Ana Sayfa Keşfet Yardım
Üye Ol Giriş Yap
chengqian
/
lc_smart_admin
1
0
Çatalla 0
Dosyalar Sorunlar 0 Değişiklik İstekleri 0 Wiki
Ağaç: 63f1e36e1e
Dallar Biçim İmleri
lc_smart_admin
/
server
/
service
/
tcp
/
tcp.go

tcp.go 2.2 KB
Geçmiş Ham

12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667686970717273747576777879808182838485868788899091929394959697 
  1. package tcp
    2. 

  2. 

  3. import (
    4. 

  4. 	"errors"
    5. 

  5. 	"net"
    6. 

  6. 	"server/utils/logger"
    7. 

  7. 	"strings"
    8. 

  8. 	"sync"
    9. 

  9. 	"time"
    10. 

  10. )
    11. 

  11. 

  12. func ListenTcp() {
    13. 

  13. 	// 监听当前的tcp连接
    14. 

  14. 	listen, err := net.Listen("tcp", "0.0.0.0:9200")
    15. 

  15. 	if err != nil {
    16. 

  16. 		logger.Logger.Errorf("listen failed, err:%v", err)
    17. 

  17. 		return
    18. 

  18. 	}
    19. 

  19. 

  20. 	tracker := NewConnectionTracker() //创建连接检测器
    21. 

  21. 

  22. 	for {
    23. 

  23. 		conn, err := listen.Accept()
    24. 

  24. 		if err != nil {
    25. 

  25. 			logger.Logger.Errorf("Accept failed, err:%v", err)
    26. 

  26. 			continue
    27. 

  27. 		}
    28. 

  28. 		err = CheckConn(conn, tracker)
    29. 

  29. 		if err != nil {
    30. 

  30. 			conn.Close() // 如果是恶意连接,则关闭连接
    31. 

  31. 			continue
    32. 

  32. 		}
    33. 

  33. 	}
    34. 

  34. }
    35. 

  35. 

  36. func CheckConn(conn net.Conn, tracker *ConnectionTracker) error {
    37. 

  37. 	logger.Logger.Debugf("StartDevice addr:%s", conn.RemoteAddr().String())
    38. 

  38. 	arr := strings.Split(conn.RemoteAddr().String(), ":")
    39. 

  39. 	ip := arr[0]
    40. 

  40. 	// 记录连接
    41. 

  41. 	tracker.recordConnection(ip)
    42. 

  42. 

  43. 	// 检查是否为恶意连接
    44. 

  44. 	if tracker.isMalicious(ip) {
    45. 

  45. 		logger.Logger.Debugf("恶意连接检测到 ip: %s\n", ip)
    46. 

  46. 		return errors.New("connection is Malicious")
    47. 

  47. 	}
    48. 

  48. 	device := Device{}
    49. 

  49. 	device.Start(conn)
    50. 

  50. 	return nil
    51. 

  51. }
    52. 

  52. 

  53. type ConnectionTracker struct {
    54. 

  54. 	mu          sync.Mutex
    55. 

  55. 	connections map[string][]time.Time // 存储每个 IP 的连接时间戳
    56. 

  56. }
    57. 

  57. 

  58. func NewConnectionTracker() *ConnectionTracker {
    59. 

  59. 	return &ConnectionTracker{
    60. 

  60. 		connections: make(map[string][]time.Time),
    61. 

  61. 	}
    62. 

  62. }
    63. 

  63. 

  64. func (ct *ConnectionTracker) recordConnection(ip string) {
    65. 

  65. 	ct.mu.Lock()
    66. 

  66. 	defer ct.mu.Unlock()
    67. 

  67. 

  68. 	now := time.Now()
    69. 

  69. 	ct.connections[ip] = append(ct.connections[ip], now)
    70. 

  70. 

  71. 	// 清理过期的连接记录
    72. 

  72. 	ct.cleanUpExpired(ip, now)
    73. 

  73. }
    74. 

  74. 

  75. func (ct *ConnectionTracker) cleanUpExpired(ip string, now time.Time) {
    76. 

  76. 	threshold := now.Add(-3 * time.Minute)
    77. 

  77. 	if timestamps, exists := ct.connections[ip]; exists {
    78. 

  78. 		var filtered []time.Time
    79. 

  79. 		for _, t := range timestamps {
    80. 

  80. 			if t.After(threshold) { // 检查时间戳是否在三分钟内
    81. 

  81. 				filtered = append(filtered, t) // 如果在范围内,保存到 filtered 列表
    82. 

  82. 			}
    83. 

  83. 		}
    84. 

  84. 		ct.connections[ip] = filtered
    85. 

  85. 	}
    86. 

  86. }
    87. 

  87. 

  88. // 判断是否是恶意连接
    89. 

  89. func (ct *ConnectionTracker) isMalicious(ip string) bool {
    90. 

  90. 	ct.mu.Lock()
    91. 

  91. 	defer ct.mu.Unlock()
    92. 

  92. 

  93. 	if timestamps, exists := ct.connections[ip]; exists {
    94. 

  94. 		return len(timestamps) >= 10 // 定义恶意连接的阈值
    95. 

  95. 	}
    96. 

  96. 	return false
    97. 

  97. }
    98.