5b63b023合并
This commit is contained in:
duandongmei
@@ -64,6 +64,7 @@ import com.nis.domain.configuration.BaseCfg;
|
|||||||
import com.nis.domain.configuration.BaseIpCfg;
|
import com.nis.domain.configuration.BaseIpCfg;
|
||||||
import com.nis.domain.configuration.BaseStringCfg;
|
import com.nis.domain.configuration.BaseStringCfg;
|
||||||
import com.nis.domain.configuration.CfgIndexInfo;
|
import com.nis.domain.configuration.CfgIndexInfo;
|
||||||
|
import com.nis.domain.configuration.ComplexStringCfgTemplate;
|
||||||
import com.nis.domain.configuration.ComplexkeywordCfg;
|
import com.nis.domain.configuration.ComplexkeywordCfg;
|
||||||
import com.nis.domain.configuration.DdosIpCfg;
|
import com.nis.domain.configuration.DdosIpCfg;
|
||||||
import com.nis.domain.configuration.DnsIpCfg;
|
import com.nis.domain.configuration.DnsIpCfg;
|
||||||
@@ -74,6 +75,7 @@ import com.nis.domain.configuration.PxyObjKeyring;
|
|||||||
import com.nis.domain.configuration.PxyObjTrustedCaCert;
|
import com.nis.domain.configuration.PxyObjTrustedCaCert;
|
||||||
import com.nis.domain.configuration.PxyObjTrustedCaCrl;
|
import com.nis.domain.configuration.PxyObjTrustedCaCrl;
|
||||||
import com.nis.domain.configuration.RequestInfo;
|
import com.nis.domain.configuration.RequestInfo;
|
||||||
|
import com.nis.domain.configuration.StringCfgTemplate;
|
||||||
import com.nis.domain.configuration.template.AppDomainTemplate;
|
import com.nis.domain.configuration.template.AppDomainTemplate;
|
||||||
import com.nis.domain.configuration.template.AppPayloadTemplate;
|
import com.nis.domain.configuration.template.AppPayloadTemplate;
|
||||||
import com.nis.domain.configuration.template.AsnIpTemplate;
|
import com.nis.domain.configuration.template.AsnIpTemplate;
|
||||||
@@ -768,6 +770,75 @@ public class BaseController {
|
|||||||
}
|
}
|
||||||
return msgProp;
|
return msgProp;
|
||||||
}
|
}
|
||||||
|
@Deprecated
|
||||||
|
public void importCfgTemplate(HttpServletRequest request, HttpServletResponse response,
|
||||||
|
RedirectAttributes redirectAttributes, Integer functionId, Integer cfgRegionCode) {
|
||||||
|
Properties msgProp = getMsgProp();
|
||||||
|
try {
|
||||||
|
List<FunctionRegionDict> dictList = DictUtils.getFunctionRegionDictList(functionId);
|
||||||
|
for (FunctionRegionDict dict : dictList) {
|
||||||
|
if (dict.getConfigRegionCode() == cfgRegionCode) {
|
||||||
|
String fileName = dict.getConfigRegionValue() + ".xlsx";
|
||||||
|
if (dict.getRegionType() == 1) {
|
||||||
|
List<IpCfgTemplate> list = Lists.newArrayList();
|
||||||
|
list.add(new IpCfgTemplate());
|
||||||
|
new ExportExcel(new FunctionServiceDict(), new FunctionRegionDict(), msgProp, null,
|
||||||
|
IpCfgTemplate.class, 2).setDataList(msgProp, list, null)
|
||||||
|
.write(request, response, fileName).dispose();
|
||||||
|
} else if (dict.getRegionType() == 2) {
|
||||||
|
List<StringCfgTemplate> list = Lists.newArrayList();
|
||||||
|
list.add(new StringCfgTemplate());
|
||||||
|
new ExportExcel(new FunctionServiceDict(), new FunctionRegionDict(), msgProp, null,
|
||||||
|
StringCfgTemplate.class, 2).setDataList(msgProp, list, null)
|
||||||
|
.write(request, response, fileName).dispose();
|
||||||
|
} else if (dict.getRegionType() == 3) {
|
||||||
|
List<ComplexStringCfgTemplate> list = Lists.newArrayList();
|
||||||
|
list.add(new ComplexStringCfgTemplate());
|
||||||
|
new ExportExcel(new FunctionServiceDict(), new FunctionRegionDict(), msgProp, null,
|
||||||
|
ComplexStringCfgTemplate.class, 2).setDataList(msgProp, list, null)
|
||||||
|
.write(request, response, fileName).dispose();
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
} catch (Exception e) {
|
||||||
|
msgProp = null;
|
||||||
|
e.printStackTrace();
|
||||||
|
}
|
||||||
|
}
|
||||||
|
@Deprecated
|
||||||
|
public void importCfgTemplate(HttpServletRequest request, HttpServletResponse response,
|
||||||
|
RedirectAttributes redirectAttributes, Integer functionId, Integer cfgRegionCode, Class clazz) {
|
||||||
|
Properties msgProp = getMsgProp();
|
||||||
|
try {
|
||||||
|
List<FunctionRegionDict> dictList = DictUtils.getFunctionRegionDictList(functionId);
|
||||||
|
for (FunctionRegionDict dict : dictList) {
|
||||||
|
if (dict.getConfigRegionCode() == cfgRegionCode) {
|
||||||
|
String fileName = dict.getConfigRegionValue() + ".xlsx";
|
||||||
|
if (dict.getRegionType() == 1) {
|
||||||
|
List<IpCfgTemplate> list = Lists.newArrayList();
|
||||||
|
list.add((IpCfgTemplate) clazz.newInstance());
|
||||||
|
new ExportExcel(new FunctionServiceDict(), new FunctionRegionDict(), msgProp, null, clazz, 2)
|
||||||
|
.setDataList(msgProp, list, null).write(request, response, fileName).dispose();
|
||||||
|
} else if (dict.getRegionType() == 2) {
|
||||||
|
List<StringCfgTemplate> list = Lists.newArrayList();
|
||||||
|
list.add(new StringCfgTemplate());
|
||||||
|
new ExportExcel(new FunctionServiceDict(), new FunctionRegionDict(), msgProp, null, clazz, 2)
|
||||||
|
.setDataList(msgProp, list, null).write(request, response, fileName).dispose();
|
||||||
|
} else if (dict.getRegionType() == 3) {
|
||||||
|
List<ComplexStringCfgTemplate> list = Lists.newArrayList();
|
||||||
|
list.add(new ComplexStringCfgTemplate());
|
||||||
|
new ExportExcel(new FunctionServiceDict(), new FunctionRegionDict(), msgProp, null, clazz, 2)
|
||||||
|
.setDataList(msgProp, list, null).write(request, response, fileName).dispose();
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
} catch (Exception e) {
|
||||||
|
msgProp = null;
|
||||||
|
e.printStackTrace();
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
public void setLogAction(BaseLogEntity log, List<FunctionServiceDict> serviceList) {
|
public void setLogAction(BaseLogEntity log, List<FunctionServiceDict> serviceList) {
|
||||||
if (!StringUtil.isEmpty(serviceList)) {
|
if (!StringUtil.isEmpty(serviceList)) {
|
||||||
|
|||||||
@@ -1,6 +1,7 @@
|
|||||||
package com.nis.web.controller.configuration.ntc;
|
package com.nis.web.controller.configuration.ntc;
|
||||||
|
|
||||||
import java.util.ArrayList;
|
import java.util.ArrayList;
|
||||||
|
import java.util.Date;
|
||||||
import java.util.HashMap;
|
import java.util.HashMap;
|
||||||
import java.util.HashSet;
|
import java.util.HashSet;
|
||||||
import java.util.List;
|
import java.util.List;
|
||||||
@@ -25,10 +26,12 @@ import com.nis.domain.configuration.CfgIndexInfo;
|
|||||||
import com.nis.domain.configuration.HttpUrlCfg;
|
import com.nis.domain.configuration.HttpUrlCfg;
|
||||||
import com.nis.domain.configuration.IpPortCfg;
|
import com.nis.domain.configuration.IpPortCfg;
|
||||||
import com.nis.domain.configuration.NtcSubscribeIdCfg;
|
import com.nis.domain.configuration.NtcSubscribeIdCfg;
|
||||||
|
import com.nis.domain.configuration.template.WhiteListIpTemplate;
|
||||||
import com.nis.exceptions.MaatConvertException;
|
import com.nis.exceptions.MaatConvertException;
|
||||||
import com.nis.util.Constants;
|
import com.nis.util.Constants;
|
||||||
import com.nis.util.StringUtil;
|
import com.nis.util.StringUtil;
|
||||||
import com.nis.web.controller.configuration.CommonController;
|
import com.nis.web.controller.configuration.CommonController;
|
||||||
|
import com.nis.web.security.UserUtils;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* 白名单
|
* 白名单
|
||||||
@@ -383,6 +386,24 @@ public class WhiteListController extends CommonController {
|
|||||||
return "redirect:" + adminPath + "/ntc/whitelist/domain/list?functionId=" + functionId;
|
return "redirect:" + adminPath + "/ntc/whitelist/domain/list?functionId=" + functionId;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// ip配置导入
|
||||||
|
/*
|
||||||
|
* @RequestMapping(value = "ip/import", method=RequestMethod.POST) public
|
||||||
|
* String importIp(String cfgName,RedirectAttributes redirectAttributes,
|
||||||
|
*
|
||||||
|
* @RequestParam("file") MultipartFile file,IpPortCfg cfg) {
|
||||||
|
* this._importIp(cfgName,redirectAttributes,
|
||||||
|
* file,cfg,WhiteListIpTemplate.class); return "redirect:" + adminPath
|
||||||
|
* +"/ntc/whitelist/ip/list?functionId="+cfg.getFunctionId(); }
|
||||||
|
*/
|
||||||
|
// ip模板下载
|
||||||
|
@RequestMapping(value = "ip/import/template")
|
||||||
|
public void importFileTemplate(HttpServletRequest request, HttpServletResponse response,
|
||||||
|
RedirectAttributes redirectAttributes, Integer functionId, Integer cfgRegionCode) {
|
||||||
|
this._importFileTemplate(request, response, redirectAttributes, functionId, cfgRegionCode,
|
||||||
|
WhiteListIpTemplate.class);
|
||||||
|
}
|
||||||
|
|
||||||
// ip配置导出
|
// ip配置导出
|
||||||
@RequestMapping(value = "ip/export")
|
@RequestMapping(value = "ip/export")
|
||||||
public void exportIp(String columns, Model model, HttpServletRequest request, HttpServletResponse response,
|
public void exportIp(String columns, Model model, HttpServletRequest request, HttpServletResponse response,
|
||||||
|
|||||||
@@ -1053,45 +1053,31 @@ public abstract class BaseService {
|
|||||||
*/
|
*/
|
||||||
public static List<IpCfg> ipConvert(IpCfg dstIp, BaseIpCfg srcIp) {
|
public static List<IpCfg> ipConvert(IpCfg dstIp, BaseIpCfg srcIp) {
|
||||||
List<IpCfg> ipConvertList = Lists.newArrayList();
|
List<IpCfg> ipConvertList = Lists.newArrayList();
|
||||||
List<IpCfg> tempList = Lists.newArrayList();
|
boolean isRange = ((srcIp.getIpPattern() != null && srcIp.getIpPattern() == 2)
|
||||||
List<IpCfg> tempList1 = Lists.newArrayList();
|
|| (srcIp.getSrcIpAddress() != null && srcIp.getSrcIpAddress().indexOf("-") > -1)
|
||||||
if (srcIp.getIpType().equals(4)) {// IP V4
|
|| (srcIp.getDestIpAddress() != null && srcIp.getDestIpAddress().indexOf("-") > -1));
|
||||||
if(srcIp.getSrcIpPattern().equals(2)) {//源IP范围
|
if (isRange) {
|
||||||
if (srcIp.getSrcIpAddress() != null) {
|
List<IpCfg> tempList = Lists.newArrayList();
|
||||||
String startIpPart = srcIp.getSrcIpAddress().split("-")[0];
|
List<IpCfg> tempList1 = Lists.newArrayList();
|
||||||
String endIpPart = srcIp.getSrcIpAddress().split("-")[1];
|
if (srcIp.getIpType().intValue() == 4) {
|
||||||
Integer startNum = Integer.parseInt(startIpPart.split("\\.")[3]);
|
if (srcIp.getSrcIpAddress() != null) {
|
||||||
Integer endNum = Integer.parseInt(endIpPart.split("\\.")[3]);
|
String startIpPart = srcIp.getSrcIpAddress().split("-")[0];
|
||||||
for (int i = startNum; i <= endNum; i++) {
|
String endIpPart = srcIp.getSrcIpAddress().split("-")[1];
|
||||||
IpCfg tempIp = new IpCfg();
|
Integer startNum = Integer.parseInt(startIpPart.split("\\.")[3]);
|
||||||
BeanUtils.copyProperties(dstIp, tempIp);
|
Integer endNum = Integer.parseInt(endIpPart.split("\\.")[3]);
|
||||||
tempIp.setSrcIp(startIpPart.substring(0, startIpPart.lastIndexOf(".") + 1) + i);
|
for (int i = startNum; i <= endNum; i++) {
|
||||||
tempIp.setSrcIpMask("255.255.255.255");
|
IpCfg tempIp = new IpCfg();
|
||||||
tempList.add(tempIp);
|
BeanUtils.copyProperties(dstIp, tempIp);
|
||||||
}
|
tempIp.setSrcIp(startIpPart.substring(0, startIpPart.lastIndexOf(".") + 1) + i);
|
||||||
}else {
|
tempIp.setSrcIpMask("255.255.255.255");
|
||||||
dstIp.setSrcIp("0.0.0.0");
|
tempList.add(tempIp);
|
||||||
dstIp.setSrcIpMask("255.255.255.255");
|
|
||||||
tempList.add(dstIp);
|
|
||||||
}
|
}
|
||||||
}else if(srcIp.getSrcIpPattern().equals(1)){
|
|
||||||
Integer srcMaskNum = Integer.parseInt(srcIp.getSrcIpAddress().split("/")[1]);
|
|
||||||
if (srcMaskNum == 0) {
|
|
||||||
dstIp.setSrcIpMask("0.0.0.0");
|
|
||||||
} else {
|
} else {
|
||||||
dstIp.setSrcIpMask(IpUtil.convertMask(srcMaskNum));
|
dstIp.setSrcIp("0.0.0.0");
|
||||||
|
dstIp.setSrcIpMask("255.255.255.255");
|
||||||
|
tempList.add(dstIp);
|
||||||
}
|
}
|
||||||
dstIp.setSrcIp(srcIp.getSrcIpAddress().split("/")[0]);
|
if (srcIp.getDestIpAddress() != null) {
|
||||||
tempList.add(dstIp);
|
|
||||||
}else if(srcIp.getSrcIpPattern().equals(3)){
|
|
||||||
dstIp.setSrcIp(srcIp.getSrcIpAddress());
|
|
||||||
dstIp.setSrcIpMask("255.255.255.255");
|
|
||||||
tempList.add(dstIp);
|
|
||||||
}else {
|
|
||||||
throw new RuntimeException("Unsupported IP Pattern " + srcIp.getSrcIpPattern());
|
|
||||||
}
|
|
||||||
if (srcIp.getDestIpAddress() != null) {
|
|
||||||
if(srcIp.getDestIpPattern().equals(2)) {
|
|
||||||
String startIpPart = srcIp.getDestIpAddress().split("-")[0];
|
String startIpPart = srcIp.getDestIpAddress().split("-")[0];
|
||||||
String endIpPart = srcIp.getDestIpAddress().split("-")[1];
|
String endIpPart = srcIp.getDestIpAddress().split("-")[1];
|
||||||
Integer startNum = Integer.parseInt(startIpPart.split("\\.")[3]);
|
Integer startNum = Integer.parseInt(startIpPart.split("\\.")[3]);
|
||||||
@@ -1111,93 +1097,217 @@ public abstract class BaseService {
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
tempList.clear();
|
tempList.clear();
|
||||||
}else if(srcIp.getDestIpPattern().equals(1)) {
|
} else {
|
||||||
Integer dstMaskNum = Integer.parseInt(srcIp.getDestIpAddress().split("/")[1]);
|
|
||||||
for (IpCfg _cfg : tempList) {
|
for (IpCfg _cfg : tempList) {
|
||||||
IpCfg tempIp = new IpCfg();
|
_cfg.setDstIp("0.0.0.0");
|
||||||
BeanUtils.copyProperties(_cfg, tempIp);
|
_cfg.setSrcIpMask("255.255.255.255");
|
||||||
if (dstMaskNum == 0) {
|
convertPortValues(_cfg, srcIp);
|
||||||
tempIp.setDstIpMask("0.0.0.0");
|
|
||||||
} else {
|
|
||||||
tempIp.setDstIpMask(IpUtil.convertMask(dstMaskNum));
|
|
||||||
}
|
|
||||||
tempIp.setDstIp(srcIp.getDestIpAddress().split("/")[0]);
|
|
||||||
if (!tempIp.getSrcIp().equals(tempIp.getDstIp())) {
|
|
||||||
// 处理
|
|
||||||
convertPortValues(tempIp, srcIp);
|
|
||||||
tempList1.add(tempIp);
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
tempList.clear();
|
|
||||||
}else {
|
|
||||||
for (IpCfg _cfg : tempList) {
|
|
||||||
IpCfg tempIp = new IpCfg();
|
|
||||||
BeanUtils.copyProperties(_cfg, tempIp);
|
|
||||||
tempIp.setDstIp(srcIp.getDestIpAddress());
|
|
||||||
if (!tempIp.getSrcIp().equals(tempIp.getDstIp())) {
|
|
||||||
tempIp.setDstIpMask("255.255.255.255");
|
|
||||||
// 处理
|
|
||||||
convertPortValues(tempIp, srcIp);
|
|
||||||
tempList1.add(tempIp);
|
|
||||||
}
|
|
||||||
}
|
|
||||||
tempList.clear();
|
|
||||||
}
|
}
|
||||||
}else {
|
if (tempList1.size() > 0) {
|
||||||
for (IpCfg _cfg : tempList) {
|
ipConvertList.addAll(tempList1);
|
||||||
_cfg.setDstIp("0.0.0.0");
|
} else {
|
||||||
_cfg.setSrcIpMask("255.255.255.255");
|
ipConvertList.addAll(tempList);
|
||||||
convertPortValues(_cfg, srcIp);
|
|
||||||
}
|
}
|
||||||
}
|
} else if (srcIp.getIpType().intValue() == 6) {
|
||||||
if (tempList1.size() > 0) {
|
if (srcIp.getSrcIpAddress() != null) {
|
||||||
ipConvertList.addAll(tempList1);
|
|
||||||
} else {
|
|
||||||
ipConvertList.addAll(tempList);
|
|
||||||
}
|
|
||||||
}else if(srcIp.getIpType().equals(6)){// IP V6
|
|
||||||
if (srcIp.getSrcIpAddress() != null) {
|
|
||||||
if(srcIp.getSrcIpPattern().equals(2)) {
|
|
||||||
IPv6Address address1 = IPv6Address.fromString(srcIp.getSrcIpAddress().split("-")[0]);
|
IPv6Address address1 = IPv6Address.fromString(srcIp.getSrcIpAddress().split("-")[0]);
|
||||||
IPv6Address address2 = IPv6Address.fromString(srcIp.getSrcIpAddress().split("-")[1]);
|
IPv6Address address2 = IPv6Address.fromString(srcIp.getSrcIpAddress().split("-")[1]);
|
||||||
IPv6Network network = IPv6Network.fromTwoAddresses(address1, address2);
|
IPv6Network network = IPv6Network.fromTwoAddresses(address1, address2);
|
||||||
dstIp.setSrcIp(address1.toString());
|
dstIp.setSrcIp(address1.toString());
|
||||||
dstIp.setSrcIpMask(network.getNetmask().asAddress().toString());
|
dstIp.setSrcIpMask(network.getNetmask().asAddress().toString());
|
||||||
}else if(srcIp.getSrcIpPattern().equals(1)){// IP/掩码
|
} else {
|
||||||
IPv6Network strangeNetwork = IPv6Network.fromString(srcIp.getSrcIpAddress());
|
dstIp.setSrcIp("::");
|
||||||
dstIp.setSrcIp(srcIp.getSrcIpAddress().split("/")[0]);
|
|
||||||
dstIp.setSrcIpMask(strangeNetwork.getNetmask().asAddress().toString());
|
|
||||||
}else {// IP
|
|
||||||
dstIp.setSrcIp(srcIp.getSrcIpAddress());
|
|
||||||
dstIp.setSrcIpMask("FFFF:FFFF:FFFF:FFFF:FFFF:FFFF:FFFF:FFFF");
|
dstIp.setSrcIpMask("FFFF:FFFF:FFFF:FFFF:FFFF:FFFF:FFFF:FFFF");
|
||||||
}
|
}
|
||||||
} else {
|
if (srcIp.getDestIpAddress() != null) {
|
||||||
dstIp.setSrcIp("::");
|
|
||||||
dstIp.setSrcIpMask("FFFF:FFFF:FFFF:FFFF:FFFF:FFFF:FFFF:FFFF");
|
|
||||||
}
|
|
||||||
if (srcIp.getDestIpAddress() != null) {
|
|
||||||
if(srcIp.getDestIpPattern().equals(2)) {
|
|
||||||
IPv6Address address1 = IPv6Address.fromString(srcIp.getDestIpAddress().split("-")[0]);
|
IPv6Address address1 = IPv6Address.fromString(srcIp.getDestIpAddress().split("-")[0]);
|
||||||
IPv6Address address2 = IPv6Address.fromString(srcIp.getDestIpAddress().split("-")[1]);
|
IPv6Address address2 = IPv6Address.fromString(srcIp.getDestIpAddress().split("-")[1]);
|
||||||
IPv6Network network = IPv6Network.fromTwoAddresses(address1, address2);
|
IPv6Network network = IPv6Network.fromTwoAddresses(address1, address2);
|
||||||
dstIp.setDstIp(address1.toString());
|
dstIp.setDstIp(address1.toString());
|
||||||
dstIp.setDstIpMask(network.getNetmask().asAddress().toString());
|
dstIp.setDstIpMask(network.getNetmask().asAddress().toString());
|
||||||
}else if(srcIp.getDestIpPattern().equals(1)) {// IP/掩码
|
} else {
|
||||||
IPv6Network strangeNetwork = IPv6Network.fromString(srcIp.getDestIpAddress());
|
dstIp.setDstIp("::");
|
||||||
dstIp.setDstIp(srcIp.getDestIpAddress().split("/")[0]);
|
|
||||||
dstIp.setDstIpMask(strangeNetwork.getNetmask().asAddress().toString());
|
|
||||||
}else {// IP
|
|
||||||
dstIp.setDstIp(srcIp.getDestIpAddress());
|
|
||||||
dstIp.setDstIpMask("FFFF:FFFF:FFFF:FFFF:FFFF:FFFF:FFFF:FFFF");
|
dstIp.setDstIpMask("FFFF:FFFF:FFFF:FFFF:FFFF:FFFF:FFFF:FFFF");
|
||||||
}
|
}
|
||||||
|
|
||||||
|
ipConvertList.add(dstIp);
|
||||||
} else {
|
} else {
|
||||||
dstIp.setDstIp("::");
|
throw new RuntimeException("Unsupported IP type " + srcIp.getIpType());
|
||||||
dstIp.setDstIpMask("FFFF:FFFF:FFFF:FFFF:FFFF:FFFF:FFFF:FFFF");
|
}
|
||||||
|
} else {
|
||||||
|
if (srcIp.getSrcIpAddress() != null) {
|
||||||
|
if (srcIp.getSrcIpAddress().indexOf("/") != -1) {
|
||||||
|
if (srcIp.getIpType() == 4 /* || srcIp.getIpType()==46 */) {// 46表示源ip为ipv4,目的ip为ipv6
|
||||||
|
Integer srcMaskNum = Integer.parseInt(srcIp.getSrcIpAddress().split("/")[1]);
|
||||||
|
if (srcMaskNum == 0) {
|
||||||
|
dstIp.setSrcIpMask("0.0.0.0");
|
||||||
|
} else {
|
||||||
|
dstIp.setSrcIpMask(IpUtil.convertMask(srcMaskNum));
|
||||||
|
}
|
||||||
|
|
||||||
|
dstIp.setSrcIp(srcIp.getSrcIpAddress().split("/")[0]);
|
||||||
|
} else if (srcIp.getIpType() == 6/* || srcIp.getIpType()==64 */) {// 64表示源ip为ipv6,目的ip为ipv4
|
||||||
|
IPv6Network strangeNetwork = IPv6Network.fromString(srcIp.getSrcIpAddress());
|
||||||
|
dstIp.setSrcIp(srcIp.getSrcIpAddress().split("/")[0]);
|
||||||
|
dstIp.setSrcIpMask(strangeNetwork.getNetmask().asAddress().toString());
|
||||||
|
} /*
|
||||||
|
* else { Pattern
|
||||||
|
* patternV4Subnet=Pattern.compile(Constants.IPV4_IP_SUBNET_REGEXP); Pattern
|
||||||
|
* patternV6Subnet=Pattern.compile(Constants.IPV6_IP_SUBNET_REGEXP); Matcher
|
||||||
|
* matchernV4Subnet=patternV4Subnet.matcher(srcIp.getSrcIpAddress()); Matcher
|
||||||
|
* matcherV6Subnet=patternV6Subnet.matcher(srcIp.getSrcIpAddress());
|
||||||
|
* if(matchernV4Subnet.matches()) { Integer srcMaskNum =
|
||||||
|
* Integer.parseInt(srcIp.getSrcIpAddress().split("/")[1]); if(srcMaskNum==0){
|
||||||
|
* dstIp.setSrcIpMask("0.0.0.0"); }else{
|
||||||
|
* dstIp.setSrcIpMask(IpUtil.convertMask(srcMaskNum)); }
|
||||||
|
* dstIp.setSrcIp(srcIp.getSrcIpAddress().split("/")[0]); }else
|
||||||
|
* if(matcherV6Subnet.matches()){ IPv6Network strangeNetwork =
|
||||||
|
* IPv6Network.fromString(srcIp.getSrcIpAddress());
|
||||||
|
* dstIp.setSrcIp(srcIp.getSrcIpAddress().split("/")[0]);
|
||||||
|
* dstIp.setSrcIpMask(strangeNetwork.getNetmask().asAddress().toString()); }else
|
||||||
|
* { throw new RuntimeException("Invalid IP/subnet mask format"); } }
|
||||||
|
*/
|
||||||
|
else {
|
||||||
|
throw new RuntimeException("Unsupported IP type " + srcIp.getIpType());
|
||||||
|
}
|
||||||
|
} else {
|
||||||
|
if (srcIp.getIpType() == 4/* || srcIp.getIpType()==46 */) {// 46表示源ip为ipv4,目的ip为ipv6
|
||||||
|
dstIp.setSrcIp(srcIp.getSrcIpAddress());
|
||||||
|
dstIp.setSrcIpMask("255.255.255.255");
|
||||||
|
} else if (srcIp.getIpType() == 6/* || srcIp.getIpType()==64 */) {// 64表示源ip为ipv6,目的ip为ipv4
|
||||||
|
dstIp.setSrcIp(srcIp.getSrcIpAddress());
|
||||||
|
dstIp.setSrcIpMask("FFFF:FFFF:FFFF:FFFF:FFFF:FFFF:FFFF:FFFF");
|
||||||
|
} /*
|
||||||
|
* else {//all Pattern patternV4=Pattern.compile(Constants.IPV4_IP_REGEXP);
|
||||||
|
* Pattern patternV6=Pattern.compile(Constants.IPV6_IP_REGEXP); Matcher
|
||||||
|
* matcherV4=patternV4.matcher(srcIp.getSrcIpAddress()); Matcher
|
||||||
|
* matcherV6=patternV6.matcher(srcIp.getSrcIpAddress()); if(matcherV4.matches())
|
||||||
|
* { dstIp.setSrcIp(srcIp.getSrcIpAddress());
|
||||||
|
* dstIp.setSrcIpMask("255.255.255.255"); }else if(matcherV6.matches()) {
|
||||||
|
* dstIp.setSrcIp(srcIp.getSrcIpAddress());
|
||||||
|
* dstIp.setSrcIpMask("FFFF:FFFF:FFFF:FFFF:FFFF:FFFF:FFFF:FFFF"); }else { throw
|
||||||
|
* new RuntimeException("Invalid IP format"); } }
|
||||||
|
*/
|
||||||
|
else {
|
||||||
|
throw new RuntimeException("Unsupported IP type " + srcIp.getIpType());
|
||||||
|
}
|
||||||
|
}
|
||||||
|
} else {
|
||||||
|
if (srcIp.getIpType() == 4/* || srcIp.getIpType()==46 */) {// 46表示源ip为ipv4,目的ip为ipv6
|
||||||
|
dstIp.setSrcIp(srcIp.getSrcIpAddress());
|
||||||
|
dstIp.setSrcIpMask("255.255.255.255");
|
||||||
|
} else if (srcIp.getIpType() == 6/* || srcIp.getIpType()==64 */) {// 64表示源ip为ipv6,目的ip为ipv4
|
||||||
|
dstIp.setSrcIp(srcIp.getSrcIpAddress());
|
||||||
|
dstIp.setSrcIpMask("FFFF:FFFF:FFFF:FFFF:FFFF:FFFF:FFFF:FFFF");
|
||||||
|
} /*
|
||||||
|
* else {//all dstIp.setSrcIp(srcIp.getSrcIpAddress());
|
||||||
|
* dstIp.setSrcIpMask("255.255.255.255"); }
|
||||||
|
*/
|
||||||
|
else {
|
||||||
|
throw new RuntimeException("Unsupported IP type " + srcIp.getIpType());
|
||||||
|
}
|
||||||
|
}
|
||||||
|
if (srcIp.getDestIpAddress() != null) {
|
||||||
|
if (srcIp.getDestIpAddress().indexOf("/") != -1) {
|
||||||
|
if (srcIp.getIpType() == 4/* || srcIp.getIpType()==64 */) {// 64表示源ip为ipv6,目的ip为ipv4
|
||||||
|
Integer dstMaskNum = Integer.parseInt(srcIp.getDestIpAddress().split("/")[1]);
|
||||||
|
if (dstMaskNum == 0) {
|
||||||
|
dstIp.setDstIpMask("0.0.0.0");
|
||||||
|
} else {
|
||||||
|
dstIp.setDstIpMask(IpUtil.convertMask(dstMaskNum));
|
||||||
|
;
|
||||||
|
}
|
||||||
|
dstIp.setDstIp(srcIp.getDestIpAddress().split("/")[0]);
|
||||||
|
} else if (srcIp.getIpType() == 6/* || srcIp.getIpType()==46 */) {// 46表示源ip为ipv4,目的ip为ipv6
|
||||||
|
IPv6Network strangeNetwork = IPv6Network.fromString(srcIp.getDestIpAddress());
|
||||||
|
dstIp.setDstIp(srcIp.getDestIpAddress().split("/")[0]);
|
||||||
|
dstIp.setDstIpMask(strangeNetwork.getNetmask().asAddress().toString());
|
||||||
|
} /*
|
||||||
|
* else { Pattern
|
||||||
|
* patternV4Subnet=Pattern.compile(Constants.IPV4_IP_SUBNET_REGEXP); Pattern
|
||||||
|
* patternV6Subnet=Pattern.compile(Constants.IPV6_IP_SUBNET_REGEXP); Matcher
|
||||||
|
* matchernV4Subnet=patternV4Subnet.matcher(srcIp.getDestIpAddress()); Matcher
|
||||||
|
* matcherV6Subnet=patternV6Subnet.matcher(srcIp.getDestIpAddress());
|
||||||
|
* if(matchernV4Subnet.matches()) { Integer dstMaskNum =
|
||||||
|
* Integer.parseInt(srcIp.getDestIpAddress().split("/")[1]); if(dstMaskNum==0){
|
||||||
|
* dstIp.setDstIpMask("0.0.0.0"); }else{
|
||||||
|
* dstIp.setDstIpMask(IpUtil.convertMask(dstMaskNum));; }
|
||||||
|
* dstIp.setDstIp(srcIp.getDestIpAddress().split("/")[0]); }else
|
||||||
|
* if(matcherV6Subnet.matches()){ IPv6Network strangeNetwork =
|
||||||
|
* IPv6Network.fromString(srcIp.getDestIpAddress());
|
||||||
|
* dstIp.setDstIp(srcIp.getDestIpAddress().split("/")[0]);
|
||||||
|
* dstIp.setDstIpMask(strangeNetwork.getNetmask().asAddress().toString()); }else
|
||||||
|
* { throw new RuntimeException("Invalid IP/subnet mask format"); } }
|
||||||
|
*/
|
||||||
|
else {
|
||||||
|
throw new RuntimeException("Unsupported IP type " + srcIp.getIpType());
|
||||||
|
}
|
||||||
|
|
||||||
|
} else {
|
||||||
|
if (srcIp.getIpType() == 4/* || srcIp.getIpType()==64 */) {// 64表示源ip为ipv6,目的ip为ipv4
|
||||||
|
dstIp.setDstIp(srcIp.getDestIpAddress());
|
||||||
|
dstIp.setDstIpMask("255.255.255.255");
|
||||||
|
} else if (srcIp.getIpType() == 6/* || srcIp.getIpType()==46 */) {// 46表示源ip为ipv4,目的ip为ipv6
|
||||||
|
dstIp.setDstIp(srcIp.getDestIpAddress());
|
||||||
|
dstIp.setDstIpMask("FFFF:FFFF:FFFF:FFFF:FFFF:FFFF:FFFF:FFFF");
|
||||||
|
} /*
|
||||||
|
* else {//all Pattern patternV4=Pattern.compile(Constants.IPV4_IP_REGEXP);
|
||||||
|
* Pattern patternV6=Pattern.compile(Constants.IPV6_IP_REGEXP); Matcher
|
||||||
|
* matcherV4=patternV4.matcher(srcIp.getDestIpAddress()); Matcher
|
||||||
|
* matcherV6=patternV6.matcher(srcIp.getDestIpAddress());
|
||||||
|
* if(matcherV4.matches()) { dstIp.setDstIp(srcIp.getDestIpAddress());
|
||||||
|
* dstIp.setDstIpMask("255.255.255.255"); }else if(matcherV6.matches()) {
|
||||||
|
* dstIp.setDstIp(srcIp.getDestIpAddress());
|
||||||
|
* dstIp.setDstIpMask("FFFF:FFFF:FFFF:FFFF:FFFF:FFFF:FFFF:FFFF"); }else { throw
|
||||||
|
* new RuntimeException("invalid ip format"); } }
|
||||||
|
*/
|
||||||
|
else {
|
||||||
|
throw new RuntimeException("Unsupported IP type " + srcIp.getIpType());
|
||||||
|
}
|
||||||
|
}
|
||||||
|
} else {
|
||||||
|
if (srcIp.getIpType() == 4/* || srcIp.getIpType()==64 */) {// 64表示源ip为ipv6,目的ip为ipv4
|
||||||
|
dstIp.setDstIp(srcIp.getDestIpAddress());
|
||||||
|
dstIp.setDstIpMask("255.255.255.255");
|
||||||
|
} else if (srcIp.getIpType() == 6/* || srcIp.getIpType()==46 */) {// 46表示源ip为ipv4,目的ip为ipv6
|
||||||
|
dstIp.setDstIp(srcIp.getDestIpAddress());
|
||||||
|
dstIp.setDstIpMask("FFFF:FFFF:FFFF:FFFF:FFFF:FFFF:FFFF:FFFF");
|
||||||
|
} /*
|
||||||
|
* else {//all dstIp.setDstIp(srcIp.getDestIpAddress());
|
||||||
|
* dstIp.setDstIpMask("255.255.255.255"); }
|
||||||
|
*/
|
||||||
|
else {
|
||||||
|
throw new RuntimeException("Unsupported IP type " + srcIp.getIpType());
|
||||||
|
}
|
||||||
|
}
|
||||||
|
if (srcIp.getSrcPort() != null) {
|
||||||
|
if (srcIp.getSrcPort().indexOf("/") != -1) {
|
||||||
|
String srcMaskNum = srcIp.getSrcPort().split("/")[1];
|
||||||
|
dstIp.setSrcPortMask(srcMaskNum);
|
||||||
|
dstIp.setSrcPort(srcIp.getSrcPort().split("/")[0]);
|
||||||
|
} else {
|
||||||
|
dstIp.setSrcPort(srcIp.getSrcPort());
|
||||||
|
dstIp.setSrcPortMask("65535");
|
||||||
|
}
|
||||||
|
} else {
|
||||||
|
dstIp.setSrcPort("0");
|
||||||
|
dstIp.setSrcPortMask("65535");
|
||||||
|
}
|
||||||
|
if (srcIp.getDestPort() != null) {
|
||||||
|
if (srcIp.getDestPort().indexOf("/") != -1) {
|
||||||
|
String dstMaskNum = srcIp.getDestPort().split("/")[1];
|
||||||
|
dstIp.setDstPortMask(dstMaskNum);
|
||||||
|
dstIp.setDstPort(srcIp.getDestPort().split("/")[0]);
|
||||||
|
} else {
|
||||||
|
dstIp.setDstPort(srcIp.getDestPort());
|
||||||
|
dstIp.setDstPortMask("65535");
|
||||||
|
}
|
||||||
|
} else {
|
||||||
|
dstIp.setDstPort("0");
|
||||||
|
dstIp.setDstPortMask("65535");
|
||||||
}
|
}
|
||||||
convertPortValues(dstIp, srcIp);
|
|
||||||
ipConvertList.add(dstIp);
|
ipConvertList.add(dstIp);
|
||||||
}else {
|
|
||||||
throw new RuntimeException("Unsupported IP type " + srcIp.getIpType());
|
|
||||||
}
|
}
|
||||||
return ipConvertList;
|
return ipConvertList;
|
||||||
}
|
}
|
||||||
@@ -2495,15 +2605,7 @@ public abstract class BaseService {
|
|||||||
if(_cfg.getAction().equals(Constants.MONIT_ACTION)) {
|
if(_cfg.getAction().equals(Constants.MONIT_ACTION)) {
|
||||||
maatCfg.setUserRegion(Constants.INTERCEPT_IP_MONIT_USER_REGION_KEY+"="+Constants.USER_REGION_PLACEHOLDER);
|
maatCfg.setUserRegion(Constants.INTERCEPT_IP_MONIT_USER_REGION_KEY+"="+Constants.USER_REGION_PLACEHOLDER);
|
||||||
}*/
|
}*/
|
||||||
if(serviceDict!=null&&serviceDict.getAction().equals(Constants.MONIT_ACTION)) {// 监测 需要发keyring_id、拦截强度
|
maatCfg.setUserRegion(Constants.INTERCEPT_IP_RATELIMIT_DROPRATE_USER_REGION_KEY+"="+_cfg.getUserRegion2());
|
||||||
_cfg.setUserRegion1(StringUtil.isEmpty(_cfg.getUserRegion1()) ? "0":_cfg.getUserRegion1());
|
|
||||||
_cfg.setUserRegion5(StringUtil.isEmpty(_cfg.getUserRegion5()) ? "1":_cfg.getUserRegion5());
|
|
||||||
maatCfg.setUserRegion(Constants.INTERCEPT_IP_MONIT_USER_REGION_KEY+"=0"+";"+Constants.INTERCEPT_DOMAN_INTENSITY_USER_REGION_KEY+"="+_cfg.getUserRegion5());
|
|
||||||
}
|
|
||||||
if(serviceDict!=null&&serviceDict.getAction().equals(64)) {
|
|
||||||
maatCfg.setUserRegion(Constants.INTERCEPT_IP_RATELIMIT_DROPRATE_USER_REGION_KEY+"="+_cfg.getUserRegion2());
|
|
||||||
}
|
|
||||||
|
|
||||||
}else if(regionDict.getFunctionId()==207 || regionDict.getFunctionId()==208 || regionDict.getFunctionId()==209) {// HTTP(s)阻断、重定向、替换
|
}else if(regionDict.getFunctionId()==207 || regionDict.getFunctionId()==208 || regionDict.getFunctionId()==209) {// HTTP(s)阻断、重定向、替换
|
||||||
String userRegion = Constants.USER_REGION_PLACEHOLDER;
|
String userRegion = Constants.USER_REGION_PLACEHOLDER;
|
||||||
if(_cfg.getAction().equals(Constants.REJECT_ACTION)) {// 阻断
|
if(_cfg.getAction().equals(Constants.REJECT_ACTION)) {// 阻断
|
||||||
|
|||||||
@@ -99,7 +99,7 @@ public class IpCfgService extends CrudService<IpCfgDao,BaseIpCfg> {
|
|||||||
c.initDefaultValue();
|
c.initDefaultValue();
|
||||||
BeanUtils.copyProperties(cfg, c,new String[]{"cfgId","ipType","direction",
|
BeanUtils.copyProperties(cfg, c,new String[]{"cfgId","ipType","direction",
|
||||||
"protocol","protocolId","areaEffectiveIds","cfgRegionCode",
|
"protocol","protocolId","areaEffectiveIds","cfgRegionCode",
|
||||||
"cfgType","srcIpPattern","destIpPattern","srcIpAddress","srcPortPattern","destPortPattern","srcPort","destIpAddress","destPort"});
|
"cfgType","ipPattern","srcIpAddress","portPattern","srcPort","destIpAddress","destPort"});
|
||||||
c.setTableName(AreaIpCfg.getTablename());
|
c.setTableName(AreaIpCfg.getTablename());
|
||||||
}
|
}
|
||||||
this.saveIpBatch(cfg.getAreaCfg());
|
this.saveIpBatch(cfg.getAreaCfg());
|
||||||
@@ -353,7 +353,7 @@ public class IpCfgService extends CrudService<IpCfgDao,BaseIpCfg> {
|
|||||||
c.initDefaultValue();
|
c.initDefaultValue();
|
||||||
BeanUtils.copyProperties(cfg, c,new String[]{"cfgId","ipType","direction",
|
BeanUtils.copyProperties(cfg, c,new String[]{"cfgId","ipType","direction",
|
||||||
"protocol","protocolId","areaEffectiveIds","cfgRegionCode",
|
"protocol","protocolId","areaEffectiveIds","cfgRegionCode",
|
||||||
"cfgType","srcIpPattern","destIpPattern","srcIpAddress","srcPortPattern","destPortPattern","srcPort","destIpAddress","destPort"});
|
"cfgType","ipPattern","srcIpAddress","portPattern","srcPort","destIpAddress","destPort"});
|
||||||
c.setTableName(AreaIpCfg.getTablename());
|
c.setTableName(AreaIpCfg.getTablename());
|
||||||
c.setCreatorId(cfg.getCurrentUser().getId());
|
c.setCreatorId(cfg.getCurrentUser().getId());
|
||||||
c.setCreateTime(date);
|
c.setCreateTime(date);
|
||||||
@@ -375,11 +375,9 @@ public class IpCfgService extends CrudService<IpCfgDao,BaseIpCfg> {
|
|||||||
,"cfgType"
|
,"cfgType"
|
||||||
,"cfgId"
|
,"cfgId"
|
||||||
,"ipType"
|
,"ipType"
|
||||||
,"srcIpPattern"
|
,"ipPattern"
|
||||||
,"destIpPattern"
|
|
||||||
,"srcIpAddress"
|
,"srcIpAddress"
|
||||||
,"srcPortPattern"
|
,"portPattern"
|
||||||
,"destPortPattern"
|
|
||||||
,"srcPort"
|
,"srcPort"
|
||||||
,"destPort"
|
,"destPort"
|
||||||
,"protocol"
|
,"protocol"
|
||||||
|
|||||||
Reference in New Issue
Block a user