1、修改策略模板的isFullFlow和isProtectObjectIPSrc为isProtectObjectDst和isProtectObjectSrc。并做其他相应修改

2、动态规则分页查询增加返回策略模板名称

src/main/java/com/realtime/protection/configuration/entity/defense/template/ProtectLevel.java

@@ -34,4 +34,10 @@ public class ProtectLevel {
 
     @Schema(description = "该防护等级防护对象ip地址是否作为源ip地址")
     private Boolean isProtectObjectIPSrc = false;
+
+    @Schema(description = "该防护等级防护对象ip地址是否作为目的地址")
+    private Boolean isProtectObjectDst = false;
+    @Schema(description = "该防护等级防护对象ip地址是否作为源地址")
+    private Boolean isProtectObjectSrc = false;
+
 }

src/main/java/com/realtime/protection/configuration/entity/defense/template/TemplateNew.java

@@ -60,11 +60,17 @@ public class TemplateNew {
     @Schema(description = "该防护等级是否需要提取DNS")
     private Boolean hasDNS = false;
 
-    @Schema(description = "该防护等级是处置防护对象的全流量or单向流量")
+//    @Schema(description = "该防护等级防护对象ip地址是否作为目的地址")
-    private Boolean isFullFlow = false;
+//    private Boolean isFullFlow = false;
+//
+//    @Schema(description = "该防护等级防护对象ip地址是否作为源地址")
+//    private Boolean isProtectObjectIPSrc = false;
 
-    @Schema(description = "该防护等级防护对象ip地址是否作为源ip地址")
+    @Schema(description = "该防护等级防护对象ip地址是否作为目的地址")
-    private Boolean isProtectObjectIPSrc = false;
+    private Boolean isProtectObjectDst = false;
+
+    @Schema(description = "该防护等级防护对象ip地址是否作为源地址")
+    private Boolean isProtectObjectSrc = false;
 
     @JsonProperty("template_used_times")
     @Schema(description = "防御策略模板使用次数", example = "20", accessMode = Schema.AccessMode.READ_ONLY)

src/main/java/com/realtime/protection/configuration/entity/rule/dynamicrule/DynamicRuleObject.java

@@ -56,6 +56,10 @@ public class DynamicRuleObject {
     @Schema(description = "响应时回复防护对象完整信息", accessMode = Schema.AccessMode.READ_ONLY)
     private List<ProtectObject> protectObjects;
 
+    @JsonProperty("strategy_template_name")
+    @Schema(description = "动态规则选择的策略模板", accessMode = Schema.AccessMode.READ_ONLY)
+    private String templateName;
+
 
     //还没有建立外键
     @JsonProperty("dynamic_rule_create_user_id")

src/main/java/com/realtime/protection/server/alertmessage/AlertMessageService.java

@@ -32,6 +32,10 @@ public class AlertMessageService {
     public void processAlertMessage(AlertMessage alertMessage) {
         //根据告警信息——>生成指令
         List<TaskCommandInfo> dynamicTaskCommandInfoList = generateDynamicCommand(alertMessage);
+        //可能isProtectSrcOrDst和isProtectSrcOrDst都为FALSE，说明没有生成指令
+        if(dynamicTaskCommandInfoList == null || dynamicTaskCommandInfoList.isEmpty()){
+            return;
+        }
         //获取任务状态，设置指令的isValid字段，且是否生成指令入库（除了RUNING\PAUSED状态，其他都不入command库）。
         Integer taskStatus = dynamicTaskCommandInfoList.get(0).getTaskStatus();
         //获取任务类型，设置指令的isJudged字段。
@@ -87,7 +91,9 @@ public class AlertMessageService {
         //根据策略模板的is_full_flow字段，如果是双向流量会生成两个fiveTuple，所以返回List
         List<FiveTupleWithMask> fiveTupleWithMaskNew =  updateFiveTupleWithMask(alertMessage.getFiveTupleWithMask(),
                 alertMessage.getProtectIsSrcOrDst(), templateProtectLevel);
-
+        if(fiveTupleWithMaskNew.isEmpty()){
+            return  null;
+        }
         //根据fiveTuple生成动态指令信息
         List<TaskCommandInfo> dynamicCommandInfoList = new ArrayList<>();
         if (fiveTupleWithMaskNew.size() == 2){
@@ -235,7 +241,7 @@ public class AlertMessageService {
             command2.setProtocol(fiveTupleWithMask.getProtocol());
             command2.setProtocol(fiveTupleWithMask.getMaskProtocol());
         }
-
+/*
         //若需要处置全方向流量，防护对象为源和目的的五元组都生成指令下发
         if(templateProtectLevel.getIsFullFlow()){
             newFiveTupleWithMask.add(command1);
@@ -249,6 +255,18 @@ public class AlertMessageService {
                 newFiveTupleWithMask.add(command1);
             }
         }
+*/
+
+        //若需要处置全方向流量，防护对象为源和目的的五元组都生成指令下发
+
+            // 判断防护对象为源还是目的，生成指令
+        if(templateProtectLevel.getIsProtectObjectIPSrc()){
+            newFiveTupleWithMask.add(command2);
+        }
+        if (templateProtectLevel.getIsProtectObjectDst()){
+            newFiveTupleWithMask.add(command1);
+        }
+
 
         //目前告警信息还只是五元组，没有url、dns
         return newFiveTupleWithMask;

src/main/resources/mappers/AlertMessageMapper.xml

@@ -36,8 +36,8 @@
         <result column="has_protocol" property="hasProtocol"/>
         <result column="has_url" property="hasURL"/>
         <result column="has_dns" property="hasDNS"/>
-        <result column="is_full_flow" property="isFullFlow"/>
+        <result column="is_protect_object_dst" property="isProtectObjectDst"/>
-        <result column="is_protect_object_src" property="isProtectObjectIPSrc"/>
+        <result column="is_protect_object_src" property="isProtectObjectSrc"/>
     </resultMap>
 
     <resultMap id="alertMessageMap" type="com.realtime.protection.configuration.entity.alert.AlertMessage">
@@ -143,7 +143,7 @@
         has_protocol,
         has_url,
         has_dns,
-        is_full_flow,
+        is_protect_object_dst,
         is_protect_object_src
         FROM t_strategy_template_new
         WHERE strategy_template_id = #{templateId}

src/main/resources/mappers/DynamicRuleMapper.xml

@@ -161,10 +161,11 @@
         <result column="dynamic_rule_create_username" property="dynamicRuleCreateUsername"/>
         <result column="dynamic_rule_create_depart" property="dynamicRuleCreateDepart"/>
         <result column="template_id" property="templateId"/>
-        <result column="dynamic_rule_protec_level" property="dynamicRuleProtectLevel"/>
+        <result column="dynamic_rule_protect_level" property="dynamicRuleProtectLevel"/>
         <result column="dynamic_rule_priority" property="dynamicRulePriority"/>
         <result column="dynamic_rule_frequency" property="dynamicRuleFrequency"/>
         <result column="dynamic_rule_create_user_id" property="dynamicRuleCreateUserId"/>
+
     </resultMap>
 
     <resultMap id="dynamicRulePageQueryMap" type="com.realtime.protection.configuration.entity.rule.dynamicrule.DynamicRuleObject">
@@ -179,11 +180,13 @@
         <result column="dynamic_rule_frequency" property="dynamicRuleFrequency"/>
         <result column="audit_status" property="auditStatus"/>
 <!--        <result column="protect_object_id" property="protectObjectIds"/>-->
-        <result column="strategy_template_name" property="dynamicRuleEventType"/>
+        <result column="event_type" property="dynamicRuleEventType"/>
         <result column="strategy_template_source_system" property="dynamicRuleSourceSystem"/>
-        <result column="event_type" property="dynamicRuleSourceSystem"/>
+<!--        <result column="event_type" property="dynamicRuleSourceSystem"/>-->
         <result column="protect_level" property="dynamicRuleProtectLevel"/>
 
+        <result column="strategy_template_name" property="templateName"/>
+
         <result column="audit_status" property="auditStatus"/>
         <result column="dynamic_rule_display_id" property="dynamicRuleDisplayId"/>
         <result column="audit_user_name" property="auditUserName"/>
@@ -270,8 +273,8 @@
         <result column="has_dns" property="hasDNS"/>
         <result column="has_peer_ip" property="hasPeerIP"/>
         <result column="has_peer_port" property="hasPeerPort"/>
-        <result column="is_full_flow" property="isFullFlow"/>
+        <result column="is_protect_object_dst" property="isProtectObjectDst"/>
-        <result column="is_protect_object_src" property="isProtectObjectIPSrc"/>
+        <result column="is_protect_object_src" property="isProtectObjectSrc"/>
 
     </resultMap>
 

src/main/resources/mappers/TemplateNewMapper.xml

@@ -7,7 +7,7 @@
         INSERT INTO t_strategy_template_new(strategy_template_name, strategy_template_source_system,
                                         has_protect_object_ip, has_protect_object_port,
                                         has_protocol, has_url, has_dns,
-                                        has_peer_ip, has_peer_port, is_full_flow, is_protect_object_src,
+                                        has_peer_ip, has_peer_port, is_protect_object_dst, is_protect_object_src,
                                         strategy_template_create_user_id, strategy_template_create_username,
                                         strategy_template_create_depart,
                                         strategy_template_description, strategy_template_display_id,
@@ -15,8 +15,8 @@
             VALUE (#{template.templateName}, #{template.sourceSystem},
                      #{template.hasProtectObjectIP}, #{template.hasProtectObjectPort},
                         #{template.hasProtocol}, #{template.hasURL}, #{template.hasDNS},
-                        #{template.hasPeerIP}, #{template.hasPeerPort}, #{template.isFullFlow},
+                        #{template.hasPeerIP}, #{template.hasPeerPort}, #{template.isProtectObjectDst},
-                        #{template.isProtectObjectIPSrc},
+                        #{template.isProtectObjectSrc},
                    #{template.createUserId}, #{template.createUsername}, #{template.createDepart},
                    #{template.description}, #{template.templateDisplayId},
             #{template.eventType}, #{template.protectLevel})
@@ -37,8 +37,8 @@
             <if test="template.hasDNS != null">has_dns = #{template.hasDNS},</if>
             <if test="template.hasPeerIP != null">has_peer_ip = #{template.hasPeerIP},</if>
             <if test="template.hasPeerPort != null">has_peer_port =  #{template.hasPeerPort},</if>
-            <if test="template.isFullFlow != null">is_full_flow = #{template.isFullFlow},</if>
+            <if test="template.isProtectObjectDst != null">is_protect_object_dst = #{template.isProtectObjectDst},</if>
-            <if test="template.isProtectObjectIPSrc != null">is_protect_object_src = #{template.isProtectObjectIPSrc},</if>
+            <if test="template.isProtectObjectSrc != null">is_protect_object_src = #{template.isProtectObjectSrc},</if>
 
             modify_time = NOW()
         </set>
@@ -104,8 +104,8 @@
         <result column="has_dns" property="hasDNS"/>
         <result column="has_peer_ip" property="hasPeerIP"/>
         <result column="has_peer_port" property="hasPeerPort"/>
-        <result column="is_full_flow" property="isFullFlow"/>
+        <result column="is_protect_object_dst" property="isProtectObjectDst"/>
-        <result column="is_protect_object_src" property="isProtectObjectIPSrc"/>
+        <result column="is_protect_object_src" property="isProtectObjectSrc"/>
 
     </resultMap>
 

src/test/java/com/realtime/protection/server/alertmessage/AlertMessageTest.java

@@ -4,12 +4,13 @@ import com.github.xiaoymin.knife4j.annotations.Ignore;
 import com.realtime.protection.configuration.entity.alert.AlertMessage;
 import com.realtime.protection.configuration.entity.defense.object.ProtectObject;
 import com.realtime.protection.configuration.entity.defense.template.Template;
+import com.realtime.protection.configuration.entity.defense.template.TemplateNew;
 import com.realtime.protection.configuration.entity.rule.dynamicrule.DynamicRuleObject;
 import com.realtime.protection.configuration.entity.task.FiveTupleWithMask;
 import com.realtime.protection.configuration.entity.task.Task;
 import com.realtime.protection.configuration.exception.DorisStartException;
 import com.realtime.protection.server.defense.object.ProtectObjectService;
-import com.realtime.protection.server.defense.template.TemplateService;
+import com.realtime.protection.server.defense.templatenew.TemplateService;
 import com.realtime.protection.server.rule.dynamicrule.DynamicRuleService;
 import com.realtime.protection.server.task.TaskService;
 import com.realtime.protection.server.task.status.StateChangeService;
@@ -50,8 +51,8 @@ public class AlertMessageTest {
                 null, null, null, null,
                 null, null, null, null,
                 null, null, 1, 1);
-        List<Template> templates = templateService.queryTemplates(
+        List<TemplateNew> templates = templateService.queryTemplates(
-                null, null, null, null, null,1, 1);
+                null, null, null, null, null,null,null,1, 1);
 
         DynamicRuleObject object = new DynamicRuleObject();
         object.setDynamicRuleName("UpdateDynamicRule2");

src/test/java/com/realtime/protection/server/defense/template/TemplateServiceTest.java

@@ -46,7 +46,7 @@ class TemplateServiceTest extends ProtectionApplicationTests {
 
         ProtectLevel protectLevelHigh = new ProtectLevel();
         protectLevelHigh.setHasDNS(true);
-        protectLevelHigh.setIsFullFlow(true);
+//        protectLevelHigh.setIsFullFlow(true);
 
         template.setProtectLevelLow(protectLevelLow);
         template.setProtectLevelMedium(protectLevelMedium);

src/test/java/com/realtime/protection/server/task/TaskServiceTest.java

@@ -3,6 +3,7 @@ package com.realtime.protection.server.task;
 import com.realtime.protection.ProtectionApplicationTests;
 import com.realtime.protection.configuration.entity.defense.object.ProtectObject;
 import com.realtime.protection.configuration.entity.defense.template.Template;
+import com.realtime.protection.configuration.entity.defense.template.TemplateNew;
 import com.realtime.protection.configuration.entity.rule.dynamicrule.DynamicRuleObject;
 import com.realtime.protection.configuration.entity.rule.staticrule.StaticRuleObject;
 import com.realtime.protection.configuration.entity.task.DynamicTaskInfo;
@@ -11,7 +12,7 @@ import com.realtime.protection.configuration.entity.task.TaskCommandInfo;
 import com.realtime.protection.configuration.exception.DorisStartException;
 import com.realtime.protection.server.command.CommandService;
 import com.realtime.protection.server.defense.object.ProtectObjectService;
-import com.realtime.protection.server.defense.template.TemplateService;
+import com.realtime.protection.server.defense.templatenew.TemplateService;
 import com.realtime.protection.server.rule.dynamicrule.DynamicRuleService;
 import com.realtime.protection.server.rule.staticrule.StaticRuleService;
 import com.realtime.protection.server.task.status.StateChangeService;
@@ -294,8 +295,8 @@ class TaskServiceTest extends ProtectionApplicationTests {
                 null, null, null, null,
                 null, null, null, null,
                 null, null, 1, 1);
-        List<Template> templates = templateService.queryTemplates(
+        List<TemplateNew> templates = templateService.queryTemplates(
-                null, null, null,null, null,1, 1);
+                null, null, null,null, null,null,null,1, 1);
 
         DynamicRuleObject object = new DynamicRuleObject();
         object.setDynamicRuleName("testStartDynamicTask");
@@ -329,7 +330,7 @@ class TaskServiceTest extends ProtectionApplicationTests {
         //审核状态
         taskService.changeTaskAuditStatus(taskId, 2);
         //启动任务
-//        stateChangeService.changeState(2, taskId, false);
+        stateChangeService.changeState(2, taskId, false);
 
 //        System.out.println(commandService.queryCommandInfos(taskId, null, null, null, null, 1, 5));
     }