DoS Detection Bifang Access Token 可支持动态配置

src/main/java/com/zdjizhi/etl/ParseStaticThreshold.java

@@ -6,6 +6,7 @@ import com.zdjizhi.common.DosDetectionThreshold;
 import com.zdjizhi.common.DosVsysId;
 import com.zdjizhi.utils.HttpClientUtils;
 import com.zdjizhi.utils.JsonMapper;
+import com.zdjizhi.utils.NacosUtils;
 import inet.ipaddr.IPAddress;
 import inet.ipaddr.IPAddressString;
 import org.apache.flink.shaded.guava18.com.google.common.collect.Range;
@@ -113,7 +114,7 @@ public class ParseStaticThreshold {
             parms.put("pageSize", -1);
             parms.put("orderBy", "vsysId desc");
             HttpClientUtils.setUrlWithParams(uriBuilder, CommonConfig.BIFANG_SERVER_POLICY_VSYSID_PATH, parms);
-            String token = CommonConfig.BIFANG_SERVER_TOKEN;
+            String token = NacosUtils.getStringProperty("bifang.server.token");
             if (!HttpClientUtils.ERROR_MESSAGE.equals(token)) {
                 BasicHeader authorization = new BasicHeader("Authorization", token);
                 BasicHeader authorization1 = new BasicHeader("Content-Type", "application/x-www-form-urlencoded");
@@ -153,37 +154,37 @@ public class ParseStaticThreshold {
         try {
 //            if (vsysId != null){
 //             for (DosVsysId dosVsysId : vsysId) {
-                     URIBuilder uriBuilder = new URIBuilder(CommonConfig.BIFANG_SERVER_URI);
+            URIBuilder uriBuilder = new URIBuilder(CommonConfig.BIFANG_SERVER_URI);
-                     HashMap<String, Object> parms = new HashMap<>();
+            HashMap<String, Object> parms = new HashMap<>();
-                     parms.put("pageSize", -1);
+            parms.put("pageSize", -1);
-                     parms.put("orderBy", "profileId asc");
+            parms.put("orderBy", "profileId asc");
-                     parms.put("isValid", 1);
+            parms.put("isValid", 1);
 //                     parms.put("vsysId", dosVsysId.getVsysId());
-                     parms.put("vsysId", 1);
+            parms.put("vsysId", 1);
-                     HttpClientUtils.setUrlWithParams(uriBuilder, CommonConfig.BIFANG_SERVER_POLICY_THRESHOLD_PATH, parms);
+            HttpClientUtils.setUrlWithParams(uriBuilder, CommonConfig.BIFANG_SERVER_POLICY_THRESHOLD_PATH, parms);
-                     String token = CommonConfig.BIFANG_SERVER_TOKEN;
+            String token = NacosUtils.getStringProperty("bifang.server.token");
-                     if (!HttpClientUtils.ERROR_MESSAGE.equals(token)) {
+            if (!HttpClientUtils.ERROR_MESSAGE.equals(token)) {
-                         BasicHeader authorization = new BasicHeader("Authorization", token);
+                BasicHeader authorization = new BasicHeader("Authorization", token);
-                         BasicHeader authorization1 = new BasicHeader("Content-Type", "application/x-www-form-urlencoded");
+                BasicHeader authorization1 = new BasicHeader("Content-Type", "application/x-www-form-urlencoded");
-                         String resposeJsonStr = HttpClientUtils.httpGet(uriBuilder.build(), authorization, authorization1);
+                String resposeJsonStr = HttpClientUtils.httpGet(uriBuilder.build(), authorization, authorization1);
-                         if (!HttpClientUtils.ERROR_MESSAGE.equals(resposeJsonStr)) {
+                if (!HttpClientUtils.ERROR_MESSAGE.equals(resposeJsonStr)) {
-                             HashMap<String, Object> resposeMap = jsonMapperInstance.fromJson(resposeJsonStr, hashmapJsonType);
+                    HashMap<String, Object> resposeMap = jsonMapperInstance.fromJson(resposeJsonStr, hashmapJsonType);
-                             boolean success = (boolean) resposeMap.get("success");
+                    boolean success = (boolean) resposeMap.get("success");
-                             String msg = resposeMap.get("msg").toString();
+                    String msg = resposeMap.get("msg").toString();
-                             if (success) {
+                    if (success) {
-                                 HashMap<String, Object> data = jsonMapperInstance.fromJson(jsonMapperInstance.toJson(resposeMap.get("data")), hashmapJsonType);
+                        HashMap<String, Object> data = jsonMapperInstance.fromJson(jsonMapperInstance.toJson(resposeMap.get("data")), hashmapJsonType);
-                                 Object list = data.get("list");
+                        Object list = data.get("list");
-                                 if (list != null) {
+                        if (list != null) {
-                                     thresholds = jsonMapperInstance.fromJson(jsonMapperInstance.toJson(list), thresholdType);
+                            thresholds = jsonMapperInstance.fromJson(jsonMapperInstance.toJson(list), thresholdType);
-                                     logger.info("获取到静态阈值配置{}条", thresholds.size());
+                            logger.info("获取到静态阈值配置{}条", thresholds.size());
-                                 } else {
+                        } else {
-                                     logger.warn("静态阈值配置为空");
+                            logger.warn("静态阈值配置为空");
-                                 }
+                        }
-                             } else {
+                    } else {
-                                 logger.error(msg);
+                        logger.error(msg);
-                             }
+                    }
-                         }
+                }
-                     }
+            }
 //             }
 //            }
         } catch (Exception e) {

src/main/resources/common.properties

@@ -78,19 +78,6 @@ ip.mmdb.path=D:\\data\\dat\\
 #ip.mmdb.path=/home/bigdata/topology/dat/
 #ip.mmdb.path=/home/bigdata/wlh/topology/dos-detection/dat/
 
-##静态敏感阈值，速率小于此值不报警
-#static.sensitivity.threshold=500
-#
-##基线敏感阈值
-#baseline.sensitivity.threshold=0.2
-#
-##基于baseline判定dos攻击的上下限
-#baseline.sessions.minor.threshold=0.5
-#baseline.sessions.warning.threshold=1
-#baseline.sessions.major.threshold=2.5
-#baseline.sessions.severe.threshold=5
-#baseline.sessions.critical.threshold=8
-
 #bifang服务访问地址
 bifang.server.uri=http://192.168.44.72:80
 #bifang.server.uri=http://192.168.44.3:80
@@ -142,8 +129,8 @@ sasl.jaas.config.password=6MleDyA3Z73HSaXiKsDJ2k7Ys8YWLhEJ
 sasl.jaas.config.flag=1
 
 #nacos配置
-nacos.server.addr=192.168.40.42:8848
+nacos.server.addr=192.168.44.12:8848
-nacos.namespace=prod
+nacos.namespace=test
 nacos.username=nacos
 nacos.password=nacos
 nacos.data.id=dos_detection.properties

src/test/java/com/zdjizhi/common/NacosTest.java

@@ -41,7 +41,7 @@ public class NacosTest {
 
     private void getProperties() {
         properties.setProperty(PropertyKeyConst.SERVER_ADDR, "192.168.44.12:8848");
-        properties.setProperty(PropertyKeyConst.NAMESPACE, "flink");
+        properties.setProperty(PropertyKeyConst.NAMESPACE, "test");
         properties.setProperty(PropertyKeyConst.USERNAME, "nacos");
         properties.setProperty(PropertyKeyConst.PASSWORD, "nacos");
     }
@@ -56,7 +56,7 @@ public class NacosTest {
             Properties nacosConfigMap = new Properties();
             nacosConfigMap.load(new StringReader(content));
             System.out.println(nacosConfigMap.getProperty("static.sensitivity.threshold"));
-        } catch (NacosException | IOException e) {
+        } catch (Exception e) {
             e.printStackTrace();
         }
 
@@ -83,7 +83,7 @@ public class NacosTest {
                     System.out.println(configMsg);
                 }
             });
-        } catch (NacosException e) {
+        } catch (Exception e) {
             e.printStackTrace();
         }