7x31/anylink
1
0
Fork 0
mirror of https://github.com/bjdgyc/anylink.git synced 2025-09-28 16:15:17 +08:00
Code Issues Packages Projects Releases Wiki Activity

Compare commits

base: 7x31:v0.11.2
Branches Tags
7x31:main
7x31:v0.13.1 7x31:v0.12.2 7x31:v0.12.1 7x31:v0.11.4 7x31:v0.11.3 7x31:v0.11.2 7x31:v0.11.1 7x31:v0.10.1 7x31:v0.9.4 7x31:v0.9.3 7x31:v0.9.2-beta2 7x31:v0.9.2-beta1 7x31:v0.9.1-beta1 7x31:v0.8.1 7x31:v0.7.4 7x31:v0.7.3 7x31:v0.7.2 7x31:v0.7.1 7x31:v0.6.2 7x31:v0.6.1 7x31:v0.5.1 7x31:v0.4.2 7x31:v0.4.1 7x31:v0.3.3 7x31:v0.3.1 7x31:v0.2.1 7x31:v0.1.8 7x31:v0.1.7 7x31:v0.1.6 7x31:v0.1.0 7x31:v0.0.8 7x31:v0.0.6
...
compare: 7x31:v0.12.2
Branches Tags
7x31:main
7x31:v0.13.1 7x31:v0.12.2 7x31:v0.12.1 7x31:v0.11.4 7x31:v0.11.3 7x31:v0.11.2 7x31:v0.11.1 7x31:v0.10.1 7x31:v0.9.4 7x31:v0.9.3 7x31:v0.9.2-beta2 7x31:v0.9.2-beta1 7x31:v0.9.1-beta1 7x31:v0.8.1 7x31:v0.7.4 7x31:v0.7.3 7x31:v0.7.2 7x31:v0.7.1 7x31:v0.6.2 7x31:v0.6.1 7x31:v0.5.1 7x31:v0.4.2 7x31:v0.4.1 7x31:v0.3.3 7x31:v0.3.1 7x31:v0.2.1 7x31:v0.1.8 7x31:v0.1.7 7x31:v0.1.6 7x31:v0.1.0 7x31:v0.0.8 7x31:v0.0.6

92 Commits
v0.11.2 ... v0.12.2

Author SHA1 Message Date
bjdgyc
4b78232e1d 添加支持 radius 的 nasip 2024-09-10 13:12:01 +08:00
bjdgyc
00c5425990 Merge pull request #336 from bjdgyc/dev 
权限 添加拖拽功能
 2024-09-09 17:01:13 +08:00
bjdgyc
b45d5e4cfa 权限 添加拖拽功能 2024-09-09 16:55:13 +08:00
bjdgyc
e8a8773005 权限 添加拖拽功能 2024-09-09 16:52:32 +08:00
bjdgyc
2ba3625885 修复协议展示 2024-09-09 15:11:36 +08:00
bjdgyc
567f0e8adb 修复协议展示 2024-09-06 17:13:38 +08:00
bjdgyc
ad1885798b 添加acl协议支持 2024-09-04 17:00:29 +08:00
bjdgyc
76779de80a 添加acl协议支持 2024-09-04 16:59:16 +08:00
bjdgyc
5b498cbc59 添加acl协议支持 2024-09-04 13:13:31 +08:00
bjdgyc
cd21ffd7ab Merge pull request #335 from bjdgyc/go1.22 
升级go版本  添加acl协议支持
 2024-09-03 17:56:36 +08:00
bjdgyc
415f312f40 升级go版本 添加acl协议支持 2024-09-03 17:55:19 +08:00
bjdgyc
d796a6850a Merge pull request #334 from wsczx/dev 
邮件模板中增加LimitTime过期时间字段
 2024-09-02 10:37:07 +08:00
wsczx
7160c3cab7 邮件模板中增加LimitTime过期时间字段 2024-08-30 19:33:27 +08:00
bjdgyc
52329e8a2b Merge pull request #331 from wsczx/dev 
修复更换自定义首页状态码不生效的Bug
 2024-08-27 15:41:41 +08:00
wsczx
cbdf730481 修复更换自定义首页状态码不生效的Bug 2024-08-23 17:57:32 +08:00
bjdgyc
a5487771da 修复 ipv6 记录显示不全的问题 2024-08-22 16:51:13 +08:00
bjdgyc
ff9b7c7dcc 修复 ipv6 记录显示不全的问题 2024-08-19 15:11:13 +08:00
bjdgyc
262af4ac8e 修改readme 2024-08-16 16:55:13 +08:00
bjdgyc
71539ad09c 添加QQ群 2024-08-14 11:15:36 +08:00
bjdgyc
8232f79b4a 修改文档地址 2024-08-12 11:21:32 +08:00
bjdgyc
7c810d409b 添加 阿里云 镜像地址 2024-07-04 17:12:32 +08:00
bjdgyc
ed4e324e77 添加 阿里云 镜像地址 2024-07-04 17:07:46 +08:00
bjdgyc
726ae20f75 修复数字转换问题 2024-07-04 16:26:05 +08:00
bjdgyc
00bbbf414d 修复在线用户问题 2024-07-04 16:14:27 +08:00
bjdgyc
57e2f45398 修改readme 2024-05-07 14:56:36 +08:00
bjdgyc
01ab115956 Update README.md 2024-04-30 13:14:21 +08:00
bjdgyc
9a47714f3f 修改readme 2024-04-25 15:52:23 +08:00
bjdgyc
9d926edabb 内网域名 2024-04-25 10:18:40 +08:00
bjdgyc
7329603c47 Merge pull request #314 from bjdgyc/dev 
支持分割DNS功能
 2024-04-24 17:56:18 +08:00
bjdgyc
a7c6791c1e 支持分割DNS功能 2024-04-24 17:39:50 +08:00
bjdgyc
96c95bb6cd 更新版本 2024-04-24 15:27:53 +08:00
bjdgyc
6d3dab6798 Client-Bypass 2024-04-23 16:59:52 +08:00
bjdgyc
b313c6fa00 Client-Bypass 2024-04-23 16:59:14 +08:00
bjdgyc
75b138a7a8 Client-Bypass 2024-04-23 16:56:40 +08:00
bjdgyc
641d6127ba 修复acl样式 2024-04-22 17:41:18 +08:00
bjdgyc
2828d1038d Merge pull request #313 from bjdgyc/dev 
修复acl表结构
 2024-04-22 17:04:37 +08:00
bjdgyc
cb902a6b9b 修复acl表结构 2024-04-22 16:47:06 +08:00
bjdgyc
1b066ef602 Merge pull request #312 from bjdgyc/dev 
支持 私有自签证书
 2024-04-22 14:42:06 +08:00
bjdgyc
5e804a3483 支持 私有自签证书 2024-04-22 14:40:03 +08:00
bjdgyc
6e0c0efa85 Merge pull request #310 from imhun/main 
acl支持逗号分隔多端口号配置
 2024-04-11 11:40:39 +08:00
imhun
8f196cb4e2 Merge branch 'main' of https://github.com/imhun/anylink 2024-04-09 11:25:34 +08:00
imhun
9182ccfba2 兼容历史单端口配置 2024-04-09 11:23:13 +08:00
huweishan
39d89b8c84 兼容历史单端口配置 2024-04-09 10:33:30 +08:00
huweishan
24e30509e4 兼容历史单端口配置 2024-04-09 10:29:54 +08:00
huweishan
4f56ea49c3 ports保存为map 
兼容老的配置数据
 2024-04-08 19:34:11 +08:00
huweishan
e55b2b6f0a 支持连续端口 2024-04-08 16:16:45 +08:00
huweishan
15573a6ef3 支持连续端口,比如1234-5678 2024-04-08 16:13:52 +08:00
huweishan
38b8f0b2aa ports初始化 2024-04-08 15:12:47 +08:00
huweishan
8df34428dd acl支持逗号分隔多端口号配置 2024-04-08 14:54:09 +08:00
bjdgyc
26483533a9 修复 关闭otp时,发送邮件附件的问题 2024-03-29 10:04:15 +08:00
bjdgyc
380a8cb3fb 添加文档 2024-03-27 15:11:36 +08:00
bjdgyc
fa5ced4660 Merge pull request #308 from bjdgyc/dev 
Dev
 2024-03-26 16:28:49 +08:00
bjdgyc
bac497475f 全局 开启服务器转发 2024-03-26 11:39:12 +08:00
bjdgyc
f43b413ed4 配置优化 2024-03-25 11:14:00 +08:00
bjdgyc
356e135ea1 配置优化 2024-03-24 17:59:41 +08:00
bjdgyc
e5c6533c9b 修复邮箱图片显示逻辑,兼容 google gmail 2024-03-22 16:45:11 +08:00
bjdgyc
8d92cac37d Merge pull request #306 from bjdgyc/dev 
Dev
 2024-03-21 18:19:52 +08:00
bjdgyc
eb7401f6e5 添加自定义首页 状态码 2024-03-21 18:13:37 +08:00
bjdgyc
8777501391 添加自定义首页 状态码 2024-03-21 18:09:47 +08:00
bjdgyc
2949ea2a89 Merge pull request #305 from bjdgyc/dev 
修复心跳时间
 2024-03-20 14:26:55 +08:00
bjdgyc
11f39d0b78 修复心跳时间 2024-03-20 14:23:56 +08:00
bjdgyc
bdc8e267a3 Merge pull request #304 from bjdgyc/dev 
Dev
 2024-03-19 17:01:03 +08:00
bjdgyc
268e9c4e92 添加 xt_comment 2024-03-19 16:28:38 +08:00
bjdgyc
b3eb128dbd 优化 日志输出 2024-03-19 11:23:03 +08:00
bjdgyc
ce89ea680b 优化 日志输出 2024-03-19 11:22:20 +08:00
bjdgyc
fc3b39e09f 默认关闭 idle_timeout 2024-03-18 17:54:45 +08:00
bjdgyc
09160a6891 默认关闭 idle_timeout 2024-03-18 17:26:09 +08:00
bjdgyc
b059c555cf fix 2024-03-18 13:28:57 +08:00
bjdgyc
8ea158a71e Merge pull request #302 from bjdgyc/dev 
0.11.3代码
 2024-03-16 22:19:40 +08:00
bjdgy
3bb71b84b6 修改 readme 2024-03-16 22:02:52 +08:00
bjdgy
afec9af445 排除出口ip路由(出口ip不加密传输) 2024-03-16 21:42:59 +08:00
bjdgy
eb8d8f4171 添加 profile name(用于区分不同网站的配置) 2024-03-15 22:43:28 +08:00
bjdgy
632080c1d6 添加 profile name(用于区分不同网站的配置) 2024-03-15 22:33:17 +08:00
bjdgyc
cca9e377c5 修改编译脚本 2024-03-15 17:29:13 +08:00
bjdgyc
8455ef6ed4 fix 2024-03-15 10:29:55 +08:00
bjdgyc
ef05b9372a 修改 atomic 引用 2024-03-14 16:51:59 +08:00
bjdgyc
000b041578 修改 atomic 引用 2024-03-14 16:47:25 +08:00
bjdgyc
57a67ee030 fix 2024-03-12 18:25:03 +08:00
bjdgyc
a945c636f4 fix 2024-03-12 18:11:06 +08:00
bjdgyc
edf33ba4ae 修复mac手机版客户端重连的问题 2024-03-12 18:08:05 +08:00
bjdgy
03467e4f06 添加页尾版权 2024-03-10 21:34:43 +08:00
bjdgy
74782e883b Merge remote-tracking branch 'origin/dev' into dev 2024-03-09 08:14:51 +08:00
bjdgy
ace4ef08d9 修复邮件 STARTTLS 协议 2024-03-09 08:13:56 +08:00
bjdgyc
2b24e53c24 Merge pull request #299 from itviewer/dev 
添加 AnyLink 客户端 macOS 类型判断
 2024-03-04 10:54:56 +08:00
XinJun Ma
a4fd1769a5 添加 AnyLink 客户端 macOS 类型判断 2024-03-02 10:07:26 +08:00
bjdgyc
0f8877bafc 修改 readme 2024-03-01 16:43:15 +08:00
bjdgyc
5ee3b3967a 修改 readme 2024-02-29 15:28:22 +08:00
bjdgyc
3c8d0c6d60 iptables 添加注释 2024-02-26 11:40:33 +08:00
bjdgyc
5a331e2125 iptables 添加注释 2024-02-26 11:10:33 +08:00
bjdgyc
a0e84312ba 默认关闭 DTLS 2024-02-26 10:22:13 +08:00
bjdgyc
098f321343 Merge pull request #298 from lanrenwo/add_online_search 
新增在线用户的搜索和一键下线功能
 2024-02-26 10:19:01 +08:00
lanrenwo
096b6f8f08 新增在线用户的搜索和一键下线功能 2024-02-23 21:42:13 +08:00
59 changed files with 1882 additions and 983 deletions
Expand all files Collapse all files

1
.gitignore vendored
View File

@@ -2,6 +2,7 @@
.idea/
anylink-deploy
anylink-deploy.tar.gz
anylink-deploy-*
anylink
anylink.db

128
README.md
View File

@@ -23,10 +23,11 @@ AnyLink 是一个企业级远程办公 sslvpn 的软件,可以支持多人同
AnyLink 基于 [ietf-openconnect](https://tools.ietf.org/html/draft-mavrogiannopoulos-openconnect-02)
协议开发,并且借鉴了 [ocserv](http://ocserv.gitlab.io/www/index.html) 的开发思路,使其可以同时兼容 AnyConnect 客户端。
AnyLink 使用 TLS/DTLS 进行数据加密,因此需要 RSA 或 ECC 证书,可以通过 Let's Encrypt 和 TrustAsia 申请免费的 SSL 证书。
AnyLink 使用 TLS/DTLS 进行数据加密,因此需要 RSA 或 ECC 证书,可以使用私有自签证书,可以通过 Let's Encrypt 和 TrustAsia
申请免费的 SSL 证书。
AnyLink 服务端仅在 CentOS 7、CentOS 8、Ubuntu 18.04、Ubuntu 20.04 测试通过,如需要安装在其他系统,需要服务端支持 tun/tap
功能、ip 设置命令。
功能、ip 设置命令、iptables命令
## Screenshot
@@ -48,17 +49,24 @@ AnyLink 服务端仅在 CentOS 7、CentOS 8、Ubuntu 18.04、Ubuntu 20.04 测试
>
> https://github.com/bjdgyc/anylink/releases
>
> 如果不会安装可以提供有偿远程协助服务。添加QQ联系我 68492170
> https://gitee.com/bjdgyc/anylink/releases
>
> 如果不会安装,可以提供有偿远程协助服务(200 CNY)。添加QQ(68492170)联系我
>
> 也可以添加QQ群 咨询群内大佬
>
> 添加QQ群①: 567510628
>
> <img src="doc/screenshot/qq2.jpg" width="400" />
### 使用问题
> 对于测试环境,可以使用 vpn.test.vqilu.cn 绑定host进行测试
> 对于测试环境,可以直接进行测试,需要客户端取消勾选【阻止不受信任的服务器(Block connections to untrusted servers)】
>
> 对于线上环境,必须申请安全的 https 证书,不支持私有证书连接
> 对于线上环境,尽量申请安全的https证书(跟nginx使用的pem证书类型一致)
>
> 服务端安装 yum install iproute 或者 apt-get install iproute2
>
> 客户端请使用群共享文件的版本,其他版本没有测试过,不保证使用正常
> 群共享文件有相关客户端软件下载,其他版本没有测试过,不保证使用正常
>
> 其他问题 [前往查看](doc/question.md)
>
@@ -68,19 +76,23 @@ AnyLink 服务端仅在 CentOS 7、CentOS 8、Ubuntu 18.04、Ubuntu 20.04 测试
### 自行编译安装
> 需要提前安装好 golang >= 1.20 和 nodejs = 16.x 和 yarn >= v1.22.x
> 需要提前安装好 docker
```shell
git clone https://github.com/bjdgyc/anylink.git
# 编译参考软件版本
# docker编译 参考软件版本(不需要安装)
# go 1.20.12
# node v16.20.2
# yarn 1.22.19
cd anylink
sh build.sh
# 编译前端
bash build_web.sh
# 编译 anylink-deploy 发布文件
bash build.sh
# 注意使用root权限运行
cd anylink-deploy
@@ -102,10 +114,11 @@ sudo ./anylink
- [x] 兼容 AnyConnect
- [x] 兼容 OpenConnect
- [x] 基于 tun 设备的 nat 访问模式
- [x] 基于 tap 设备的桥接访问模式
- [x] 基于 tun 设备的桥接访问模式
- [x] 基于 macvtap 设备的桥接访问模式
- [x] 支持 [proxy protocol v1&v2](http://www.haproxy.org/download/2.2/doc/proxy-protocol.txt) 协议
- [x] 用户组支持
- [x] 用户组策略支持
- [x] 多用户支持
- [x] 用户策略支持
- [x] TOTP 令牌支持
@@ -113,10 +126,17 @@ sudo ./anylink
- [x] 流量速率限制
- [x] 后台管理界面
- [x] 访问权限管理
- [x] IP 访问审计功能
- [x] 用户活动审计功能
- [x] IP 访问审计功能(支持多端口、连续端口)
- [x] 域名动态拆分隧道(域名路由功能)
- [x] radius认证支持
- [x] LDAP认证支持
- [x] 空闲链接超时自动断开
- [x] 流量压缩功能
- [x] 出口 IP 自动放行
- [x] 支持多服务的配置区分
- [x] 支持私有自签证书
- [x] 支持内网域名解析(指定的域名走内网dns)
- [ ] 基于 ipvtap 设备的桥接访问模式
## Config
@@ -161,6 +181,16 @@ sudo ./anylink
## Setting
### 依赖设置
> 服务端依赖安装:
>
> centos: yum install iptables iproute
>
> ubuntu: apt-get install iptables iproute2
### link_mode 设置
> 以下参数必须设置其中之一
网络模式选择,需要配置 `link_mode` 参数,如 `link_mode="tun"`,`link_mode="macvtap"`,`link_mode="tap"(不推荐)` 等参数。
@@ -170,11 +200,13 @@ sudo ./anylink
IP 层的数据互相转换,性能会有所下降。 如果需要在虚拟机内开启 tap
模式,请确认虚拟机的网卡开启混杂模式。
### tun 设置
#### tun 设置
1. 开启服务器转发
```shell
# 新版本支持自动设置ip转发
# file: /etc/sysctl.conf
net.ipv4.ip_forward = 1
@@ -223,13 +255,49 @@ https://cloud.tencent.com/document/product/216/62007
3. 使用 AnyConnect 客户端连接即可
### macvtap 设置
#### 桥接设置
1. 设置配置文件
> macvtap 设置相对比较简单,只需要配置相应的参数即可。
>
> 网络要求:需要网络支持 ARP 传输,可通过 ARP 宣告普通内网 IP。
>
> 网络限制云环境下不能使用网卡mac加白环境不能使用802.1x认证网络不能使用
>
> 以下参数可以通过执行 `ip a` 查看
1.1 arp_proxy
```
# file: /etc/sysctl.conf
net.ipv4.conf.all.proxy_arp = 1
#执行如下命令
sysctl -w net.ipv4.conf.all.proxy_arp=1
配置文件修改:
# 首先关闭nat转发功能
iptables_nat = false
link_mode = "tun"
#内网主网卡名称
ipv4_master = "eth0"
#以下网段需要跟ipv4_master网卡设置成一样
ipv4_cidr = "10.1.2.0/24"
ipv4_gateway = "10.1.2.99"
ipv4_start = "10.1.2.100"
ipv4_end = "10.1.2.200"
```
1.2 macvtap
```
# 命令行执行 master网卡需要打开混杂模式
@@ -264,6 +332,7 @@ ipv4_end = "10.1.2.200"
- centos: `/usr/lib/systemd/system/`
- ubuntu: `/lib/systemd/system/`
3. 操作命令:
- 加载配置: `systemctl daemon-reload`
- 启动: `systemctl start anylink`
- 停止: `systemctl stop anylink`
- 开机自启: `systemctl enable anylink`
@@ -280,11 +349,24 @@ ipv4_end = "10.1.2.200"
## Docker
### anylink 镜像地址
对于国内用户,为提高镜像拉取体验,可以考虑拉取存放于阿里云镜像仓库的镜像,镜像名称及标签如下表所示(
具体版本号可以查看 `version` 文件):
| 支持设备/平台 | DockerHub | 阿里云镜像仓库 |
|:-------------:|:---------------------:|:---------------------------------------------------------------:|
| x86_64/amd64 | bjdgyc/anylink:latest | registry.cn-hangzhou.aliyuncs.com/bjdgyc/anylink:latest |
| x86_64/amd64 | bjdgyc/anylink:0.12.1 | registry.cn-hangzhou.aliyuncs.com/bjdgyc/anylink:0.12.1 |
| armv8/aarch64 | bjdgyc/anylink:latest | registry.cn-hangzhou.aliyuncs.com/bjdgyc/anylink:arm64v8-latest |
| armv8/aarch64 | bjdgyc/anylink:0.12.1 | registry.cn-hangzhou.aliyuncs.com/bjdgyc/anylink:arm64v8-0.12.1 |
1. 获取镜像
```bash
# 具体tag可以从docker hub获取
# https://hub.docker.com/r/bjdgyc/anylink/tags
docker pull bjdgyc/anylink:latest
docker pull registry.cn-hangzhou.aliyuncs.com/bjdgyc/anylink:latest
```
2. 查看命令信息
@@ -356,25 +438,29 @@ ipv4_end = "10.1.2.200"
请前往 [问题地址](doc/question.md) 查看具体信息
<!--
## Discussion
添加QQ群(1)(已满): 567510628
添加QQ群(2): 739072205
群共享文件有相关软件下载
<!--
添加微信群: 群共享文件有相关软件下载
![contact_me_qr](doc/screenshot/contact_me_qr.png)
-->
## Support Document
- [三方文档-男孩的天职](https://note.youdao.com/s/X4AxyWfL)
- [三方文档-issues](https://github.com/bjdgyc/anylink/issues)
- [三方文档-思有云](https://www.ioiox.com/archives/128.html)
- [三方文档-杨杨得亿](https://yangpin.link/archives/1897.html) [Windows电脑连接步骤-杨杨得亿](https://yangpin.link/archives/1697.html)
## Support Client
- [AnyConnect Secure Client](https://www.cisco.com/) (可通过群文件下载: Windows/macOS/Linux/Android/iOS)
- [OpenConnect](https://gitlab.com/openconnect/openconnect) (Windows/macOS/Linux)
- [AnyLink Secure Client](https://github.com/tlslink/anylink-client) (Windows/macOS/Linux)
- [三方 AnyLink Secure Client](https://github.com/tlslink/anylink-client) (Windows/macOS/Linux)
- 【推荐】三方客户端下载地址(Windows/macOS/Linux/Android/iOS) [国内地址](https://ocserv.yydy.link:2023) [国外地址](https://cisco.yydy.link/#/)
## Contribution

65
build.sh
View File

@@ -1,65 +1,28 @@
#!/bin/bash
set -x
function RETVAL() {
rt=$1
if [ $rt != 0 ]; then
echo $rt
exit 1
fi
}
#当前目录
cpath=$(pwd)
#ver=`cat server/base/app_ver.go | grep APP_VER | awk '{print $3}' | sed 's/"//g'`
ver=$(cat version)
echo "当前版本 $ver"
echo $ver
echo "编译前端项目"
cd $cpath/web
#前端编译 仅需要执行一次
#bash ./build_web.sh
#国内可替换源加快速度
#npx browserslist@latest --update-db
yarn install --registry=https://registry.npmmirror.com
yarn run build
RETVAL $?
bash build_docker.sh
echo "编译二进制文件"
cd $cpath/server
rm -rf ui
cp -rf $cpath/web/ui .
deploy="anylink-deploy-$ver"
docker container rm $deploy
docker container create --name $deploy bjdgyc/anylink:$ver
rm -rf anylink-deploy anylink-deploy.tar.gz
docker cp -a $deploy:/app ./anylink-deploy
tar zcf ${deploy}.tar.gz anylink-deploy
# -tags osusergo,netgo,sqlite_omit_load_extension
flags="-v -trimpath"
# -extldflags '-static'
ldflags="-s -w -X main.appVer=$ver -X main.commitId=$(git rev-parse HEAD) -X main.date=$(date -Iseconds)"
./anylink-deploy/anylink -v
#国内可替换源加快速度
export GOPROXY=https://goproxy.io
go mod tidy
go build -o anylink $flags -ldflags "$ldflags"
cd $cpath
echo "anylink 编译完成,目录: anylink-deploy"
ls -lh anylink-deploy
exit 0
echo "整理部署文件"
deploy="anylink-deploy"
rm -rf $deploy ${deploy}.tar.gz
mkdir $deploy
mkdir $deploy/log
cp -r server/anylink $deploy
cp -r server/bridge-init.sh $deploy
cp -r server/conf $deploy
cp -r systemd $deploy
cp -r LICENSE $deploy
cp -r home $deploy
tar zcvf ${deploy}.tar.gz $deploy
#注意使用root权限运行
#cd anylink-deploy
#sudo ./anylink --conf="conf/server.toml"

16
build_docker.sh
View File

@@ -8,18 +8,16 @@ echo $ver
# 生成时间 2024-01-30T21:41:27+08:00
# date -Iseconds
#docker run -it --rm -v $PWD/web:/app -w /app node:16-alpine \
# sh -c "yarn install --registry=https://registry.npmmirror.com && yarn run build"
#bash ./build_web.sh
# docker buildx build --platform linux/amd64,linux/arm64 本地不生成镜像
docker build -t bjdgyc/anylink:latest --progress=plain --build-arg CN="yes" --build-arg appVer=$ver \
--build-arg commitId=$(git rev-parse HEAD) -f docker/Dockerfile .
# docker buildx build --platform linux/amd64,linux/arm64,linux/arm/v7 本地不生成镜像
docker build -t bjdgyc/anylink:latest --no-cache --progress=plain \
--build-arg CN="yes" --build-arg appVer=$ver --build-arg commitId=$(git rev-parse HEAD) \
-f docker/Dockerfile .
echo "docker tag latest $ver"
docker tag bjdgyc/anylink:latest bjdgyc/anylink:$ver
#exit 0
docker tag bjdgyc/anylink:latest registry.cn-qingdao.aliyuncs.com/bjdgyc/anylink:latest
docker push registry.cn-qingdao.aliyuncs.com/bjdgyc/anylink:latest
# docker tag bjdgyc/anylink:$ver registry.cn-hangzhou.aliyuncs.com/bjdgyc/anylink:test-$ver
# docker push registry.cn-hangzhou.aliyuncs.com/bjdgyc/anylink:test-$ver

73
build_test.sh Normal file
View File

@@ -0,0 +1,73 @@
#!/bin/bash
#github action release.sh
set -x
function RETVAL() {
rt=$1
if [ $rt != 0 ]; then
echo $rt
exit 1
fi
}
#当前目录
cpath=$(pwd)
ver=$(cat version)
echo $ver
#前端编译 仅需要执行一次
#bash ./build_web.sh
echo "copy二进制文件"
# -tags osusergo,netgo,sqlite_omit_load_extension
flags="-trimpath"
ldflags="-s -w -extldflags '-static' -X main.appVer=$ver -X main.commitId=$(git rev-parse HEAD) -X main.buildDate=$(date --iso-8601=seconds)"
#github action
gopath=/go
dockercmd=$(
cat <<EOF
sed -i 's/dl-cdn.alpinelinux.org/mirrors.ustc.edu.cn/g' /etc/apk/repositories
apk add gcc g++ musl musl-dev tzdata
export GOPROXY=https://goproxy.cn
go mod tidy
echo "build:"
rm anylink
export CGO_ENABLED=1
go build -v -o anylink $flags -ldflags "$ldflags"
./anylink -v
EOF
)
# golang:1.20-alpine3.19
#使用 musl-dev 编译
docker run -q --rm -v $PWD/server:/app -v $gopath:/go -w /app --platform=linux/amd64 \
golang:1.22-alpine3.19 sh -c "$dockercmd"
#arm64编译
#docker run -q --rm -v $PWD/server:/app -v $gopath:/go -w /app --platform=linux/arm64 \
# golang:1.20-alpine3.19 go build -o anylink_arm64 $flags -ldflags "$ldflags"
#exit 0
#cd $cpath
echo "整理部署文件"
rm -rf anylink-deploy anylink-deploy.tar.gz
mkdir anylink-deploy
mkdir anylink-deploy/log
cp -r server/anylink anylink-deploy
cp -r server/conf anylink-deploy
cp -r index_template anylink-deploy
cp -r deploy anylink-deploy
cp -r LICENSE anylink-deploy
tar zcvf anylink-deploy.tar.gz anylink-deploy
#注意使用root权限运行
#cd anylink-deploy
#sudo ./anylink --conf="conf/server.toml"

9
build_web.sh Normal file
View File

@@ -0,0 +1,9 @@
#!/bin/bash
rm -rf web/ui server/ui
docker run -it --rm -v $PWD/web:/app -w /app node:16-alpine \
sh -c "yarn install --registry=https://registry.npmmirror.com && yarn run build"
cp -r web/ui server/ui

27
deploy_docker_cn.sh Normal file
View File

@@ -0,0 +1,27 @@
#!/bin/bash
ver=$(cat version)
echo $ver
echo "docker tag latest $ver"
docker pull --platform=linux/amd64 bjdgyc/anylink:$ver
docker tag bjdgyc/anylink:$ver registry.cn-hangzhou.aliyuncs.com/bjdgyc/anylink:latest
docker push registry.cn-hangzhou.aliyuncs.com/bjdgyc/anylink:latest
docker tag bjdgyc/anylink:$ver registry.cn-hangzhou.aliyuncs.com/bjdgyc/anylink:$ver
docker push registry.cn-hangzhou.aliyuncs.com/bjdgyc/anylink:$ver
docker rmi bjdgyc/anylink:$ver
#arm64
docker pull --platform=linux/arm64 bjdgyc/anylink:$ver
docker tag bjdgyc/anylink:$ver registry.cn-hangzhou.aliyuncs.com/bjdgyc/anylink:arm64v8-latest
docker push registry.cn-hangzhou.aliyuncs.com/bjdgyc/anylink:arm64v8-latest
docker tag bjdgyc/anylink:$ver registry.cn-hangzhou.aliyuncs.com/bjdgyc/anylink:arm64v8-$ver
docker push registry.cn-hangzhou.aliyuncs.com/bjdgyc/anylink:arm64v8-$ver
docker rmi bjdgyc/anylink:$ver

71
doc/README.md
View File

@@ -12,38 +12,45 @@
>
> 需要展示主页的同学可以在QQ群 直接联系我添加。
| 昵称 | 主页 / 联系方式 |
|-----------|------------------------------|
| 代码 oo8 | |
| 甘磊 | https://github.com/ganlei333 |
| Oo@ | https://github.com/chooop |
| 虚极静笃 | |
| 请喝可乐 | |
| 加油加油 | |
| 李建 | |
| lanbin | |
| 乐在东途 | |
| 孤鸿 | |
| 刘国华 | |
| 改名好无聊 | |
| 全能互联网专家 | |
| JCM | |
| Eh... | |
| 沉 | |
| 刘国华 | |
| 忧郁的豚骨拉面 | |
| 张小旋当爹地 | |
| 对方正在输入 | |
| Ronny | |
| 奔跑的少年 | |
| ZBW | |
| 悲鸣 | |
| 谢谢 | |
| 云思科技 | |
| 哆啦A伟(张佳伟) | |
| 人类的悲欢并不相通 | |
| 做人要低调 | |
| 洛洛 | |
| 昵称 | 主页 / 联系方式 |
|-------------|------------------------------|
| 代码 oo8 | |
| 甘磊 | https://github.com/ganlei333 |
| Oo@ | https://github.com/chooop |
| 虚极静笃 | |
| 请喝可乐 | |
| 加油加油 | |
| 李建 | |
| lanbin | |
| 乐在东途 | |
| 孤鸿 | |
| 刘国华 | |
| 改名好无聊 | |
| 全能互联网专家 | |
| JCM | |
| Eh... | |
| 沉 | |
| 刘国华 | |
| 忧郁的豚骨拉面 | |
| 张小旋当爹地 | |
| 对方正在输入 | |
| Ronny | |
| 奔跑的少年 | |
| ZBW | |
| 悲鸣 | |
| 谢谢 | |
| 云思科技 | |
| 哆啦A伟(张佳伟) | |
| 人类的悲欢并不相通 | |
| 做人要低调 | |
| 洛洛 | |
| Dragon Liao | |
| 诸葛御风 | |
| 杨杨得亿 | |
| Thanataos | |
| 憨大叔 | |
| 明月 | |
| Amis | |

4
doc/question.md
View File

@@ -10,6 +10,10 @@
> 请使用手机安装 freeotp 然后扫描otp二维码生成的数字即是动态码
### 用户策略问题
> 只要有用户策略,组策略就不生效,相当于覆盖了组策略的配置
### 远程桌面连接
> 本软件已经支持远程桌面里面连接anyconnect。

BIN
doc/screenshot/qq2.jpg Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 102 KiB

3
docker/Dockerfile
View File

@@ -13,7 +13,8 @@
# 需要先编译出ui文件后 再执行docker编译
# server
FROM golang:1.20-alpine3.19 as builder_golang
# golang:1.20-alpine3.19
FROM golang:1.22-alpine3.19 as builder_golang
ARG CN="no"
ARG appVer="appVer"

5
docker/init_build.sh
View File

@@ -4,7 +4,8 @@ set -x
#TODO 本地打包时使用镜像
if [[ $CN == "yes" ]]; then
sed -i 's/dl-cdn.alpinelinux.org/mirrors.tuna.tsinghua.edu.cn/g' /etc/apk/repositories
#sed -i 's/dl-cdn.alpinelinux.org/mirrors.tuna.tsinghua.edu.cn/g' /etc/apk/repositories
sed -i 's/dl-cdn.alpinelinux.org/mirrors.ustc.edu.cn/g' /etc/apk/repositories
export GOPROXY=https://goproxy.cn
fi
@@ -20,7 +21,7 @@ go mod tidy
echo "start build"
ldflags="-s -w -X main.appVer=$appVer -X main.commitId=$commitId -X main.buildDate=$(date -Iseconds) -extldflags '-static' "
ldflags="-s -w -X main.appVer=$appVer -X main.commitId=$commitId -X main.buildDate=$(date -Iseconds) -extldflags \"-static\" "
export CGO_ENABLED=1
go build -v -o anylink -trimpath -ldflags "$ldflags"

11
docker/init_release.sh
View File

@@ -4,16 +4,21 @@ set -x
#TODO 本地打包时使用镜像
if [[ $CN == "yes" ]]; then
sed -i 's/dl-cdn.alpinelinux.org/mirrors.tuna.tsinghua.edu.cn/g' /etc/apk/repositories
#sed -i 's/dl-cdn.alpinelinux.org/mirrors.tuna.tsinghua.edu.cn/g' /etc/apk/repositories
sed -i 's/dl-cdn.alpinelinux.org/mirrors.ustc.edu.cn/g' /etc/apk/repositories
export GOPROXY=https://goproxy.cn
fi
# docker 启动使用 4.19 以上内核
apk add --no-cache ca-certificates bash iproute2 tzdata iptables
# alpine:3.19 兼容老版 iptables
apk add --no-cache iptables iptables-legacy
apk add --no-cache iptables-legacy
rm /sbin/iptables
ln -s /sbin/iptables-legacy /sbin/iptables
apk add --no-cache ca-certificates bash iproute2 tzdata
chmod +x /app/docker_entrypoint.sh
mkdir /app/log

165
index_template/自定义首页2.html Normal file
View File

@@ -0,0 +1,165 @@
<!DOCTYPE html>
<html lang="zh-CN">
<head>
<meta charset=UTF-8">
<title id="pageTitle">客户端下载</title>
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<style type="text/css">
body {
background-color: #fff;
background-image: linear-gradient(0deg, transparent 24%, rgba(207, 207, 207, 0.2) 25%, rgba(207, 207, 207, 0.2) 26%, transparent 27%, transparent 74%, rgba(207, 207, 207, 0.2) 75%, rgba(207, 207, 207, 0.2) 76%, transparent 77%, transparent),
linear-gradient(90deg, transparent 24%, rgba(207, 207, 207, 0.2) 25%, rgba(207, 207, 207, 0.2) 26%, transparent 27%, transparent 74%, rgba(207, 207, 207, 0.2) 75%, rgba(207, 207, 207, 0.2) 76%, transparent 77%, transparent);
background-size: 50px 50px;
margin: 0;
padding: 0;
display: flex;
justify-content: center;
align-items: center;
height: 100vh;
}
#box {
background-color: #ffffff;
box-shadow: 0 0 10px rgba(0, 0, 0, 0.1);
position: relative;
padding: 20px;
border-radius: 8px;
max-width: 550px;
width: 100%;
box-sizing: border-box;
}
h2 {
color: #333;
font-weight: 600;
font-size: 28px;
margin: 0 0 20px 0;
}
p {
color: #666;
font-size: 16px;
line-height: 1.6;
margin-top: 20px;
}
.button {
background-color: #ddd;
text-decoration: none;
line-height: 44px;
padding: 9px 42px;
font-weight: 500;
color: #fff;
font-size: 16px;
-webkit-transition: background-color 0.25s ease-out 0s;
-moz-transition: background-color 0.25s ease-out 0s;
transition: background-color 0.25s ease-out 0s;
-moz-border-radius: 4px;
-webkit-border-radius: 4px;
border-radius: 4px;
}
.button:hover {
background-color: #CCC;
color: #444;
}
.button:active {
background-color: #666;
color: #eee;
}
.blue {
background-color: #007BFF;
}
.deep-blue {
background-color: #0056B3;
}
.green {
background-color: #28A745;
}
.grey {
background-color: #6C757D;
}
.black {
background-color: #343A40;
}
.light-blue {
background-color: #17A2B8;
}
.dark-grey {
background-color: #495057;
}
@media (max-width: 768px) {
h2 {
font-size: 24px;
}
p {
font-size: 14px;
}
.button {
padding: 7px 35px;
}
}
</style>
</head>
<body>
<div id="app">
<div id="box">
<h2 id="title">请选择对应平台下载</h2>
<p id="windowsTab">Windows 系统</p>
<a id="linkWindowsX86_64" class="button blue" href="#">Win X86_64</a>
<a id="linkWindowsARM64" class="button deep-blue" href="#">Win ARM64</a>
<p id="mobileTab">移动端</p>
<a id="linkAndroid" class="button green" href="#">Android</a>
<a id="linkIphone" class="button grey" href="#" target="_blank">iPhone</a>
<p id="macOSTab">MacOS 系统</p>
<a id="linkMacos" class="button black" href="#">Mac Intel</a>
<a id="linkMacosARM64" class="button blue" href="#">Mac ARM64</a>
<p id="totpTab">TOTP 移动客户端</p>
<a id="linkTotpAndroid" class="button light-blue" href="#">Android</a>
<a id="linkTotpIphone" class="button dark-grey" href="#" target="_blank">iPhone</a>
</div>
</div>
<script>
const data = {
links: {
windowsX86_64: '/files/anyconnect-win-4.10.05111.msi',
windowsARM64: '/files/anyconnect-win-4.10.05111.msi',
android: '/files/CiscoSecureClientAnyConnect_v5.0.00247.apk',
iphone: 'https://apps.apple.com/cn/app/cisco-anyconnect/id1135064690',
macosIntel: '/files/anyconnect-macos-4.10.05111.dmg',
macosARM64: '/files/anyconnect-macos-4.10.05111.dmg',
totpAndroid: '/files/Authenticator_v5.10_apkpure.com.apk',
totpIphone: 'https://apps.apple.com/cn/app/google-authenticator/id388497605',
}
};
window.onload = function () {
document.getElementById('linkWindowsX86_64').href = data.links.windowsX86_64;
document.getElementById('linkWindowsARM64').href = data.links.windowsARM64;
document.getElementById('linkAndroid').href = data.links.android;
document.getElementById('linkIphone').href = data.links.iphone;
document.getElementById('linkMacos').href = data.links.macosIntel;
document.getElementById('linkMacosARM64').href = data.links.macosARM64;
document.getElementById('linkTotpAndroid').href = data.links.totpAndroid;
document.getElementById('linkTotpIphone').href = data.links.totpIphone;
};
</script>
</body>
</html>

74
release_test.sh
View File

@@ -1,74 +0,0 @@
#!/bin/bash
#github action release.sh
set -x
function RETVAL() {
rt=$1
if [ $rt != 0 ]; then
echo $rt
exit 1
fi
}
#当前目录
cpath=$(pwd)
ver=$(cat version)
echo $ver
echo "copy二进制文件"
cd $cpath/server
# -tags osusergo,netgo,sqlite_omit_load_extension
flags="-trimpath"
ldflags="-s -w -extldflags '-static' -X main.appVer=$ver -X main.commitId=$(git rev-parse HEAD) -X main.buildDate=$(date --iso-8601=seconds)"
#github action
gopath=/go
dockercmd=$(
cat <<EOF
sed -i 's/dl-cdn.alpinelinux.org/mirrors.tuna.tsinghua.edu.cn/g' /etc/apk/repositories
apk add gcc g++ musl musl-dev tzdata
export GOPROXY=https://goproxy.cn
go mod tidy
echo "build:"
export CGO_ENABLED=1
go build -v -o anylink_amd64 $flags -ldflags "$ldflags"
./anylink_amd64 -v
EOF
)
#使用 musl-dev 编译
docker run -q --rm -v $PWD:/app -v $gopath:/go -w /app --platform=linux/amd64 \
golang:1.20-alpine3.19 sh -c "$dockercmd"
exit 0
#arm64编译
docker run -q --rm -v $PWD:/app -v $gopath:/go -w /app --platform=linux/arm64 \
golang:1.20-alpine3.19 go build -o anylink_arm64 $flags -ldflags "$ldflags"
./anylink_arm64 -v
exit 0
cd $cpath
echo "整理部署文件"
deploy="anylink-deploy"
rm -rf $deploy ${deploy}.tar.gz
mkdir $deploy
mkdir $deploy/log
cp -r server/anylink $deploy
cp -r server/bridge-init.sh $deploy
cp -r server/conf $deploy
cp -r systemd $deploy
cp -r LICENSE $deploy
cp -r home $deploy
tar zcvf ${deploy}.tar.gz $deploy
#注意使用root权限运行
#cd anylink-deploy
#sudo ./anylink --conf="conf/server.toml"

1
server/admin/api_base.go
View File

@@ -84,6 +84,7 @@ func authMiddleware(next http.Handler) http.Handler {
w.Header().Set("Access-Control-Allow-Methods", "GET,POST,OPTIONS")
w.Header().Set("Access-Control-Allow-Headers", "*")
if r.Method == http.MethodOptions {
// w.WriteHeader(http.StatusOK)
// 正式环境不支持 OPTIONS
w.WriteHeader(http.StatusForbidden)
return

4
server/admin/api_group.go
View File

@@ -75,6 +75,10 @@ func GroupDetail(w http.ResponseWriter, r *http.Request) {
if len(data.Auth) == 0 {
data.Auth["type"] = "local"
}
// 兼容旧数据
if data.SplitDns == nil {
data.SplitDns = []dbdata.ValData{}
}
RespSucess(w, data)
}

37
server/admin/api_user.go
View File

@@ -17,6 +17,7 @@ import (
"github.com/bjdgyc/anylink/dbdata"
"github.com/bjdgyc/anylink/sessdata"
"github.com/skip2/go-qrcode"
mail "github.com/xhit/go-simple-mail/v2"
)
func UserList(w http.ResponseWriter, r *http.Request) {
@@ -179,7 +180,15 @@ func userOtpQr(uid int, b64 bool) (string, error) {
// 在线用户
func UserOnline(w http.ResponseWriter, r *http.Request) {
datas := sessdata.OnlineSess()
_ = r.ParseForm()
search_cate := r.FormValue("search_cate")
search_text := r.FormValue("search_text")
show_sleeper := r.FormValue("show_sleeper")
showSleeper, _ := strconv.ParseBool(show_sleeper)
// one_offline := r.FormValue("one_offline")
// datas := sessdata.OnlineSess()
datas := sessdata.GetOnlineSess(search_cate, search_text, showSleeper)
data := map[string]interface{}{
"count": len(datas),
@@ -211,8 +220,10 @@ type userAccountMailData struct {
Username string
Nickname string
PinCode string
LimitTime string
OtpImg string
OtpImgBase64 string
DisableOtp bool
}
func userAccountMail(user *dbdata.User) error {
@@ -264,7 +275,15 @@ func userAccountMail(user *dbdata.User) error {
PinCode: user.PinCode,
OtpImg: fmt.Sprintf("https://%s/otp_qr?id=%d&jwt=%s", setting.LinkAddr, user.Id, tokenString),
OtpImgBase64: "data:image/png;base64," + otpData,
DisableOtp: user.DisableOtp,
}
if user.LimitTime == nil {
data.LimitTime = "无限制"
} else {
data.LimitTime = user.LimitTime.Local().Format("2006-01-02")
}
w := bytes.NewBufferString("")
t, _ := template.New("auth_complete").Parse(htmlBody)
err = t.Execute(w, data)
@@ -272,5 +291,19 @@ func userAccountMail(user *dbdata.User) error {
return err
}
// fmt.Println(w.String())
return SendMail(base.Cfg.Issuer+"平台通知", user.Email, w.String())
var attach *mail.File
if user.DisableOtp {
attach = nil
} else {
imgData, _ := userOtpQr(user.Id, false)
attach = &mail.File{
MimeType: "image/png",
Name: "userOtpQr.png",
Data: []byte(imgData),
Inline: true,
}
}
return SendMail(base.Cfg.Issuer, user.Email, w.String(), attach)
}

8
server/admin/common.go
View File

@@ -43,7 +43,7 @@ func GetJwtData(jwtToken string) (map[string]interface{}, error) {
return claims, nil
}
func SendMail(subject, to, htmlBody string) error {
func SendMail(subject, to, htmlBody string, attach *mail.File) error {
dataSmtp := &dbdata.SettingSmtp{}
err := dbdata.SettingGet(dataSmtp)
@@ -73,7 +73,7 @@ func SendMail(subject, to, htmlBody string) error {
// - PLAIN (default)
// - LOGIN
// - CRAM-MD5
server.Authentication = mail.AuthPlain
server.Authentication = mail.AuthAuto
// Variable to keep alive connection
server.KeepAlive = false
@@ -102,6 +102,10 @@ func SendMail(subject, to, htmlBody string) error {
AddTo(to).
SetSubject(subject)
if attach != nil {
email.Attach(attach)
}
email.SetBody(mail.TextHTML, htmlBody)
// Call Send and pass the client

6
server/admin/server.go
View File

@@ -111,12 +111,6 @@ func StartAdmin() {
selectedCipherSuites = append(selectedCipherSuites, s.ID)
}
if tlscert, _, err := dbdata.ParseCert(); err != nil {
base.Fatal("证书加载失败", err)
} else {
dbdata.LoadCertificate(tlscert)
}
// 设置tls信息
tlsConfig := &tls.Config{
NextProtos: []string{"http/1.1"},

1
server/base/cfg.go
View File

@@ -33,6 +33,7 @@ type ServerConfig struct {
// LinkAddr string `json:"link_addr"`
Conf string `json:"conf"`
Profile string `json:"profile"`
ProfileName string `json:"profile_name"`
ServerAddr string `json:"server_addr"`
ServerDTLSAddr string `json:"server_dtls_addr"`
ServerDTLS bool `json:"server_dtls"`

13
server/base/config.go
View File

@@ -22,8 +22,9 @@ type config struct {
var configs = []config{
{Typ: cfgStr, Name: "conf", Usage: "config file", ValStr: "./conf/server.toml", Short: "c"},
{Typ: cfgStr, Name: "profile", Usage: "profile.xml file", ValStr: "./conf/profile.xml"},
{Typ: cfgStr, Name: "profile_name", Usage: "profile name(用于区分不同服务端的配置)", ValStr: "anylink"},
{Typ: cfgStr, Name: "server_addr", Usage: "TCP服务监听地址(任意端口)", ValStr: ":443"},
{Typ: cfgBool, Name: "server_dtls", Usage: "开启DTLS", ValBool: true},
{Typ: cfgBool, Name: "server_dtls", Usage: "开启DTLS", ValBool: false},
{Typ: cfgStr, Name: "server_dtls_addr", Usage: "DTLS监听地址(任意端口)", ValStr: ":443"},
{Typ: cfgStr, Name: "admin_addr", Usage: "后台服务监听地址", ValStr: ":8800"},
{Typ: cfgBool, Name: "proxy_protocol", Usage: "TCP代理协议", ValBool: false},
@@ -53,12 +54,12 @@ var configs = []config{
{Typ: cfgInt, Name: "ip_lease", Usage: "IP租期(秒)", ValInt: 86400},
{Typ: cfgInt, Name: "max_client", Usage: "最大用户连接", ValInt: 200},
{Typ: cfgInt, Name: "max_user_client", Usage: "最大单用户连接", ValInt: 3},
{Typ: cfgInt, Name: "cstp_keepalive", Usage: "keepalive时间(秒)", ValInt: 5},
{Typ: cfgInt, Name: "cstp_dpd", Usage: "死链接检测时间(秒)", ValInt: 12},
{Typ: cfgInt, Name: "mobile_keepalive", Usage: "移动端keepalive接检测时间(秒)", ValInt: 10},
{Typ: cfgInt, Name: "mobile_dpd", Usage: "移动端死链接检测时间(秒)", ValInt: 22},
{Typ: cfgInt, Name: "cstp_keepalive", Usage: "keepalive时间(秒)", ValInt: 3},
{Typ: cfgInt, Name: "cstp_dpd", Usage: "死链接检测时间(秒)", ValInt: 20},
{Typ: cfgInt, Name: "mobile_keepalive", Usage: "移动端keepalive接检测时间(秒)", ValInt: 4},
{Typ: cfgInt, Name: "mobile_dpd", Usage: "移动端死链接检测时间(秒)", ValInt: 60},
{Typ: cfgInt, Name: "mtu", Usage: "最大传输单元MTU", ValInt: 1460},
{Typ: cfgInt, Name: "idle_timeout", Usage: "空闲链接超时时间(秒)-超时后断开链接0关闭此功能", ValInt: 1800},
{Typ: cfgInt, Name: "idle_timeout", Usage: "空闲链接超时时间(秒)-超时后断开链接0关闭此功能", ValInt: 0},
{Typ: cfgInt, Name: "session_timeout", Usage: "session过期时间(秒)-用于断线重连0永不过期", ValInt: 3600},
// {Typ: cfgInt, Name: "auth_timeout", Usage: "auth_timeout", ValInt: 0},
{Typ: cfgInt, Name: "audit_interval", Usage: "审计去重间隔(秒),-1关闭", ValInt: 600},

9
server/base/mod.go
View File

@@ -58,10 +58,9 @@ func CheckModOrLoad(mod string) {
// 文件存在
return
}
err = fmt.Errorf("[error] Linux tunFile is null %s", tunPath)
log.Println(err)
return
// panic(err)
// err = fmt.Errorf("[error] Linux tunFile is null %s", tunPath)
// log.Println(err)
// return
}
if InContainer {
@@ -76,7 +75,7 @@ func CheckModOrLoad(mod string) {
cmd := exec.Command("sh", "-c", cmdstr)
b, err := cmd.CombinedOutput()
if err != nil {
log.Println(string(b))
log.Println(mod, string(b))
panic(err)
}
}

1
server/conf/profile.xml
View File

@@ -9,6 +9,7 @@
<RestrictTunnelProtocols>IPSec</RestrictTunnelProtocols>
<BypassDownloader>true</BypassDownloader>
<AutoUpdate UserControllable="false">false</AutoUpdate>
<LocalLanAccess UserControllable="true">true</LocalLanAccess>
<WindowsVPNEstablishment>AllowRemoteUsers</WindowsVPNEstablishment>
<LinuxVPNEstablishment>AllowRemoteUsers</LinuxVPNEstablishment>
<CertEnrollmentPin>pinAllowed</CertEnrollmentPin>

35
server/conf/server-sample.toml
View File

@@ -11,7 +11,16 @@ cert_file = "./conf/vpn_cert.pem"
cert_key = "./conf/vpn_cert.key"
files_path = "./conf/files"
profile = "./conf/profile.xml"
#日志目录,为空写入标准输出
#profile name(用于区分不同服务端的配置)
#客户端存放位置
#Windows 10
#%ProgramData%Cisco\Cisco AnyConnect Secure Mobility Client\Profile
#Mac Os X
#/opt/cisco/anyconnect/profile
#Linux
#/opt/cisco/anyconnect/profile
profile_name = "anylink"
#日志目录,默认为空写入标准输出
#log_path = "./log"
log_path = ""
log_level = "debug"
@@ -32,7 +41,7 @@ jwt_secret = "abcdef.0123456789.abcdef"
#TCP服务监听地址(任意端口)
server_addr = ":443"
#开启 DTLS
server_dtls = true
server_dtls = false
#UDP监听地址(任意端口)
server_dtls_addr = ":443"
#后台服务监听地址
@@ -44,6 +53,7 @@ proxy_protocol = false
link_mode = "tun"
#客户端分配的ip地址池
#docker环境一般默认 eth0其他情况根据实际网卡信息填写
ipv4_master = "eth0"
ipv4_cidr = "192.168.90.0/24"
ipv4_gateway = "192.168.90.1"
@@ -61,10 +71,16 @@ ip_lease = 86400
default_group = "one"
#客户端失效检测时间(秒) dpd > keepalive
cstp_keepalive = 5
cstp_dpd = 12
mobile_keepalive = 10
mobile_dpd = 22
cstp_keepalive = 3
cstp_dpd = 20
mobile_keepalive = 4
mobile_dpd = 60
# 根据实际情况修改
#cstp_keepalive = 20
#cstp_dpd = 30
#mobile_keepalive = 40
#mobile_dpd = 60
#设置最大传输单元
mtu = 1460
@@ -74,10 +90,10 @@ default_domain = "example.com"
#default_domain = "example.com abc.example.com"
#空闲链接超时时间(秒)-超时后断开链接0关闭此功能
idle_timeout = 1800
idle_timeout = 0
#session过期时间用于断线重连0永不过期
session_timeout = 3600
auth_timeout = 0
#auth_timeout = 0
audit_interval = 600
show_sql = false
@@ -93,4 +109,5 @@ no_compress_limit = 256
#客户端显示详细错误信息(线上环境慎开启)
display_error = false
#排除出口ip路由(出口ip不加密传输)
exclude_export_ip = true

6
server/conf/server.toml
View File

@@ -10,6 +10,9 @@ db_source = "./conf/anylink.db"
cert_file = "./conf/vpn_cert.pem"
cert_key = "./conf/vpn_cert.key"
files_path = "./conf/files"
#日志目录,默认为空写入标准输出
#log_path = "./log"
log_level = "debug"
#系统名称
@@ -26,7 +29,7 @@ jwt_secret = "abcdef.0123456789.abcdef"
#TCP服务监听地址(任意端口)
server_addr = ":443"
#开启 DTLS
server_dtls = true
server_dtls = false
#UDP监听地址(任意端口)
server_dtls_addr = ":443"
#后台服务监听地址
@@ -40,6 +43,7 @@ max_user_client = 3
#虚拟网络类型[tun macvtap]
link_mode = "tun"
#客户端分配的ip地址池
#docker环境一般默认 eth0其他情况根据实际网卡信息填写
ipv4_master = "eth0"
ipv4_cidr = "192.168.90.0/24"
ipv4_gateway = "192.168.90.1"

32
server/dbdata/db.go
View File

@@ -1,6 +1,7 @@
package dbdata
import (
"net/http"
"time"
"github.com/bjdgyc/anylink/base"
@@ -121,6 +122,7 @@ func addInitData() error {
other := &SettingOther{
LinkAddr: "vpn.xx.com",
Banner: "您已接入公司网络,请按照公司规定使用。\n请勿进行非工作下载及视频行为",
Homecode: http.StatusOK,
Homeindex: "AnyLink 是一个企业级远程办公 sslvpn 的软件,可以支持多人同时在线使用。",
AccountMail: accountMail,
}
@@ -142,10 +144,10 @@ func addInitData() error {
}
g1 := Group{
Name: "ops",
Name: "all",
AllowLan: true,
ClientDns: []ValData{{Val: "114.114.114.114"}},
RouteInclude: []ValData{{Val: All}},
RouteInclude: []ValData{{Val: ALL}},
Status: 1,
}
err = SetGroup(&g1)
@@ -153,6 +155,18 @@ func addInitData() error {
return err
}
g2 := Group{
Name: "ops",
AllowLan: true,
ClientDns: []ValData{{Val: "114.114.114.114"}},
RouteInclude: []ValData{{Val: "10.0.0.0/8"}},
Status: 1,
}
err = SetGroup(&g2)
if err != nil {
return err
}
return nil
}
@@ -160,6 +174,9 @@ func CheckErrNotFound(err error) bool {
return err == ErrNotFound
}
// base64 图片
// 用户动态码(请妥善保存):<br/>
// <img src="{{.OtpImgBase64}}"/><br/>
const accountMail = `<p>您好:</p>
<p>&nbsp;&nbsp;您的{{.Issuer}}账号已经审核开通。</p>
<p>
@@ -167,12 +184,19 @@ const accountMail = `<p>您好:</p>
用户组: <b>{{.Group}}</b> <br/>
用户名: <b>{{.Username}}</b> <br/>
用户PIN码: <b>{{.PinCode}}</b> <br/>
用户过期时间: <b>{{.LimitTime}}</b> <br/>
{{if .DisableOtp}}
<!-- nothing -->
{{else}}
<!--
用户动态码(3天后失效):<br/>
<img src="{{.OtpImg}}"/>
<img src="{{.OtpImg}}"/><br/>
-->
用户动态码(请妥善保存):<br/>
<img src="{{.OtpImgBase64}}"/>
<img src="cid:userOtpQr.png" alt="userOtpQr" /><br/>
{{end}}
</p>
<div>
使用说明:

107
server/dbdata/group.go
View File

@@ -5,10 +5,12 @@ import (
"fmt"
"net"
"regexp"
"strconv"
"strings"
"time"
"github.com/bjdgyc/anylink/base"
"github.com/songgao/water/waterutil"
"golang.org/x/text/language"
"golang.org/x/text/message"
)
@@ -16,7 +18,10 @@ import (
const (
Allow = "allow"
Deny = "deny"
All = "all"
ALL = "all"
TCP = "tcp"
UDP = "udp"
ICMP = "icmp"
)
// 域名分流最大字符2万
@@ -24,11 +29,14 @@ const DsMaxLen = 20000
type GroupLinkAcl struct {
// 自上而下匹配 默认 allow * *
Action string `json:"action"` // allow、deny
Val string `json:"val"`
Port uint16 `json:"port"`
IpNet *net.IPNet `json:"ip_net"`
Note string `json:"note"`
Action string `json:"action"` // allow、deny
Protocol string `json:"protocol"` // 支持 ALL、TCP、UDP、ICMP 协议
IpProto waterutil.IPProtocol `json:"ip_protocol"` // 判断协议使用
Val string `json:"val"`
Port string `json:"port"` // 兼容单端口历史数据类型uint16
Ports map[uint16]int8 `json:"ports"`
IpNet *net.IPNet `json:"ip_net"`
Note string `json:"note"`
}
type ValData struct {
@@ -112,7 +120,7 @@ func SetGroup(g *Group) error {
routeInclude := []ValData{}
for _, v := range g.RouteInclude {
if v.Val != "" {
if v.Val == All {
if v.Val == ALL {
routeInclude = append(routeInclude, v)
continue
}
@@ -161,14 +169,74 @@ func SetGroup(g *Group) error {
return errors.New("GroupLinkAcl 错误" + err.Error())
}
v.IpNet = ipNet
linkAcl = append(linkAcl, v)
// 设置协议数据
switch v.Protocol {
case TCP:
v.IpProto = waterutil.TCP
case UDP:
v.IpProto = waterutil.UDP
case ICMP:
v.IpProto = waterutil.ICMP
default:
// 其他类型都是 all
v.Protocol = ALL
}
portsStr := v.Port
v.Port = strings.TrimSpace(portsStr)
// switch vp := v.Port.(type) {
// case float64:
// portsStr = strconv.Itoa(int(vp))
// case string:
// portsStr = vp
// }
if regexp.MustCompile(`^\d{1,5}(-\d{1,5})?(,\d{1,5}(-\d{1,5})?)*$`).MatchString(portsStr) {
ports := map[uint16]int8{}
for _, p := range strings.Split(portsStr, ",") {
if p == "" {
continue
}
if regexp.MustCompile(`^\d{1,5}-\d{1,5}$`).MatchString(p) {
rp := strings.Split(p, "-")
// portfrom, err := strconv.Atoi(rp[0])
portfrom, err := strconv.ParseUint(rp[0], 10, 16)
if err != nil {
return errors.New("端口:" + rp[0] + " 格式错误, " + err.Error())
}
// portto, err := strconv.Atoi(rp[1])
portto, err := strconv.ParseUint(rp[1], 10, 16)
if err != nil {
return errors.New("端口:" + rp[1] + " 格式错误, " + err.Error())
}
for i := portfrom; i <= portto; i++ {
ports[uint16(i)] = 1
}
} else {
port, err := strconv.ParseUint(p, 10, 16)
if err != nil {
return errors.New("端口:" + p + " 格式错误, " + err.Error())
}
ports[uint16(port)] = 1
}
}
v.Ports = ports
linkAcl = append(linkAcl, v)
} else {
return errors.New("端口: " + portsStr + " 格式错误,请用逗号分隔的端口,比如: 22,80,443 连续端口用-,比如:1234-5678")
}
}
}
g.LinkAcl = linkAcl
// DNS 判断
clientDns := []ValData{}
for _, v := range g.ClientDns {
v.Val = strings.TrimSpace(v.Val)
if v.Val != "" {
ip := net.ParseIP(v.Val)
if ip.String() != v.Val {
@@ -183,6 +251,20 @@ func SetGroup(g *Group) error {
return errors.New("默认路由必须设置一个DNS")
}
g.ClientDns = clientDns
splitDns := []ValData{}
for _, v := range g.SplitDns {
v.Val = strings.TrimSpace(v.Val)
if v.Val != "" {
ValidateDomainName(v.Val)
if !ValidateDomainName(v.Val) {
return errors.New("域名 错误")
}
splitDns = append(splitDns, v)
}
}
g.SplitDns = splitDns
// 域名拆分隧道,不能同时填写
g.DsIncludeDomains = strings.TrimSpace(g.DsIncludeDomains)
g.DsExcludeDomains = strings.TrimSpace(g.DsExcludeDomains)
@@ -238,6 +320,15 @@ func SetGroup(g *Group) error {
return err
}
func ContainsInPorts(ports map[uint16]int8, port uint16) bool {
_, ok := ports[port]
if ok {
return true
} else {
return false
}
}
func GroupAuthLogin(name, pwd string, authData map[string]interface{}) error {
g := &Group{Auth: authData}
authType := g.Auth["type"].(string)

2
server/dbdata/policy.go
View File

@@ -27,7 +27,7 @@ func SetPolicy(p *Policy) error {
routeInclude := []ValData{}
for _, v := range p.RouteInclude {
if v.Val != "" {
if v.Val == All {
if v.Val == ALL {
routeInclude = append(routeInclude, v)
continue
}

1
server/dbdata/setting.go
View File

@@ -29,6 +29,7 @@ type SettingAuditLog struct {
type SettingOther struct {
LinkAddr string `json:"link_addr"`
Banner string `json:"banner"`
Homecode int `json:"homecode"`
Homeindex string `json:"homeindex"`
AccountMail string `json:"account_mail"`
}

11
server/dbdata/tables.go
View File

@@ -11,6 +11,7 @@ type Group struct {
Note string `json:"note" xorm:"varchar(255)"`
AllowLan bool `json:"allow_lan" xorm:"Bool"`
ClientDns []ValData `json:"client_dns" xorm:"Text"`
SplitDns []ValData `json:"split_dns" xorm:"Text"`
RouteInclude []ValData `json:"route_include" xorm:"Text"`
RouteExclude []ValData `json:"route_exclude" xorm:"Text"`
DsExcludeDomains string `json:"ds_exclude_domains" xorm:"Text"`
@@ -45,7 +46,7 @@ type UserActLog struct {
Username string `json:"username" xorm:"varchar(60)"`
GroupName string `json:"group_name" xorm:"varchar(60)"`
IpAddr string `json:"ip_addr" xorm:"varchar(32)"`
RemoteAddr string `json:"remote_addr" xorm:"varchar(32)"`
RemoteAddr string `json:"remote_addr" xorm:"varchar(42)"`
Os uint8 `json:"os" xorm:"not null default 0 Int"`
Client uint8 `json:"client" xorm:"not null default 0 Int"`
Version string `json:"version" xorm:"varchar(15)"`
@@ -66,12 +67,12 @@ type Setting struct {
type AccessAudit struct {
Id int `json:"id" xorm:"pk autoincr not null"`
Username string `json:"username" xorm:"varchar(60) not null"`
Protocol uint8 `json:"protocol" xorm:"not null"`
Protocol uint8 `json:"protocol" xorm:"Int not null"`
Src string `json:"src" xorm:"varchar(60) not null"`
SrcPort uint16 `json:"src_port" xorm:"not null"`
SrcPort uint16 `json:"src_port" xorm:"Int not null"`
Dst string `json:"dst" xorm:"varchar(60) not null"`
DstPort uint16 `json:"dst_port" xorm:"not null"`
AccessProto uint8 `json:"access_proto" xorm:"default 0"` // 访问协议
DstPort uint16 `json:"dst_port" xorm:"Int not null"`
AccessProto uint8 `json:"access_proto" xorm:"Int default 0"` // 访问协议
Info string `json:"info" xorm:"varchar(255) not null default ''"` // 详情
CreatedAt time.Time `json:"created_at" xorm:"DateTime"`
}

48
server/dbdata/user_act_log.go
View File

@@ -1,6 +1,7 @@
package dbdata
import (
"net"
"net/url"
"regexp"
"strings"
@@ -12,17 +13,19 @@ import (
)
const (
UserAuthFail = 0 // 认证失败
UserAuthSuccess = 1 // 认证成功
UserConnected = 2 // 连线成功
UserLogout = 3 // 用户登出
UserLogoutLose = 0 // 用户掉线
UserLogoutBanner = 1 // 用户banner弹窗取消
UserLogoutClient = 2 // 用户主动登出
UserLogoutTimeout = 3 // 用户超时登出
UserLogoutAdmin = 4 // 账号被管理员踢下线
UserLogoutExpire = 5 // 账号过期被踢下线
UserIdleTimeout = 6 // 用户空闲链接超时
UserAuthFail = 0 // 认证失败
UserAuthSuccess = 1 // 认证成功
UserConnected = 2 // 连线成功
UserLogout = 3 // 用户登出
UserLogoutLose = 0 // 用户掉线
UserLogoutBanner = 1 // 用户banner弹窗取消
UserLogoutClient = 2 // 用户主动登出
UserLogoutTimeout = 3 // 用户超时登出
UserLogoutAdmin = 4 // 账号被管理员踢下线
UserLogoutExpire = 5 // 账号过期被踢下线
UserIdleTimeout = 6 // 用户空闲链接超时
UserLogoutOneAdmin = 7 // 账号被管理员一键下线
)
type UserActLogProcess struct {
@@ -57,13 +60,14 @@ var (
3: "AnyLink",
},
InfoOps: []string{ // 信息
UserLogoutLose: "用户掉线",
UserLogoutBanner: "用户取消弹窗/客户端发起的logout",
UserLogoutClient: "用户/客户端主动断开",
UserLogoutTimeout: "Session过期被踢下线",
UserLogoutAdmin: "账号被管理员踢下线",
UserLogoutExpire: "账号过期被踢下线",
UserIdleTimeout: "用户空闲链接超时",
UserLogoutLose: "用户掉线",
UserLogoutBanner: "用户取消弹窗/客户端发起的logout",
UserLogoutClient: "用户/客户端主动断开",
UserLogoutTimeout: "Session过期被踢下线",
UserLogoutAdmin: "账号被管理员踢下线",
UserLogoutExpire: "账号过期被踢下线",
UserIdleTimeout: "用户空闲链接超时",
UserLogoutOneAdmin: "账号被管理员一键下线",
},
}
)
@@ -75,7 +79,8 @@ func (ua *UserActLogProcess) Add(u UserActLog, userAgent string) {
u.Os = os_idx
u.Client = client_idx
u.Version = ver
u.RemoteAddr = strings.Split(u.RemoteAddr, ":")[0]
// u.RemoteAddr = strings.Split(u.RemoteAddr, ":")[0]
u.RemoteAddr, _, _ = net.SplitHostPort(u.RemoteAddr)
// remove extra characters
infoSlice := strings.Split(u.Info, " ")
infoLen := len(infoSlice)
@@ -126,6 +131,9 @@ func (ua *UserActLogProcess) GetStatusOpsWithTag() interface{} {
}
func (ua *UserActLogProcess) GetInfoOpsById(id uint8) string {
if int(id) >= len(ua.InfoOps) {
return "未知的信息类型"
}
return ua.InfoOps[id]
}
@@ -139,7 +147,7 @@ func (ua *UserActLogProcess) ParseUserAgent(userAgent string) (os_idx, client_id
os_idx = 0
if strings.Contains(userAgent, "windows") {
os_idx = 1
} else if strings.Contains(userAgent, "mac os") || strings.Contains(userAgent, "darwin_i386") {
} else if strings.Contains(userAgent, "mac os") || strings.Contains(userAgent, "darwin_i386") || strings.Contains(userAgent, "darwin_amd64") || strings.Contains(userAgent, "darwin_arm64") {
os_idx = 2
} else if strings.Contains(userAgent, "darwin_arm") || strings.Contains(userAgent, "apple") {
os_idx = 5

20
server/dbdata/userauth_radius.go
View File

@@ -5,6 +5,7 @@ import (
"encoding/json"
"errors"
"fmt"
"net"
"reflect"
"time"
@@ -15,6 +16,7 @@ import (
type AuthRadius struct {
Addr string `json:"addr"`
Secret string `json:"secret"`
Nasip string `json:"nasip"`
}
func init() {
@@ -57,8 +59,22 @@ func (auth AuthRadius) checkUser(name, pwd string, g *Group) error {
}
// radius认证时设置超时3秒
packet := radius.New(radius.CodeAccessRequest, []byte(auth.Secret))
rfc2865.UserName_SetString(packet, name)
rfc2865.UserPassword_SetString(packet, pwd)
err = rfc2865.UserName_SetString(packet, name)
if err != nil {
return fmt.Errorf("%s %s", name, "Radius set name 出现错误")
}
err = rfc2865.UserPassword_SetString(packet, pwd)
if err != nil {
return fmt.Errorf("%s %s", name, "Radius set pwd 出现错误")
}
if auth.Nasip != "" {
nasip := net.ParseIP(auth.Nasip)
err = rfc2865.NASIPAddress_Set(packet, nasip)
if err != nil {
return fmt.Errorf("%s %s", name, "Radius set nasip 出现错误")
}
}
ctx, done := context.WithTimeout(context.Background(), 3*time.Second)
defer done()
response, err := radius.Exchange(ctx, packet, auth.Addr)

34
server/go.mod
View File

@@ -1,6 +1,6 @@
module github.com/bjdgyc/anylink
go 1.20
go 1.22
require (
github.com/arl/statsviz v0.6.0
@@ -8,7 +8,7 @@ require (
github.com/go-acme/lego/v4 v4.15.0
github.com/go-co-op/gocron v1.37.0
github.com/go-ldap/ldap v3.0.3+incompatible
github.com/go-sql-driver/mysql v1.7.1
github.com/go-sql-driver/mysql v1.8.0
github.com/gocarina/gocsv v0.0.0-20231116093920-b87c2d0e983a
github.com/golang-jwt/jwt/v4 v4.5.0
github.com/google/gopacket v1.1.19
@@ -32,22 +32,22 @@ require (
github.com/stretchr/testify v1.8.4
github.com/xhit/go-simple-mail/v2 v2.16.0
github.com/xlzd/gotp v0.1.0
github.com/xuri/excelize/v2 v2.8.0
go.uber.org/atomic v1.11.0
golang.org/x/crypto v0.19.0
golang.org/x/net v0.21.0
golang.org/x/text v0.14.0
github.com/xuri/excelize/v2 v2.8.1
golang.org/x/crypto v0.26.0
golang.org/x/net v0.25.0
golang.org/x/text v0.17.0
golang.org/x/time v0.5.0
layeh.com/radius v0.0.0-20231213012653-1006025d24f8
xorm.io/xorm v1.3.8
)
require (
github.com/aliyun/alibaba-cloud-sdk-go v1.62.680 // indirect
filippo.io/edwards25519 v1.1.0 // indirect
github.com/aliyun/alibaba-cloud-sdk-go v1.62.690 // indirect
github.com/cenkalti/backoff/v4 v4.2.1 // indirect
github.com/cloudflare/cloudflare-go v0.88.0 // indirect
github.com/cloudflare/cloudflare-go v0.89.0 // indirect
github.com/felixge/httpsnoop v1.0.4 // indirect
github.com/go-jose/go-jose/v3 v3.0.1 // indirect
github.com/go-jose/go-jose/v3 v3.0.3 // indirect
github.com/go-test/deep v1.1.0 // indirect
github.com/google/go-querystring v1.1.0 // indirect
github.com/google/uuid v1.6.0 // indirect
@@ -61,14 +61,16 @@ require (
github.com/sagikazarmark/locafero v0.4.0 // indirect
github.com/sagikazarmark/slog-shim v0.1.0 // indirect
github.com/sourcegraph/conc v0.3.0 // indirect
github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common v1.0.860 // indirect
github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/dnspod v1.0.860 // indirect
github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common v1.0.873 // indirect
github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/dnspod v1.0.873 // indirect
github.com/toorop/go-dkim v0.0.0-20240103092955-90b7d1423f92 // indirect
github.com/yusufpapurcu/wmi v1.2.4 // indirect
go.uber.org/atomic v1.11.0 // indirect
go.uber.org/multierr v1.11.0 // indirect
golang.org/x/exp v0.0.0-20240213143201-ec583247a57a // indirect
golang.org/x/mod v0.15.0 // indirect
golang.org/x/tools v0.18.0 // indirect
golang.org/x/exp v0.0.0-20240222234643-814bf88cf225 // indirect
golang.org/x/mod v0.17.0 // indirect
golang.org/x/sync v0.8.0 // indirect
golang.org/x/tools v0.21.1-0.20240508182429-e35e4ccd0d2d // indirect
)
require (
@@ -99,7 +101,7 @@ require (
github.com/tklauser/numcpus v0.7.0 // indirect
github.com/xuri/efp v0.0.0-20231025114914-d1ff6096ae53 // indirect
github.com/xuri/nfp v0.0.0-20230919160717-d98342af3f05 // indirect
golang.org/x/sys v0.17.0 // indirect
golang.org/x/sys v0.23.0 // indirect
gopkg.in/asn1-ber.v1 v1.0.0-20181015200546-f715ec2f112d // indirect
gopkg.in/ini.v1 v1.67.0 // indirect
gopkg.in/yaml.v3 v3.0.1 // indirect

93
server/go.sum
View File

@@ -1,17 +1,19 @@
dmitri.shuralyov.com/gpu/mtl v0.0.0-20190408044501-666a987793e9/go.mod h1:H6x//7gZCb22OMCxBHrMx7a5I7Hp++hsVxbQ4BYO7hU=
filippo.io/edwards25519 v1.1.0 h1:FNf4tywRC1HmFuKW5xopWpigGjJKiJSV0Cqo0cJWDaA=
filippo.io/edwards25519 v1.1.0/go.mod h1:BxyFTGdWcka3PhytdK4V28tE5sGfRvvvRV7EaN4VDT4=
gitea.com/xorm/sqlfiddle v0.0.0-20180821085327-62ce714f951a h1:lSA0F4e9A2NcQSqGqTOXqu2aRi/XEQxDCBwM8yJtE6s=
gitea.com/xorm/sqlfiddle v0.0.0-20180821085327-62ce714f951a/go.mod h1:EXuID2Zs0pAQhH8yz+DNjUbjppKQzKFAn28TMYPB6IU=
github.com/BurntSushi/xgb v0.0.0-20160522181843-27f122750802/go.mod h1:IVnqGOEym/WlBOVXweHU+Q+/VP0lqqI8lqeDx9IjBqo=
github.com/HdrHistogram/hdrhistogram-go v1.1.2/go.mod h1:yDgFjdqOqDEKOvasDdhWNXYg9BVp4O+o5f6V/ehm6Oo=
github.com/ajstarks/svgo v0.0.0-20180226025133-644b8db467af/go.mod h1:K08gAheRH3/J6wwsYMMT4xOr94bZjxIelGM0+d/wbFw=
github.com/aliyun/alibaba-cloud-sdk-go v1.62.680 h1:UhaUht5x8avOCBqcnfZvc04FwGsSiXMKXXQ3NwRk85Q=
github.com/aliyun/alibaba-cloud-sdk-go v1.62.680/go.mod h1:CJJYa1ZMxjlN/NbXEwmejEnBkhi0DV+Yb3B2lxf+74o=
github.com/aliyun/alibaba-cloud-sdk-go v1.62.690 h1:9ChlXyXZxVeHXPlsUqquutxxmrEGhNmfQiOW/YKIbq8=
github.com/aliyun/alibaba-cloud-sdk-go v1.62.690/go.mod h1:CJJYa1ZMxjlN/NbXEwmejEnBkhi0DV+Yb3B2lxf+74o=
github.com/arl/statsviz v0.6.0 h1:jbW1QJkEYQkufd//4NDYRSNBpwJNrdzPahF7ZmoGdyE=
github.com/arl/statsviz v0.6.0/go.mod h1:0toboo+YGSUXDaS4g1D5TVS4dXs7S7YYT5J/qnW2h8s=
github.com/cenkalti/backoff/v4 v4.2.1 h1:y4OZtCnogmCPw98Zjyt5a6+QwPLGkiQsYW5oUqylYbM=
github.com/cenkalti/backoff/v4 v4.2.1/go.mod h1:Y3VNntkOUPxTVeUxJ/G5vcM//AlwfmyYozVcomhLiZE=
github.com/cloudflare/cloudflare-go v0.88.0 h1:9CEnvaDMs8ydEBUSPChXmHDe2uJJKZoPpBO2QEr41gY=
github.com/cloudflare/cloudflare-go v0.88.0/go.mod h1:eyuehb1i6BNRc+ZwaTZAiRHeE+4jbKvHAns19oGeakg=
github.com/cloudflare/cloudflare-go v0.89.0 h1:3zoVntC8xmUR/weFEcNE1RizdW4LRZdQnJ/AN8DDa1U=
github.com/cloudflare/cloudflare-go v0.89.0/go.mod h1:eyuehb1i6BNRc+ZwaTZAiRHeE+4jbKvHAns19oGeakg=
github.com/coreos/go-iptables v0.7.0 h1:XWM3V+MPRr5/q51NuWSgU0fqMad64Zyxs8ZUoMsamr8=
github.com/coreos/go-iptables v0.7.0/go.mod h1:Qe8Bv2Xik5FyTXwgIbLAnv2sWSBmvWdFETJConOQ//Q=
github.com/cpuguy83/go-md2man/v2 v2.0.3/go.mod h1:tgQtvFlXSQOSOSIRvRPT7W67SCa46tRHOmNcaadrF8o=
@@ -23,11 +25,14 @@ github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc/go.mod h1:J7Y8Yc
github.com/deckarep/golang-set v1.8.0 h1:sk9/l/KqpunDwP7pSjUg0keiOOLEnOBHzykLrsPppp4=
github.com/deckarep/golang-set v1.8.0/go.mod h1:5nI87KwE7wgsBU1F4GKAw2Qod7p5kyS383rP6+o6qqo=
github.com/dustin/go-humanize v1.0.0 h1:VSnTsYCnlFHaM2/igO1h6X3HA71jcobQuxemgkq4zYo=
github.com/dustin/go-humanize v1.0.0/go.mod h1:HtrtbFcZ19U5GC7JDqmcUSB87Iq5E25KnS6fMYU6eOk=
github.com/fatih/color v1.14.1 h1:qfhVLaG5s+nCROl1zJsZRxFeYrHLqWroPOQ8BWiNb4w=
github.com/fatih/color v1.14.1/go.mod h1:2oHN61fhTpgcxD3TSWCgKDiH1+x4OiDVVGH8WlgGZGg=
github.com/felixge/httpsnoop v1.0.4 h1:NFTV2Zj1bL4mc9sqWACXbQFVBBg2W3GPvqp8/ESS2Wg=
github.com/felixge/httpsnoop v1.0.4/go.mod h1:m8KPJKqk1gH5J9DgRY2ASl2lWCfGKXixSwevea8zH2U=
github.com/fogleman/gg v1.2.1-0.20190220221249-0403632d5b90/go.mod h1:R/bRT+9gY/C5z7JzPU0zXsXHKM4/ayA+zqcVNZzPa1k=
github.com/frankban/quicktest v1.14.6 h1:7Xjx+VpznH+oBnejlPUj8oUpdxnVs4f8XU8WnHkI4W8=
github.com/frankban/quicktest v1.14.6/go.mod h1:4ptaffx2x8+WTWXmUCuVU6aPUX1/Mz7zb5vbUoiM6w0=
github.com/fsnotify/fsnotify v1.4.7/go.mod h1:jwhsz4b93w/PPRr/qN1Yymfu8t87LnFCMoQvtojpjFo=
github.com/fsnotify/fsnotify v1.7.0 h1:8JEhPFa5W2WU7YfeZzPNqzMP6Lwt7L2715Ggo0nosvA=
github.com/fsnotify/fsnotify v1.7.0/go.mod h1:40Bi/Hjc2AVfZrqy+aj+yEI+/bRxZnMJyTJwOpGvigM=
@@ -36,15 +41,15 @@ github.com/go-acme/lego/v4 v4.15.0/go.mod h1:eeGhjW4zWT7Ccqa3sY7ayEqFLCAICx+mXgk
github.com/go-co-op/gocron v1.37.0 h1:ZYDJGtQ4OMhTLKOKMIch+/CY70Brbb1dGdooLEhh7b0=
github.com/go-co-op/gocron v1.37.0/go.mod h1:3L/n6BkO7ABj+TrfSVXLRzsP26zmikL4ISkLQ0O8iNY=
github.com/go-gl/glfw v0.0.0-20190409004039-e6da0acd62b1/go.mod h1:vR7hzQXu2zJy9AVAgeJqvqgH9Q5CA+iKCZ2gyEVpxRU=
github.com/go-jose/go-jose/v3 v3.0.1 h1:pWmKFVtt+Jl0vBZTIpz/eAKwsm6LkIxDVVbFHKkchhA=
github.com/go-jose/go-jose/v3 v3.0.1/go.mod h1:RNkWWRld676jZEYoV3+XK8L2ZnNSvIsxFMht0mSX+u8=
github.com/go-jose/go-jose/v3 v3.0.3 h1:fFKWeig/irsp7XD2zBxvnmA/XaRWp5V3CBsZXJF7G7k=
github.com/go-jose/go-jose/v3 v3.0.3/go.mod h1:5b+7YgP7ZICgJDBdfjZaIt+H/9L9T/YQrVfLAMboGkQ=
github.com/go-ldap/ldap v3.0.3+incompatible h1:HTeSZO8hWMS1Rgb2Ziku6b8a7qRIZZMHjsvuZyatzwk=
github.com/go-ldap/ldap v3.0.3+incompatible/go.mod h1:qfd9rJvER9Q0/D/Sqn1DfHRoBp40uXYvFoEVrNEPqRc=
github.com/go-ole/go-ole v1.2.6/go.mod h1:pprOEPIfldk/42T2oK7lQ4v4JSDwmV0As9GaiUsvbm0=
github.com/go-ole/go-ole v1.3.0 h1:Dt6ye7+vXGIKZ7Xtk4s6/xVdGDQynvom7xCFEdWr6uE=
github.com/go-ole/go-ole v1.3.0/go.mod h1:5LS6F96DhAwUc7C+1HLexzMXY1xGRSryjyPPKW6zv78=
github.com/go-sql-driver/mysql v1.7.1 h1:lUIinVbN1DY0xBg0eMOzmmtGoHwWBbvnWubQUrtU8EI=
github.com/go-sql-driver/mysql v1.7.1/go.mod h1:OXbVy3sEdcQ2Doequ6Z5BW6fXNQTmx+9S1MCJN5yJMI=
github.com/go-sql-driver/mysql v1.8.0 h1:UtktXaU2Nb64z/pLiGIxY4431SJ4/dR5cjMmlVHgnT4=
github.com/go-sql-driver/mysql v1.8.0/go.mod h1:wEBSXgmK//2ZFJyE+qWnIsVGmvmEKlqwuVSjsCm7DZg=
github.com/go-test/deep v1.1.0 h1:WOcxcdHcvdgThNXjw0t76K42FXTU7HpNQWHpA2HHNlg=
github.com/go-test/deep v1.1.0/go.mod h1:5C2ZWiW0ErCdrYzpqxLbTX7MG14M9iiw8DgHncVwcsE=
github.com/gocarina/gocsv v0.0.0-20231116093920-b87c2d0e983a h1:RYfmiM0zluBJOiPDJseKLEN4BapJ42uSi9SZBQ2YyiA=
@@ -59,10 +64,11 @@ github.com/golang/protobuf v1.2.0/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5y
github.com/golang/snappy v0.0.0-20180518054509-2e65f85255db/go.mod h1:/XxbfmMg8lxefKM7IXC3fBNl/7bRcc72aCRzEWrmP2Q=
github.com/golang/snappy v0.0.4 h1:yAGX7huGHXlcLOEtBnF4w7FQwA26wojNCwOYAEhLjQM=
github.com/golang/snappy v0.0.4/go.mod h1:/XxbfmMg8lxefKM7IXC3fBNl/7bRcc72aCRzEWrmP2Q=
github.com/google/go-cmp v0.5.0/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
github.com/google/go-cmp v0.5.2/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
github.com/google/go-cmp v0.5.4/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
github.com/google/go-cmp v0.5.9 h1:O2Tfq5qg4qc4AmwVlvv0oLiVAGB7enBSJ2x2DqQFi38=
github.com/google/go-cmp v0.5.9/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY=
github.com/google/go-cmp v0.6.0 h1:ofyhxvXcZhMsU5ulbFiLKl/XBFqE1GSq7atu8tAmTRI=
github.com/google/go-cmp v0.6.0/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY=
github.com/google/go-querystring v1.1.0 h1:AnCroh3fv4ZBgVIf1Iwtovgjaw/GiKJo8M8yD/fhyJ8=
github.com/google/go-querystring v1.1.0/go.mod h1:Kcdr2DB4koayq7X8pmAG4sNG59So17icRSOU623lUBU=
github.com/google/gofuzz v1.0.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg=
@@ -81,6 +87,7 @@ github.com/hashicorp/go-cleanhttp v0.5.2 h1:035FKYIWjmULyFRBKPs8TBQoi0x6d9G4xc9n
github.com/hashicorp/go-cleanhttp v0.5.2/go.mod h1:kO/YDlP8L1346E6Sodw+PrpBSV4/SoxCXGY6BqNFT48=
github.com/hashicorp/go-hclog v0.9.2/go.mod h1:5CU+agLiy3J7N7QjHK5d05KxGsuXiQLrjA0H7acj2lQ=
github.com/hashicorp/go-hclog v1.5.0 h1:bI2ocEMgcVlz55Oj1xZNBsVi900c7II+fWDyV9o+13c=
github.com/hashicorp/go-hclog v1.5.0/go.mod h1:W4Qnvbt70Wk/zYJryRzDRU/4r0kIg0PVHBcfoyhpF5M=
github.com/hashicorp/go-retryablehttp v0.7.5 h1:bJj+Pj19UZMIweq/iie+1u5YCdGrnxCT9yvm0e+Nd5M=
github.com/hashicorp/go-retryablehttp v0.7.5/go.mod h1:Jy/gPYAdjqffZ/yFGCFV2doI5wjtH1ewM9u8iYVjtX8=
github.com/hashicorp/hcl v1.0.0 h1:0Anlzjpi4vEasTeNFn2mLJgTSwt0+6sfsiTG8qcWGx4=
@@ -101,10 +108,12 @@ github.com/json-iterator/go v1.1.12 h1:PV8peI4a0ysnczrg+LtxykD8LfKY9ML6u2jnxaEnr
github.com/json-iterator/go v1.1.12/go.mod h1:e30LSqwooZae/UwlEbR2852Gd8hjQvJoHmT4TnhNGBo=
github.com/jung-kurt/gofpdf v1.0.3-0.20190309125859-24315acbbda5/go.mod h1:7Id9E/uU8ce6rXgefFLlgrJj/GYY22cpxn+r32jIOes=
github.com/kballard/go-shellquote v0.0.0-20180428030007-95032a82bc51 h1:Z9n2FFNUXsshfwJMBgNA0RU6/i7WVaAegv3PtuIHPMs=
github.com/kballard/go-shellquote v0.0.0-20180428030007-95032a82bc51/go.mod h1:CzGEWj7cYgsdH8dAjBGEr58BoE7ScuLd+fwFZ44+/x8=
github.com/kr/pretty v0.1.0/go.mod h1:dAy3ld7l9f0ibDNOQOHHMYYIIbhfbHSm3C4ZsoJORNo=
github.com/kr/pretty v0.2.1/go.mod h1:ipq/a2n7PKx3OHsz4KJII5eveXtPO4qwEXGdVfWzfnI=
github.com/kr/pretty v0.3.0/go.mod h1:640gp4NfQd8pI5XOwp5fnNeVWj67G7CFk/SaSQn7NBk=
github.com/kr/pretty v0.3.1 h1:flRD4NNwYAUpkphVc1HcthR4KEIFJ65n8Mw5qdRn3LE=
github.com/kr/pretty v0.3.1/go.mod h1:hoEshYVHaxMs3cyo3Yncou5ZscifuDolrwPKZanG3xk=
github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ=
github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI=
github.com/kr/text v0.2.0 h1:5Nx0Ya0ZqY2ygV366QzturHI13Jq95ApcVaJBhpS+AY=
@@ -116,7 +125,9 @@ github.com/lib/pq v1.10.9/go.mod h1:AlVN5x4E4T544tWzH6hKfbfQvm3HdbOxrmggDNAPY9o=
github.com/magiconair/properties v1.8.7 h1:IeQXZAiQcpL9mgcAe1Nu6cX9LLw6ExEHKjN0VQdvPDY=
github.com/magiconair/properties v1.8.7/go.mod h1:Dhd985XPs7jluiymwWYZ0G4Z61jb3vdS329zhj2hYo0=
github.com/mattn/go-colorable v0.1.13 h1:fFA4WZxdEF4tXPZVKMLwD8oUnCTTo08duU7wxecdEvA=
github.com/mattn/go-colorable v0.1.13/go.mod h1:7S9/ev0klgBDR4GtXTXX8a3vIGJpMovkB8vQcUbaXHg=
github.com/mattn/go-isatty v0.0.20 h1:xfD0iDuEKnDkl03q4limB+vH+GxLEtL/jb4xVJSWWEY=
github.com/mattn/go-isatty v0.0.20/go.mod h1:W+V8PltTTMOvKvAeJH7IuucS94S2C6jfK/D7dTCTo3Y=
github.com/mattn/go-sqlite3 v1.14.22 h1:2gZY6PC6kBnID23Tichd1K+Z0oS6nE/XwU+Vz/5o4kU=
github.com/mattn/go-sqlite3 v1.14.22/go.mod h1:Uh1q+B4BYcTPb+yiD3kU8Ct7aC0hY9fxUwlHK0RXw+Y=
github.com/miekg/dns v1.1.58 h1:ca2Hdkz+cDg/7eNF6V56jjzuZ4aCAE+DbVkILdQWG/4=
@@ -158,6 +169,7 @@ github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZN
github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2 h1:Jamvg5psRIccs7FGNTlIRMkT8wgtp5eCXdBlqhYGL6U=
github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
github.com/remyoudompheng/bigfft v0.0.0-20200410134404-eec4a21b6bb0 h1:OdAsTTz6OkFY5QxjkYwrChwuRruF69c169dPK26NUlk=
github.com/remyoudompheng/bigfft v0.0.0-20200410134404-eec4a21b6bb0/go.mod h1:qqbHyh8v60DhA7CoWK5oRCqLrMHRGoxYCSS9EjAz6Eo=
github.com/richardlehane/mscfb v1.0.4 h1:WULscsljNPConisD5hR0+OyZjwK46Pfyr6mPu5ZawpM=
github.com/richardlehane/mscfb v1.0.4/go.mod h1:YzVpcZg9czvAuhk9T+a3avCpcFPMUWm7gK3DypaEsUk=
github.com/richardlehane/msoleps v1.0.1/go.mod h1:BWev5JBpU9Ko2WAgmZEuiz4/u3ZYTKbjLycmwiWUfWg=
@@ -168,6 +180,7 @@ github.com/robfig/cron/v3 v3.0.1/go.mod h1:eQICP3HwyT7UooqI/z+Ov+PtYAWygg1TEWWzG
github.com/rogpeppe/go-internal v1.6.1/go.mod h1:xXDCJY+GAPziupqXw64V24skbSoqbTEfhy4qGm1nDQc=
github.com/rogpeppe/go-internal v1.8.1/go.mod h1:JeRgkft04UBgHMgCIwADu4Pn6Mtm5d4nPKWu0nJ5d+o=
github.com/rogpeppe/go-internal v1.11.0 h1:cWPaGQEPrBb5/AsnsZesgZZ9yb1OQ+GOISoDNXVBh4M=
github.com/rogpeppe/go-internal v1.11.0/go.mod h1:ddIwULY96R17DhadqLgMfk9H9tvdUzkipdSkR5nkCZA=
github.com/russross/blackfriday/v2 v2.1.0/go.mod h1:+Rmxgy9KzJVeS9/2gXHxylqXiyQDYRxCVz55jmeOWTM=
github.com/sagikazarmark/locafero v0.4.0 h1:HApY1R9zGo4DBgr7dqsTH/JJxLTTsOt7u6keLGt6kNQ=
github.com/sagikazarmark/locafero v0.4.0/go.mod h1:Pe1W6UlPYUk/+wc/6KFhbORCfqzgYEpgQ3O5fPuL3H4=
@@ -198,7 +211,6 @@ github.com/stretchr/objx v0.4.0/go.mod h1:YvHI0jy2hoMjB+UWwv71VJQ9isScKT/TqJzVSS
github.com/stretchr/objx v0.5.0/go.mod h1:Yh+to48EsGEfYuaHDzXPcE3xhTkx73EhmCGUpEOglKo=
github.com/stretchr/testify v1.2.2/go.mod h1:a8OnRcib4nhh0OaRAV+Yts87kKdq0PP7pXfy6kDkUVs=
github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI=
github.com/stretchr/testify v1.6.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg=
github.com/stretchr/testify v1.7.0/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg=
github.com/stretchr/testify v1.7.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg=
github.com/stretchr/testify v1.8.0/go.mod h1:yNjHg4UonilssWZ8iaSj1OCr/vHnekPRkoO+kdMU+MU=
@@ -209,10 +221,10 @@ github.com/subosito/gotenv v1.6.0 h1:9NlTDc1FTs4qu0DDq7AEtTPNw6SVm7uBMsUCUjABIf8
github.com/subosito/gotenv v1.6.0/go.mod h1:Dk4QP5c2W3ibzajGcXpNraDfq2IrhjMIvMSWPKKo0FU=
github.com/syndtr/goleveldb v1.0.0 h1:fBdIW9lB4Iz0n9khmH8w27SJ3QEJ7+IgjPEwGSZiFdE=
github.com/syndtr/goleveldb v1.0.0/go.mod h1:ZVVdQEZoIme9iO1Ch2Jdy24qqXrMMOU6lpPAyBWyWuQ=
github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common v1.0.860 h1:d5/YwGX6b5YgFU/0thsbs5aBp4aJJXBi7JyU1JHAaw0=
github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common v1.0.860/go.mod h1:r5r4xbfxSaeR04b166HGsBa/R4U3SueirEUpXGuw+Q0=
github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/dnspod v1.0.860 h1:PQ8wuVKhcjpYUW2gH3WWb92R3QF4YRWBCBZifp6SfHs=
github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/dnspod v1.0.860/go.mod h1:7gu9rKEmx7R/D0RvuaHmMqLLGBtIR6a6de9Yd5IwDBg=
github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common v1.0.873 h1:VdQ+lQ98CFwbmfQj02iMVWWzdwnKubuICIa2QhzQBJI=
github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common v1.0.873/go.mod h1:r5r4xbfxSaeR04b166HGsBa/R4U3SueirEUpXGuw+Q0=
github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/dnspod v1.0.873 h1:qawAviStyrk6b2bHvRvKxmiiL8Cu6KujtzAHktLqdFI=
github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/dnspod v1.0.873/go.mod h1:wqyJy+a/L53zH8pRDNOF+7t9iZhSPANmYSuUfvVp9NE=
github.com/tklauser/go-sysconf v0.3.13 h1:GBUpcahXSpR2xN01jhkNAbTLRk2Yzgggk8IM08lq3r4=
github.com/tklauser/go-sysconf v0.3.13/go.mod h1:zwleP4Q4OehZHGn4CYZDipCgg9usW5IJePewFCGVEa0=
github.com/tklauser/numcpus v0.7.0 h1:yjuerZP127QG9m5Zh/mSO4wqurYil27tHrqwRoRjpr4=
@@ -228,12 +240,10 @@ github.com/xhit/go-simple-mail/v2 v2.16.0 h1:ouGy/Ww4kuaqu2E2UrDw7SvLaziWTB60ICL
github.com/xhit/go-simple-mail/v2 v2.16.0/go.mod h1:b7P5ygho6SYE+VIqpxA6QkYfv4teeyG4MKqB3utRu98=
github.com/xlzd/gotp v0.1.0 h1:37blvlKCh38s+fkem+fFh7sMnceltoIEBYTVXyoa5Po=
github.com/xlzd/gotp v0.1.0/go.mod h1:ndLJ3JKzi3xLmUProq4LLxCuECL93dG9WASNLpHz8qg=
github.com/xuri/efp v0.0.0-20230802181842-ad255f2331ca/go.mod h1:ybY/Jr0T0GTCnYjKqmdwxyxn2BQf2RcQIIvex5QldPI=
github.com/xuri/efp v0.0.0-20231025114914-d1ff6096ae53 h1:Chd9DkqERQQuHpXjR/HSV1jLZA6uaoiwwH3vSuF3IW0=
github.com/xuri/efp v0.0.0-20231025114914-d1ff6096ae53/go.mod h1:ybY/Jr0T0GTCnYjKqmdwxyxn2BQf2RcQIIvex5QldPI=
github.com/xuri/excelize/v2 v2.8.0 h1:Vd4Qy809fupgp1v7X+nCS/MioeQmYVVzi495UCTqB7U=
github.com/xuri/excelize/v2 v2.8.0/go.mod h1:6iA2edBTKxKbZAa7X5bDhcCg51xdOn1Ar5sfoXRGrQg=
github.com/xuri/nfp v0.0.0-20230819163627-dc951e3ffe1a/go.mod h1:WwHg+CVyzlv/TX9xqBFXEZAuxOPxn2k1GNHwG41IIUQ=
github.com/xuri/excelize/v2 v2.8.1 h1:pZLMEwK8ep+CLIUWpWmvW8IWE/yxqG0I1xcN6cVMGuQ=
github.com/xuri/excelize/v2 v2.8.1/go.mod h1:oli1E4C3Pa5RXg1TBXn4ENCXDV5JUMlBluUhG7c+CEE=
github.com/xuri/nfp v0.0.0-20230919160717-d98342af3f05 h1:qhbILQo1K3mphbwKh1vNm4oGezE1eF9fQWmNiIpSfI4=
github.com/xuri/nfp v0.0.0-20230919160717-d98342af3f05/go.mod h1:WwHg+CVyzlv/TX9xqBFXEZAuxOPxn2k1GNHwG41IIUQ=
github.com/yuin/goldmark v1.4.13/go.mod h1:6yULJ656Px+3vBD8DxQVa3kxgyrAnzto9xy5taEt/CY=
@@ -246,34 +256,34 @@ go.uber.org/multierr v1.11.0 h1:blXXJkSxSSfBVBlC76pxqeO+LN3aDfLQo+309xJstO0=
go.uber.org/multierr v1.11.0/go.mod h1:20+QtiLqy0Nd6FdQB9TLXag12DsQkrbs3htMFfDN80Y=
golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w=
golang.org/x/crypto v0.0.0-20190510104115-cbcb75029529/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI=
golang.org/x/crypto v0.0.0-20190911031432-227b76d455e7/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI=
golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI=
golang.org/x/crypto v0.0.0-20210921155107-089bfa567519/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc=
golang.org/x/crypto v0.12.0/go.mod h1:NF0Gs7EO5K4qLn+Ylc+fih8BSTeIjAP05siRnAh98yw=
golang.org/x/crypto v0.13.0/go.mod h1:y6Z2r+Rw4iayiXXAIxJIDAJ1zMW4yaTpebo8fPOliYc=
golang.org/x/crypto v0.18.0/go.mod h1:R0j02AL6hcrfOiy9T4ZYp/rcWeMxM3L6QYxlOuEG1mg=
golang.org/x/crypto v0.19.0 h1:ENy+Az/9Y1vSrlrvBSyna3PITt4tiZLf7sgCjZBX7Wo=
golang.org/x/crypto v0.19.0/go.mod h1:Iy9bg/ha4yyC70EfRS8jz+B6ybOBKMaSxLj6P6oBDfU=
golang.org/x/crypto v0.26.0 h1:RrRspgV4mU+YwB4FYnuBoKsUapNIL5cohGAmSH3azsw=
golang.org/x/crypto v0.26.0/go.mod h1:GY7jblb9wI+FOo5y8/S2oY4zWP07AkOJ4+jxCqdqn54=
golang.org/x/exp v0.0.0-20180321215751-8460e604b9de/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA=
golang.org/x/exp v0.0.0-20180807140117-3d87b88a115f/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA=
golang.org/x/exp v0.0.0-20190125153040-c74c464bbbf2/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA=
golang.org/x/exp v0.0.0-20190306152737-a1d7652674e8/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA=
golang.org/x/exp v0.0.0-20191030013958-a1ab85dbe136/go.mod h1:JXzH8nQsPlswgeRAPE3MuO9GYsAcnJvJ4vnMwN/5qkY=
golang.org/x/exp v0.0.0-20240213143201-ec583247a57a h1:HinSgX1tJRX3KsL//Gxynpw5CTOAIPhgL4W8PNiIpVE=
golang.org/x/exp v0.0.0-20240213143201-ec583247a57a/go.mod h1:CxmFvTBINI24O/j8iY7H1xHzx2i4OsyguNBmN/uPtqc=
golang.org/x/exp v0.0.0-20240222234643-814bf88cf225 h1:LfspQV/FYTatPTr/3HzIcmiUFH7PGP+OQ6mgDYo3yuQ=
golang.org/x/exp v0.0.0-20240222234643-814bf88cf225/go.mod h1:CxmFvTBINI24O/j8iY7H1xHzx2i4OsyguNBmN/uPtqc=
golang.org/x/image v0.0.0-20180708004352-c73c2afc3b81/go.mod h1:ux5Hcp/YLpHSI86hEcLt0YII63i6oz57MZXIpbrjZUs=
golang.org/x/image v0.0.0-20190227222117-0694c2d4d067/go.mod h1:kZ7UVZpmo3dzQBMxlp+ypCbDeSB+sBbTgSJuh5dn5js=
golang.org/x/image v0.0.0-20190802002840-cff245a6509b/go.mod h1:FeLwcggjj3mMvU+oOTbSwawSJRM1uh48EjtB4UJZlP0=
golang.org/x/image v0.11.0 h1:ds2RoQvBvYTiJkwpSFDwCcDFNX7DqjL2WsUgTNk0Ooo=
golang.org/x/image v0.11.0/go.mod h1:bglhjqbqVuEb9e9+eNR45Jfu7D+T4Qan+NhQk8Ck2P8=
golang.org/x/image v0.14.0 h1:tNgSxAFe3jC4uYqvZdTr84SZoM1KfwdC9SKIFrLjFn4=
golang.org/x/image v0.14.0/go.mod h1:HUYqC05R2ZcZ3ejNQsIHQDQiwWM4JBqmm6MKANTp4LE=
golang.org/x/lint v0.0.0-20200302205851-738671d3881b/go.mod h1:3xt1FjdF8hUf6vQPIChWIBhFzV8gjjsPE/fR3IyQdNY=
golang.org/x/mobile v0.0.0-20190719004257-d2bd2a29d028/go.mod h1:E/iHnbuqvinMTCcRqshq8CkpyQDoeVncDDYHnLhea+o=
golang.org/x/mod v0.1.0/go.mod h1:0QHyrYULN0/3qlju5TqG8bIK38QM8yzMo5ekMj3DlcY=
golang.org/x/mod v0.1.1-0.20191105210325-c90efee705ee/go.mod h1:QqPTAvyqsEbceGzBzNggFXnrqF1CaUcvgkdR5Ot7KZg=
golang.org/x/mod v0.6.0-dev.0.20220419223038-86c51ed26bb4/go.mod h1:jJ57K6gSWd91VN4djpZkiMVwK6gcyfeH4XE8wZrZaV4=
golang.org/x/mod v0.8.0/go.mod h1:iBbtSCu2XBx23ZKBPSOrRkjjQPZFPuis4dIYUhu/chs=
golang.org/x/mod v0.15.0 h1:SernR4v+D55NyBH2QiEQrlBAnj1ECL6AGrA5+dPaMY8=
golang.org/x/mod v0.15.0/go.mod h1:hTbmBsO62+eylJbnUtE2MGJUyE7QWk4xUqPFrRgJ+7c=
golang.org/x/mod v0.17.0 h1:zY54UmvipHiNd+pm+m0x9KhZ9hl1/7QNMyxXbc6ICqA=
golang.org/x/mod v0.17.0/go.mod h1:hTbmBsO62+eylJbnUtE2MGJUyE7QWk4xUqPFrRgJ+7c=
golang.org/x/net v0.0.0-20180906233101-161cd47e91fd/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg=
golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
@@ -283,13 +293,14 @@ golang.org/x/net v0.6.0/go.mod h1:2Tu9+aMcznHK/AK1HMvgo6xiTLG5rD5rZLDS+rp2Bjs=
golang.org/x/net v0.10.0/go.mod h1:0qNGK6F8kojg2nk9dLZ2mShWaEBan6FAoqfSigmmuDg=
golang.org/x/net v0.14.0/go.mod h1:PpSgVXXLK0OxS0F31C1/tv6XNguvCrnXIDrFMspZIUI=
golang.org/x/net v0.20.0/go.mod h1:z8BVo6PvndSri0LbOE3hAn0apkU+1YvI6E70E9jsnvY=
golang.org/x/net v0.21.0 h1:AQyQV4dYCvJ7vGmJyKki9+PBdyvhkSd8EIx/qb0AYv4=
golang.org/x/net v0.21.0/go.mod h1:bIjVDfnllIU7BJ2DNgfnXvpSvtn8VRwhlsaeUTyUS44=
golang.org/x/net v0.25.0 h1:d/OCCoBEUq33pjydKrGQhw7IlUPI2Oylr+8qLx49kac=
golang.org/x/net v0.25.0/go.mod h1:JkAGAh7GEvH74S6FOH42FLoXpXbE/aqXSrIQjXgsiwM=
golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
golang.org/x/sync v0.0.0-20220722155255-886fb9371eb4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
golang.org/x/sync v0.1.0/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
golang.org/x/sync v0.6.0 h1:5BMeUDZ7vkXGfEr1x9B4bRcTH4lpkTkpdh0T/J+qjbQ=
golang.org/x/sync v0.8.0 h1:3NFvSEYkUoMifnESzZl15y791HH1qU2xm6eCJU5ZPXQ=
golang.org/x/sync v0.8.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk=
golang.org/x/sys v0.0.0-20180909124046-d0be0721c37e/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
golang.org/x/sys v0.0.0-20190312061237-fead79001313/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
@@ -305,8 +316,9 @@ golang.org/x/sys v0.8.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
golang.org/x/sys v0.11.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
golang.org/x/sys v0.12.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
golang.org/x/sys v0.16.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
golang.org/x/sys v0.17.0 h1:25cE3gD+tdBA7lp7QfhuV+rJiE9YXTcS3VG1SqssI/Y=
golang.org/x/sys v0.17.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
golang.org/x/sys v0.23.0 h1:YfKFowiIMvtgl1UERQoTPPToxltDeZfbj4H7dVUCwmM=
golang.org/x/sys v0.23.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo=
golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8=
golang.org/x/term v0.5.0/go.mod h1:jMB1sMXY+tzblOD4FWmEbocvup2/aLOaQEp7JmGp78k=
@@ -314,6 +326,7 @@ golang.org/x/term v0.8.0/go.mod h1:xPskH00ivmX89bAKVGSKKtLOWNx2+17Eiy94tnKShWo=
golang.org/x/term v0.11.0/go.mod h1:zC9APTIj3jG3FdV/Ons+XE1riIZXG4aZ4GTHiPZJPIU=
golang.org/x/term v0.12.0/go.mod h1:owVbMEjm3cBLCHdkQu9b1opXd4ETQWc3BhuQGKgXgvU=
golang.org/x/term v0.16.0/go.mod h1:yn7UURbUtPyrVJPGPq404EukNFxcm/foM+bV/bfcDsY=
golang.org/x/term v0.17.0/go.mod h1:lLRBjIVuehSbZlaOtGMbcMncT+aqLLLmKrsjNrUguwk=
golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
golang.org/x/text v0.3.7/go.mod h1:u+2+/6zg+i71rQMx5EYifcz6MCKuco9NR6JIITiCfzQ=
@@ -321,8 +334,9 @@ golang.org/x/text v0.7.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8=
golang.org/x/text v0.9.0/go.mod h1:e1OnstbJyHTd6l/uOt8jFFHp6TRDWZR/bV3emEE/zU8=
golang.org/x/text v0.12.0/go.mod h1:TvPlkZtksWOMsz7fbANvkp4WM8x/WCo/om8BMLbz+aE=
golang.org/x/text v0.13.0/go.mod h1:TvPlkZtksWOMsz7fbANvkp4WM8x/WCo/om8BMLbz+aE=
golang.org/x/text v0.14.0 h1:ScX5w1eTa3QqT8oi6+ziP7dTV1S2+ALU0bI+0zXKWiQ=
golang.org/x/text v0.14.0/go.mod h1:18ZOQIKpY8NJVqYksKHtTdi31H5itFRjB5/qKTNYzSU=
golang.org/x/text v0.17.0 h1:XtiM5bkSOt+ewxlOE/aE/AKEHibwj/6gvWMl9Rsh0Qc=
golang.org/x/text v0.17.0/go.mod h1:BuEKDfySbSR4drPmRPG/7iBdf8hvFMuRexcpahXilzY=
golang.org/x/time v0.5.0 h1:o7cqy6amK/52YcAKIPlM3a+Fpj35zvRj2TP+e1xFSfk=
golang.org/x/time v0.5.0/go.mod h1:3BpzKBy/shNhVucY/MWOyx10tF3SFh9QdLuxbVysPQM=
golang.org/x/tools v0.0.0-20180525024113-a5b4c53f6e8b/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
@@ -333,8 +347,8 @@ golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtn
golang.org/x/tools v0.0.0-20200130002326-2f3ba24bd6e7/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28=
golang.org/x/tools v0.1.12/go.mod h1:hNGJHUnrk76NpqgfD5Aqm5Crs+Hm0VOH/i9J2+nxYbc=
golang.org/x/tools v0.6.0/go.mod h1:Xwgl3UAJ/d3gWutnCtw505GrjyAbvKui8lOU390QaIU=
golang.org/x/tools v0.18.0 h1:k8NLag8AGHnn+PHbl7g43CtqZAwG60vZkLqgyZgIHgQ=
golang.org/x/tools v0.18.0/go.mod h1:GL7B4CwcLLeo59yx/9UWWuNOW1n3VZ4f5axWfML7Lcg=
golang.org/x/tools v0.21.1-0.20240508182429-e35e4ccd0d2d h1:vU5i/LfpvrRCpgM/VPfJLg5KjxD3E+hfT1SH+d9zLwg=
golang.org/x/tools v0.21.1-0.20240508182429-e35e4ccd0d2d/go.mod h1:aiJjzUbINMkxbQROHiO6hDPo2LHcIPhhQsa9DLh0yGk=
golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
@@ -361,6 +375,7 @@ gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7/go.mod h1:dt/ZhP58zS4L8KSrWD
gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
gopkg.in/yaml.v2 v2.4.0 h1:D8xgwECY7CYvx+Y2n4sBz93Jn9JRvxdiyyo8CTfuKaY=
gopkg.in/yaml.v2 v2.4.0/go.mod h1:RDklbk79AGWmwhnvt/jBztapEOGDOx6ZbXqjP6csGnQ=
gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
gopkg.in/yaml.v3 v3.0.0/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA=
@@ -368,15 +383,25 @@ gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
layeh.com/radius v0.0.0-20231213012653-1006025d24f8 h1:orYXpi6BJZdvgytfHH4ybOe4wHnLbbS71Cmd8mWdZjs=
layeh.com/radius v0.0.0-20231213012653-1006025d24f8/go.mod h1:QRf+8aRqXc019kHkpcs/CTgyWXFzf+bxlsyuo2nAl1o=
lukechampine.com/uint128 v1.2.0 h1:mBi/5l91vocEN8otkC5bDLhi2KdCticRiwbdB0O+rjI=
lukechampine.com/uint128 v1.2.0/go.mod h1:c4eWIwlEGaxC/+H1VguhU4PHXNWDCDMUlWdIWl2j1gk=
modernc.org/cc/v3 v3.40.0 h1:P3g79IUS/93SYhtoeaHW+kRCIrYaxJ27MFPv+7kaTOw=
modernc.org/cc/v3 v3.40.0/go.mod h1:/bTg4dnWkSXowUO6ssQKnOV0yMVxDYNIsIrzqTFDGH0=
modernc.org/ccgo/v3 v3.16.13 h1:Mkgdzl46i5F/CNR/Kj80Ri59hC8TKAhZrYSaqvkwzUw=
modernc.org/ccgo/v3 v3.16.13/go.mod h1:2Quk+5YgpImhPjv2Qsob1DnZ/4som1lJTodubIcoUkY=
modernc.org/libc v1.22.2 h1:4U7v51GyhlWqQmwCHj28Rdq2Yzwk55ovjFrdPjs8Hb0=
modernc.org/libc v1.22.2/go.mod h1:uvQavJ1pZ0hIoC/jfqNoMLURIMhKzINIWypNM17puug=
modernc.org/mathutil v1.5.0 h1:rV0Ko/6SfM+8G+yKiyI830l3Wuz1zRutdslNoQ0kfiQ=
modernc.org/mathutil v1.5.0/go.mod h1:mZW8CKdRPY1v87qxC/wUdX5O1qDzXMP5TH3wjfpga6E=
modernc.org/memory v1.4.0 h1:crykUfNSnMAXaOJnnxcSzbUGMqkLWjklJKkBK2nwZwk=
modernc.org/memory v1.4.0/go.mod h1:PkUhL0Mugw21sHPeskwZW4D6VscE/GQJOnIpCnW6pSU=
modernc.org/opt v0.1.3 h1:3XOZf2yznlhC+ibLltsDGzABUGVx8J6pnFMS3E4dcq4=
modernc.org/opt v0.1.3/go.mod h1:WdSiB5evDcignE70guQKxYUl14mgWtbClRi5wmkkTX0=
modernc.org/sqlite v1.20.4 h1:J8+m2trkN+KKoE7jglyHYYYiaq5xmz2HoHJIiBlRzbE=
modernc.org/sqlite v1.20.4/go.mod h1:zKcGyrICaxNTMEHSr1HQ2GUraP0j+845GYw37+EyT6A=
modernc.org/strutil v1.1.3 h1:fNMm+oJklMGYfU9Ylcywl0CO5O6nTfaowNsh2wpPjzY=
modernc.org/strutil v1.1.3/go.mod h1:MEHNA7PdEnEwLvspRMtWTNnp2nnyvMfkimT1NKNAGbw=
modernc.org/token v1.0.1 h1:A3qvTqOwexpfZZeyI0FeGPDlSWX5pjZu9hF4lU+EKWg=
modernc.org/token v1.0.1/go.mod h1:UGzOrNV1mAFSEB63lOFHIpNRUVMvYTc6yu1SMY/XTDM=
rsc.io/pdf v0.1.1/go.mod h1:n8OzWcQ6Sp37PL01nO98y4iUCRdTGarVfzxY20ICaU4=
xorm.io/builder v0.3.13 h1:a3jmiVVL19psGeXx8GIurTp7p0IIgqeDmwhcR6BAOAo=
xorm.io/builder v0.3.13/go.mod h1:aUW0S9eb9VCaPohFCH3j7czOx1PMW3i1HrSzbLYGBSE=

4
server/handler/dtls.go
View File

@@ -32,8 +32,10 @@ func startDtls() {
logf := logging.NewDefaultLoggerFactory()
logf.Writer = base.GetBaseLw()
// logf.DefaultLogLevel = logging.LogLevelTrace
logf.DefaultLogLevel = logging.LogLevelInfo
if base.GetLogLevel() == base.LogLevelTrace {
// logf.DefaultLogLevel = logging.LogLevelTrace
}
// https://github.com/pion/dtls/pull/369
sessStore := &sessionStore{}

20
server/handler/link_auth.go
View File

@@ -17,7 +17,10 @@ import (
"github.com/bjdgyc/anylink/sessdata"
)
var profileHash = ""
var (
profileHash = ""
certHash = ""
)
func LinkAuth(w http.ResponseWriter, r *http.Request) {
// TODO 调试信息输出
@@ -46,10 +49,11 @@ func LinkAuth(w http.ResponseWriter, r *http.Request) {
cr := ClientRequest{}
err = xml.Unmarshal(body, &cr)
if err != nil {
base.Error(err)
w.WriteHeader(http.StatusBadRequest)
return
}
// fmt.Printf("%+v \n", cr)
base.Trace(fmt.Sprintf("%+v \n", cr))
// setCommonHeader(w)
if cr.Type == "logout" {
// 退出删除session信息
@@ -84,7 +88,7 @@ func LinkAuth(w http.ResponseWriter, r *http.Request) {
// TODO 用户密码校验
err = dbdata.CheckUser(cr.Auth.Username, cr.Auth.Password, cr.GroupSelect)
if err != nil {
base.Warn(err)
base.Warn(err, r.RemoteAddr)
ua.Info = err.Error()
ua.Status = dbdata.UserAuthFail
dbdata.UserActLogIns.Add(ua, userAgent)
@@ -137,10 +141,10 @@ func LinkAuth(w http.ResponseWriter, r *http.Request) {
other := &dbdata.SettingOther{}
_ = dbdata.SettingGet(other)
rd := RequestData{SessionId: sess.Sid, SessionToken: sess.Sid + "@" + sess.Token,
Banner: other.Banner, ProfileHash: profileHash}
Banner: other.Banner, ProfileName: base.Cfg.ProfileName, ProfileHash: profileHash, CertHash: certHash}
w.WriteHeader(http.StatusOK)
tplRequest(tpl_complete, w, rd)
base.Debug("login", cr.Auth.Username, userAgent)
base.Info("login", cr.Auth.Username, userAgent)
}
const (
@@ -175,7 +179,9 @@ type RequestData struct {
SessionId string
SessionToken string
Banner string
ProfileName string
ProfileHash string
CertHash string
}
var auth_request = `<?xml version="1.0" encoding="UTF-8"?>
@@ -221,13 +227,13 @@ var auth_complete = `<?xml version="1.0" encoding="UTF-8"?>
</capabilities>
<config client="vpn" type="private">
<vpn-base-config>
<server-cert-hash>240B97A685B2BFA66AD699B90AAC49EA66495D69</server-cert-hash>
<server-cert-hash>{{.CertHash}}</server-cert-hash>
</vpn-base-config>
<opaque is-for="vpn-client"></opaque>
<vpn-profile-manifest>
<vpn rev="1.0">
<file type="profile" service-type="user">
<uri>/profile.xml</uri>
<uri>/profile_{{.ProfileName}}.xml</uri>
<hash type="sha1">{{.ProfileHash}}</hash>
</file>
</vpn>

5
server/handler/link_base.go
View File

@@ -2,8 +2,9 @@ package handler
import (
"encoding/xml"
"log"
"os/exec"
"github.com/bjdgyc/anylink/base"
)
const BufferSize = 2048
@@ -46,7 +47,7 @@ func execCmd(cmdStrs []string) error {
cmd := exec.Command("sh", "-c", cmdStr)
b, err := cmd.CombinedOutput()
if err != nil {
log.Println(string(b))
base.Error(cmdStr, string(b))
return err
}
}

22
server/handler/link_cstp.go
View File

@@ -25,9 +25,9 @@ func LinkCstp(conn net.Conn, bufRW *bufio.ReadWriter, cSess *sessdata.ConnSessio
n int
dataLen uint16
dead = time.Second * time.Duration(cSess.CstpDpd+5)
idle = time.Second * time.Duration(base.Cfg.IdleTimeout)
idle = int64(base.Cfg.IdleTimeout)
checkIdle = base.Cfg.IdleTimeout > 0
lastTime time.Time
lastTime int64
)
go cstpWrite(conn, bufRW, cSess)
@@ -37,14 +37,14 @@ func LinkCstp(conn net.Conn, bufRW *bufio.ReadWriter, cSess *sessdata.ConnSessio
// 设置超时限制
err = conn.SetReadDeadline(utils.NowSec().Add(dead))
if err != nil {
base.Error("SetDeadline: ", cSess.Username, err)
base.Error("SetDeadline: ", cSess.Username, cSess.IpAddr, err)
return
}
// hdata := make([]byte, BufferSize)
pl := getPayload()
n, err = bufRW.Read(pl.Data)
if err != nil {
base.Error("read hdata: ", cSess.Username, err)
base.Warn("read hdata: ", cSess.Username, cSess.IpAddr, err)
return
}
@@ -61,7 +61,7 @@ func LinkCstp(conn net.Conn, bufRW *bufio.ReadWriter, cSess *sessdata.ConnSessio
// 判断超时时间
if checkIdle {
lastTime = cSess.LastDataTime.Load()
if lastTime.Before(utils.NowSec().Add(-idle)) {
if lastTime < (utils.NowSec().Unix() - idle) {
base.Warn("IdleTimeout", cSess.Username, cSess.IpAddr, conn.RemoteAddr(), "lastTime", lastTime)
sessdata.CloseSess(cSess.Sess.Token, dbdata.UserIdleTimeout)
return
@@ -69,13 +69,13 @@ func LinkCstp(conn net.Conn, bufRW *bufio.ReadWriter, cSess *sessdata.ConnSessio
}
case 0x05: // DISCONNECT
cSess.UserLogoutCode = dbdata.UserLogoutClient
base.Debug("DISCONNECT", cSess.Username, cSess.IpAddr, conn.RemoteAddr())
base.Info("DISCONNECT", cSess.Username, cSess.IpAddr, conn.RemoteAddr(), n, string(pl.Data[9:n]))
sessdata.CloseSess(cSess.Sess.Token, dbdata.UserLogoutClient)
return
case 0x03: // DPD-REQ
base.Trace("recv LinkCstp DPD-REQ", cSess.Username, cSess.IpAddr, conn.RemoteAddr())
base.Trace("recv LinkCstp DPD-REQ", cSess.Username, cSess.IpAddr, conn.RemoteAddr(), n, pl.Data[:n])
pl.PType = 0x04
pl.Data = pl.Data[:n]
// pl.Data = pl.Data[:n]
if payloadOutCstp(cSess, pl) {
return
}
@@ -113,7 +113,7 @@ func LinkCstp(conn net.Conn, bufRW *bufio.ReadWriter, cSess *sessdata.ConnSessio
return
}
// 只记录返回正确的数据时间
cSess.LastDataTime.Store(utils.NowSec())
cSess.LastDataTime.Store(utils.NowSec().Unix())
}
}
}
@@ -169,14 +169,14 @@ func cstpWrite(conn net.Conn, bufRW *bufio.ReadWriter, cSess *sessdata.ConnSessi
binary.BigEndian.PutUint16(pl.Data[4:6], uint16(l))
}
} else {
// pl.Data = append(pl.Data[:0], plHeader...)
pl.Data = append(pl.Data[:0], plHeader...)
// 设置头类型
pl.Data[6] = pl.PType
}
n, err = conn.Write(pl.Data)
if err != nil {
base.Error("write err", cSess.Username, err)
base.Warn("write err", cSess.Username, cSess.IpAddr, err)
return
}

20
server/handler/link_dtls.go
View File

@@ -36,14 +36,14 @@ func LinkDtls(conn net.Conn, cSess *sessdata.ConnSession) {
for {
err = conn.SetReadDeadline(utils.NowSec().Add(dead))
if err != nil {
base.Error("SetDeadline: ", cSess.Username, err)
base.Error("SetDeadline: ", cSess.Username, cSess.IpAddr, err)
return
}
pl := getPayload()
n, err = conn.Read(pl.Data)
if err != nil {
base.Error("read hdata: ", cSess.Username, err)
base.Warn("read hdata: ", cSess.Username, cSess.IpAddr, err)
return
}
@@ -59,11 +59,12 @@ func LinkDtls(conn net.Conn, cSess *sessdata.ConnSession) {
base.Trace("recv LinkDtls Keepalive", cSess.Username, cSess.IpAddr, conn.RemoteAddr())
case 0x05: // DISCONNECT
cSess.UserLogoutCode = dbdata.UserLogoutClient
base.Debug("DISCONNECT DTLS", cSess.Username, cSess.IpAddr, conn.RemoteAddr())
base.Info("DISCONNECT DTLS", cSess.Username, cSess.IpAddr, conn.RemoteAddr())
return
case 0x03: // DPD-REQ
base.Trace("recv LinkDtls DPD-REQ", cSess.Username, cSess.IpAddr, conn.RemoteAddr())
base.Trace("recv LinkDtls DPD-REQ", cSess.Username, cSess.IpAddr, conn.RemoteAddr(), n)
pl.PType = 0x04
// 从零开始 可以直接赋值
pl.Data = pl.Data[:n]
if payloadOutDtls(cSess, dSess, pl) {
return
@@ -95,7 +96,7 @@ func LinkDtls(conn net.Conn, cSess *sessdata.ConnSession) {
return
}
// 只记录返回正确的数据时间
cSess.LastDataTime.Store(utils.NowSec())
cSess.LastDataTime.Store(utils.NowSec().Unix())
}
}
@@ -150,12 +151,15 @@ func dtlsWrite(conn net.Conn, dSess *sessdata.DtlsSession, cSess *sessdata.ConnS
}
} else {
// 设置头类型
// pl.Data = append(pl.Data[:0], pl.PType)
pl.Data[0] = pl.PType
if pl.PType == 0x04 {
pl.Data[0] = pl.PType
} else {
pl.Data = append(pl.Data[:0], pl.PType)
}
}
n, err := conn.Write(pl.Data)
if err != nil {
base.Error("write err", cSess.Username, err)
base.Warn("write err", cSess.Username, cSess.IpAddr, err)
return
}

12
server/handler/link_home.go
View File

@@ -27,10 +27,16 @@ func LinkHome(w http.ResponseWriter, r *http.Request) {
if err := dbdata.SettingGet(index); err != nil {
return
}
w.WriteHeader(http.StatusOK)
if index.Homeindex == "" {
index.Homeindex = "AnyLink 是一个企业级远程办公 SSL VPN 软件,可以支持多人同时在线使用。"
if index.Homecode != http.StatusOK {
w.WriteHeader(index.Homecode)
return
}
w.WriteHeader(http.StatusOK)
// if index.Homeindex == "" {
// index.Homeindex = "AnyLink 是一个企业级远程办公 SSL VPN 软件,可以支持多人同时在线使用。"
// }
fmt.Fprintln(w, index.Homeindex)
}

40
server/handler/link_tun.go
View File

@@ -4,12 +4,16 @@ import (
"fmt"
"github.com/bjdgyc/anylink/base"
"github.com/bjdgyc/anylink/pkg/utils"
"github.com/bjdgyc/anylink/sessdata"
"github.com/coreos/go-iptables/iptables"
"github.com/songgao/water"
)
func checkTun() {
// 测试ip命令
base.CheckModOrLoad("tun")
// 测试tun
cfg := water.Config{
DeviceType: water.TUN,
@@ -21,16 +25,14 @@ func checkTun() {
}
defer ifce.Close()
// 测试ip命令
base.CheckModOrLoad("tun")
cmdstr1 := fmt.Sprintf("ip link set dev %s up mtu %s multicast off", ifce.Name(), "1399")
err = execCmd([]string{cmdstr1})
if err != nil {
base.Fatal("testTun err: ", err)
}
// 开启服务器转发
if err := execCmd([]string{"sysctl -w net.ipv4.ip_forward=1"}); err != nil {
err = execCmd([]string{"sysctl -w net.ipv4.ip_forward=1"})
if err != nil {
base.Fatal(err)
}
if base.Cfg.IptablesNat {
@@ -44,15 +46,29 @@ func checkTun() {
// 修复 rockyos nat 不生效
base.CheckModOrLoad("iptable_filter")
base.CheckModOrLoad("iptable_nat")
// base.CheckModOrLoad("xt_comment")
natRule := []string{"-s", base.Cfg.Ipv4CIDR, "-o", base.Cfg.Ipv4Master, "-j", "MASQUERADE"}
forwardRule := []string{"-j", "ACCEPT"}
if natExists, _ := ipt.Exists("nat", "POSTROUTING", natRule...); !natExists {
ipt.Insert("nat", "POSTROUTING", 1, natRule...)
// 添加注释
natRule := []string{"-s", base.Cfg.Ipv4CIDR, "-o", base.Cfg.Ipv4Master, "-m", "comment",
"--comment", "AnyLink", "-j", "MASQUERADE"}
if base.InContainer {
natRule = []string{"-s", base.Cfg.Ipv4CIDR, "-o", base.Cfg.Ipv4Master, "-j", "MASQUERADE"}
}
if forwardExists, _ := ipt.Exists("filter", "FORWARD", forwardRule...); !forwardExists {
ipt.Insert("filter", "FORWARD", 1, forwardRule...)
err = ipt.InsertUnique("nat", "POSTROUTING", 1, natRule...)
if err != nil {
base.Error(err)
}
// 添加注释
forwardRule := []string{"-m", "comment", "--comment", "AnyLink", "-j", "ACCEPT"}
if base.InContainer {
forwardRule = []string{"-j", "ACCEPT"}
}
err = ipt.InsertUnique("filter", "FORWARD", 1, forwardRule...)
if err != nil {
base.Error(err)
}
base.Info(ipt.List("nat", "POSTROUTING"))
base.Info(ipt.List("filter", "FORWARD"))
}
@@ -73,8 +89,8 @@ func LinkTun(cSess *sessdata.ConnSession) error {
cSess.SetIfName(ifce.Name())
// 通过 ip link show 查看 alias 信息
cmdstr1 := fmt.Sprintf("ip link set dev %s up mtu %d multicast off alias %s.%s", ifce.Name(), cSess.Mtu, cSess.Group.Name, cSess.Username)
alias := utils.ParseName(cSess.Group.Name + "." + cSess.Username)
cmdstr1 := fmt.Sprintf("ip link set dev %s up mtu %d multicast off alias %s", ifce.Name(), cSess.Mtu, alias)
cmdstr2 := fmt.Sprintf("ip addr add dev %s local %s peer %s/32",
ifce.Name(), base.Cfg.Ipv4Gateway, cSess.IpAddr)
err = execCmd([]string{cmdstr1, cmdstr2})

17
server/handler/link_tunnel.go
View File

@@ -86,13 +86,13 @@ func LinkTunnel(w http.ResponseWriter, r *http.Request) {
}
cSess.CstpDpd = cstpDpd
dtlsPort := "4433"
dtlsPort := "443"
if strings.Contains(base.Cfg.ServerDTLSAddr, ":") {
ss := strings.Split(base.Cfg.ServerDTLSAddr, ":")
dtlsPort = ss[1]
}
base.Debug(cSess.IpAddr, cSess.MacHw, sess.Username, mobile)
base.Info(sess.Username, cSess.IpAddr, cSess.MacHw, cSess.Client, mobile)
// 检测密码套件
dtlsCiphersuite := checkDtls12Ciphersuite(r.Header.Get("X-Dtls12-Ciphersuite"))
@@ -131,9 +131,14 @@ func LinkTunnel(w http.ResponseWriter, r *http.Request) {
for _, v := range cSess.Group.ClientDns {
HttpAddHeader(w, "X-CSTP-DNS", v.Val)
}
// 分割dns
for _, v := range cSess.Group.SplitDns {
HttpAddHeader(w, "X-CSTP-Split-DNS", v.Val)
}
// 允许的路由
for _, v := range cSess.Group.RouteInclude {
if v.Val == dbdata.All {
if strings.ToLower(v.Val) == dbdata.ALL {
continue
}
HttpAddHeader(w, "X-CSTP-Split-Include", v.IpMask)
@@ -156,9 +161,9 @@ func LinkTunnel(w http.ResponseWriter, r *http.Request) {
HttpSetHeader(w, "X-CSTP-Keep", "true")
HttpSetHeader(w, "X-CSTP-Tunnel-All-DNS", "false")
HttpSetHeader(w, "X-CSTP-Rekey-Time", "43200") // 172800
HttpSetHeader(w, "X-CSTP-Rekey-Time", "86400") // 172800
HttpSetHeader(w, "X-CSTP-Rekey-Method", "new-tunnel")
HttpSetHeader(w, "X-DTLS-Rekey-Time", "43200")
HttpSetHeader(w, "X-DTLS-Rekey-Time", "86400")
HttpSetHeader(w, "X-DTLS-Rekey-Method", "new-tunnel")
HttpSetHeader(w, "X-CSTP-DPD", fmt.Sprintf("%d", cstpDpd))
@@ -180,7 +185,7 @@ func LinkTunnel(w http.ResponseWriter, r *http.Request) {
HttpSetHeader(w, "X-CSTP-Routing-Filtering-Ignore", "false")
HttpSetHeader(w, "X-CSTP-Quarantine", "false")
HttpSetHeader(w, "X-CSTP-Disable-Always-On-VPN", "false")
HttpSetHeader(w, "X-CSTP-Client-Bypass-Protocol", "false")
HttpSetHeader(w, "X-CSTP-Client-Bypass-Protocol", "true")
HttpSetHeader(w, "X-CSTP-TCP-Keepalive", "false")
// 设置域名拆分隧道(移动端不支持)
if mobile != "mobile" {

9
server/handler/link_vtap.go
View File

@@ -28,12 +28,13 @@ func (v *Vtap) Close() error {
}
func checkMacvtap() {
// 加载 macvtap
base.CheckModOrLoad("macvtap")
_setGateway()
_checkTapIp(base.Cfg.Ipv4Master)
ifName := "anylinkMacvtap"
// 加载 macvtap
base.CheckModOrLoad("macvtap")
// 开启主网卡混杂模式
cmdstr1 := fmt.Sprintf("ip link set dev %s promisc on", base.Cfg.Ipv4Master)
@@ -55,8 +56,8 @@ func LinkMacvtap(cSess *sessdata.ConnSession) error {
cSess.SetIfName(ifName)
cmdstr1 := fmt.Sprintf("ip link add link %s name %s type macvtap mode bridge", base.Cfg.Ipv4Master, ifName)
cmdstr2 := fmt.Sprintf("ip link set dev %s up mtu %d address %s alias %s.%s", ifName, cSess.Mtu,
cSess.MacHw, cSess.Group.Name, cSess.Username)
alias := utils.ParseName(cSess.Group.Name + "." + cSess.Username)
cmdstr2 := fmt.Sprintf("ip link set dev %s up mtu %d address %s alias %s", ifName, cSess.Mtu, cSess.MacHw, alias)
err := execCmd([]string{cmdstr1, cmdstr2})
if err != nil {

43
server/handler/payload.go
View File

@@ -86,14 +86,41 @@ func checkLinkAcl(group *dbdata.Group, pl *sessdata.Payload) bool {
}
for _, v := range group.LinkAcl {
// 循环判断ip和端口
if v.IpNet.Contains(ipDst) {
// 放行允许ip的ping
if v.Port == ipPort || v.Port == 0 || ipProto == waterutil.ICMP {
if v.Action == dbdata.Allow {
return true
} else {
return false
// 放行允许ip的ping
// if v.Ports == nil || len(v.Ports) == 0 {
// //单端口历史数据兼容
// port := uint16(v.Port.(float64))
// if port == ipPort || port == 0 || ipProto == waterutil.ICMP {
// if v.Action == dbdata.Allow {
// return true
// } else {
// return false
// }
// }
// } else {
// 先判断协议
// 兼容旧数据 v.Protocol == ""
if v.Protocol == "" || v.Protocol == dbdata.ALL || v.IpProto == ipProto {
// 循环判断ip和端口
if v.IpNet.Contains(ipDst) {
// icmp 不判断端口
if ipProto == waterutil.ICMP {
if v.Action == dbdata.Allow {
return true
} else {
return false
}
}
if dbdata.ContainsInPorts(v.Ports, ipPort) || dbdata.ContainsInPorts(v.Ports, 0) {
if v.Action == dbdata.Allow {
// log.Println(dbdata.Allow, v.Ports)
return true
} else {
// log.Println(dbdata.Deny, v.Ports)
return false
}
}
}
}

18
server/handler/server.go
View File

@@ -1,13 +1,16 @@
package handler
import (
"crypto/sha1"
"crypto/tls"
"encoding/hex"
"fmt"
"io"
"net"
"net/http"
"net/http/httputil"
"os"
"strings"
"time"
"github.com/bjdgyc/anylink/base"
@@ -36,6 +39,19 @@ func startTls() {
// certs[0], err = tls.LoadX509KeyPair(certFile, keyFile)
// }
tlscert, _, err := dbdata.ParseCert()
if err != nil {
base.Fatal("证书加载失败", err)
}
dbdata.LoadCertificate(tlscert)
// 计算证书hash值
s1 := sha1.New()
s1.Write(tlscert.Certificate[0])
h2s := hex.EncodeToString(s1.Sum(nil))
certHash = strings.ToUpper(h2s)
base.Info("certHash", certHash)
// 修复 CVE-2016-2183
// https://segmentfault.com/a/1190000038486901
// nmap -sV --script ssl-enum-ciphers -p 443 www.example.com
@@ -98,7 +114,7 @@ func initRoute() http.Handler {
r.HandleFunc("/", LinkAuth).Methods(http.MethodPost)
r.HandleFunc("/CSCOSSLC/tunnel", LinkTunnel).Methods(http.MethodConnect)
r.HandleFunc("/otp_qr", LinkOtpQr).Methods(http.MethodGet)
r.HandleFunc("/profile.xml", func(w http.ResponseWriter, r *http.Request) {
r.HandleFunc(fmt.Sprintf("/profile_%s.xml", base.Cfg.ProfileName), func(w http.ResponseWriter, r *http.Request) {
b, _ := os.ReadFile(base.Cfg.Profile)
w.Write(b)
}).Methods(http.MethodGet)

6
server/handler/start.go
View File

@@ -17,6 +17,12 @@ func Start() {
sessdata.Start()
cron.Start()
// 开启服务器转发
err := execCmd([]string{"sysctl -w net.ipv4.ip_forward=1"})
if err != nil {
base.Fatal(err)
}
switch base.Cfg.LinkMode {
case base.LinkModeTUN:
checkTun()

9
server/pkg/utils/util.go
View File

@@ -3,6 +3,7 @@ package utils
import (
"fmt"
"math/rand"
"strings"
"sync/atomic"
"time"
)
@@ -91,3 +92,11 @@ func RandomRunes(length int) string {
return string(bytes)
}
func ParseName(name string) string {
name = strings.ReplaceAll(name, " ", "-")
name = strings.ReplaceAll(name, "'", "-")
name = strings.ReplaceAll(name, "\"", "-")
name = strings.ReplaceAll(name, ";", "-")
return name
}

64
server/sessdata/online.go
View File

@@ -4,6 +4,7 @@ import (
"bytes"
"net"
"sort"
"strings"
"time"
"github.com/bjdgyc/anylink/pkg/utils"
@@ -42,33 +43,74 @@ func (o Onlines) Swap(i, j int) {
}
func OnlineSess() []Online {
return GetOnlineSess("", "", false)
}
/**
* @Description: GetOnlineSess
* @param search_cate 分类用户名、登录组、MAC地址、IP地址、远端地址
* @param search_text 关键字,模糊搜索
* @param show_sleeper 是否显示休眠用户
* @return []Online
*/
func GetOnlineSess(search_cate string, search_text string, show_sleeper bool) []Online {
var datas Onlines
if strings.TrimSpace(search_text) == "" {
search_cate = ""
}
sessMux.Lock()
defer sessMux.Unlock()
for _, v := range sessions {
v.mux.Lock()
if v.IsActive {
cSess := v.CSess
if cSess == nil {
cSess = &ConnSession{}
}
// 选择需要比较的字符串
var compareText string
switch search_cate {
case "username":
compareText = v.Username
case "group":
compareText = v.Group
case "mac_addr":
compareText = v.MacAddr
case "ip":
if cSess != nil {
compareText = cSess.IpAddr.String()
}
case "remote_addr":
if cSess != nil {
compareText = cSess.RemoteAddr
}
}
if search_cate != "" && !strings.Contains(compareText, search_text) {
v.mux.Unlock()
continue
}
if show_sleeper || v.IsActive {
val := Online{
Token: v.Token,
Ip: v.CSess.IpAddr,
Ip: cSess.IpAddr,
Username: v.Username,
Group: v.Group,
MacAddr: v.MacAddr,
UniqueMac: v.UniqueMac,
RemoteAddr: v.CSess.RemoteAddr,
TunName: v.CSess.IfName,
Mtu: v.CSess.Mtu,
Client: v.CSess.Client,
BandwidthUp: utils.HumanByte(v.CSess.BandwidthUpPeriod.Load()) + "/s",
BandwidthDown: utils.HumanByte(v.CSess.BandwidthDownPeriod.Load()) + "/s",
BandwidthUpAll: utils.HumanByte(v.CSess.BandwidthUpAll.Load()),
BandwidthDownAll: utils.HumanByte(v.CSess.BandwidthDownAll.Load()),
RemoteAddr: cSess.RemoteAddr,
TunName: cSess.IfName,
Mtu: cSess.Mtu,
Client: cSess.Client,
BandwidthUp: utils.HumanByte(cSess.BandwidthUpPeriod.Load()) + "/s",
BandwidthDown: utils.HumanByte(cSess.BandwidthDownPeriod.Load()) + "/s",
BandwidthUpAll: utils.HumanByte(cSess.BandwidthUpAll.Load()),
BandwidthDownAll: utils.HumanByte(cSess.BandwidthDownAll.Load()),
LastLogin: v.LastLogin,
}
datas = append(datas, val)
}
v.mux.Unlock()
}
sessMux.Unlock()
sort.Sort(&datas)
return datas
}

24
server/sessdata/session.go
View File

@@ -13,7 +13,6 @@ import (
"github.com/bjdgyc/anylink/base"
"github.com/bjdgyc/anylink/dbdata"
mapset "github.com/deckarep/golang-set"
atomic2 "go.uber.org/atomic"
)
var (
@@ -41,15 +40,15 @@ type ConnSession struct {
CstpDpd int
Group *dbdata.Group
Limit *LimitRater
BandwidthUp atomic2.Uint32 // 使用上行带宽 Byte
BandwidthDown atomic2.Uint32 // 使用下行带宽 Byte
BandwidthUpPeriod atomic2.Uint32 // 前一周期的总量
BandwidthDownPeriod atomic2.Uint32
BandwidthUpAll atomic2.Uint64 // 使用上行带宽总量
BandwidthDownAll atomic2.Uint64 // 使用下行带宽总量
BandwidthUp atomic.Uint32 // 使用上行带宽 Byte
BandwidthDown atomic.Uint32 // 使用下行带宽 Byte
BandwidthUpPeriod atomic.Uint32 // 前一周期的总量
BandwidthDownPeriod atomic.Uint32
BandwidthUpAll atomic.Uint64 // 使用上行带宽总量
BandwidthDownAll atomic.Uint64 // 使用下行带宽总量
closeOnce sync.Once
CloseChan chan struct{}
LastDataTime atomic2.Time // 最后数据传输时间
LastDataTime atomic.Int64 // 最后数据传输时间
PayloadIn chan *Payload
PayloadOutCstp chan *Payload // Cstp的数据
PayloadOutDtls chan *Payload // Dtls的数据
@@ -220,7 +219,7 @@ func (s *Session) NewConn() *ConnSession {
PayloadOutDtls: make(chan *Payload, 64),
dSess: &atomic.Value{},
}
cSess.LastDataTime.Store(time.Now())
cSess.LastDataTime.Store(time.Now().Unix())
dSess := &DtlsSession{
isActive: -1,
@@ -464,7 +463,7 @@ func CloseSess(token string, code ...uint8) {
sess.CSess.Close()
return
}
AddUserActLogBySess(sess)
AddUserActLogBySess(sess, code...)
}
func CloseCSess(token string) {
@@ -501,7 +500,7 @@ func AddUserActLog(cs *ConnSession) {
dbdata.UserActLogIns.Add(ua, cs.UserAgent)
}
func AddUserActLogBySess(sess *Session) {
func AddUserActLogBySess(sess *Session, code ...uint8) {
ua := dbdata.UserActLog{
Username: sess.Username,
GroupName: sess.Group,
@@ -512,5 +511,8 @@ func AddUserActLogBySess(sess *Session) {
Status: dbdata.UserLogout,
}
ua.Info = dbdata.UserActLogIns.GetInfoOpsById(dbdata.UserLogoutBanner)
if len(code) > 0 {
ua.Info = dbdata.UserActLogIns.GetInfoOpsById(code[0])
}
dbdata.UserActLogIns.Add(ua, sess.UserAgent)
}

2
version
View File

@@ -1 +1 @@
0.11.2
0.12.2

3
web/package.json
View File

@@ -15,7 +15,8 @@
"qs": "^6.11.1",
"vue": "^2.6.11",
"vue-count-to": "^1.0.13",
"vue-router": "^3.5.2"
"vue-router": "^3.5.2",
"vuedraggable": "^2.24.3"
},
"devDependencies": {
"@vue/cli-plugin-babel": "~4.5.0",

25
web/src/layout/Layout.vue
View File

@@ -18,6 +18,14 @@
<!--子组件上报route信息-->
<router-view :route_path.sync="route_path" :route_name.sync="route_name"></router-view>
</el-main>
<el-footer>
<div>
<el-button size="mini" @click="goUrl('https://gitee.com/bjdgyc/anylink')">
Powered by AnyLink
</el-button>
企业级远程办公系统 AGPL-3.0 2020-present
</div>
</el-footer>
</el-container>
</el-container>
</template>
@@ -36,6 +44,11 @@ export default {
route_name: ['首页'],
}
},
methods: {
goUrl(url) {
window.open(url, "_blank")
},
},
watch: {
route_path: function (val) {
// var w = document.getElementById('layout-menu').clientWidth;
@@ -60,4 +73,16 @@ export default {
box-shadow: 0 1px 3px 0 rgba(0, 0, 0, .12), 0 0 3px 0 rgba(0, 0, 0, .04);
}
.el-footer {
display: flex;
align-items: center;
justify-content: center;
text-align: center;
font-size: 12px;
line-height: 12px;
margin: 0 12px;
color: rgb(134, 144, 156);
}
</style>

858
web/src/pages/group/List.vue
View File

@@ -49,10 +49,11 @@
prop="bandwidth"
label="带宽限制"
width="90">
<template slot-scope="scope">
<el-row v-if="scope.row.bandwidth > 0">{{ convertBandwidth(scope.row.bandwidth, 'BYTE', 'Mbps') }} Mbps</el-row>
<el-row v-else>不限</el-row>
</template>
<template slot-scope="scope">
<el-row v-if="scope.row.bandwidth > 0">{{ convertBandwidth(scope.row.bandwidth, 'BYTE', 'Mbps') }} Mbps
</el-row>
<el-row v-else>不限</el-row>
</template>
</el-table-column>
<el-table-column
@@ -69,12 +70,20 @@
label="路由包含"
width="180">
<template slot-scope="scope">
<el-row v-for="(item,inx) in scope.row.route_include.slice(0, readMinRows)" :key="inx">{{ item.val }}</el-row>
<el-row v-for="(item,inx) in scope.row.route_include.slice(0, readMinRows)" :key="inx">{{
item.val
}}
</el-row>
<div v-if="scope.row.route_include.length > readMinRows">
<div v-if="readMore[`ri_${ scope.row.id }`]">
<el-row v-for="(item,inx) in scope.row.route_include.slice(readMinRows)" :key="inx">{{ item.val }}</el-row>
<el-row v-for="(item,inx) in scope.row.route_include.slice(readMinRows)" :key="inx">{{
item.val
}}
</el-row>
</div>
<el-button size="mini" type="text" @click="toggleMore(`ri_${ scope.row.id }`)">{{ readMore[`ri_${ scope.row.id }`] ? " 收起" : " 更多" }}</el-button>
<el-button size="mini" type="text" @click="toggleMore(`ri_${ scope.row.id }`)">
{{ readMore[`ri_${scope.row.id}`] ? " 收起" : " 更多" }}
</el-button>
</div>
</template>
</el-table-column>
@@ -84,12 +93,20 @@
label="路由排除"
width="180">
<template slot-scope="scope">
<el-row v-for="(item,inx) in scope.row.route_exclude.slice(0, readMinRows)" :key="inx">{{ item.val }}</el-row>
<el-row v-for="(item,inx) in scope.row.route_exclude.slice(0, readMinRows)" :key="inx">{{
item.val
}}
</el-row>
<div v-if="scope.row.route_exclude.length > readMinRows">
<div v-if="readMore[`re_${ scope.row.id }`]">
<el-row v-for="(item,inx) in scope.row.route_exclude.slice(readMinRows)" :key="inx">{{ item.val }}</el-row>
<el-row v-for="(item,inx) in scope.row.route_exclude.slice(readMinRows)" :key="inx">{{
item.val
}}
</el-row>
</div>
<el-button size="mini" type="text" @click="toggleMore(`re_${ scope.row.id }`)">{{ readMore[`re_${ scope.row.id }`] ? " 收起" : " 更多" }}</el-button>
<el-button size="mini" type="text" @click="toggleMore(`re_${ scope.row.id }`)">
{{ readMore[`re_${scope.row.id}`] ? " 收起" : " 更多" }}
</el-button>
</div>
</template>
</el-table-column>
@@ -108,7 +125,9 @@
{{ item.action }} => {{ item.val }} : {{ item.port }}
</el-row>
</div>
<el-button size="mini" type="text" @click="toggleMore(`la_${ scope.row.id }`)">{{ readMore[`la_${ scope.row.id }`] ? " 收起" : " 更多" }}</el-button>
<el-button size="mini" type="text" @click="toggleMore(`la_${ scope.row.id }`)">
{{ readMore[`la_${scope.row.id}`] ? " 收起" : " 更多" }}
</el-button>
</div>
</template>
</el-table-column>
@@ -172,223 +191,289 @@
:close-on-click-modal="false"
title="用户组"
:visible.sync="user_edit_dialog"
width="750px"
width="850px"
@close='closeDialog'
center>
<el-form :model="ruleForm" :rules="rules" ref="ruleForm" label-width="100px" class="ruleForm">
<el-tabs v-model="activeTab" :before-leave="beforeTabLeave">
<el-tab-pane label="通用" name="general">
<el-form-item label="用户组ID" prop="id">
<el-input v-model="ruleForm.id" disabled></el-input>
</el-form-item>
<el-form-item label="组名" prop="name">
<el-input v-model="ruleForm.name" :disabled="ruleForm.id > 0"></el-input>
</el-form-item>
<el-form-item label="备注" prop="note">
<el-input v-model="ruleForm.note"></el-input>
</el-form-item>
<el-form-item label="带宽限制" prop="bandwidth_format" style="width:260px;">
<el-input v-model="ruleForm.bandwidth_format" oninput="value= value.match(/\d+(\.\d{0,2})?/) ? value.match(/\d+(\.\d{0,2})?/)[0] : ''">
<template slot="append">Mbps</template>
</el-input>
</el-form-item>
<el-form-item label="排除本地网络" prop="allow_lan">
<el-switch
v-model="ruleForm.allow_lan"
active-text="开启后 用户本地所在网段将不通过anylink加密传输">
</el-switch>
</el-form-item>
<el-form-item label="客户端DNS" prop="client_dns">
<el-row class="msg-info">
<el-col :span="20">输入IP格式如: 192.168.0.10</el-col>
<el-col :span="4">
<el-button size="mini" type="success" icon="el-icon-plus" circle
@click.prevent="addDomain(ruleForm.client_dns)"></el-button>
</el-col>
</el-row>
<el-row v-for="(item,index) in ruleForm.client_dns"
:key="index" style="margin-bottom: 5px" :gutter="10">
<el-col :span="10">
<el-input v-model="item.val"></el-input>
</el-col>
<el-col :span="12">
<el-input v-model="item.note" placeholder="备注"></el-input>
</el-col>
<el-col :span="2">
<el-button size="mini" type="danger" icon="el-icon-minus" circle
@click.prevent="removeDomain(ruleForm.client_dns,index)"></el-button>
</el-col>
</el-row>
</el-form-item>
<el-form-item label="状态" prop="status">
<el-radio-group v-model="ruleForm.status">
<el-radio :label="1" border>启用</el-radio>
<el-radio :label="0" border>停用</el-radio>
</el-radio-group>
</el-form-item>
</el-tab-pane>
<el-tab-pane label="认证方式" name="authtype">
<el-form-item label="认证" prop="authtype">
<el-radio-group v-model="ruleForm.auth.type" @change="authTypeChange">
<el-radio label="local" border>本地</el-radio>
<el-radio label="radius" border>Radius</el-radio>
<el-radio label="ldap" border>LDAP</el-radio>
</el-radio-group>
</el-form-item>
<template v-if="ruleForm.auth.type == 'radius'">
<el-form-item label="服务器地址" prop="auth.radius.addr" :rules="this.ruleForm.auth.type== 'radius' ? this.rules['auth.radius.addr'] : [{ required: false }]">
<el-input v-model="ruleForm.auth.radius.addr" placeholder="例如 ip:1812"></el-input>
</el-form-item>
<el-form-item label="密钥" prop="auth.radius.secret" :rules="this.ruleForm.auth.type== 'radius' ? this.rules['auth.radius.secret'] : [{ required: false }]">
<el-input v-model="ruleForm.auth.radius.secret" placeholder=""></el-input>
</el-form-item>
</template>
<template v-if="ruleForm.auth.type == 'ldap'">
<el-form-item label="服务器地址" prop="auth.ldap.addr" :rules="this.ruleForm.auth.type== 'ldap' ? this.rules['auth.ldap.addr'] : [{ required: false }]">
<el-input v-model="ruleForm.auth.ldap.addr" placeholder="例如 ip:389 / 域名:389"></el-input>
</el-form-item>
<el-form-item label="开启TLS" prop="auth.ldap.tls">
<el-switch v-model="ruleForm.auth.ldap.tls"></el-switch>
</el-form-item>
<el-form-item label="管理员 DN" prop="auth.ldap.bind_name" :rules="this.ruleForm.auth.type== 'ldap' ? this.rules['auth.ldap.bind_name'] : [{ required: false }]">
<el-input v-model="ruleForm.auth.ldap.bind_name" placeholder="例如 CN=bindadmin,DC=abc,DC=COM"></el-input>
</el-form-item>
<el-form-item label="管理员密码" prop="auth.ldap.bind_pwd" :rules="this.ruleForm.auth.type== 'ldap' ? this.rules['auth.ldap.bind_pwd'] : [{ required: false }]">
<el-input type="password" v-model="ruleForm.auth.ldap.bind_pwd" placeholder=""></el-input>
</el-form-item>
<el-form-item label="Base DN" prop="auth.ldap.base_dn" :rules="this.ruleForm.auth.type== 'ldap' ? this.rules['auth.ldap.base_dn'] : [{ required: false }]">
<el-input v-model="ruleForm.auth.ldap.base_dn" placeholder="例如 DC=abc,DC=com"></el-input>
</el-form-item>
<el-form-item label="用户对象类" prop="auth.ldap.object_class" :rules="this.ruleForm.auth.type== 'ldap' ? this.rules['auth.ldap.object_class'] : [{ required: false }]">
<el-input v-model="ruleForm.auth.ldap.object_class" placeholder="例如 person / user / posixAccount"></el-input>
</el-form-item>
<el-form-item label="用户唯一ID" prop="auth.ldap.search_attr" :rules="this.ruleForm.auth.type== 'ldap' ? this.rules['auth.ldap.search_attr'] : [{ required: false }]">
<el-input v-model="ruleForm.auth.ldap.search_attr" placeholder="例如 sAMAccountName / uid / cn"></el-input>
</el-form-item>
<el-form-item label="受限用户组" prop="auth.ldap.member_of">
<el-input v-model="ruleForm.auth.ldap.member_of" placeholder="选填, 只允许指定组登入, 例如 CN=HomeWork,DC=abc,DC=com"></el-input>
</el-form-item>
</template>
</el-tab-pane>
<el-tab-pane label="路由设置" name="route">
<el-form-item label="包含路由" prop="route_include">
<el-row class="msg-info">
<el-col :span="18">输入CIDR格式如: 192.168.1.0/24</el-col>
<el-col :span="2">
<el-button size="mini" type="success" icon="el-icon-plus" circle
@click.prevent="addDomain(ruleForm.route_include)"></el-button>
</el-col>
<el-col :span="4">
<el-button size="mini" type="info" icon="el-icon-edit" circle
@click.prevent="openIpListDialog('route_include')"></el-button>
</el-col>
</el-row>
<templete v-if="activeTab == 'route'">
<el-row v-for="(item,index) in ruleForm.route_include"
:key="index" style="margin-bottom: 5px" :gutter="10">
<el-col :span="10">
<el-input v-model="item.val"></el-input>
</el-col>
<el-col :span="12">
<el-input v-model="item.note" placeholder="备注"></el-input>
</el-col>
<el-col :span="2">
<el-button size="mini" type="danger" icon="el-icon-minus" circle
@click.prevent="removeDomain(ruleForm.route_include,index)"></el-button>
</el-col>
</el-row>
</templete>
</el-form-item>
<el-form-item label="排除路由" prop="route_exclude">
<el-row class="msg-info">
<el-col :span="18">输入CIDR格式如: 192.168.2.0/24</el-col>
<el-col :span="2">
<el-button size="mini" type="success" icon="el-icon-plus" circle
@click.prevent="addDomain(ruleForm.route_exclude)"></el-button>
</el-col>
<el-col :span="4">
<el-button size="mini" type="info" icon="el-icon-edit" circle
@click.prevent="openIpListDialog('route_exclude')"></el-button>
</el-col>
</el-row>
<templete v-if="activeTab == 'route'">
<el-row v-for="(item,index) in ruleForm.route_exclude"
:key="index" style="margin-bottom: 5px" :gutter="10">
<el-col :span="10">
<el-input v-model="item.val"></el-input>
</el-col>
<el-col :span="12">
<el-input v-model="item.note" placeholder="备注"></el-input>
</el-col>
<el-col :span="2">
<el-button size="mini" type="danger" icon="el-icon-minus" circle
@click.prevent="removeDomain(ruleForm.route_exclude,index)"></el-button>
</el-col>
</el-row>
</templete>
</el-form-item>
</el-tab-pane>
<el-tab-pane label="权限控制" name="link_acl">
<el-form-item label="权限控制" prop="link_acl">
<el-row class="msg-info">
<el-col :span="20">输入CIDR格式如: 192.168.3.0/24 端口0表示所有端口</el-col>
<el-col :span="4">
<el-button size="mini" type="success" icon="el-icon-plus" circle
@click.prevent="addDomain(ruleForm.link_acl)"></el-button>
</el-col>
</el-row>
<el-row v-for="(item,index) in ruleForm.link_acl"
:key="index" style="margin-bottom: 5px" :gutter="5">
<el-col :span="11">
<el-input placeholder="请输入CIDR地址" v-model="item.val">
<el-select v-model="item.action" slot="prepend">
<el-option label="允许" value="allow"></el-option>
<el-option label="禁止" value="deny"></el-option>
</el-select>
</el-input>
</el-col>
<el-col :span="3">
<el-input v-model.number="item.port" placeholder="端口"></el-input>
</el-col>
<el-col :span="8">
<el-input v-model="item.note" placeholder="备注"></el-input>
</el-col>
<el-col :span="2">
<el-button size="mini" type="danger" icon="el-icon-minus" circle
@click.prevent="removeDomain(ruleForm.link_acl,index)"></el-button>
</el-col>
</el-row>
</el-form-item>
</el-tab-pane>
<el-tab-pane label="域名拆分隧道" name="ds_domains">
<el-form-item label="包含域名" prop="ds_include_domains">
<el-input type="textarea" :rows="5" v-model="ruleForm.ds_include_domains" placeholder="输入域名用,号分隔,默认匹配所有子域名, 如baidu.com,163.com"></el-input>
</el-form-item>
<el-form-item label="排除域名" prop="ds_exclude_domains">
<el-input type="textarea" :rows="5" v-model="ruleForm.ds_exclude_domains" placeholder="输入域名用,号分隔,默认匹配所有子域名, 如baidu.com,163.com"></el-input>
<div class="msg-info">域名拆分隧道仅支持AnyConnect的桌面客户端不支持移动端.</div>
</el-form-item>
</el-tab-pane>
<el-form-item>
<templete v-if="activeTab == 'authtype' && ruleForm.auth.type != 'local'">
<el-button @click="openAuthLoginDialog()" style="margin-right:10px">测试登录</el-button>
</templete>
<el-button type="primary" @click="submitForm('ruleForm')">保存</el-button>
<el-button @click="closeDialog">取消</el-button>
<el-tab-pane label="通用" name="general">
<el-form-item label="用户组ID" prop="id">
<el-input v-model="ruleForm.id" disabled></el-input>
</el-form-item>
</el-tabs>
</el-form>
<el-form-item label="组名" prop="name">
<el-input v-model="ruleForm.name" :disabled="ruleForm.id > 0"></el-input>
</el-form-item>
<el-form-item label="备注" prop="note">
<el-input v-model="ruleForm.note"></el-input>
</el-form-item>
<el-form-item label="带宽限制" prop="bandwidth_format" style="width:260px;">
<el-input v-model="ruleForm.bandwidth_format"
oninput="value= value.match(/\d+(\.\d{0,2})?/) ? value.match(/\d+(\.\d{0,2})?/)[0] : ''">
<template slot="append">Mbps</template>
</el-input>
</el-form-item>
<el-form-item label="排除本地网络" prop="allow_lan">
<!-- active-text="开启后 用户本地所在网段将不通过anylink加密传输" -->
<el-switch v-model="ruleForm.allow_lan"></el-switch>
<div class="msg-info">
本地网络 指的是
运行 anyconnect 客户端的PC 所在的的网络即本地路由网段
开启后PC本地路由网段的数据就不会走隧道链路转发数据了
同时 anyconnect 客户端需要勾选本地网络(Allow Local Lan)的开关功能才能生效
</div>
</el-form-item>
<el-form-item label="客户端DNS" prop="client_dns">
<el-row class="msg-info">
<el-col :span="20">输入IP格式如: 192.168.0.10</el-col>
<el-col :span="4">
<el-button size="mini" type="success" icon="el-icon-plus" circle
@click.prevent="addDomain(ruleForm.client_dns)"></el-button>
</el-col>
</el-row>
<el-row v-for="(item,index) in ruleForm.client_dns"
:key="index" style="margin-bottom: 5px" :gutter="10">
<el-col :span="10">
<el-input v-model="item.val"></el-input>
</el-col>
<el-col :span="12">
<el-input v-model="item.note" placeholder="备注"></el-input>
</el-col>
<el-col :span="2">
<el-button size="mini" type="danger" icon="el-icon-minus" circle
@click.prevent="removeDomain(ruleForm.client_dns,index)"></el-button>
</el-col>
</el-row>
</el-form-item>
<el-form-item label="内网域名" prop="split_dns">
<el-row class="msg-info">
<el-col :span="20">(分割DNS)一般留空如果输入域名只有配置的域名(包含子域名)走配置的dns</el-col>
<el-col :span="4">
<el-button size="mini" type="success" icon="el-icon-plus" circle
@click.prevent="addDomain(ruleForm.split_dns)"></el-button>
</el-col>
</el-row>
<el-row v-for="(item,index) in ruleForm.split_dns"
:key="index" style="margin-bottom: 5px" :gutter="10">
<el-col :span="10">
<el-input v-model="item.val"></el-input>
</el-col>
<el-col :span="12">
<el-input v-model="item.note" placeholder="备注"></el-input>
</el-col>
<el-col :span="2">
<el-button size="mini" type="danger" icon="el-icon-minus" circle
@click.prevent="removeDomain(ruleForm.split_dns,index)"></el-button>
</el-col>
</el-row>
</el-form-item>
<el-form-item label="状态" prop="status">
<el-radio-group v-model="ruleForm.status">
<el-radio :label="1" border>启用</el-radio>
<el-radio :label="0" border>停用</el-radio>
</el-radio-group>
</el-form-item>
</el-tab-pane>
<el-tab-pane label="认证方式" name="authtype">
<el-form-item label="认证" prop="authtype">
<el-radio-group v-model="ruleForm.auth.type" @change="authTypeChange">
<el-radio label="local" border>本地</el-radio>
<el-radio label="radius" border>Radius</el-radio>
<el-radio label="ldap" border>LDAP</el-radio>
</el-radio-group>
</el-form-item>
<template v-if="ruleForm.auth.type == 'radius'">
<el-form-item label="服务器地址" prop="auth.radius.addr"
:rules="this.ruleForm.auth.type== 'radius' ? this.rules['auth.radius.addr'] : [{ required: false }]">
<el-input v-model="ruleForm.auth.radius.addr" placeholder="例如 ip:1812"></el-input>
</el-form-item>
<el-form-item label="密钥" prop="auth.radius.secret"
:rules="this.ruleForm.auth.type== 'radius' ? this.rules['auth.radius.secret'] : [{ required: false }]">
<el-input v-model="ruleForm.auth.radius.secret" placeholder=""></el-input>
</el-form-item>
<el-form-item label="Nasip" prop="auth.radius.nasip">
<el-input v-model="ruleForm.auth.radius.nasip" placeholder=""></el-input>
</el-form-item>
</template>
<template v-if="ruleForm.auth.type == 'ldap'">
<el-form-item label="服务器地址" prop="auth.ldap.addr"
:rules="this.ruleForm.auth.type== 'ldap' ? this.rules['auth.ldap.addr'] : [{ required: false }]">
<el-input v-model="ruleForm.auth.ldap.addr" placeholder="例如 ip:389 / 域名:389"></el-input>
</el-form-item>
<el-form-item label="开启TLS" prop="auth.ldap.tls">
<el-switch v-model="ruleForm.auth.ldap.tls"></el-switch>
</el-form-item>
<el-form-item label="管理员 DN" prop="auth.ldap.bind_name"
:rules="this.ruleForm.auth.type== 'ldap' ? this.rules['auth.ldap.bind_name'] : [{ required: false }]">
<el-input v-model="ruleForm.auth.ldap.bind_name"
placeholder="例如 CN=bindadmin,DC=abc,DC=COM"></el-input>
</el-form-item>
<el-form-item label="管理员密码" prop="auth.ldap.bind_pwd"
:rules="this.ruleForm.auth.type== 'ldap' ? this.rules['auth.ldap.bind_pwd'] : [{ required: false }]">
<el-input type="password" v-model="ruleForm.auth.ldap.bind_pwd" placeholder=""></el-input>
</el-form-item>
<el-form-item label="Base DN" prop="auth.ldap.base_dn"
:rules="this.ruleForm.auth.type== 'ldap' ? this.rules['auth.ldap.base_dn'] : [{ required: false }]">
<el-input v-model="ruleForm.auth.ldap.base_dn" placeholder="例如 DC=abc,DC=com"></el-input>
</el-form-item>
<el-form-item label="用户对象类" prop="auth.ldap.object_class"
:rules="this.ruleForm.auth.type== 'ldap' ? this.rules['auth.ldap.object_class'] : [{ required: false }]">
<el-input v-model="ruleForm.auth.ldap.object_class"
placeholder="例如 person / user / posixAccount"></el-input>
</el-form-item>
<el-form-item label="用户唯一ID" prop="auth.ldap.search_attr"
:rules="this.ruleForm.auth.type== 'ldap' ? this.rules['auth.ldap.search_attr'] : [{ required: false }]">
<el-input v-model="ruleForm.auth.ldap.search_attr"
placeholder="例如 sAMAccountName / uid / cn"></el-input>
</el-form-item>
<el-form-item label="受限用户组" prop="auth.ldap.member_of">
<el-input v-model="ruleForm.auth.ldap.member_of"
placeholder="选填, 只允许指定组登入, 例如 CN=HomeWork,DC=abc,DC=com"></el-input>
</el-form-item>
</template>
</el-tab-pane>
<el-tab-pane label="路由设置" name="route">
<el-form-item label="包含路由" prop="route_include">
<el-row class="msg-info">
<el-col :span="18">输入CIDR格式如: 192.168.1.0/24</el-col>
<el-col :span="2">
<el-button size="mini" type="success" icon="el-icon-plus" circle
@click.prevent="addDomain(ruleForm.route_include)"></el-button>
</el-col>
<el-col :span="4">
<el-button size="mini" type="info" icon="el-icon-edit" circle
@click.prevent="openIpListDialog('route_include')"></el-button>
</el-col>
</el-row>
<templete v-if="activeTab == 'route'">
<el-row v-for="(item,index) in ruleForm.route_include"
:key="index" style="margin-bottom: 5px" :gutter="10">
<el-col :span="10">
<el-input v-model="item.val"></el-input>
</el-col>
<el-col :span="12">
<el-input v-model="item.note" placeholder="备注"></el-input>
</el-col>
<el-col :span="2">
<el-button size="mini" type="danger" icon="el-icon-minus" circle
@click.prevent="removeDomain(ruleForm.route_include,index)"></el-button>
</el-col>
</el-row>
</templete>
</el-form-item>
<el-form-item label="排除路由" prop="route_exclude">
<el-row class="msg-info">
<el-col :span="18">输入CIDR格式如: 192.168.2.0/24</el-col>
<el-col :span="2">
<el-button size="mini" type="success" icon="el-icon-plus" circle
@click.prevent="addDomain(ruleForm.route_exclude)"></el-button>
</el-col>
<el-col :span="4">
<el-button size="mini" type="info" icon="el-icon-edit" circle
@click.prevent="openIpListDialog('route_exclude')"></el-button>
</el-col>
</el-row>
<templete v-if="activeTab == 'route'">
<el-row v-for="(item,index) in ruleForm.route_exclude"
:key="index" style="margin-bottom: 5px" :gutter="10">
<el-col :span="10">
<el-input v-model="item.val"></el-input>
</el-col>
<el-col :span="12">
<el-input v-model="item.note" placeholder="备注"></el-input>
</el-col>
<el-col :span="2">
<el-button size="mini" type="danger" icon="el-icon-minus" circle
@click.prevent="removeDomain(ruleForm.route_exclude,index)"></el-button>
</el-col>
</el-row>
</templete>
</el-form-item>
</el-tab-pane>
<el-tab-pane label="权限控制" name="link_acl">
<el-form-item label="权限控制" prop="link_acl">
<el-row class="msg-info">
<el-col :span="22">输入CIDR格式如: 192.168.3.0/24
协议支持 all,tcp,udp,icmp
端口0表示所有端口,多个端口:80,443,连续端口:1234-5678
</el-col>
<el-col :span="2">
<el-button size="mini" type="success" icon="el-icon-plus" circle
@click.prevent="addDomain(ruleForm.link_acl)"></el-button>
</el-col>
</el-row>
<!-- 添加拖拽功能 -->
<draggable v-model="ruleForm.link_acl" handle=".drag-handle" @end="onEnd">
<el-row v-for="(item,index) in ruleForm.link_acl"
:key="index" style="margin-bottom: 5px" :gutter="1">
<el-col :span="1" class="drag-handle">
<i class="el-icon-rank"></i>
</el-col>
<el-col :span="9">
<el-input placeholder="请输入CIDR地址" v-model="item.val">
<el-select v-model="item.action" slot="prepend">
<el-option label="允许" value="allow"></el-option>
<el-option label="禁止" value="deny"></el-option>
</el-select>
</el-input>
</el-col>
<el-col :span="3">
<el-input placeholder="协议" v-model="item.protocol">
</el-col>
<el-col :span="6">
<!-- type="textarea" :autosize="{ minRows: 1, maxRows: 2}" -->
<el-input v-model="item.port" placeholder="多端口,号分隔"></el-input>
</el-col>
<el-col :span="3">
<el-input v-model="item.note" placeholder="备注"></el-input>
</el-col>
<el-col :span="2">
<el-button size="mini" type="danger" icon="el-icon-minus" circle
@click.prevent="removeDomain(ruleForm.link_acl,index)"></el-button>
</el-col>
</el-row>
</draggable>
</el-form-item>
</el-tab-pane>
<el-tab-pane label="域名拆分隧道" name="ds_domains">
<el-form-item label="包含域名" prop="ds_include_domains">
<el-input type="textarea" :rows="5" v-model="ruleForm.ds_include_domains"
placeholder="输入域名用,号分隔,默认匹配所有子域名, 如baidu.com,163.com"></el-input>
</el-form-item>
<el-form-item label="排除域名" prop="ds_exclude_domains">
<el-input type="textarea" :rows="5" v-model="ruleForm.ds_exclude_domains"
placeholder="输入域名用,号分隔,默认匹配所有子域名, 如baidu.com,163.com"></el-input>
<div class="msg-info">域名拆分隧道仅支持AnyConnect的windows和MacOS桌面客户端不支持移动端.</div>
</el-form-item>
</el-tab-pane>
<el-form-item>
<templete v-if="activeTab == 'authtype' && ruleForm.auth.type != 'local'">
<el-button @click="openAuthLoginDialog()" style="margin-right:10px">测试登录</el-button>
</templete>
<el-button type="primary" @click="submitForm('ruleForm')">保存</el-button>
<el-button @click="closeDialog">取消</el-button>
</el-form-item>
</el-tabs>
</el-form>
</el-dialog>
<!--测试用户登录弹出框-->
<el-dialog
@@ -398,36 +483,41 @@
width="600px"
custom-class="valgin-dialog"
center>
<el-form :model="authLoginForm" :rules="authLoginRules" ref="authLoginForm" label-width="100px">
<el-form-item label="账号" prop="name">
<el-input v-model="authLoginForm.name" ref="authLoginFormName" @keydown.enter.native="testAuthLogin"></el-input>
</el-form-item>
<el-form-item label="密码" prop="pwd">
<el-input type="password" v-model="authLoginForm.pwd" @keydown.enter.native="testAuthLogin"></el-input>
</el-form-item>
<el-form-item>
<el-button type="primary" @click="testAuthLogin()" :loading="authLoginLoading">登录</el-button>
<el-button @click="authLoginDialog = false"> </el-button>
</el-form-item>
</el-form>
<el-form :model="authLoginForm" :rules="authLoginRules" ref="authLoginForm" label-width="100px">
<el-form-item label="账号" prop="name">
<el-input v-model="authLoginForm.name" ref="authLoginFormName"
@keydown.enter.native="testAuthLogin"></el-input>
</el-form-item>
<el-form-item label="密码" prop="pwd">
<el-input type="password" v-model="authLoginForm.pwd" @keydown.enter.native="testAuthLogin"></el-input>
</el-form-item>
<el-form-item>
<el-button type="primary" @click="testAuthLogin()" :loading="authLoginLoading">登录</el-button>
<el-button @click="authLoginDialog = false"> </el-button>
</el-form-item>
</el-form>
</el-dialog>
<!--编辑模式弹窗-->
<el-dialog
:close-on-click-modal="false"
title="编辑模式"
:visible.sync="ipListDialog"
width="650px"
custom-class="valgin-dialog"
center>
:close-on-click-modal="false"
title="编辑模式"
:visible.sync="ipListDialog"
width="650px"
custom-class="valgin-dialog"
center>
<el-form ref="ipEditForm" label-width="80px">
<el-form-item label="路由表" prop="ip_list">
<el-input type="textarea" :rows="10" v-model="ipEditForm.ip_list" placeholder="每行一条路由192.168.1.0/24,备注 或 192.168.1.0/24"></el-input>
<div class="msg-info">当前共 {{ ipEditForm.ip_list.trim() === '' ? 0 : ipEditForm.ip_list.trim().split("\n").length }} AnyConnect客户端最多支持{{ this.maxRouteRows }}条路由</div>
</el-form-item>
<el-form-item>
<el-button type="primary" @click="ipEdit()" :loading="ipEditLoading">更新</el-button>
<el-button @click="ipListDialog = false"> </el-button>
</el-form-item>
<el-form-item label="路由表" prop="ip_list">
<el-input type="textarea" :rows="10" v-model="ipEditForm.ip_list"
placeholder="每行一条路由192.168.1.0/24,备注 或 192.168.1.0/24"></el-input>
<div class="msg-info">当前共
{{ ipEditForm.ip_list.trim() === '' ? 0 : ipEditForm.ip_list.trim().split("\n").length }}
AnyConnect客户端最多支持{{ this.maxRouteRows }}条路由
</div>
</el-form-item>
<el-form-item>
<el-button type="primary" @click="ipEdit()" :loading="ipEditLoading">更新</el-button>
<el-button @click="ipListDialog = false"> </el-button>
</el-form-item>
</el-form>
</el-dialog>
</div>
@@ -435,10 +525,11 @@
<script>
import axios from "axios";
import draggable from 'vuedraggable'
export default {
name: "List",
components: {},
components: {draggable},
mixins: [],
created() {
this.$emit('update:route_path', this.$route.path)
@@ -453,47 +544,48 @@ export default {
page: 1,
tableData: [],
count: 10,
activeTab : "general",
activeTab: "general",
readMore: {},
readMinRows : 5,
maxRouteRows : 2500,
defAuth : {
type:'local',
radius:{addr:"", secret:""},
ldap:{
addr:"",
tls:false,
base_dn:"",
object_class:"person",
search_attr:"sAMAccountName",
member_of:"",
bind_name:"",
bind_pwd:"",
},
readMinRows: 5,
maxRouteRows: 2500,
defAuth: {
type: 'local',
radius: {addr: "", secret: "", nasip: ""},
ldap: {
addr: "",
tls: false,
base_dn: "",
object_class: "person",
search_attr: "sAMAccountName",
member_of: "",
bind_name: "",
bind_pwd: "",
},
},
ruleForm: {
bandwidth: 0,
bandwidth_format: '0',
status: 1,
allow_lan: true,
client_dns: [{val: '114.114.114.114'}],
client_dns: [{val: '114.114.114.114', note: '默认dns'}],
split_dns: [],
route_include: [{val: 'all', note: '默认全局代理'}],
route_exclude: [],
link_acl: [],
auth : {},
auth: {},
},
authLoginDialog : false,
ipListDialog : false,
authLoginLoading : false,
authLoginForm : {
name : "",
pwd : "",
authLoginDialog: false,
ipListDialog: false,
authLoginLoading: false,
authLoginForm: {
name: "",
pwd: "",
},
ipEditForm: {
ip_list: "",
type : "",
type: "",
},
ipEditLoading : false,
ipEditLoading: false,
authLoginRules: {
name: [
{required: true, message: '请输入账号', trigger: 'blur'},
@@ -543,12 +635,15 @@ export default {
}
},
methods: {
onEnd: function() {
window.console.log("onEnd", this.ruleForm.link_acl);
},
setAuthData(row) {
if (! row) {
if (!row) {
this.ruleForm.auth = JSON.parse(JSON.stringify(this.defAuth));
return ;
return;
}
if (row.auth.type == "ldap" && ! row.auth.ldap.object_class) {
if (row.auth.type == "ldap" && !row.auth.ldap.object_class) {
row.auth.ldap.object_class = this.defAuth.ldap.object_class;
}
this.ruleForm.auth = Object.assign(JSON.parse(JSON.stringify(this.defAuth)), row.auth);
@@ -620,7 +715,8 @@ export default {
// arr.pop()
},
addDomain(arr) {
arr.push({val: "", action: "allow", port: 0});
console.log("arr", arr)
arr.push({protocol:"all", val: "", action: "allow", port: "0", note: ""});
},
submitForm(formName) {
this.$refs[formName].validate((valid) => {
@@ -646,29 +742,31 @@ export default {
});
},
testAuthLogin() {
this.$refs["authLoginForm"].validate((valid) => {
if (!valid) {
console.log('error submit!!');
return false;
}
this.authLoginLoading = true;
axios.post('/group/auth_login', {name:this.authLoginForm.name,
pwd:this.authLoginForm.pwd,
auth:this.ruleForm.auth}).then(resp => {
const rdata = resp.data;
if (rdata.code === 0) {
this.$message.success("登录成功");
} else {
this.$message.error(rdata.msg);
}
this.authLoginLoading = false;
console.log(rdata);
}).catch(error => {
this.$message.error('哦,请求出错');
console.log(error);
this.authLoginLoading = false;
});
this.$refs["authLoginForm"].validate((valid) => {
if (!valid) {
console.log('error submit!!');
return false;
}
this.authLoginLoading = true;
axios.post('/group/auth_login', {
name: this.authLoginForm.name,
pwd: this.authLoginForm.pwd,
auth: this.ruleForm.auth
}).then(resp => {
const rdata = resp.data;
if (rdata.code === 0) {
this.$message.success("登录成功");
} else {
this.$message.error(rdata.msg);
}
this.authLoginLoading = false;
console.log(rdata);
}).catch(error => {
this.$message.error('哦,请求出错');
console.log(error);
this.authLoginLoading = false;
});
});
},
openAuthLoginDialog() {
this.$refs["ruleForm"].validate((valid) => {
@@ -679,7 +777,7 @@ export default {
this.authLoginDialog = true;
// set authLoginFormName focus
this.$nextTick(() => {
this.$refs['authLoginFormName'].focus();
this.$refs['authLoginFormName'].focus();
});
});
},
@@ -689,63 +787,63 @@ export default {
this.ipEditForm.ip_list = this.ruleForm[type].map(item => item.val + (item.note ? "," + item.note : "")).join("\n");
},
ipEdit() {
this.ipEditLoading = true;
let ipList = [];
if (this.ipEditForm.ip_list.trim() !== "") {
ipList = this.ipEditForm.ip_list.trim().split("\n");
this.ipEditLoading = true;
let ipList = [];
if (this.ipEditForm.ip_list.trim() !== "") {
ipList = this.ipEditForm.ip_list.trim().split("\n");
}
let arr = [];
for (let i = 0; i < ipList.length; i++) {
let item = ipList[i];
if (item.trim() === "") {
continue;
}
let arr = [];
for (let i = 0; i < ipList.length; i++) {
let item = ipList[i];
if (item.trim() === "") {
continue;
}
let ip = item.split(",");
if (ip.length > 2) {
ip[1] = ip.slice(1).join(",");
}
let note = ip[1] ? ip[1] : "";
const pushToArr = () => {
arr.push({val: ip[0], note: note});
};
if (this.ipEditForm.type == "route_include" && ip[0] == "all") {
pushToArr();
continue;
}
let valid = this.isValidCIDR(ip[0]);
if (!valid.valid) {
this.$message.error("错误CIDR格式错误建议 " + ip[0] + " 改为 " + valid.suggestion);
this.ipEditLoading = false;
return;
}
let ip = item.split(",");
if (ip.length > 2) {
ip[1] = ip.slice(1).join(",");
}
let note = ip[1] ? ip[1] : "";
const pushToArr = () => {
arr.push({val: ip[0], note: note});
};
if (this.ipEditForm.type == "route_include" && ip[0] == "all") {
pushToArr();
continue;
}
this.ruleForm[this.ipEditForm.type] = arr;
this.ipEditLoading = false;
this.ipListDialog = false;
let valid = this.isValidCIDR(ip[0]);
if (!valid.valid) {
this.$message.error("错误CIDR格式错误建议 " + ip[0] + " 改为 " + valid.suggestion);
this.ipEditLoading = false;
return;
}
pushToArr();
}
this.ruleForm[this.ipEditForm.type] = arr;
this.ipEditLoading = false;
this.ipListDialog = false;
},
isValidCIDR(input) {
const cidrRegex = /^((25[0-5]|2[0-4]\d|[01]?\d\d?)\.){3}(25[0-5]|2[0-4]\d|[01]?\d\d?)\/([12]?\d|3[0-2])$/;
if (!cidrRegex.test(input)) {
return { valid: false, suggestion: null };
const cidrRegex = /^((25[0-5]|2[0-4]\d|[01]?\d\d?)\.){3}(25[0-5]|2[0-4]\d|[01]?\d\d?)\/([12]?\d|3[0-2])$/;
if (!cidrRegex.test(input)) {
return {valid: false, suggestion: null};
}
const [ip, mask] = input.split('/');
const maskNum = parseInt(mask);
const ipParts = ip.split('.').map(part => parseInt(part));
const binaryIP = ipParts.map(part => part.toString(2).padStart(8, '0')).join('');
for (let i = maskNum; i < 32; i++) {
if (binaryIP[i] === '1') {
const binaryNetworkPart = binaryIP.substring(0, maskNum).padEnd(32, '0');
const networkIPParts = [];
for (let j = 0; j < 4; j++) {
const octet = binaryNetworkPart.substring(j * 8, (j + 1) * 8);
networkIPParts.push(parseInt(octet, 2));
}
const suggestedIP = networkIPParts.join('.');
return {valid: false, suggestion: `${suggestedIP}/${mask}`};
}
const [ip, mask] = input.split('/');
const maskNum = parseInt(mask);
const ipParts = ip.split('.').map(part => parseInt(part));
const binaryIP = ipParts.map(part => part.toString(2).padStart(8, '0')).join('');
for (let i = maskNum; i < 32; i++) {
if (binaryIP[i] === '1') {
const binaryNetworkPart = binaryIP.substring(0, maskNum).padEnd(32, '0');
const networkIPParts = [];
for (let j = 0; j < 4; j++) {
const octet = binaryNetworkPart.substring(j * 8, (j + 1) * 8);
networkIPParts.push(parseInt(octet, 2));
}
const suggestedIP = networkIPParts.join('.');
return { valid: false, suggestion: `${suggestedIP}/${mask}` };
}
}
return { valid: true, suggestion: null };
}
return {valid: true, suggestion: null};
},
resetForm(formName) {
this.$refs[formName].resetFields();
@@ -762,7 +860,7 @@ export default {
},
beforeTabLeave() {
var isSwitch = true
if (! this.user_edit_dialog) {
if (!this.user_edit_dialog) {
return isSwitch;
}
this.$refs['ruleForm'].validate((valid) => {
@@ -779,16 +877,16 @@ export default {
this.activeTab = "general";
},
convertBandwidth(bandwidth, fromUnit, toUnit) {
const units = {
bps: 1,
Kbps: 1000,
Mbps: 1000000,
Gbps: 1000000000,
BYTE: 8,
};
const result = bandwidth * units[fromUnit] / units[toUnit];
const fixedResult = result.toFixed(2);
return parseFloat(fixedResult);
const units = {
bps: 1,
Kbps: 1000,
Mbps: 1000000,
Gbps: 1000000000,
BYTE: 8,
};
const result = bandwidth * units[fromUnit] / units[toUnit];
const fixedResult = result.toFixed(2);
return parseFloat(fixedResult);
}
},
}
@@ -809,19 +907,25 @@ export default {
width: 80px;
}
::v-deep .valgin-dialog{
display: flex;
flex-direction: column;
margin:0 !important;
position:absolute;
top:50%;
left:50%;
transform:translate(-50%,-50%);
max-height:calc(100% - 30px);
max-width:calc(100% - 30px);
::v-deep .valgin-dialog {
display: flex;
flex-direction: column;
margin: 0 !important;
position: absolute;
top: 50%;
left: 50%;
transform: translate(-50%, -50%);
max-height: calc(100% - 30px);
max-width: calc(100% - 30px);
}
::v-deep .valgin-dialog .el-dialog__body{
flex:1;
overflow: auto;
::v-deep .valgin-dialog .el-dialog__body {
flex: 1;
overflow: auto;
}
.drag-handle {
cursor: move;
}
</style>

365
web/src/pages/set/Other.vue
View File

@@ -3,11 +3,11 @@
<el-tabs v-model="activeName" @tab-click="handleClick">
<el-tab-pane label="邮件配置" name="dataSmtp">
<el-form
:model="dataSmtp"
ref="dataSmtp"
:rules="rules"
label-width="100px"
class="tab-one"
:model="dataSmtp"
ref="dataSmtp"
:rules="rules"
label-width="100px"
class="tab-one"
>
<el-form-item label="服务器地址" prop="host">
<el-input v-model="dataSmtp.host"></el-input>
@@ -20,9 +20,9 @@
</el-form-item>
<el-form-item label="密码" prop="password">
<el-input
type="password"
v-model="dataSmtp.password"
placeholder="密码为空则不修改"
type="password"
v-model="dataSmtp.password"
placeholder="密码为空则不修改"
></el-input>
</el-form-item>
<el-form-item label="加密类型" prop="encryption">
@@ -37,7 +37,8 @@
</el-form-item>
<el-form-item>
<el-button type="primary" @click="submitForm('dataSmtp')"
>保存</el-button
>保存
</el-button
>
<el-button @click="resetForm('dataSmtp')">重置</el-button>
</el-form-item>
@@ -46,19 +47,19 @@
<el-tab-pane label="审计日志" name="dataAuditLog">
<el-form
:model="dataAuditLog"
ref="dataAuditLog"
:rules="rules"
label-width="100px"
class="tab-one"
:model="dataAuditLog"
ref="dataAuditLog"
:rules="rules"
label-width="100px"
class="tab-one"
>
<el-form-item label="审计去重间隔" prop="audit_interval">
<el-input-number
v-model="dataAuditLog.audit_interval"
:min="-1"
size="small"
label="秒"
:disabled="true"
v-model="dataAuditLog.audit_interval"
:min="-1"
size="small"
label="秒"
:disabled="true"
></el-input-number>
<p class="input_tip">
@@ -68,11 +69,11 @@
</el-form-item>
<el-form-item label="存储时长" prop="life_day">
<el-input-number
v-model="dataAuditLog.life_day"
:min="0"
:max="365"
size="small"
label="天数"
v-model="dataAuditLog.life_day"
:min="0"
:max="365"
size="small"
label="天数"
></el-input-number>
<p class="input_tip">
@@ -82,22 +83,23 @@
</el-form-item>
<el-form-item label="清理时间" prop="clear_time">
<el-time-select
v-model="dataAuditLog.clear_time"
:picker-options="{
v-model="dataAuditLog.clear_time"
:picker-options="{
start: '00:00',
step: '01:00',
end: '23:00',
}"
editable="false,"
size="small"
placeholder="请选择"
style="width: 130px"
:editable="false"
size="small"
placeholder="请选择"
style="width: 130px"
>
</el-time-select>
</el-form-item>
<el-form-item>
<el-button type="primary" @click="submitForm('dataAuditLog')"
>保存</el-button
>保存
</el-button
>
<el-button @click="resetForm('dataAuditLog')">重置</el-button>
</el-form-item>
@@ -105,33 +107,34 @@
</el-tab-pane>
<el-tab-pane label="证书设置" name="datacertManage">
<el-tabs
tab-position="left"
v-model="datacertManage"
@tab-click="handleClick"
tab-position="left"
v-model="datacertManage"
@tab-click="handleClick"
>
<el-tab-pane label="自定义证书" name="customCert">
<el-form
ref="customCert"
:model="customCert"
label-width="100px"
size="small"
class="tab-one"
ref="customCert"
:model="customCert"
label-width="100px"
size="small"
class="tab-one"
>
<el-form-item>
<el-upload
class="uploadCert"
:before-upload="beforeCertUpload"
:action="certUpload"
:limit="1"
class="uploadCert"
:before-upload="beforeCertUpload"
:action="certUpload"
:limit="1"
>
<el-button size="mini" icon="el-icon-plus" slot="trigger"
>证书文件</el-button
>证书文件
</el-button
>
<el-tooltip
class="item"
effect="dark"
content="请上传 .pem 格式的 cert 文件"
placement="top"
class="item"
effect="dark"
content="请上传 .pem 格式的 cert 文件"
placement="top"
>
<i class="el-icon-info"></i>
</el-tooltip>
@@ -139,19 +142,20 @@
</el-form-item>
<el-form-item>
<el-upload
class="uploadCert"
:before-upload="beforeKeyUpload"
:action="certUpload"
:limit="1"
class="uploadCert"
:before-upload="beforeKeyUpload"
:action="certUpload"
:limit="1"
>
<el-button size="mini" icon="el-icon-plus" slot="trigger"
>私钥文件</el-button
>私钥文件
</el-button
>
<el-tooltip
class="item"
effect="dark"
content="请上传 .pem 格式的 key 文件"
placement="top"
class="item"
effect="dark"
content="请上传 .pem 格式的 key 文件"
placement="top"
>
<i class="el-icon-info"></i>
</el-tooltip>
@@ -159,23 +163,24 @@
</el-form-item>
<el-form-item>
<el-button
size="small"
icon="el-icon-upload"
type="primary"
@click="submitForm('customCert')"
>上传</el-button
size="small"
icon="el-icon-upload"
type="primary"
@click="submitForm('customCert')"
>上传
</el-button
>
</el-form-item>
</el-form>
</el-tab-pane>
<el-tab-pane label="Let's Encrypt证书" name="letsCert">
<el-form
:model="letsCert"
ref="letsCert"
:rules="rules"
label-width="120px"
size="small"
class="tab-one"
:model="letsCert"
ref="letsCert"
:rules="rules"
label-width="120px"
size="small"
class="tab-one"
>
<el-form-item label="域名" prop="domain">
<el-input v-model="letsCert.domain"></el-input>
@@ -191,30 +196,31 @@
</el-radio-group>
</el-form-item>
<el-form-item
v-for="component in dnsProvider[letsCert.name]"
:key="component.prop"
:label="component.label"
:rules="component.rules"
v-for="component in dnsProvider[letsCert.name]"
:key="component.prop"
:label="component.label"
:rules="component.rules"
>
<component
:is="component.component"
:type="component.type"
v-model="letsCert[letsCert.name][component.prop]"
:is="component.component"
:type="component.type"
v-model="letsCert[letsCert.name][component.prop]"
></component>
</el-form-item>
<el-form-item>
<el-switch
style="display: block"
v-model="letsCert.renew"
active-color="#13ce66"
inactive-color="#ff4949"
inactive-text="自动续期"
style="display: block"
v-model="letsCert.renew"
active-color="#13ce66"
inactive-color="#ff4949"
inactive-text="自动续期"
>
</el-switch>
</el-form-item>
<el-form-item>
<el-button type="primary" @click="submitForm('letsCert')"
>申请</el-button
>申请
</el-button
>
<el-button @click="resetForm('letsCert')">重置</el-button>
</el-form-item>
@@ -224,11 +230,11 @@
</el-tab-pane>
<el-tab-pane label="其他设置" name="dataOther">
<el-form
:model="dataOther"
ref="dataOther"
:rules="rules"
label-width="100px"
class="tab-one"
:model="dataOther"
ref="dataOther"
:rules="rules"
label-width="130px"
class="tab-one"
>
<el-form-item label="vpn对外地址" prop="link_addr">
<el-input placeholder="请输入内容" v-model="dataOther.link_addr">
@@ -237,49 +243,58 @@
<el-form-item label="Banner信息" prop="banner">
<el-input
type="textarea"
:rows="5"
placeholder="请输入内容"
v-model="dataOther.banner"
type="textarea"
:rows="5"
placeholder="请输入内容"
v-model="dataOther.banner"
>
</el-input>
</el-form-item>
<el-form-item label="自定义首页状态码" prop="homecode">
<el-input-number
v-model="dataOther.homecode"
:min="0"
:max="1000"
></el-input-number>
</el-form-item>
<el-form-item label="自定义首页" prop="homeindex">
<el-input
type="textarea"
:rows="10"
placeholder="请输入内容"
v-model="dataOther.homeindex"
type="textarea"
:rows="10"
placeholder="请输入内容"
v-model="dataOther.homeindex"
>
</el-input>
<el-tooltip content="自定义内容可以参考 home 目录下的文件" placement="top">
<el-tooltip content="自定义内容可以参考 index_template 目录下的文件" placement="top">
<i class="el-icon-question"></i>
</el-tooltip>
</el-form-item>
<el-form-item label="账户开通邮件" prop="account_mail">
<el-form-item label="账户开通邮件模板" prop="account_mail">
<el-input
type="textarea"
:rows="10"
placeholder="请输入内容"
v-model="dataOther.account_mail"
type="textarea"
:rows="10"
placeholder="请输入内容"
v-model="dataOther.account_mail"
>
</el-input>
</el-form-item>
<el-form-item label="邮件展示">
<iframe
width="500px"
height="300px"
:srcdoc="dataOther.account_mail"
width="500px"
height="300px"
:srcdoc="dataOther.account_mail"
>
</iframe>
</el-form-item>
<el-form-item>
<el-button type="primary" @click="submitForm('dataOther')"
>保存</el-button
>保存
</el-button
>
<el-button @click="resetForm('dataOther')">重置</el-button>
</el-form-item>
@@ -324,19 +339,19 @@ export default {
authToken: "",
},
},
customCert: { cert: "", key: "" },
customCert: {cert: "", key: ""},
dataOther: {},
rules: {
host: { required: true, message: "请输入服务器地址", trigger: "blur" },
host: {required: true, message: "请输入服务器地址", trigger: "blur"},
port: [
{ required: true, message: "请输入服务器端口", trigger: "blur" },
{required: true, message: "请输入服务器端口", trigger: "blur"},
{
type: "number",
message: "请输入正确的服务器端口",
trigger: ["blur", "change"],
},
],
issuer: { required: true, message: "请输入系统名称", trigger: "blur" },
issuer: {required: true, message: "请输入系统名称", trigger: "blur"},
domain: {
required: true,
message: "请输入需要申请证书的域名",
@@ -347,7 +362,7 @@ export default {
message: "请输入申请证书的邮箱地址",
trigger: "blur",
},
name: { required: true, message: "请选择域名服务商", trigger: "blur" },
name: {required: true, message: "请选择域名服务商", trigger: "blur"},
},
certUpload: "/set/other/customcert",
dnsProvider: {
@@ -449,71 +464,71 @@ export default {
},
getSmtp() {
axios
.get("/set/other/smtp")
.then((resp) => {
let rdata = resp.data;
console.log(rdata);
if (rdata.code !== 0) {
this.$message.error(rdata.msg);
return;
}
this.dataSmtp = rdata.data;
})
.catch((error) => {
this.$message.error("哦,请求出错");
console.log(error);
});
.get("/set/other/smtp")
.then((resp) => {
let rdata = resp.data;
console.log(rdata);
if (rdata.code !== 0) {
this.$message.error(rdata.msg);
return;
}
this.dataSmtp = rdata.data;
})
.catch((error) => {
this.$message.error("哦,请求出错");
console.log(error);
});
},
getAuditLog() {
axios
.get("/set/other/audit_log")
.then((resp) => {
let rdata = resp.data;
console.log(rdata);
if (rdata.code !== 0) {
this.$message.error(rdata.msg);
return;
}
this.dataAuditLog = rdata.data;
})
.catch((error) => {
this.$message.error("哦,请求出错");
console.log(error);
});
.get("/set/other/audit_log")
.then((resp) => {
let rdata = resp.data;
console.log(rdata);
if (rdata.code !== 0) {
this.$message.error(rdata.msg);
return;
}
this.dataAuditLog = rdata.data;
})
.catch((error) => {
this.$message.error("哦,请求出错");
console.log(error);
});
},
getletsCert() {
axios
.get("/set/other/getcertset")
.then((resp) => {
let rdata = resp.data;
console.log(rdata);
if (rdata.code !== 0) {
this.$message.error(rdata.msg);
return;
}
this.letsCert = Object.assign({}, this.letsCert, rdata.data);
})
.catch((error) => {
this.$message.error("哦,请求出错");
console.log(error);
});
.get("/set/other/getcertset")
.then((resp) => {
let rdata = resp.data;
console.log(rdata);
if (rdata.code !== 0) {
this.$message.error(rdata.msg);
return;
}
this.letsCert = Object.assign({}, this.letsCert, rdata.data);
})
.catch((error) => {
this.$message.error("哦,请求出错");
console.log(error);
});
},
getOther() {
axios
.get("/set/other")
.then((resp) => {
let rdata = resp.data;
console.log(rdata);
if (rdata.code !== 0) {
this.$message.error(rdata.msg);
return;
}
this.dataOther = rdata.data;
})
.catch((error) => {
this.$message.error("哦,请求出错");
console.log(error);
});
.get("/set/other")
.then((resp) => {
let rdata = resp.data;
console.log(rdata);
if (rdata.code !== 0) {
this.$message.error(rdata.msg);
return;
}
this.dataOther = rdata.data;
})
.catch((error) => {
this.$message.error("哦,请求出错");
console.log(error);
});
},
submitForm(formName) {
this.$refs[formName].validate((valid) => {
@@ -535,16 +550,16 @@ export default {
break;
case "dataAuditLog":
axios
.post("/set/other/audit_log/edit", this.dataAuditLog)
.then((resp) => {
var rdata = resp.data;
console.log(rdata);
if (rdata.code === 0) {
this.$message.success(rdata.msg);
} else {
this.$message.error(rdata.msg);
}
});
.post("/set/other/audit_log/edit", this.dataAuditLog)
.then((resp) => {
var rdata = resp.data;
console.log(rdata);
if (rdata.code === 0) {
this.$message.success(rdata.msg);
} else {
this.$message.error(rdata.msg);
}
});
break;
case "letsCert":
var loading = this.$loading({

122
web/src/pages/user/Online.vue
View File

@@ -1,6 +1,59 @@
<template>
<div>
<el-card>
<el-form :inline="true">
<el-form-item>
<el-select
v-model="searchCate"
style="width: 86px;"
@change="handleSearch">
<el-option
label="用户名"
value="username">
</el-option>
<el-option
label="登录组"
value="group">
</el-option>
<el-option
label="MAC地址"
value="mac_addr">
</el-option>
<el-option
label="IP地址"
value="ip">
</el-option>
<el-option
label="远端地址"
value="remote_addr">
</el-option>
</el-select>
</el-form-item>
<el-form-item>
<el-input
v-model="searchText"
placeholder="请输入搜索内容"
@input="handleSearch">
</el-input>
</el-form-item>
<el-form-item>
显示休眠用户
<el-switch
v-model="showSleeper"
@change="handleSearch">
</el-switch>
</el-form-item>
<el-form-item>
<el-button
class="extra-small-button"
type="danger"
size="mini"
:loading="loadingOneOffline"
@click="handleOneOffline">
一键下线
</el-button>
</el-form>
<el-table
ref="multipleTable"
:data="tableData"
@@ -20,7 +73,7 @@
<el-table-column
prop="group"
label="登组">
label="登组">
</el-table-column>
<el-table-column
@@ -67,7 +120,6 @@
</el-table-column>
<el-table-column
prop="status"
label="实时 上行/下行"
width="220">
<template slot-scope="scope">
@@ -77,7 +129,6 @@
</el-table-column>
<el-table-column
prop="status"
label="总量 上行/下行"
width="200">
<template slot-scope="scope">
@@ -88,7 +139,7 @@
<el-table-column
prop="last_login"
label="登时间"
label="登时间"
:formatter="tableDateFormat">
</el-table-column>
@@ -99,6 +150,7 @@
<el-button
size="mini"
type="primary"
v-if="scope.row.remote_addr !== ''"
@click="handleReline(scope.row)">重连
</el-button>
@@ -123,6 +175,7 @@
<script>
import axios from "axios";
import { MessageBox } from 'element-ui';
export default {
name: "Online",
@@ -147,6 +200,10 @@ export default {
data() {
return {
tableData: [],
searchCate: 'username',
searchText: '',
showSleeper: false,
loadingOneOffline: false,
}
},
methods: {
@@ -185,8 +242,43 @@ export default {
handleEdit(a, row) {
console.log(a, row)
},
handleOneOffline() {
if (this.tableData === null || this.tableData.length === 0) {
this.$message.error('错误:当前在线用户表为空,无法执行一键下线操作!');
return;
}
MessageBox.confirm('当前搜索条件下的所有用户将会“下线”,你确定执行吗?', '危险', {
confirmButtonText: '确定',
cancelButtonText: '取消',
type: 'danger'
}).then(() => {
try {
this.loadingOneOffline = true;
this.getData();
this.$message.success('操作成功');
this.loadingOneOffline = false;
// 清空当前表格
this.tableData = [];
} catch (error) {
this.loadingOneOffline = false;
this.$message.error('操作失败');
}
});
},
handleSearch() {
this.getData();
},
getData() {
axios.get('/user/online').then(resp => {
axios.get('/user/online',
{
params: {
search_cate: this.searchCate,
search_text: this.searchText,
show_sleeper: this.showSleeper,
one_offline: this.loadingOneOffline
}
}
).then(resp => {
var data = resp.data.data
console.log(data);
this.tableData = data.datas;
@@ -201,5 +293,23 @@ export default {
</script>
<style scoped>
/deep/ .el-form .el-form-item__label,
/deep/ .el-form .el-form-item__content,
/deep/ .el-form .el-input,
/deep/ .el-form .el-select,
/deep/ .el-form .el-button,
/deep/ .el-form .el-select-dropdown__item {
font-size: 11px;
}
.el-select-dropdown .el-select-dropdown__item {
font-size: 11px;
padding: 0 10px;
}
/deep/ .el-input__inner{
height: 30px;
padding: 0 10px;
}
.extra-small-button {
padding: 5px 10px;
}
</style>

2
web/src/plugins/request.js
View File

@@ -7,7 +7,7 @@ axios.defaults.headers.post['Content-Type'] = 'application/x-www-form-urlencoded
if (process.env.NODE_ENV !== 'production') {
// 开发环境
axios.defaults.baseURL = 'http://172.23.83.233:8800';
axios.defaults.baseURL = 'https://192.168.8.24:8800';
}
function request(vm) {

12
web/yarn.lock
View File

@@ -7793,6 +7793,11 @@ sort-keys@^1.0.0:
dependencies:
is-plain-obj "^1.0.0"
sortablejs@1.10.2:
version "1.10.2"
resolved "https://registry.yarnpkg.com/sortablejs/-/sortablejs-1.10.2.tgz#6e40364d913f98b85a14f6678f92b5c1221f5290"
integrity sha512-YkPGufevysvfwn5rfdlGyrGjt7/CRHwvRPogD/lC+TnvcN29jDpCifKP+rBqf+LRldfXSTh+0CGLcSg0VIxq3A==
source-list-map@^2.0.0:
version "2.0.1"
resolved "https://registry.yarnpkg.com/source-list-map/-/source-list-map-2.0.1.tgz#3993bd873bfc48479cca9ea3a547835c7c154b34"
@@ -8775,6 +8780,13 @@ vue@^2.6.11:
"@vue/compiler-sfc" "2.7.16"
csstype "^3.1.0"
vuedraggable@^2.24.3:
version "2.24.3"
resolved "https://registry.yarnpkg.com/vuedraggable/-/vuedraggable-2.24.3.tgz#43c93849b746a24ce503e123d5b259c701ba0d19"
integrity sha512-6/HDXi92GzB+Hcs9fC6PAAozK1RLt1ewPTLjK0anTYguXLAeySDmcnqE8IC0xa7shvSzRjQXq3/+dsZ7ETGF3g==
dependencies:
sortablejs "1.10.2"
watchpack-chokidar2@^2.0.1:
version "2.0.1"
resolved "https://registry.yarnpkg.com/watchpack-chokidar2/-/watchpack-chokidar2-2.0.1.tgz#38500072ee6ece66f3769936950ea1771be1c957"

4
yarn.lock
View File

@@ -1,4 +0,0 @@
# THIS IS AN AUTOGENERATED FILE. DO NOT EDIT THIS FILE DIRECTLY.
# yarn lockfile v1