gfwleak/k18-ntcs-web-ntc
Archived
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

app payload特征配置的l3_header配置增加属性,并且必须输入十六进制字符串,后台转为偏移表达式的字符串配置

Browse Source
This commit is contained in:
zhangwei
2018-12-22 20:34:57 +06:00
parent 347ec045d3
commit 8ff231208a
10 changed files with 504 additions and 28 deletions
Download Patch File Download Diff File Expand all files Collapse all files

102
src/main/java/com/nis/domain/configuration/AppComplexFeatureCfg.java
View File

@@ -43,6 +43,19 @@ public class AppComplexFeatureCfg extends BaseCfg<AppComplexFeatureCfg> {
private String appName;
private List<AppIpCfg> ipPortList = new ArrayList();
private String cfgRegionCode1;
//以下参数为APP PAYLOAD L3_HEADER的特殊属性使用偏移表达式处理
private String ver;
private String ihl;
private String tos;
private String totalLength;
private String flags;
private String fragmentOffset;
private String protocol;
private String icmpType;
private String icmpCode;
private String icmpIdentifier;
private String headerType;
public String getCfgRegionCode1() {
return cfgRegionCode1;
}
@@ -197,5 +210,94 @@ public class AppComplexFeatureCfg extends BaseCfg<AppComplexFeatureCfg> {
public void setIpPortList(List<AppIpCfg> ipPortList) {
this.ipPortList = ipPortList;
}
public String getVer() {
return ver;
}
public void setVer(String ver) {
this.ver = ver;
}
public String getIhl() {
return ihl;
}
public void setIhl(String ihl) {
this.ihl = ihl;
}
public String getTos() {
return tos;
}
public void setTos(String tos) {
this.tos = tos;
}
public String getTotalLength() {
return totalLength;
}
public void setTotalLength(String totalLength) {
this.totalLength = totalLength;
}
public String getFlags() {
return flags;
}
public void setFlags(String flags) {
this.flags = flags;
}
public String getFragmentOffset() {
return fragmentOffset;
}
public void setFragmentOffset(String fragmentOffset) {
this.fragmentOffset = fragmentOffset;
}
public String getProtocol() {
return protocol;
}
public void setProtocol(String protocol) {
this.protocol = protocol;
}
public String getIcmpType() {
return icmpType;
}
public void setIcmpType(String icmpType) {
this.icmpType = icmpType;
}
public String getIcmpCode() {
return icmpCode;
}
public void setIcmpCode(String icmpCode) {
this.icmpCode = icmpCode;
}
public String getIcmpIdentifier() {
return icmpIdentifier;
}
public void setIcmpIdentifier(String icmpIdentifier) {
this.icmpIdentifier = icmpIdentifier;
}
public String getHeaderType() {
return headerType;
}
public void setHeaderType(String headerType) {
this.headerType = headerType;
}
}

23
src/main/java/com/nis/web/dao/configuration/AppMultiFeatureCfgDao.xml
View File

@@ -104,6 +104,17 @@
<result column="function_id" property="functionId" jdbcType="INTEGER" />
<result column="do_log" property="doLog" jdbcType="INTEGER" />
<result column="cfg_type" property="cfgType" jdbcType="VARCHAR" />
<result column="ver" property="ver" jdbcType="VARCHAR" />
<result column="ihl" property="ihl" jdbcType="VARCHAR" />
<result column="tos" property="tos" jdbcType="VARCHAR" />
<result column="total_length" property="totalLength" jdbcType="VARCHAR" />
<result column="flags" property="flags" jdbcType="VARCHAR" />
<result column="fragment_offset" property="fragmentOffset" jdbcType="VARCHAR" />
<result column="protocol" property="protocol" jdbcType="VARCHAR" />
<result column="icmp_type" property="icmpType" jdbcType="VARCHAR" />
<result column="icmp_code" property="icmpCode" jdbcType="VARCHAR" />
<result column="icmp_identifier" property="icmpIdentifier" jdbcType="VARCHAR" />
<result column="header_type" property="headerType" jdbcType="VARCHAR" />
</resultMap>
<!-- APP字符串类配置映射 -->
<resultMap id="AppStringFeatureCfgMap" type="com.nis.domain.configuration.AppStringFeatureCfg" >
@@ -191,7 +202,9 @@
r.CREATOR_ID,r.CREATE_TIME,r.EDITOR_ID,r.EDIT_TIME,r.AUDITOR_ID,r.AUDIT_TIME,
r.SERVICE_ID,r.REQUEST_ID,r.COMPILE_ID,r.IS_AREA_EFFECTIVE,r.CLASSIFY,
r.ATTRIBUTE,r.LABLE,r.AREA_EFFECTIVE_IDS,r.FUNCTION_ID,r.CFG_TYPE,r.CFG_REGION_CODE,
r.DISTRICT,r.CFG_KEYWORDS,r.EXPR_TYPE,r.MATCH_METHOD,r.IS_HEXBIN,r.DO_LOG
r.DISTRICT,r.CFG_KEYWORDS,r.EXPR_TYPE,r.MATCH_METHOD,r.IS_HEXBIN,r.DO_LOG,
r.ver,r.ihl,r.tos,r.total_length,r.flags,r.fragment_offset,r.protocol,r.icmp_type,r.icmp_code,r.icmp_identifier,
r.header_type
</sql>
<sql id="AppStringFeatureCfg_Column" >
@@ -526,14 +539,18 @@
CREATOR_ID,CREATE_TIME,EDITOR_ID,EDIT_TIME,AUDITOR_ID,AUDIT_TIME,
SERVICE_ID,REQUEST_ID,COMPILE_ID,IS_AREA_EFFECTIVE,CLASSIFY,
ATTRIBUTE,LABLE,AREA_EFFECTIVE_IDS,FUNCTION_ID,CFG_TYPE,CFG_REGION_CODE,
DISTRICT,CFG_KEYWORDS,EXPR_TYPE,MATCH_METHOD,IS_HEXBIN,DO_LOG,user_region1,user_region2,user_region3,user_region4,user_region5
DISTRICT,CFG_KEYWORDS,EXPR_TYPE,MATCH_METHOD,IS_HEXBIN,DO_LOG,user_region1,user_region2,user_region3,user_region4,user_region5,
ver,ihl,tos,total_length,flags,fragment_offset,protocol,icmp_type,icmp_code,icmp_identifier,header_type
)values (
<include refid="AppCommonCfg_Value_List" />,
#{cfgType,jdbcType=VARCHAR},#{cfgRegionCode,jdbcType=INTEGER},
#{district,jdbcType=VARCHAR},#{cfgKeywords,jdbcType=VARCHAR},
#{exprType,jdbcType=INTEGER},#{matchMethod,jdbcType=INTEGER},#{isHexbin,jdbcType=INTEGER},
#{doLog,jdbcType=INTEGER},#{userRegion1,jdbcType=VARCHAR},#{userRegion2,jdbcType=VARCHAR},
#{userRegion3,jdbcType=VARCHAR},#{userRegion4,jdbcType=VARCHAR},#{userRegion5,jdbcType=VARCHAR}
#{userRegion3,jdbcType=VARCHAR},#{userRegion4,jdbcType=VARCHAR},#{userRegion5,jdbcType=VARCHAR},
#{ver,jdbcType=VARCHAR},#{ihl,jdbcType=VARCHAR},#{tos,jdbcType=VARCHAR},#{totalLength,jdbcType=VARCHAR},
#{flags,jdbcType=VARCHAR},#{fragmentOffset,jdbcType=VARCHAR},#{protocol,jdbcType=VARCHAR},#{icmpType,jdbcType=VARCHAR},
#{icmpCode,jdbcType=VARCHAR},#{icmpIdentifier,jdbcType=VARCHAR},#{headerType,jdbcType=VARCHAR}
)
</insert>
<!-- 新增APP字符串类特征子配置 -->

94
src/main/java/com/nis/web/service/configuration/AppMultiFeatureCfgService.java
View File

@@ -105,8 +105,51 @@ public class AppMultiFeatureCfgService extends BaseService {
}
if(entity.getComplexList()!=null){
for(AppComplexFeatureCfg cfg:entity.getComplexList()){
if(StringUtils.isNotBlank(cfg.getCfgKeywords())){
if(StringUtils.isNotBlank(cfg.getDistrict()) && cfg.getDistrict().equals("L3_header")){
BeanUtils.copyProperties(entity, cfg,new String[]{"cfgRegionCode","cfgType"});
cfg.setIsHex(1);
cfg.setIsCaseInsenstive(0);
cfg.setExprType(0);
String keyword = "";
if(cfg.getHeaderType().equals("IP_header")){
if(StringUtils.isNoneBlank(cfg.getVer())){
keyword += "0-3:"+cfg.getVer()+"***and***";
}
if(StringUtils.isNotBlank(cfg.getIhl())){
keyword += "4-7:"+cfg.getIhl()+"***and***";
}
if(StringUtils.isNotBlank(cfg.getTos())){
keyword += "8-15:"+cfg.getTos()+"***and***";
}
if(StringUtils.isNotBlank(cfg.getTotalLength())){
keyword += "16-31:"+cfg.getTotalLength()+"***and***";
}
if(StringUtils.isNotBlank(cfg.getFlags())){
keyword += "48-50:"+cfg.getFlags()+"***and***";
}
if(StringUtils.isNotBlank(cfg.getFragmentOffset())){
keyword += "56-63:"+cfg.getFragmentOffset()+"***and***";
}
if(StringUtils.isNotBlank(cfg.getProtocol())){
keyword += "72-79:"+cfg.getProtocol()+"***and***";
}
}else{
if(StringUtils.isNoneBlank(cfg.getIcmpType())){
keyword += "0-7:"+cfg.getIcmpType()+"***and***";
}
if(StringUtils.isNotBlank(cfg.getIcmpCode())){
keyword += "8-15:"+cfg.getIcmpCode()+"***and***";
}
if(StringUtils.isNotBlank(cfg.getIcmpIdentifier())){
keyword += "32-47:"+cfg.getIcmpIdentifier()+"***and***";
}
}
keyword=keyword.substring(0,keyword.lastIndexOf("***and***"));
cfg.setCfgKeywords(keyword);
appMultiFeatureCfgDao.insertAppComplexFeatureCfg(cfg);
}else if(StringUtils.isNotBlank(cfg.getCfgKeywords())){
BeanUtils.copyProperties(entity, cfg,new String[]{"cfgRegionCode","cfgType"});
cfg.setHeaderType(null);
appMultiFeatureCfgDao.insertAppComplexFeatureCfg(cfg);
}
@@ -155,9 +198,52 @@ public class AppMultiFeatureCfgService extends BaseService {
}
if(entity.getComplexList()!=null){
for(AppComplexFeatureCfg cfg:entity.getComplexList()){
if(StringUtils.isNotBlank(cfg.getCfgKeywords())){
BeanUtils.copyProperties(entity, cfg,new String[]{"cfgRegionCode","cfgType"});
appMultiFeatureCfgDao.insertAppComplexFeatureCfg(cfg);
if(StringUtils.isNotBlank(cfg.getDistrict()) && cfg.getDistrict().equals("L3_header")){
BeanUtils.copyProperties(entity, cfg,new String[]{"cfgRegionCode","cfgType"});
cfg.setIsHex(1);
cfg.setIsCaseInsenstive(0);
cfg.setExprType(0);
String keyword = "";
if(cfg.getHeaderType().equals("IP_header")){
if(StringUtils.isNoneBlank(cfg.getVer())){
keyword += "0-3:"+cfg.getVer()+"***and***";
}
if(StringUtils.isNotBlank(cfg.getIhl())){
keyword += "4-7:"+cfg.getIhl()+"***and***";
}
if(StringUtils.isNotBlank(cfg.getTos())){
keyword += "8-15:"+cfg.getTos()+"***and***";
}
if(StringUtils.isNotBlank(cfg.getTotalLength())){
keyword += "16-31:"+cfg.getTotalLength()+"***and***";
}
if(StringUtils.isNotBlank(cfg.getFlags())){
keyword += "48-50:"+cfg.getFlags()+"***and***";
}
if(StringUtils.isNotBlank(cfg.getFragmentOffset())){
keyword += "56-63:"+cfg.getFragmentOffset()+"***and***";
}
if(StringUtils.isNotBlank(cfg.getProtocol())){
keyword += "72-79:"+cfg.getProtocol()+"***and***";
}
}else{
if(StringUtils.isNoneBlank(cfg.getIcmpType())){
keyword += "0-7:"+cfg.getIcmpType()+"***and***";
}
if(StringUtils.isNotBlank(cfg.getIcmpCode())){
keyword += "8-15:"+cfg.getIcmpCode()+"***and***";
}
if(StringUtils.isNotBlank(cfg.getIcmpIdentifier())){
keyword += "32-47:"+cfg.getIcmpIdentifier()+"***and***";
}
}
keyword=keyword.substring(0,keyword.lastIndexOf("***and***"));
cfg.setCfgKeywords(keyword);
appMultiFeatureCfgDao.insertAppComplexFeatureCfg(cfg);
}else if(StringUtils.isNotBlank(cfg.getCfgKeywords())){
BeanUtils.copyProperties(entity, cfg,new String[]{"cfgRegionCode","cfgType"});
cfg.setHeaderType(null);
appMultiFeatureCfgDao.insertAppComplexFeatureCfg(cfg);
}
}
}