cyonjan/frp
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

add allow_ips for frps

Browse Source
This commit is contained in:
bingoohuang 2023-03-16 11:07:12 +08:00
parent 8f394dba27
commit bc5cdf120b
3 changed files with 21 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
cmd/frps/root.go
View File

@ -38,6 +38,7 @@ var (
showVersion bool showVersion bool
bindAddr string bindAddr string
allowIps []string
bindPort int bindPort int
bindUDPPort int bindUDPPort int
kcpBindPort int kcpBindPort int
@ -69,6 +70,7 @@ func init() {
rootCmd.PersistentFlags().BoolVarP(&showVersion, "version", "v", false, "version of frps") rootCmd.PersistentFlags().BoolVarP(&showVersion, "version", "v", false, "version of frps")
rootCmd.PersistentFlags().StringVarP(&bindAddr, "bind_addr", "", "0.0.0.0", "bind address") rootCmd.PersistentFlags().StringVarP(&bindAddr, "bind_addr", "", "0.0.0.0", "bind address")
rootCmd.PersistentFlags().StringArrayVarP(&allowIps, "allow_ip", "", nil, "ip whitelists")
rootCmd.PersistentFlags().IntVarP(&bindPort, "bind_port", "p", 7000, "bind port") rootCmd.PersistentFlags().IntVarP(&bindPort, "bind_port", "p", 7000, "bind port")
rootCmd.PersistentFlags().IntVarP(&bindUDPPort, "bind_udp_port", "", 0, "bind udp port") rootCmd.PersistentFlags().IntVarP(&bindUDPPort, "bind_udp_port", "", 0, "bind udp port")
rootCmd.PersistentFlags().IntVarP(&kcpBindPort, "kcp_bind_port", "", 0, "kcp bind udp port") rootCmd.PersistentFlags().IntVarP(&kcpBindPort, "kcp_bind_port", "", 0, "kcp bind udp port")
@ -159,6 +161,7 @@ func parseServerCommonCfgFromCmd() (cfg config.ServerCommonConf, err error) {
cfg.BindAddr = bindAddr cfg.BindAddr = bindAddr
cfg.BindPort = bindPort cfg.BindPort = bindPort
cfg.AllowIps = allowIps
cfg.BindUDPPort = bindUDPPort cfg.BindUDPPort = bindUDPPort
cfg.KCPBindPort = kcpBindPort cfg.KCPBindPort = kcpBindPort
cfg.ProxyBindAddr = proxyBindAddr cfg.ProxyBindAddr = proxyBindAddr

4
pkg/config/server.go
View File

@ -50,6 +50,10 @@ type ServerCommonConf struct {
// Set this value to 0 will disable this feature. // Set this value to 0 will disable this feature.
// By default, the value is 0. // By default, the value is 0.
QUICBindPort int `ini:"quic_bind_port" json:"quic_bind_port" validate:"gte=0,lte=65535"` QUICBindPort int `ini:"quic_bind_port" json:"quic_bind_port" validate:"gte=0,lte=65535"`
// AllowIps specifies the IP whitelists to limit clients.
AllowIps []string `ini:"allow_ips" json:"allow_ips"`
// QUIC protocol options // QUIC protocol options
QUICKeepalivePeriod int `ini:"quic_keepalive_period" json:"quic_keepalive_period" validate:"gte=0"` QUICKeepalivePeriod int `ini:"quic_keepalive_period" json:"quic_keepalive_period" validate:"gte=0"`
QUICMaxIdleTimeout int `ini:"quic_max_idle_timeout" json:"quic_max_idle_timeout" validate:"gte=0"` QUICMaxIdleTimeout int `ini:"quic_max_idle_timeout" json:"quic_max_idle_timeout" validate:"gte=0"`

14
server/service.go
View File

@ -431,8 +431,22 @@ func (svr *Service) HandleListener(l net.Listener) {
} }
log.Trace("check TLS connection success, isTLS: %v custom: %v", isTLS, custom) log.Trace("check TLS connection success, isTLS: %v custom: %v", isTLS, custom)
allowIps := make(map[string]bool, len(svr.cfg.AllowIps))
for _, allowIP := range svr.cfg.AllowIps {
allowIps[allowIP] = true
}
// Start a new goroutine to handle connection. // Start a new goroutine to handle connection.
go func(ctx context.Context, frpConn net.Conn) { go func(ctx context.Context, frpConn net.Conn) {
if len(allowIps) > 0 {
if addr, ok := frpConn.RemoteAddr().(*net.TCPAddr); ok {
if remoteIP := addr.IP.String(); !allowIps[remoteIP] {
log.Warn("Connection from %s is not allowed", remoteIP)
frpConn.Close()
return
}
}
}
if svr.cfg.TCPMux { if svr.cfg.TCPMux {
fmuxCfg := fmux.DefaultConfig() fmuxCfg := fmux.DefaultConfig()
fmuxCfg.KeepAliveInterval = time.Duration(svr.cfg.TCPMuxKeepaliveInterval) * time.Second fmuxCfg.KeepAliveInterval = time.Duration(svr.cfg.TCPMuxKeepaliveInterval) * time.Second