diff options
| author | zhangwei <[email protected]> | 2018-12-16 19:45:46 +0600 |
|---|---|---|
| committer | zhangwei <[email protected]> | 2018-12-16 19:45:46 +0600 |
| commit | 329983071380424100a8fb66a8d5bdd6b45c9715 (patch) | |
| tree | 040c156d09c31cbab26a5a34237ce063b939a575 | |
| parent | 92e66b2fdd757fb7614488d538d1a2ce2c8b1bee (diff) | |
修改ip payload功能界面,增加spoofing业务,并且service中配置下发增加spoofing业务的自定义域处理
10 files changed, 157 insertions, 17 deletions
diff --git a/src/main/java/com/nis/util/Constants.java b/src/main/java/com/nis/util/Constants.java index 5237d22..83c0dde 100644 --- a/src/main/java/com/nis/util/Constants.java +++ b/src/main/java/com/nis/util/Constants.java @@ -528,7 +528,7 @@ public final class Constants { public static final String P2P_HASH_BIN_REGION = Configurations.getStringProperty("p2p_hash_bin_region","NTC_P2P_HASH_BIN"); public static final String P2P_KEYWORDS_REGION = Configurations.getStringProperty("p2p_keywords_region","NTC_P2P_KEYWORDS"); public static final String NTC_SUBSCRIBE_ID_REGION = Configurations.getStringProperty("ntc_subscribe_id_region","NTC_SUBSCRIBE_ID"); - public static final String PXY_CRTL_SUBSCRIBE_ID_REGION = Configurations.getStringProperty("pxy_crtl_subscribe_id_region","PXY_CRTL_SUBSCRIBE_ID"); + public static final String PXY_CRTL_SUBSCRIBE_ID_REGION = Configurations.getStringProperty("pxy_crtl_subscribe_id_region","PXY_CTRL_SUBSCRIBE_ID"); /** * 样例文件URL关键字 */ diff --git a/src/main/java/com/nis/web/controller/configuration/proxy/InterceptController.java b/src/main/java/com/nis/web/controller/configuration/proxy/InterceptController.java index 687596d..2203ec3 100644 --- a/src/main/java/com/nis/web/controller/configuration/proxy/InterceptController.java +++ b/src/main/java/com/nis/web/controller/configuration/proxy/InterceptController.java @@ -20,6 +20,7 @@ import org.springframework.web.servlet.mvc.support.RedirectAttributes; import com.nis.domain.Page; +import com.nis.domain.basics.PolicyGroupInfo; import com.nis.domain.configuration.BaseStringCfg; import com.nis.domain.configuration.CfgIndexInfo; import com.nis.domain.configuration.HttpUrlCfg; @@ -58,7 +59,9 @@ public class InterceptController extends CommonController{ certificateList=pxyObjKeyringService.findPxyObjKeyrings(null, 1, 1, "domain"); } model.addAttribute("certificateList", certificateList); - + //IP地址仿冒策略使用策略组 + List<PolicyGroupInfo> policyGroups=policyGroupInfoService.findPolicyGroupInfosByType(6); + model.addAttribute("policyGroups", policyGroups); return "/cfg/intercept/interceptList"; } @RequestMapping(value = {"/interceptIpForm","interceptDomainForm","interceptIpPayloadForm"}) @@ -80,6 +83,10 @@ public class InterceptController extends CommonController{ model.addAttribute("certificateList", certificateList); model.addAttribute("_cfg", entity); + //IP地址仿冒策略使用策略组 + List<PolicyGroupInfo> policyGroups=policyGroupInfoService.findPolicyGroupInfosByType(6); + model.addAttribute("policyGroups", policyGroups); + return "/cfg/intercept/interceptForm"; } @RequestMapping(value = {"/ip/saveOrUpdate","/domain/saveOrUpdate","/ippayload/SaveOrUpdate"}) diff --git a/src/main/java/com/nis/web/service/configuration/InterceptCfgService.java b/src/main/java/com/nis/web/service/configuration/InterceptCfgService.java index 60c0622..2414ff6 100644 --- a/src/main/java/com/nis/web/service/configuration/InterceptCfgService.java +++ b/src/main/java/com/nis/web/service/configuration/InterceptCfgService.java @@ -394,6 +394,13 @@ public class InterceptCfgService extends CrudService<WebsiteCfgDao,CfgIndexInfo> userRegion=userRegion+";"+Constants.REPLACE_SUBSTITUTE_KEY+"="+substitute; maatCfg.setUserRegion(userRegion); } + //ip仿冒自定义域信息 + if(entity.getAction().equals(48)){ + //HTTP replace: replace type is not null ;find is not null;replace with is not null(userRegion is not null) + userRegion="nat_type="+entity.getUserRegion1(); + userRegion+=";spoofing_ip_pool="+entity.getUserRegion2(); + maatCfg.setUserRegion(userRegion); + } //域名拦截需要增加域名id和域名字符串自定义配置 if(StringUtil.isEmpty(maatCfg.getUserRegion()) diff --git a/src/main/resources/messages/message_en.properties b/src/main/resources/messages/message_en.properties index f74797d..9c188c0 100644 --- a/src/main/resources/messages/message_en.properties +++ b/src/main/resources/messages/message_en.properties @@ -1371,4 +1371,8 @@ conn_record=Connection Records bps=Bps
bps_percent=Bps Percent
pps=pps
-pps_percent=pps Percent
\ No newline at end of file +pps_percent=pps Percent
+spoofing_ip_object=Spoofing Policy Object
+spoofing_ip_policy=Spoofing Policy
+action_spoofing=Spoofing
+spoofing=spoofing
\ No newline at end of file diff --git a/src/main/resources/messages/message_ru.properties b/src/main/resources/messages/message_ru.properties index 0eca166..76a98c4 100644 --- a/src/main/resources/messages/message_ru.properties +++ b/src/main/resources/messages/message_ru.properties @@ -1375,4 +1375,8 @@ conn_record=Connection Records bps=Bps
bps_percent=Bps Percent
pps=pps
-pps_percent=pps Percent
\ No newline at end of file +pps_percent=pps Percent
+spoofing_ip_object=Spoofing Policy Object
+spoofing_ip_policy=Spoofing Policy
+action_spoofing=Spoofing
+spoofing=spoofing
\ No newline at end of file diff --git a/src/main/resources/messages/message_zh_CN.properties b/src/main/resources/messages/message_zh_CN.properties index ae939fc..3c08669 100644 --- a/src/main/resources/messages/message_zh_CN.properties +++ b/src/main/resources/messages/message_zh_CN.properties @@ -1371,4 +1371,8 @@ conn_record=Connection Records bps=Bps
bps_percent=Bps Percent
pps=pps
-pps_percent=pps Percent
\ No newline at end of file +pps_percent=pps Percent
+spoofing_ip_object=Spoofing Policy Object
+spoofing_ip_policy=Spoofing Policy
+action_spoofing=Spoofing
+spoofing=spoofing
\ No newline at end of file diff --git a/src/main/resources/nis.properties b/src/main/resources/nis.properties index e1b8056..c34985f 100644 --- a/src/main/resources/nis.properties +++ b/src/main/resources/nis.properties @@ -219,14 +219,14 @@ clusterBStartTime=1503504000725 isCommit=true ############################################################################################################################################ ############################################################################################################################################ -httpUrl=http://192.168.10.204:9999/galaxy-service/service/cfg/v1/ +httpUrl=http://10.0.7.14:9999/galaxy-service/service/cfg/v1/ maatCfg=configSources fileUploadCfg=fileUploadSources callbackCfg=commonSources fileDigestCfg=fileDigestSources configIdSources=configPzIdSources #logBaseUrl=http://10.0.6.242:8080/galaxy-service/service/log/v1/ -logBaseUrl=http://192.168.10.204:9999/galaxy-service/service/log/v1/ +logBaseUrl=http://10.0.7.14:9999/galaxy-service/service/log/v1/ ntcPzReport=ntcPzReport ntcServiceReport=ntcServiceReport ntcTagReport=ntcTagReport @@ -270,7 +270,7 @@ mmLogoDetectionLog=mmLogoDetectionLogs mmFaceRecognizationLog=mmFaceRecognizationLogs ######################################## #\u5927\u5C4F\u56FE\u8868\u5C55\u793A\u670D\u52A1\u63A5\u53E3 -dashboardUrl=http://192.168.10.204:9999/galaxy-service/service/log/v1/ +dashboardUrl=http://10.0.7.14:9999/galaxy-service/service/log/v1/ trafficIpActive=trafficIpActive trafficProtocol=trafficProtocol trafficApp=trafficApp @@ -577,7 +577,7 @@ trafficBandwidthTrans=trafficBandwidthTrans trafficProtocolList=trafficProtocolList trafficAppList=trafficAppList ntcActionEntranceReport=ntcActionEntranceReport -redis.host=10.0.4.1:6379 +redis.host=10.0.8.16:9003 redis.expire=1800 redis.timeout=10000 dns_spoofing_ip_desc=Default Spoofing IP @@ -587,4 +587,6 @@ ntcCollectRadiusLog=ntcCollectRadiusLogs ntcConnRecordLog=ntcConnRecordLogs ntcConnRecordPercent=ntcConnRecordPercent #\u5BFC\u51FA\u6700\u5927\u6761\u6570 -maxLogExportSize=2000
\ No newline at end of file +maxLogExportSize=2000 +pxy_crtl_subscribe_id_region=PXY_CTRL_SUBSCRIBE_ID +ntc_subscribe_id_region=NTC_SUBSCRIBE_ID diff --git a/src/main/webapp/WEB-INF/views/cfg/intercept/interceptForm.jsp b/src/main/webapp/WEB-INF/views/cfg/intercept/interceptForm.jsp index 64fe701..71938fb 100644 --- a/src/main/webapp/WEB-INF/views/cfg/intercept/interceptForm.jsp +++ b/src/main/webapp/WEB-INF/views/cfg/intercept/interceptForm.jsp @@ -85,10 +85,12 @@ $(".ratelimitAction").find("input[name^='userRegion'],select[name^='userRegion']").attr("disabled",true); $(".replaceAction").find("input[name^='userRegion'],select[name^='userRegion']").attr("disabled",true); $(".whiteListAction").find("input[name^='userRegion'],select[name^='userRegion']").attr("disabled",true); + $(".spoofingAction").find("input[name^='userRegion'],select[name^='userRegion']").attr("disabled",true); }else if(action==64){//限速 $(".monitAction").find("input[name^='userRegion'],select[name^='userRegion']").attr("disabled",true); $(".replaceAction").find("input[name^='userRegion'],select[name^='userRegion']").attr("disabled",true); $(".whiteListAction").find("input[name^='userRegion'],select[name^='userRegion']").attr("disabled",true); + $(".spoofingAction").find("input[name^='userRegion'],select[name^='userRegion']").attr("disabled",true); var rateLimitType=$("input[name='userRegion1']checked").val(); if(rateLimitType == 0){//丢包率 $(".bandwith").find("input[name='userRegion3']").attr("disabled",true); @@ -100,10 +102,17 @@ $(".monitAction").find("input[name^='userRegion'],select[name^='userRegion']").attr("disabled",true); $(".ratelimitAction").find("input[name^='userRegion'],select[name^='userRegion']").attr("disabled",true); $(".whiteListAction").find("input[name^='userRegion'],select[name^='userRegion']").attr("disabled",true); + $(".spoofingAction").find("input[name^='userRegion'],select[name^='userRegion']").attr("disabled",true); + }else if(action==48){//IP仿冒业务 + $(".monitAction").find("input[name^='userRegion'],select[name^='userRegion']").attr("disabled",true); + $(".ratelimitAction").find("input[name^='userRegion'],select[name^='userRegion']").attr("disabled",true); + $(".whiteListAction").find("input[name^='userRegion'],select[name^='userRegion']").attr("disabled",true); + $(".replaceAction").find("input[name^='userRegion'],select[name^='userRegion']").attr("disabled",true); }else {//白名单 $(".monitAction").find("input[name^='userRegion'],select[name^='userRegion']").attr("disabled",true); $(".ratelimitAction").find("input[name^='userRegion'],select[name^='userRegion']").attr("disabled",true); $(".replaceAction").find("input[name^='userRegion'],select[name^='userRegion']").attr("disabled",true); + $(".spoofingAction").find("input[name^='userRegion'],select[name^='userRegion']").attr("disabled",true); } loading('onloading...'); form.submit(); @@ -307,6 +316,7 @@ $(".ratelimitAction").addClass("hidden"); $(".replaceAction").addClass("hidden"); $(".whiteListAction").addClass("hidden"); + $(".spoofingAction").addClass("hidden"); if(interceptRatelimitIp == 'intercept_ratelimit_ip'){ $("select[name='"+protocolNamePrefix+"protocol']").find("option").remove(); $("select[name='"+protocolNamePrefix+"protocol']").selectpicker("refresh"); @@ -325,6 +335,7 @@ $(".ratelimitAction").removeClass("hidden"); $(".replaceAction").addClass("hidden"); $(".whiteListAction").addClass("hidden"); + $(".spoofingAction").addClass("hidden"); if(interceptRatelimitIp == 'intercept_ratelimit_ip'){ $("select[name='"+protocolNamePrefix+"protocol']").find("option").remove(); $("select[name='"+protocolNamePrefix+"protocol']").selectpicker("refresh"); @@ -344,6 +355,7 @@ $(".ratelimitAction").addClass("hidden"); $(".replaceAction").removeClass("hidden"); $(".whiteListAction").addClass("hidden"); + $(".spoofingAction").addClass("hidden"); if(interceptRatelimitIp == 'intercept_ratelimit_ip'){ $("select[name='"+protocolNamePrefix+"protocol']").find("option").remove(); $("select[name='"+protocolNamePrefix+"protocol']").selectpicker("refresh"); @@ -360,6 +372,7 @@ $(".ratelimitAction").addClass("hidden"); $(".replaceAction").addClass("hidden"); $(".whiteListAction").removeClass("hidden"); + $(".spoofingAction").addClass("hidden"); if(interceptRatelimitIp == 'intercept_ratelimit_ip'){ $("select[name='"+protocolNamePrefix+"protocol']").find("option").remove(); $("select[name='"+protocolNamePrefix+"protocol']").selectpicker("refresh"); @@ -372,6 +385,24 @@ $("."+interceptReplacePktBin).addClass("hidden"); $("."+interceptReplacePktBin+"_div").addClass("hidden"); } + }else if(action==48){ + //重定向,IP仿冒业务 + $(".monitAction").addClass("hidden"); + $(".ratelimitAction").addClass("hidden"); + $(".replaceAction").addClass("hidden"); + $(".whiteListAction").addClass("hidden"); + $(".spoofingAction").removeClass("hidden"); + if(interceptRatelimitIp == 'intercept_ratelimit_ip'){ + $("select[name='"+protocolNamePrefix+"protocol']").find("option").remove(); + $("select[name='"+protocolNamePrefix+"protocol']").selectpicker("refresh"); + $("select[name='"+protocolNamePrefix+"protocol']").append("<option value='17' selected>UDP</option>") + $("select[name='"+protocolNamePrefix+"protocol']").append("<option value='6' >TCP</option>") + $("select[name='"+protocolNamePrefix+"protocol']").selectpicker("refresh"); + } + if(interceptReplacePktBin == 'intercept_replace_pkt_bin' && cfgId == ""){ + $("."+interceptReplacePktBin).addClass("hidden"); + $("."+interceptReplacePktBin).find("span").removeClass("hidden"); + } } } @@ -379,7 +410,7 @@ </head> <body> <!-- fucntion_ID 200-IP 201-DOMAIN --> - <c:if test="${_cfg.functionId eq 200}"> + <c:if test="${_cfg.functionId eq 200 or _cfg.functionId eq 214}"> <c:set var="interceptType" value="Ip"/> </c:if> <c:if test="${_cfg.functionId eq 201}"> @@ -455,7 +486,10 @@ <c:if test="${(dict.itemCode eq service.action) && (service.action eq 128) }"> <spring:message code="bypass"/> </c:if> - <c:if test="${(dict.itemCode eq service.action) && (service.action ne 1 && service.action ne 128 ) }"> + <c:if test="${(dict.itemCode eq service.action) && (service.action eq 48) }"> + <spring:message code="Spoofing"/> + </c:if> + <c:if test="${(dict.itemCode eq service.action) && (service.action ne 1 && service.action ne 128 && service.action ne 48 ) }"> <spring:message code="${dict.itemValue }"/> </c:if> </c:forEach> @@ -653,6 +687,61 @@ </div> </div> </div> + <div class="row spoofingAction hidden"> + <h4 class="form-section"> + <spring:message code="action_region" /> + <small></small> + </h4> + <div class="row"> + <div class="col-md-6"> + <div class="form-group"> + <label class="control-label col-md-3"><font color="red">*</font> + <spring:message code="Spoofing" /> + </label> + <div class="col-md-6"> + <select name="userRegion1" + class="selectpicker show-tick form-control required"> + <option value="" ><spring:message code="selected"/></option> + <c:forEach items="${fns:getDictList('SPOOFING_IP_TYPE')}" var="spoofingIp"> + <option value="${spoofingIp.itemCode}" <c:if test="${_cfg.userRegion1==spoofingIp.itemCode || _cfg.userRegion1==null}">selected</c:if>><spring:message code="${spoofingIp.itemValue}"/></option> + </c:forEach> + </select> + </div> + <div for="userRegion1"></div> + </div> + </div> + <div class="col-md-6"> + <div class="form-group "> + <label class="control-label col-md-3"><font color="red">*</font> + <spring:message code="With" /></label> + <div class="col-md-6"> + <select name="userRegion2" class="selectpicker show-tick form-control required"> + <option value="" ><spring:message code="select"/></option> + <c:forEach items="${policyGroups }" var="policyGroup"> + <option value="${policyGroup.groupId}" <c:if test="${_cfg.userRegion2==policyGroup.groupId }">selected</c:if>><spring:message code="${policyGroup.groupName}"/></option> + </c:forEach> + </select> + </div> + <div for="userRegion2"></div> + </div> + </div> + </div> + <%-- <div class="row"> + <div class="col-md-6"> + <div class="form-group "> + <label class="control-label col-md-3"><font color="red">*</font> + <spring:message code="IP" /></label> + <div class="col-md-6"> + <input class="form-control required" type="text" + name="userRegion2" + value="${_cfg.userRegion2 }"> + </div> + <div for="userRegion2"></div> + </div> + </div> + + </div> --%> + </div> <%-- action 为128 白名单时 --%> <c:if test="${_cfg.functionId eq 201}"> <div class="row whiteListAction hidden"> diff --git a/src/main/webapp/WEB-INF/views/cfg/intercept/interceptList.jsp b/src/main/webapp/WEB-INF/views/cfg/intercept/interceptList.jsp index 1b9ea9e..e4b3b48 100644 --- a/src/main/webapp/WEB-INF/views/cfg/intercept/interceptList.jsp +++ b/src/main/webapp/WEB-INF/views/cfg/intercept/interceptList.jsp @@ -95,7 +95,7 @@ </head> <body> -<c:if test="${cfg.functionId eq 200}"> +<c:if test="${cfg.functionId eq 200 or cfg.functionId eq 214}"> <c:set var="interceptType" value="Ip"/> </c:if> <c:if test="${cfg.functionId eq 201}"> @@ -384,6 +384,10 @@ <th><spring:message code="replaced_content"/></th> <th><spring:message code="replace_content"/></th> </c:if> + <c:if test="${cfg.functionId eq 214 }"> + <th><spring:message code="Spoofing"/></th> + <th><spring:message code="With"/></th> + </c:if> <c:if test="${cfg.functionId eq 201 }"> <th><spring:message code="intercept_intensity"/></th> </c:if> @@ -420,7 +424,10 @@ <c:if test="${indexCfg.action eq 128}"> <spring:message code="bypass"/> </c:if> - <c:if test="${(indexCfg.action ne 1) && (indexCfg.action ne 128)}"> + <c:if test="${indexCfg.action eq 48}"> + <spring:message code="Spoofing"/> + </c:if> + <c:if test="${(indexCfg.action ne 1) && (indexCfg.action ne 128) && (indexCfg.action ne 48)}"> <c:forEach items="${fns:getDictList('SERVICE_ACTION') }" var="dict"> <c:if test="${dict.itemCode eq indexCfg.action }"> <spring:message code="${dict.itemValue }"/> @@ -482,6 +489,22 @@ <td> ${indexCfg.userRegion3 } </td> + </c:if> + <c:if test="${cfg.functionId eq 214 }"> + <td> + <c:forEach items="${fns:getDictList('SPOOFING_IP_TYPE')}" var="spoofingIp"> + <c:if test="${indexCfg.userRegion1==spoofingIp.itemCode}"> + <spring:message code="${spoofingIp.itemValue}"/> + </c:if> + </c:forEach> + </td> + <td> + <c:forEach items="${policyGroups}" var="policyGroup"> + <c:if test="${indexCfg.userRegion2==policyGroup.groupId}"> + ${policyGroup.groupName } + </c:if> + </c:forEach> + </td> </c:if> <c:if test="${cfg.functionId eq 201 }"> <td> diff --git a/src/main/webapp/WEB-INF/views/cfg/proxy/spoofingIpPool/list.jsp b/src/main/webapp/WEB-INF/views/cfg/proxy/spoofingIpPool/list.jsp index 20f82cf..40871e1 100644 --- a/src/main/webapp/WEB-INF/views/cfg/proxy/spoofingIpPool/list.jsp +++ b/src/main/webapp/WEB-INF/views/cfg/proxy/spoofingIpPool/list.jsp @@ -113,7 +113,7 @@ <form:option value="cfgDesc"><spring:message code="config_describe"></spring:message></form:option> <form:option value="ipAddress"><spring:message code="IP"></spring:message></form:option> <%-- <form:option value="destPort"><spring:message code="port"></spring:message></form:option> --%> - <form:option value="action"><spring:message code="block_type"></spring:message></form:option> + <%-- <form:option value="action"><spring:message code="block_type"></spring:message></form:option> --%> <form:option value="isValid"><spring:message code="valid_identifier"></spring:message></form:option> </form:select> @@ -121,12 +121,12 @@ <input id="intype" class="form-control input-medium" type="text" value=""> <div class="input-group-btn"> - <form:select id="actionSelect" path="action" class="selectpicker select2 input-small" > + <%-- <form:select id="actionSelect" path="action" class="selectpicker select2 input-small" > <form:option value=""><spring:message code="select"/></form:option> <c:forEach items="${serviceList}" var="service"> <form:option value="${service.action }"><spring:message code="action_${service.actionCode }"/></form:option> </c:forEach> - </form:select> + </form:select> --%> <form:select path="isValid" class="selectpicker select2 input-small" > <form:option value=""><spring:message code="select"/></form:option> <form:option value="1"><spring:message code="yes"/></form:option> |