diff --git a/src/main/java/com/realtime/protection/configuration/entity/rule/dynamicrule/AlertMessage.java b/src/main/java/com/realtime/protection/configuration/entity/rule/dynamicrule/AlertMessage.java index dacfe32..e969be5 100644 --- a/src/main/java/com/realtime/protection/configuration/entity/rule/dynamicrule/AlertMessage.java +++ b/src/main/java/com/realtime/protection/configuration/entity/rule/dynamicrule/AlertMessage.java @@ -3,16 +3,33 @@ package com.realtime.protection.configuration.entity.rule.dynamicrule; import com.fasterxml.jackson.annotation.JsonProperty; import com.realtime.protection.configuration.entity.task.FiveTupleWithMask; import lombok.Data; +import lombok.NonNull; @Data public class AlertMessage { @JsonProperty("task_id") private Long taskId; - @JsonProperty("five_tuple_with_mask") - private FiveTupleWithMask fiveTupleWithMask; @JsonProperty("dynamic_rule_id") private Integer dynamicRuleId; + + @JsonProperty("five_tuple_with_mask") + private FiveTupleWithMask fiveTupleWithMask; + + @JsonProperty("is_distribute") + private Boolean isDistribute;//待删除 + + @JsonProperty("command_uuid") + private String commandUUID; + + @JsonProperty("create_time") + private String createTime; + @JsonProperty("modify_time") + private String modifyTime; + @JsonProperty("alert_message_uuid") + private String alertMessageUUID; + } + diff --git a/src/main/java/com/realtime/protection/configuration/entity/task/FiveTupleWithMask.java b/src/main/java/com/realtime/protection/configuration/entity/task/FiveTupleWithMask.java index 33ddd5b..081da85 100644 --- a/src/main/java/com/realtime/protection/configuration/entity/task/FiveTupleWithMask.java +++ b/src/main/java/com/realtime/protection/configuration/entity/task/FiveTupleWithMask.java @@ -55,4 +55,21 @@ public class FiveTupleWithMask { @Schema(description = "协议掩码", example = "0") private String maskProtocol; + + // 复制构造函数 + public void copyFiveTupleWithMask(FiveTupleWithMask original) { + this.addrType = original.addrType; + this.sourceIP = original.sourceIP; + this.sourcePort = original.sourcePort; + this.destinationIP = original.destinationIP; + this.destinationPort = original.destinationPort; + this.protocol = original.protocol; + this.protocolNum = original.protocolNum; + this.maskSourceIP = original.maskSourceIP; + this.maskSourcePort = original.maskSourcePort; + this.maskDestinationIP = original.maskDestinationIP; + this.maskDestinationPort = original.maskDestinationPort; + this.maskProtocol = original.maskProtocol; + + } } diff --git a/src/main/java/com/realtime/protection/configuration/entity/task/TaskCommandInfo.java b/src/main/java/com/realtime/protection/configuration/entity/task/TaskCommandInfo.java index 4c8c3b8..11689e0 100644 --- a/src/main/java/com/realtime/protection/configuration/entity/task/TaskCommandInfo.java +++ b/src/main/java/com/realtime/protection/configuration/entity/task/TaskCommandInfo.java @@ -69,9 +69,14 @@ public class TaskCommandInfo { @Schema(description = "最新下发时间", accessMode = Schema.AccessMode.READ_ONLY) private LocalDateTime latestSendTime; + /* + 以下属性用于动态规则生成,不写入doris:t_command表 + */ @Schema(description = "防御策略模板ID", accessMode = Schema.AccessMode.READ_ONLY) private Integer templateId; - @Schema(description = "防护等级", accessMode = Schema.AccessMode.READ_ONLY) private Integer protectLevel; + @Schema(description = "指令所属任务的运行状态", accessMode = Schema.AccessMode.READ_ONLY) + private Integer taskStatus; + } diff --git a/src/main/java/com/realtime/protection/server/alertmessage/AlertMessageController.java b/src/main/java/com/realtime/protection/server/alertmessage/AlertMessageController.java index 726ed8a..72f75b4 100644 --- a/src/main/java/com/realtime/protection/server/alertmessage/AlertMessageController.java +++ b/src/main/java/com/realtime/protection/server/alertmessage/AlertMessageController.java @@ -1,13 +1,13 @@ package com.realtime.protection.server.alertmessage; import com.realtime.protection.configuration.entity.rule.dynamicrule.AlertMessage; +import com.realtime.protection.configuration.entity.task.TaskCommandInfo; import com.realtime.protection.configuration.response.ResponseResult; import jakarta.validation.Valid; import lombok.extern.slf4j.Slf4j; -import org.springframework.web.bind.annotation.PostMapping; -import org.springframework.web.bind.annotation.RequestBody; -import org.springframework.web.bind.annotation.RequestMapping; -import org.springframework.web.bind.annotation.RestController; +import org.springframework.web.bind.annotation.*; + +import java.util.List; @RestController @RequestMapping("alertmessage") @@ -25,4 +25,12 @@ public class AlertMessageController return ResponseResult.ok(); } + //实时任务、研判后任务:查看指令对应的告警信息 + @GetMapping("/{commandId}/alarms") + public ResponseResult queryAlarmsByCommandId(@PathVariable String commandId) { + return ResponseResult.ok() + .setData("success", true) + .setData("alarms", alertMessageService.queryAlarmsByCommandId(commandId)); + } + } diff --git a/src/main/java/com/realtime/protection/server/alertmessage/AlertMessageMapper.java b/src/main/java/com/realtime/protection/server/alertmessage/AlertMessageMapper.java index 2e8a918..d599759 100644 --- a/src/main/java/com/realtime/protection/server/alertmessage/AlertMessageMapper.java +++ b/src/main/java/com/realtime/protection/server/alertmessage/AlertMessageMapper.java @@ -1,10 +1,14 @@ package com.realtime.protection.server.alertmessage; +import com.baomidou.dynamic.datasource.annotation.DS; import com.realtime.protection.configuration.entity.defense.template.ProtectLevel; +import com.realtime.protection.configuration.entity.rule.dynamicrule.AlertMessage; import com.realtime.protection.configuration.entity.task.FiveTupleWithMask; import com.realtime.protection.configuration.entity.task.TaskCommandInfo; import org.apache.ibatis.annotations.Mapper; +import java.util.List; + @Mapper public interface AlertMessageMapper { @@ -12,5 +16,10 @@ public interface AlertMessageMapper { TaskCommandInfo getDynamicTaskInfos(Long taskId) ; - ProtectLevel queryTemplateProtectLevel(Integer templateId, Integer protectLevel, FiveTupleWithMask fiveTupleWithMask); + ProtectLevel queryTemplateProtectLevel(Integer templateId, Integer protectLevel); + + @DS("doris") + void insertAlertMessage(AlertMessage alertMessage); + @DS("doris") + List queryAlermsByCommandId(String commandId); } diff --git a/src/main/java/com/realtime/protection/server/alertmessage/AlertMessageService.java b/src/main/java/com/realtime/protection/server/alertmessage/AlertMessageService.java index 2f3009c..bc80c98 100644 --- a/src/main/java/com/realtime/protection/server/alertmessage/AlertMessageService.java +++ b/src/main/java/com/realtime/protection/server/alertmessage/AlertMessageService.java @@ -5,9 +5,15 @@ import com.realtime.protection.configuration.entity.rule.dynamicrule.AlertMessag import com.realtime.protection.configuration.entity.task.FiveTupleWithMask; import com.realtime.protection.configuration.entity.task.TaskCommandInfo; import com.realtime.protection.configuration.utils.enums.StateEnum; +import com.realtime.protection.configuration.utils.enums.TaskTypeEnum; import com.realtime.protection.server.command.CommandService; import com.realtime.protection.server.task.TaskService; import org.springframework.stereotype.Service; +import org.springframework.transaction.annotation.Transactional; +import com.baomidou.dynamic.datasource.annotation.DSTransactional; + +import java.util.List; + @Service public class AlertMessageService { @@ -22,52 +28,119 @@ public class AlertMessageService { this.alertMessageMapper = alertMessageMapper; } + @DSTransactional public void processAlertMessage(AlertMessage alertMessage) { - Long taskId = alertMessage.getTaskId(); - //检查task status是否为running? - Integer taskStatus = taskService.queryTaskStatus(taskId); - Integer temp = StateEnum.RUNNING.getStateNum(); -// if (taskStatus != StateEnum.RUNNING.getStateNum()) { -// return; -// } + TaskCommandInfo dynamicTaskCommandInfo = generateDynamicCommand(alertMessage); - //查task信息,和alertMessage中的fiveTuple信息 合并成 TaskCommandInfo - TaskCommandInfo dynamicTaskCommandInfo = alertMessageMapper.getDynamicTaskInfos(taskId); - - //根据策略模板更新五元组 - ProtectLevel templateProtectLevel = alertMessageMapper.queryTemplateProtectLevel( - dynamicTaskCommandInfo.getTemplateId(), - dynamicTaskCommandInfo.getProtectLevel(), - alertMessage.getFiveTupleWithMask()); - updateFiveTupleWithMask(alertMessage.getFiveTupleWithMask(), templateProtectLevel); - dynamicTaskCommandInfo.setFiveTupleWithMask(alertMessage.getFiveTupleWithMask()); - -// command入库 - commandService.createCommand(dynamicTaskCommandInfo); + Integer taskStatus = dynamicTaskCommandInfo.getTaskStatus(); + Integer taskType = dynamicTaskCommandInfo.getTaskType(); + if (taskType == TaskTypeEnum.DYNAMIC.getTaskType())//动态 + switch (taskStatus) { + case 2://running + insertCommandAndAlertMessage(dynamicTaskCommandInfo, true, alertMessage, true); + break; + case 3://Paused + insertCommandAndAlertMessage(dynamicTaskCommandInfo, false, alertMessage, true); + break; + default://主要是stop + //command不入库 + //alertmessage入库 + insertAlertMessageOnly(alertMessage, true); + break; + } + else if (taskType == TaskTypeEnum.JUDGED.getTaskType())//研判后 + switch (taskStatus) { + case 2://running + insertCommandAndAlertMessage(dynamicTaskCommandInfo, false, alertMessage, false); + break; + case 3://Paused + insertCommandAndAlertMessage(dynamicTaskCommandInfo, false, alertMessage, false); + break; + default://主要是stop + //command不入库 + //alertmessage入库 + insertAlertMessageOnly(alertMessage, false); + } } - private void updateFiveTupleWithMask(FiveTupleWithMask alertMessageFiveTupleW, ProtectLevel templateProtectLevel) { + + private TaskCommandInfo generateDynamicCommand(AlertMessage alertMessage){ + Long taskId = alertMessage.getTaskId(); + +// 查task信息 +// (1)查询生成指令所需信息:和alertMessage中的fiveTuple信息 合并成 TaskCommandInfo; +// (2)额外信息:并额外查询templateId、protectLevel和taskStatus + TaskCommandInfo dynamicCommandInfo = alertMessageMapper.getDynamicTaskInfos(taskId); + +// 根据templateId、protectLevel获取策略模板 + ProtectLevel templateProtectLevel = alertMessageMapper.queryTemplateProtectLevel( + dynamicCommandInfo.getTemplateId(), + dynamicCommandInfo.getProtectLevel()); + //根据策略模板和alertMessage中的FiveTupleWithMask生成要下发五元组信息 + FiveTupleWithMask fiveTupleWithMaskNew = updateFiveTupleWithMask(alertMessage.getFiveTupleWithMask(), + templateProtectLevel); + //指令加入策略模板筛选后的fiveTupleWithMaskNew + dynamicCommandInfo.setFiveTupleWithMask(fiveTupleWithMaskNew); + + return dynamicCommandInfo; + } + + @DSTransactional + private void insertCommandAndAlertMessage(TaskCommandInfo dynamicTaskCommandInfo, Boolean isValid, + AlertMessage alertMessage, Boolean isDistribute){ + //command入库 + dynamicTaskCommandInfo.setIsValid(isValid); + String commandUUID = commandService.createCommand(dynamicTaskCommandInfo); + if (true){ + throw new RuntimeException("test"); + } + //alertmessage入库 + alertMessage.setIsDistribute(isDistribute); + alertMessage.setCommandUUID(commandUUID); + alertMessageMapper.insertAlertMessage(alertMessage); + } + private void insertAlertMessageOnly(AlertMessage alertMessage, Boolean isDistribute){ + //alertmessage入库 + alertMessage.setIsDistribute(isDistribute); + alertMessage.setCommandUUID(null); + alertMessageMapper.insertAlertMessage(alertMessage); + } + + + + private FiveTupleWithMask updateFiveTupleWithMask(FiveTupleWithMask fiveTupleWithMask, ProtectLevel templateProtectLevel) { + + FiveTupleWithMask newFiveTupleWithMask = new FiveTupleWithMask(); + newFiveTupleWithMask.copyFiveTupleWithMask(fiveTupleWithMask); + if(!templateProtectLevel.getHasProtectObjectIP()){ - alertMessageFiveTupleW.setDestinationIP(null); - alertMessageFiveTupleW.setMaskDestinationIP(null); + newFiveTupleWithMask.setDestinationIP(null); + newFiveTupleWithMask.setMaskDestinationIP(null); } if(!templateProtectLevel.getHasProtectObjectPort()){ - alertMessageFiveTupleW.setDestinationPort(null); - alertMessageFiveTupleW.setMaskDestinationPort(null); + newFiveTupleWithMask.setDestinationPort(null); + newFiveTupleWithMask.setMaskDestinationPort(null); } if(!templateProtectLevel.getHasPeerIP()){ - alertMessageFiveTupleW.setSourceIP(null); - alertMessageFiveTupleW.setMaskSourceIP(null); + newFiveTupleWithMask.setSourceIP(null); + newFiveTupleWithMask.setMaskSourceIP(null); } if(!templateProtectLevel.getHasPeerPort()){ - alertMessageFiveTupleW.setSourcePort(null); - alertMessageFiveTupleW.setMaskSourcePort(null); + newFiveTupleWithMask.setSourcePort(null); + newFiveTupleWithMask.setMaskSourcePort(null); } if (!templateProtectLevel.getHasProtocol()) { - alertMessageFiveTupleW.setProtocol(null); - alertMessageFiveTupleW.setMaskProtocol(null); + newFiveTupleWithMask.setProtocol(null); + newFiveTupleWithMask.setMaskProtocol(null); } //目前告警信息还只是五元组,没有url、dns + return newFiveTupleWithMask; + } + + + + public List queryAlarmsByCommandId(String commandId) { + return alertMessageMapper.queryAlermsByCommandId(commandId); } } diff --git a/src/main/java/com/realtime/protection/server/command/CommandService.java b/src/main/java/com/realtime/protection/server/command/CommandService.java index a28515f..74863bc 100644 --- a/src/main/java/com/realtime/protection/server/command/CommandService.java +++ b/src/main/java/com/realtime/protection/server/command/CommandService.java @@ -79,4 +79,17 @@ public class CommandService { public Boolean removeCommandsByTaskId(Long taskId) { return commandMapper.removeCommandsByTaskId(taskId); } + + @DS("doris") + public Object updateCommandVaid(String commandId, Integer isValid) { + if (isValid == 0) { + return commandMapper.setCommandInvalid(commandId); + } + if (isValid == 1) { + return commandMapper.setCommandValid(commandId); + } + return new IllegalArgumentException("isValid must be 0 or 1"); + } + + } diff --git a/src/main/java/com/realtime/protection/server/rule/dynamicrule/DynamicRuleController.java b/src/main/java/com/realtime/protection/server/rule/dynamicrule/DynamicRuleController.java index 394db40..83c0047 100644 --- a/src/main/java/com/realtime/protection/server/rule/dynamicrule/DynamicRuleController.java +++ b/src/main/java/com/realtime/protection/server/rule/dynamicrule/DynamicRuleController.java @@ -103,7 +103,8 @@ public class DynamicRuleController implements DynamicRuleControllerApi { return ResponseResult.ok() .setData("success", true) .setData("dynamic_rule_list", dynamicRuleService.queryDynamicRuleObject(dynamicRuleName, dynamicRuleId, - protectObjectSourceSystem, creator, page, pageSize)); + protectObjectSourceSystem, creator, page, pageSize)) + .setData("dynamic_rule_total_num",dynamicRuleService.queryDynamicRuleTotalNum()); } //详情查看?? 就是按id查询吧 diff --git a/src/main/java/com/realtime/protection/server/rule/dynamicrule/DynamicRuleControllerApi.java b/src/main/java/com/realtime/protection/server/rule/dynamicrule/DynamicRuleControllerApi.java index 1af31a1..80c44bf 100644 --- a/src/main/java/com/realtime/protection/server/rule/dynamicrule/DynamicRuleControllerApi.java +++ b/src/main/java/com/realtime/protection/server/rule/dynamicrule/DynamicRuleControllerApi.java @@ -28,9 +28,9 @@ public interface DynamicRuleControllerApi { content = @Content( mediaType = "application/json", schema = @Schema( -// title = "ResponseResult和DynamicRule的组合模型", -// description = "ResponseResult的data内DynamicRule", -// anyOf = {ResponseResult.class, DynamicRuleObject.class}) + title = "ResponseResult和DynamicRule的组合模型", + description = "ResponseResult的data内DynamicRule", + anyOf = {ResponseResult.class, DynamicRuleObject.class}, implementation = ResponseResult.class) ) ) @@ -84,7 +84,11 @@ public interface DynamicRuleControllerApi { description = "返回修改对象结果", content = @Content( mediaType = "application/json", - schema = @Schema(implementation = ResponseResult.class) + schema = @Schema( + title = "ResponseResult和DynamicRule的组合模型", + description = "ResponseResult的data内DynamicRule", + anyOf = {ResponseResult.class, DynamicRuleObject.class}, + implementation = ResponseResult.class) ) ) }, diff --git a/src/main/java/com/realtime/protection/server/rule/dynamicrule/DynamicRuleMapper.java b/src/main/java/com/realtime/protection/server/rule/dynamicrule/DynamicRuleMapper.java index 61087b4..c57aa41 100644 --- a/src/main/java/com/realtime/protection/server/rule/dynamicrule/DynamicRuleMapper.java +++ b/src/main/java/com/realtime/protection/server/rule/dynamicrule/DynamicRuleMapper.java @@ -40,4 +40,6 @@ public interface DynamicRuleMapper { boolean newDynamicRulProtectObjectsConcat(Integer dynamicRuleId, List protectObjectIds); boolean queryProtectObjectById(Integer protectObjectId); + + Integer queryDynamicRuleTotalNum(); } diff --git a/src/main/java/com/realtime/protection/server/rule/dynamicrule/DynamicRuleService.java b/src/main/java/com/realtime/protection/server/rule/dynamicrule/DynamicRuleService.java index 110f86c..44cb20f 100644 --- a/src/main/java/com/realtime/protection/server/rule/dynamicrule/DynamicRuleService.java +++ b/src/main/java/com/realtime/protection/server/rule/dynamicrule/DynamicRuleService.java @@ -160,4 +160,8 @@ public class DynamicRuleService { return dynamicRuleMapper.queryDynamicRuleObject(dynamicRuleName, dynamicRuleId, templateSourceSystem, creator, page, pageSize); } + + public Integer queryDynamicRuleTotalNum() { + return dynamicRuleMapper.queryDynamicRuleTotalNum(); + } } diff --git a/src/main/java/com/realtime/protection/server/rule/staticrule/StaticRuleController.java b/src/main/java/com/realtime/protection/server/rule/staticrule/StaticRuleController.java index 2361df9..74b9ece 100644 --- a/src/main/java/com/realtime/protection/server/rule/staticrule/StaticRuleController.java +++ b/src/main/java/com/realtime/protection/server/rule/staticrule/StaticRuleController.java @@ -44,7 +44,7 @@ public class StaticRuleController implements StaticRuleControllerApi { //以Excel方式批量导入静态规则 @PostMapping("/upload") @Override - public ResponseResult uploadFile(MultipartFile uploadFile) throws IOException { + public ResponseResult uploadFile(@RequestPart("file")MultipartFile uploadFile) throws IOException { EasyExcel.read(uploadFile.getInputStream(), StaticRuleObject.class, new StaticRuleDataListener(staticRuleService)).sheet().doRead(); return ResponseResult.ok(); @@ -137,7 +137,9 @@ public class StaticRuleController implements StaticRuleControllerApi { List pageResult = staticRuleService.queryStaticRule( static_rule_name, static_rule_id, static_rule_creator, static_rule_ip, page, pageSize); - return ResponseResult.ok().setData("static_rule_list", pageResult); + return ResponseResult.ok() + .setData("static_rule_list", pageResult) + .setData("static_rule_total_num",staticRuleService.queryStaticRuleTotalNum()); } /** diff --git a/src/main/java/com/realtime/protection/server/rule/staticrule/StaticRuleControllerApi.java b/src/main/java/com/realtime/protection/server/rule/staticrule/StaticRuleControllerApi.java index d01a5f9..4a545e8 100644 --- a/src/main/java/com/realtime/protection/server/rule/staticrule/StaticRuleControllerApi.java +++ b/src/main/java/com/realtime/protection/server/rule/staticrule/StaticRuleControllerApi.java @@ -12,6 +12,7 @@ import jakarta.validation.Valid; import org.springframework.web.bind.annotation.PathVariable; import org.springframework.web.bind.annotation.RequestBody; import org.springframework.web.bind.annotation.RequestParam; +import org.springframework.web.bind.annotation.RequestPart; import org.springframework.web.multipart.MultipartFile; import java.io.IOException; @@ -28,7 +29,8 @@ public interface StaticRuleControllerApi { description = "返回新增对象结果", content = @Content( mediaType = "application/json", - schema = @Schema(implementation = ResponseResult.class) + schema = @Schema( + implementation = ResponseResult.class) ) ) }, @@ -52,7 +54,7 @@ public interface StaticRuleControllerApi { requestBody = @io.swagger.v3.oas.annotations.parameters.RequestBody( description = "Excel文件") ) - ResponseResult uploadFile(MultipartFile uploadFile) throws IOException; + ResponseResult uploadFile(@RequestPart("file")MultipartFile uploadFile) throws IOException; @Operation( summary = "下载静态规则模板", diff --git a/src/main/java/com/realtime/protection/server/rule/staticrule/StaticRuleMapper.java b/src/main/java/com/realtime/protection/server/rule/staticrule/StaticRuleMapper.java index 5114362..f24e9b2 100644 --- a/src/main/java/com/realtime/protection/server/rule/staticrule/StaticRuleMapper.java +++ b/src/main/java/com/realtime/protection/server/rule/staticrule/StaticRuleMapper.java @@ -38,4 +38,6 @@ public interface StaticRuleMapper { Integer queryAuditStatusById(Integer id); Boolean updateAuditStatusById(Integer id, Integer auditStatus); + + Integer queryStaticRuleTotalNum(); } diff --git a/src/main/java/com/realtime/protection/server/rule/staticrule/StaticRuleService.java b/src/main/java/com/realtime/protection/server/rule/staticrule/StaticRuleService.java index e6d0c9c..9204550 100644 --- a/src/main/java/com/realtime/protection/server/rule/staticrule/StaticRuleService.java +++ b/src/main/java/com/realtime/protection/server/rule/staticrule/StaticRuleService.java @@ -147,4 +147,8 @@ public class StaticRuleService { public void deleteStaticRuleById(Integer id) { staticRuleMapper.deleteStaticRuleById(id); } + + public Integer queryStaticRuleTotalNum() { + return staticRuleMapper.queryStaticRuleTotalNum(); + } } diff --git a/src/main/java/com/realtime/protection/server/task/TaskController.java b/src/main/java/com/realtime/protection/server/task/TaskController.java index bd2bfaa..a329759 100644 --- a/src/main/java/com/realtime/protection/server/task/TaskController.java +++ b/src/main/java/com/realtime/protection/server/task/TaskController.java @@ -135,4 +135,14 @@ public class TaskController implements TaskControllerApi { .setData("success", true) .setData("commands", commandService.queryCommandInfoByTaskId(taskId)); } + + //研判后任务 下发指令\停止指令 + @PostMapping("/{commandId}/valid/{isValid}") + public ResponseResult validCommandInfoByTaskId(@PathVariable Integer isValid, + @PathVariable String commandId) { + return ResponseResult.ok() + .setData("success", commandService.updateCommandVaid(commandId, isValid)); + } + + } diff --git a/src/main/java/com/realtime/protection/server/whitelist/WhiteListController.java b/src/main/java/com/realtime/protection/server/whitelist/WhiteListController.java index daae83f..a650a28 100644 --- a/src/main/java/com/realtime/protection/server/whitelist/WhiteListController.java +++ b/src/main/java/com/realtime/protection/server/whitelist/WhiteListController.java @@ -69,7 +69,8 @@ public class WhiteListController implements WhiteListControllerApi { .setData("whiteobj_list", null); } return ResponseResult.ok() - .setData("whiteobj_list", whiteListService.queryWhiteListObject(whiteListName, whiteListId, page, pageSize)); + .setData("whiteobj_list", whiteListService.queryWhiteListObject(whiteListName, whiteListId, page, pageSize)) + .setData("whiteobj_total_num", whiteListService.queryWhiteListTotalNum()); } @Override diff --git a/src/main/java/com/realtime/protection/server/whitelist/WhiteListMapper.java b/src/main/java/com/realtime/protection/server/whitelist/WhiteListMapper.java index ac7dd33..24b407c 100644 --- a/src/main/java/com/realtime/protection/server/whitelist/WhiteListMapper.java +++ b/src/main/java/com/realtime/protection/server/whitelist/WhiteListMapper.java @@ -38,4 +38,6 @@ public interface WhiteListMapper { void deleteWhiteListObjects(@Param("whiteListIds") List whiteListBatch); List whiteListCommandJudge(@Param("command") FiveTupleWithMask fiveTupleWithMaskInCommand); + + Integer queryWhiteListTotalNum(); } diff --git a/src/main/java/com/realtime/protection/server/whitelist/WhiteListService.java b/src/main/java/com/realtime/protection/server/whitelist/WhiteListService.java index f0736f0..fe1b7b8 100644 --- a/src/main/java/com/realtime/protection/server/whitelist/WhiteListService.java +++ b/src/main/java/com/realtime/protection/server/whitelist/WhiteListService.java @@ -157,5 +157,9 @@ public class WhiteListService { return resultMap; } + public Integer queryWhiteListTotalNum(){ + return whiteListMapper.queryWhiteListTotalNum(); + } + } diff --git a/src/main/resources/mappers/AlertMessageMapper.xml b/src/main/resources/mappers/AlertMessageMapper.xml index 2ee28d4..cd886ea 100644 --- a/src/main/resources/mappers/AlertMessageMapper.xml +++ b/src/main/resources/mappers/AlertMessageMapper.xml @@ -21,7 +21,7 @@ - + @@ -34,6 +34,75 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + insert + into t_alertmessage(TASK_ID, + DYNAMIC_RULE_ID, + ADDR_TYPE, + SRC_IP, + SRC_PORT, + DST_IP, + DST_PORT, + PROTOCOL, + MASK_SRC_IP, + MASK_SRC_PORT, + MASK_DST_IP, + MASK_DST_PORT, + MASK_PROTOCOL, + IS_DISTRIBUTE, + COMMAND_UUID, + CREATE_TIME, + LAST_UPDATE, + ALERT_MESSAGE_ID) + values ( + #{taskId}, + #{dynamicRuleId}, + #{fiveTupleWithMask.addrType}, + #{fiveTupleWithMask.sourceIP}, + #{fiveTupleWithMask.sourcePort}, + #{fiveTupleWithMask.destinationIP}, + #{fiveTupleWithMask.destinationPort}, + #{fiveTupleWithMask.protocol}, + #{fiveTupleWithMask.maskSourceIP}, + #{fiveTupleWithMask.maskSourcePort}, + #{fiveTupleWithMask.maskDestinationIP}, + #{fiveTupleWithMask.maskDestinationPort}, + #{fiveTupleWithMask.maskProtocol}, + #{isDistribute}, + #{commandUUID}, + NOW(), + NOW(), + UUID()) + + + + + \ No newline at end of file diff --git a/src/main/resources/mappers/DynamicRuleMapper.xml b/src/main/resources/mappers/DynamicRuleMapper.xml index dd7cf66..90f360c 100644 --- a/src/main/resources/mappers/DynamicRuleMapper.xml +++ b/src/main/resources/mappers/DynamicRuleMapper.xml @@ -206,6 +206,10 @@ from t_protect_object where protect_object_id = #{protectObjectId} + \ No newline at end of file diff --git a/src/main/resources/mappers/StaticRuleMapper.xml b/src/main/resources/mappers/StaticRuleMapper.xml index da3d9d3..75dd033 100644 --- a/src/main/resources/mappers/StaticRuleMapper.xml +++ b/src/main/resources/mappers/StaticRuleMapper.xml @@ -158,5 +158,9 @@ SELECT static_rule_audit_status FROM t_static_rule WHERE static_rule_id = #{id} + \ No newline at end of file diff --git a/src/main/resources/mappers/WhiteListMapper.xml b/src/main/resources/mappers/WhiteListMapper.xml index 5011bbb..59db94f 100644 --- a/src/main/resources/mappers/WhiteListMapper.xml +++ b/src/main/resources/mappers/WhiteListMapper.xml @@ -198,5 +198,9 @@ + \ No newline at end of file diff --git a/src/test/java/com/realtime/protection/server/alertmessage/AlertMessageTest.java b/src/test/java/com/realtime/protection/server/alertmessage/AlertMessageTest.java new file mode 100644 index 0000000..39653a9 --- /dev/null +++ b/src/test/java/com/realtime/protection/server/alertmessage/AlertMessageTest.java @@ -0,0 +1,45 @@ +package com.realtime.protection.server.alertmessage; + +import com.realtime.protection.configuration.entity.rule.dynamicrule.AlertMessage; +import com.realtime.protection.configuration.entity.task.FiveTupleWithMask; +import org.junit.jupiter.api.Test; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.boot.test.context.SpringBootTest; + +@SpringBootTest +public class AlertMessageTest { + + private final AlertMessageService alertMessageService; + @Autowired + public AlertMessageTest(AlertMessageService alertMessageService) { + this.alertMessageService = alertMessageService; + } + + @Test + void testReceiveAlertMessage() { + for (int i = 1; i < 10; i++) { + AlertMessage alertMessage = new AlertMessage(); + FiveTupleWithMask fiveTupleWithMask = new FiveTupleWithMask(); + fiveTupleWithMask.setSourceIP("1.1.1." + i); + fiveTupleWithMask.setMaskSourceIP("255.255.255.0"); + fiveTupleWithMask.setDestinationIP("2.2.3.4"); + fiveTupleWithMask.setMaskDestinationIP("255.255.255.255"); + fiveTupleWithMask.setSourcePort("80"); + fiveTupleWithMask.setDestinationPort("80"); + fiveTupleWithMask.setProtocol("TCP"); + + alertMessage.setTaskId(1937L); + alertMessage.setFiveTupleWithMask(fiveTupleWithMask); + alertMessage.setDynamicRuleId(31); + alertMessageService.processAlertMessage(alertMessage); + } + } + + @Test + void queryAlertMessageByCommandId() { + +// String commandId = "3e2fde7c-cd91-41f3-aedf-bd9993a61737"; +// +// System.out.println(alertMessageService.queryAlarmsByCommandId(commandId)); + } +}