gfwleak/k18-ntcs-web-ntc
Archived
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

(1)IP Pattern拆分为源IP Pattern,目的IP Pattern,Port Pattern

Browse Source 
拆分为源端口Pattern,目的端口Pattern
(2)show more修改,并移动刀ipRegion.js中
(3)IP复用未作修改
(4)删除部分废弃的导入模板以及废弃的导入方法
This commit is contained in:
wangxin
2019-04-18 10:15:23 +08:00
parent 6bd04a92ce
commit 5a5bdddba4
90 changed files with 2957 additions and 3362 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
src/main/java/com/nis/util/ConfigConvertUtil.java
View File

@@ -395,7 +395,7 @@ public class ConfigConvertUtil {
*/
public static List<IpCfg> ipConvert(IpCfg dstIp, BaseIpCfg srcIp) {
List<IpCfg> ipConvertList = Lists.newArrayList();
boolean isRange = ((srcIp.getIpPattern() != null && srcIp.getIpPattern() == 2)
boolean isRange = (((srcIp.getSrcIpPattern() != null && srcIp.getSrcIpPattern() == 2)||(srcIp.getDestIpPattern()) != null && srcIp.getDestIpPattern() == 2)
|| (srcIp.getSrcIpAddress() != null && srcIp.getSrcIpAddress().indexOf("-") > -1)
|| (srcIp.getDestIpAddress() != null && srcIp.getDestIpAddress().indexOf("-") > -1));
if (isRange) {

1
src/main/java/com/nis/util/ConfigServiceUtil.java
View File

@@ -133,6 +133,7 @@ public class ConfigServiceUtil {
result=response.readEntity(String.class);
}
} catch (Exception e) {
logger.error("request_service_failed",e);
throw new MaatConvertException("<spring:message code=\"request_service_failed\"/>");
}
if(response != null && response.getStatus() == 200){

73
src/main/java/com/nis/util/excel/ExportExcel.java
View File

@@ -39,6 +39,7 @@ import org.apache.poi.xssf.usermodel.XSSFClientAnchor;
import org.apache.poi.xssf.usermodel.XSSFRichTextString;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.util.Assert;
import com.google.common.collect.Lists;
import com.nis.domain.FunctionRegionDict;
@@ -583,25 +584,28 @@ public class ExportExcel {
commentStr="";
}
}else{
String[] ipPatterns=region.getConfigIpPattern().split(";");
if("client_ip".equals(headerStr)){
Assert.isTrue(ipPatterns.length==2);
String srcIpPattern=ipPatterns[0];
if(((","+region.getConfigIpPortShow()+",").indexOf(",1,") > -1) ){
commentStr="";
if((","+region.getConfigIpType()+",").indexOf(",4,") > -1){
if((","+region.getConfigIpPattern()+",").indexOf(",3,") > -1){
if((","+srcIpPattern+",").indexOf(",3,") > -1){
commentStr=commentStr+Constants.IPV4_DEFAULT_IP_VALUE+"IPv4"+"\n";
if(StringUtil.isEmpty(defaultValue)){
defaultValue=Constants.IPV4_DEFAULT_IP_VALUE;
}
index++;
}
if((","+region.getConfigIpPattern()+",").indexOf(",2,") > -1){
if((","+srcIpPattern+",").indexOf(",2,") > -1){
commentStr=commentStr+Constants.IPV4_DEFAULT_IP_RANGE_VALUE+""+msgProp.getProperty("ipv4_range_tip")+""+"\n";
if(StringUtil.isEmpty(defaultValue)){
defaultValue=Constants.IPV4_DEFAULT_IP_RANGE_VALUE;
}
index++;
}
if((","+region.getConfigIpPattern()+",").indexOf(",1,") > -1){
if((","+srcIpPattern+",").indexOf(",1,") > -1){
commentStr=commentStr+Constants.IPV4_DEFAULT_IP_SUBNET_VALUE+""+msgProp.getProperty("ipv4_subnet_tip")+""+"\n";
if(StringUtil.isEmpty(defaultValue)){
defaultValue=Constants.IPV4_DEFAULT_IP_SUBNET_VALUE;
@@ -610,21 +614,21 @@ public class ExportExcel {
}
}
if((","+region.getConfigIpType()+",").indexOf(",6,") > -1){
if((","+region.getConfigIpPattern()+",").indexOf(",3,") > -1){
if((","+srcIpPattern+",").indexOf(",3,") > -1){
commentStr=commentStr+Constants.IPV6_DEFAULT_IP_VALUE+"IPv6"+"\n";
if(StringUtil.isEmpty(defaultValue)){
defaultValue=Constants.IPV6_DEFAULT_IP_VALUE;
}
index++;
}
if((","+region.getConfigIpPattern()+",").indexOf(",2,") > -1){
if((","+srcIpPattern+",").indexOf(",2,") > -1){
commentStr=commentStr+Constants.IPV6_DEFAULT_IP_RANGE_VALUE+""+msgProp.getProperty("ipv6_range_tip")+""+"\n";
if(StringUtil.isEmpty(defaultValue)){
defaultValue=Constants.IPV6_DEFAULT_IP_RANGE_VALUE;
}
index++;
}
if((","+region.getConfigIpPattern()+",").indexOf(",1,") > -1){
if((","+srcIpPattern+",").indexOf(",1,") > -1){
commentStr=commentStr+Constants.IPV6_DEFAULT_IP_SUBNET_VALUE+""+msgProp.getProperty("ipv6_subnet_tip")+""+"\n\n";
if(StringUtil.isEmpty(defaultValue)){
defaultValue=Constants.IPV6_DEFAULT_IP_SUBNET_VALUE;
@@ -673,12 +677,12 @@ public class ExportExcel {
,msgProp.getProperty("serverip"))+"\n";
index++;
index++;
commentStr=commentStr+""+String.format(msgProp.getProperty("the_same_ip_type_pattern"))+"\n";
commentStr=commentStr+""+String.format(msgProp.getProperty("the_same_ip_type"))+"\n";
index++;
index++;
}
//4、IP Range 开始IP和结束IP必须在同一网段
if(((","+region.getConfigIpPattern()+",").indexOf(",2,") > -1)){
if(((","+srcIpPattern+",").indexOf(",2,") > -1)){
commentStr=commentStr+""+msgProp.getProperty("ip_range")+","+msgProp.getProperty("ip_range_bit_field")+"\n";
index++;
index++;
@@ -689,7 +693,7 @@ public class ExportExcel {
}
//6、IPv4 Mask 掩码范围16-32
if(((","+region.getConfigIpPattern()+",").indexOf(",1,") > -1)){
if(((","+srcIpPattern+",").indexOf(",1,") > -1)){
if(((","+region.getConfigIpType()+",").indexOf(",4,") > -1)){
commentStr=commentStr+""+msgProp.getProperty("ipv4_subnet_tip")+","+msgProp.getProperty("ipv4_mask_range_tip")+"\n";
index++;
@@ -705,24 +709,25 @@ public class ExportExcel {
}
if("server_ip".equals(headerStr)){
String destIpPattern=ipPatterns[1];
if((","+region.getConfigIpPortShow()+",").indexOf(",3,") > -1){
commentStr="";
if((","+region.getConfigIpType()+",").indexOf(",4,") > -1){
if((","+region.getConfigIpPattern()+",").indexOf(",3,") > -1){
if((","+destIpPattern+",").indexOf(",3,") > -1){
commentStr=commentStr+Constants.IPV4_DEFAULT_IP_VALUE+"IPv4"+"\n";
if(StringUtil.isEmpty(defaultValue)){
defaultValue=Constants.IPV4_DEFAULT_IP_VALUE;
}
index++;
}
if((","+region.getConfigIpPattern()+",").indexOf(",2,") > -1){
if((","+destIpPattern+",").indexOf(",2,") > -1){
commentStr=commentStr+Constants.IPV4_DEFAULT_IP_RANGE_VALUE+""+msgProp.getProperty("ipv4_range_tip")+""+"\n";
if(StringUtil.isEmpty(defaultValue)){
defaultValue=Constants.IPV4_DEFAULT_IP_RANGE_VALUE;
}
index++;
}
if((","+region.getConfigIpPattern()+",").indexOf(",1,") > -1){
if((","+destIpPattern+",").indexOf(",1,") > -1){
commentStr=commentStr+Constants.IPV4_DEFAULT_IP_SUBNET_VALUE+""+msgProp.getProperty("ipv4_subnet_tip")+""+"\n";
if(StringUtil.isEmpty(defaultValue)){
defaultValue=Constants.IPV4_DEFAULT_IP_SUBNET_VALUE;
@@ -731,21 +736,21 @@ public class ExportExcel {
}
}
if((","+region.getConfigIpType()+",").indexOf(",6,") > -1){
if((","+region.getConfigIpPattern()+",").indexOf(",3,") > -1){
if((","+destIpPattern+",").indexOf(",3,") > -1){
commentStr=commentStr+Constants.IPV6_DEFAULT_IP_VALUE+"IPv6"+"\n";
if(StringUtil.isEmpty(defaultValue)){
defaultValue=Constants.IPV6_DEFAULT_IP_VALUE;
}
index++;
}
if((","+region.getConfigIpPattern()+",").indexOf(",2,") > -1){
if((","+destIpPattern+",").indexOf(",2,") > -1){
commentStr=commentStr+Constants.IPV6_DEFAULT_IP_RANGE_VALUE+""+msgProp.getProperty("ipv6_range_tip")+""+"\n";
if(StringUtil.isEmpty(defaultValue)){
defaultValue=Constants.IPV6_DEFAULT_IP_RANGE_VALUE;
}
index++;
}
if((","+region.getConfigIpPattern()+",").indexOf(",1,") > -1){
if((","+destIpPattern+",").indexOf(",1,") > -1){
commentStr=commentStr+Constants.IPV6_DEFAULT_IP_SUBNET_VALUE+""+msgProp.getProperty("ipv6_subnet_tip")+""+"\n\n";
if(StringUtil.isEmpty(defaultValue)){
defaultValue=Constants.IPV6_DEFAULT_IP_SUBNET_VALUE;
@@ -778,12 +783,12 @@ public class ExportExcel {
,msgProp.getProperty("serverip"))+"\n";
index++;
index++;
commentStr=commentStr+""+String.format(msgProp.getProperty("the_same_ip_type_pattern"))+"\n";
commentStr=commentStr+""+String.format(msgProp.getProperty("the_same_ip_type"))+"\n";
index++;
index++;
}
//4、IP Range 开始IP和结束IP必须在同一网段
if(((","+region.getConfigIpPattern()+",").indexOf(",2,") > -1)){
if(((","+destIpPattern+",").indexOf(",2,") > -1)){
commentStr=commentStr+""+msgProp.getProperty("ip_range")+","+msgProp.getProperty("ip_range_bit_field")+"\n";
index++;
index++;
@@ -794,7 +799,7 @@ public class ExportExcel {
}
//6、IPv4 Mask 掩码范围16-32
if(((","+region.getConfigIpPattern()+",").indexOf(",1,") > -1)){
if(((","+destIpPattern+",").indexOf(",1,") > -1)){
if(((","+region.getConfigIpType()+",").indexOf(",4,") > -1)){
commentStr=commentStr+""+msgProp.getProperty("ipv4_subnet_tip")+","+msgProp.getProperty("ipv4_mask_range_tip")+"\n";
index++;
@@ -820,17 +825,20 @@ public class ExportExcel {
}else{
protocol=region.getConfigProtocol();
}
String[] portPatterns=region.getConfigPortPattern().split(";");
Assert.isTrue(portPatterns.length==2);
if("client_port".equals(headerStr)){
String srcPortPattern=portPatterns[0];
if(((","+region.getConfigIpPortShow()+",").indexOf(",2,") > -1)){
commentStr="";
if((","+region.getConfigPortPattern()+",").indexOf(",1,") > -1){
if((","+srcPortPattern+",").indexOf(",1,") > -1){
commentStr=commentStr+Constants.PORT_DEFAULT+"Port"+"\n";
if(StringUtil.isEmpty(defaultValue)){
defaultValue=Constants.PORT_DEFAULT;
}
index++;
}
if((","+region.getConfigPortPattern()+",").indexOf(",2,") > -1){
if((","+srcPortPattern+",").indexOf(",2,") > -1){
commentStr=commentStr+Constants.PORT_MASK_DEFAULT+"Port/"+msgProp.getProperty("port_mask")+""+"\n\n";
if(StringUtil.isEmpty(defaultValue)){
defaultValue=Constants.PORT_MASK_DEFAULT;
@@ -856,11 +864,11 @@ public class ExportExcel {
index++;
}
//2、源端口、目的端口格式必须一致
if(((","+region.getConfigIpPortShow()+",").indexOf(",2,") > -1) && ((","+region.getConfigIpPortShow()+",").indexOf(",4,") > -1)){
commentStr=commentStr+""+msgProp.getProperty("the_same_port_pattern")+"\n";
index++;
index++;
}
// if(((","+region.getConfigIpPortShow()+",").indexOf(",2,") > -1) && ((","+region.getConfigIpPortShow()+",").indexOf(",4,") > -1)){
// commentStr=commentStr+"▶"+msgProp.getProperty("the_same_port_pattern")+"\n";
// index++;
// index++;
// }
//3、端口和端口掩码范围0-65535
commentStr=commentStr+""+msgProp.getProperty("port_mask_comment_tip")+"\n";
index++;
@@ -895,16 +903,17 @@ public class ExportExcel {
}
}
if("server_port".equals(headerStr)){
String destPortPattern=portPatterns[1];
if((","+region.getConfigIpPortShow()+",").indexOf(",4,") > -1){
commentStr="";
if((","+region.getConfigPortPattern()+",").indexOf(",1,") > -1){
if((","+destPortPattern+",").indexOf(",1,") > -1){
commentStr=commentStr+Constants.PORT_DEFAULT+"Port"+"\n";
if(StringUtil.isEmpty(defaultValue)){
defaultValue=Constants.PORT_DEFAULT;
}
index++;
}
if((","+region.getConfigPortPattern()+",").indexOf(",2,") > -1){
if((","+destPortPattern+",").indexOf(",2,") > -1){
commentStr=commentStr+Constants.PORT_MASK_DEFAULT+"Port/"+msgProp.getProperty("port_mask")+""+"\n\n";
if(StringUtil.isEmpty(defaultValue)){
defaultValue=Constants.PORT_MASK_DEFAULT;
@@ -930,11 +939,11 @@ public class ExportExcel {
index++;
}
//2、源端口、目的端口格式必须一致
if(((","+region.getConfigIpPortShow()+",").indexOf(",2,") > -1) && ((","+region.getConfigIpPortShow()+",").indexOf(",4,") > -1)){
commentStr=commentStr+""+msgProp.getProperty("the_same_port_pattern")+"\n";
index++;
index++;
}
// if(((","+region.getConfigIpPortShow()+",").indexOf(",2,") > -1) && ((","+region.getConfigIpPortShow()+",").indexOf(",4,") > -1)){
// commentStr=commentStr+"▶"+msgProp.getProperty("the_same_port_pattern")+"\n";
// index++;
// index++;
// }
//3、端口和端口掩码范围0-65535
commentStr=commentStr+""+msgProp.getProperty("port_mask_comment_tip")+"\n";
index++;

525
src/main/java/com/nis/util/excel/thread/CheckIpFormatThread.java
View File

@@ -13,6 +13,7 @@ import org.apache.commons.lang3.StringUtils;
import org.apache.log4j.Logger;
import org.jets3t.service.ServiceException;
import org.springframework.beans.BeanUtils;
import org.springframework.util.Assert;
import com.beust.jcommander.internal.Lists;
import com.nis.domain.FunctionRegionDict;
@@ -27,6 +28,7 @@ import com.nis.domain.configuration.template.IpRateLimitTemplate;
//import com.nis.util.AsnCacheUtils;
import com.nis.util.Constants;
import com.nis.util.DictUtils;
import com.nis.util.IPUtil;
import com.nis.util.StringUtil;
public class CheckIpFormatThread implements Callable<String>{
@@ -92,14 +94,20 @@ public class CheckIpFormatThread implements Callable<String>{
}
boolean canIPv4 = ipType.indexOf("4") > -1;
boolean canIPv6 = ipType.indexOf("6") > -1;
String ipPattern = regionDict.getConfigIpPattern();
if (StringUtils.isBlank(ipPattern)) {
String[] ipPattern = regionDict.getConfigIpPattern().split(";");
Assert.isTrue(ipPattern!=null&&ipPattern.length==2);
String srcIpPattern = ipPattern[0];
String destIpPattern = ipPattern[1];
if (StringUtils.isBlank(srcIpPattern)||StringUtils.isBlank(destIpPattern)) {
throw new RuntimeException("Found IP region,but ipPattern is Empty");
}
boolean canIPFormat = ipType.indexOf("3") > -1;
boolean canIPSubnetFormat = ipType.indexOf("1") > -1;
boolean canIPRangeFormat = ipType.indexOf("2") > -1;
String portPattern = regionDict.getConfigPortPattern();
String[] portPattern = regionDict.getConfigPortPattern().split(";");
Assert.isTrue(ipPattern!=null&&ipPattern.length==2);
String srcPortPattern=portPattern[0];
String destPortPattern=portPattern[1];
String protocol = regionDict.getConfigProtocol();
String direction = regionDict.getConfigDirection();
StringBuffer errTip = new StringBuffer();
@@ -621,74 +629,40 @@ public class CheckIpFormatThread implements Callable<String>{
prop.getProperty("server_ip", "Server IP")) + ";");
} else if (configIpPortShow.indexOf("1") > -1) {
String matchType = this.validIPAddress("client_ip", errInfo, baseIpCfg.getSrcIpAddress(),
ipType, ipPattern);
ipType, srcIpPattern);
//设置源IP pattern
if (matchType.endsWith("RANGE")) {
baseIpCfg.setSrcIpPattern(2);
} else if (matchType.endsWith("SUBNET")) {
baseIpCfg.setSrcIpPattern(1);
}else {
baseIpCfg.setSrcIpPattern(3);
}
if (matchType.startsWith("IPV6")) {
if (matchType.endsWith("RANGE")) {
// baseIpCfg.setSrcIpAddress(baseIpCfg.getSrcIpAddress());
baseIpCfg.setDestIpAddress(Constants.IPV6_DEFAULT_IP_RANGE_VALUE);
baseIpCfg.setIpPattern(2);
if (baseIpCfg.getSrcIpAddress()
.startsWith(Constants.IPV6_DEFAULT_IP_RANGE_VALUE.split("-")[0])) {
errInfo.append(prop.getProperty("client_ip")+" "
+ String.format(prop.getProperty("can_not_be"),
Constants.IPV6_DEFAULT_IP_RANGE_VALUE.split("-")[0])
+ ";");
}
} else if (matchType.endsWith("SUBNET")) {
// baseIpCfg.setSrcIpAddress(baseIpCfg.getSrcIpAddress());
baseIpCfg.setDestIpAddress(Constants.IPV6_DEFAULT_IP_SUBNET_VALUE);
baseIpCfg.setIpPattern(1);
if (baseIpCfg.getSrcIpAddress()
.startsWith(Constants.IPV6_DEFAULT_IP_SUBNET_VALUE.split("/")[0])) {
errInfo.append(
prop.getProperty("client_ip")+" "
+ String.format(prop.getProperty("can_not_be"),
Constants.IPV6_DEFAULT_IP_SUBNET_VALUE.split("/")[0])
+ ";");
}
} else {
// baseIpCfg.setSrcIpAddress(baseIpCfg.getSrcIpAddress());
//设置dest ip值
if(destIpPattern.indexOf("3")>-1) {//优先设置IP类型因为拆分的IP较少
baseIpCfg.setDestIpAddress(Constants.IPV6_DEFAULT_IP_VALUE);
baseIpCfg.setIpPattern(3);
if (baseIpCfg.getSrcIpAddress().equals(Constants.IPV6_DEFAULT_IP_VALUE)) {
errInfo.append(prop.getProperty("client_ip")+" " + String.format(
prop.getProperty("can_not_be"), Constants.IPV6_DEFAULT_IP_VALUE) + ";");
}
baseIpCfg.setDestIpPattern(3);
}else if(destIpPattern.indexOf("1")>-1) {
baseIpCfg.setDestIpAddress(Constants.IPV6_DEFAULT_IP_SUBNET_VALUE);
baseIpCfg.setDestIpPattern(1);
}else {
baseIpCfg.setDestIpAddress(Constants.IPV6_DEFAULT_IP_RANGE_VALUE);
baseIpCfg.setDestIpPattern(2);
}
//设置IP类型
baseIpCfg.setIpType(6);
} else {
if (matchType.endsWith("RANGE")) {
this.validIPv4Range("client_ip", errInfo, baseIpCfg.getSrcIpAddress());
// baseIpCfg.setSrcIpAddress("0.0.0.0-"+baseIpCfg.getSrcIpAddress().split("-")[0].substring(0,baseIpCfg.getSrcIpAddress().indexOf("-")+1)+baseIpCfg.getSrcIpAddress().split("-")[1]);
baseIpCfg.setDestIpAddress(Constants.IPV4_DEFAULT_IP_RANGE_VALUE);
baseIpCfg.setIpPattern(2);
if (baseIpCfg.getSrcIpAddress()
.startsWith(Constants.IPV4_DEFAULT_IP_RANGE_VALUE.split("-")[0])) {
errInfo.append(prop.getProperty("client_ip")+" "
+ String.format(prop.getProperty("can_not_be"),
Constants.IPV4_DEFAULT_IP_RANGE_VALUE.split("-")[0])
+ ";");
}
} else if (matchType.endsWith("SUBNET")) {
// baseIpCfg.setSrcIpAddress(baseIpCfg.getSrcIpAddress());
baseIpCfg.setDestIpAddress(Constants.IPV4_DEFAULT_IP_SUBNET_VALUE);
baseIpCfg.setIpPattern(1);
if (baseIpCfg.getSrcIpAddress()
.startsWith(Constants.IPV4_DEFAULT_IP_SUBNET_VALUE.split("/")[0])) {
errInfo.append(
prop.getProperty("client_ip")+" "
+ String.format(prop.getProperty("can_not_be"),
Constants.IPV4_DEFAULT_IP_SUBNET_VALUE.split("/")[0])
+ ";");
}
} else {
baseIpCfg.setSrcIpAddress(baseIpCfg.getSrcIpAddress());
//设置dest ip值
if(destIpPattern.indexOf("3")>-1) {//优先设置IP类型因为拆分的IP较少
baseIpCfg.setDestIpAddress(Constants.IPV4_DEFAULT_IP_VALUE);
baseIpCfg.setIpPattern(3);
if (baseIpCfg.getSrcIpAddress().equals(Constants.IPV4_DEFAULT_IP_VALUE)) {
errInfo.append(prop.getProperty("client_ip")+" " + String.format(
prop.getProperty("can_not_be"), Constants.IPV4_DEFAULT_IP_VALUE) + ";");
}
baseIpCfg.setDestIpPattern(3);
}else if(destIpPattern.indexOf("1")>-1) {
baseIpCfg.setDestIpAddress(Constants.IPV4_DEFAULT_IP_SUBNET_VALUE);
baseIpCfg.setDestIpPattern(1);
}else {
baseIpCfg.setDestIpAddress(Constants.IPV4_DEFAULT_IP_RANGE_VALUE);
baseIpCfg.setDestIpPattern(2);
}
baseIpCfg.setIpType(4);
}
@@ -700,166 +674,169 @@ public class CheckIpFormatThread implements Callable<String>{
prop.getProperty("client_ip", "Client IP")) + ";");
} else if (configIpPortShow.indexOf("3") > -1) {
String matchType = this.validIPAddress("server_ip", errInfo, baseIpCfg.getDestIpAddress(),
ipType, ipPattern);
ipType, destIpPattern);
if (matchType.endsWith("RANGE")) {
baseIpCfg.setDestIpPattern(2);
} else if (matchType.endsWith("SUBNET")) {
baseIpCfg.setDestIpPattern(1);
}else {
baseIpCfg.setDestIpPattern(3);
}
if (matchType.startsWith("IPV6")) {
if (matchType.endsWith("RANGE")) {
// baseIpCfg.setDestIpAddress(baseIpCfg.getDestIpAddress());
baseIpCfg.setSrcIpAddress(Constants.IPV6_DEFAULT_IP_RANGE_VALUE);
baseIpCfg.setIpPattern(2);
if (baseIpCfg.getDestIpAddress()
.startsWith(Constants.IPV6_DEFAULT_IP_RANGE_VALUE.split("-")[0])) {
errInfo.append(prop.getProperty("server_ip")+" "
+ String.format(prop.getProperty("can_not_be"),
Constants.IPV6_DEFAULT_IP_RANGE_VALUE.split("-")[0])
+ ";");
}
} else if (matchType.endsWith("SUBNET")) {
// baseIpCfg.setDestIpAddress(baseIpCfg.getDestIpAddress());
baseIpCfg.setSrcIpAddress(Constants.IPV6_DEFAULT_IP_SUBNET_VALUE);
baseIpCfg.setIpPattern(1);
if (baseIpCfg.getDestIpAddress()
.startsWith(Constants.IPV6_DEFAULT_IP_SUBNET_VALUE.split("/")[0])) {
errInfo.append(
prop.getProperty("server_ip")+" "
+ String.format(prop.getProperty("can_not_be"),
Constants.IPV6_DEFAULT_IP_SUBNET_VALUE.split("/")[0])
+ ";");
}
} else {
// baseIpCfg.setDestIpAddress(baseIpCfg.getDestIpAddress());
if(srcIpPattern.indexOf("3")>-1) {
baseIpCfg.setSrcIpAddress(Constants.IPV6_DEFAULT_IP_VALUE);
baseIpCfg.setIpPattern(3);
if (baseIpCfg.getDestIpAddress().equals(Constants.IPV6_DEFAULT_IP_VALUE)) {
errInfo.append(prop.getProperty("server_ip")+" " + String.format(
prop.getProperty("can_not_be"), Constants.IPV6_DEFAULT_IP_VALUE) + ";");
}
baseIpCfg.setSrcIpPattern(3);
}else if(srcIpPattern.indexOf("1")>-1) {
baseIpCfg.setSrcIpAddress(Constants.IPV6_DEFAULT_IP_SUBNET_VALUE);
baseIpCfg.setSrcIpPattern(1);
}else {
baseIpCfg.setSrcIpAddress(Constants.IPV6_DEFAULT_IP_RANGE_VALUE);
baseIpCfg.setSrcIpPattern(2);
}
baseIpCfg.setIpType(6);
} else {
if (matchType.endsWith("RANGE")) {
this.validIPv4Range("server_ip", errInfo, baseIpCfg.getDestIpAddress());
// baseIpCfg.setDestIpAddress("0.0.0.0-"+baseIpCfg.getDestIpAddress().split("-")[0]
// .substring(0,baseIpCfg.getDestIpAddress().indexOf("-")+1)
// +baseIpCfg.getDestIpAddress().split("-")[1]);
baseIpCfg.setSrcIpAddress(Constants.IPV4_DEFAULT_IP_RANGE_VALUE);
baseIpCfg.setIpPattern(2);
if (baseIpCfg.getDestIpAddress()
.startsWith(Constants.IPV4_DEFAULT_IP_RANGE_VALUE.split("-")[0])) {
errInfo.append(prop.getProperty("server_ip")+" "
+ String.format(prop.getProperty("can_not_be"),
Constants.IPV4_DEFAULT_IP_RANGE_VALUE.split("-")[0])
+ ";");
}
} else if (matchType.endsWith("SUBNET")) {
// baseIpCfg.setDestIpAddress(baseIpCfg.getDestIpAddress());
baseIpCfg.setSrcIpAddress(Constants.IPV4_DEFAULT_IP_SUBNET_VALUE);
baseIpCfg.setIpPattern(1);
if (baseIpCfg.getDestIpAddress()
.startsWith(Constants.IPV4_DEFAULT_IP_SUBNET_VALUE.split("/")[0])) {
errInfo.append(
prop.getProperty("server_ip")+" "
+ String.format(prop.getProperty("can_not_be"),
Constants.IPV4_DEFAULT_IP_SUBNET_VALUE.split("/")[0])
+ ";");
}
} else {
// baseIpCfg.setDestIpAddress(baseIpCfg.getDestIpAddress());
if(srcIpPattern.indexOf("3")>-1) {
baseIpCfg.setSrcIpAddress(Constants.IPV4_DEFAULT_IP_VALUE);
baseIpCfg.setIpPattern(3);
if (baseIpCfg.getDestIpAddress().equals(Constants.IPV4_DEFAULT_IP_VALUE)) {
errInfo.append(prop.getProperty("server_ip")+" " + String.format(
prop.getProperty("can_not_be"), Constants.IPV4_DEFAULT_IP_VALUE) + ";");
}
baseIpCfg.setSrcIpPattern(3);
}else if(srcIpPattern.indexOf("1")>-1) {
baseIpCfg.setSrcIpAddress(Constants.IPV4_DEFAULT_IP_SUBNET_VALUE);
baseIpCfg.setSrcIpPattern(1);
}else {
baseIpCfg.setSrcIpAddress(Constants.IPV4_DEFAULT_IP_RANGE_VALUE);
baseIpCfg.setSrcIpPattern(2);
}
baseIpCfg.setIpType(4);
}
}
} else {// 全不为空
String matchType = this.validIPAddress("client_ip", errInfo, baseIpCfg.getSrcIpAddress(), ipType,
ipPattern);
String matchType1 = this.validIPAddress("server_ip", errInfo, baseIpCfg.getDestIpAddress(), ipType,
ipPattern);
if (StringUtils.isNotBlank(matchType) && StringUtils.isNotBlank(matchType1)
&& !matchType.equals(matchType1)) {
errInfo.append(prop.get("the_same_ip_type_pattern") + ";");
String srcMatchType = this.validIPAddress("client_ip", errInfo, baseIpCfg.getSrcIpAddress(), ipType,
srcIpPattern);
String destMatchType = this.validIPAddress("server_ip", errInfo, baseIpCfg.getDestIpAddress(), ipType,
destIpPattern);
if (StringUtils.isNotBlank(srcMatchType) && StringUtils.isNotBlank(destMatchType)
&& ((srcMatchType.startsWith("IPV6")&&destMatchType.startsWith("IPV4"))
||(srcMatchType.startsWith("IPV4")&&destMatchType.startsWith("IPV6")))) {
errInfo.append(prop.get("the_same_ip_type") + ";");
}
// baseIpCfg.setSrcIpAddress(baseIpCfg.getSrcIpAddress());
// baseIpCfg.setDestIpAddress(baseIpCfg.getDestIpAddress());
if (matchType.startsWith("IPV6")) {
if (srcMatchType.startsWith("IPV6")) {
baseIpCfg.setIpType(6);
} else {
baseIpCfg.setIpType(4);
}
if (matchType.endsWith("RANGE")) {
if (matchType.startsWith("IPV4")) {
if (srcMatchType.endsWith("RANGE")) {
baseIpCfg.setSrcIpPattern(2);
}else if(srcMatchType.endsWith("SUBNET")) {
baseIpCfg.setSrcIpPattern(1);
}else {
baseIpCfg.setSrcIpPattern(3);
}
if (destMatchType.endsWith("RANGE")) {
baseIpCfg.setDestIpPattern(2);
}else if(destMatchType.endsWith("SUBNET")) {
baseIpCfg.setDestIpPattern(1);
}else {
baseIpCfg.setDestIpPattern(3);
}
if(baseIpCfg.getIpType().equals(4)) {
if (srcMatchType.endsWith("RANGE")) {
this.validIPv4Range("client_ip", errInfo, baseIpCfg.getSrcIpAddress());
}
if (destMatchType.endsWith("RANGE")) {
this.validIPv4Range("server_ip", errInfo, baseIpCfg.getDestIpAddress());
}
if (baseIpCfg.getSrcIpAddress().split("-")[0]
.equals(baseIpCfg.getDestIpAddress().split("-")[0])) {
errInfo.append(String.format(prop.getProperty("are_the_same"),
baseIpCfg.getSrcIpAddress().split("-")[0],
baseIpCfg.getDestIpAddress().split("-")[0]) + ";");
//验证Ip范围
if(StringUtils.isEmpty(errInfo)&&(srcMatchType.endsWith("RANGE")||destMatchType.endsWith("RANGE"))) {
this.ValidateRangeCross(baseIpCfg.getSrcIpAddress(),baseIpCfg.getDestIpAddress(), errInfo);
}
baseIpCfg.setIpPattern(2);
} else if (matchType.endsWith("SUBNET")) {
if (baseIpCfg.getSrcIpAddress().split("/")[0]
.equals(baseIpCfg.getDestIpAddress().split("/")[0])) {
errInfo.append(String.format(prop.getProperty("are_the_same"),
baseIpCfg.getSrcIpAddress().split("/")[0],
baseIpCfg.getDestIpAddress().split("/")[0]) + ";");
}
boolean same=false;
if(baseIpCfg.getSrcIpAddress().indexOf("-")>-1) {
if(baseIpCfg.getDestIpAddress().indexOf("-")>-1) {
if(baseIpCfg.getSrcIpAddress().split("-")[0].equals(baseIpCfg.getDestIpAddress().split("-")[0])) {
same=true;
}
}else if(baseIpCfg.getDestIpAddress().indexOf("/")>-1) {
if(baseIpCfg.getSrcIpAddress().split("-")[0].equals(baseIpCfg.getDestIpAddress().split("/")[0])) {
same=true;
}
}else {
if(baseIpCfg.getSrcIpAddress().split("-")[0].equals(baseIpCfg.getDestIpAddress())) {
same=true;
}
}
baseIpCfg.setIpPattern(1);
} else {
if (baseIpCfg.getSrcIpAddress().equals(baseIpCfg.getDestIpAddress())) {
errInfo.append(String.format(prop.getProperty("are_the_same"),
prop.getProperty("client_ip"), prop.getProperty("server_ip")) + ";");
}else if(baseIpCfg.getSrcIpAddress().indexOf("/")>-1){
if(baseIpCfg.getDestIpAddress().indexOf("-")>-1) {
if(baseIpCfg.getSrcIpAddress().split("/")[0].equals(baseIpCfg.getDestIpAddress().split("-")[0])) {
same=true;
}
}else if(baseIpCfg.getDestIpAddress().indexOf("/")>-1) {
if(baseIpCfg.getSrcIpAddress().split("/")[0].equals(baseIpCfg.getDestIpAddress().split("/")[0])) {
same=true;
}
}else {
if(baseIpCfg.getSrcIpAddress().split("/")[0].equals(baseIpCfg.getDestIpAddress())) {
same=true;
}
}
baseIpCfg.setIpPattern(3);
}else {
if(baseIpCfg.getDestIpAddress().indexOf("-")>-1) {
if(baseIpCfg.getSrcIpAddress().equals(baseIpCfg.getDestIpAddress().split("-")[0])) {
same=true;
}
}else if(baseIpCfg.getDestIpAddress().indexOf("/")>-1) {
if(baseIpCfg.getSrcIpAddress().equals(baseIpCfg.getDestIpAddress().split("/")[0])) {
same=true;
}
}else {
if(baseIpCfg.getSrcIpAddress().equals(baseIpCfg.getDestIpAddress())) {
same=true;
}
}
}
if(same) {
errInfo.append(String.format(prop.getProperty("are_the_same"),
baseIpCfg.getSrcIpAddress().split("-")[0],
baseIpCfg.getDestIpAddress().split("-")[0]) + ";");
}
}
// TODO 判断源IP和目的IP的值
// TODO 判断源IP和目的IP格式
if (destPortEmpty) {
if (srcPortEmpty) {
if (srcPortEmpty) {
if(srcPortPattern.indexOf("1")>-1) {
baseIpCfg.setSrcPort("0");
baseIpCfg.setDestPort("0");
baseIpCfg.setPortPattern(1);
} else {
if (baseIpCfg.getSrcPort().indexOf("/") > -1) {
baseIpCfg.setDestPort("0/0");
baseIpCfg.setPortPattern(2);
} else {
baseIpCfg.setDestPort("0");
baseIpCfg.setPortPattern(1);
}
baseIpCfg.setSrcPort(baseIpCfg.getSrcPort().trim());
baseIpCfg.setSrcPortPattern(1);
}else {
baseIpCfg.setSrcPort("0/0");
baseIpCfg.setSrcPortPattern(2);
}
} else {
if (srcPortEmpty) {
if (baseIpCfg.getDestPort().indexOf("/") > -1) {
baseIpCfg.setSrcPort("0/0");
baseIpCfg.setPortPattern(2);
} else {
baseIpCfg.setSrcPort("0");
baseIpCfg.setPortPattern(1);
}
} else {
if (baseIpCfg.getSrcPort().indexOf("/") > -1) {
baseIpCfg.setPortPattern(2);
} else {
baseIpCfg.setPortPattern(1);
}
baseIpCfg.setSrcPort(baseIpCfg.getSrcPort().trim());
}
baseIpCfg.setDestPort(baseIpCfg.getDestPort().trim());
}else if(baseIpCfg.getSrcPort().indexOf("/")>-1) {
baseIpCfg.setSrcPortPattern(2);
}else {
baseIpCfg.setSrcPortPattern(1);
}
// TODO 判断源端口和目的端口格式
// TODO 判断源和目的端口的值
boolean validPort = this.validPort(errInfo, baseIpCfg.getSrcPort(), baseIpCfg.getDestPort(),
portPattern);
baseIpCfg.setSrcPort(baseIpCfg.getSrcPort().trim());
boolean validSrcPort = this.validPort(errInfo, baseIpCfg.getSrcPort(),
srcPortPattern,"client_port");
if (destPortEmpty) {
if(destPortPattern.indexOf("1")>-1) {
baseIpCfg.setDestPort("0");
baseIpCfg.setDestPortPattern(1);
}else {
baseIpCfg.setDestPort("0/0");
baseIpCfg.setDestPortPattern(2);
}
}else if(baseIpCfg.getDestPort().indexOf("/")>-1) {
baseIpCfg.setDestPortPattern(2);
}else {
baseIpCfg.setDestPortPattern(1);
}
baseIpCfg.setDestPort(baseIpCfg.getDestPort().trim());
boolean validDestPort = this.validPort(errInfo, baseIpCfg.getSrcPort(),
srcPortPattern,"server_port");
if (baseIpCfg.getProtocol()==null) {
//packet ip reject
if(regionDict.getFunctionId().equals(5)&&serviceDict!=null&&serviceDict.getServiceId().equals(16)) {
@@ -901,7 +878,7 @@ public class CheckIpFormatThread implements Callable<String>{
}
boolean validProtocol = this.validProtocol(errInfo, baseIpCfg.getProtocol(), protocol);
// 验证protocol与port是否符合逻辑
if (validProtocol && validPort) {
if (validProtocol && validSrcPort&&validDestPort) {
validProtocolAndPort(errInfo, baseIpCfg.getProtocol(), baseIpCfg.getSrcPort(),
baseIpCfg.getDestPort());
}
@@ -1030,153 +1007,85 @@ public class CheckIpFormatThread implements Callable<String>{
* @param portPattern
* @throws ServiceException
*/
public boolean validPort(StringBuffer errInfo, String srcPortStr, String destPortStr, String portPattern)
public boolean validPort(StringBuffer errInfo, String portStr, String portPattern,String portName)
throws ServiceException {
boolean valid = true;
if (portPattern.equals("1")) {
try {
Integer srcPort = Integer.parseInt(srcPortStr);
Integer srcPort = Integer.parseInt(portStr);
if (srcPort < 0 || srcPort > 65535) {
errInfo.append(prop.getProperty("client_port")
errInfo.append(prop.getProperty(portName)
+ String.format(prop.getProperty("must_between"), 0, 65535) + ";");
valid = false;
}
} catch (Exception e) {
// TODO: handle exception
errInfo.append(String.format(prop.getProperty("not_number"), prop.getProperty("client_port")) + ";");
valid = false;
}
try {
Integer destPort = Integer.parseInt(destPortStr);
if (destPort < 0 || destPort > 65535) {
errInfo.append(prop.getProperty("server_port")
+ String.format(prop.getProperty("must_between"), 0, 65535) + ";");
valid = false;
}
} catch (Exception e) {
// TODO: handle exception
errInfo.append(String.format(prop.getProperty("not_number"), prop.getProperty("server_port")) + ";");
errInfo.append(String.format(prop.getProperty("not_number"), prop.getProperty(portName)) + ";");
valid = false;
}
} else if (portPattern.equals("2")) {
Pattern p = Constants.PORT_MASK_PATTERN;
Matcher m = p.matcher(srcPortStr);
Matcher m = p.matcher(portStr);
if (!m.matches()) {
errInfo.append(
String.format(prop.getProperty("is_in_wrong_format"), prop.getProperty("client_port")) + ";");
String.format(prop.getProperty("is_in_wrong_format"), prop.getProperty(portName)) + ";");
valid = false;
}
m = p.matcher(destPortStr);
if (!m.matches()) {
errInfo.append(
String.format(prop.getProperty("is_in_wrong_format"), prop.getProperty("server_port")) + ";");
valid = false;
}
Integer srcPort = Integer.parseInt(srcPortStr.split("/")[0]);
Integer srcPortMask = Integer.parseInt(srcPortStr.split("/")[1]);
Integer destPort = Integer.parseInt(destPortStr.split("/")[0]);
Integer destPortMask = Integer.parseInt(destPortStr.split("/")[1]);
if (srcPort < 0 || srcPort > 65535) {
errInfo.append(prop.getProperty("client_port")
Integer port = Integer.parseInt(portStr.split("/")[0]);
Integer portMask = Integer.parseInt(portStr.split("/")[1]);
if (port < 0 || port > 65535) {
errInfo.append(prop.getProperty(portName)
+ String.format(prop.getProperty("must_between"), 0, 65535) + ";");
valid = false;
}
if (srcPortMask < 0 || srcPortMask > 65535) {
errInfo.append(prop.getProperty("client_port_mask")
+ String.format(prop.getProperty("must_between"), 0, 65535) + ";");
valid = false;
}
if (destPort < 0 || destPort > 65535) {
errInfo.append(prop.getProperty("server_port")
+ String.format(prop.getProperty("must_between"), 0, 65535) + ";");
valid = false;
}
if (destPortMask < 0 || destPortMask > 65535) {
errInfo.append(prop.getProperty("server_port_mask")
if (portMask < 0 || portMask > 65535) {
errInfo.append(prop.getProperty(portName+"_mask")
+ String.format(prop.getProperty("must_between"), 0, 65535) + ";");
valid = false;
}
} else if (portPattern.indexOf("1") > -1 && portPattern.indexOf("2") > -1) {
Pattern p = Constants.PORT_MASK_PATTERN;
Pattern p1 = Constants.PORT_PATTERN;
Matcher m = p.matcher(srcPortStr);// 源端口是端口掩码格式
Matcher m1 = p.matcher(destPortStr);// 目的端口是端口掩码格式
Matcher m2 = p1.matcher(srcPortStr);// 源端口是端口格式
Matcher m3 = p1.matcher(destPortStr);// 目的端口是端口格式
Matcher m = p.matcher(portStr);// 源端口是端口掩码格式
Matcher m2 = p1.matcher(portStr);// 端口是端口格式
if (m.matches()) {
Integer srcPort = Integer.parseInt(srcPortStr.split("/")[0]);
Integer srcPortMask = Integer.parseInt(srcPortStr.split("/")[1]);
Integer srcPort = Integer.parseInt(portStr.split("/")[0]);
Integer srcPortMask = Integer.parseInt(portStr.split("/")[1]);
if (srcPort < 0 || srcPort > 65535) {
errInfo.append(prop.getProperty("client_port")
errInfo.append(prop.getProperty(portName)
+ String.format(prop.getProperty("must_between"), 0, 65535) + ";");
valid = false;
}
if (srcPortMask < 0 || srcPortMask > 65535) {
errInfo.append(prop.getProperty("client_port_mask")
+ String.format(prop.getProperty("must_between"), 0, 65535) + ";");
valid = false;
}
}
if (m1.matches()) {
Integer destPort = Integer.parseInt(destPortStr.split("/")[0]);
Integer destPortMask = Integer.parseInt(destPortStr.split("/")[1]);
if (destPort < 0 || destPort > 65535) {
errInfo.append(prop.getProperty("server_port")
+ String.format(prop.getProperty("must_between"), 0, 65535) + ";");
valid = false;
}
if (destPortMask < 0 || destPortMask > 65535) {
errInfo.append(prop.getProperty("server_port_mask")
errInfo.append(prop.getProperty(portName+"_mask")
+ String.format(prop.getProperty("must_between"), 0, 65535) + ";");
valid = false;
}
}
if (m2.matches()) {
try {
Integer srcPort = Integer.parseInt(srcPortStr);
Integer srcPort = Integer.parseInt(portStr);
if (srcPort < 0 || srcPort > 65535) {
errInfo.append(prop.getProperty("client_port")
errInfo.append(prop.getProperty(portName)
+ String.format(prop.getProperty("must_between"), 0, 65535) + ";");
valid = false;
}
} catch (Exception e) {
// TODO: handle exception
errInfo.append(
String.format(prop.getProperty("not_number"), prop.getProperty("client_port")) + ";");
String.format(prop.getProperty("not_number"), prop.getProperty(portName)) + ";");
valid = false;
}
}
if (m3.matches()) {
try {
Integer destPort = Integer.parseInt(destPortStr);
if (destPort < 0 || destPort > 65535) {
errInfo.append(prop.getProperty("server_port")
+ String.format(prop.getProperty("must_between"), 0, 65535) + ";");
valid = false;
}
} catch (Exception e) {
// TODO: handle exception
errInfo.append(
String.format(prop.getProperty("not_number"), prop.getProperty("server_port")) + ";");
valid = false;
}
}
if ((m.matches() && m3.matches()) || (m2.matches() && m1.matches())) {
errInfo.append(prop.getProperty("the_same_port_pattern") + ";");
valid = false;
}
if (!m.matches() && !m2.matches()) {
errInfo.append(
String.format(prop.getProperty("is_in_wrong_format"), prop.getProperty("client_port")) + ";");
String.format(prop.getProperty("is_in_wrong_format"), prop.getProperty(portName)) + ";");
valid = false;
}
if (!m1.matches() && !m3.matches()) {
errInfo.append(
String.format(prop.getProperty("is_in_wrong_format"), prop.getProperty("server_port")) + ";");
valid = false;
}
}
return valid;
}
@@ -1369,7 +1278,44 @@ public class CheckIpFormatThread implements Callable<String>{
}
return matchType;
}
public void ValidateRangeCross(String srcIp,String destIp,StringBuffer errInfo) {
long srcStart=0l,srcEnd=0,srcNum=0l,destStart=0l,destEnd=0l,destNum=0l;
if(srcIp.indexOf("-")>-1) {
String[] srcArr=srcIp.split("\\-");
srcStart=IPUtil.getIpHostDesimal(srcArr[0]);
srcEnd=IPUtil.getIpHostDesimal(srcArr[1]);
}else if(srcIp.indexOf("/")>-1) {
srcNum=IPUtil.getIpHostDesimal(srcIp.split("/")[0]);
}else {
srcNum=IPUtil.getIpHostDesimal(srcIp);
}
if(destIp.indexOf("-")>-1) {
String[] destArr=destIp.split("\\-");
destStart=IPUtil.getIpHostDesimal(destArr[0]);
destEnd=IPUtil.getIpHostDesimal(destArr[1]);
}else if(destIp.indexOf("/")>-1) {
destNum=IPUtil.getIpHostDesimal(destIp.split("/")[0]);
}else {
destNum=IPUtil.getIpHostDesimal(destIp);
}
if(srcNum==0l) {
if(destNum==0l) {
if(!(destEnd<srcStart||srcEnd<destStart)) {
errInfo.append(prop.getProperty("range_cross")+";");
}
}else {
if(destNum>=srcStart&&destNum<=srcEnd) {
errInfo.append(prop.getProperty("range_cross")+";");
}
}
}else {
if(destNum==0l) {
if(srcNum>=destStart&&srcNum<=destEnd) {
errInfo.append(prop.getProperty("range_cross")+";");
}
}
}
}
public List<Map<Long, AsnGroupInfo>> getAsnNoMaps() {
return asnNoMaps;
}
@@ -1382,5 +1328,4 @@ public class CheckIpFormatThread implements Callable<String>{
public void setAsnGroupInfos(Map<Long, AsnGroupInfo> asnGroupInfos) {
this.asnGroupInfos = asnGroupInfos;
}
}