Merge branch 'v2.0.7_dev' into 'master'
V2.0.7 dev See merge request DDOSAQ/phoenix_ddos_handle!16
This commit is contained in:
陈玲(杭研)
commit
208391b7c9
|
|
@ -263,6 +263,25 @@ public class DpTechBypassAbilityImpl extends DpTechAbilityImpl {
|
||||||
return ipSegment + "-" + ipSegment;
|
return ipSegment + "-" + ipSegment;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Gets ipv6 segment format.
|
||||||
|
*
|
||||||
|
* @param ipSegment the ipv6 segment
|
||||||
|
* @return the ip segment format
|
||||||
|
*/
|
||||||
|
private String getIpV6SegmentFormat(String ipSegment) {
|
||||||
|
if (ipSegment.contains(ConstValue.IPV6_SEGMENT_SPILT)) {
|
||||||
|
return ipSegment;
|
||||||
|
}
|
||||||
|
|
||||||
|
//如果输入格式为IP-IP,则返回值为null
|
||||||
|
if (ipSegment.contains(ConstValue.IPV6_ERR_SEGMENT_SPILT)) {
|
||||||
|
return null;
|
||||||
|
}
|
||||||
|
|
||||||
|
return ipSegment + "/" + 128;
|
||||||
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Create traction strategy error code.
|
* Create traction strategy error code.
|
||||||
*
|
*
|
||||||
|
|
@ -482,7 +501,12 @@ public class DpTechBypassAbilityImpl extends DpTechAbilityImpl {
|
||||||
if (!k.contains(":")) {
|
if (!k.contains(":")) {
|
||||||
ipV4.add(ipV4Idx++ + "_" + getIpSegmentFormat(k));
|
ipV4.add(ipV4Idx++ + "_" + getIpSegmentFormat(k));
|
||||||
} else {
|
} else {
|
||||||
ipV6.add(ipV6Idx++ + "_" + getIpSegmentFormat(k));
|
if (getIpV6SegmentFormat(k) == null) {
|
||||||
|
log.error("!!!!ipV6:{} format error", k);
|
||||||
|
return;
|
||||||
|
} else {
|
||||||
|
ipV6.add(ipV6Idx++ + "_" + getIpV6SegmentFormat(k));
|
||||||
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
@ -500,19 +524,22 @@ public class DpTechBypassAbilityImpl extends DpTechAbilityImpl {
|
||||||
for (Map.Entry<IpAddrType, String> entry : ipSegment.entrySet()) {
|
for (Map.Entry<IpAddrType, String> entry : ipSegment.entrySet()) {
|
||||||
String protectName = getProtectObjectName(v.getServiceId(), entry.getKey());
|
String protectName = getProtectObjectName(v.getServiceId(), entry.getKey());
|
||||||
|
|
||||||
// 防护对象存在
|
//只处理C前缀的防护对象
|
||||||
if (dpBypassManager.getProtectObject().containsKey(protectName)) {
|
if (protectName.startsWith(objectPrefix)) {
|
||||||
//进一步判断关联模板是都正确,防护IP段是否发生变化
|
// 防护对象存在
|
||||||
protectionObjExist(entry, protectName, template, ipV4, ipV6, ipSegment);
|
if (dpBypassManager.getProtectObject().containsKey(protectName)) {
|
||||||
} else {
|
//进一步判断关联模板是都正确,防护IP段是否发生变化
|
||||||
err = createProtectObject(protectName,
|
protectionObjExist(entry, protectName, template, ipV4, ipV6, ipSegment);
|
||||||
ipSegment.get(entry.getKey()),
|
|
||||||
IpAddrType.IPV4.equals(entry.getKey()) ? 0 : 1,
|
|
||||||
template);
|
|
||||||
if (err == ErrorCode.ERR_OK) {
|
|
||||||
log.debug("Add Protection Object {} Succeed", protectName);
|
|
||||||
} else {
|
} else {
|
||||||
log.error("!!!!Add Protection Object {} Error: {}", protectName, err.getMsg());
|
err = createProtectObject(protectName,
|
||||||
|
ipSegment.get(entry.getKey()),
|
||||||
|
IpAddrType.IPV4.equals(entry.getKey()) ? 0 : 1,
|
||||||
|
template);
|
||||||
|
if (err == ErrorCode.ERR_OK) {
|
||||||
|
log.debug("Add Protection Object {} Succeed", protectName);
|
||||||
|
} else {
|
||||||
|
log.error("!!!!Add Protection Object {} Error: {}", protectName, err.getMsg());
|
||||||
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
@ -580,7 +607,6 @@ public class DpTechBypassAbilityImpl extends DpTechAbilityImpl {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
// 更新防护对象
|
// 更新防护对象
|
||||||
if (upgradeIpSegment) {
|
if (upgradeIpSegment) {
|
||||||
err = upgradeProtectObject(protectName,
|
err = upgradeProtectObject(protectName,
|
||||||
|
|
@ -710,18 +736,8 @@ public class DpTechBypassAbilityImpl extends DpTechAbilityImpl {
|
||||||
if (ret != null && ret.getBypassManualTractionStrategyForService().size() > 0) {
|
if (ret != null && ret.getBypassManualTractionStrategyForService().size() > 0) {
|
||||||
ret.getBypassManualTractionStrategyForService().forEach(k -> {
|
ret.getBypassManualTractionStrategyForService().forEach(k -> {
|
||||||
String policyName = k.getPolicyName().getValue();
|
String policyName = k.getPolicyName().getValue();
|
||||||
// 非法名称的旁路牵引策略
|
// 只处理C旁路手动牵引策略,不可删除第三方添加的旁路手动牵引策略
|
||||||
if (!policyName.startsWith(objectPrefix)) {
|
if (policyName.startsWith(objectPrefix)) {
|
||||||
NtcRequestResultInfo rsp =
|
|
||||||
getCleanTypePort().delBypassManualTractionStrategyForUMC(policyName);
|
|
||||||
|
|
||||||
if (rsp.getResultRetVal() == 0) {
|
|
||||||
log.debug("Remove Traction Strategy {} Succeed", policyName);
|
|
||||||
} else {
|
|
||||||
log.error("!!!!Remove Traction Strategy {} Error: {}", policyName, rsp.getResultInfo()
|
|
||||||
.getValue());
|
|
||||||
}
|
|
||||||
} else {
|
|
||||||
DpTractionStrategy obj;
|
DpTractionStrategy obj;
|
||||||
|
|
||||||
if (dpBypassManager.getTractionStrategyName().containsKey(policyName)) {
|
if (dpBypassManager.getTractionStrategyName().containsKey(policyName)) {
|
||||||
|
|
@ -771,7 +787,7 @@ public class DpTechBypassAbilityImpl extends DpTechAbilityImpl {
|
||||||
ret.getProtectionTargetWithStrategyForService().forEach(k -> {
|
ret.getProtectionTargetWithStrategyForService().forEach(k -> {
|
||||||
String objName = k.getProtectionTargetName().getValue();
|
String objName = k.getProtectionTargetName().getValue();
|
||||||
|
|
||||||
// 只处理CMHI相关对象和模板
|
// 只处理C相关对象和模板
|
||||||
if (objName.startsWith(objectPrefix)) {
|
if (objName.startsWith(objectPrefix)) {
|
||||||
DpProtectionStrategyInfo obj;
|
DpProtectionStrategyInfo obj;
|
||||||
|
|
||||||
|
|
@ -839,20 +855,9 @@ public class DpTechBypassAbilityImpl extends DpTechAbilityImpl {
|
||||||
|
|
||||||
ret.getProtectionObjectDataForService().forEach(k -> {
|
ret.getProtectionObjectDataForService().forEach(k -> {
|
||||||
String objName = k.getProtectionName().getValue();
|
String objName = k.getProtectionName().getValue();
|
||||||
// 删除非法的防护对象
|
|
||||||
if (!objName.startsWith(objectPrefix)) {
|
|
||||||
log.error("!!!!Found Unexpect Protection Object [{}, {}], Deleted it.",
|
|
||||||
objName,
|
|
||||||
k.getIpSegment().getValue());
|
|
||||||
|
|
||||||
NtcRequestResultInfo rsp = getCleanTypePort().deleteProtectionObjectForUMC(objName);
|
// 只处理C相关对象,不可对UMC上的非杭研防护对象进行删除
|
||||||
|
if (objName.startsWith(objectPrefix)) {
|
||||||
if (rsp.getResultRetVal() == 0) {
|
|
||||||
log.warn("!!!!Remove Protection Object {} Succeed", objName);
|
|
||||||
} else {
|
|
||||||
log.error("!!!!Remove Protection Object {} Error: {}", objName, rsp.getResultInfo().getValue());
|
|
||||||
}
|
|
||||||
} else {
|
|
||||||
DpProtectObject obj;
|
DpProtectObject obj;
|
||||||
|
|
||||||
if (dpBypassManager.getProtectObject().containsKey(objName)) {
|
if (dpBypassManager.getProtectObject().containsKey(objName)) {
|
||||||
|
|
@ -894,7 +899,6 @@ public class DpTechBypassAbilityImpl extends DpTechAbilityImpl {
|
||||||
rsp.getResultInfo().getValue());
|
rsp.getResultInfo().getValue());
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
});
|
});
|
||||||
|
|
||||||
// 判断是否需要更新IP段信息
|
// 判断是否需要更新IP段信息
|
||||||
|
|
|
||||||
|
|
@ -94,6 +94,16 @@ public class ConstValue {
|
||||||
*/
|
*/
|
||||||
public static final String[] IP_SEGMENT_SPILT = new String[] {"-", "/"};
|
public static final String[] IP_SEGMENT_SPILT = new String[] {"-", "/"};
|
||||||
|
|
||||||
|
/**
|
||||||
|
* The constant IPV6_ERR_SEGMENT_SPILT.
|
||||||
|
*/
|
||||||
|
public static final String IPV6_ERR_SEGMENT_SPILT = "-";
|
||||||
|
|
||||||
|
/**
|
||||||
|
* The constant IPV6_SEGMENT_SPILT.
|
||||||
|
*/
|
||||||
|
public static final String IPV6_SEGMENT_SPILT = "/";
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* The type Protocol.
|
* The type Protocol.
|
||||||
*
|
*
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue