添加支持 radius 的 nasip

Merge pull request #336 from bjdgyc/dev
权限添加拖拽功能
2025-09-28 16:15:17 +08:00 · 2024-09-10 13:12:01 +08:00 · 2024-09-09 17:01:13 +08:00 · 2024-09-09 16:55:13 +08:00 · 2024-09-09 16:52:32 +08:00 · 2024-09-09 15:11:36 +08:00
42 changed files with 1351 additions and 716 deletions
--- a/.gitignore
+++ b/.gitignore
@@ -2,6 +2,7 @@
 .idea/
 anylink-deploy
 anylink-deploy.tar.gz
 anylink-deploy-*
 anylink
 anylink.db
--- a/README.md
+++ b/README.md
@@ -23,10 +23,11 @@ AnyLink 是一个企业级远程办公 sslvpn 的软件，可以支持多人同
 AnyLink 基于 [ietf-openconnect](https://tools.ietf.org/html/draft-mavrogiannopoulos-openconnect-02)
 协议开发，并且借鉴了 [ocserv](http://ocserv.gitlab.io/www/index.html) 的开发思路，使其可以同时兼容 AnyConnect 客户端。
-AnyLink 使用 TLS/DTLS 进行数据加密，因此需要 RSA 或 ECC 证书，可以通过 Let's Encrypt 和 TrustAsia 申请免费的 SSL 证书。
+AnyLink 使用 TLS/DTLS 进行数据加密，因此需要 RSA 或 ECC 证书，可以使用私有自签证书，可以通过 Let's Encrypt 和 TrustAsia
 申请免费的 SSL 证书。
 AnyLink 服务端仅在 CentOS 7、CentOS 8、Ubuntu 18.04、Ubuntu 20.04 测试通过，如需要安装在其他系统，需要服务端支持 tun/tap
-功能、ip 设置命令。
+功能、ip 设置命令、iptables命令。
 ## Screenshot
@@ -47,25 +48,26 @@ AnyLink 服务端仅在 CentOS 7、CentOS 8、Ubuntu 18.04、Ubuntu 20.04 测试
 > 没有编程基础的同学建议直接下载 release 包，从下面的地址下载 anylink-deploy.tar.gz
 >
 > https://github.com/bjdgyc/anylink/releases
-> 
+>
 > https://gitee.com/bjdgyc/anylink/releases
 >
 > 如果不会安装，可以提供有偿远程协助服务(200 CNY)。添加QQ(68492170)联系我
-> 
+>
 > 也可以添加QQ群 咨询群内大佬
-> 
+>
-> 添加QQ群①(已满): 567510628
+> 添加QQ群①: 567510628
-> 
+>
-> 添加QQ群②: 739072205
+> <img src="doc/screenshot/qq2.jpg" width="400" />
 ### 使用问题
-> 对于测试环境，可以使用 vpn.test.vqilu.cn 绑定host进行测试
+> 对于测试环境，可以直接进行测试，需要客户端取消勾选【阻止不受信任的服务器(Block connections to untrusted servers)】
 >
-> 对于线上环境，必须申请安全的https证书(跟nginx使用的证书类型一致)，不支持私有证书连接
+> 对于线上环境，尽量申请安全的https证书(跟nginx使用的pem证书类型一致)
 >
 > 群共享文件有相关客户端软件下载，其他版本没有测试过，不保证使用正常
-> 
+>
 > 其他问题 [前往查看](doc/question.md)
 >
 > 默认管理后台访问地址  https://host:8800 或 https://域名:8800 默认账号密码 admin 123456
@@ -74,18 +76,22 @@ AnyLink 服务端仅在 CentOS 7、CentOS 8、Ubuntu 18.04、Ubuntu 20.04 测试
 ### 自行编译安装
-> 需要提前安装好 golang >= 1.20 和 nodejs = 16.x 和 yarn >= v1.22.x
+> 需要提前安装好 docker
 ```shell
 git clone https://github.com/bjdgyc/anylink.git
-# 编译参考软件版本
+# docker编译 参考软件版本(不需要安装)
 # go 1.20.12
 # node v16.20.2
 # yarn 1.22.19
 cd anylink
 # 编译前端
 bash build_web.sh
 # 编译 anylink-deploy 发布文件
 bash build.sh
 # 注意使用root权限运行
@@ -121,7 +127,7 @@ sudo ./anylink
 - [x] 后台管理界面
 - [x] 访问权限管理
 - [x] 用户活动审计功能
- [x] IP 访问审计功能
+- [x] IP 访问审计功能(支持多端口、连续端口)
 - [x] 域名动态拆分隧道（域名路由功能）
 - [x] radius认证支持
 - [x] LDAP认证支持
@@ -129,6 +135,8 @@ sudo ./anylink
 - [x] 流量压缩功能
 - [x] 出口 IP 自动放行
 - [x] 支持多服务的配置区分
 - [x] 支持私有自签证书
 - [x] 支持内网域名解析(指定的域名走内网dns)
 - [ ] 基于 ipvtap 设备的桥接访问模式
 ## Config
@@ -181,7 +189,6 @@ sudo ./anylink
 >
 > ubuntu: apt-get install iptables iproute2
 ### link_mode 设置
 > 以下参数必须设置其中之一
@@ -253,11 +260,11 @@ https://cloud.tencent.com/document/product/216/62007
 1. 设置配置文件
 > macvtap 设置相对比较简单，只需要配置相应的参数即可。
-> 
+>
 > 网络要求：需要网络支持 ARP 传输，可通过 ARP 宣告普通内网 IP。
-> 
+>
 > 网络限制：云环境下不能使用，网卡mac加白环境不能使用，802.1x认证网络不能使用
-> 
+>
 > 以下参数可以通过执行 `ip a` 查看
@@ -325,6 +332,7 @@ ipv4_end = "10.1.2.200"
    - centos: `/usr/lib/systemd/system/`
    - ubuntu: `/lib/systemd/system/`
 3. 操作命令:
    - 加载配置: `systemctl daemon-reload`
    - 启动: `systemctl start anylink`
    - 停止: `systemctl stop anylink`
    - 开机自启: `systemctl enable anylink`
@@ -341,11 +349,24 @@ ipv4_end = "10.1.2.200"
 ## Docker
 ### anylink 镜像地址
 对于国内用户，为提高镜像拉取体验，可以考虑拉取存放于阿里云镜像仓库的镜像，镜像名称及标签如下表所示(
 具体版本号可以查看 `version` 文件):
 |    支持设备/平台    |       DockerHub       |                             阿里云镜像仓库                             |
 |:-------------:|:---------------------:|:---------------------------------------------------------------:|
 | x86_64/amd64  | bjdgyc/anylink:latest |     registry.cn-hangzhou.aliyuncs.com/bjdgyc/anylink:latest     |
 | x86_64/amd64  | bjdgyc/anylink:0.12.1 |     registry.cn-hangzhou.aliyuncs.com/bjdgyc/anylink:0.12.1     |
 | armv8/aarch64 | bjdgyc/anylink:latest | registry.cn-hangzhou.aliyuncs.com/bjdgyc/anylink:arm64v8-latest |
 | armv8/aarch64 | bjdgyc/anylink:0.12.1 | registry.cn-hangzhou.aliyuncs.com/bjdgyc/anylink:arm64v8-0.12.1 |
 1. 获取镜像
   ```bash
   # 具体tag可以从docker hub获取
   # https://hub.docker.com/r/bjdgyc/anylink/tags
   docker pull bjdgyc/anylink:latest
   docker pull registry.cn-hangzhou.aliyuncs.com/bjdgyc/anylink:latest
   ```
 2. 查看命令信息
@@ -432,14 +453,14 @@ ipv4_end = "10.1.2.200"
 - [三方文档-男孩的天职](https://note.youdao.com/s/X4AxyWfL)
 - [三方文档-issues](https://github.com/bjdgyc/anylink/issues)
 - [三方文档-思有云](https://www.ioiox.com/archives/128.html)
 - [三方文档-杨杨得亿](https://yangpin.link/archives/1897.html)  [Windows电脑连接步骤-杨杨得亿](https://yangpin.link/archives/1697.html)
 ## Support Client
 - [AnyConnect Secure Client](https://www.cisco.com/) (可通过群文件下载: Windows/macOS/Linux/Android/iOS)
 - [OpenConnect](https://gitlab.com/openconnect/openconnect) (Windows/macOS/Linux)
 - [三方 AnyLink Secure Client](https://github.com/tlslink/anylink-client) (Windows/macOS/Linux)
- [三方客户端下载地址](https://cisco.yangpin.link) (Windows/macOS/Linux/Android/iOS)
+- 【推荐】三方客户端下载地址(Windows/macOS/Linux/Android/iOS) [国内地址](https://ocserv.yydy.link:2023) [国外地址](https://cisco.yydy.link/#/)
 ## Contribution
--- a/build.sh
+++ b/build.sh
@@ -7,15 +7,22 @@ ver=$(cat version)
 echo $ver
 #前端编译 仅需要执行一次
-bash ./build_web.sh
+#bash ./build_web.sh
-cd $cpath/server
+bash build_docker.sh
-go build -v -o anylink
+deploy="anylink-deploy-$ver"
-
+docker container rm $deploy
-./anylink -v
+docker container create --name $deploy bjdgyc/anylink:$ver
 rm -rf anylink-deploy anylink-deploy.tar.gz
 docker cp -a $deploy:/app ./anylink-deploy
 tar zcf ${deploy}.tar.gz anylink-deploy
-echo "anylink 编译完成，目录: $cpath/server/anylink"
+./anylink-deploy/anylink -v
 echo "anylink 编译完成，目录: anylink-deploy"
 ls -lh anylink-deploy
--- a/build_docker.sh
+++ b/build_docker.sh
@@ -11,14 +11,13 @@ echo $ver
 #bash ./build_web.sh
 # docker buildx build --platform linux/amd64,linux/arm64,linux/arm/v7 本地不生成镜像
-docker build -t bjdgyc/anylink:latest --no-cache --progress=plain --platform linux/amd64 \
+docker build -t bjdgyc/anylink:latest --no-cache --progress=plain \
-  --build-arg CN="yes" --build-arg appVer=$ver --build-arg commitId=$(git rev-parse HEAD) -f docker/Dockerfile .
+  --build-arg CN="yes" --build-arg appVer=$ver --build-arg commitId=$(git rev-parse HEAD) \
  -f docker/Dockerfile .
 echo "docker tag latest $ver"
 docker tag bjdgyc/anylink:latest bjdgyc/anylink:$ver
 exit 0
-docker tag bjdgyc/anylink:latest registry.cn-qingdao.aliyuncs.com/bjdgyc/anylink:latest
+# docker tag bjdgyc/anylink:$ver registry.cn-hangzhou.aliyuncs.com/bjdgyc/anylink:test-$ver
-
+# docker push registry.cn-hangzhou.aliyuncs.com/bjdgyc/anylink:test-$ver
 docker push registry.cn-qingdao.aliyuncs.com/bjdgyc/anylink:latest
--- a/build_test.sh
+++ b/build_test.sh
@@ -42,9 +42,10 @@ go build -v -o anylink $flags -ldflags "$ldflags"
 EOF
 )
 # golang:1.20-alpine3.19
 #使用 musl-dev 编译
 docker run -q --rm -v $PWD/server:/app -v $gopath:/go -w /app --platform=linux/amd64 \
-  golang:1.20-alpine3.19 sh -c "$dockercmd"
+  golang:1.22-alpine3.19 sh -c "$dockercmd"
 #arm64编译
 #docker run -q --rm -v $PWD/server:/app -v $gopath:/go -w /app --platform=linux/arm64 \
--- a/build_web.sh
+++ b/build_web.sh
@@ -1,7 +1,9 @@
 #!/bin/bash
 rm -rf web/ui server/ui
 docker run -it --rm -v $PWD/web:/app -w /app node:16-alpine \
  sh -c "yarn install --registry=https://registry.npmmirror.com && yarn run build"
-rm -rf server/ui
+
 cp -r web/ui server/ui
--- a/deploy_docker_cn.sh
+++ b/deploy_docker_cn.sh
@@ -0,0 +1,27 @@
 #!/bin/bash
 ver=$(cat version)
 echo $ver
 echo "docker tag latest $ver"
 docker pull --platform=linux/amd64 bjdgyc/anylink:$ver
 docker tag bjdgyc/anylink:$ver registry.cn-hangzhou.aliyuncs.com/bjdgyc/anylink:latest
 docker push registry.cn-hangzhou.aliyuncs.com/bjdgyc/anylink:latest
 docker tag bjdgyc/anylink:$ver registry.cn-hangzhou.aliyuncs.com/bjdgyc/anylink:$ver
 docker push registry.cn-hangzhou.aliyuncs.com/bjdgyc/anylink:$ver
 docker rmi bjdgyc/anylink:$ver
 #arm64
 docker pull --platform=linux/arm64 bjdgyc/anylink:$ver
 docker tag bjdgyc/anylink:$ver registry.cn-hangzhou.aliyuncs.com/bjdgyc/anylink:arm64v8-latest
 docker push registry.cn-hangzhou.aliyuncs.com/bjdgyc/anylink:arm64v8-latest
 docker tag bjdgyc/anylink:$ver registry.cn-hangzhou.aliyuncs.com/bjdgyc/anylink:arm64v8-$ver
 docker push registry.cn-hangzhou.aliyuncs.com/bjdgyc/anylink:arm64v8-$ver
 docker rmi bjdgyc/anylink:$ver
--- a/doc/README.md
+++ b/doc/README.md
@@ -12,38 +12,45 @@
 >
 > 需要展示主页的同学，可以在QQ群 直接联系我添加。
-| 昵称        | 主页 / 联系方式                    |
+| 昵称          | 主页 / 联系方式                    |
-|-----------|------------------------------|
+|-------------|------------------------------|
-| 代码 oo8    |                              |
+| 代码 oo8      |                              |
-| 甘磊        | https://github.com/ganlei333 |
+| 甘磊          | https://github.com/ganlei333 |
-| Oo@       | https://github.com/chooop    |
+| Oo@         | https://github.com/chooop    |
-| 虚极静笃      |                              |
+| 虚极静笃        |                              |
-| 请喝可乐      |                              |
+| 请喝可乐        |                              |
-| 加油加油      |                              |
+| 加油加油        |                              |
-| 李建        |                              |
+| 李建          |                              |
-| lanbin    |                              |
+| lanbin      |                              |
-| 乐在东途      |                              |
+| 乐在东途        |                              |
-| 孤鸿        |                              |
+| 孤鸿          |                              |
-| 刘国华       |                              |
+| 刘国华         |                              |
-| 改名好无聊     |                              |
+| 改名好无聊       |                              |
-| 全能互联网专家   |                              |
+| 全能互联网专家     |                              |
-| JCM       |                              |
+| JCM         |                              |
-| Eh...     |                              |
+| Eh...       |                              |
-| 沉         |                              |
+| 沉           |                              |
-| 刘国华       |                              |
+| 刘国华         |                              |
-| 忧郁的豚骨拉面   |                              |
+| 忧郁的豚骨拉面     |                              |
-| 张小旋当爹地    |                              |
+| 张小旋当爹地      |                              |
-| 对方正在输入    |                              |
+| 对方正在输入      |                              |
-| Ronny     |                              |
+| Ronny       |                              |
-| 奔跑的少年     |                              |
+| 奔跑的少年       |                              |
-| ZBW       |                              |
+| ZBW         |                              |
-| 悲鸣        |                              |
+| 悲鸣          |                              |
-| 谢谢        |                              |
+| 谢谢          |                              |
-| 云思科技      |                              |
+| 云思科技        |                              |
-| 哆啦A伟(张佳伟) |                              |
+| 哆啦A伟(张佳伟)   |                              |
-| 人类的悲欢并不相通 |                              |
+| 人类的悲欢并不相通   |                              |
-| 做人要低调     |                              |
+| 做人要低调       |                              |
-| 洛洛        |                              |
+| 洛洛          |                              |
 | Dragon Liao |                              |
 | 诸葛御风        |                              |
 | 杨杨得亿        |                              |
 | Thanataos   |                              |
 | 憨大叔         |                              |
 | 明月          |                              |
 | Amis        |                              |
--- a/doc/question.md
+++ b/doc/question.md
@@ -10,6 +10,10 @@
 > 请使用手机安装 freeotp ，然后扫描otp二维码，生成的数字即是动态码
 ### 用户策略问题
 > 只要有用户策略，组策略就不生效，相当于覆盖了组策略的配置
 ### 远程桌面连接
 > 本软件已经支持远程桌面里面连接anyconnect。
--- a/doc/screenshot/qq2.jpg
+++ b/doc/screenshot/qq2.jpg
--- a/docker/Dockerfile
+++ b/docker/Dockerfile
@@ -13,7 +13,8 @@
 # 需要先编译出ui文件后 再执行docker编译
 # server
-FROM golang:1.20-alpine3.19 as builder_golang
+# golang:1.20-alpine3.19
 FROM golang:1.22-alpine3.19 as builder_golang
 ARG CN="no"
 ARG appVer="appVer"
--- a/docker/init_release.sh
+++ b/docker/init_release.sh
@@ -9,12 +9,16 @@ if [[ $CN == "yes" ]]; then
  export GOPROXY=https://goproxy.cn
 fi
 # docker 启动使用 4.19 以上内核
 apk add --no-cache ca-certificates bash iproute2 tzdata iptables
 # alpine:3.19 兼容老版 iptables
-apk add --no-cache iptables iptables-legacy
+apk add --no-cache iptables-legacy
 rm /sbin/iptables
 ln -s /sbin/iptables-legacy /sbin/iptables
-apk add --no-cache ca-certificates bash iproute2 tzdata
+
 chmod +x /app/docker_entrypoint.sh
 mkdir /app/log
--- a/index_template/自定义首页2.html
+++ b/index_template/自定义首页2.html
@@ -0,0 +1,165 @@
 <!DOCTYPE html>
 <html lang="zh-CN">
 <head>
    <meta charset=UTF-8">
    <title id="pageTitle">客户端下载</title>
    <meta name="viewport" content="width=device-width, initial-scale=1.0">
    <style type="text/css">
        body {
            background-color: #fff;
            background-image: linear-gradient(0deg, transparent 24%, rgba(207, 207, 207, 0.2) 25%, rgba(207, 207, 207, 0.2) 26%, transparent 27%, transparent 74%, rgba(207, 207, 207, 0.2) 75%, rgba(207, 207, 207, 0.2) 76%, transparent 77%, transparent),
            linear-gradient(90deg, transparent 24%, rgba(207, 207, 207, 0.2) 25%, rgba(207, 207, 207, 0.2) 26%, transparent 27%, transparent 74%, rgba(207, 207, 207, 0.2) 75%, rgba(207, 207, 207, 0.2) 76%, transparent 77%, transparent);
            background-size: 50px 50px;
            margin: 0;
            padding: 0;
            display: flex;
            justify-content: center;
            align-items: center;
            height: 100vh;
        }
        #box {
            background-color: #ffffff;
            box-shadow: 0 0 10px rgba(0, 0, 0, 0.1);
            position: relative;
            padding: 20px;
            border-radius: 8px;
            max-width: 550px;
            width: 100%;
            box-sizing: border-box;
        }
        h2 {
            color: #333;
            font-weight: 600;
            font-size: 28px;
            margin: 0 0 20px 0;
        }
        p {
            color: #666;
            font-size: 16px;
            line-height: 1.6;
            margin-top: 20px;
        }
        .button {
            background-color: #ddd;
            text-decoration: none;
            line-height: 44px;
            padding: 9px 42px;
            font-weight: 500;
            color: #fff;
            font-size: 16px;
            -webkit-transition: background-color 0.25s ease-out 0s;
            -moz-transition: background-color 0.25s ease-out 0s;
            transition: background-color 0.25s ease-out 0s;
            -moz-border-radius: 4px;
            -webkit-border-radius: 4px;
            border-radius: 4px;
        }
        .button:hover {
            background-color: #CCC;
            color: #444;
        }
        .button:active {
            background-color: #666;
            color: #eee;
        }
        .blue {
            background-color: #007BFF;
        }
        .deep-blue {
            background-color: #0056B3;
        }
        .green {
            background-color: #28A745;
        }
        .grey {
            background-color: #6C757D;
        }
        .black {
            background-color: #343A40;
        }
        .light-blue {
            background-color: #17A2B8;
        }
        .dark-grey {
            background-color: #495057;
        }
        @media (max-width: 768px) {
            h2 {
                font-size: 24px;
            }
            p {
                font-size: 14px;
            }
            .button {
                padding: 7px 35px;
            }
        }
    </style>
 </head>
 <body>
 <div id="app">
    <div id="box">
        <h2 id="title">请选择对应平台下载</h2>
        <p id="windowsTab">Windows 系统</p>
        <a id="linkWindowsX86_64" class="button blue" href="#">Win X86_64</a>
        <a id="linkWindowsARM64" class="button deep-blue" href="#">Win ARM64</a>
        <p id="mobileTab">移动端</p>
        <a id="linkAndroid" class="button green" href="#">Android</a>
        <a id="linkIphone" class="button grey" href="#" target="_blank">iPhone</a>
        <p id="macOSTab">MacOS 系统</p>
        <a id="linkMacos" class="button black" href="#">Mac Intel</a>
        <a id="linkMacosARM64" class="button blue" href="#">Mac ARM64</a>
        <p id="totpTab">TOTP 移动客户端</p>
        <a id="linkTotpAndroid" class="button light-blue" href="#">Android</a>
        <a id="linkTotpIphone" class="button dark-grey" href="#" target="_blank">iPhone</a>
    </div>
 </div>
 <script>
    const data = {
        links: {
            windowsX86_64: '/files/anyconnect-win-4.10.05111.msi',
            windowsARM64: '/files/anyconnect-win-4.10.05111.msi',
            android: '/files/CiscoSecureClientAnyConnect_v5.0.00247.apk',
            iphone: 'https://apps.apple.com/cn/app/cisco-anyconnect/id1135064690',
            macosIntel: '/files/anyconnect-macos-4.10.05111.dmg',
            macosARM64: '/files/anyconnect-macos-4.10.05111.dmg',
            totpAndroid: '/files/Authenticator_v5.10_apkpure.com.apk',
            totpIphone: 'https://apps.apple.com/cn/app/google-authenticator/id388497605',
        }
    };
    window.onload = function () {
        document.getElementById('linkWindowsX86_64').href = data.links.windowsX86_64;
        document.getElementById('linkWindowsARM64').href = data.links.windowsARM64;
        document.getElementById('linkAndroid').href = data.links.android;
        document.getElementById('linkIphone').href = data.links.iphone;
        document.getElementById('linkMacos').href = data.links.macosIntel;
        document.getElementById('linkMacosARM64').href = data.links.macosARM64;
        document.getElementById('linkTotpAndroid').href = data.links.totpAndroid;
        document.getElementById('linkTotpIphone').href = data.links.totpIphone;
    };
 </script>
 </body>
 </html>
--- a/server/admin/api_group.go
+++ b/server/admin/api_group.go
@@ -75,6 +75,10 @@ func GroupDetail(w http.ResponseWriter, r *http.Request) {
 	if len(data.Auth) == 0 {
 		data.Auth["type"] = "local"
 	}
 	// 兼容旧数据
 	if data.SplitDns == nil {
 		data.SplitDns = []dbdata.ValData{}
 	}
 	RespSucess(w, data)
 }
--- a/server/admin/api_user.go
+++ b/server/admin/api_user.go
@@ -17,6 +17,7 @@ import (
 	"github.com/bjdgyc/anylink/dbdata"
 	"github.com/bjdgyc/anylink/sessdata"
 	"github.com/skip2/go-qrcode"
 	mail "github.com/xhit/go-simple-mail/v2"
 )
 func UserList(w http.ResponseWriter, r *http.Request) {
@@ -179,7 +180,15 @@ func userOtpQr(uid int, b64 bool) (string, error) {
 // 在线用户
 func UserOnline(w http.ResponseWriter, r *http.Request) {
-	datas := sessdata.OnlineSess()
+	_ = r.ParseForm()
 	search_cate := r.FormValue("search_cate")
 	search_text := r.FormValue("search_text")
 	show_sleeper := r.FormValue("show_sleeper")
 	showSleeper, _ := strconv.ParseBool(show_sleeper)
 	// one_offline := r.FormValue("one_offline")
 	// datas := sessdata.OnlineSess()
 	datas := sessdata.GetOnlineSess(search_cate, search_text, showSleeper)
 	data := map[string]interface{}{
 		"count":     len(datas),
@@ -211,8 +220,10 @@ type userAccountMailData struct {
 	Username     string
 	Nickname     string
 	PinCode      string
 	LimitTime    string
 	OtpImg       string
 	OtpImgBase64 string
 	DisableOtp   bool
 }
 func userAccountMail(user *dbdata.User) error {
@@ -264,7 +275,15 @@ func userAccountMail(user *dbdata.User) error {
 		PinCode:      user.PinCode,
 		OtpImg:       fmt.Sprintf("https://%s/otp_qr?id=%d&jwt=%s", setting.LinkAddr, user.Id, tokenString),
 		OtpImgBase64: "data:image/png;base64," + otpData,
 		DisableOtp:   user.DisableOtp,
 	}
 	if user.LimitTime == nil {
 		data.LimitTime = "无限制"
 	} else {
 		data.LimitTime = user.LimitTime.Local().Format("2006-01-02")
 	}
 	w := bytes.NewBufferString("")
 	t, _ := template.New("auth_complete").Parse(htmlBody)
 	err = t.Execute(w, data)
@@ -272,5 +291,19 @@ func userAccountMail(user *dbdata.User) error {
 		return err
 	}
 	// fmt.Println(w.String())
-	return SendMail(base.Cfg.Issuer+"平台通知", user.Email, w.String())
+
 	var attach *mail.File
 	if user.DisableOtp {
 		attach = nil
 	} else {
 		imgData, _ := userOtpQr(user.Id, false)
 		attach = &mail.File{
 			MimeType: "image/png",
 			Name:     "userOtpQr.png",
 			Data:     []byte(imgData),
 			Inline:   true,
 		}
 	}
 	return SendMail(base.Cfg.Issuer, user.Email, w.String(), attach)
 }
--- a/server/admin/common.go
+++ b/server/admin/common.go
@@ -43,7 +43,7 @@ func GetJwtData(jwtToken string) (map[string]interface{}, error) {
 	return claims, nil
 }
-func SendMail(subject, to, htmlBody string) error {
+func SendMail(subject, to, htmlBody string, attach *mail.File) error {
 	dataSmtp := &dbdata.SettingSmtp{}
 	err := dbdata.SettingGet(dataSmtp)
@@ -102,6 +102,10 @@ func SendMail(subject, to, htmlBody string) error {
 		AddTo(to).
 		SetSubject(subject)
 	if attach != nil {
 		email.Attach(attach)
 	}
 	email.SetBody(mail.TextHTML, htmlBody)
 	// Call Send and pass the client
--- a/server/admin/server.go
+++ b/server/admin/server.go
@@ -111,12 +111,6 @@ func StartAdmin() {
 		selectedCipherSuites = append(selectedCipherSuites, s.ID)
 	}
 	if tlscert, _, err := dbdata.ParseCert(); err != nil {
 		base.Fatal("证书加载失败", err)
 	} else {
 		dbdata.LoadCertificate(tlscert)
 	}
 	// 设置tls信息
 	tlsConfig := &tls.Config{
 		NextProtos:   []string{"http/1.1"},
--- a/server/base/config.go
+++ b/server/base/config.go
@@ -55,9 +55,9 @@ var configs = []config{
 	{Typ: cfgInt, Name: "max_client", Usage: "最大用户连接", ValInt: 200},
 	{Typ: cfgInt, Name: "max_user_client", Usage: "最大单用户连接", ValInt: 3},
 	{Typ: cfgInt, Name: "cstp_keepalive", Usage: "keepalive时间(秒)", ValInt: 3},
-	{Typ: cfgInt, Name: "cstp_dpd", Usage: "死链接检测时间(秒)", ValInt: 10},
+	{Typ: cfgInt, Name: "cstp_dpd", Usage: "死链接检测时间(秒)", ValInt: 20},
 	{Typ: cfgInt, Name: "mobile_keepalive", Usage: "移动端keepalive接检测时间(秒)", ValInt: 4},
-	{Typ: cfgInt, Name: "mobile_dpd", Usage: "移动端死链接检测时间(秒)", ValInt: 15},
+	{Typ: cfgInt, Name: "mobile_dpd", Usage: "移动端死链接检测时间(秒)", ValInt: 60},
 	{Typ: cfgInt, Name: "mtu", Usage: "最大传输单元MTU", ValInt: 1460},
 	{Typ: cfgInt, Name: "idle_timeout", Usage: "空闲链接超时时间(秒)-超时后断开链接，0关闭此功能", ValInt: 0},
 	{Typ: cfgInt, Name: "session_timeout", Usage: "session过期时间(秒)-用于断线重连，0永不过期", ValInt: 3600},
--- a/server/conf/profile.xml
+++ b/server/conf/profile.xml
@@ -9,6 +9,7 @@
        <RestrictTunnelProtocols>IPSec</RestrictTunnelProtocols>
        <BypassDownloader>true</BypassDownloader>
        <AutoUpdate UserControllable="false">false</AutoUpdate>
        <LocalLanAccess UserControllable="true">true</LocalLanAccess>
        <WindowsVPNEstablishment>AllowRemoteUsers</WindowsVPNEstablishment>
        <LinuxVPNEstablishment>AllowRemoteUsers</LinuxVPNEstablishment>
        <CertEnrollmentPin>pinAllowed</CertEnrollmentPin>
--- a/server/conf/server-sample.toml
+++ b/server/conf/server-sample.toml
@@ -12,9 +12,15 @@ cert_key = "./conf/vpn_cert.key"
 files_path = "./conf/files"
 profile = "./conf/profile.xml"
 #profile name(用于区分不同服务端的配置)
-#客户端存放位置 C:\ProgramData\Cisco\Cisco Secure Client\VPN\Profile
+#客户端存放位置
 #Windows 10
 #%ProgramData%Cisco\Cisco AnyConnect Secure Mobility Client\Profile
 #Mac Os X
 #/opt/cisco/anyconnect/profile
 #Linux
 #/opt/cisco/anyconnect/profile
 profile_name = "anylink"
-#日志目录,为空写入标准输出
+#日志目录,默认为空写入标准输出
 #log_path = "./log"
 log_path = ""
 log_level = "debug"
@@ -66,9 +72,9 @@ default_group = "one"
 #客户端失效检测时间(秒) dpd > keepalive
 cstp_keepalive = 3
-cstp_dpd = 10
+cstp_dpd = 20
 mobile_keepalive = 4
-mobile_dpd = 15
+mobile_dpd = 60
 # 根据实际情况修改
 #cstp_keepalive = 20
--- a/server/conf/server.toml
+++ b/server/conf/server.toml
@@ -10,6 +10,9 @@ db_source = "./conf/anylink.db"
 cert_file = "./conf/vpn_cert.pem"
 cert_key = "./conf/vpn_cert.key"
 files_path = "./conf/files"
 #日志目录,默认为空写入标准输出
 #log_path = "./log"
 log_level = "debug"
 #系统名称
--- a/server/dbdata/db.go
+++ b/server/dbdata/db.go
@@ -1,6 +1,7 @@
 package dbdata
 import (
 	"net/http"
 	"time"
 	"github.com/bjdgyc/anylink/base"
@@ -121,6 +122,7 @@ func addInitData() error {
 	other := &SettingOther{
 		LinkAddr:    "vpn.xx.com",
 		Banner:      "您已接入公司网络，请按照公司规定使用。\n请勿进行非工作下载及视频行为！",
 		Homecode:    http.StatusOK,
 		Homeindex:   "AnyLink 是一个企业级远程办公 sslvpn 的软件，可以支持多人同时在线使用。",
 		AccountMail: accountMail,
 	}
@@ -145,7 +147,7 @@ func addInitData() error {
 		Name:         "all",
 		AllowLan:     true,
 		ClientDns:    []ValData{{Val: "114.114.114.114"}},
-		RouteInclude: []ValData{{Val: All}},
+		RouteInclude: []ValData{{Val: ALL}},
 		Status:       1,
 	}
 	err = SetGroup(&g1)
@@ -172,6 +174,9 @@ func CheckErrNotFound(err error) bool {
 	return err == ErrNotFound
 }
 // base64 图片
 // 用户动态码(请妥善保存):<br/>
 // <img src="{{.OtpImgBase64}}"/><br/>
 const accountMail = `<p>您好:</p>
 <p>&nbsp;&nbsp;您的{{.Issuer}}账号已经审核开通。</p>
 <p>
@@ -179,12 +184,19 @@ const accountMail = `<p>您好:</p>
    用户组: <b>{{.Group}}</b> <br/>
    用户名: <b>{{.Username}}</b> <br/>
    用户PIN码: <b>{{.PinCode}}</b> <br/>
    用户过期时间: <b>{{.LimitTime}}</b> <br/>
    {{if .DisableOtp}}
    <!-- nothing -->
    {{else}}
    <!-- 
    用户动态码(3天后失效):<br/>
-    <img src="{{.OtpImg}}"/>
+    <img src="{{.OtpImg}}"/><br/>
    -->
    用户动态码(请妥善保存):<br/>
-    <img src="{{.OtpImgBase64}}"/>
+    <img src="cid:userOtpQr.png" alt="userOtpQr" /><br/>
    {{end}}
 </p>
 <div>
    使用说明:
--- a/server/dbdata/group.go
+++ b/server/dbdata/group.go
@@ -5,10 +5,12 @@ import (
 	"fmt"
 	"net"
 	"regexp"
 	"strconv"
 	"strings"
 	"time"
 	"github.com/bjdgyc/anylink/base"
 	"github.com/songgao/water/waterutil"
 	"golang.org/x/text/language"
 	"golang.org/x/text/message"
 )
@@ -16,7 +18,10 @@ import (
 const (
 	Allow = "allow"
 	Deny  = "deny"
-	All   = "all"
+	ALL   = "all"
 	TCP   = "tcp"
 	UDP   = "udp"
 	ICMP  = "icmp"
 )
 // 域名分流最大字符2万
@@ -24,11 +29,14 @@ const DsMaxLen = 20000
 type GroupLinkAcl struct {
 	// 自上而下匹配 默认 allow * *
-	Action string     `json:"action"` // allow、deny
+	Action   string               `json:"action"`      // allow、deny
-	Val    string     `json:"val"`
+	Protocol string               `json:"protocol"`    // 支持 ALL、TCP、UDP、ICMP 协议
-	Port   uint16     `json:"port"`
+	IpProto  waterutil.IPProtocol `json:"ip_protocol"` // 判断协议使用
-	IpNet  *net.IPNet `json:"ip_net"`
+	Val      string               `json:"val"`
-	Note   string     `json:"note"`
+	Port     string               `json:"port"` // 兼容单端口历史数据类型uint16
 	Ports    map[uint16]int8      `json:"ports"`
 	IpNet    *net.IPNet           `json:"ip_net"`
 	Note     string               `json:"note"`
 }
 type ValData struct {
@@ -112,7 +120,7 @@ func SetGroup(g *Group) error {
 	routeInclude := []ValData{}
 	for _, v := range g.RouteInclude {
 		if v.Val != "" {
-			if v.Val == All {
+			if v.Val == ALL {
 				routeInclude = append(routeInclude, v)
 				continue
 			}
@@ -161,14 +169,74 @@ func SetGroup(g *Group) error {
 				return errors.New("GroupLinkAcl 错误" + err.Error())
 			}
 			v.IpNet = ipNet
-			linkAcl = append(linkAcl, v)
+
 			// 设置协议数据
 			switch v.Protocol {
 			case TCP:
 				v.IpProto = waterutil.TCP
 			case UDP:
 				v.IpProto = waterutil.UDP
 			case ICMP:
 				v.IpProto = waterutil.ICMP
 			default:
 				// 其他类型都是 all
 				v.Protocol = ALL
 			}
 			portsStr := v.Port
 			v.Port = strings.TrimSpace(portsStr)
 			// switch vp := v.Port.(type) {
 			// case float64:
 			// 	portsStr = strconv.Itoa(int(vp))
 			// case string:
 			// 	portsStr = vp
 			// }
 			if regexp.MustCompile(`^\d{1,5}(-\d{1,5})?(,\d{1,5}(-\d{1,5})?)*$`).MatchString(portsStr) {
 				ports := map[uint16]int8{}
 				for _, p := range strings.Split(portsStr, ",") {
 					if p == "" {
 						continue
 					}
 					if regexp.MustCompile(`^\d{1,5}-\d{1,5}$`).MatchString(p) {
 						rp := strings.Split(p, "-")
 						// portfrom, err := strconv.Atoi(rp[0])
 						portfrom, err := strconv.ParseUint(rp[0], 10, 16)
 						if err != nil {
 							return errors.New("端口:" + rp[0] + " 格式错误, " + err.Error())
 						}
 						// portto, err := strconv.Atoi(rp[1])
 						portto, err := strconv.ParseUint(rp[1], 10, 16)
 						if err != nil {
 							return errors.New("端口:" + rp[1] + " 格式错误, " + err.Error())
 						}
 						for i := portfrom; i <= portto; i++ {
 							ports[uint16(i)] = 1
 						}
 					} else {
 						port, err := strconv.ParseUint(p, 10, 16)
 						if err != nil {
 							return errors.New("端口:" + p + " 格式错误, " + err.Error())
 						}
 						ports[uint16(port)] = 1
 					}
 				}
 				v.Ports = ports
 				linkAcl = append(linkAcl, v)
 			} else {
 				return errors.New("端口: " + portsStr + " 格式错误,请用逗号分隔的端口,比如: 22,80,443 连续端口用-,比如:1234-5678")
 			}
 		}
 	}
 	g.LinkAcl = linkAcl
 	// DNS 判断
 	clientDns := []ValData{}
 	for _, v := range g.ClientDns {
 		v.Val = strings.TrimSpace(v.Val)
 		if v.Val != "" {
 			ip := net.ParseIP(v.Val)
 			if ip.String() != v.Val {
@@ -183,6 +251,20 @@ func SetGroup(g *Group) error {
 		return errors.New("默认路由，必须设置一个DNS")
 	}
 	g.ClientDns = clientDns
 	splitDns := []ValData{}
 	for _, v := range g.SplitDns {
 		v.Val = strings.TrimSpace(v.Val)
 		if v.Val != "" {
 			ValidateDomainName(v.Val)
 			if !ValidateDomainName(v.Val) {
 				return errors.New("域名 错误")
 			}
 			splitDns = append(splitDns, v)
 		}
 	}
 	g.SplitDns = splitDns
 	// 域名拆分隧道，不能同时填写
 	g.DsIncludeDomains = strings.TrimSpace(g.DsIncludeDomains)
 	g.DsExcludeDomains = strings.TrimSpace(g.DsExcludeDomains)
@@ -238,6 +320,15 @@ func SetGroup(g *Group) error {
 	return err
 }
 func ContainsInPorts(ports map[uint16]int8, port uint16) bool {
 	_, ok := ports[port]
 	if ok {
 		return true
 	} else {
 		return false
 	}
 }
 func GroupAuthLogin(name, pwd string, authData map[string]interface{}) error {
 	g := &Group{Auth: authData}
 	authType := g.Auth["type"].(string)
--- a/server/dbdata/policy.go
+++ b/server/dbdata/policy.go
@@ -27,7 +27,7 @@ func SetPolicy(p *Policy) error {
 	routeInclude := []ValData{}
 	for _, v := range p.RouteInclude {
 		if v.Val != "" {
-			if v.Val == All {
+			if v.Val == ALL {
 				routeInclude = append(routeInclude, v)
 				continue
 			}
--- a/server/dbdata/setting.go
+++ b/server/dbdata/setting.go
@@ -29,6 +29,7 @@ type SettingAuditLog struct {
 type SettingOther struct {
 	LinkAddr    string `json:"link_addr"`
 	Banner      string `json:"banner"`
 	Homecode    int    `json:"homecode"`
 	Homeindex   string `json:"homeindex"`
 	AccountMail string `json:"account_mail"`
 }
--- a/server/dbdata/tables.go
+++ b/server/dbdata/tables.go
@@ -11,6 +11,7 @@ type Group struct {
 	Note             string                 `json:"note" xorm:"varchar(255)"`
 	AllowLan         bool                   `json:"allow_lan" xorm:"Bool"`
 	ClientDns        []ValData              `json:"client_dns" xorm:"Text"`
 	SplitDns         []ValData              `json:"split_dns" xorm:"Text"`
 	RouteInclude     []ValData              `json:"route_include" xorm:"Text"`
 	RouteExclude     []ValData              `json:"route_exclude" xorm:"Text"`
 	DsExcludeDomains string                 `json:"ds_exclude_domains" xorm:"Text"`
@@ -45,7 +46,7 @@ type UserActLog struct {
 	Username        string    `json:"username" xorm:"varchar(60)"`
 	GroupName       string    `json:"group_name" xorm:"varchar(60)"`
 	IpAddr          string    `json:"ip_addr" xorm:"varchar(32)"`
-	RemoteAddr      string    `json:"remote_addr" xorm:"varchar(32)"`
+	RemoteAddr      string    `json:"remote_addr" xorm:"varchar(42)"`
 	Os              uint8     `json:"os" xorm:"not null default 0 Int"`
 	Client          uint8     `json:"client" xorm:"not null default 0 Int"`
 	Version         string    `json:"version" xorm:"varchar(15)"`
@@ -66,12 +67,12 @@ type Setting struct {
 type AccessAudit struct {
 	Id          int       `json:"id" xorm:"pk autoincr not null"`
 	Username    string    `json:"username" xorm:"varchar(60) not null"`
-	Protocol    uint8     `json:"protocol" xorm:"not null"`
+	Protocol    uint8     `json:"protocol" xorm:"Int not null"`
 	Src         string    `json:"src" xorm:"varchar(60) not null"`
-	SrcPort     uint16    `json:"src_port" xorm:"not null"`
+	SrcPort     uint16    `json:"src_port" xorm:"Int not null"`
 	Dst         string    `json:"dst" xorm:"varchar(60) not null"`
-	DstPort     uint16    `json:"dst_port" xorm:"not null"`
+	DstPort     uint16    `json:"dst_port" xorm:"Int not null"`
-	AccessProto uint8     `json:"access_proto" xorm:"default 0"`                // 访问协议
+	AccessProto uint8     `json:"access_proto" xorm:"Int default 0"`            // 访问协议
 	Info        string    `json:"info" xorm:"varchar(255) not null default ''"` // 详情
 	CreatedAt   time.Time `json:"created_at" xorm:"DateTime"`
 }
--- a/server/dbdata/user_act_log.go
+++ b/server/dbdata/user_act_log.go
@@ -1,6 +1,7 @@
 package dbdata
 import (
 	"net"
 	"net/url"
 	"regexp"
 	"strings"
@@ -78,7 +79,8 @@ func (ua *UserActLogProcess) Add(u UserActLog, userAgent string) {
 	u.Os = os_idx
 	u.Client = client_idx
 	u.Version = ver
-	u.RemoteAddr = strings.Split(u.RemoteAddr, ":")[0]
+	// u.RemoteAddr = strings.Split(u.RemoteAddr, ":")[0]
 	u.RemoteAddr, _, _ = net.SplitHostPort(u.RemoteAddr)
 	// remove extra characters
 	infoSlice := strings.Split(u.Info, " ")
 	infoLen := len(infoSlice)
--- a/server/dbdata/userauth_radius.go
+++ b/server/dbdata/userauth_radius.go
@@ -5,6 +5,7 @@ import (
 	"encoding/json"
 	"errors"
 	"fmt"
 	"net"
 	"reflect"
 	"time"
@@ -15,6 +16,7 @@ import (
 type AuthRadius struct {
 	Addr   string `json:"addr"`
 	Secret string `json:"secret"`
 	Nasip  string `json:"nasip"`
 }
 func init() {
@@ -57,8 +59,22 @@ func (auth AuthRadius) checkUser(name, pwd string, g *Group) error {
 	}
 	// radius认证时，设置超时3秒
 	packet := radius.New(radius.CodeAccessRequest, []byte(auth.Secret))
-	rfc2865.UserName_SetString(packet, name)
+	err = rfc2865.UserName_SetString(packet, name)
-	rfc2865.UserPassword_SetString(packet, pwd)
+	if err != nil {
 		return fmt.Errorf("%s %s", name, "Radius set name 出现错误")
 	}
 	err = rfc2865.UserPassword_SetString(packet, pwd)
 	if err != nil {
 		return fmt.Errorf("%s %s", name, "Radius set pwd 出现错误")
 	}
 	if auth.Nasip != "" {
 		nasip := net.ParseIP(auth.Nasip)
 		err = rfc2865.NASIPAddress_Set(packet, nasip)
 		if err != nil {
 			return fmt.Errorf("%s %s", name, "Radius set nasip 出现错误")
 		}
 	}
 	ctx, done := context.WithTimeout(context.Background(), 3*time.Second)
 	defer done()
 	response, err := radius.Exchange(ctx, packet, auth.Addr)
--- a/server/go.mod
+++ b/server/go.mod
@@ -1,6 +1,6 @@
 module github.com/bjdgyc/anylink
-go 1.20
+go 1.22
 require (
 	github.com/arl/statsviz v0.6.0
@@ -33,9 +33,9 @@ require (
 	github.com/xhit/go-simple-mail/v2 v2.16.0
 	github.com/xlzd/gotp v0.1.0
 	github.com/xuri/excelize/v2 v2.8.1
-	golang.org/x/crypto v0.21.0
+	golang.org/x/crypto v0.26.0
-	golang.org/x/net v0.22.0
+	golang.org/x/net v0.25.0
-	golang.org/x/text v0.14.0
+	golang.org/x/text v0.17.0
 	golang.org/x/time v0.5.0
 	layeh.com/radius v0.0.0-20231213012653-1006025d24f8
 	xorm.io/xorm v1.3.8
@@ -68,8 +68,9 @@ require (
 	go.uber.org/atomic v1.11.0 // indirect
 	go.uber.org/multierr v1.11.0 // indirect
 	golang.org/x/exp v0.0.0-20240222234643-814bf88cf225 // indirect
-	golang.org/x/mod v0.16.0 // indirect
+	golang.org/x/mod v0.17.0 // indirect
-	golang.org/x/tools v0.19.0 // indirect
+	golang.org/x/sync v0.8.0 // indirect
 	golang.org/x/tools v0.21.1-0.20240508182429-e35e4ccd0d2d // indirect
 )
 require (
@@ -100,7 +101,7 @@ require (
 	github.com/tklauser/numcpus v0.7.0 // indirect
 	github.com/xuri/efp v0.0.0-20231025114914-d1ff6096ae53 // indirect
 	github.com/xuri/nfp v0.0.0-20230919160717-d98342af3f05 // indirect
-	golang.org/x/sys v0.18.0 // indirect
+	golang.org/x/sys v0.23.0 // indirect
 	gopkg.in/asn1-ber.v1 v1.0.0-20181015200546-f715ec2f112d // indirect
 	gopkg.in/ini.v1 v1.67.0 // indirect
 	gopkg.in/yaml.v3 v3.0.1 // indirect
--- a/server/go.sum
+++ b/server/go.sum
@@ -25,11 +25,14 @@ github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc/go.mod h1:J7Y8Yc
 github.com/deckarep/golang-set v1.8.0 h1:sk9/l/KqpunDwP7pSjUg0keiOOLEnOBHzykLrsPppp4=
 github.com/deckarep/golang-set v1.8.0/go.mod h1:5nI87KwE7wgsBU1F4GKAw2Qod7p5kyS383rP6+o6qqo=
 github.com/dustin/go-humanize v1.0.0 h1:VSnTsYCnlFHaM2/igO1h6X3HA71jcobQuxemgkq4zYo=
 github.com/dustin/go-humanize v1.0.0/go.mod h1:HtrtbFcZ19U5GC7JDqmcUSB87Iq5E25KnS6fMYU6eOk=
 github.com/fatih/color v1.14.1 h1:qfhVLaG5s+nCROl1zJsZRxFeYrHLqWroPOQ8BWiNb4w=
 github.com/fatih/color v1.14.1/go.mod h1:2oHN61fhTpgcxD3TSWCgKDiH1+x4OiDVVGH8WlgGZGg=
 github.com/felixge/httpsnoop v1.0.4 h1:NFTV2Zj1bL4mc9sqWACXbQFVBBg2W3GPvqp8/ESS2Wg=
 github.com/felixge/httpsnoop v1.0.4/go.mod h1:m8KPJKqk1gH5J9DgRY2ASl2lWCfGKXixSwevea8zH2U=
 github.com/fogleman/gg v1.2.1-0.20190220221249-0403632d5b90/go.mod h1:R/bRT+9gY/C5z7JzPU0zXsXHKM4/ayA+zqcVNZzPa1k=
 github.com/frankban/quicktest v1.14.6 h1:7Xjx+VpznH+oBnejlPUj8oUpdxnVs4f8XU8WnHkI4W8=
 github.com/frankban/quicktest v1.14.6/go.mod h1:4ptaffx2x8+WTWXmUCuVU6aPUX1/Mz7zb5vbUoiM6w0=
 github.com/fsnotify/fsnotify v1.4.7/go.mod h1:jwhsz4b93w/PPRr/qN1Yymfu8t87LnFCMoQvtojpjFo=
 github.com/fsnotify/fsnotify v1.7.0 h1:8JEhPFa5W2WU7YfeZzPNqzMP6Lwt7L2715Ggo0nosvA=
 github.com/fsnotify/fsnotify v1.7.0/go.mod h1:40Bi/Hjc2AVfZrqy+aj+yEI+/bRxZnMJyTJwOpGvigM=
@@ -63,8 +66,9 @@ github.com/golang/snappy v0.0.4 h1:yAGX7huGHXlcLOEtBnF4w7FQwA26wojNCwOYAEhLjQM=
 github.com/golang/snappy v0.0.4/go.mod h1:/XxbfmMg8lxefKM7IXC3fBNl/7bRcc72aCRzEWrmP2Q=
 github.com/google/go-cmp v0.5.2/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
 github.com/google/go-cmp v0.5.4/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
 github.com/google/go-cmp v0.5.9 h1:O2Tfq5qg4qc4AmwVlvv0oLiVAGB7enBSJ2x2DqQFi38=
 github.com/google/go-cmp v0.5.9/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY=
 github.com/google/go-cmp v0.6.0 h1:ofyhxvXcZhMsU5ulbFiLKl/XBFqE1GSq7atu8tAmTRI=
 github.com/google/go-cmp v0.6.0/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY=
 github.com/google/go-querystring v1.1.0 h1:AnCroh3fv4ZBgVIf1Iwtovgjaw/GiKJo8M8yD/fhyJ8=
 github.com/google/go-querystring v1.1.0/go.mod h1:Kcdr2DB4koayq7X8pmAG4sNG59So17icRSOU623lUBU=
 github.com/google/gofuzz v1.0.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg=
@@ -83,6 +87,7 @@ github.com/hashicorp/go-cleanhttp v0.5.2 h1:035FKYIWjmULyFRBKPs8TBQoi0x6d9G4xc9n
 github.com/hashicorp/go-cleanhttp v0.5.2/go.mod h1:kO/YDlP8L1346E6Sodw+PrpBSV4/SoxCXGY6BqNFT48=
 github.com/hashicorp/go-hclog v0.9.2/go.mod h1:5CU+agLiy3J7N7QjHK5d05KxGsuXiQLrjA0H7acj2lQ=
 github.com/hashicorp/go-hclog v1.5.0 h1:bI2ocEMgcVlz55Oj1xZNBsVi900c7II+fWDyV9o+13c=
 github.com/hashicorp/go-hclog v1.5.0/go.mod h1:W4Qnvbt70Wk/zYJryRzDRU/4r0kIg0PVHBcfoyhpF5M=
 github.com/hashicorp/go-retryablehttp v0.7.5 h1:bJj+Pj19UZMIweq/iie+1u5YCdGrnxCT9yvm0e+Nd5M=
 github.com/hashicorp/go-retryablehttp v0.7.5/go.mod h1:Jy/gPYAdjqffZ/yFGCFV2doI5wjtH1ewM9u8iYVjtX8=
 github.com/hashicorp/hcl v1.0.0 h1:0Anlzjpi4vEasTeNFn2mLJgTSwt0+6sfsiTG8qcWGx4=
@@ -103,10 +108,12 @@ github.com/json-iterator/go v1.1.12 h1:PV8peI4a0ysnczrg+LtxykD8LfKY9ML6u2jnxaEnr
 github.com/json-iterator/go v1.1.12/go.mod h1:e30LSqwooZae/UwlEbR2852Gd8hjQvJoHmT4TnhNGBo=
 github.com/jung-kurt/gofpdf v1.0.3-0.20190309125859-24315acbbda5/go.mod h1:7Id9E/uU8ce6rXgefFLlgrJj/GYY22cpxn+r32jIOes=
 github.com/kballard/go-shellquote v0.0.0-20180428030007-95032a82bc51 h1:Z9n2FFNUXsshfwJMBgNA0RU6/i7WVaAegv3PtuIHPMs=
 github.com/kballard/go-shellquote v0.0.0-20180428030007-95032a82bc51/go.mod h1:CzGEWj7cYgsdH8dAjBGEr58BoE7ScuLd+fwFZ44+/x8=
 github.com/kr/pretty v0.1.0/go.mod h1:dAy3ld7l9f0ibDNOQOHHMYYIIbhfbHSm3C4ZsoJORNo=
 github.com/kr/pretty v0.2.1/go.mod h1:ipq/a2n7PKx3OHsz4KJII5eveXtPO4qwEXGdVfWzfnI=
 github.com/kr/pretty v0.3.0/go.mod h1:640gp4NfQd8pI5XOwp5fnNeVWj67G7CFk/SaSQn7NBk=
 github.com/kr/pretty v0.3.1 h1:flRD4NNwYAUpkphVc1HcthR4KEIFJ65n8Mw5qdRn3LE=
 github.com/kr/pretty v0.3.1/go.mod h1:hoEshYVHaxMs3cyo3Yncou5ZscifuDolrwPKZanG3xk=
 github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ=
 github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI=
 github.com/kr/text v0.2.0 h1:5Nx0Ya0ZqY2ygV366QzturHI13Jq95ApcVaJBhpS+AY=
@@ -118,7 +125,9 @@ github.com/lib/pq v1.10.9/go.mod h1:AlVN5x4E4T544tWzH6hKfbfQvm3HdbOxrmggDNAPY9o=
 github.com/magiconair/properties v1.8.7 h1:IeQXZAiQcpL9mgcAe1Nu6cX9LLw6ExEHKjN0VQdvPDY=
 github.com/magiconair/properties v1.8.7/go.mod h1:Dhd985XPs7jluiymwWYZ0G4Z61jb3vdS329zhj2hYo0=
 github.com/mattn/go-colorable v0.1.13 h1:fFA4WZxdEF4tXPZVKMLwD8oUnCTTo08duU7wxecdEvA=
 github.com/mattn/go-colorable v0.1.13/go.mod h1:7S9/ev0klgBDR4GtXTXX8a3vIGJpMovkB8vQcUbaXHg=
 github.com/mattn/go-isatty v0.0.20 h1:xfD0iDuEKnDkl03q4limB+vH+GxLEtL/jb4xVJSWWEY=
 github.com/mattn/go-isatty v0.0.20/go.mod h1:W+V8PltTTMOvKvAeJH7IuucS94S2C6jfK/D7dTCTo3Y=
 github.com/mattn/go-sqlite3 v1.14.22 h1:2gZY6PC6kBnID23Tichd1K+Z0oS6nE/XwU+Vz/5o4kU=
 github.com/mattn/go-sqlite3 v1.14.22/go.mod h1:Uh1q+B4BYcTPb+yiD3kU8Ct7aC0hY9fxUwlHK0RXw+Y=
 github.com/miekg/dns v1.1.58 h1:ca2Hdkz+cDg/7eNF6V56jjzuZ4aCAE+DbVkILdQWG/4=
@@ -160,6 +169,7 @@ github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZN
 github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2 h1:Jamvg5psRIccs7FGNTlIRMkT8wgtp5eCXdBlqhYGL6U=
 github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
 github.com/remyoudompheng/bigfft v0.0.0-20200410134404-eec4a21b6bb0 h1:OdAsTTz6OkFY5QxjkYwrChwuRruF69c169dPK26NUlk=
 github.com/remyoudompheng/bigfft v0.0.0-20200410134404-eec4a21b6bb0/go.mod h1:qqbHyh8v60DhA7CoWK5oRCqLrMHRGoxYCSS9EjAz6Eo=
 github.com/richardlehane/mscfb v1.0.4 h1:WULscsljNPConisD5hR0+OyZjwK46Pfyr6mPu5ZawpM=
 github.com/richardlehane/mscfb v1.0.4/go.mod h1:YzVpcZg9czvAuhk9T+a3avCpcFPMUWm7gK3DypaEsUk=
 github.com/richardlehane/msoleps v1.0.1/go.mod h1:BWev5JBpU9Ko2WAgmZEuiz4/u3ZYTKbjLycmwiWUfWg=
@@ -170,6 +180,7 @@ github.com/robfig/cron/v3 v3.0.1/go.mod h1:eQICP3HwyT7UooqI/z+Ov+PtYAWygg1TEWWzG
 github.com/rogpeppe/go-internal v1.6.1/go.mod h1:xXDCJY+GAPziupqXw64V24skbSoqbTEfhy4qGm1nDQc=
 github.com/rogpeppe/go-internal v1.8.1/go.mod h1:JeRgkft04UBgHMgCIwADu4Pn6Mtm5d4nPKWu0nJ5d+o=
 github.com/rogpeppe/go-internal v1.11.0 h1:cWPaGQEPrBb5/AsnsZesgZZ9yb1OQ+GOISoDNXVBh4M=
 github.com/rogpeppe/go-internal v1.11.0/go.mod h1:ddIwULY96R17DhadqLgMfk9H9tvdUzkipdSkR5nkCZA=
 github.com/russross/blackfriday/v2 v2.1.0/go.mod h1:+Rmxgy9KzJVeS9/2gXHxylqXiyQDYRxCVz55jmeOWTM=
 github.com/sagikazarmark/locafero v0.4.0 h1:HApY1R9zGo4DBgr7dqsTH/JJxLTTsOt7u6keLGt6kNQ=
 github.com/sagikazarmark/locafero v0.4.0/go.mod h1:Pe1W6UlPYUk/+wc/6KFhbORCfqzgYEpgQ3O5fPuL3H4=
@@ -251,8 +262,8 @@ golang.org/x/crypto v0.12.0/go.mod h1:NF0Gs7EO5K4qLn+Ylc+fih8BSTeIjAP05siRnAh98y
 golang.org/x/crypto v0.13.0/go.mod h1:y6Z2r+Rw4iayiXXAIxJIDAJ1zMW4yaTpebo8fPOliYc=
 golang.org/x/crypto v0.18.0/go.mod h1:R0j02AL6hcrfOiy9T4ZYp/rcWeMxM3L6QYxlOuEG1mg=
 golang.org/x/crypto v0.19.0/go.mod h1:Iy9bg/ha4yyC70EfRS8jz+B6ybOBKMaSxLj6P6oBDfU=
-golang.org/x/crypto v0.21.0 h1:X31++rzVUdKhX5sWmSOFZxx8UW/ldWx55cbf08iNAMA=
+golang.org/x/crypto v0.26.0 h1:RrRspgV4mU+YwB4FYnuBoKsUapNIL5cohGAmSH3azsw=
-golang.org/x/crypto v0.21.0/go.mod h1:0BP7YvVV9gBbVKyeTG0Gyn+gZm94bibOW5BjDEYAOMs=
+golang.org/x/crypto v0.26.0/go.mod h1:GY7jblb9wI+FOo5y8/S2oY4zWP07AkOJ4+jxCqdqn54=
 golang.org/x/exp v0.0.0-20180321215751-8460e604b9de/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA=
 golang.org/x/exp v0.0.0-20180807140117-3d87b88a115f/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA=
 golang.org/x/exp v0.0.0-20190125153040-c74c464bbbf2/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA=
@@ -264,14 +275,15 @@ golang.org/x/image v0.0.0-20180708004352-c73c2afc3b81/go.mod h1:ux5Hcp/YLpHSI86h
 golang.org/x/image v0.0.0-20190227222117-0694c2d4d067/go.mod h1:kZ7UVZpmo3dzQBMxlp+ypCbDeSB+sBbTgSJuh5dn5js=
 golang.org/x/image v0.0.0-20190802002840-cff245a6509b/go.mod h1:FeLwcggjj3mMvU+oOTbSwawSJRM1uh48EjtB4UJZlP0=
 golang.org/x/image v0.14.0 h1:tNgSxAFe3jC4uYqvZdTr84SZoM1KfwdC9SKIFrLjFn4=
 golang.org/x/image v0.14.0/go.mod h1:HUYqC05R2ZcZ3ejNQsIHQDQiwWM4JBqmm6MKANTp4LE=
 golang.org/x/lint v0.0.0-20200302205851-738671d3881b/go.mod h1:3xt1FjdF8hUf6vQPIChWIBhFzV8gjjsPE/fR3IyQdNY=
 golang.org/x/mobile v0.0.0-20190719004257-d2bd2a29d028/go.mod h1:E/iHnbuqvinMTCcRqshq8CkpyQDoeVncDDYHnLhea+o=
 golang.org/x/mod v0.1.0/go.mod h1:0QHyrYULN0/3qlju5TqG8bIK38QM8yzMo5ekMj3DlcY=
 golang.org/x/mod v0.1.1-0.20191105210325-c90efee705ee/go.mod h1:QqPTAvyqsEbceGzBzNggFXnrqF1CaUcvgkdR5Ot7KZg=
 golang.org/x/mod v0.6.0-dev.0.20220419223038-86c51ed26bb4/go.mod h1:jJ57K6gSWd91VN4djpZkiMVwK6gcyfeH4XE8wZrZaV4=
 golang.org/x/mod v0.8.0/go.mod h1:iBbtSCu2XBx23ZKBPSOrRkjjQPZFPuis4dIYUhu/chs=
-golang.org/x/mod v0.16.0 h1:QX4fJ0Rr5cPQCF7O9lh9Se4pmwfwskqZfq5moyldzic=
+golang.org/x/mod v0.17.0 h1:zY54UmvipHiNd+pm+m0x9KhZ9hl1/7QNMyxXbc6ICqA=
-golang.org/x/mod v0.16.0/go.mod h1:hTbmBsO62+eylJbnUtE2MGJUyE7QWk4xUqPFrRgJ+7c=
+golang.org/x/mod v0.17.0/go.mod h1:hTbmBsO62+eylJbnUtE2MGJUyE7QWk4xUqPFrRgJ+7c=
 golang.org/x/net v0.0.0-20180906233101-161cd47e91fd/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
 golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg=
 golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
@@ -281,13 +293,14 @@ golang.org/x/net v0.6.0/go.mod h1:2Tu9+aMcznHK/AK1HMvgo6xiTLG5rD5rZLDS+rp2Bjs=
 golang.org/x/net v0.10.0/go.mod h1:0qNGK6F8kojg2nk9dLZ2mShWaEBan6FAoqfSigmmuDg=
 golang.org/x/net v0.14.0/go.mod h1:PpSgVXXLK0OxS0F31C1/tv6XNguvCrnXIDrFMspZIUI=
 golang.org/x/net v0.20.0/go.mod h1:z8BVo6PvndSri0LbOE3hAn0apkU+1YvI6E70E9jsnvY=
-golang.org/x/net v0.22.0 h1:9sGLhx7iRIHEiX0oAJ3MRZMUCElJgy7Br1nO+AMN3Tc=
+golang.org/x/net v0.25.0 h1:d/OCCoBEUq33pjydKrGQhw7IlUPI2Oylr+8qLx49kac=
-golang.org/x/net v0.22.0/go.mod h1:JKghWKKOSdJwpW2GEx0Ja7fmaKnMsbu+MWVZTokSYmg=
+golang.org/x/net v0.25.0/go.mod h1:JkAGAh7GEvH74S6FOH42FLoXpXbE/aqXSrIQjXgsiwM=
 golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
 golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
 golang.org/x/sync v0.0.0-20220722155255-886fb9371eb4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
 golang.org/x/sync v0.1.0/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
-golang.org/x/sync v0.6.0 h1:5BMeUDZ7vkXGfEr1x9B4bRcTH4lpkTkpdh0T/J+qjbQ=
+golang.org/x/sync v0.8.0 h1:3NFvSEYkUoMifnESzZl15y791HH1qU2xm6eCJU5ZPXQ=
 golang.org/x/sync v0.8.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk=
 golang.org/x/sys v0.0.0-20180909124046-d0be0721c37e/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
 golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
 golang.org/x/sys v0.0.0-20190312061237-fead79001313/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
@@ -304,8 +317,8 @@ golang.org/x/sys v0.11.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.12.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.16.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
 golang.org/x/sys v0.17.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
-golang.org/x/sys v0.18.0 h1:DBdB3niSjOA/O0blCZBqDefyWNYveAYMNF1Wum0DYQ4=
+golang.org/x/sys v0.23.0 h1:YfKFowiIMvtgl1UERQoTPPToxltDeZfbj4H7dVUCwmM=
-golang.org/x/sys v0.18.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
+golang.org/x/sys v0.23.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
 golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo=
 golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8=
 golang.org/x/term v0.5.0/go.mod h1:jMB1sMXY+tzblOD4FWmEbocvup2/aLOaQEp7JmGp78k=
@@ -321,8 +334,9 @@ golang.org/x/text v0.7.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8=
 golang.org/x/text v0.9.0/go.mod h1:e1OnstbJyHTd6l/uOt8jFFHp6TRDWZR/bV3emEE/zU8=
 golang.org/x/text v0.12.0/go.mod h1:TvPlkZtksWOMsz7fbANvkp4WM8x/WCo/om8BMLbz+aE=
 golang.org/x/text v0.13.0/go.mod h1:TvPlkZtksWOMsz7fbANvkp4WM8x/WCo/om8BMLbz+aE=
 golang.org/x/text v0.14.0 h1:ScX5w1eTa3QqT8oi6+ziP7dTV1S2+ALU0bI+0zXKWiQ=
 golang.org/x/text v0.14.0/go.mod h1:18ZOQIKpY8NJVqYksKHtTdi31H5itFRjB5/qKTNYzSU=
 golang.org/x/text v0.17.0 h1:XtiM5bkSOt+ewxlOE/aE/AKEHibwj/6gvWMl9Rsh0Qc=
 golang.org/x/text v0.17.0/go.mod h1:BuEKDfySbSR4drPmRPG/7iBdf8hvFMuRexcpahXilzY=
 golang.org/x/time v0.5.0 h1:o7cqy6amK/52YcAKIPlM3a+Fpj35zvRj2TP+e1xFSfk=
 golang.org/x/time v0.5.0/go.mod h1:3BpzKBy/shNhVucY/MWOyx10tF3SFh9QdLuxbVysPQM=
 golang.org/x/tools v0.0.0-20180525024113-a5b4c53f6e8b/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
@@ -333,8 +347,8 @@ golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtn
 golang.org/x/tools v0.0.0-20200130002326-2f3ba24bd6e7/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28=
 golang.org/x/tools v0.1.12/go.mod h1:hNGJHUnrk76NpqgfD5Aqm5Crs+Hm0VOH/i9J2+nxYbc=
 golang.org/x/tools v0.6.0/go.mod h1:Xwgl3UAJ/d3gWutnCtw505GrjyAbvKui8lOU390QaIU=
-golang.org/x/tools v0.19.0 h1:tfGCXNR1OsFG+sVdLAitlpjAvD/I6dHDKnYrpEZUHkw=
+golang.org/x/tools v0.21.1-0.20240508182429-e35e4ccd0d2d h1:vU5i/LfpvrRCpgM/VPfJLg5KjxD3E+hfT1SH+d9zLwg=
-golang.org/x/tools v0.19.0/go.mod h1:qoJWxmGSIBmAeriMx19ogtrEPrGtDbPK634QFIcLAhc=
+golang.org/x/tools v0.21.1-0.20240508182429-e35e4ccd0d2d/go.mod h1:aiJjzUbINMkxbQROHiO6hDPo2LHcIPhhQsa9DLh0yGk=
 golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
 golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
 golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
@@ -361,6 +375,7 @@ gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7/go.mod h1:dt/ZhP58zS4L8KSrWD
 gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
 gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
 gopkg.in/yaml.v2 v2.4.0 h1:D8xgwECY7CYvx+Y2n4sBz93Jn9JRvxdiyyo8CTfuKaY=
 gopkg.in/yaml.v2 v2.4.0/go.mod h1:RDklbk79AGWmwhnvt/jBztapEOGDOx6ZbXqjP6csGnQ=
 gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
 gopkg.in/yaml.v3 v3.0.0/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
 gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA=
@@ -368,15 +383,25 @@ gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
 layeh.com/radius v0.0.0-20231213012653-1006025d24f8 h1:orYXpi6BJZdvgytfHH4ybOe4wHnLbbS71Cmd8mWdZjs=
 layeh.com/radius v0.0.0-20231213012653-1006025d24f8/go.mod h1:QRf+8aRqXc019kHkpcs/CTgyWXFzf+bxlsyuo2nAl1o=
 lukechampine.com/uint128 v1.2.0 h1:mBi/5l91vocEN8otkC5bDLhi2KdCticRiwbdB0O+rjI=
 lukechampine.com/uint128 v1.2.0/go.mod h1:c4eWIwlEGaxC/+H1VguhU4PHXNWDCDMUlWdIWl2j1gk=
 modernc.org/cc/v3 v3.40.0 h1:P3g79IUS/93SYhtoeaHW+kRCIrYaxJ27MFPv+7kaTOw=
 modernc.org/cc/v3 v3.40.0/go.mod h1:/bTg4dnWkSXowUO6ssQKnOV0yMVxDYNIsIrzqTFDGH0=
 modernc.org/ccgo/v3 v3.16.13 h1:Mkgdzl46i5F/CNR/Kj80Ri59hC8TKAhZrYSaqvkwzUw=
 modernc.org/ccgo/v3 v3.16.13/go.mod h1:2Quk+5YgpImhPjv2Qsob1DnZ/4som1lJTodubIcoUkY=
 modernc.org/libc v1.22.2 h1:4U7v51GyhlWqQmwCHj28Rdq2Yzwk55ovjFrdPjs8Hb0=
 modernc.org/libc v1.22.2/go.mod h1:uvQavJ1pZ0hIoC/jfqNoMLURIMhKzINIWypNM17puug=
 modernc.org/mathutil v1.5.0 h1:rV0Ko/6SfM+8G+yKiyI830l3Wuz1zRutdslNoQ0kfiQ=
 modernc.org/mathutil v1.5.0/go.mod h1:mZW8CKdRPY1v87qxC/wUdX5O1qDzXMP5TH3wjfpga6E=
 modernc.org/memory v1.4.0 h1:crykUfNSnMAXaOJnnxcSzbUGMqkLWjklJKkBK2nwZwk=
 modernc.org/memory v1.4.0/go.mod h1:PkUhL0Mugw21sHPeskwZW4D6VscE/GQJOnIpCnW6pSU=
 modernc.org/opt v0.1.3 h1:3XOZf2yznlhC+ibLltsDGzABUGVx8J6pnFMS3E4dcq4=
 modernc.org/opt v0.1.3/go.mod h1:WdSiB5evDcignE70guQKxYUl14mgWtbClRi5wmkkTX0=
 modernc.org/sqlite v1.20.4 h1:J8+m2trkN+KKoE7jglyHYYYiaq5xmz2HoHJIiBlRzbE=
 modernc.org/sqlite v1.20.4/go.mod h1:zKcGyrICaxNTMEHSr1HQ2GUraP0j+845GYw37+EyT6A=
 modernc.org/strutil v1.1.3 h1:fNMm+oJklMGYfU9Ylcywl0CO5O6nTfaowNsh2wpPjzY=
 modernc.org/strutil v1.1.3/go.mod h1:MEHNA7PdEnEwLvspRMtWTNnp2nnyvMfkimT1NKNAGbw=
 modernc.org/token v1.0.1 h1:A3qvTqOwexpfZZeyI0FeGPDlSWX5pjZu9hF4lU+EKWg=
 modernc.org/token v1.0.1/go.mod h1:UGzOrNV1mAFSEB63lOFHIpNRUVMvYTc6yu1SMY/XTDM=
 rsc.io/pdf v0.1.1/go.mod h1:n8OzWcQ6Sp37PL01nO98y4iUCRdTGarVfzxY20ICaU4=
 xorm.io/builder v0.3.13 h1:a3jmiVVL19psGeXx8GIurTp7p0IIgqeDmwhcR6BAOAo=
 xorm.io/builder v0.3.13/go.mod h1:aUW0S9eb9VCaPohFCH3j7czOx1PMW3i1HrSzbLYGBSE=
--- a/server/handler/link_auth.go
+++ b/server/handler/link_auth.go
@@ -17,7 +17,10 @@ import (
 	"github.com/bjdgyc/anylink/sessdata"
 )
-var profileHash = ""
+var (
 	profileHash = ""
 	certHash    = ""
 )
 func LinkAuth(w http.ResponseWriter, r *http.Request) {
 	// TODO 调试信息输出
@@ -85,7 +88,7 @@ func LinkAuth(w http.ResponseWriter, r *http.Request) {
 	// TODO 用户密码校验
 	err = dbdata.CheckUser(cr.Auth.Username, cr.Auth.Password, cr.GroupSelect)
 	if err != nil {
-		base.Warn(err)
+		base.Warn(err, r.RemoteAddr)
 		ua.Info = err.Error()
 		ua.Status = dbdata.UserAuthFail
 		dbdata.UserActLogIns.Add(ua, userAgent)
@@ -138,7 +141,7 @@ func LinkAuth(w http.ResponseWriter, r *http.Request) {
 	other := &dbdata.SettingOther{}
 	_ = dbdata.SettingGet(other)
 	rd := RequestData{SessionId: sess.Sid, SessionToken: sess.Sid + "@" + sess.Token,
-		Banner: other.Banner, ProfileName: base.Cfg.ProfileName, ProfileHash: profileHash}
+		Banner: other.Banner, ProfileName: base.Cfg.ProfileName, ProfileHash: profileHash, CertHash: certHash}
 	w.WriteHeader(http.StatusOK)
 	tplRequest(tpl_complete, w, rd)
 	base.Info("login", cr.Auth.Username, userAgent)
@@ -178,6 +181,7 @@ type RequestData struct {
 	Banner       string
 	ProfileName  string
 	ProfileHash  string
 	CertHash     string
 }
 var auth_request = `<?xml version="1.0" encoding="UTF-8"?>
@@ -223,7 +227,7 @@ var auth_complete = `<?xml version="1.0" encoding="UTF-8"?>
    </capabilities>
    <config client="vpn" type="private">
        <vpn-base-config>
-            <server-cert-hash>240B97A685B2BFA66AD699B90AAC49EA66495D69</server-cert-hash>
+            <server-cert-hash>{{.CertHash}}</server-cert-hash>
        </vpn-base-config>
        <opaque is-for="vpn-client"></opaque>
        <vpn-profile-manifest>
--- a/server/handler/link_home.go
+++ b/server/handler/link_home.go
@@ -27,10 +27,16 @@ func LinkHome(w http.ResponseWriter, r *http.Request) {
 	if err := dbdata.SettingGet(index); err != nil {
 		return
 	}
-	w.WriteHeader(http.StatusOK)
+
-	if index.Homeindex == "" {
+	if index.Homecode != http.StatusOK {
-		index.Homeindex = "AnyLink 是一个企业级远程办公 SSL VPN 软件，可以支持多人同时在线使用。"
+		w.WriteHeader(index.Homecode)
 		return
 	}
 	w.WriteHeader(http.StatusOK)
 	// if index.Homeindex == "" {
 	// 	index.Homeindex = "AnyLink 是一个企业级远程办公 SSL VPN 软件，可以支持多人同时在线使用。"
 	// }
 	fmt.Fprintln(w, index.Homeindex)
 }
--- a/server/handler/link_tun.go
+++ b/server/handler/link_tun.go
@@ -51,6 +51,9 @@ func checkTun() {
 		// 添加注释
 		natRule := []string{"-s", base.Cfg.Ipv4CIDR, "-o", base.Cfg.Ipv4Master, "-m", "comment",
 			"--comment", "AnyLink", "-j", "MASQUERADE"}
 		if base.InContainer {
 			natRule = []string{"-s", base.Cfg.Ipv4CIDR, "-o", base.Cfg.Ipv4Master, "-j", "MASQUERADE"}
 		}
 		err = ipt.InsertUnique("nat", "POSTROUTING", 1, natRule...)
 		if err != nil {
 			base.Error(err)
@@ -58,6 +61,9 @@ func checkTun() {
 		// 添加注释
 		forwardRule := []string{"-m", "comment", "--comment", "AnyLink", "-j", "ACCEPT"}
 		if base.InContainer {
 			forwardRule = []string{"-j", "ACCEPT"}
 		}
 		err = ipt.InsertUnique("filter", "FORWARD", 1, forwardRule...)
 		if err != nil {
 			base.Error(err)
--- a/server/handler/link_tunnel.go
+++ b/server/handler/link_tunnel.go
@@ -86,7 +86,7 @@ func LinkTunnel(w http.ResponseWriter, r *http.Request) {
 	}
 	cSess.CstpDpd = cstpDpd
-	dtlsPort := "4433"
+	dtlsPort := "443"
 	if strings.Contains(base.Cfg.ServerDTLSAddr, ":") {
 		ss := strings.Split(base.Cfg.ServerDTLSAddr, ":")
 		dtlsPort = ss[1]
@@ -131,9 +131,14 @@ func LinkTunnel(w http.ResponseWriter, r *http.Request) {
 	for _, v := range cSess.Group.ClientDns {
 		HttpAddHeader(w, "X-CSTP-DNS", v.Val)
 	}
 	// 分割dns
 	for _, v := range cSess.Group.SplitDns {
 		HttpAddHeader(w, "X-CSTP-Split-DNS", v.Val)
 	}
 	// 允许的路由
 	for _, v := range cSess.Group.RouteInclude {
-		if strings.ToLower(v.Val) == dbdata.All {
+		if strings.ToLower(v.Val) == dbdata.ALL {
 			continue
 		}
 		HttpAddHeader(w, "X-CSTP-Split-Include", v.IpMask)
@@ -156,9 +161,9 @@ func LinkTunnel(w http.ResponseWriter, r *http.Request) {
 	HttpSetHeader(w, "X-CSTP-Keep", "true")
 	HttpSetHeader(w, "X-CSTP-Tunnel-All-DNS", "false")
-	HttpSetHeader(w, "X-CSTP-Rekey-Time", "43200") // 172800
+	HttpSetHeader(w, "X-CSTP-Rekey-Time", "86400") // 172800
 	HttpSetHeader(w, "X-CSTP-Rekey-Method", "new-tunnel")
-	HttpSetHeader(w, "X-DTLS-Rekey-Time", "43200")
+	HttpSetHeader(w, "X-DTLS-Rekey-Time", "86400")
 	HttpSetHeader(w, "X-DTLS-Rekey-Method", "new-tunnel")
 	HttpSetHeader(w, "X-CSTP-DPD", fmt.Sprintf("%d", cstpDpd))
@@ -180,7 +185,7 @@ func LinkTunnel(w http.ResponseWriter, r *http.Request) {
 	HttpSetHeader(w, "X-CSTP-Routing-Filtering-Ignore", "false")
 	HttpSetHeader(w, "X-CSTP-Quarantine", "false")
 	HttpSetHeader(w, "X-CSTP-Disable-Always-On-VPN", "false")
-	HttpSetHeader(w, "X-CSTP-Client-Bypass-Protocol", "false")
+	HttpSetHeader(w, "X-CSTP-Client-Bypass-Protocol", "true")
 	HttpSetHeader(w, "X-CSTP-TCP-Keepalive", "false")
 	// 设置域名拆分隧道（移动端不支持）
 	if mobile != "mobile" {
--- a/server/handler/payload.go
+++ b/server/handler/payload.go
@@ -86,14 +86,41 @@ func checkLinkAcl(group *dbdata.Group, pl *sessdata.Payload) bool {
 	}
 	for _, v := range group.LinkAcl {
-		// 循环判断ip和端口
+		// 放行允许ip的ping
-		if v.IpNet.Contains(ipDst) {
+		// if v.Ports == nil || len(v.Ports) == 0 {
-			// 放行允许ip的ping
+		// 	//单端口历史数据兼容
-			if v.Port == ipPort || v.Port == 0 || ipProto == waterutil.ICMP {
+		// 	port := uint16(v.Port.(float64))
-				if v.Action == dbdata.Allow {
+		// 	if port == ipPort || port == 0 || ipProto == waterutil.ICMP {
-					return true
+		// 		if v.Action == dbdata.Allow {
-				} else {
+		// 			return true
-					return false
+		// 		} else {
 		// 			return false
 		// 		}
 		// 	}
 		// } else {
 		// 先判断协议
 		// 兼容旧数据 v.Protocol == ""
 		if v.Protocol == "" || v.Protocol == dbdata.ALL || v.IpProto == ipProto {
 			// 循环判断ip和端口
 			if v.IpNet.Contains(ipDst) {
 				// icmp 不判断端口
 				if ipProto == waterutil.ICMP {
 					if v.Action == dbdata.Allow {
 						return true
 					} else {
 						return false
 					}
 				}
 				if dbdata.ContainsInPorts(v.Ports, ipPort) || dbdata.ContainsInPorts(v.Ports, 0) {
 					if v.Action == dbdata.Allow {
 						// log.Println(dbdata.Allow, v.Ports)
 						return true
 					} else {
 						// log.Println(dbdata.Deny, v.Ports)
 						return false
 					}
 				}
 			}
 		}
--- a/server/handler/server.go
+++ b/server/handler/server.go
@@ -1,13 +1,16 @@
 package handler
 import (
 	"crypto/sha1"
 	"crypto/tls"
 	"encoding/hex"
 	"fmt"
 	"io"
 	"net"
 	"net/http"
 	"net/http/httputil"
 	"os"
 	"strings"
 	"time"
 	"github.com/bjdgyc/anylink/base"
@@ -36,6 +39,19 @@ func startTls() {
 	//	certs[0], err = tls.LoadX509KeyPair(certFile, keyFile)
 	// }
 	tlscert, _, err := dbdata.ParseCert()
 	if err != nil {
 		base.Fatal("证书加载失败", err)
 	}
 	dbdata.LoadCertificate(tlscert)
 	// 计算证书hash值
 	s1 := sha1.New()
 	s1.Write(tlscert.Certificate[0])
 	h2s := hex.EncodeToString(s1.Sum(nil))
 	certHash = strings.ToUpper(h2s)
 	base.Info("certHash", certHash)
 	// 修复 CVE-2016-2183
 	// https://segmentfault.com/a/1190000038486901
 	// nmap -sV --script ssl-enum-ciphers -p 443 www.example.com
--- a/server/handler/start.go
+++ b/server/handler/start.go
@@ -17,6 +17,12 @@ func Start() {
 	sessdata.Start()
 	cron.Start()
 	// 开启服务器转发
 	err := execCmd([]string{"sysctl -w net.ipv4.ip_forward=1"})
 	if err != nil {
 		base.Fatal(err)
 	}
 	switch base.Cfg.LinkMode {
 	case base.LinkModeTUN:
 		checkTun()
--- a/2
+++ b/2
@@ -1 +1 @@
-0.11.3
+0.12.2
--- a/web/package.json
+++ b/web/package.json
@@ -15,7 +15,8 @@
    "qs": "^6.11.1",
    "vue": "^2.6.11",
    "vue-count-to": "^1.0.13",
-    "vue-router": "^3.5.2"
+    "vue-router": "^3.5.2",
    "vuedraggable": "^2.24.3"
  },
  "devDependencies": {
    "@vue/cli-plugin-babel": "~4.5.0",
--- a/web/src/pages/group/List.vue
+++ b/web/src/pages/group/List.vue
--- a/web/src/pages/set/Other.vue
+++ b/web/src/pages/set/Other.vue
@@ -3,11 +3,11 @@
    <el-tabs v-model="activeName" @tab-click="handleClick">
      <el-tab-pane label="邮件配置" name="dataSmtp">
        <el-form
-          :model="dataSmtp"
+            :model="dataSmtp"
-          ref="dataSmtp"
+            ref="dataSmtp"
-          :rules="rules"
+            :rules="rules"
-          label-width="100px"
+            label-width="100px"
-          class="tab-one"
+            class="tab-one"
        >
          <el-form-item label="服务器地址" prop="host">
            <el-input v-model="dataSmtp.host"></el-input>
@@ -20,9 +20,9 @@
          </el-form-item>
          <el-form-item label="密码" prop="password">
            <el-input
-              type="password"
+                type="password"
-              v-model="dataSmtp.password"
+                v-model="dataSmtp.password"
-              placeholder="密码为空则不修改"
+                placeholder="密码为空则不修改"
            ></el-input>
          </el-form-item>
          <el-form-item label="加密类型" prop="encryption">
@@ -37,7 +37,8 @@
          </el-form-item>
          <el-form-item>
            <el-button type="primary" @click="submitForm('dataSmtp')"
-              >保存</el-button
+            >保存
            </el-button
            >
            <el-button @click="resetForm('dataSmtp')">重置</el-button>
          </el-form-item>
@@ -46,19 +47,19 @@
      <el-tab-pane label="审计日志" name="dataAuditLog">
        <el-form
-          :model="dataAuditLog"
+            :model="dataAuditLog"
-          ref="dataAuditLog"
+            ref="dataAuditLog"
-          :rules="rules"
+            :rules="rules"
-          label-width="100px"
+            label-width="100px"
-          class="tab-one"
+            class="tab-one"
        >
          <el-form-item label="审计去重间隔" prop="audit_interval">
            <el-input-number
-              v-model="dataAuditLog.audit_interval"
+                v-model="dataAuditLog.audit_interval"
-              :min="-1"
+                :min="-1"
-              size="small"
+                size="small"
-              label="秒"
+                label="秒"
-              :disabled="true"
+                :disabled="true"
            ></el-input-number>
            秒
            <p class="input_tip">
@@ -68,11 +69,11 @@
          </el-form-item>
          <el-form-item label="存储时长" prop="life_day">
            <el-input-number
-              v-model="dataAuditLog.life_day"
+                v-model="dataAuditLog.life_day"
-              :min="0"
+                :min="0"
-              :max="365"
+                :max="365"
-              size="small"
+                size="small"
-              label="天数"
+                label="天数"
            ></el-input-number>
            天
            <p class="input_tip">
@@ -82,22 +83,23 @@
          </el-form-item>
          <el-form-item label="清理时间" prop="clear_time">
            <el-time-select
-              v-model="dataAuditLog.clear_time"
+                v-model="dataAuditLog.clear_time"
-              :picker-options="{
+                :picker-options="{
                start: '00:00',
                step: '01:00',
                end: '23:00',
              }"
-              :editable="false"
+                :editable="false"
-              size="small"
+                size="small"
-              placeholder="请选择"
+                placeholder="请选择"
-              style="width: 130px"
+                style="width: 130px"
            >
            </el-time-select>
          </el-form-item>
          <el-form-item>
            <el-button type="primary" @click="submitForm('dataAuditLog')"
-              >保存</el-button
+            >保存
            </el-button
            >
            <el-button @click="resetForm('dataAuditLog')">重置</el-button>
          </el-form-item>
@@ -105,33 +107,34 @@
      </el-tab-pane>
      <el-tab-pane label="证书设置" name="datacertManage">
        <el-tabs
-          tab-position="left"
+            tab-position="left"
-          v-model="datacertManage"
+            v-model="datacertManage"
-          @tab-click="handleClick"
+            @tab-click="handleClick"
        >
          <el-tab-pane label="自定义证书" name="customCert">
            <el-form
-              ref="customCert"
+                ref="customCert"
-              :model="customCert"
+                :model="customCert"
-              label-width="100px"
+                label-width="100px"
-              size="small"
+                size="small"
-              class="tab-one"
+                class="tab-one"
            >
              <el-form-item>
                <el-upload
-                  class="uploadCert"
+                    class="uploadCert"
-                  :before-upload="beforeCertUpload"
+                    :before-upload="beforeCertUpload"
-                  :action="certUpload"
+                    :action="certUpload"
-                  :limit="1"
+                    :limit="1"
                >
                  <el-button size="mini" icon="el-icon-plus" slot="trigger"
-                    >证书文件</el-button
+                  >证书文件
                  </el-button
                  >
                  <el-tooltip
-                    class="item"
+                      class="item"
-                    effect="dark"
+                      effect="dark"
-                    content="请上传 .pem 格式的 cert 文件"
+                      content="请上传 .pem 格式的 cert 文件"
-                    placement="top"
+                      placement="top"
                  >
                    <i class="el-icon-info"></i>
                  </el-tooltip>
@@ -139,19 +142,20 @@
              </el-form-item>
              <el-form-item>
                <el-upload
-                  class="uploadCert"
+                    class="uploadCert"
-                  :before-upload="beforeKeyUpload"
+                    :before-upload="beforeKeyUpload"
-                  :action="certUpload"
+                    :action="certUpload"
-                  :limit="1"
+                    :limit="1"
                >
                  <el-button size="mini" icon="el-icon-plus" slot="trigger"
-                    >私钥文件</el-button
+                  >私钥文件
                  </el-button
                  >
                  <el-tooltip
-                    class="item"
+                      class="item"
-                    effect="dark"
+                      effect="dark"
-                    content="请上传 .pem 格式的 key 文件"
+                      content="请上传 .pem 格式的 key 文件"
-                    placement="top"
+                      placement="top"
                  >
                    <i class="el-icon-info"></i>
                  </el-tooltip>
@@ -159,23 +163,24 @@
              </el-form-item>
              <el-form-item>
                <el-button
-                  size="small"
+                    size="small"
-                  icon="el-icon-upload"
+                    icon="el-icon-upload"
-                  type="primary"
+                    type="primary"
-                  @click="submitForm('customCert')"
+                    @click="submitForm('customCert')"
-                  >上传</el-button
+                >上传
                </el-button
                >
              </el-form-item>
            </el-form>
          </el-tab-pane>
          <el-tab-pane label="Let's Encrypt证书" name="letsCert">
            <el-form
-              :model="letsCert"
+                :model="letsCert"
-              ref="letsCert"
+                ref="letsCert"
-              :rules="rules"
+                :rules="rules"
-              label-width="120px"
+                label-width="120px"
-              size="small"
+                size="small"
-              class="tab-one"
+                class="tab-one"
            >
              <el-form-item label="域名" prop="domain">
                <el-input v-model="letsCert.domain"></el-input>
@@ -191,30 +196,31 @@
                </el-radio-group>
              </el-form-item>
              <el-form-item
-                v-for="component in dnsProvider[letsCert.name]"
+                  v-for="component in dnsProvider[letsCert.name]"
-                :key="component.prop"
+                  :key="component.prop"
-                :label="component.label"
+                  :label="component.label"
-                :rules="component.rules"
+                  :rules="component.rules"
              >
                <component
-                  :is="component.component"
+                    :is="component.component"
-                  :type="component.type"
+                    :type="component.type"
-                  v-model="letsCert[letsCert.name][component.prop]"
+                    v-model="letsCert[letsCert.name][component.prop]"
                ></component>
              </el-form-item>
              <el-form-item>
                <el-switch
-                  style="display: block"
+                    style="display: block"
-                  v-model="letsCert.renew"
+                    v-model="letsCert.renew"
-                  active-color="#13ce66"
+                    active-color="#13ce66"
-                  inactive-color="#ff4949"
+                    inactive-color="#ff4949"
-                  inactive-text="自动续期"
+                    inactive-text="自动续期"
                >
                </el-switch>
              </el-form-item>
              <el-form-item>
                <el-button type="primary" @click="submitForm('letsCert')"
-                  >申请</el-button
+                >申请
                </el-button
                >
                <el-button @click="resetForm('letsCert')">重置</el-button>
              </el-form-item>
@@ -224,11 +230,11 @@
      </el-tab-pane>
      <el-tab-pane label="其他设置" name="dataOther">
        <el-form
-          :model="dataOther"
+            :model="dataOther"
-          ref="dataOther"
+            ref="dataOther"
-          :rules="rules"
+            :rules="rules"
-          label-width="100px"
+            label-width="130px"
-          class="tab-one"
+            class="tab-one"
        >
          <el-form-item label="vpn对外地址" prop="link_addr">
            <el-input placeholder="请输入内容" v-model="dataOther.link_addr">
@@ -237,49 +243,58 @@
          <el-form-item label="Banner信息" prop="banner">
            <el-input
-              type="textarea"
+                type="textarea"
-              :rows="5"
+                :rows="5"
-              placeholder="请输入内容"
+                placeholder="请输入内容"
-              v-model="dataOther.banner"
+                v-model="dataOther.banner"
            >
            </el-input>
          </el-form-item>
          <el-form-item label="自定义首页状态码" prop="homecode">
            <el-input-number
                v-model="dataOther.homecode"
                :min="0"
                :max="1000"
            ></el-input-number>
          </el-form-item>
          <el-form-item label="自定义首页" prop="homeindex">
            <el-input
-              type="textarea"
+                type="textarea"
-              :rows="10"
+                :rows="10"
-              placeholder="请输入内容"
+                placeholder="请输入内容"
-              v-model="dataOther.homeindex"
+                v-model="dataOther.homeindex"
            >
            </el-input>
-            <el-tooltip content="自定义内容可以参考 home 目录下的文件" placement="top">
+            <el-tooltip content="自定义内容可以参考 index_template 目录下的文件" placement="top">
              <i class="el-icon-question"></i>
            </el-tooltip>
          </el-form-item>
-          <el-form-item label="账户开通邮件" prop="account_mail">
+          <el-form-item label="账户开通邮件模板" prop="account_mail">
            <el-input
-              type="textarea"
+                type="textarea"
-              :rows="10"
+                :rows="10"
-              placeholder="请输入内容"
+                placeholder="请输入内容"
-              v-model="dataOther.account_mail"
+                v-model="dataOther.account_mail"
            >
            </el-input>
          </el-form-item>
          <el-form-item label="邮件展示">
            <iframe
-              width="500px"
+                width="500px"
-              height="300px"
+                height="300px"
-              :srcdoc="dataOther.account_mail"
+                :srcdoc="dataOther.account_mail"
            >
            </iframe>
          </el-form-item>
          <el-form-item>
            <el-button type="primary" @click="submitForm('dataOther')"
-              >保存</el-button
+            >保存
            </el-button
            >
            <el-button @click="resetForm('dataOther')">重置</el-button>
          </el-form-item>
@@ -324,19 +339,19 @@ export default {
          authToken: "",
        },
      },
-      customCert: { cert: "", key: "" },
+      customCert: {cert: "", key: ""},
      dataOther: {},
      rules: {
-        host: { required: true, message: "请输入服务器地址", trigger: "blur" },
+        host: {required: true, message: "请输入服务器地址", trigger: "blur"},
        port: [
-          { required: true, message: "请输入服务器端口", trigger: "blur" },
+          {required: true, message: "请输入服务器端口", trigger: "blur"},
          {
            type: "number",
            message: "请输入正确的服务器端口",
            trigger: ["blur", "change"],
          },
        ],
-        issuer: { required: true, message: "请输入系统名称", trigger: "blur" },
+        issuer: {required: true, message: "请输入系统名称", trigger: "blur"},
        domain: {
          required: true,
          message: "请输入需要申请证书的域名",
@@ -347,7 +362,7 @@ export default {
          message: "请输入申请证书的邮箱地址",
          trigger: "blur",
        },
-        name: { required: true, message: "请选择域名服务商", trigger: "blur" },
+        name: {required: true, message: "请选择域名服务商", trigger: "blur"},
      },
      certUpload: "/set/other/customcert",
      dnsProvider: {
@@ -449,71 +464,71 @@ export default {
    },
    getSmtp() {
      axios
-        .get("/set/other/smtp")
+          .get("/set/other/smtp")
-        .then((resp) => {
+          .then((resp) => {
-          let rdata = resp.data;
+            let rdata = resp.data;
-          console.log(rdata);
+            console.log(rdata);
-          if (rdata.code !== 0) {
+            if (rdata.code !== 0) {
-            this.$message.error(rdata.msg);
+              this.$message.error(rdata.msg);
-            return;
+              return;
-          }
+            }
-          this.dataSmtp = rdata.data;
+            this.dataSmtp = rdata.data;
-        })
+          })
-        .catch((error) => {
+          .catch((error) => {
-          this.$message.error("哦，请求出错");
+            this.$message.error("哦，请求出错");
-          console.log(error);
+            console.log(error);
-        });
+          });
    },
    getAuditLog() {
      axios
-        .get("/set/other/audit_log")
+          .get("/set/other/audit_log")
-        .then((resp) => {
+          .then((resp) => {
-          let rdata = resp.data;
+            let rdata = resp.data;
-          console.log(rdata);
+            console.log(rdata);
-          if (rdata.code !== 0) {
+            if (rdata.code !== 0) {
-            this.$message.error(rdata.msg);
+              this.$message.error(rdata.msg);
-            return;
+              return;
-          }
+            }
-          this.dataAuditLog = rdata.data;
+            this.dataAuditLog = rdata.data;
-        })
+          })
-        .catch((error) => {
+          .catch((error) => {
-          this.$message.error("哦，请求出错");
+            this.$message.error("哦，请求出错");
-          console.log(error);
+            console.log(error);
-        });
+          });
    },
    getletsCert() {
      axios
-        .get("/set/other/getcertset")
+          .get("/set/other/getcertset")
-        .then((resp) => {
+          .then((resp) => {
-          let rdata = resp.data;
+            let rdata = resp.data;
-          console.log(rdata);
+            console.log(rdata);
-          if (rdata.code !== 0) {
+            if (rdata.code !== 0) {
-            this.$message.error(rdata.msg);
+              this.$message.error(rdata.msg);
-            return;
+              return;
-          }
+            }
-          this.letsCert = Object.assign({}, this.letsCert, rdata.data);
+            this.letsCert = Object.assign({}, this.letsCert, rdata.data);
-        })
+          })
-        .catch((error) => {
+          .catch((error) => {
-          this.$message.error("哦，请求出错");
+            this.$message.error("哦，请求出错");
-          console.log(error);
+            console.log(error);
-        });
+          });
    },
    getOther() {
      axios
-        .get("/set/other")
+          .get("/set/other")
-        .then((resp) => {
+          .then((resp) => {
-          let rdata = resp.data;
+            let rdata = resp.data;
-          console.log(rdata);
+            console.log(rdata);
-          if (rdata.code !== 0) {
+            if (rdata.code !== 0) {
-            this.$message.error(rdata.msg);
+              this.$message.error(rdata.msg);
-            return;
+              return;
-          }
+            }
-          this.dataOther = rdata.data;
+            this.dataOther = rdata.data;
-        })
+          })
-        .catch((error) => {
+          .catch((error) => {
-          this.$message.error("哦，请求出错");
+            this.$message.error("哦，请求出错");
-          console.log(error);
+            console.log(error);
-        });
+          });
    },
    submitForm(formName) {
      this.$refs[formName].validate((valid) => {
@@ -535,16 +550,16 @@ export default {
            break;
          case "dataAuditLog":
            axios
-              .post("/set/other/audit_log/edit", this.dataAuditLog)
+                .post("/set/other/audit_log/edit", this.dataAuditLog)
-              .then((resp) => {
+                .then((resp) => {
-                var rdata = resp.data;
+                  var rdata = resp.data;
-                console.log(rdata);
+                  console.log(rdata);
-                if (rdata.code === 0) {
+                  if (rdata.code === 0) {
-                  this.$message.success(rdata.msg);
+                    this.$message.success(rdata.msg);
-                } else {
+                  } else {
-                  this.$message.error(rdata.msg);
+                    this.$message.error(rdata.msg);
-                }
+                  }
-              });
+                });
            break;
          case "letsCert":
            var loading = this.$loading({
--- a/web/yarn.lock
+++ b/web/yarn.lock
@@ -7793,6 +7793,11 @@ sort-keys@^1.0.0:
  dependencies:
    is-plain-obj "^1.0.0"
 sortablejs@1.10.2:
  version "1.10.2"
  resolved "https://registry.yarnpkg.com/sortablejs/-/sortablejs-1.10.2.tgz#6e40364d913f98b85a14f6678f92b5c1221f5290"
  integrity sha512-YkPGufevysvfwn5rfdlGyrGjt7/CRHwvRPogD/lC+TnvcN29jDpCifKP+rBqf+LRldfXSTh+0CGLcSg0VIxq3A==
 source-list-map@^2.0.0:
  version "2.0.1"
  resolved "https://registry.yarnpkg.com/source-list-map/-/source-list-map-2.0.1.tgz#3993bd873bfc48479cca9ea3a547835c7c154b34"
@@ -8775,6 +8780,13 @@ vue@^2.6.11:
    "@vue/compiler-sfc" "2.7.16"
    csstype "^3.1.0"
 vuedraggable@^2.24.3:
  version "2.24.3"
  resolved "https://registry.yarnpkg.com/vuedraggable/-/vuedraggable-2.24.3.tgz#43c93849b746a24ce503e123d5b259c701ba0d19"
  integrity sha512-6/HDXi92GzB+Hcs9fC6PAAozK1RLt1ewPTLjK0anTYguXLAeySDmcnqE8IC0xa7shvSzRjQXq3/+dsZ7ETGF3g==
  dependencies:
    sortablejs "1.10.2"
 watchpack-chokidar2@^2.0.1:
  version "2.0.1"
  resolved "https://registry.yarnpkg.com/watchpack-chokidar2/-/watchpack-chokidar2-2.0.1.tgz#38500072ee6ece66f3769936950ea1771be1c957"
Author	SHA1	Message	Date
bjdgyc	4b78232e1d	添加支持 radius 的 nasip	2024-09-10 13:12:01 +08:00
bjdgyc	00c5425990	Merge pull request #336 from bjdgyc/dev 权限添加拖拽功能	2024-09-09 17:01:13 +08:00
bjdgyc	b45d5e4cfa	权限添加拖拽功能	2024-09-09 16:55:13 +08:00
bjdgyc	e8a8773005	权限添加拖拽功能	2024-09-09 16:52:32 +08:00
bjdgyc	2ba3625885	修复协议展示	2024-09-09 15:11:36 +08:00
bjdgyc	567f0e8adb	修复协议展示	2024-09-06 17:13:38 +08:00
bjdgyc	ad1885798b	添加acl协议支持	2024-09-04 17:00:29 +08:00
bjdgyc	76779de80a	添加acl协议支持	2024-09-04 16:59:16 +08:00
bjdgyc	5b498cbc59	添加acl协议支持	2024-09-04 13:13:31 +08:00
bjdgyc	cd21ffd7ab	Merge pull request #335 from bjdgyc/go1.22 升级go版本添加acl协议支持	2024-09-03 17:56:36 +08:00
bjdgyc	415f312f40	升级go版本添加acl协议支持	2024-09-03 17:55:19 +08:00
bjdgyc	d796a6850a	Merge pull request #334 from wsczx/dev 邮件模板中增加LimitTime过期时间字段	2024-09-02 10:37:07 +08:00
wsczx	7160c3cab7	邮件模板中增加LimitTime过期时间字段	2024-08-30 19:33:27 +08:00
bjdgyc	52329e8a2b	Merge pull request #331 from wsczx/dev 修复更换自定义首页状态码不生效的Bug	2024-08-27 15:41:41 +08:00
wsczx	cbdf730481	修复更换自定义首页状态码不生效的Bug	2024-08-23 17:57:32 +08:00
bjdgyc	a5487771da	修复 ipv6 记录显示不全的问题	2024-08-22 16:51:13 +08:00
bjdgyc	ff9b7c7dcc	修复 ipv6 记录显示不全的问题	2024-08-19 15:11:13 +08:00
bjdgyc	262af4ac8e	修改readme	2024-08-16 16:55:13 +08:00
bjdgyc	71539ad09c	添加QQ群	2024-08-14 11:15:36 +08:00
bjdgyc	8232f79b4a	修改文档地址	2024-08-12 11:21:32 +08:00
bjdgyc	7c810d409b	添加阿里云镜像地址	2024-07-04 17:12:32 +08:00
bjdgyc	ed4e324e77	添加阿里云镜像地址	2024-07-04 17:07:46 +08:00
bjdgyc	726ae20f75	修复数字转换问题	2024-07-04 16:26:05 +08:00
bjdgyc	00bbbf414d	修复在线用户问题	2024-07-04 16:14:27 +08:00
bjdgyc	57e2f45398	修改readme	2024-05-07 14:56:36 +08:00
bjdgyc	01ab115956	Update README.md	2024-04-30 13:14:21 +08:00
bjdgyc	9a47714f3f	修改readme	2024-04-25 15:52:23 +08:00
bjdgyc	9d926edabb	内网域名	2024-04-25 10:18:40 +08:00
bjdgyc	7329603c47	Merge pull request #314 from bjdgyc/dev 支持分割DNS功能	2024-04-24 17:56:18 +08:00
bjdgyc	a7c6791c1e	支持分割DNS功能	2024-04-24 17:39:50 +08:00
bjdgyc	96c95bb6cd	更新版本	2024-04-24 15:27:53 +08:00
bjdgyc	6d3dab6798	Client-Bypass	2024-04-23 16:59:52 +08:00
bjdgyc	b313c6fa00	Client-Bypass	2024-04-23 16:59:14 +08:00
bjdgyc	75b138a7a8	Client-Bypass	2024-04-23 16:56:40 +08:00
bjdgyc	641d6127ba	修复acl样式	2024-04-22 17:41:18 +08:00
bjdgyc	2828d1038d	Merge pull request #313 from bjdgyc/dev 修复acl表结构	2024-04-22 17:04:37 +08:00
bjdgyc	cb902a6b9b	修复acl表结构	2024-04-22 16:47:06 +08:00
bjdgyc	1b066ef602	Merge pull request #312 from bjdgyc/dev 支持私有自签证书	2024-04-22 14:42:06 +08:00
bjdgyc	5e804a3483	支持私有自签证书	2024-04-22 14:40:03 +08:00
bjdgyc	6e0c0efa85	Merge pull request #310 from imhun/main acl支持逗号分隔多端口号配置	2024-04-11 11:40:39 +08:00
imhun	8f196cb4e2	Merge branch 'main' of https://github.com/imhun/anylink	2024-04-09 11:25:34 +08:00
imhun	9182ccfba2	兼容历史单端口配置	2024-04-09 11:23:13 +08:00
huweishan	39d89b8c84	兼容历史单端口配置	2024-04-09 10:33:30 +08:00
huweishan	24e30509e4	兼容历史单端口配置	2024-04-09 10:29:54 +08:00
huweishan	4f56ea49c3	ports保存为map 兼容老的配置数据	2024-04-08 19:34:11 +08:00
huweishan	e55b2b6f0a	支持连续端口	2024-04-08 16:16:45 +08:00
huweishan	15573a6ef3	支持连续端口,比如1234-5678	2024-04-08 16:13:52 +08:00
huweishan	38b8f0b2aa	ports初始化	2024-04-08 15:12:47 +08:00
huweishan	8df34428dd	acl支持逗号分隔多端口号配置	2024-04-08 14:54:09 +08:00
bjdgyc	26483533a9	修复关闭otp时,发送邮件附件的问题	2024-03-29 10:04:15 +08:00
bjdgyc	380a8cb3fb	添加文档	2024-03-27 15:11:36 +08:00
bjdgyc	fa5ced4660	Merge pull request #308 from bjdgyc/dev Dev	2024-03-26 16:28:49 +08:00
bjdgyc	bac497475f	全局开启服务器转发	2024-03-26 11:39:12 +08:00
bjdgyc	f43b413ed4	配置优化	2024-03-25 11:14:00 +08:00
bjdgyc	356e135ea1	配置优化	2024-03-24 17:59:41 +08:00
bjdgyc	e5c6533c9b	修复邮箱图片显示逻辑，兼容 google gmail	2024-03-22 16:45:11 +08:00
bjdgyc	8d92cac37d	Merge pull request #306 from bjdgyc/dev Dev	2024-03-21 18:19:52 +08:00
bjdgyc	eb7401f6e5	添加自定义首页状态码	2024-03-21 18:13:37 +08:00
bjdgyc	8777501391	添加自定义首页状态码	2024-03-21 18:09:47 +08:00