1.修改Stream配置导入页action国际化;2.修改IP Spoofing配置导入
This commit is contained in:
zhangwenqing
@@ -566,6 +566,8 @@ public class ExportExcel {
|
||||
//1、非空
|
||||
commentStr=commentStr+"▶"+msgProp.getProperty("required")+"\n";
|
||||
index++;
|
||||
commentStr=commentStr+"▶"+msgProp.getProperty("ip_check")+"(IPv4)\n";
|
||||
index++;
|
||||
}
|
||||
|
||||
if(region.getRegionType().equals(1)){//IP配置
|
||||
|
||||
@@ -1,7 +1,6 @@
|
||||
package com.nis.web.controller;
|
||||
|
||||
import java.beans.PropertyEditorSupport;
|
||||
import java.io.ByteArrayOutputStream;
|
||||
import java.io.IOException;
|
||||
import java.net.URLEncoder;
|
||||
import java.text.ParseException;
|
||||
@@ -73,7 +72,6 @@ import com.nis.domain.configuration.DnsResStrategy;
|
||||
import com.nis.domain.configuration.FileDigestCfg;
|
||||
import com.nis.domain.configuration.IpPortCfg;
|
||||
import com.nis.domain.configuration.PxyObjKeyring;
|
||||
import com.nis.domain.configuration.PxyObjSpoofingIpPool;
|
||||
import com.nis.domain.configuration.PxyObjTrustedCaCert;
|
||||
import com.nis.domain.configuration.PxyObjTrustedCaCrl;
|
||||
import com.nis.domain.configuration.RequestInfo;
|
||||
@@ -120,10 +118,8 @@ import com.nis.domain.maat.MaatCfg.GroupCfg;
|
||||
import com.nis.domain.maat.MaatCfg.IpCfg;
|
||||
import com.nis.domain.maat.MaatCfg.NumBoundaryCfg;
|
||||
import com.nis.domain.maat.MaatCfg.StringCfg;
|
||||
import com.nis.domain.report.NtcPzReport;
|
||||
import com.nis.domain.maat.ToMaatBean;
|
||||
import com.nis.domain.maat.ToMaatResult;
|
||||
import com.nis.domain.specific.ConfigGroupInfo;
|
||||
import com.nis.domain.report.NtcPzReport;
|
||||
import com.nis.domain.specific.SpecificServiceCfg;
|
||||
import com.nis.exceptions.MaatConvertException;
|
||||
//import com.nis.util.AsnCacheUtils;
|
||||
@@ -145,7 +141,6 @@ import com.nis.util.excel.thread.CheckDnsResStrategyFormatThread;
|
||||
import com.nis.util.excel.thread.CheckIpFormatThread;
|
||||
import com.nis.util.excel.thread.CheckStringFormatThread;
|
||||
import com.nis.util.excel.thread.CheckTopicWebsiteFormatThread;
|
||||
import com.nis.web.dao.configuration.PxyObjSpoofingIpPoolDao;
|
||||
import com.nis.web.security.UserUtils;
|
||||
import com.nis.web.service.ArchiveServcie;
|
||||
import com.nis.web.service.AreaService;
|
||||
@@ -155,7 +150,6 @@ import com.nis.web.service.LogService;
|
||||
import com.nis.web.service.MenuService;
|
||||
import com.nis.web.service.OfficeService;
|
||||
import com.nis.web.service.RoleService;
|
||||
import com.nis.web.service.SpringContextHolder;
|
||||
import com.nis.web.service.SystemService;
|
||||
import com.nis.web.service.UserService;
|
||||
import com.nis.web.service.basics.AsnGroupInfoService;
|
||||
@@ -1640,17 +1634,12 @@ public class BaseController {
|
||||
while(!ipPortCfgs.isEmpty()) {
|
||||
ipPortCfgs.drainTo(_ipPortCfgs, Constants.MAAT_JSON_SEND_SIZE);
|
||||
List<Integer> compileIds=Lists.newArrayList();
|
||||
List<Integer> spoofingPoolIds=Lists.newArrayList();
|
||||
List<Integer> regionIds=Lists.newArrayList();
|
||||
List<Integer> groupIds=Lists.newArrayList();
|
||||
List<Integer> numRegionGroupIds=Lists.newArrayList();
|
||||
List<Integer> numRegionRegionIds=Lists.newArrayList();
|
||||
List<PxyObjSpoofingIpPool> spoofingPools = new ArrayList<PxyObjSpoofingIpPool>();
|
||||
PxyObjSpoofingIpPoolDao pxyObjSpoofingIpPoolDao = SpringContextHolder.getBean(PxyObjSpoofingIpPoolDao.class);
|
||||
PxyObjSpoofingIpPoolService pxyObjSpoofingIpPoolService = SpringContextHolder.getBean(PxyObjSpoofingIpPoolService.class);
|
||||
try {
|
||||
compileIds = ConfigServiceUtil.getId(1,_ipPortCfgs.size());
|
||||
spoofingPoolIds = ConfigServiceUtil.getId(1,_ipPortCfgs.size());
|
||||
if(isSend.equals("1")) {
|
||||
groupIds = ConfigServiceUtil.getId(2,_ipPortCfgs.size());
|
||||
regionIds = ConfigServiceUtil.getId(3,_ipPortCfgs.size());
|
||||
@@ -1707,67 +1696,8 @@ public class BaseController {
|
||||
if(compileIds.size()==_ipPortCfgs.size()) {
|
||||
cfg.setCompileId(compileIds.get(ind));
|
||||
}
|
||||
|
||||
// 保存IP仿冒池
|
||||
PxyObjSpoofingIpPool spoofingPool = new PxyObjSpoofingIpPool();
|
||||
spoofingPool.setIpType(4);//ipv4
|
||||
spoofingPool.setIpAddress(cfg.getUserRegion2());//仿冒IP
|
||||
spoofingPool.setProtocol(0);
|
||||
if("dnat".equals(cfg.getUserRegion1().toLowerCase())){//spoofing server ip->dnat
|
||||
spoofingPool.setDirection(1);
|
||||
}else{
|
||||
spoofingPool.setDirection(2);//spoofing client ip->snat
|
||||
}
|
||||
spoofingPool.setPort("0");
|
||||
spoofingPool.setUserRegion("0");
|
||||
spoofingPool.setLocation(0);
|
||||
spoofingPool.setServiceId(642);
|
||||
spoofingPool.setAreaEffectiveIds("0");
|
||||
spoofingPool.setIsAreaEffective(0);
|
||||
spoofingPool.setCreateTime(date);
|
||||
spoofingPool.setCreatorId(UserUtils.getUser().getId());
|
||||
if(spoofingPoolIds.size()==_ipPortCfgs.size()) {
|
||||
spoofingPool.setCompileId(spoofingPoolIds.get(ind));
|
||||
}
|
||||
spoofingPool.setAction(1);
|
||||
spoofingPool.setFunctionId(666);
|
||||
spoofingPool.setRequestId(0);
|
||||
if(isSend.equals("1")) {
|
||||
spoofingPool.setIsAudit(Constants.AUDIT_YES);
|
||||
spoofingPool.setIsValid(Constants.VALID_YES);
|
||||
spoofingPool.setAuditorId(UserUtils.getUser().getId());
|
||||
spoofingPool.setAuditTime(date);
|
||||
|
||||
}else {
|
||||
spoofingPool.setIsValid(Constants.VALID_NO);
|
||||
spoofingPool.setIsAudit(Constants.AUDIT_NOT_YET);
|
||||
|
||||
}
|
||||
pxyObjSpoofingIpPoolDao.insert(spoofingPool);//保存仿冒IP池配置
|
||||
cfg.setUserRegion3(String.valueOf(spoofingPool.getCfgId()));//将仿冒IP池配置ID作为策略组ID
|
||||
|
||||
if(isSend.equals("1")) {
|
||||
PxyObjSpoofingIpPool pool=new PxyObjSpoofingIpPool();
|
||||
pool.setCfgId(Long.valueOf(cfg.getUserRegion3()));
|
||||
pool.setIsValid(cfg.getIsValid());
|
||||
pool.setIsAudit(cfg.getIsAudit());
|
||||
pool.setAuditorId(UserUtils.getUser().getId());
|
||||
pool.setAuditTime(date);
|
||||
pxyObjSpoofingIpPoolDao.update(pool);
|
||||
|
||||
spoofingPool.setAreaEffectiveIds("0");
|
||||
spoofingPool.setGroupId(spoofingPool.getCfgId().intValue());
|
||||
spoofingPools.add(spoofingPool);
|
||||
}
|
||||
|
||||
CfgIndexInfo cfgIndexInfo = new CfgIndexInfo();
|
||||
BeanUtils.copyProperties(cfg, cfgIndexInfo,new String[] {"cfgId"});
|
||||
cfgIndexInfos.add(cfgIndexInfo);
|
||||
|
||||
ind++;
|
||||
}
|
||||
if(isSend.equals("1") && spoofingPools.size()>0) {
|
||||
pxyObjSpoofingIpPoolService.auditSpoofingPool(spoofingPools);
|
||||
|
||||
}
|
||||
ipCfgService.saveAndSend(regionDict, serviceDict, specificServiceCfg, _ipPortCfgs, cfgIndexInfos, appPolicyCfgs,appFeatureIndexs,asnNoMaps,isSend.equals("1"));
|
||||
cfgIndexInfos.clear();
|
||||
|
||||
@@ -71,6 +71,7 @@ import com.nis.domain.configuration.FileDigestCfg;
|
||||
import com.nis.domain.configuration.IpReusePolicyCfg;
|
||||
import com.nis.domain.configuration.NtcSubscribeIdCfg;
|
||||
import com.nis.domain.configuration.PxyObjKeyring;
|
||||
import com.nis.domain.configuration.PxyObjSpoofingIpPool;
|
||||
import com.nis.domain.configuration.PxyObjTrustedCaCert;
|
||||
import com.nis.domain.configuration.PxyObjTrustedCaCrl;
|
||||
import com.nis.domain.configuration.WebsiteDomainTopic;
|
||||
@@ -86,6 +87,7 @@ import com.nis.domain.maat.ToMaatBean;
|
||||
import com.nis.domain.maat.ToMaatResult;
|
||||
import com.nis.domain.specific.ConfigGroupInfo;
|
||||
import com.nis.domain.specific.SpecificServiceCfg;
|
||||
import com.nis.exceptions.MaatConvertException;
|
||||
//import com.nis.util.AsnCacheUtils;
|
||||
import com.nis.util.ConfigServiceUtil;
|
||||
import com.nis.util.Configurations;
|
||||
@@ -103,6 +105,7 @@ import com.nis.web.dao.configuration.DdosCfgDao;
|
||||
import com.nis.web.dao.configuration.DnsIpCfgDao;
|
||||
import com.nis.web.dao.configuration.DnsResStrategyDao;
|
||||
import com.nis.web.dao.configuration.IpCfgDao;
|
||||
import com.nis.web.dao.configuration.PxyObjSpoofingIpPoolDao;
|
||||
import com.nis.web.dao.configuration.StringCfgDao;
|
||||
import com.nis.web.dao.specific.ConfigGroupInfoDao;
|
||||
import com.nis.web.dao.specific.SpecificServiceCfgDao;
|
||||
@@ -1671,6 +1674,10 @@ public abstract class BaseService {
|
||||
}else if(list.get(0) instanceof AppTopicDomainCfg) {
|
||||
type="AppTopicDomain";
|
||||
}
|
||||
|
||||
if(regionDict.getFunctionId().equals(214)) { // 处理IpSpoofing配置导入
|
||||
this.saveAndSendSpoofingIpPool(list,cfgIndexInfos,send);
|
||||
}
|
||||
if (cfgIndexInfos != null && cfgIndexInfos.size() > 0) {
|
||||
this.saveCfgIndexOf(cfgIndexInfos);
|
||||
}
|
||||
@@ -3128,5 +3135,106 @@ public abstract class BaseService {
|
||||
return commonGroupList;
|
||||
}
|
||||
|
||||
/**
|
||||
* 处理IpSpoofing配置导入
|
||||
* @param list
|
||||
* @param cfgIndexInfos
|
||||
* @param send
|
||||
*/
|
||||
public void saveAndSendSpoofingIpPool(List<? extends BaseCfg> list, List<CfgIndexInfo> cfgIndexInfos, boolean send) {
|
||||
List<BaseIpCfg> ipCfgList = (List<BaseIpCfg>)list;
|
||||
List<Integer> spoofingPoolIds=Lists.newArrayList();
|
||||
List<PxyObjSpoofingIpPool> spoofingPools = new ArrayList<PxyObjSpoofingIpPool>();
|
||||
PxyObjSpoofingIpPoolDao pxyObjSpoofingIpPoolDao = SpringContextHolder.getBean(PxyObjSpoofingIpPoolDao.class);
|
||||
|
||||
try {
|
||||
spoofingPoolIds = ConfigServiceUtil.getId(1,ipCfgList.size());
|
||||
} catch (Exception e) {
|
||||
e.printStackTrace();
|
||||
logger.info("获取编译ID出错");
|
||||
throw new MaatConvertException("<spring:message code=\"request_service_failed\"/>:"+e.getMessage());
|
||||
}
|
||||
int index = 0;
|
||||
for (BaseIpCfg cfg : ipCfgList) {
|
||||
// 保存IP仿冒池
|
||||
PxyObjSpoofingIpPool spoofingPool = new PxyObjSpoofingIpPool();
|
||||
spoofingPool.setIpType(4);//ipv4
|
||||
spoofingPool.setIpAddress(cfg.getUserRegion2());//仿冒IP
|
||||
spoofingPool.setProtocol(0);
|
||||
if("dnat".equals(cfg.getUserRegion1().toLowerCase())){//spoofing server ip->dnat
|
||||
spoofingPool.setDirection(1);
|
||||
}else{
|
||||
spoofingPool.setDirection(2);//spoofing client ip->snat
|
||||
}
|
||||
spoofingPool.setPort("0");
|
||||
spoofingPool.setUserRegion("0");
|
||||
spoofingPool.setLocation(0);
|
||||
spoofingPool.setServiceId(642);
|
||||
spoofingPool.setAreaEffectiveIds("0");
|
||||
spoofingPool.setIsAreaEffective(0);
|
||||
spoofingPool.setCreateTime(cfg.getCreateTime());
|
||||
spoofingPool.setCreatorId(UserUtils.getUser().getId());
|
||||
if(spoofingPoolIds.size() == ipCfgList.size()) {
|
||||
spoofingPool.setCompileId(spoofingPoolIds.get(index));
|
||||
}
|
||||
spoofingPool.setAction(1);
|
||||
spoofingPool.setFunctionId(666);
|
||||
spoofingPool.setRequestId(0);
|
||||
if(send) {
|
||||
spoofingPool.setIsAudit(Constants.AUDIT_YES);
|
||||
spoofingPool.setIsValid(Constants.VALID_YES);
|
||||
spoofingPool.setAuditorId(UserUtils.getUser().getId());
|
||||
spoofingPool.setAuditTime(cfg.getAuditTime());
|
||||
|
||||
}else {
|
||||
spoofingPool.setIsValid(Constants.VALID_NO);
|
||||
spoofingPool.setIsAudit(Constants.AUDIT_NOT_YET);
|
||||
|
||||
}
|
||||
pxyObjSpoofingIpPoolDao.insert(spoofingPool);//保存仿冒IP池配置
|
||||
cfg.setUserRegion3(String.valueOf(spoofingPool.getCfgId()));//将仿冒IP池配置ID作为策略组ID
|
||||
|
||||
if(send) {
|
||||
PxyObjSpoofingIpPool pool=new PxyObjSpoofingIpPool();
|
||||
pool.setCfgId(Long.valueOf(cfg.getUserRegion3()));
|
||||
pool.setIsValid(cfg.getIsValid());
|
||||
pool.setIsAudit(cfg.getIsAudit());
|
||||
pool.setAuditorId(UserUtils.getUser().getId());
|
||||
pool.setAuditTime(cfg.getAuditTime());
|
||||
pxyObjSpoofingIpPoolDao.update(pool);
|
||||
|
||||
spoofingPool.setAreaEffectiveIds("0");
|
||||
spoofingPool.setGroupId(spoofingPool.getCfgId().intValue());
|
||||
spoofingPools.add(spoofingPool);
|
||||
}
|
||||
|
||||
CfgIndexInfo cfgIndexInfo = new CfgIndexInfo();
|
||||
BeanUtils.copyProperties(cfg, cfgIndexInfo,new String[] {"cfgId"});
|
||||
cfgIndexInfos.add(cfgIndexInfo);
|
||||
|
||||
index ++;
|
||||
}
|
||||
|
||||
if(send && spoofingPools.size()>0) {
|
||||
//调用服务接口下发配置数据
|
||||
String json=gsonToJson(spoofingPools);
|
||||
if(spoofingPools.size()>10) {
|
||||
logger.info("欺骗IP池配置下发配置条数:" + spoofingPools.size());
|
||||
}else {
|
||||
logger.info("欺骗IP池配置下发配置参数:" + json);
|
||||
}
|
||||
//调用服务接口下发配置
|
||||
try {
|
||||
ToMaatResult result = ConfigServiceUtil.postCallbackCfg(json);
|
||||
if(result!=null){
|
||||
logger.info("欺骗IP池配置下发响应信息:"+result.getMsg());
|
||||
}
|
||||
} catch (Exception e) {
|
||||
logger.error("欺骗IP池配置配置下发失败",e);
|
||||
throw e;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
|
||||
@@ -270,30 +270,6 @@ public class PxyObjSpoofingIpPoolService extends BaseService{
|
||||
|
||||
}
|
||||
|
||||
/**
|
||||
* IP Spoofing配置导入时 下发仿冒IP池配置
|
||||
* @param spoofingPools
|
||||
*/
|
||||
public void auditSpoofingPool(List<PxyObjSpoofingIpPool> spoofingPools) {
|
||||
//调用服务接口下发配置数据
|
||||
String json=gsonToJson(spoofingPools);
|
||||
if(spoofingPools.size()>10) {
|
||||
logger.info("欺骗IP池配置下发配置条数:" + spoofingPools.size());
|
||||
}else {
|
||||
logger.info("欺骗IP池配置下发配置参数:" + json);
|
||||
}
|
||||
//调用服务接口下发配置
|
||||
try {
|
||||
ToMaatResult result = ConfigServiceUtil.postCallbackCfg(json);
|
||||
if(result!=null){
|
||||
logger.info("欺骗IP池配置下发响应信息:"+result.getMsg());
|
||||
}
|
||||
} catch (Exception e) {
|
||||
logger.error("欺骗IP池配置配置下发失败",e);
|
||||
throw e;
|
||||
}
|
||||
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
@@ -47,6 +47,7 @@
|
||||
<c:if test="${serviceIndex eq 0}">checked</c:if>>
|
||||
<c:forEach items="${fns:getDictList('SERVICE_ACTION') }" var="dict">
|
||||
<c:if test="${dict.itemCode eq service.action }">
|
||||
<!-- 拦截策略 -->
|
||||
<c:if test="${service.functionId eq 200 }">
|
||||
<c:if test="${service.action eq 1 }">
|
||||
<spring:message code="intercept"/>
|
||||
@@ -58,7 +59,18 @@
|
||||
<spring:message code="${dict.itemValue }"/>
|
||||
</c:if>
|
||||
</c:if>
|
||||
<c:if test="${service.functionId ne 200 }">
|
||||
<!-- Stream配置 -->
|
||||
<c:if test="${service.functionId eq 407 || service.functionId eq 408 || service.functionId eq 63 }">
|
||||
<c:choose>
|
||||
<c:when test="${service.action eq 16}">
|
||||
<spring:message code="block_drop"/>
|
||||
</c:when>
|
||||
<c:otherwise>
|
||||
<spring:message code="${dict.itemValue }"/>
|
||||
</c:otherwise>
|
||||
</c:choose>
|
||||
</c:if>
|
||||
<c:if test="${service.functionId ne 200 && service.functionId ne 407 && service.functionId ne 408 && service.functionId ne 63}">
|
||||
<spring:message code="${dict.itemValue }"/>
|
||||
</c:if>
|
||||
</c:if>
|
||||
|
||||
Reference in New Issue
Block a user