1、WhiteList新增testWhiteListCommandJudge方法,判断指令是否命中白名单
existWhiteListObject方法根据规则id,判断规则是否命中白名单还有待完善
This commit is contained in:
Hao Miao
@@ -126,14 +126,15 @@ public class WhiteListController {
|
||||
|
||||
|
||||
//查询ip是否存在于白名单
|
||||
@PostMapping("/exist")
|
||||
public ResponseResult existWhiteListObject(@RequestBody List<Integer> ruleIds) {
|
||||
@RequestMapping ("/exist")
|
||||
public ResponseResult existWhiteListObject(@RequestParam(value = "ruleId", required = true)Integer ruleId,
|
||||
@RequestParam(value = "ruleType", required = true)Integer ruleType) {
|
||||
//是请求规则的id,然后判断这个id所属的ip是否在白名单中吗
|
||||
//静态应该可以,但动态的,动态是实时过来告警信息,不存储规则? 存的话也行,那这里要区分id是静态的还是动态的
|
||||
//这里先走通静态的,要获取规则的源IP和目的IP,去白名单select看有没有(有的还有IP掩码,暂未实现)
|
||||
|
||||
//返回涉及IP在白名单中的id,
|
||||
List<String> ruleInWhiteListIds = whiteListService.existWhiteListObject(ruleIds);
|
||||
//返回在白名单中的IP,
|
||||
List<String> ruleInWhiteListIds = whiteListService.existWhiteListObject(ruleId, ruleType);
|
||||
|
||||
return ResponseResult.ok()
|
||||
.setData("ip_list", ruleInWhiteListIds);
|
||||
|
||||
@@ -1,6 +1,7 @@
|
||||
package com.realtime.protection.server.whitelist;
|
||||
|
||||
import com.realtime.protection.configuration.entity.rule.staticrule.StaticRuleObject;
|
||||
import com.realtime.protection.configuration.entity.task.Command;
|
||||
import com.realtime.protection.configuration.entity.whitelist.WhiteListObject;
|
||||
import org.apache.ibatis.annotations.Delete;
|
||||
import org.apache.ibatis.annotations.Mapper;
|
||||
@@ -23,7 +24,7 @@ public interface WhiteListMapper {
|
||||
|
||||
Integer updateWhiteListObject(@Param("object") WhiteListObject object);
|
||||
|
||||
String existWhiteListObject(@Param("staticRuleObject")StaticRuleObject staticRuleObject);
|
||||
List<String> existWhiteListObject(@Param("staticRuleObject")StaticRuleObject staticRuleObject);
|
||||
|
||||
Integer queryWhiteListObjectAuditStuatusById(Integer id);
|
||||
|
||||
@@ -32,4 +33,6 @@ public interface WhiteListMapper {
|
||||
void newWhiteListObjects(@Param("whiteListObjects")List<WhiteListObject> whiteListBatch);
|
||||
|
||||
void deleteWhiteListObjects(@Param("whiteListIds") List<Integer> whiteListBatch);
|
||||
|
||||
List<WhiteListObject> whiteListCommandJudge(@Param("command") Command command);
|
||||
}
|
||||
|
||||
@@ -2,6 +2,7 @@ package com.realtime.protection.server.whitelist;
|
||||
|
||||
import com.alibaba.excel.util.ListUtils;
|
||||
import com.realtime.protection.configuration.entity.rule.staticrule.StaticRuleObject;
|
||||
import com.realtime.protection.configuration.entity.task.Command;
|
||||
import com.realtime.protection.configuration.entity.whitelist.WhiteListObject;
|
||||
import com.realtime.protection.configuration.utils.status.AuditStatusValidator;
|
||||
import com.realtime.protection.configuration.utils.SqlSessionWrapper;
|
||||
@@ -9,7 +10,6 @@ import com.realtime.protection.server.rule.staticrule.StaticRuleMapper;
|
||||
import org.springframework.stereotype.Service;
|
||||
import org.springframework.transaction.annotation.Transactional;
|
||||
|
||||
import java.util.ArrayList;
|
||||
import java.util.HashMap;
|
||||
import java.util.List;
|
||||
import java.util.Map;
|
||||
@@ -113,20 +113,25 @@ public class WhiteListService {
|
||||
return whiteListMapper.queryWhiteListObjectById(id);
|
||||
}
|
||||
|
||||
public List<String> existWhiteListObject(List<Integer> ruleIds) {
|
||||
@Transactional
|
||||
public List<String> existWhiteListObject(Integer ruleId, Integer ruleType) {
|
||||
//应该参数是指令,不管动态静态
|
||||
|
||||
List<String> ip_list = new ArrayList<>();
|
||||
//查询ruleId应对的静态or动态规则
|
||||
StaticRuleObject staticRuleObject = staticRuleMapper.queryStaticRuleById(ruleId);
|
||||
|
||||
for (Integer id : ruleIds) {
|
||||
StaticRuleObject staticRuleObject = staticRuleMapper.queryStaticRuleById(id);
|
||||
if (staticRuleObject != null) {
|
||||
String whiteListIp = whiteListMapper.existWhiteListObject(staticRuleObject);
|
||||
if (whiteListIp != null) {
|
||||
ip_list.add(whiteListIp);
|
||||
}
|
||||
}
|
||||
if (staticRuleObject == null) {
|
||||
throw new IllegalArgumentException("invalid rule id");
|
||||
}
|
||||
return ip_list;
|
||||
// 命中的whitelist列表:每一列包含ip port url
|
||||
return whiteListMapper.existWhiteListObject(staticRuleObject);
|
||||
|
||||
}
|
||||
public List<WhiteListObject> whiteListCommandJudge(Command command) {
|
||||
//参数应该是指令,不管动态静态
|
||||
// 命中的whitelist列表:每一列包含ip port url
|
||||
return whiteListMapper.whiteListCommandJudge(command);
|
||||
|
||||
}
|
||||
|
||||
@Transactional
|
||||
|
||||
Reference in New Issue
Block a user