gfwleak/k18-ntcs-web-ntc
Archived
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

欺骗ip配置添加、删除(与转换层通信)

Browse Source
This commit is contained in:
chenjinsong
2018-03-26 14:58:47 +08:00
parent bb8cd7be79
commit 063b5b88fe
7 changed files with 220 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
src/main/java/com/nis/domain/configuration/DnsIpCfg.java
View File

@@ -10,6 +10,7 @@ package com.nis.domain.configuration;
import java.util.Date;
import com.google.gson.annotations.Expose;
import com.nis.domain.BaseEntity;
import com.nis.domain.SysUser;
@@ -25,6 +26,7 @@ public class DnsIpCfg extends BaseEntity<DnsIpCfg> {
/**
* 配置ID
*/
@Expose
private Long cfgId;
/**
* 配置描述
@@ -33,46 +35,57 @@ public class DnsIpCfg extends BaseEntity<DnsIpCfg> {
/**
* ip类型
*/
@Expose
private Integer ipType;
/**
* 源IP地址
*/
@Expose
private String srcIp;
/**
* 源地址掩码
*/
@Expose
private String srcIpMask ;
/**
* 源端口
*/
@Expose
private String srcPort ;
/**
* 源端口掩码
*/
@Expose
private String srcPortMask ;
/**
* 目的IP地址
*/
@Expose
private String dstIp ;
/**
* 目的地址掩码
*/
@Expose
private String dstIpMask ;
/**
* 目的端口
*/
@Expose
private String dstPort ;
/**
* 目的端口掩码
*/
@Expose
private String dstPortMask ;
/**
* 方向
*/
@Expose
private Integer direction ;
/**
* 方向
*/
@Expose
private Integer protocol ;
/**
* 有效标识

24
src/main/java/com/nis/domain/maat/DnsIpRecvData.java Normal file
View File

@@ -0,0 +1,24 @@
package com.nis.domain.maat;
import java.io.Serializable;
public class DnsIpRecvData implements Serializable {
private static final long serialVersionUID = -3438469380427993582L;
private Long cfgId;
private Integer fakeId;
public Long getCfgId() {
return cfgId;
}
public void setCfgId(Long cfgId) {
this.cfgId = cfgId;
}
public Integer getFakeId() {
return fakeId;
}
public void setFakeId(Integer fakeId) {
this.fakeId = fakeId;
}
}

20
src/main/java/com/nis/domain/maat/FromMaatBean.java Normal file
View File

@@ -0,0 +1,20 @@
package com.nis.domain.maat;
import java.io.Serializable;
import java.util.List;
public class FromMaatBean implements Serializable {
private static final long serialVersionUID = 1277140754421705676L;
private List<DnsIpRecvData> data;
public List<DnsIpRecvData> getData() {
return data;
}
public void setData(List<DnsIpRecvData> data) {
this.data = data;
}
}

24
src/main/java/com/nis/domain/maat/MaatDnsIpCfg.java Normal file
View File

@@ -0,0 +1,24 @@
package com.nis.domain.maat;
import java.io.Serializable;
import java.util.List;
import com.google.gson.annotations.Expose;
import com.nis.domain.configuration.DnsIpCfg;
public class MaatDnsIpCfg implements Serializable {
private static final long serialVersionUID = 2407058503197501569L;
@Expose
private List<DnsIpCfg> ipCfg;
public List<DnsIpCfg> getIpCfg() {
return ipCfg;
}
public void setIpCfg(List<DnsIpCfg> ipCfg) {
this.ipCfg = ipCfg;
}
}

62
src/main/java/com/nis/domain/maat/ToMaatDnsIpBean.java Normal file
View File

@@ -0,0 +1,62 @@
package com.nis.domain.maat;
import java.io.Serializable;
import java.util.List;
import com.google.gson.annotations.Expose;
public class ToMaatDnsIpBean implements Serializable {
private static final long serialVersionUID = 5124353996884030213L;
@Expose
private List<MaatDnsIpCfg> serviceCfg;
@Expose
private String attribute;
@Expose
private String classify;
@Expose
private Integer isValid;
@Expose
private String lable;
@Expose
private Integer requestId;
public List<MaatDnsIpCfg> getServiceCfg() {
return serviceCfg;
}
public void setServiceCfg(List<MaatDnsIpCfg> serviceCfg) {
this.serviceCfg = serviceCfg;
}
public String getAttribute() {
return attribute;
}
public void setAttribute(String attribute) {
this.attribute = attribute;
}
public String getClassify() {
return classify;
}
public void setClassify(String classify) {
this.classify = classify;
}
public Integer getIsValid() {
return isValid;
}
public void setIsValid(Integer isValid) {
this.isValid = isValid;
}
public String getLable() {
return lable;
}
public void setLable(String lable) {
this.lable = lable;
}
public Integer getRequestId() {
return requestId;
}
public void setRequestId(Integer requestId) {
this.requestId = requestId;
}
}

11
src/main/java/com/nis/web/controller/configuration/DnsIpCfgController.java
View File

@@ -64,9 +64,14 @@ public class DnsIpCfgController extends BaseController {
dnsIpCfg.setEditTime(now);
}
dnsIpCfgService.save(dnsIpCfg);
try {
dnsIpCfgService.save(dnsIpCfg);
addMessage(redirectAttributes, "保存成功");
} catch (Exception e) {
e.printStackTrace();
addMessage(redirectAttributes, "保存失败:" + e.getMessage());
}
addMessage(redirectAttributes, "保存成功");
return "redirect:" + adminPath + "/cfg/dnsIp/list";
}
@@ -79,7 +84,7 @@ public class DnsIpCfgController extends BaseController {
dnsIpCfgService.delete(cfgIds);
addMessage(model, "删除成功");
} catch (Exception e) {
e.printStackTrace();
logger.error("删除失败", e);
addMessage(model, "删除失败");
}
} else {

75
src/main/java/com/nis/web/service/configuration/DnsIpCfgService.java
View File

@@ -1,8 +1,20 @@
package com.nis.web.service.configuration;
import java.util.ArrayList;
import java.util.List;
import org.springframework.stereotype.Service;
import com.google.gson.Gson;
import com.google.gson.GsonBuilder;
import com.nis.domain.configuration.DnsIpCfg;
import com.nis.domain.maat.DnsIpRecvData;
import com.nis.domain.maat.FromMaatBean;
import com.nis.domain.maat.MaatDnsIpCfg;
import com.nis.domain.maat.ToMaatDnsIpBean;
import com.nis.main.ConvertTool;
import com.nis.util.Collections3;
import com.nis.util.StringUtil;
import com.nis.web.dao.configuration.DnsIpCfgDao;
import com.nis.web.service.CrudService;
@@ -11,12 +23,50 @@ public class DnsIpCfgService extends CrudService<DnsIpCfgDao, DnsIpCfg>{
@Override
public void save(DnsIpCfg dnsIpCfg) {
if (dnsIpCfg.getCfgId() == null) {
dao.insert(dnsIpCfg);
} else {
dao.update(dnsIpCfg);
dao.insert(dnsIpCfg);
Gson gson = new GsonBuilder().excludeFieldsWithoutExposeAnnotation().create();
//组织要发送的json
ToMaatDnsIpBean toMaatBean = new ToMaatDnsIpBean();
List<MaatDnsIpCfg> ipCfgList = new ArrayList<MaatDnsIpCfg>();
MaatDnsIpCfg ipCfg = new MaatDnsIpCfg();
List<DnsIpCfg> d1 = new ArrayList<DnsIpCfg>();
d1.add(dnsIpCfg);
ipCfg.setIpCfg(d1);
ipCfgList.add(ipCfg);
toMaatBean.setServiceCfg(ipCfgList);
String sendJson = gson.toJson(toMaatBean);
//下发配置、接收结果
String recvJson = "";
try {
recvJson = new ConvertTool().saveDNSIPConfig(sendJson);
logger.info("收到结果:" + recvJson);
} catch (Throwable e) {
logger.error("欺骗ip配置新增下发失败,cfgId=" + dnsIpCfg.getCfgId(), e);
throw new RuntimeException("欺骗ip配置新增下发失败:通讯异常");
}
if (!StringUtil.isEmpty(recvJson)) {
logger.error("新增欺骗ip配置失败:收到空的返回结果,cfgId:" + dnsIpCfg.getCfgId());
throw new RuntimeException("新增欺骗ip配置失败:收到空的返回结果");
}
logger.info("结果接收成功");
FromMaatBean fromMaatBean = gson.fromJson(recvJson, FromMaatBean.class);
List<DnsIpRecvData> data = fromMaatBean.getData();
if (!Collections3.isEmpty(data)) {
DnsIpRecvData dnsIpRecvData = data.get(0);
if (dnsIpRecvData.getFakeId() != null && dnsIpRecvData.getCfgId() != null
&& dnsIpRecvData.getCfgId().longValue() == dnsIpCfg.getCfgId().longValue()) {
dnsIpCfg.setFakeId(dnsIpRecvData.getFakeId());
dao.update(dnsIpCfg);
}
} else {
logger.error("新增欺骗ip配置失败:收到空的返回结果,cfgId:" + dnsIpCfg.getCfgId());
throw new RuntimeException("新增欺骗ip配置失败:收到空的返回结果");
}
//TODO 下发流程
}
public void delete(String cfgIds) {
@@ -26,6 +76,19 @@ public class DnsIpCfgService extends CrudService<DnsIpCfgDao, DnsIpCfg>{
d.setCfgId(Long.valueOf(cfgId));
dao.delete(d);
}
//TODO 下发流程
//给配置转换层发送、接收结果
String sendJson = "{\"fakeId\":[" + cfgIds + "]}";
Boolean recv = true;
try {
recv = new ConvertTool().invalidDNSIPConfig(sendJson);
} catch (Throwable e) {
logger.error("欺骗ip配置删除失败:通讯异常,cfgIds:" + cfgIds, e);
throw new RuntimeException("欺骗ip配置删除失败:通讯失败");
}
if (!recv) {
logger.error("欺骗ip配置删除失败,收到结果 " + recv + " ,cfgIds:" + cfgIds);
throw new RuntimeException("欺骗ip配置删除失败");
}
}
}