iplibrary

package
v0.5.1 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Aug 15, 2022 License: BSD-3-Clause Imports: 40 Imported by: 0

README

IPList

List Check Order:

Global List --> Node List--> Server List --> WAF List --> Bind List

Documentation

Index

Constants

View Source 
const (
	ChinaCountryId int64 = 1
)
View Source 
const (
	IndexBlockLength = 12
)

Variables

View Source 
var GlobalBlackIPList = NewIPList()
View Source 
var GlobalWhiteIPList = NewIPList()
View Source 
var IPListUpdateNotify = make(chan bool, 1)
View Source 
var SharedActionManager = NewActionManager()
View Source 
var SharedCityManager = NewCityManager()
View Source 
var SharedCountryManager = NewCountryManager()
View Source 
var SharedIPListManager = NewIPListManager()
View Source 
var SharedManager = NewManager()
View Source 
var SharedProviderManager = NewProviderManager()
View Source 
var SharedProvinceManager = NewProvinceManager()
View Source 
var SharedServerListManager = NewServerListManager()
View Source 
var SharedUpdater = NewUpdater()

Functions

func AllowIP 

func AllowIP(ip string, serverId int64) (canGoNext bool, inAllowList bool)

AllowIP 检查IP是否被允许访问 如果一个IP不在任何名单中,则允许访问

func AllowIPStrings 

func AllowIPStrings(ipStrings []string, serverId int64) bool

AllowIPStrings 检查一组IP是否被允许访问

func IsFatalError 

func IsFatalError(err error) bool

func IsInWhiteList 

func IsInWhiteList(ip string) bool

IsInWhiteList 检查IP是否在白名单中

func NewFataError 

func NewFataError(err string) error

Types

type ActionInterface 

type ActionInterface interface {
	// Init 初始化
	Init(config *firewallconfigs.FirewallActionConfig) error

	// AddItem 添加
	AddItem(listType IPListType, item *pb.IPItem) error

	// DeleteItem 删除
	DeleteItem(listType IPListType, item *pb.IPItem) error

	// Close 关闭
	Close() error

	// DoHTTP 处理HTTP请求
	DoHTTP(req *http.Request, resp http.ResponseWriter) (goNext bool, err error)
}

type ActionManager 

type ActionManager struct {
	// contains filtered or unexported fields
}

ActionManager 动作管理器定义

func NewActionManager 

func NewActionManager() *ActionManager

NewActionManager 获取动作管理对象

func (*ActionManager) AddItem 

func (this *ActionManager) AddItem(listType IPListType, item *pb.IPItem)

AddItem 执行添加IP动作

func (*ActionManager) DeleteItem 

func (this *ActionManager) DeleteItem(listType IPListType, item *pb.IPItem)

DeleteItem 执行删除IP动作

func (*ActionManager) FindEventActions 

func (this *ActionManager) FindEventActions(eventLevel string) []ActionInterface

FindEventActions 查找事件对应的动作

func (*ActionManager) UpdateActions 

func (this *ActionManager) UpdateActions(actions []*firewallconfigs.FirewallActionConfig)

UpdateActions 更新配置

type BaseAction 

type BaseAction struct {
}

func (*BaseAction) Close 

func (this *BaseAction) Close() error

func (*BaseAction) DoHTTP 

func (this *BaseAction) DoHTTP(req *http.Request, resp http.ResponseWriter) (goNext bool, err error)

DoHTTP 处理HTTP请求

type CityManager 

type CityManager struct {
	// contains filtered or unexported fields
}

CityManager 中国省份信息管理

func NewCityManager 

func NewCityManager() *CityManager

func (*CityManager) Lookup 

func (this *CityManager) Lookup(provinceId int64, cityName string) (cityId int64)

func (*CityManager) Start 

func (this *CityManager) Start()

func (*CityManager) Stop 

func (this *CityManager) Stop()

type CountryManager 

type CountryManager struct {
	// contains filtered or unexported fields
}

CountryManager 国家/地区信息管理

func NewCountryManager 

func NewCountryManager() *CountryManager

func (*CountryManager) Lookup 

func (this *CountryManager) Lookup(countryName string) (countryId int64)

func (*CountryManager) Start 

func (this *CountryManager) Start()

func (*CountryManager) Stop 

func (this *CountryManager) Stop()

type FataError 

type FataError struct {
	// contains filtered or unexported fields
}

FataError 是否是致命错误

func (*FataError) Error 

func (this *FataError) Error() string

type FirewalldAction 

type FirewalldAction struct {
	BaseAction
	// contains filtered or unexported fields
}

FirewalldAction Firewalld动作管理 常用命令:

  • 查询列表: firewall-cmd --list-all
  • 添加IP:firewall-cmd --add-rich-rule="rule family='ipv4' source address='192.168.2.32' reject" --timeout=30s
  • 删除IP:firewall-cmd --remove-rich-rule="rule family='ipv4' source address='192.168.2.32' reject" --timeout=30s

func NewFirewalldAction 

func NewFirewalldAction() *FirewalldAction

func (*FirewalldAction) AddItem 

func (this *FirewalldAction) AddItem(listType IPListType, item *pb.IPItem) error

func (*FirewalldAction) DeleteItem 

func (this *FirewalldAction) DeleteItem(listType IPListType, item *pb.IPItem) error

func (*FirewalldAction) Init 

func (this *FirewalldAction) Init(config *firewallconfigs.FirewallActionConfig) error

type HTMLAction 

type HTMLAction struct {
	BaseAction
	// contains filtered or unexported fields
}

HTMLAction HTML动作

func NewHTMLAction 

func NewHTMLAction() *HTMLAction

NewHTMLAction 获取新对象

func (*HTMLAction) AddItem 

func (this *HTMLAction) AddItem(listType IPListType, item *pb.IPItem) error

AddItem 添加

func (*HTMLAction) Close 

func (this *HTMLAction) Close() error

Close 关闭

func (*HTMLAction) DeleteItem 

func (this *HTMLAction) DeleteItem(listType IPListType, item *pb.IPItem) error

DeleteItem 删除

func (*HTMLAction) DoHTTP 

func (this *HTMLAction) DoHTTP(req *http.Request, resp http.ResponseWriter) (goNext bool, err error)

DoHTTP 处理HTTP请求

func (*HTMLAction) Init 

func (this *HTMLAction) Init(config *firewallconfigs.FirewallActionConfig) error

Init 初始化

type HTTPAPIAction 

type HTTPAPIAction struct {
	BaseAction
	// contains filtered or unexported fields
}

func NewHTTPAPIAction 

func NewHTTPAPIAction() *HTTPAPIAction

func (*HTTPAPIAction) AddItem 

func (this *HTTPAPIAction) AddItem(listType IPListType, item *pb.IPItem) error

func (*HTTPAPIAction) DeleteItem 

func (this *HTTPAPIAction) DeleteItem(listType IPListType, item *pb.IPItem) error

func (*HTTPAPIAction) Init 

func (this *HTTPAPIAction) Init(config *firewallconfigs.FirewallActionConfig) error

type IP2Region 

type IP2Region struct {
	// contains filtered or unexported fields
}

func NewIP2Region 

func NewIP2Region(path string) (*IP2Region, error)

func (*IP2Region) MemorySearch 

func (this *IP2Region) MemorySearch(ipStr string) (ipInfo *IpInfo, err error)

type IP2RegionLibrary 

type IP2RegionLibrary struct {
	// contains filtered or unexported fields
}

func (*IP2RegionLibrary) Close 

func (this *IP2RegionLibrary) Close()

func (*IP2RegionLibrary) Load 

func (this *IP2RegionLibrary) Load(dbPath string) error

func (*IP2RegionLibrary) Lookup 

func (this *IP2RegionLibrary) Lookup(ip string) (*Result, error)

type IPItem 

type IPItem struct {
	Type       string `json:"type"`
	Id         uint64 `json:"id"`
	IPFrom     uint64 `json:"ipFrom"`
	IPTo       uint64 `json:"ipTo"`
	ExpiredAt  int64  `json:"expiredAt"`
	EventLevel string `json:"eventLevel"`
}

IPItem IP条目

func (*IPItem) Contains 

func (this *IPItem) Contains(ip uint64) bool

Contains 检查是否包含某个IP

type IPItemType 

type IPItemType = string
const (
	IPItemTypeIPv4 IPItemType = "ipv4" // IPv4
	IPItemTypeIPv6 IPItemType = "ipv6" // IPv6
	IPItemTypeAll  IPItemType = "all"  // 所有IP
)

type IPList 

type IPList struct {
	// contains filtered or unexported fields
}

IPList IP名单 TODO IP名单可以分片关闭,这样让每一片的数据量减少,查询更快

func NewIPList 

func NewIPList() *IPList

func (*IPList) Add 

func (this *IPList) Add(item *IPItem)

func (*IPList) AddDelay 

func (this *IPList) AddDelay(item *IPItem)

AddDelay 延迟添加,需要手工调用Sort()函数

func (*IPList) Contains 

func (this *IPList) Contains(ip uint64) bool

Contains 判断是否包含某个IP

func (*IPList) ContainsIPStrings 

func (this *IPList) ContainsIPStrings(ipStrings []string) (item *IPItem, found bool)

ContainsIPStrings 是否包含一组IP中的任意一个,并返回匹配的第一个Item

func (*IPList) Delete 

func (this *IPList) Delete(itemId uint64)

func (*IPList) Sort 

func (this *IPList) Sort()

type IPListDB 

type IPListDB struct {
	// contains filtered or unexported fields
}

func NewIPListDB 

func NewIPListDB() (*IPListDB, error)

func (*IPListDB) AddItem 

func (this *IPListDB) AddItem(item *pb.IPItem) error

func (*IPListDB) Close 

func (this *IPListDB) Close() error

func (*IPListDB) DeleteExpiredItems 

func (this *IPListDB) DeleteExpiredItems() error

DeleteExpiredItems 删除过期的条目

func (*IPListDB) ReadItems 

func (this *IPListDB) ReadItems(offset int64, size int64) (items []*pb.IPItem, err error)

func (*IPListDB) ReadMaxVersion 

func (this *IPListDB) ReadMaxVersion() int64

ReadMaxVersion 读取当前最大版本号

type IPListManager 

type IPListManager struct {
	// contains filtered or unexported fields
}

IPListManager IP名单管理

func NewIPListManager 

func NewIPListManager() *IPListManager

func (*IPListManager) FindList 

func (this *IPListManager) FindList(listId int64) *IPList

func (*IPListManager) Start 

func (this *IPListManager) Start()

func (*IPListManager) Stop 

func (this *IPListManager) Stop()

type IPListType 

type IPListType = string
const (
	IPListTypeWhite IPListType = "white"
	IPListTypeBlack IPListType = "black"
)

type IPSetAction 

type IPSetAction struct {
	BaseAction
	// contains filtered or unexported fields
}

IPSetAction IPSet动作 相关命令:

  • 利用Firewalld管理set:
  • 添加:firewall-cmd --permanent --new-ipset=edge_ip_list --type=hash:ip --option="timeout=0"
  • 删除:firewall-cmd --permanent --delete-ipset=edge_ip_list
  • 重载:firewall-cmd --reload
  • firewalld+ipset: firewall-cmd --permanent --add-rich-rule="rule source ipset='edge_ip_list' reject"
  • 利用IPTables管理set:
  • 添加:iptables -A INPUT -m set --match-set edge_ip_list src -j REJECT
  • 添加Item:ipset add edge_ip_list 192.168.2.32 timeout 30
  • 删除Item: ipset del edge_ip_list 192.168.2.32
  • 创建set:ipset create edge_ip_list hash:ip timeout 0
  • 查看统计:ipset -t list edge_black_list
  • 删除set:ipset destroy edge_black_list

func NewIPSetAction 

func NewIPSetAction() *IPSetAction

func (*IPSetAction) AddItem 

func (this *IPSetAction) AddItem(listType IPListType, item *pb.IPItem) error

func (*IPSetAction) DeleteItem 

func (this *IPSetAction) DeleteItem(listType IPListType, item *pb.IPItem) error

func (*IPSetAction) Init 

func (this *IPSetAction) Init(config *firewallconfigs.FirewallActionConfig) error

func (*IPSetAction) SetConfig 

func (this *IPSetAction) SetConfig(config *firewallconfigs.FirewallActionIPSetConfig)

type IPTablesAction 

type IPTablesAction struct {
	BaseAction
	// contains filtered or unexported fields
}

IPTablesAction IPTables动作 相关命令: 

iptables -A INPUT -s "192.168.2.32" -j ACCEPT
iptables -A INPUT -s "192.168.2.32" -j REJECT
iptables -D INPUT ...
iptables -F INPUT

func NewIPTablesAction 

func NewIPTablesAction() *IPTablesAction

func (*IPTablesAction) AddItem 

func (this *IPTablesAction) AddItem(listType IPListType, item *pb.IPItem) error

func (*IPTablesAction) DeleteItem 

func (this *IPTablesAction) DeleteItem(listType IPListType, item *pb.IPItem) error

func (*IPTablesAction) Init 

func (this *IPTablesAction) Init(config *firewallconfigs.FirewallActionConfig) error

type IpInfo 

type IpInfo struct {
	CityId   int64
	Country  string
	Region   string
	Province string
	City     string
	ISP      string
}

func (IpInfo) String 

func (ip IpInfo) String() string

type LibraryInterface 

type LibraryInterface interface {
	// Load 加载数据库文件
	Load(dbPath string) error

	// Lookup 查询IP
	// 返回结果有可能为空
	Lookup(ip string) (*Result, error)

	// Close 关闭数据库文件
	Close()
}
var SharedLibrary LibraryInterface

type Manager 

type Manager struct {
	// contains filtered or unexported fields
}

func NewManager 

func NewManager() *Manager

func (*Manager) Load 

func (this *Manager) Load() (LibraryInterface, error)

type ProviderManager 

type ProviderManager struct {
	// contains filtered or unexported fields
}

ProviderManager 中国省份信息管理

func NewProviderManager 

func NewProviderManager() *ProviderManager

func (*ProviderManager) Lookup 

func (this *ProviderManager) Lookup(providerName string) (providerId int64)

func (*ProviderManager) Start 

func (this *ProviderManager) Start()

func (*ProviderManager) Stop 

func (this *ProviderManager) Stop()

type ProvinceManager 

type ProvinceManager struct {
	// contains filtered or unexported fields
}

ProvinceManager 中国省份信息管理

func NewProvinceManager 

func NewProvinceManager() *ProvinceManager

func (*ProvinceManager) Lookup 

func (this *ProvinceManager) Lookup(provinceName string) (provinceId int64)

func (*ProvinceManager) Start 

func (this *ProvinceManager) Start()

func (*ProvinceManager) Stop 

func (this *ProvinceManager) Stop()

type Result 

type Result struct {
	CityId   int64
	Country  string
	Region   string
	Province string
	City     string
	ISP      string
}

type ScriptAction 

type ScriptAction struct {
	BaseAction
	// contains filtered or unexported fields
}

ScriptAction 脚本命令动作

func NewScriptAction 

func NewScriptAction() *ScriptAction

func (*ScriptAction) AddItem 

func (this *ScriptAction) AddItem(listType IPListType, item *pb.IPItem) error

func (*ScriptAction) DeleteItem 

func (this *ScriptAction) DeleteItem(listType IPListType, item *pb.IPItem) error

func (*ScriptAction) Init 

func (this *ScriptAction) Init(config *firewallconfigs.FirewallActionConfig) error

type ServerListManager 

type ServerListManager struct {
	// contains filtered or unexported fields
}

ServerListManager 服务相关名单

func NewServerListManager 

func NewServerListManager() *ServerListManager

func (*ServerListManager) FindBlackList 

func (this *ServerListManager) FindBlackList(serverId int64, autoCreate bool) *IPList

func (*ServerListManager) FindWhiteList 

func (this *ServerListManager) FindWhiteList(serverId int64, autoCreate bool) *IPList

type Updater 

type Updater struct {
	// contains filtered or unexported fields
}

Updater IP库更新程序

func NewUpdater 

func NewUpdater() *Updater

NewUpdater 获取新对象

func (*Updater) Start 

func (this *Updater) Start()

Start 开始更新

func (*Updater) Stop 

func (this *Updater) Stop()

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.