From b0091eb4c055ce25554e67856be78448a635af0d Mon Sep 17 00:00:00 2001 From: zhangdongxu Date: Wed, 19 Sep 2018 14:53:19 +0800 Subject: [PATCH] =?UTF-8?q?1=E3=80=81rule.properties=E5=90=88=E5=BA=93?= =?UTF-8?q?=E5=89=8D=E5=90=8E=E5=88=86=E6=88=90=E4=B8=A4=E4=B8=AA=E6=96=87?= =?UTF-8?q?=E4=BB=B6=EF=BC=8Crule.test=E4=B8=BA=E5=90=88=E5=BA=93=E5=89=8D?= =?UTF-8?q?=E7=9A=84=E9=85=8D=E7=BD=AE=E6=96=87=E4=BB=B6=EF=BC=9B=202?= =?UTF-8?q?=E3=80=81=E6=B7=BB=E5=8A=A0=E8=AF=B4=E8=AF=9D=E4=BA=BA=E8=AF=86?= =?UTF-8?q?=E5=88=AB=E3=80=81=E5=8F=B0=E6=A0=87=E8=AF=86=E5=88=AB=E3=80=81?= =?UTF-8?q?=E4=BA=BA=E8=84=B8=E8=AF=86=E5=88=AB=E5=8E=9F=E5=A7=8B=E6=97=A5?= =?UTF-8?q?=E5=BF=97=E6=9F=A5=E8=AF=A2=E6=8E=A5=E5=8F=A3=EF=BC=9B=203?= =?UTF-8?q?=E3=80=81=E5=A4=9A=E5=AA=92=E4=BD=93=E4=B8=9A=E5=8A=A1=E6=B7=BB?= =?UTF-8?q?=E5=8A=A0MM=5FSUBSCRIBE=5FID;=204=E3=80=81=E6=97=A5=E5=BF=97?= =?UTF-8?q?=E6=80=BB=E9=87=8F=E7=BB=9F=E8=AE=A1=E9=BB=98=E8=AE=A4=E6=97=B6?= =?UTF-8?q?=E9=97=B4=E7=94=B1=E6=9C=80=E8=BF=915=E5=88=86=E9=92=9F?= =?UTF-8?q?=E6=94=B9=E4=B8=BA=E6=9F=A5=E8=AF=A2=E5=85=A8=E9=83=A8?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../restful/MmFaceRecognizationLog.java | 73 +++++ .../domain/restful/MmLogoDetectionLog.java | 73 +++++ .../restful/MmSpeakerRecognizationLog.java | 73 +++++ .../restful/MmLogSearchController.java | 167 +++++++++- .../restful/SingleDimensionReport.java | 4 + .../java/com/nis/web/dao/DfLogSearchDao.xml | 130 ++++++++ .../applicationConfig-rule.properties | 65 +--- .../applicationConfig-rule.test.properties | 309 ++++++++++++++++++ .../resources/applicationLog-hive.properties | 5 +- 9 files changed, 845 insertions(+), 54 deletions(-) create mode 100644 src/main/java/com/nis/domain/restful/MmFaceRecognizationLog.java create mode 100644 src/main/java/com/nis/domain/restful/MmLogoDetectionLog.java create mode 100644 src/main/java/com/nis/domain/restful/MmSpeakerRecognizationLog.java create mode 100644 src/main/resources/applicationConfig-rule.test.properties diff --git a/src/main/java/com/nis/domain/restful/MmFaceRecognizationLog.java b/src/main/java/com/nis/domain/restful/MmFaceRecognizationLog.java new file mode 100644 index 0000000..d585f7a --- /dev/null +++ b/src/main/java/com/nis/domain/restful/MmFaceRecognizationLog.java @@ -0,0 +1,73 @@ +package com.nis.domain.restful; + +import com.nis.domain.LogEntity; +import com.wordnik.swagger.annotations.ApiModelProperty; + +/** + * + * @ClassName:MmFaceRecognizationLog + * @Description:TODO(这里用一句话描述这个类的作用) + * @author (zdx) + * @date 2018年9月17日 下午5:30:53 + * @version V1.0 + */ +public class MmFaceRecognizationLog extends LogEntity { + + private static final long serialVersionUID = -6177790560553329386L; + @ApiModelProperty(value="节目ID", required=true) + protected String pid; + @ApiModelProperty(value="节目访问地址", required=true) + protected String url; + @ApiModelProperty(value="封堵现场片段路径", required=true) + protected String logUri; + @ApiModelProperty(value="入口页面", required=true) + protected String referer; + @ApiModelProperty(value="有害级别", required=true) + protected Integer level; + @ApiModelProperty(value="封堵类型", required=true) + protected Integer fdType; + @ApiModelProperty(value="协议", required=true) + protected String protocol; + public String getPid() { + return pid; + } + public void setPid(String pid) { + this.pid = pid; + } + public String getUrl() { + return url; + } + public void setUrl(String url) { + this.url = url; + } + public String getLogUri() { + return logUri; + } + public void setLogUri(String logUri) { + this.logUri = logUri; + } + public String getReferer() { + return referer; + } + public void setReferer(String referer) { + this.referer = referer; + } + public Integer getLevel() { + return level; + } + public void setLevel(Integer level) { + this.level = level; + } + public Integer getFdType() { + return fdType; + } + public void setFdType(Integer fdType) { + this.fdType = fdType; + } + public String getProtocol() { + return protocol; + } + public void setProtocol(String protocol) { + this.protocol = protocol; + } +} diff --git a/src/main/java/com/nis/domain/restful/MmLogoDetectionLog.java b/src/main/java/com/nis/domain/restful/MmLogoDetectionLog.java new file mode 100644 index 0000000..e03b86d --- /dev/null +++ b/src/main/java/com/nis/domain/restful/MmLogoDetectionLog.java @@ -0,0 +1,73 @@ +package com.nis.domain.restful; + +import com.nis.domain.LogEntity; +import com.wordnik.swagger.annotations.ApiModelProperty; + +/** + * + * @ClassName:MmLogoDetectionLog + * @Description:TODO(这里用一句话描述这个类的作用) + * @author (zdx) + * @date 2018年9月17日 下午5:35:10 + * @version V1.0 + */ +public class MmLogoDetectionLog extends LogEntity { + + private static final long serialVersionUID = -6177790560553329386L; + @ApiModelProperty(value="节目ID", required=true) + protected String pid; + @ApiModelProperty(value="节目访问地址", required=true) + protected String url; + @ApiModelProperty(value="封堵现场片段路径", required=true) + protected String logUri; + @ApiModelProperty(value="入口页面", required=true) + protected String referer; + @ApiModelProperty(value="有害级别", required=true) + protected Integer level; + @ApiModelProperty(value="封堵类型", required=true) + protected Integer fdType; + @ApiModelProperty(value="协议", required=true) + protected String protocol; + public String getPid() { + return pid; + } + public void setPid(String pid) { + this.pid = pid; + } + public String getUrl() { + return url; + } + public void setUrl(String url) { + this.url = url; + } + public String getLogUri() { + return logUri; + } + public void setLogUri(String logUri) { + this.logUri = logUri; + } + public String getReferer() { + return referer; + } + public void setReferer(String referer) { + this.referer = referer; + } + public Integer getLevel() { + return level; + } + public void setLevel(Integer level) { + this.level = level; + } + public Integer getFdType() { + return fdType; + } + public void setFdType(Integer fdType) { + this.fdType = fdType; + } + public String getProtocol() { + return protocol; + } + public void setProtocol(String protocol) { + this.protocol = protocol; + } +} diff --git a/src/main/java/com/nis/domain/restful/MmSpeakerRecognizationLog.java b/src/main/java/com/nis/domain/restful/MmSpeakerRecognizationLog.java new file mode 100644 index 0000000..8e84ca9 --- /dev/null +++ b/src/main/java/com/nis/domain/restful/MmSpeakerRecognizationLog.java @@ -0,0 +1,73 @@ +package com.nis.domain.restful; + +import com.nis.domain.LogEntity; +import com.wordnik.swagger.annotations.ApiModelProperty; + +/** + * + * @ClassName:MmSpeakerRecognizationLog + * @Description:TODO(这里用一句话描述这个类的作用) + * @author (zdx) + * @date 2018年9月17日 下午5:36:48 + * @version V1.0 + */ +public class MmSpeakerRecognizationLog extends LogEntity { + + private static final long serialVersionUID = -6177790560553329386L; + @ApiModelProperty(value="节目ID", required=true) + protected String pid; + @ApiModelProperty(value="节目访问地址", required=true) + protected String url; + @ApiModelProperty(value="封堵现场片段路径", required=true) + protected String logUri; + @ApiModelProperty(value="入口页面", required=true) + protected String referer; + @ApiModelProperty(value="有害级别", required=true) + protected Integer level; + @ApiModelProperty(value="封堵类型", required=true) + protected Integer fdType; + @ApiModelProperty(value="协议", required=true) + protected String protocol; + public String getPid() { + return pid; + } + public void setPid(String pid) { + this.pid = pid; + } + public String getUrl() { + return url; + } + public void setUrl(String url) { + this.url = url; + } + public String getLogUri() { + return logUri; + } + public void setLogUri(String logUri) { + this.logUri = logUri; + } + public String getReferer() { + return referer; + } + public void setReferer(String referer) { + this.referer = referer; + } + public Integer getLevel() { + return level; + } + public void setLevel(Integer level) { + this.level = level; + } + public Integer getFdType() { + return fdType; + } + public void setFdType(Integer fdType) { + this.fdType = fdType; + } + public String getProtocol() { + return protocol; + } + public void setProtocol(String protocol) { + this.protocol = protocol; + } +} diff --git a/src/main/java/com/nis/web/controller/restful/MmLogSearchController.java b/src/main/java/com/nis/web/controller/restful/MmLogSearchController.java index dd63296..938d49a 100644 --- a/src/main/java/com/nis/web/controller/restful/MmLogSearchController.java +++ b/src/main/java/com/nis/web/controller/restful/MmLogSearchController.java @@ -18,6 +18,8 @@ import com.nis.domain.LogEntity; import com.nis.domain.Page; import com.nis.domain.restful.MmAvIpLog; import com.nis.domain.restful.MmAvUrlLog; +import com.nis.domain.restful.MmFaceRecognizationLog; +import com.nis.domain.restful.MmLogoDetectionLog; import com.nis.domain.restful.MmPicIpLog; import com.nis.domain.restful.MmPicUrlLog; import com.nis.domain.restful.MmPornAudioLevelLog; @@ -26,14 +28,14 @@ import com.nis.domain.restful.MmSampleAudioLog; import com.nis.domain.restful.MmSamplePicLog; import com.nis.domain.restful.MmSampleVideoLog; import com.nis.domain.restful.MmSampleVoipLog; +import com.nis.domain.restful.MmSpeakerRecognizationLog; import com.nis.domain.restful.MmVoipAccountLog; import com.nis.domain.restful.MmVoipIpLog; import com.nis.restful.RestServiceException; -import com.nis.util.Configurations; import com.nis.util.Constants; import com.nis.util.DateUtils; -import com.nis.util.LogJDBCByDruid; import com.nis.util.JsonMapper; +import com.nis.util.LogJDBCByDruid; import com.nis.util.StringUtil; import com.nis.web.controller.BaseRestController; import com.nis.web.service.AuditLogThread; @@ -701,6 +703,167 @@ public class MmLogSearchController extends BaseRestController { logPage, 0); } + @RequestMapping(value = "/mmSpeakerRecognizationLogs", method = RequestMethod.GET) + @ApiOperation(value = "说话人识别日志查询", httpMethod = "GET", notes = "对日志功能“说话人识别日志”提供数据基础查询服务") + public Map mmSpeakerRecognizationLogs(Page page, MmSpeakerRecognizationLog mmSpeakerRecognizationLog, Model model, HttpServletRequest request, + HttpServletResponse response) { + long start = System.currentTimeMillis(); + AuditLogThread auditLogThread = super.saveRequestLog(servicesRequestLogService, Constants.OPACTION_GET, + request, null); + + Page logPage = null; + try { + resetTime(mmSpeakerRecognizationLog); + ntcLogService.queryConditionCheck(auditLogThread, start, mmSpeakerRecognizationLog, MmSpeakerRecognizationLog.class, page); + logPage = new Page(); + logPage.setPageNo(page.getPageNo()); + logPage.setPageSize(page.getPageSize()); + String orderBy = ""; + if (null != page.getOrderBy() && !page.getOrderBy().equals("")) { + orderBy = Page.getOrderBySql(MmSpeakerRecognizationLog.class.getSimpleName(), page.getOrderBy()); + } else { + orderBy = "found_Time"; + } + String sql = HiveSqlService.getSql(page, mmSpeakerRecognizationLog, + getTableName(MmSpeakerRecognizationLog.class.getSimpleName() + "HiveTable", "MM_SPEAKER_RECOGNIZATION_LOG"), + getCol2Col(), orderBy, null); + Map> tableMapping = new LogJDBCByDruid().tableMapping(page, null, sql, MmSpeakerRecognizationLog.class, "foundTime", + "recvTime"); + if (tableMapping == null) { + logPage.setList(new ArrayList()); + } else { + List list = tableMapping.get("obj"); + if (list.size() > 0) { + String jsonString = JsonMapper.toJsonString(list); + List List = (java.util.List) JsonMapper.fromJsonList(jsonString, + MmSpeakerRecognizationLog.class); + logPage.setList(List); + logPage.setCount(List.size()); + + } else { + logPage.setList(new ArrayList()); + } + } + } catch (Exception e) { + e.printStackTrace(); + auditLogThread.setExceptionInfo(e.getMessage() + " " + e.getCause()); + logger.error(e); + if (!(e instanceof RestServiceException)) { + e = new RestServiceException(auditLogThread, System.currentTimeMillis() - start, "说话人识别日志检索失败"); + } + throw ((RestServiceException) e); + } + return serviceLogResponse(auditLogThread, System.currentTimeMillis() - start, request, "说话人识别日志检索成功", + logPage, 0); + } + + @RequestMapping(value = "/mmLogoDetectionLogs", method = RequestMethod.GET) + @ApiOperation(value = "台标识别日志查询", httpMethod = "GET", notes = "对日志功能“台标识别IP日志”提供数据基础查询服务") + public Map mmLogoDetectionLogs(Page page, MmLogoDetectionLog mmLogoDetectionLog, Model model, HttpServletRequest request, + HttpServletResponse response) { + long start = System.currentTimeMillis(); + AuditLogThread auditLogThread = super.saveRequestLog(servicesRequestLogService, Constants.OPACTION_GET, + request, null); + + Page logPage = null; + try { + resetTime(mmLogoDetectionLog); + ntcLogService.queryConditionCheck(auditLogThread, start, mmLogoDetectionLog, MmLogoDetectionLog.class, page); + logPage = new Page(); + logPage.setPageNo(page.getPageNo()); + logPage.setPageSize(page.getPageSize()); + String orderBy = ""; + if (null != page.getOrderBy() && !page.getOrderBy().equals("")) { + orderBy = Page.getOrderBySql(MmLogoDetectionLog.class.getSimpleName(), page.getOrderBy()); + } else { + orderBy = "found_Time"; + } + String sql = HiveSqlService.getSql(page, mmLogoDetectionLog, + getTableName(MmLogoDetectionLog.class.getSimpleName() + "HiveTable", "MM_LOGO_DETECTION_LOG"), + getCol2Col(), orderBy, null); + Map> tableMapping = new LogJDBCByDruid().tableMapping(page, null, sql, MmLogoDetectionLog.class, "foundTime", + "recvTime"); + if (tableMapping == null) { + logPage.setList(new ArrayList()); + } else { + List list = tableMapping.get("obj"); + if (list.size() > 0) { + String jsonString = JsonMapper.toJsonString(list); + List List = (java.util.List) JsonMapper.fromJsonList(jsonString, + MmLogoDetectionLog.class); + logPage.setList(List); + logPage.setCount(List.size()); + + } else { + logPage.setList(new ArrayList()); + } + } + } catch (Exception e) { + e.printStackTrace(); + auditLogThread.setExceptionInfo(e.getMessage() + " " + e.getCause()); + logger.error(e); + if (!(e instanceof RestServiceException)) { + e = new RestServiceException(auditLogThread, System.currentTimeMillis() - start, "台标识别日志检索失败"); + } + throw ((RestServiceException) e); + } + return serviceLogResponse(auditLogThread, System.currentTimeMillis() - start, request, "台标识别日志检索成功", + logPage, 0); + } + + @RequestMapping(value = "/mmFaceRecognizationLogs", method = RequestMethod.GET) + @ApiOperation(value = "人脸识别日志查询", httpMethod = "GET", notes = "对日志功能“人脸识别日志”提供数据基础查询服务") + public Map mmFaceRecognizationLogs(Page page, MmFaceRecognizationLog mmFaceRecognizationLog, Model model, HttpServletRequest request, + HttpServletResponse response) { + long start = System.currentTimeMillis(); + AuditLogThread auditLogThread = super.saveRequestLog(servicesRequestLogService, Constants.OPACTION_GET, + request, null); + + Page logPage = null; + try { + resetTime(mmFaceRecognizationLog); + ntcLogService.queryConditionCheck(auditLogThread, start, mmFaceRecognizationLog, MmFaceRecognizationLog.class, page); + logPage = new Page(); + logPage.setPageNo(page.getPageNo()); + logPage.setPageSize(page.getPageSize()); + String orderBy = ""; + if (null != page.getOrderBy() && !page.getOrderBy().equals("")) { + orderBy = Page.getOrderBySql(MmFaceRecognizationLog.class.getSimpleName(), page.getOrderBy()); + } else { + orderBy = "found_Time"; + } + String sql = HiveSqlService.getSql(page, mmFaceRecognizationLog, + getTableName(MmFaceRecognizationLog.class.getSimpleName() + "HiveTable", "MM_FACE_RECOGNIZATION_LOG"), + getCol2Col(), orderBy, null); + Map> tableMapping = new LogJDBCByDruid().tableMapping(page, null, sql, MmFaceRecognizationLog.class, "foundTime", + "recvTime"); + if (tableMapping == null) { + logPage.setList(new ArrayList()); + } else { + List list = tableMapping.get("obj"); + if (list.size() > 0) { + String jsonString = JsonMapper.toJsonString(list); + List List = (java.util.List) JsonMapper.fromJsonList(jsonString, + MmFaceRecognizationLog.class); + logPage.setList(List); + logPage.setCount(List.size()); + + } else { + logPage.setList(new ArrayList()); + } + } + } catch (Exception e) { + e.printStackTrace(); + auditLogThread.setExceptionInfo(e.getMessage() + " " + e.getCause()); + logger.error(e); + if (!(e instanceof RestServiceException)) { + e = new RestServiceException(auditLogThread, System.currentTimeMillis() - start, "人脸识别日志检索失败"); + } + throw ((RestServiceException) e); + } + return serviceLogResponse(auditLogThread, System.currentTimeMillis() - start, request, "人脸识别日志检索成功", + logPage, 0); + } /** *判断开始和结束时间是否为null,如果为null则初始化时间 diff --git a/src/main/java/com/nis/web/controller/restful/SingleDimensionReport.java b/src/main/java/com/nis/web/controller/restful/SingleDimensionReport.java index 0121453..3e8b7bd 100644 --- a/src/main/java/com/nis/web/controller/restful/SingleDimensionReport.java +++ b/src/main/java/com/nis/web/controller/restful/SingleDimensionReport.java @@ -363,6 +363,10 @@ public class SingleDimensionReport extends BaseRestController { * @throws Exception */ public void resetReportTime(NtcReportEntity entity,Boolean isTotal) throws Exception { + //日志总量统计查询全部 + if ("1".equals(entity.getSearchBusinessType())) { + return ; + } if (StringUtil.isEmpty(entity.getSearchReportStartTime())&&StringUtil.isEmpty(entity.getSearchReportEndTime())) { String dateType = "minute"; //默认为分钟 if (!isTotal){ diff --git a/src/main/java/com/nis/web/dao/DfLogSearchDao.xml b/src/main/java/com/nis/web/dao/DfLogSearchDao.xml index a91c7cf..f797db7 100644 --- a/src/main/java/com/nis/web/dao/DfLogSearchDao.xml +++ b/src/main/java/com/nis/web/dao/DfLogSearchDao.xml @@ -1023,4 +1023,134 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + \ No newline at end of file diff --git a/src/main/resources/applicationConfig-rule.properties b/src/main/resources/applicationConfig-rule.properties index 997a360..036bc3e 100644 --- a/src/main/resources/applicationConfig-rule.properties +++ b/src/main/resources/applicationConfig-rule.properties @@ -110,37 +110,37 @@ service=1:128;2:128;16:16;17:16;18:16;19:16;20:16;21:16;22:16;23:16;24:16;26:16; #0x94 隧道行为监测 148=10:APP_COMPILE;11:APP_GROUP;12:NTC_UNIVERSAL_IP;13:NTC_UNIVERSAL_PROTO_TYPE;14:APP_POLICY,APP_SUBSCRIBE_ID;18:NTC_IP_RANGE #0x95 ASN IP监测 -149=10:NTC_COMPILE;11:NTC_GROUP;12:NTC_ASN_IP;18:NTC_IP_RANGE +149=10:NTC_COMPILE;11:NTC_GROUP;12:NTC_ASN_IP;14:NTC_SUBSCRIBE_ID;18:NTC_IP_RANGE #0xA0 通联关系监测 monit 无配置 #0xA1 邮件泛收 monit 无配置 #0xA2 RADIUS泛收 monit 无配置 #0x100 基于音视频传输的IP PORT阻断 -256=10:MM_COMPILE;11:MM_GROUP;12:MM_AV_IP;18:NTC_IP_RANGE +256=10:MM_COMPILE;11:MM_GROUP;12:MM_AV_IP;14:MM_SUBSCRIBE_ID;18:NTC_IP_RANGE #0x101 基于音视频传输的URL阻断 -257=10:MM_COMPILE;11:MM_GROUP;14:MM_AV_URL;18:NTC_IP_RANGE +257=10:MM_COMPILE;11:MM_GROUP;14:MM_AV_URL,MM_SUBSCRIBE_ID;18:NTC_IP_RANGE #0x102 基于图片传输的IP PORT阻断 -258=10:MM_COMPILE;11:MM_GROUP;12:MM_PIC_IP;18:NTC_IP_RANGE +258=10:MM_COMPILE;11:MM_GROUP;12:MM_PIC_IP;14:MM_SUBSCRIBE_ID;18:NTC_IP_RANGE #0x103 基于图片传输的URL阻断 -259=10:MM_COMPILE;11:MM_GROUP;14:MM_PIC_URL;18:NTC_IP_RANGE +259=10:MM_COMPILE;11:MM_GROUP;14:MM_PIC_URL,MM_SUBSCRIBE_ID;18:NTC_IP_RANGE #0x104 基于VOIP-IP阻断 -260=10:MM_COMPILE;11:MM_GROUP;12:MM_VOIP_IP;18:NTC_IP_RANGE +260=10:MM_COMPILE;11:MM_GROUP;12:MM_VOIP_IP;14:MM_SUBSCRIBE_ID;18:NTC_IP_RANGE #0x10B 基于VOIP-ACCOUNT阻断 -267=10:MM_COMPILE;11:MM_GROUP;14:MM_VOIP_ACCOUNT;18:NTC_IP_RANGE +267=10:MM_COMPILE;11:MM_GROUP;14:MM_VOIP_ACCOUNT,MM_SUBSCRIBE_ID;18:NTC_IP_RANGE #0x180 基于音视频传输的IP PORT监测 -384=10:MM_COMPILE;11:MM_GROUP;12:MM_AV_IP;18:NTC_IP_RANGE +384=10:MM_COMPILE;11:MM_GROUP;12:MM_AV_IP;14:MM_SUBSCRIBE_ID;18:NTC_IP_RANGE #0x181 基于音视频传输的URL监测 -385=10:MM_COMPILE;11:MM_GROUP;14:MM_AV_URL;18:NTC_IP_RANGE +385=10:MM_COMPILE;11:MM_GROUP;14:MM_AV_URL,MM_SUBSCRIBE_ID;18:NTC_IP_RANGE #0x182 基于图片传输的IP PORT监测 -386=10:MM_COMPILE;11:MM_GROUP;12:MM_PIC_IP;18:NTC_IP_RANGE +386=10:MM_COMPILE;11:MM_GROUP;12:MM_PIC_IP;14:MM_SUBSCRIBE_ID;18:NTC_IP_RANGE #0x183 基于图片传输的URL监测 -387=10:MM_COMPILE;11:MM_GROUP;14:MM_PIC_URL;18:NTC_IP_RANGE +387=10:MM_COMPILE;11:MM_GROUP;14:MM_PIC_URL,MM_SUBSCRIBE_ID;18:NTC_IP_RANGE #0x184 基于VOIP-IP监测 -388=10:MM_COMPILE;11:MM_GROUP;12:MM_VOIP_IP;18:NTC_IP_RANGE +388=10:MM_COMPILE;11:MM_GROUP;12:MM_VOIP_IP;14:MM_SUBSCRIBE_ID;18:NTC_IP_RANGE #0x18B 基于VOIP-ACCOUNT监测 -395=10:MM_COMPILE;11:MM_GROUP;14:MM_VOIP_ACCOUNT;18:NTC_IP_RANGE +395=10:MM_COMPILE;11:MM_GROUP;14:MM_VOIP_ACCOUNT,MM_SUBSCRIBE_ID;18:NTC_IP_RANGE #0x200 PXY拦截IP 512=10:PXY_INTERCEPT_COMPILE;11:PXY_INTERCEPT_GROUP;12:PXY_INTERCEPT_IP;14:PXY_CRTL_SUBSCRIBE_ID;18:NTC_IP_RANGE @@ -169,7 +169,7 @@ service=1:128;2:128;16:16;17:16;18:16;19:16;20:16;21:16;22:16;23:16;24:16;26:16; 750=10:PXY_CTRL_COMPILE;11:PXY_CTRL_GROUP;12:PXY_CTRL_IP;14:PXY_CTRL_HTTP_URL,PXY_CRTL_SUBSCRIBE_ID;15:PXY_CTRL_HTTP_REQ_HDR;18:NTC_IP_RANGE #0x300 IP复用策略配置 -768=10:IR_POLICY_COMPILE;11:IR_POLICY_GROUP;12:IR_POLICY_IP;18:NTC_IP_RANGE +768=10:IR_POLICY_COMPILE;11:IR_POLICY_GROUP;12:IR_POLICY_IP;14:NTC_SUBSCRIBE_ID;18:NTC_IP_RANGE #将APP用户定义特征发现(0x400)中APP_PKT_BIN表拆分到新的serive(0x403) #0x400 APP HTTP特征发现 @@ -281,7 +281,6 @@ unMaatService=3:32;4:96;5:32;25:32;28:32;64;65;261:16;262:16;263:16;264:16;265:1 ##各业务类型对应的redisdb,业务类型:redisdb,多个业务以“;”分隔,多个db以“,”数量不能超过6个 -##################合并库之后 #系统简称对应的redisDBIndex: NTC+MM:2 MM样例:3 PXY(512-767):4 阀门:5 #APP 0x400-0x420 目前配置入到NTC系统对应的库中 ########## 配置分发 @@ -307,42 +306,8 @@ unMaatService=3:32;4:96;5:32;25:32;28:32;64;65;261:16;262:16;263:16;264:16;265:1 #0x19 IPSec丢弃 25:5; #0x340 IP复用地址池配置(回调)832:2,4,5 ########## -#serviceDBIndex=1:2,3,4,5;2:2,3,4,5;16:2;17:2;18:2;19:2;20:2;21:2;22:2;23:2;24:2;26:2;27:2;30:2;31:2;32:2;33:2,5;34:2;35:2;36:2;37:2;128:2;129:2;130:2;131:2;132:2;133:2;134:2;135:2;136:2;137:2;138:2;139:2;140:2;141:2;142:2;143:2;144:2;145:2,5;146:2;147:2;148:2;149:2;256:2;257:2;258:2;259:2;260:2;267:2;384:2;385:2;386:2;387:2;388:2;395:2;512:4,5;513:4,2,5;514:4;515:4;517:4;520:4;521:4;528:4;544:4;560:4;576:4;592:4;608:4;750:4;768:4;1024:2,5;1025:2;1026:2,5;1027:2,5;1028:2,5;1029:2,5;1030:2,5;1031:2,5;1040:2,5;1041:2;1042:2;1152:2;3:5;4:5;5:2;25:5;28:5;64:2;65:2;261:3;262:3;263:3;264:3;265:2;266:2;268:3;269:3;270:3;389:3;390:3;391:3;392:3;393:2;394:2;396:3;397:3;398:3;832:2,4,7; +serviceDBIndex=1:2,3,4,5;2:2,3,4,5;16:2;17:2;18:2;19:2;20:2;21:2;22:2;23:2;24:2;26:2;27:2;30:2;31:2;32:2;33:2,5;34:2;35:2;36:2;37:2;128:2;129:2;130:2;131:2;132:2;133:2;134:2;135:2;136:2;137:2;138:2;139:2;140:2;141:2;142:2;143:2;144:2;145:2,5;146:2;147:2;148:2;149:2;256:2;257:2;258:2;259:2;260:2;267:2;384:2;385:2;386:2;387:2;388:2;395:2;512:4,5;513:4,2,5;514:4;515:4;517:4;520:4;521:4;528:4;544:4;560:4;576:4;592:4;608:4;750:4;768:4;1024:2,5;1025:2;1026:2,5;1027:2,5;1028:2,5;1029:2,5;1030:2,5;1031:2,5;1040:2,5;1041:2;1042:2;1152:2;3:5;4:5;5:2;25:5;28:5;64:2;65:2;261:3;262:3;263:3;264:3;265:2;266:2;268:3;269:3;270:3;389:3;390:3;391:3;392:3;393:2;394:2;396:3;397:3;398:3;832:2,4,7; -##########合库之前 -#系统简称对应的redisDBIndex: NTC(1255):2 MM(256511):3 PXY(512767):4 IR(7681023):5 DK(10241279):6 阀门:7 -########## 配置分发 -##MAAT配置 -#0x01 全局IP白名单 1:2,3,4,6,7; -#0x02 全局域名白名单 2:2,3,4,6,7; -#0x21 APP阻断 33:2,6,7; -#0x23 基础协议阻断 35:2,6; -#0x24 隧道行为阻断 36:2,6; -#0x91 APP监测 145:2,6; -#0x93 基础协议监测 147:2,6; -#0x94 隧道行为监测 148:2,6; -#0x200 PXY拦截IP 512:4,7; -#0x201 PXY拦截域名 513:4,2,7; -#0x400 APP HTTP特征发现 1024:2,6,7; -#0x402 APP DOMAIN特征发现 1026:2,6,7; -#0x403 APP 字节特征 1027:2,6,7; -#0x404 APP IP特征 1028:2,6,7; -#0x405 SSL证书特征 1029:2,6,7; -#0x406 TCP Session特征 1030:2,6,7; -#0x407 Header(L2\L3)特征 1031:2,6,7; -#0x410 APP丢弃 1040:2,6,7; -#0x411 基础协议丢弃 1041:2,6; -#0x412 隧道行为丢弃 1042:2,6; -#0x480 APP 主题网站配置 1152:2,6 -##回调类配置 -#0x03 IP地址丢弃 3:7; -#0x04 IP地址回流 4:7; -#0x1C GRE 丢弃 28:7; -#0x19 IPSec丢弃 25:7; -#0x340 IP复用地址池配置(回调)832:2,4,5,7 - -serviceDBIndex=1:2,3,4,6,7;2:2,3,4,6,7;16:2;17:2;18:2;19:2;20:2;21:2;22:2;23:2;24:2;26:2;27:2;30:2;31:2;32:2;33:2,6,7;34:2;35:2,6;36:2,6;37:2;128:2;129:2;130:2;131:2;132:2;133:2;134:2;135:2;136:2;137:2;138:2;139:2;140:2;141:2;142:2;143:2;144:2;145:2,6;146:2;147:2,6;148:2,6;149:2;256:3;257:3;258:3;259:3;260:3;267:3;384:3;385:3;386:3;387:3;388:3;395:3;512:4,7;513:4,2,7;514:4;515:4;517:4;520:4;521:4;528:4;544:4;560:4;576:4;592:4;608:4;750:4;768:5;1024:2,6,7;1025:2;1026:2,6,7;1027:2,6,7;1028:2,6,7;1029:2,6,7;1030:2,6,7;1031:2,6,7;1040:2,6,7;1041:2,6,7;1042:2,6,7;1152:2,6;3:7;4:7;5:2;25:7;28:7;64:2;65:2;261:8;262:9;263:10;264:11;265:3;266:3;268:12;269:12;270:12;389:8;390:9;391:10;392:11;393:3;394:3;396:12;397:12;398:12;832:2,4,5,7; -############################################################## ##maat配置入阀门需要将编译中的部分参数写到域配置中,目前最多包含ACTION,SERVICE,USER_REGION三个属性 ##业务ID:域类型1|域类型2@属性1&属性2&属性3 diff --git a/src/main/resources/applicationConfig-rule.test.properties b/src/main/resources/applicationConfig-rule.test.properties new file mode 100644 index 0000000..b704489 --- /dev/null +++ b/src/main/resources/applicationConfig-rule.test.properties @@ -0,0 +1,309 @@ +#配置文件用途:业务配置规则(关系、多分发路由、阀门添加属性) + +################################################################################# +####maat格式配置各业务类型对应的编译,分组,域配置等的表名 +####1:固定需要写service=业务类型1:动作;业务类型2:动作 ( 用于验证maat配置service与action对应关系) +####2:然后每个业务类型:业务类型1=type1:表名1;type2:表名2;type3:表名3 +####3:例如:80=10:MM_COMPILE;11:MM_GROUP;12:AV_CONT_IP_PORT +####4:type中10代表是编译配置,11代表是分组配置,12代表是ip类域配置,13代表是数值类配置,14代表是字符串类域配置,15代表是增强字符串类域配置,16代表是文件摘要类域配置,17代表是文本相似性域配置,18代表是生效范围IP段配置 +################################################################################# +####service与action对应关系 + +##无动作 0x00 0 none +##监测 0x01 1 monit +##转发 0x02 2 forward +##阻断 0x10 16 reject +##丢弃 0x20 32 drop +##重定向 0x30 48 redirect +##限速 0x40 64 ratelimit +##替换 0x50 80 replace +##回流 0x60 96 loop +##白名单 0x80 128 whitelist + +service=1:128;2:128;16:16;17:16;18:16;19:16;20:16;21:16;22:16;23:16;24:16;26:16;27:16;30:16;31:16;32:16;33:16;34:16;35:16;36:16;37:16;128:1;129:1;130:1;131:1;132:1;133:1;134:1;135:1;136:1;137:1;138:1;139:1;140:1;141:1;142:1;143:1;144:1;145:1;146:1;147:1;148:1;149:1;256:16;257:16;258:16;259:16;260:16;267:16;384:1;385:1;386:1;387:1;388:1;395:1;512:1;513:1;514:64;515:64;517:80;521:128;528:48;544:2;560:80;576:16;592:1;750:128;768:96;1024:1;1026:1;1027:1;1028:1;1029:1;1030:1;1031:1;1040:32;1041:32;1042:32;1056:64;1057:64;1058:64;1059:64;1060:64;1152:1 + +#0x1E 0x8E 有问题:14:NTC_XMPP_REGION,NTC_XMPP_CONT 无表结构 不确定表是不是字符串类 + +#0x01 全局IP白名单 +1=10:WHITE_LIST_COMPILE;11:WHITE_LIST_GROUP;12:WHITE_LIST_IP;14:WHITE_LIST_SUBSCRIBE_ID;18:NTC_IP_RANGE +#0x02 全局域名白名单 +2=10:WHITE_LIST_COMPILE;11:WHITE_LIST_GROUP;14:WHITE_LIST_DOMAIN,WHITE_LIST_SUBSCRIBE_ID;18:NTC_IP_RANGE +#0x10 IP地址阻断 +16=10:NTC_COMPILE;11:NTC_GROUP;12:NTC_IP;14:NTC_SUBSCRIBE_ID;18:NTC_IP_RANGE +#0x11 HTTP阻断 +17=10:NTC_COMPILE;11:NTC_GROUP;12:NTC_UNIVERSAL_IP;13:NTC_UNIVERSAL_PROTO_TYPE;14:NTC_HTTP_URL,NTC_HTTP_REQ_BODY,NTC_HTTP_RES_BODY,NTC_SUBSCRIBE_ID;15:NTC_HTTP_REQ_HDR,NTC_HTTP_RES_HDR;18:NTC_IP_RANGE +#0x12 DNS阻断 +18=10:NTC_COMPILE;11:NTC_GROUP;12:NTC_UNIVERSAL_IP;13:NTC_UNIVERSAL_PROTO_TYPE;14:NTC_SUBSCRIBE_ID;15:NTC_DNS_REGION;18:NTC_IP_RANGE +#0x13 SSL阻断 +19=10:NTC_COMPILE;11:NTC_GROUP;12:NTC_UNIVERSAL_IP;13:NTC_UNIVERSAL_PROTO_TYPE;14:NTC_SSL_SNI,NTC_SSL_SAN,NTC_SSL_CN,NTC_SUBSCRIBE_ID;18:NTC_IP_RANGE +#0x14 MAIL阻断 +20=10:NTC_COMPILE;11:NTC_GROUP;12:NTC_UNIVERSAL_IP;13:NTC_UNIVERSAL_PROTO_TYPE;14:NTC_SUBSCRIBE_ID;15:NTC_MAIL_HDR,NTC_MAIL_BODY;16:NTC_FILE_DIGEST;18:NTC_IP_RANGE +#0x15 FTP阻断 +21=10:NTC_COMPILE;11:NTC_GROUP;12:NTC_UNIVERSAL_IP;13:NTC_UNIVERSAL_PROTO_TYPE;14:NTC_FTP_URL,NTC_FTP_CONTENT,NTC_SUBSCRIBE_ID;18:NTC_IP_RANGE +#0x16 PPTP阻断 +22=10:NTC_COMPILE;11:NTC_GROUP;12:NTC_UNIVERSAL_IP;13:NTC_UNIVERSAL_PROTO_TYPE;14:NTC_SUBSCRIBE_ID;18:NTC_IP_RANGE +#0x17 L2TP阻断 +23=10:NTC_COMPILE;11:NTC_GROUP;12:NTC_UNIVERSAL_IP;13:NTC_UNIVERSAL_PROTO_TYPE;14:NTC_SUBSCRIBE_ID;18:NTC_IP_RANGE +#0x18 OpenVPN阻断 +24=10:NTC_COMPILE;11:NTC_GROUP;12:NTC_UNIVERSAL_IP;13:NTC_UNIVERSAL_PROTO_TYPE;14:NTC_SUBSCRIBE_ID;18:NTC_IP_RANGE + +#0x1A SSH阻断 +26=10:NTC_COMPILE;11:NTC_GROUP;12:NTC_UNIVERSAL_IP;13:NTC_UNIVERSAL_PROTO_TYPE;14:NTC_SUBSCRIBE_ID;18:NTC_IP_RANGE +#0x1B SOCKS阻断 +27=10:NTC_COMPILE;11:NTC_GROUP;12:NTC_UNIVERSAL_IP;13:NTC_UNIVERSAL_PROTO_TYPE;14:NTC_SUBSCRIBE_ID;18:NTC_IP_RANGE +#0x1E XMPP阻断 NTC_XMPP_REGION和NTC_XMPP_CONT 无表结构 +30=10:NTC_COMPILE;11:NTC_GROUP;12:NTC_UNIVERSAL_IP;13:NTC_UNIVERSAL_PROTO_TYPE;14:NTC_XMPP_REGION,NTC_XMPP_CONT,NTC_SUBSCRIBE_ID;18:NTC_IP_RANGE +#0x1F BGP阻断 +31=10:NTC_COMPILE;11:NTC_GROUP;12:NTC_UNIVERSAL_IP;13:NTC_UNIVERSAL_PROTO_TYPE;14:NTC_BGP_AS,NTC_SUBSCRIBE_ID;18:NTC_IP_RANGE +#0X20 文件摘要配置 +32=10:NTC_COMPILE;11:NTC_GROUP;14:NTC_SUBSCRIBE_ID;16:NTC_FILE_DIGEST;18:NTC_IP_RANGE +#0x21 APP阻断 +33=10:APP_COMPILE;11:APP_GROUP;12:NTC_UNIVERSAL_IP;13:NTC_UNIVERSAL_PROTO_TYPE;14:APP_POLICY,APP_SUBSCRIBE_ID;18:NTC_IP_RANGE +#0x22 P2P阻断 +34=10:NTC_COMPILE;11:NTC_GROUP;12:NTC_P2P_IP;14:NTC_P2P_HASH_BIN,NTC_P2P_KEYWORDS,NTC_SUBSCRIBE_ID;18:NTC_IP_RANGE +#0x23 基础协议阻断 +35=10:APP_COMPILE;11:APP_GROUP;12:NTC_UNIVERSAL_IP;13:NTC_UNIVERSAL_PROTO_TYPE;14:APP_POLICY,APP_SUBSCRIBE_ID;18:NTC_IP_RANGE +#0x24 隧道行为阻断 +36=10:APP_COMPILE;11:APP_GROUP;12:NTC_UNIVERSAL_IP;13:NTC_UNIVERSAL_PROTO_TYPE;14:APP_POLICY,APP_SUBSCRIBE_ID;18:NTC_IP_RANGE +#0x25 ASN IP阻断 +37=10:NTC_COMPILE;11:NTC_GROUP;12:NTC_ASN_IP;18:NTC_IP_RANGE + + +#0x80 IP地址监测 +128=10:NTC_COMPILE;11:NTC_GROUP;12:NTC_IP;14:NTC_SUBSCRIBE_ID;18:NTC_IP_RANGE +#0x81 HTTP监测 +129=10:NTC_COMPILE;11:NTC_GROUP;12:NTC_UNIVERSAL_IP;13:NTC_UNIVERSAL_PROTO_TYPE;14:NTC_HTTP_URL,NTC_HTTP_REQ_BODY,NTC_HTTP_RES_BODY,NTC_SUBSCRIBE_ID;15:NTC_HTTP_REQ_HDR,NTC_HTTP_RES_HDR;18:NTC_IP_RANGE +#0x82 DNS监测 +130=10:NTC_COMPILE;11:NTC_GROUP;12:NTC_UNIVERSAL_IP;13:NTC_UNIVERSAL_PROTO_TYPE;14:NTC_SUBSCRIBE_ID;15:NTC_DNS_REGION;18:NTC_IP_RANGE +#0x83 SSL监测 +131=10:NTC_COMPILE;11:NTC_GROUP;12:NTC_UNIVERSAL_IP;13:NTC_UNIVERSAL_PROTO_TYPE;14:NTC_SSL_SNI,NTC_SSL_SAN,NTC_SSL_CN,NTC_SUBSCRIBE_ID;18:NTC_IP_RANGE +#0x84 MAIL监测 +132=10:NTC_COMPILE;11:NTC_GROUP;12:NTC_UNIVERSAL_IP;13:NTC_UNIVERSAL_PROTO_TYPE;14:NTC_SUBSCRIBE_ID;15:NTC_MAIL_HDR,NTC_MAIL_BODY;16:NTC_FILE_DIGEST;18:NTC_IP_RANGE +#0x85 FTP监测 +133=10:NTC_COMPILE;11:NTC_GROUP;12:NTC_UNIVERSAL_IP;13:NTC_UNIVERSAL_PROTO_TYPE;14:NTC_FTP_URL,NTC_FTP_CONTENT,NTC_SUBSCRIBE_ID;18:NTC_IP_RANGE +#0x86 PPTP监测 +134=10:NTC_COMPILE;11:NTC_GROUP;12:NTC_UNIVERSAL_IP;13:NTC_UNIVERSAL_PROTO_TYPE;14:NTC_SUBSCRIBE_ID;18:NTC_IP_RANGE +#0x87 L2TP监测 +135=10:NTC_COMPILE;11:NTC_GROUP;12:NTC_UNIVERSAL_IP;13:NTC_UNIVERSAL_PROTO_TYPE;14:NTC_SUBSCRIBE_ID;18:NTC_IP_RANGE +#0x88 OpenVPN监测 +136=10:NTC_COMPILE;11:NTC_GROUP;12:NTC_UNIVERSAL_IP;13:NTC_UNIVERSAL_PROTO_TYPE;14:NTC_SUBSCRIBE_ID;18:NTC_IP_RANGE +#0x89 IPSec监测 +137=10:NTC_COMPILE;11:NTC_GROUP;12:NTC_UNIVERSAL_IP;13:NTC_UNIVERSAL_PROTO_TYPE;14:NTC_SUBSCRIBE_ID;18:NTC_IP_RANGE +#0x8A SSH监测 +138=10:NTC_COMPILE;11:NTC_GROUP;12:NTC_UNIVERSAL_IP;13:NTC_UNIVERSAL_PROTO_TYPE;14:NTC_SUBSCRIBE_ID;18:NTC_IP_RANGE +#0x8B SOCKS监测 +139=10:NTC_COMPILE;11:NTC_GROUP;12:NTC_UNIVERSAL_IP;13:NTC_UNIVERSAL_PROTO_TYPE;14:NTC_SUBSCRIBE_ID;18:NTC_IP_RANGE +#0x8C GRE监测 +140=10:NTC_COMPILE;11:NTC_GROUP;12:NTC_UNIVERSAL_IP;13:NTC_UNIVERSAL_PROTO_TYPE;14:NTC_SUBSCRIBE_ID;18:NTC_IP_RANGE +#0x8E XMPP监测 NTC_XMPP_REGION和NTC_XMPP_CONT 无表结构 +142=10:NTC_COMPILE;11:NTC_GROUP;12:NTC_UNIVERSAL_IP;13:NTC_UNIVERSAL_PROTO_TYPE;14:NTC_XMPP_REGION,NTC_XMPP_CONT,NTC_SUBSCRIBE_ID;18:NTC_IP_RANGE +#0x8F BGP监测 +143=10:NTC_COMPILE;11:NTC_GROUP;12:NTC_UNIVERSAL_IP;13:NTC_UNIVERSAL_PROTO_TYPE;14:NTC_BGP_AS,NTC_SUBSCRIBE_ID;18:NTC_IP_RANGE +#0X90 文件摘要监测 +144=10:NTC_COMPILE;11:NTC_GROUP;14:NTC_SUBSCRIBE_ID;16:NTC_FILE_DIGEST;18:NTC_IP_RANGE +#0x91 APP监测 +145=10:APP_COMPILE;11:APP_GROUP;12:NTC_UNIVERSAL_IP;13:NTC_UNIVERSAL_PROTO_TYPE;14:APP_POLICY,APP_SUBSCRIBE_ID;18:NTC_IP_RANGE +#0x92 P2P监测 +146=10:NTC_COMPILE;11:NTC_GROUP;12:NTC_P2P_IP;14:NTC_P2P_HASH_BIN,NTC_P2P_KEYWORDS,NTC_SUBSCRIBE_ID;18:NTC_IP_RANGE +#0x93 基础协议监测 +147=10:APP_COMPILE;11:APP_GROUP;12:NTC_UNIVERSAL_IP;13:NTC_UNIVERSAL_PROTO_TYPE;14:APP_POLICY,APP_SUBSCRIBE_ID;18:NTC_IP_RANGE +#0x94 隧道行为监测 +148=10:APP_COMPILE;11:APP_GROUP;12:NTC_UNIVERSAL_IP;13:NTC_UNIVERSAL_PROTO_TYPE;14:APP_POLICY,APP_SUBSCRIBE_ID;18:NTC_IP_RANGE +#0x95 ASN IP监测 +149=10:NTC_COMPILE;11:NTC_GROUP;12:NTC_ASN_IP;18:NTC_IP_RANGE + +#0xA0 通联关系监测 monit 无配置 +#0xA1 邮件泛收 monit 无配置 +#0xA2 RADIUS泛收 monit 无配置 + +#0x100 基于音视频传输的IP PORT阻断 +256=10:MM_COMPILE;11:MM_GROUP;12:MM_AV_IP;14:MM_SUBSCRIBE_ID;18:NTC_IP_RANGE +#0x101 基于音视频传输的URL阻断 +257=10:MM_COMPILE;11:MM_GROUP;14:MM_AV_URL,MM_SUBSCRIBE_ID;18:NTC_IP_RANGE +#0x102 基于图片传输的IP PORT阻断 +258=10:MM_COMPILE;11:MM_GROUP;12:MM_PIC_IP;14:MM_SUBSCRIBE_ID;18:NTC_IP_RANGE +#0x103 基于图片传输的URL阻断 +259=10:MM_COMPILE;11:MM_GROUP;14:MM_PIC_URL,MM_SUBSCRIBE_ID;18:NTC_IP_RANGE +#0x104 基于VOIP-IP阻断 +260=10:MM_COMPILE;11:MM_GROUP;12:MM_VOIP_IP;14:MM_SUBSCRIBE_ID;18:NTC_IP_RANGE +#0x10B 基于VOIP-ACCOUNT阻断 +267=10:MM_COMPILE;11:MM_GROUP;14:MM_VOIP_ACCOUNT,MM_SUBSCRIBE_ID;18:NTC_IP_RANGE + +#0x180 基于音视频传输的IP PORT监测 +384=10:MM_COMPILE;11:MM_GROUP;12:MM_AV_IP;14:MM_SUBSCRIBE_ID;18:NTC_IP_RANGE +#0x181 基于音视频传输的URL监测 +385=10:MM_COMPILE;11:MM_GROUP;14:MM_AV_URL,MM_SUBSCRIBE_ID;18:NTC_IP_RANGE +#0x182 基于图片传输的IP PORT监测 +386=10:MM_COMPILE;11:MM_GROUP;12:MM_PIC_IP;14:MM_SUBSCRIBE_ID;18:NTC_IP_RANGE +#0x183 基于图片传输的URL监测 +387=10:MM_COMPILE;11:MM_GROUP;14:MM_PIC_URL,MM_SUBSCRIBE_ID;18:NTC_IP_RANGE +#0x184 基于VOIP-IP监测 +388=10:MM_COMPILE;11:MM_GROUP;12:MM_VOIP_IP;14:MM_SUBSCRIBE_ID;18:NTC_IP_RANGE +#0x18B 基于VOIP-ACCOUNT监测 +395=10:MM_COMPILE;11:MM_GROUP;14:MM_VOIP_ACCOUNT,MM_SUBSCRIBE_ID;18:NTC_IP_RANGE + +#0x200 PXY拦截IP +512=10:PXY_INTERCEPT_COMPILE;11:PXY_INTERCEPT_GROUP;12:PXY_INTERCEPT_IP;14:PXY_CRTL_SUBSCRIBE_ID;18:NTC_IP_RANGE +#0x201 PXY拦截域名 +513=10:PXY_INTERCEPT_COMPILE;11:PXY_INTERCEPT_GROUP;14:PXY_INTERCEPT_DOMAIN,PXY_CRTL_SUBSCRIBE_ID;18:NTC_IP_RANGE +#0x202 PXY限速IP +514=10:PXY_INTERCEPT_COMPILE;11:PXY_INTERCEPT_GROUP;12:PXY_INTERCEPT_IP;14:PXY_CRTL_SUBSCRIBE_ID;18:NTC_IP_RANGE +#0x203 PXY限速域名 +515=10:PXY_INTERCEPT_COMPILE;11:PXY_INTERCEPT_GROUP;14:PXY_INTERCEPT_DOMAIN,PXY_CRTL_SUBSCRIBE_ID;18:NTC_IP_RANGE +#0x205 基于PXY IP替换 +517=10:PXY_INTERCEPT_COMPILE;11:PXY_INTERCEPT_GROUP;12:PXY_INTERCEPT_IP;14:PXY_INTERCEPT_PKT_BIN,PXY_CRTL_SUBSCRIBE_ID;18:NTC_IP_RANGE + +#0x209 PXY拦截白名单 +521=10:PXY_INTERCEPT_COMPILE;11:PXY_INTERCEPT_GROUP;12:PXY_INTERCEPT_IP;14:PXY_INTERCEPT_DOMAIN,PXY_CRTL_SUBSCRIBE_ID;18:NTC_IP_RANGE +#0x210 PXY HTTP重定向 +528=10:PXY_CTRL_COMPILE;11:PXY_CTRL_GROUP;12:PXY_CTRL_IP;14:PXY_CTRL_HTTP_URL,PXY_CTRL_HTTP_REQ_BODY,PXY_CRTL_SUBSCRIBE_ID;15:PXY_CTRL_HTTP_REQ_HDR,PXY_CTRL_HTTP_RES_HDR;18:NTC_IP_RANGE +#0x220 PXY HTTP转发 +544=10:PXY_CTRL_COMPILE;11:PXY_CTRL_GROUP;12:PXY_CTRL_IP;14:PXY_CTRL_HTTP_URL,PXY_CTRL_HTTP_REQ_BODY,PXY_CRTL_SUBSCRIBE_ID;15:PXY_CTRL_HTTP_REQ_HDR,PXY_CTRL_HTTP_RES_HDR;18:NTC_IP_RANGE +#0x230 PXY HTTP替换 +560=10:PXY_CTRL_COMPILE;11:PXY_CTRL_GROUP;12:PXY_CTRL_IP;14:PXY_CTRL_HTTP_URL,PXY_CTRL_HTTP_REQ_BODY,PXY_CTRL_HTTP_RES_BODY,PXY_CRTL_SUBSCRIBE_ID;15:PXY_CTRL_HTTP_REQ_HDR,PXY_CTRL_HTTP_RES_HDR;18:NTC_IP_RANGE +#0x240 PXY HTTP阻断 +576=10:PXY_CTRL_COMPILE;11:PXY_CTRL_GROUP;12:PXY_CTRL_IP;14:PXY_CTRL_HTTP_URL,PXY_CTRL_HTTP_REQ_BODY,PXY_CTRL_HTTP_RES_BODY,PXY_CRTL_SUBSCRIBE_ID;15:PXY_CTRL_HTTP_REQ_HDR,PXY_CTRL_HTTP_RES_HDR;18:NTC_IP_RANGE +#0x250 PXY HTTP监测 +592=10:PXY_CTRL_COMPILE;11:PXY_CTRL_GROUP;12:PXY_CTRL_IP;14:PXY_CTRL_HTTP_URL,PXY_CTRL_HTTP_REQ_BODY,PXY_CTRL_HTTP_RES_BODY,PXY_CRTL_SUBSCRIBE_ID;15:PXY_CTRL_HTTP_REQ_HDR,PXY_CTRL_HTTP_RES_HDR;18:NTC_IP_RANGE +#0x2EE PXY 白名单 +750=10:PXY_CTRL_COMPILE;11:PXY_CTRL_GROUP;12:PXY_CTRL_IP;14:PXY_CTRL_HTTP_URL,PXY_CRTL_SUBSCRIBE_ID;15:PXY_CTRL_HTTP_REQ_HDR;18:NTC_IP_RANGE + +#0x300 IP复用策略配置 +768=10:IR_POLICY_COMPILE;11:IR_POLICY_GROUP;12:IR_POLICY_IP;18:NTC_IP_RANGE + +#将APP用户定义特征发现(0x400)中APP_PKT_BIN表拆分到新的serive(0x403) +#0x400 APP HTTP特征发现 +1024=10:APP_COMPILE;11:APP_GROUP;14:APP_SUBSCRIBE_ID;15:APP_HTTP;18:NTC_IP_RANGE +#0x402 APP DOMAIN特征发现 +1026=10:APP_COMPILE;11:APP_GROUP;14:APP_DOMAIN,APP_SUBSCRIBE_ID;18:NTC_IP_RANGE +#0x403 APP字节特征 +1027=10:APP_COMPILE;11:APP_GROUP;14:APP_PKT_BIN,APP_SUBSCRIBE_ID;18:NTC_IP_RANGE +#0x404 APP IP特征 +1028=10:APP_COMPILE;11:APP_GROUP;12:APP_STATIC_SEV_IP;14:APP_SUBSCRIBE_ID;18:NTC_IP_RANGE +#0x405 SSL证书特征 +1029=10:APP_COMPILE;11:APP_GROUP;14:APP_SUBSCRIBE_ID;15:APP_SSL_CERT;18:NTC_IP_RANGE +#0x406 TCP Session特征 +1030=10:APP_COMPILE;11:APP_GROUP;13:APP_TCP_SESSION_BYTE;14:APP_SUBSCRIBE_ID;18:NTC_IP_RANGE +#0x407 Header(L2\L3)特征 +1031=10:APP_COMPILE;11:APP_GROUP;14:APP_SUBSCRIBE_ID;15:APP_LAYER_HEADER;18:NTC_IP_RANGE + + +#0x410 APP丢弃 +1040=10:APP_COMPILE;11:APP_GROUP;12:NTC_UNIVERSAL_IP;13:NTC_UNIVERSAL_PROTO_TYPE;14:APP_POLICY,APP_SUBSCRIBE_ID;18:NTC_IP_RANGE +#0x411 基础协议丢弃 +1041=10:APP_COMPILE;11:APP_GROUP;12:NTC_UNIVERSAL_IP;13:NTC_UNIVERSAL_PROTO_TYPE;14:APP_POLICY,APP_SUBSCRIBE_ID;18:NTC_IP_RANGE +#0x412 隧道行为丢弃 +1042=10:APP_COMPILE;11:APP_GROUP;12:NTC_UNIVERSAL_IP;13:NTC_UNIVERSAL_PROTO_TYPE;14:APP_POLICY,APP_SUBSCRIBE_ID;18:NTC_IP_RANGE + +####删除动作为ratelimit的业务 +#0x420 APP限流 +#1056=10:APP_COMPILE;11:APP_GROUP;12:NTC_UNIVERSAL_IP;13:NTC_UNIVERSAL_PROTO_TYPE;14:APP_POLICY,APP_SUBSCRIBE_ID;18:NTC_IP_RANGE +#0x421 IP限流 +#1057=10:LIMIT_COMPILE;11:LIMIT_GROUP;12:LIMIT_IP;18:NTC_IP_RANGE +#0x422 域名限流 +#1058=10:LIMIT_COMPILE;11:LIMIT_GROUP;14:LIMIT_DOMAIN;18:NTC_IP_RANGE + +#0x423 基础协议限流 +#1059=10:APP_COMPILE;11:APP_GROUP;12:NTC_UNIVERSAL_IP;13:NTC_UNIVERSAL_PROTO_TYPE;14:APP_POLICY,APP_SUBSCRIBE_ID;18:NTC_IP_RANGE +#0x424 隧道行为限流 +#1060=10:APP_COMPILE;11:APP_GROUP;12:NTC_UNIVERSAL_IP;13:NTC_UNIVERSAL_PROTO_TYPE;14:APP_POLICY,APP_SUBSCRIBE_ID;18:NTC_IP_RANGE +#0x480 APP 主题网站配置 +1152=10:APP_COMPILE;11:APP_GROUP;14:APP_TOPIC_DOMAIN,APP_SUBSCRIBE_ID;18:NTC_IP_RANGE + +#格式:业务类型1:动作;业务类型2:动作 ( 用于验证回调类service与action对应关系 +unMaatService=3:32;4:96;5:32;25:32;28:32;64;65;261:16;262:16;263:16;264:16;265:16;266:16;268:16;269:16;270:16;389:1;390:1;391:1;392:1;393:1;394:1;396:1;397:1;398:1;520;608;832;1025:1 +#0x03 IP地址丢弃 +3=0:INLINE_IP_CB +#0x04 IP地址回流 +4=0:INLINE_IP_CB +#0x05 DDOS流量丢弃 +5=0:DDOS_PROTECT_TARGET_IP_CB +#0x19 IPSec丢弃 +25=0:INLINE_IP_CB +#0x1C GRE 丢弃 +28=0:INLINE_IP_CB +#0x1D IPSEC丢弃 +#29=0:INLINE_IP_CB + +#0x40 DNS欺骗配置(回调) +64=0:NTC_DNS_FAKE_IP_CB +#0x41 DNS 响应策略配置(回调) +65=0:NTC_DNS_RES_STRATEGY + +#0x105 音频样例阻断 +261=0:MM_SAMPLE_AUDIO +#0x106 视频样例阻断 +262=0:MM_SAMPLE_VIDEO +#0x107 图片样例阻断 +263=0:MM_SAMPLE_PIC +#0x108 VOIP样例阻断 +264=0:MM_SAMPLE_VOIP +#0x109 音频色情阻断 +265=0:MM_PORN_AUDIO_LEVEL +#0x10A 视频色情阻断 +266=0:MM_PORN_VIDEO_LEVEL +#0x10C 说话人识别阻断 +268=0:MM_SPEAKER_RECOGNIZATION +#0x10D 台标识别阻断 +269=0:MM_LOGO_DETECTION +#0x10E 人脸识别阻断 +270=0:MM_FACE_RECOGNIZATION + +#0x185 音频样例监测 +389=0:MM_SAMPLE_AUDIO +#0x186 视频样例监测 +390=0:MM_SAMPLE_VIDEO +#0x187 图片样例监测 +391=0:MM_SAMPLE_PIC +#0x188 VOIP样例监测 +392=0:MM_SAMPLE_VOIP +#0x189 音频色情监测 +393=0:MM_PORN_AUDIO_LEVEL +#0x18A 视频色情监测 +394=0:MM_PORN_VIDEO_LEVEL +#0x18C 说话人识别监测 +396=0:MM_SPEAKER_RECOGNIZATION +#0x18D 台标识别监测 +397=0:MM_LOGO_DETECTION +#0x18E 人脸识别监测 +398=0:MM_FACE_RECOGNIZATION + +#0x208 PXY 证书管理 +520=0:PXY_OBJ_KEYRING +#0x260 PXY 管控文件策略 +608=0:PXY_OBJ_FILE + +#0x340 IP复用地址池配置(回调) +832=0:IR_STATIC_IP_POOL_CB + +#0x401 APP内置规则表(文件类) +1025=0:APP_DPKT_FEATURE + + +##各业务类型对应的redisdb,业务类型:redisdb,多个业务以“;”分隔,多个db以“,”数量不能超过6个 +#系统简称对应的redisDBIndex: NTC(12-55):2 MM(256-511):3 PXY(512-767):4 IR(768-1023):5 DK(10241279):6 阀门:7 +serviceDBIndex=1:2,3,4,6,7;2:2,3,4,6,7;16:2;17:2;18:2;19:2;20:2;21:2;22:2;23:2;24:2;26:2;27:2;30:2;31:2;32:2;33:2,6,7;34:2;35:2,6;36:2,6;37:2;128:2;129:2;130:2;131:2;132:2;133:2;134:2;135:2;136:2;137:2;138:2;139:2;140:2;141:2;142:2;143:2;144:2;145:2,6;146:2;147:2,6;148:2,6;149:2;256:3;257:3;258:3;259:3;260:3;267:3;384:3;385:3;386:3;387:3;388:3;395:3;512:4,7;513:4,2,7;514:4;515:4;517:4;520:4;521:4;528:4;544:4;560:4;576:4;592:4;608:4;750:4;768:5;1024:2,6,7;1025:2;1026:2,6,7;1027:2,6,7;1028:2,6,7;1029:2,6,7;1030:2,6,7;1031:2,6,7;1040:2,6,7;1041:2,6,7;1042:2,6,7;1152:2,6;3:7;4:7;5:2;25:7;28:7;64:2;65:2;261:8,12;262:9,12;263:10,12;264:11,12;265:3;266:3;268:12;269:12;270:12;389:8,12;390:9,12;391:10,12;392:11,12;393:3;394:3;396:12;397:12;398:12;832:2,4,5,7; + +##maat配置入阀门需要将编译中的部分参数写到域配置中,目前最多包含ACTION,SERVICE,USER_REGION三个属性 +##业务ID:域类型1|域类型2@属性1&属性2&属性3 +##域类型:IP域 =ipRegion 字符串域=strRegion 增强字符串域=strStrRegion 数值域=numRegion +############ +#0x21 APP阻断 33 +#0x91 APP监测 145 +#0x200 PXY拦截IP 512 +#0x201 PXY拦截域名 513 +#0x400 APP HTTP特征发现 1024 +#0x402 APP DOMAIN特征发现 1026 +#0x403 APP 字节特征 1027 +#0x404 APP IP特征 1028 +#0x410 APP丢弃 1040 +#0x420 APP限流 1056 +#0x421 IP限流 1057 +#0x422 域名限流 1058 + +maat2Valve=33:strRegion@ACTION&SERVICE&USER_REGION;35:strRegion@ACTION&SERVICE&USER_REGION;36:strRegion@ACTION&SERVICE&USER_REGION;145:strRegion@ACTION&SERVICE&USER_REGION;147:strRegion@ACTION&SERVICE&USER_REGION;148:strRegion@ACTION&SERVICE&USER_REGION;512:ipRegion@ACTION&SERVICE;513:strRegion@ACTION&SERVICE&USER_REGION;1024:strRegion|strStrRegion@USER_REGION;1026:strRegion|strStrRegion@USER_REGION;1027:strRegion|strStrRegion@USER_REGION;1028:ipRegion@USER_REGION;1029:strStrRegion@USER_REGION;1030:numRegion@USER_REGION;1031:strStrRegion@USER_REGION;1040:strRegion@ACTION&SERVICE&USER_REGION;1041:strRegion@ACTION&SERVICE&USER_REGION;1042:strRegion@ACTION&SERVICE&USER_REGION;1056:strRegion@ACTION&SERVICE&USER_REGION;1057:ipRegion@ACTION&SERVICE&USER_REGION;1058:strRegion@ACTION&SERVICE&USER_REGION;1059:strRegion@ACTION&SERVICE&USER_REGION;1060:strRegion@ACTION&SERVICE&USER_REGION + +##记录哪些service可以被分组复用(只有maat类配置可以被分组复用) +#业务ID:域类型1@表名,表名|域类型2@表名;业务ID:域类型1@表名,表名|域类型2@表名 +##域类型:IP域 =ipRegion 字符串域=strRegion 数值域=numRegion +serviceRepeatedReal=37:ipRegion@NTC_ASN_IP;149:ipRegion@NTC_ASN_IP;1028:ipRegion@APP_STATIC_SEV_IP diff --git a/src/main/resources/applicationLog-hive.properties b/src/main/resources/applicationLog-hive.properties index 1e0fd18..4930397 100644 --- a/src/main/resources/applicationLog-hive.properties +++ b/src/main/resources/applicationLog-hive.properties @@ -28,8 +28,9 @@ MmPornVideoLevelLogHiveTable=MM_PORN_VIDEO_LEVEL_LOG MmSamplePicLogHiveTable=MM_SAMPLE_PIC_LOG MmSampleVoipLogHiveTable=MM_SAMPLE_VOIP_LOG PxyHttpLogHiveTable=PXY_HTTP_LOG - - +MmFaceRecognizationLogHiveTable=MM_FACE_RECOGNIZATION_LOG +MmLogoDetectionLogHiveTable=MM_LOGO_DETECTION_LOG +MmSpeakerRecognizationLogHiveTable=MM_SPEAKER_RECOGNIZATION_LOG