(1)ipsec协议修改

(2)ipv6掩码范围修改
(3)全部协议放开端口限制

src/main/java/com/nis/util/Constants.java

@@ -7,6 +7,10 @@ import java.util.Map;
 import com.google.gson.GsonBuilder;
 
 public final class Constants {
+	/**
+	 * IPSEC协议
+	 */
+	public static Integer IPSEC_PROTOCOL=Configurations.getIntProperty("ipsec_protocol", 8);
 	public static final String GROUP_REUSE_SOURCES=Configurations.getStringProperty("groupReuseSources","groupReuseSources");
 	public static Integer APP_SPEC_SERVICE_CODE_MIN_VAL=Configurations.getIntProperty("app_spec_service_code_min_val", 300001);
 	public static Integer APP_SPEC_SERVICE_CODE_MAX_VAL=Configurations.getIntProperty("app_spec_service_code_max_val", 268435455);

src/main/java/com/nis/web/controller/configuration/ntc/IpController.java

@@ -24,24 +24,17 @@ import com.nis.domain.FunctionRegionDict;
 import com.nis.domain.FunctionServiceDict;
 import com.nis.domain.Page;
 import com.nis.domain.SysDataDictionaryItem;
-import com.nis.domain.basics.PolicyGroupInfo;
-import com.nis.domain.configuration.BaseIpCfg;
 import com.nis.domain.configuration.CfgIndexInfo;
 import com.nis.domain.configuration.IpPortCfg;
 import com.nis.domain.configuration.NtcSubscribeIdCfg;
-import com.nis.domain.configuration.template.IpAddrTemplate;
 import com.nis.domain.configuration.template.IpAllTemplate;
-import com.nis.domain.configuration.template.IpsecTemplate;
-import com.nis.domain.configuration.template.TunnelIpTemplate;
 import com.nis.domain.specific.ConfigGroupInfo;
 import com.nis.exceptions.MaatConvertException;
 import com.nis.util.Constants;
 import com.nis.util.DictUtils;
 import com.nis.util.StringUtil;
-import com.nis.util.excel.ExcelField;
 import com.nis.util.excel.ExportExcel;
 import com.nis.web.controller.BaseController;
-import com.nis.web.controller.configuration.CommonController;
 import com.nis.web.security.UserUtils;
 
 /**

src/main/java/com/nis/web/dao/configuration/IpCfgDao.xml

@@ -205,7 +205,8 @@
 	,a.is_valid,a.is_audit,a.creator_id,a.create_time,a.editor_id
 	,a.edit_time,a.auditor_id,a.audit_time,a.service_id,a.request_id,
 	a.compile_id,a.is_area_effective,a.classify,a.attribute,a.lable
-	,a.area_effective_ids,a.function_id,a.cfg_region_code
+	,a.area_effective_ids,a.function_id,a.cfg_region_code,a.user_region1,a.user_region2,
+	a.user_region3,a.user_region4,a.user_region5
   </sql>
   <select id="getById" resultMap="BaseIpMap" parameterType="java.lang.Long" >
     SELECT 

src/main/java/com/nis/web/service/configuration/IpCfgService.java

@@ -136,7 +136,11 @@ public class IpCfgService extends CrudService<IpCfgDao,BaseIpCfg> {
 			ipCfgDao.saveCfgIndex(entity);
 			if(entity.getIpPortList()!=null){
 				for(IpPortCfg cfg:entity.getIpPortList()){
-					BeanUtils.copyProperties(entity, cfg,new String[]{"cfgRegionCode","cfgType"});
+					if(Constants.IPSEC_PROTOCOL.intValue()==cfg.getProtocol().intValue()) {
+						BeanUtils.copyProperties(entity, cfg,new String[]{"userRegion1","cfgRegionCode","cfgType"});
+					}else {
+						BeanUtils.copyProperties(entity, cfg,new String[]{"cfgRegionCode","cfgType"});
+					}
 					ipCfgDao.saveIpPortCfg(cfg);
 				}
 			}
@@ -172,7 +176,11 @@ public class IpCfgService extends CrudService<IpCfgDao,BaseIpCfg> {
 			entity.setCreatorId(entity.getCurrentUser().getId());
 			if(entity.getIpPortList()!=null){
 				for(IpPortCfg cfg:entity.getIpPortList()){
-					BeanUtils.copyProperties(entity, cfg,new String[]{"cfgRegionCode","cfgType"});
+					if(Constants.IPSEC_PROTOCOL.intValue()==cfg.getProtocol().intValue()) {
+						BeanUtils.copyProperties(entity, cfg,new String[]{"userRegion1","cfgRegionCode","cfgType"});
+					}else {
+						BeanUtils.copyProperties(entity, cfg,new String[]{"cfgRegionCode","cfgType"});
+					}
 					ipCfgDao.saveIpPortCfg(cfg);
 				}
 			}
@@ -551,24 +559,23 @@ public class IpCfgService extends CrudService<IpCfgDao,BaseIpCfg> {
 					}
 				}
 			}
-			IpPortCfg cfg = new IpPortCfg();
-			BeanUtils.copyProperties(entity, cfg, new String[]{"cfgId"});
-			cfg.setTableName(IpPortCfg.getTablename());
-			ipCfgDao.auditCfg(cfg);
-			if(isAudit==1){
+			for(IpPortCfg cfg:entity.getIpPortList()) {
+				BeanUtils.copyProperties(entity, cfg, new String[]{"userRegion1","cfgId"});
+				cfg.setTableName(IpPortCfg.getTablename());
+				ipCfgDao.auditCfg(cfg);
+			}
+			if(isAudit==1&&maatType==Constants.MAAT_TYPE){
+				for(IpPortCfg cfg:entity.getIpPortList()) {
+					if(Constants.IPSEC_PROTOCOL==cfg.getProtocol().intValue()) {
+						cfg.setProtocol(Integer.parseInt(cfg.getUserRegion1()));
+					}
+				}
 				Map<String,List> map = cfgConvert(ipRegionList,entity.getIpPortList(),1,entity,groupRelationList);
 				groupRelationList=map.get("groupList");
 				ipRegionList=map.get("dstList");
 				if(map.get("numRegionList")!=null){
 					numRegionList.addAll(map.get("numRegionList"));
 				}
-				if(Constants.SERVICE_IP_MULITIPLEX==cfg.getServiceId().intValue()){
-					String region=Constants.USERREGION_IR_STRATEGY+"="+cfg.getDnsStrategyId()+Constants.USER_REGION_SPLIT
-							+Constants.USERREGION_IR_TYPE+"="+cfg.getIrType();
-					maatCfg.setUserRegion(region);
-				}else if(Constants.SERVICE_IP_RATELIMIT==cfg.getServiceId().intValue()){
-					maatCfg.setUserRegion(Constants.USERREGION_RATE_LIMIT+"="+cfg.getRatelimit());
-				}
 			}
 		}
 		if(entity.getNtcSubscribeIdCfgList()!=null && entity.getNtcSubscribeIdCfgList().size()>0){
@@ -576,7 +583,7 @@ public class IpCfgService extends CrudService<IpCfgDao,BaseIpCfg> {
 			BeanUtils.copyProperties(entity, cfg, new String[]{"cfgId"});
 			cfg.setTableName(NtcSubscribeIdCfg.getTablename());
 			ipCfgDao.auditCfg(cfg);
-			if(isAudit==1){
+			if(isAudit==1&&maatType==Constants.MAAT_TYPE){
 				Map<String,List> map = cfgConvert(strRegionList,entity.getNtcSubscribeIdCfgList(),2,entity,groupRelationList);
 				groupRelationList=map.get("groupList");
 				strRegionList=map.get("dstList");
@@ -589,7 +596,7 @@ public class IpCfgService extends CrudService<IpCfgDao,BaseIpCfg> {
 			BeanUtils.copyProperties(entity, cfg, new String[]{"cfgId"});
 			cfg.setTableName(AreaIpCfg.getTablename());
 			ipCfgDao.auditCfg(cfg);
-			if(isAudit==1){
+			if(isAudit==1&&maatType==Constants.MAAT_TYPE){
 				Map<String,List> map = cfgConvert(areaIpRegionList,areaIpCfgList,1,entity,groupRelationList);
 				groupRelationList=map.get("groupList");
 				areaIpRegionList=map.get("dstList");
@@ -600,8 +607,15 @@ public class IpCfgService extends CrudService<IpCfgDao,BaseIpCfg> {
 			if(maatType==Constants.CALLBACK_TYPE){
 				List<InlineIp> ipList=new ArrayList<>();
 				for(IpPortCfg cfg :entity.getIpPortList()) {
-					BeanUtils.copyProperties(entity, cfg, new String[]{"cfgId"});
+					Integer ipsecProtocol=null;
+					if(Constants.IPSEC_PROTOCOL==cfg.getProtocol().intValue()) {
+						ipsecProtocol=Integer.parseInt(cfg.getUserRegion1());
+					}
+					BeanUtils.copyProperties(entity, cfg, new String[]{"userRegion1","cfgId"});
 					InlineIp ip=convertCallBackIp(cfg,null);
+					if(ipsecProtocol!=null) {
+						ip.setProtocol(ipsecProtocol);
+					}
 					ipList.add(ip);
 				}
 				//调用服务接口下发配置数据
@@ -660,8 +674,15 @@ public class IpCfgService extends CrudService<IpCfgDao,BaseIpCfg> {
 			if(maatType==Constants.CALLBACK_TYPE){
 				List<InlineIp> ipList=new ArrayList<>();
 				for(IpPortCfg cfg :entity.getIpPortList()) {
-					BeanUtils.copyProperties(entity, cfg, new String[]{"cfgId"});
+					Integer ipsecProtocol=null;
+					if(Constants.IPSEC_PROTOCOL==cfg.getProtocol().intValue()) {
+						ipsecProtocol=Integer.parseInt(cfg.getUserRegion1());
+					}
+					BeanUtils.copyProperties(entity, cfg, new String[]{"userRegion1","cfgId"});
 					InlineIp ip=convertCallBackIp(cfg,null);
+					if(ipsecProtocol!=null) {
+						ip.setProtocol(ipsecProtocol);
+					}
 					ipList.add(ip);
 				}
 				//调用服务接口下发配置数据