ft:

动态、静态任务生成指令写入数据库时，根据多局点下发多个指令
author: miaohao <[email protected]> 2024-09-09 14:54:21 +0800
committer: miaohao <[email protected]> 2024-09-09 14:54:21 +0800
commit: 97ec7a1279d976b1f6fba491c37bd7fde97586ea (patch)
tree: 7759d3e79ed8c80487b08a99f574b991da9f3cca
parent: 9cfff8895aab20cb6221134b01e43b915dfd4454 (diff)
6 files changed, 140 insertions, 24 deletions
diff --git a/src/main/java/com/realtime/protection/server/alertmessage/AlertMessageController.java b/src/main/java/com/realtime/protection/server/alertmessage/AlertMessageController.java
index 71e5fe0..958256b 100644
--- a/src/main/java/com/realtime/protection/server/alertmessage/AlertMessageController.java
+++ b/src/main/java/com/realtime/protection/server/alertmessage/AlertMessageController.java
@@ -4,7 +4,6 @@ import com.fasterxml.jackson.annotation.JsonProperty;
 import com.realtime.protection.configuration.entity.alert.AlertMessage;
 import com.realtime.protection.configuration.response.ResponseResult;
 import jakarta.validation.Valid;
-import jdk.jfr.DataAmount;
 import lombok.Data;
 import lombok.extern.slf4j.Slf4j;
 import org.springframework.web.bind.annotation.*;
@@ -16,13 +15,15 @@ import java.util.Map;
 @RestController
 @RequestMapping("alertmessage")
 @Slf4j
-public class AlertMessageController
+public class AlertMessageController implements AlertMessageControllerApi
 {
     private final AlertMessageService alertMessageService;
     public AlertMessageController(AlertMessageService alertMessageService) {
         this.alertMessageService = alertMessageService;
     }
 
+
+    @Override
     @PostMapping("/new")
     public ResponseResult receiveAlertMessage(@RequestBody @Valid AlertMessage alertMessage){
         alertMessageService.processAlertMessage(alertMessage);
diff --git a/src/main/java/com/realtime/protection/server/alertmessage/AlertMessageControllerApi.java b/src/main/java/com/realtime/protection/server/alertmessage/AlertMessageControllerApi.java
new file mode 100644
index 0000000..b72f102
--- /dev/null
+++ b/src/main/java/com/realtime/protection/server/alertmessage/AlertMessageControllerApi.java
@@ -0,0 +1,45 @@
+package com.realtime.protection.server.alertmessage;
+
+import com.realtime.protection.configuration.entity.alert.AlertMessage;
+import com.realtime.protection.configuration.response.ResponseResult;
+import io.swagger.v3.oas.annotations.Operation;
+import io.swagger.v3.oas.annotations.media.Content;
+import io.swagger.v3.oas.annotations.media.ExampleObject;
+import io.swagger.v3.oas.annotations.media.Schema;
+import io.swagger.v3.oas.annotations.responses.ApiResponse;
+import jakarta.validation.Valid;
+import org.springframework.web.bind.annotation.PostMapping;
+import org.springframework.web.bind.annotation.RequestBody;
+
+public interface AlertMessageControllerApi {
+   @Operation(
+            summary = "录入告警信息",
+            description = "通过API推送录入告警信息、人工录入告警信息",
+            responses = {
+                    @ApiResponse(
+                            description = "是否录入成功",
+                            content = @Content(
+                                    mediaType = "application/json",
+                                    schema = @Schema(implementation = ResponseResult.class),
+                                    examples = @ExampleObject(
+                                            name = "example",
+                                            value = """
+                                                    {
+                                                      "code": 200,
+                                                      "message": "request succeed",
+                                                      "data": {
+                                                        "success": true
+                                                      }
+                                                    }
+                                                    """,
+                                            description = """
+                                                    """
+                                    )
+                            )
+                    )
+            },
+            requestBody = @io.swagger.v3.oas.annotations.parameters.RequestBody(description = "告警日志信息")
+    )
+    @PostMapping("/new")
+    ResponseResult receiveAlertMessage(@RequestBody @Valid AlertMessage alertMessage);
+}
diff --git a/src/main/java/com/realtime/protection/server/alertmessage/AlertMessageService.java b/src/main/java/com/realtime/protection/server/alertmessage/AlertMessageService.java
index 6efbb42..70f0a9c 100644
--- a/src/main/java/com/realtime/protection/server/alertmessage/AlertMessageService.java
+++ b/src/main/java/com/realtime/protection/server/alertmessage/AlertMessageService.java
@@ -22,6 +22,7 @@ import java.time.LocalDateTime;
 import java.time.ZoneId;
 import java.time.format.DateTimeFormatter;
 import java.util.ArrayList;
+import java.util.Arrays;
 import java.util.List;
 import java.util.UUID;
 
@@ -122,6 +123,7 @@ public class AlertMessageService {
 //        （1）查询生成指令所需信息：和alertMessage中的fiveTuple信息 合并成 TaskCommandInfo;
 //        （2）额外信息：并额外查询templateId、protectLevel和taskStatus
         TaskCommandInfo dynamicCommandInfo = alertMessageMapper.getDynamicTaskInfos(taskId, DynamicRuleId);
+
         if (dynamicCommandInfo == null || dynamicCommandInfo.getTemplateId() == null){
             throw new IllegalArgumentException("taskId: " + taskId + " DynamicRuleId: " + DynamicRuleId + " 不正确");
         }
@@ -148,7 +150,41 @@ public class AlertMessageService {
         dynamicCommandInfo.setFiveTupleWithMask(fiveTupleWithMaskNew.get(0));
         dynamicCommandInfoList.add(dynamicCommandInfo);
 
-        return dynamicCommandInfoList;
+//        //判断局点是否为多个，包含‘,’，多个的话，生成多个指令
+//        if (dynamicCommandInfo.getDistributePoint().contains(",")){
+//            List<TaskCommandInfo> dynamicCommandInfoList2 = new ArrayList<>();
+//            for (TaskCommandInfo dynamicCommandInfo1 : dynamicCommandInfoList){
+//                String[] distributePoints = dynamicCommandInfo1.getDistributePoint().split(",");
+//                for (String distributePoint : distributePoints){
+//                    TaskCommandInfo dynamicCommandInfo2 = new TaskCommandInfo();
+//                    dynamicCommandInfo2.copyTaskCommandInfo(dynamicCommandInfo1);
+//                    dynamicCommandInfo2.setDistributePoint(distributePoint);
+//                    dynamicCommandInfoList2.add(dynamicCommandInfo2);
+//                }
+//            }
+//            dynamicCommandInfoList = dynamicCommandInfoList2;
+//        }
+        //指令拆分局点，拆分后的指令放入staticTaskCommandInfosSplitDistributePoint
+        List<TaskCommandInfo> dynamicCommandInfoListSplitDistributePoint = new ArrayList<>();
+        for (TaskCommandInfo taskCommandInfo : dynamicCommandInfoList) {
+            //判断是否多局点
+            if (taskCommandInfo.getDistributePoint().contains(",")) {
+                String[] distributePointArray = taskCommandInfo.getDistributePoint().split(",");
+                for (String distributePoint : distributePointArray) {
+                    TaskCommandInfo taskCommandInfoSplit = new TaskCommandInfo();
+                    taskCommandInfoSplit.copyTaskCommandInfo(taskCommandInfo);
+                    taskCommandInfoSplit.setDistributePoint(distributePoint);
+                    dynamicCommandInfoListSplitDistributePoint.add(taskCommandInfoSplit);
+                }
+            }
+            else{
+                dynamicCommandInfoListSplitDistributePoint.add(taskCommandInfo);
+            }
+        }
+
+
+
+        return dynamicCommandInfoListSplitDistributePoint;
     }
 
     @DSTransactional
@@ -156,9 +192,29 @@ public class AlertMessageService {
                                               Boolean isValid,
                                               Integer isJudged,
                                               AlertMessage alertMessage){
+
         List<String> commandUUIDs = new ArrayList<>();
         List<Subnet> subnetList = new ArrayList<>();
 
+
+        //更新任务 影响ip数量字段,因为dynamicTaskCommandInfoList中的指令ip相同，所以只取一个指令计算
+        TaskCommandInfo dynamicTaskCommandInfo0 = dynamicTaskCommandInfoList.get(0);
+        try {
+            //抽取告警生成的指令没有掩码
+            String sip = dynamicTaskCommandInfo0.getFiveTupleWithMask().getSourceIP();
+            String msip = "255.255.255.255";
+            String dip = dynamicTaskCommandInfo0.getFiveTupleWithMask().getDestinationIP();
+            String mdip = "255.255.255.255";
+
+            if (sip != null) subnetList.add(new Subnet(sip,msip));
+            if (dip != null) subnetList.add(new Subnet(dip,mdip));
+        } catch (UnknownHostException e) {
+            throw new RuntimeException(e);
+        }
+        Long ipTotalNum = taskService.ipWithMaskToIpNums(subnetList);
+        taskService.updateTaskIpTotalNum(ipTotalNum, dynamicTaskCommandInfo0.getTaskId());
+
+
         for (TaskCommandInfo dynamicTaskCommandInfo : dynamicTaskCommandInfoList ){
             //command入库
             dynamicTaskCommandInfo.setIsValid(isValid);
@@ -178,22 +234,8 @@ public class AlertMessageService {
                             + String.format("%06d", counter.generateId("alert_message"))
 
             );
+            //t_alertMessage表目前唯一键导致覆盖了，加个uuid？ 也存在多次插入问题
             alertMessageMapper.insertAlertMessage(alertMessage);
-
-            try {
-                //抽取告警生成的指令没有掩码
-                String sip = dynamicTaskCommandInfo.getFiveTupleWithMask().getSourceIP();
-                String msip = "255.255.255.255";
-                String dip = dynamicTaskCommandInfo.getFiveTupleWithMask().getDestinationIP();
-                String mdip = "255.255.255.255";
-
-                if (sip != null) subnetList.add(new Subnet(sip,msip));
-                if (dip != null) subnetList.add(new Subnet(dip,mdip));
-            } catch (UnknownHostException e) {
-                throw new RuntimeException(e);
-            }
-            Long ipTotalNum = taskService.ipWithMaskToIpNums(subnetList);
-            taskService.updateTaskIpTotalNum(ipTotalNum, dynamicTaskCommandInfo.getTaskId());
         }
 
 
diff --git a/src/main/java/com/realtime/protection/server/task/status/StateHandler.java b/src/main/java/com/realtime/protection/server/task/status/StateHandler.java
index dd241b4..4f60d4c 100644
--- a/src/main/java/com/realtime/protection/server/task/status/StateHandler.java
+++ b/src/main/java/com/realtime/protection/server/task/status/StateHandler.java
@@ -21,6 +21,7 @@ import org.springframework.web.reactive.function.client.WebClient;
 import java.time.Duration;
 import java.time.LocalDateTime;
 import java.util.ArrayList;
+import java.util.Arrays;
 import java.util.List;
 import java.util.Map;
 import java.util.concurrent.atomic.AtomicReference;
@@ -218,15 +219,35 @@ public class StateHandler {
     private Boolean handleStaticTaskStart(CommandService commandService, TaskService taskService, Task task) {
         // 如果未能获取staticTaskCommandInfos，需要报错
         List<TaskCommandInfo> staticTaskCommandInfos = taskService.getStaticCommandInfos(task.getTaskId());
+        //判断有没有多局点
+
+
         if (staticTaskCommandInfos == null || staticTaskCommandInfos.isEmpty()) {
             throw new IllegalArgumentException("静态规则列表为空，请至少选择一个静态规则以启动任务");
         }
+        //指令拆分局点，拆分后的指令放入staticTaskCommandInfosSplitDistributePoint
+        List<TaskCommandInfo> staticTaskCommandInfosSplitDistributePoint = new ArrayList<>();
+        for (TaskCommandInfo taskCommandInfo : staticTaskCommandInfos) {
+            //判断是否多局点
+            if (taskCommandInfo.getDistributePoint().contains(",")) {
+                List<String> distributePointArray = Arrays.asList(taskCommandInfo.getDistributePoint().split(","));
+                for (String distributePoint : distributePointArray) {
+                    TaskCommandInfo taskCommandInfoSplit = new TaskCommandInfo();
+                    taskCommandInfoSplit.copyTaskCommandInfo(taskCommandInfo);
+                    taskCommandInfoSplit.setDistributePoint(distributePoint);
+                    staticTaskCommandInfosSplitDistributePoint.add(taskCommandInfoSplit);
+                }
+            }
+            else{
+                staticTaskCommandInfosSplitDistributePoint.add(taskCommandInfo);
+            }
+        }
 
         // 将所有关联的静态规则全部设置为已使用状态
 //        taskService.updateStaticRuleAuditStatusInTask(task.getTaskId(), AuditStatusEnum.USING);
 //        taskService.changeTaskAuditStatus(task.getTaskId(), AuditStatusEnum.USING.getNum());
 
-        List<String> commandUUIDs= commandService.createCommands(staticTaskCommandInfos);
+        List<String> commandUUIDs= commandService.createCommands(staticTaskCommandInfosSplitDistributePoint);
 
         // 将command新建信号发送到c3下发程序
         try {
diff --git a/src/main/resources/mappers/CommandMapper.xml b/src/main/resources/mappers/CommandMapper.xml
index 3ebb6af..00f65f3 100644
--- a/src/main/resources/mappers/CommandMapper.xml
+++ b/src/main/resources/mappers/CommandMapper.xml
@@ -737,6 +737,13 @@
             <if test="command_info.fiveTupleWithMask.maskProtocol != null">
                 AND MASK_PROTOCOL = #{command_info.fiveTupleWithMask.maskProtocol}
             </if>
+            <if test="command_info.taskAct != null">
+                AND TASK_ACT = #{command_info.taskAct}
+            </if>
+            <if test="command_info.distributePoint != null">
+                AND DISTRIBUTEPOINT = #{command_info.distributePoint}
+            </if>
+
         </where>
     </select>
     <select id="queryCommandTotalNum" resultType="java.lang.Integer">
diff --git a/src/test/java/com/realtime/protection/server/alertmessage/AlertMessageTest.java b/src/test/java/com/realtime/protection/server/alertmessage/AlertMessageTest.java
index 2812296..0c884ff 100644
--- a/src/test/java/com/realtime/protection/server/alertmessage/AlertMessageTest.java
+++ b/src/test/java/com/realtime/protection/server/alertmessage/AlertMessageTest.java
@@ -58,7 +58,7 @@ public class AlertMessageTest {
                     null, null, null, null,
                     null, null, 1, 1);
             List<TemplateNew> templates = templateService.queryTemplates(
-                    null, null, null, null, null, "洪泛型DDoS", null, 1, 1);
+                    "洪泛型DDoS-日常态", null, null, null, null, null, null, 1, 1);
 
             DynamicRuleObject object = new DynamicRuleObject();
             object.setDynamicRuleName("内部-动态任务测试-"+LocalDateTime.now().toString());
@@ -73,17 +73,17 @@ public class AlertMessageTest {
 
 
             Task task = new Task();
-            task.setTaskName("内部-动态任务测试"+LocalDateTime.now().toString());
+            task.setTaskName("内部-研判后任务测试多据点"+LocalDateTime.now().toString());
             LocalDateTime taskStartTime = LocalDateTime.now().plusMinutes(1);
             LocalDateTime taskEndTime = LocalDateTime.now().plusYears(5);
             task.setTaskStartTime(taskStartTime);
             task.setTaskEndTime(taskEndTime);
             task.setTaskAct("23");
             task.setTaskType(3);
-            task.setTaskCreateUserId(1100664);
+            task.setTaskCreateUserId("1100664");
             task.setTaskCreateUsername("NSADD管理员");
             task.setTaskCreateDepart("组织树");
-            task.setTaskRange("1009");
+            task.setTaskRange("1009,1020,1027");
 
 
             task.setDynamicRuleIds(List.of(new Integer[]{dynamicRuleId}));
@@ -104,7 +104,7 @@ public class AlertMessageTest {
                 AlertMessage alert = new AlertMessage();
                 FiveTupleWithMask fiveTupleWithMask = new FiveTupleWithMask();
                 fiveTupleWithMask.setSourceIP(n+".5.1." + i);
-                fiveTupleWithMask.setDestinationIP(n+".24.2." + i);
+                fiveTupleWithMask.setDestinationIP("1.24.2.11");
                 fiveTupleWithMask.setSourcePort("111");
                 fiveTupleWithMask.setDestinationPort("80");
                 fiveTupleWithMask.setProtocol("6");
author	miaohao <[email protected]>	2024-09-09 14:54:21 +0800
committer	miaohao <[email protected]>	2024-09-09 14:54:21 +0800
commit	97ec7a1279d976b1f6fba491c37bd7fde97586ea (patch)
tree	7759d3e79ed8c80487b08a99f574b991da9f3cca
parent	9cfff8895aab20cb6221134b01e43b915dfd4454 (diff)