whitelist.go 3.4 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131
  1. package access
  2. import (
  3. "encoding/json"
  4. "strings"
  5. "imuslab.com/zoraxy/mod/netutils"
  6. )
  7. /*
  8. Whitelist.go
  9. This script handles whitelist related functions
  10. */
  11. const (
  12. EntryType_CountryCode int = 0
  13. EntryType_IP int = 1
  14. )
  15. type WhitelistEntry struct {
  16. EntryType int //Entry type of whitelist, Country Code or IP
  17. CC string //ISO Country Code
  18. IP string //IP address or range
  19. Comment string //Comment for this entry
  20. }
  21. //Geo Whitelist
  22. func (s *AccessRule) AddCountryCodeToWhitelist(countryCode string, comment string) {
  23. countryCode = strings.ToLower(countryCode)
  24. entry := WhitelistEntry{
  25. EntryType: EntryType_CountryCode,
  26. CC: countryCode,
  27. Comment: comment,
  28. }
  29. s.GetDatabase().Write(s.GetFullTableName("whitelist-cn"), countryCode, entry)
  30. }
  31. func (s *AccessRule) RemoveCountryCodeFromWhitelist(countryCode string) {
  32. countryCode = strings.ToLower(countryCode)
  33. s.GetDatabase().Delete(s.GetFullTableName("whitelist-cn"), countryCode)
  34. }
  35. func (s *AccessRule) IsCountryCodeWhitelisted(countryCode string) bool {
  36. countryCode = strings.ToLower(countryCode)
  37. return s.GetDatabase().KeyExists(s.GetFullTableName("whitelist-cn"), countryCode)
  38. }
  39. func (s *AccessRule) GetAllWhitelistedCountryCode() []*WhitelistEntry {
  40. whitelistedCountryCode := []*WhitelistEntry{}
  41. entries, err := s.GetDatabase().ListTable(s.GetFullTableName("whitelist-cn"))
  42. if err != nil {
  43. return whitelistedCountryCode
  44. }
  45. for _, keypairs := range entries {
  46. thisWhitelistEntry := WhitelistEntry{}
  47. json.Unmarshal(keypairs[1], &thisWhitelistEntry)
  48. whitelistedCountryCode = append(whitelistedCountryCode, &thisWhitelistEntry)
  49. }
  50. return whitelistedCountryCode
  51. }
  52. //IP Whitelist
  53. func (s *AccessRule) AddIPToWhiteList(ipAddr string, comment string) {
  54. thisIpEntry := WhitelistEntry{
  55. EntryType: EntryType_IP,
  56. IP: ipAddr,
  57. Comment: comment,
  58. }
  59. s.GetDatabase().Write(s.GetFullTableName("whitelist-ip"), ipAddr, thisIpEntry)
  60. }
  61. func (s *AccessRule) RemoveIPFromWhiteList(ipAddr string) {
  62. s.GetDatabase().Delete(s.GetFullTableName("whitelist-ip"), ipAddr)
  63. }
  64. func (s *AccessRule) IsIPWhitelisted(ipAddr string) bool {
  65. isWhitelisted := s.GetDatabase().KeyExists(s.GetFullTableName("whitelist-ip"), ipAddr)
  66. if isWhitelisted {
  67. //single IP whitelist entry
  68. return true
  69. }
  70. //Check for IP wildcard and CIRD rules
  71. AllWhitelistedIps := s.GetAllWhitelistedIpAsStringSlice()
  72. for _, whitelistRules := range AllWhitelistedIps {
  73. wildcardMatch := netutils.MatchIpWildcard(ipAddr, whitelistRules)
  74. if wildcardMatch {
  75. return true
  76. }
  77. cidrMatch := netutils.MatchIpCIDR(ipAddr, whitelistRules)
  78. if cidrMatch {
  79. return true
  80. }
  81. }
  82. return false
  83. }
  84. func (s *AccessRule) GetAllWhitelistedIp() []*WhitelistEntry {
  85. whitelistedIp := []*WhitelistEntry{}
  86. entries, err := s.GetDatabase().ListTable(s.GetFullTableName("whitelist-ip"))
  87. if err != nil {
  88. return whitelistedIp
  89. }
  90. for _, keypairs := range entries {
  91. //ip := string(keypairs[0])
  92. thisEntry := WhitelistEntry{}
  93. json.Unmarshal(keypairs[1], &thisEntry)
  94. whitelistedIp = append(whitelistedIp, &thisEntry)
  95. }
  96. return whitelistedIp
  97. }
  98. func (s *AccessRule) GetAllWhitelistedIpAsStringSlice() []string {
  99. allWhitelistedIPs := []string{}
  100. entries := s.GetAllWhitelistedIp()
  101. for _, entry := range entries {
  102. allWhitelistedIPs = append(allWhitelistedIPs, entry.IP)
  103. }
  104. return allWhitelistedIPs
  105. }