新增偵測 aws ec2 的 ip
This commit is contained in:
@@ -43,6 +43,51 @@ export class SmartIPDetector {
|
||||
return true;
|
||||
}
|
||||
|
||||
// 檢查是否為基礎設施 IP(Vercel、AWS、Cloudflare 等)
|
||||
private isInfrastructureIP(ip: string): boolean {
|
||||
if (!ip) return false;
|
||||
|
||||
// Vercel/AWS EC2 實例
|
||||
if (ip.includes('ec2-') && ip.includes('.compute-1.amazonaws.com')) return true;
|
||||
if (ip.includes('ec2-') && ip.includes('.amazonaws.com')) return true;
|
||||
|
||||
// AWS 其他服務
|
||||
if (ip.includes('.amazonaws.com')) return true;
|
||||
|
||||
// Vercel 相關
|
||||
if (ip.includes('vercel')) return true;
|
||||
|
||||
// Cloudflare 相關(但 cf-connecting-ip 是我們想要的)
|
||||
if (ip.includes('cloudflare') && !ip.includes('cf-connecting-ip')) return true;
|
||||
|
||||
// 其他常見的 CDN/代理服務
|
||||
const infrastructurePatterns = [
|
||||
'fastly.com',
|
||||
'cloudfront.net',
|
||||
'akamai.net',
|
||||
'maxcdn.com',
|
||||
'keycdn.com'
|
||||
];
|
||||
|
||||
return infrastructurePatterns.some(pattern => ip.includes(pattern));
|
||||
}
|
||||
|
||||
// 檢查是否為用戶真實 IP
|
||||
private isUserRealIP(ip: string): boolean {
|
||||
if (!ip || ip === 'unknown') return false;
|
||||
|
||||
// 不是基礎設施 IP
|
||||
if (this.isInfrastructureIP(ip)) return false;
|
||||
|
||||
// 是公網 IP
|
||||
if (!this.isPublicIP(ip)) return false;
|
||||
|
||||
// 是有效的 IP 格式
|
||||
if (!this.isValidIP(ip)) return false;
|
||||
|
||||
return true;
|
||||
}
|
||||
|
||||
// 從 x-forwarded-for 解析 IP
|
||||
private parseForwardedFor(forwarded: string): string[] {
|
||||
if (!forwarded) return [];
|
||||
@@ -111,20 +156,20 @@ export class SmartIPDetector {
|
||||
let confidence: 'high' | 'medium' | 'low' = 'low';
|
||||
let source = 'unknown';
|
||||
|
||||
// 優先級 1: Cloudflare IP (最高可信度)
|
||||
// 優先級 1: Cloudflare IP (最高可信度) - 但要是用戶真實 IP
|
||||
const cfIP = uniqueCandidates.find(ip => sources[ip] === 'cf-connecting-ip');
|
||||
if (cfIP && this.isPublicIP(cfIP)) {
|
||||
if (cfIP && this.isUserRealIP(cfIP)) {
|
||||
selectedIP = cfIP;
|
||||
confidence = 'high';
|
||||
source = 'cf-connecting-ip';
|
||||
}
|
||||
|
||||
// 優先級 2: 其他代理標頭中的公網 IP
|
||||
// 優先級 2: 其他代理標頭中的用戶真實 IP
|
||||
if (selectedIP === 'unknown') {
|
||||
const proxyHeaders = ['x-real-ip', 'x-client-ip', 'x-cluster-client-ip'];
|
||||
for (const header of proxyHeaders) {
|
||||
const ip = uniqueCandidates.find(candidate => sources[candidate] === header);
|
||||
if (ip && this.isPublicIP(ip)) {
|
||||
if (ip && this.isUserRealIP(ip)) {
|
||||
selectedIP = ip;
|
||||
confidence = 'high';
|
||||
source = header;
|
||||
@@ -133,32 +178,45 @@ export class SmartIPDetector {
|
||||
}
|
||||
}
|
||||
|
||||
// 優先級 3: x-forwarded-for 中的第一個公網 IP
|
||||
// 優先級 3: x-forwarded-for 中的第一個用戶真實 IP
|
||||
if (selectedIP === 'unknown') {
|
||||
const forwardedIPs = uniqueCandidates.filter(ip => sources[ip] === 'x-forwarded-for');
|
||||
const publicForwardedIP = forwardedIPs.find(ip => this.isPublicIP(ip));
|
||||
if (publicForwardedIP) {
|
||||
selectedIP = publicForwardedIP;
|
||||
const userRealIP = forwardedIPs.find(ip => this.isUserRealIP(ip));
|
||||
if (userRealIP) {
|
||||
selectedIP = userRealIP;
|
||||
confidence = 'medium';
|
||||
source = 'x-forwarded-for';
|
||||
}
|
||||
}
|
||||
|
||||
// 優先級 4: 任何公網 IP
|
||||
// 優先級 4: 任何用戶真實 IP
|
||||
if (selectedIP === 'unknown') {
|
||||
const publicIP = uniqueCandidates.find(ip => this.isPublicIP(ip));
|
||||
const userRealIP = uniqueCandidates.find(ip => this.isUserRealIP(ip));
|
||||
if (userRealIP) {
|
||||
selectedIP = userRealIP;
|
||||
confidence = 'medium';
|
||||
source = sources[userRealIP] || 'unknown';
|
||||
}
|
||||
}
|
||||
|
||||
// 優先級 5: 任何公網 IP(非基礎設施)
|
||||
if (selectedIP === 'unknown') {
|
||||
const publicIP = uniqueCandidates.find(ip =>
|
||||
this.isPublicIP(ip) && !this.isInfrastructureIP(ip)
|
||||
);
|
||||
if (publicIP) {
|
||||
selectedIP = publicIP;
|
||||
confidence = 'medium';
|
||||
confidence = 'low';
|
||||
source = sources[publicIP] || 'unknown';
|
||||
}
|
||||
}
|
||||
|
||||
// 優先級 5: 任何非本地 IP
|
||||
// 優先級 6: 任何非本地 IP(非基礎設施)
|
||||
if (selectedIP === 'unknown') {
|
||||
const nonLocalIP = uniqueCandidates.find(ip =>
|
||||
ip !== '::1' && ip !== '127.0.0.1' && !ip.startsWith('192.168.') &&
|
||||
!ip.startsWith('10.') && !ip.startsWith('172.')
|
||||
ip !== '::1' && ip !== '127.0.0.1' &&
|
||||
!ip.startsWith('192.168.') && !ip.startsWith('10.') && !ip.startsWith('172.') &&
|
||||
!this.isInfrastructureIP(ip)
|
||||
);
|
||||
if (nonLocalIP) {
|
||||
selectedIP = nonLocalIP;
|
||||
@@ -167,7 +225,7 @@ export class SmartIPDetector {
|
||||
}
|
||||
}
|
||||
|
||||
// 優先級 6: 第一個候選 IP
|
||||
// 優先級 7: 第一個候選 IP(最後選擇)
|
||||
if (selectedIP === 'unknown' && uniqueCandidates.length > 0) {
|
||||
selectedIP = uniqueCandidates[0];
|
||||
confidence = 'low';
|
||||
@@ -182,7 +240,13 @@ export class SmartIPDetector {
|
||||
isPublicIP: this.isPublicIP(selectedIP)
|
||||
};
|
||||
|
||||
console.log('🎯 IP 偵測結果:', result);
|
||||
console.log('🎯 IP 偵測結果:', {
|
||||
...result,
|
||||
isInfrastructureIP: this.isInfrastructureIP(selectedIP),
|
||||
isUserRealIP: this.isUserRealIP(selectedIP),
|
||||
infrastructureIPs: uniqueCandidates.filter(ip => this.isInfrastructureIP(ip)),
|
||||
userRealIPs: uniqueCandidates.filter(ip => this.isUserRealIP(ip))
|
||||
});
|
||||
|
||||
return result;
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user