fusu
/
go_gameshield


			
				
					
						
						
							123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112
							package web

import (
	v1 "github.com/go-nunu/nunu-layout-advanced/api/v1"
	"net"
)

type Helper interface {
	FindDifferenceList(oldList, newList []v1.BackendList) (added, removed []v1.BackendList)
	WashDifferentIp(newIpList []string, oldIpList []string) (addedDenyIps []string, removedDenyIps []string)
}

// FindDifferenceList 查找两个列表的差异
func (s *aidedWebService) FindDifferenceList(oldList, newList []v1.BackendList) (added, removed []v1.BackendList) {
	diff := make(map[v1.BackendList]int)

	// 1. 遍历旧列表，为每个元素计数 +1
	for _, item := range oldList {
		diff[item]++
	}

	// 2. 遍历新列表，为每个元素计数 -1
	for _, item := range newList {
		diff[item]--
	}

	// 3. 遍历 diff map 来找出差异
	for item, count := range diff {
		if count > 0 {
			// 如果 count > 0，说明这个元素在 oldList 中但不在 newList 中
			removed = append(removed, item)
		} else if count < 0 {
			// 如果 count < 0，说明这个元素在 newList 中但不在 oldList 中
			added = append(added, item)
		}
		// 如果 count == 0，说明元素在两个列表中都存在，不做任何操作
	}

	return added, removed
}

// WashDifferentIp 清洗IP差异 - 并发版本
func (s *aidedWebService) WashDifferentIp(newIpList []string, oldIpList []string) (addedDenyIps []string, removedDenyIps []string) {
	// 并发验证并过滤有效IP
	oldAllowIps := s.filterValidIpsConcurrently(oldIpList)
	newAllowIps := s.filterValidIpsConcurrently(newIpList)

	addedDenyIps, removedDenyIps = s.wafformatter.FindIpDifferences(oldAllowIps, newAllowIps)
	return addedDenyIps, removedDenyIps
}

// filterValidIpsConcurrently 并发过滤有效IP地址
func (s *aidedWebService) filterValidIpsConcurrently(ipList []string) []string {
	if len(ipList) == 0 {
		return nil
	}

	// 小于10个IP时不使用并发，避免overhead
	if len(ipList) < 10 {
		return s.filterValidIpsSequentially(ipList)
	}

	type ipResult struct {
		ip    string
		valid bool
		index int
	}

	resultChan := make(chan ipResult, len(ipList))
	semaphore := make(chan struct{}, 20) // 限制并发数为20

	// 启动goroutine验证IP
	for i, ip := range ipList {
		go func(ip string, index int) {
			semaphore <- struct{}{} // 获取信号量
			defer func() { <-semaphore }() // 释放信号量

			valid := net.ParseIP(ip) != nil
			resultChan <- ipResult{ip: ip, valid: valid, index: index}
		}(ip, i)
	}

	// 收集结果并保持原始顺序
	results := make([]ipResult, len(ipList))
	for i := 0; i < len(ipList); i++ {
		result := <-resultChan
		results[result.index] = result
	}
	close(resultChan)

	// 按原始顺序提取有效IP
	var validIps []string
	for _, result := range results {
		if result.valid {
			validIps = append(validIps, result.ip)
		}
	}

	return validIps
}

// filterValidIpsSequentially 顺序过滤有效IP地址（用于小数据集）
func (s *aidedWebService) filterValidIpsSequentially(ipList []string) []string {
	var validIps []string
	for _, ip := range ipList {
		if net.ParseIP(ip) != nil {
			validIps = append(validIps, ip)
		}
	}
	return validIps
}