petty09190/wish-pool
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
main
wish-pool/allowed_ips_updated.txt
aken1023 ad8676cac3 Add IP allowlist and diagnostic PowerShell scripts 
Added allowed_ips_updated.txt containing updated allowed IPs and configuration examples. Introduced check_ip.ps1 and check_ip_fixed.ps1 for checking current IPs against the allowlist and performing connectivity tests, with the fixed version improving external IP detection. Added diagnose_127.ps1 to help diagnose and resolve issues related to services binding to 127.0.0.1.
2025-08-01 14:05:29 +08:00

154 lines
3.6 KiB
Plaintext
Raw Permalink Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

# 可允許的IP地址清單 - 更新版
# 最後更新2024年
## 按地點分類
### 岡山
- Hinet: 114.33.18.13
### 汐止
- 125.229.65.83
- 60.248.164.91
### 新竹
- 220.132.236.89
- 211.72.69.222
### 璟茂
- 219.87.170.253
- 125.228.50.228
### 當前用戶
- 114.40.30.219 (當前IP)
## 完整IP清單一行一個
114.33.18.13
125.229.65.83
60.248.164.91
220.132.236.89
211.72.69.222
219.87.170.253
125.228.50.228
114.40.30.219
## 問題解決方案
### 如果顯示 127.0.0.1 的問題:
1. **檢查應用程式綁定設定**
- 確保應用程式綁定到 `0.0.0.0` 而不是 `127.0.0.1`
- 檢查配置文件中的 bind 設定
2. **常見的解決方法**
```bash
# 如果使用 Node.js
app.listen(3000, '0.0.0.0', () => {
console.log('Server running on 0.0.0.0:3000');
});
# 如果使用 Python Flask
app.run(host='0.0.0.0', port=5000)
# 如果使用 Apache
Listen 0.0.0.0:80
# 如果使用 Nginx
listen 80;
server_name _;
```
3. **檢查防火牆設定**
- 確保防火牆允許外部連接
- 檢查端口是否開放
4. **網路配置檢查**
- 確認網路介面卡設定正確
- 檢查路由表設定
## 防火牆規則格式(更新版)
### Windows 防火牆 (PowerShell)
```powershell
# 允許所有IP包含當前IP
$allowedIPs = @(
"114.33.18.13",
"125.229.65.83",
"60.248.164.91",
"220.132.236.89",
"211.72.69.222",
"219.87.170.253",
"125.228.50.228",
"114.40.30.219" # 當前IP
)
foreach ($ip in $allowedIPs) {
New-NetFirewallRule -DisplayName "允許IP: $ip" -Direction Inbound -RemoteAddress $ip -Action Allow
}
```
### Linux iptables
```bash
# 允許所有IP包含當前IP
iptables -A INPUT -s 114.33.18.13 -j ACCEPT
iptables -A INPUT -s 125.229.65.83 -j ACCEPT
iptables -A INPUT -s 60.248.164.91 -j ACCEPT
iptables -A INPUT -s 220.132.236.89 -j ACCEPT
iptables -A INPUT -s 211.72.69.222 -j ACCEPT
iptables -A INPUT -s 219.87.170.253 -j ACCEPT
iptables -A INPUT -s 125.228.50.228 -j ACCEPT
iptables -A INPUT -s 114.40.30.219 -j ACCEPT # 當前IP
```
## 程式碼格式(更新版)
### Python 列表
```python
ALLOWED_IPS = [
"114.33.18.13", # 岡山 Hinet
"125.229.65.83", # 汐止
"60.248.164.91", # 汐止
"220.132.236.89", # 新竹
"211.72.69.222", # 新竹
"219.87.170.253", # 璟茂
"125.228.50.228", # 璟茂
"114.40.30.219" # 當前IP
]
```
### JavaScript 陣列
```javascript
const allowedIPs = [
"114.33.18.13", // 岡山 Hinet
"125.229.65.83", // 汐止
"60.248.164.91", // 汐止
"220.132.236.89", // 新竹
"211.72.69.222", // 新竹
"219.87.170.253", // 璟茂
"125.228.50.228", // 璟茂
"114.40.30.219" // 當前IP
];
```
## 驗證腳本
### 檢查當前IP是否在允許清單中
```powershell
# PowerShell 驗證腳本
$currentIP = (Invoke-WebRequest -Uri "https://ifconfig.me/ip" -UseBasicParsing).Content.Trim()
$allowedIPs = @("114.33.18.13", "125.229.65.83", "60.248.164.91", "220.132.236.89", "211.72.69.222", "219.87.170.253", "125.228.50.228", "114.40.30.219")
if ($allowedIPs -contains $currentIP) {
Write-Host "✅ 當前IP ($currentIP) 在允許清單中" -ForegroundColor Green
} else {
Write-Host "❌ 當前IP ($currentIP) 不在允許清單中" -ForegroundColor Red
}
```
## 安全建議
1. **定期更新**建議定期檢查和更新IP地址清單
2. **記錄存取**記錄所有IP的存取日誌
3. **備用方案**:考慮設定備用的存取方式
4. **監控異常**監控未授權IP的存取嘗試
5. **網路分段**考慮使用VPN或專用網路
6. **IP變更通知**設定IP變更時的即時通知機制
Reference in New Issue View Git Blame Copy Permalink