From bf3921c9e0fb5eb5854ac2cc0ee5f99bffa32fd0 Mon Sep 17 00:00:00 2001 From: duandongmei Date: Thu, 25 Apr 2019 13:24:14 +0800 Subject: [PATCH] =?UTF-8?q?5b63b023=E5=90=88=E5=B9=B6?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../nis/web/controller/BaseController.java | 71 ++++ .../ntc/WhiteListController.java | 21 ++ .../java/com/nis/web/service/BaseService.java | 324 ++++++++++++------ .../service/configuration/IpCfgService.java | 10 +- 4 files changed, 309 insertions(+), 117 deletions(-) diff --git a/src/main/java/com/nis/web/controller/BaseController.java b/src/main/java/com/nis/web/controller/BaseController.java index 05c9e5416..916df62fc 100644 --- a/src/main/java/com/nis/web/controller/BaseController.java +++ b/src/main/java/com/nis/web/controller/BaseController.java @@ -64,6 +64,7 @@ import com.nis.domain.configuration.BaseCfg; import com.nis.domain.configuration.BaseIpCfg; import com.nis.domain.configuration.BaseStringCfg; import com.nis.domain.configuration.CfgIndexInfo; +import com.nis.domain.configuration.ComplexStringCfgTemplate; import com.nis.domain.configuration.ComplexkeywordCfg; import com.nis.domain.configuration.DdosIpCfg; import com.nis.domain.configuration.DnsIpCfg; @@ -74,6 +75,7 @@ import com.nis.domain.configuration.PxyObjKeyring; import com.nis.domain.configuration.PxyObjTrustedCaCert; import com.nis.domain.configuration.PxyObjTrustedCaCrl; import com.nis.domain.configuration.RequestInfo; +import com.nis.domain.configuration.StringCfgTemplate; import com.nis.domain.configuration.template.AppDomainTemplate; import com.nis.domain.configuration.template.AppPayloadTemplate; import com.nis.domain.configuration.template.AsnIpTemplate; @@ -768,6 +770,75 @@ public class BaseController { } return msgProp; } + @Deprecated + public void importCfgTemplate(HttpServletRequest request, HttpServletResponse response, + RedirectAttributes redirectAttributes, Integer functionId, Integer cfgRegionCode) { + Properties msgProp = getMsgProp(); + try { + List dictList = DictUtils.getFunctionRegionDictList(functionId); + for (FunctionRegionDict dict : dictList) { + if (dict.getConfigRegionCode() == cfgRegionCode) { + String fileName = dict.getConfigRegionValue() + ".xlsx"; + if (dict.getRegionType() == 1) { + List list = Lists.newArrayList(); + list.add(new IpCfgTemplate()); + new ExportExcel(new FunctionServiceDict(), new FunctionRegionDict(), msgProp, null, + IpCfgTemplate.class, 2).setDataList(msgProp, list, null) + .write(request, response, fileName).dispose(); + } else if (dict.getRegionType() == 2) { + List list = Lists.newArrayList(); + list.add(new StringCfgTemplate()); + new ExportExcel(new FunctionServiceDict(), new FunctionRegionDict(), msgProp, null, + StringCfgTemplate.class, 2).setDataList(msgProp, list, null) + .write(request, response, fileName).dispose(); + } else if (dict.getRegionType() == 3) { + List list = Lists.newArrayList(); + list.add(new ComplexStringCfgTemplate()); + new ExportExcel(new FunctionServiceDict(), new FunctionRegionDict(), msgProp, null, + ComplexStringCfgTemplate.class, 2).setDataList(msgProp, list, null) + .write(request, response, fileName).dispose(); + } + } + } + + } catch (Exception e) { + msgProp = null; + e.printStackTrace(); + } + } + @Deprecated + public void importCfgTemplate(HttpServletRequest request, HttpServletResponse response, + RedirectAttributes redirectAttributes, Integer functionId, Integer cfgRegionCode, Class clazz) { + Properties msgProp = getMsgProp(); + try { + List dictList = DictUtils.getFunctionRegionDictList(functionId); + for (FunctionRegionDict dict : dictList) { + if (dict.getConfigRegionCode() == cfgRegionCode) { + String fileName = dict.getConfigRegionValue() + ".xlsx"; + if (dict.getRegionType() == 1) { + List list = Lists.newArrayList(); + list.add((IpCfgTemplate) clazz.newInstance()); + new ExportExcel(new FunctionServiceDict(), new FunctionRegionDict(), msgProp, null, clazz, 2) + .setDataList(msgProp, list, null).write(request, response, fileName).dispose(); + } else if (dict.getRegionType() == 2) { + List list = Lists.newArrayList(); + list.add(new StringCfgTemplate()); + new ExportExcel(new FunctionServiceDict(), new FunctionRegionDict(), msgProp, null, clazz, 2) + .setDataList(msgProp, list, null).write(request, response, fileName).dispose(); + } else if (dict.getRegionType() == 3) { + List list = Lists.newArrayList(); + list.add(new ComplexStringCfgTemplate()); + new ExportExcel(new FunctionServiceDict(), new FunctionRegionDict(), msgProp, null, clazz, 2) + .setDataList(msgProp, list, null).write(request, response, fileName).dispose(); + } + } + } + + } catch (Exception e) { + msgProp = null; + e.printStackTrace(); + } + } public void setLogAction(BaseLogEntity log, List serviceList) { if (!StringUtil.isEmpty(serviceList)) { diff --git a/src/main/java/com/nis/web/controller/configuration/ntc/WhiteListController.java b/src/main/java/com/nis/web/controller/configuration/ntc/WhiteListController.java index dc3cab997..d41889876 100644 --- a/src/main/java/com/nis/web/controller/configuration/ntc/WhiteListController.java +++ b/src/main/java/com/nis/web/controller/configuration/ntc/WhiteListController.java @@ -1,6 +1,7 @@ package com.nis.web.controller.configuration.ntc; import java.util.ArrayList; +import java.util.Date; import java.util.HashMap; import java.util.HashSet; import java.util.List; @@ -25,10 +26,12 @@ import com.nis.domain.configuration.CfgIndexInfo; import com.nis.domain.configuration.HttpUrlCfg; import com.nis.domain.configuration.IpPortCfg; import com.nis.domain.configuration.NtcSubscribeIdCfg; +import com.nis.domain.configuration.template.WhiteListIpTemplate; import com.nis.exceptions.MaatConvertException; import com.nis.util.Constants; import com.nis.util.StringUtil; import com.nis.web.controller.configuration.CommonController; +import com.nis.web.security.UserUtils; /** * 白名单 @@ -383,6 +386,24 @@ public class WhiteListController extends CommonController { return "redirect:" + adminPath + "/ntc/whitelist/domain/list?functionId=" + functionId; } + // ip配置导入 + /* + * @RequestMapping(value = "ip/import", method=RequestMethod.POST) public + * String importIp(String cfgName,RedirectAttributes redirectAttributes, + * + * @RequestParam("file") MultipartFile file,IpPortCfg cfg) { + * this._importIp(cfgName,redirectAttributes, + * file,cfg,WhiteListIpTemplate.class); return "redirect:" + adminPath + * +"/ntc/whitelist/ip/list?functionId="+cfg.getFunctionId(); } + */ + // ip模板下载 + @RequestMapping(value = "ip/import/template") + public void importFileTemplate(HttpServletRequest request, HttpServletResponse response, + RedirectAttributes redirectAttributes, Integer functionId, Integer cfgRegionCode) { + this._importFileTemplate(request, response, redirectAttributes, functionId, cfgRegionCode, + WhiteListIpTemplate.class); + } + // ip配置导出 @RequestMapping(value = "ip/export") public void exportIp(String columns, Model model, HttpServletRequest request, HttpServletResponse response, diff --git a/src/main/java/com/nis/web/service/BaseService.java b/src/main/java/com/nis/web/service/BaseService.java index 4aa583fab..84ebd0695 100644 --- a/src/main/java/com/nis/web/service/BaseService.java +++ b/src/main/java/com/nis/web/service/BaseService.java @@ -1053,45 +1053,31 @@ public abstract class BaseService { */ public static List ipConvert(IpCfg dstIp, BaseIpCfg srcIp) { List ipConvertList = Lists.newArrayList(); - List tempList = Lists.newArrayList(); - List tempList1 = Lists.newArrayList(); - if (srcIp.getIpType().equals(4)) {// IP V4 - if(srcIp.getSrcIpPattern().equals(2)) {//源IP范围 - if (srcIp.getSrcIpAddress() != null) { - String startIpPart = srcIp.getSrcIpAddress().split("-")[0]; - String endIpPart = srcIp.getSrcIpAddress().split("-")[1]; - Integer startNum = Integer.parseInt(startIpPart.split("\\.")[3]); - Integer endNum = Integer.parseInt(endIpPart.split("\\.")[3]); - for (int i = startNum; i <= endNum; i++) { - IpCfg tempIp = new IpCfg(); - BeanUtils.copyProperties(dstIp, tempIp); - tempIp.setSrcIp(startIpPart.substring(0, startIpPart.lastIndexOf(".") + 1) + i); - tempIp.setSrcIpMask("255.255.255.255"); - tempList.add(tempIp); - } - }else { - dstIp.setSrcIp("0.0.0.0"); - dstIp.setSrcIpMask("255.255.255.255"); - tempList.add(dstIp); + boolean isRange = ((srcIp.getIpPattern() != null && srcIp.getIpPattern() == 2) + || (srcIp.getSrcIpAddress() != null && srcIp.getSrcIpAddress().indexOf("-") > -1) + || (srcIp.getDestIpAddress() != null && srcIp.getDestIpAddress().indexOf("-") > -1)); + if (isRange) { + List tempList = Lists.newArrayList(); + List tempList1 = Lists.newArrayList(); + if (srcIp.getIpType().intValue() == 4) { + if (srcIp.getSrcIpAddress() != null) { + String startIpPart = srcIp.getSrcIpAddress().split("-")[0]; + String endIpPart = srcIp.getSrcIpAddress().split("-")[1]; + Integer startNum = Integer.parseInt(startIpPart.split("\\.")[3]); + Integer endNum = Integer.parseInt(endIpPart.split("\\.")[3]); + for (int i = startNum; i <= endNum; i++) { + IpCfg tempIp = new IpCfg(); + BeanUtils.copyProperties(dstIp, tempIp); + tempIp.setSrcIp(startIpPart.substring(0, startIpPart.lastIndexOf(".") + 1) + i); + tempIp.setSrcIpMask("255.255.255.255"); + tempList.add(tempIp); } - }else if(srcIp.getSrcIpPattern().equals(1)){ - Integer srcMaskNum = Integer.parseInt(srcIp.getSrcIpAddress().split("/")[1]); - if (srcMaskNum == 0) { - dstIp.setSrcIpMask("0.0.0.0"); } else { - dstIp.setSrcIpMask(IpUtil.convertMask(srcMaskNum)); + dstIp.setSrcIp("0.0.0.0"); + dstIp.setSrcIpMask("255.255.255.255"); + tempList.add(dstIp); } - dstIp.setSrcIp(srcIp.getSrcIpAddress().split("/")[0]); - tempList.add(dstIp); - }else if(srcIp.getSrcIpPattern().equals(3)){ - dstIp.setSrcIp(srcIp.getSrcIpAddress()); - dstIp.setSrcIpMask("255.255.255.255"); - tempList.add(dstIp); - }else { - throw new RuntimeException("Unsupported IP Pattern " + srcIp.getSrcIpPattern()); - } - if (srcIp.getDestIpAddress() != null) { - if(srcIp.getDestIpPattern().equals(2)) { + if (srcIp.getDestIpAddress() != null) { String startIpPart = srcIp.getDestIpAddress().split("-")[0]; String endIpPart = srcIp.getDestIpAddress().split("-")[1]; Integer startNum = Integer.parseInt(startIpPart.split("\\.")[3]); @@ -1111,93 +1097,217 @@ public abstract class BaseService { } } tempList.clear(); - }else if(srcIp.getDestIpPattern().equals(1)) { - Integer dstMaskNum = Integer.parseInt(srcIp.getDestIpAddress().split("/")[1]); + } else { for (IpCfg _cfg : tempList) { - IpCfg tempIp = new IpCfg(); - BeanUtils.copyProperties(_cfg, tempIp); - if (dstMaskNum == 0) { - tempIp.setDstIpMask("0.0.0.0"); - } else { - tempIp.setDstIpMask(IpUtil.convertMask(dstMaskNum)); - } - tempIp.setDstIp(srcIp.getDestIpAddress().split("/")[0]); - if (!tempIp.getSrcIp().equals(tempIp.getDstIp())) { - // 处理 - convertPortValues(tempIp, srcIp); - tempList1.add(tempIp); - } + _cfg.setDstIp("0.0.0.0"); + _cfg.setSrcIpMask("255.255.255.255"); + convertPortValues(_cfg, srcIp); } - tempList.clear(); - }else { - for (IpCfg _cfg : tempList) { - IpCfg tempIp = new IpCfg(); - BeanUtils.copyProperties(_cfg, tempIp); - tempIp.setDstIp(srcIp.getDestIpAddress()); - if (!tempIp.getSrcIp().equals(tempIp.getDstIp())) { - tempIp.setDstIpMask("255.255.255.255"); - // 处理 - convertPortValues(tempIp, srcIp); - tempList1.add(tempIp); - } - } - tempList.clear(); } - }else { - for (IpCfg _cfg : tempList) { - _cfg.setDstIp("0.0.0.0"); - _cfg.setSrcIpMask("255.255.255.255"); - convertPortValues(_cfg, srcIp); + if (tempList1.size() > 0) { + ipConvertList.addAll(tempList1); + } else { + ipConvertList.addAll(tempList); } - } - if (tempList1.size() > 0) { - ipConvertList.addAll(tempList1); - } else { - ipConvertList.addAll(tempList); - } - }else if(srcIp.getIpType().equals(6)){// IP V6 - if (srcIp.getSrcIpAddress() != null) { - if(srcIp.getSrcIpPattern().equals(2)) { + } else if (srcIp.getIpType().intValue() == 6) { + if (srcIp.getSrcIpAddress() != null) { IPv6Address address1 = IPv6Address.fromString(srcIp.getSrcIpAddress().split("-")[0]); IPv6Address address2 = IPv6Address.fromString(srcIp.getSrcIpAddress().split("-")[1]); IPv6Network network = IPv6Network.fromTwoAddresses(address1, address2); dstIp.setSrcIp(address1.toString()); dstIp.setSrcIpMask(network.getNetmask().asAddress().toString()); - }else if(srcIp.getSrcIpPattern().equals(1)){// IP/掩码 - IPv6Network strangeNetwork = IPv6Network.fromString(srcIp.getSrcIpAddress()); - dstIp.setSrcIp(srcIp.getSrcIpAddress().split("/")[0]); - dstIp.setSrcIpMask(strangeNetwork.getNetmask().asAddress().toString()); - }else {// IP - dstIp.setSrcIp(srcIp.getSrcIpAddress()); + } else { + dstIp.setSrcIp("::"); dstIp.setSrcIpMask("FFFF:FFFF:FFFF:FFFF:FFFF:FFFF:FFFF:FFFF"); } - } else { - dstIp.setSrcIp("::"); - dstIp.setSrcIpMask("FFFF:FFFF:FFFF:FFFF:FFFF:FFFF:FFFF:FFFF"); - } - if (srcIp.getDestIpAddress() != null) { - if(srcIp.getDestIpPattern().equals(2)) { + if (srcIp.getDestIpAddress() != null) { IPv6Address address1 = IPv6Address.fromString(srcIp.getDestIpAddress().split("-")[0]); IPv6Address address2 = IPv6Address.fromString(srcIp.getDestIpAddress().split("-")[1]); IPv6Network network = IPv6Network.fromTwoAddresses(address1, address2); dstIp.setDstIp(address1.toString()); dstIp.setDstIpMask(network.getNetmask().asAddress().toString()); - }else if(srcIp.getDestIpPattern().equals(1)) {// IP/掩码 - IPv6Network strangeNetwork = IPv6Network.fromString(srcIp.getDestIpAddress()); - dstIp.setDstIp(srcIp.getDestIpAddress().split("/")[0]); - dstIp.setDstIpMask(strangeNetwork.getNetmask().asAddress().toString()); - }else {// IP - dstIp.setDstIp(srcIp.getDestIpAddress()); + } else { + dstIp.setDstIp("::"); dstIp.setDstIpMask("FFFF:FFFF:FFFF:FFFF:FFFF:FFFF:FFFF:FFFF"); } + + ipConvertList.add(dstIp); } else { - dstIp.setDstIp("::"); - dstIp.setDstIpMask("FFFF:FFFF:FFFF:FFFF:FFFF:FFFF:FFFF:FFFF"); + throw new RuntimeException("Unsupported IP type " + srcIp.getIpType()); + } + } else { + if (srcIp.getSrcIpAddress() != null) { + if (srcIp.getSrcIpAddress().indexOf("/") != -1) { + if (srcIp.getIpType() == 4 /* || srcIp.getIpType()==46 */) {// 46表示源ip为ipv4,目的ip为ipv6 + Integer srcMaskNum = Integer.parseInt(srcIp.getSrcIpAddress().split("/")[1]); + if (srcMaskNum == 0) { + dstIp.setSrcIpMask("0.0.0.0"); + } else { + dstIp.setSrcIpMask(IpUtil.convertMask(srcMaskNum)); + } + + dstIp.setSrcIp(srcIp.getSrcIpAddress().split("/")[0]); + } else if (srcIp.getIpType() == 6/* || srcIp.getIpType()==64 */) {// 64表示源ip为ipv6,目的ip为ipv4 + IPv6Network strangeNetwork = IPv6Network.fromString(srcIp.getSrcIpAddress()); + dstIp.setSrcIp(srcIp.getSrcIpAddress().split("/")[0]); + dstIp.setSrcIpMask(strangeNetwork.getNetmask().asAddress().toString()); + } /* + * else { Pattern + * patternV4Subnet=Pattern.compile(Constants.IPV4_IP_SUBNET_REGEXP); Pattern + * patternV6Subnet=Pattern.compile(Constants.IPV6_IP_SUBNET_REGEXP); Matcher + * matchernV4Subnet=patternV4Subnet.matcher(srcIp.getSrcIpAddress()); Matcher + * matcherV6Subnet=patternV6Subnet.matcher(srcIp.getSrcIpAddress()); + * if(matchernV4Subnet.matches()) { Integer srcMaskNum = + * Integer.parseInt(srcIp.getSrcIpAddress().split("/")[1]); if(srcMaskNum==0){ + * dstIp.setSrcIpMask("0.0.0.0"); }else{ + * dstIp.setSrcIpMask(IpUtil.convertMask(srcMaskNum)); } + * dstIp.setSrcIp(srcIp.getSrcIpAddress().split("/")[0]); }else + * if(matcherV6Subnet.matches()){ IPv6Network strangeNetwork = + * IPv6Network.fromString(srcIp.getSrcIpAddress()); + * dstIp.setSrcIp(srcIp.getSrcIpAddress().split("/")[0]); + * dstIp.setSrcIpMask(strangeNetwork.getNetmask().asAddress().toString()); }else + * { throw new RuntimeException("Invalid IP/subnet mask format"); } } + */ + else { + throw new RuntimeException("Unsupported IP type " + srcIp.getIpType()); + } + } else { + if (srcIp.getIpType() == 4/* || srcIp.getIpType()==46 */) {// 46表示源ip为ipv4,目的ip为ipv6 + dstIp.setSrcIp(srcIp.getSrcIpAddress()); + dstIp.setSrcIpMask("255.255.255.255"); + } else if (srcIp.getIpType() == 6/* || srcIp.getIpType()==64 */) {// 64表示源ip为ipv6,目的ip为ipv4 + dstIp.setSrcIp(srcIp.getSrcIpAddress()); + dstIp.setSrcIpMask("FFFF:FFFF:FFFF:FFFF:FFFF:FFFF:FFFF:FFFF"); + } /* + * else {//all Pattern patternV4=Pattern.compile(Constants.IPV4_IP_REGEXP); + * Pattern patternV6=Pattern.compile(Constants.IPV6_IP_REGEXP); Matcher + * matcherV4=patternV4.matcher(srcIp.getSrcIpAddress()); Matcher + * matcherV6=patternV6.matcher(srcIp.getSrcIpAddress()); if(matcherV4.matches()) + * { dstIp.setSrcIp(srcIp.getSrcIpAddress()); + * dstIp.setSrcIpMask("255.255.255.255"); }else if(matcherV6.matches()) { + * dstIp.setSrcIp(srcIp.getSrcIpAddress()); + * dstIp.setSrcIpMask("FFFF:FFFF:FFFF:FFFF:FFFF:FFFF:FFFF:FFFF"); }else { throw + * new RuntimeException("Invalid IP format"); } } + */ + else { + throw new RuntimeException("Unsupported IP type " + srcIp.getIpType()); + } + } + } else { + if (srcIp.getIpType() == 4/* || srcIp.getIpType()==46 */) {// 46表示源ip为ipv4,目的ip为ipv6 + dstIp.setSrcIp(srcIp.getSrcIpAddress()); + dstIp.setSrcIpMask("255.255.255.255"); + } else if (srcIp.getIpType() == 6/* || srcIp.getIpType()==64 */) {// 64表示源ip为ipv6,目的ip为ipv4 + dstIp.setSrcIp(srcIp.getSrcIpAddress()); + dstIp.setSrcIpMask("FFFF:FFFF:FFFF:FFFF:FFFF:FFFF:FFFF:FFFF"); + } /* + * else {//all dstIp.setSrcIp(srcIp.getSrcIpAddress()); + * dstIp.setSrcIpMask("255.255.255.255"); } + */ + else { + throw new RuntimeException("Unsupported IP type " + srcIp.getIpType()); + } + } + if (srcIp.getDestIpAddress() != null) { + if (srcIp.getDestIpAddress().indexOf("/") != -1) { + if (srcIp.getIpType() == 4/* || srcIp.getIpType()==64 */) {// 64表示源ip为ipv6,目的ip为ipv4 + Integer dstMaskNum = Integer.parseInt(srcIp.getDestIpAddress().split("/")[1]); + if (dstMaskNum == 0) { + dstIp.setDstIpMask("0.0.0.0"); + } else { + dstIp.setDstIpMask(IpUtil.convertMask(dstMaskNum)); + ; + } + dstIp.setDstIp(srcIp.getDestIpAddress().split("/")[0]); + } else if (srcIp.getIpType() == 6/* || srcIp.getIpType()==46 */) {// 46表示源ip为ipv4,目的ip为ipv6 + IPv6Network strangeNetwork = IPv6Network.fromString(srcIp.getDestIpAddress()); + dstIp.setDstIp(srcIp.getDestIpAddress().split("/")[0]); + dstIp.setDstIpMask(strangeNetwork.getNetmask().asAddress().toString()); + } /* + * else { Pattern + * patternV4Subnet=Pattern.compile(Constants.IPV4_IP_SUBNET_REGEXP); Pattern + * patternV6Subnet=Pattern.compile(Constants.IPV6_IP_SUBNET_REGEXP); Matcher + * matchernV4Subnet=patternV4Subnet.matcher(srcIp.getDestIpAddress()); Matcher + * matcherV6Subnet=patternV6Subnet.matcher(srcIp.getDestIpAddress()); + * if(matchernV4Subnet.matches()) { Integer dstMaskNum = + * Integer.parseInt(srcIp.getDestIpAddress().split("/")[1]); if(dstMaskNum==0){ + * dstIp.setDstIpMask("0.0.0.0"); }else{ + * dstIp.setDstIpMask(IpUtil.convertMask(dstMaskNum));; } + * dstIp.setDstIp(srcIp.getDestIpAddress().split("/")[0]); }else + * if(matcherV6Subnet.matches()){ IPv6Network strangeNetwork = + * IPv6Network.fromString(srcIp.getDestIpAddress()); + * dstIp.setDstIp(srcIp.getDestIpAddress().split("/")[0]); + * dstIp.setDstIpMask(strangeNetwork.getNetmask().asAddress().toString()); }else + * { throw new RuntimeException("Invalid IP/subnet mask format"); } } + */ + else { + throw new RuntimeException("Unsupported IP type " + srcIp.getIpType()); + } + + } else { + if (srcIp.getIpType() == 4/* || srcIp.getIpType()==64 */) {// 64表示源ip为ipv6,目的ip为ipv4 + dstIp.setDstIp(srcIp.getDestIpAddress()); + dstIp.setDstIpMask("255.255.255.255"); + } else if (srcIp.getIpType() == 6/* || srcIp.getIpType()==46 */) {// 46表示源ip为ipv4,目的ip为ipv6 + dstIp.setDstIp(srcIp.getDestIpAddress()); + dstIp.setDstIpMask("FFFF:FFFF:FFFF:FFFF:FFFF:FFFF:FFFF:FFFF"); + } /* + * else {//all Pattern patternV4=Pattern.compile(Constants.IPV4_IP_REGEXP); + * Pattern patternV6=Pattern.compile(Constants.IPV6_IP_REGEXP); Matcher + * matcherV4=patternV4.matcher(srcIp.getDestIpAddress()); Matcher + * matcherV6=patternV6.matcher(srcIp.getDestIpAddress()); + * if(matcherV4.matches()) { dstIp.setDstIp(srcIp.getDestIpAddress()); + * dstIp.setDstIpMask("255.255.255.255"); }else if(matcherV6.matches()) { + * dstIp.setDstIp(srcIp.getDestIpAddress()); + * dstIp.setDstIpMask("FFFF:FFFF:FFFF:FFFF:FFFF:FFFF:FFFF:FFFF"); }else { throw + * new RuntimeException("invalid ip format"); } } + */ + else { + throw new RuntimeException("Unsupported IP type " + srcIp.getIpType()); + } + } + } else { + if (srcIp.getIpType() == 4/* || srcIp.getIpType()==64 */) {// 64表示源ip为ipv6,目的ip为ipv4 + dstIp.setDstIp(srcIp.getDestIpAddress()); + dstIp.setDstIpMask("255.255.255.255"); + } else if (srcIp.getIpType() == 6/* || srcIp.getIpType()==46 */) {// 46表示源ip为ipv4,目的ip为ipv6 + dstIp.setDstIp(srcIp.getDestIpAddress()); + dstIp.setDstIpMask("FFFF:FFFF:FFFF:FFFF:FFFF:FFFF:FFFF:FFFF"); + } /* + * else {//all dstIp.setDstIp(srcIp.getDestIpAddress()); + * dstIp.setDstIpMask("255.255.255.255"); } + */ + else { + throw new RuntimeException("Unsupported IP type " + srcIp.getIpType()); + } + } + if (srcIp.getSrcPort() != null) { + if (srcIp.getSrcPort().indexOf("/") != -1) { + String srcMaskNum = srcIp.getSrcPort().split("/")[1]; + dstIp.setSrcPortMask(srcMaskNum); + dstIp.setSrcPort(srcIp.getSrcPort().split("/")[0]); + } else { + dstIp.setSrcPort(srcIp.getSrcPort()); + dstIp.setSrcPortMask("65535"); + } + } else { + dstIp.setSrcPort("0"); + dstIp.setSrcPortMask("65535"); + } + if (srcIp.getDestPort() != null) { + if (srcIp.getDestPort().indexOf("/") != -1) { + String dstMaskNum = srcIp.getDestPort().split("/")[1]; + dstIp.setDstPortMask(dstMaskNum); + dstIp.setDstPort(srcIp.getDestPort().split("/")[0]); + } else { + dstIp.setDstPort(srcIp.getDestPort()); + dstIp.setDstPortMask("65535"); + } + } else { + dstIp.setDstPort("0"); + dstIp.setDstPortMask("65535"); } - convertPortValues(dstIp, srcIp); ipConvertList.add(dstIp); - }else { - throw new RuntimeException("Unsupported IP type " + srcIp.getIpType()); } return ipConvertList; } @@ -2495,15 +2605,7 @@ public abstract class BaseService { if(_cfg.getAction().equals(Constants.MONIT_ACTION)) { maatCfg.setUserRegion(Constants.INTERCEPT_IP_MONIT_USER_REGION_KEY+"="+Constants.USER_REGION_PLACEHOLDER); }*/ - if(serviceDict!=null&&serviceDict.getAction().equals(Constants.MONIT_ACTION)) {// 监测 需要发keyring_id、拦截强度 - _cfg.setUserRegion1(StringUtil.isEmpty(_cfg.getUserRegion1()) ? "0":_cfg.getUserRegion1()); - _cfg.setUserRegion5(StringUtil.isEmpty(_cfg.getUserRegion5()) ? "1":_cfg.getUserRegion5()); - maatCfg.setUserRegion(Constants.INTERCEPT_IP_MONIT_USER_REGION_KEY+"=0"+";"+Constants.INTERCEPT_DOMAN_INTENSITY_USER_REGION_KEY+"="+_cfg.getUserRegion5()); - } - if(serviceDict!=null&&serviceDict.getAction().equals(64)) { - maatCfg.setUserRegion(Constants.INTERCEPT_IP_RATELIMIT_DROPRATE_USER_REGION_KEY+"="+_cfg.getUserRegion2()); - } - + maatCfg.setUserRegion(Constants.INTERCEPT_IP_RATELIMIT_DROPRATE_USER_REGION_KEY+"="+_cfg.getUserRegion2()); }else if(regionDict.getFunctionId()==207 || regionDict.getFunctionId()==208 || regionDict.getFunctionId()==209) {// HTTP(s)阻断、重定向、替换 String userRegion = Constants.USER_REGION_PLACEHOLDER; if(_cfg.getAction().equals(Constants.REJECT_ACTION)) {// 阻断 diff --git a/src/main/java/com/nis/web/service/configuration/IpCfgService.java b/src/main/java/com/nis/web/service/configuration/IpCfgService.java index 1a3797e0c..ed6079e51 100644 --- a/src/main/java/com/nis/web/service/configuration/IpCfgService.java +++ b/src/main/java/com/nis/web/service/configuration/IpCfgService.java @@ -99,7 +99,7 @@ public class IpCfgService extends CrudService { c.initDefaultValue(); BeanUtils.copyProperties(cfg, c,new String[]{"cfgId","ipType","direction", "protocol","protocolId","areaEffectiveIds","cfgRegionCode", - "cfgType","srcIpPattern","destIpPattern","srcIpAddress","srcPortPattern","destPortPattern","srcPort","destIpAddress","destPort"}); + "cfgType","ipPattern","srcIpAddress","portPattern","srcPort","destIpAddress","destPort"}); c.setTableName(AreaIpCfg.getTablename()); } this.saveIpBatch(cfg.getAreaCfg()); @@ -353,7 +353,7 @@ public class IpCfgService extends CrudService { c.initDefaultValue(); BeanUtils.copyProperties(cfg, c,new String[]{"cfgId","ipType","direction", "protocol","protocolId","areaEffectiveIds","cfgRegionCode", - "cfgType","srcIpPattern","destIpPattern","srcIpAddress","srcPortPattern","destPortPattern","srcPort","destIpAddress","destPort"}); + "cfgType","ipPattern","srcIpAddress","portPattern","srcPort","destIpAddress","destPort"}); c.setTableName(AreaIpCfg.getTablename()); c.setCreatorId(cfg.getCurrentUser().getId()); c.setCreateTime(date); @@ -375,11 +375,9 @@ public class IpCfgService extends CrudService { ,"cfgType" ,"cfgId" ,"ipType" - ,"srcIpPattern" - ,"destIpPattern" + ,"ipPattern" ,"srcIpAddress" - ,"srcPortPattern" - ,"destPortPattern" + ,"portPattern" ,"srcPort" ,"destPort" ,"protocol"