diff --git a/src/main/java/com/realtime/protection/configuration/auth/Application.java b/src/main/java/com/realtime/protection/configuration/auth/Application.java
new file mode 100644
index 0000000..8f5291b
--- /dev/null
+++ b/src/main/java/com/realtime/protection/configuration/auth/Application.java
@@ -0,0 +1,22 @@
+package com.realtime.protection.configuration.auth;
+
+import org.springframework.boot.autoconfigure.SpringBootApplication;
+import org.springframework.cache.annotation.EnableCaching;
+import org.springframework.web.servlet.config.annotation.InterceptorRegistration;
+import org.springframework.web.servlet.config.annotation.InterceptorRegistry;
+import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;
+
+/**
+ * @author Yixiang Zhao (@seriouszyx)
+ **/
+@SpringBootApplication
+@EnableCaching
+public class Application implements WebMvcConfigurer {
+ @Override
+ public void addInterceptors(InterceptorRegistry registry) {
+// InterceptorRegistration ir = registry.addInterceptor(new LoginInterceptor());
+// ir.addPathPatterns("/**");
+// ir.excludePathPatterns("/js/**", "/html/**", "/image/**", "/css/**", "/api/**");
+ }
+}
+
diff --git a/src/main/java/com/realtime/protection/configuration/auth/LoginInterceptor.java b/src/main/java/com/realtime/protection/configuration/auth/LoginInterceptor.java
new file mode 100644
index 0000000..bd94552
--- /dev/null
+++ b/src/main/java/com/realtime/protection/configuration/auth/LoginInterceptor.java
@@ -0,0 +1,31 @@
+package com.realtime.protection.configuration.auth;
+
+import jakarta.servlet.http.HttpServletRequest;
+import jakarta.servlet.http.HttpServletResponse;
+import jakarta.servlet.http.HttpSession;
+
+import org.springframework.stereotype.Component;
+import org.springframework.web.context.request.WebRequestInterceptor;
+import org.springframework.web.servlet.HandlerInterceptor;
+import org.springframework.web.servlet.handler.WebRequestHandlerInterceptorAdapter;
+
+import com.realtime.protection.configuration.entity.user.User;
+import com.realtime.protection.configuration.response.ResponseResult;
+
+/**
+ * @author Yixiang Zhao
+ **/
+@Component
+public class LoginInterceptor implements HandlerInterceptor {
+ @Override
+ public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
+ HttpSession session = request.getSession();
+ User user = (User) session.getAttribute("user");
+ if (user != null) {
+ return true;
+ }
+ // 未登录
+ throw new Exception("not login");
+ }
+}
+
diff --git a/src/main/java/com/realtime/protection/configuration/entity/defense/template/Template.java b/src/main/java/com/realtime/protection/configuration/entity/defense/template/Template.java
index 890fd07..2e79b80 100644
--- a/src/main/java/com/realtime/protection/configuration/entity/defense/template/Template.java
+++ b/src/main/java/com/realtime/protection/configuration/entity/defense/template/Template.java
@@ -22,7 +22,6 @@ public class Template {
private String sourceSystem;
@JsonProperty("description")
- @NotNull(message = "source_system字段不能为空。")
@Schema(description = "对策略模板的文字描述。方便用户使用", example = "zd防护对象的全流量")
private String description;
diff --git a/src/main/java/com/realtime/protection/configuration/entity/task/TaskCommandInfo.java b/src/main/java/com/realtime/protection/configuration/entity/task/TaskCommandInfo.java
index 803d8a2..98258e9 100644
--- a/src/main/java/com/realtime/protection/configuration/entity/task/TaskCommandInfo.java
+++ b/src/main/java/com/realtime/protection/configuration/entity/task/TaskCommandInfo.java
@@ -97,7 +97,7 @@ public class TaskCommandInfo {
@Schema(description = "防御策略模板ID", accessMode = Schema.AccessMode.READ_ONLY)
private Integer templateId;
- @Schema(description = "防护等级", accessMode = Schema.AccessMode.READ_ONLY)
+ @Schema(description = "防护等级,1代表low、2代表medium、3代表high", accessMode = Schema.AccessMode.READ_ONLY)
private Integer protectLevel;
@Schema(description = "指令所属任务的运行状态", accessMode = Schema.AccessMode.READ_ONLY)
diff --git a/src/main/java/com/realtime/protection/server/alertmessage/AlertMessageService.java b/src/main/java/com/realtime/protection/server/alertmessage/AlertMessageService.java
index 5987f1f..c93897d 100644
--- a/src/main/java/com/realtime/protection/server/alertmessage/AlertMessageService.java
+++ b/src/main/java/com/realtime/protection/server/alertmessage/AlertMessageService.java
@@ -158,6 +158,7 @@ public class AlertMessageService {
}
CommunicateObject protectObject;
CommunicateObject peer;
+ //0代表命中防护对象在告警信息的源ip
if (protectIsSrcOrDst == 0) {
protectObject = new CommunicateObject(
fiveTupleWithMask.getSourceIP(),
@@ -211,8 +212,8 @@ public class AlertMessageService {
command1.setMaskSourcePort(peer.getMaskPort());
command1.setDestinationIP(protectObject.getIP());
command1.setMaskDestinationIP(protectObject.getMaskIP());
- command1.setSourcePort(protectObject.getPort());
- command1.setMaskSourcePort(protectObject.getMaskPort());
+ command1.setDestinationPort(protectObject.getPort());
+ command1.setMaskDestinationPort(protectObject.getMaskPort());
if (templateProtectLevel.getHasProtocol()){
command1.setProtocol(fiveTupleWithMask.getProtocol());
command1.setProtocol(fiveTupleWithMask.getMaskProtocol());
@@ -229,8 +230,8 @@ public class AlertMessageService {
command2.setDestinationIP(peer.getIP());
command2.setMaskDestinationIP(peer.getMaskIP());
- command2.setSourcePort(peer.getPort());
- command2.setMaskSourcePort(peer.getMaskPort());
+ command2.setDestinationPort(peer.getPort());
+ command2.setMaskDestinationPort(peer.getMaskPort());
if (templateProtectLevel.getHasProtocol()){
command2.setProtocol(fiveTupleWithMask.getProtocol());
command2.setProtocol(fiveTupleWithMask.getMaskProtocol());
diff --git a/src/main/java/com/realtime/protection/server/user/login/LoginController.java b/src/main/java/com/realtime/protection/server/user/login/LoginController.java
index 1693e74..b69f1b8 100644
--- a/src/main/java/com/realtime/protection/server/user/login/LoginController.java
+++ b/src/main/java/com/realtime/protection/server/user/login/LoginController.java
@@ -2,10 +2,7 @@ package com.realtime.protection.server.user.login;
import com.realtime.protection.configuration.entity.user.User;
import com.realtime.protection.configuration.response.ResponseResult;
-import org.springframework.web.bind.annotation.PostMapping;
-import org.springframework.web.bind.annotation.RequestBody;
-import org.springframework.web.bind.annotation.RequestMapping;
-import org.springframework.web.bind.annotation.RestController;
+import org.springframework.web.bind.annotation.*;
import javax.security.auth.login.LoginException;
@@ -36,4 +33,13 @@ public class LoginController {
.setData("userId", userId)
.setData("success", true);
}
+
+ @PostMapping("/auth")
+ public ResponseResult auth(@RequestParam("sessionData") String sessionData,
+ @RequestParam("accessToken") String accessToken,
+ @RequestParam(value = "scopes", required = false) String scopes) {
+ return ResponseResult.ok().setMessage("success")
+ .setData("success", true);
+ }
+
}
diff --git a/src/main/resources/mappers/AlertMessageMapper.xml b/src/main/resources/mappers/AlertMessageMapper.xml
index 98309a0..39f68d3 100644
--- a/src/main/resources/mappers/AlertMessageMapper.xml
+++ b/src/main/resources/mappers/AlertMessageMapper.xml
@@ -32,6 +32,7 @@
+
@@ -113,7 +114,8 @@
t_protect_level.has_peer_port,
t_protect_level.has_protocol,
t_protect_level.has_url,
- t_protect_level.has_dns
+ t_protect_level.has_dns,
+ t_protect_level.is_full_flow
FROM t_strategy_template
left join t_protect_level on t_strategy_template.strategy_template_low_level_id = t_protect_level.protect_level_id
diff --git a/src/test/java/com/realtime/protection/server/alertmessage/AlertMessageTest.java b/src/test/java/com/realtime/protection/server/alertmessage/AlertMessageTest.java
index a05d90c..56ae63b 100644
--- a/src/test/java/com/realtime/protection/server/alertmessage/AlertMessageTest.java
+++ b/src/test/java/com/realtime/protection/server/alertmessage/AlertMessageTest.java
@@ -56,7 +56,7 @@ public class AlertMessageTest {
object.setDynamicRuleFrequency(1);
object.setDynamicRulePriority(1);
object.setDynamicRuleRange("北京");
- object.setDynamicRuleProtectLevel(2);
+ object.setDynamicRuleProtectLevel(1);
object.setTemplateId(templates.get(0).getTemplateId());
object.setProtectObjectIds(List.of(new Integer[]{protectObject.get(0).getProtectObjectId()}));
Integer dynamicRuleId = dynamicRuleService.newDynamicRuleObject(object);
@@ -75,6 +75,7 @@ public class AlertMessageTest {
task.setTaskCreateDepart("xxx");
task.setDynamicRuleIds(List.of(new Integer[]{dynamicRuleId}));
Long taskId = taskService.newTask(task);
+ System.out.println(taskId);
//审核状态
taskService.changeTaskAuditStatus(taskId, 2);
//启动任务
@@ -83,16 +84,17 @@ public class AlertMessageTest {
for (int i = 0 ; i< 10; i++) {
AlertMessage alert = new AlertMessage();
FiveTupleWithMask fiveTupleWithMask = new FiveTupleWithMask();
- fiveTupleWithMask.setSourceIP("1.1.1." + i);
- fiveTupleWithMask.setDestinationIP("2.2.2." + i);
- fiveTupleWithMask.setSourcePort("80");
- fiveTupleWithMask.setDestinationPort("80");
+ fiveTupleWithMask.setSourceIP("111.1.1." + i);
+ fiveTupleWithMask.setDestinationIP("222.22.2." + i);
+ fiveTupleWithMask.setSourcePort("111");
+ fiveTupleWithMask.setDestinationPort("222");
fiveTupleWithMask.setProtocol("tcp");
alert.setDynamicRuleId(dynamicRuleId);
alert.setTaskId(taskId);
alert.setFiveTupleWithMask(fiveTupleWithMask);
alert.setContent("testcontent");
+ alert.setProtectIsSrcOrDst(1);
alertMessageService.processAlertMessage(alert);
}