1、start_springboot.sh后端添加权限系统url的域名解析服务器

2、审批意见接口，审批info字段为空不报错 3、修改防护对象、动态规则分页查询bug 4、告警信息处理新增对IsProtectObjectIPSrc的判断
2024-05-14 21:37:22 +08:00
parent 74e54a4c9b
commit bd85612c89
11 changed files with 47 additions and 33 deletions
--- a/src/main/java/com/realtime/protection/server/alertmessage/AlertMessageService.java
+++ b/src/main/java/com/realtime/protection/server/alertmessage/AlertMessageService.java
@@ -204,7 +204,7 @@ public class AlertMessageService {
            peer.setMaskPort(null);
        }
        List<FiveTupleWithMask> newFiveTupleWithMask = new ArrayList<>();
-        //生成指令
+        //生成指令command1：防护对象为目的的五元组
        FiveTupleWithMask command1 = new FiveTupleWithMask();
        command1.setSourceIP(peer.getIP());
        command1.setMaskSourceIP(peer.getMaskIP());
@@ -218,25 +218,36 @@ public class AlertMessageService {
            command1.setProtocol(fiveTupleWithMask.getProtocol());
            command1.setProtocol(fiveTupleWithMask.getMaskProtocol());
        }
-        newFiveTupleWithMask.add(command1);
-        //若需要处置全方向流量，再生成防护对象为源的规则
+//        newFiveTupleWithMask.add(command1);
+        //生成指令command2：防护对象为源的五元组
+        FiveTupleWithMask command2 = new FiveTupleWithMask();
+
+        command2.setSourceIP(protectObject.getIP());
+        command2.setMaskSourceIP(protectObject.getMaskIP());
+        command2.setSourcePort(protectObject.getPort());
+        command2.setMaskSourcePort(protectObject.getMaskPort());
+
+        command2.setDestinationIP(peer.getIP());
+        command2.setMaskDestinationIP(peer.getMaskIP());
+        command2.setDestinationPort(peer.getPort());
+        command2.setMaskDestinationPort(peer.getMaskPort());
+        if (templateProtectLevel.getHasProtocol()){
+            command2.setProtocol(fiveTupleWithMask.getProtocol());
+            command2.setProtocol(fiveTupleWithMask.getMaskProtocol());
+        }
+
+        //若需要处置全方向流量，防护对象为源和目的的五元组都生成指令下发
        if(templateProtectLevel.getIsFullFlow()){
-            FiveTupleWithMask command2 = new FiveTupleWithMask();
-
-            command2.setSourceIP(protectObject.getIP());
-            command2.setMaskSourceIP(protectObject.getMaskIP());
-            command2.setSourcePort(protectObject.getPort());
-            command2.setMaskSourcePort(protectObject.getMaskPort());
-
-            command2.setDestinationIP(peer.getIP());
-            command2.setMaskDestinationIP(peer.getMaskIP());
-            command2.setDestinationPort(peer.getPort());
-            command2.setMaskDestinationPort(peer.getMaskPort());
-            if (templateProtectLevel.getHasProtocol()){
-                command2.setProtocol(fiveTupleWithMask.getProtocol());
-                command2.setProtocol(fiveTupleWithMask.getMaskProtocol());
-            }
+            newFiveTupleWithMask.add(command1);
            newFiveTupleWithMask.add(command2);
+        }else {
+            //不需要处置全方向流量
+            // 判断防护对象为源还是目的，生成指令
+            if(templateProtectLevel.getIsProtectObjectIPSrc()){
+                newFiveTupleWithMask.add(command2);
+            }else {
+                newFiveTupleWithMask.add(command1);
+            }
        }

        //目前告警信息还只是五元组，没有url、dns