mirror of
https://github.com/bjdgyc/anylink.git
synced 2025-09-28 16:15:17 +08:00
Compare commits
59 Commits
| Author | SHA1 | Date | |
|---|---|---|---|
|
4b78232e1d | ||
|
|
00c5425990 | ||
|
|
b45d5e4cfa | ||
|
|
e8a8773005 | ||
|
|
2ba3625885 | ||
|
|
567f0e8adb | ||
|
|
ad1885798b | ||
|
|
76779de80a | ||
|
|
5b498cbc59 | ||
|
|
cd21ffd7ab | ||
|
|
415f312f40 | ||
|
|
d796a6850a | ||
|
7160c3cab7 | ||
|
|
52329e8a2b | ||
|
|
cbdf730481 | ||
|
|
a5487771da | ||
|
|
ff9b7c7dcc | ||
|
|
262af4ac8e | ||
|
|
71539ad09c | ||
|
|
8232f79b4a | ||
|
|
7c810d409b | ||
|
|
ed4e324e77 | ||
|
|
726ae20f75 | ||
|
|
00bbbf414d | ||
|
|
57e2f45398 | ||
|
|
01ab115956 | ||
|
|
9a47714f3f | ||
|
|
9d926edabb | ||
|
|
7329603c47 | ||
|
|
a7c6791c1e | ||
|
|
96c95bb6cd | ||
|
|
6d3dab6798 | ||
|
|
b313c6fa00 | ||
|
|
75b138a7a8 | ||
|
|
641d6127ba | ||
|
|
2828d1038d | ||
|
|
cb902a6b9b | ||
|
|
1b066ef602 | ||
|
|
5e804a3483 | ||
|
|
6e0c0efa85 | ||
|
8f196cb4e2 | ||
|
|
9182ccfba2 | ||
|
39d89b8c84 | ||
|
|
24e30509e4 | ||
|
|
4f56ea49c3 | ||
|
|
e55b2b6f0a | ||
|
|
15573a6ef3 | ||
|
|
38b8f0b2aa | ||
|
|
8df34428dd | ||
|
|
26483533a9 | ||
|
|
380a8cb3fb | ||
|
|
fa5ced4660 | ||
|
|
bac497475f | ||
|
|
f43b413ed4 | ||
|
|
356e135ea1 | ||
|
|
e5c6533c9b | ||
|
|
8d92cac37d | ||
|
|
eb7401f6e5 | ||
|
|
8777501391 |
1
.gitignore
vendored
1
.gitignore
vendored
@@ -2,6 +2,7 @@
|
||||
.idea/
|
||||
anylink-deploy
|
||||
anylink-deploy.tar.gz
|
||||
anylink-deploy-*
|
||||
anylink
|
||||
anylink.db
|
||||
|
||||
|
||||
45
README.md
45
README.md
@@ -23,10 +23,11 @@ AnyLink 是一个企业级远程办公 sslvpn 的软件,可以支持多人同
|
||||
AnyLink 基于 [ietf-openconnect](https://tools.ietf.org/html/draft-mavrogiannopoulos-openconnect-02)
|
||||
协议开发,并且借鉴了 [ocserv](http://ocserv.gitlab.io/www/index.html) 的开发思路,使其可以同时兼容 AnyConnect 客户端。
|
||||
|
||||
AnyLink 使用 TLS/DTLS 进行数据加密,因此需要 RSA 或 ECC 证书,可以通过 Let's Encrypt 和 TrustAsia 申请免费的 SSL 证书。
|
||||
AnyLink 使用 TLS/DTLS 进行数据加密,因此需要 RSA 或 ECC 证书,可以使用私有自签证书,可以通过 Let's Encrypt 和 TrustAsia
|
||||
申请免费的 SSL 证书。
|
||||
|
||||
AnyLink 服务端仅在 CentOS 7、CentOS 8、Ubuntu 18.04、Ubuntu 20.04 测试通过,如需要安装在其他系统,需要服务端支持 tun/tap
|
||||
功能、ip 设置命令。
|
||||
功能、ip 设置命令、iptables命令。
|
||||
|
||||
## Screenshot
|
||||
|
||||
@@ -54,15 +55,16 @@ AnyLink 服务端仅在 CentOS 7、CentOS 8、Ubuntu 18.04、Ubuntu 20.04 测试
|
||||
>
|
||||
> 也可以添加QQ群 咨询群内大佬
|
||||
>
|
||||
> 添加QQ群①(已满): 567510628
|
||||
> 添加QQ群①: 567510628
|
||||
>
|
||||
> 添加QQ群②: 739072205
|
||||
> <img src="doc/screenshot/qq2.jpg" width="400" />
|
||||
|
||||
|
||||
### 使用问题
|
||||
|
||||
> 对于测试环境,可以使用 vpn.test.vqilu.cn 绑定host进行测试
|
||||
> 对于测试环境,可以直接进行测试,需要客户端取消勾选【阻止不受信任的服务器(Block connections to untrusted servers)】
|
||||
>
|
||||
> 对于线上环境,必须申请安全的https证书(跟nginx使用的证书类型一致),不支持私有证书连接
|
||||
> 对于线上环境,尽量申请安全的https证书(跟nginx使用的pem证书类型一致)
|
||||
>
|
||||
> 群共享文件有相关客户端软件下载,其他版本没有测试过,不保证使用正常
|
||||
>
|
||||
@@ -74,18 +76,22 @@ AnyLink 服务端仅在 CentOS 7、CentOS 8、Ubuntu 18.04、Ubuntu 20.04 测试
|
||||
|
||||
### 自行编译安装
|
||||
|
||||
> 需要提前安装好 golang >= 1.20 和 nodejs = 16.x 和 yarn >= v1.22.x
|
||||
> 需要提前安装好 docker
|
||||
|
||||
```shell
|
||||
git clone https://github.com/bjdgyc/anylink.git
|
||||
|
||||
# 编译参考软件版本
|
||||
# docker编译 参考软件版本(不需要安装)
|
||||
# go 1.20.12
|
||||
# node v16.20.2
|
||||
# yarn 1.22.19
|
||||
|
||||
|
||||
cd anylink
|
||||
|
||||
# 编译前端
|
||||
bash build_web.sh
|
||||
# 编译 anylink-deploy 发布文件
|
||||
bash build.sh
|
||||
|
||||
# 注意使用root权限运行
|
||||
@@ -121,7 +127,7 @@ sudo ./anylink
|
||||
- [x] 后台管理界面
|
||||
- [x] 访问权限管理
|
||||
- [x] 用户活动审计功能
|
||||
- [x] IP 访问审计功能
|
||||
- [x] IP 访问审计功能(支持多端口、连续端口)
|
||||
- [x] 域名动态拆分隧道(域名路由功能)
|
||||
- [x] radius认证支持
|
||||
- [x] LDAP认证支持
|
||||
@@ -129,6 +135,8 @@ sudo ./anylink
|
||||
- [x] 流量压缩功能
|
||||
- [x] 出口 IP 自动放行
|
||||
- [x] 支持多服务的配置区分
|
||||
- [x] 支持私有自签证书
|
||||
- [x] 支持内网域名解析(指定的域名走内网dns)
|
||||
- [ ] 基于 ipvtap 设备的桥接访问模式
|
||||
|
||||
## Config
|
||||
@@ -181,7 +189,6 @@ sudo ./anylink
|
||||
>
|
||||
> ubuntu: apt-get install iptables iproute2
|
||||
|
||||
|
||||
### link_mode 设置
|
||||
|
||||
> 以下参数必须设置其中之一
|
||||
@@ -325,6 +332,7 @@ ipv4_end = "10.1.2.200"
|
||||
- centos: `/usr/lib/systemd/system/`
|
||||
- ubuntu: `/lib/systemd/system/`
|
||||
3. 操作命令:
|
||||
- 加载配置: `systemctl daemon-reload`
|
||||
- 启动: `systemctl start anylink`
|
||||
- 停止: `systemctl stop anylink`
|
||||
- 开机自启: `systemctl enable anylink`
|
||||
@@ -341,11 +349,24 @@ ipv4_end = "10.1.2.200"
|
||||
|
||||
## Docker
|
||||
|
||||
### anylink 镜像地址
|
||||
|
||||
对于国内用户,为提高镜像拉取体验,可以考虑拉取存放于阿里云镜像仓库的镜像,镜像名称及标签如下表所示(
|
||||
具体版本号可以查看 `version` 文件):
|
||||
|
||||
| 支持设备/平台 | DockerHub | 阿里云镜像仓库 |
|
||||
|:-------------:|:---------------------:|:---------------------------------------------------------------:|
|
||||
| x86_64/amd64 | bjdgyc/anylink:latest | registry.cn-hangzhou.aliyuncs.com/bjdgyc/anylink:latest |
|
||||
| x86_64/amd64 | bjdgyc/anylink:0.12.1 | registry.cn-hangzhou.aliyuncs.com/bjdgyc/anylink:0.12.1 |
|
||||
| armv8/aarch64 | bjdgyc/anylink:latest | registry.cn-hangzhou.aliyuncs.com/bjdgyc/anylink:arm64v8-latest |
|
||||
| armv8/aarch64 | bjdgyc/anylink:0.12.1 | registry.cn-hangzhou.aliyuncs.com/bjdgyc/anylink:arm64v8-0.12.1 |
|
||||
|
||||
1. 获取镜像
|
||||
```bash
|
||||
# 具体tag可以从docker hub获取
|
||||
# https://hub.docker.com/r/bjdgyc/anylink/tags
|
||||
docker pull bjdgyc/anylink:latest
|
||||
docker pull registry.cn-hangzhou.aliyuncs.com/bjdgyc/anylink:latest
|
||||
```
|
||||
|
||||
2. 查看命令信息
|
||||
@@ -432,14 +453,14 @@ ipv4_end = "10.1.2.200"
|
||||
- [三方文档-男孩的天职](https://note.youdao.com/s/X4AxyWfL)
|
||||
- [三方文档-issues](https://github.com/bjdgyc/anylink/issues)
|
||||
- [三方文档-思有云](https://www.ioiox.com/archives/128.html)
|
||||
- [三方文档-杨杨得亿](https://yangpin.link/archives/1897.html) [Windows电脑连接步骤-杨杨得亿](https://yangpin.link/archives/1697.html)
|
||||
|
||||
## Support Client
|
||||
|
||||
- [AnyConnect Secure Client](https://www.cisco.com/) (可通过群文件下载: Windows/macOS/Linux/Android/iOS)
|
||||
- [OpenConnect](https://gitlab.com/openconnect/openconnect) (Windows/macOS/Linux)
|
||||
- [三方 AnyLink Secure Client](https://github.com/tlslink/anylink-client) (Windows/macOS/Linux)
|
||||
- [三方客户端下载地址](https://cisco.yangpin.link) (Windows/macOS/Linux/Android/iOS)
|
||||
|
||||
- 【推荐】三方客户端下载地址(Windows/macOS/Linux/Android/iOS) [国内地址](https://ocserv.yydy.link:2023) [国外地址](https://cisco.yydy.link/#/)
|
||||
|
||||
## Contribution
|
||||
|
||||
|
||||
19
build.sh
19
build.sh
@@ -7,15 +7,22 @@ ver=$(cat version)
|
||||
echo $ver
|
||||
|
||||
#前端编译 仅需要执行一次
|
||||
bash ./build_web.sh
|
||||
#bash ./build_web.sh
|
||||
|
||||
cd $cpath/server
|
||||
bash build_docker.sh
|
||||
|
||||
go build -v -o anylink
|
||||
|
||||
./anylink -v
|
||||
deploy="anylink-deploy-$ver"
|
||||
docker container rm $deploy
|
||||
docker container create --name $deploy bjdgyc/anylink:$ver
|
||||
rm -rf anylink-deploy anylink-deploy.tar.gz
|
||||
docker cp -a $deploy:/app ./anylink-deploy
|
||||
tar zcf ${deploy}.tar.gz anylink-deploy
|
||||
|
||||
|
||||
echo "anylink 编译完成,目录: $cpath/server/anylink"
|
||||
./anylink-deploy/anylink -v
|
||||
|
||||
|
||||
echo "anylink 编译完成,目录: anylink-deploy"
|
||||
ls -lh anylink-deploy
|
||||
|
||||
|
||||
|
||||
@@ -11,14 +11,13 @@ echo $ver
|
||||
#bash ./build_web.sh
|
||||
|
||||
# docker buildx build --platform linux/amd64,linux/arm64,linux/arm/v7 本地不生成镜像
|
||||
docker build -t bjdgyc/anylink:latest --no-cache --progress=plain --platform linux/amd64 \
|
||||
--build-arg CN="yes" --build-arg appVer=$ver --build-arg commitId=$(git rev-parse HEAD) -f docker/Dockerfile .
|
||||
docker build -t bjdgyc/anylink:latest --no-cache --progress=plain \
|
||||
--build-arg CN="yes" --build-arg appVer=$ver --build-arg commitId=$(git rev-parse HEAD) \
|
||||
-f docker/Dockerfile .
|
||||
|
||||
echo "docker tag latest $ver"
|
||||
docker tag bjdgyc/anylink:latest bjdgyc/anylink:$ver
|
||||
|
||||
exit 0
|
||||
|
||||
docker tag bjdgyc/anylink:latest registry.cn-qingdao.aliyuncs.com/bjdgyc/anylink:latest
|
||||
|
||||
docker push registry.cn-qingdao.aliyuncs.com/bjdgyc/anylink:latest
|
||||
# docker tag bjdgyc/anylink:$ver registry.cn-hangzhou.aliyuncs.com/bjdgyc/anylink:test-$ver
|
||||
# docker push registry.cn-hangzhou.aliyuncs.com/bjdgyc/anylink:test-$ver
|
||||
|
||||
@@ -42,9 +42,10 @@ go build -v -o anylink $flags -ldflags "$ldflags"
|
||||
EOF
|
||||
)
|
||||
|
||||
# golang:1.20-alpine3.19
|
||||
#使用 musl-dev 编译
|
||||
docker run -q --rm -v $PWD/server:/app -v $gopath:/go -w /app --platform=linux/amd64 \
|
||||
golang:1.20-alpine3.19 sh -c "$dockercmd"
|
||||
golang:1.22-alpine3.19 sh -c "$dockercmd"
|
||||
|
||||
#arm64编译
|
||||
#docker run -q --rm -v $PWD/server:/app -v $gopath:/go -w /app --platform=linux/arm64 \
|
||||
|
||||
@@ -1,7 +1,9 @@
|
||||
#!/bin/bash
|
||||
|
||||
rm -rf web/ui server/ui
|
||||
|
||||
docker run -it --rm -v $PWD/web:/app -w /app node:16-alpine \
|
||||
sh -c "yarn install --registry=https://registry.npmmirror.com && yarn run build"
|
||||
|
||||
rm -rf server/ui
|
||||
|
||||
cp -r web/ui server/ui
|
||||
|
||||
27
deploy_docker_cn.sh
Normal file
27
deploy_docker_cn.sh
Normal file
@@ -0,0 +1,27 @@
|
||||
#!/bin/bash
|
||||
|
||||
ver=$(cat version)
|
||||
echo $ver
|
||||
|
||||
echo "docker tag latest $ver"
|
||||
|
||||
docker pull --platform=linux/amd64 bjdgyc/anylink:$ver
|
||||
|
||||
docker tag bjdgyc/anylink:$ver registry.cn-hangzhou.aliyuncs.com/bjdgyc/anylink:latest
|
||||
docker push registry.cn-hangzhou.aliyuncs.com/bjdgyc/anylink:latest
|
||||
|
||||
docker tag bjdgyc/anylink:$ver registry.cn-hangzhou.aliyuncs.com/bjdgyc/anylink:$ver
|
||||
docker push registry.cn-hangzhou.aliyuncs.com/bjdgyc/anylink:$ver
|
||||
|
||||
docker rmi bjdgyc/anylink:$ver
|
||||
|
||||
#arm64
|
||||
docker pull --platform=linux/arm64 bjdgyc/anylink:$ver
|
||||
|
||||
docker tag bjdgyc/anylink:$ver registry.cn-hangzhou.aliyuncs.com/bjdgyc/anylink:arm64v8-latest
|
||||
docker push registry.cn-hangzhou.aliyuncs.com/bjdgyc/anylink:arm64v8-latest
|
||||
|
||||
docker tag bjdgyc/anylink:$ver registry.cn-hangzhou.aliyuncs.com/bjdgyc/anylink:arm64v8-$ver
|
||||
docker push registry.cn-hangzhou.aliyuncs.com/bjdgyc/anylink:arm64v8-$ver
|
||||
|
||||
docker rmi bjdgyc/anylink:$ver
|
||||
@@ -12,38 +12,45 @@
|
||||
>
|
||||
> 需要展示主页的同学,可以在QQ群 直接联系我添加。
|
||||
|
||||
| 昵称 | 主页 / 联系方式 |
|
||||
|-----------|------------------------------|
|
||||
| 代码 oo8 | |
|
||||
| 甘磊 | https://github.com/ganlei333 |
|
||||
| Oo@ | https://github.com/chooop |
|
||||
| 虚极静笃 | |
|
||||
| 请喝可乐 | |
|
||||
| 加油加油 | |
|
||||
| 李建 | |
|
||||
| lanbin | |
|
||||
| 乐在东途 | |
|
||||
| 孤鸿 | |
|
||||
| 刘国华 | |
|
||||
| 改名好无聊 | |
|
||||
| 全能互联网专家 | |
|
||||
| JCM | |
|
||||
| Eh... | |
|
||||
| 沉 | |
|
||||
| 刘国华 | |
|
||||
| 忧郁的豚骨拉面 | |
|
||||
| 张小旋当爹地 | |
|
||||
| 对方正在输入 | |
|
||||
| Ronny | |
|
||||
| 奔跑的少年 | |
|
||||
| ZBW | |
|
||||
| 悲鸣 | |
|
||||
| 谢谢 | |
|
||||
| 云思科技 | |
|
||||
| 哆啦A伟(张佳伟) | |
|
||||
| 人类的悲欢并不相通 | |
|
||||
| 做人要低调 | |
|
||||
| 洛洛 | |
|
||||
| 昵称 | 主页 / 联系方式 |
|
||||
|-------------|------------------------------|
|
||||
| 代码 oo8 | |
|
||||
| 甘磊 | https://github.com/ganlei333 |
|
||||
| Oo@ | https://github.com/chooop |
|
||||
| 虚极静笃 | |
|
||||
| 请喝可乐 | |
|
||||
| 加油加油 | |
|
||||
| 李建 | |
|
||||
| lanbin | |
|
||||
| 乐在东途 | |
|
||||
| 孤鸿 | |
|
||||
| 刘国华 | |
|
||||
| 改名好无聊 | |
|
||||
| 全能互联网专家 | |
|
||||
| JCM | |
|
||||
| Eh... | |
|
||||
| 沉 | |
|
||||
| 刘国华 | |
|
||||
| 忧郁的豚骨拉面 | |
|
||||
| 张小旋当爹地 | |
|
||||
| 对方正在输入 | |
|
||||
| Ronny | |
|
||||
| 奔跑的少年 | |
|
||||
| ZBW | |
|
||||
| 悲鸣 | |
|
||||
| 谢谢 | |
|
||||
| 云思科技 | |
|
||||
| 哆啦A伟(张佳伟) | |
|
||||
| 人类的悲欢并不相通 | |
|
||||
| 做人要低调 | |
|
||||
| 洛洛 | |
|
||||
| Dragon Liao | |
|
||||
| 诸葛御风 | |
|
||||
| 杨杨得亿 | |
|
||||
| Thanataos | |
|
||||
| 憨大叔 | |
|
||||
| 明月 | |
|
||||
| Amis | |
|
||||
|
||||
|
||||
|
||||
|
||||
@@ -10,6 +10,10 @@
|
||||
|
||||
> 请使用手机安装 freeotp ,然后扫描otp二维码,生成的数字即是动态码
|
||||
|
||||
### 用户策略问题
|
||||
|
||||
> 只要有用户策略,组策略就不生效,相当于覆盖了组策略的配置
|
||||
|
||||
### 远程桌面连接
|
||||
|
||||
> 本软件已经支持远程桌面里面连接anyconnect。
|
||||
|
||||
BIN
doc/screenshot/qq2.jpg
Normal file
BIN
doc/screenshot/qq2.jpg
Normal file
Binary file not shown.
|
After Width: | Height: | Size: 102 KiB |
@@ -13,7 +13,8 @@
|
||||
# 需要先编译出ui文件后 再执行docker编译
|
||||
|
||||
# server
|
||||
FROM golang:1.20-alpine3.19 as builder_golang
|
||||
# golang:1.20-alpine3.19
|
||||
FROM golang:1.22-alpine3.19 as builder_golang
|
||||
|
||||
ARG CN="no"
|
||||
ARG appVer="appVer"
|
||||
|
||||
@@ -9,12 +9,16 @@ if [[ $CN == "yes" ]]; then
|
||||
export GOPROXY=https://goproxy.cn
|
||||
fi
|
||||
|
||||
|
||||
# docker 启动使用 4.19 以上内核
|
||||
apk add --no-cache ca-certificates bash iproute2 tzdata iptables
|
||||
|
||||
# alpine:3.19 兼容老版 iptables
|
||||
apk add --no-cache iptables iptables-legacy
|
||||
apk add --no-cache iptables-legacy
|
||||
rm /sbin/iptables
|
||||
ln -s /sbin/iptables-legacy /sbin/iptables
|
||||
|
||||
apk add --no-cache ca-certificates bash iproute2 tzdata
|
||||
|
||||
chmod +x /app/docker_entrypoint.sh
|
||||
mkdir /app/log
|
||||
|
||||
|
||||
165
index_template/自定义首页2.html
Normal file
165
index_template/自定义首页2.html
Normal file
@@ -0,0 +1,165 @@
|
||||
<!DOCTYPE html>
|
||||
<html lang="zh-CN">
|
||||
|
||||
<head>
|
||||
<meta charset=UTF-8">
|
||||
<title id="pageTitle">客户端下载</title>
|
||||
<meta name="viewport" content="width=device-width, initial-scale=1.0">
|
||||
<style type="text/css">
|
||||
body {
|
||||
background-color: #fff;
|
||||
background-image: linear-gradient(0deg, transparent 24%, rgba(207, 207, 207, 0.2) 25%, rgba(207, 207, 207, 0.2) 26%, transparent 27%, transparent 74%, rgba(207, 207, 207, 0.2) 75%, rgba(207, 207, 207, 0.2) 76%, transparent 77%, transparent),
|
||||
linear-gradient(90deg, transparent 24%, rgba(207, 207, 207, 0.2) 25%, rgba(207, 207, 207, 0.2) 26%, transparent 27%, transparent 74%, rgba(207, 207, 207, 0.2) 75%, rgba(207, 207, 207, 0.2) 76%, transparent 77%, transparent);
|
||||
background-size: 50px 50px;
|
||||
margin: 0;
|
||||
padding: 0;
|
||||
display: flex;
|
||||
justify-content: center;
|
||||
align-items: center;
|
||||
height: 100vh;
|
||||
}
|
||||
|
||||
#box {
|
||||
background-color: #ffffff;
|
||||
box-shadow: 0 0 10px rgba(0, 0, 0, 0.1);
|
||||
position: relative;
|
||||
padding: 20px;
|
||||
border-radius: 8px;
|
||||
max-width: 550px;
|
||||
width: 100%;
|
||||
box-sizing: border-box;
|
||||
}
|
||||
|
||||
h2 {
|
||||
color: #333;
|
||||
font-weight: 600;
|
||||
font-size: 28px;
|
||||
margin: 0 0 20px 0;
|
||||
}
|
||||
|
||||
p {
|
||||
color: #666;
|
||||
font-size: 16px;
|
||||
line-height: 1.6;
|
||||
margin-top: 20px;
|
||||
}
|
||||
|
||||
.button {
|
||||
background-color: #ddd;
|
||||
text-decoration: none;
|
||||
line-height: 44px;
|
||||
padding: 9px 42px;
|
||||
font-weight: 500;
|
||||
color: #fff;
|
||||
font-size: 16px;
|
||||
-webkit-transition: background-color 0.25s ease-out 0s;
|
||||
-moz-transition: background-color 0.25s ease-out 0s;
|
||||
transition: background-color 0.25s ease-out 0s;
|
||||
-moz-border-radius: 4px;
|
||||
-webkit-border-radius: 4px;
|
||||
border-radius: 4px;
|
||||
}
|
||||
|
||||
.button:hover {
|
||||
background-color: #CCC;
|
||||
color: #444;
|
||||
}
|
||||
|
||||
.button:active {
|
||||
background-color: #666;
|
||||
color: #eee;
|
||||
}
|
||||
|
||||
.blue {
|
||||
background-color: #007BFF;
|
||||
}
|
||||
|
||||
.deep-blue {
|
||||
background-color: #0056B3;
|
||||
}
|
||||
|
||||
.green {
|
||||
background-color: #28A745;
|
||||
}
|
||||
|
||||
.grey {
|
||||
background-color: #6C757D;
|
||||
}
|
||||
|
||||
.black {
|
||||
background-color: #343A40;
|
||||
}
|
||||
|
||||
.light-blue {
|
||||
background-color: #17A2B8;
|
||||
}
|
||||
|
||||
.dark-grey {
|
||||
background-color: #495057;
|
||||
}
|
||||
|
||||
@media (max-width: 768px) {
|
||||
h2 {
|
||||
font-size: 24px;
|
||||
}
|
||||
|
||||
p {
|
||||
font-size: 14px;
|
||||
}
|
||||
|
||||
.button {
|
||||
padding: 7px 35px;
|
||||
}
|
||||
}
|
||||
</style>
|
||||
</head>
|
||||
|
||||
<body>
|
||||
<div id="app">
|
||||
<div id="box">
|
||||
<h2 id="title">请选择对应平台下载</h2>
|
||||
<p id="windowsTab">Windows 系统</p>
|
||||
<a id="linkWindowsX86_64" class="button blue" href="#">Win X86_64</a>
|
||||
<a id="linkWindowsARM64" class="button deep-blue" href="#">Win ARM64</a>
|
||||
|
||||
<p id="mobileTab">移动端</p>
|
||||
<a id="linkAndroid" class="button green" href="#">Android</a>
|
||||
<a id="linkIphone" class="button grey" href="#" target="_blank">iPhone</a>
|
||||
|
||||
<p id="macOSTab">MacOS 系统</p>
|
||||
<a id="linkMacos" class="button black" href="#">Mac Intel</a>
|
||||
<a id="linkMacosARM64" class="button blue" href="#">Mac ARM64</a>
|
||||
|
||||
<p id="totpTab">TOTP 移动客户端</p>
|
||||
<a id="linkTotpAndroid" class="button light-blue" href="#">Android</a>
|
||||
<a id="linkTotpIphone" class="button dark-grey" href="#" target="_blank">iPhone</a>
|
||||
</div>
|
||||
</div>
|
||||
<script>
|
||||
const data = {
|
||||
links: {
|
||||
windowsX86_64: '/files/anyconnect-win-4.10.05111.msi',
|
||||
windowsARM64: '/files/anyconnect-win-4.10.05111.msi',
|
||||
android: '/files/CiscoSecureClientAnyConnect_v5.0.00247.apk',
|
||||
iphone: 'https://apps.apple.com/cn/app/cisco-anyconnect/id1135064690',
|
||||
macosIntel: '/files/anyconnect-macos-4.10.05111.dmg',
|
||||
macosARM64: '/files/anyconnect-macos-4.10.05111.dmg',
|
||||
totpAndroid: '/files/Authenticator_v5.10_apkpure.com.apk',
|
||||
totpIphone: 'https://apps.apple.com/cn/app/google-authenticator/id388497605',
|
||||
}
|
||||
};
|
||||
|
||||
window.onload = function () {
|
||||
document.getElementById('linkWindowsX86_64').href = data.links.windowsX86_64;
|
||||
document.getElementById('linkWindowsARM64').href = data.links.windowsARM64;
|
||||
document.getElementById('linkAndroid').href = data.links.android;
|
||||
document.getElementById('linkIphone').href = data.links.iphone;
|
||||
document.getElementById('linkMacos').href = data.links.macosIntel;
|
||||
document.getElementById('linkMacosARM64').href = data.links.macosARM64;
|
||||
document.getElementById('linkTotpAndroid').href = data.links.totpAndroid;
|
||||
document.getElementById('linkTotpIphone').href = data.links.totpIphone;
|
||||
};
|
||||
</script>
|
||||
</body>
|
||||
|
||||
</html>
|
||||
@@ -75,6 +75,10 @@ func GroupDetail(w http.ResponseWriter, r *http.Request) {
|
||||
if len(data.Auth) == 0 {
|
||||
data.Auth["type"] = "local"
|
||||
}
|
||||
// 兼容旧数据
|
||||
if data.SplitDns == nil {
|
||||
data.SplitDns = []dbdata.ValData{}
|
||||
}
|
||||
RespSucess(w, data)
|
||||
}
|
||||
|
||||
|
||||
@@ -17,6 +17,7 @@ import (
|
||||
"github.com/bjdgyc/anylink/dbdata"
|
||||
"github.com/bjdgyc/anylink/sessdata"
|
||||
"github.com/skip2/go-qrcode"
|
||||
mail "github.com/xhit/go-simple-mail/v2"
|
||||
)
|
||||
|
||||
func UserList(w http.ResponseWriter, r *http.Request) {
|
||||
@@ -179,7 +180,15 @@ func userOtpQr(uid int, b64 bool) (string, error) {
|
||||
|
||||
// 在线用户
|
||||
func UserOnline(w http.ResponseWriter, r *http.Request) {
|
||||
datas := sessdata.OnlineSess()
|
||||
_ = r.ParseForm()
|
||||
search_cate := r.FormValue("search_cate")
|
||||
search_text := r.FormValue("search_text")
|
||||
show_sleeper := r.FormValue("show_sleeper")
|
||||
showSleeper, _ := strconv.ParseBool(show_sleeper)
|
||||
// one_offline := r.FormValue("one_offline")
|
||||
|
||||
// datas := sessdata.OnlineSess()
|
||||
datas := sessdata.GetOnlineSess(search_cate, search_text, showSleeper)
|
||||
|
||||
data := map[string]interface{}{
|
||||
"count": len(datas),
|
||||
@@ -211,8 +220,10 @@ type userAccountMailData struct {
|
||||
Username string
|
||||
Nickname string
|
||||
PinCode string
|
||||
LimitTime string
|
||||
OtpImg string
|
||||
OtpImgBase64 string
|
||||
DisableOtp bool
|
||||
}
|
||||
|
||||
func userAccountMail(user *dbdata.User) error {
|
||||
@@ -264,7 +275,15 @@ func userAccountMail(user *dbdata.User) error {
|
||||
PinCode: user.PinCode,
|
||||
OtpImg: fmt.Sprintf("https://%s/otp_qr?id=%d&jwt=%s", setting.LinkAddr, user.Id, tokenString),
|
||||
OtpImgBase64: "data:image/png;base64," + otpData,
|
||||
DisableOtp: user.DisableOtp,
|
||||
}
|
||||
|
||||
if user.LimitTime == nil {
|
||||
data.LimitTime = "无限制"
|
||||
} else {
|
||||
data.LimitTime = user.LimitTime.Local().Format("2006-01-02")
|
||||
}
|
||||
|
||||
w := bytes.NewBufferString("")
|
||||
t, _ := template.New("auth_complete").Parse(htmlBody)
|
||||
err = t.Execute(w, data)
|
||||
@@ -272,5 +291,19 @@ func userAccountMail(user *dbdata.User) error {
|
||||
return err
|
||||
}
|
||||
// fmt.Println(w.String())
|
||||
return SendMail(base.Cfg.Issuer+"平台通知", user.Email, w.String())
|
||||
|
||||
var attach *mail.File
|
||||
if user.DisableOtp {
|
||||
attach = nil
|
||||
} else {
|
||||
imgData, _ := userOtpQr(user.Id, false)
|
||||
attach = &mail.File{
|
||||
MimeType: "image/png",
|
||||
Name: "userOtpQr.png",
|
||||
Data: []byte(imgData),
|
||||
Inline: true,
|
||||
}
|
||||
}
|
||||
|
||||
return SendMail(base.Cfg.Issuer, user.Email, w.String(), attach)
|
||||
}
|
||||
|
||||
@@ -43,7 +43,7 @@ func GetJwtData(jwtToken string) (map[string]interface{}, error) {
|
||||
return claims, nil
|
||||
}
|
||||
|
||||
func SendMail(subject, to, htmlBody string) error {
|
||||
func SendMail(subject, to, htmlBody string, attach *mail.File) error {
|
||||
|
||||
dataSmtp := &dbdata.SettingSmtp{}
|
||||
err := dbdata.SettingGet(dataSmtp)
|
||||
@@ -102,6 +102,10 @@ func SendMail(subject, to, htmlBody string) error {
|
||||
AddTo(to).
|
||||
SetSubject(subject)
|
||||
|
||||
if attach != nil {
|
||||
email.Attach(attach)
|
||||
}
|
||||
|
||||
email.SetBody(mail.TextHTML, htmlBody)
|
||||
|
||||
// Call Send and pass the client
|
||||
|
||||
@@ -111,12 +111,6 @@ func StartAdmin() {
|
||||
selectedCipherSuites = append(selectedCipherSuites, s.ID)
|
||||
}
|
||||
|
||||
if tlscert, _, err := dbdata.ParseCert(); err != nil {
|
||||
base.Fatal("证书加载失败", err)
|
||||
} else {
|
||||
dbdata.LoadCertificate(tlscert)
|
||||
}
|
||||
|
||||
// 设置tls信息
|
||||
tlsConfig := &tls.Config{
|
||||
NextProtos: []string{"http/1.1"},
|
||||
|
||||
@@ -55,9 +55,9 @@ var configs = []config{
|
||||
{Typ: cfgInt, Name: "max_client", Usage: "最大用户连接", ValInt: 200},
|
||||
{Typ: cfgInt, Name: "max_user_client", Usage: "最大单用户连接", ValInt: 3},
|
||||
{Typ: cfgInt, Name: "cstp_keepalive", Usage: "keepalive时间(秒)", ValInt: 3},
|
||||
{Typ: cfgInt, Name: "cstp_dpd", Usage: "死链接检测时间(秒)", ValInt: 10},
|
||||
{Typ: cfgInt, Name: "cstp_dpd", Usage: "死链接检测时间(秒)", ValInt: 20},
|
||||
{Typ: cfgInt, Name: "mobile_keepalive", Usage: "移动端keepalive接检测时间(秒)", ValInt: 4},
|
||||
{Typ: cfgInt, Name: "mobile_dpd", Usage: "移动端死链接检测时间(秒)", ValInt: 15},
|
||||
{Typ: cfgInt, Name: "mobile_dpd", Usage: "移动端死链接检测时间(秒)", ValInt: 60},
|
||||
{Typ: cfgInt, Name: "mtu", Usage: "最大传输单元MTU", ValInt: 1460},
|
||||
{Typ: cfgInt, Name: "idle_timeout", Usage: "空闲链接超时时间(秒)-超时后断开链接,0关闭此功能", ValInt: 0},
|
||||
{Typ: cfgInt, Name: "session_timeout", Usage: "session过期时间(秒)-用于断线重连,0永不过期", ValInt: 3600},
|
||||
|
||||
@@ -9,6 +9,7 @@
|
||||
<RestrictTunnelProtocols>IPSec</RestrictTunnelProtocols>
|
||||
<BypassDownloader>true</BypassDownloader>
|
||||
<AutoUpdate UserControllable="false">false</AutoUpdate>
|
||||
<LocalLanAccess UserControllable="true">true</LocalLanAccess>
|
||||
<WindowsVPNEstablishment>AllowRemoteUsers</WindowsVPNEstablishment>
|
||||
<LinuxVPNEstablishment>AllowRemoteUsers</LinuxVPNEstablishment>
|
||||
<CertEnrollmentPin>pinAllowed</CertEnrollmentPin>
|
||||
|
||||
@@ -12,9 +12,15 @@ cert_key = "./conf/vpn_cert.key"
|
||||
files_path = "./conf/files"
|
||||
profile = "./conf/profile.xml"
|
||||
#profile name(用于区分不同服务端的配置)
|
||||
#客户端存放位置 C:\ProgramData\Cisco\Cisco Secure Client\VPN\Profile
|
||||
#客户端存放位置
|
||||
#Windows 10
|
||||
#%ProgramData%Cisco\Cisco AnyConnect Secure Mobility Client\Profile
|
||||
#Mac Os X
|
||||
#/opt/cisco/anyconnect/profile
|
||||
#Linux
|
||||
#/opt/cisco/anyconnect/profile
|
||||
profile_name = "anylink"
|
||||
#日志目录,为空写入标准输出
|
||||
#日志目录,默认为空写入标准输出
|
||||
#log_path = "./log"
|
||||
log_path = ""
|
||||
log_level = "debug"
|
||||
@@ -66,9 +72,9 @@ default_group = "one"
|
||||
|
||||
#客户端失效检测时间(秒) dpd > keepalive
|
||||
cstp_keepalive = 3
|
||||
cstp_dpd = 10
|
||||
cstp_dpd = 20
|
||||
mobile_keepalive = 4
|
||||
mobile_dpd = 15
|
||||
mobile_dpd = 60
|
||||
|
||||
# 根据实际情况修改
|
||||
#cstp_keepalive = 20
|
||||
|
||||
@@ -10,6 +10,9 @@ db_source = "./conf/anylink.db"
|
||||
cert_file = "./conf/vpn_cert.pem"
|
||||
cert_key = "./conf/vpn_cert.key"
|
||||
files_path = "./conf/files"
|
||||
|
||||
#日志目录,默认为空写入标准输出
|
||||
#log_path = "./log"
|
||||
log_level = "debug"
|
||||
|
||||
#系统名称
|
||||
|
||||
@@ -1,6 +1,7 @@
|
||||
package dbdata
|
||||
|
||||
import (
|
||||
"net/http"
|
||||
"time"
|
||||
|
||||
"github.com/bjdgyc/anylink/base"
|
||||
@@ -121,6 +122,7 @@ func addInitData() error {
|
||||
other := &SettingOther{
|
||||
LinkAddr: "vpn.xx.com",
|
||||
Banner: "您已接入公司网络,请按照公司规定使用。\n请勿进行非工作下载及视频行为!",
|
||||
Homecode: http.StatusOK,
|
||||
Homeindex: "AnyLink 是一个企业级远程办公 sslvpn 的软件,可以支持多人同时在线使用。",
|
||||
AccountMail: accountMail,
|
||||
}
|
||||
@@ -145,7 +147,7 @@ func addInitData() error {
|
||||
Name: "all",
|
||||
AllowLan: true,
|
||||
ClientDns: []ValData{{Val: "114.114.114.114"}},
|
||||
RouteInclude: []ValData{{Val: All}},
|
||||
RouteInclude: []ValData{{Val: ALL}},
|
||||
Status: 1,
|
||||
}
|
||||
err = SetGroup(&g1)
|
||||
@@ -172,6 +174,9 @@ func CheckErrNotFound(err error) bool {
|
||||
return err == ErrNotFound
|
||||
}
|
||||
|
||||
// base64 图片
|
||||
// 用户动态码(请妥善保存):<br/>
|
||||
// <img src="{{.OtpImgBase64}}"/><br/>
|
||||
const accountMail = `<p>您好:</p>
|
||||
<p> 您的{{.Issuer}}账号已经审核开通。</p>
|
||||
<p>
|
||||
@@ -179,12 +184,19 @@ const accountMail = `<p>您好:</p>
|
||||
用户组: <b>{{.Group}}</b> <br/>
|
||||
用户名: <b>{{.Username}}</b> <br/>
|
||||
用户PIN码: <b>{{.PinCode}}</b> <br/>
|
||||
用户过期时间: <b>{{.LimitTime}}</b> <br/>
|
||||
{{if .DisableOtp}}
|
||||
<!-- nothing -->
|
||||
{{else}}
|
||||
|
||||
<!--
|
||||
用户动态码(3天后失效):<br/>
|
||||
<img src="{{.OtpImg}}"/>
|
||||
<img src="{{.OtpImg}}"/><br/>
|
||||
-->
|
||||
用户动态码(请妥善保存):<br/>
|
||||
<img src="{{.OtpImgBase64}}"/>
|
||||
<img src="cid:userOtpQr.png" alt="userOtpQr" /><br/>
|
||||
|
||||
{{end}}
|
||||
</p>
|
||||
<div>
|
||||
使用说明:
|
||||
|
||||
@@ -5,10 +5,12 @@ import (
|
||||
"fmt"
|
||||
"net"
|
||||
"regexp"
|
||||
"strconv"
|
||||
"strings"
|
||||
"time"
|
||||
|
||||
"github.com/bjdgyc/anylink/base"
|
||||
"github.com/songgao/water/waterutil"
|
||||
"golang.org/x/text/language"
|
||||
"golang.org/x/text/message"
|
||||
)
|
||||
@@ -16,7 +18,10 @@ import (
|
||||
const (
|
||||
Allow = "allow"
|
||||
Deny = "deny"
|
||||
All = "all"
|
||||
ALL = "all"
|
||||
TCP = "tcp"
|
||||
UDP = "udp"
|
||||
ICMP = "icmp"
|
||||
)
|
||||
|
||||
// 域名分流最大字符2万
|
||||
@@ -24,11 +29,14 @@ const DsMaxLen = 20000
|
||||
|
||||
type GroupLinkAcl struct {
|
||||
// 自上而下匹配 默认 allow * *
|
||||
Action string `json:"action"` // allow、deny
|
||||
Val string `json:"val"`
|
||||
Port uint16 `json:"port"`
|
||||
IpNet *net.IPNet `json:"ip_net"`
|
||||
Note string `json:"note"`
|
||||
Action string `json:"action"` // allow、deny
|
||||
Protocol string `json:"protocol"` // 支持 ALL、TCP、UDP、ICMP 协议
|
||||
IpProto waterutil.IPProtocol `json:"ip_protocol"` // 判断协议使用
|
||||
Val string `json:"val"`
|
||||
Port string `json:"port"` // 兼容单端口历史数据类型uint16
|
||||
Ports map[uint16]int8 `json:"ports"`
|
||||
IpNet *net.IPNet `json:"ip_net"`
|
||||
Note string `json:"note"`
|
||||
}
|
||||
|
||||
type ValData struct {
|
||||
@@ -112,7 +120,7 @@ func SetGroup(g *Group) error {
|
||||
routeInclude := []ValData{}
|
||||
for _, v := range g.RouteInclude {
|
||||
if v.Val != "" {
|
||||
if v.Val == All {
|
||||
if v.Val == ALL {
|
||||
routeInclude = append(routeInclude, v)
|
||||
continue
|
||||
}
|
||||
@@ -161,14 +169,74 @@ func SetGroup(g *Group) error {
|
||||
return errors.New("GroupLinkAcl 错误" + err.Error())
|
||||
}
|
||||
v.IpNet = ipNet
|
||||
linkAcl = append(linkAcl, v)
|
||||
|
||||
// 设置协议数据
|
||||
switch v.Protocol {
|
||||
case TCP:
|
||||
v.IpProto = waterutil.TCP
|
||||
case UDP:
|
||||
v.IpProto = waterutil.UDP
|
||||
case ICMP:
|
||||
v.IpProto = waterutil.ICMP
|
||||
default:
|
||||
// 其他类型都是 all
|
||||
v.Protocol = ALL
|
||||
}
|
||||
|
||||
portsStr := v.Port
|
||||
v.Port = strings.TrimSpace(portsStr)
|
||||
// switch vp := v.Port.(type) {
|
||||
// case float64:
|
||||
// portsStr = strconv.Itoa(int(vp))
|
||||
// case string:
|
||||
// portsStr = vp
|
||||
// }
|
||||
|
||||
if regexp.MustCompile(`^\d{1,5}(-\d{1,5})?(,\d{1,5}(-\d{1,5})?)*$`).MatchString(portsStr) {
|
||||
ports := map[uint16]int8{}
|
||||
for _, p := range strings.Split(portsStr, ",") {
|
||||
if p == "" {
|
||||
continue
|
||||
}
|
||||
if regexp.MustCompile(`^\d{1,5}-\d{1,5}$`).MatchString(p) {
|
||||
rp := strings.Split(p, "-")
|
||||
// portfrom, err := strconv.Atoi(rp[0])
|
||||
portfrom, err := strconv.ParseUint(rp[0], 10, 16)
|
||||
if err != nil {
|
||||
return errors.New("端口:" + rp[0] + " 格式错误, " + err.Error())
|
||||
}
|
||||
// portto, err := strconv.Atoi(rp[1])
|
||||
portto, err := strconv.ParseUint(rp[1], 10, 16)
|
||||
if err != nil {
|
||||
return errors.New("端口:" + rp[1] + " 格式错误, " + err.Error())
|
||||
}
|
||||
for i := portfrom; i <= portto; i++ {
|
||||
ports[uint16(i)] = 1
|
||||
}
|
||||
|
||||
} else {
|
||||
port, err := strconv.ParseUint(p, 10, 16)
|
||||
if err != nil {
|
||||
return errors.New("端口:" + p + " 格式错误, " + err.Error())
|
||||
}
|
||||
ports[uint16(port)] = 1
|
||||
}
|
||||
}
|
||||
v.Ports = ports
|
||||
linkAcl = append(linkAcl, v)
|
||||
} else {
|
||||
return errors.New("端口: " + portsStr + " 格式错误,请用逗号分隔的端口,比如: 22,80,443 连续端口用-,比如:1234-5678")
|
||||
}
|
||||
|
||||
}
|
||||
}
|
||||
|
||||
g.LinkAcl = linkAcl
|
||||
|
||||
// DNS 判断
|
||||
clientDns := []ValData{}
|
||||
for _, v := range g.ClientDns {
|
||||
v.Val = strings.TrimSpace(v.Val)
|
||||
if v.Val != "" {
|
||||
ip := net.ParseIP(v.Val)
|
||||
if ip.String() != v.Val {
|
||||
@@ -183,6 +251,20 @@ func SetGroup(g *Group) error {
|
||||
return errors.New("默认路由,必须设置一个DNS")
|
||||
}
|
||||
g.ClientDns = clientDns
|
||||
|
||||
splitDns := []ValData{}
|
||||
for _, v := range g.SplitDns {
|
||||
v.Val = strings.TrimSpace(v.Val)
|
||||
if v.Val != "" {
|
||||
ValidateDomainName(v.Val)
|
||||
if !ValidateDomainName(v.Val) {
|
||||
return errors.New("域名 错误")
|
||||
}
|
||||
splitDns = append(splitDns, v)
|
||||
}
|
||||
}
|
||||
g.SplitDns = splitDns
|
||||
|
||||
// 域名拆分隧道,不能同时填写
|
||||
g.DsIncludeDomains = strings.TrimSpace(g.DsIncludeDomains)
|
||||
g.DsExcludeDomains = strings.TrimSpace(g.DsExcludeDomains)
|
||||
@@ -238,6 +320,15 @@ func SetGroup(g *Group) error {
|
||||
return err
|
||||
}
|
||||
|
||||
func ContainsInPorts(ports map[uint16]int8, port uint16) bool {
|
||||
_, ok := ports[port]
|
||||
if ok {
|
||||
return true
|
||||
} else {
|
||||
return false
|
||||
}
|
||||
}
|
||||
|
||||
func GroupAuthLogin(name, pwd string, authData map[string]interface{}) error {
|
||||
g := &Group{Auth: authData}
|
||||
authType := g.Auth["type"].(string)
|
||||
|
||||
@@ -27,7 +27,7 @@ func SetPolicy(p *Policy) error {
|
||||
routeInclude := []ValData{}
|
||||
for _, v := range p.RouteInclude {
|
||||
if v.Val != "" {
|
||||
if v.Val == All {
|
||||
if v.Val == ALL {
|
||||
routeInclude = append(routeInclude, v)
|
||||
continue
|
||||
}
|
||||
|
||||
@@ -29,6 +29,7 @@ type SettingAuditLog struct {
|
||||
type SettingOther struct {
|
||||
LinkAddr string `json:"link_addr"`
|
||||
Banner string `json:"banner"`
|
||||
Homecode int `json:"homecode"`
|
||||
Homeindex string `json:"homeindex"`
|
||||
AccountMail string `json:"account_mail"`
|
||||
}
|
||||
|
||||
@@ -11,6 +11,7 @@ type Group struct {
|
||||
Note string `json:"note" xorm:"varchar(255)"`
|
||||
AllowLan bool `json:"allow_lan" xorm:"Bool"`
|
||||
ClientDns []ValData `json:"client_dns" xorm:"Text"`
|
||||
SplitDns []ValData `json:"split_dns" xorm:"Text"`
|
||||
RouteInclude []ValData `json:"route_include" xorm:"Text"`
|
||||
RouteExclude []ValData `json:"route_exclude" xorm:"Text"`
|
||||
DsExcludeDomains string `json:"ds_exclude_domains" xorm:"Text"`
|
||||
@@ -45,7 +46,7 @@ type UserActLog struct {
|
||||
Username string `json:"username" xorm:"varchar(60)"`
|
||||
GroupName string `json:"group_name" xorm:"varchar(60)"`
|
||||
IpAddr string `json:"ip_addr" xorm:"varchar(32)"`
|
||||
RemoteAddr string `json:"remote_addr" xorm:"varchar(32)"`
|
||||
RemoteAddr string `json:"remote_addr" xorm:"varchar(42)"`
|
||||
Os uint8 `json:"os" xorm:"not null default 0 Int"`
|
||||
Client uint8 `json:"client" xorm:"not null default 0 Int"`
|
||||
Version string `json:"version" xorm:"varchar(15)"`
|
||||
@@ -66,12 +67,12 @@ type Setting struct {
|
||||
type AccessAudit struct {
|
||||
Id int `json:"id" xorm:"pk autoincr not null"`
|
||||
Username string `json:"username" xorm:"varchar(60) not null"`
|
||||
Protocol uint8 `json:"protocol" xorm:"not null"`
|
||||
Protocol uint8 `json:"protocol" xorm:"Int not null"`
|
||||
Src string `json:"src" xorm:"varchar(60) not null"`
|
||||
SrcPort uint16 `json:"src_port" xorm:"not null"`
|
||||
SrcPort uint16 `json:"src_port" xorm:"Int not null"`
|
||||
Dst string `json:"dst" xorm:"varchar(60) not null"`
|
||||
DstPort uint16 `json:"dst_port" xorm:"not null"`
|
||||
AccessProto uint8 `json:"access_proto" xorm:"default 0"` // 访问协议
|
||||
DstPort uint16 `json:"dst_port" xorm:"Int not null"`
|
||||
AccessProto uint8 `json:"access_proto" xorm:"Int default 0"` // 访问协议
|
||||
Info string `json:"info" xorm:"varchar(255) not null default ''"` // 详情
|
||||
CreatedAt time.Time `json:"created_at" xorm:"DateTime"`
|
||||
}
|
||||
|
||||
@@ -1,6 +1,7 @@
|
||||
package dbdata
|
||||
|
||||
import (
|
||||
"net"
|
||||
"net/url"
|
||||
"regexp"
|
||||
"strings"
|
||||
@@ -78,7 +79,8 @@ func (ua *UserActLogProcess) Add(u UserActLog, userAgent string) {
|
||||
u.Os = os_idx
|
||||
u.Client = client_idx
|
||||
u.Version = ver
|
||||
u.RemoteAddr = strings.Split(u.RemoteAddr, ":")[0]
|
||||
// u.RemoteAddr = strings.Split(u.RemoteAddr, ":")[0]
|
||||
u.RemoteAddr, _, _ = net.SplitHostPort(u.RemoteAddr)
|
||||
// remove extra characters
|
||||
infoSlice := strings.Split(u.Info, " ")
|
||||
infoLen := len(infoSlice)
|
||||
|
||||
@@ -5,6 +5,7 @@ import (
|
||||
"encoding/json"
|
||||
"errors"
|
||||
"fmt"
|
||||
"net"
|
||||
"reflect"
|
||||
"time"
|
||||
|
||||
@@ -15,6 +16,7 @@ import (
|
||||
type AuthRadius struct {
|
||||
Addr string `json:"addr"`
|
||||
Secret string `json:"secret"`
|
||||
Nasip string `json:"nasip"`
|
||||
}
|
||||
|
||||
func init() {
|
||||
@@ -57,8 +59,22 @@ func (auth AuthRadius) checkUser(name, pwd string, g *Group) error {
|
||||
}
|
||||
// radius认证时,设置超时3秒
|
||||
packet := radius.New(radius.CodeAccessRequest, []byte(auth.Secret))
|
||||
rfc2865.UserName_SetString(packet, name)
|
||||
rfc2865.UserPassword_SetString(packet, pwd)
|
||||
err = rfc2865.UserName_SetString(packet, name)
|
||||
if err != nil {
|
||||
return fmt.Errorf("%s %s", name, "Radius set name 出现错误")
|
||||
}
|
||||
err = rfc2865.UserPassword_SetString(packet, pwd)
|
||||
if err != nil {
|
||||
return fmt.Errorf("%s %s", name, "Radius set pwd 出现错误")
|
||||
}
|
||||
if auth.Nasip != "" {
|
||||
nasip := net.ParseIP(auth.Nasip)
|
||||
err = rfc2865.NASIPAddress_Set(packet, nasip)
|
||||
if err != nil {
|
||||
return fmt.Errorf("%s %s", name, "Radius set nasip 出现错误")
|
||||
}
|
||||
}
|
||||
|
||||
ctx, done := context.WithTimeout(context.Background(), 3*time.Second)
|
||||
defer done()
|
||||
response, err := radius.Exchange(ctx, packet, auth.Addr)
|
||||
|
||||
@@ -1,6 +1,6 @@
|
||||
module github.com/bjdgyc/anylink
|
||||
|
||||
go 1.20
|
||||
go 1.22
|
||||
|
||||
require (
|
||||
github.com/arl/statsviz v0.6.0
|
||||
@@ -33,9 +33,9 @@ require (
|
||||
github.com/xhit/go-simple-mail/v2 v2.16.0
|
||||
github.com/xlzd/gotp v0.1.0
|
||||
github.com/xuri/excelize/v2 v2.8.1
|
||||
golang.org/x/crypto v0.21.0
|
||||
golang.org/x/net v0.22.0
|
||||
golang.org/x/text v0.14.0
|
||||
golang.org/x/crypto v0.26.0
|
||||
golang.org/x/net v0.25.0
|
||||
golang.org/x/text v0.17.0
|
||||
golang.org/x/time v0.5.0
|
||||
layeh.com/radius v0.0.0-20231213012653-1006025d24f8
|
||||
xorm.io/xorm v1.3.8
|
||||
@@ -68,8 +68,9 @@ require (
|
||||
go.uber.org/atomic v1.11.0 // indirect
|
||||
go.uber.org/multierr v1.11.0 // indirect
|
||||
golang.org/x/exp v0.0.0-20240222234643-814bf88cf225 // indirect
|
||||
golang.org/x/mod v0.16.0 // indirect
|
||||
golang.org/x/tools v0.19.0 // indirect
|
||||
golang.org/x/mod v0.17.0 // indirect
|
||||
golang.org/x/sync v0.8.0 // indirect
|
||||
golang.org/x/tools v0.21.1-0.20240508182429-e35e4ccd0d2d // indirect
|
||||
)
|
||||
|
||||
require (
|
||||
@@ -100,7 +101,7 @@ require (
|
||||
github.com/tklauser/numcpus v0.7.0 // indirect
|
||||
github.com/xuri/efp v0.0.0-20231025114914-d1ff6096ae53 // indirect
|
||||
github.com/xuri/nfp v0.0.0-20230919160717-d98342af3f05 // indirect
|
||||
golang.org/x/sys v0.18.0 // indirect
|
||||
golang.org/x/sys v0.23.0 // indirect
|
||||
gopkg.in/asn1-ber.v1 v1.0.0-20181015200546-f715ec2f112d // indirect
|
||||
gopkg.in/ini.v1 v1.67.0 // indirect
|
||||
gopkg.in/yaml.v3 v3.0.1 // indirect
|
||||
|
||||
@@ -25,11 +25,14 @@ github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc/go.mod h1:J7Y8Yc
|
||||
github.com/deckarep/golang-set v1.8.0 h1:sk9/l/KqpunDwP7pSjUg0keiOOLEnOBHzykLrsPppp4=
|
||||
github.com/deckarep/golang-set v1.8.0/go.mod h1:5nI87KwE7wgsBU1F4GKAw2Qod7p5kyS383rP6+o6qqo=
|
||||
github.com/dustin/go-humanize v1.0.0 h1:VSnTsYCnlFHaM2/igO1h6X3HA71jcobQuxemgkq4zYo=
|
||||
github.com/dustin/go-humanize v1.0.0/go.mod h1:HtrtbFcZ19U5GC7JDqmcUSB87Iq5E25KnS6fMYU6eOk=
|
||||
github.com/fatih/color v1.14.1 h1:qfhVLaG5s+nCROl1zJsZRxFeYrHLqWroPOQ8BWiNb4w=
|
||||
github.com/fatih/color v1.14.1/go.mod h1:2oHN61fhTpgcxD3TSWCgKDiH1+x4OiDVVGH8WlgGZGg=
|
||||
github.com/felixge/httpsnoop v1.0.4 h1:NFTV2Zj1bL4mc9sqWACXbQFVBBg2W3GPvqp8/ESS2Wg=
|
||||
github.com/felixge/httpsnoop v1.0.4/go.mod h1:m8KPJKqk1gH5J9DgRY2ASl2lWCfGKXixSwevea8zH2U=
|
||||
github.com/fogleman/gg v1.2.1-0.20190220221249-0403632d5b90/go.mod h1:R/bRT+9gY/C5z7JzPU0zXsXHKM4/ayA+zqcVNZzPa1k=
|
||||
github.com/frankban/quicktest v1.14.6 h1:7Xjx+VpznH+oBnejlPUj8oUpdxnVs4f8XU8WnHkI4W8=
|
||||
github.com/frankban/quicktest v1.14.6/go.mod h1:4ptaffx2x8+WTWXmUCuVU6aPUX1/Mz7zb5vbUoiM6w0=
|
||||
github.com/fsnotify/fsnotify v1.4.7/go.mod h1:jwhsz4b93w/PPRr/qN1Yymfu8t87LnFCMoQvtojpjFo=
|
||||
github.com/fsnotify/fsnotify v1.7.0 h1:8JEhPFa5W2WU7YfeZzPNqzMP6Lwt7L2715Ggo0nosvA=
|
||||
github.com/fsnotify/fsnotify v1.7.0/go.mod h1:40Bi/Hjc2AVfZrqy+aj+yEI+/bRxZnMJyTJwOpGvigM=
|
||||
@@ -63,8 +66,9 @@ github.com/golang/snappy v0.0.4 h1:yAGX7huGHXlcLOEtBnF4w7FQwA26wojNCwOYAEhLjQM=
|
||||
github.com/golang/snappy v0.0.4/go.mod h1:/XxbfmMg8lxefKM7IXC3fBNl/7bRcc72aCRzEWrmP2Q=
|
||||
github.com/google/go-cmp v0.5.2/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
|
||||
github.com/google/go-cmp v0.5.4/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
|
||||
github.com/google/go-cmp v0.5.9 h1:O2Tfq5qg4qc4AmwVlvv0oLiVAGB7enBSJ2x2DqQFi38=
|
||||
github.com/google/go-cmp v0.5.9/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY=
|
||||
github.com/google/go-cmp v0.6.0 h1:ofyhxvXcZhMsU5ulbFiLKl/XBFqE1GSq7atu8tAmTRI=
|
||||
github.com/google/go-cmp v0.6.0/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY=
|
||||
github.com/google/go-querystring v1.1.0 h1:AnCroh3fv4ZBgVIf1Iwtovgjaw/GiKJo8M8yD/fhyJ8=
|
||||
github.com/google/go-querystring v1.1.0/go.mod h1:Kcdr2DB4koayq7X8pmAG4sNG59So17icRSOU623lUBU=
|
||||
github.com/google/gofuzz v1.0.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg=
|
||||
@@ -83,6 +87,7 @@ github.com/hashicorp/go-cleanhttp v0.5.2 h1:035FKYIWjmULyFRBKPs8TBQoi0x6d9G4xc9n
|
||||
github.com/hashicorp/go-cleanhttp v0.5.2/go.mod h1:kO/YDlP8L1346E6Sodw+PrpBSV4/SoxCXGY6BqNFT48=
|
||||
github.com/hashicorp/go-hclog v0.9.2/go.mod h1:5CU+agLiy3J7N7QjHK5d05KxGsuXiQLrjA0H7acj2lQ=
|
||||
github.com/hashicorp/go-hclog v1.5.0 h1:bI2ocEMgcVlz55Oj1xZNBsVi900c7II+fWDyV9o+13c=
|
||||
github.com/hashicorp/go-hclog v1.5.0/go.mod h1:W4Qnvbt70Wk/zYJryRzDRU/4r0kIg0PVHBcfoyhpF5M=
|
||||
github.com/hashicorp/go-retryablehttp v0.7.5 h1:bJj+Pj19UZMIweq/iie+1u5YCdGrnxCT9yvm0e+Nd5M=
|
||||
github.com/hashicorp/go-retryablehttp v0.7.5/go.mod h1:Jy/gPYAdjqffZ/yFGCFV2doI5wjtH1ewM9u8iYVjtX8=
|
||||
github.com/hashicorp/hcl v1.0.0 h1:0Anlzjpi4vEasTeNFn2mLJgTSwt0+6sfsiTG8qcWGx4=
|
||||
@@ -103,10 +108,12 @@ github.com/json-iterator/go v1.1.12 h1:PV8peI4a0ysnczrg+LtxykD8LfKY9ML6u2jnxaEnr
|
||||
github.com/json-iterator/go v1.1.12/go.mod h1:e30LSqwooZae/UwlEbR2852Gd8hjQvJoHmT4TnhNGBo=
|
||||
github.com/jung-kurt/gofpdf v1.0.3-0.20190309125859-24315acbbda5/go.mod h1:7Id9E/uU8ce6rXgefFLlgrJj/GYY22cpxn+r32jIOes=
|
||||
github.com/kballard/go-shellquote v0.0.0-20180428030007-95032a82bc51 h1:Z9n2FFNUXsshfwJMBgNA0RU6/i7WVaAegv3PtuIHPMs=
|
||||
github.com/kballard/go-shellquote v0.0.0-20180428030007-95032a82bc51/go.mod h1:CzGEWj7cYgsdH8dAjBGEr58BoE7ScuLd+fwFZ44+/x8=
|
||||
github.com/kr/pretty v0.1.0/go.mod h1:dAy3ld7l9f0ibDNOQOHHMYYIIbhfbHSm3C4ZsoJORNo=
|
||||
github.com/kr/pretty v0.2.1/go.mod h1:ipq/a2n7PKx3OHsz4KJII5eveXtPO4qwEXGdVfWzfnI=
|
||||
github.com/kr/pretty v0.3.0/go.mod h1:640gp4NfQd8pI5XOwp5fnNeVWj67G7CFk/SaSQn7NBk=
|
||||
github.com/kr/pretty v0.3.1 h1:flRD4NNwYAUpkphVc1HcthR4KEIFJ65n8Mw5qdRn3LE=
|
||||
github.com/kr/pretty v0.3.1/go.mod h1:hoEshYVHaxMs3cyo3Yncou5ZscifuDolrwPKZanG3xk=
|
||||
github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ=
|
||||
github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI=
|
||||
github.com/kr/text v0.2.0 h1:5Nx0Ya0ZqY2ygV366QzturHI13Jq95ApcVaJBhpS+AY=
|
||||
@@ -118,7 +125,9 @@ github.com/lib/pq v1.10.9/go.mod h1:AlVN5x4E4T544tWzH6hKfbfQvm3HdbOxrmggDNAPY9o=
|
||||
github.com/magiconair/properties v1.8.7 h1:IeQXZAiQcpL9mgcAe1Nu6cX9LLw6ExEHKjN0VQdvPDY=
|
||||
github.com/magiconair/properties v1.8.7/go.mod h1:Dhd985XPs7jluiymwWYZ0G4Z61jb3vdS329zhj2hYo0=
|
||||
github.com/mattn/go-colorable v0.1.13 h1:fFA4WZxdEF4tXPZVKMLwD8oUnCTTo08duU7wxecdEvA=
|
||||
github.com/mattn/go-colorable v0.1.13/go.mod h1:7S9/ev0klgBDR4GtXTXX8a3vIGJpMovkB8vQcUbaXHg=
|
||||
github.com/mattn/go-isatty v0.0.20 h1:xfD0iDuEKnDkl03q4limB+vH+GxLEtL/jb4xVJSWWEY=
|
||||
github.com/mattn/go-isatty v0.0.20/go.mod h1:W+V8PltTTMOvKvAeJH7IuucS94S2C6jfK/D7dTCTo3Y=
|
||||
github.com/mattn/go-sqlite3 v1.14.22 h1:2gZY6PC6kBnID23Tichd1K+Z0oS6nE/XwU+Vz/5o4kU=
|
||||
github.com/mattn/go-sqlite3 v1.14.22/go.mod h1:Uh1q+B4BYcTPb+yiD3kU8Ct7aC0hY9fxUwlHK0RXw+Y=
|
||||
github.com/miekg/dns v1.1.58 h1:ca2Hdkz+cDg/7eNF6V56jjzuZ4aCAE+DbVkILdQWG/4=
|
||||
@@ -160,6 +169,7 @@ github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZN
|
||||
github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2 h1:Jamvg5psRIccs7FGNTlIRMkT8wgtp5eCXdBlqhYGL6U=
|
||||
github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
|
||||
github.com/remyoudompheng/bigfft v0.0.0-20200410134404-eec4a21b6bb0 h1:OdAsTTz6OkFY5QxjkYwrChwuRruF69c169dPK26NUlk=
|
||||
github.com/remyoudompheng/bigfft v0.0.0-20200410134404-eec4a21b6bb0/go.mod h1:qqbHyh8v60DhA7CoWK5oRCqLrMHRGoxYCSS9EjAz6Eo=
|
||||
github.com/richardlehane/mscfb v1.0.4 h1:WULscsljNPConisD5hR0+OyZjwK46Pfyr6mPu5ZawpM=
|
||||
github.com/richardlehane/mscfb v1.0.4/go.mod h1:YzVpcZg9czvAuhk9T+a3avCpcFPMUWm7gK3DypaEsUk=
|
||||
github.com/richardlehane/msoleps v1.0.1/go.mod h1:BWev5JBpU9Ko2WAgmZEuiz4/u3ZYTKbjLycmwiWUfWg=
|
||||
@@ -170,6 +180,7 @@ github.com/robfig/cron/v3 v3.0.1/go.mod h1:eQICP3HwyT7UooqI/z+Ov+PtYAWygg1TEWWzG
|
||||
github.com/rogpeppe/go-internal v1.6.1/go.mod h1:xXDCJY+GAPziupqXw64V24skbSoqbTEfhy4qGm1nDQc=
|
||||
github.com/rogpeppe/go-internal v1.8.1/go.mod h1:JeRgkft04UBgHMgCIwADu4Pn6Mtm5d4nPKWu0nJ5d+o=
|
||||
github.com/rogpeppe/go-internal v1.11.0 h1:cWPaGQEPrBb5/AsnsZesgZZ9yb1OQ+GOISoDNXVBh4M=
|
||||
github.com/rogpeppe/go-internal v1.11.0/go.mod h1:ddIwULY96R17DhadqLgMfk9H9tvdUzkipdSkR5nkCZA=
|
||||
github.com/russross/blackfriday/v2 v2.1.0/go.mod h1:+Rmxgy9KzJVeS9/2gXHxylqXiyQDYRxCVz55jmeOWTM=
|
||||
github.com/sagikazarmark/locafero v0.4.0 h1:HApY1R9zGo4DBgr7dqsTH/JJxLTTsOt7u6keLGt6kNQ=
|
||||
github.com/sagikazarmark/locafero v0.4.0/go.mod h1:Pe1W6UlPYUk/+wc/6KFhbORCfqzgYEpgQ3O5fPuL3H4=
|
||||
@@ -251,8 +262,8 @@ golang.org/x/crypto v0.12.0/go.mod h1:NF0Gs7EO5K4qLn+Ylc+fih8BSTeIjAP05siRnAh98y
|
||||
golang.org/x/crypto v0.13.0/go.mod h1:y6Z2r+Rw4iayiXXAIxJIDAJ1zMW4yaTpebo8fPOliYc=
|
||||
golang.org/x/crypto v0.18.0/go.mod h1:R0j02AL6hcrfOiy9T4ZYp/rcWeMxM3L6QYxlOuEG1mg=
|
||||
golang.org/x/crypto v0.19.0/go.mod h1:Iy9bg/ha4yyC70EfRS8jz+B6ybOBKMaSxLj6P6oBDfU=
|
||||
golang.org/x/crypto v0.21.0 h1:X31++rzVUdKhX5sWmSOFZxx8UW/ldWx55cbf08iNAMA=
|
||||
golang.org/x/crypto v0.21.0/go.mod h1:0BP7YvVV9gBbVKyeTG0Gyn+gZm94bibOW5BjDEYAOMs=
|
||||
golang.org/x/crypto v0.26.0 h1:RrRspgV4mU+YwB4FYnuBoKsUapNIL5cohGAmSH3azsw=
|
||||
golang.org/x/crypto v0.26.0/go.mod h1:GY7jblb9wI+FOo5y8/S2oY4zWP07AkOJ4+jxCqdqn54=
|
||||
golang.org/x/exp v0.0.0-20180321215751-8460e604b9de/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA=
|
||||
golang.org/x/exp v0.0.0-20180807140117-3d87b88a115f/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA=
|
||||
golang.org/x/exp v0.0.0-20190125153040-c74c464bbbf2/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA=
|
||||
@@ -264,14 +275,15 @@ golang.org/x/image v0.0.0-20180708004352-c73c2afc3b81/go.mod h1:ux5Hcp/YLpHSI86h
|
||||
golang.org/x/image v0.0.0-20190227222117-0694c2d4d067/go.mod h1:kZ7UVZpmo3dzQBMxlp+ypCbDeSB+sBbTgSJuh5dn5js=
|
||||
golang.org/x/image v0.0.0-20190802002840-cff245a6509b/go.mod h1:FeLwcggjj3mMvU+oOTbSwawSJRM1uh48EjtB4UJZlP0=
|
||||
golang.org/x/image v0.14.0 h1:tNgSxAFe3jC4uYqvZdTr84SZoM1KfwdC9SKIFrLjFn4=
|
||||
golang.org/x/image v0.14.0/go.mod h1:HUYqC05R2ZcZ3ejNQsIHQDQiwWM4JBqmm6MKANTp4LE=
|
||||
golang.org/x/lint v0.0.0-20200302205851-738671d3881b/go.mod h1:3xt1FjdF8hUf6vQPIChWIBhFzV8gjjsPE/fR3IyQdNY=
|
||||
golang.org/x/mobile v0.0.0-20190719004257-d2bd2a29d028/go.mod h1:E/iHnbuqvinMTCcRqshq8CkpyQDoeVncDDYHnLhea+o=
|
||||
golang.org/x/mod v0.1.0/go.mod h1:0QHyrYULN0/3qlju5TqG8bIK38QM8yzMo5ekMj3DlcY=
|
||||
golang.org/x/mod v0.1.1-0.20191105210325-c90efee705ee/go.mod h1:QqPTAvyqsEbceGzBzNggFXnrqF1CaUcvgkdR5Ot7KZg=
|
||||
golang.org/x/mod v0.6.0-dev.0.20220419223038-86c51ed26bb4/go.mod h1:jJ57K6gSWd91VN4djpZkiMVwK6gcyfeH4XE8wZrZaV4=
|
||||
golang.org/x/mod v0.8.0/go.mod h1:iBbtSCu2XBx23ZKBPSOrRkjjQPZFPuis4dIYUhu/chs=
|
||||
golang.org/x/mod v0.16.0 h1:QX4fJ0Rr5cPQCF7O9lh9Se4pmwfwskqZfq5moyldzic=
|
||||
golang.org/x/mod v0.16.0/go.mod h1:hTbmBsO62+eylJbnUtE2MGJUyE7QWk4xUqPFrRgJ+7c=
|
||||
golang.org/x/mod v0.17.0 h1:zY54UmvipHiNd+pm+m0x9KhZ9hl1/7QNMyxXbc6ICqA=
|
||||
golang.org/x/mod v0.17.0/go.mod h1:hTbmBsO62+eylJbnUtE2MGJUyE7QWk4xUqPFrRgJ+7c=
|
||||
golang.org/x/net v0.0.0-20180906233101-161cd47e91fd/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
|
||||
golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg=
|
||||
golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
|
||||
@@ -281,13 +293,14 @@ golang.org/x/net v0.6.0/go.mod h1:2Tu9+aMcznHK/AK1HMvgo6xiTLG5rD5rZLDS+rp2Bjs=
|
||||
golang.org/x/net v0.10.0/go.mod h1:0qNGK6F8kojg2nk9dLZ2mShWaEBan6FAoqfSigmmuDg=
|
||||
golang.org/x/net v0.14.0/go.mod h1:PpSgVXXLK0OxS0F31C1/tv6XNguvCrnXIDrFMspZIUI=
|
||||
golang.org/x/net v0.20.0/go.mod h1:z8BVo6PvndSri0LbOE3hAn0apkU+1YvI6E70E9jsnvY=
|
||||
golang.org/x/net v0.22.0 h1:9sGLhx7iRIHEiX0oAJ3MRZMUCElJgy7Br1nO+AMN3Tc=
|
||||
golang.org/x/net v0.22.0/go.mod h1:JKghWKKOSdJwpW2GEx0Ja7fmaKnMsbu+MWVZTokSYmg=
|
||||
golang.org/x/net v0.25.0 h1:d/OCCoBEUq33pjydKrGQhw7IlUPI2Oylr+8qLx49kac=
|
||||
golang.org/x/net v0.25.0/go.mod h1:JkAGAh7GEvH74S6FOH42FLoXpXbE/aqXSrIQjXgsiwM=
|
||||
golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
|
||||
golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
|
||||
golang.org/x/sync v0.0.0-20220722155255-886fb9371eb4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
|
||||
golang.org/x/sync v0.1.0/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
|
||||
golang.org/x/sync v0.6.0 h1:5BMeUDZ7vkXGfEr1x9B4bRcTH4lpkTkpdh0T/J+qjbQ=
|
||||
golang.org/x/sync v0.8.0 h1:3NFvSEYkUoMifnESzZl15y791HH1qU2xm6eCJU5ZPXQ=
|
||||
golang.org/x/sync v0.8.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk=
|
||||
golang.org/x/sys v0.0.0-20180909124046-d0be0721c37e/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
|
||||
golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
|
||||
golang.org/x/sys v0.0.0-20190312061237-fead79001313/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
|
||||
@@ -304,8 +317,8 @@ golang.org/x/sys v0.11.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
|
||||
golang.org/x/sys v0.12.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
|
||||
golang.org/x/sys v0.16.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
|
||||
golang.org/x/sys v0.17.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
|
||||
golang.org/x/sys v0.18.0 h1:DBdB3niSjOA/O0blCZBqDefyWNYveAYMNF1Wum0DYQ4=
|
||||
golang.org/x/sys v0.18.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
|
||||
golang.org/x/sys v0.23.0 h1:YfKFowiIMvtgl1UERQoTPPToxltDeZfbj4H7dVUCwmM=
|
||||
golang.org/x/sys v0.23.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
|
||||
golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo=
|
||||
golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8=
|
||||
golang.org/x/term v0.5.0/go.mod h1:jMB1sMXY+tzblOD4FWmEbocvup2/aLOaQEp7JmGp78k=
|
||||
@@ -321,8 +334,9 @@ golang.org/x/text v0.7.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8=
|
||||
golang.org/x/text v0.9.0/go.mod h1:e1OnstbJyHTd6l/uOt8jFFHp6TRDWZR/bV3emEE/zU8=
|
||||
golang.org/x/text v0.12.0/go.mod h1:TvPlkZtksWOMsz7fbANvkp4WM8x/WCo/om8BMLbz+aE=
|
||||
golang.org/x/text v0.13.0/go.mod h1:TvPlkZtksWOMsz7fbANvkp4WM8x/WCo/om8BMLbz+aE=
|
||||
golang.org/x/text v0.14.0 h1:ScX5w1eTa3QqT8oi6+ziP7dTV1S2+ALU0bI+0zXKWiQ=
|
||||
golang.org/x/text v0.14.0/go.mod h1:18ZOQIKpY8NJVqYksKHtTdi31H5itFRjB5/qKTNYzSU=
|
||||
golang.org/x/text v0.17.0 h1:XtiM5bkSOt+ewxlOE/aE/AKEHibwj/6gvWMl9Rsh0Qc=
|
||||
golang.org/x/text v0.17.0/go.mod h1:BuEKDfySbSR4drPmRPG/7iBdf8hvFMuRexcpahXilzY=
|
||||
golang.org/x/time v0.5.0 h1:o7cqy6amK/52YcAKIPlM3a+Fpj35zvRj2TP+e1xFSfk=
|
||||
golang.org/x/time v0.5.0/go.mod h1:3BpzKBy/shNhVucY/MWOyx10tF3SFh9QdLuxbVysPQM=
|
||||
golang.org/x/tools v0.0.0-20180525024113-a5b4c53f6e8b/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
|
||||
@@ -333,8 +347,8 @@ golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtn
|
||||
golang.org/x/tools v0.0.0-20200130002326-2f3ba24bd6e7/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28=
|
||||
golang.org/x/tools v0.1.12/go.mod h1:hNGJHUnrk76NpqgfD5Aqm5Crs+Hm0VOH/i9J2+nxYbc=
|
||||
golang.org/x/tools v0.6.0/go.mod h1:Xwgl3UAJ/d3gWutnCtw505GrjyAbvKui8lOU390QaIU=
|
||||
golang.org/x/tools v0.19.0 h1:tfGCXNR1OsFG+sVdLAitlpjAvD/I6dHDKnYrpEZUHkw=
|
||||
golang.org/x/tools v0.19.0/go.mod h1:qoJWxmGSIBmAeriMx19ogtrEPrGtDbPK634QFIcLAhc=
|
||||
golang.org/x/tools v0.21.1-0.20240508182429-e35e4ccd0d2d h1:vU5i/LfpvrRCpgM/VPfJLg5KjxD3E+hfT1SH+d9zLwg=
|
||||
golang.org/x/tools v0.21.1-0.20240508182429-e35e4ccd0d2d/go.mod h1:aiJjzUbINMkxbQROHiO6hDPo2LHcIPhhQsa9DLh0yGk=
|
||||
golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
|
||||
golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
|
||||
golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
|
||||
@@ -361,6 +375,7 @@ gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7/go.mod h1:dt/ZhP58zS4L8KSrWD
|
||||
gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
|
||||
gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
|
||||
gopkg.in/yaml.v2 v2.4.0 h1:D8xgwECY7CYvx+Y2n4sBz93Jn9JRvxdiyyo8CTfuKaY=
|
||||
gopkg.in/yaml.v2 v2.4.0/go.mod h1:RDklbk79AGWmwhnvt/jBztapEOGDOx6ZbXqjP6csGnQ=
|
||||
gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
|
||||
gopkg.in/yaml.v3 v3.0.0/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
|
||||
gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA=
|
||||
@@ -368,15 +383,25 @@ gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
|
||||
layeh.com/radius v0.0.0-20231213012653-1006025d24f8 h1:orYXpi6BJZdvgytfHH4ybOe4wHnLbbS71Cmd8mWdZjs=
|
||||
layeh.com/radius v0.0.0-20231213012653-1006025d24f8/go.mod h1:QRf+8aRqXc019kHkpcs/CTgyWXFzf+bxlsyuo2nAl1o=
|
||||
lukechampine.com/uint128 v1.2.0 h1:mBi/5l91vocEN8otkC5bDLhi2KdCticRiwbdB0O+rjI=
|
||||
lukechampine.com/uint128 v1.2.0/go.mod h1:c4eWIwlEGaxC/+H1VguhU4PHXNWDCDMUlWdIWl2j1gk=
|
||||
modernc.org/cc/v3 v3.40.0 h1:P3g79IUS/93SYhtoeaHW+kRCIrYaxJ27MFPv+7kaTOw=
|
||||
modernc.org/cc/v3 v3.40.0/go.mod h1:/bTg4dnWkSXowUO6ssQKnOV0yMVxDYNIsIrzqTFDGH0=
|
||||
modernc.org/ccgo/v3 v3.16.13 h1:Mkgdzl46i5F/CNR/Kj80Ri59hC8TKAhZrYSaqvkwzUw=
|
||||
modernc.org/ccgo/v3 v3.16.13/go.mod h1:2Quk+5YgpImhPjv2Qsob1DnZ/4som1lJTodubIcoUkY=
|
||||
modernc.org/libc v1.22.2 h1:4U7v51GyhlWqQmwCHj28Rdq2Yzwk55ovjFrdPjs8Hb0=
|
||||
modernc.org/libc v1.22.2/go.mod h1:uvQavJ1pZ0hIoC/jfqNoMLURIMhKzINIWypNM17puug=
|
||||
modernc.org/mathutil v1.5.0 h1:rV0Ko/6SfM+8G+yKiyI830l3Wuz1zRutdslNoQ0kfiQ=
|
||||
modernc.org/mathutil v1.5.0/go.mod h1:mZW8CKdRPY1v87qxC/wUdX5O1qDzXMP5TH3wjfpga6E=
|
||||
modernc.org/memory v1.4.0 h1:crykUfNSnMAXaOJnnxcSzbUGMqkLWjklJKkBK2nwZwk=
|
||||
modernc.org/memory v1.4.0/go.mod h1:PkUhL0Mugw21sHPeskwZW4D6VscE/GQJOnIpCnW6pSU=
|
||||
modernc.org/opt v0.1.3 h1:3XOZf2yznlhC+ibLltsDGzABUGVx8J6pnFMS3E4dcq4=
|
||||
modernc.org/opt v0.1.3/go.mod h1:WdSiB5evDcignE70guQKxYUl14mgWtbClRi5wmkkTX0=
|
||||
modernc.org/sqlite v1.20.4 h1:J8+m2trkN+KKoE7jglyHYYYiaq5xmz2HoHJIiBlRzbE=
|
||||
modernc.org/sqlite v1.20.4/go.mod h1:zKcGyrICaxNTMEHSr1HQ2GUraP0j+845GYw37+EyT6A=
|
||||
modernc.org/strutil v1.1.3 h1:fNMm+oJklMGYfU9Ylcywl0CO5O6nTfaowNsh2wpPjzY=
|
||||
modernc.org/strutil v1.1.3/go.mod h1:MEHNA7PdEnEwLvspRMtWTNnp2nnyvMfkimT1NKNAGbw=
|
||||
modernc.org/token v1.0.1 h1:A3qvTqOwexpfZZeyI0FeGPDlSWX5pjZu9hF4lU+EKWg=
|
||||
modernc.org/token v1.0.1/go.mod h1:UGzOrNV1mAFSEB63lOFHIpNRUVMvYTc6yu1SMY/XTDM=
|
||||
rsc.io/pdf v0.1.1/go.mod h1:n8OzWcQ6Sp37PL01nO98y4iUCRdTGarVfzxY20ICaU4=
|
||||
xorm.io/builder v0.3.13 h1:a3jmiVVL19psGeXx8GIurTp7p0IIgqeDmwhcR6BAOAo=
|
||||
xorm.io/builder v0.3.13/go.mod h1:aUW0S9eb9VCaPohFCH3j7czOx1PMW3i1HrSzbLYGBSE=
|
||||
|
||||
@@ -17,7 +17,10 @@ import (
|
||||
"github.com/bjdgyc/anylink/sessdata"
|
||||
)
|
||||
|
||||
var profileHash = ""
|
||||
var (
|
||||
profileHash = ""
|
||||
certHash = ""
|
||||
)
|
||||
|
||||
func LinkAuth(w http.ResponseWriter, r *http.Request) {
|
||||
// TODO 调试信息输出
|
||||
@@ -85,7 +88,7 @@ func LinkAuth(w http.ResponseWriter, r *http.Request) {
|
||||
// TODO 用户密码校验
|
||||
err = dbdata.CheckUser(cr.Auth.Username, cr.Auth.Password, cr.GroupSelect)
|
||||
if err != nil {
|
||||
base.Warn(err)
|
||||
base.Warn(err, r.RemoteAddr)
|
||||
ua.Info = err.Error()
|
||||
ua.Status = dbdata.UserAuthFail
|
||||
dbdata.UserActLogIns.Add(ua, userAgent)
|
||||
@@ -138,7 +141,7 @@ func LinkAuth(w http.ResponseWriter, r *http.Request) {
|
||||
other := &dbdata.SettingOther{}
|
||||
_ = dbdata.SettingGet(other)
|
||||
rd := RequestData{SessionId: sess.Sid, SessionToken: sess.Sid + "@" + sess.Token,
|
||||
Banner: other.Banner, ProfileName: base.Cfg.ProfileName, ProfileHash: profileHash}
|
||||
Banner: other.Banner, ProfileName: base.Cfg.ProfileName, ProfileHash: profileHash, CertHash: certHash}
|
||||
w.WriteHeader(http.StatusOK)
|
||||
tplRequest(tpl_complete, w, rd)
|
||||
base.Info("login", cr.Auth.Username, userAgent)
|
||||
@@ -178,6 +181,7 @@ type RequestData struct {
|
||||
Banner string
|
||||
ProfileName string
|
||||
ProfileHash string
|
||||
CertHash string
|
||||
}
|
||||
|
||||
var auth_request = `<?xml version="1.0" encoding="UTF-8"?>
|
||||
@@ -223,7 +227,7 @@ var auth_complete = `<?xml version="1.0" encoding="UTF-8"?>
|
||||
</capabilities>
|
||||
<config client="vpn" type="private">
|
||||
<vpn-base-config>
|
||||
<server-cert-hash>240B97A685B2BFA66AD699B90AAC49EA66495D69</server-cert-hash>
|
||||
<server-cert-hash>{{.CertHash}}</server-cert-hash>
|
||||
</vpn-base-config>
|
||||
<opaque is-for="vpn-client"></opaque>
|
||||
<vpn-profile-manifest>
|
||||
|
||||
@@ -27,10 +27,16 @@ func LinkHome(w http.ResponseWriter, r *http.Request) {
|
||||
if err := dbdata.SettingGet(index); err != nil {
|
||||
return
|
||||
}
|
||||
w.WriteHeader(http.StatusOK)
|
||||
if index.Homeindex == "" {
|
||||
index.Homeindex = "AnyLink 是一个企业级远程办公 SSL VPN 软件,可以支持多人同时在线使用。"
|
||||
|
||||
if index.Homecode != http.StatusOK {
|
||||
w.WriteHeader(index.Homecode)
|
||||
return
|
||||
}
|
||||
w.WriteHeader(http.StatusOK)
|
||||
|
||||
// if index.Homeindex == "" {
|
||||
// index.Homeindex = "AnyLink 是一个企业级远程办公 SSL VPN 软件,可以支持多人同时在线使用。"
|
||||
// }
|
||||
fmt.Fprintln(w, index.Homeindex)
|
||||
}
|
||||
|
||||
|
||||
@@ -51,6 +51,9 @@ func checkTun() {
|
||||
// 添加注释
|
||||
natRule := []string{"-s", base.Cfg.Ipv4CIDR, "-o", base.Cfg.Ipv4Master, "-m", "comment",
|
||||
"--comment", "AnyLink", "-j", "MASQUERADE"}
|
||||
if base.InContainer {
|
||||
natRule = []string{"-s", base.Cfg.Ipv4CIDR, "-o", base.Cfg.Ipv4Master, "-j", "MASQUERADE"}
|
||||
}
|
||||
err = ipt.InsertUnique("nat", "POSTROUTING", 1, natRule...)
|
||||
if err != nil {
|
||||
base.Error(err)
|
||||
@@ -58,6 +61,9 @@ func checkTun() {
|
||||
|
||||
// 添加注释
|
||||
forwardRule := []string{"-m", "comment", "--comment", "AnyLink", "-j", "ACCEPT"}
|
||||
if base.InContainer {
|
||||
forwardRule = []string{"-j", "ACCEPT"}
|
||||
}
|
||||
err = ipt.InsertUnique("filter", "FORWARD", 1, forwardRule...)
|
||||
if err != nil {
|
||||
base.Error(err)
|
||||
|
||||
@@ -86,7 +86,7 @@ func LinkTunnel(w http.ResponseWriter, r *http.Request) {
|
||||
}
|
||||
cSess.CstpDpd = cstpDpd
|
||||
|
||||
dtlsPort := "4433"
|
||||
dtlsPort := "443"
|
||||
if strings.Contains(base.Cfg.ServerDTLSAddr, ":") {
|
||||
ss := strings.Split(base.Cfg.ServerDTLSAddr, ":")
|
||||
dtlsPort = ss[1]
|
||||
@@ -131,9 +131,14 @@ func LinkTunnel(w http.ResponseWriter, r *http.Request) {
|
||||
for _, v := range cSess.Group.ClientDns {
|
||||
HttpAddHeader(w, "X-CSTP-DNS", v.Val)
|
||||
}
|
||||
// 分割dns
|
||||
for _, v := range cSess.Group.SplitDns {
|
||||
HttpAddHeader(w, "X-CSTP-Split-DNS", v.Val)
|
||||
}
|
||||
|
||||
// 允许的路由
|
||||
for _, v := range cSess.Group.RouteInclude {
|
||||
if strings.ToLower(v.Val) == dbdata.All {
|
||||
if strings.ToLower(v.Val) == dbdata.ALL {
|
||||
continue
|
||||
}
|
||||
HttpAddHeader(w, "X-CSTP-Split-Include", v.IpMask)
|
||||
@@ -156,9 +161,9 @@ func LinkTunnel(w http.ResponseWriter, r *http.Request) {
|
||||
HttpSetHeader(w, "X-CSTP-Keep", "true")
|
||||
HttpSetHeader(w, "X-CSTP-Tunnel-All-DNS", "false")
|
||||
|
||||
HttpSetHeader(w, "X-CSTP-Rekey-Time", "43200") // 172800
|
||||
HttpSetHeader(w, "X-CSTP-Rekey-Time", "86400") // 172800
|
||||
HttpSetHeader(w, "X-CSTP-Rekey-Method", "new-tunnel")
|
||||
HttpSetHeader(w, "X-DTLS-Rekey-Time", "43200")
|
||||
HttpSetHeader(w, "X-DTLS-Rekey-Time", "86400")
|
||||
HttpSetHeader(w, "X-DTLS-Rekey-Method", "new-tunnel")
|
||||
|
||||
HttpSetHeader(w, "X-CSTP-DPD", fmt.Sprintf("%d", cstpDpd))
|
||||
@@ -180,7 +185,7 @@ func LinkTunnel(w http.ResponseWriter, r *http.Request) {
|
||||
HttpSetHeader(w, "X-CSTP-Routing-Filtering-Ignore", "false")
|
||||
HttpSetHeader(w, "X-CSTP-Quarantine", "false")
|
||||
HttpSetHeader(w, "X-CSTP-Disable-Always-On-VPN", "false")
|
||||
HttpSetHeader(w, "X-CSTP-Client-Bypass-Protocol", "false")
|
||||
HttpSetHeader(w, "X-CSTP-Client-Bypass-Protocol", "true")
|
||||
HttpSetHeader(w, "X-CSTP-TCP-Keepalive", "false")
|
||||
// 设置域名拆分隧道(移动端不支持)
|
||||
if mobile != "mobile" {
|
||||
|
||||
@@ -86,14 +86,41 @@ func checkLinkAcl(group *dbdata.Group, pl *sessdata.Payload) bool {
|
||||
}
|
||||
|
||||
for _, v := range group.LinkAcl {
|
||||
// 循环判断ip和端口
|
||||
if v.IpNet.Contains(ipDst) {
|
||||
// 放行允许ip的ping
|
||||
if v.Port == ipPort || v.Port == 0 || ipProto == waterutil.ICMP {
|
||||
if v.Action == dbdata.Allow {
|
||||
return true
|
||||
} else {
|
||||
return false
|
||||
// 放行允许ip的ping
|
||||
// if v.Ports == nil || len(v.Ports) == 0 {
|
||||
// //单端口历史数据兼容
|
||||
// port := uint16(v.Port.(float64))
|
||||
// if port == ipPort || port == 0 || ipProto == waterutil.ICMP {
|
||||
// if v.Action == dbdata.Allow {
|
||||
// return true
|
||||
// } else {
|
||||
// return false
|
||||
// }
|
||||
// }
|
||||
// } else {
|
||||
|
||||
// 先判断协议
|
||||
// 兼容旧数据 v.Protocol == ""
|
||||
if v.Protocol == "" || v.Protocol == dbdata.ALL || v.IpProto == ipProto {
|
||||
// 循环判断ip和端口
|
||||
if v.IpNet.Contains(ipDst) {
|
||||
// icmp 不判断端口
|
||||
if ipProto == waterutil.ICMP {
|
||||
if v.Action == dbdata.Allow {
|
||||
return true
|
||||
} else {
|
||||
return false
|
||||
}
|
||||
}
|
||||
|
||||
if dbdata.ContainsInPorts(v.Ports, ipPort) || dbdata.ContainsInPorts(v.Ports, 0) {
|
||||
if v.Action == dbdata.Allow {
|
||||
// log.Println(dbdata.Allow, v.Ports)
|
||||
return true
|
||||
} else {
|
||||
// log.Println(dbdata.Deny, v.Ports)
|
||||
return false
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
@@ -1,13 +1,16 @@
|
||||
package handler
|
||||
|
||||
import (
|
||||
"crypto/sha1"
|
||||
"crypto/tls"
|
||||
"encoding/hex"
|
||||
"fmt"
|
||||
"io"
|
||||
"net"
|
||||
"net/http"
|
||||
"net/http/httputil"
|
||||
"os"
|
||||
"strings"
|
||||
"time"
|
||||
|
||||
"github.com/bjdgyc/anylink/base"
|
||||
@@ -36,6 +39,19 @@ func startTls() {
|
||||
// certs[0], err = tls.LoadX509KeyPair(certFile, keyFile)
|
||||
// }
|
||||
|
||||
tlscert, _, err := dbdata.ParseCert()
|
||||
if err != nil {
|
||||
base.Fatal("证书加载失败", err)
|
||||
}
|
||||
dbdata.LoadCertificate(tlscert)
|
||||
|
||||
// 计算证书hash值
|
||||
s1 := sha1.New()
|
||||
s1.Write(tlscert.Certificate[0])
|
||||
h2s := hex.EncodeToString(s1.Sum(nil))
|
||||
certHash = strings.ToUpper(h2s)
|
||||
base.Info("certHash", certHash)
|
||||
|
||||
// 修复 CVE-2016-2183
|
||||
// https://segmentfault.com/a/1190000038486901
|
||||
// nmap -sV --script ssl-enum-ciphers -p 443 www.example.com
|
||||
|
||||
@@ -17,6 +17,12 @@ func Start() {
|
||||
sessdata.Start()
|
||||
cron.Start()
|
||||
|
||||
// 开启服务器转发
|
||||
err := execCmd([]string{"sysctl -w net.ipv4.ip_forward=1"})
|
||||
if err != nil {
|
||||
base.Fatal(err)
|
||||
}
|
||||
|
||||
switch base.Cfg.LinkMode {
|
||||
case base.LinkModeTUN:
|
||||
checkTun()
|
||||
|
||||
@@ -15,7 +15,8 @@
|
||||
"qs": "^6.11.1",
|
||||
"vue": "^2.6.11",
|
||||
"vue-count-to": "^1.0.13",
|
||||
"vue-router": "^3.5.2"
|
||||
"vue-router": "^3.5.2",
|
||||
"vuedraggable": "^2.24.3"
|
||||
},
|
||||
"devDependencies": {
|
||||
"@vue/cli-plugin-babel": "~4.5.0",
|
||||
|
||||
@@ -49,10 +49,11 @@
|
||||
prop="bandwidth"
|
||||
label="带宽限制"
|
||||
width="90">
|
||||
<template slot-scope="scope">
|
||||
<el-row v-if="scope.row.bandwidth > 0">{{ convertBandwidth(scope.row.bandwidth, 'BYTE', 'Mbps') }} Mbps</el-row>
|
||||
<el-row v-else>不限</el-row>
|
||||
</template>
|
||||
<template slot-scope="scope">
|
||||
<el-row v-if="scope.row.bandwidth > 0">{{ convertBandwidth(scope.row.bandwidth, 'BYTE', 'Mbps') }} Mbps
|
||||
</el-row>
|
||||
<el-row v-else>不限</el-row>
|
||||
</template>
|
||||
</el-table-column>
|
||||
|
||||
<el-table-column
|
||||
@@ -69,12 +70,20 @@
|
||||
label="路由包含"
|
||||
width="180">
|
||||
<template slot-scope="scope">
|
||||
<el-row v-for="(item,inx) in scope.row.route_include.slice(0, readMinRows)" :key="inx">{{ item.val }}</el-row>
|
||||
<el-row v-for="(item,inx) in scope.row.route_include.slice(0, readMinRows)" :key="inx">{{
|
||||
item.val
|
||||
}}
|
||||
</el-row>
|
||||
<div v-if="scope.row.route_include.length > readMinRows">
|
||||
<div v-if="readMore[`ri_${ scope.row.id }`]">
|
||||
<el-row v-for="(item,inx) in scope.row.route_include.slice(readMinRows)" :key="inx">{{ item.val }}</el-row>
|
||||
<el-row v-for="(item,inx) in scope.row.route_include.slice(readMinRows)" :key="inx">{{
|
||||
item.val
|
||||
}}
|
||||
</el-row>
|
||||
</div>
|
||||
<el-button size="mini" type="text" @click="toggleMore(`ri_${ scope.row.id }`)">{{ readMore[`ri_${ scope.row.id }`] ? "▲ 收起" : "▼ 更多" }}</el-button>
|
||||
<el-button size="mini" type="text" @click="toggleMore(`ri_${ scope.row.id }`)">
|
||||
{{ readMore[`ri_${scope.row.id}`] ? "▲ 收起" : "▼ 更多" }}
|
||||
</el-button>
|
||||
</div>
|
||||
</template>
|
||||
</el-table-column>
|
||||
@@ -84,12 +93,20 @@
|
||||
label="路由排除"
|
||||
width="180">
|
||||
<template slot-scope="scope">
|
||||
<el-row v-for="(item,inx) in scope.row.route_exclude.slice(0, readMinRows)" :key="inx">{{ item.val }}</el-row>
|
||||
<el-row v-for="(item,inx) in scope.row.route_exclude.slice(0, readMinRows)" :key="inx">{{
|
||||
item.val
|
||||
}}
|
||||
</el-row>
|
||||
<div v-if="scope.row.route_exclude.length > readMinRows">
|
||||
<div v-if="readMore[`re_${ scope.row.id }`]">
|
||||
<el-row v-for="(item,inx) in scope.row.route_exclude.slice(readMinRows)" :key="inx">{{ item.val }}</el-row>
|
||||
<el-row v-for="(item,inx) in scope.row.route_exclude.slice(readMinRows)" :key="inx">{{
|
||||
item.val
|
||||
}}
|
||||
</el-row>
|
||||
</div>
|
||||
<el-button size="mini" type="text" @click="toggleMore(`re_${ scope.row.id }`)">{{ readMore[`re_${ scope.row.id }`] ? "▲ 收起" : "▼ 更多" }}</el-button>
|
||||
<el-button size="mini" type="text" @click="toggleMore(`re_${ scope.row.id }`)">
|
||||
{{ readMore[`re_${scope.row.id}`] ? "▲ 收起" : "▼ 更多" }}
|
||||
</el-button>
|
||||
</div>
|
||||
</template>
|
||||
</el-table-column>
|
||||
@@ -108,7 +125,9 @@
|
||||
{{ item.action }} => {{ item.val }} : {{ item.port }}
|
||||
</el-row>
|
||||
</div>
|
||||
<el-button size="mini" type="text" @click="toggleMore(`la_${ scope.row.id }`)">{{ readMore[`la_${ scope.row.id }`] ? "▲ 收起" : "▼ 更多" }}</el-button>
|
||||
<el-button size="mini" type="text" @click="toggleMore(`la_${ scope.row.id }`)">
|
||||
{{ readMore[`la_${scope.row.id}`] ? "▲ 收起" : "▼ 更多" }}
|
||||
</el-button>
|
||||
</div>
|
||||
</template>
|
||||
</el-table-column>
|
||||
@@ -172,223 +191,289 @@
|
||||
:close-on-click-modal="false"
|
||||
title="用户组"
|
||||
:visible.sync="user_edit_dialog"
|
||||
width="750px"
|
||||
width="850px"
|
||||
@close='closeDialog'
|
||||
center>
|
||||
|
||||
<el-form :model="ruleForm" :rules="rules" ref="ruleForm" label-width="100px" class="ruleForm">
|
||||
<el-tabs v-model="activeTab" :before-leave="beforeTabLeave">
|
||||
<el-tab-pane label="通用" name="general">
|
||||
<el-form-item label="用户组ID" prop="id">
|
||||
<el-input v-model="ruleForm.id" disabled></el-input>
|
||||
</el-form-item>
|
||||
|
||||
<el-form-item label="组名" prop="name">
|
||||
<el-input v-model="ruleForm.name" :disabled="ruleForm.id > 0"></el-input>
|
||||
</el-form-item>
|
||||
|
||||
<el-form-item label="备注" prop="note">
|
||||
<el-input v-model="ruleForm.note"></el-input>
|
||||
</el-form-item>
|
||||
|
||||
<el-form-item label="带宽限制" prop="bandwidth_format" style="width:260px;">
|
||||
<el-input v-model="ruleForm.bandwidth_format" oninput="value= value.match(/\d+(\.\d{0,2})?/) ? value.match(/\d+(\.\d{0,2})?/)[0] : ''">
|
||||
<template slot="append">Mbps</template>
|
||||
</el-input>
|
||||
</el-form-item>
|
||||
<el-form-item label="排除本地网络" prop="allow_lan">
|
||||
<el-switch
|
||||
v-model="ruleForm.allow_lan"
|
||||
active-text="开启后 用户本地所在网段将不通过anylink加密传输">
|
||||
</el-switch>
|
||||
</el-form-item>
|
||||
|
||||
<el-form-item label="客户端DNS" prop="client_dns">
|
||||
<el-row class="msg-info">
|
||||
<el-col :span="20">输入IP格式如: 192.168.0.10</el-col>
|
||||
<el-col :span="4">
|
||||
<el-button size="mini" type="success" icon="el-icon-plus" circle
|
||||
@click.prevent="addDomain(ruleForm.client_dns)"></el-button>
|
||||
</el-col>
|
||||
</el-row>
|
||||
<el-row v-for="(item,index) in ruleForm.client_dns"
|
||||
:key="index" style="margin-bottom: 5px" :gutter="10">
|
||||
<el-col :span="10">
|
||||
<el-input v-model="item.val"></el-input>
|
||||
</el-col>
|
||||
<el-col :span="12">
|
||||
<el-input v-model="item.note" placeholder="备注"></el-input>
|
||||
</el-col>
|
||||
<el-col :span="2">
|
||||
<el-button size="mini" type="danger" icon="el-icon-minus" circle
|
||||
@click.prevent="removeDomain(ruleForm.client_dns,index)"></el-button>
|
||||
</el-col>
|
||||
</el-row>
|
||||
</el-form-item>
|
||||
<el-form-item label="状态" prop="status">
|
||||
<el-radio-group v-model="ruleForm.status">
|
||||
<el-radio :label="1" border>启用</el-radio>
|
||||
<el-radio :label="0" border>停用</el-radio>
|
||||
</el-radio-group>
|
||||
</el-form-item>
|
||||
</el-tab-pane>
|
||||
|
||||
<el-tab-pane label="认证方式" name="authtype">
|
||||
<el-form-item label="认证" prop="authtype">
|
||||
<el-radio-group v-model="ruleForm.auth.type" @change="authTypeChange">
|
||||
<el-radio label="local" border>本地</el-radio>
|
||||
<el-radio label="radius" border>Radius</el-radio>
|
||||
<el-radio label="ldap" border>LDAP</el-radio>
|
||||
</el-radio-group>
|
||||
</el-form-item>
|
||||
<template v-if="ruleForm.auth.type == 'radius'">
|
||||
<el-form-item label="服务器地址" prop="auth.radius.addr" :rules="this.ruleForm.auth.type== 'radius' ? this.rules['auth.radius.addr'] : [{ required: false }]">
|
||||
<el-input v-model="ruleForm.auth.radius.addr" placeholder="例如 ip:1812"></el-input>
|
||||
</el-form-item>
|
||||
<el-form-item label="密钥" prop="auth.radius.secret" :rules="this.ruleForm.auth.type== 'radius' ? this.rules['auth.radius.secret'] : [{ required: false }]">
|
||||
<el-input v-model="ruleForm.auth.radius.secret" placeholder=""></el-input>
|
||||
</el-form-item>
|
||||
</template>
|
||||
|
||||
<template v-if="ruleForm.auth.type == 'ldap'">
|
||||
<el-form-item label="服务器地址" prop="auth.ldap.addr" :rules="this.ruleForm.auth.type== 'ldap' ? this.rules['auth.ldap.addr'] : [{ required: false }]">
|
||||
<el-input v-model="ruleForm.auth.ldap.addr" placeholder="例如 ip:389 / 域名:389"></el-input>
|
||||
</el-form-item>
|
||||
<el-form-item label="开启TLS" prop="auth.ldap.tls">
|
||||
<el-switch v-model="ruleForm.auth.ldap.tls"></el-switch>
|
||||
</el-form-item>
|
||||
<el-form-item label="管理员 DN" prop="auth.ldap.bind_name" :rules="this.ruleForm.auth.type== 'ldap' ? this.rules['auth.ldap.bind_name'] : [{ required: false }]">
|
||||
<el-input v-model="ruleForm.auth.ldap.bind_name" placeholder="例如 CN=bindadmin,DC=abc,DC=COM"></el-input>
|
||||
</el-form-item>
|
||||
<el-form-item label="管理员密码" prop="auth.ldap.bind_pwd" :rules="this.ruleForm.auth.type== 'ldap' ? this.rules['auth.ldap.bind_pwd'] : [{ required: false }]">
|
||||
<el-input type="password" v-model="ruleForm.auth.ldap.bind_pwd" placeholder=""></el-input>
|
||||
</el-form-item>
|
||||
<el-form-item label="Base DN" prop="auth.ldap.base_dn" :rules="this.ruleForm.auth.type== 'ldap' ? this.rules['auth.ldap.base_dn'] : [{ required: false }]">
|
||||
<el-input v-model="ruleForm.auth.ldap.base_dn" placeholder="例如 DC=abc,DC=com"></el-input>
|
||||
</el-form-item>
|
||||
<el-form-item label="用户对象类" prop="auth.ldap.object_class" :rules="this.ruleForm.auth.type== 'ldap' ? this.rules['auth.ldap.object_class'] : [{ required: false }]">
|
||||
<el-input v-model="ruleForm.auth.ldap.object_class" placeholder="例如 person / user / posixAccount"></el-input>
|
||||
</el-form-item>
|
||||
<el-form-item label="用户唯一ID" prop="auth.ldap.search_attr" :rules="this.ruleForm.auth.type== 'ldap' ? this.rules['auth.ldap.search_attr'] : [{ required: false }]">
|
||||
<el-input v-model="ruleForm.auth.ldap.search_attr" placeholder="例如 sAMAccountName / uid / cn"></el-input>
|
||||
</el-form-item>
|
||||
<el-form-item label="受限用户组" prop="auth.ldap.member_of">
|
||||
<el-input v-model="ruleForm.auth.ldap.member_of" placeholder="选填, 只允许指定组登入, 例如 CN=HomeWork,DC=abc,DC=com"></el-input>
|
||||
</el-form-item>
|
||||
</template>
|
||||
</el-tab-pane>
|
||||
|
||||
<el-tab-pane label="路由设置" name="route">
|
||||
<el-form-item label="包含路由" prop="route_include">
|
||||
<el-row class="msg-info">
|
||||
<el-col :span="18">输入CIDR格式如: 192.168.1.0/24</el-col>
|
||||
<el-col :span="2">
|
||||
<el-button size="mini" type="success" icon="el-icon-plus" circle
|
||||
@click.prevent="addDomain(ruleForm.route_include)"></el-button>
|
||||
</el-col>
|
||||
<el-col :span="4">
|
||||
<el-button size="mini" type="info" icon="el-icon-edit" circle
|
||||
@click.prevent="openIpListDialog('route_include')"></el-button>
|
||||
</el-col>
|
||||
</el-row>
|
||||
<templete v-if="activeTab == 'route'">
|
||||
<el-row v-for="(item,index) in ruleForm.route_include"
|
||||
:key="index" style="margin-bottom: 5px" :gutter="10">
|
||||
<el-col :span="10">
|
||||
<el-input v-model="item.val"></el-input>
|
||||
</el-col>
|
||||
<el-col :span="12">
|
||||
<el-input v-model="item.note" placeholder="备注"></el-input>
|
||||
</el-col>
|
||||
<el-col :span="2">
|
||||
<el-button size="mini" type="danger" icon="el-icon-minus" circle
|
||||
@click.prevent="removeDomain(ruleForm.route_include,index)"></el-button>
|
||||
</el-col>
|
||||
</el-row>
|
||||
</templete>
|
||||
</el-form-item>
|
||||
|
||||
<el-form-item label="排除路由" prop="route_exclude">
|
||||
<el-row class="msg-info">
|
||||
<el-col :span="18">输入CIDR格式如: 192.168.2.0/24</el-col>
|
||||
<el-col :span="2">
|
||||
<el-button size="mini" type="success" icon="el-icon-plus" circle
|
||||
@click.prevent="addDomain(ruleForm.route_exclude)"></el-button>
|
||||
</el-col>
|
||||
<el-col :span="4">
|
||||
<el-button size="mini" type="info" icon="el-icon-edit" circle
|
||||
@click.prevent="openIpListDialog('route_exclude')"></el-button>
|
||||
</el-col>
|
||||
</el-row>
|
||||
<templete v-if="activeTab == 'route'">
|
||||
<el-row v-for="(item,index) in ruleForm.route_exclude"
|
||||
:key="index" style="margin-bottom: 5px" :gutter="10">
|
||||
<el-col :span="10">
|
||||
<el-input v-model="item.val"></el-input>
|
||||
</el-col>
|
||||
<el-col :span="12">
|
||||
<el-input v-model="item.note" placeholder="备注"></el-input>
|
||||
</el-col>
|
||||
<el-col :span="2">
|
||||
<el-button size="mini" type="danger" icon="el-icon-minus" circle
|
||||
@click.prevent="removeDomain(ruleForm.route_exclude,index)"></el-button>
|
||||
</el-col>
|
||||
</el-row>
|
||||
</templete>
|
||||
</el-form-item>
|
||||
</el-tab-pane>
|
||||
<el-tab-pane label="权限控制" name="link_acl">
|
||||
<el-form-item label="权限控制" prop="link_acl">
|
||||
<el-row class="msg-info">
|
||||
<el-col :span="20">输入CIDR格式如: 192.168.3.0/24 端口0表示所有端口</el-col>
|
||||
<el-col :span="4">
|
||||
<el-button size="mini" type="success" icon="el-icon-plus" circle
|
||||
@click.prevent="addDomain(ruleForm.link_acl)"></el-button>
|
||||
</el-col>
|
||||
</el-row>
|
||||
|
||||
<el-row v-for="(item,index) in ruleForm.link_acl"
|
||||
:key="index" style="margin-bottom: 5px" :gutter="5">
|
||||
<el-col :span="11">
|
||||
<el-input placeholder="请输入CIDR地址" v-model="item.val">
|
||||
<el-select v-model="item.action" slot="prepend">
|
||||
<el-option label="允许" value="allow"></el-option>
|
||||
<el-option label="禁止" value="deny"></el-option>
|
||||
</el-select>
|
||||
</el-input>
|
||||
</el-col>
|
||||
<el-col :span="3">
|
||||
<el-input v-model.number="item.port" placeholder="端口"></el-input>
|
||||
</el-col>
|
||||
<el-col :span="8">
|
||||
<el-input v-model="item.note" placeholder="备注"></el-input>
|
||||
</el-col>
|
||||
<el-col :span="2">
|
||||
<el-button size="mini" type="danger" icon="el-icon-minus" circle
|
||||
@click.prevent="removeDomain(ruleForm.link_acl,index)"></el-button>
|
||||
</el-col>
|
||||
</el-row>
|
||||
</el-form-item>
|
||||
</el-tab-pane>
|
||||
|
||||
<el-tab-pane label="域名拆分隧道" name="ds_domains">
|
||||
<el-form-item label="包含域名" prop="ds_include_domains">
|
||||
<el-input type="textarea" :rows="5" v-model="ruleForm.ds_include_domains" placeholder="输入域名用,号分隔,默认匹配所有子域名, 如baidu.com,163.com"></el-input>
|
||||
</el-form-item>
|
||||
<el-form-item label="排除域名" prop="ds_exclude_domains">
|
||||
<el-input type="textarea" :rows="5" v-model="ruleForm.ds_exclude_domains" placeholder="输入域名用,号分隔,默认匹配所有子域名, 如baidu.com,163.com"></el-input>
|
||||
<div class="msg-info">注:域名拆分隧道,仅支持AnyConnect的桌面客户端,不支持移动端.</div>
|
||||
</el-form-item>
|
||||
</el-tab-pane>
|
||||
<el-form-item>
|
||||
<templete v-if="activeTab == 'authtype' && ruleForm.auth.type != 'local'">
|
||||
<el-button @click="openAuthLoginDialog()" style="margin-right:10px">测试登录</el-button>
|
||||
</templete>
|
||||
<el-button type="primary" @click="submitForm('ruleForm')">保存</el-button>
|
||||
<el-button @click="closeDialog">取消</el-button>
|
||||
<el-tab-pane label="通用" name="general">
|
||||
<el-form-item label="用户组ID" prop="id">
|
||||
<el-input v-model="ruleForm.id" disabled></el-input>
|
||||
</el-form-item>
|
||||
</el-tabs>
|
||||
</el-form>
|
||||
|
||||
<el-form-item label="组名" prop="name">
|
||||
<el-input v-model="ruleForm.name" :disabled="ruleForm.id > 0"></el-input>
|
||||
</el-form-item>
|
||||
|
||||
<el-form-item label="备注" prop="note">
|
||||
<el-input v-model="ruleForm.note"></el-input>
|
||||
</el-form-item>
|
||||
|
||||
<el-form-item label="带宽限制" prop="bandwidth_format" style="width:260px;">
|
||||
<el-input v-model="ruleForm.bandwidth_format"
|
||||
oninput="value= value.match(/\d+(\.\d{0,2})?/) ? value.match(/\d+(\.\d{0,2})?/)[0] : ''">
|
||||
<template slot="append">Mbps</template>
|
||||
</el-input>
|
||||
</el-form-item>
|
||||
<el-form-item label="排除本地网络" prop="allow_lan">
|
||||
<!-- active-text="开启后 用户本地所在网段将不通过anylink加密传输" -->
|
||||
<el-switch v-model="ruleForm.allow_lan"></el-switch>
|
||||
<div class="msg-info">
|
||||
注:本地网络 指的是:
|
||||
运行 anyconnect 客户端的PC 所在的的网络,即本地路由网段。
|
||||
开启后,PC本地路由网段的数据就不会走隧道链路转发数据了。
|
||||
同时 anyconnect 客户端需要勾选本地网络(Allow Local Lan)的开关,功能才能生效。
|
||||
</div>
|
||||
</el-form-item>
|
||||
|
||||
<el-form-item label="客户端DNS" prop="client_dns">
|
||||
<el-row class="msg-info">
|
||||
<el-col :span="20">输入IP格式如: 192.168.0.10</el-col>
|
||||
<el-col :span="4">
|
||||
<el-button size="mini" type="success" icon="el-icon-plus" circle
|
||||
@click.prevent="addDomain(ruleForm.client_dns)"></el-button>
|
||||
</el-col>
|
||||
</el-row>
|
||||
<el-row v-for="(item,index) in ruleForm.client_dns"
|
||||
:key="index" style="margin-bottom: 5px" :gutter="10">
|
||||
<el-col :span="10">
|
||||
<el-input v-model="item.val"></el-input>
|
||||
</el-col>
|
||||
<el-col :span="12">
|
||||
<el-input v-model="item.note" placeholder="备注"></el-input>
|
||||
</el-col>
|
||||
<el-col :span="2">
|
||||
<el-button size="mini" type="danger" icon="el-icon-minus" circle
|
||||
@click.prevent="removeDomain(ruleForm.client_dns,index)"></el-button>
|
||||
</el-col>
|
||||
</el-row>
|
||||
</el-form-item>
|
||||
|
||||
<el-form-item label="内网域名" prop="split_dns">
|
||||
<el-row class="msg-info">
|
||||
<el-col :span="20">(分割DNS)一般留空。如果输入域名,只有配置的域名(包含子域名)走配置的dns</el-col>
|
||||
<el-col :span="4">
|
||||
<el-button size="mini" type="success" icon="el-icon-plus" circle
|
||||
@click.prevent="addDomain(ruleForm.split_dns)"></el-button>
|
||||
</el-col>
|
||||
</el-row>
|
||||
<el-row v-for="(item,index) in ruleForm.split_dns"
|
||||
:key="index" style="margin-bottom: 5px" :gutter="10">
|
||||
<el-col :span="10">
|
||||
<el-input v-model="item.val"></el-input>
|
||||
</el-col>
|
||||
<el-col :span="12">
|
||||
<el-input v-model="item.note" placeholder="备注"></el-input>
|
||||
</el-col>
|
||||
<el-col :span="2">
|
||||
<el-button size="mini" type="danger" icon="el-icon-minus" circle
|
||||
@click.prevent="removeDomain(ruleForm.split_dns,index)"></el-button>
|
||||
</el-col>
|
||||
</el-row>
|
||||
</el-form-item>
|
||||
|
||||
<el-form-item label="状态" prop="status">
|
||||
<el-radio-group v-model="ruleForm.status">
|
||||
<el-radio :label="1" border>启用</el-radio>
|
||||
<el-radio :label="0" border>停用</el-radio>
|
||||
</el-radio-group>
|
||||
</el-form-item>
|
||||
</el-tab-pane>
|
||||
|
||||
<el-tab-pane label="认证方式" name="authtype">
|
||||
<el-form-item label="认证" prop="authtype">
|
||||
<el-radio-group v-model="ruleForm.auth.type" @change="authTypeChange">
|
||||
<el-radio label="local" border>本地</el-radio>
|
||||
<el-radio label="radius" border>Radius</el-radio>
|
||||
<el-radio label="ldap" border>LDAP</el-radio>
|
||||
</el-radio-group>
|
||||
</el-form-item>
|
||||
<template v-if="ruleForm.auth.type == 'radius'">
|
||||
<el-form-item label="服务器地址" prop="auth.radius.addr"
|
||||
:rules="this.ruleForm.auth.type== 'radius' ? this.rules['auth.radius.addr'] : [{ required: false }]">
|
||||
<el-input v-model="ruleForm.auth.radius.addr" placeholder="例如 ip:1812"></el-input>
|
||||
</el-form-item>
|
||||
<el-form-item label="密钥" prop="auth.radius.secret"
|
||||
:rules="this.ruleForm.auth.type== 'radius' ? this.rules['auth.radius.secret'] : [{ required: false }]">
|
||||
<el-input v-model="ruleForm.auth.radius.secret" placeholder=""></el-input>
|
||||
</el-form-item>
|
||||
<el-form-item label="Nasip" prop="auth.radius.nasip">
|
||||
<el-input v-model="ruleForm.auth.radius.nasip" placeholder=""></el-input>
|
||||
</el-form-item>
|
||||
</template>
|
||||
|
||||
<template v-if="ruleForm.auth.type == 'ldap'">
|
||||
<el-form-item label="服务器地址" prop="auth.ldap.addr"
|
||||
:rules="this.ruleForm.auth.type== 'ldap' ? this.rules['auth.ldap.addr'] : [{ required: false }]">
|
||||
<el-input v-model="ruleForm.auth.ldap.addr" placeholder="例如 ip:389 / 域名:389"></el-input>
|
||||
</el-form-item>
|
||||
<el-form-item label="开启TLS" prop="auth.ldap.tls">
|
||||
<el-switch v-model="ruleForm.auth.ldap.tls"></el-switch>
|
||||
</el-form-item>
|
||||
<el-form-item label="管理员 DN" prop="auth.ldap.bind_name"
|
||||
:rules="this.ruleForm.auth.type== 'ldap' ? this.rules['auth.ldap.bind_name'] : [{ required: false }]">
|
||||
<el-input v-model="ruleForm.auth.ldap.bind_name"
|
||||
placeholder="例如 CN=bindadmin,DC=abc,DC=COM"></el-input>
|
||||
</el-form-item>
|
||||
<el-form-item label="管理员密码" prop="auth.ldap.bind_pwd"
|
||||
:rules="this.ruleForm.auth.type== 'ldap' ? this.rules['auth.ldap.bind_pwd'] : [{ required: false }]">
|
||||
<el-input type="password" v-model="ruleForm.auth.ldap.bind_pwd" placeholder=""></el-input>
|
||||
</el-form-item>
|
||||
<el-form-item label="Base DN" prop="auth.ldap.base_dn"
|
||||
:rules="this.ruleForm.auth.type== 'ldap' ? this.rules['auth.ldap.base_dn'] : [{ required: false }]">
|
||||
<el-input v-model="ruleForm.auth.ldap.base_dn" placeholder="例如 DC=abc,DC=com"></el-input>
|
||||
</el-form-item>
|
||||
<el-form-item label="用户对象类" prop="auth.ldap.object_class"
|
||||
:rules="this.ruleForm.auth.type== 'ldap' ? this.rules['auth.ldap.object_class'] : [{ required: false }]">
|
||||
<el-input v-model="ruleForm.auth.ldap.object_class"
|
||||
placeholder="例如 person / user / posixAccount"></el-input>
|
||||
</el-form-item>
|
||||
<el-form-item label="用户唯一ID" prop="auth.ldap.search_attr"
|
||||
:rules="this.ruleForm.auth.type== 'ldap' ? this.rules['auth.ldap.search_attr'] : [{ required: false }]">
|
||||
<el-input v-model="ruleForm.auth.ldap.search_attr"
|
||||
placeholder="例如 sAMAccountName / uid / cn"></el-input>
|
||||
</el-form-item>
|
||||
<el-form-item label="受限用户组" prop="auth.ldap.member_of">
|
||||
<el-input v-model="ruleForm.auth.ldap.member_of"
|
||||
placeholder="选填, 只允许指定组登入, 例如 CN=HomeWork,DC=abc,DC=com"></el-input>
|
||||
</el-form-item>
|
||||
</template>
|
||||
</el-tab-pane>
|
||||
|
||||
<el-tab-pane label="路由设置" name="route">
|
||||
<el-form-item label="包含路由" prop="route_include">
|
||||
<el-row class="msg-info">
|
||||
<el-col :span="18">输入CIDR格式如: 192.168.1.0/24</el-col>
|
||||
<el-col :span="2">
|
||||
<el-button size="mini" type="success" icon="el-icon-plus" circle
|
||||
@click.prevent="addDomain(ruleForm.route_include)"></el-button>
|
||||
</el-col>
|
||||
<el-col :span="4">
|
||||
<el-button size="mini" type="info" icon="el-icon-edit" circle
|
||||
@click.prevent="openIpListDialog('route_include')"></el-button>
|
||||
</el-col>
|
||||
</el-row>
|
||||
<templete v-if="activeTab == 'route'">
|
||||
<el-row v-for="(item,index) in ruleForm.route_include"
|
||||
:key="index" style="margin-bottom: 5px" :gutter="10">
|
||||
<el-col :span="10">
|
||||
<el-input v-model="item.val"></el-input>
|
||||
</el-col>
|
||||
<el-col :span="12">
|
||||
<el-input v-model="item.note" placeholder="备注"></el-input>
|
||||
</el-col>
|
||||
<el-col :span="2">
|
||||
<el-button size="mini" type="danger" icon="el-icon-minus" circle
|
||||
@click.prevent="removeDomain(ruleForm.route_include,index)"></el-button>
|
||||
</el-col>
|
||||
</el-row>
|
||||
</templete>
|
||||
</el-form-item>
|
||||
|
||||
<el-form-item label="排除路由" prop="route_exclude">
|
||||
<el-row class="msg-info">
|
||||
<el-col :span="18">输入CIDR格式如: 192.168.2.0/24</el-col>
|
||||
<el-col :span="2">
|
||||
<el-button size="mini" type="success" icon="el-icon-plus" circle
|
||||
@click.prevent="addDomain(ruleForm.route_exclude)"></el-button>
|
||||
</el-col>
|
||||
<el-col :span="4">
|
||||
<el-button size="mini" type="info" icon="el-icon-edit" circle
|
||||
@click.prevent="openIpListDialog('route_exclude')"></el-button>
|
||||
</el-col>
|
||||
</el-row>
|
||||
<templete v-if="activeTab == 'route'">
|
||||
<el-row v-for="(item,index) in ruleForm.route_exclude"
|
||||
:key="index" style="margin-bottom: 5px" :gutter="10">
|
||||
<el-col :span="10">
|
||||
<el-input v-model="item.val"></el-input>
|
||||
</el-col>
|
||||
<el-col :span="12">
|
||||
<el-input v-model="item.note" placeholder="备注"></el-input>
|
||||
</el-col>
|
||||
<el-col :span="2">
|
||||
<el-button size="mini" type="danger" icon="el-icon-minus" circle
|
||||
@click.prevent="removeDomain(ruleForm.route_exclude,index)"></el-button>
|
||||
</el-col>
|
||||
</el-row>
|
||||
</templete>
|
||||
</el-form-item>
|
||||
</el-tab-pane>
|
||||
<el-tab-pane label="权限控制" name="link_acl">
|
||||
<el-form-item label="权限控制" prop="link_acl">
|
||||
<el-row class="msg-info">
|
||||
<el-col :span="22">输入CIDR格式如: 192.168.3.0/24
|
||||
协议支持 all,tcp,udp,icmp
|
||||
端口0表示所有端口,多个端口:80,443,连续端口:1234-5678
|
||||
</el-col>
|
||||
<el-col :span="2">
|
||||
<el-button size="mini" type="success" icon="el-icon-plus" circle
|
||||
@click.prevent="addDomain(ruleForm.link_acl)"></el-button>
|
||||
</el-col>
|
||||
</el-row>
|
||||
|
||||
<!-- 添加拖拽功能 -->
|
||||
<draggable v-model="ruleForm.link_acl" handle=".drag-handle" @end="onEnd">
|
||||
|
||||
<el-row v-for="(item,index) in ruleForm.link_acl"
|
||||
:key="index" style="margin-bottom: 5px" :gutter="1">
|
||||
|
||||
<el-col :span="1" class="drag-handle">
|
||||
<i class="el-icon-rank"></i>
|
||||
</el-col>
|
||||
|
||||
<el-col :span="9">
|
||||
<el-input placeholder="请输入CIDR地址" v-model="item.val">
|
||||
<el-select v-model="item.action" slot="prepend">
|
||||
<el-option label="允许" value="allow"></el-option>
|
||||
<el-option label="禁止" value="deny"></el-option>
|
||||
</el-select>
|
||||
</el-input>
|
||||
</el-col>
|
||||
|
||||
<el-col :span="3">
|
||||
<el-input placeholder="协议" v-model="item.protocol">
|
||||
</el-col>
|
||||
|
||||
<el-col :span="6">
|
||||
<!-- type="textarea" :autosize="{ minRows: 1, maxRows: 2}" -->
|
||||
<el-input v-model="item.port" placeholder="多端口,号分隔"></el-input>
|
||||
</el-col>
|
||||
<el-col :span="3">
|
||||
<el-input v-model="item.note" placeholder="备注"></el-input>
|
||||
</el-col>
|
||||
|
||||
<el-col :span="2">
|
||||
<el-button size="mini" type="danger" icon="el-icon-minus" circle
|
||||
@click.prevent="removeDomain(ruleForm.link_acl,index)"></el-button>
|
||||
</el-col>
|
||||
</el-row>
|
||||
</draggable>
|
||||
|
||||
</el-form-item>
|
||||
</el-tab-pane>
|
||||
|
||||
<el-tab-pane label="域名拆分隧道" name="ds_domains">
|
||||
<el-form-item label="包含域名" prop="ds_include_domains">
|
||||
<el-input type="textarea" :rows="5" v-model="ruleForm.ds_include_domains"
|
||||
placeholder="输入域名用,号分隔,默认匹配所有子域名, 如baidu.com,163.com"></el-input>
|
||||
</el-form-item>
|
||||
<el-form-item label="排除域名" prop="ds_exclude_domains">
|
||||
<el-input type="textarea" :rows="5" v-model="ruleForm.ds_exclude_domains"
|
||||
placeholder="输入域名用,号分隔,默认匹配所有子域名, 如baidu.com,163.com"></el-input>
|
||||
<div class="msg-info">注:域名拆分隧道,仅支持AnyConnect的windows和MacOS桌面客户端,不支持移动端.</div>
|
||||
</el-form-item>
|
||||
</el-tab-pane>
|
||||
<el-form-item>
|
||||
<templete v-if="activeTab == 'authtype' && ruleForm.auth.type != 'local'">
|
||||
<el-button @click="openAuthLoginDialog()" style="margin-right:10px">测试登录</el-button>
|
||||
</templete>
|
||||
<el-button type="primary" @click="submitForm('ruleForm')">保存</el-button>
|
||||
<el-button @click="closeDialog">取消</el-button>
|
||||
</el-form-item>
|
||||
</el-tabs>
|
||||
</el-form>
|
||||
</el-dialog>
|
||||
<!--测试用户登录弹出框-->
|
||||
<el-dialog
|
||||
@@ -398,36 +483,41 @@
|
||||
width="600px"
|
||||
custom-class="valgin-dialog"
|
||||
center>
|
||||
<el-form :model="authLoginForm" :rules="authLoginRules" ref="authLoginForm" label-width="100px">
|
||||
<el-form-item label="账号" prop="name">
|
||||
<el-input v-model="authLoginForm.name" ref="authLoginFormName" @keydown.enter.native="testAuthLogin"></el-input>
|
||||
</el-form-item>
|
||||
<el-form-item label="密码" prop="pwd">
|
||||
<el-input type="password" v-model="authLoginForm.pwd" @keydown.enter.native="testAuthLogin"></el-input>
|
||||
</el-form-item>
|
||||
<el-form-item>
|
||||
<el-button type="primary" @click="testAuthLogin()" :loading="authLoginLoading">登录</el-button>
|
||||
<el-button @click="authLoginDialog = false">取 消</el-button>
|
||||
</el-form-item>
|
||||
</el-form>
|
||||
<el-form :model="authLoginForm" :rules="authLoginRules" ref="authLoginForm" label-width="100px">
|
||||
<el-form-item label="账号" prop="name">
|
||||
<el-input v-model="authLoginForm.name" ref="authLoginFormName"
|
||||
@keydown.enter.native="testAuthLogin"></el-input>
|
||||
</el-form-item>
|
||||
<el-form-item label="密码" prop="pwd">
|
||||
<el-input type="password" v-model="authLoginForm.pwd" @keydown.enter.native="testAuthLogin"></el-input>
|
||||
</el-form-item>
|
||||
<el-form-item>
|
||||
<el-button type="primary" @click="testAuthLogin()" :loading="authLoginLoading">登录</el-button>
|
||||
<el-button @click="authLoginDialog = false">取 消</el-button>
|
||||
</el-form-item>
|
||||
</el-form>
|
||||
</el-dialog>
|
||||
<!--编辑模式弹窗-->
|
||||
<el-dialog
|
||||
:close-on-click-modal="false"
|
||||
title="编辑模式"
|
||||
:visible.sync="ipListDialog"
|
||||
width="650px"
|
||||
custom-class="valgin-dialog"
|
||||
center>
|
||||
:close-on-click-modal="false"
|
||||
title="编辑模式"
|
||||
:visible.sync="ipListDialog"
|
||||
width="650px"
|
||||
custom-class="valgin-dialog"
|
||||
center>
|
||||
<el-form ref="ipEditForm" label-width="80px">
|
||||
<el-form-item label="路由表" prop="ip_list">
|
||||
<el-input type="textarea" :rows="10" v-model="ipEditForm.ip_list" placeholder="每行一条路由,例:192.168.1.0/24,备注 或 192.168.1.0/24"></el-input>
|
||||
<div class="msg-info">当前共 {{ ipEditForm.ip_list.trim() === '' ? 0 : ipEditForm.ip_list.trim().split("\n").length }} 条(注:AnyConnect客户端最多支持{{ this.maxRouteRows }}条路由)</div>
|
||||
</el-form-item>
|
||||
<el-form-item>
|
||||
<el-button type="primary" @click="ipEdit()" :loading="ipEditLoading">更新</el-button>
|
||||
<el-button @click="ipListDialog = false">取 消</el-button>
|
||||
</el-form-item>
|
||||
<el-form-item label="路由表" prop="ip_list">
|
||||
<el-input type="textarea" :rows="10" v-model="ipEditForm.ip_list"
|
||||
placeholder="每行一条路由,例:192.168.1.0/24,备注 或 192.168.1.0/24"></el-input>
|
||||
<div class="msg-info">当前共
|
||||
{{ ipEditForm.ip_list.trim() === '' ? 0 : ipEditForm.ip_list.trim().split("\n").length }}
|
||||
条(注:AnyConnect客户端最多支持{{ this.maxRouteRows }}条路由)
|
||||
</div>
|
||||
</el-form-item>
|
||||
<el-form-item>
|
||||
<el-button type="primary" @click="ipEdit()" :loading="ipEditLoading">更新</el-button>
|
||||
<el-button @click="ipListDialog = false">取 消</el-button>
|
||||
</el-form-item>
|
||||
</el-form>
|
||||
</el-dialog>
|
||||
</div>
|
||||
@@ -435,10 +525,11 @@
|
||||
|
||||
<script>
|
||||
import axios from "axios";
|
||||
import draggable from 'vuedraggable'
|
||||
|
||||
export default {
|
||||
name: "List",
|
||||
components: {},
|
||||
components: {draggable},
|
||||
mixins: [],
|
||||
created() {
|
||||
this.$emit('update:route_path', this.$route.path)
|
||||
@@ -453,47 +544,48 @@ export default {
|
||||
page: 1,
|
||||
tableData: [],
|
||||
count: 10,
|
||||
activeTab : "general",
|
||||
activeTab: "general",
|
||||
readMore: {},
|
||||
readMinRows : 5,
|
||||
maxRouteRows : 2500,
|
||||
defAuth : {
|
||||
type:'local',
|
||||
radius:{addr:"", secret:""},
|
||||
ldap:{
|
||||
addr:"",
|
||||
tls:false,
|
||||
base_dn:"",
|
||||
object_class:"person",
|
||||
search_attr:"sAMAccountName",
|
||||
member_of:"",
|
||||
bind_name:"",
|
||||
bind_pwd:"",
|
||||
},
|
||||
readMinRows: 5,
|
||||
maxRouteRows: 2500,
|
||||
defAuth: {
|
||||
type: 'local',
|
||||
radius: {addr: "", secret: "", nasip: ""},
|
||||
ldap: {
|
||||
addr: "",
|
||||
tls: false,
|
||||
base_dn: "",
|
||||
object_class: "person",
|
||||
search_attr: "sAMAccountName",
|
||||
member_of: "",
|
||||
bind_name: "",
|
||||
bind_pwd: "",
|
||||
},
|
||||
},
|
||||
ruleForm: {
|
||||
bandwidth: 0,
|
||||
bandwidth_format: '0',
|
||||
status: 1,
|
||||
allow_lan: true,
|
||||
client_dns: [{val: '114.114.114.114'}],
|
||||
client_dns: [{val: '114.114.114.114', note: '默认dns'}],
|
||||
split_dns: [],
|
||||
route_include: [{val: 'all', note: '默认全局代理'}],
|
||||
route_exclude: [],
|
||||
link_acl: [],
|
||||
auth : {},
|
||||
auth: {},
|
||||
},
|
||||
authLoginDialog : false,
|
||||
ipListDialog : false,
|
||||
authLoginLoading : false,
|
||||
authLoginForm : {
|
||||
name : "",
|
||||
pwd : "",
|
||||
authLoginDialog: false,
|
||||
ipListDialog: false,
|
||||
authLoginLoading: false,
|
||||
authLoginForm: {
|
||||
name: "",
|
||||
pwd: "",
|
||||
},
|
||||
ipEditForm: {
|
||||
ip_list: "",
|
||||
type : "",
|
||||
type: "",
|
||||
},
|
||||
ipEditLoading : false,
|
||||
ipEditLoading: false,
|
||||
authLoginRules: {
|
||||
name: [
|
||||
{required: true, message: '请输入账号', trigger: 'blur'},
|
||||
@@ -543,12 +635,15 @@ export default {
|
||||
}
|
||||
},
|
||||
methods: {
|
||||
onEnd: function() {
|
||||
window.console.log("onEnd", this.ruleForm.link_acl);
|
||||
},
|
||||
setAuthData(row) {
|
||||
if (! row) {
|
||||
if (!row) {
|
||||
this.ruleForm.auth = JSON.parse(JSON.stringify(this.defAuth));
|
||||
return ;
|
||||
return;
|
||||
}
|
||||
if (row.auth.type == "ldap" && ! row.auth.ldap.object_class) {
|
||||
if (row.auth.type == "ldap" && !row.auth.ldap.object_class) {
|
||||
row.auth.ldap.object_class = this.defAuth.ldap.object_class;
|
||||
}
|
||||
this.ruleForm.auth = Object.assign(JSON.parse(JSON.stringify(this.defAuth)), row.auth);
|
||||
@@ -620,7 +715,8 @@ export default {
|
||||
// arr.pop()
|
||||
},
|
||||
addDomain(arr) {
|
||||
arr.push({val: "", action: "allow", port: 0});
|
||||
console.log("arr", arr)
|
||||
arr.push({protocol:"all", val: "", action: "allow", port: "0", note: ""});
|
||||
},
|
||||
submitForm(formName) {
|
||||
this.$refs[formName].validate((valid) => {
|
||||
@@ -646,29 +742,31 @@ export default {
|
||||
});
|
||||
},
|
||||
testAuthLogin() {
|
||||
this.$refs["authLoginForm"].validate((valid) => {
|
||||
if (!valid) {
|
||||
console.log('error submit!!');
|
||||
return false;
|
||||
}
|
||||
this.authLoginLoading = true;
|
||||
axios.post('/group/auth_login', {name:this.authLoginForm.name,
|
||||
pwd:this.authLoginForm.pwd,
|
||||
auth:this.ruleForm.auth}).then(resp => {
|
||||
const rdata = resp.data;
|
||||
if (rdata.code === 0) {
|
||||
this.$message.success("登录成功");
|
||||
} else {
|
||||
this.$message.error(rdata.msg);
|
||||
}
|
||||
this.authLoginLoading = false;
|
||||
console.log(rdata);
|
||||
}).catch(error => {
|
||||
this.$message.error('哦,请求出错');
|
||||
console.log(error);
|
||||
this.authLoginLoading = false;
|
||||
});
|
||||
this.$refs["authLoginForm"].validate((valid) => {
|
||||
if (!valid) {
|
||||
console.log('error submit!!');
|
||||
return false;
|
||||
}
|
||||
this.authLoginLoading = true;
|
||||
axios.post('/group/auth_login', {
|
||||
name: this.authLoginForm.name,
|
||||
pwd: this.authLoginForm.pwd,
|
||||
auth: this.ruleForm.auth
|
||||
}).then(resp => {
|
||||
const rdata = resp.data;
|
||||
if (rdata.code === 0) {
|
||||
this.$message.success("登录成功");
|
||||
} else {
|
||||
this.$message.error(rdata.msg);
|
||||
}
|
||||
this.authLoginLoading = false;
|
||||
console.log(rdata);
|
||||
}).catch(error => {
|
||||
this.$message.error('哦,请求出错');
|
||||
console.log(error);
|
||||
this.authLoginLoading = false;
|
||||
});
|
||||
});
|
||||
},
|
||||
openAuthLoginDialog() {
|
||||
this.$refs["ruleForm"].validate((valid) => {
|
||||
@@ -679,7 +777,7 @@ export default {
|
||||
this.authLoginDialog = true;
|
||||
// set authLoginFormName focus
|
||||
this.$nextTick(() => {
|
||||
this.$refs['authLoginFormName'].focus();
|
||||
this.$refs['authLoginFormName'].focus();
|
||||
});
|
||||
});
|
||||
},
|
||||
@@ -689,63 +787,63 @@ export default {
|
||||
this.ipEditForm.ip_list = this.ruleForm[type].map(item => item.val + (item.note ? "," + item.note : "")).join("\n");
|
||||
},
|
||||
ipEdit() {
|
||||
this.ipEditLoading = true;
|
||||
let ipList = [];
|
||||
if (this.ipEditForm.ip_list.trim() !== "") {
|
||||
ipList = this.ipEditForm.ip_list.trim().split("\n");
|
||||
this.ipEditLoading = true;
|
||||
let ipList = [];
|
||||
if (this.ipEditForm.ip_list.trim() !== "") {
|
||||
ipList = this.ipEditForm.ip_list.trim().split("\n");
|
||||
}
|
||||
let arr = [];
|
||||
for (let i = 0; i < ipList.length; i++) {
|
||||
let item = ipList[i];
|
||||
if (item.trim() === "") {
|
||||
continue;
|
||||
}
|
||||
let arr = [];
|
||||
for (let i = 0; i < ipList.length; i++) {
|
||||
let item = ipList[i];
|
||||
if (item.trim() === "") {
|
||||
continue;
|
||||
}
|
||||
let ip = item.split(",");
|
||||
if (ip.length > 2) {
|
||||
ip[1] = ip.slice(1).join(",");
|
||||
}
|
||||
let note = ip[1] ? ip[1] : "";
|
||||
const pushToArr = () => {
|
||||
arr.push({val: ip[0], note: note});
|
||||
};
|
||||
if (this.ipEditForm.type == "route_include" && ip[0] == "all") {
|
||||
pushToArr();
|
||||
continue;
|
||||
}
|
||||
let valid = this.isValidCIDR(ip[0]);
|
||||
if (!valid.valid) {
|
||||
this.$message.error("错误:CIDR格式错误,建议 " + ip[0] + " 改为 " + valid.suggestion);
|
||||
this.ipEditLoading = false;
|
||||
return;
|
||||
}
|
||||
let ip = item.split(",");
|
||||
if (ip.length > 2) {
|
||||
ip[1] = ip.slice(1).join(",");
|
||||
}
|
||||
let note = ip[1] ? ip[1] : "";
|
||||
const pushToArr = () => {
|
||||
arr.push({val: ip[0], note: note});
|
||||
};
|
||||
if (this.ipEditForm.type == "route_include" && ip[0] == "all") {
|
||||
pushToArr();
|
||||
continue;
|
||||
}
|
||||
this.ruleForm[this.ipEditForm.type] = arr;
|
||||
this.ipEditLoading = false;
|
||||
this.ipListDialog = false;
|
||||
let valid = this.isValidCIDR(ip[0]);
|
||||
if (!valid.valid) {
|
||||
this.$message.error("错误:CIDR格式错误,建议 " + ip[0] + " 改为 " + valid.suggestion);
|
||||
this.ipEditLoading = false;
|
||||
return;
|
||||
}
|
||||
pushToArr();
|
||||
}
|
||||
this.ruleForm[this.ipEditForm.type] = arr;
|
||||
this.ipEditLoading = false;
|
||||
this.ipListDialog = false;
|
||||
},
|
||||
isValidCIDR(input) {
|
||||
const cidrRegex = /^((25[0-5]|2[0-4]\d|[01]?\d\d?)\.){3}(25[0-5]|2[0-4]\d|[01]?\d\d?)\/([12]?\d|3[0-2])$/;
|
||||
if (!cidrRegex.test(input)) {
|
||||
return { valid: false, suggestion: null };
|
||||
const cidrRegex = /^((25[0-5]|2[0-4]\d|[01]?\d\d?)\.){3}(25[0-5]|2[0-4]\d|[01]?\d\d?)\/([12]?\d|3[0-2])$/;
|
||||
if (!cidrRegex.test(input)) {
|
||||
return {valid: false, suggestion: null};
|
||||
}
|
||||
const [ip, mask] = input.split('/');
|
||||
const maskNum = parseInt(mask);
|
||||
const ipParts = ip.split('.').map(part => parseInt(part));
|
||||
const binaryIP = ipParts.map(part => part.toString(2).padStart(8, '0')).join('');
|
||||
for (let i = maskNum; i < 32; i++) {
|
||||
if (binaryIP[i] === '1') {
|
||||
const binaryNetworkPart = binaryIP.substring(0, maskNum).padEnd(32, '0');
|
||||
const networkIPParts = [];
|
||||
for (let j = 0; j < 4; j++) {
|
||||
const octet = binaryNetworkPart.substring(j * 8, (j + 1) * 8);
|
||||
networkIPParts.push(parseInt(octet, 2));
|
||||
}
|
||||
const suggestedIP = networkIPParts.join('.');
|
||||
return {valid: false, suggestion: `${suggestedIP}/${mask}`};
|
||||
}
|
||||
const [ip, mask] = input.split('/');
|
||||
const maskNum = parseInt(mask);
|
||||
const ipParts = ip.split('.').map(part => parseInt(part));
|
||||
const binaryIP = ipParts.map(part => part.toString(2).padStart(8, '0')).join('');
|
||||
for (let i = maskNum; i < 32; i++) {
|
||||
if (binaryIP[i] === '1') {
|
||||
const binaryNetworkPart = binaryIP.substring(0, maskNum).padEnd(32, '0');
|
||||
const networkIPParts = [];
|
||||
for (let j = 0; j < 4; j++) {
|
||||
const octet = binaryNetworkPart.substring(j * 8, (j + 1) * 8);
|
||||
networkIPParts.push(parseInt(octet, 2));
|
||||
}
|
||||
const suggestedIP = networkIPParts.join('.');
|
||||
return { valid: false, suggestion: `${suggestedIP}/${mask}` };
|
||||
}
|
||||
}
|
||||
return { valid: true, suggestion: null };
|
||||
}
|
||||
return {valid: true, suggestion: null};
|
||||
},
|
||||
resetForm(formName) {
|
||||
this.$refs[formName].resetFields();
|
||||
@@ -762,7 +860,7 @@ export default {
|
||||
},
|
||||
beforeTabLeave() {
|
||||
var isSwitch = true
|
||||
if (! this.user_edit_dialog) {
|
||||
if (!this.user_edit_dialog) {
|
||||
return isSwitch;
|
||||
}
|
||||
this.$refs['ruleForm'].validate((valid) => {
|
||||
@@ -779,16 +877,16 @@ export default {
|
||||
this.activeTab = "general";
|
||||
},
|
||||
convertBandwidth(bandwidth, fromUnit, toUnit) {
|
||||
const units = {
|
||||
bps: 1,
|
||||
Kbps: 1000,
|
||||
Mbps: 1000000,
|
||||
Gbps: 1000000000,
|
||||
BYTE: 8,
|
||||
};
|
||||
const result = bandwidth * units[fromUnit] / units[toUnit];
|
||||
const fixedResult = result.toFixed(2);
|
||||
return parseFloat(fixedResult);
|
||||
const units = {
|
||||
bps: 1,
|
||||
Kbps: 1000,
|
||||
Mbps: 1000000,
|
||||
Gbps: 1000000000,
|
||||
BYTE: 8,
|
||||
};
|
||||
const result = bandwidth * units[fromUnit] / units[toUnit];
|
||||
const fixedResult = result.toFixed(2);
|
||||
return parseFloat(fixedResult);
|
||||
}
|
||||
},
|
||||
}
|
||||
@@ -809,19 +907,25 @@ export default {
|
||||
width: 80px;
|
||||
}
|
||||
|
||||
::v-deep .valgin-dialog{
|
||||
display: flex;
|
||||
flex-direction: column;
|
||||
margin:0 !important;
|
||||
position:absolute;
|
||||
top:50%;
|
||||
left:50%;
|
||||
transform:translate(-50%,-50%);
|
||||
max-height:calc(100% - 30px);
|
||||
max-width:calc(100% - 30px);
|
||||
::v-deep .valgin-dialog {
|
||||
display: flex;
|
||||
flex-direction: column;
|
||||
margin: 0 !important;
|
||||
position: absolute;
|
||||
top: 50%;
|
||||
left: 50%;
|
||||
transform: translate(-50%, -50%);
|
||||
max-height: calc(100% - 30px);
|
||||
max-width: calc(100% - 30px);
|
||||
}
|
||||
::v-deep .valgin-dialog .el-dialog__body{
|
||||
flex:1;
|
||||
overflow: auto;
|
||||
|
||||
::v-deep .valgin-dialog .el-dialog__body {
|
||||
flex: 1;
|
||||
overflow: auto;
|
||||
}
|
||||
|
||||
.drag-handle {
|
||||
cursor: move;
|
||||
}
|
||||
|
||||
</style>
|
||||
|
||||
@@ -3,11 +3,11 @@
|
||||
<el-tabs v-model="activeName" @tab-click="handleClick">
|
||||
<el-tab-pane label="邮件配置" name="dataSmtp">
|
||||
<el-form
|
||||
:model="dataSmtp"
|
||||
ref="dataSmtp"
|
||||
:rules="rules"
|
||||
label-width="100px"
|
||||
class="tab-one"
|
||||
:model="dataSmtp"
|
||||
ref="dataSmtp"
|
||||
:rules="rules"
|
||||
label-width="100px"
|
||||
class="tab-one"
|
||||
>
|
||||
<el-form-item label="服务器地址" prop="host">
|
||||
<el-input v-model="dataSmtp.host"></el-input>
|
||||
@@ -20,9 +20,9 @@
|
||||
</el-form-item>
|
||||
<el-form-item label="密码" prop="password">
|
||||
<el-input
|
||||
type="password"
|
||||
v-model="dataSmtp.password"
|
||||
placeholder="密码为空则不修改"
|
||||
type="password"
|
||||
v-model="dataSmtp.password"
|
||||
placeholder="密码为空则不修改"
|
||||
></el-input>
|
||||
</el-form-item>
|
||||
<el-form-item label="加密类型" prop="encryption">
|
||||
@@ -37,7 +37,8 @@
|
||||
</el-form-item>
|
||||
<el-form-item>
|
||||
<el-button type="primary" @click="submitForm('dataSmtp')"
|
||||
>保存</el-button
|
||||
>保存
|
||||
</el-button
|
||||
>
|
||||
<el-button @click="resetForm('dataSmtp')">重置</el-button>
|
||||
</el-form-item>
|
||||
@@ -46,19 +47,19 @@
|
||||
|
||||
<el-tab-pane label="审计日志" name="dataAuditLog">
|
||||
<el-form
|
||||
:model="dataAuditLog"
|
||||
ref="dataAuditLog"
|
||||
:rules="rules"
|
||||
label-width="100px"
|
||||
class="tab-one"
|
||||
:model="dataAuditLog"
|
||||
ref="dataAuditLog"
|
||||
:rules="rules"
|
||||
label-width="100px"
|
||||
class="tab-one"
|
||||
>
|
||||
<el-form-item label="审计去重间隔" prop="audit_interval">
|
||||
<el-input-number
|
||||
v-model="dataAuditLog.audit_interval"
|
||||
:min="-1"
|
||||
size="small"
|
||||
label="秒"
|
||||
:disabled="true"
|
||||
v-model="dataAuditLog.audit_interval"
|
||||
:min="-1"
|
||||
size="small"
|
||||
label="秒"
|
||||
:disabled="true"
|
||||
></el-input-number>
|
||||
秒
|
||||
<p class="input_tip">
|
||||
@@ -68,11 +69,11 @@
|
||||
</el-form-item>
|
||||
<el-form-item label="存储时长" prop="life_day">
|
||||
<el-input-number
|
||||
v-model="dataAuditLog.life_day"
|
||||
:min="0"
|
||||
:max="365"
|
||||
size="small"
|
||||
label="天数"
|
||||
v-model="dataAuditLog.life_day"
|
||||
:min="0"
|
||||
:max="365"
|
||||
size="small"
|
||||
label="天数"
|
||||
></el-input-number>
|
||||
天
|
||||
<p class="input_tip">
|
||||
@@ -82,22 +83,23 @@
|
||||
</el-form-item>
|
||||
<el-form-item label="清理时间" prop="clear_time">
|
||||
<el-time-select
|
||||
v-model="dataAuditLog.clear_time"
|
||||
:picker-options="{
|
||||
v-model="dataAuditLog.clear_time"
|
||||
:picker-options="{
|
||||
start: '00:00',
|
||||
step: '01:00',
|
||||
end: '23:00',
|
||||
}"
|
||||
:editable="false"
|
||||
size="small"
|
||||
placeholder="请选择"
|
||||
style="width: 130px"
|
||||
:editable="false"
|
||||
size="small"
|
||||
placeholder="请选择"
|
||||
style="width: 130px"
|
||||
>
|
||||
</el-time-select>
|
||||
</el-form-item>
|
||||
<el-form-item>
|
||||
<el-button type="primary" @click="submitForm('dataAuditLog')"
|
||||
>保存</el-button
|
||||
>保存
|
||||
</el-button
|
||||
>
|
||||
<el-button @click="resetForm('dataAuditLog')">重置</el-button>
|
||||
</el-form-item>
|
||||
@@ -105,33 +107,34 @@
|
||||
</el-tab-pane>
|
||||
<el-tab-pane label="证书设置" name="datacertManage">
|
||||
<el-tabs
|
||||
tab-position="left"
|
||||
v-model="datacertManage"
|
||||
@tab-click="handleClick"
|
||||
tab-position="left"
|
||||
v-model="datacertManage"
|
||||
@tab-click="handleClick"
|
||||
>
|
||||
<el-tab-pane label="自定义证书" name="customCert">
|
||||
<el-form
|
||||
ref="customCert"
|
||||
:model="customCert"
|
||||
label-width="100px"
|
||||
size="small"
|
||||
class="tab-one"
|
||||
ref="customCert"
|
||||
:model="customCert"
|
||||
label-width="100px"
|
||||
size="small"
|
||||
class="tab-one"
|
||||
>
|
||||
<el-form-item>
|
||||
<el-upload
|
||||
class="uploadCert"
|
||||
:before-upload="beforeCertUpload"
|
||||
:action="certUpload"
|
||||
:limit="1"
|
||||
class="uploadCert"
|
||||
:before-upload="beforeCertUpload"
|
||||
:action="certUpload"
|
||||
:limit="1"
|
||||
>
|
||||
<el-button size="mini" icon="el-icon-plus" slot="trigger"
|
||||
>证书文件</el-button
|
||||
>证书文件
|
||||
</el-button
|
||||
>
|
||||
<el-tooltip
|
||||
class="item"
|
||||
effect="dark"
|
||||
content="请上传 .pem 格式的 cert 文件"
|
||||
placement="top"
|
||||
class="item"
|
||||
effect="dark"
|
||||
content="请上传 .pem 格式的 cert 文件"
|
||||
placement="top"
|
||||
>
|
||||
<i class="el-icon-info"></i>
|
||||
</el-tooltip>
|
||||
@@ -139,19 +142,20 @@
|
||||
</el-form-item>
|
||||
<el-form-item>
|
||||
<el-upload
|
||||
class="uploadCert"
|
||||
:before-upload="beforeKeyUpload"
|
||||
:action="certUpload"
|
||||
:limit="1"
|
||||
class="uploadCert"
|
||||
:before-upload="beforeKeyUpload"
|
||||
:action="certUpload"
|
||||
:limit="1"
|
||||
>
|
||||
<el-button size="mini" icon="el-icon-plus" slot="trigger"
|
||||
>私钥文件</el-button
|
||||
>私钥文件
|
||||
</el-button
|
||||
>
|
||||
<el-tooltip
|
||||
class="item"
|
||||
effect="dark"
|
||||
content="请上传 .pem 格式的 key 文件"
|
||||
placement="top"
|
||||
class="item"
|
||||
effect="dark"
|
||||
content="请上传 .pem 格式的 key 文件"
|
||||
placement="top"
|
||||
>
|
||||
<i class="el-icon-info"></i>
|
||||
</el-tooltip>
|
||||
@@ -159,23 +163,24 @@
|
||||
</el-form-item>
|
||||
<el-form-item>
|
||||
<el-button
|
||||
size="small"
|
||||
icon="el-icon-upload"
|
||||
type="primary"
|
||||
@click="submitForm('customCert')"
|
||||
>上传</el-button
|
||||
size="small"
|
||||
icon="el-icon-upload"
|
||||
type="primary"
|
||||
@click="submitForm('customCert')"
|
||||
>上传
|
||||
</el-button
|
||||
>
|
||||
</el-form-item>
|
||||
</el-form>
|
||||
</el-tab-pane>
|
||||
<el-tab-pane label="Let's Encrypt证书" name="letsCert">
|
||||
<el-form
|
||||
:model="letsCert"
|
||||
ref="letsCert"
|
||||
:rules="rules"
|
||||
label-width="120px"
|
||||
size="small"
|
||||
class="tab-one"
|
||||
:model="letsCert"
|
||||
ref="letsCert"
|
||||
:rules="rules"
|
||||
label-width="120px"
|
||||
size="small"
|
||||
class="tab-one"
|
||||
>
|
||||
<el-form-item label="域名" prop="domain">
|
||||
<el-input v-model="letsCert.domain"></el-input>
|
||||
@@ -191,30 +196,31 @@
|
||||
</el-radio-group>
|
||||
</el-form-item>
|
||||
<el-form-item
|
||||
v-for="component in dnsProvider[letsCert.name]"
|
||||
:key="component.prop"
|
||||
:label="component.label"
|
||||
:rules="component.rules"
|
||||
v-for="component in dnsProvider[letsCert.name]"
|
||||
:key="component.prop"
|
||||
:label="component.label"
|
||||
:rules="component.rules"
|
||||
>
|
||||
<component
|
||||
:is="component.component"
|
||||
:type="component.type"
|
||||
v-model="letsCert[letsCert.name][component.prop]"
|
||||
:is="component.component"
|
||||
:type="component.type"
|
||||
v-model="letsCert[letsCert.name][component.prop]"
|
||||
></component>
|
||||
</el-form-item>
|
||||
<el-form-item>
|
||||
<el-switch
|
||||
style="display: block"
|
||||
v-model="letsCert.renew"
|
||||
active-color="#13ce66"
|
||||
inactive-color="#ff4949"
|
||||
inactive-text="自动续期"
|
||||
style="display: block"
|
||||
v-model="letsCert.renew"
|
||||
active-color="#13ce66"
|
||||
inactive-color="#ff4949"
|
||||
inactive-text="自动续期"
|
||||
>
|
||||
</el-switch>
|
||||
</el-form-item>
|
||||
<el-form-item>
|
||||
<el-button type="primary" @click="submitForm('letsCert')"
|
||||
>申请</el-button
|
||||
>申请
|
||||
</el-button
|
||||
>
|
||||
<el-button @click="resetForm('letsCert')">重置</el-button>
|
||||
</el-form-item>
|
||||
@@ -224,11 +230,11 @@
|
||||
</el-tab-pane>
|
||||
<el-tab-pane label="其他设置" name="dataOther">
|
||||
<el-form
|
||||
:model="dataOther"
|
||||
ref="dataOther"
|
||||
:rules="rules"
|
||||
label-width="100px"
|
||||
class="tab-one"
|
||||
:model="dataOther"
|
||||
ref="dataOther"
|
||||
:rules="rules"
|
||||
label-width="130px"
|
||||
class="tab-one"
|
||||
>
|
||||
<el-form-item label="vpn对外地址" prop="link_addr">
|
||||
<el-input placeholder="请输入内容" v-model="dataOther.link_addr">
|
||||
@@ -237,49 +243,58 @@
|
||||
|
||||
<el-form-item label="Banner信息" prop="banner">
|
||||
<el-input
|
||||
type="textarea"
|
||||
:rows="5"
|
||||
placeholder="请输入内容"
|
||||
v-model="dataOther.banner"
|
||||
type="textarea"
|
||||
:rows="5"
|
||||
placeholder="请输入内容"
|
||||
v-model="dataOther.banner"
|
||||
>
|
||||
</el-input>
|
||||
</el-form-item>
|
||||
|
||||
<el-form-item label="自定义首页状态码" prop="homecode">
|
||||
<el-input-number
|
||||
v-model="dataOther.homecode"
|
||||
:min="0"
|
||||
:max="1000"
|
||||
></el-input-number>
|
||||
</el-form-item>
|
||||
|
||||
<el-form-item label="自定义首页" prop="homeindex">
|
||||
<el-input
|
||||
type="textarea"
|
||||
:rows="10"
|
||||
placeholder="请输入内容"
|
||||
v-model="dataOther.homeindex"
|
||||
type="textarea"
|
||||
:rows="10"
|
||||
placeholder="请输入内容"
|
||||
v-model="dataOther.homeindex"
|
||||
>
|
||||
</el-input>
|
||||
<el-tooltip content="自定义内容可以参考 home 目录下的文件" placement="top">
|
||||
<el-tooltip content="自定义内容可以参考 index_template 目录下的文件" placement="top">
|
||||
<i class="el-icon-question"></i>
|
||||
</el-tooltip>
|
||||
</el-form-item>
|
||||
|
||||
<el-form-item label="账户开通邮件" prop="account_mail">
|
||||
<el-form-item label="账户开通邮件模板" prop="account_mail">
|
||||
<el-input
|
||||
type="textarea"
|
||||
:rows="10"
|
||||
placeholder="请输入内容"
|
||||
v-model="dataOther.account_mail"
|
||||
type="textarea"
|
||||
:rows="10"
|
||||
placeholder="请输入内容"
|
||||
v-model="dataOther.account_mail"
|
||||
>
|
||||
</el-input>
|
||||
</el-form-item>
|
||||
|
||||
<el-form-item label="邮件展示">
|
||||
<iframe
|
||||
width="500px"
|
||||
height="300px"
|
||||
:srcdoc="dataOther.account_mail"
|
||||
width="500px"
|
||||
height="300px"
|
||||
:srcdoc="dataOther.account_mail"
|
||||
>
|
||||
</iframe>
|
||||
</el-form-item>
|
||||
|
||||
<el-form-item>
|
||||
<el-button type="primary" @click="submitForm('dataOther')"
|
||||
>保存</el-button
|
||||
>保存
|
||||
</el-button
|
||||
>
|
||||
<el-button @click="resetForm('dataOther')">重置</el-button>
|
||||
</el-form-item>
|
||||
@@ -324,19 +339,19 @@ export default {
|
||||
authToken: "",
|
||||
},
|
||||
},
|
||||
customCert: { cert: "", key: "" },
|
||||
customCert: {cert: "", key: ""},
|
||||
dataOther: {},
|
||||
rules: {
|
||||
host: { required: true, message: "请输入服务器地址", trigger: "blur" },
|
||||
host: {required: true, message: "请输入服务器地址", trigger: "blur"},
|
||||
port: [
|
||||
{ required: true, message: "请输入服务器端口", trigger: "blur" },
|
||||
{required: true, message: "请输入服务器端口", trigger: "blur"},
|
||||
{
|
||||
type: "number",
|
||||
message: "请输入正确的服务器端口",
|
||||
trigger: ["blur", "change"],
|
||||
},
|
||||
],
|
||||
issuer: { required: true, message: "请输入系统名称", trigger: "blur" },
|
||||
issuer: {required: true, message: "请输入系统名称", trigger: "blur"},
|
||||
domain: {
|
||||
required: true,
|
||||
message: "请输入需要申请证书的域名",
|
||||
@@ -347,7 +362,7 @@ export default {
|
||||
message: "请输入申请证书的邮箱地址",
|
||||
trigger: "blur",
|
||||
},
|
||||
name: { required: true, message: "请选择域名服务商", trigger: "blur" },
|
||||
name: {required: true, message: "请选择域名服务商", trigger: "blur"},
|
||||
},
|
||||
certUpload: "/set/other/customcert",
|
||||
dnsProvider: {
|
||||
@@ -449,71 +464,71 @@ export default {
|
||||
},
|
||||
getSmtp() {
|
||||
axios
|
||||
.get("/set/other/smtp")
|
||||
.then((resp) => {
|
||||
let rdata = resp.data;
|
||||
console.log(rdata);
|
||||
if (rdata.code !== 0) {
|
||||
this.$message.error(rdata.msg);
|
||||
return;
|
||||
}
|
||||
this.dataSmtp = rdata.data;
|
||||
})
|
||||
.catch((error) => {
|
||||
this.$message.error("哦,请求出错");
|
||||
console.log(error);
|
||||
});
|
||||
.get("/set/other/smtp")
|
||||
.then((resp) => {
|
||||
let rdata = resp.data;
|
||||
console.log(rdata);
|
||||
if (rdata.code !== 0) {
|
||||
this.$message.error(rdata.msg);
|
||||
return;
|
||||
}
|
||||
this.dataSmtp = rdata.data;
|
||||
})
|
||||
.catch((error) => {
|
||||
this.$message.error("哦,请求出错");
|
||||
console.log(error);
|
||||
});
|
||||
},
|
||||
getAuditLog() {
|
||||
axios
|
||||
.get("/set/other/audit_log")
|
||||
.then((resp) => {
|
||||
let rdata = resp.data;
|
||||
console.log(rdata);
|
||||
if (rdata.code !== 0) {
|
||||
this.$message.error(rdata.msg);
|
||||
return;
|
||||
}
|
||||
this.dataAuditLog = rdata.data;
|
||||
})
|
||||
.catch((error) => {
|
||||
this.$message.error("哦,请求出错");
|
||||
console.log(error);
|
||||
});
|
||||
.get("/set/other/audit_log")
|
||||
.then((resp) => {
|
||||
let rdata = resp.data;
|
||||
console.log(rdata);
|
||||
if (rdata.code !== 0) {
|
||||
this.$message.error(rdata.msg);
|
||||
return;
|
||||
}
|
||||
this.dataAuditLog = rdata.data;
|
||||
})
|
||||
.catch((error) => {
|
||||
this.$message.error("哦,请求出错");
|
||||
console.log(error);
|
||||
});
|
||||
},
|
||||
getletsCert() {
|
||||
axios
|
||||
.get("/set/other/getcertset")
|
||||
.then((resp) => {
|
||||
let rdata = resp.data;
|
||||
console.log(rdata);
|
||||
if (rdata.code !== 0) {
|
||||
this.$message.error(rdata.msg);
|
||||
return;
|
||||
}
|
||||
this.letsCert = Object.assign({}, this.letsCert, rdata.data);
|
||||
})
|
||||
.catch((error) => {
|
||||
this.$message.error("哦,请求出错");
|
||||
console.log(error);
|
||||
});
|
||||
.get("/set/other/getcertset")
|
||||
.then((resp) => {
|
||||
let rdata = resp.data;
|
||||
console.log(rdata);
|
||||
if (rdata.code !== 0) {
|
||||
this.$message.error(rdata.msg);
|
||||
return;
|
||||
}
|
||||
this.letsCert = Object.assign({}, this.letsCert, rdata.data);
|
||||
})
|
||||
.catch((error) => {
|
||||
this.$message.error("哦,请求出错");
|
||||
console.log(error);
|
||||
});
|
||||
},
|
||||
getOther() {
|
||||
axios
|
||||
.get("/set/other")
|
||||
.then((resp) => {
|
||||
let rdata = resp.data;
|
||||
console.log(rdata);
|
||||
if (rdata.code !== 0) {
|
||||
this.$message.error(rdata.msg);
|
||||
return;
|
||||
}
|
||||
this.dataOther = rdata.data;
|
||||
})
|
||||
.catch((error) => {
|
||||
this.$message.error("哦,请求出错");
|
||||
console.log(error);
|
||||
});
|
||||
.get("/set/other")
|
||||
.then((resp) => {
|
||||
let rdata = resp.data;
|
||||
console.log(rdata);
|
||||
if (rdata.code !== 0) {
|
||||
this.$message.error(rdata.msg);
|
||||
return;
|
||||
}
|
||||
this.dataOther = rdata.data;
|
||||
})
|
||||
.catch((error) => {
|
||||
this.$message.error("哦,请求出错");
|
||||
console.log(error);
|
||||
});
|
||||
},
|
||||
submitForm(formName) {
|
||||
this.$refs[formName].validate((valid) => {
|
||||
@@ -535,16 +550,16 @@ export default {
|
||||
break;
|
||||
case "dataAuditLog":
|
||||
axios
|
||||
.post("/set/other/audit_log/edit", this.dataAuditLog)
|
||||
.then((resp) => {
|
||||
var rdata = resp.data;
|
||||
console.log(rdata);
|
||||
if (rdata.code === 0) {
|
||||
this.$message.success(rdata.msg);
|
||||
} else {
|
||||
this.$message.error(rdata.msg);
|
||||
}
|
||||
});
|
||||
.post("/set/other/audit_log/edit", this.dataAuditLog)
|
||||
.then((resp) => {
|
||||
var rdata = resp.data;
|
||||
console.log(rdata);
|
||||
if (rdata.code === 0) {
|
||||
this.$message.success(rdata.msg);
|
||||
} else {
|
||||
this.$message.error(rdata.msg);
|
||||
}
|
||||
});
|
||||
break;
|
||||
case "letsCert":
|
||||
var loading = this.$loading({
|
||||
|
||||
@@ -7793,6 +7793,11 @@ sort-keys@^1.0.0:
|
||||
dependencies:
|
||||
is-plain-obj "^1.0.0"
|
||||
|
||||
sortablejs@1.10.2:
|
||||
version "1.10.2"
|
||||
resolved "https://registry.yarnpkg.com/sortablejs/-/sortablejs-1.10.2.tgz#6e40364d913f98b85a14f6678f92b5c1221f5290"
|
||||
integrity sha512-YkPGufevysvfwn5rfdlGyrGjt7/CRHwvRPogD/lC+TnvcN29jDpCifKP+rBqf+LRldfXSTh+0CGLcSg0VIxq3A==
|
||||
|
||||
source-list-map@^2.0.0:
|
||||
version "2.0.1"
|
||||
resolved "https://registry.yarnpkg.com/source-list-map/-/source-list-map-2.0.1.tgz#3993bd873bfc48479cca9ea3a547835c7c154b34"
|
||||
@@ -8775,6 +8780,13 @@ vue@^2.6.11:
|
||||
"@vue/compiler-sfc" "2.7.16"
|
||||
csstype "^3.1.0"
|
||||
|
||||
vuedraggable@^2.24.3:
|
||||
version "2.24.3"
|
||||
resolved "https://registry.yarnpkg.com/vuedraggable/-/vuedraggable-2.24.3.tgz#43c93849b746a24ce503e123d5b259c701ba0d19"
|
||||
integrity sha512-6/HDXi92GzB+Hcs9fC6PAAozK1RLt1ewPTLjK0anTYguXLAeySDmcnqE8IC0xa7shvSzRjQXq3/+dsZ7ETGF3g==
|
||||
dependencies:
|
||||
sortablejs "1.10.2"
|
||||
|
||||
watchpack-chokidar2@^2.0.1:
|
||||
version "2.0.1"
|
||||
resolved "https://registry.yarnpkg.com/watchpack-chokidar2/-/watchpack-chokidar2-2.0.1.tgz#38500072ee6ece66f3769936950ea1771be1c957"
|
||||
|
||||
Reference in New Issue
Block a user