hatter/ipset-management
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

feat: update ipset m

Browse Source
This commit is contained in:
Hatter Jiang
2025-08-02 14:09:50 +08:00
parent dc97d211d8
commit d63220ebac
3 changed files with 24 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
README.md
View File

@@ -6,3 +6,13 @@ Linux ipset management
```shell
xh GET 0:2688/ipset x-ssrf-token:token
```
```shell
curl -H 'x-ssrf-token: SSRF' 0:2688/ipset/allowipset/ips | jq .
{
"ips": [
"36.28.*.*",
"36.20.*.*"
]
}
```

5
justfile Normal file
View File

@@ -0,0 +1,5 @@
_:
@just --list
build-linux-x64-musl:
cargo zigbuild --release --target x86_64-unknown-linux-musl

11
src/main.rs
View File

@@ -11,6 +11,7 @@ use serde_json::json;
use std::{env, process};
use tokio::net::TcpListener;
const DEFAULT_PORT: u16 = 8343;
const SSRF_TOKEN: &str = "SSRF_TOKEN";
mod ipset;
@@ -46,7 +47,7 @@ async fn inner_main() -> XResult<()> {
.route("/ipset/{ipset}/ips/{ip}", post(delete_ipset_ips)) // --
.route("/ipset/{ipset}/ips", post(post_ipset_ips));
let listen_addr = format!("127.0.0.1:{}", args.port.unwrap_or(2688));
let listen_addr = format!("127.0.0.1:{}", args.port.unwrap_or(DEFAULT_PORT));
let listener = TcpListener::bind(&listen_addr).await.unwrap();
axum::serve(listener, app).await.unwrap();
Ok(())
@@ -124,7 +125,11 @@ async fn get_ipset_ips(
}
// DELETE /ipset/{}/ips/{}
async fn delete_ipset_ips(Path(params): Path<IpsetIpParams>) -> impl IntoResponse {
async fn delete_ipset_ips(
header_map: HeaderMap<HeaderValue>,
Path(params): Path<IpsetIpParams>,
) -> impl IntoResponse {
check_header_ssrf_token!(header_map);
let ipset = get_value_or_bad_request!(IpSet::new(&params.ipset));
get_value_or_bad_request!(ipset.del(&params.ip));
(StatusCode::OK, Json(json!({})))
@@ -132,9 +137,11 @@ async fn delete_ipset_ips(Path(params): Path<IpsetIpParams>) -> impl IntoRespons
// POST /ipset/{}/ips with parameter: ip=?
async fn post_ipset_ips(
header_map: HeaderMap<HeaderValue>,
Path(params): Path<IpsetParams>,
Form(request): Form<PostIpsetIpsRequest>,
) -> impl IntoResponse {
check_header_ssrf_token!(header_map);
let ipset = get_value_or_bad_request!(IpSet::new(&params.ipset));
get_value_or_bad_request!(ipset.add(&request.ip));
(StatusCode::OK, Json(json!({})))