Authored by jie

修改redis pub 恶意IP pub bug

... ... @@ -178,11 +178,19 @@ local subscribe_mal_ips=function()
if res[3] then
local t=cjson.decode(res[3])
local ips=t.ips
local expire=(not t.expire) and 86400 or t.expire
local expire=(not t.expire) and 43200 or t.expire
if t.type == "add" then
for ip in string.gmatch(ips,"[^',']+") do
cache:set("yh:mip:" .. ip,"1",expire)
ngx.log(ngx.INFO,"nginx subscribe mal ip:" .. tostring(ip) .. ":" .. tostring(expire))
ngx.log(ngx.INFO,"nginx subscribe add mal ip:" .. tostring(ip) .. ":" .. tostring(expire))
end
elseif t.type == "del" then
for ip in string.gmatch(ips,"[^',']+") do
cache:delete("yh:mip:" .. ip)
ngx.log(ngx.INFO,"nginx subscribe del mal ip:" .. tostring(ip) .. ":" .. tostring(expire))
end
end
end
elseif err ~= "timeout" then
connect:close()
... ... @@ -260,6 +268,7 @@ function limit_ip_access_conf_to_worker()
if t then
local r=cjson.decode(t)
if r then
r["white_method"]={"app.graphic.img","app.graphic.verify"}
lua_context.configs["limit_ip_access"]=r
--ngx.log(ngx.INFO,"++++++++++++++" .. cjson.encode(lua_context.configs["limit_ip_access"]))
end
... ...
... ... @@ -3,9 +3,7 @@ local lrucache = require "resty.lrucache"
-- init redis twemproxy config
local redis_config1={host="127.0.0.1",port="6379",auth=nil,timeout=20,max_idle_timeout=60000,pool_size=200}
local ip_limit_redis_config={host="127.0.0.1",port="6379",auth=nil,timeout=20,max_idle_timeout=60000,pool_size=100}
local ip_limit_redis_config={host="redis.nginx.yohoops.org",port="6379",auth="redis9646",timeout=2000,max_idle_timeout=60000,pool_size=100}
local redis_util=require("redisutil")
... ...
... ... @@ -134,16 +134,22 @@ function M:mal_ip()
ngx.say('{"code": 400, "msg": "params error!"}')
ngx.exit(ngx.HTTP_OK)
end
if method == 'publish' then
local exists={}
if method == 'pubAdd' then
local t={}
t.ips=ips
t.expire=expire
t.type="add"
redis_limit_ip:cmd("publish","mal_ips",cjson.encode(t))
end
local exists={}
elseif method == 'pubDel' then
local t={}
t.ips=ips
t.type="del"
redis_limit_ip:cmd("publish","mal_ips",cjson.encode(t))
else
for ip in string.gmatch(ips,"[^',']+") do
if method == 'add' then
local expire= (not expire) and 86400 or expire
local expire= (not expire) and 43200 or expire
cache:set("yh:mip:" .. ip,"1",expire)
elseif method == 'del' then
cache:delete("yh:mip:" .. ip)
... ... @@ -153,6 +159,7 @@ function M:mal_ip()
exists[#exists+1]=tostring(res)
end
end
end
local body=table.concat(exists,",")
ngx.say('{"code": 200, "msg": "'.. body ..'"}')
ngx.exit(ngx.HTTP_OK)
... ...