784 lines
32 KiB
Java
784 lines
32 KiB
Java
package com.nis.web.service.configuration;
|
||
|
||
import java.util.ArrayList;
|
||
import java.util.Date;
|
||
import java.util.HashMap;
|
||
import java.util.List;
|
||
import java.util.Map;
|
||
import java.util.Properties;
|
||
import java.util.regex.Pattern;
|
||
|
||
import org.apache.commons.lang3.StringUtils;
|
||
import org.springframework.beans.BeanUtils;
|
||
import org.springframework.beans.factory.annotation.Autowired;
|
||
import org.springframework.stereotype.Service;
|
||
import org.springframework.transaction.annotation.Transactional;
|
||
|
||
import com.nis.domain.Page;
|
||
import com.nis.domain.SysDataDictionaryItem;
|
||
import com.nis.domain.configuration.AppComplexFeatureCfg;
|
||
import com.nis.domain.configuration.AppFeatureIndex;
|
||
import com.nis.domain.configuration.AppHttpCfg;
|
||
import com.nis.domain.configuration.AppIpCfg;
|
||
import com.nis.domain.configuration.AppStringFeatureCfg;
|
||
import com.nis.domain.configuration.AppTcpCfg;
|
||
import com.nis.domain.configuration.CfgIndexInfo;
|
||
import com.nis.domain.configuration.ComplexkeywordCfg;
|
||
import com.nis.domain.configuration.HttpUrlCfg;
|
||
import com.nis.domain.configuration.IpPortCfg;
|
||
import com.nis.domain.configuration.NtcSubscribeIdCfg;
|
||
import com.nis.domain.configuration.P2pHashCfg;
|
||
import com.nis.domain.configuration.P2pKeywordCfg;
|
||
import com.nis.domain.maat.MaatCfg;
|
||
import com.nis.domain.maat.MaatCfg.DigestCfg;
|
||
import com.nis.domain.maat.MaatCfg.GroupCfg;
|
||
import com.nis.domain.maat.MaatCfg.IpCfg;
|
||
import com.nis.domain.maat.MaatCfg.NumBoundaryCfg;
|
||
import com.nis.domain.maat.MaatCfg.StringCfg;
|
||
import com.nis.domain.specific.SpecificServiceCfg;
|
||
import com.nis.domain.maat.ToMaatBean;
|
||
import com.nis.domain.maat.ToMaatResult;
|
||
import com.nis.exceptions.MaatConvertException;
|
||
import com.nis.util.ConfigServiceUtil;
|
||
import com.nis.util.Constants;
|
||
import com.nis.util.DictUtils;
|
||
import com.nis.util.StringUtil;
|
||
import com.nis.web.dao.configuration.AppMultiFeatureCfgDao;
|
||
import com.nis.web.dao.specific.SpecificServiceCfgDao;
|
||
import com.nis.web.security.UserUtils;
|
||
import com.nis.web.service.BaseService;
|
||
|
||
/**
|
||
* 特定协议相关配置事务类
|
||
*
|
||
* @author dell
|
||
*
|
||
*/
|
||
@Service
|
||
public class AppMultiFeatureCfgService extends BaseService {
|
||
@Autowired
|
||
protected AppMultiFeatureCfgDao appMultiFeatureCfgDao;
|
||
@Autowired
|
||
protected SpecificServiceCfgDao specificServiceCfgDao;
|
||
|
||
//分页查询
|
||
public Page<AppFeatureIndex> findAppFeatureIndexList(Page<AppFeatureIndex> page, AppFeatureIndex entity) {
|
||
entity.getSqlMap().put("dsf", configScopeFilter(entity.getCurrentUser(), "r"));
|
||
entity.setPage(page);
|
||
|
||
if(!StringUtil.isEmpty(entity.getSpecServiceId())){
|
||
// 查找社交应用的所有有效一级特定服务
|
||
SpecificServiceCfg appSpec = new SpecificServiceCfg();
|
||
for (SysDataDictionaryItem dict : DictUtils.getDictList("SPECIFIC_SERVICE_CFG_TYPE")) {
|
||
if (Constants.SPECIFIC_SERVICE_CFG_TYPE_APP.equals(dict.getItemValue())) {
|
||
appSpec.setCfgType(Integer.parseInt(dict.getItemCode()));
|
||
break;
|
||
}
|
||
}
|
||
appSpec.setIsValid(Constants.VALID_YES);
|
||
appSpec.setIsLeaf(0);
|
||
appSpec.setSpecServiceId(entity.getSpecServiceId());
|
||
List<SpecificServiceCfg> appList = specificServiceCfgDao.findAllSpecificServiceCfg(appSpec, null);
|
||
if (!StringUtil.isEmpty(appList)) {
|
||
SpecificServiceCfg app = appList.get(0);
|
||
entity.setAppCode(app.getSpecServiceCode());
|
||
}
|
||
}
|
||
|
||
List<AppFeatureIndex> list = appMultiFeatureCfgDao.findAppFeatureIndexList(entity);
|
||
page.setList(list);
|
||
return page;
|
||
}
|
||
|
||
//分页查询
|
||
public List<AppFeatureIndex> findAppByFeatureIndexList(String ids) {
|
||
List<AppFeatureIndex> list = appMultiFeatureCfgDao.findAppByFeatureIndexList(ids);
|
||
return list;
|
||
}
|
||
|
||
|
||
public AppFeatureIndex getAppFeatureIndex(Long cfgId) {
|
||
return appMultiFeatureCfgDao.getAppFeatureIndex(cfgId);
|
||
}
|
||
//新增或保存复杂特征配置
|
||
@Transactional(readOnly = false, rollbackFor = RuntimeException.class)
|
||
public void saveOrUpdateAppFeatureCfg(AppFeatureIndex entity) throws Exception {
|
||
int isValid=0;
|
||
if(!StringUtil.isEmpty(entity.getIsValid()) && entity.getIsValid()==1) {
|
||
isValid=1;
|
||
}
|
||
if (entity.getCfgId() == null) {
|
||
Integer compileId = 0;
|
||
try {
|
||
List<Integer> idList = ConfigServiceUtil.getId(1, 1);
|
||
if (idList != null && idList.size() > 0) {
|
||
compileId = idList.get(0);
|
||
}
|
||
entity.setCompileId(compileId);
|
||
entity.setCreateTime(new Date());
|
||
entity.setCreatorId(entity.getCurrentUser().getId());
|
||
entity.setIsValid(0);
|
||
entity.setIsAudit(0);
|
||
appMultiFeatureCfgDao.insertAppFeatureIndex(entity);
|
||
if(entity.getIpPortList()!=null){
|
||
for(AppIpCfg cfg:entity.getIpPortList()){
|
||
BeanUtils.copyProperties(entity, cfg,new String[]{"cfgRegionCode","cfgType"});
|
||
appMultiFeatureCfgDao.insertAppIpRangeCfg(cfg);
|
||
}
|
||
}
|
||
if(entity.getStrList()!=null){
|
||
for(AppStringFeatureCfg cfg:entity.getStrList()){
|
||
if(StringUtils.isNotBlank(cfg.getCfgKeywords())){
|
||
BeanUtils.copyProperties(entity, cfg,new String[]{"cfgRegionCode","cfgType","exprType","matchMethod","isHexbin"});
|
||
if(cfg.getExprType()==null){
|
||
if(cfg.getCfgKeywords().contains(Constants.KEYWORD_EXPR)){
|
||
cfg.setExprType(1);//与表达式
|
||
}else{
|
||
cfg.setExprType(0);//无表达式
|
||
}
|
||
}
|
||
appMultiFeatureCfgDao.insertAppStringFeatureCfg(cfg);
|
||
}
|
||
|
||
}
|
||
}
|
||
if(entity.getComplexList()!=null){
|
||
for(AppComplexFeatureCfg cfg:entity.getComplexList()){
|
||
if(StringUtils.isNotBlank(cfg.getDistrict()) && (cfg.getDistrict().equals("L3_header_IP")||cfg.getDistrict().equals("L3_header_ICMP"))){
|
||
BeanUtils.copyProperties(entity, cfg,new String[]{"cfgRegionCode","cfgType","exprType","matchMethod","isHexbin"});
|
||
cfg.setIsHexbin(1);
|
||
cfg.setIsCaseInsenstive(0);
|
||
cfg.setExprType(3);
|
||
cfg.setMatchMethod(0);
|
||
this.setL3HeaderKeyword(cfg);
|
||
appMultiFeatureCfgDao.insertAppComplexFeatureCfg(cfg);
|
||
|
||
}else if(StringUtils.isNotBlank(cfg.getDistrict()) && cfg.getDistrict().equals("Payload") && cfg.getExprType()==3){
|
||
BeanUtils.copyProperties(entity, cfg,new String[]{"cfgRegionCode","cfgType","exprType","matchMethod","isHexbin"});
|
||
cfg.setIsHexbin(1);
|
||
cfg.setIsCaseInsenstive(0);
|
||
cfg.setExprType(3);
|
||
cfg.setMatchMethod(0);
|
||
cfg.setHeaderType(null);
|
||
//设置payload特征的偏移量表达之关键字字符串
|
||
cfg.setCfgKeywords(cfg.getPayloadOffset()+"-"+((cfg.getCfgKeywords().length()/2)+cfg.getPayloadOffset())+":"+cfg.getCfgKeywords());
|
||
appMultiFeatureCfgDao.insertAppComplexFeatureCfg(cfg);
|
||
|
||
}else if(StringUtils.isNotBlank(cfg.getCfgKeywords())){
|
||
BeanUtils.copyProperties(entity, cfg,new String[]{"cfgRegionCode","cfgType","exprType","matchMethod","isHexbin"});
|
||
cfg.setHeaderType(null);
|
||
if(cfg.getExprType()==null){
|
||
if(cfg.getCfgKeywords().contains(Constants.KEYWORD_EXPR)){
|
||
cfg.setExprType(1);//与表达式
|
||
}else{
|
||
cfg.setExprType(0);//无表达式
|
||
}
|
||
}
|
||
|
||
appMultiFeatureCfgDao.insertAppComplexFeatureCfg(cfg);
|
||
}
|
||
|
||
}
|
||
}
|
||
if(entity.getNumCfgList()!=null){
|
||
for(AppTcpCfg cfg:entity.getNumCfgList()){
|
||
if(cfg.getLowBoundary()!=null && cfg.getUpBoundary()!=null){
|
||
BeanUtils.copyProperties(entity, cfg,new String[]{"cfgRegionCode","cfgType"});
|
||
appMultiFeatureCfgDao.insertAppTcpCfg(cfg);//复用AppTcpCfg对象作为数值类对象
|
||
}
|
||
|
||
}
|
||
}
|
||
|
||
} catch (Exception e) {
|
||
e.printStackTrace();
|
||
logger.info("获取编译ID出错");
|
||
throw new MaatConvertException(e.getMessage());
|
||
}
|
||
if(isValid==1) {
|
||
entity.setIsAudit(1);
|
||
entity.setIsValid(1);
|
||
auditAppFeatureCfg(entity, entity.getIsAudit(),Constants.INSERT_ACTION);
|
||
}
|
||
} else {
|
||
entity.setEditorId(entity.getCurrentUser().getId());
|
||
entity.setEditTime(new Date());
|
||
entity.setIsValid(0);
|
||
entity.setIsAudit(0);
|
||
appMultiFeatureCfgDao.updateAppFeatureIndex(entity);
|
||
appMultiFeatureCfgDao.deleteAppIpRangeCfg(entity);
|
||
appMultiFeatureCfgDao.deleteAppStringFeatureCfg(entity);
|
||
appMultiFeatureCfgDao.deleteAppComplexFeatureCfg(entity);
|
||
appMultiFeatureCfgDao.deleteAppTcpCfg(entity);//复用AppTcpCfg对象作为数值类对象
|
||
entity.setCreateTime(new Date());
|
||
entity.setCreatorId(entity.getCurrentUser().getId());
|
||
if(entity.getIpPortList()!=null){
|
||
for(AppIpCfg cfg:entity.getIpPortList()){
|
||
BeanUtils.copyProperties(entity, cfg,new String[]{"cfgRegionCode","cfgType"});
|
||
appMultiFeatureCfgDao.insertAppIpRangeCfg(cfg);
|
||
}
|
||
}
|
||
if(entity.getStrList()!=null){
|
||
for(AppStringFeatureCfg cfg:entity.getStrList()){
|
||
if(StringUtils.isNotBlank(cfg.getCfgKeywords())){
|
||
BeanUtils.copyProperties(entity, cfg,new String[]{"cfgRegionCode","cfgType","exprType","matchMethod","isHexbin"});
|
||
if(cfg.getExprType()==null){
|
||
if(cfg.getCfgKeywords().contains(Constants.KEYWORD_EXPR)){
|
||
cfg.setExprType(1);//与表达式
|
||
}else{
|
||
cfg.setExprType(0);//无表达式
|
||
}
|
||
}
|
||
appMultiFeatureCfgDao.insertAppStringFeatureCfg(cfg);
|
||
}
|
||
}
|
||
}
|
||
if(entity.getComplexList()!=null){
|
||
for(AppComplexFeatureCfg cfg:entity.getComplexList()){
|
||
if(StringUtils.isNotBlank(cfg.getDistrict()) && (cfg.getDistrict().equals("L3_header_IP")||cfg.getDistrict().equals("L3_header_ICMP"))){
|
||
BeanUtils.copyProperties(entity, cfg,new String[]{"cfgRegionCode","cfgType","exprType","matchMethod","isHexbin"});
|
||
cfg.setIsHexbin(1);
|
||
cfg.setIsCaseInsenstive(0);
|
||
cfg.setExprType(3);
|
||
cfg.setMatchMethod(0);
|
||
this.setL3HeaderKeyword(cfg);
|
||
appMultiFeatureCfgDao.insertAppComplexFeatureCfg(cfg);
|
||
|
||
}else if(StringUtils.isNotBlank(cfg.getDistrict()) && cfg.getDistrict().equals("Payload") && cfg.getExprType()==3){
|
||
BeanUtils.copyProperties(entity, cfg,new String[]{"cfgRegionCode","cfgType","exprType","matchMethod","isHexbin"});
|
||
cfg.setIsHexbin(1);
|
||
cfg.setIsCaseInsenstive(0);
|
||
cfg.setExprType(3);
|
||
cfg.setMatchMethod(0);
|
||
cfg.setHeaderType(null);
|
||
//设置payload特征的偏移量表达之关键字字符串
|
||
cfg.setCfgKeywords(cfg.getPayloadOffset()+"-"+((cfg.getCfgKeywords().length()/2)+cfg.getPayloadOffset())+":"+cfg.getCfgKeywords());
|
||
appMultiFeatureCfgDao.insertAppComplexFeatureCfg(cfg);
|
||
|
||
}else if(StringUtils.isNotBlank(cfg.getCfgKeywords())){
|
||
BeanUtils.copyProperties(entity, cfg,new String[]{"cfgRegionCode","cfgType","exprType","matchMethod","isHexbin"});
|
||
cfg.setHeaderType(null);
|
||
if(cfg.getExprType()==null){
|
||
if(cfg.getCfgKeywords().contains(Constants.KEYWORD_EXPR)){
|
||
cfg.setExprType(1);//与表达式
|
||
}else{
|
||
cfg.setExprType(0);//无表达式
|
||
}
|
||
}
|
||
appMultiFeatureCfgDao.insertAppComplexFeatureCfg(cfg);
|
||
}
|
||
}
|
||
}
|
||
if(entity.getNumCfgList()!=null){
|
||
for(AppTcpCfg cfg:entity.getNumCfgList()){
|
||
if(cfg.getLowBoundary()!=null && cfg.getUpBoundary()!=null){
|
||
BeanUtils.copyProperties(entity, cfg,new String[]{"cfgRegionCode","cfgType"});
|
||
appMultiFeatureCfgDao.insertAppTcpCfg(cfg);
|
||
}
|
||
}
|
||
}
|
||
if(isValid==1) {
|
||
entity.setIsAudit(1);
|
||
entity.setIsValid(1);
|
||
auditAppFeatureCfg(entity, entity.getIsAudit(),Constants.UPDATE_ACTION);
|
||
}
|
||
}
|
||
}
|
||
|
||
public void setL3HeaderKeyword(AppComplexFeatureCfg cfg) {
|
||
String keyword = "";
|
||
if(cfg.getHeaderType().equals("L3_header_IP")){
|
||
/*if(StringUtils.isNoneBlank(cfg.getVer())){
|
||
keyword += "0-3:"+cfg.getVer()+Constants.KEYWORD_EXPR;
|
||
}
|
||
if(StringUtils.isNotBlank(cfg.getIhl())){
|
||
keyword += "4-7:"+cfg.getIhl()+Constants.KEYWORD_EXPR;
|
||
}*/
|
||
if(StringUtils.isNotBlank(cfg.getTos())){
|
||
keyword += "1-2:"+cfg.getTos()+Constants.KEYWORD_EXPR;
|
||
}
|
||
if(StringUtils.isNotBlank(cfg.getTotalLength())){
|
||
keyword += "2-4:"+cfg.getTotalLength()+Constants.KEYWORD_EXPR;
|
||
}
|
||
if(StringUtils.isNotBlank(cfg.getProtocol())){
|
||
keyword += "9-10:"+cfg.getProtocol()+Constants.KEYWORD_EXPR;
|
||
}
|
||
if(StringUtils.isNotBlank(cfg.getFragmentOffset())){//记录IP头的客户端IP
|
||
keyword += "12-16:"+cfg.getFragmentOffset()+Constants.KEYWORD_EXPR;
|
||
}
|
||
if(StringUtils.isNotBlank(cfg.getFlags())){//记录IP头的服务端IP
|
||
keyword += "16-20:"+cfg.getFlags()+Constants.KEYWORD_EXPR;
|
||
}
|
||
|
||
}else{
|
||
if(StringUtils.isNoneBlank(cfg.getIcmpType())){
|
||
keyword += "0-1:"+cfg.getIcmpType()+Constants.KEYWORD_EXPR;
|
||
}
|
||
if(StringUtils.isNotBlank(cfg.getIcmpCode())){
|
||
keyword += "1-2:"+cfg.getIcmpCode()+Constants.KEYWORD_EXPR;
|
||
}
|
||
if(StringUtils.isNotBlank(cfg.getIcmpIdentifier())){
|
||
keyword += "4-6:"+cfg.getIcmpIdentifier()+Constants.KEYWORD_EXPR;
|
||
}
|
||
}
|
||
keyword=keyword.substring(0,keyword.lastIndexOf(Constants.KEYWORD_EXPR));
|
||
cfg.setCfgKeywords(keyword);
|
||
}
|
||
|
||
public void auditAppFeatureCfg(AppFeatureIndex entity, Integer isAudit,Integer opAction) {
|
||
entity.setIsAudit(isAudit);
|
||
entity.setAuditorId(UserUtils.getUser().getId());
|
||
entity.setAuditTime(new Date());
|
||
|
||
ToMaatBean maatBean = new ToMaatBean();
|
||
MaatCfg maatCfg = new MaatCfg();
|
||
List<MaatCfg> configCompileList = new ArrayList();
|
||
List<GroupCfg> groupRelationList = new ArrayList();
|
||
List<IpCfg> ipRegionList = new ArrayList();
|
||
List<StringCfg> strRegionList = new ArrayList();
|
||
List<NumBoundaryCfg> numRegionList = new ArrayList();
|
||
List<DigestCfg> digestRegionList = new ArrayList();
|
||
List<IpCfg> areaIpRegionList = new ArrayList();
|
||
entity.setTableName(AppFeatureIndex.getTablename());
|
||
appMultiFeatureCfgDao.auditCfg(entity);
|
||
|
||
/*if (isAudit == 1) {
|
||
List<AppFeatureIndex> list = new ArrayList();
|
||
list.add(entity);
|
||
Map<String, List> map = cfgConvert(strRegionList, list, 2, entity, groupRelationList);
|
||
groupRelationList = map.get("groupList");
|
||
strRegionList = map.get("dstList");
|
||
}*/
|
||
//查询APP_IP_RANGE子配置并修改审核状态
|
||
List ipRangeList = appMultiFeatureCfgDao.getAppIpRangeCfg(entity.getCompileId(),entity.getFunctionId());
|
||
if(ipRangeList!=null && ipRangeList.size()>0){
|
||
AppIpCfg cfg = new AppIpCfg();
|
||
BeanUtils.copyProperties(entity, cfg, new String[]{"cfgId"});
|
||
cfg.setTableName("APP_IP_RANGE_CFG");
|
||
appMultiFeatureCfgDao.auditCfg(cfg);
|
||
if(isAudit==1){
|
||
Map<String,List> map = cfgConvert(ipRegionList,ipRangeList,1,entity,groupRelationList);
|
||
groupRelationList=map.get("groupList");
|
||
ipRegionList=map.get("dstList");
|
||
if(map.get("numRegionList")!=null){
|
||
numRegionList.addAll(map.get("numRegionList"));
|
||
}
|
||
}
|
||
}
|
||
List<AppStringFeatureCfg> strList = appMultiFeatureCfgDao.getAppStringFeatureCfg(entity.getCompileId(),entity.getFunctionId(),null);
|
||
if(strList!=null && strList.size()>0){
|
||
AppStringFeatureCfg cfg = new AppStringFeatureCfg();
|
||
BeanUtils.copyProperties(entity, cfg, new String[]{"cfgId"});
|
||
cfg.setTableName(AppStringFeatureCfg.getTablename());
|
||
appMultiFeatureCfgDao.auditCfg(cfg);
|
||
if(isAudit==1){
|
||
Map<String,List> map = cfgConvert(strRegionList,strList,2,entity,groupRelationList);
|
||
groupRelationList=map.get("groupList");
|
||
strRegionList=map.get("dstList");
|
||
}
|
||
}
|
||
List<AppComplexFeatureCfg> complexList = appMultiFeatureCfgDao.getAppComplexFeatureCfg(entity.getCompileId(),entity.getFunctionId(),null);
|
||
if(complexList!=null && complexList.size()>0){
|
||
AppComplexFeatureCfg cfg = new AppComplexFeatureCfg();
|
||
BeanUtils.copyProperties(entity, cfg, new String[]{"cfgId"});
|
||
cfg.setTableName(AppComplexFeatureCfg.getTablename());
|
||
appMultiFeatureCfgDao.auditCfg(cfg);
|
||
if(isAudit==1){
|
||
//如果是payload特征,需要判断匹配区域是否为Payload,并且判断包大小或者本包方向,如果不为空,需要创建域配置
|
||
if(entity.getServiceId().equals(1025)){//app payload特征
|
||
for(AppComplexFeatureCfg c:complexList){
|
||
if(c.getDistrict().equals("Payload")){
|
||
//payload特征的payloadSize,payloadPacketDirection两个参数各自为单独的域配置下发
|
||
if(c.getPayloadSize()!=null){
|
||
AppComplexFeatureCfg payloadSizeCfg = new AppComplexFeatureCfg();
|
||
BeanUtils.copyProperties(c, payloadSizeCfg, new String[]{"cfgId"});
|
||
payloadSizeCfg.setCfgKeywords(c.getPayloadSize().toString());
|
||
payloadSizeCfg.setCfgType("APP_PAYLOAD_SIZE");//综合服务前端redis表名
|
||
payloadSizeCfg.setDistrict(null);
|
||
payloadSizeCfg.setExprType(0);;
|
||
payloadSizeCfg.setMatchMethod(3);
|
||
payloadSizeCfg.setIsHexbin(0);
|
||
complexList.add(payloadSizeCfg);
|
||
}
|
||
if(c.getPayloadPacketDirection()!=null){
|
||
AppComplexFeatureCfg packetDirectionCfg = new AppComplexFeatureCfg();
|
||
BeanUtils.copyProperties(c, packetDirectionCfg, new String[]{"cfgId"});
|
||
packetDirectionCfg.setCfgKeywords(c.getPayloadPacketDirection().toString());
|
||
packetDirectionCfg.setCfgType("APP_PKT_SEQ");//综合服务前端redis表名
|
||
packetDirectionCfg.setDistrict(null);
|
||
packetDirectionCfg.setExprType(0);;
|
||
packetDirectionCfg.setMatchMethod(3);
|
||
packetDirectionCfg.setIsHexbin(0);
|
||
complexList.add(packetDirectionCfg);
|
||
}
|
||
}
|
||
}
|
||
}
|
||
|
||
Map<String,List> map = cfgConvert(strRegionList,complexList,2,entity,groupRelationList);
|
||
groupRelationList=map.get("groupList");
|
||
strRegionList=map.get("dstList");
|
||
|
||
|
||
|
||
|
||
}
|
||
}
|
||
List<AppTcpCfg> numCfgList = appMultiFeatureCfgDao.getAppTcpCfg(entity.getCompileId(),entity.getFunctionId(),null);
|
||
if(numCfgList!=null && numCfgList.size()>0){
|
||
AppTcpCfg cfg = new AppTcpCfg();
|
||
BeanUtils.copyProperties(entity, cfg, new String[]{"cfgId"});
|
||
cfg.setTableName(AppTcpCfg.getTablename());
|
||
appMultiFeatureCfgDao.auditCfg(cfg);
|
||
if(isAudit==1){
|
||
Map<String,List> map = cfgConvert(numRegionList,numCfgList,4,entity,groupRelationList);
|
||
groupRelationList=map.get("groupList");
|
||
numRegionList=map.get("dstList");
|
||
}
|
||
}
|
||
// 构造提交综合服务参数格式,一条配置提交一次综合服务
|
||
if (isAudit == 1) {
|
||
maatCfg.initDefaultValue();
|
||
BeanUtils.copyProperties(entity, maatCfg);
|
||
maatCfg.setAction(entity.getAction());
|
||
maatCfg.setAuditTime(entity.getAuditTime());
|
||
maatCfg.setIpRegionList(ipRegionList);
|
||
maatCfg.setStrRegionList(strRegionList);
|
||
maatCfg.setNumRegionList(numRegionList);
|
||
maatCfg.setDigestRegionList(digestRegionList);
|
||
maatCfg.setGroupRelationList(groupRelationList);
|
||
maatCfg.setGroupNum(groupRelationList.size());
|
||
maatCfg.setAreaIpRegionList(areaIpRegionList);
|
||
maatCfg.setIsValid(entity.getIsValid());
|
||
//只有用户自定义域1字段为空,才设置maat的自定义域字段信息为APP_ID
|
||
if(StringUtil.isEmpty(entity.getUserRegion1())){
|
||
// 设置APP自定义域
|
||
String userRegion = "APP_ID=" + entity.getAppCode();
|
||
maatCfg.setUserRegion(userRegion);
|
||
}else{
|
||
maatCfg.setUserRegion(entity.getUserRegion1());
|
||
}
|
||
|
||
configCompileList.add(maatCfg);
|
||
maatBean.setConfigCompileList(configCompileList);
|
||
maatBean.setAuditTime(entity.getAuditTime());
|
||
maatBean.setCreatorName(entity.getCurrentUser().getName());
|
||
maatBean.setVersion(Constants.MAAT_VERSION);
|
||
maatBean.setOpAction(opAction);
|
||
// 调用服务接口下发配置数据
|
||
String json = gsonToJson(maatBean);
|
||
logger.info("app 特征配置下发配置参数:" + json);
|
||
// 调用服务接口下发配置
|
||
ToMaatResult result = ConfigServiceUtil.postMaatCfg(json);
|
||
logger.info("app 特征配置下发响应信息:" + result.getMsg());
|
||
|
||
} else if (isAudit == 3) {
|
||
maatCfg.setCompileId(entity.getCompileId());
|
||
maatCfg.setServiceId(entity.getServiceId());
|
||
maatCfg.setIsValid(0);// 无效
|
||
configCompileList.add(maatCfg);
|
||
maatBean.setConfigCompileList(configCompileList);
|
||
maatBean.setAuditTime(entity.getAuditTime());
|
||
maatBean.setCreatorName(entity.getCurrentUser().getName());
|
||
maatBean.setVersion(Constants.MAAT_VERSION);
|
||
maatBean.setOpAction(Constants.UPDATE_ACTION);
|
||
// 调用服务接口取消配置
|
||
String json = gsonToJson(maatBean);
|
||
logger.info("app 特征配置下发配置参数:" + json);
|
||
// 调用服务接口下发配置
|
||
ToMaatResult result = ConfigServiceUtil.put(json, 1);
|
||
logger.info("app 特征配置取消配置响应信息:" + result.getMsg());
|
||
}
|
||
}
|
||
|
||
public void updateAppFeatureCfgValid(Integer isValid, String ids, Integer functionId) {
|
||
String[] idArray = ids.split(",");
|
||
for (String id : idArray) {
|
||
AppFeatureIndex entity = new AppFeatureIndex();
|
||
entity.setCfgId(Long.parseLong(id));
|
||
entity.setIsValid(isValid);
|
||
entity.setEditorId(UserUtils.getUser().getId());
|
||
entity.setEditTime(new Date());
|
||
entity.setTableName(AppFeatureIndex.getTablename());
|
||
entity.setFunctionId(functionId);
|
||
appMultiFeatureCfgDao.updateCfgValid(entity);
|
||
//修改IP范围配置表状态
|
||
if (!StringUtil.isEmpty(entity.getIpPortList())) {
|
||
AppIpCfg cfg = new AppIpCfg();
|
||
BeanUtils.copyProperties(entity, cfg, new String[] { "cfgId" });
|
||
cfg.setTableName("APP_IP_RANGE_CFG");
|
||
appMultiFeatureCfgDao.updateCfgValid(cfg);
|
||
}
|
||
//修改字符串类配置表状态
|
||
if (!StringUtil.isEmpty(entity.getStrList())) {
|
||
AppStringFeatureCfg cfg = new AppStringFeatureCfg();
|
||
BeanUtils.copyProperties(entity, cfg, new String[] { "cfgId" });
|
||
cfg.setTableName(AppStringFeatureCfg.getTablename());
|
||
appMultiFeatureCfgDao.updateCfgValid(cfg);
|
||
}
|
||
//修改增强字符串类配置表状态
|
||
if (!StringUtil.isEmpty(entity.getComplexList())) {
|
||
AppComplexFeatureCfg cfg = new AppComplexFeatureCfg();
|
||
BeanUtils.copyProperties(entity, cfg, new String[] { "cfgId" });
|
||
cfg.setTableName(AppComplexFeatureCfg.getTablename());
|
||
appMultiFeatureCfgDao.updateCfgValid(cfg);
|
||
}
|
||
//修改数值域配置表状态
|
||
if (!StringUtil.isEmpty(entity.getNumCfgList())) {
|
||
AppTcpCfg cfg = new AppTcpCfg();
|
||
BeanUtils.copyProperties(entity, cfg, new String[] { "cfgId" });
|
||
cfg.setTableName(AppTcpCfg.getTablename());
|
||
appMultiFeatureCfgDao.updateCfgValid(cfg);
|
||
}
|
||
}
|
||
|
||
}
|
||
|
||
//字符串类特征配置列表
|
||
public List<AppStringFeatureCfg> getAppStringFeatureCfg(Integer compileId,Integer functionId,Integer cfgRegionCode){
|
||
return appMultiFeatureCfgDao.getAppStringFeatureCfg(compileId,functionId,cfgRegionCode);
|
||
}
|
||
//增强字符串类特征配置列表
|
||
public List<AppComplexFeatureCfg> getAppComplexFeatureCfg(Integer compileId,Integer functionId,Integer cfgRegionCode){
|
||
return appMultiFeatureCfgDao.getAppComplexFeatureCfg(compileId,functionId,cfgRegionCode);
|
||
}
|
||
//IP RANGE配置
|
||
public List<AppIpCfg> getAppIpRangeCfg(Integer compileId,Integer functionId){
|
||
return appMultiFeatureCfgDao.getAppIpRangeCfg(compileId,functionId);
|
||
}
|
||
//I数值域配置
|
||
public List<AppTcpCfg> getAppTcpCfg(Integer compileId,Integer functionId,Integer cfgRegionCode){
|
||
return appMultiFeatureCfgDao.getAppTcpCfg(compileId,functionId,cfgRegionCode);
|
||
}
|
||
|
||
public Map<String, List> exportFeature(AppFeatureIndex entity){
|
||
Map<String, List> dataMap=new HashMap<String, List>();
|
||
List<AppIpCfg> ipRangeList = appMultiFeatureCfgDao.getAppIpRangeCfg(entity.getCompileId(),entity.getFunctionId());
|
||
if(entity.getFunctionId()!=567){
|
||
List<AppComplexFeatureCfg> appKeyList = appMultiFeatureCfgDao.getAppComplexFeatureCfg(entity.getCompileId(),entity.getFunctionId(),null);
|
||
dataMap.put("APP_KEYWORDS", appKeyList);
|
||
}else{
|
||
List<AppStringFeatureCfg> appKeyList = appMultiFeatureCfgDao.getAppStringFeatureCfg(entity.getCompileId(),entity.getFunctionId(),null);
|
||
dataMap.put("APP_DK_GL", appKeyList);
|
||
}
|
||
dataMap.put("APP_IP_RANGE", ipRangeList);
|
||
return dataMap;
|
||
}
|
||
|
||
/**
|
||
* APP Payload L3_HEADER导入操作特殊属性限制
|
||
* @param baseStringCfg
|
||
* @param errInfo
|
||
* @param prop
|
||
*/
|
||
public void checkImportAppPayload(AppComplexFeatureCfg baseStringCfg, StringBuffer errInfo, Properties prop) {
|
||
String headerType = baseStringCfg.getHeaderType();
|
||
String ver = baseStringCfg.getVer();
|
||
String ihl = baseStringCfg.getIhl();
|
||
String tos = baseStringCfg.getTos();
|
||
String totalLength = baseStringCfg.getTotalLength();
|
||
String flags = baseStringCfg.getFlags();
|
||
String fragmentOffset = baseStringCfg.getFragmentOffset();
|
||
String protocol = baseStringCfg.getProtocol();
|
||
String icmpType = baseStringCfg.getIcmpType();
|
||
String icmpCode = baseStringCfg.getIcmpCode();
|
||
String icmpIdentifier = baseStringCfg.getIcmpIdentifier();
|
||
|
||
boolean errorFlag = false;// 除“can_not_null”外其它错误 标识
|
||
Pattern pattern = Pattern.compile("^([0-9|a-f|A-F]*)$");
|
||
StringBuffer errInfoCopy = new StringBuffer();
|
||
errInfoCopy.append(errInfo);
|
||
|
||
if("IP_header".equals(headerType)) {
|
||
boolean ipHeaderFlag = false;
|
||
List<Object> ipHeaderList = new ArrayList<>();
|
||
if(StringUtils.isNotBlank(baseStringCfg.getVer())) { ipHeaderList.add(baseStringCfg.getVer()); }
|
||
if(StringUtils.isNotBlank(baseStringCfg.getIhl())) { ipHeaderList.add(baseStringCfg.getIhl()); }
|
||
if(StringUtils.isNotBlank(baseStringCfg.getTos())) { ipHeaderList.add(baseStringCfg.getTos()); }
|
||
if(StringUtils.isNotBlank(baseStringCfg.getTotalLength())) { ipHeaderList.add(baseStringCfg.getTotalLength()); }
|
||
if(StringUtils.isNotBlank(baseStringCfg.getFlags())) { ipHeaderList.add(baseStringCfg.getFlags()); }
|
||
if(StringUtils.isNotBlank(baseStringCfg.getFragmentOffset())) { ipHeaderList.add(baseStringCfg.getFragmentOffset()); }
|
||
if(StringUtils.isNotBlank(baseStringCfg.getProtocol())) { ipHeaderList.add(baseStringCfg.getProtocol()); }
|
||
if(ipHeaderList.size() > 4) {// IP_header最多填写四个属性值
|
||
errInfo.append("IP_header " + prop.getProperty("l3_header_error")+";");
|
||
}else {
|
||
ipHeaderFlag = true;
|
||
}
|
||
|
||
int count = 0;
|
||
if(StringUtils.isBlank(ver) && ipHeaderFlag) {
|
||
errInfo.append(
|
||
String.format(prop.getProperty("can_not_null"), "VER ") + ";");
|
||
}else if(ver.trim().length() != 4 && ipHeaderFlag){
|
||
errInfo.append(
|
||
"VER "+prop.getProperty("length_error") + ";");
|
||
errorFlag = true;
|
||
}else if(!pattern.matcher(ver).matches() && ipHeaderFlag) {
|
||
errInfo.append(
|
||
"VER "+ " '" + ver + "' "+String.format(prop.getProperty("contains_non_hex_char")) + ";");
|
||
errorFlag = true;
|
||
}else {
|
||
count++;
|
||
}
|
||
|
||
if(StringUtils.isBlank(ihl) && ipHeaderFlag) {
|
||
errInfo.append(
|
||
String.format(prop.getProperty("can_not_null"), "IHL ") + ";");
|
||
}else if(ihl.trim().length() != 4 && ipHeaderFlag){
|
||
errInfo.append(
|
||
"IHL "+prop.getProperty("length_error") + ";");
|
||
errorFlag = true;
|
||
}else if(!pattern.matcher(ihl).matches() && ipHeaderFlag) {
|
||
errInfo.append(
|
||
"IHL "+ " '" + ihl + "' "+String.format(prop.getProperty("contains_non_hex_char")) + ";");
|
||
errorFlag = true;
|
||
}else {
|
||
count++;
|
||
}
|
||
|
||
if(StringUtils.isBlank(tos) && ipHeaderFlag) {
|
||
errInfo.append(
|
||
String.format(prop.getProperty("can_not_null"), "TOS ") + ";");
|
||
}else if(tos.trim().length() != 8 && ipHeaderFlag){
|
||
errInfo.append(
|
||
"TOS "+prop.getProperty("length_error") + ";");
|
||
errorFlag = true;
|
||
}else if(!pattern.matcher(tos).matches() && ipHeaderFlag) {
|
||
errInfo.append(
|
||
"TOS "+ " '" + tos + "' "+String.format(prop.getProperty("contains_non_hex_char")) + ";");
|
||
errorFlag = true;
|
||
}else {
|
||
count++;
|
||
}
|
||
|
||
if(StringUtils.isBlank(totalLength) && ipHeaderFlag) {
|
||
errInfo.append(
|
||
String.format(prop.getProperty("can_not_null"), "Total Length ") + ";");
|
||
}else if(totalLength.trim().length() != 16 && ipHeaderFlag){
|
||
errInfo.append(
|
||
"Total Length "+prop.getProperty("length_error") + ";");
|
||
errorFlag = true;
|
||
}else if(!pattern.matcher(totalLength).matches() && ipHeaderFlag) {
|
||
errInfo.append(
|
||
"Total Length "+ " '" + totalLength + "' "+String.format(prop.getProperty("contains_non_hex_char")) + ";");
|
||
errorFlag = true;
|
||
}else {
|
||
count++;
|
||
}
|
||
|
||
if(StringUtils.isBlank(flags) && ipHeaderFlag) {
|
||
errInfo.append(
|
||
String.format(prop.getProperty("can_not_null"), "Flags ") + ";");
|
||
}else if(flags.trim().length() != 3 && ipHeaderFlag){
|
||
errInfo.append(
|
||
"Flags "+prop.getProperty("length_error") + ";");
|
||
errorFlag = true;
|
||
}else if(!pattern.matcher(flags).matches() && ipHeaderFlag) {
|
||
errInfo.append(
|
||
"Flags "+ " '" + flags + "' "+String.format(prop.getProperty("contains_non_hex_char")) + ";");
|
||
errorFlag = true;
|
||
}else {
|
||
count++;
|
||
}
|
||
|
||
if(StringUtils.isBlank(fragmentOffset) && ipHeaderFlag) {
|
||
errInfo.append(
|
||
String.format(prop.getProperty("can_not_null"), "fragment offset ") + ";");
|
||
}else if(fragmentOffset.trim().length() != 8 && ipHeaderFlag){
|
||
errInfo.append(
|
||
"fragment offset "+prop.getProperty("length_error") + ";");
|
||
errorFlag = true;
|
||
}else if(!pattern.matcher(fragmentOffset).matches() && ipHeaderFlag) {
|
||
errInfo.append(
|
||
"fragment offset "+ " '" + fragmentOffset + "' "+String.format(prop.getProperty("contains_non_hex_char")) + ";");
|
||
errorFlag = true;
|
||
}else {
|
||
count++;
|
||
}
|
||
|
||
if(StringUtils.isBlank(protocol) && ipHeaderFlag) {
|
||
errInfo.append(
|
||
String.format(prop.getProperty("can_not_null"), "Protocol ") + ";");
|
||
}else if(protocol.trim().length() != 8 && ipHeaderFlag){
|
||
errInfo.append(
|
||
"Protocol "+prop.getProperty("length_error") + ";");
|
||
errorFlag = true;
|
||
}else if(!pattern.matcher(protocol).matches() && ipHeaderFlag) {
|
||
errInfo.append(
|
||
"Protocol "+ " '" + protocol + "' "+String.format(prop.getProperty("contains_non_hex_char")) + ";");
|
||
errorFlag = true;
|
||
}else {
|
||
count++;
|
||
}
|
||
|
||
if((0<count) && (count<5) && (!errorFlag) && (ipHeaderFlag)) {// 清空错误信息
|
||
errInfo.setLength(0);;
|
||
errInfo.append(errInfoCopy);
|
||
}
|
||
baseStringCfg.setIcmpType(null);
|
||
baseStringCfg.setIcmpCode(null);
|
||
baseStringCfg.setIcmpIdentifier(null);
|
||
}else {
|
||
int count = 0;
|
||
if(StringUtils.isBlank(icmpType)) {
|
||
errInfo.append(
|
||
String.format(prop.getProperty("can_not_null"), "ICMP type ") + ";");
|
||
}else if(icmpType.trim().length() != 8){
|
||
errInfo.append(
|
||
"ICMP type "+prop.getProperty("length_error") + ";");
|
||
errorFlag = true;
|
||
}else if(!pattern.matcher(icmpType).matches()) {
|
||
errInfo.append(
|
||
"ICMP type "+ " '" + icmpType + "' "+String.format(prop.getProperty("contains_non_hex_char")) + ";");
|
||
errorFlag = true;
|
||
}else {
|
||
count++;
|
||
}
|
||
|
||
if(StringUtils.isBlank(icmpCode)) {
|
||
errInfo.append(
|
||
String.format(prop.getProperty("can_not_null"), "ICMP code ") + ";");
|
||
}else if(icmpCode.trim().length() != 8){
|
||
errInfo.append(
|
||
"ICMP code "+prop.getProperty("length_error") + ";");
|
||
errorFlag = true;
|
||
}else if(!pattern.matcher(icmpCode).matches()) {
|
||
errInfo.append(
|
||
"ICMP code "+ " '" + icmpCode + "' "+String.format(prop.getProperty("contains_non_hex_char")) + ";");
|
||
errorFlag = true;
|
||
}else {
|
||
count++;
|
||
}
|
||
|
||
if(StringUtils.isBlank(icmpIdentifier)) {
|
||
errInfo.append(
|
||
String.format(prop.getProperty("can_not_null"), "ICMP identifier ") + ";");
|
||
}else if(icmpIdentifier.trim().length() != 16){
|
||
errInfo.append(
|
||
"ICMP identifier "+prop.getProperty("length_error") + ";");
|
||
errorFlag = true;
|
||
}else if(!pattern.matcher(icmpIdentifier).matches()) {
|
||
errInfo.append(
|
||
"ICMP identifier "+ " '" + icmpIdentifier + "' "+String.format(prop.getProperty("contains_non_hex_char")) + ";");
|
||
errorFlag = true;
|
||
}else {
|
||
count++;
|
||
}
|
||
|
||
if((count >0) && (!errorFlag)) {// 清空错误信息
|
||
errInfo.setLength(0);;
|
||
errInfo.append(errInfoCopy);
|
||
}
|
||
baseStringCfg.setVer(null);
|
||
baseStringCfg.setIhl(null);
|
||
baseStringCfg.setTos(null);
|
||
baseStringCfg.setTotalLength(null);
|
||
baseStringCfg.setFlags(null);
|
||
baseStringCfg.setFragmentOffset(null);
|
||
baseStringCfg.setProtocol(null);
|
||
}
|
||
|
||
}
|
||
|
||
}
|