gosonzhang opened a new issue, #7904: URL: https://github.com/apache/inlong/issues/7904
### Description When DataProxy is running online, we will control the access of the reporting terminal based on the needs of operation and maintenance, for example, nodes with specified IPs are not allowed to report data, and nodes with specified IPs are allowed to report data. The former is called the blacklist function, and the latter is called the whitelist function. Based on the above scenario description, the blacklist only needs to be set in the configuration file to take effect, the IPs in the configuration file need to be rejected by DataProxy, or it is allowed if the IP is not in the configuration file; the IPs in the whitelist configuration are all allowed, or it will be rejected if the IP is not in the whitelist. Because there are situations where the whitelist configuration file exists without enabling it, if the function is not explicitly enabled, the system will be confused whether the whitelist check function needs to be executed in this case. Therefore, the whitelist function must have an enable parameter to display mode control is enabled; After adding the blacklist and whitelist mechanisms, DataProxy first checks the blacklist and then the whitelist when doing access checks; when checking whether the IP is in the whitelist, check if the whitelist function is enabled, and not if it is not enabled examine Everyone will say, why not use iptables? The main reason is that multiple components may be started on the node where DataProxy is located. Simply setting iptables may affect other nodes; at the same time, we can nified management and control logic by adding this mechanism in DataProxy ### Use case 1. Prohibit the nodes in the specified IP set from reporting data; 2. Only nodes within the specified IP set are allowed to report data ### Are you willing to submit PR? - [X] Yes, I am willing to submit a PR! ### Code of Conduct - [X] I agree to follow this project's [Code of Conduct](https://www.apache.org/foundation/policies/conduct) -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
