feat(cdn): 添加 SSL 证书功能并优化 TCP/UDP转发

- 在 cdn.go 中添加了 SslPolicyRef 结构体和 AddSSLCert 方法
- 重构了 tcpForwarding.go 和 udpForwarding.go，统一了字段命名
- 更新了 TCP/UDP 转发相关的模型和接口
- 优化了 TCP/UDP 转发的添加和修改逻辑

api/v1/cdn.go

@@ -62,6 +62,7 @@ type Website struct {
 type TypeJSON struct {
 	IsOn bool `json:"isOn" form:"isOn"` // 是否开启
 	Listen []Listen `json:"listen" form:"listen"` // 监听端口
+	SslPolicyRef SslPolicyRef `json:"sslPolicyRef" form:"sslPolicyRef"` // SSL策略
 }
 
 type Listen struct {
@@ -70,6 +71,11 @@ type Listen struct {
 	Port string `json:"portRange" form:"portRange"` // 端口
 }
 
+type SslPolicyRef struct {
+	IsOn bool `json:"isOn" form:"isOn"` // 是否开启 isOn
+	SslPolicyId int64 `json:"sslPolicyId" form:"sslPolicyId"` // SSL策略ID
+}
+
 type EditWebsite struct {
 	Id int64 `json:"id" form:"id"`
 	TypeJSON []byte `json:"typeJSON" form:"typeJSON"`
@@ -101,3 +107,19 @@ type Addr struct {
 	Host string `json:"host" form:"host"` // 监听地址
 	Port string `json:"portRange" form:"portRange"` // 端口
 }
+
+
+type SSlCert struct {
+	IsOn bool `json:"isOn" form:"isOn"`  //是否开启
+	UserId int64 `json:"userId" form:"userId"`  //用户id
+	Name string `json:"name" form:"name"`  //证书名称
+	Description string `json:"description" form:"description"`  //证书描述
+	IsCA bool `json:"isCA" form:"isCA"`  //是否是CA证书
+	CertData []byte `json:"certData" form:"certData"`  //证书内容
+	KeyData []byte `json:"keyData" form:"keyData"`  //证书内容
+	TimeBeginAt int64 `json:"timeBeginAt" form:"timeBeginAt"`  //证书生效时间
+	TimeEndAt int64 `json:"timeEndAt" form:"timeEndAt"`  //证书失效时间
+	DnsNames []string `json:"dnsNames" form:"dnsNames"` // 包含的DNS域名
+	CommonNames []string `json:"commonNames" form:"commonNames"` // 包含的COMMON域名
+	IsSelfSigned bool `json:"isSelfSigned" form:"isSelfSigned"`  //是否是自签名证书
+}

api/v1/tcpForwarding.go

@@ -6,7 +6,6 @@ type TcpForwardingDataRequest struct {
 	Id                int    `form:"id" json:"id"`
 	CdnWebId          int    `form:"cdnWebId" json:"cdnWebId"`
 	Port              string    `form:"port" json:"port" binding:"required"`
-	GatewayGroupId 	  int    `form:"gatewayGroupId" json:"gatewayGroupId"`
 	BackendList       []string `form:"backendList" json:"backendList"`
 	AllowIpList       []string `form:"allowIpList" json:"allowIpList"`
 	DenyIpList        []string `form:"denyIpList" json:"denyIpList"`
@@ -17,7 +16,7 @@ type TcpForwardingDataRequest struct {
 type DeleteTcpForwardingRequest struct {
 	Ids   []int `form:"ids" json:"ids" binding:"required"`
 	Uid   int   `form:"uid" json:"uid" binding:"required"`
-	HostId   int   `form:"host_id" json:"host_id" binding:"required"`
+	HostId   int   `form:"hostId" json:"hostId" binding:"required"`
 }
 
 type TcpForwardingRequest struct {
@@ -25,11 +24,3 @@ type TcpForwardingRequest struct {
 	Uid               int `form:"uid" json:"uid" binding:"required"`
 	TcpForwardingData TcpForwardingDataRequest `form:"data" json:"data"`
 }
-type TcpForwardingRequire struct {
-	HostId            int    `form:"host_id" json:"host_id" binding:"required"`
-	Uid               int    `form:"uid" json:"uid" binding:"required"`
-	Comment           string `form:"comment" json:"comment" binding:"required"`
-	WafGatewayGroupId int    `form:"waf_gateway_group_id" json:"waf_gateway_group_id"`
-	WafTcpLimitRuleId int    `form:"waf_tcp_limit_id" json:"waf_tcp_limit_id"`
-	Tag               string `form:"tag" json:"tag" binding:"required"`
-}

api/v1/udpForwarding.go

@@ -1,66 +1,29 @@
 package v1
 
-type UdpForwardingDataSend struct {
-	WafUdpId          int    `form:"waf_udp_id" json:"waf_udp_id"`
-	Tag               string `form:"tag" json:"tag"`
-	Port              int    `form:"port" json:"port" binding:"required"`
-	WafGatewayGroupId int    `form:"waf_gateway_group_id" json:"waf_gateway_group_id"`
-	WafUdpLimitId     int    `form:"waf_udp_limit_id" json:"waf_udp_limit_id"`
-	CcPacketCount     int    `form:"cc_packet_count" json:"cc_packet_count" default:"0"`
-	CcPacketDuration  string `form:"cc_packet_duration" json:"cc_packet_duration" default:"0s"`
-	CcPacketBlockCount int    `form:"cc_packet_block_count" json:"cc_packet_block_count" default:"0"`
-	CcPacketBlockDuration string `form:"cc_packet_block_duration" json:"cc_packet_block_duration" default:"0s"`
-	CcCount           int    `form:"cc_count" json:"cc_count" default:"0"`
-	CcDuration        string `form:"cc_duration" json:"cc_duration" default:"0s"`
-	CcBlockCount      int    `form:"cc_block_count" json:"cc_block_count" default:"0"`
-	CcBlockDuration   string `form:"cc_block_duration" json:"cc_block_duration" default:"0s"`
-	SessionTimeout    string    `form:"session_timeout" json:"session_timeout" default:"60s"`
-	BackendList       string `form:"backend_list" json:"backend_list"`
-	AllowIpList       string `form:"allow_ip_list" json:"allow_ip_list"`
-	DenyIpList        string `form:"deny_ip_list" json:"deny_ip_list"`
-	AccessRule        string `form:"access_rule" json:"access_rule"`
-	Comment           string `form:"comment" json:"comment"`
-}
-
-
 type UdpForwardingDataRequest struct {
 	Id                int    `form:"id" json:"id"`
-	WafUdpId          int    `form:"waf_udp_id" json:"waf_udp_id"`
-	Tag               string `form:"tag" json:"tag"`
+	CdnWebId          int    `form:"cdnWebId" json:"cdnWebId"`
 	Port              string    `form:"port" json:"port" binding:"required"`
-	WafGatewayGroupId int    `form:"waf_gateway_group_id" json:"waf_gateway_group_id"`
-	WafUdpLimitId     int    `form:"waf_udp_limit_id" json:"waf_udp_limit_id"`
-	CcPacketCount     int    `form:"cc_packet_count" json:"cc_packet_count" default:"0"`
-	CcPacketDuration  string `form:"cc_packet_duration" json:"cc_packet_duration" default:"0s"`
-	CcPacketBlockCount int    `form:"cc_packet_block_count" json:"cc_packet_block_count" default:"0"`
-	CcPacketBlockDuration string `form:"cc_packet_block_duration" json:"cc_packet_block_duration" default:"0s"`
-	CcCount           int    `form:"cc_count" json:"cc_count" default:"0"`
-	CcDuration        string `form:"cc_duration" json:"cc_duration" default:"0s"`
-	CcBlockCount      int    `form:"cc_block_count" json:"cc_block_count" default:"0"`
-	CcBlockDuration   string `form:"cc_block_duration" json:"cc_block_duration" default:"0s"`
-	SessionTimeout    string    `form:"session_timeout" json:"session_timeout" default:"60s"`
-	BackendList       []string `form:"backend_list" json:"backend_list"`
-	AllowIpList       []string `form:"allow_ip_list" json:"allow_ip_list"`
-	DenyIpList        []string `form:"deny_ip_list" json:"deny_ip_list"`
-	AccessRule        string `form:"access_rule" json:"access_rule"`
+	BackendList       []string `form:"backendList" json:"backendList"`
+	AllowIpList       []string `form:"allowIpList" json:"allowIpList"`
+	DenyIpList        []string `form:"denyIpList" json:"denyIpList"`
+	AccessRule        string `form:"accessRule" json:"accessRule"`
 	Comment           string `form:"comment" json:"comment"`
 }
-
 type DeleteUdpForwardingRequest struct {
 	Ids   []int `form:"ids" json:"ids" binding:"required"`
 }
 
 type UdpForwardingRequest struct {
-	HostId            int `form:"host_id" json:"host_id" binding:"required"`
+	HostId            int `form:"hostId" json:"hostId" binding:"required"`
 	Uid               int `form:"uid" json:"uid" binding:"required"`
 	UdpForwardingData UdpForwardingDataRequest `form:"data" json:"data"`
 }
 
 type UdpForwardingRequire struct {
-	HostId            int    `form:"host_id" json:"host_id" binding:"required"`
+	HostId            int    `form:"hostId" json:"hostId" binding:"required"`
 	Uid               int    `form:"uid" json:"uid" binding:"required"`
 	Comment           string `form:"comment" json:"comment" binding:"required"`
-	WafGatewayGroupId int    `form:"waf_gateway_group_id" json:"waf_gateway_group_id"`
-	WafUdpLimitRuleId int    `form:"waf_udp_limit_id" json:"waf_udp_limit_id"`
+	GatewayGroupId int    `form:"gatewayGroupId" json:"gatewayGroupId"`
 	Tag               string `form:"tag" json:"tag" binding:"required"`
 }

api/v1/wafformatter.go

@@ -1,14 +1,22 @@
 package v1
 
 type GlobalRequire struct {
-	HostId            int    `form:"host_id" json:"host_id" binding:"required"`
+	HostId            int    `form:"hostId" json:"hostId" binding:"required"`
 	Uid               int    `form:"uid" json:"uid" binding:"required"`
 	Comment           string `form:"comment" json:"comment" binding:"required"`
 	Domain            string `form:"domain" json:"domain"`
 }
 
 type GetForwardingRequest struct {
-	HostId            int    `form:"host_id" json:"host_id" binding:"required"`
+	HostId            int    `form:"hostId" json:"hostId" binding:"required"`
 	Uid               int    `form:"uid" json:"uid" binding:"required"`
 	Id                int    `form:"id" json:"id" binding:"required"`
 }
+
+
+type WebJson struct {
+	BackendList string `json:"backendList"`
+	Host        string   `json:"host"`
+	ApiType  	string 	  `json:"apiType"`
+	Comment     string   `json:"comment"`
+}

api/v1/webForwarding.go

@@ -1,93 +1,40 @@
 package v1
 
-type WebForwardingDataSend struct {
-	WafWebId           int    `form:"waf_web_id" json:"waf_web_id"`
-	Tag                string `form:"tag" json:"tag"`
-	Port               int    `form:"port" json:"port" binding:"required"`
-	Domain             string `form:"domain" json:"domain"`
-	CustomHost         string `form:"custom_host" json:"custom_host"`
-	WafGatewayGroupId  int    `form:"waf_gateway_group_id" json:"waf_gateway_group_id"`
-	WafWebLimitId      int    `form:"waf_web_limit_id" json:"waf_web_limit_id"`
-	CcCount            int    `form:"cc_count" json:"cc_count" default:"0"`
-	CcDuration         string `form:"cc_duration" json:"cc_duration" default:"0s"`
-	CcBlockCount       int    `form:"cc_block_count" json:"cc_block_count" default:"0"`
-	CcBlockDuration    string `form:"cc_block_duration" json:"cc_block_duration" default:"0s"`
-	Cc4xxCount         int    `form:"cc_4xx_count" json:"cc_4xx_count" default:"0"`
-	Cc4xxDuration      string `form:"cc_4xx_duration" json:"cc_4xx_duration" default:"0s"`
-	Cc4xxBlockCount    int    `form:"cc_4xx_block_count" json:"cc_4xx_block_count" default:"0"`
-	Cc4xxBlockDuration string `form:"cc_4xx_block_duration" json:"cc_4xx_block_duration" default:"0s"`
-	Cc5xxCount         int    `form:"cc_5xx_count" json:"cc_5xx_count" default:"0"`
-	Cc5xxDuration      string `form:"cc_5xx_duration" json:"cc_5xx_duration" default:"0s"`
-	Cc5xxBlockCount    int    `form:"cc_5xx_block_count" json:"cc_5xx_block_count" default:"0"`
-	Cc5xxBlockDuration string `form:"cc_5xx_block_duration" json:"cc_5xx_block_duration" default:"0s"`
-	BackendList        []BackendList `form:"backend_list" json:"backend_list"`
-	AllowIpList        string `form:"allow_ip_list" json:"allow_ip_list"`
-	DenyIpList         string `form:"deny_ip_list" json:"deny_ip_list"`
-	AccessRule         string `form:"access_rule" json:"access_rule"`
-	IsHttps            int    `form:"is_https" json:"is_https" default:"0"`
-	Comment            string `form:"comment" json:"comment"`
-	HttpsCert          string `form:"https_cert" json:"https_cert omitempty"`
-	HttpsKey           string `form:"https_key" json:"https_key omitempty"`
-}
-
 
 type WebForwardingDataRequest struct {
 	Id                 int    `form:"id" json:"id"`
-	WafWebId           int    `form:"waf_web_id" json:"waf_web_id"`
-	Tag                string `form:"tag" json:"tag"`
+	CdnWebId          int    `form:"cdnWebId" json:"cdnWebId"`
 	Port               string    `form:"port" json:"port" binding:"required"`
 	Domain             string `form:"domain" json:"domain"`
-	CustomHost         string `form:"custom_host" json:"custom_host"`
-	WafGatewayGroupId  int    `form:"waf_gateway_group_id" json:"waf_gateway_group_id"`
-	WafWebLimitId      int    `form:"waf_web_limit_id" json:"waf_web_limit_id"`
-	CcCount            int    `form:"cc_count" json:"cc_count" default:"0"`
-	CcDuration         string `form:"cc_duration" json:"cc_duration" default:"0s"`
-	CcBlockCount       int    `form:"cc_block_count" json:"cc_block_count" default:"0"`
-	CcBlockDuration    string `form:"cc_block_duration" json:"cc_block_duration" default:"0s"`
-	Cc4xxCount         int    `form:"cc_4xx_count" json:"cc_4xx_count" default:"0"`
-	Cc4xxDuration      string `form:"cc_4xx_duration" json:"cc_4xx_duration" default:"0s"`
-	Cc4xxBlockCount    int    `form:"cc_4xx_block_count" json:"cc_4xx_block_count" default:"0"`
-	Cc4xxBlockDuration string `form:"cc_4xx_block_duration" json:"cc_4xx_block_duration" default:"0s"`
-	Cc5xxCount         int    `form:"cc_5xx_count" json:"cc_5xx_count" default:"0"`
-	Cc5xxDuration      string `form:"cc_5xx_duration" json:"cc_5xx_duration" default:"0s"`
-	Cc5xxBlockCount    int    `form:"cc_5xx_block_count" json:"cc_5xx_block_count" default:"0"`
-	Cc5xxBlockDuration string `form:"cc_5xx_block_duration" json:"cc_5xx_block_duration" default:"0s"`
-	BackendList        []BackendList `form:"backend_list" json:"backend_list"`
-	AllowIpList        []string `form:"allow_ip_list" json:"allow_ip_list"`
-	DenyIpList         []string `form:"deny_ip_list" json:"deny_ip_list"`
-	AccessRule         string `form:"access_rule" json:"access_rule"`
-	IsHttps            int    `form:"is_https" json:"is_https" default:"0"`
+	CustomHost         string `form:"customHost" json:"customHost"`
+	BackendList        []BackendList `form:"backendList" json:"backendList"`
+	AllowIpList        []string `form:"allowIpList" json:"allowIpList"`
+	DenyIpList         []string `form:"denyIpList" json:"denyIpList"`
+	AccessRule         string `form:"accessRule" json:"accessRule"`
+	IsHttps            int    `form:"isHttps" json:"isHttps" default:"0"`
 	Comment            string `form:"comment" json:"comment"`
-	HttpsCert          string `form:"https_cert" json:"https_cert"`
-	HttpsKey           string `form:"https_key" json:"https_key"`
+	HttpsCert          string `form:"httpsCert" json:"httpsCert"`
+	HttpsKey           string `form:"httpsKey" json:"httpsKey"`
+	SslCertId          int64    `form:"sslCertId" json:"sslCertId"`
 }
 
 type DeleteWebForwardingRequest struct {
 	Ids   []int `form:"ids" json:"ids" binding:"required"`
 	Uid   int   `form:"uid" json:"uid" binding:"required"`
-	HostId   int   `form:"host_id" json:"host_id" binding:"required"`
+	HostId   int   `form:"hostId" json:"hostId" binding:"required"`
 }
 
 type WebForwardingRequest struct {
-	HostId            int `form:"host_id" json:"host_id" binding:"required"`
+	HostId            int `form:"hostId" json:"hostId" binding:"required"`
 	Uid               int `form:"uid" json:"uid" binding:"required"`
 	WebForwardingData WebForwardingDataRequest `form:"data" json:"data"`
 }
 
-type WebForwardingRequire struct {
-	HostId            int    `form:"host_id" json:"host_id" binding:"required"`
-	Uid               int    `form:"uid" json:"uid" binding:"required"`
-	Comment           string `form:"comment" json:"comment" binding:"required"`
-	WafGatewayGroupId int    `form:"waf_gateway_group_id" json:"waf_gateway_group_id"`
-	WafWebLimitRuleId int    `form:"waf_web_limit_id" json:"waf_web_limit_id"`
-	Tag               string `form:"tag" json:"tag" binding:"required"`
-}
 
 type BackendList struct {
 	Addr     string `json:"addr,omitempty" form:"addr"`
-	Protocol string `json:"protocol" form:"protocol"`
-	Timeout  string `json:"timeout,omitempty" form:"timeout" default:"30s"`
-	ProxyV1  bool `json:"proxy_v1,omitempty" form:"proxy_v1" default:"false"`
+	CustomHost string `json:"customHost,omitempty" form:"customHost"`
+	IsHttps  int    `json:"isHttps,omitempty" form:"isHttps" default:"0"`
 }
 
 

cmd/server/wire/wire_gen.go

@@ -66,19 +66,19 @@ func NewWire(viperViper *viper.Viper, logger *log.Logger) (*app.App, func(), err
 	udpForWardingRepository := repository.NewUdpForWardingRepository(repositoryRepository)
 	gatewayGroupRepository := repository.NewGatewayGroupRepository(repositoryRepository)
 	gateWayGroupIpRepository := repository.NewGateWayGroupIpRepository(repositoryRepository)
-	wafFormatterService := service.NewWafFormatterService(serviceService, globalLimitRepository, hostRepository, requiredService, parserService, tcpforwardingRepository, udpForWardingRepository, webForwardingRepository, rabbitMQ, hostService, gatewayGroupRepository, gateWayGroupIpRepository)
+	requestService := service.NewRequestService(serviceService)
+	cdnRepository := repository.NewCdnRepository(repositoryRepository)
+	cdnService := service.NewCdnService(serviceService, viperViper, requestService, cdnRepository)
+	wafFormatterService := service.NewWafFormatterService(serviceService, globalLimitRepository, hostRepository, requiredService, parserService, tcpforwardingRepository, udpForWardingRepository, webForwardingRepository, rabbitMQ, hostService, gatewayGroupRepository, gateWayGroupIpRepository, cdnService)
 	aoDunService := service.NewAoDunService(serviceService, viperViper)
-	webForwardingService := service.NewWebForwardingService(serviceService, requiredService, webForwardingRepository, crawlerService, parserService, wafFormatterService, aoDunService, rabbitMQ, gateWayGroupIpRepository, gatewayGroupRepository)
+	webForwardingService := service.NewWebForwardingService(serviceService, requiredService, webForwardingRepository, crawlerService, parserService, wafFormatterService, aoDunService, rabbitMQ, gateWayGroupIpRepository, gatewayGroupRepository, cdnService)
 	webForwardingHandler := handler.NewWebForwardingHandler(handlerHandler, webForwardingService)
 	webLimitRepository := repository.NewWebLimitRepository(repositoryRepository)
 	webLimitService := service.NewWebLimitService(serviceService, webLimitRepository, requiredService, parserService, crawlerService, hostService)
 	webLimitHandler := handler.NewWebLimitHandler(handlerHandler, webLimitService)
-	requestService := service.NewRequestService(serviceService)
-	cdnRepository := repository.NewCdnRepository(repositoryRepository)
-	cdnService := service.NewCdnService(serviceService, viperViper, requestService, cdnRepository)
 	tcpforwardingService := service.NewTcpforwardingService(serviceService, tcpforwardingRepository, parserService, requiredService, crawlerService, globalLimitRepository, hostRepository, wafFormatterService, cdnService)
 	tcpforwardingHandler := handler.NewTcpforwardingHandler(handlerHandler, tcpforwardingService)
-	udpForWardingService := service.NewUdpForWardingService(serviceService, udpForWardingRepository, requiredService, parserService, crawlerService, globalLimitRepository, hostRepository, wafFormatterService)
+	udpForWardingService := service.NewUdpForWardingService(serviceService, udpForWardingRepository, requiredService, parserService, crawlerService, globalLimitRepository, hostRepository, wafFormatterService, cdnService)
 	udpForWardingHandler := handler.NewUdpForWardingHandler(handlerHandler, udpForWardingService)
 	tcpLimitRepository := repository.NewTcpLimitRepository(repositoryRepository)
 	tcpLimitService := service.NewTcpLimitService(serviceService, tcpLimitRepository, requiredService, parserService, crawlerService, hostService)

cmd/task/wire/wire.go

@@ -42,6 +42,7 @@ var repositorySet = wire.NewSet(
 	repository.NewGlobalLimitRepository,
 	repository.NewGatewayGroupRepository,
 	repository.NewGateWayGroupIpRepository,
+	repository.NewCdnRepository,
 )
 
 var taskSet = wire.NewSet(
@@ -75,6 +76,9 @@ var serviceSet = wire.NewSet(
 	service.NewGameShieldSdkIpService,
 	service.NewGameShieldUserIpService,
 	service.NewWafFormatterService,
+	service.NewCdnService,
+	service.NewRequestService,
+
 )
 
 // build App

cmd/task/wire/wire_gen.go

@@ -64,7 +64,10 @@ func NewWire(viperViper *viper.Viper, logger *log.Logger) (*app.App, func(), err
 	webForwardingRepository := repository.NewWebForwardingRepository(repositoryRepository)
 	gatewayGroupRepository := repository.NewGatewayGroupRepository(repositoryRepository)
 	gateWayGroupIpRepository := repository.NewGateWayGroupIpRepository(repositoryRepository)
-	wafFormatterService := service.NewWafFormatterService(serviceService, globalLimitRepository, hostRepository, requiredService, parserService, tcpforwardingRepository, udpForWardingRepository, webForwardingRepository, rabbitMQ, hostService, gatewayGroupRepository, gateWayGroupIpRepository)
+	requestService := service.NewRequestService(serviceService)
+	cdnRepository := repository.NewCdnRepository(repositoryRepository)
+	cdnService := service.NewCdnService(serviceService, viperViper, requestService, cdnRepository)
+	wafFormatterService := service.NewWafFormatterService(serviceService, globalLimitRepository, hostRepository, requiredService, parserService, tcpforwardingRepository, udpForWardingRepository, webForwardingRepository, rabbitMQ, hostService, gatewayGroupRepository, gateWayGroupIpRepository, cdnService)
 	whitelistJob := job.NewWhitelistJob(jobJob, aoDunService, wafFormatterService)
 	jobServer := server.NewJobServer(logger, userJob, whitelistJob)
 	appApp := newApp(taskServer, jobServer)
@@ -75,7 +78,7 @@ func NewWire(viperViper *viper.Viper, logger *log.Logger) (*app.App, func(), err
 
 // wire.go:
 
-var repositorySet = wire.NewSet(repository.NewDB, repository.NewRedis, repository.NewMongoClient, repository.NewCasbinEnforcer, repository.NewMongoDB, repository.NewRabbitMQ, repository.NewRepository, repository.NewTransaction, repository.NewUserRepository, repository.NewGameShieldRepository, repository.NewGameShieldBackendRepository, repository.NewGameShieldPublicIpRepository, repository.NewHostRepository, repository.NewGameShieldUserIpRepository, repository.NewGameShieldSdkIpRepository, repository.NewWebForwardingRepository, repository.NewTcpforwardingRepository, repository.NewUdpForWardingRepository, repository.NewWebLimitRepository, repository.NewTcpLimitRepository, repository.NewUdpLimitRepository, repository.NewGlobalLimitRepository, repository.NewGatewayGroupRepository, repository.NewGateWayGroupIpRepository)
+var repositorySet = wire.NewSet(repository.NewDB, repository.NewRedis, repository.NewMongoClient, repository.NewCasbinEnforcer, repository.NewMongoDB, repository.NewRabbitMQ, repository.NewRepository, repository.NewTransaction, repository.NewUserRepository, repository.NewGameShieldRepository, repository.NewGameShieldBackendRepository, repository.NewGameShieldPublicIpRepository, repository.NewHostRepository, repository.NewGameShieldUserIpRepository, repository.NewGameShieldSdkIpRepository, repository.NewWebForwardingRepository, repository.NewTcpforwardingRepository, repository.NewUdpForWardingRepository, repository.NewWebLimitRepository, repository.NewTcpLimitRepository, repository.NewUdpLimitRepository, repository.NewGlobalLimitRepository, repository.NewGatewayGroupRepository, repository.NewGateWayGroupIpRepository, repository.NewCdnRepository)
 
 var taskSet = wire.NewSet(task.NewTask, task.NewUserTask, task.NewGameShieldTask)
 
@@ -83,7 +86,7 @@ var jobSet = wire.NewSet(job.NewJob, job.NewUserJob, job.NewWhitelistJob)
 
 var serverSet = wire.NewSet(server.NewTaskServer, server.NewJobServer)
 
-var serviceSet = wire.NewSet(service.NewService, service.NewAoDunService, service.NewGameShieldService, service.NewCrawlerService, service.NewGameShieldPublicIpService, service.NewDuedateService, service.NewFormatterService, service.NewParserService, service.NewRequiredService, service.NewHostService, service.NewGameShieldBackendService, service.NewGameShieldSdkIpService, service.NewGameShieldUserIpService, service.NewWafFormatterService)
+var serviceSet = wire.NewSet(service.NewService, service.NewAoDunService, service.NewGameShieldService, service.NewCrawlerService, service.NewGameShieldPublicIpService, service.NewDuedateService, service.NewFormatterService, service.NewParserService, service.NewRequiredService, service.NewHostService, service.NewGameShieldBackendService, service.NewGameShieldSdkIpService, service.NewGameShieldUserIpService, service.NewWafFormatterService, service.NewCdnService, service.NewRequestService)
 
 // build App
 func newApp(task2 *server.TaskServer,

internal/model/udpforwarding.go

@@ -8,20 +8,8 @@ import (
 type UdpForWarding struct {
 	Id                   int `gorm:"primary"`
 	HostId               int `gorm:"not null"`
-	WafUdpId             int `gorm:"not null"` // 修改为与TCP转发一致的命名
-	Tag                  string `gorm:"null"`
+	CdnWebId            int `gorm:"not null"`
 	Port                 string `gorm:"not null"`
-	WafGatewayGroupId    int `gorm:"not null"`
-	UdpLimitRuleId       int `gorm:"not null"`
-	CcPacketCount        int `gorm:"null"`
-	CcPacketDuration     string `gorm:"null"`
-	CcPacketBlockCount   int `gorm:"null"`
-	CcPacketBlockDuration string `gorm:"null"`
-	CcCount              int `gorm:"null"`
-	CcDuration           string `gorm:"null"`
-	CcBlockCount         int `gorm:"null"`
-	CcBlockDuration      string `gorm:"null"`
-	SessionTimeout       string `gorm:"null"`
 	Comment              string `gorm:"null"`
 	CreatedAt            time.Time
 	UpdatedAt            time.Time
@@ -37,6 +25,7 @@ type UdpForwardingRule struct {
 	Uid         int                `bson:"uid" json:"uid"`
 	HostId      int                `bson:"host_id" json:"host_id"`
 	UdpId       int                `bson:"udp_id" json:"udp_id"`
+	CdnOriginIds map[string]int64  `bson:"cdn_origin_ids" json:"cdn_origin_ids"`
 	BackendList []string           `bson:"backend_list" json:"backend_list"`
 	AllowIpList []string           `bson:"allow_ip_list" json:"allow_ip_list"`
 	DenyIpList  []string           `bson:"deny_ip_list" json:"deny_ip_list"`

internal/model/webforwarding.go

@@ -9,29 +9,14 @@ import (
 type WebForwarding struct {
 	Id                   int `gorm:"primary"`
 	HostId               int `gorm:"not null"`
-	WafWebId             int `gorm:"not null"` // 修改为与TCP转发一致的命名
-	Tag                  string `gorm:"null"`
+	CdnWebId            int `gorm:"not null"`
 	Port                 string `gorm:"not null"`
 	Domain               string `gorm:"null"`
-	CustomHost           string `gorm:"null"`
-	WafGatewayGroupId    int `gorm:"not null"`
-	WebLimitRuleId       int `gorm:"not null"`
-	CcCount              int `gorm:"null"`
-	CcDuration           string `gorm:"null"`
-	CcBlockCount         int `gorm:"null"`
-	CcBlockDuration      string `gorm:"null"`
-	Cc4xxCount           int `gorm:"column:cc_4xx_count;null"`
-	Cc4xxDuration        string `gorm:"column:cc_4xx_duration;null"`
-	Cc4xxBlockCount      int `gorm:"column:cc_4xx_block_count;null"`
-	Cc4xxBlockDuration   string `gorm:"column:cc_4xx_block_duration;null"`
-	Cc5xxCount           int `gorm:"column:cc_5xx_count;null"`
-	Cc5xxDuration        string `gorm:"column:cc_5xx_duration;null"`
-	Cc5xxBlockCount      int `gorm:"column:cc_5xx_block_count;null"`
-	Cc5xxBlockDuration   string `gorm:"column:cc_5xx_block_duration;null"`
 	IsHttps              int `gorm:"null"`
 	Comment              string `gorm:"null"`
 	HttpsCert             string `gorm:"null"`
 	HttpsKey             string `gorm:"null"`
+	SslCertId 		int `gorm:"null"`
 	CreatedAt            time.Time
 	UpdatedAt            time.Time
 }
@@ -46,6 +31,7 @@ type WebForwardingRule struct {
 	Uid         int                `bson:"uid" json:"uid"`
 	HostId      int                `bson:"host_id" json:"host_id"`
 	WebId       int                `bson:"web_id" json:"web_id"`
+	CdnOriginIds map[string]int64  `bson:"cdn_origin_ids" json:"cdn_origin_ids"`
 	BackendList []v1.BackendList   `bson:"backend_list" json:"backend_list"`
 	AllowIpList []string           `bson:"allow_ip_list" json:"allow_ip_list"`
 	DenyIpList  []string           `bson:"deny_ip_list" json:"deny_ip_list"`

internal/repository/udpforwarding.go

@@ -47,7 +47,7 @@ func (r *udpForWardingRepository) GetUdpForWarding(ctx context.Context, id int64
 }
 
 func (r *udpForWardingRepository) AddUdpForwarding(ctx context.Context, req *model.UdpForWarding) (int, error) {
-	if err := r.db.Create(req).Error; err != nil {
+	if err := r.db.WithContext(ctx).Create(req).Error; err != nil {
 		return 0, err
 	}
 	return req.Id, nil
@@ -135,6 +135,7 @@ func (r *udpForWardingRepository) EditUdpForwardingIps(ctx context.Context, req
 
 	updateData["deny_ip_list"] = req.DenyIpList
 
+	updateData["cdn_origin_ids"] = req.CdnOriginIds
 
 	// 始终更新更新时间
 	updateData["updated_at"] = time.Now()

internal/service/cdn.go

@@ -31,6 +31,8 @@ type CdnService interface {
 	DelServerOrigin (ctx context.Context,serverId int64, originId int64) error
 	// 删除网站
 	DelServer(ctx context.Context, serverId int64) error
+	// 添加ssl证书
+	AddSSLCert(ctx context.Context, req v1.SSlCert) (int64, error)
 }
 
 func NewCdnService(
@@ -568,4 +570,38 @@ func (s *cdnService) DelServer(ctx context.Context, serverId int64) error  {
 		return fmt.Errorf("API 错误: code %d, msg '%s'", res.Code, res.Message)
 	}
 	return nil
+}
+
+// AddSSLCert 添加证书
+func (s *cdnService) AddSSLCert(ctx context.Context, req v1.SSlCert) (int64, error) {
+	formData := map[string]interface{}{
+		"isOn":         req.IsOn,
+		"userId":       req.UserId,
+		"name":         req.Name,
+		"description":  req.Description,
+		"isCA":         req.IsCA,
+		"certData":     req.CertData,
+		"keyData":      req.KeyData,
+		"timeBeginAt":  req.TimeBeginAt,
+		"timeEndAt":    req.TimeEndAt,
+		"dnsNames":     req.DnsNames,
+		"commonNames":  req.CommonNames,
+		"isSelfSigned": req.IsSelfSigned,
+	}
+	apiUrl := s.Url + "SSLCertService/createSSLCert"
+	resBody, err := s.sendDataWithTokenRetry(ctx, formData, apiUrl)
+	if err != nil {
+		return 0, err
+	}
+	type DataStr struct {
+		SslCertId int64 `json:"sslCertId" form:"sslCertId"`
+	}
+	var res v1.GeneralResponse[DataStr]
+	if err := json.Unmarshal(resBody, &res); err != nil {
+		return 0, fmt.Errorf("反序列化响应 JSON 失败 (内容: %s): %w", string(resBody), err)
+	}
+	if res.Code != 200 {
+		return 0, fmt.Errorf("API 错误: code %d, msg '%s'", res.Code, res.Message)
+	}
+	return res.Data.SslCertId, nil
 }

internal/service/tcpforwarding.go

@@ -164,34 +164,6 @@ func (s *tcpforwardingService) prepareWafData(ctx context.Context, req *v1.TcpFo
 	return require, formData, nil
 }
 
-func (s *tcpforwardingService) AddOrigin(ctx context.Context, req v1.TcpForwardingRequest) (map[string]int64, error) {
-	res := make(map[string]int64)
-
-	for _, v := range req.TcpForwardingData.BackendList {
-
-		ip, port, err := net.SplitHostPort(v)
-		if err != nil {
-			return nil, fmt.Errorf("无效的后端地址: %s", err)
-		}
-		addr := v1.Addr{
-			Protocol: "tcp",
-			Host:     ip,
-			Port:  	  port,
-		}
-		id, err := s.cdn.CreateOrigin(ctx, v1.Origin{
-			Addr: addr,
-			Weight: 10,
-			Description: req.TcpForwardingData.Comment,
-			IsOn: true,
-			TlsSecurityVerifyMode: "auto",
-		})
-		if err != nil {
-			return nil, err
-		}
-		res[v] = id
-	}
-	return res, nil
-}
 func (s *tcpforwardingService) AddTcpForwarding(ctx context.Context, req *v1.TcpForwardingRequest)  error {
 	require, formData, err := s.prepareWafData(ctx, req)
 	if err != nil {
@@ -208,10 +180,19 @@ func (s *tcpforwardingService) AddTcpForwarding(ctx context.Context, req *v1.Tcp
 	}
 
 	// 添加源站
-	cdnOriginIds, err := s.AddOrigin(ctx, *req)
-	if err != nil {
-		return err
+	cdnOriginIds := make(map[string]int64)
+	for _, v := range req.TcpForwardingData.BackendList{
+		id, err := s.wafformatter.AddOrigin(ctx, v1.WebJson{
+			ApiType:     "tcp",
+			BackendList: v,
+			Comment:     req.TcpForwardingData.Comment,
+		})
+		if err != nil {
+			return err
+		}
+		cdnOriginIds[v] = id
 	}
+
 	// 添加源站到网站
 	for _, v := range cdnOriginIds {
 		err = s.cdn.AddServerOrigin(ctx, tcpId, v)
@@ -221,6 +202,19 @@ func (s *tcpforwardingService) AddTcpForwarding(ctx context.Context, req *v1.Tcp
 	}
 
 
+
+	tcpModel := s.buildTcpForwardingModel(&req.TcpForwardingData, int(tcpId), require)
+
+	id, err := s.tcpforwardingRepository.AddTcpforwarding(ctx, tcpModel)
+	if err != nil {
+		return  err
+	}
+	TcpRuleModel := s.buildTcpRuleModel(&req.TcpForwardingData, require, id, cdnOriginIds)
+	if _, err = s.tcpforwardingRepository.AddTcpforwardingIps(ctx, *TcpRuleModel); err != nil {
+		return err
+	}
+
+
 	// 异步任务：将IP添加到白名单
 	var ips []string
 	if req.TcpForwardingData.BackendList != nil {
@@ -245,19 +239,6 @@ func (s *tcpforwardingService) AddTcpForwarding(ctx context.Context, req *v1.Tcp
 		}
 
 	}
-
-
-
-	tcpModel := s.buildTcpForwardingModel(&req.TcpForwardingData, int(tcpId), require)
-
-	id, err := s.tcpforwardingRepository.AddTcpforwarding(ctx, tcpModel)
-	if err != nil {
-		return  err
-	}
-	TcpRuleModel := s.buildTcpRuleModel(&req.TcpForwardingData, require, id, cdnOriginIds)
-	if _, err = s.tcpforwardingRepository.AddTcpforwardingIps(ctx, *TcpRuleModel); err != nil {
-		return err
-	}
 	return  nil
 }
 
@@ -318,17 +299,20 @@ func (s *tcpforwardingService) EditTcpForwarding(ctx context.Context, req *v1.Tc
 		}
 	}
 
+	//修改源站
 	addOrigins, delOrigins := s.wafformatter.findIpDifferences(ipData.BackendList, req.TcpForwardingData.BackendList)
-	addedIds, err := s.AddOrigin(ctx,v1.TcpForwardingRequest{
-		HostId:            req.HostId,
-		Uid:               req.Uid,
-		TcpForwardingData: v1.TcpForwardingDataRequest{
-			Id: req.TcpForwardingData.Id,
-			BackendList: addOrigins,
+	addedIds := make(map[string]int64)
+	for _, v := range addOrigins {
+		id, err := s.wafformatter.AddOrigin(ctx,v1.WebJson{
+			ApiType: "tcp",
+			BackendList: v,
 			Comment: req.TcpForwardingData.Comment,
-		},
-	})
-
+		})
+		if err != nil {
+			return err
+		}
+		addedIds[v] = id
+	}
 	for _, v := range addedIds {
 		err = s.cdn.AddServerOrigin(ctx, int64(oldData.CdnWebId), v)
 		if err != nil {
@@ -336,9 +320,6 @@ func (s *tcpforwardingService) EditTcpForwarding(ctx context.Context, req *v1.Tc
 		}
 	}
 
-	if err != nil {
-		return err
-	}
 	maps.Copy(ipData.CdnOriginIds, addedIds)
 	for k, v := range ipData.CdnOriginIds {
 		for _, ip := range delOrigins {
@@ -448,34 +429,28 @@ func (s *tcpforwardingService) GetTcpForwardingAllIpsByHostId(ctx context.Contex
 		return nil, groupErr
 	}
 	res := make([]v1.TcpForwardingDataRequest, 0, len(ids))
-	//for r := range resChan {
-	//	if r.Err != nil {
-	//		return nil, fmt.Errorf("received error from goroutine for ID %d: %w", r.Id, r.Err)
-	//	}
-	//	if r.Forwarding == nil {
-	//		return nil,fmt.Errorf("received nil forwarding from goroutine for ID %d", r.Id)
-	//	}
-	//
-	//	dataReq := v1.TcpForwardingDataRequest{
-	//		Id: r.Forwarding.Id,
-	//		Port: r.Forwarding.Port,
-	//		CcCount: r.Forwarding.CcCount,
-	//		CcDuration: r.Forwarding.CcDuration,
-	//		CcBlockCount: r.Forwarding.CcBlockCount,
-	//		CcBlockDuration: r.Forwarding.CcBlockDuration,
-	//		BackendProtocol: r.Forwarding.BackendProtocol,
-	//		BackendTimeout: r.Forwarding.BackendTimeout,
-	//		Comment: r.Forwarding.Comment,
-	//
-	//	}
-	//	if r.BackendRule != nil {
-	//		dataReq.BackendList = r.BackendRule.BackendList
-	//		dataReq.AllowIpList = r.BackendRule.AllowIpList
-	//		dataReq.DenyIpList = r.BackendRule.DenyIpList
-	//		dataReq.AccessRule = r.BackendRule.AccessRule
-	//	}
-	//	res = append(res, dataReq)
-	//}
+	for r := range resChan {
+		if r.Err != nil {
+			return nil, fmt.Errorf("received error from goroutine for ID %d: %w", r.Id, r.Err)
+		}
+		if r.Forwarding == nil {
+			return nil,fmt.Errorf("received nil forwarding from goroutine for ID %d", r.Id)
+		}
+
+		dataReq := v1.TcpForwardingDataRequest{
+			Id: r.Forwarding.Id,
+			Port: r.Forwarding.Port,
+			Comment: r.Forwarding.Comment,
+
+		}
+		if r.BackendRule != nil {
+			dataReq.BackendList = r.BackendRule.BackendList
+			dataReq.AllowIpList = r.BackendRule.AllowIpList
+			dataReq.DenyIpList = r.BackendRule.DenyIpList
+			dataReq.AccessRule = r.BackendRule.AccessRule
+		}
+		res = append(res, dataReq)
+	}
 
 	sort.Slice(res, func(i, j int) bool {
 		return res[i].Id > res[j].Id

internal/service/udpforwarding.go

@@ -2,11 +2,14 @@ package service
 
 import (
 	"context"
+	"encoding/json"
 	"fmt"
 	v1 "github.com/go-nunu/nunu-layout-advanced/api/v1"
 	"github.com/go-nunu/nunu-layout-advanced/internal/model"
 	"github.com/go-nunu/nunu-layout-advanced/internal/repository"
 	"golang.org/x/sync/errgroup"
+	"maps"
+	"net"
 	"sort"
 )
 
@@ -27,6 +30,7 @@ func NewUdpForWardingService(
 	globalRep repository.GlobalLimitRepository,
 	hostRep repository.HostRepository,
 	wafformatter WafFormatterService,
+	cdn CdnService,
 ) UdpForWardingService {
 	return &udpForWardingService{
 		Service:                 service,
@@ -37,6 +41,7 @@ func NewUdpForWardingService(
 		globalRep:               globalRep,
 		hostRep:                 hostRep,
 		wafformatter:            wafformatter,
+		cdn:                     cdn,
 	}
 }
 
@@ -49,6 +54,7 @@ type udpForWardingService struct {
 	globalRep               repository.GlobalLimitRepository
 	hostRep      repository.HostRepository
 	wafformatter WafFormatterService
+	cdn CdnService
 }
 
 
@@ -83,20 +89,7 @@ func (s *udpForWardingService) GetUdpForWarding(ctx context.Context,req v1.GetFo
 
 	return v1.UdpForwardingDataRequest{
 		Id:                 udpForWarding.Id,
-		WafUdpId:           udpForWarding.WafUdpId,
-		Tag:                udpForWarding.Tag,
 		Port:               udpForWarding.Port,
-		WafGatewayGroupId:  udpForWarding.WafGatewayGroupId,
-		WafUdpLimitId:      udpForWarding.UdpLimitRuleId,
-		CcPacketCount:      udpForWarding.CcPacketCount,
-		CcPacketDuration:   udpForWarding.CcPacketDuration,
-		CcPacketBlockCount: udpForWarding.CcPacketBlockCount,
-		CcPacketBlockDuration: udpForWarding.CcPacketBlockDuration,
-		CcCount:            udpForWarding.CcCount,
-		CcDuration:         udpForWarding.CcDuration,
-		CcBlockCount:       udpForWarding.CcBlockCount,
-		CcBlockDuration:    udpForWarding.CcBlockDuration,
-		SessionTimeout:     udpForWarding.SessionTimeout,
 		BackendList:         backend.BackendList,
 		AllowIpList:        backend.AllowIpList,
 		DenyIpList:         backend.DenyIpList,
@@ -106,50 +99,22 @@ func (s *udpForWardingService) GetUdpForWarding(ctx context.Context,req v1.GetFo
 	}, nil
 }
 
-func (s *udpForWardingService) buildWafFormData(req *v1.UdpForwardingDataSend, require v1.GlobalRequire) map[string]interface{} {
-	return map[string]interface{}{
-		"waf_udp_id":           req.WafUdpId,
-		"port":                 req.Port,
-		"cc_packet_count":      req.CcPacketCount,
-		"cc_packet_duration":   req.CcPacketDuration,
-		"cc_packet_block_count": req.CcBlockCount,
-		"cc_packet_block_duration": req.CcBlockDuration,
-		"cc_count":             req.CcCount,
-		"cc_duration":          req.CcDuration,
-		"cc_block_count":       req.CcBlockCount,
-		"cc_block_duration":    req.CcBlockDuration,
-		"session_timeout":      req.SessionTimeout,
-		"backend_list":         req.BackendList,
-		"allow_ip_list":        req.AllowIpList,
-		"deny_ip_list":         req.DenyIpList,
-		"access_rule":          req.AccessRule,
-		"comment":              req.Comment,
-	}
-}
 
-func (s *udpForWardingService) buildUdpForwardingModel(req *v1.UdpForwardingDataRequest, ruleId int, require v1.GlobalRequire) *model.UdpForWarding {
+func (s *udpForWardingService) buildUdpForwardingModel(req *v1.UdpForwardingDataRequest, ruleId int, require RequireResponse) *model.UdpForWarding {
 	return &model.UdpForWarding{
 		HostId: 			  require.HostId,
-		WafUdpId:             ruleId,
+		CdnWebId:             ruleId,
 		Port:                 req.Port,
-		CcPacketCount:        req.CcPacketCount,
-		CcPacketDuration:     req.CcPacketDuration,
-		CcPacketBlockCount:   req.CcBlockCount,
-		CcPacketBlockDuration: req.CcBlockDuration,
-		CcCount:              req.CcCount,
-		CcDuration:           req.CcDuration,
-		CcBlockCount:         req.CcBlockCount,
-		CcBlockDuration:      req.CcBlockDuration,
-		SessionTimeout:       req.SessionTimeout,
 		Comment:              req.Comment,
 	}
 }
 
-func (s *udpForWardingService) buildUdpRuleModel(reqData *v1.UdpForwardingDataRequest, require v1.GlobalRequire, localDbId int) *model.UdpForwardingRule {
+func (s *udpForWardingService) buildUdpRuleModel(reqData *v1.UdpForwardingDataRequest, require RequireResponse, localDbId int, cdnOriginIds map[string]int64) *model.UdpForwardingRule {
 	return &model.UdpForwardingRule{
 		Uid:         require.Uid,
 		HostId:      require.HostId,
 		UdpId:       localDbId, // 关联到本地数据库的主记录 ID
+		CdnOriginIds: cdnOriginIds,
 		BackendList: reqData.BackendList,
 		AllowIpList: reqData.AllowIpList,
 		DenyIpList:  reqData.DenyIpList,
@@ -157,179 +122,240 @@ func (s *udpForWardingService) buildUdpRuleModel(reqData *v1.UdpForwardingDataRe
 	}
 }
 
-func (s *udpForWardingService) prepareWafData(ctx context.Context, req *v1.UdpForwardingRequest) (v1.GlobalRequire, map[string]interface{}, error) {
-	// 1. 获取必要的全局信息
-	//require, err := s.require(ctx, v1.GlobalRequire{
-	//	HostId:  req.HostId,
-	//	Uid:     req.Uid,
-	//	Comment: req.UdpForwardingData.Comment,
-	//})
-	//if err != nil {
-	//	return v1.GlobalRequire{}, nil, err
-	//}
-	//
-	//if require.LimitRuleId == 0 || require.WafGatewayGroupId == 0 {
-	//	return v1.GlobalRequire{}, nil, fmt.Errorf("请先配置实例")
-	//}
-	//
-	//// 2. 将字符串切片拼接成字符串，用于 WAF API
-	//backendListStr := strings.Join(req.UdpForwardingData.BackendList, "\n")
-	//allowIpListStr := strings.Join(req.UdpForwardingData.AllowIpList, "\n")
-	//denyIpListStr := strings.Join(req.UdpForwardingData.DenyIpList, "\n")
-	//
-	//PortInt, err := strconv.Atoi(req.UdpForwardingData.Port)
-	//if err != nil {
-	//	return v1.GlobalRequire{}, nil, err
-	//}
-	//
-	//// 3. 创建用于构建 WAF 表单的数据结构
-	//formDataBase := v1.UdpForwardingDataSend{
-	//	Tag:               require.Tag,
-	//	WafUdpId:          req.UdpForwardingData.WafUdpId,
-	//	WafGatewayGroupId: require.WafGatewayGroupId,
-	//	WafUdpLimitId: require.LimitRuleId,
-	//	Port:              PortInt,
-	//	CcPacketCount:     req.UdpForwardingData.CcPacketCount,
-	//	CcPacketDuration:  req.UdpForwardingData.CcPacketDuration,
-	//	CcPacketBlockCount: req.UdpForwardingData.CcBlockCount,
-	//	CcPacketBlockDuration: req.UdpForwardingData.CcBlockDuration,
-	//	CcCount:           req.UdpForwardingData.CcCount,
-	//	CcDuration:        req.UdpForwardingData.CcDuration,
-	//	CcBlockCount:      req.UdpForwardingData.CcBlockCount,
-	//	CcBlockDuration:   req.UdpForwardingData.CcBlockDuration,
-	//	SessionTimeout:    req.UdpForwardingData.SessionTimeout,
-	//	BackendList:       backendListStr,
-	//	AllowIpList:       allowIpListStr,
-	//	DenyIpList:        denyIpListStr,
-	//	AccessRule:        req.UdpForwardingData.AccessRule,
-	//	Comment:           req.UdpForwardingData.Comment,
-	//}
-	//
-	//// 4. 构建 WAF 表单数据映射
-	//formData := s.buildWafFormData(&formDataBase, require)
-
-	return v1.GlobalRequire{}, nil, nil
+func (s *udpForWardingService) prepareWafData(ctx context.Context, req *v1.UdpForwardingRequest) (RequireResponse, v1.Website, error) {
+	require, err := s.wafformatter.Require(ctx, v1.GlobalRequire{
+		HostId:  req.HostId,
+		Uid:     req.Uid,
+		Comment: req.UdpForwardingData.Comment,
+	})
+	if err != nil {
+		return RequireResponse{}, v1.Website{}, err
+	}
+	if require.GatewayGroupId == 0 || require.Uid == 0 {
+		return RequireResponse{}, v1.Website{}, fmt.Errorf("请先配置实例")
+	}
+	var jsonData v1.TypeJSON
+	jsonData.IsOn = true
+	for _, v := range require.GatewayIps {
+		jsonData.Listen = append(jsonData.Listen, v1.Listen{
+			Protocol: "udp",
+			Host:     v,
+			Port: 		req.UdpForwardingData.Port,
+		})
+	}
+
+	byteData, err := json.Marshal(jsonData)
+	if err != nil {
+		return RequireResponse{}, v1.Website{}, err
+	}
+
+	formData := v1.Website{
+		UserId:         int64(require.CdnUid),
+		Type:           "udpProxy",
+		Name:           require.Tag,
+		Description:    req.UdpForwardingData.Comment,
+		UdpJSON:        byteData,
+		ServerGroupIds: []int64{int64(require.GroupId)},
+		UserPlanId: int64(require.RuleId),
+		NodeClusterId:  1,
+	}
+	return require, formData, nil
 }
 
 func (s *udpForWardingService) AddUdpForwarding(ctx context.Context, req *v1.UdpForwardingRequest) error {
-	//require, formData, err := s.prepareWafData(ctx, req)
-	//if err != nil {
-	//	return err
-	//}
-	//err = s.wafformatter.validateWafPortCount(ctx, require.HostId)
-	//if err != nil {
-	//	return err
-	//}
-	//
-	//gatewayIps, _, err := s.wafformatter.GetIp(ctx, require.WafGatewayGroupId)
-	//if err != nil {
-	//	return err
-	//}
-	//// 异步任务：将IP添加到白名单
-	//var ips []string
-	//if req.UdpForwardingData.BackendList != nil {
-	//	for _, v := range req.UdpForwardingData.BackendList {
-	//		ip, _, err := net.SplitHostPort(v)
-	//		if err != nil {
-	//			return err
-	//		}
-	//		ips = append(ips, ip)
-	//	}
-	//	go s.wafformatter.PublishIpWhitelistTask(ips, "add","")
-	//}
-	//var accessRuleIps []string
-	//if req.UdpForwardingData.AllowIpList != nil {
-	//	for _, v := range gatewayIps {
-	//		for _, ip := range req.UdpForwardingData.AllowIpList {
-	//			if net.ParseIP(ip) != nil {
-	//				accessRuleIps = append(accessRuleIps, ip)
-	//			}
-	//		}
-	//		go s.wafformatter.PublishIpWhitelistTask(accessRuleIps, "add",v)
-	//	}
-	//}
-	//
-	//
-	//udpModel := s.buildUdpForwardingModel(&req.UdpForwardingData, wafUdpId, require)
-	//
-	//id, err := s.udpForWardingRepository.AddUdpForwarding(ctx, udpModel)
-	//if err != nil {
-	//	return err
-	//}
-	//udpRuleModel := s.buildUdpRuleModel(&req.UdpForwardingData, require, id)
-	//if _, err = s.udpForWardingRepository.AddUdpForwardingIps(ctx, *udpRuleModel); err != nil {
-	//	return err
-	//}
+	require, formData, err := s.prepareWafData(ctx, req)
+	if err != nil {
+		return err
+	}
+	err = s.wafformatter.validateWafPortCount(ctx, require.HostId)
+	if err != nil {
+		return err
+	}
+
+	udpId, err := s.cdn.CreateWebsite(ctx, formData)
+	if err != nil {
+		return err
+	}
+
+	// 添加源站
+	cdnOriginIds := make(map[string]int64)
+	for _, v := range req.UdpForwardingData.BackendList {
+		id, err := s.wafformatter.AddOrigin(ctx, v1.WebJson{
+			ApiType: "udp",
+			BackendList: v,
+			Comment:     req.UdpForwardingData.Comment,
+		})
+		if err != nil {
+			return err
+		}
+		cdnOriginIds[v] = id
+	}
+
+
+	// 添加源站到网站
+	for _, v := range cdnOriginIds {
+		err = s.cdn.AddServerOrigin(ctx, udpId, v)
+		if err != nil {
+			return err
+		}
+	}
+
+
+
+	udpModel := s.buildUdpForwardingModel(&req.UdpForwardingData, int(udpId), require)
+
+	id, err := s.udpForWardingRepository.AddUdpForwarding(ctx, udpModel)
+	if err != nil {
+		return err
+	}
+	udpRuleModel := s.buildUdpRuleModel(&req.UdpForwardingData, require, id, cdnOriginIds)
+	if _, err = s.udpForWardingRepository.AddUdpForwardingIps(ctx, *udpRuleModel); err != nil {
+		return err
+	}
+
+	// 异步任务：将IP添加到白名单
+	var ips []string
+	if req.UdpForwardingData.BackendList != nil {
+		for _, v := range req.UdpForwardingData.BackendList {
+			ip, _, err := net.SplitHostPort(v)
+			if err != nil {
+				return err
+			}
+			ips = append(ips, ip)
+		}
+		go s.wafformatter.PublishIpWhitelistTask(ips, "add","")
+	}
+	var accessRuleIps []string
+	if req.UdpForwardingData.AllowIpList != nil {
+		for _, v := range require.GatewayIps {
+			for _, ip := range req.UdpForwardingData.AllowIpList {
+				if net.ParseIP(ip) != nil {
+					accessRuleIps = append(accessRuleIps, ip)
+				}
+			}
+			go s.wafformatter.PublishIpWhitelistTask(accessRuleIps, "add",v)
+		}
+	}
+
+
 	return nil
 }
 
 func (s *udpForWardingService) EditUdpForwarding(ctx context.Context, req *v1.UdpForwardingRequest) error {
-	//WafUdpId, err := s.udpForWardingRepository.GetUdpForwardingWafUdpIdById(ctx, req.UdpForwardingData.Id)
-	//if err != nil {
-	//	return err
-	//}
-	//req.UdpForwardingData.WafUdpId = WafUdpId
-	//require, formData, err := s.prepareWafData(ctx, req)
-	//if err != nil {
-	//	return err
-	//}
-	//_, err = s.wafformatter.sendFormData(ctx, "admin/info/waf_udp/edit?&__goadmin_edit_pk="+strconv.Itoa(req.UdpForwardingData.WafUdpId), "admin/edit/waf_udp", formData)
-	//if err != nil {
-	//	return err
-	//}
-	//
-	//// 异步任务：将IP添加到白名单
-	//gatewayIps, _, err := s.wafformatter.GetIp(ctx, require.WafGatewayGroupId)
-	//if err != nil {
-	//	return err
-	//}
-	//ipData, err := s.udpForWardingRepository.GetUdpForwardingIpsByID(ctx, req.UdpForwardingData.Id)
-	//if err != nil {
-	//	return err
-	//}
-	//addedIps, removedIps, addedAllowIps, removedAllowIps, err := s.wafformatter.WashEditWafIp(ctx,req.UdpForwardingData.BackendList,req.UdpForwardingData.AllowIpList,ipData.BackendList,ipData.AllowIpList)
-	//if err != nil {
-	//	return err
-	//}
-	//if len(addedIps) > 0 {
-	//	go s.wafformatter.PublishIpWhitelistTask(addedIps, "add","")
-	//}
-	//if len(removedIps) > 0 {
-	//	go s.wafformatter.PublishIpWhitelistTask(removedIps, "del","")
-	//}
-	//
-	//if len(addedAllowIps) > 0 {
-	//	for _, v := range gatewayIps {
-	//		go s.wafformatter.PublishIpWhitelistTask(addedAllowIps, "add",v)
-	//	}
-	//}
-	//if len(removedAllowIps) > 0 {
-	//	for _, v := range gatewayIps {
-	//		go s.wafformatter.PublishIpWhitelistTask(removedAllowIps, "del",v)
-	//	}
-	//
-	//}
-	//
-	//
-	//udpModel := s.buildUdpForwardingModel(&req.UdpForwardingData, req.UdpForwardingData.WafUdpId, require)
-	//udpModel.Id = req.UdpForwardingData.Id
-	//if err = s.udpForWardingRepository.EditUdpForwarding(ctx, udpModel); err != nil {
-	//	return err
-	//}
-	//udpRuleModel := s.buildUdpRuleModel(&req.UdpForwardingData, require, req.UdpForwardingData.Id)
-	//if err = s.udpForWardingRepository.EditUdpForwardingIps(ctx, *udpRuleModel); err != nil {
-	//	return err
-	//}
+	require, formData, err := s.prepareWafData(ctx, req)
+	if err != nil {
+		return  err
+	}
+
+	oldData, err := s.udpForWardingRepository.GetUdpForWarding(ctx, int64(req.UdpForwardingData.Id))
+	if err != nil {
+		return err
+	}
+
+	//修改网站端口
+	if oldData.Port != req.UdpForwardingData.Port {
+		err = s.cdn.EditServerType(ctx, v1.EditWebsite{
+			Id:       int64(oldData.CdnWebId),
+			TypeJSON: formData.TcpJSON,
+		}, "tcp")
+		if err != nil {
+			return err
+		}
+	}
+
+	//修改网站名字
+	if oldData.Comment != req.UdpForwardingData.Comment {
+		err = s.cdn.EditServerBasic(ctx, int64(oldData.CdnWebId), require.Tag)
+		if err != nil {
+			return err
+		}
+	}
+
+	// 异步任务：将IP添加到白名单
+	ipData, err := s.udpForWardingRepository.GetUdpForwardingIpsByID(ctx, req.UdpForwardingData.Id)
+	if err != nil {
+		return err
+	}
+	addedIps, removedIps, addedAllowIps, removedAllowIps, err := s.wafformatter.WashEditWafIp(ctx,req.UdpForwardingData.BackendList,req.UdpForwardingData.AllowIpList,ipData.BackendList,ipData.AllowIpList)
+	if err != nil {
+		return err
+	}
+	if len(addedIps) > 0 {
+		go s.wafformatter.PublishIpWhitelistTask(addedIps, "add","")
+	}
+	if len(removedIps) > 0 {
+		go s.wafformatter.PublishIpWhitelistTask(removedIps, "del","")
+	}
+
+	if len(addedAllowIps) > 0 {
+		for _, v := range require.GatewayIps {
+			go s.wafformatter.PublishIpWhitelistTask(addedAllowIps, "add",v)
+		}
+	}
+	if len(removedAllowIps) > 0 {
+		for _, v := range require.GatewayIps {
+			go s.wafformatter.PublishIpWhitelistTask(removedAllowIps, "del",v)
+		}
+
+	}
+
+
+	//修改源站
+	addOrigins, delOrigins := s.wafformatter.findIpDifferences(ipData.BackendList, req.UdpForwardingData.BackendList)
+	addedIds := make(map[string]int64)
+	for _, v := range addOrigins {
+		id, err := s.wafformatter.AddOrigin(ctx,v1.WebJson{
+			ApiType: "udp",
+			BackendList: v,
+			Comment: req.UdpForwardingData.Comment,
+		})
+		if err != nil {
+			return err
+		}
+		addedIds[v] = id
+	}
+
+	for _, v := range addedIds {
+		err = s.cdn.AddServerOrigin(ctx, int64(oldData.CdnWebId), v)
+		if err != nil {
+			return err
+		}
+	}
+
+	maps.Copy(ipData.CdnOriginIds, addedIds)
+	for k, v := range ipData.CdnOriginIds {
+		for _, ip := range delOrigins {
+			if k == ip {
+				err = s.cdn.DelServerOrigin(ctx, int64(oldData.CdnWebId), v)
+				if err != nil {
+					return err
+				}
+				delete(ipData.CdnOriginIds, k)
+			}
+		}
+	}
+
+
+	udpModel := s.buildUdpForwardingModel(&req.UdpForwardingData, oldData.CdnWebId, require)
+	udpModel.Id = req.UdpForwardingData.Id
+	if err = s.udpForWardingRepository.EditUdpForwarding(ctx, udpModel); err != nil {
+		return err
+	}
+	udpRuleModel := s.buildUdpRuleModel(&req.UdpForwardingData, require, req.UdpForwardingData.Id, ipData.CdnOriginIds)
+	if err = s.udpForWardingRepository.EditUdpForwardingIps(ctx, *udpRuleModel); err != nil {
+		return err
+	}
 	return nil
 }
 
 func (s *udpForWardingService) DeleteUdpForwarding(ctx context.Context, Ids []int) error {
 	for _, id := range Ids {
-		wafUdpId, err := s.udpForWardingRepository.GetUdpForwardingWafUdpIdById(ctx, id)
+		oldData, err := s.udpForWardingRepository.GetUdpForWarding(ctx, int64(id))
 		if err != nil {
 			return err
 		}
-		_, err = s.crawler.DeleteRule(ctx, wafUdpId, "admin/delete/waf_udp?page=1&__pageSize=10&__sort=waf_udp_id&__sort_type=desc")
+
+		err = s.cdn.DelServer(ctx, int64(oldData.CdnWebId))
 		if err != nil {
 			return err
 		}
@@ -415,15 +441,6 @@ func (s *udpForWardingService) GetUdpForwardingWafUdpAllIps(ctx context.Context,
 		dataReq := v1.UdpForwardingDataRequest{
 			Id: r.Forwarding.Id,
 			Port: r.Forwarding.Port,
-			CcPacketCount:     r.Forwarding.CcPacketCount,
-			CcPacketDuration:  r.Forwarding.CcPacketDuration,
-			CcPacketBlockCount: r.Forwarding.CcPacketBlockCount,
-			CcPacketBlockDuration: r.Forwarding.CcPacketBlockDuration,
-			CcCount:           r.Forwarding.CcCount,
-			CcDuration:        r.Forwarding.CcDuration,
-			CcBlockCount:      r.Forwarding.CcBlockCount,
-			CcBlockDuration:   r.Forwarding.CcBlockDuration,
-			SessionTimeout:    r.Forwarding.SessionTimeout,
 			Comment:           r.Forwarding.Comment,
 		}
 

internal/service/wafformatter.go

@@ -29,6 +29,8 @@ type WafFormatterService interface {
 	WashDeleteWafIp(ctx context.Context, backendList []string,allowIpList []string) ([]string, error)
 	WashEditWafIp(ctx context.Context, newBackendList []string,newAllowIpList []string,oldBackendList []string,oldAllowIpList []string) ([]string, []string, []string,  []string, error)
 	GetIp(ctx context.Context, gatewayGroupId int) ([]string,string, error)
+	//cdn添加网站
+	AddOrigin(ctx context.Context, req v1.WebJson) (int64, error)
 }
 func NewWafFormatterService(
     service *Service,
@@ -43,6 +45,7 @@ func NewWafFormatterService(
 	host HostService,
 	gatewayGroupRep repository.GatewayGroupRepository,
 	gatewayGroupIpRep repository.GateWayGroupIpRepository,
+	cdn CdnService,
 ) WafFormatterService {
 	return &wafFormatterService{
 		Service:        service,
@@ -57,6 +60,7 @@ func NewWafFormatterService(
 		mq:    mq,
 		gatewayGroupRep: gatewayGroupRep,
 		gatewayGroupIpRep: gatewayGroupIpRep,
+		cdn: cdn,
 	}
 }
 
@@ -73,6 +77,7 @@ type wafFormatterService struct {
 	mq *rabbitmq.RabbitMQ
 	gatewayGroupRep repository.GatewayGroupRepository
 	gatewayGroupIpRep repository.GateWayGroupIpRepository
+	cdn CdnService
 }
 
 type RequireResponse struct {
@@ -83,6 +88,7 @@ type RequireResponse struct {
 
 func (s *wafFormatterService) Require(ctx context.Context,req v1.GlobalRequire) (RequireResponse, error)  {
 	var res RequireResponse
+	// 获取全局配置信息
 	globalLimit, err := s.globalRep.GetGlobalLimitByHostId(ctx, int64(req.HostId))
 	if err != nil {
 		return RequireResponse{}, err
@@ -90,6 +96,7 @@ func (s *wafFormatterService) Require(ctx context.Context,req v1.GlobalRequire)
 	if globalLimit != nil {
 		res.GlobalLimit = *globalLimit
 	}
+	// 获取主机名
 	domain, err := s.hostRep.GetDomainById(ctx, req.HostId)
 	if err != nil {
 		return RequireResponse{}, err
@@ -398,3 +405,28 @@ func (s *wafFormatterService) GetIp(ctx context.Context, gatewayGroupId int) ([]
 	}
 	return ips,ips[0], nil
 }
+
+func (s *wafFormatterService) AddOrigin(ctx context.Context, req v1.WebJson) (int64, error) {
+	ip, port, err := net.SplitHostPort(req.BackendList)
+	if err != nil {
+		return 0, fmt.Errorf("无效的后端地址: %s", err)
+	}
+	addr := v1.Addr{
+		Protocol: req.ApiType,
+		Host:     ip,
+		Port:  	  port,
+	}
+	id, err := s.cdn.CreateOrigin(ctx, v1.Origin{
+		Addr: addr,
+		Weight: 10,
+		Description: req.Comment,
+		Host: req.Host,
+		IsOn: true,
+		TlsSecurityVerifyMode: "auto",
+	})
+	if err != nil {
+		return 0, err
+	}
+	return id, nil
+}
+

internal/service/webforwarding.go

@@ -12,7 +12,6 @@ import (
 	"net"
 	"sort"
 	"strconv"
-	"strings"
 )
 
 type WebForwardingService interface {
@@ -34,6 +33,7 @@ func NewWebForwardingService(
 	mq *rabbitmq.RabbitMQ,
 	gatewayGroupIpRep repository.GateWayGroupIpRepository,
 	gatewayGroupRep repository.GatewayGroupRepository,
+	cdn CdnService,
 ) WebForwardingService {
 	return &webForwardingService{
 		Service:                 service,
@@ -46,6 +46,7 @@ func NewWebForwardingService(
 		mq:                      mq,
 		gatewayGroupIpRep:        gatewayGroupIpRep,
 		gatewayGroupRep:           gatewayGroupRep,
+		cdn:                     cdn,
 	}
 }
 
@@ -60,8 +61,18 @@ type webForwardingService struct {
 	mq                      *rabbitmq.RabbitMQ
 	gatewayGroupIpRep        repository.GateWayGroupIpRepository
 	gatewayGroupRep           repository.GatewayGroupRepository
+	cdn                     CdnService
 }
 
+
+
+const (
+	isHttps         = 1
+	protocolHttps        = "https"
+	protocolHttp         = "http"
+	proxyTypeSuffix      = "Proxy"
+	defaultNodeClusterId = 1
+)
 func (s *webForwardingService) require(ctx context.Context,req v1.GlobalRequire) (v1.GlobalRequire, error) {
 	var err error
 	var res v1.GlobalRequire
@@ -122,25 +133,8 @@ func (s *webForwardingService) GetWebForwarding(ctx context.Context, req v1.GetF
 
 	return v1.WebForwardingDataRequest{
 		Id:                  webForwarding.Id,
-		WafWebId:            webForwarding.WafWebId,
-		Tag:                 webForwarding.Tag,
 		Port:                webForwarding.Port,
 		Domain:              webForwarding.Domain,
-		CustomHost:          webForwarding.CustomHost,
-		WafWebLimitId:      webForwarding.WebLimitRuleId,
-		WafGatewayGroupId:   webForwarding.WafGatewayGroupId,
-		CcCount:             webForwarding.CcCount,
-		CcDuration:          webForwarding.CcDuration,
-		CcBlockCount:        webForwarding.CcBlockCount,
-		CcBlockDuration:     webForwarding.CcBlockDuration,
-		Cc4xxCount:          webForwarding.Cc4xxCount,
-		Cc4xxDuration:       webForwarding.Cc4xxDuration,
-		Cc4xxBlockCount:     webForwarding.Cc4xxBlockCount,
-		Cc4xxBlockDuration:  webForwarding.Cc4xxBlockDuration,
-		Cc5xxCount:          webForwarding.Cc5xxCount,
-		Cc5xxDuration:       webForwarding.Cc5xxDuration,
-		Cc5xxBlockCount:     webForwarding.Cc5xxBlockCount,
-		Cc5xxBlockDuration:  webForwarding.Cc5xxBlockDuration,
 		IsHttps:             webForwarding.IsHttps,
 		Comment:             webForwarding.Comment,
 		BackendList:         backend.BackendList,
@@ -152,80 +146,29 @@ func (s *webForwardingService) GetWebForwarding(ctx context.Context, req v1.GetF
 	}, nil
 }
 
-// buildWafFormData 辅助函数，用于构建通用的 formData
-func (s *webForwardingService) buildWafFormData(req *v1.WebForwardingDataSend, require v1.GlobalRequire) map[string]interface{} {
-	// 将BackendList序列化为JSON字符串
-	backendJSON, err := json.MarshalIndent(req.BackendList, "", " ")
-	var backendStr interface{}
-	if err != nil {
-		// 如果序列化失败，使用空数组
-		backendStr = "[]"
-	} else {
-		// 成功序列化后，使用JSON字符串
-		backendStr = string(backendJSON)
-	}
-
-	return map[string]interface{}{
-		"waf_web_id":            req.WafWebId,
-		"port":                  req.Port,
-		"domain":                req.Domain,
-		"custom_host":           req.CustomHost,
-		"cc_count":              req.CcCount,
-		"cc_duration":           req.CcDuration,
-		"cc_block_count":        req.CcBlockCount,
-		"cc_block_duration":     req.CcBlockDuration,
-		"cc_4xx_count":          req.Cc4xxCount,
-		"cc_4xx_duration":       req.Cc4xxDuration,
-		"cc_4xx_block_count":    req.Cc4xxBlockCount,
-		"cc_4xx_block_duration": req.Cc4xxBlockDuration,
-		"cc_5xx_count":          req.Cc5xxCount,
-		"cc_5xx_duration":       req.Cc5xxDuration,
-		"cc_5xx_block_count":    req.Cc5xxBlockCount,
-		"cc_5xx_block_duration": req.Cc5xxBlockDuration,
-		"backend":          	 backendStr,
-		"allow_ip_list":         req.AllowIpList,
-		"deny_ip_list":          req.DenyIpList,
-		"access_rule":           req.AccessRule,
-		"is_https":              req.IsHttps,
-		"comment":               req.Comment,
-		"https_cert":            req.HttpsCert,
-		"https_key":             req.HttpsKey,
-	}
-}
 
 // buildWebForwardingModel 辅助函数，用于构建通用的 WebForwarding 模型
 // ruleId 是从 WAF 系统获取的 ID
-func (s *webForwardingService) buildWebForwardingModel(req *v1.WebForwardingDataRequest,ruleId int, require v1.GlobalRequire) *model.WebForwarding {
+func (s *webForwardingService) buildWebForwardingModel(req *v1.WebForwardingDataRequest,ruleId int, require RequireResponse) *model.WebForwarding {
 	return &model.WebForwarding{
-		HostId: 			require.HostId,
-		WafWebId:           ruleId,
-		Port:               req.Port,
-		Domain:             req.Domain,
-		CustomHost:         req.CustomHost,
-		CcCount:            req.CcCount,
-		CcDuration:         req.CcDuration,
-		CcBlockCount:       req.CcBlockCount,
-		CcBlockDuration:    req.CcBlockDuration,
-		Cc4xxCount:         req.Cc4xxCount,
-		Cc4xxDuration:      req.Cc4xxDuration,
-		Cc4xxBlockCount:    req.Cc4xxBlockCount,
-		Cc4xxBlockDuration: req.Cc4xxBlockDuration,
-		Cc5xxCount:         req.Cc5xxCount,
-		Cc5xxDuration:      req.Cc5xxDuration,
-		Cc5xxBlockCount:    req.Cc5xxBlockCount,
-		Cc5xxBlockDuration: req.Cc5xxBlockDuration,
-		IsHttps:            req.IsHttps,
-		Comment:            req.Comment,
-		HttpsCert:          req.HttpsCert,
-		HttpsKey:           req.HttpsKey,
+		HostId:      require.HostId,
+		CdnWebId:    ruleId,
+		Port:        req.Port,
+		Domain:      req.Domain,
+		IsHttps:     req.IsHttps,
+		Comment:     req.Comment,
+		HttpsCert:   req.HttpsCert,
+		HttpsKey:    req.HttpsKey,
+		SslCertId: int(req.SslCertId),
 	}
 }
 
-func (s *webForwardingService) buildWebRuleModel(reqData *v1.WebForwardingDataRequest, require v1.GlobalRequire, localDbId int) *model.WebForwardingRule {
+func (s *webForwardingService) buildWebRuleModel(reqData *v1.WebForwardingDataRequest, require RequireResponse, localDbId int, cdnOriginIds map[string]int64) *model.WebForwardingRule {
 	return &model.WebForwardingRule{
 		Uid:         require.Uid,
 		HostId:      require.HostId,
-		WebId:       localDbId, // 关联到本地数据库的主记录 ID
+		WebId:       localDbId,
+		CdnOriginIds: cdnOriginIds,
 		BackendList: reqData.BackendList,
 		AllowIpList: reqData.AllowIpList,
 		DenyIpList:  reqData.DenyIpList,
@@ -233,301 +176,428 @@ func (s *webForwardingService) buildWebRuleModel(reqData *v1.WebForwardingDataRe
 	}
 }
 
-func (s *webForwardingService) prepareWafData(ctx context.Context, req *v1.WebForwardingRequest) (v1.GlobalRequire, map[string]interface{}, error) {
-	// 1. 获取必要的全局信息
-	require, err := s.require(ctx, v1.GlobalRequire{
+
+
+
+
+// =================================================================
+// 主函数：prepareWafData
+// 职责：协调整个流程，负责获取前置配置和组装最终的 formData。
+// =================================================================
+func (s *webForwardingService) prepareWafData(ctx context.Context, req *v1.WebForwardingRequest) (RequireResponse, v1.Website, error) {
+	// 1. 获取基础配置
+	require, err := s.wafformatter.Require(ctx, v1.GlobalRequire{
 		HostId:  req.HostId,
 		Uid:     req.Uid,
 		Comment: req.WebForwardingData.Comment,
-		Domain:  req.WebForwardingData.Domain,
 	})
 	if err != nil {
-		return v1.GlobalRequire{}, nil, err
+		return RequireResponse{}, v1.Website{}, fmt.Errorf("获取WAF前置配置失败: %w", err)
+	}
+	if require.GatewayGroupId == 0 || require.Uid == 0 {
+		return RequireResponse{}, v1.Website{}, fmt.Errorf("请先配置实例")
+	}
+
+	// 2. 调用辅助函数，构建核心的代理配置 (将复杂逻辑封装起来)
+	apiType, byteData, err := s.buildProxyJSONConfig(ctx, req, require)
+	if err != nil {
+		return RequireResponse{}, v1.Website{}, err // 错误信息在辅助函数中已经包装好了
 	}
 
+	var serverName []string
+	var serverJson []byte
+	if req.WebForwardingData.Domain != "" {
+		serverName = append(serverName, req.WebForwardingData.Domain)
+		serverJson, err = json.Marshal(serverName)
+		if err != nil {
+			return RequireResponse{}, v1.Website{}, err
+		}
+	}
+
+	// 3. 组装最终的 WAF 表单数据
+	formData := v1.Website{
+		UserId:         int64(require.CdnUid),
+		Type:           apiType + proxyTypeSuffix,
+		Name:           require.Tag,
+		ServerNamesJSON : serverJson,
+		Description:    req.WebForwardingData.Comment,
+		ServerGroupIds: []int64{int64(require.GroupId)},
+		UserPlanId:     int64(require.RuleId),
+		NodeClusterId:  defaultNodeClusterId,
+	}
 
-	// 2. 将字符串切片拼接成字符串，用于 WAF API
-	allowIpListStr := strings.Join(req.WebForwardingData.AllowIpList, "\n")
-	denyIpListStr := strings.Join(req.WebForwardingData.DenyIpList, "\n")
+	var noSslByteData, _ = json.Marshal(v1.TypeJSON{IsOn: false})
 
-	PortInt, err := strconv.Atoi(req.WebForwardingData.Port)
-	if err != nil {
-		return v1.GlobalRequire{}, nil, err
-	}
-	// 3. 创建用于构建 WAF 表单的数据结构
-	formDataBase := v1.WebForwardingDataSend{
-		WafWebId:            req.WebForwardingData.WafWebId,
-		Port:                PortInt,
-		Domain:              req.WebForwardingData.Domain,
-		CustomHost:          req.WebForwardingData.CustomHost,
-		CcCount:             req.WebForwardingData.CcCount,
-		CcDuration:          req.WebForwardingData.CcDuration,
-		CcBlockCount:        req.WebForwardingData.CcBlockCount,
-		CcBlockDuration:     req.WebForwardingData.CcBlockDuration,
-		Cc4xxCount:          req.WebForwardingData.Cc4xxCount,
-		Cc4xxDuration:       req.WebForwardingData.Cc4xxDuration,
-		Cc4xxBlockCount:     req.WebForwardingData.Cc4xxBlockCount,
-		Cc4xxBlockDuration:  req.WebForwardingData.Cc4xxBlockDuration,
-		Cc5xxCount:          req.WebForwardingData.Cc5xxCount,
-		Cc5xxDuration:       req.WebForwardingData.Cc5xxDuration,
-		Cc5xxBlockCount:     req.WebForwardingData.Cc5xxBlockCount,
-		Cc5xxBlockDuration:  req.WebForwardingData.Cc5xxBlockDuration,
-		IsHttps:             req.WebForwardingData.IsHttps,
-		BackendList:         req.WebForwardingData.BackendList,
-		AllowIpList:         allowIpListStr,
-		DenyIpList:          denyIpListStr,
-		AccessRule:          req.WebForwardingData.AccessRule,
-		Comment:             req.WebForwardingData.Comment,
-		HttpsCert:           req.WebForwardingData.HttpsCert,
-		HttpsKey:            req.WebForwardingData.HttpsKey,
-	}
-
-	// 4. 构建 WAF 表单数据映射
-	formData := s.buildWafFormData(&formDataBase, require)
+	// 4. 根据协议类型，填充 HttpJSON 和 HttpsJSON 字段
+	if req.WebForwardingData.IsHttps == isHttps {
+		formData.HttpJSON = noSslByteData
+		formData.HttpsJSON = byteData
+	} else {
+		formData.HttpJSON = byteData
+		formData.HttpsJSON = noSslByteData
+	}
 
 	return require, formData, nil
 }
 
 
+// =================================================================
+// 辅助函数：buildProxyJSONConfig
+// 职责：专门负责处理 HTTP/HTTPS 的差异，并生成对应的 JSON 配置。
+// =================================================================
+func (s *webForwardingService) buildProxyJSONConfig(ctx context.Context, req *v1.WebForwardingRequest, require RequireResponse) (string, []byte, error) {
+	var (
+		jsonData v1.TypeJSON
+		apiType  string
+		err      error
+	)
+	jsonData.IsOn = true
+
+	// 判断协议类型，并处理 HTTPS 的特殊逻辑（证书）
+	if req.WebForwardingData.IsHttps == isHttps {
+		apiType = protocolHttps
+
+		req.WebForwardingData.SslCertId, err = s.cdn.AddSSLCert(ctx, v1.SSlCert{
+			UserId:       int64(require.CdnUid),
+			Name:         req.WebForwardingData.Domain,
+			Description:  req.WebForwardingData.Comment,
+			CertData:     []byte(req.WebForwardingData.HttpsCert),
+			KeyData:      []byte(req.WebForwardingData.HttpsKey),
+			IsSelfSigned: false,
+		})
+		if err != nil {
+			return "", nil, fmt.Errorf("添加SSL证书失败: %w", err)
+		}
+		jsonData.SslPolicyRef.IsOn = true
+		jsonData.SslPolicyRef.SslPolicyId = req.WebForwardingData.SslCertId
+	} else {
+		apiType = protocolHttp
+	}
 
-func (s *webForwardingService) AddWebForwarding(ctx context.Context, req *v1.WebForwardingRequest) error {
-	//require, formData, err := s.prepareWafData(ctx, req)
-	//if err != nil {
-	//	return err
-	//}
-	//err = s.wafformatter.validateWafPortCount(ctx, require.HostId)
-	//if err != nil {
-	//	return err
-	//}
-	//
-	//
-	//gatewayIps, firstIp, err := s.wafformatter.GetIp(ctx, require.WafGatewayGroupId)
-	//if err != nil {
-	//	return err
-	//}
-	//if req.WebForwardingData.Domain != "" {
-	//	// 异步任务：将域名添加到白名单
-	//	doMain, err := s.wafformatter.ConvertToWildcardDomain(ctx, req.WebForwardingData.Domain)
-	//	if err != nil {
-	//		return err
-	//	}
-	//	go s.wafformatter.PublishDomainWhitelistTask(doMain,firstIp, "add")
-	//
-	//}
-	//
-	//// IP过白
-	//var ips []string
-	//if req.WebForwardingData.BackendList != nil {
-	//	for _, v := range req.WebForwardingData.BackendList {
-	//		ip, _, err := net.SplitHostPort(v.Addr)
-	//		if err != nil {
-	//			return err
-	//		}
-	//		ips = append(ips,ip)
-	//	}
-	//	go s.wafformatter.PublishIpWhitelistTask(ips, "add","")
-	//}
-	//var accessRuleIps []string
-	//if len(req.WebForwardingData.AllowIpList) > 0 {
-	//	for _, v := range gatewayIps {
-	//		for _, ip := range req.WebForwardingData.AllowIpList {
-	//			if net.ParseIP(ip) != nil{
-	//				accessRuleIps = append(accessRuleIps, ip)
-	//			}
-	//		}
-	//		go s.wafformatter.PublishIpWhitelistTask(accessRuleIps, "add",v)
-	//	}
-	//}
-	//
-	//
-	//
-	//webModel := s.buildWebForwardingModel(&req.WebForwardingData, wafWebId, require)
-	//
-	//id, err := s.webForwardingRepository.AddWebForwarding(ctx, webModel)
-	//if err != nil {
-	//	return err
-	//}
-	//webRuleModel := s.buildWebRuleModel(&req.WebForwardingData, require, id)
-	//
-	//
-	//if _, err = s.webForwardingRepository.AddWebForwardingIps(ctx, *webRuleModel); err != nil {
-	//	return err
-	//}
-	return nil
-}
+	// 填充通用的 Listen 配置
+	for _, v := range require.GatewayIps {
+		jsonData.Listen = append(jsonData.Listen, v1.Listen{
+			Protocol: apiType,
+			Host:     v,
+			Port:     req.WebForwardingData.Port,
+		})
+	}
 
-func (s *webForwardingService) EditWebForwarding(ctx context.Context, req *v1.WebForwardingRequest) error {
-	//WafWebId, err := s.webForwardingRepository.GetWebForwardingWafWebIdById(ctx, req.WebForwardingData.Id)
-	//if err != nil {
-	//	return err
-	//}
-	//req.WebForwardingData.WafWebId = WafWebId
-	//require, formData, err := s.prepareWafData(ctx, req)
-	//if err != nil {
-	//	return err
-	//}
-	//_, err = s.wafformatter.sendFormData(ctx, "admin/info/waf_web/edit?&__goadmin_edit_pk="+strconv.Itoa(req.WebForwardingData.WafWebId), "admin/edit/waf_web", formData)
-	//if err != nil {
-	//	return err
-	//}
-	//
-	//// 将域名添加到白名单
-	//webData, err := s.webForwardingRepository.GetWebForwarding(ctx, int64(req.WebForwardingData.Id))
-	//if err != nil {
-	//	return err
-	//}
-	//gatewayIps, firstIp, err := s.wafformatter.GetIp(ctx, webData.WafGatewayGroupId)
-	//if err != nil {
-	//	return err
-	//}
-	//// 异步任务：将域名添加到白名单
-	//if webData.Domain != req.WebForwardingData.Domain {
-	//
-	//	doMain, err := s.wafformatter.ConvertToWildcardDomain(ctx, req.WebForwardingData.Domain)
-	//	if err != nil {
-	//		return err
-	//	}
-	//	oldDomain, err := s.wafformatter.ConvertToWildcardDomain(ctx, webData.Domain)
-	//	if err != nil {
-	//		return err
-	//	}
-	//	go s.wafformatter.PublishDomainWhitelistTask(oldDomain, firstIp, "del")
-	//	go s.wafformatter.PublishDomainWhitelistTask(doMain, firstIp, "add")
-	//}
-	//
-	//// IP过白
-	//ipData, err := s.webForwardingRepository.GetWebForwardingIpsByID(ctx, req.WebForwardingData.Id)
-	//if err != nil {
-	//	return err
-	//}
-	//var oldIps []string
-	//var oldAllowIps []string
-	//var newIps []string
-	//var newAllowIps []string
-	//for _, v := range ipData.BackendList {
-	//	ip, _, err := net.SplitHostPort(v.Addr)
-	//	if err != nil {
-	//		return err
-	//	}
-	//	oldIps = append(oldIps, ip)
-	//
-	//}
-	//for _, v := range req.WebForwardingData.BackendList {
-	//	ip, _, err := net.SplitHostPort(v.Addr)
-	//	if err != nil {
-	//		return err
-	//	}
-	//	newIps = append(newIps, ip)
-	//}
-	//addedIps, removedIps := s.wafformatter.findIpDifferences(oldIps, newIps)
-	//if len(addedIps) > 0 {
-	//	go s.wafformatter.PublishIpWhitelistTask(addedIps, "add","")
-	//}
-	//if len(removedIps) > 0 {
-	//	go s.wafformatter.PublishIpWhitelistTask(removedIps, "del","")
-	//}
-	//if len(ipData.AllowIpList) > 0 {
-	//	for _, v := range ipData.AllowIpList {
-	//		if net.ParseIP(v) != nil{
-	//			oldAllowIps = append(oldAllowIps, v)
-	//		}
-	//	}
-	//}
-	//
-	//if len(req.WebForwardingData.AllowIpList) > 0 {
-	//	for _, v := range req.WebForwardingData.AllowIpList {
-	//		if net.ParseIP(v) != nil{
-	//			newAllowIps = append(newAllowIps, v)
-	//		}
-	//	}
-	//}
-	//addedAllowIps, removedAllowIps := s.wafformatter.findIpDifferences(oldAllowIps, newAllowIps)
-	//for _, v := range gatewayIps {
-	//	if len(addedAllowIps) > 0 {
-	//		go s.wafformatter.PublishIpWhitelistTask(addedAllowIps, "add",v)
-	//	}
-	//	if len(removedAllowIps) > 0 {
-	//		go s.wafformatter.PublishIpWhitelistTask(removedAllowIps, "del",v)
-	//	}
-	//}
-	//
-	//
-	//
-	//
-	//
-	//
-	//
-	//webModel := s.buildWebForwardingModel(&req.WebForwardingData, req.WebForwardingData.WafWebId, require)
-	//webModel.Id = req.WebForwardingData.Id
-	//if err = s.webForwardingRepository.EditWebForwarding(ctx, webModel); err != nil {
-	//	return err
-	//}
-	//webRuleModel := s.buildWebRuleModel(&req.WebForwardingData, require, req.WebForwardingData.Id)
-	//if err = s.webForwardingRepository.EditWebForwardingIps(ctx, *webRuleModel); err != nil {
-	//	return err
-	//}
-	return nil
+	// 序列化为 JSON
+	byteData, err := json.Marshal(jsonData)
+	if err != nil {
+		return "", nil, fmt.Errorf("序列化WAF配置失败: %w", err)
+	}
+
+	return apiType, byteData, nil
 }
 
-func (s *webForwardingService) DeleteWebForwarding(ctx context.Context, Ids []int) error {
-	for _, Id := range Ids {
-		wafWebId, err := s.webForwardingRepository.GetWebForwardingWafWebIdById(ctx, Id)
-		if err != nil {
-			return err
+
+
+func (s *webForwardingService) AddWebForwarding(ctx context.Context, req *v1.WebForwardingRequest) error {
+	require, formData, err := s.prepareWafData(ctx, req)
+	if err != nil {
+		return err
+	}
+	err = s.wafformatter.validateWafPortCount(ctx, require.HostId)
+	if err != nil {
+		return err
+	}
+
+	webId, err := s.cdn.CreateWebsite(ctx, formData)
+	if err != nil {
+		return err
+	}
+	backendList := make(map[string]string)
+	for _,k := range req.WebForwardingData.BackendList {
+		backendList[k.Addr] = k.CustomHost
+	}
+	// 添加源站
+	cdnOriginIds := make(map[string]int64)
+	for _, v := range req.WebForwardingData.BackendList {
+		var apiType string
+		if v.IsHttps == isHttps {
+			apiType = protocolHttps
+		}else {
+			apiType = protocolHttp
 		}
-		_, err = s.crawler.DeleteRule(ctx, wafWebId, "admin/delete/waf_web?page=1&__pageSize=10&__sort=waf_web_id&__sort_type=desc")
+		id, err := s.wafformatter.AddOrigin(ctx, v1.WebJson{
+			ApiType:  apiType,
+			BackendList: v.Addr,
+			Host:        v.CustomHost,
+			Comment:     req.WebForwardingData.Comment,
+		})
 		if err != nil {
 			return err
 		}
-		webData, err := s.webForwardingRepository.GetWebForwarding(ctx, int64(Id))
+		cdnOriginIds[v.Addr] = id
+	}
+
+	// 添加源站到网站
+	for _, v := range cdnOriginIds {
+		err = s.cdn.AddServerOrigin(ctx, webId, v)
 		if err != nil {
 			return err
 		}
+	}
+
+	webModel := s.buildWebForwardingModel(&req.WebForwardingData, int(webId), require)
+
+	id, err := s.webForwardingRepository.AddWebForwarding(ctx, webModel)
+	if err != nil {
+		return err
+	}
+	webRuleModel := s.buildWebRuleModel(&req.WebForwardingData,require, id, cdnOriginIds)
+	if _, err = s.webForwardingRepository.AddWebForwardingIps(ctx, *webRuleModel); err != nil {
+		return err
+	}
+
+
 
-		_, firstIp, err := s.wafformatter.GetIp(ctx, webData.WafGatewayGroupId)
+
+	if req.WebForwardingData.Domain != "" {
+		// 异步任务：将域名添加到白名单
+		doMain, err := s.wafformatter.ConvertToWildcardDomain(ctx, req.WebForwardingData.Domain)
 		if err != nil {
 			return err
 		}
-		// 异步任务：将域名添加到白名单
-		if webData.Domain != "" {
+		if len(require.GatewayIps) == 0 {
+			return fmt.Errorf("网关组不存在")
+		}
+		go s.wafformatter.PublishDomainWhitelistTask(doMain, require.GatewayIps[0], "add")
 
-			doMain, err := s.wafformatter.ConvertToWildcardDomain(ctx, webData.Domain)
+	}
+
+	// IP过白
+	var ips []string
+	if req.WebForwardingData.BackendList != nil {
+		for _, v := range req.WebForwardingData.BackendList {
+			ip, _, err := net.SplitHostPort(v.Addr)
 			if err != nil {
 				return err
 			}
-			go s.wafformatter.PublishDomainWhitelistTask(doMain,firstIp, "del")
-		}
-		// IP过白
-		ipData, err := s.webForwardingRepository.GetWebForwardingIpsByID(ctx, Id)
-		if err != nil {
-			return err
+			ips = append(ips,ip)
 		}
-		var ips []string
-		if len(ipData.BackendList) > 0 {
-			for _, v := range ipData.BackendList {
-				ip, _, err := net.SplitHostPort(v.Addr)
-				if err != nil {
-					return err
+		go s.wafformatter.PublishIpWhitelistTask(ips, "add","")
+	}
+	var accessRuleIps []string
+	if len(req.WebForwardingData.AllowIpList) > 0 {
+		for _, v := range require.GatewayIps {
+			for _, ip := range req.WebForwardingData.AllowIpList {
+				if net.ParseIP(ip) != nil{
+					accessRuleIps = append(accessRuleIps, ip)
 				}
-				ips = append(ips, ip)
 			}
+			go s.wafformatter.PublishIpWhitelistTask(accessRuleIps, "add",v)
 		}
-		if len(ipData.AllowIpList) > 0 {
-			ips = append(ips, ipData.AllowIpList...)
+	}
+
+
+
+
+	return nil
+}
+
+func (s *webForwardingService) EditWebForwarding(ctx context.Context, req *v1.WebForwardingRequest) error {
+
+	require, formData, err := s.prepareWafData(ctx, req)
+	if err != nil {
+		return  err
+	}
+
+	oldData, err := s.webForwardingRepository.GetWebForwarding(ctx, int64(req.WebForwardingData.Id))
+	if err != nil {
+		return err
+	}
+
+	//修改网站端口
+	if oldData.Port != req.WebForwardingData.Port || oldData.Domain != req.WebForwardingData.Domain {
+		var typeJson []byte
+		var apiType string
+		if req.WebForwardingData.IsHttps == isHttps {
+			typeJson = formData.HttpJSON
+			apiType = protocolHttps
+		}else {
+			typeJson = formData.HttpsJSON
+			apiType = protocolHttp
+		}
+		err = s.cdn.EditServerType(ctx, v1.EditWebsite{
+			Id:       int64(oldData.CdnWebId),
+			TypeJSON: typeJson,
+		}, apiType)
+		if err != nil {
+			return err
 		}
-		if len(ips) > 0 {
-			go s.wafformatter.PublishIpWhitelistTask(ips, "del","")
+	}
+
+	//修改网站名字
+	if oldData.Comment != req.WebForwardingData.Comment {
+		err = s.cdn.EditServerBasic(ctx, int64(oldData.CdnWebId), require.Tag)
+		if err != nil {
+			return err
 		}
+	}
+
+
 
 
-		if err = s.webForwardingRepository.DeleteWebForwarding(ctx, int64(Id)); err != nil {
+	// 将域名添加到白名单
+	webData, err := s.webForwardingRepository.GetWebForwarding(ctx, int64(req.WebForwardingData.Id))
+	if err != nil {
+		return err
+	}
+	gatewayIps, firstIp, err := s.wafformatter.GetIp(ctx, webData.WafGatewayGroupId)
+	if err != nil {
+		return err
+	}
+	// 异步任务：将域名添加到白名单
+	if webData.Domain != req.WebForwardingData.Domain {
+
+		doMain, err := s.wafformatter.ConvertToWildcardDomain(ctx, req.WebForwardingData.Domain)
+		if err != nil {
+			return err
+		}
+		oldDomain, err := s.wafformatter.ConvertToWildcardDomain(ctx, webData.Domain)
+		if err != nil {
+			return err
+		}
+		go s.wafformatter.PublishDomainWhitelistTask(oldDomain, firstIp, "del")
+		go s.wafformatter.PublishDomainWhitelistTask(doMain, firstIp, "add")
+	}
+
+	// IP过白
+	ipData, err := s.webForwardingRepository.GetWebForwardingIpsByID(ctx, req.WebForwardingData.Id)
+	if err != nil {
+		return err
+	}
+	var oldIps []string
+	var oldAllowIps []string
+	var newIps []string
+	var newAllowIps []string
+	for _, v := range ipData.BackendList {
+		ip, _, err := net.SplitHostPort(v.Addr)
+		if err != nil {
 			return err
 		}
-		if err = s.webForwardingRepository.DeleteWebForwardingIpsById(ctx, Id); err != nil {
+		oldIps = append(oldIps, ip)
+
+	}
+	for _, v := range req.WebForwardingData.BackendList {
+		ip, _, err := net.SplitHostPort(v.Addr)
+		if err != nil {
 			return err
 		}
+		newIps = append(newIps, ip)
+	}
+	addedIps, removedIps := s.wafformatter.findIpDifferences(oldIps, newIps)
+	if len(addedIps) > 0 {
+		go s.wafformatter.PublishIpWhitelistTask(addedIps, "add","")
+	}
+	if len(removedIps) > 0 {
+		go s.wafformatter.PublishIpWhitelistTask(removedIps, "del","")
+	}
+	if len(ipData.AllowIpList) > 0 {
+		for _, v := range ipData.AllowIpList {
+			if net.ParseIP(v) != nil{
+				oldAllowIps = append(oldAllowIps, v)
+			}
+		}
+	}
+
+	if len(req.WebForwardingData.AllowIpList) > 0 {
+		for _, v := range req.WebForwardingData.AllowIpList {
+			if net.ParseIP(v) != nil{
+				newAllowIps = append(newAllowIps, v)
+			}
+		}
+	}
+	addedAllowIps, removedAllowIps := s.wafformatter.findIpDifferences(oldAllowIps, newAllowIps)
+	for _, v := range gatewayIps {
+		if len(addedAllowIps) > 0 {
+			go s.wafformatter.PublishIpWhitelistTask(addedAllowIps, "add",v)
+		}
+		if len(removedAllowIps) > 0 {
+			go s.wafformatter.PublishIpWhitelistTask(removedAllowIps, "del",v)
+		}
 	}
 
+
+
+
+
+
+
+	webModel := s.buildWebForwardingModel(&req.WebForwardingData, req.WebForwardingData.WafWebId, require)
+	webModel.Id = req.WebForwardingData.Id
+	if err = s.webForwardingRepository.EditWebForwarding(ctx, webModel); err != nil {
+		return err
+	}
+	webRuleModel := s.buildWebRuleModel(&req.WebForwardingData, require, req.WebForwardingData.Id)
+	if err = s.webForwardingRepository.EditWebForwardingIps(ctx, *webRuleModel); err != nil {
+		return err
+	}
+	return nil
+}
+
+func (s *webForwardingService) DeleteWebForwarding(ctx context.Context, Ids []int) error {
+	//for _, Id := range Ids {
+	//	wafWebId, err := s.webForwardingRepository.GetWebForwardingWafWebIdById(ctx, Id)
+	//	if err != nil {
+	//		return err
+	//	}
+	//	_, err = s.crawler.DeleteRule(ctx, wafWebId, "admin/delete/waf_web?page=1&__pageSize=10&__sort=waf_web_id&__sort_type=desc")
+	//	if err != nil {
+	//		return err
+	//	}
+	//	webData, err := s.webForwardingRepository.GetWebForwarding(ctx, int64(Id))
+	//	if err != nil {
+	//		return err
+	//	}
+	//
+	//	_, firstIp, err := s.wafformatter.GetIp(ctx, webData.WafGatewayGroupId)
+	//	if err != nil {
+	//		return err
+	//	}
+	//	// 异步任务：将域名添加到白名单
+	//	if webData.Domain != "" {
+	//
+	//		doMain, err := s.wafformatter.ConvertToWildcardDomain(ctx, webData.Domain)
+	//		if err != nil {
+	//			return err
+	//		}
+	//		go s.wafformatter.PublishDomainWhitelistTask(doMain,firstIp, "del")
+	//	}
+	//	// IP过白
+	//	ipData, err := s.webForwardingRepository.GetWebForwardingIpsByID(ctx, Id)
+	//	if err != nil {
+	//		return err
+	//	}
+	//	var ips []string
+	//	if len(ipData.BackendList) > 0 {
+	//		for _, v := range ipData.BackendList {
+	//			ip, _, err := net.SplitHostPort(v.Addr)
+	//			if err != nil {
+	//				return err
+	//			}
+	//			ips = append(ips, ip)
+	//		}
+	//	}
+	//	if len(ipData.AllowIpList) > 0 {
+	//		ips = append(ips, ipData.AllowIpList...)
+	//	}
+	//	if len(ips) > 0 {
+	//		go s.wafformatter.PublishIpWhitelistTask(ips, "del","")
+	//	}
+	//
+	//
+	//	if err = s.webForwardingRepository.DeleteWebForwarding(ctx, int64(Id)); err != nil {
+	//		return err
+	//	}
+	//	if err = s.webForwardingRepository.DeleteWebForwardingIpsById(ctx, Id); err != nil {
+	//		return err
+	//	}
+	//}
+
 	return nil
 }
 
@@ -633,19 +703,6 @@ func (s *webForwardingService) GetWebForwardingWafWebAllIps(ctx context.Context,
 			Id:                  res.Forwarding.Id,
 			Port:                res.Forwarding.Port,
 			Domain:              res.Forwarding.Domain,
-			CustomHost:          res.Forwarding.CustomHost,
-			CcCount:             res.Forwarding.CcCount,
-			CcDuration:          res.Forwarding.CcDuration,
-			CcBlockCount:        res.Forwarding.CcBlockCount,
-			CcBlockDuration:     res.Forwarding.CcBlockDuration,
-			Cc4xxCount:          res.Forwarding.Cc4xxCount,
-			Cc4xxDuration:       res.Forwarding.Cc4xxDuration,
-			Cc4xxBlockCount:     res.Forwarding.Cc4xxBlockCount,
-			Cc4xxBlockDuration:  res.Forwarding.Cc4xxBlockDuration,
-			Cc5xxCount:          res.Forwarding.Cc5xxCount,
-			Cc5xxDuration:       res.Forwarding.Cc5xxDuration,
-			Cc5xxBlockCount:     res.Forwarding.Cc5xxBlockCount,
-			Cc5xxBlockDuration:  res.Forwarding.Cc5xxBlockDuration,
 			IsHttps:             res.Forwarding.IsHttps,
 			Comment:             res.Forwarding.Comment,
 			HttpsKey:            res.Forwarding.HttpsKey,