gfwleak/k18-ntcs-web-ntc
Archived
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

asn相关功能修改

Browse Source
This commit is contained in:
duandongmei
2019-01-16 13:55:12 +06:00
parent cc0b7dc86c
commit 616a80555d
8 changed files with 346 additions and 49 deletions
Download Patch File Download Diff File Expand all files Collapse all files

102
src/main/java/com/nis/util/excel/thread/CheckIpFormatThread.java
View File

@@ -106,12 +106,22 @@ public class CheckIpFormatThread implements Callable<String>{
BeanUtils.copyProperties(list.get(i), baseIpCfg);
String cfgDesc = baseIpCfg.getCfgDesc();
// 配置描述限制
if(StringUtils.isBlank(cfgDesc)) {
errInfo.append(
String.format(prop.getProperty("can_not_null"), prop.getProperty("config_describe")) + ";");
}else if(cfgDesc.length() > 128) {
errInfo.append(prop.getProperty("config_describe")+prop.getProperty("length_error")+" "+String.format(prop.getProperty("max_length")+":128") + ";");
if(!regionDict.getFunctionId().equals(600)){
if(StringUtils.isBlank(cfgDesc)) {
errInfo.append(
String.format(prop.getProperty("can_not_null"), prop.getProperty("config_describe")) + ";");
}else if(cfgDesc.length() > 128) {
errInfo.append(prop.getProperty("config_describe")+prop.getProperty("length_error")+" "+String.format(prop.getProperty("max_length")+":128") + ";");
}
}
if(regionDict.getFunctionId().equals(200)) {
if(!serviceDict.getAction().equals(1)) {
baseIpCfg.setDoLog(0);
}
}
// doLog属性检验
this.validDoLog(baseIpCfg,errInfo);
// 特殊字段验证
// packet ip ratelimit
@@ -158,16 +168,17 @@ public class CheckIpFormatThread implements Callable<String>{
// payload ip
if (regionDict.getFunctionId().equals(212)) {
// replace_zone
if (StringUtils.isBlank(baseIpCfg.getUserRegion1())) {
List<SysDataDictionaryItem> dict=DictUtils.getDictList("INTERCEPT_REPLACE_ZONE");
baseIpCfg.setUserRegion1(dict.get(0).getItemCode());
}
String userRegion1 = baseIpCfg.getUserRegion1();
if (StringUtils.isNotBlank(userRegion1)) {
Object val = DictUtils.getDictLabel("INTERCEPT_REPLACE_ZONE", userRegion1);
if (StringUtils.isBlank(val.toString())) {
if (StringUtils.isBlank(val.toString())||"默认".equals(val.toString())) {
errInfo.append(String.format(prop.getProperty("is_incorrect"), prop.getProperty("replace_zone"))
+ ";");
}
} else {
errInfo.append(
String.format(prop.getProperty("can_not_null"), prop.getProperty("replace_zone")) + ";");
}
// replaced_content
@@ -369,16 +380,31 @@ public class CheckIpFormatThread implements Callable<String>{
String.format(prop.getProperty("is_incorrect"), prop.getProperty("antiddos_protocol"))
+ ";");
}
if(bpsThreadshold==null) {
errInfo.append(
String.format(prop.getProperty("can_not_null"), prop.getProperty("bps_threadshold"))
+ ";");
}else {
if(bpsThreadshold < 1000000) {
errInfo.append(prop.getProperty("bps_threadshold")+prop.getProperty("min_value")+"1000000;");
}else if(String.valueOf(bpsThreadshold).length() > 18) {
errInfo.append(prop.getProperty("bps_threadshold")+prop.getProperty("length_error")+" "+String.format(prop.getProperty("max_length")+":18") + ";");
}
}
if(ppsThreadshold==null) {
errInfo.append(
String.format(prop.getProperty("can_not_null"), prop.getProperty("pps_threadshold"))
+ ";");
}else {
if(ppsThreadshold < 1000) {
errInfo.append(prop.getProperty("pps_threadshold")+prop.getProperty("min_value")+"1000;");
}else if(String.valueOf(ppsThreadshold).length() > 18) {
errInfo.append(prop.getProperty("pps_threadshold")+prop.getProperty("length_error")+" "+String.format(prop.getProperty("max_length")+":18") + ";");
}
}
if("TCP_SYN".equals(antiddosProtocol)) {
baseIpCfg.setProtocol(6);
}else if("UDP_NTP".equals(antiddosProtocol)) {
@@ -512,6 +538,38 @@ public class CheckIpFormatThread implements Callable<String>{
}
}
// IpSpoofing
if (regionDict.getFunctionId().equals(214)) {
List<SysDataDictionaryItem> dicts = DictUtils.getDictList("SPOOFING_IP_TYPE");
if(StringUtils.isBlank(baseIpCfg.getUserRegion1())) {
baseIpCfg.setUserRegion1(dicts.get(0).getItemCode());
}
String userRegion1 = baseIpCfg.getUserRegion1(); // SpooFing
String userRegion2 = baseIpCfg.getUserRegion2(); // With
if (StringUtils.isNotBlank(userRegion1)) {
boolean has = false;
for (SysDataDictionaryItem dict : dicts) {
if (dict.getItemCode().equals(userRegion1)) {
has = true;
break;
}
}
if (!has) {
errInfo.append(String.format(prop.getProperty("is_incorrect"),prop.getProperty("spoofing") + " ") + ";");
}
}
String errMsg = null == prop.getProperty("With")?"With ":prop.getProperty("With");
if(StringUtils.isBlank(userRegion2)) {
errInfo.append(
String.format(prop.getProperty("can_not_null"),errMsg + " ") + ";");
}else {
String regex = "^((25[0-5]|2[0-4]\\d|[01]?\\d\\d?)\\.){3}(25[0-5]|2[0-4]\\d|[01]?\\d\\d?)$";
if(!userRegion2.matches(regex)) {
errInfo.append(String.format(prop.getProperty("is_in_wrong_format"),errMsg +" ") + ";");
}
}
}
if (regionDict.getRegionType().equals(1)) {
boolean srcIpEmpty = false;
boolean destIpEmpty = false;
@@ -1153,7 +1211,31 @@ public class CheckIpFormatThread implements Callable<String>{
errInfo.append(prop.get(ipName) + " " + prop.get("ip_range_smaller") + ";");
}
}
/**
* doLog属性校验
* @param baseIpCfg
* @param errInfo
*/
public void validDoLog(IpPortCfg baseIpCfg, StringBuffer errInfo) {
String configDoLog = serviceDict.getConfigDoLog();
if(StringUtils.isNotBlank(configDoLog)) {
String defaultValue = configDoLog.substring(configDoLog.lastIndexOf(";")+1);
String doLogOption = configDoLog.substring(configDoLog.indexOf(";")+1, configDoLog.lastIndexOf(";"));
if(baseIpCfg.getDoLog() == null) {
baseIpCfg.setDoLog(Integer.parseInt(defaultValue));
}
Integer doLog = baseIpCfg.getDoLog();
if(!doLogOption.contains(doLog+"")) {
errInfo.append(
String.format(prop.getProperty("is_incorrect"), prop.getProperty("do_log"))
+ ";");
}
}
}
/**
* 根据位运算把 byte[] -> int
*