前言：寫(xiě)網(wǎng)絡(luò)服務(wù)，總要考慮安全機(jī)制，對(duì)ip和網(wǎng)段進(jìn)行判斷是最簡(jiǎn)單的一個(gè)驗(yàn)證機(jī)制。之后想做一個(gè)類(lèi)似注冊(cè)式的安全驗(yàn)證機(jī)制，既可以減少配置文件的麻煩，又可以很好的進(jìn)行安全管理。

直接上代碼：

復(fù)制代碼代碼如下:

package main

import(

    "net"

    "fmt"

    "time"

    "strings"

)

func main(){

    IP_ARRAY := "192.168.1.234,192.168.1.47,192.168.2.0/28"

    servPort:=":7272"

    l,err := net.Listen( "tcp",servPort )

    if err != nil {

        fmt.Printf( "Listen is error" )

        return

    }

    allowList :=strings.Split( IP_ARRAY,"," )

    for{ 

        conn,err:=l.Accept()

        if err != nil {

            fmt.Printf( "start connect  is error" )

            return

        }

        ipAddr:=conn.RemoteAddr()

        Addr := strings.Split( ipAddr.String(), ":")

        rAddr := net.ParseIP( Addr[0] )

        var authorized bool = false

        for v := range allowList{

            _,ipNet,err := net.ParseCIDR( allowList[v] )

            if err != nil{

                fmt.Printf( "parse ip net error" )

                ipHost := net.ParseIP( allowList[v])

                if ipHost != nil{

                   if ipHost.Equal( rAddr ) {

                      authorized =true

                   }

                }else{

                    fmt.Printf( "ip list error" )

                }

            }else{

                fmt.Printf( "Contains ip " )

                if ipNet.Contains( rAddr ) {

                    authorized =true

                }

            }

        }

        if authorized == true{ 

            curTime:=time.Now()

            fmt.Printf( curTime.Format( "2006-01-02 15:04:05" )  )

            conn.Write( []byte(curTime.Format( "2006-01-02 15:04:05" ) ) )

            time.Sleep( 10)

        }else{

            conn.Close()

        }

    }

}