صفحهٔ اصلی گشت‌و‌گذار راهنما
ورود
TC
/
Zoraxy
mirrorاز https://git.hkwtc.org/TC/ReverseProxy
1
0
انشعاب 0
پرونده‌ها مشکلات 0 ویکی
درخت: cc83193746
شاخه‌ها تگ‌ها
Zoraxy
/
mod
/
dynamicproxy
/
access.go

access.go 2.1 KB
تاريخچه خام

12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364 
  1. package dynamicproxy
    2. 

  2. 

  3. import (
    4. 

  4. 	"net/http"
    5. 

  5. 	"os"
    6. 

  6. 	"path/filepath"
    7. 

  7. 

  8. 	"imuslab.com/zoraxy/mod/access"
    9. 

  9. 	"imuslab.com/zoraxy/mod/netutils"
    10. 

  10. )
    11. 

  11. 

  12. // Handle access check (blacklist / whitelist), return true if request is handled (aka blocked)
    13. 

  13. // if the return value is false, you can continue process the response writer
    14. 

  14. func (h *ProxyHandler) handleAccessRouting(ruleID string, w http.ResponseWriter, r *http.Request) bool {
    15. 

  15. 	accessRule, err := h.Parent.Option.AccessController.GetAccessRuleByID(ruleID)
    16. 

  16. 	if err != nil {
    17. 

  17. 		//Unable to load access rule. Target rule not found?
    18. 

  18. 		h.Parent.Option.Logger.PrintAndLog("proxy-access", "Unable to load access rule: "+ruleID, err)
    19. 

  19. 		w.WriteHeader(http.StatusInternalServerError)
    20. 

  20. 		w.Write([]byte("500 - Internal Server Error"))
    21. 

  21. 		return true
    22. 

  22. 	}
    23. 

  23. 

  24. 	isBlocked, blockedReason := accessRequestBlocked(accessRule, h.Parent.Option.WebDirectory, w, r)
    25. 

  25. 	if isBlocked {
    26. 

  26. 		h.Parent.logRequest(r, false, 403, blockedReason, "")
    27. 

  27. 	}
    28. 

  28. 	return isBlocked
    29. 

  29. }
    30. 

  30. 

  31. // Return boolean, return true if access is blocked
    32. 

  32. // For string, it will return the blocked reason (if any)
    33. 

  33. func accessRequestBlocked(accessRule *access.AccessRule, templateDirectory string, w http.ResponseWriter, r *http.Request) (bool, string) {
    34. 

  34. 	//Check if this ip is in blacklist
    35. 

  35. 	clientIpAddr := netutils.GetRequesterIP(r)
    36. 

  36. 	if accessRule.IsBlacklisted(clientIpAddr) {
    37. 

  37. 		w.Header().Set("Content-Type", "text/html; charset=utf-8")
    38. 

  38. 		w.WriteHeader(http.StatusForbidden)
    39. 

  39. 		template, err := os.ReadFile(filepath.Join(templateDirectory, "templates/blacklist.html"))
    40. 

  40. 		if err != nil {
    41. 

  41. 			w.Write(page_forbidden)
    42. 

  42. 		} else {
    43. 

  43. 			w.Write(template)
    44. 

  44. 		}
    45. 

  45. 

  46. 		return true, "blacklist"
    47. 

  47. 	}
    48. 

  48. 

  49. 	//Check if this ip is in whitelist
    50. 

  50. 	if !accessRule.IsWhitelisted(clientIpAddr) {
    51. 

  51. 		w.Header().Set("Content-Type", "text/html; charset=utf-8")
    52. 

  52. 		w.WriteHeader(http.StatusForbidden)
    53. 

  53. 		template, err := os.ReadFile(filepath.Join(templateDirectory, "templates/whitelist.html"))
    54. 

  54. 		if err != nil {
    55. 

  55. 			w.Write(page_forbidden)
    56. 

  56. 		} else {
    57. 

  57. 			w.Write(template)
    58. 

  58. 		}
    59. 

  59. 		return true, "whitelist"
    60. 

  60. 	}
    61. 

  61. 

  62. 	//Not blocked.
    63. 

  63. 	return false, ""
    64. 

  64. }
    65.