Эхлэл Бүгдийг харах Тусламж
Нэвтрэх
TC
/
Zoraxy
-ын хуулбар https://git.hkwtc.org/TC/ReverseProxy
1
0
Салаа 0
Файлууд Асуудлууд 0 Мэдлэгийн сан
Мод: 4241cc4e27
Салаанууд Тагууд
Zoraxy
/
mod
/
dynamicproxy
/
access.go

access.go 2.1 KB
Түүх Анхны өгөгдөл

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465 
  1. package dynamicproxy
    2. 

  2. 

  3. import (
    4. 

  4. 	"log"
    5. 

  5. 	"net/http"
    6. 

  6. 	"os"
    7. 

  7. 	"path/filepath"
    8. 

  8. 

  9. 	"imuslab.com/zoraxy/mod/access"
    10. 

  10. 	"imuslab.com/zoraxy/mod/netutils"
    11. 

  11. )
    12. 

  12. 

  13. // Handle access check (blacklist / whitelist), return true if request is handled (aka blocked)
    14. 

  14. // if the return value is false, you can continue process the response writer
    15. 

  15. func (h *ProxyHandler) handleAccessRouting(ruleID string, w http.ResponseWriter, r *http.Request) bool {
    16. 

  16. 	accessRule, err := h.Parent.Option.AccessController.GetAccessRuleByID(ruleID)
    17. 

  17. 	if err != nil {
    18. 

  18. 		//Unable to load access rule. Target rule not found?
    19. 

  19. 		log.Println("[Proxy] Unable to load access rule: " + ruleID)
    20. 

  20. 		w.WriteHeader(http.StatusInternalServerError)
    21. 

  21. 		w.Write([]byte("500 - Internal Server Error"))
    22. 

  22. 		return true
    23. 

  23. 	}
    24. 

  24. 

  25. 	isBlocked, blockedReason := accessRequestBlocked(accessRule, h.Parent.Option.WebDirectory, w, r)
    26. 

  26. 	if isBlocked {
    27. 

  27. 		h.logRequest(r, false, 403, blockedReason, "")
    28. 

  28. 	}
    29. 

  29. 	return isBlocked
    30. 

  30. }
    31. 

  31. 

  32. // Return boolean, return true if access is blocked
    33. 

  33. // For string, it will return the blocked reason (if any)
    34. 

  34. func accessRequestBlocked(accessRule *access.AccessRule, templateDirectory string, w http.ResponseWriter, r *http.Request) (bool, string) {
    35. 

  35. 	//Check if this ip is in blacklist
    36. 

  36. 	clientIpAddr := netutils.GetRequesterIP(r)
    37. 

  37. 	if accessRule.IsBlacklisted(clientIpAddr) {
    38. 

  38. 		w.Header().Set("Content-Type", "text/html; charset=utf-8")
    39. 

  39. 		w.WriteHeader(http.StatusForbidden)
    40. 

  40. 		template, err := os.ReadFile(filepath.Join(templateDirectory, "templates/blacklist.html"))
    41. 

  41. 		if err != nil {
    42. 

  42. 			w.Write(page_forbidden)
    43. 

  43. 		} else {
    44. 

  44. 			w.Write(template)
    45. 

  45. 		}
    46. 

  46. 

  47. 		return true, "blacklist"
    48. 

  48. 	}
    49. 

  49. 

  50. 	//Check if this ip is in whitelist
    51. 

  51. 	if !accessRule.IsWhitelisted(clientIpAddr) {
    52. 

  52. 		w.Header().Set("Content-Type", "text/html; charset=utf-8")
    53. 

  53. 		w.WriteHeader(http.StatusForbidden)
    54. 

  54. 		template, err := os.ReadFile(filepath.Join(templateDirectory, "templates/whitelist.html"))
    55. 

  55. 		if err != nil {
    56. 

  56. 			w.Write(page_forbidden)
    57. 

  57. 		} else {
    58. 

  58. 			w.Write(template)
    59. 

  59. 		}
    60. 

  60. 		return true, "whitelist"
    61. 

  61. 	}
    62. 

  62. 

  63. 	//Not blocked.
    64. 

  64. 	return false, ""
    65. 

  65. }
    66.