拦截策略新增allow_http2
This commit is contained in:
wangwei
@@ -413,6 +413,7 @@ public class BaseIpCfg extends BaseCfg<BaseIpCfg> {
|
||||
protected String min;
|
||||
protected String max;
|
||||
protected Integer mirrorClient;
|
||||
protected Integer allowHttp2;
|
||||
protected Integer enable;
|
||||
protected Integer mirrorProfile;
|
||||
|
||||
@@ -494,6 +495,13 @@ public class BaseIpCfg extends BaseCfg<BaseIpCfg> {
|
||||
public void setMirrorClient(Integer mirrorClient) {
|
||||
this.mirrorClient = mirrorClient;
|
||||
}
|
||||
|
||||
public Integer getAllowHttp2() {
|
||||
return allowHttp2;
|
||||
}
|
||||
public void setAllowHttp2(Integer allowHttp2) {
|
||||
this.allowHttp2 = allowHttp2;
|
||||
}
|
||||
public Integer getEnable() {
|
||||
return enable;
|
||||
}
|
||||
|
||||
@@ -295,6 +295,7 @@ public class BaseStringCfg<T> extends BaseCfg<T> {
|
||||
protected String min;
|
||||
protected String max;
|
||||
protected Integer mirrorClient;
|
||||
protected Integer allowHttp2;
|
||||
protected Integer enable;
|
||||
protected Integer mirrorProfile;
|
||||
|
||||
@@ -375,6 +376,12 @@ public class BaseStringCfg<T> extends BaseCfg<T> {
|
||||
}
|
||||
public void setMirrorClient(Integer mirrorClient) {
|
||||
this.mirrorClient = mirrorClient;
|
||||
}
|
||||
public Integer getAllowHttp2() {
|
||||
return allowHttp2;
|
||||
}
|
||||
public void setAllowHttp2(Integer allowHttp2) {
|
||||
this.allowHttp2 = allowHttp2;
|
||||
}
|
||||
public Integer getEnable() {
|
||||
return enable;
|
||||
|
||||
@@ -34,9 +34,11 @@ public class PxyInterceptCfg extends CfgIndexInfo {
|
||||
private String max;
|
||||
@ExcelField(title="ssl_ver_mirror_client",dictType="SYS_YES_NO",sort=20)
|
||||
private String mirrorClient;
|
||||
@ExcelField(title="decrypt_mirror_enable",dictType="SYS_YES_NO",sort=21)
|
||||
@ExcelField(title="ssl_ver_allow_http2",dictType="SYS_YES_NO",sort=21)
|
||||
private String allowHttp2;
|
||||
@ExcelField(title="decrypt_mirror_enable",dictType="SYS_YES_NO",sort=22)
|
||||
private String enable;
|
||||
@ExcelField(title="decrypt_mirror_mirror_profile",sort=22)
|
||||
@ExcelField(title="decrypt_mirror_mirror_profile",sort=23)
|
||||
private String mirrorProfile;
|
||||
private String userRegion1;
|
||||
private String userRegion2;
|
||||
@@ -120,6 +122,12 @@ public class PxyInterceptCfg extends CfgIndexInfo {
|
||||
}
|
||||
public void setMirrorClient(String mirrorClient) {
|
||||
this.mirrorClient = mirrorClient;
|
||||
}
|
||||
public String getAllowHttp2() {
|
||||
return allowHttp2;
|
||||
}
|
||||
public void setAllowHttp2(String allowHttp2) {
|
||||
this.allowHttp2 = allowHttp2;
|
||||
}
|
||||
public String getEnable() {
|
||||
return enable;
|
||||
|
||||
@@ -29,6 +29,8 @@ public class InterceptDomainTemplate extends StringAllNotDoLogTemplate {
|
||||
|
||||
private Integer mirrorClient;
|
||||
|
||||
private Integer allowHttp2;
|
||||
|
||||
private Integer enable;
|
||||
|
||||
private Integer mirrorProfile;
|
||||
@@ -124,14 +126,21 @@ public class InterceptDomainTemplate extends StringAllNotDoLogTemplate {
|
||||
public void setMirrorClient(Integer mirrorClient) {
|
||||
this.mirrorClient = mirrorClient;
|
||||
}
|
||||
@ExcelField(title="decrypt_mirror_enable",align=2,sort=30)
|
||||
@ExcelField(title="ssl_ver_allow_http2",align=2,sort=30)
|
||||
public Integer getAllowHttp2() {
|
||||
return allowHttp2;
|
||||
}
|
||||
public void setAllowHttp2(Integer allowHttp2) {
|
||||
this.allowHttp2 = allowHttp2;
|
||||
}
|
||||
@ExcelField(title="decrypt_mirror_enable",align=2,sort=31)
|
||||
public Integer getEnable() {
|
||||
return enable;
|
||||
}
|
||||
public void setEnable(Integer enable) {
|
||||
this.enable = enable;
|
||||
}
|
||||
@ExcelField(title="decrypt_mirror_mirror_profile",align=2,sort=31)
|
||||
@ExcelField(title="decrypt_mirror_mirror_profile",align=2,sort=32)
|
||||
public Integer getMirrorProfile() {
|
||||
return mirrorProfile;
|
||||
}
|
||||
|
||||
@@ -30,6 +30,8 @@ public class InterceptIpTemplate extends IpAllNotDoLogTemplate {
|
||||
|
||||
private Integer mirrorClient;
|
||||
|
||||
private Integer allowHttp2;
|
||||
|
||||
private Integer enable;
|
||||
|
||||
private Integer mirrorProfile;
|
||||
@@ -125,14 +127,21 @@ public class InterceptIpTemplate extends IpAllNotDoLogTemplate {
|
||||
public void setMirrorClient(Integer mirrorClient) {
|
||||
this.mirrorClient = mirrorClient;
|
||||
}
|
||||
@ExcelField(title="decrypt_mirror_enable",align=2,sort=30)
|
||||
@ExcelField(title="ssl_ver_allow_http2",align=2,sort=30)
|
||||
public Integer getAllowHttp2() {
|
||||
return allowHttp2;
|
||||
}
|
||||
public void setAllowHttp2(Integer allowHttp2) {
|
||||
this.allowHttp2 = allowHttp2;
|
||||
}
|
||||
@ExcelField(title="decrypt_mirror_enable",align=2,sort=31)
|
||||
public Integer getEnable() {
|
||||
return enable;
|
||||
}
|
||||
public void setEnable(Integer enable) {
|
||||
this.enable = enable;
|
||||
}
|
||||
@ExcelField(title="decrypt_mirror_mirror_profile",align=2,sort=31)
|
||||
@ExcelField(title="decrypt_mirror_mirror_profile",align=2,sort=32)
|
||||
public Integer getMirrorProfile() {
|
||||
return mirrorProfile;
|
||||
}
|
||||
|
||||
@@ -896,6 +896,25 @@ public class ExportExcel {
|
||||
index++;
|
||||
}
|
||||
}
|
||||
//allow_http2
|
||||
if("ssl_ver_allow_http2".equals(headerStr)) {
|
||||
commentStr="";
|
||||
defaultValue="1";
|
||||
commentStr=msgProp.getProperty("select")+":\n"+commentStr;
|
||||
index++;
|
||||
commentStr+=1+"("+msgProp.getProperty("yes")+")\n";
|
||||
index++;
|
||||
commentStr+=0+"("+msgProp.getProperty("no")+")\n";
|
||||
index++;
|
||||
commentStr=commentStr+msgProp.getProperty("rule_desc_tip")+":\n";
|
||||
index++;
|
||||
//1、默认值说明
|
||||
if(!StringUtil.isEmpty(defaultValue)){
|
||||
commentStr=commentStr+"▶"+msgProp.getProperty("default_value")+":"+defaultValue+"\n";
|
||||
index++;
|
||||
}
|
||||
index++;
|
||||
}
|
||||
if("decrypt_mirror_enable".equals(headerStr)) {
|
||||
commentStr="";
|
||||
defaultValue="0";
|
||||
|
||||
@@ -579,6 +579,7 @@ public class CheckIpFormatThread implements Callable<String>{
|
||||
String min=baseIpCfg.getMin();
|
||||
String max=baseIpCfg.getMax();
|
||||
Integer mirrorClient=baseIpCfg.getMirrorClient();
|
||||
Integer allowHttp2=baseIpCfg.getAllowHttp2();
|
||||
Integer enable=baseIpCfg.getEnable();
|
||||
Integer mirrorProfile=baseIpCfg.getMirrorProfile();
|
||||
Map<String,Object> userRegionMap=new HashMap<>();
|
||||
@@ -726,6 +727,17 @@ public class CheckIpFormatThread implements Callable<String>{
|
||||
if(StringUtils.isBlank(max)) {
|
||||
max="tls13";
|
||||
}
|
||||
if(allowHttp2==null) {
|
||||
allowHttp2=1;
|
||||
map.put("allow_http2", allowHttp2);
|
||||
}else {
|
||||
if(allowHttp2!=0&&allowHttp2!=1) {
|
||||
errInfo.append(String.format(prop.getProperty("is_incorrect"),
|
||||
prop.getProperty("ssl_ver_allow_http2","SSL version allow http2") + " ") + ";");
|
||||
}else {
|
||||
map.put("allow_http2", allowHttp2);
|
||||
}
|
||||
}
|
||||
for(SysDataDictionaryItem sslversion: sslversions) {
|
||||
if(sslversion.getItemCode().equals(min)) {
|
||||
minSort=sslversion.getItemSort();
|
||||
|
||||
@@ -527,6 +527,7 @@ public class CheckStringFormatThread implements Callable<String>{
|
||||
String min=baseStringCfg.getMin();
|
||||
String max=baseStringCfg.getMax();
|
||||
Integer mirrorClient=baseStringCfg.getMirrorClient();
|
||||
Integer allowHttp2=baseStringCfg.getAllowHttp2();
|
||||
Integer enable=baseStringCfg.getEnable();
|
||||
Integer mirrorProfile=baseStringCfg.getMirrorProfile();
|
||||
Map<String,Object> userRegionMap=new HashMap<>();
|
||||
@@ -674,6 +675,17 @@ public class CheckStringFormatThread implements Callable<String>{
|
||||
if(StringUtils.isBlank(max)) {
|
||||
max="tls13";
|
||||
}
|
||||
if(allowHttp2==null) {
|
||||
allowHttp2=1;
|
||||
map.put("allow_http2", allowHttp2);
|
||||
}else {
|
||||
if(allowHttp2!=0&&allowHttp2!=1) {
|
||||
errInfo.append(String.format(prop.getProperty("is_incorrect"),
|
||||
prop.getProperty("ssl_ver_allow_http2","SSL version allow http2") + " ") + ";");
|
||||
}else {
|
||||
map.put("allow_http2", allowHttp2);
|
||||
}
|
||||
}
|
||||
for(SysDataDictionaryItem sslversion: sslversions) {
|
||||
if(sslversion.getItemCode().equals(min)) {
|
||||
minSort=sslversion.getItemSort();
|
||||
|
||||
@@ -198,6 +198,7 @@ public class InterceptController extends CommonController {
|
||||
//ssl_ver
|
||||
map=new HashMap<>();
|
||||
String mirror_client=request.getParameter("mirror_client");
|
||||
String allow_http2 = request.getParameter("allow_http2");
|
||||
String min=request.getParameter("min");
|
||||
String max=request.getParameter("max");
|
||||
if(StringUtils.isNotBlank(mirror_client)){
|
||||
@@ -206,6 +207,12 @@ public class InterceptController extends CommonController {
|
||||
mirror_client="0";
|
||||
map.put("mirror_client", 0);
|
||||
}
|
||||
if(StringUtils.isNotBlank(allow_http2)){
|
||||
map.put("allow_http2", Integer.parseInt(allow_http2.trim()));
|
||||
}else {
|
||||
allow_http2="1";
|
||||
map.put("allow_http2", 1);
|
||||
}
|
||||
if("0".equals(mirror_client)) {
|
||||
if(StringUtils.isNotBlank(min)){
|
||||
map.put("min", min.trim());
|
||||
@@ -546,6 +553,9 @@ public class InterceptController extends CommonController {
|
||||
if(((Map<String,Object>)userregion.get("ssl_ver")).containsKey("mirror_client")) {
|
||||
pxyInterceptCfg.setMirrorClient(((Map<String,Object>)userregion.get("ssl_ver")).get("mirror_client").toString());
|
||||
}
|
||||
if(((Map<String,Object>)userregion.get("ssl_ver")).containsKey("allow_http2")) {
|
||||
pxyInterceptCfg.setAllowHttp2(((Map<String,Object>)userregion.get("ssl_ver")).get("allow_http2").toString());
|
||||
}
|
||||
if(((Map<String,Object>)userregion.get("decrypt_mirror")).containsKey("enable")) {
|
||||
pxyInterceptCfg.setEnable(((Map<String,Object>)userregion.get("decrypt_mirror")).get("enable").toString());
|
||||
}
|
||||
|
||||
@@ -1571,6 +1571,7 @@ approach=Approach
|
||||
cert_verify=Cert Verify
|
||||
ssl_version=SSL Version
|
||||
mirror_client=Mirror Client
|
||||
allow_http2=Allow Http2
|
||||
min=Min
|
||||
max=Max
|
||||
decrypt_mirror=Decrypt Mirror
|
||||
|
||||
@@ -1573,6 +1573,7 @@ approach=Approach
|
||||
cert_verify=Cert Verify
|
||||
ssl_version=SSL Version
|
||||
mirror_client=Mirror Client
|
||||
allow_http2=Allow Http2
|
||||
min=Min
|
||||
max=Max
|
||||
decrypt_mirror=Decrypt Mirror
|
||||
|
||||
@@ -1571,6 +1571,7 @@ approach=\u63A5\u8FD1
|
||||
cert_verify=\u8BC1\u4E66\u9A8C\u8BC1
|
||||
ssl_version=SSL\u7248\u672C
|
||||
mirror_client=\u955C\u50CF\u5BA2\u6237\u7AEF
|
||||
allow_http2=Allow Http2
|
||||
min=\u6700\u5C0F
|
||||
max=\u6700\u5927
|
||||
decrypt_mirror=\u89E3\u5BC6\u955C\u50CF
|
||||
|
||||
@@ -837,6 +837,20 @@ legend{padding:.5em;border:0;width:auto;font-family: "Open Sans", sans-serif;col
|
||||
<div for="mirror_client"></div>
|
||||
</div>
|
||||
</div>
|
||||
<div class="col-md-6 ssl_version <c:if test="${_cfg.userRegion.ssl_ver.mirror_client eq 1}">hidden</c:if>"">
|
||||
<div class="form-group">
|
||||
<label class="control-label col-md-3">
|
||||
<spring:message code="allow_http2" />
|
||||
</label>
|
||||
<div class="col-md-6">
|
||||
<div class="bootstrap-switch">
|
||||
<input type="checkbox" id="allow_http2" name="allow_http2" class="switch form-control sslVersionCheck"
|
||||
value="${_cfg.cfgId eq null?1:_cfg.userRegion.ssl_ver.allow_http2 }" <c:if test="${_cfg.cfgId eq null or _cfg.userRegion.ssl_ver.allow_http2 eq 1}">checked</c:if>/>
|
||||
</div>
|
||||
</div>
|
||||
<div for="allow_http2"></div>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
<div class="row ssl_version <c:if test="${_cfg.userRegion.ssl_ver.mirror_client eq 1}">hidden</c:if>">
|
||||
<div class="col-md-6">
|
||||
|
||||
@@ -123,6 +123,7 @@
|
||||
}
|
||||
});
|
||||
$(obj).parent().find("td[data-column='mirror_client']").text(jsonObj.ssl_ver.mirror_client==1?"<spring:message code='yes'/>":"<spring:message code='no'/>");
|
||||
$(obj).parent().find("td[data-column='allow_http2']").text(jsonObj.ssl_ver.allow_http2==1?"<spring:message code='yes'/>":"<spring:message code='no'/>");
|
||||
$(obj).parent().find("td[data-column='enable']").text(jsonObj.decrypt_mirror.enable==1?"<spring:message code='yes'/>":"<spring:message code='no'/>");
|
||||
$(obj).parent().find("td[data-column='mirror_profile']").text(jsonObj.decrypt_mirror.mirror_profile);
|
||||
if(jsonObj.decrypt_mirror.mirror_profile){
|
||||
@@ -468,6 +469,7 @@
|
||||
<th column="ssl_ver_min" ><spring:message code="ssl_ver_min"/></th>
|
||||
<th column="ssl_ver_max" ><spring:message code="ssl_ver_max"/></th>
|
||||
<th column="ssl_ver_mirror_client" ><spring:message code="ssl_ver_mirror_client"/></th>
|
||||
<th column="ssl_ver_allow_http2" ><spring:message code="ssl_ver_allow_http2"/></th>
|
||||
<th column="decrypt_mirror_enable" ><spring:message code="decrypt_mirror_enable"/></th>
|
||||
<th column="decrypt_mirror_mirror_profile" ><spring:message code="decrypt_mirror_mirror_profile"/></th>
|
||||
</c:if>
|
||||
@@ -572,6 +574,7 @@
|
||||
<td data-column="min" ></td>
|
||||
<td data-column="max" ></td>
|
||||
<td data-column="mirror_client" ></td>
|
||||
<td data-column="allow_http2" ></td>
|
||||
<td data-column="enable" ></td>
|
||||
<td data-column="mirror_profile" ></td>
|
||||
</c:if>
|
||||
|
||||
Reference in New Issue
Block a user