From 8261647a35278612dddc004957970197379498f4 Mon Sep 17 00:00:00 2001
From: wangxin <wangxin@zdjizhi.com>
Date: Thu, 23 May 2019 19:12:37 +0800
Subject: [PATCH] =?UTF-8?q?=EF=BC=881=EF=BC=89=E8=B0=83=E6=95=B4=E6=8B=A6?=
 =?UTF-8?q?=E6=88=AAaction=20=E4=B8=BA2=20=EF=BC=882=EF=BC=89=E4=BF=AE?=
 =?UTF-8?q?=E5=A4=8D=E5=AF=BC=E5=87=BAbug?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../domain/configuration/PxyInterceptCfg.java | 32 ++++++++--------
 .../java/com/nis/util/excel/ExportExcel.java  |  4 +-
 .../excel/thread/CheckIpFormatThread.java     |  4 +-
 .../excel/thread/CheckStringFormatThread.java |  6 +--
 .../configuration/ntc/IpController.java       |  7 ++--
 .../proxy/InterceptController.java            | 38 ++++++++++++-------
 .../sql/20190521/intercept_policy.sql         |  1 +
 .../WEB-INF/include/excel/importModal.jsp     |  8 ++--
 .../views/cfg/intercept/interceptForm.jsp     | 14 +++----
 .../views/cfg/intercept/interceptList.jsp     |  8 ++--
 10 files changed, 66 insertions(+), 56 deletions(-)

diff --git a/src/main/java/com/nis/domain/configuration/PxyInterceptCfg.java b/src/main/java/com/nis/domain/configuration/PxyInterceptCfg.java
index 20d8d4f40..3ff381ad3 100644
--- a/src/main/java/com/nis/domain/configuration/PxyInterceptCfg.java
+++ b/src/main/java/com/nis/domain/configuration/PxyInterceptCfg.java
@@ -8,41 +8,41 @@ public class PxyInterceptCfg extends CfgIndexInfo {
 	 * 
 	 */
 	private static final long serialVersionUID = 994229066993318362L;
-	@ExcelField(title="pxy_intercept_monit_keyring",sort=7)
+	@ExcelField(title="pxy_intercept_monit_keyring",sort=8)
 	private String keyring;
-	@ExcelField(title="exclusions_ev_cert",dictType="SYS_YES_NO",sort=8)
+	@ExcelField(title="exclusions_ev_cert",dictType="SYS_YES_NO",sort=9)
 	private String evCert;
-	@ExcelField(title="exclusions_cert_transparency",dictType="SYS_YES_NO",sort=9)
+	@ExcelField(title="exclusions_cert_transparency",dictType="SYS_YES_NO",sort=10)
 	private String certTransparency;
-	@ExcelField(title="exclusions_client_cert_req",dictType="SYS_YES_NO",sort=10)
+	@ExcelField(title="exclusions_client_cert_req",dictType="SYS_YES_NO",sort=11)
 	private String clientCertReq;
-	@ExcelField(title="exclusions_pinning",dictType="SYS_YES_NO",sort=11)
+	@ExcelField(title="exclusions_pinning",dictType="SYS_YES_NO",sort=12)
 	private String pinning;
-	@ExcelField(title="cert_verify_approach_cn",dictType="SYS_YES_NO",sort=12)
+	@ExcelField(title="cert_verify_approach_cn",dictType="SYS_YES_NO",sort=13)
 	private String cn;
-	@ExcelField(title="cert_verify_approach_issuer",dictType="SYS_YES_NO",sort=13)
+	@ExcelField(title="cert_verify_approach_issuer",dictType="SYS_YES_NO",sort=14)
 	private String issuer;
-	@ExcelField(title="cert_verify_approach_self_signed",dictType="SYS_YES_NO",sort=14)
+	@ExcelField(title="cert_verify_approach_self_signed",dictType="SYS_YES_NO",sort=15)
 	private String selfSigned;
-	@ExcelField(title="cert_verify_approach_expiration",dictType="SYS_YES_NO",sort=15)
+	@ExcelField(title="cert_verify_approach_expiration",dictType="SYS_YES_NO",sort=16)
 	private String expiration;
-	@ExcelField(title="cert_verify_fail_method",dictType="FAIL_METHOD",sort=16)
+	@ExcelField(title="cert_verify_fail_method",dictType="FAIL_METHOD",sort=17)
 	private String failMethod;
-	@ExcelField(title="ssl_ver_min",dictType="SSL_VERSION",sort=17)
+	@ExcelField(title="ssl_ver_min",dictType="SSL_VERSION",sort=18)
 	private String min;
-	@ExcelField(title="ssl_ver_max",dictType="SSL_VERSION",sort=18)
+	@ExcelField(title="ssl_ver_max",dictType="SSL_VERSION",sort=19)
 	private String max;
-	@ExcelField(title="ssl_ver_mirror_client",dictType="SYS_YES_NO",sort=19)
+	@ExcelField(title="ssl_ver_mirror_client",dictType="SYS_YES_NO",sort=20)
 	private String mirrorClient;
-	@ExcelField(title="decrypt_mirror_enable",dictType="SYS_YES_NO",sort=20)
+	@ExcelField(title="decrypt_mirror_enable",dictType="SYS_YES_NO",sort=21)
 	private String enable;
-	@ExcelField(title="decrypt_mirror_mirror_profile",sort=21)
+	@ExcelField(title="decrypt_mirror_mirror_profile",sort=22)
 	private String mirrorProfile;
 	private String userRegion1;
 	private String userRegion2;
 	private String userRegion3;
 	private String userRegion4;
-	private String userRegion5;
+//	private String userRegion5;
 	public String getKeyring() {
 		return keyring;
 	}
diff --git a/src/main/java/com/nis/util/excel/ExportExcel.java b/src/main/java/com/nis/util/excel/ExportExcel.java
index d166f7969..e0d34d868 100644
--- a/src/main/java/com/nis/util/excel/ExportExcel.java
+++ b/src/main/java/com/nis/util/excel/ExportExcel.java
@@ -2861,8 +2861,8 @@ public class ExportExcel {
 	/**
 	 * 构造函数
 	 * @param msgProp 国际化配置
-	 * @param title sheet名称
-	 * @param cls 实体对象，通过annotation.ExportField获取标题
+	 * @param titleList sheet名称
+	 * @param clsMap 实体对象，通过annotation.ExportField获取标题
 	 * @param type 导出类型（1:导出数据；2：导出模板）
 	 * @param groups 导入分组
 	 * @return 
diff --git a/src/main/java/com/nis/util/excel/thread/CheckIpFormatThread.java b/src/main/java/com/nis/util/excel/thread/CheckIpFormatThread.java
index 09148f9ec..cc604a1d6 100644
--- a/src/main/java/com/nis/util/excel/thread/CheckIpFormatThread.java
+++ b/src/main/java/com/nis/util/excel/thread/CheckIpFormatThread.java
@@ -121,7 +121,7 @@ public class CheckIpFormatThread implements Callable<String>{
 		String direction = regionDict.getConfigDirection();
 		StringBuffer errTip = new StringBuffer();
 		// 因IP拦截 监测
-		if(regionDict.getFunctionId().equals(200) && serviceDict.getAction().equals(1)){
+		if(regionDict.getFunctionId().equals(200) && serviceDict.getAction().equals(2)){
 			protocol="6";
 		}
 		List<SysDataDictionaryItem> sslversions = new ArrayList<>();
@@ -150,7 +150,7 @@ public class CheckIpFormatThread implements Callable<String>{
 			}
 
 			if(regionDict.getFunctionId().equals(200)) {
-				if(!serviceDict.getAction().equals(1)) {
+				if(!serviceDict.getAction().equals(2)) {
 					baseIpCfg.setDoLog(0);
 				}
 			}
diff --git a/src/main/java/com/nis/util/excel/thread/CheckStringFormatThread.java b/src/main/java/com/nis/util/excel/thread/CheckStringFormatThread.java
index 2dde77e5d..a9a93bb80 100644
--- a/src/main/java/com/nis/util/excel/thread/CheckStringFormatThread.java
+++ b/src/main/java/com/nis/util/excel/thread/CheckStringFormatThread.java
@@ -124,7 +124,7 @@ public class CheckStringFormatThread implements Callable<String>{
 			}
 			
 			if(regionDict.getFunctionId().equals(200)) {
-				if(!serviceDict.getAction().equals(1)) {
+				if(!serviceDict.getAction().equals(2)) {
 					baseStringCfg.setDoLog(0);
 				}
 			}
@@ -151,7 +151,7 @@ public class CheckStringFormatThread implements Callable<String>{
 				}
 				// 代理-域名拦截
 				if (regionDict.getFunctionId().equals(200) && "intercept_domain".equals(regionDict.getConfigServiceType())) {
-					if(serviceDict.getAction().equals(1)) {
+					/*if(serviceDict.getAction().equals(1)) {
 						if(StringUtils.isBlank(baseStringCfg.getUserRegion5())) {
 							 baseStringCfg.setUserRegion5("1");
 						}
@@ -171,7 +171,7 @@ public class CheckStringFormatThread implements Callable<String>{
 							}
 						}
 						
-					}else if(serviceDict.getAction().equals(64)) {
+					}else*/ if(serviceDict.getAction().equals(64)) {
 						baseStringCfg.setUserRegion1("0");// limit_rate_type（限速方式默认值）
 						if(StringUtils.isBlank(baseStringCfg.getUserRegion2())) {
 							baseStringCfg.setUserRegion2("0.1");
diff --git a/src/main/java/com/nis/web/controller/configuration/ntc/IpController.java b/src/main/java/com/nis/web/controller/configuration/ntc/IpController.java
index c3e365e15..79e470d6f 100644
--- a/src/main/java/com/nis/web/controller/configuration/ntc/IpController.java
+++ b/src/main/java/com/nis/web/controller/configuration/ntc/IpController.java
@@ -198,8 +198,7 @@ public class IpController extends BaseController{
 	 * 
 	 * @param model
 	 * @param cfg
-	 * @param auditType 审核类型 ：批量审核时使用，1批量生效，0批量失效
-	 * @param isAudit
+	 * @param isAudit 审核类型 ：批量审核时使用，1批量生效，0批量失效
 	 * @param isValid
 	 * @param ids
 	 * @param functionId
@@ -481,7 +480,7 @@ public class IpController extends BaseController{
 					ExportExcel excel=new ExportExcel(serviceDict,regionDict,pro,null, IpRateLimitTemplate.class, 2);
 					excel.setDataList(pro,classList,null).
 			    	write(request,response, fileName).dispose();
-				}else if(serviceDict.getServiceId().equals(512)){
+				}else if(serviceDict.getAction().equals(2)){//forward
 					List<InterceptIpTemplate> classList=new ArrayList<InterceptIpTemplate>();
 					ExportExcel excel=new ExportExcel(serviceDict,regionDict,pro,null, InterceptIpTemplate.class, 2);
 					excel.setDataList(pro,classList,null).
@@ -528,7 +527,7 @@ public class IpController extends BaseController{
 				excel.setDataList(pro,classList,null).
 		    	write(request,response, fileName).dispose();
 			}else if(regionDict.getFunctionId().equals(200)){// 拦截策略（域名）
-				if(serviceDict.getAction().equals(1)){// 监测
+				if(serviceDict.getAction().equals(2)){// forward
 					List<InterceptDomainTemplate> classList=new ArrayList<InterceptDomainTemplate>();
 					ExportExcel excel=new ExportExcel(serviceDict,regionDict,pro,null, InterceptDomainTemplate.class, 2);
 					excel.setDataList(pro,classList,null).
diff --git a/src/main/java/com/nis/web/controller/configuration/proxy/InterceptController.java b/src/main/java/com/nis/web/controller/configuration/proxy/InterceptController.java
index 7e7bf221a..14c7ee705 100644
--- a/src/main/java/com/nis/web/controller/configuration/proxy/InterceptController.java
+++ b/src/main/java/com/nis/web/controller/configuration/proxy/InterceptController.java
@@ -122,7 +122,7 @@ public class InterceptController extends CommonController {
 	public String saveInterceptIpCfg(RedirectAttributes redirectAttributes, Model model, HttpServletRequest request,
 			HttpServletResponse response, String ids, CfgIndexInfo entity) {
 		try {
-			if(!entity.getAction().equals(1)||!entity.getServiceId().equals(512)) {
+			if(!entity.getAction().equals(2)||!entity.getServiceId().equals(512)) {
 				entity.setUserRegion(null);
 			}else {
 				if(entity.getUserRegion()==null) {
@@ -476,6 +476,7 @@ public class InterceptController extends CommonController {
 			}
 			// 获取证书信息
 			List<PxyObjKeyring> certificateList = new ArrayList<PxyObjKeyring>();
+			//获取镜像相关信息
 			List<ProxyFileTrafficMirrorCfg> mirrorProfileList=new ArrayList<>();
 			if (entity.getFunctionId().equals(200)) {
 				certificateList = pxyObjKeyringService.findPxyObjKeyrings(null, 1, 1, "ip");
@@ -494,7 +495,7 @@ public class InterceptController extends CommonController {
 				}
 				str.setUserRegion(new HashMap<String,Object>());
 				if (certificateList != null) {
-					if (entity.getFunctionId() == 200 ) {
+					if (entity.getFunctionId().equals(200) ) {
 						if (!StringUtil.isEmpty(str.getUserRegion1())&&str.getUserRegion1().startsWith("{")) {
 							
 							Map<String,Object> userregion=BaseService.gsonFromJson(str.getUserRegion1(), Map.class);
@@ -576,16 +577,16 @@ public class InterceptController extends CommonController {
 			String cfgIndexInfoNoExport = "";
 			String ipPortInfoNoExport = ",do_log,action,config_describe,valid_identifier,is_audit,creator,creator"
 					+ ",config_time,editor,edit_time,auditor,audit_time"
-					+ ",letter,whether_area_block,classification,attribute,label"
+					+ ",letter,whether_area_block,classification,attribute,label,block_type,"
 					+ ",userregion1,userregion2,userregion3,userregion4,userregion5,ir_type,group_name,";
 			String interceptNoExport = ",do_log,action,config_describe,valid_identifier,is_audit,creator,creator"
 					+ ",config_time,editor,edit_time,auditor,audit_time"
-					+ ",letter,whether_area_block,classification,attribute,label"
+					+ ",letter,whether_area_block,classification,attribute,label,block_type,"
 					+ ",userregion1,userregion2,userregion3,userregion4,userregion5,ir_type,group_name,";
 			String httpUrlCfgNoExport = ",do_log,action,config_describe,valid_identifier,is_audit,creator,creator"
 					+ ",config_time,editor,edit_time,auditor,audit_time"
 					+ ",letter,whether_area_block,classification,attribute,label"
-					+ ",userregion1,userregion2,userregion3,userregion4,userregion5,";
+					+ ",userregion1,userregion2,userregion3,userregion4,userregion5,block_type,";
 
 			List<IpPortCfg> ipList = new ArrayList<IpPortCfg>();
 			List<BaseStringCfg> httpUrlList = new ArrayList<BaseStringCfg>();
@@ -607,26 +608,31 @@ public class InterceptController extends CommonController {
 				pktBinList.addAll(maps.get("PXY_INTERCEPT_PKT_BIN"));
 				if (entity.getFunctionId() == 200){
 					Properties msgProp = getMsgProp();
-					if(cfg.getAction().equals(1)) {
-						cfg.setUserRegion5(msgProp.getProperty("intercept"));
+					if(cfg.getAction().equals(2)) {
+						pxyInterceptCfgs.get(index).setUserRegion5(msgProp.getProperty("intercept"));
 					}else if(cfg.getAction().equals(48)) {
-						cfg.setUserRegion5(msgProp.getProperty("action_spoofing"));
+						pxyInterceptCfgs.get(index).setUserRegion5(msgProp.getProperty("action_spoofing"));
 					}else if(cfg.getAction().equals(128)) {
-						cfg.setUserRegion5(msgProp.getProperty("bypass"));
+						pxyInterceptCfgs.get(index).setUserRegion5(msgProp.getProperty("bypass"));
 					}else {
-						cfg.setUserRegion5(msgProp.getProperty(DictUtils.getDictLabels("SERVICE_ACTION", cfg.getAction().toString(), cfg.getAction().toString())));
+						pxyInterceptCfgs.get(index).setUserRegion5(msgProp.getProperty(DictUtils.getDictLabels("SERVICE_ACTION", cfg.getAction().toString(), cfg.getAction().toString())));
+					}
+				}
+				if (214==entity.getFunctionId()) {
+					if (!StringUtil.isBlank(cfg.getUserRegion1())) {
+						cfg.setUserRegion1(DictUtils.getDictLabels("SPOOFING_IP_TYPE", cfg.getUserRegion1(),cfg.getUserRegion1()));
 					}
 				}
 				index++;
 			}
-			
-			if (214==entity.getFunctionId()) {
+			//为何多循环一次？？？
+			/*if (214==entity.getFunctionId()) {
 				for (CfgIndexInfo cfg : ipLists) {
 					if (!StringUtil.isBlank(cfg.getUserRegion1())) {
 						cfg.setUserRegion1(DictUtils.getDictLabels("SPOOFING_IP_TYPE", cfg.getUserRegion1(),cfg.getUserRegion1()));
 					}
 				}
-			}
+			}*/
 			
 			pktBinList = BaseStringCfg.replaceBaseKeyList(pktBinList);
 			httpUrlList = BaseStringCfg.baseHexList(httpUrlList);
@@ -647,11 +653,15 @@ public class InterceptController extends CommonController {
 				dataMap.put("PXY_INTERCEPT_IP", ipList);
 				dataMap.put("PXY_INTERCEPT_PKT_BIN", pktBinList);
 			} else if (entity.getFunctionId() == 200) {// IP拦截
-				cfgIndexInfoNoExport = ",policy_name,group_name,userregion3,userregion4,block_type,&userregion1:intercept_file_strategy-userregion2:ratelimit-userregion5:block_type";
+				cfgIndexInfoNoExport = ",userRegion1,userRegion5,do_log,policy_name,group_name,userregion3,userregion4,block_type,&userregion2:ratelimit-userregion5:block_type";
 				titleList.add("PXY_INTERCEPT_IP");
 				classMap.put("PXY_INTERCEPT_IP", IpPortCfg.class);
 				noExportMap.put("PXY_INTERCEPT_IP", ipPortInfoNoExport);
 				dataMap.put("PXY_INTERCEPT_IP", ipList);
+				titleList.add("PXY_INTERCEPT_DOMAIN");
+				classMap.put("PXY_INTERCEPT_DOMAIN", HttpUrlCfg.class);
+				noExportMap.put("PXY_INTERCEPT_DOMAIN", httpUrlCfgNoExport);
+				dataMap.put("PXY_INTERCEPT_DOMAIN", httpUrlList);
 			} else if (entity.getFunctionId() == 201) {// 域名拦截
 				cfgIndexInfoNoExport = ",policy_name,group_name,userregion3,userregion4,&userregion2:ratelimit-userregion1:intercept_file_strategy-userregion5:intercept_intensity-";
 				titleList.add("NTC_HTTP_URL");
diff --git a/src/main/resources/sql/20190521/intercept_policy.sql b/src/main/resources/sql/20190521/intercept_policy.sql
index d5cac866a..2c20db535 100644
--- a/src/main/resources/sql/20190521/intercept_policy.sql
+++ b/src/main/resources/sql/20190521/intercept_policy.sql
@@ -1,3 +1,4 @@
+update function_service_dict set action=2,action_code='forward' where service_id=512 and is_valid=1;
 #fail method字典
 INSERT INTO `sys_data_dictionary_name`(`id`, `module_name`, `mark`, `remark`, `revision`, `create_time`, `modify_time`, `status`) VALUES (154, 'fail_method', 'FAIL_METHOD', '用于代理拦截策略', NULL, '2019-05-09 11:01:16', '2019-05-09 11:01:21', 1);
 INSERT INTO `sys_data_dictionary_item`(`id`, `item_code`, `item_value`, `item_desc`, `item_sort`, `status`, `type`, `dictionary_id`) VALUES (4096, 'pass-through', 'Pass-Through', '默认', 1, 1, 1, 154);
diff --git a/src/main/webapp/WEB-INF/include/excel/importModal.jsp b/src/main/webapp/WEB-INF/include/excel/importModal.jsp
index d1548ac3e..b25510625 100644
--- a/src/main/webapp/WEB-INF/include/excel/importModal.jsp
+++ b/src/main/webapp/WEB-INF/include/excel/importModal.jsp
@@ -1,9 +1,9 @@
 <%@ page contentType="text/html;charset=UTF-8"%>
 <%@ include file="/WEB-INF/include/taglib.jsp"%>
-<style>
+<style>
 .radio-inline{
 	margin-left: 10px;
-}
+}
 </style> 
 <script src="${pageContext.request.contextPath}/static/pages/scripts/importExcel.js" type="text/javascript"></script>
 <div class="modal fade" id="import_modal" tabindex="-1" role="dialog" aria-labelledby="mo" aria-hidden="true">
@@ -56,13 +56,13 @@
 																<c:if test="${dict.itemCode eq service.action }">
 																	<!-- 拦截策略 -->
 																	<c:if test="${service.functionId eq 200 }">
-																		<c:if test="${service.action eq 1 }">
+																		<c:if test="${service.action eq 2 }">
 																			<spring:message code="intercept"/>
 																		</c:if>
 																		<c:if test="${service.action eq 128 }">
 																			<spring:message code="bypass"/>
 																		</c:if>
-																		<c:if test="${service.action ne 1 && service.action ne 128}">
+																		<c:if test="${service.action ne 2 && service.action ne 128}">
 																			<spring:message code="${dict.itemValue }"/>
 																		</c:if>
 																	</c:if>
diff --git a/src/main/webapp/WEB-INF/views/cfg/intercept/interceptForm.jsp b/src/main/webapp/WEB-INF/views/cfg/intercept/interceptForm.jsp
index 7f355e3a7..f4cdb0b0b 100644
--- a/src/main/webapp/WEB-INF/views/cfg/intercept/interceptForm.jsp
+++ b/src/main/webapp/WEB-INF/views/cfg/intercept/interceptForm.jsp
@@ -136,7 +136,7 @@ legend{padding:.5em;border:0;width:auto;font-family: "Open Sans", sans-serif;col
 											});
 											
 											$("input[name$='exprType']").attr("disabled",false);							
-											if(actionValue==1){ //监测 
+											if(actionValue==2){ //转发
 												$(".ratelimitAction").find("input[name^='userRegion'],select[name^='userRegion']").attr("disabled",true);
 												$(".replaceAction").find("input[name^='userRegion'],select[name^='userRegion']").attr("disabled",true);
 												$(".whiteListAction").find("input[name^='userRegion'],select[name^='userRegion']").attr("disabled",true);
@@ -375,8 +375,8 @@ legend{padding:.5em;border:0;width:auto;font-family: "Open Sans", sans-serif;col
 				interceptReplacePktBin=serviceRegionTypeValue;
 			}
 		});
-		if(action==1){ 
-			//监测
+		if(action==2){
+			//转发
 			$(".monitAction").removeClass("hidden");
 			$(".ratelimitAction").addClass("hidden");
 			$(".replaceAction").addClass("hidden");
@@ -579,8 +579,8 @@ legend{padding:.5em;border:0;width:auto;font-family: "Open Sans", sans-serif;col
 																value="${service.action }" class="required action"
 																<c:if test="${_cfg.action==service.action || (_cfg.action==null && satus.index==0)}">checked</c:if>>
 																<c:forEach items="${fns:getDictList('SERVICE_ACTION') }" var="dict">
-																	<c:if test="${(dict.itemCode eq service.action) && (service.action eq 1) }">
-																			<spring:message code="forward"/>
+																	<c:if test="${(dict.itemCode eq service.action) && (service.action eq 2) }">
+																			<spring:message code="intercept"/>
 																	</c:if>
 																	<c:if test="${(dict.itemCode eq service.action) && (service.action eq 128) }">
 																			<spring:message code="bypass"/>
@@ -588,7 +588,7 @@ legend{padding:.5em;border:0;width:auto;font-family: "Open Sans", sans-serif;col
 																	<c:if test="${(dict.itemCode eq service.action) && (service.action eq 48) }">
 																			<spring:message code="Spoofing"/>
 																	</c:if>
-																	<c:if test="${(dict.itemCode eq service.action) && (service.action ne 1 && service.action ne 128 && service.action ne 48 ) }">
+																	<c:if test="${(dict.itemCode eq service.action) && (service.action ne 2 && service.action ne 128 && service.action ne 48 ) }">
 																		<spring:message code="${dict.itemValue }"/>
 																	</c:if>
 																</c:forEach>
@@ -625,7 +625,7 @@ legend{padding:.5em;border:0;width:auto;font-family: "Open Sans", sans-serif;col
 								</div>
 								<!-- dolog end-->
 								
-								<%--   action 为1 监测时 可以选择证书--%>
+								<%--   action 为2 转发时 可以选择证书--%>
 								<h4 class="form-section monitAction">
 											<spring:message code="action_region" />
 											<small></small>
diff --git a/src/main/webapp/WEB-INF/views/cfg/intercept/interceptList.jsp b/src/main/webapp/WEB-INF/views/cfg/intercept/interceptList.jsp
index 6e3f1acae..88a7d15b1 100644
--- a/src/main/webapp/WEB-INF/views/cfg/intercept/interceptList.jsp
+++ b/src/main/webapp/WEB-INF/views/cfg/intercept/interceptList.jsp
@@ -256,10 +256,10 @@
 	                                  		 <form:select id="actionSelect" path="action" class="selectpicker select2 input-small" >
 													<form:option value=""><spring:message code="select"/></form:option>
 													<c:forEach items="${serviceList}" var="service">
-														<c:if test="${service.action eq 1}">
+														<c:if test="${service.action eq 2}">
 															<form:option value="${service.action }"><spring:message code="intercept"/></form:option>
 														</c:if>
-														<c:if test="${service.action ne 1}">
+														<c:if test="${service.action ne 2}">
 															<form:option value="${service.action }"><spring:message code="action_${service.actionCode }"/></form:option>
 														</c:if>
 													</c:forEach>
@@ -515,7 +515,7 @@
 									<td>${indexCfg.compileId }</td>
 								    <td>${indexCfg.cfgDesc }</td>
 									<td>
-										<c:if test="${indexCfg.action eq 1}">
+										<c:if test="${indexCfg.action eq 2}">
 											<spring:message code="intercept"/>
 										</c:if>
 										<c:if test="${indexCfg.action eq 128}">
@@ -524,7 +524,7 @@
 										<c:if test="${indexCfg.action eq 48}">
 											<spring:message code="action_spoofing"/>
 										</c:if>
-										<c:if test="${(indexCfg.action ne 1) && (indexCfg.action ne 128) && (indexCfg.action ne 48)}">
+										<c:if test="${(indexCfg.action ne 2) && (indexCfg.action ne 128) && (indexCfg.action ne 48)}">
 											<c:forEach items="${fns:getDictList('SERVICE_ACTION') }" var="dict">
 												<c:if test="${dict.itemCode eq indexCfg.action }">
 													<spring:message code="${dict.itemValue }"/>