refactor(tcp): remove unused netutil packages and optimize remote IP handling

Remove unused drip/internal/shared/netutil import package,
Directly use the remoteIP field of the connection object instead of the netutil.ExtractIP call.
Add private IP address checking logic in WebSocket connection handling.

internal/server/tcp/connection.go

@@ -19,7 +19,6 @@ import (
 	"drip/internal/server/tunnel"
 	"drip/internal/shared/constants"
 	"drip/internal/shared/httputil"
-	"drip/internal/shared/netutil"
 	"drip/internal/shared/protocol"
 	"drip/internal/shared/qos"
 
@@ -193,11 +192,6 @@ func (c *Connection) Handle() error {
 		c.logger,
 	)
 
-	remoteIP := c.remoteIP
-	if remoteIP == "" && c.conn != nil {
-		remoteIP = netutil.ExtractIP(c.conn.RemoteAddr().String())
-	}
-
 	regReq := &RegistrationRequest{
 		TunnelType:       req.TunnelType,
 		CustomSubdomain:  req.CustomSubdomain,
@@ -207,7 +201,7 @@ func (c *Connection) Handle() error {
 		IPAccess:         req.IPAccess,
 		ProxyAuth:        req.ProxyAuth,
 		LocalPort:        req.LocalPort,
-		RemoteIP:         remoteIP,
+		RemoteIP:         c.remoteIP,
 	}
 
 	result, err := regHandler.Register(regReq)

internal/server/tcp/listener.go

@@ -306,7 +306,6 @@ func (l *Listener) handleConnection(netConn net.Conn) {
 		HTTPHandler:  l.httpHandler,
 		GroupManager: l.groupManager,
 		HTTPListener: l.httpListener,
-		RemoteIP:     netutil.ExtractIP(netConn.RemoteAddr().String()),
 	})
 	conn.SetAllowedTunnelTypes(l.allowedTunnelTypes)
 	conn.SetAllowedTransports(l.allowedTransports)
@@ -426,6 +425,9 @@ func (l *Listener) HandleWSConnection(conn net.Conn, remoteAddr string) {
 	if remoteIP == "" {
 		remoteIP = netutil.ExtractIP(conn.RemoteAddr().String())
 	}
+	if netutil.IsPrivateIP(remoteIP) {
+		remoteIP = ""
+	}
 
 	// Create connection handler (no TLS verification needed - already done by HTTP server)
 	tcpConn := NewConnection(ConnectionConfig{