1

2020-11-12 16:50:47 +08:00 · 2020-11-12 16:50:47 +08:00 · af57c99077
commit af57c99077
parent 1d2ab70654
2 changed files with 224 additions and 172 deletions
--- a/server/analyseapi/riskmgr.go
+++ b/server/analyseapi/riskmgr.go
@ -5,27 +5,11 @@ import (
 	"fmt"
 	"sync"
 	"sync/atomic"
-	"github.com/aliyun/alibaba-cloud-sdk-go/services/geoip"
 	"q5"
 	"f5"
 )

 type RiskMgr struct {
-	ipWhiteList map[string]int32
-	ipWhiteListMutex sync.RWMutex
-
-	ipBlackList map[string]int32
-	ipBlackListMutex sync.RWMutex
-
-	launchWhiteList map[string]int32
-	launchWhiteListMutex sync.RWMutex
-
-	launchBlackList map[string]int32
-	launchBlackListMutex sync.RWMutex
-
-	blockProvinceCityHash map[string]int32
-	blockProvinceCityHashMutex sync.RWMutex
-
 	fixedBlockProvinceCityHash map[string]int32
 	fixedBlockProvinceCityHashMutex sync.RWMutex

@ -38,63 +22,25 @@ type RiskMgr struct {
 	passTimes int64
 	blockTimes int64

-	totalIpWhiteListPassTimes int64
-	ipWhiteListPassTimes int64
-	totalLaunchWhiteListPassTimes int64
-	launchWhiteListPassTimes int64
-	totalSafeZonePassTimes int64
-	safeZonePassTimes int64
-
 	totalHttpMethodBlockTimes int64
 	httpMethodBlockTimes int64
 	totalSessionErrBlockTimes int64
 	sessionErrBlockTimes int64
-	totalIpBlackListBlockTimes int64
-	ipBlackListBlockTimes int64
-	totalLaunchBlackListBlockTimes int64
-	launchBlackListBlockTimes int64
-	totalUnSafeZoneBlockTimes int64
-	unSafeZoneBlockTimes int64
+
+	gameHash map[int32]*GameConf
+	gameHashMutex sync.RWMutex

 	clusterConf *MtwServerInfo
 }

 func (this* RiskMgr) Init() *RiskMgr {
-	this.ipWhiteListMutex.Lock()
-	this.ipBlackListMutex.Lock()
-	this.launchWhiteListMutex.Lock()
-	this.launchBlackListMutex.Lock()
-	this.blockProvinceCityHashMutex.Lock()
 	this.fixedBlockProvinceCityHashMutex.Lock()
-	defer this.ipWhiteListMutex.Unlock()
-	defer this.ipBlackListMutex.Unlock()
-	defer this.launchWhiteListMutex.Unlock()
-	defer this.launchBlackListMutex.Unlock()
-	defer this.blockProvinceCityHashMutex.Unlock()
 	defer this.fixedBlockProvinceCityHashMutex.Unlock()

-	this.ipWhiteList = make(map[string]int32)
-	this.ipBlackList = make(map[string]int32)
-	this.launchWhiteList = make(map[string]int32)
-	this.launchBlackList = make(map[string]int32)
-	this.blockProvinceCityHash = make(map[string]int32)
 	this.fixedBlockProvinceCityHash = make(map[string]int32)

-	for _, val := range G.MetaMgr.GetIpWhiteList().GetList() {
-		this.ipWhiteList[val] = 1
-	}
-	for _, val := range G.MetaMgr.GetIpBlackList().GetList() {
-		this.ipBlackList[val] = 1
-	}
-	for _, val := range G.MetaMgr.GetLaunchWhiteList().GetList() {
-		this.launchWhiteList[val] = 1
-	}
-	for _, val := range G.MetaMgr.GetLaunchBlackList().GetList() {
-		this.launchBlackList[val] = 1
-	}
 	for _, val := range G.MetaMgr.GetFixedBlockProvinceCity().GetList() {
 		this.fixedBlockProvinceCityHash[val] = 1
-		this.blockProvinceCityHash[val] = 1
 	}
 	this.accessKeyId = G.MetaMgr.GetAliKey().GetAccessKeyid()
 	this.accessSecret = G.MetaMgr.GetAliKey().GetAccessSecret()
@ -110,6 +56,7 @@ func (this* RiskMgr) Init() *RiskMgr {
 		func (params* q5.XParams) {
 			this.OutputLog()
 		})
+
 	return this
 }

@ -121,65 +68,14 @@ func (this* RiskMgr) OutputLog() {
 	f5.SysLog().Info("blockobj %s", this.GetBlockObj().ToJsonStr())
 	atomic.StoreInt64(&this.passTimes, 0)
 	atomic.StoreInt64(&this.blockTimes, 0)
-	atomic.StoreInt64(&this.ipWhiteListPassTimes, 0)
+	/*atomic.StoreInt64(&this.ipWhiteListPassTimes, 0)
 	atomic.StoreInt64(&this.launchWhiteListPassTimes, 0)
 	atomic.StoreInt64(&this.safeZonePassTimes, 0)
 	atomic.StoreInt64(&this.httpMethodBlockTimes, 0)
 	atomic.StoreInt64(&this.sessionErrBlockTimes, 0)
 	atomic.StoreInt64(&this.ipBlackListBlockTimes, 0)
 	atomic.StoreInt64(&this.launchBlackListBlockTimes, 0)
-	atomic.StoreInt64(&this.unSafeZoneBlockTimes, 0)
-}
-
-func (this* RiskMgr) InIpWhiteList(ip string) bool {
-	this.ipWhiteListMutex.Lock()
-	defer this.ipWhiteListMutex.Unlock()
-	_, ok := this.ipWhiteList[ip]
-	return ok
-}
-
-func (this* RiskMgr) InIpBlackList(ip string) bool {
-	this.ipBlackListMutex.Lock()
-	defer this.ipBlackListMutex.Unlock()
-	_, ok := this.ipBlackList[ip]
-	return ok
-}
-
-func (this* RiskMgr) InLaunchWhiteList(gameId int32, channel int32, launchInfo string) bool {
-	this.launchWhiteListMutex.Lock()
-	defer this.launchWhiteListMutex.Unlock()
-	_, ok := this.launchWhiteList[launchInfo]
-	return ok
-}
-
-func (this* RiskMgr) InLaunchBlackList(gameId int32, channel int32, launchInfo string) bool {
-	this.launchBlackListMutex.Lock()
-	defer this.launchBlackListMutex.Unlock()
-	_, ok := this.launchBlackList[launchInfo]
-	return ok
-}
-
-func (this* RiskMgr) IsBlockZone(gameId int32, channel int32,
-	country string, province string, city string) bool {
-	if country == "" || province == "" || city == "" {
-		return true
-	}
-	if country != "中国" {
-		return true
-	}
-
-	this.blockProvinceCityHashMutex.Lock()
-	defer this.blockProvinceCityHashMutex.Unlock()
-	if _, ok := this.blockProvinceCityHash[province]; ok {
-		return true
-	}
-	if _, ok := this.blockProvinceCityHash[city]; ok {
-		return true
-	}
-	if _, ok := this.blockProvinceCityHash[province + "/" + city]; ok {
-		return true
-	}
-	return false
+	atomic.StoreInt64(&this.unSafeZoneBlockTimes, 0)*/
 }

 func (this* RiskMgr) GetSdkInfo(accessKeyId* string, accessSecret* string) {
@ -193,12 +89,12 @@ func (this* RiskMgr) GetPassObj() *q5.XObject {
 	passObj := q5.NewMxoObject()
 	passObj.SetXValue("total_times", q5.NewXInt64(this.totalPassTimes))
 	passObj.SetXValue("curr_times", q5.NewXInt64(this.passTimes))
-	passObj.SetXValue("total_white_ip_times", q5.NewXInt64(this.totalIpWhiteListPassTimes))
+	/*passObj.SetXValue("total_white_ip_times", q5.NewXInt64(this.totalIpWhiteListPassTimes))
 	passObj.SetXValue("curr_white_ip_times", q5.NewXInt64(this.ipWhiteListPassTimes))
 	passObj.SetXValue("total_white_launch_times", q5.NewXInt64(this.totalLaunchWhiteListPassTimes))
 	passObj.SetXValue("curr_white_launch_times", q5.NewXInt64(this.launchWhiteListPassTimes))
 	passObj.SetXValue("total_safezone_times", q5.NewXInt64(this.totalSafeZonePassTimes))
-	passObj.SetXValue("curr_safezone_times", q5.NewXInt64(this.safeZonePassTimes))
+	passObj.SetXValue("curr_safezone_times", q5.NewXInt64(this.safeZonePassTimes))*/
 	return passObj.AsXObject()
 }

@ -206,7 +102,7 @@ func (this* RiskMgr) GetBlockObj() *q5.XObject {
 	blockObj := q5.NewMxoObject()
 	blockObj.SetXValue("total_times", q5.NewXInt64(this.totalBlockTimes))
 	blockObj.SetXValue("curr_times", q5.NewXInt64(this.blockTimes))
-	blockObj.SetXValue("total_method_err_times", q5.NewXInt64(this.totalHttpMethodBlockTimes))
+	/*blockObj.SetXValue("total_method_err_times", q5.NewXInt64(this.totalHttpMethodBlockTimes))
 	blockObj.SetXValue("curr_method_err_times", q5.NewXInt64(this.httpMethodBlockTimes))
 	blockObj.SetXValue("total_session_err_times", q5.NewXInt64(this.totalSessionErrBlockTimes))
 	blockObj.SetXValue("curr_session_err_times", q5.NewXInt64(this.sessionErrBlockTimes))
@ -215,35 +111,17 @@ func (this* RiskMgr) GetBlockObj() *q5.XObject {
 	blockObj.SetXValue("total_black_launch_times", q5.NewXInt64(this.totalLaunchBlackListBlockTimes))
 	blockObj.SetXValue("curr_black_launch_times", q5.NewXInt64(this.launchBlackListBlockTimes))
 	blockObj.SetXValue("total_unsafezone_times", q5.NewXInt64(this.totalUnSafeZoneBlockTimes))
-	blockObj.SetXValue("curr_unsafezone_times", q5.NewXInt64(this.unSafeZoneBlockTimes))
+	blockObj.SetXValue("curr_unsafezone_times", q5.NewXInt64(this.unSafeZoneBlockTimes))*/
 	return blockObj.AsXObject()
 }

-func (this* RiskMgr) IsSafeZone(gameId int32, channel int32, ip string, response_str* string) bool {
-	accessKeyId := ""
-	accessSecret := ""
-	this.GetSdkInfo(&accessKeyId, &accessSecret)
-	client, err := geoip.NewClientWithAccessKey("cn-hangzhou", accessKeyId, accessSecret)
-	if err != nil {
-		f5.SysLog().Warning("NewClientWithAccessKey error %s", err.Error())
-		return false
-	}
-
-	request := geoip.CreateDescribeIpv4LocationRequest()
-	request.Scheme = "https"
-	request.Ip = ip
-
-	response, err := client.DescribeIpv4Location(request)
-	if err != nil {
-		f5.SysLog().Warning("Ipv4Location error %s", err.Error())
-		return false
-	}
-	*response_str = q5.EncodeJson(response)
-	return !this.IsBlockZone(gameId, channel, response.Country, response.Province, response.City)
+func (this *RiskMgr) GetGameConf(gameId int32, channel int32) *GameConf {
+	return  nil
 }

 func (this *RiskMgr) __analyseIsOpen(w* http.ResponseWriter, r *http.Request) {
-	response_str := ""
+	var gameConf *GameConf
+	responseStr := ""
 	isPass := func () bool {
 		if r.Method != "POST" {
 			atomic.AddInt64(&this.totalHttpMethodBlockTimes, 1)
@ -260,51 +138,28 @@ func (this *RiskMgr) __analyseIsOpen(w* http.ResponseWriter, r *http.Request) {
 		gameId := f5.ExtractGameIdFromAccountId(accountId)
 		channel := f5.ExtractChannelFromAccountId(accountId)

+		gameConf = this.GetGameConf(gameId, channel)
+		if gameConf == nil {
+			return false
+		}
+
 		remoteAddr := q5.GetRequestRemoteAddr(r)
 		if this.clusterConf.GetTesting() == 1 && q5.Request(r, "ip").GetString() != "" {
 			remoteAddr = q5.Request(r, "ip").GetString()
 		}
-		if G.RiskMgr.InIpWhiteList(remoteAddr) {
-			atomic.AddInt64(&this.totalIpWhiteListPassTimes, 1)
-			atomic.AddInt64(&this.ipWhiteListPassTimes, 1)
-			return true
-		}
-		if G.RiskMgr.InIpBlackList(remoteAddr) {
-			atomic.AddInt64(&this.totalIpBlackListBlockTimes, 1)
-			atomic.AddInt64(&this.ipBlackListBlockTimes, 1)
-			return false
-		}
 		launchInfo := q5.GetPostBody(r).GetString()
-		if G.RiskMgr.InLaunchWhiteList(gameId, channel, launchInfo) {
-			atomic.AddInt64(&this.totalLaunchWhiteListPassTimes, 1)
-			atomic.AddInt64(&this.launchWhiteListPassTimes, 1)
-			return true
-		}
-		if G.RiskMgr.InLaunchBlackList(gameId, channel, launchInfo) {
-			atomic.AddInt64(&this.totalLaunchBlackListBlockTimes, 1)
-			atomic.AddInt64(&this.launchBlackListBlockTimes, 1)
-			return false
-		}
-		if G.RiskMgr.IsSafeZone(gameId, channel, remoteAddr, &response_str) {
-			atomic.AddInt64(&this.totalSafeZonePassTimes, 1)
-			atomic.AddInt64(&this.safeZonePassTimes, 1)
-			return true
-		} else {
-			atomic.AddInt64(&this.totalUnSafeZoneBlockTimes, 1)
-			atomic.AddInt64(&this.unSafeZoneBlockTimes, 1)
-			return false
-		}
+		return gameConf.IsPass(remoteAddr, launchInfo)
 	}
 	if isPass() {
 		atomic.AddInt64(&this.totalPassTimes, 1)
 		atomic.AddInt64(&this.passTimes, 1)
 		if this.clusterConf.GetTesting() == 1 {
-			if response_str == "" {
-				response_str = `""`
+			if responseStr == "" {
+				responseStr = `""`
 			}
 			data := fmt.Sprintf(`{"errcode":0, "errmsg":"", "is_open":%d, "data":%s}`,
 				1,
-				response_str)
+				responseStr)
 			q5.Response(w, data)
 		} else {
 			q5.ResponseInt32Ok(w, "is_open", 1)
@ -313,12 +168,12 @@ func (this *RiskMgr) __analyseIsOpen(w* http.ResponseWriter, r *http.Request) {
 		atomic.AddInt64(&this.totalBlockTimes, 1)
 		atomic.AddInt64(&this.blockTimes, 1)
 		if this.clusterConf.GetTesting() == 1 {
-			if response_str == "" {
-				response_str = `""`
+			if responseStr == "" {
+				responseStr = `""`
 			}
 			data := fmt.Sprintf(`{"errcode":0, "errmsg":"", "is_open":%d, "data":%s}`,
 				0,
-				response_str)
+				responseStr)
 			q5.Response(w, data)
 		} else {
 			q5.ResponseInt32Ok(w, "is_open", 0)
@ -327,7 +182,7 @@ func (this *RiskMgr) __analyseIsOpen(w* http.ResponseWriter, r *http.Request) {
 }

 func (this *RiskMgr) __opsDump(w* http.ResponseWriter, r *http.Request) {
-	this.ipWhiteListMutex.Lock()
+	/*this.ipWhiteListMutex.Lock()
 	this.ipBlackListMutex.Lock()
 	this.launchWhiteListMutex.Lock()
 	this.launchBlackListMutex.Lock()
@ -358,6 +213,7 @@ func (this *RiskMgr) __opsDump(w* http.ResponseWriter, r *http.Request) {
 	fillRespObj(respObj, "block_province_city_list", &this.blockProvinceCityHash)
 	fillRespObj(respObj, "fixed_block_province_city_list", &this.fixedBlockProvinceCityHash)
 	q5.Response(w, respObj.ToJsonStr())
+*/
 }

 func (this *RiskMgr) __opsSyncConf(w* http.ResponseWriter, r *http.Request) {
--- a/server/analyseapi/types.go
+++ b/server/analyseapi/types.go
@ -0,0 +1,196 @@
+package main
+
+import (
+	"sync"
+	"github.com/aliyun/alibaba-cloud-sdk-go/services/geoip"
+	"f5"
+	"q5"
+)
+
+type GameConf struct {
+	ipWhiteList map[string]int32
+	ipWhiteListMutex sync.RWMutex
+
+	ipBlackList map[string]int32
+	ipBlackListMutex sync.RWMutex
+
+	launchWhiteList map[string]int32
+	launchWhiteListMutex sync.RWMutex
+
+	launchBlackList map[string]int32
+	launchBlackListMutex sync.RWMutex
+
+	blockProvinceCityHash map[string]int32
+	blockProvinceCityHashMutex sync.RWMutex
+
+	totalPassTimes int64
+	totalBlockTimes int64
+	passTimes int64
+	blockTimes int64
+
+	totalIpWhiteListPassTimes int64
+	ipWhiteListPassTimes int64
+	totalLaunchWhiteListPassTimes int64
+	launchWhiteListPassTimes int64
+	totalSafeZonePassTimes int64
+	safeZonePassTimes int64
+
+	totalHttpMethodBlockTimes int64
+	httpMethodBlockTimes int64
+	totalSessionErrBlockTimes int64
+	sessionErrBlockTimes int64
+	totalIpBlackListBlockTimes int64
+	ipBlackListBlockTimes int64
+	totalLaunchBlackListBlockTimes int64
+	launchBlackListBlockTimes int64
+	totalUnSafeZoneBlockTimes int64
+	unSafeZoneBlockTimes int64
+}
+
+func (this *GameConf) IsPass(remoteAddr string, launchInfo string) bool {
+	/*
+		remoteAddr := q5.GetRequestRemoteAddr(r)
+		if this.clusterConf.GetTesting() == 1 && q5.Request(r, "ip").GetString() != "" {
+			remoteAddr = q5.Request(r, "ip").GetString()
+		}
+		if G.RiskMgr.InIpWhiteList(remoteAddr) {
+			atomic.AddInt64(&this.totalIpWhiteListPassTimes, 1)
+			atomic.AddInt64(&this.ipWhiteListPassTimes, 1)
+			return true
+		}
+		if G.RiskMgr.InIpBlackList(remoteAddr) {
+			atomic.AddInt64(&this.totalIpBlackListBlockTimes, 1)
+			atomic.AddInt64(&this.ipBlackListBlockTimes, 1)
+			return false
+		}
+		launchInfo := q5.GetPostBody(r).GetString()
+		if G.RiskMgr.InLaunchWhiteList(gameId, channel, launchInfo) {
+			atomic.AddInt64(&this.totalLaunchWhiteListPassTimes, 1)
+			atomic.AddInt64(&this.launchWhiteListPassTimes, 1)
+			return true
+		}
+		if G.RiskMgr.InLaunchBlackList(gameId, channel, launchInfo) {
+			atomic.AddInt64(&this.totalLaunchBlackListBlockTimes, 1)
+			atomic.AddInt64(&this.launchBlackListBlockTimes, 1)
+			return false
+		}
+		if G.RiskMgr.IsSafeZone(gameId, channel, remoteAddr, &responseStr) {
+			atomic.AddInt64(&this.totalSafeZonePassTimes, 1)
+			atomic.AddInt64(&this.safeZonePassTimes, 1)
+			return true
+		} else {
+			atomic.AddInt64(&this.totalUnSafeZoneBlockTimes, 1)
+			atomic.AddInt64(&this.unSafeZoneBlockTimes, 1)
+			return false
+		}
+*/
+	return false
+}
+
+func (this* GameConf) InIpWhiteList(ip string) bool {
+	this.ipWhiteListMutex.Lock()
+	defer this.ipWhiteListMutex.Unlock()
+	_, ok := this.ipWhiteList[ip]
+	return ok
+}
+
+func (this* GameConf) InIpBlackList(ip string) bool {
+	this.ipBlackListMutex.Lock()
+	defer this.ipBlackListMutex.Unlock()
+	_, ok := this.ipBlackList[ip]
+	return ok
+}
+
+func (this* GameConf) InLaunchWhiteList(gameId int32, channel int32, launchInfo string) bool {
+	this.launchWhiteListMutex.Lock()
+	defer this.launchWhiteListMutex.Unlock()
+	_, ok := this.launchWhiteList[launchInfo]
+	return ok
+}
+
+func (this* GameConf) InLaunchBlackList(gameId int32, channel int32, launchInfo string) bool {
+	this.launchBlackListMutex.Lock()
+	defer this.launchBlackListMutex.Unlock()
+	_, ok := this.launchBlackList[launchInfo]
+	return ok
+}
+
+func (this* GameConf) Init() {
+	this.ipWhiteListMutex.Lock()
+	this.ipBlackListMutex.Lock()
+	this.launchWhiteListMutex.Lock()
+	this.launchBlackListMutex.Lock()
+	this.blockProvinceCityHashMutex.Lock()
+	defer this.ipWhiteListMutex.Unlock()
+	defer this.ipBlackListMutex.Unlock()
+	defer this.launchWhiteListMutex.Unlock()
+	defer this.launchBlackListMutex.Unlock()
+	defer this.blockProvinceCityHashMutex.Unlock()
+
+	this.ipWhiteList = make(map[string]int32)
+	this.ipBlackList = make(map[string]int32)
+	this.launchWhiteList = make(map[string]int32)
+	this.launchBlackList = make(map[string]int32)
+	this.blockProvinceCityHash = make(map[string]int32)
+
+	for _, val := range G.MetaMgr.GetIpWhiteList().GetList() {
+		this.ipWhiteList[val] = 1
+	}
+	for _, val := range G.MetaMgr.GetIpBlackList().GetList() {
+		this.ipBlackList[val] = 1
+	}
+	for _, val := range G.MetaMgr.GetLaunchWhiteList().GetList() {
+		this.launchWhiteList[val] = 1
+	}
+	for _, val := range G.MetaMgr.GetLaunchBlackList().GetList() {
+		this.launchBlackList[val] = 1
+	}
+	for _, val := range G.MetaMgr.GetFixedBlockProvinceCity().GetList() {
+		this.blockProvinceCityHash[val] = 1
+	}
+}
+
+func (this* GameConf) IsBlockZone(country string, province string, city string) bool {
+	if country == "" || province == "" || city == "" {
+		return true
+	}
+	if country != "中国" {
+		return true
+	}
+
+	/*this.blockProvinceCityHashMutex.Lock()
+	defer this.blockProvinceCityHashMutex.Unlock()
+	if _, ok := this.blockProvinceCityHash[province]; ok {
+		return true
+	}
+	if _, ok := this.blockProvinceCityHash[city]; ok {
+		return true
+	}
+	if _, ok := this.blockProvinceCityHash[province + "/" + city]; ok {
+		return true
+	}*/
+	return false
+}
+
+func (this* GameConf) IsSafeZone(ip string, response_str* string) bool {
+	accessKeyId := ""
+	accessSecret := ""
+	G.RiskMgr.GetSdkInfo(&accessKeyId, &accessSecret)
+	client, err := geoip.NewClientWithAccessKey("cn-hangzhou", accessKeyId, accessSecret)
+	if err != nil {
+		f5.SysLog().Warning("NewClientWithAccessKey error %s", err.Error())
+		return false
+	}
+
+	request := geoip.CreateDescribeIpv4LocationRequest()
+	request.Scheme = "https"
+	request.Ip = ip
+
+	response, err := client.DescribeIpv4Location(request)
+	if err != nil {
+		f5.SysLog().Warning("Ipv4Location error %s", err.Error())
+		return false
+	}
+	*response_str = q5.EncodeJson(response)
+	return !this.IsBlockZone(response.Country, response.Province, response.City)
+}