From 56901a7acd0525c583091f905eba0badf6405bad Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E6=AE=B5=E5=86=AC=E6=A2=85?= Date: Wed, 12 Dec 2018 11:48:52 +0800 Subject: [PATCH] =?UTF-8?q?=E9=85=8D=E7=BD=AE=E6=B8=85=E7=90=86=EF=BC=8C?= =?UTF-8?q?=E5=A2=9E=E5=8A=A0vpn=E4=BF=A1=E6=81=AF=E6=B8=85=E7=90=86=20dns?= =?UTF-8?q?=E6=AC=BA=E9=AA=97=E5=A2=9E=E5=8A=A0=E4=B8=80=E4=B8=AA=E5=88=9D?= =?UTF-8?q?=E5=A7=8B=E5=8C=96=E6=97=A0=E7=AD=96=E7=95=A5-=E9=BB=98?= =?UTF-8?q?=E8=AE=A4=E7=BB=84-=E6=AC=BA=E9=AA=97ip=E9=85=8D=E7=BD=AE(?= =?UTF-8?q?=E5=AD=98=E5=82=A8+=E4=B8=8B=E5=8F=91)?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- src/main/java/com/nis/util/Constants.java | 4 + .../maintenance/DnsIpCfgController.java | 31 ++++++++ .../web/dao/configuration/DnsIpCfgDao.java | 1 + .../nis/web/dao/configuration/DnsIpCfgDao.xml | 16 ++++ .../configuration/DnsIpCfgService.java | 73 +++++++++++++++++++ src/main/resources/nis.properties | 4 +- src/main/resources/sql/truncate_tables.sql | 4 +- src/main/webapp/WEB-INF/views/home.jsp | 18 +++++ 8 files changed, 149 insertions(+), 2 deletions(-) diff --git a/src/main/java/com/nis/util/Constants.java b/src/main/java/com/nis/util/Constants.java index acf15c5f5..ac28e055f 100644 --- a/src/main/java/com/nis/util/Constants.java +++ b/src/main/java/com/nis/util/Constants.java @@ -761,4 +761,8 @@ public final class Constants { //日志查询接口URL public static final String IR_SNAT_LOG = Configurations.getStringProperty("irSnatLog",""); public static final String IR_DNAT_LOG = Configurations.getStringProperty("irDnatLog",""); + + //日志查询接口URL + public static final String DNS_SPOOFING_IP_DESC = Configurations.getStringProperty("dns_spoofing_ip_desc",""); + public static final String DNS_SPOOFING_IP_IP = Configurations.getStringProperty("dns_spoofing_ip_ip",""); } diff --git a/src/main/java/com/nis/web/controller/configuration/maintenance/DnsIpCfgController.java b/src/main/java/com/nis/web/controller/configuration/maintenance/DnsIpCfgController.java index fa8b9c54c..804e79545 100644 --- a/src/main/java/com/nis/web/controller/configuration/maintenance/DnsIpCfgController.java +++ b/src/main/java/com/nis/web/controller/configuration/maintenance/DnsIpCfgController.java @@ -17,6 +17,7 @@ import org.springframework.stereotype.Controller; import org.springframework.ui.Model; import org.springframework.web.bind.annotation.ModelAttribute; import org.springframework.web.bind.annotation.RequestMapping; +import org.springframework.web.bind.annotation.ResponseBody; import org.springframework.web.servlet.mvc.support.RedirectAttributes; import com.nis.domain.Page; @@ -29,6 +30,8 @@ import com.nis.domain.configuration.IpPortCfg; import com.nis.domain.configuration.DnsIpCfg; import com.nis.domain.configuration.RequestInfo; import com.nis.exceptions.MaatConvertException; +import com.nis.util.AsnCacheUtils; +import com.nis.util.CacheUtils; import com.nis.util.Constants; import com.nis.util.StringUtil; import com.nis.web.controller.BaseController; @@ -69,6 +72,34 @@ public class DnsIpCfgController extends BaseController { return "/cfg/dnsIpCfgForm"; } + /** + * 初始化一条dns fakeip配置 + * @return + */ + @ResponseBody + @RequestMapping(value = {"initSpoofingIp"}) + public String initSpoofingIp(){ + Properties msg=getMsgProp(); + try { + DnsIpCfg entity=new DnsIpCfg(); + entity.setIsAudit(1); + entity.setIsValid(1); + entity.setDnsStrategyId(0); + List list=dnsIpCfgService.findDnsIpCfg(entity); + if(StringUtil.isEmpty(list)) { + dnsIpCfgService.saveAndAudit(); + } + } catch (Exception e) { + logger.error("初始化Spoofing ip失败",e); + e.printStackTrace(); + if(e instanceof MaatConvertException) { + return msg.getProperty("request_service_failed"); + }else { + return msg.getProperty("save_failed"); + } + } + return "success"; + } @RequestMapping(value = {"/saveOrUpdate"}) @RequiresPermissions(value={"dns:fake:ip:config"}) public String saveOrUpdate(Model model,HttpServletRequest request diff --git a/src/main/java/com/nis/web/dao/configuration/DnsIpCfgDao.java b/src/main/java/com/nis/web/dao/configuration/DnsIpCfgDao.java index 35d2f7221..7cd1f24f8 100644 --- a/src/main/java/com/nis/web/dao/configuration/DnsIpCfgDao.java +++ b/src/main/java/com/nis/web/dao/configuration/DnsIpCfgDao.java @@ -12,4 +12,5 @@ import com.nis.web.dao.MyBatisDao; public interface DnsIpCfgDao extends CrudDao { List findPage(DnsIpCfg dnsIpCfg); DnsIpCfg getDnsIpCfg(Long cfgId); + List findDnsIpCfg(DnsIpCfg entity); } diff --git a/src/main/java/com/nis/web/dao/configuration/DnsIpCfgDao.xml b/src/main/java/com/nis/web/dao/configuration/DnsIpCfgDao.xml index 6b00bc9d0..815a502b8 100644 --- a/src/main/java/com/nis/web/dao/configuration/DnsIpCfgDao.xml +++ b/src/main/java/com/nis/web/dao/configuration/DnsIpCfgDao.xml @@ -186,6 +186,22 @@ from dns_ip_cfg r where r.cfg_id=#{cfgId} + insert into dns_ip_cfg ( diff --git a/src/main/java/com/nis/web/service/configuration/DnsIpCfgService.java b/src/main/java/com/nis/web/service/configuration/DnsIpCfgService.java index 5394ab9dd..1355b1401 100644 --- a/src/main/java/com/nis/web/service/configuration/DnsIpCfgService.java +++ b/src/main/java/com/nis/web/service/configuration/DnsIpCfgService.java @@ -21,6 +21,7 @@ import com.nis.domain.configuration.DnsIpCfg; import com.nis.domain.maat.ToMaatResult; import com.nis.exceptions.MaatConvertException; import com.nis.util.ConfigServiceUtil; +import com.nis.util.Constants; import com.nis.web.dao.configuration.DnsIpCfgDao; import com.nis.web.security.UserUtils; import com.nis.web.service.BaseService; @@ -47,6 +48,9 @@ public class DnsIpCfgService extends BaseService{ return page; } + public List findDnsIpCfg(DnsIpCfg entity) { + return dnsIpCfgDao.findDnsIpCfg(entity); + } public DnsIpCfg getDnsIpCfg(Long cfgId) { return dnsIpCfgDao.getDnsIpCfg(cfgId); } @@ -115,6 +119,75 @@ public class DnsIpCfgService extends BaseService{ dnsIpCfgDao.update(entity); } } + @Transactional(readOnly=false,rollbackFor=RuntimeException.class) + public void saveAndAudit(){ + DnsIpCfg dnsIp=new DnsIpCfg(); + dnsIp.setIpType(4); + dnsIp.setDirection(0); + dnsIp.setProtocolId(0); + dnsIp.setProtocol(0); + dnsIp.setIsValid(1); + dnsIp.setIsAudit(1); + dnsIp.setRequestId(0); + dnsIp.setClassify("0"); + dnsIp.setAttribute("0"); + dnsIp.setLable("0"); + dnsIp.setFunctionId(401); + dnsIp.setCfgRegionCode(1); + dnsIp.setCfgType("dns_fake_ip"); + dnsIp.setIpPattern(3); + dnsIp.setSrcIpAddress("0.0.0.0"); + dnsIp.setDestPort("0"); + dnsIp.setSrcPort("0"); + dnsIp.setPortPattern(1); + dnsIp.setDnsStrategyId(0); + dnsIp.setAction(16); + dnsIp.setServiceId(64); + dnsIp.setIsAreaEffective(0); + dnsIp.setAreaEffectiveIds(""); + dnsIp.setCreateTime(new Date()); + dnsIp.setCreatorId(UserUtils.getUser().getId()); + dnsIp.setAuditorId(UserUtils.getUser().getId()); + dnsIp.setAuditTime(new Date()); + dnsIp.setCfgDesc(Constants.DNS_SPOOFING_IP_DESC); + dnsIp.setDestIpAddress(Constants.DNS_SPOOFING_IP_IP); + //调用服务接口获取compileId + List compileIds = new ArrayList(); + try { + compileIds = ConfigServiceUtil.getId(1,1); + } catch (Exception e) { + e.printStackTrace(); + logger.info("获取编译ID出错"); + throw new MaatConvertException(":"+e.getMessage()); + } + if(compileIds != null && compileIds.size() >0 && compileIds.get(0) != 0){ + dnsIp.setCompileId(compileIds.get(0)); + + }else{ + throw new MaatConvertException(""); + } + + dnsIpCfgDao.insert(dnsIp); + + String json=""; + List resStrategyList=new ArrayList(); + InlineIp resStrategy=convertCallBackIp(dnsIp,dnsIp.getDnsStrategyId()); + resStrategyList.add(resStrategy); + //调用服务接口下发配置数据 + json=gsonToJson(resStrategyList); + logger.info("DNS欺骗ip配置下发配置参数:"+json); + //调用服务接口下发配置 + try { + ToMaatResult result = ConfigServiceUtil.postCallbackCfg(json); + if(result!=null){ + logger.info("DNS欺骗ip配置下发响应信息:"+result.getMsg()); + } + } catch (Exception e) { + logger.error("DNS欺骗ip配置下发失败",e); + throw e; + } + + } /** * * @param isAudit diff --git a/src/main/resources/nis.properties b/src/main/resources/nis.properties index aa76c59af..f87579363 100644 --- a/src/main/resources/nis.properties +++ b/src/main/resources/nis.properties @@ -576,4 +576,6 @@ irDnatLog=irDnatLogs trafficBandwidthTrans=trafficBandwidthTrans trafficProtocolList=trafficProtocolList trafficAppList=trafficAppList -ntcActionEntranceReport=ntcActionEntranceReport \ No newline at end of file +ntcActionEntranceReport=ntcActionEntranceReport +dns_spoofing_ip_desc=Default Spoofing IP +dns_spoofing_ip_ip=1.1.1.1 \ No newline at end of file diff --git a/src/main/resources/sql/truncate_tables.sql b/src/main/resources/sql/truncate_tables.sql index 7e25cdce1..32537395e 100644 --- a/src/main/resources/sql/truncate_tables.sql +++ b/src/main/resources/sql/truncate_tables.sql @@ -63,4 +63,6 @@ UPDATE specific_service_cfg SET group_id=0; DELETE FROM ip_reuse_addr_pool; DELETE FROM ip_reuse_ip_cfg; DELETE FROM ip_reuse_policy_cfg; -DELETE FROM user_manage; \ No newline at end of file +DELETE FROM user_manage; +#clear vpn +DELETE FROM service_dict_info where item_type='5'; \ No newline at end of file diff --git a/src/main/webapp/WEB-INF/views/home.jsp b/src/main/webapp/WEB-INF/views/home.jsp index 19e763ae5..db1d1b633 100644 --- a/src/main/webapp/WEB-INF/views/home.jsp +++ b/src/main/webapp/WEB-INF/views/home.jsp @@ -213,6 +213,21 @@ function refreshCache(cacheName){ } }) } +function initSpoofingIp(){ + $.ajax({ + type:'post', + url:'${ctx}/cfg/dnsIp/initSpoofingIp', + dataType:'text', + async:false, + success:function(data,textStatus){ + if(data=="success"){ + alert("success"); + }else{ + alert(data); + } + } + }) +}