From 1802f9ba714531fc5d87547a75ac4459a7f2bafa Mon Sep 17 00:00:00 2001 From: HuangXin Date: Fri, 15 Oct 2021 17:34:54 +0800 Subject: [PATCH] =?UTF-8?q?OCT=20REM:=201.=20=E6=9B=B4=E6=96=B0=E9=9B=86?= =?UTF-8?q?=E5=9B=A2=E4=B8=80=E9=94=AE=E5=A4=84=E7=BD=AE=E5=AF=B9=E8=B1=A1?= =?UTF-8?q?=E9=87=8D=E5=91=BD=E5=90=8D=E4=B8=8D=E5=85=A8=E9=97=AE=E9=A2=98?= =?UTF-8?q?=202.=20=E5=90=88=E5=B9=B62.0.8.2=E7=89=88=E6=9C=AC=E4=BF=AE?= =?UTF-8?q?=E6=94=B9=203.=20=E9=87=8D=E5=91=BD=E5=90=8D=E9=9B=86=E5=9B=A2?= =?UTF-8?q?=E4=B8=80=E9=94=AE=E5=A4=84=E7=BD=AE=E8=AE=BE=E5=A4=87=E7=B1=BB?= =?UTF-8?q?=E5=90=8D?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- config/application-local.properties | 14 +- ...nAbilityImpl.java => CmhiAbilityImpl.java} | 1156 ++++++++--------- .../dispose/ability/impl/UpfAbilityImpl.java | 2 +- .../impl/DisposeAbilityRouterServiceImpl.java | 4 +- src/main/resources/mappers/DeviceTask.xml | 8 +- 5 files changed, 595 insertions(+), 589 deletions(-) rename src/main/java/com/dispose/ability/impl/{PengXinAbilityImpl.java => CmhiAbilityImpl.java} (96%) diff --git a/config/application-local.properties b/config/application-local.properties index 83fc0149..d1311e82 100644 --- a/config/application-local.properties +++ b/config/application-local.properties @@ -4,12 +4,18 @@ server.tomcat.basedir=./basedir # 多个项目放在nginx下同个端口,通过该配置区分 server.servlet.context-path=/dispose # 配置数据源 -spring.datasource.url=jdbc:mysql://10.88.77\ - .65:33061/dispose_cl_huaweifirewall?serverTimezone=Asia/Shanghai&zeroDateTimeBehavior\ - =convertToNull&useUnicode=true&characterEncoding=utf8&allowMultiQueries=true +#spring.datasource.url=jdbc:mysql://10.88.77\ +# .65:33061/dispose_cl_huaweifirewall?serverTimezone=Asia/Shanghai&zeroDateTimeBehavior\ +# =convertToNull&useUnicode=true&characterEncoding=utf8&allowMultiQueries=true +#spring.datasource.driver-class-name=com.mysql.cj.jdbc.Driver +#spring.datasource.username=root +#spring.datasource.password=h0K0_8u + +spring.datasource.url=jdbc:mysql://172.21.48.75:3306/dispose_hx?serverTimezone=Asia/Shanghai&zeroDateTimeBehavior\ + =convertToNull&useUnicode=true spring.datasource.driver-class-name=com.mysql.cj.jdbc.Driver spring.datasource.username=root -spring.datasource.password=h0K0_8u +spring.datasource.password=BCcf6Dd7&8 #spring.datasource.url=jdbc:mysql://172.28.72.118:33061/dispose_hx_v21?serverTimezone=Asia/Shanghai&zeroDateTimeBehavior\ # =convertToNull&useUnicode=true diff --git a/src/main/java/com/dispose/ability/impl/PengXinAbilityImpl.java b/src/main/java/com/dispose/ability/impl/CmhiAbilityImpl.java similarity index 96% rename from src/main/java/com/dispose/ability/impl/PengXinAbilityImpl.java rename to src/main/java/com/dispose/ability/impl/CmhiAbilityImpl.java index 719e5dbd..0a00b845 100644 --- a/src/main/java/com/dispose/ability/impl/PengXinAbilityImpl.java +++ b/src/main/java/com/dispose/ability/impl/CmhiAbilityImpl.java @@ -1,578 +1,578 @@ -package com.dispose.ability.impl; - -import com.cmhi.dispose.common.CmhiDisposeAbilityRsp; -import com.cmhi.dispose.common.CmhiDisposeLoginRsp; -import com.cmhi.dispose.common.CmhiDisposeStartTaskItem; -import com.cmhi.dispose.common.CmhiDisposeStartTaskRsp; -import com.cmhi.dispose.common.CmhiDisposeStopTaskRsp; -import com.cmhi.dispose.common.CmhiDisposeTaskStatusRsp; -import com.cmhi.dispose.protocol.CmhiDisposeInterface; -import com.dispose.ability.DisposeAbility; -import com.dispose.common.DisposeCapacityType; -import com.dispose.common.DisposeConfigValue; -import com.dispose.common.DisposeObjectType; -import com.dispose.common.ErrorCode; -import com.dispose.common.Helper; -import com.dispose.common.IpAddrType; -import com.dispose.common.NetflowDirection; -import com.dispose.pojo.dto.protocol.base.ProtocolRespDTO; -import com.dispose.pojo.entity.ServiceInfo; -import com.dispose.pojo.po.MulReturnType; -import com.dispose.pojo.vo.DeviceFirewareInfo; -import inet.ipaddr.IPAddress; -import inet.ipaddr.IPAddressString; -import lombok.Getter; -import lombok.Setter; -import lombok.extern.slf4j.Slf4j; - -import javax.annotation.Nullable; -import javax.servlet.http.HttpServletResponse; -import java.util.ArrayList; -import java.util.Arrays; -import java.util.List; - -/** - * The type Peng xin ability. - * - * @author - */ -@Slf4j -public class PengXinAbilityImpl implements DisposeAbility { - /** - * The Protect ip v 4. - */ - private final List protectIpV4 = new ArrayList<>(); - /** - * The Protect ip v 6. - */ - private final List protectIpV6 = new ArrayList<>(); - /** - * The Restful interface. - */ - private final CmhiDisposeInterface restfulInterface = new CmhiDisposeInterface(); - /** - * The Peng xin dispose type. - */ - private final Integer[] pengXinDisposeType = new Integer[]{0, 4, 1, 3}; - /** - * The Task req id. - */ - private Long taskReqId = System.currentTimeMillis(); - /** - * The Timer cnt. - */ - private long timerCnt = 0; - /** - * The Device link status. - */ - private boolean deviceLinkStatus = false; - - /** - * The Url root path. - */ - @Getter - @Setter - private String urlRootPath; - /** - * The Username. - */ - @Getter - @Setter - private String username; - /** - * The Password. - */ - @Getter - @Setter - private String password; - /** - * The Token. - */ - private String token; - - /** - * Gets peng xin task type. - * - * @param capType the cap type - * @return the peng xin task type - */ - private int getPengXinTaskType(DisposeCapacityType capType) { - return pengXinDisposeType[capType.getValue()]; - } - - /** - * Gets peng xin object type. - * - * @param objType the obj type - * @return the peng xin object type - */ - private int getPengXinObjectType(DisposeObjectType objType) { - switch (objType) { - case URL: - return 2; - case DOMAIN: - return 1; - default: - return 0; - } - } - - /** - * Init device env. - * - * @param urlPath the url path - * @param username the username - * @param password the password - */ - @Override - public void initDeviceEnv(String urlPath, String username, String password) { - this.urlRootPath = urlPath; - this.username = username; - this.password = password; - restfulInterface.setParams(1, 0); - - upgradeToken(); - } - - /** - * Run dispose mul return type. - * - * @param disposeObject the dispose object - * @param objectType the object type - * @param capType the cap type - * @param nfDirection the nf direction - * @param attackType the attack type - * @param duration the duration - * @return the mul return type - */ - @Override - public MulReturnType runDispose(String disposeObject, DisposeObjectType objectType, - DisposeCapacityType capType, - @Nullable NetflowDirection nfDirection, - @Nullable Integer attackType, - @Nullable Long duration) { - List reqItems = new ArrayList<>(); - - String url = urlRootPath + "dispose_device/task/start"; - - if (token == null || token.length() == 0) { - return new MulReturnType<>(ErrorCode.ERR_LOGOUT, ""); - } - - try { - log.info("++++Begging PengXin Start Cleanup Task: {}", disposeObject); - - if (capType != DisposeCapacityType.BLACKHOOL) { - log.error("----Error PengXin don't support dispose capacity type: {}", capType); - return new MulReturnType<>(ErrorCode.ERR_UNSUPPORT, null); - } - - // 适配处置时间参数, -1为不限制处置时间 - if (duration == null || duration < 0) { - duration = -1L; - } - - reqItems.add(CmhiDisposeStartTaskItem.builder() - .type(getPengXinTaskType(capType)) - .disposeObject(disposeObject) - .objectType(getPengXinObjectType(objectType)) - .disposeTime(duration) - .taskReqId(String.valueOf(taskReqId++)) - .build()); - - ProtocolRespDTO rspInfo = restfulInterface.startDisposeTask(url, token, reqItems); - - // 判断是否token过期 - if (rspInfo != null && reLogin(rspInfo, rspInfo.getMsgContent().getItems().get(0).getStatus())) { - rspInfo = restfulInterface.startDisposeTask(url, token, reqItems); - } - - if (rspInfo == null || rspInfo.getCode() != ErrorCode.ERR_OK.getHttpCode()) { - log.error("----Error PengXin start clean {} server return error", disposeObject); - return new MulReturnType<>(ErrorCode.ERR_PENGXIN_ERROR, null); - } - - if (rspInfo.getMsgContent().getItems().size() == 0) { - log.error("----Error PengXin start clean {} server return nothing", disposeObject); - return new MulReturnType<>(ErrorCode.ERR_PENGXIN_ERROR, null); - } else { - int errCode = rspInfo.getMsgContent().getItems().get(0).getStatus(); - - if (errCode != ErrorCode.ERR_OK.getCode()) { - log.error("----Error PengXin start clean {} server return error: {}", disposeObject, errCode); - return new MulReturnType<>(ErrorCode.ERR_PENGXIN_ERROR, null); - } - - log.debug("----Finish PengXin Start Cleanup Task: {}", disposeObject); - return new MulReturnType<>(ErrorCode.ERR_OK, rspInfo.getMsgContent().getItems().get(0).getTaskId()); - } - } catch (Exception ex) { - log.error("----Exception PengXin Start Cleanup Task: {}, {}, {}", disposeObject, nfDirection, duration); - return new MulReturnType<>(ErrorCode.ERR_SYSTEMEXCEPTION, null); - } - } - - /** - * Stop dispose mul return type. - * - * @param disposeObject the dispose object - * @param capType the cap type - * @param nfDirection the nf direction - * @param attackType the attack type - * @param taskId the task id - * @return the mul return type - */ - @Override - public MulReturnType stopDispose(String disposeObject, DisposeCapacityType capType, - @Nullable NetflowDirection nfDirection, - @Nullable Integer attackType, - @Nullable String taskId) { - String url = urlRootPath + "dispose_device/task/stop"; - - if (token == null || token.length() == 0) { - return new MulReturnType<>(ErrorCode.ERR_LOGOUT, null); - } - - try { - log.info("++++Begging PengXin Stop Cleanup Task: {}", taskId); - - if (capType != DisposeCapacityType.BLACKHOOL) { - log.error("----Error PengXin don't support dispose capacity type: {}", capType); - return new MulReturnType<>(ErrorCode.ERR_UNSUPPORT, null); - } - - if (taskId == null) { - return new MulReturnType<>(ErrorCode.ERR_PARAMS, null); - } - - ProtocolRespDTO rspInfo = restfulInterface.stopDisposeTask(url, token, - new String[]{taskId}); - - // 判断是否token过期 - if (rspInfo != null && reLogin(rspInfo, rspInfo.getMsgContent().getItems().get(0).getStatus())) { - rspInfo = restfulInterface.stopDisposeTask(url, token, new String[]{taskId}); - } - - if (rspInfo == null || rspInfo.getCode() != ErrorCode.ERR_OK.getHttpCode()) { - log.error("----Error PengXin stop task{} server return error", taskId); - return new MulReturnType<>(ErrorCode.ERR_CALLDEVICE, null); - } - - if (rspInfo.getMsgContent().getItems().size() == 0) { - log.error("----Error PengXin stop clean {} server return nothing", disposeObject); - return new MulReturnType<>(ErrorCode.ERR_PENGXIN_ERROR, null); - } else { - int errCode = rspInfo.getMsgContent().getItems().get(0).getStatus(); - - if (errCode != ErrorCode.ERR_OK.getCode()) { - log.error("----Error PengXin stop clean {} server return error: {}", disposeObject, errCode); - return new MulReturnType<>(ErrorCode.ERR_PENGXIN_ERROR, null); - } - - log.debug("----Finish PengXin Stop Cleanup Task: {}", taskId); - return new MulReturnType<>(ErrorCode.ERR_OK, null); - } - } catch (Exception ex) { - log.error("----Exception PengXin Stop Cleanup Task: {}, {}, {}", disposeObject, nfDirection, taskId); - return new MulReturnType<>(ErrorCode.ERR_SYSTEMEXCEPTION, null); - } - } - - /** - * Gets ability device fireware. - * - * @return the ability device fireware - */ - @Override - public MulReturnType getAbilityDeviceFireware() { - return new MulReturnType<>(ErrorCode.ERR_OK, - DeviceFirewareInfo.builder() - .vendor("PengXin") - .model("Unknown") - .firmware("Unknown") - .os("Linux Server") - .kernel("Linux") - .arch("x86_64") - .version("Unknown") - .memory(-1) - .freeMemory(-1) - .cpuUsed(-1) - .build()); - } - - /** - * To device attack type long. - * - * @param ddosAttackTypeMask the ddos attack type mask - * @return the long - */ - @Override - public Long toDeviceAttackType(Long ddosAttackTypeMask) { - return ddosAttackTypeMask; - } - - /** - * Gets device link status. - * - * @return the device link status - */ - @Override - public boolean getDeviceLinkStatus() { - return deviceLinkStatus; - } - - /** - * Dev get link status. - */ - private void devGetLinkStatus() { - try { - String url = urlRootPath + "dispose_device/information/linkstatus"; - - if (token == null || token.length() == 0) { - deviceLinkStatus = false; - return; - } - - ErrorCode err = restfulInterface.getLinkStatus(url, token); - - if (err == ErrorCode.ERR_LOGOUT) { - // 重新登录获取 token - upgradeToken(); - err = restfulInterface.getLinkStatus(url, token); - } - - if (err == ErrorCode.ERR_OK) { - deviceLinkStatus = true; - } - - return; - } catch (Exception ex) { - log.error(ex.getMessage()); - } - - deviceLinkStatus = false; - } - - /** - * Gets dispose device protect object. - */ - @Override - public void getDisposeDeviceProtectObject() { - - if (token == null || token.length() == 0) { - return; - } - - try { - String url = urlRootPath + "dispose_device/information/capacity"; - - ProtocolRespDTO rspInfo = restfulInterface.getDeviceDisposeAbility(url, token); - - // 判断是否token过期 - if (rspInfo != null && reLogin(rspInfo, rspInfo.getMsgContent().getStatus())) { - rspInfo = restfulInterface.getDeviceDisposeAbility(url, token); - } - - if (rspInfo != null && rspInfo.getCode() == ErrorCode.ERR_OK.getHttpCode() - && rspInfo.getMsgContent().getStatus() == ErrorCode.ERR_OK.getCode()) { - - rspInfo.getMsgContent().getCapacity().forEach(v -> { - if (v.getObjectType().equals(DisposeObjectType.DOMAIN.getValue())) { - log.error("Unsupported: {}", v.getObjectType()); - } else if (v.getObjectType().equals(DisposeObjectType.URL.getValue())) { - log.error("Unsupported: {}", v.getObjectType()); - } else { - synchronized (this) { - - protectIpV4.clear(); - protectIpV6.clear(); - - if (v.getIpType() == null || v.getIpType().equals(IpAddrType.IPV4_IPV6.getValue())) { - String [] allIpAddr = {null, "0.0.0.0", "0.0.0.0,::"}; - - if(Arrays.asList(allIpAddr).contains(v.getDisposeIp())) { - protectIpV4.add(""); - protectIpV6.add(""); - } - } else if (v.getIpType().equals(IpAddrType.IPV4.getValue())) { - protectIpV4.add(""); - } else if (v.getIpType().equals(IpAddrType.IPV6.getValue())) { - protectIpV6.add(""); - } - } - } - }); - - } - } catch (Exception ignored) { - } - } - - /** - * Is carry protect ip boolean. - * - * @param ipAddr the ip addr - * @return the boolean - */ - @Override - public boolean isCarryProtectIp(String ipAddr) { - boolean ret = false; - IPAddress addr = new IPAddressString(ipAddr).getAddress(); - synchronized (this) { - if (addr.isIPv4()) { - ret = protectIpV4.stream().anyMatch(v -> Helper.ipInRange(v, ipAddr)); - } - - if (addr.isIPv6()) { - ret = protectIpV6.stream().anyMatch(v -> Helper.ipInRange(v, ipAddr)); - } - } - - if (!ret) { - // 更新设备防护IP - getDisposeDeviceProtectObject(); - - synchronized (this) { - if (addr.isIPv4()) { - ret = protectIpV4.stream().anyMatch(v -> Helper.ipInRange(v, ipAddr)); - } - - if (addr.isIPv6()) { - ret = protectIpV6.stream().anyMatch(v -> Helper.ipInRange(v, ipAddr)); - } - } - } - - return ret; - } - - /** - * Task status mul return type. - * - * @param taskId the task id - * @return the mul return type - */ - @Override - public MulReturnType taskStatus(String taskId) { - if (token == null || token.length() == 0) { - return new MulReturnType<>(ErrorCode.ERR_LOGOUT, -1L); - } - - try { - String url = urlRootPath + "dispose_device/task/get"; - - ProtocolRespDTO rspInfo = restfulInterface.getDeviceTaskStatus(url, token, - new String[]{taskId}); - - // 判断是否token过期 - if (rspInfo != null && reLogin(rspInfo, rspInfo.getMsgContent().getItems().get(0).getStatus())) { - rspInfo = restfulInterface.getDeviceTaskStatus(url, token, new String[]{taskId}); - } - - if (rspInfo != null && rspInfo.getCode() == ErrorCode.ERR_OK.getHttpCode()) { - - int errCode = rspInfo.getMsgContent().getItems().get(0).getStatus(); - if (rspInfo.getMsgContent().getItems().size() == 0 || errCode != ErrorCode.ERR_OK.getCode()) { - return new MulReturnType<>(ErrorCode.ERR_NOSUCHTASK, -1L); - } - - return new MulReturnType<>(ErrorCode.ERR_OK, - rspInfo.getMsgContent().getItems().get(0).getTaskStatus()); - } else { - return new MulReturnType<>(ErrorCode.ERR_CALLDEVICE, -1L); - } - } catch (Exception ignored) { - return new MulReturnType<>(ErrorCode.ERR_SYSTEMEXCEPTION, -1L); - } - } - - /** - * Upgrade token. - */ - private void upgradeToken() { - try { - String url = urlRootPath + "dispose_device/auth/login"; - ProtocolRespDTO logInfo = restfulInterface.login(url, username, password); - - if (logInfo != null && logInfo.getMsgContent().getStatus() == ErrorCode.ERR_OK.getCode()) { - this.token = logInfo.getMsgContent().getToken(); - } - } catch (Exception ignored) { - } - } - - /** - * reLogin. - */ - private boolean reLogin(ProtocolRespDTO rspInfo, int status) { - try { - // 判断是否token过期 - if (rspInfo.getCode() == HttpServletResponse.SC_UNAUTHORIZED) { - // 重新登录获取 token - upgradeToken(); - return true; - } - - if (rspInfo.getCode() == HttpServletResponse.SC_OK) { - if (status == ErrorCode.ERR_LOGOUT.getCode() || - status == ErrorCode.ERR_TOKENTIMEOUT.getCode() || - status == ErrorCode.ERR_TOKENNOTFOUND.getCode()) { - upgradeToken(); - return true; - } - } - - return false; - } catch (Exception ignored) { - return false; - } - } - - /** - * Period task runtime. - */ - @Override - public void periodTaskRuntime() { - log.debug("++++PengXin Period Task Running"); - - // 更新防护对象 - getDisposeDeviceProtectObject(); - - // 更新心跳状态 - if (timerCnt++ % DisposeConfigValue.HEART_PERIOD_OF_SECOND == 0) { - devGetLinkStatus(); - } - - log.debug("----PengXin Period Task Running"); - } - - /** - * Device ready boolean. - * - * @return the boolean - */ - @Override - public boolean deviceReady() { - return true; - } - - /** - * Upgrade service group. - * - * @param svrList the svr list - */ - @Override - public void upgradeServiceGroup(List svrList) { - } - - /** - * Is carry attack type boolean. - * - * @param attackType the attack type - * @return the boolean - */ - @Override - public boolean isCarryAttackType(Long attackType) { - return true; - } -} +package com.dispose.ability.impl; + +import com.cmhi.dispose.common.CmhiDisposeAbilityRsp; +import com.cmhi.dispose.common.CmhiDisposeLoginRsp; +import com.cmhi.dispose.common.CmhiDisposeStartTaskItem; +import com.cmhi.dispose.common.CmhiDisposeStartTaskRsp; +import com.cmhi.dispose.common.CmhiDisposeStopTaskRsp; +import com.cmhi.dispose.common.CmhiDisposeTaskStatusRsp; +import com.cmhi.dispose.protocol.CmhiDisposeInterface; +import com.dispose.ability.DisposeAbility; +import com.dispose.common.DisposeCapacityType; +import com.dispose.common.DisposeConfigValue; +import com.dispose.common.DisposeObjectType; +import com.dispose.common.ErrorCode; +import com.dispose.common.Helper; +import com.dispose.common.IpAddrType; +import com.dispose.common.NetflowDirection; +import com.dispose.pojo.dto.protocol.base.ProtocolRespDTO; +import com.dispose.pojo.entity.ServiceInfo; +import com.dispose.pojo.po.MulReturnType; +import com.dispose.pojo.vo.DeviceFirewareInfo; +import inet.ipaddr.IPAddress; +import inet.ipaddr.IPAddressString; +import lombok.Getter; +import lombok.Setter; +import lombok.extern.slf4j.Slf4j; + +import javax.annotation.Nullable; +import javax.servlet.http.HttpServletResponse; +import java.util.ArrayList; +import java.util.Arrays; +import java.util.List; + +/** + * The type Peng xin ability. + * + * @author + */ +@Slf4j +public class CmhiAbilityImpl implements DisposeAbility { + /** + * The Protect ip v 4. + */ + private final List protectIpV4 = new ArrayList<>(); + /** + * The Protect ip v 6. + */ + private final List protectIpV6 = new ArrayList<>(); + /** + * The Restful interface. + */ + private final CmhiDisposeInterface restfulInterface = new CmhiDisposeInterface(); + /** + * The Peng xin dispose type. + */ + private final Integer[] pengXinDisposeType = new Integer[]{0, 4, 1, 3}; + /** + * The Task req id. + */ + private Long taskReqId = System.currentTimeMillis(); + /** + * The Timer cnt. + */ + private long timerCnt = 0; + /** + * The Device link status. + */ + private boolean deviceLinkStatus = false; + + /** + * The Url root path. + */ + @Getter + @Setter + private String urlRootPath; + /** + * The Username. + */ + @Getter + @Setter + private String username; + /** + * The Password. + */ + @Getter + @Setter + private String password; + /** + * The Token. + */ + private String token; + + /** + * Gets peng xin task type. + * + * @param capType the cap type + * @return the peng xin task type + */ + private int getPengXinTaskType(DisposeCapacityType capType) { + return pengXinDisposeType[capType.getValue()]; + } + + /** + * Gets peng xin object type. + * + * @param objType the obj type + * @return the peng xin object type + */ + private int getPengXinObjectType(DisposeObjectType objType) { + switch (objType) { + case URL: + return 2; + case DOMAIN: + return 1; + default: + return 0; + } + } + + /** + * Init device env. + * + * @param urlPath the url path + * @param username the username + * @param password the password + */ + @Override + public void initDeviceEnv(String urlPath, String username, String password) { + this.urlRootPath = urlPath; + this.username = username; + this.password = password; + restfulInterface.setParams(1, 0); + + upgradeToken(); + } + + /** + * Run dispose mul return type. + * + * @param disposeObject the dispose object + * @param objectType the object type + * @param capType the cap type + * @param nfDirection the nf direction + * @param attackType the attack type + * @param duration the duration + * @return the mul return type + */ + @Override + public MulReturnType runDispose(String disposeObject, DisposeObjectType objectType, + DisposeCapacityType capType, + @Nullable NetflowDirection nfDirection, + @Nullable Integer attackType, + @Nullable Long duration) { + List reqItems = new ArrayList<>(); + + String url = urlRootPath + "dispose_device/task/start"; + + if (token == null || token.length() == 0) { + return new MulReturnType<>(ErrorCode.ERR_LOGOUT, ""); + } + + try { + log.info("++++Begging PengXin Start Cleanup Task: {}", disposeObject); + + if (capType != DisposeCapacityType.BLACKHOOL) { + log.error("----Error PengXin don't support dispose capacity type: {}", capType); + return new MulReturnType<>(ErrorCode.ERR_UNSUPPORT, null); + } + + // 适配处置时间参数, -1为不限制处置时间 + if (duration == null || duration < 0) { + duration = -1L; + } + + reqItems.add(CmhiDisposeStartTaskItem.builder() + .type(getPengXinTaskType(capType)) + .disposeObject(disposeObject) + .objectType(getPengXinObjectType(objectType)) + .disposeTime(duration) + .taskReqId(String.valueOf(taskReqId++)) + .build()); + + ProtocolRespDTO rspInfo = restfulInterface.startDisposeTask(url, token, reqItems); + + // 判断是否token过期 + if (rspInfo != null && reLogin(rspInfo, rspInfo.getMsgContent().getItems().get(0).getStatus())) { + rspInfo = restfulInterface.startDisposeTask(url, token, reqItems); + } + + if (rspInfo == null || rspInfo.getCode() != ErrorCode.ERR_OK.getHttpCode()) { + log.error("----Error PengXin start clean {} server return error", disposeObject); + return new MulReturnType<>(ErrorCode.ERR_PENGXIN_ERROR, null); + } + + if (rspInfo.getMsgContent().getItems().size() == 0) { + log.error("----Error PengXin start clean {} server return nothing", disposeObject); + return new MulReturnType<>(ErrorCode.ERR_PENGXIN_ERROR, null); + } else { + int errCode = rspInfo.getMsgContent().getItems().get(0).getStatus(); + + if (errCode != ErrorCode.ERR_OK.getCode()) { + log.error("----Error PengXin start clean {} server return error: {}", disposeObject, errCode); + return new MulReturnType<>(ErrorCode.ERR_PENGXIN_ERROR, null); + } + + log.debug("----Finish PengXin Start Cleanup Task: {}", disposeObject); + return new MulReturnType<>(ErrorCode.ERR_OK, rspInfo.getMsgContent().getItems().get(0).getTaskId()); + } + } catch (Exception ex) { + log.error("----Exception PengXin Start Cleanup Task: {}, {}, {}", disposeObject, nfDirection, duration); + return new MulReturnType<>(ErrorCode.ERR_SYSTEMEXCEPTION, null); + } + } + + /** + * Stop dispose mul return type. + * + * @param disposeObject the dispose object + * @param capType the cap type + * @param nfDirection the nf direction + * @param attackType the attack type + * @param taskId the task id + * @return the mul return type + */ + @Override + public MulReturnType stopDispose(String disposeObject, DisposeCapacityType capType, + @Nullable NetflowDirection nfDirection, + @Nullable Integer attackType, + @Nullable String taskId) { + String url = urlRootPath + "dispose_device/task/stop"; + + if (token == null || token.length() == 0) { + return new MulReturnType<>(ErrorCode.ERR_LOGOUT, null); + } + + try { + log.info("++++Begging PengXin Stop Cleanup Task: {}", taskId); + + if (capType != DisposeCapacityType.BLACKHOOL) { + log.error("----Error PengXin don't support dispose capacity type: {}", capType); + return new MulReturnType<>(ErrorCode.ERR_UNSUPPORT, null); + } + + if (taskId == null) { + return new MulReturnType<>(ErrorCode.ERR_PARAMS, null); + } + + ProtocolRespDTO rspInfo = restfulInterface.stopDisposeTask(url, token, + new String[]{taskId}); + + // 判断是否token过期 + if (rspInfo != null && reLogin(rspInfo, rspInfo.getMsgContent().getItems().get(0).getStatus())) { + rspInfo = restfulInterface.stopDisposeTask(url, token, new String[]{taskId}); + } + + if (rspInfo == null || rspInfo.getCode() != ErrorCode.ERR_OK.getHttpCode()) { + log.error("----Error PengXin stop task{} server return error", taskId); + return new MulReturnType<>(ErrorCode.ERR_CALLDEVICE, null); + } + + if (rspInfo.getMsgContent().getItems().size() == 0) { + log.error("----Error PengXin stop clean {} server return nothing", disposeObject); + return new MulReturnType<>(ErrorCode.ERR_PENGXIN_ERROR, null); + } else { + int errCode = rspInfo.getMsgContent().getItems().get(0).getStatus(); + + if (errCode != ErrorCode.ERR_OK.getCode()) { + log.error("----Error PengXin stop clean {} server return error: {}", disposeObject, errCode); + return new MulReturnType<>(ErrorCode.ERR_PENGXIN_ERROR, null); + } + + log.debug("----Finish PengXin Stop Cleanup Task: {}", taskId); + return new MulReturnType<>(ErrorCode.ERR_OK, null); + } + } catch (Exception ex) { + log.error("----Exception PengXin Stop Cleanup Task: {}, {}, {}", disposeObject, nfDirection, taskId); + return new MulReturnType<>(ErrorCode.ERR_SYSTEMEXCEPTION, null); + } + } + + /** + * Gets ability device fireware. + * + * @return the ability device fireware + */ + @Override + public MulReturnType getAbilityDeviceFireware() { + return new MulReturnType<>(ErrorCode.ERR_OK, + DeviceFirewareInfo.builder() + .vendor("PengXin") + .model("Unknown") + .firmware("Unknown") + .os("Linux Server") + .kernel("Linux") + .arch("x86_64") + .version("Unknown") + .memory(-1) + .freeMemory(-1) + .cpuUsed(-1) + .build()); + } + + /** + * To device attack type long. + * + * @param ddosAttackTypeMask the ddos attack type mask + * @return the long + */ + @Override + public Long toDeviceAttackType(Long ddosAttackTypeMask) { + return ddosAttackTypeMask; + } + + /** + * Gets device link status. + * + * @return the device link status + */ + @Override + public boolean getDeviceLinkStatus() { + return deviceLinkStatus; + } + + /** + * Dev get link status. + */ + private void devGetLinkStatus() { + try { + String url = urlRootPath + "dispose_device/information/linkstatus"; + + if (token == null || token.length() == 0) { + deviceLinkStatus = false; + return; + } + + ErrorCode err = restfulInterface.getLinkStatus(url, token); + + if (err == ErrorCode.ERR_LOGOUT) { + // 重新登录获取 token + upgradeToken(); + err = restfulInterface.getLinkStatus(url, token); + } + + if (err == ErrorCode.ERR_OK) { + deviceLinkStatus = true; + } + + return; + } catch (Exception ex) { + log.error(ex.getMessage()); + } + + deviceLinkStatus = false; + } + + /** + * Gets dispose device protect object. + */ + @Override + public void getDisposeDeviceProtectObject() { + + if (token == null || token.length() == 0) { + return; + } + + try { + String url = urlRootPath + "dispose_device/information/capacity"; + + ProtocolRespDTO rspInfo = restfulInterface.getDeviceDisposeAbility(url, token); + + // 判断是否token过期 + if (rspInfo != null && reLogin(rspInfo, rspInfo.getMsgContent().getStatus())) { + rspInfo = restfulInterface.getDeviceDisposeAbility(url, token); + } + + if (rspInfo != null && rspInfo.getCode() == ErrorCode.ERR_OK.getHttpCode() + && rspInfo.getMsgContent().getStatus() == ErrorCode.ERR_OK.getCode()) { + + rspInfo.getMsgContent().getCapacity().forEach(v -> { + if (v.getObjectType().equals(DisposeObjectType.DOMAIN.getValue())) { + log.error("Unsupported: {}", v.getObjectType()); + } else if (v.getObjectType().equals(DisposeObjectType.URL.getValue())) { + log.error("Unsupported: {}", v.getObjectType()); + } else { + synchronized (this) { + + protectIpV4.clear(); + protectIpV6.clear(); + + if (v.getIpType() == null || v.getIpType().equals(IpAddrType.IPV4_IPV6.getValue())) { + String [] allIpAddr = {null, "0.0.0.0", "0.0.0.0,::"}; + + if(Arrays.asList(allIpAddr).contains(v.getDisposeIp())) { + protectIpV4.add(""); + protectIpV6.add(""); + } + } else if (v.getIpType().equals(IpAddrType.IPV4.getValue())) { + protectIpV4.add(""); + } else if (v.getIpType().equals(IpAddrType.IPV6.getValue())) { + protectIpV6.add(""); + } + } + } + }); + + } + } catch (Exception ignored) { + } + } + + /** + * Is carry protect ip boolean. + * + * @param ipAddr the ip addr + * @return the boolean + */ + @Override + public boolean isCarryProtectIp(String ipAddr) { + boolean ret = false; + IPAddress addr = new IPAddressString(ipAddr).getAddress(); + synchronized (this) { + if (addr.isIPv4()) { + ret = protectIpV4.stream().anyMatch(v -> Helper.ipInRange(v, ipAddr)); + } + + if (addr.isIPv6()) { + ret = protectIpV6.stream().anyMatch(v -> Helper.ipInRange(v, ipAddr)); + } + } + + if (!ret) { + // 更新设备防护IP + getDisposeDeviceProtectObject(); + + synchronized (this) { + if (addr.isIPv4()) { + ret = protectIpV4.stream().anyMatch(v -> Helper.ipInRange(v, ipAddr)); + } + + if (addr.isIPv6()) { + ret = protectIpV6.stream().anyMatch(v -> Helper.ipInRange(v, ipAddr)); + } + } + } + + return ret; + } + + /** + * Task status mul return type. + * + * @param taskId the task id + * @return the mul return type + */ + @Override + public MulReturnType taskStatus(String taskId) { + if (token == null || token.length() == 0) { + return new MulReturnType<>(ErrorCode.ERR_LOGOUT, -1L); + } + + try { + String url = urlRootPath + "dispose_device/task/get"; + + ProtocolRespDTO rspInfo = restfulInterface.getDeviceTaskStatus(url, token, + new String[]{taskId}); + + // 判断是否token过期 + if (rspInfo != null && reLogin(rspInfo, rspInfo.getMsgContent().getItems().get(0).getStatus())) { + rspInfo = restfulInterface.getDeviceTaskStatus(url, token, new String[]{taskId}); + } + + if (rspInfo != null && rspInfo.getCode() == ErrorCode.ERR_OK.getHttpCode()) { + + int errCode = rspInfo.getMsgContent().getItems().get(0).getStatus(); + if (rspInfo.getMsgContent().getItems().size() == 0 || errCode != ErrorCode.ERR_OK.getCode()) { + return new MulReturnType<>(ErrorCode.ERR_NOSUCHTASK, -1L); + } + + return new MulReturnType<>(ErrorCode.ERR_OK, + rspInfo.getMsgContent().getItems().get(0).getTaskStatus()); + } else { + return new MulReturnType<>(ErrorCode.ERR_CALLDEVICE, -1L); + } + } catch (Exception ignored) { + return new MulReturnType<>(ErrorCode.ERR_SYSTEMEXCEPTION, -1L); + } + } + + /** + * Upgrade token. + */ + private void upgradeToken() { + try { + String url = urlRootPath + "dispose_device/auth/login"; + ProtocolRespDTO logInfo = restfulInterface.login(url, username, password); + + if (logInfo != null && logInfo.getMsgContent().getStatus() == ErrorCode.ERR_OK.getCode()) { + this.token = logInfo.getMsgContent().getToken(); + } + } catch (Exception ignored) { + } + } + + /** + * reLogin. + */ + private boolean reLogin(ProtocolRespDTO rspInfo, int status) { + try { + // 判断是否token过期 + if (rspInfo.getCode() == HttpServletResponse.SC_UNAUTHORIZED) { + // 重新登录获取 token + upgradeToken(); + return true; + } + + if (rspInfo.getCode() == HttpServletResponse.SC_OK) { + if (status == ErrorCode.ERR_LOGOUT.getCode() || + status == ErrorCode.ERR_TOKENTIMEOUT.getCode() || + status == ErrorCode.ERR_TOKENNOTFOUND.getCode()) { + upgradeToken(); + return true; + } + } + + return false; + } catch (Exception ignored) { + return false; + } + } + + /** + * Period task runtime. + */ + @Override + public void periodTaskRuntime() { + log.debug("++++PengXin Period Task Running"); + + // 更新防护对象 + getDisposeDeviceProtectObject(); + + // 更新心跳状态 + if (timerCnt++ % DisposeConfigValue.HEART_PERIOD_OF_SECOND == 0) { + devGetLinkStatus(); + } + + log.debug("----PengXin Period Task Running"); + } + + /** + * Device ready boolean. + * + * @return the boolean + */ + @Override + public boolean deviceReady() { + return true; + } + + /** + * Upgrade service group. + * + * @param svrList the svr list + */ + @Override + public void upgradeServiceGroup(List svrList) { + } + + /** + * Is carry attack type boolean. + * + * @param attackType the attack type + * @return the boolean + */ + @Override + public boolean isCarryAttackType(Long attackType) { + return true; + } +} diff --git a/src/main/java/com/dispose/ability/impl/UpfAbilityImpl.java b/src/main/java/com/dispose/ability/impl/UpfAbilityImpl.java index 26a7ba71..0b9195d7 100644 --- a/src/main/java/com/dispose/ability/impl/UpfAbilityImpl.java +++ b/src/main/java/com/dispose/ability/impl/UpfAbilityImpl.java @@ -28,7 +28,7 @@ import java.util.List; * @author Nicole */ @Slf4j -public class UpfAbilityImpl extends PengXinAbilityImpl { +public class UpfAbilityImpl extends CmhiAbilityImpl { /** * The Restful interface. */ diff --git a/src/main/java/com/dispose/service/impl/DisposeAbilityRouterServiceImpl.java b/src/main/java/com/dispose/service/impl/DisposeAbilityRouterServiceImpl.java index 865d517e..26f2ea2d 100644 --- a/src/main/java/com/dispose/service/impl/DisposeAbilityRouterServiceImpl.java +++ b/src/main/java/com/dispose/service/impl/DisposeAbilityRouterServiceImpl.java @@ -6,7 +6,7 @@ import com.dispose.ability.impl.DpTechBypassAbilityImpl; import com.dispose.ability.impl.HaoHanAbilityImpl; import com.dispose.ability.impl.HuaWeiAbilityImpl; import com.dispose.ability.impl.HuaWeiFireWallAbilityImpl; -import com.dispose.ability.impl.PengXinAbilityImpl; +import com.dispose.ability.impl.CmhiAbilityImpl; import com.dispose.ability.impl.UpfAbilityImpl; import com.dispose.ability.impl.VirtualAbilityImpl; import com.dispose.common.DisposeCapacityType; @@ -167,7 +167,7 @@ public class DisposeAbilityRouterServiceImpl implements DisposeAbilityRouterServ db = new HaoHanAbilityImpl(); break; case CMHI_PLATFORM: - db = new PengXinAbilityImpl(); + db = new CmhiAbilityImpl(); break; case HUAWEI_PLATFORM: db = new HuaWeiAbilityImpl(); diff --git a/src/main/resources/mappers/DeviceTask.xml b/src/main/resources/mappers/DeviceTask.xml index 5a1bca55..63e30ae5 100644 --- a/src/main/resources/mappers/DeviceTask.xml +++ b/src/main/resources/mappers/DeviceTask.xml @@ -150,9 +150,9 @@ SELECT dt.*, dd.* FROM device_task dt LEFT JOIN dispose_device dd ON dt.deviceId = dd.id - WHERE dd.deviceType = ${@com.dispose.common.DisposeDeviceType@PENGXIN_PLATFORM.getValue()} - AND dt.devStatus != ${@com.pengxin.dispose.common.PengXinTaskStatus@TASK_FINISHED_USER.getValue()} - AND dt.devStatus != ${@com.pengxin.dispose.common.PengXinTaskStatus@TASK_FINISHED_TIME.getValue()} - AND dt.devStatus != ${@com.pengxin.dispose.common.PengXinTaskStatus@TASK_REVIEWED_FAILED.getValue()} + WHERE dd.deviceType = ${@com.dispose.common.DisposeDeviceType@CMHI_PLATFORM.getValue()} + AND dt.devStatus != ${@com.cmhi.dispose.common.CmhiDisposeTaskStatus@TASK_FINISHED_USER.getValue()} + AND dt.devStatus != ${@com.cmhi.dispose.common.CmhiDisposeTaskStatus@TASK_FINISHED_TIME.getValue()} + AND dt.devStatus != ${@com.cmhi.dispose.common.CmhiDisposeTaskStatus@TASK_REVIEWED_FAILED.getValue()} \ No newline at end of file