ddos 新增ddos协议跟流量阈值的下发，日志流量统计默认保护dddos

2018-10-18 10:11:38 +08:00
parent f17fe56c9d
commit b201c7a520
7 changed files with 97 additions and 3 deletions
--- a/src/main/java/com/nis/domain/callback/InlineIp.java
+++ b/src/main/java/com/nis/domain/callback/InlineIp.java
@@ -56,6 +56,16 @@ public class InlineIp {
 	private Date opTime;
 	@Expose
 	private Integer policyGroup;
+	@Expose
+	private String userRegion;//用于存储协议跟流量阀值
+	
+	
+	public String getUserRegion() {
+		return userRegion;
+	}
+	public void setUserRegion(String userRegion) {
+		this.userRegion = userRegion;
+	}
 	/**
 	 * action
 	 * @return  action
--- a/src/main/java/com/nis/domain/configuration/DdosIpCfg.java
+++ b/src/main/java/com/nis/domain/configuration/DdosIpCfg.java
@@ -22,6 +22,28 @@ public class DdosIpCfg extends BaseIpCfg {
 	 */
 	private static final long serialVersionUID = -5446903784736960824L;

+	private String antiddosProtocol;//目前支持TCP_SYN, DNS, NTP，
+	private Long bpsThreadshold;// 即DDoS攻击保护动作触发阈值，每秒Bit数和每秒包数
+	private Long ppsThreadshold;
+
+	public String getAntiddosProtocol() {
+		return antiddosProtocol;
+	}
+	public void setAntiddosProtocol(String antiddosProtocol) {
+		this.antiddosProtocol = antiddosProtocol;
+	}
+	public Long getBpsThreadshold() {
+		return bpsThreadshold;
+	}
+	public void setBpsThreadshold(Long bpsThreadshold) {
+		this.bpsThreadshold = bpsThreadshold;
+	}
+	public Long getPpsThreadshold() {
+		return ppsThreadshold;
+	}
+	public void setPpsThreadshold(Long ppsThreadshold) {
+		this.ppsThreadshold = ppsThreadshold;
+	}
 	
 	
 }
--- a/src/main/java/com/nis/web/controller/log/ntc/DdosLogController.java
+++ b/src/main/java/com/nis/web/controller/log/ntc/DdosLogController.java
@@ -59,6 +59,9 @@ public class DdosLogController extends BaseController{
 			params.put("pageNo", page.getPageNo());
 			if(entry!=null&&entry.getIsBlock()!=null) {
 				params.put("searchIsBlock", entry.getIsBlock());
+			}else {
+				entry.setIsBlock(1);//默认保护ddos日志
+				params.put("searchIsBlock", entry.getIsBlock());
 			}
 			//查询值判断
 			initLogSearchValue(entry,params);
--- a/src/main/java/com/nis/web/dao/configuration/DdosCfgDao.xml
+++ b/src/main/java/com/nis/web/dao/configuration/DdosCfgDao.xml
@@ -34,6 +34,9 @@
 	    <result column="function_id" property="functionId" jdbcType="INTEGER" />
 	    <result column="cfg_region_code" property="cfgRegionCode" jdbcType="INTEGER" />
 	    <result column="cfg_type" property="cfgType" jdbcType="VARCHAR" />
+	    <result column="antiddos_protocol" property="antiddosProtocol" jdbcType="VARCHAR" />
+	    <result column="bps_threadshold" property="bpsThreadshold" jdbcType="BIGINT" />
+	    <result column="pps_threadshold" property="ppsThreadshold" jdbcType="BIGINT" />
    </resultMap>
  
    <sql id="columns">
@@ -42,7 +45,7 @@
 		,r.is_valid,r.is_audit,r.creator_id,r.create_time,r.editor_id
 		,r.edit_time,r.auditor_id,r.audit_time,r.service_id,r.request_id,
 		r.compile_id,r.is_area_effective,r.classify,r.attribute,r.lable
-		,r.area_effective_ids,r.function_id,r.cfg_region_code
+		,r.area_effective_ids,r.function_id,r.cfg_region_code,r.antiddos_protocol,r.bps_threadshold,r.pps_threadshold
    </sql>
    
    <select id="findPage" resultMap="ddosIpCfgMap">
@@ -213,7 +216,10 @@
    dest_port,
    dest_ip_address,
    cfg_type,
-    cfg_region_code
+    cfg_region_code,
+    antiddos_protocol,
+    bps_threadshold,
+    pps_threadshold
    )values (
   		#{cfgDesc,jdbcType=VARCHAR},
   		#{action,jdbcType=INTEGER}, 
@@ -245,7 +251,10 @@
    	#{destPort,jdbcType=VARCHAR},
    	#{destIpAddress,jdbcType=VARCHAR},
    	#{cfgType,jdbcType=VARCHAR},
-    	#{cfgRegionCode,jdbcType=INTEGER}
+    	#{cfgRegionCode,jdbcType=INTEGER},
+    	#{antiddosProtocol,jdbcType=VARCHAR},
+    	#{bpsThreadshold,jdbcType=BIGINT},
+    	#{ppsThreadshold,jdbcType=BIGINT}
    )
  </insert>
    
@@ -340,6 +349,9 @@
       <if test="cfgRegionCode != null " >
        cfg_region_code = #{cfgRegionCode,jdbcType=INTEGER},
      </if>
+        antiddos_protocol = #{antiddosProtocol,jdbcType=VARCHAR},
+        bps_threadshold = #{bpsThreadshold,jdbcType=BIGINT},
+        pps_threadshold = #{ppsThreadshold,jdbcType=BIGINT}
      </trim>
    </set>
    <where>
--- a/src/main/webapp/WEB-INF/include/form/dDosIpInfo.jsp
+++ b/src/main/webapp/WEB-INF/include/form/dDosIpInfo.jsp
@@ -3,6 +3,43 @@
 <h3 class="form-section"><spring:message code="block_config"/></h3>
 <div class="row ipInfo">
 <div class="row">
+	    <div class="col-md-6">
+	        <div class="form-group">
+				<!--  目前支持TCP_SYN, DNS, NTP，单选。 -->
+	            <label class="control-label col-md-3"><spring:message code="antiddos_protocol"/></label>
+	            <div class="col-md-6">
+	            	 <select id="antiddosProtocol" name="antiddosProtocol" class="selectpicker show-tick form-control">
+							<option value=""><spring:message code="select"/></option>
+							<option value="TCP_SYN" <c:if test="${_cfg.antiddosProtocol=='TCP_SYN'}">selected</c:if>>TCP_SYN</option>
+							<option value="UDP_DNS" <c:if test="${_cfg.antiddosProtocol=='UDP_DNS'}">selected</c:if>>UDP_DNS</option>
+							<option value="UDP_NTP" <c:if test="${_cfg.antiddosProtocol=='UDP_NTP'}">selected</c:if>>UDP_NTP</option>
+	                 </select>
+	            </div>
+	            <div for="antiddosProtocol"></div>
+	        </div>
+	    </div><!--  目前支持TCP_SYN, DNS, NTP，单选。 -->
+	    <div class="col-md-6">
+		      <div class="form-group">
+		          <label class="control-label col-md-3"><spring:message code="bps_threadshold"/></label>
+		          <div class="col-md-6">
+		              <input id="bpsThreadshold" class="form-control digits" maxlength="18" type="text" name="bpsThreadshold" value="${_cfg.bpsThreadshold}">
+		          </div>
+		          <div for="bpsThreadshold"></div>
+		      </div>
+		  </div>
+	</div>
+
+	<div class="row">
+		    <div class="col-md-6">
+		      <div class="form-group">
+		          <label class="control-label col-md-3"><spring:message code="pps_threadshold"/></label>
+		          <div class="col-md-6">
+		              <input id="ppsThreadshold" class="form-control digits" maxlength="18" type="text" name="ppsThreadshold" value="${_cfg.ppsThreadshold}">
+		          </div>
+		          <div for="ppsThreadshold"></div>
+		      </div>
+		  </div>
+	
 	    <div class="col-md-6">
 	        <div class="form-group">
 	            <label class="control-label col-md-3"><font color="red">*</font><spring:message code="ip_type"/></label>
--- a/src/main/webapp/WEB-INF/views/cfg/ddosIpCfgForm.jsp
+++ b/src/main/webapp/WEB-INF/views/cfg/ddosIpCfgForm.jsp
@@ -20,6 +20,10 @@ $(function(){
 			$(element).parents(".form-group").find("div[for='"+element.attr("name")+"']").append(error);
 		},
 		submitHandler: function(form){
+			if(($("#antiddosProtocol").val()!="")&&(!($("#bpsThreadshold").val().trim()>0)&&!($("#ppsThreadshold").val().trim()>0))){
+				top.$.jBox.tip("<spring:message code='one_more_greater_zero'/>", "<spring:message code='info'/>");
+				return;
+			}
 			loading('onloading...');
 			form.submit();
 		},
--- a/src/main/webapp/WEB-INF/views/cfg/ddosIpCfgList.jsp
+++ b/src/main/webapp/WEB-INF/views/cfg/ddosIpCfgList.jsp
@@ -307,6 +307,9 @@
 									<th><spring:message code="protocol"/></th>
 									<th class="sort-column r.action"><spring:message code="block_type"/></th>
 									<th><spring:message code="whether_area_block"/></th>
+									<th><spring:message code="antiddos_protocol"/></th>
+									<th><spring:message code="bps_threadshold"/></th>
+									<th><spring:message code="pps_threadshold"/></th>
 									<th><spring:message code="letter"/></th>
 								<th><spring:message code="classification"/></th>
 									<th><spring:message code="attribute"/></th>
@@ -373,6 +376,9 @@
 												</a>
 										</c:if>
 									</td>
+									<td>${cfg.antiddosProtocol }</td>
+									<td>${cfg.bpsThreadshold }</td>
+									<td>${cfg.ppsThreadshold }</td>
 									<td>${cfg.requestName }</td>
 									<td >
 										<c:set var="classify"></c:set>