123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131 |
- package access
- import (
- "encoding/json"
- "strings"
- "imuslab.com/zoraxy/mod/netutils"
- )
- /*
- Whitelist.go
- This script handles whitelist related functions
- */
- const (
- EntryType_CountryCode int = 0
- EntryType_IP int = 1
- )
- type WhitelistEntry struct {
- EntryType int //Entry type of whitelist, Country Code or IP
- CC string //ISO Country Code
- IP string //IP address or range
- Comment string //Comment for this entry
- }
- //Geo Whitelist
- func (s *AccessRule) AddCountryCodeToWhitelist(countryCode string, comment string) {
- countryCode = strings.ToLower(countryCode)
- entry := WhitelistEntry{
- EntryType: EntryType_CountryCode,
- CC: countryCode,
- Comment: comment,
- }
- s.GetDatabase().Write(s.GetFullTableName("whitelist-cn"), countryCode, entry)
- }
- func (s *AccessRule) RemoveCountryCodeFromWhitelist(countryCode string) {
- countryCode = strings.ToLower(countryCode)
- s.GetDatabase().Delete(s.GetFullTableName("whitelist-cn"), countryCode)
- }
- func (s *AccessRule) IsCountryCodeWhitelisted(countryCode string) bool {
- countryCode = strings.ToLower(countryCode)
- return s.GetDatabase().KeyExists(s.GetFullTableName("whitelist-cn"), countryCode)
- }
- func (s *AccessRule) GetAllWhitelistedCountryCode() []*WhitelistEntry {
- whitelistedCountryCode := []*WhitelistEntry{}
- entries, err := s.GetDatabase().ListTable(s.GetFullTableName("whitelist-cn"))
- if err != nil {
- return whitelistedCountryCode
- }
- for _, keypairs := range entries {
- thisWhitelistEntry := WhitelistEntry{}
- json.Unmarshal(keypairs[1], &thisWhitelistEntry)
- whitelistedCountryCode = append(whitelistedCountryCode, &thisWhitelistEntry)
- }
- return whitelistedCountryCode
- }
- //IP Whitelist
- func (s *AccessRule) AddIPToWhiteList(ipAddr string, comment string) {
- thisIpEntry := WhitelistEntry{
- EntryType: EntryType_IP,
- IP: ipAddr,
- Comment: comment,
- }
- s.GetDatabase().Write(s.GetFullTableName("whitelist-ip"), ipAddr, thisIpEntry)
- }
- func (s *AccessRule) RemoveIPFromWhiteList(ipAddr string) {
- s.GetDatabase().Delete(s.GetFullTableName("whitelist-ip"), ipAddr)
- }
- func (s *AccessRule) IsIPWhitelisted(ipAddr string) bool {
- isWhitelisted := s.GetDatabase().KeyExists(s.GetFullTableName("whitelist-ip"), ipAddr)
- if isWhitelisted {
- //single IP whitelist entry
- return true
- }
- //Check for IP wildcard and CIRD rules
- AllWhitelistedIps := s.GetAllWhitelistedIpAsStringSlice()
- for _, whitelistRules := range AllWhitelistedIps {
- wildcardMatch := netutils.MatchIpWildcard(ipAddr, whitelistRules)
- if wildcardMatch {
- return true
- }
- cidrMatch := netutils.MatchIpCIDR(ipAddr, whitelistRules)
- if cidrMatch {
- return true
- }
- }
- return false
- }
- func (s *AccessRule) GetAllWhitelistedIp() []*WhitelistEntry {
- whitelistedIp := []*WhitelistEntry{}
- entries, err := s.GetDatabase().ListTable(s.GetFullTableName("whitelist-ip"))
- if err != nil {
- return whitelistedIp
- }
- for _, keypairs := range entries {
- //ip := string(keypairs[0])
- thisEntry := WhitelistEntry{}
- json.Unmarshal(keypairs[1], &thisEntry)
- whitelistedIp = append(whitelistedIp, &thisEntry)
- }
- return whitelistedIp
- }
- func (s *AccessRule) GetAllWhitelistedIpAsStringSlice() []string {
- allWhitelistedIPs := []string{}
- entries := s.GetAllWhitelistedIp()
- for _, entry := range entries {
- allWhitelistedIPs = append(allWhitelistedIPs, entry.IP)
- }
- return allWhitelistedIPs
- }
|