gfwleak/k18-ntcs-web-ntc
Archived
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

(1)修复忽略单属性判断时方向属性取错的bug

Browse Source 
(2)Packet IP reject 协议特殊处理
This commit is contained in:
wangxin
2018-11-02 18:40:43 +08:00
parent 857e8ecb85
commit 9a5f311838
2 changed files with 32 additions and 20 deletions
Download Patch File Download Diff File Expand all files Collapse all files

43
src/main/java/com/nis/web/controller/BaseController.java
View File

@@ -1886,11 +1886,18 @@ public class BaseController {
boolean validPort = this.validPort(errInfo, baseIpCfg.getSrcPort(), baseIpCfg.getDestPort(),
portPattern);
if (StringUtil.isEmpty(baseIpCfg.getProtocol())) {
if (StringUtil.isEmpty(regionDict.getConfigProtocol())) {
baseIpCfg.setProtocol(0);
} else {
baseIpCfg.setProtocol(Integer.parseInt(regionDict.getConfigProtocol().split(",")[0]));
//packet ip reject
if(regionDict.getFunctionId().equals(5)&&serviceDict!=null&&serviceDict.getServiceId().equals(16)) {
baseIpCfg.setProtocol(6);
}else {
if (StringUtil.isEmpty(regionDict.getConfigProtocol())) {
baseIpCfg.setProtocol(0);
} else {
baseIpCfg.setProtocol(Integer.parseInt(regionDict.getConfigProtocol().split(",")[0]));
}
}
baseIpCfg.setProtocolId(serviceDict==null?0:serviceDict.getProtocolId());
} else {
baseIpCfg.setProtocol(baseIpCfg.getProtocol());
@@ -3230,61 +3237,61 @@ public class BaseController {
if (regionDict.getFunctionId().equals(5)) {
if (serviceDict!=null&&serviceDict.getAction().equals(64)) {
List<IpRateLimitTemplate> list = ei.getDataList(IpRateLimitTemplate.class,
this.getMsgProp(),regionDict);
this.getMsgProp(),regionDict,serviceDict);
ipPortCfgs = this.checkIpCfg(serviceDict, regionDict, list);
} else {
List<IpAllTemplate> list = ei.getDataList(IpAllTemplate.class, this.getMsgProp(),regionDict);
List<IpAllTemplate> list = ei.getDataList(IpAllTemplate.class, this.getMsgProp(),regionDict,serviceDict);
ipPortCfgs = this.checkIpCfg(serviceDict, regionDict, list);
}
} else if (regionDict.getFunctionId().equals(7)&&serviceDict!=null&&serviceDict.getAction().intValue()==16) {
List<DnsIpTemplate> list = ei.getDataList(DnsIpTemplate.class, this.getMsgProp(),regionDict);
List<DnsIpTemplate> list = ei.getDataList(DnsIpTemplate.class, this.getMsgProp(),regionDict,serviceDict);
ipPortCfgs = this.checkIpCfg(serviceDict, regionDict, list);
}else if(regionDict.getFunctionId().equals(401)) {
List<DnsIpTemplate> list = ei.getDataList(DnsIpTemplate.class, this.getMsgProp(),regionDict);
List<DnsIpTemplate> list = ei.getDataList(DnsIpTemplate.class, this.getMsgProp(),regionDict,serviceDict);
ipPortCfgs = this.checkIpCfg(serviceDict, regionDict, list);
}else if (regionDict.getFunctionId().equals(212)) {
List<IpPayloadTemplate> list = ei.getDataList(IpPayloadTemplate.class, this.getMsgProp(),regionDict);
List<IpPayloadTemplate> list = ei.getDataList(IpPayloadTemplate.class, this.getMsgProp(),regionDict,serviceDict);
ipPortCfgs = this.checkIpCfg(serviceDict, regionDict, list);
} else if (regionDict.getFunctionId().equals(510)
&& "p2p_ip".equals(regionDict.getConfigServiceType())) { // P2p IP
List<P2pIpTemplate> list = ei.getDataList(P2pIpTemplate.class, this.getMsgProp(),regionDict);
List<P2pIpTemplate> list = ei.getDataList(P2pIpTemplate.class, this.getMsgProp(),regionDict,serviceDict);
ipPortCfgs = this.checkIpCfg(serviceDict, regionDict, list);
} else if (regionDict.getFunctionId().equals(600)) {// ANS IP
List<AsnIpTemplate> list = ei.getDataList(AsnIpTemplate.class, this.getMsgProp(),regionDict);
List<AsnIpTemplate> list = ei.getDataList(AsnIpTemplate.class, this.getMsgProp(),regionDict,serviceDict);
ipPortCfgs = this.checkIpCfg(serviceDict, regionDict, list);
} else if (regionDict.getFunctionId().equals(301)) {// ANS IP
List<DdosIpTemplate> list = ei.getDataList(DdosIpTemplate.class, this.getMsgProp(),regionDict);
List<DdosIpTemplate> list = ei.getDataList(DdosIpTemplate.class, this.getMsgProp(),regionDict,serviceDict);
ipPortCfgs = this.checkIpCfg(serviceDict, regionDict, list);
} else {
List<IpAllTemplate> list = ei.getDataList(IpAllTemplate.class, this.getMsgProp(),regionDict);
List<IpAllTemplate> list = ei.getDataList(IpAllTemplate.class, this.getMsgProp(),regionDict,serviceDict);
ipPortCfgs = this.checkIpCfg(serviceDict, regionDict, list);
}
} else if (regionDict.getRegionType().equals(2)) {// 字符串类
if (regionDict.getFunctionId().equals(510)
&& "p2p_hash".equals(regionDict.getConfigServiceType())) { // P2p hash
List<P2pHashStringTemplate> list = ei.getDataList(P2pHashStringTemplate.class,
this.getMsgProp(),regionDict);
this.getMsgProp(),regionDict,serviceDict);
stringCfgs = this.checkStringCfg(serviceDict, regionDict, list);
} else {
List<StringAllTemplate> list = ei.getDataList(StringAllTemplate.class, this.getMsgProp(),regionDict);
List<StringAllTemplate> list = ei.getDataList(StringAllTemplate.class, this.getMsgProp(),regionDict,serviceDict);
stringCfgs = this.checkStringCfg(serviceDict, regionDict, list);
}
} else if (regionDict.getRegionType().equals(3)) {// 增强字符串类
if (regionDict.getFunctionId().equals(7)&&serviceDict!=null&&serviceDict.getAction().intValue()==16) {
List<DnsComplexStringTemplate> list = ei.getDataList(DnsComplexStringTemplate.class,
this.getMsgProp(),regionDict);
this.getMsgProp(),regionDict,serviceDict);
complexkeywordCfgs = this.checkComplexStringCfg(serviceDict, regionDict, list);
} else {
List<ComplexStringAllTemplate> list = ei.getDataList(ComplexStringAllTemplate.class,
this.getMsgProp(),regionDict);
this.getMsgProp(),regionDict,serviceDict);
complexkeywordCfgs = this.checkComplexStringCfg(serviceDict, regionDict, list);
}
}else if (regionDict.getRegionType().equals(6)) {// 回调类
if (regionDict.getFunctionId().equals(400)) {
List<DnsResStrategyTemplate> list = ei.getDataList(DnsResStrategyTemplate.class,
this.getMsgProp(),regionDict);
this.getMsgProp(),regionDict,serviceDict);
dnsResStrategies = this.checkDnsResStrategyCfg(serviceDict, regionDict, list);
}
}