1.修改app payload特征，拆分L3_header为L3_header_IP,L3_header_ICMP,支持偏移量表达式；

2.域名统计界面的域名查询条件，去除id=0(Other)的域名查询； 3.通联关系日志的下拉列表查询条件，增select为空的条件，否则reset时，全部定位在了Other。
2019-01-13 21:32:25 +06:00
parent 1766fd80bd
commit eb0f298058
11 changed files with 397 additions and 79 deletions
--- a/src/main/java/com/nis/domain/configuration/AppComplexFeatureCfg.java
+++ b/src/main/java/com/nis/domain/configuration/AppComplexFeatureCfg.java
@@ -55,6 +55,11 @@ public class AppComplexFeatureCfg extends BaseCfg<AppComplexFeatureCfg> {
 	private String icmpCode;
 	private String icmpIdentifier;
 	private String headerType;
+	//以下参数为APP payload payload的特殊属性（偏移量表达式时处理）
+	private Integer payloadOffset;
+	private Integer payloadSize;//下发综合服务接口时，为单独的域配置
+	private String payloadPacketDirection;//下发综合服务接口时，为单独的域配置
+	
 	
 	public String getCfgRegionCode1() {
 		return cfgRegionCode1;
@@ -299,5 +304,28 @@ public class AppComplexFeatureCfg extends BaseCfg<AppComplexFeatureCfg> {
 		this.headerType = headerType;
 	}

+	public Integer getPayloadOffset() {
+		return payloadOffset;
+	}
+
+	public void setPayloadOffset(Integer payloadOffset) {
+		this.payloadOffset = payloadOffset;
+	}
+
+	public Integer getPayloadSize() {
+		return payloadSize;
+	}
+
+	public void setPayloadSize(Integer payloadSize) {
+		this.payloadSize = payloadSize;
+	}
+
+	public String getPayloadPacketDirection() {
+		return payloadPacketDirection;
+	}
+
+	public void setPayloadPacketDirection(String payloadPacketDirection) {
+		this.payloadPacketDirection = payloadPacketDirection;
+	}
 	
 }
--- a/src/main/java/com/nis/domain/configuration/AppFeatureIndex.java
+++ b/src/main/java/com/nis/domain/configuration/AppFeatureIndex.java
@@ -46,6 +46,12 @@ public class AppFeatureIndex extends BaseCfg<AppFeatureIndex> {
 	private String cfgRegionType;
 	private String cfgRegionValue;
 	private String cfgRegionCode1;
+	private Integer isDrop;//
+	private Integer isLoop;
+	private Integer dropTime;//drop持续时间，默认180s，0-1800s
+	private Integer loopTime;//loop持续时间，默认180s，0-1800s
+	private Integer isRelation;
+	private Integer relationTime;//关联持续时间，默认10s，0-180s
 	public static String getTablename() {
 		return tableName;
 	}
@@ -133,5 +139,59 @@ public class AppFeatureIndex extends BaseCfg<AppFeatureIndex> {
 	public void setNumCfgList(List<AppTcpCfg> numCfgList) {
 		this.numCfgList = numCfgList;
 	}
+	public Integer getExprType() {
+		return exprType;
+	}
+	public void setExprType(Integer exprType) {
+		this.exprType = exprType;
+	}
+	public Integer getMatchMethod() {
+		return matchMethod;
+	}
+	public void setMatchMethod(Integer matchMethod) {
+		this.matchMethod = matchMethod;
+	}
+	public Integer getIsHexbin() {
+		return isHexbin;
+	}
+	public void setIsHexbin(Integer isHexbin) {
+		this.isHexbin = isHexbin;
+	}
+	public Integer getIsDrop() {
+		return isDrop;
+	}
+	public void setIsDrop(Integer isDrop) {
+		this.isDrop = isDrop;
+	}
+	public Integer getIsLoop() {
+		return isLoop;
+	}
+	public void setIsLoop(Integer isLoop) {
+		this.isLoop = isLoop;
+	}
+	public Integer getDropTime() {
+		return dropTime;
+	}
+	public void setDropTime(Integer dropTime) {
+		this.dropTime = dropTime;
+	}
+	public Integer getLoopTime() {
+		return loopTime;
+	}
+	public void setLoopTime(Integer loopTime) {
+		this.loopTime = loopTime;
+	}
+	public Integer getIsRelation() {
+		return isRelation;
+	}
+	public void setIsRelation(Integer isRelation) {
+		this.isRelation = isRelation;
+	}
+	public Integer getRelationTime() {
+		return relationTime;
+	}
+	public void setRelationTime(Integer relationTime) {
+		this.relationTime = relationTime;
+	}

 }
--- a/src/main/java/com/nis/web/dao/configuration/AppMultiFeatureCfgDao.xml
+++ b/src/main/java/com/nis/web/dao/configuration/AppMultiFeatureCfgDao.xml
@@ -115,6 +115,9 @@
    <result column="icmp_code" property="icmpCode" jdbcType="VARCHAR" />
    <result column="icmp_identifier" property="icmpIdentifier" jdbcType="VARCHAR" />
    <result column="header_type" property="headerType" jdbcType="VARCHAR" />
+    <result column="payload_offset" property="payloadOffset" jdbcType="INTEGER" />
+    <result column="payload_size" property="payloadSize" jdbcType="INTEGER" />
+    <result column="payload_packet_direction" property="payloadPacketDirection" jdbcType="VARCHAR" />
  </resultMap>
  <!-- APP字符串类配置映射 -->
  <resultMap id="AppStringFeatureCfgMap" type="com.nis.domain.configuration.AppStringFeatureCfg" >
@@ -204,7 +207,7 @@
    r.ATTRIBUTE,r.LABLE,r.AREA_EFFECTIVE_IDS,r.FUNCTION_ID,r.CFG_TYPE,r.CFG_REGION_CODE,
    r.DISTRICT,r.CFG_KEYWORDS,r.EXPR_TYPE,r.MATCH_METHOD,r.IS_HEXBIN,r.DO_LOG,
    r.ver,r.ihl,r.tos,r.total_length,r.flags,r.fragment_offset,r.protocol,r.icmp_type,r.icmp_code,r.icmp_identifier,
-    r.header_type
+    r.header_type,r.payload_offset,r.payload_size,r.payload_packet_direction
  </sql>
  
  <sql id="AppStringFeatureCfg_Column" >
@@ -540,7 +543,8 @@
    SERVICE_ID,REQUEST_ID,COMPILE_ID,IS_AREA_EFFECTIVE,CLASSIFY,
    ATTRIBUTE,LABLE,AREA_EFFECTIVE_IDS,FUNCTION_ID,CFG_TYPE,CFG_REGION_CODE,
    DISTRICT,CFG_KEYWORDS,EXPR_TYPE,MATCH_METHOD,IS_HEXBIN,DO_LOG,user_region1,user_region2,user_region3,user_region4,user_region5,
-    ver,ihl,tos,total_length,flags,fragment_offset,protocol,icmp_type,icmp_code,icmp_identifier,header_type
+    ver,ihl,tos,total_length,flags,fragment_offset,protocol,icmp_type,icmp_code,icmp_identifier,header_type,
+    payload_offset,payload_size,payload_packet_direction
    )values (
     <include refid="AppCommonCfg_Value_List" />,
     #{cfgType,jdbcType=VARCHAR},#{cfgRegionCode,jdbcType=INTEGER},
@@ -550,7 +554,8 @@
    #{userRegion3,jdbcType=VARCHAR},#{userRegion4,jdbcType=VARCHAR},#{userRegion5,jdbcType=VARCHAR},
    #{ver,jdbcType=VARCHAR},#{ihl,jdbcType=VARCHAR},#{tos,jdbcType=VARCHAR},#{totalLength,jdbcType=VARCHAR},
    #{flags,jdbcType=VARCHAR},#{fragmentOffset,jdbcType=VARCHAR},#{protocol,jdbcType=VARCHAR},#{icmpType,jdbcType=VARCHAR},
-    #{icmpCode,jdbcType=VARCHAR},#{icmpIdentifier,jdbcType=VARCHAR},#{headerType,jdbcType=VARCHAR}
+    #{icmpCode,jdbcType=VARCHAR},#{icmpIdentifier,jdbcType=VARCHAR},#{headerType,jdbcType=VARCHAR},
+    #{payloadOffset,jdbcType=INTEGER},#{payloadSize,jdbcType=INTEGER},#{payloadPacketDirection,jdbcType=VARCHAR}
    )
  </insert>
  
@@ -562,7 +567,8 @@
    SERVICE_ID,REQUEST_ID,COMPILE_ID,IS_AREA_EFFECTIVE,CLASSIFY,
    ATTRIBUTE,LABLE,AREA_EFFECTIVE_IDS,FUNCTION_ID,CFG_TYPE,CFG_REGION_CODE,
    DISTRICT,CFG_KEYWORDS,EXPR_TYPE,MATCH_METHOD,IS_HEXBIN,DO_LOG,user_region1,user_region2,user_region3,user_region4,user_region5,
-    ver,ihl,tos,total_length,flags,fragment_offset,protocol,icmp_type,icmp_code,icmp_identifier,header_type
+    ver,ihl,tos,total_length,flags,fragment_offset,protocol,icmp_type,icmp_code,icmp_identifier,header_type,
+    payload_offset,payload_size,payload_packet_direction    
    )values (
     <include refid="AppCommonCfg_Value_List" />,
     #{cfgType,jdbcType=VARCHAR},#{cfgRegionCode,jdbcType=INTEGER},
@@ -572,7 +578,8 @@
    #{userRegion3,jdbcType=VARCHAR},#{userRegion4,jdbcType=VARCHAR},#{userRegion5,jdbcType=VARCHAR},
    #{ver,jdbcType=VARCHAR},#{ihl,jdbcType=VARCHAR},#{tos,jdbcType=VARCHAR},#{totalLength,jdbcType=VARCHAR},
    #{flags,jdbcType=VARCHAR},#{fragmentOffset,jdbcType=VARCHAR},#{protocol,jdbcType=VARCHAR},#{icmpType,jdbcType=VARCHAR},
-    #{icmpCode,jdbcType=VARCHAR},#{icmpIdentifier,jdbcType=VARCHAR},#{headerType,jdbcType=VARCHAR}
+    #{icmpCode,jdbcType=VARCHAR},#{icmpIdentifier,jdbcType=VARCHAR},#{headerType,jdbcType=VARCHAR},
+    #{payloadOffset,jdbcType=INTEGER},#{payloadSize,jdbcType=INTEGER},#{payloadPacketDirection,jdbcType=VARCHAR}
    )
  </insert>
  
--- a/src/main/java/com/nis/web/service/configuration/AppMultiFeatureCfgService.java
+++ b/src/main/java/com/nis/web/service/configuration/AppMultiFeatureCfgService.java
@@ -100,7 +100,14 @@ public class AppMultiFeatureCfgService extends BaseService {
 				if(entity.getStrList()!=null){
 					for(AppStringFeatureCfg cfg:entity.getStrList()){
 						if(StringUtils.isNotBlank(cfg.getCfgKeywords())){
-							BeanUtils.copyProperties(entity, cfg,new String[]{"cfgRegionCode","cfgType"});
+							BeanUtils.copyProperties(entity, cfg,new String[]{"cfgRegionCode","cfgType","exprType","matchMethod","isHexbin"});
+							if(cfg.getExprType()==null){
+								if(cfg.getCfgKeywords().contains(Constants.KEYWORD_EXPR)){
+									cfg.setExprType(1);//与表达式
+								}else{
+									cfg.setExprType(0);//无表达式
+								}
+							}
 							appMultiFeatureCfgDao.insertAppStringFeatureCfg(cfg);
 						}
 						
@@ -108,8 +115,8 @@ public class AppMultiFeatureCfgService extends BaseService {
 				}
 				if(entity.getComplexList()!=null){
 					for(AppComplexFeatureCfg cfg:entity.getComplexList()){
-						if(StringUtils.isNotBlank(cfg.getDistrict()) && cfg.getDistrict().equals("L3_header")){
-							BeanUtils.copyProperties(entity, cfg,new String[]{"cfgRegionCode","cfgType"});
+						if(StringUtils.isNotBlank(cfg.getDistrict()) && (cfg.getDistrict().equals("L3_header_IP")||cfg.getDistrict().equals("L3_header_ICMP"))){
+							BeanUtils.copyProperties(entity, cfg,new String[]{"cfgRegionCode","cfgType","exprType","matchMethod","isHexbin"});
 							cfg.setIsHexbin(1);
 							cfg.setIsCaseInsenstive(0);
 							cfg.setExprType(3);
@@ -117,9 +124,28 @@ public class AppMultiFeatureCfgService extends BaseService {
 							this.setL3HeaderKeyword(cfg);
 							appMultiFeatureCfgDao.insertAppComplexFeatureCfg(cfg);
 							
-						}else if(StringUtils.isNotBlank(cfg.getCfgKeywords())){
-							BeanUtils.copyProperties(entity, cfg,new String[]{"cfgRegionCode","cfgType"});
+						}else if(StringUtils.isNotBlank(cfg.getDistrict()) && cfg.getDistrict().equals("Payload") && cfg.getExprType()==3){
+							BeanUtils.copyProperties(entity, cfg,new String[]{"cfgRegionCode","cfgType","exprType","matchMethod","isHexbin"});
+							cfg.setIsHexbin(1);
+							cfg.setIsCaseInsenstive(0);
+							cfg.setExprType(3);
+							cfg.setMatchMethod(0);
 							cfg.setHeaderType(null);
+							//设置payload特征的偏移量表达之关键字字符串
+							cfg.setCfgKeywords(cfg.getPayloadOffset()+"-"+cfg.getCfgKeywords().length()/2+":"+cfg.getCfgKeywords());
+							appMultiFeatureCfgDao.insertAppComplexFeatureCfg(cfg);
+							
+						}else if(StringUtils.isNotBlank(cfg.getCfgKeywords())){
+							BeanUtils.copyProperties(entity, cfg,new String[]{"cfgRegionCode","cfgType","exprType","matchMethod","isHexbin"});
+							cfg.setHeaderType(null);
+							if(cfg.getExprType()==null){
+								if(cfg.getCfgKeywords().contains(Constants.KEYWORD_EXPR)){
+									cfg.setExprType(1);//与表达式
+								}else{
+									cfg.setExprType(0);//无表达式
+								}
+							}
+							
 							appMultiFeatureCfgDao.insertAppComplexFeatureCfg(cfg);
 						}
 						
@@ -161,15 +187,22 @@ public class AppMultiFeatureCfgService extends BaseService {
 			if(entity.getStrList()!=null){
 				for(AppStringFeatureCfg cfg:entity.getStrList()){
 					if(StringUtils.isNotBlank(cfg.getCfgKeywords())){
-					BeanUtils.copyProperties(entity, cfg,new String[]{"cfgRegionCode","cfgType"});
+					BeanUtils.copyProperties(entity, cfg,new String[]{"cfgRegionCode","cfgType","exprType","matchMethod","isHexbin"});
+					if(cfg.getExprType()==null){
+						if(cfg.getCfgKeywords().contains(Constants.KEYWORD_EXPR)){
+							cfg.setExprType(1);//与表达式
+						}else{
+							cfg.setExprType(0);//无表达式
+						}
+					}
 					appMultiFeatureCfgDao.insertAppStringFeatureCfg(cfg);
 					}
 				}
 			}
 			if(entity.getComplexList()!=null){
 				for(AppComplexFeatureCfg cfg:entity.getComplexList()){
-					if(StringUtils.isNotBlank(cfg.getDistrict()) && cfg.getDistrict().equals("L3_header")){
-						BeanUtils.copyProperties(entity, cfg,new String[]{"cfgRegionCode","cfgType"});
+					if(StringUtils.isNotBlank(cfg.getDistrict()) && (cfg.getDistrict().equals("L3_header_IP")||cfg.getDistrict().equals("L3_header_ICMP"))){
+						BeanUtils.copyProperties(entity, cfg,new String[]{"cfgRegionCode","cfgType","exprType","matchMethod","isHexbin"});
 						cfg.setIsHexbin(1);
 						cfg.setIsCaseInsenstive(0);
 						cfg.setExprType(3);
@@ -177,9 +210,27 @@ public class AppMultiFeatureCfgService extends BaseService {
 						this.setL3HeaderKeyword(cfg);
 						appMultiFeatureCfgDao.insertAppComplexFeatureCfg(cfg);
 						
-					}else if(StringUtils.isNotBlank(cfg.getCfgKeywords())){
-						BeanUtils.copyProperties(entity, cfg,new String[]{"cfgRegionCode","cfgType"});
+					}else if(StringUtils.isNotBlank(cfg.getDistrict()) && cfg.getDistrict().equals("Payload") && cfg.getExprType()==3){
+						BeanUtils.copyProperties(entity, cfg,new String[]{"cfgRegionCode","cfgType","exprType","matchMethod","isHexbin"});
+						cfg.setIsHexbin(1);
+						cfg.setIsCaseInsenstive(0);
+						cfg.setExprType(3);
+						cfg.setMatchMethod(0);
 						cfg.setHeaderType(null);
+						//设置payload特征的偏移量表达之关键字字符串
+						cfg.setCfgKeywords(cfg.getPayloadOffset()+"-"+cfg.getCfgKeywords().length()/2+":"+cfg.getCfgKeywords());
+						appMultiFeatureCfgDao.insertAppComplexFeatureCfg(cfg);
+						
+					}else if(StringUtils.isNotBlank(cfg.getCfgKeywords())){
+						BeanUtils.copyProperties(entity, cfg,new String[]{"cfgRegionCode","cfgType","exprType","matchMethod","isHexbin"});
+						cfg.setHeaderType(null);
+						if(cfg.getExprType()==null){
+							if(cfg.getCfgKeywords().contains(Constants.KEYWORD_EXPR)){
+								cfg.setExprType(1);//与表达式
+							}else{
+								cfg.setExprType(0);//无表达式
+							}
+						}
 						appMultiFeatureCfgDao.insertAppComplexFeatureCfg(cfg);
 					}
 				}
@@ -197,37 +248,38 @@ public class AppMultiFeatureCfgService extends BaseService {
 	
 	public void setL3HeaderKeyword(AppComplexFeatureCfg cfg) {
 		String keyword = "";
-		if(cfg.getHeaderType().equals("IP_header")){
-			if(StringUtils.isNoneBlank(cfg.getVer())){
+		if(cfg.getHeaderType().equals("L3_header_IP")){
+			/*if(StringUtils.isNoneBlank(cfg.getVer())){
 				keyword += "0-3:"+cfg.getVer()+Constants.KEYWORD_EXPR;
 			}
 			if(StringUtils.isNotBlank(cfg.getIhl())){
 				keyword += "4-7:"+cfg.getIhl()+Constants.KEYWORD_EXPR;
-			}
+			}*/
 			if(StringUtils.isNotBlank(cfg.getTos())){
-				keyword += "8-15:"+cfg.getTos()+Constants.KEYWORD_EXPR;
+				keyword += "1-2:"+cfg.getTos()+Constants.KEYWORD_EXPR;
 			}
 			if(StringUtils.isNotBlank(cfg.getTotalLength())){
-				keyword += "16-31:"+cfg.getTotalLength()+Constants.KEYWORD_EXPR;
-			}
-			if(StringUtils.isNotBlank(cfg.getFlags())){
-				keyword += "48-50:"+cfg.getFlags()+Constants.KEYWORD_EXPR;
-			}
-			if(StringUtils.isNotBlank(cfg.getFragmentOffset())){
-				keyword += "56-63:"+cfg.getFragmentOffset()+Constants.KEYWORD_EXPR;
+				keyword += "2-4:"+cfg.getTotalLength()+Constants.KEYWORD_EXPR;
 			}
 			if(StringUtils.isNotBlank(cfg.getProtocol())){
-				keyword += "72-79:"+cfg.getProtocol()+Constants.KEYWORD_EXPR;
+				keyword += "9-10:"+cfg.getProtocol()+Constants.KEYWORD_EXPR;
 			}
+			if(StringUtils.isNotBlank(cfg.getFragmentOffset())){//记录IP头的客户端IP
+				keyword += "12-16:"+cfg.getFragmentOffset()+Constants.KEYWORD_EXPR;
+			}
+			if(StringUtils.isNotBlank(cfg.getFlags())){//记录IP头的服务端IP
+				keyword += "16-20:"+cfg.getFlags()+Constants.KEYWORD_EXPR;
+			}
+			
 		}else{
 			if(StringUtils.isNoneBlank(cfg.getIcmpType())){
-				keyword += "0-7:"+cfg.getIcmpType()+Constants.KEYWORD_EXPR;
+				keyword += "0-1:"+cfg.getIcmpType()+Constants.KEYWORD_EXPR;
 			}
 			if(StringUtils.isNotBlank(cfg.getIcmpCode())){
-				keyword += "8-15:"+cfg.getIcmpCode()+Constants.KEYWORD_EXPR;
+				keyword += "1-2:"+cfg.getIcmpCode()+Constants.KEYWORD_EXPR;
 			}
 			if(StringUtils.isNotBlank(cfg.getIcmpIdentifier())){
-				keyword += "32-47:"+cfg.getIcmpIdentifier()+Constants.KEYWORD_EXPR;
+				keyword += "4-6:"+cfg.getIcmpIdentifier()+Constants.KEYWORD_EXPR;
 			}
 		}
 		keyword=keyword.substring(0,keyword.lastIndexOf(Constants.KEYWORD_EXPR));
@@ -289,9 +341,44 @@ public class AppMultiFeatureCfgService extends BaseService {
 			cfg.setTableName(AppComplexFeatureCfg.getTablename());
 			appMultiFeatureCfgDao.auditCfg(cfg);
 			if(isAudit==1){
+				//如果是payload特征，需要判断匹配区域是否为Payload，并且判断包大小或者本包方向，如果不为空，需要创建域配置
+				if(entity.getServiceId().equals(1025)){//app payload特征
+					for(AppComplexFeatureCfg c:complexList){
+						if(c.getDistrict().equals("Payload")){
+							//payload特征的payloadSize,payloadPacketDirection两个参数各自为单独的域配置下发
+							if(c.getPayloadSize()!=null){
+								AppComplexFeatureCfg payloadSizeCfg = new AppComplexFeatureCfg();
+								BeanUtils.copyProperties(c, payloadSizeCfg, new String[]{"cfgId"});
+								payloadSizeCfg.setCfgKeywords(c.getPayloadSize().toString());
+								payloadSizeCfg.setCfgType("APP_PAYLOAD_SIZE");//综合服务前端redis表名
+								payloadSizeCfg.setDistrict(null);
+								payloadSizeCfg.setExprType(0);;
+								payloadSizeCfg.setMatchMethod(3);
+								payloadSizeCfg.setIsHexbin(0);
+								complexList.add(payloadSizeCfg);
+							}
+							if(c.getPayloadPacketDirection()!=null){
+								AppComplexFeatureCfg packetDirectionCfg = new AppComplexFeatureCfg();
+								BeanUtils.copyProperties(c, packetDirectionCfg, new String[]{"cfgId"});
+								packetDirectionCfg.setCfgKeywords(c.getPayloadPacketDirection().toString());
+								packetDirectionCfg.setCfgType("APP_PKT_SEQ");//综合服务前端redis表名
+								packetDirectionCfg.setDistrict(null);
+								packetDirectionCfg.setExprType(0);;
+								packetDirectionCfg.setMatchMethod(3);
+								packetDirectionCfg.setIsHexbin(0);
+								complexList.add(packetDirectionCfg);
+							}
+						}
+					}
+				}
+				
 				Map<String,List> map = cfgConvert(strRegionList,complexList,2,entity,groupRelationList);
 				groupRelationList=map.get("groupList");
 				strRegionList=map.get("dstList");
+				
+				
+				
+				
 			}
 		}
 		List<AppTcpCfg> numCfgList = appMultiFeatureCfgDao.getAppTcpCfg(entity.getCompileId(),entity.getFunctionId(),null);