HTTP(S)操控

1.从配置到日志页面的跳转 2.列表的排序 3.配置ID查询条件的更改 4.八个新增字段的添加和展示

src/main/java/com/nis/domain/log/PxyHttpManipulationLog.java

@@ -52,8 +52,8 @@ public class PxyHttpManipulationLog extends  BaseEntity<PxyHttpManipulationLog>{
 	private String respBody;
 //	@ExcelField(title="website",sort=8)
 //	private String website;
-
-	private String policyId;//
+	@ExcelField(title="cfg_id",sort=1)
+	private Integer policyId;//
 	@ExcelField(title="app_proto",sort=31)
 	private String appProto;//应用协议类型	
 	@ExcelField(title="startTime",sort=5)
@@ -119,8 +119,9 @@ public class PxyHttpManipulationLog extends  BaseEntity<PxyHttpManipulationLog>{
 	protected String searchFoundEndTime;//结束时间，格式同上
 	protected String isLogTotalSearch;//由配置界面跳转日志查询标识
 	protected String orderBy;//排序参数
-	
-	@ExcelField(title="cfg_id",sort=1)
+	protected Integer cfgId;
+	protected String fields;
+
 	protected Integer compileId;//
 	protected String startRecvTime;//开始时间
 	protected String endRecvTime; //结束时间
@@ -148,21 +149,37 @@ public class PxyHttpManipulationLog extends  BaseEntity<PxyHttpManipulationLog>{
 	protected Integer conLatencyMs;//握手延迟
 	@ExcelField(title="pinning",dictType="PINNING",sort=89)
 	protected Integer pinningst;//pinning状态
-	@ExcelField(title="c2s_pkt_num",sort=90)
+	@ExcelField(title="intercept_state",dictType="INTERCEPT_STATE",sort=90)
+	protected Integer interceptState;//拦截状态
+	@ExcelField(title="ssl_server_side_latency",sort=91)
+	protected Integer sslServerSideLatency;//服务器侧ssl建立延迟
+	@ExcelField(title="ssl_client_side_latency",sort=92)
+	protected Integer sslClientSideLatency;//客户端侧ssl建立延迟
+	@ExcelField(title="ssl_server_side_version",sort=93)
+	protected String sslServerSideVersion;//服务端侧ssl版本
+	@ExcelField(title="ssl_client_side_version",sort=94)
+	protected String sslClientSideVersion;//客户端侧ssl版本
+	@ExcelField(title="ssl_cert_verify",dictType="SSL_CERT_VERIFY",sort=95)
+	protected Integer sslCertVerify;//证书校验结果
+	@ExcelField(title="stream_trace_id",sort=96)
+	protected String streamTraceId;//流的追踪ID
+	@ExcelField(title="ssl_error",sort=97)
+	protected String sslError;//ssl错误信息
+	@ExcelField(title="c2s_pkt_num",sort=98)
 	protected Integer c2sPktNum;//c2s包数
-	@ExcelField(title="s2c_pkt_num",sort=91)
+	@ExcelField(title="s2c_pkt_num",sort=99)
 	protected Integer s2cPktNum;//s2c包数
-	@ExcelField(title="c2s_byte_num",sort=92)
+	@ExcelField(title="c2s_byte_num",sort=100)
 	protected Integer c2sByteNum;//c2s字节数
-	@ExcelField(title="s2c_byte_num",sort=93)
+	@ExcelField(title="s2c_byte_num",sort=101)
 	protected Integer s2cByteNum;//s2c字节数
-	@ExcelField(title="nas_ip",sort=94)
+	@ExcelField(title="nas_ip",sort=102)
 	protected String nasIp;//ISN接入的IP
-	@ExcelField(title="framed_ip",sort=95)
+	@ExcelField(title="framed_ip",sort=103)
 	protected String framedIp;//用户IP地址
-	@ExcelField(title="account",sort=96)
+	@ExcelField(title="account",sort=104)
 	protected String account;//用户名
-	@ExcelField(title="packet_type",dictType="MESSAGE_TYPE",sort=97)
+	@ExcelField(title="packet_type",dictType="MESSAGE_TYPE",sort=105)
 	protected Integer packetType;//报文类型
 	
 	protected String dIp;
@@ -305,10 +322,10 @@ public class PxyHttpManipulationLog extends  BaseEntity<PxyHttpManipulationLog>{
 	public void setIsp(String isp) {
 		this.isp = isp;
 	}
-	public String getPolicyId() {
+	public Integer getPolicyId() {
 		return policyId;
 	}
-	public void setPolicyId(String policyId) {
+	public void setPolicyId(Integer policyId) {
 		this.policyId = policyId;
 	}
 	public String getStartTime() {
@@ -653,6 +670,66 @@ public class PxyHttpManipulationLog extends  BaseEntity<PxyHttpManipulationLog>{
 	public void setOrderBy(String orderBy) {
 		this.orderBy = orderBy;
 	}
+	public Integer getInterceptState() {
+		return interceptState;
+	}
+	public void setInterceptState(Integer interceptState) {
+		this.interceptState = interceptState;
+	}
+	public Integer getSslServerSideLatency() {
+		return sslServerSideLatency;
+	}
+	public void setSslServerSideLatency(Integer sslServerSideLatency) {
+		this.sslServerSideLatency = sslServerSideLatency;
+	}
+	public Integer getSslClientSideLatency() {
+		return sslClientSideLatency;
+	}
+	public void setSslClientSideLatency(Integer sslClientSideLatency) {
+		this.sslClientSideLatency = sslClientSideLatency;
+	}
+	public String getSslServerSideVersion() {
+		return sslServerSideVersion;
+	}
+	public void setSslServerSideVersion(String sslServerSideVersion) {
+		this.sslServerSideVersion = sslServerSideVersion;
+	}
+	public String getSslClientSideVersion() {
+		return sslClientSideVersion;
+	}
+	public void setSslClientSideVersion(String sslClientSideVersion) {
+		this.sslClientSideVersion = sslClientSideVersion;
+	}
+	public Integer getSslCertVerify() {
+		return sslCertVerify;
+	}
+	public void setSslCertVerify(Integer sslCertVerify) {
+		this.sslCertVerify = sslCertVerify;
+	}
+	public String getStreamTraceId() {
+		return streamTraceId;
+	}
+	public void setStreamTraceId(String streamTraceId) {
+		this.streamTraceId = streamTraceId;
+	}
+	public String getSslError() {
+		return sslError;
+	}
+	public void setSslError(String sslError) {
+		this.sslError = sslError;
+	}
+	public Integer getCfgId() {
+		return cfgId;
+	}
+	public void setCfgId(Integer cfgId) {
+		this.cfgId = cfgId;
+	}
+	public String getFields() {
+		return fields;
+	}
+	public void setFields(String fields) {
+		this.fields = fields;
+	}
 	
 	
 	

src/main/java/com/nis/web/controller/log/pxy/PxyHttpManipulLogController.java

@@ -72,6 +72,9 @@ public class PxyHttpManipulLogController extends BaseController{
 			if (StringUtils.isNotBlank(log.getdIp())) {
 				log.setServerIp(log.getdIp());
 			}
+			if(log.getCfgId()!=null && log.getPolicyId() ==null){
+				log.setPolicyId(log.getCfgId());
+			}
 			initLogSearchValues(log, params);
 
 			List<FunctionServiceDict> serviceList = DictUtils.getFunctionServiceDictList(log.getFunctionId());
@@ -99,14 +102,14 @@ public class PxyHttpManipulLogController extends BaseController{
 					l.setRecvTime(timeStamp2Date(l.getRecvTime(),null));
 					for (CodeResult code : appCodeList) {
 						Integer value3 = Integer.valueOf(code.getCode());
-						if(l.getAppId().equals(value3)){
+						if(l.getAppId() !=null && l.getAppId().equals(value3)){
 							l.setAppName(code.getItem());
 							break;
 						}
 					}
 					for (CodeResult code : protocolCodeList) {
 						Integer value3 = Integer.valueOf(code.getCode());
-						if(l.getProtocolId().equals(value3)){
+						if(l.getProtocolId() !=null && l.getProtocolId().equals(value3)){
 							l.setProtocolName(code.getItem());
 							break;
 						}
@@ -156,7 +159,6 @@ public class PxyHttpManipulLogController extends BaseController{
 				params.put("searchDomain", domain);
 			}
 			List<FunctionServiceDict> serviceList = DictUtils.getFunctionServiceDictList(log.getFunctionId());
-			System.out.print(log.getFunctionId());
 			model.addAttribute("serviceList", serviceList);
 			
 
@@ -181,14 +183,14 @@ public class PxyHttpManipulLogController extends BaseController{
 				l.setRecvTime(timeStamp2Date(l.getRecvTime(),null));
 				for (CodeResult code : appCodeList) {
 					Integer value3 = Integer.valueOf(code.getCode());
-					if(l.getAppId().equals(value3)){
+					if(l.getAppId() !=null && l.getAppId().equals(value3)){
 						l.setAppName(code.getItem());
 						break;
 					}
 				}
 				for (CodeResult code : protocolCodeList) {
 					Integer value3 = Integer.valueOf(code.getCode());
-					if(l.getProtocolId().equals(value3)){
+					if(l.getProtocolId() !=null && l.getProtocolId().equals(value3)){
 						l.setProtocolName(code.getItem());
 						break;
 					}
@@ -236,8 +238,8 @@ public class PxyHttpManipulLogController extends BaseController{
 				time.add(Calendar.MINUTE, -(Constants.LOG_TIME_RANGE/1000/60));
 				String searchStartTime = DateUtils.formatDateTime(time.getTime());
 				
-				params.put("searchStartRecvTime", searchStartTime);
-				params.put("searchEndRecvTime", searchEndTime);
+				params.put("searchStartRecvTime", date2TimeStamp(searchStartTime,"yyyy-MM-dd HH:mm:ss"));
+				params.put("searchEndRecvTime", date2TimeStamp(searchEndTime,"yyyy-MM-dd HH:mm:ss"));
 				entry.setSearchFoundStartTime(searchStartTime);
 				entry.setSearchFoundEndTime(searchEndTime);
 			} else {
@@ -257,7 +259,7 @@ public class PxyHttpManipulLogController extends BaseController{
 		if (StringUtils.isNotBlank(entry.getTransProto())) {
 			params.put("searchTransProto", entry.getTransProto());
 		}
-		if (entry.getService() != null) {
+/*		if (entry.getService() != null) {
 			params.put("searchService", entry.getService());
 		} else if (entry.getAction() != null) {
 			List<FunctionServiceDict> serviceList = DictUtils.getFunctionServiceDictList(entry.getFunctionId());
@@ -268,7 +270,7 @@ public class PxyHttpManipulLogController extends BaseController{
 					params.put("searchService", dict.getServiceId());
 				}
 			}
-		}
+		}*/
 		if (StringUtils.isNotBlank(entry.getServerIp())) {
 			params.put("searchServerIp", entry.getServerIp());
 		}
@@ -284,12 +286,15 @@ public class PxyHttpManipulLogController extends BaseController{
 		if (entry.getEntranceId() != null) {
 			params.put("searchEntranceId", entry.getEntranceId());
 		}
-		if (entry.getCompileId() != null) {
-			params.put("searchCompileId", entry.getCompileId());
+		if (entry.getPolicyId() != null) {
+			params.put("searchPolicyId", entry.getPolicyId());
 		}
 		if (StringUtils.isNotBlank(entry.getOrderBy())) {
 			params.put("orderBy", entry.getOrderBy());
 		}
+		if (StringUtils.isNotBlank(entry.getFields())) {
+			params.put("fields", entry.getFields());
+		}
 	}
 	
 	public String initLogMaps(PxyHttpManipulationLog log,String title){

src/main/resources/messages/message_en.properties

@@ -1617,4 +1617,12 @@ con_duration_ms=Communication Duration
 sni=SNI
 san=SAN
 con_latency_ms=Handshake Latency
-packet_type=Packet Type
+packet_type=Packet Type
+intercept_state=Intercept State
+ssl_server_side_latency=SSL Server Side Latency
+ssl_client_side_latency=SSL Client Side Latency
+ssl_server_side_version=SSL Server Side Version
+ssl_client_side_version=SSL Client Side Version
+ssl_cert_verify=SSL Cert Verify
+stream_trace_id=Stream Trace ID
+ssl_error=SSL Error

src/main/resources/messages/message_ru.properties

@@ -1619,4 +1619,12 @@ con_duration_ms=Communication Duration
 sni=SNI
 san=SAN
 con_latency_ms=Handshake Latency
-packet_type=Packet Type
+packet_type=Packet Type
+intercept_state=Intercept State
+ssl_server_side_latency=SSL Server Side Latency
+ssl_client_side_latency=SSL Client Side Latency
+ssl_server_side_version=SSL Server Side Version
+ssl_client_side_version=SSL Client Side Version
+ssl_cert_verify=SSL Cert Verify
+stream_trace_id=Stream Trace ID
+ssl_error=SSL Error

src/main/resources/messages/message_zh_CN.properties

@@ -1544,8 +1544,8 @@ address_name=\u5730\u5740\u540d\u79f0
 traffic_mirror_address=\u6d41\u91cf\u8f6c\u53d1\u76ee\u7684\u5730\u5740
 content_name=\u5185\u5bb9\u540d\u79f0
 visit_response_page=\u8bbf\u95ee\u963b\u65ad\u9875\u9762
-format=\u683C\u5F0F
-file_is_used=\u7B56\u7565\u88ab\u5f15\u7528
+format=\u683c\u5f0f
+file_is_used=\u7b56\u7565\u88ab\u5f15\u7528
 none_profile_tip=\u8bf7\u9009\u62e9\u6587\u4ef6!
 #---------------------------pxy intercept------------------------------------
 min_should_less_than_max=\u6700\u5c0fSSL\u7248\u672c\u5e94\u5c0f\u4e8e\u6700\u5927SSL\u7248\u672c
@@ -1617,4 +1617,12 @@ con_duration_ms=\u901a\u4fe1\u65f6\u957f
 sni=SNI
 san=SAN
 con_latency_ms=\u63e1\u624b\u5ef6\u8fdf
-packet_type=\u62a5\u6587\u7c7b\u578b
+packet_type=\u62a5\u6587\u7c7b\u578b
+intercept_state=\u62e6\u622a\u72b6\u6001
+ssl_server_side_latency=\u670d\u52a1\u5668\u4fa7SSL\u5efa\u7acb\u5ef6\u8fdf
+ssl_client_side_latency=\u5ba2\u6237\u7aef\u4fa7SSL\u5efa\u7acb\u5ef6\u8fdf
+ssl_server_side_version=\u670d\u52a1\u5668\u4fa7SSL\u7248\u672c
+ssl_client_side_version=\u5ba2\u6237\u7aef\u4fa7SSL\u7248\u672c
+ssl_cert_verify=\u8bc1\u4e66\u6821\u9a8c\u7ed3\u679c
+stream_trace_id=\u6d41\u7684\u8ffd\u8e2aID
+ssl_error=SSL\u9519\u8bef\u4fe1\u606f

src/main/resources/sql/20190604/add_dict.sql

@@ -0,0 +1,18 @@
+
+#添加HTTP(s)操控日志 INTERCEPT_STATE字段的字典内容
+INSERT INTO `sys_data_dictionary_name` (`module_name`, `mark`, `remark`, `revision`, `create_time`, `modify_time`, `status`) VALUES ('拦截状态', 'INTERCEPT_STATE', '', '', '2019-06-03 15:20:00', '2019-06-03 15:20:00', '1');
+#sys_data_dictionary_item 表中的dictionary_id 为 sys_data_dictionary_name 表生成的主键ID的值
+INSERT INTO sys_data_dictionary_item(item_code,item_value,item_desc,item_sort,`status`,type,dictionary_id) 
+VALUES ( '0', 'passthrough', '', 1, 1, 1, (SELECT id FROM sys_data_dictionary_name WHERE mark='INTERCEPT_STATE')),
+('1', 'intercept', '', 2, 1, 1, (SELECT id FROM sys_data_dictionary_name WHERE mark='INTERCEPT_STATE')),
+('2', 'shutdown', '', 3, 1, 1, (SELECT id FROM sys_data_dictionary_name WHERE mark='INTERCEPT_STATE'));
+
+
+#添加HTTP(s)操控日志 SSL_CERT_VERIFY字段的字典内容
+INSERT INTO `sys_data_dictionary_name` (`module_name`, `mark`, `remark`, `revision`, `create_time`, `modify_time`, `status`) VALUES ('证书校验结果', 'SSL_CERT_VERIFY', '', '', '2019-06-03 15:42:08', '2019-06-03 15:42:08', '1');
+#sys_data_dictionary_item 表中的dictionary_id 为 sys_data_dictionary_name 表生成的主键ID的值
+INSERT INTO `sys_data_dictionary_item` (item_code,item_value,item_desc,item_sort,`status`,type,dictionary_id) 
+VALUES ('0', 'verify unapproved', '校验未通过', 1, 1, 1, (SELECT id FROM sys_data_dictionary_name WHERE mark='SSL_CERT_VERIFY')),
+ ('1', 'verify approved', '校验通过', 2, 1, 1, (SELECT id FROM sys_data_dictionary_name WHERE mark='SSL_CERT_VERIFY'));
+
+

src/main/webapp/WEB-INF/views/log/pxy/pxyHttpManipulationList.jsp

@@ -191,7 +191,7 @@
 								<div class="col-md-2">
 								<div class="form-group">
 										<label><spring:message code="cfg_id"></spring:message>：</label>
-										<input name="compileId" type="text" class="form-control logCfgId number" value="${log.compileId }"/>
+										<input name="policyId" type="text" class="form-control logCfgId number" value="${log.policyId }"/>
 								</div>
 								</div>
 								<div class="col-md-4">
@@ -217,17 +217,17 @@
 						<thead>
 							<tr>
 								<th><spring:message code="log"/></th>
-								<th class="sort-column policy_id"  isVisible="false" column="cfg_id" ><spring:message code="cfg_id"/></th>
-								<th class="sort-column action" isVisible="false" column="action" ><spring:message code="action"/></th>
+								<th class="sort-column policy_id"   column="cfg_id" ><spring:message code="cfg_id"/></th>
+								<th class="sort-column action"  column="action" ><spring:message code="action"/></th>
 								<%-- <th class="sort-column found_time" column="found_time" ><spring:message code="found_time"/></th> --%>
-								<th class="sort-column start_time" column="startTime" ><spring:message code="startTime"/></th>
-								<th class="sort-column end_time" column="endTime" ><spring:message code="endTime"/></th>
-								<th class="sort-column recv_time" isVisible="false" column="recv_time" ><spring:message code="recv_time"/></th>
+								<th class="sort-column start_time" isVisible="false" column="startTime" ><spring:message code="startTime"/></th>
+								<th class="sort-column end_time" isVisible="false" column="endTime" ><spring:message code="endTime"/></th>
+								<th class="sort-column recv_time"  column="recv_time" ><spring:message code="recv_time"/></th>
 								
 								<th class="sort-column entrance_id" isVisible="false" column="entrance_id" ><spring:message code="entrance_id"/></th>
 								
 								<th class="sort-column url" column="URL"> URL  &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</th>
-								<th class="sort-column host" isVisible="false" column="host" ><spring:message code="host"/></th>
+								<th class="sort-column host"  column="host" ><spring:message code="host"/></th>
 								<th class="sort-column domain" column="domain_name" ><spring:message code="domain_name"/></th>
 								<th class="sort-column category" isVisible="false" column="category" ><spring:message code="category"/></th>
 								<c:if test="${fns:getUser().isAdmin()}">
@@ -283,6 +283,14 @@
 								<th class="sort-column protocol_id" isVisible="false" column="protocol" ><spring:message code='protocol'/></th>
 								<th class="sort-column con_latency_ms" isVisible="false" column="con_latency_ms" ><spring:message code='con_latency_ms'/></th>
 								<th class="sort-column pinningst" isVisible="false" column="pinning" ><spring:message code='pinning'/></th>
+								<th class="sort-column intercept_state"  column="intercept_state" ><spring:message code='intercept_state'/></th>
+								<th class="sort-column ssl_server_side_latency"  column="ssl_server_side_latency" ><spring:message code='ssl_server_side_latency'/></th>
+								<th class="sort-column ssl_client_side_latency"  column="ssl_client_side_latency" ><spring:message code='ssl_client_side_latency'/></th>
+								<th class="sort-column ssl_server_side_version"  column="ssl_server_side_version" ><spring:message code='ssl_server_side_version'/></th>
+								<th class="sort-column ssl_client_side_version"  column="ssl_client_side_version" ><spring:message code='ssl_client_side_version'/></th>
+								<th class="sort-column ssl_cert_verify"  column="ssl_cert_verify" ><spring:message code='ssl_cert_verify'/></th>
+								<th class="sort-column stream_trace_id" isVisible="false" column="stream_trace_id" ><spring:message code='stream_trace_id'/></th>
+								<th class="sort-column ssl_error"  column="ssl_error" ><spring:message code='ssl_error'/></th>
 								<th class="sort-column c2s_pkt_num" isVisible="false" column="c2s_pkt_num" ><spring:message code='c2s_pkt_num'/></th>
 								<th class="sort-column s2c_pkt_num" isVisible="false" column="s2c_pkt_num" ><spring:message code='s2c_pkt_num'/></th>
 								<th class="sort-column c2s_byte_num" isVisible="false" column="c2s_byte_num" ><spring:message code='c2s_byte_num'/></th>
@@ -298,9 +306,9 @@
 								<tr>
 									<td>
 <%-- 										<span id="open${status.index}" class="log-open-cfg" compileId="${log.cfgId }"> ▷ </span><span  style="display: none" id="close${status.index}" > ▼ </span>
- --%>										<a href="javascript:void(0)" name="viewLogInfo" url="${ctx}/proxy/control/httpRedirect/ajaxHttpSubList" compileId="${log.compileId }" ><i class="icon-book-open"></i></a>
+ --%>										<a href="javascript:void(0)" name="viewLogInfo" url="${ctx}/proxy/control/httpRedirect/ajaxHttpSubList" compileId="${log.policyId }" ><i class="icon-book-open"></i></a>
 									</td>
-									<td>${log.compileId }</td>
+									<td>${log.policyId }</td>
 									<td>
 										<c:set var="actions">${log.action }</c:set>
 										<c:forEach items="${fns:getDictList('SERVICE_ACTION')}" var="dict">
@@ -481,6 +489,30 @@
 					                	</c:forEach>
 					                	<spring:message code="${pinningsts}"/>
 									</td>
+									<td>
+										<c:set var="interceptStates">${log.interceptState }</c:set>
+										<c:forEach items="${fns:getDictList('INTERCEPT_STATE')}" var="interceptType">
+											<c:if test="${interceptType.itemCode eq log.interceptState}">
+											<c:set var="interceptStates">${interceptType.itemValue}</c:set>
+											</c:if>
+					                	</c:forEach>
+					                	<spring:message code="${interceptStates}"/>
+									</td>
+									<td>${log.sslServerSideLatency }</td>
+									<td>${log.sslClientSideLatency }</td>
+									<td>${log.sslServerSideVersion }</td>
+									<td>${log.sslClientSideVersion }</td>
+									<td>
+										<c:set var="sslCertVerifys">${log.sslCertVerify }</c:set>
+										<c:forEach items="${fns:getDictList('SSL_CERT_VERIFY')}" var="sslCertVerifyType">
+											<c:if test="${sslCertVerifyType.itemCode eq log.sslCertVerify}">
+											<c:set var="sslCertVerifys">${sslCertVerifyType.itemValue}</c:set>
+											</c:if>
+					                	</c:forEach>
+					                	<spring:message code="${sslCertVerifys}"/>
+									</td>
+									<td>${log.streamTraceId }</td>
+									<td>${log.sslError }</td>	
 									<td>${log.c2sPktNum }</td>
 									<td>${log.s2cPktNum }</td>
 									<td>${log.c2sByteNum }</td>