 		base.CheckModOrLoad("iptable_nat")
 		// base.CheckModOrLoad("xt_comment")
-		natRule := []string{"-s", base.Cfg.Ipv4CIDR, "-o", base.Cfg.Ipv4Master, "-j", "MASQUERADE"}
+		// 添加注释
-		forwardRule := []string{"-j", "ACCEPT"}
+		natRule := []string{"-s", base.Cfg.Ipv4CIDR, "-o", base.Cfg.Ipv4Master, "-m", "comment",
-		if natExists, _ := ipt.Exists("nat", "POSTROUTING", natRule...); !natExists {
+			"--comment", "AnyLink", "-j", "MASQUERADE"}
-			ipt.Insert("nat", "POSTROUTING", 1, natRule...)
+		if base.InContainer {
 			natRule = []string{"-s", base.Cfg.Ipv4CIDR, "-o", base.Cfg.Ipv4Master, "-j", "MASQUERADE"}
 		}
-		if forwardExists, _ := ipt.Exists("filter", "FORWARD", forwardRule...); !forwardExists {
+		err = ipt.InsertUnique("nat", "POSTROUTING", 1, natRule...)
-			ipt.Insert("filter", "FORWARD", 1, forwardRule...)
+		if err != nil {
 			base.Error(err)
 		}
 		// 添加注释
 		forwardRule := []string{"-m", "comment", "--comment", "AnyLink", "-j", "ACCEPT"}
 		if base.InContainer {
 			forwardRule = []string{"-j", "ACCEPT"}
 		}
 		err = ipt.InsertUnique("filter", "FORWARD", 1, forwardRule...)
 		if err != nil {
 			base.Error(err)
 		}
 		base.Info(ipt.List("nat", "POSTROUTING"))
 		base.Info(ipt.List("filter", "FORWARD"))
 	}
@@ -73,8 +89,8 @@ func LinkTun(cSess *sessdata.ConnSession) error {
 	cSess.SetIfName(ifce.Name())
 	// 通过 ip link show  查看 alias 信息
-
+	alias := utils.ParseName(cSess.Group.Name + "." + cSess.Username)
-	cmdstr1 := fmt.Sprintf("ip link set dev %s up mtu %d multicast off alias %s.%s", ifce.Name(), cSess.Mtu, cSess.Group.Name, cSess.Username)
+	cmdstr1 := fmt.Sprintf("ip link set dev %s up mtu %d multicast off alias %s", ifce.Name(), cSess.Mtu, alias)
 	cmdstr2 := fmt.Sprintf("ip addr add dev %s local %s peer %s/32",
 		ifce.Name(), base.Cfg.Ipv4Gateway, cSess.IpAddr)
 	err = execCmd([]string{cmdstr1, cmdstr2})
--- a/server/handler/link_tunnel.go
+++ b/server/handler/link_tunnel.go
@@ -86,13 +86,13 @@ func LinkTunnel(w http.ResponseWriter, r *http.Request) {
 	}
 	cSess.CstpDpd = cstpDpd
-	dtlsPort := "4433"
+	dtlsPort := "443"
 	if strings.Contains(base.Cfg.ServerDTLSAddr, ":") {
 		ss := strings.Split(base.Cfg.ServerDTLSAddr, ":")
 		dtlsPort = ss[1]
 	}
-	base.Debug(cSess.IpAddr, cSess.MacHw, sess.Username, mobile)
+	base.Info(sess.Username, cSess.IpAddr, cSess.MacHw, cSess.Client, mobile)
 	// 检测密码套件
 	dtlsCiphersuite := checkDtls12Ciphersuite(r.Header.Get("X-Dtls12-Ciphersuite"))
@@ -131,9 +131,14 @@ func LinkTunnel(w http.ResponseWriter, r *http.Request) {
 	for _, v := range cSess.Group.ClientDns {
 		HttpAddHeader(w, "X-CSTP-DNS", v.Val)
 	}
 	// 分割dns
 	for _, v := range cSess.Group.SplitDns {
 		HttpAddHeader(w, "X-CSTP-Split-DNS", v.Val)
 	}
 	// 允许的路由
 	for _, v := range cSess.Group.RouteInclude {
-		if v.Val == dbdata.All {
+		if strings.ToLower(v.Val) == dbdata.All {
 			continue
 		}
 		HttpAddHeader(w, "X-CSTP-Split-Include", v.IpMask)
@@ -156,9 +161,9 @@ func LinkTunnel(w http.ResponseWriter, r *http.Request) {
 	HttpSetHeader(w, "X-CSTP-Keep", "true")
 	HttpSetHeader(w, "X-CSTP-Tunnel-All-DNS", "false")
-	HttpSetHeader(w, "X-CSTP-Rekey-Time", "43200") // 172800
+	HttpSetHeader(w, "X-CSTP-Rekey-Time", "86400") // 172800
 	HttpSetHeader(w, "X-CSTP-Rekey-Method", "new-tunnel")
-	HttpSetHeader(w, "X-DTLS-Rekey-Time", "43200")
+	HttpSetHeader(w, "X-DTLS-Rekey-Time", "86400")
 	HttpSetHeader(w, "X-DTLS-Rekey-Method", "new-tunnel")
 	HttpSetHeader(w, "X-CSTP-DPD", fmt.Sprintf("%d", cstpDpd))
@@ -180,7 +185,7 @@ func LinkTunnel(w http.ResponseWriter, r *http.Request) {
 	HttpSetHeader(w, "X-CSTP-Routing-Filtering-Ignore", "false")
 	HttpSetHeader(w, "X-CSTP-Quarantine", "false")
 	HttpSetHeader(w, "X-CSTP-Disable-Always-On-VPN", "false")
-	HttpSetHeader(w, "X-CSTP-Client-Bypass-Protocol", "false")
+	HttpSetHeader(w, "X-CSTP-Client-Bypass-Protocol", "true")
 	HttpSetHeader(w, "X-CSTP-TCP-Keepalive", "false")
 	// 设置域名拆分隧道（移动端不支持）
 	if mobile != "mobile" {
--- a/server/handler/link_vtap.go
+++ b/server/handler/link_vtap.go
@@ -28,12 +28,13 @@ func (v *Vtap) Close() error {
 }
 func checkMacvtap() {
 	// 加载 macvtap
 	base.CheckModOrLoad("macvtap")
 	_setGateway()
 	_checkTapIp(base.Cfg.Ipv4Master)
 	ifName := "anylinkMacvtap"
 	// 加载 macvtap
 	base.CheckModOrLoad("macvtap")
 	// 开启主网卡混杂模式
 	cmdstr1 := fmt.Sprintf("ip link set dev %s promisc on", base.Cfg.Ipv4Master)
@@ -55,8 +56,8 @@ func LinkMacvtap(cSess *sessdata.ConnSession) error {
 	cSess.SetIfName(ifName)
 	cmdstr1 := fmt.Sprintf("ip link add link %s name %s type macvtap mode bridge", base.Cfg.Ipv4Master, ifName)
-	cmdstr2 := fmt.Sprintf("ip link set dev %s up mtu %d address %s alias %s.%s", ifName, cSess.Mtu,
+	alias := utils.ParseName(cSess.Group.Name + "." + cSess.Username)
-		cSess.MacHw, cSess.Group.Name, cSess.Username)
+	cmdstr2 := fmt.Sprintf("ip link set dev %s up mtu %d address %s alias %s", ifName, cSess.Mtu, cSess.MacHw, alias)
 	err := execCmd([]string{cmdstr1, cmdstr2})
 	if err != nil {
--- a/server/handler/payload.go
+++ b/server/handler/payload.go
@@ -88,8 +88,21 @@ func checkLinkAcl(group *dbdata.Group, pl *sessdata.Payload) bool {
 	for _, v := range group.LinkAcl {
 		// 循环判断ip和端口
 		if v.IpNet.Contains(ipDst) {
 			// 放行允许ip的ping
-			if v.Port == ipPort || v.Port == 0 || ipProto == waterutil.ICMP {
+			// if v.Ports == nil || len(v.Ports) == 0 {
 			// 	//单端口历史数据兼容
 			// 	port := uint16(v.Port.(float64))
 			// 	if port == ipPort || port == 0 || ipProto == waterutil.ICMP {
 			// 		if v.Action == dbdata.Allow {
 			// 			return true
 			// 		} else {
 			// 			return false
 			// 		}
 			// 	}
 			// } else {
 			if dbdata.ContainsInPorts(v.Ports, ipPort) || dbdata.ContainsInPorts(v.Ports, 0) || ipProto == waterutil.ICMP {
 				if v.Action == dbdata.Allow {
 					return true
 				} else {
--- a/server/handler/server.go
+++ b/server/handler/server.go
@@ -1,13 +1,16 @@
 package handler
 import (
 	"crypto/sha1"
 	"crypto/tls"
 	"encoding/hex"
 	"fmt"
 	"io"
 	"net"
 	"net/http"
 	"net/http/httputil"
 	"os"
 	"strings"
 	"time"
 	"github.com/bjdgyc/anylink/base"
@@ -36,6 +39,19 @@ func startTls() {
 	//	certs[0], err = tls.LoadX509KeyPair(certFile, keyFile)
 	// }
 	tlscert, _, err := dbdata.ParseCert()
 	if err != nil {
 		base.Fatal("证书加载失败", err)
 	}
 	dbdata.LoadCertificate(tlscert)
 	// 计算证书hash值
 	s1 := sha1.New()
 	s1.Write(tlscert.Certificate[0])
 	h2s := hex.EncodeToString(s1.Sum(nil))
 	certHash = strings.ToUpper(h2s)
 	base.Info("certHash", certHash)
 	// 修复 CVE-2016-2183
 	// https://segmentfault.com/a/1190000038486901
 	// nmap -sV --script ssl-enum-ciphers -p 443 www.example.com
@@ -98,7 +114,7 @@ func initRoute() http.Handler {
 	r.HandleFunc("/", LinkAuth).Methods(http.MethodPost)
 	r.HandleFunc("/CSCOSSLC/tunnel", LinkTunnel).Methods(http.MethodConnect)
 	r.HandleFunc("/otp_qr", LinkOtpQr).Methods(http.MethodGet)
-	r.HandleFunc("/profile.xml", func(w http.ResponseWriter, r *http.Request) {
+	r.HandleFunc(fmt.Sprintf("/profile_%s.xml", base.Cfg.ProfileName), func(w http.ResponseWriter, r *http.Request) {
 		b, _ := os.ReadFile(base.Cfg.Profile)
 		w.Write(b)
 	}).Methods(http.MethodGet)
--- a/server/handler/start.go
+++ b/server/handler/start.go
@@ -17,6 +17,12 @@ func Start() {
 	sessdata.Start()
 	cron.Start()
 	// 开启服务器转发
 	err := execCmd([]string{"sysctl -w net.ipv4.ip_forward=1"})
 	if err != nil {
 		base.Fatal(err)
 	}
 	switch base.Cfg.LinkMode {
 	case base.LinkModeTUN:
 		checkTun()
--- a/server/pkg/utils/util.go
+++ b/server/pkg/utils/util.go
@@ -3,6 +3,7 @@ package utils
 import (
 	"fmt"
 	"math/rand"
 	"strings"
 	"sync/atomic"
 	"time"
 )
@@ -91,3 +92,11 @@ func RandomRunes(length int) string {
 	return string(bytes)
 }
 func ParseName(name string) string {
 	name = strings.ReplaceAll(name, " ", "-")
 	name = strings.ReplaceAll(name, "'", "-")
 	name = strings.ReplaceAll(name, "\"", "-")
 	name = strings.ReplaceAll(name, ";", "-")
 	return name
 }
--- a/server/sessdata/online.go
+++ b/server/sessdata/online.go
@@ -4,6 +4,7 @@ import (
 	"bytes"
 	"net"
 	"sort"
 	"strings"
 	"time"
 	"github.com/bjdgyc/anylink/pkg/utils"
@@ -42,33 +43,74 @@ func (o Onlines) Swap(i, j int) {
 }
 func OnlineSess() []Online {
 	return GetOnlineSess("", "", false)
 }
 /**
 * @Description: GetOnlineSess
 * @param search_cate 分类：用户名、登录组、MAC地址、IP地址、远端地址
 * @param search_text 关键字，模糊搜索
 * @param show_sleeper 是否显示休眠用户
 * @return []Online
 */
 func GetOnlineSess(search_cate string, search_text string, show_sleeper bool) []Online {
 	var datas Onlines
 	if strings.TrimSpace(search_text) == "" {
 		search_cate = ""
 	}
 	sessMux.Lock()
 	defer sessMux.Unlock()
 	for _, v := range sessions {
 		v.mux.Lock()
-		if v.IsActive {
+		cSess := v.CSess
 		if cSess == nil {
 			cSess = &ConnSession{}
 		}
 		// 选择需要比较的字符串
 		var compareText string
 		switch search_cate {
 		case "username":
 			compareText = v.Username
 		case "group":
 			compareText = v.Group
 		case "mac_addr":
 			compareText = v.MacAddr
 		case "ip":
 			if cSess != nil {
 				compareText = cSess.IpAddr.String()
 			}
 		case "remote_addr":
 			if cSess != nil {
 				compareText = cSess.RemoteAddr
 			}
 		}
 		if search_cate != "" && !strings.Contains(compareText, search_text) {
 			v.mux.Unlock()
 			continue
 		}
 		if show_sleeper || v.IsActive {
 			val := Online{
 				Token:            v.Token,
-				Ip:               v.CSess.IpAddr,
+				Ip:               cSess.IpAddr,
 				Username:         v.Username,
 				Group:            v.Group,
 				MacAddr:          v.MacAddr,
 				UniqueMac:        v.UniqueMac,
-				RemoteAddr:       v.CSess.RemoteAddr,
+				RemoteAddr:       cSess.RemoteAddr,
-				TunName:          v.CSess.IfName,
+				TunName:          cSess.IfName,
-				Mtu:              v.CSess.Mtu,
+				Mtu:              cSess.Mtu,
-				Client:           v.CSess.Client,
+				Client:           cSess.Client,
-				BandwidthUp:      utils.HumanByte(v.CSess.BandwidthUpPeriod.Load()) + "/s",
+				BandwidthUp:      utils.HumanByte(cSess.BandwidthUpPeriod.Load()) + "/s",
-				BandwidthDown:    utils.HumanByte(v.CSess.BandwidthDownPeriod.Load()) + "/s",
+				BandwidthDown:    utils.HumanByte(cSess.BandwidthDownPeriod.Load()) + "/s",
-				BandwidthUpAll:   utils.HumanByte(v.CSess.BandwidthUpAll.Load()),
+				BandwidthUpAll:   utils.HumanByte(cSess.BandwidthUpAll.Load()),
-				BandwidthDownAll: utils.HumanByte(v.CSess.BandwidthDownAll.Load()),
+				BandwidthDownAll: utils.HumanByte(cSess.BandwidthDownAll.Load()),
 				LastLogin:        v.LastLogin,
 			}
 			datas = append(datas, val)
 		}
 		v.mux.Unlock()
 	}
 	sessMux.Unlock()
 	sort.Sort(&datas)
 	return datas
 }
--- a/server/sessdata/session.go
+++ b/server/sessdata/session.go
@@ -13,7 +13,6 @@ import (
 	"github.com/bjdgyc/anylink/base"
 	"github.com/bjdgyc/anylink/dbdata"
 	mapset "github.com/deckarep/golang-set"
 	atomic2 "go.uber.org/atomic"
 )
 var (
@@ -41,15 +40,15 @@ type ConnSession struct {
 	CstpDpd             int
 	Group               *dbdata.Group
 	Limit               *LimitRater
-	BandwidthUp         atomic2.Uint32 // 使用上行带宽 Byte
+	BandwidthUp         atomic.Uint32 // 使用上行带宽 Byte
-	BandwidthDown       atomic2.Uint32 // 使用下行带宽 Byte
+	BandwidthDown       atomic.Uint32 // 使用下行带宽 Byte
-	BandwidthUpPeriod   atomic2.Uint32 // 前一周期的总量
+	BandwidthUpPeriod   atomic.Uint32 // 前一周期的总量
-	BandwidthDownPeriod atomic2.Uint32
+	BandwidthDownPeriod atomic.Uint32
-	BandwidthUpAll      atomic2.Uint64 // 使用上行带宽总量
+	BandwidthUpAll      atomic.Uint64 // 使用上行带宽总量
-	BandwidthDownAll    atomic2.Uint64 // 使用下行带宽总量
+	BandwidthDownAll    atomic.Uint64 // 使用下行带宽总量
 	closeOnce           sync.Once
 	CloseChan           chan struct{}
-	LastDataTime        atomic2.Time // 最后数据传输时间
+	LastDataTime        atomic.Int64 // 最后数据传输时间
 	PayloadIn           chan *Payload
 	PayloadOutCstp      chan *Payload // Cstp的数据
 	PayloadOutDtls      chan *Payload // Dtls的数据
@@ -220,7 +219,7 @@ func (s *Session) NewConn() *ConnSession {
 		PayloadOutDtls: make(chan *Payload, 64),
 		dSess:          &atomic.Value{},
 	}
-	cSess.LastDataTime.Store(time.Now())
+	cSess.LastDataTime.Store(time.Now().Unix())
 	dSess := &DtlsSession{
 		isActive: -1,
@@ -464,7 +463,7 @@ func CloseSess(token string, code ...uint8) {
 		sess.CSess.Close()
 		return
 	}
-	AddUserActLogBySess(sess)
+	AddUserActLogBySess(sess, code...)
 }
 func CloseCSess(token string) {
@@ -501,7 +500,7 @@ func AddUserActLog(cs *ConnSession) {
 	dbdata.UserActLogIns.Add(ua, cs.UserAgent)
 }
-func AddUserActLogBySess(sess *Session) {
+func AddUserActLogBySess(sess *Session, code ...uint8) {
 	ua := dbdata.UserActLog{
 		Username:        sess.Username,
 		GroupName:       sess.Group,
@@ -512,5 +511,8 @@ func AddUserActLogBySess(sess *Session) {
 		Status:          dbdata.UserLogout,
 	}
 	ua.Info = dbdata.UserActLogIns.GetInfoOpsById(dbdata.UserLogoutBanner)
 	if len(code) > 0 {
 		ua.Info = dbdata.UserActLogIns.GetInfoOpsById(code[0])
 	}
 	dbdata.UserActLogIns.Add(ua, sess.UserAgent)
 }
--- a/2
+++ b/2
@@ -1 +1 @@
-0.11.2
+0.12.1
--- a/web/src/layout/Layout.vue
+++ b/web/src/layout/Layout.vue
@@ -18,6 +18,14 @@
        <!--子组件上报route信息-->
        <router-view :route_path.sync="route_path" :route_name.sync="route_name"></router-view>
      </el-main>
      <el-footer>
        <div>
          <el-button size="mini" @click="goUrl('https://gitee.com/bjdgyc/anylink')">
            Powered by AnyLink
          </el-button>
          企业级远程办公系统 AGPL-3.0 ⓒ 2020-present
        </div>
      </el-footer>
    </el-container>
  </el-container>
 </template>
@@ -36,6 +44,11 @@ export default {
      route_name: ['首页'],
    }
  },
  methods: {
    goUrl(url) {
      window.open(url, "_blank")
    },
  },
  watch: {
    route_path: function (val) {
      // var w = document.getElementById('layout-menu').clientWidth;
@@ -60,4 +73,16 @@ export default {
  box-shadow: 0 1px 3px 0 rgba(0, 0, 0, .12), 0 0 3px 0 rgba(0, 0, 0, .04);
 }
 .el-footer {
  display: flex;
  align-items: center;
  justify-content: center;
  text-align: center;
  font-size: 12px;
  line-height: 12px;
  margin: 0 12px;
  color: rgb(134, 144, 156);
 }
 </style>
--- a/web/src/pages/group/List.vue
+++ b/web/src/pages/group/List.vue
@@ -50,7 +50,8 @@
            label="带宽限制"
            width="90">
          <template slot-scope="scope">
-                <el-row v-if="scope.row.bandwidth > 0">{{ convertBandwidth(scope.row.bandwidth, 'BYTE', 'Mbps') }} Mbps</el-row>
+            <el-row v-if="scope.row.bandwidth > 0">{{ convertBandwidth(scope.row.bandwidth, 'BYTE', 'Mbps') }} Mbps
            </el-row>
            <el-row v-else>不限</el-row>
          </template>
        </el-table-column>
@@ -69,12 +70,20 @@
            label="路由包含"
            width="180">
          <template slot-scope="scope">
-            <el-row v-for="(item,inx) in scope.row.route_include.slice(0, readMinRows)" :key="inx">{{ item.val }}</el-row>
+            <el-row v-for="(item,inx) in scope.row.route_include.slice(0, readMinRows)" :key="inx">{{
                item.val
              }}
            </el-row>
            <div v-if="scope.row.route_include.length > readMinRows">
              <div v-if="readMore[`ri_${ scope.row.id }`]">
-                <el-row v-for="(item,inx) in scope.row.route_include.slice(readMinRows)" :key="inx">{{ item.val }}</el-row>              
+                <el-row v-for="(item,inx) in scope.row.route_include.slice(readMinRows)" :key="inx">{{
                    item.val
                  }}
                </el-row>
              </div>
-              <el-button size="mini" type="text" @click="toggleMore(`ri_${ scope.row.id }`)">{{ readMore[`ri_${ scope.row.id }`] ? "▲ 收起" : "▼ 更多" }}</el-button>              
+              <el-button size="mini" type="text" @click="toggleMore(`ri_${ scope.row.id }`)">
                {{ readMore[`ri_${scope.row.id}`] ? "▲ 收起" : "▼ 更多" }}
              </el-button>
            </div>
          </template>
        </el-table-column>
@@ -84,12 +93,20 @@
            label="路由排除"
            width="180">
          <template slot-scope="scope">
-            <el-row v-for="(item,inx) in scope.row.route_exclude.slice(0, readMinRows)" :key="inx">{{ item.val }}</el-row>
+            <el-row v-for="(item,inx) in scope.row.route_exclude.slice(0, readMinRows)" :key="inx">{{
                item.val
              }}
            </el-row>
            <div v-if="scope.row.route_exclude.length > readMinRows">
              <div v-if="readMore[`re_${ scope.row.id }`]">
-                <el-row v-for="(item,inx) in scope.row.route_exclude.slice(readMinRows)" :key="inx">{{ item.val }}</el-row>              
+                <el-row v-for="(item,inx) in scope.row.route_exclude.slice(readMinRows)" :key="inx">{{
                    item.val
                  }}
                </el-row>
              </div>
-              <el-button size="mini" type="text" @click="toggleMore(`re_${ scope.row.id }`)">{{ readMore[`re_${ scope.row.id }`] ? "▲ 收起" : "▼ 更多" }}</el-button>              
+              <el-button size="mini" type="text" @click="toggleMore(`re_${ scope.row.id }`)">
                {{ readMore[`re_${scope.row.id}`] ? "▲ 收起" : "▼ 更多" }}
              </el-button>
            </div>
          </template>
        </el-table-column>
@@ -108,7 +125,9 @@
                  {{ item.action }} => {{ item.val }} : {{ item.port }}
                </el-row>
              </div>
-              <el-button size="mini" type="text" @click="toggleMore(`la_${ scope.row.id }`)">{{ readMore[`la_${ scope.row.id }`] ? "▲ 收起" : "▼ 更多" }}</el-button>              
+              <el-button size="mini" type="text" @click="toggleMore(`la_${ scope.row.id }`)">
                {{ readMore[`la_${scope.row.id}`] ? "▲ 收起" : "▼ 更多" }}
              </el-button>
            </div>
          </template>
        </el-table-column>
@@ -192,15 +211,20 @@
            </el-form-item>
            <el-form-item label="带宽限制" prop="bandwidth_format" style="width:260px;">
-                <el-input v-model="ruleForm.bandwidth_format" oninput="value= value.match(/\d+(\.\d{0,2})?/) ? value.match(/\d+(\.\d{0,2})?/)[0] : ''">
+              <el-input v-model="ruleForm.bandwidth_format"
                        oninput="value= value.match(/\d+(\.\d{0,2})?/) ? value.match(/\d+(\.\d{0,2})?/)[0] : ''">
                <template slot="append">Mbps</template>
              </el-input>
            </el-form-item>
            <el-form-item label="排除本地网络" prop="allow_lan">
-                <el-switch
+              <!--  active-text="开启后 用户本地所在网段将不通过anylink加密传输" -->
-                    v-model="ruleForm.allow_lan"
+              <el-switch v-model="ruleForm.allow_lan"></el-switch>
-                    active-text="开启后 用户本地所在网段将不通过anylink加密传输">
+              <div class="msg-info">
-                </el-switch>
+                注：本地网络 指的是：
                运行 anyconnect 客户端的PC 所在的的网络，即本地路由网段。
                开启后，PC本地路由网段的数据就不会走隧道链路转发数据了。
                同时 anyconnect 客户端需要勾选本地网络(Allow Local Lan)的开关，功能才能生效。
              </div>
            </el-form-item>
            <el-form-item label="客户端DNS" prop="client_dns">
@@ -225,6 +249,30 @@
                </el-col>
              </el-row>
            </el-form-item>
            <el-form-item label="内网域名" prop="split_dns">
              <el-row class="msg-info">
                <el-col :span="20">(分割DNS)一般留空。如果输入域名，只有配置的域名(包含子域名)走配置的dns</el-col>
                <el-col :span="4">
                  <el-button size="mini" type="success" icon="el-icon-plus" circle
                             @click.prevent="addDomain(ruleForm.split_dns)"></el-button>
                </el-col>
              </el-row>
              <el-row v-for="(item,index) in ruleForm.split_dns"
                      :key="index" style="margin-bottom: 5px" :gutter="10">
                <el-col :span="10">
                  <el-input v-model="item.val"></el-input>
                </el-col>
                <el-col :span="12">
                  <el-input v-model="item.note" placeholder="备注"></el-input>
                </el-col>
                <el-col :span="2">
                  <el-button size="mini" type="danger" icon="el-icon-minus" circle
                             @click.prevent="removeDomain(ruleForm.split_dns,index)"></el-button>
                </el-col>
              </el-row>
            </el-form-item>
            <el-form-item label="状态" prop="status">
              <el-radio-group v-model="ruleForm.status">
                <el-radio :label="1" border>启用</el-radio>
@@ -242,38 +290,50 @@
              </el-radio-group>
            </el-form-item>
            <template v-if="ruleForm.auth.type == 'radius'">
-                  <el-form-item label="服务器地址" prop="auth.radius.addr" :rules="this.ruleForm.auth.type== 'radius' ? this.rules['auth.radius.addr'] : [{ required: false }]">
+              <el-form-item label="服务器地址" prop="auth.radius.addr"
                            :rules="this.ruleForm.auth.type== 'radius' ? this.rules['auth.radius.addr'] : [{ required: false }]">
                <el-input v-model="ruleForm.auth.radius.addr" placeholder="例如 ip:1812"></el-input>
              </el-form-item>
-                  <el-form-item label="密钥" prop="auth.radius.secret" :rules="this.ruleForm.auth.type== 'radius' ? this.rules['auth.radius.secret'] : [{ required: false }]">
+              <el-form-item label="密钥" prop="auth.radius.secret"
                            :rules="this.ruleForm.auth.type== 'radius' ? this.rules['auth.radius.secret'] : [{ required: false }]">
                <el-input v-model="ruleForm.auth.radius.secret" placeholder=""></el-input>
              </el-form-item>
            </template>
            <template v-if="ruleForm.auth.type == 'ldap'">
-                  <el-form-item label="服务器地址" prop="auth.ldap.addr" :rules="this.ruleForm.auth.type== 'ldap' ? this.rules['auth.ldap.addr'] : [{ required: false }]">
+              <el-form-item label="服务器地址" prop="auth.ldap.addr"
                            :rules="this.ruleForm.auth.type== 'ldap' ? this.rules['auth.ldap.addr'] : [{ required: false }]">
                <el-input v-model="ruleForm.auth.ldap.addr" placeholder="例如 ip:389 / 域名:389"></el-input>
              </el-form-item>
              <el-form-item label="开启TLS" prop="auth.ldap.tls">
                <el-switch v-model="ruleForm.auth.ldap.tls"></el-switch>
              </el-form-item>
-                  <el-form-item label="管理员 DN" prop="auth.ldap.bind_name" :rules="this.ruleForm.auth.type== 'ldap' ? this.rules['auth.ldap.bind_name'] : [{ required: false }]">
+              <el-form-item label="管理员 DN" prop="auth.ldap.bind_name"
-                    <el-input v-model="ruleForm.auth.ldap.bind_name" placeholder="例如 CN=bindadmin,DC=abc,DC=COM"></el-input>
+                            :rules="this.ruleForm.auth.type== 'ldap' ? this.rules['auth.ldap.bind_name'] : [{ required: false }]">
                <el-input v-model="ruleForm.auth.ldap.bind_name"
                          placeholder="例如 CN=bindadmin,DC=abc,DC=COM"></el-input>
              </el-form-item>
-                  <el-form-item label="管理员密码" prop="auth.ldap.bind_pwd" :rules="this.ruleForm.auth.type== 'ldap' ? this.rules['auth.ldap.bind_pwd'] : [{ required: false }]">
+              <el-form-item label="管理员密码" prop="auth.ldap.bind_pwd"
                            :rules="this.ruleForm.auth.type== 'ldap' ? this.rules['auth.ldap.bind_pwd'] : [{ required: false }]">
                <el-input type="password" v-model="ruleForm.auth.ldap.bind_pwd" placeholder=""></el-input>
              </el-form-item>
-                  <el-form-item label="Base DN" prop="auth.ldap.base_dn" :rules="this.ruleForm.auth.type== 'ldap' ? this.rules['auth.ldap.base_dn'] : [{ required: false }]">
+              <el-form-item label="Base DN" prop="auth.ldap.base_dn"
                            :rules="this.ruleForm.auth.type== 'ldap' ? this.rules['auth.ldap.base_dn'] : [{ required: false }]">
                <el-input v-model="ruleForm.auth.ldap.base_dn" placeholder="例如 DC=abc,DC=com"></el-input>
              </el-form-item>
-                  <el-form-item label="用户对象类" prop="auth.ldap.object_class" :rules="this.ruleForm.auth.type== 'ldap' ? this.rules['auth.ldap.object_class'] : [{ required: false }]">
+              <el-form-item label="用户对象类" prop="auth.ldap.object_class"
-                    <el-input v-model="ruleForm.auth.ldap.object_class" placeholder="例如 person / user / posixAccount"></el-input>
+                            :rules="this.ruleForm.auth.type== 'ldap' ? this.rules['auth.ldap.object_class'] : [{ required: false }]">
                <el-input v-model="ruleForm.auth.ldap.object_class"
                          placeholder="例如 person / user / posixAccount"></el-input>
              </el-form-item>
-                  <el-form-item label="用户唯一ID" prop="auth.ldap.search_attr" :rules="this.ruleForm.auth.type== 'ldap' ? this.rules['auth.ldap.search_attr'] : [{ required: false }]">
+              <el-form-item label="用户唯一ID" prop="auth.ldap.search_attr"
-                    <el-input v-model="ruleForm.auth.ldap.search_attr" placeholder="例如 sAMAccountName / uid / cn"></el-input>
+                            :rules="this.ruleForm.auth.type== 'ldap' ? this.rules['auth.ldap.search_attr'] : [{ required: false }]">
                <el-input v-model="ruleForm.auth.ldap.search_attr"
                          placeholder="例如 sAMAccountName / uid / cn"></el-input>
              </el-form-item>
              <el-form-item label="受限用户组" prop="auth.ldap.member_of">
-                    <el-input v-model="ruleForm.auth.ldap.member_of" placeholder="选填, 只允许指定组登入, 例如 CN=HomeWork,DC=abc,DC=com"></el-input>
+                <el-input v-model="ruleForm.auth.ldap.member_of"
                          placeholder="选填, 只允许指定组登入, 例如 CN=HomeWork,DC=abc,DC=com"></el-input>
              </el-form-item>
            </template>
          </el-tab-pane>
@@ -340,16 +400,18 @@
          <el-tab-pane label="权限控制" name="link_acl">
            <el-form-item label="权限控制" prop="link_acl">
              <el-row class="msg-info">
-                    <el-col :span="20">输入CIDR格式如: 192.168.3.0/24 端口0表示所有端口</el-col>
+                <el-col :span="22">输入CIDR格式如: 192.168.3.0/24
-                    <el-col :span="4">
+                  端口0表示所有端口,多个端口用','号分隔,连续端口:1234-5678
                </el-col>
                <el-col :span="2">
                  <el-button size="mini" type="success" icon="el-icon-plus" circle
                             @click.prevent="addDomain(ruleForm.link_acl)"></el-button>
                </el-col>
              </el-row>
              <el-row v-for="(item,index) in ruleForm.link_acl"
-                        :key="index" style="margin-bottom: 5px" :gutter="5">
+                      :key="index" style="margin-bottom: 5px" :gutter="1">
-                    <el-col :span="11">
+                <el-col :span="10">
                  <el-input placeholder="请输入CIDR地址" v-model="item.val">
                    <el-select v-model="item.action" slot="prepend">
                      <el-option label="允许" value="allow"></el-option>
@@ -357,10 +419,11 @@
                    </el-select>
                  </el-input>
                </el-col>
                    <el-col :span="3">
                    <el-input v-model.number="item.port" placeholder="端口"></el-input>
                    </el-col>
                <el-col :span="8">
                  <!--  type="textarea" :autosize="{ minRows: 1, maxRows: 2}"  -->
                  <el-input v-model="item.port" placeholder="多端口,号分隔"></el-input>
                </el-col>
                <el-col :span="4">
                  <el-input v-model="item.note" placeholder="备注"></el-input>
                </el-col>
                <el-col :span="2">
@@ -373,11 +436,13 @@
          <el-tab-pane label="域名拆分隧道" name="ds_domains">
            <el-form-item label="包含域名" prop="ds_include_domains">
-                    <el-input type="textarea" :rows="5" v-model="ruleForm.ds_include_domains" placeholder="输入域名用,号分隔，默认匹配所有子域名, 如baidu.com,163.com"></el-input>
+              <el-input type="textarea" :rows="5" v-model="ruleForm.ds_include_domains"
                        placeholder="输入域名用,号分隔，默认匹配所有子域名, 如baidu.com,163.com"></el-input>
            </el-form-item>
            <el-form-item label="排除域名" prop="ds_exclude_domains">
-                    <el-input type="textarea" :rows="5" v-model="ruleForm.ds_exclude_domains" placeholder="输入域名用,号分隔，默认匹配所有子域名, 如baidu.com,163.com"></el-input>
+              <el-input type="textarea" :rows="5" v-model="ruleForm.ds_exclude_domains"
-                    <div class="msg-info">注：域名拆分隧道，仅支持AnyConnect的桌面客户端，不支持移动端.</div>
+                        placeholder="输入域名用,号分隔，默认匹配所有子域名, 如baidu.com,163.com"></el-input>
              <div class="msg-info">注：域名拆分隧道，仅支持AnyConnect的windows和MacOS桌面客户端，不支持移动端.</div>
            </el-form-item>
          </el-tab-pane>
          <el-form-item>
@@ -400,7 +465,8 @@
        center>
      <el-form :model="authLoginForm" :rules="authLoginRules" ref="authLoginForm" label-width="100px">
        <el-form-item label="账号" prop="name">
-                <el-input v-model="authLoginForm.name" ref="authLoginFormName" @keydown.enter.native="testAuthLogin"></el-input>
+          <el-input v-model="authLoginForm.name" ref="authLoginFormName"
                    @keydown.enter.native="testAuthLogin"></el-input>
        </el-form-item>
        <el-form-item label="密码" prop="pwd">
          <el-input type="password" v-model="authLoginForm.pwd" @keydown.enter.native="testAuthLogin"></el-input>
@@ -421,8 +487,12 @@
        center>
      <el-form ref="ipEditForm" label-width="80px">
        <el-form-item label="路由表" prop="ip_list">
-              <el-input type="textarea" :rows="10" v-model="ipEditForm.ip_list" placeholder="每行一条路由，例：192.168.1.0/24,备注 或 192.168.1.0/24"></el-input>
+          <el-input type="textarea" :rows="10" v-model="ipEditForm.ip_list"
-              <div class="msg-info">当前共 {{ ipEditForm.ip_list.trim() === '' ? 0 : ipEditForm.ip_list.trim().split("\n").length }} 条（注：AnyConnect客户端最多支持{{ this.maxRouteRows }}条路由）</div>
+                    placeholder="每行一条路由，例：192.168.1.0/24,备注 或 192.168.1.0/24"></el-input>
          <div class="msg-info">当前共
            {{ ipEditForm.ip_list.trim() === '' ? 0 : ipEditForm.ip_list.trim().split("\n").length }}
            条（注：AnyConnect客户端最多支持{{ this.maxRouteRows }}条路由）
          </div>
        </el-form-item>
        <el-form-item>
          <el-button type="primary" @click="ipEdit()" :loading="ipEditLoading">更新</el-button>
@@ -476,7 +546,8 @@ export default {
        bandwidth_format: '0',
        status: 1,
        allow_lan: true,
-        client_dns: [{val: '114.114.114.114'}],
+        client_dns: [{val: '114.114.114.114', note: '默认dns'}],
        split_dns: [],
        route_include: [{val: 'all', note: '默认全局代理'}],
        route_exclude: [],
        link_acl: [],
@@ -620,7 +691,8 @@ export default {
      // arr.pop()
    },
    addDomain(arr) {
-      arr.push({val: "", action: "allow", port: 0});
+      console.log("arr", arr)
      arr.push({val: "", action: "allow", port: "0", note: ""});
    },
    submitForm(formName) {
      this.$refs[formName].validate((valid) => {
@@ -652,9 +724,11 @@ export default {
          return false;
        }
        this.authLoginLoading = true;
-            axios.post('/group/auth_login', {name:this.authLoginForm.name,
+        axios.post('/group/auth_login', {
          name: this.authLoginForm.name,
          pwd: this.authLoginForm.pwd,
-                                            auth:this.ruleForm.auth}).then(resp => {
+          auth: this.ruleForm.auth
        }).then(resp => {
          const rdata = resp.data;
          if (rdata.code === 0) {
            this.$message.success("登录成功");
@@ -820,6 +894,7 @@ export default {
  max-height: calc(100% - 30px);
  max-width: calc(100% - 30px);
 }
 ::v-deep .valgin-dialog .el-dialog__body {
  flex: 1;
  overflow: auto;
--- a/web/src/pages/set/Other.vue
+++ b/web/src/pages/set/Other.vue
@@ -37,7 +37,8 @@
          </el-form-item>
          <el-form-item>
            <el-button type="primary" @click="submitForm('dataSmtp')"
-              >保存</el-button
+            >保存
            </el-button
            >
            <el-button @click="resetForm('dataSmtp')">重置</el-button>
          </el-form-item>
@@ -88,7 +89,7 @@
                step: '01:00',
                end: '23:00',
              }"
-              editable="false,"
+                :editable="false"
                size="small"
                placeholder="请选择"
                style="width: 130px"
@@ -97,7 +98,8 @@
          </el-form-item>
          <el-form-item>
            <el-button type="primary" @click="submitForm('dataAuditLog')"
-              >保存</el-button
+            >保存
            </el-button
            >
            <el-button @click="resetForm('dataAuditLog')">重置</el-button>
          </el-form-item>
@@ -125,7 +127,8 @@
                    :limit="1"
                >
                  <el-button size="mini" icon="el-icon-plus" slot="trigger"
-                    >证书文件</el-button
+                  >证书文件
                  </el-button
                  >
                  <el-tooltip
                      class="item"
@@ -145,7 +148,8 @@
                    :limit="1"
                >
                  <el-button size="mini" icon="el-icon-plus" slot="trigger"
-                    >私钥文件</el-button
+                  >私钥文件
                  </el-button
                  >
                  <el-tooltip
                      class="item"
@@ -163,7 +167,8 @@
                    icon="el-icon-upload"
                    type="primary"
                    @click="submitForm('customCert')"
-                  >上传</el-button
+                >上传
                </el-button
                >
              </el-form-item>
            </el-form>
@@ -214,7 +219,8 @@
              </el-form-item>
              <el-form-item>
                <el-button type="primary" @click="submitForm('letsCert')"
-                  >申请</el-button
+                >申请
                </el-button
                >
                <el-button @click="resetForm('letsCert')">重置</el-button>
              </el-form-item>
@@ -227,7 +233,7 @@
            :model="dataOther"
            ref="dataOther"
            :rules="rules"
-          label-width="100px"
+            label-width="130px"
            class="tab-one"
        >
          <el-form-item label="vpn对外地址" prop="link_addr">
@@ -245,6 +251,14 @@
            </el-input>
          </el-form-item>
          <el-form-item label="自定义首页状态码" prop="homecode">
            <el-input-number
                v-model="dataOther.homecode"
                :min="0"
                :max="1000"
            ></el-input-number>
          </el-form-item>
          <el-form-item label="自定义首页" prop="homeindex">
            <el-input
                type="textarea"
@@ -253,12 +267,12 @@
                v-model="dataOther.homeindex"
            >
            </el-input>
-            <el-tooltip content="自定义内容可以参考 home 目录下的文件" placement="top">
+            <el-tooltip content="自定义内容可以参考 index_template 目录下的文件" placement="top">
              <i class="el-icon-question"></i>
            </el-tooltip>
          </el-form-item>
-          <el-form-item label="账户开通邮件" prop="account_mail">
+          <el-form-item label="账户开通邮件模板" prop="account_mail">
            <el-input
                type="textarea"
                :rows="10"
@@ -279,7 +293,8 @@
          <el-form-item>
            <el-button type="primary" @click="submitForm('dataOther')"
-              >保存</el-button
+            >保存
            </el-button
            >
            <el-button @click="resetForm('dataOther')">重置</el-button>
          </el-form-item>
--- a/web/src/pages/user/Online.vue
+++ b/web/src/pages/user/Online.vue
@@ -1,6 +1,59 @@
 <template>
  <div>
    <el-card>
      <el-form :inline="true">
        <el-form-item>
          <el-select
              v-model="searchCate"
              style="width: 86px;"                      
              @change="handleSearch">
            <el-option
                label="用户名"
                value="username">
            </el-option>
            <el-option
                label="登录组"
                value="group">
            </el-option>            
            <el-option
                label="MAC地址"
                value="mac_addr">
            </el-option>
            <el-option
                label="IP地址"
                value="ip">
            </el-option>
            <el-option
                label="远端地址"
                value="remote_addr">
            </el-option>
          </el-select>
        </el-form-item>
        <el-form-item>
          <el-input
              v-model="searchText"
              placeholder="请输入搜索内容"
              @input="handleSearch">
          </el-input>
        </el-form-item>        
        <el-form-item>
          显示休眠用户：
            <el-switch
                v-model="showSleeper"
                @change="handleSearch">
            </el-switch>
        </el-form-item>
        <el-form-item>
          <el-button
              class="extra-small-button"
              type="danger"
              size="mini"
              :loading="loadingOneOffline"
              @click="handleOneOffline">
            一键下线
          </el-button>
      </el-form>
      <el-table
          ref="multipleTable"
          :data="tableData"
@@ -20,7 +73,7 @@
        <el-table-column
            prop="group"
-            label="登陆组">
+            label="登录组">
        </el-table-column>
        <el-table-column
@@ -67,7 +120,6 @@
        </el-table-column>
        <el-table-column
            prop="status"
            label="实时 上行/下行"
            width="220">
          <template slot-scope="scope">
@@ -77,7 +129,6 @@
        </el-table-column>
        <el-table-column
            prop="status"
            label="总量 上行/下行"
            width="200">
          <template slot-scope="scope">
@@ -88,7 +139,7 @@
        <el-table-column
            prop="last_login"
-            label="登陆时间"
+            label="登录时间"
            :formatter="tableDateFormat">
        </el-table-column>
@@ -99,6 +150,7 @@
            <el-button
                size="mini"
                type="primary"
                v-if="scope.row.remote_addr !== ''"
                @click="handleReline(scope.row)">重连
            </el-button>
@@ -123,6 +175,7 @@
 <script>
 import axios from "axios";
 import { MessageBox } from 'element-ui';
 export default {
  name: "Online",
@@ -147,6 +200,10 @@ export default {
  data() {
    return {
      tableData: [],
      searchCate: 'username',
      searchText: '',
      showSleeper: false,
      loadingOneOffline: false,
    }
  },
  methods: {
@@ -185,8 +242,43 @@ export default {
    handleEdit(a, row) {
      console.log(a, row)
    },
    handleOneOffline() {
        if (this.tableData === null || this.tableData.length === 0) {
            this.$message.error('错误：当前在线用户表为空，无法执行一键下线操作！');
            return;
        }
        MessageBox.confirm('当前搜索条件下的所有用户将会“下线”，你确定执行吗?', '危险', {
            confirmButtonText: '确定',
            cancelButtonText: '取消',
            type: 'danger'
        }).then(() => {   
            try {
                this.loadingOneOffline = true;
                this.getData();        
                this.$message.success('操作成功');
                this.loadingOneOffline = false;
                // 清空当前表格
                this.tableData = [];
            } catch (error) {
                this.loadingOneOffline = false;
                this.$message.error('操作失败');
            }
        });        
    },
    handleSearch() {
        this.getData();
    },
    getData() {
-      axios.get('/user/online').then(resp => {
+      axios.get('/user/online', 
        {
          params: {            
            search_cate: this.searchCate,
            search_text: this.searchText,
            show_sleeper: this.showSleeper,
            one_offline: this.loadingOneOffline
          }
        }
      ).then(resp => {
        var data = resp.data.data
        console.log(data);
        this.tableData = data.datas;
@@ -201,5 +293,23 @@ export default {
 </script>
 <style scoped>
-
+/deep/ .el-form .el-form-item__label,
 /deep/ .el-form .el-form-item__content,
 /deep/ .el-form .el-input,
 /deep/ .el-form .el-select,
 /deep/ .el-form .el-button,
 /deep/ .el-form .el-select-dropdown__item {
  font-size: 11px;
 }
 .el-select-dropdown .el-select-dropdown__item {
    font-size: 11px;
    padding: 0 10px;
 }
 /deep/ .el-input__inner{
    height: 30px;
    padding: 0 10px;
 }
 .extra-small-button {
  padding: 5px 10px;
 }
 </style>
--- a/web/src/plugins/request.js
+++ b/web/src/plugins/request.js
@@ -7,7 +7,7 @@ axios.defaults.headers.post['Content-Type'] = 'application/x-www-form-urlencoded
 if (process.env.NODE_ENV !== 'production') {
    // 开发环境
-    axios.defaults.baseURL = 'http://172.23.83.233:8800';
+    axios.defaults.baseURL = 'https://192.168.8.24:8800';
 }
 function request(vm) {
--- a/yarn.lock
+++ b/yarn.lock
@@ -1,4 +0,0 @@
 # THIS IS AN AUTOGENERATED FILE. DO NOT EDIT THIS FILE DIRECTLY.
 # yarn lockfile v1
Author	SHA1	Message	Date
bjdgyc	9d926edabb	内网域名	2024-04-25 10:18:40 +08:00
bjdgyc	7329603c47	Merge pull request #314 from bjdgyc/dev 支持分割DNS功能	2024-04-24 17:56:18 +08:00
bjdgyc	a7c6791c1e	支持分割DNS功能	2024-04-24 17:39:50 +08:00
bjdgyc	96c95bb6cd	更新版本	2024-04-24 15:27:53 +08:00
bjdgyc	6d3dab6798	Client-Bypass	2024-04-23 16:59:52 +08:00
bjdgyc	b313c6fa00	Client-Bypass	2024-04-23 16:59:14 +08:00
bjdgyc	75b138a7a8	Client-Bypass	2024-04-23 16:56:40 +08:00
bjdgyc	641d6127ba	修复acl样式	2024-04-22 17:41:18 +08:00
bjdgyc	2828d1038d	Merge pull request #313 from bjdgyc/dev 修复acl表结构	2024-04-22 17:04:37 +08:00
bjdgyc	cb902a6b9b	修复acl表结构	2024-04-22 16:47:06 +08:00
bjdgyc	1b066ef602	Merge pull request #312 from bjdgyc/dev 支持私有自签证书	2024-04-22 14:42:06 +08:00
bjdgyc	5e804a3483	支持私有自签证书	2024-04-22 14:40:03 +08:00
bjdgyc	6e0c0efa85	Merge pull request #310 from imhun/main acl支持逗号分隔多端口号配置	2024-04-11 11:40:39 +08:00
imhun	8f196cb4e2	Merge branch 'main' of https://github.com/imhun/anylink	2024-04-09 11:25:34 +08:00
imhun	9182ccfba2	兼容历史单端口配置	2024-04-09 11:23:13 +08:00
huweishan	39d89b8c84	兼容历史单端口配置	2024-04-09 10:33:30 +08:00
huweishan	24e30509e4	兼容历史单端口配置	2024-04-09 10:29:54 +08:00
huweishan	4f56ea49c3	ports保存为map 兼容老的配置数据	2024-04-08 19:34:11 +08:00
huweishan	e55b2b6f0a	支持连续端口	2024-04-08 16:16:45 +08:00
huweishan	15573a6ef3	支持连续端口,比如1234-5678	2024-04-08 16:13:52 +08:00
huweishan	38b8f0b2aa	ports初始化	2024-04-08 15:12:47 +08:00
huweishan	8df34428dd	acl支持逗号分隔多端口号配置	2024-04-08 14:54:09 +08:00
bjdgyc	26483533a9	修复关闭otp时,发送邮件附件的问题	2024-03-29 10:04:15 +08:00
bjdgyc	380a8cb3fb	添加文档	2024-03-27 15:11:36 +08:00
bjdgyc	fa5ced4660	Merge pull request #308 from bjdgyc/dev Dev	2024-03-26 16:28:49 +08:00
bjdgyc	bac497475f	全局开启服务器转发	2024-03-26 11:39:12 +08:00
bjdgyc	f43b413ed4	配置优化	2024-03-25 11:14:00 +08:00
bjdgyc	356e135ea1	配置优化	2024-03-24 17:59:41 +08:00
bjdgyc	e5c6533c9b	修复邮箱图片显示逻辑，兼容 google gmail	2024-03-22 16:45:11 +08:00
bjdgyc	8d92cac37d	Merge pull request #306 from bjdgyc/dev Dev	2024-03-21 18:19:52 +08:00
bjdgyc	eb7401f6e5	添加自定义首页状态码	2024-03-21 18:13:37 +08:00
bjdgyc	8777501391	添加自定义首页状态码	2024-03-21 18:09:47 +08:00
bjdgyc	2949ea2a89	Merge pull request #305 from bjdgyc/dev 修复心跳时间	2024-03-20 14:26:55 +08:00
bjdgyc	11f39d0b78	修复心跳时间	2024-03-20 14:23:56 +08:00
bjdgyc	bdc8e267a3	Merge pull request #304 from bjdgyc/dev Dev	2024-03-19 17:01:03 +08:00
bjdgyc	268e9c4e92	添加 xt_comment	2024-03-19 16:28:38 +08:00
bjdgyc	b3eb128dbd	优化日志输出	2024-03-19 11:23:03 +08:00
bjdgyc	ce89ea680b	优化日志输出	2024-03-19 11:22:20 +08:00
bjdgyc	fc3b39e09f	默认关闭 idle_timeout	2024-03-18 17:54:45 +08:00
bjdgyc	09160a6891	默认关闭 idle_timeout	2024-03-18 17:26:09 +08:00
bjdgyc	b059c555cf	fix	2024-03-18 13:28:57 +08:00
bjdgyc	8ea158a71e	Merge pull request #302 from bjdgyc/dev 0.11.3代码	2024-03-16 22:19:40 +08:00
bjdgy	3bb71b84b6	修改 readme	2024-03-16 22:02:52 +08:00
bjdgy	afec9af445	排除出口ip路由(出口ip不加密传输)	2024-03-16 21:42:59 +08:00
bjdgy	eb8d8f4171	添加 profile name(用于区分不同网站的配置)	2024-03-15 22:43:28 +08:00
bjdgy	632080c1d6	添加 profile name(用于区分不同网站的配置)	2024-03-15 22:33:17 +08:00
bjdgyc	cca9e377c5	修改编译脚本	2024-03-15 17:29:13 +08:00
bjdgyc	8455ef6ed4	fix	2024-03-15 10:29:55 +08:00
bjdgyc	ef05b9372a	修改 atomic 引用	2024-03-14 16:51:59 +08:00
bjdgyc	000b041578	修改 atomic 引用	2024-03-14 16:47:25 +08:00
bjdgyc	57a67ee030	fix	2024-03-12 18:25:03 +08:00
bjdgyc	a945c636f4	fix	2024-03-12 18:11:06 +08:00
bjdgyc	edf33ba4ae	修复mac手机版客户端重连的问题	2024-03-12 18:08:05 +08:00
bjdgy	03467e4f06	添加页尾版权	2024-03-10 21:34:43 +08:00
bjdgy	74782e883b	Merge remote-tracking branch 'origin/dev' into dev	2024-03-09 08:14:51 +08:00
bjdgy	ace4ef08d9	修复邮件 STARTTLS 协议	2024-03-09 08:13:56 +08:00
bjdgyc	2b24e53c24	Merge pull request #299 from itviewer/dev 添加 AnyLink 客户端 macOS 类型判断	2024-03-04 10:54:56 +08:00
XinJun Ma	a4fd1769a5	添加 AnyLink 客户端 macOS 类型判断	2024-03-02 10:07:26 +08:00
bjdgyc	0f8877bafc	修改 readme	2024-03-01 16:43:15 +08:00
bjdgyc	5ee3b3967a	修改 readme	2024-02-29 15:28:22 +08:00
bjdgyc	3c8d0c6d60	iptables 添加注释	2024-02-26 11:40:33 +08:00
bjdgyc	5a331e2125	iptables 添加注释	2024-02-26 11:10:33 +08:00
bjdgyc	a0e84312ba	默认关闭 DTLS	2024-02-26 10:22:13 +08:00
bjdgyc	098f321343	Merge pull request #298 from lanrenwo/add_online_search 新增在线用户的搜索和一键下线功能	2024-02-26 10:19:01 +08:00
lanrenwo	096b6f8f08	新增在线用户的搜索和一键下线功能	2024-02-23 21:42:13 +08:00
		`@@ -1,4 +0,0 @@`
			`# THIS IS AN AUTOGENERATED FILE. DO NOT EDIT THIS FILE DIRECTLY.`
			`# yarn lockfile v1`