Merge branch 'master' of git.yoho.cn:ops/yoho-ansible-roles
Showing
3 changed files
with
23 additions
and
37 deletions
| @@ -178,19 +178,11 @@ local subscribe_mal_ips=function() | @@ -178,19 +178,11 @@ local subscribe_mal_ips=function() | ||
| 178 | if res[3] then | 178 | if res[3] then |
| 179 | local t=cjson.decode(res[3]) | 179 | local t=cjson.decode(res[3]) |
| 180 | local ips=t.ips | 180 | local ips=t.ips |
| 181 | - local expire=(not t.expire) and 43200 or t.expire | ||
| 182 | - if t.type == "add" then | ||
| 183 | - for ip in string.gmatch(ips,"[^',']+") do | ||
| 184 | - cache:set("yh:mip:" .. ip,"1",expire) | ||
| 185 | - ngx.log(ngx.INFO,"nginx subscribe add mal ip:" .. tostring(ip) .. ":" .. tostring(expire)) | ||
| 186 | - end | ||
| 187 | - elseif t.type == "del" then | ||
| 188 | - for ip in string.gmatch(ips,"[^',']+") do | ||
| 189 | - cache:delete("yh:mip:" .. ip) | ||
| 190 | - ngx.log(ngx.INFO,"nginx subscribe del mal ip:" .. tostring(ip) .. ":" .. tostring(expire)) | ||
| 191 | - end | ||
| 192 | - end | ||
| 193 | - | 181 | + local expire=(not t.expire) and 86400 or t.expire |
| 182 | + for ip in string.gmatch(ips,"[^',']+") do | ||
| 183 | + cache:set("yh:mip:" .. ip,"1",expire) | ||
| 184 | + ngx.log(ngx.INFO,"nginx subscribe mal ip:" .. tostring(ip) .. ":" .. tostring(expire)) | ||
| 185 | + end | ||
| 194 | end | 186 | end |
| 195 | elseif err ~= "timeout" then | 187 | elseif err ~= "timeout" then |
| 196 | connect:close() | 188 | connect:close() |
| @@ -267,8 +259,7 @@ function limit_ip_access_conf_to_worker() | @@ -267,8 +259,7 @@ function limit_ip_access_conf_to_worker() | ||
| 267 | local t=lua_context.lua_conf_cache:get("limit_ip_access") | 259 | local t=lua_context.lua_conf_cache:get("limit_ip_access") |
| 268 | if t then | 260 | if t then |
| 269 | local r=cjson.decode(t) | 261 | local r=cjson.decode(t) |
| 270 | - if r then | ||
| 271 | - r["white_method"]={"app.graphic.img","app.graphic.verify"} | 262 | + if r then |
| 272 | lua_context.configs["limit_ip_access"]=r | 263 | lua_context.configs["limit_ip_access"]=r |
| 273 | --ngx.log(ngx.INFO,"++++++++++++++" .. cjson.encode(lua_context.configs["limit_ip_access"])) | 264 | --ngx.log(ngx.INFO,"++++++++++++++" .. cjson.encode(lua_context.configs["limit_ip_access"])) |
| 274 | end | 265 | end |
| @@ -3,7 +3,9 @@ local lrucache = require "resty.lrucache" | @@ -3,7 +3,9 @@ local lrucache = require "resty.lrucache" | ||
| 3 | -- init redis twemproxy config | 3 | -- init redis twemproxy config |
| 4 | local redis_config1={host="127.0.0.1",port="6379",auth=nil,timeout=20,max_idle_timeout=60000,pool_size=200} | 4 | local redis_config1={host="127.0.0.1",port="6379",auth=nil,timeout=20,max_idle_timeout=60000,pool_size=200} |
| 5 | 5 | ||
| 6 | -local ip_limit_redis_config={host="redis.nginx.yohoops.org",port="6379",auth=redis9646,timeout=20,max_idle_timeout=60000,pool_size=100} | 6 | + |
| 7 | +local ip_limit_redis_config={host="127.0.0.1",port="6379",auth=nil,timeout=20,max_idle_timeout=60000,pool_size=100} | ||
| 8 | + | ||
| 7 | 9 | ||
| 8 | 10 | ||
| 9 | local redis_util=require("redisutil") | 11 | local redis_util=require("redisutil") |
| @@ -134,31 +134,24 @@ function M:mal_ip() | @@ -134,31 +134,24 @@ function M:mal_ip() | ||
| 134 | ngx.say('{"code": 400, "msg": "params error!"}') | 134 | ngx.say('{"code": 400, "msg": "params error!"}') |
| 135 | ngx.exit(ngx.HTTP_OK) | 135 | ngx.exit(ngx.HTTP_OK) |
| 136 | end | 136 | end |
| 137 | - local exists={} | ||
| 138 | - if method == 'pubAdd' then | 137 | + if method == 'publish' then |
| 139 | local t={} | 138 | local t={} |
| 140 | t.ips=ips | 139 | t.ips=ips |
| 141 | t.expire=expire | 140 | t.expire=expire |
| 142 | - t.type="add" | ||
| 143 | - redis_limit_ip:cmd("publish","mal_ips",cjson.encode(t)) | ||
| 144 | - elseif method == 'pubDel' then | ||
| 145 | - local t={} | ||
| 146 | - t.ips=ips | ||
| 147 | - t.type="del" | ||
| 148 | redis_limit_ip:cmd("publish","mal_ips",cjson.encode(t)) | 141 | redis_limit_ip:cmd("publish","mal_ips",cjson.encode(t)) |
| 149 | - else | ||
| 150 | - for ip in string.gmatch(ips,"[^',']+") do | ||
| 151 | - if method == 'add' then | ||
| 152 | - local expire= (not expire) and 43200 or expire | ||
| 153 | - cache:set("yh:mip:" .. ip,"1",expire) | ||
| 154 | - elseif method == 'del' then | ||
| 155 | - cache:delete("yh:mip:" .. ip) | ||
| 156 | - elseif method == 'exists' then | ||
| 157 | - local res=cache:get("yh:mip:" .. ip) | ||
| 158 | - res= res and true or false | ||
| 159 | - exists[#exists+1]=tostring(res) | ||
| 160 | - end | ||
| 161 | - end | 142 | + end |
| 143 | + local exists={} | ||
| 144 | + for ip in string.gmatch(ips,"[^',']+") do | ||
| 145 | + if method == 'add' then | ||
| 146 | + local expire= (not expire) and 86400 or expire | ||
| 147 | + cache:set("yh:mip:" .. ip,"1",expire) | ||
| 148 | + elseif method == 'del' then | ||
| 149 | + cache:delete("yh:mip:" .. ip) | ||
| 150 | + elseif method == 'exists' then | ||
| 151 | + local res=cache:get("yh:mip:" .. ip) | ||
| 152 | + res= res and true or false | ||
| 153 | + exists[#exists+1]=tostring(res) | ||
| 154 | + end | ||
| 162 | end | 155 | end |
| 163 | local body=table.concat(exists,",") | 156 | local body=table.concat(exists,",") |
| 164 | ngx.say('{"code": 200, "msg": "'.. body ..'"}') | 157 | ngx.say('{"code": 200, "msg": "'.. body ..'"}') |
-
Please register or login to post a comment