diff --git a/pom.xml b/pom.xml
index f80702a1..612ded6a 100644
--- a/pom.xml
+++ b/pom.xml
@@ -17,7 +17,7 @@
com.dispose
dispose_platform
- 2.0.7
+ 2.0.8
dispose_platform
Dispose Platform
diff --git a/src/main/java/com/dispose/ability/impl/DpTechAbilityImpl.java b/src/main/java/com/dispose/ability/impl/DpTechAbilityImpl.java
index 1921a11f..582b72fb 100644
--- a/src/main/java/com/dispose/ability/impl/DpTechAbilityImpl.java
+++ b/src/main/java/com/dispose/ability/impl/DpTechAbilityImpl.java
@@ -14,6 +14,7 @@ import com.dispose.common.NetflowDirection;
import com.dispose.pojo.entity.ServiceInfo;
import com.dispose.pojo.po.MulReturnType;
import com.dispose.pojo.vo.DeviceFirewareInfo;
+import com.dispose.security.arithmetic.CryptoHelper;
import com.dptech.dispose.AbnormalFlowCleaningServicePortType;
import com.dptech.dispose.ArrayOfProtectionObjectDataForService;
import com.dptech.dispose.NtcRequestResultInfo;
@@ -101,7 +102,7 @@ public class DpTechAbilityImpl implements DisposeAbility {
this.cleanTypePort = (AbnormalFlowCleaningServicePortType) jaxWsProxyFactoryBean.create();
Map ctx = ((BindingProvider) this.cleanTypePort).getRequestContext();
- ctx.put("password", password);
+ ctx.put("password", new String(CryptoHelper.base64Decryption(password)));
ctx.put("username", username);
// 配置连接,访问超时时间
@@ -145,24 +146,24 @@ public class DpTechAbilityImpl implements DisposeAbility {
log.debug("DpTech startAbnormalTaskForUMC request: {}, {}, {}", disposeObject, attackType, nfDirection);
NtcRequestResultInfo ret = cleanTypePort.startAbnormalTaskForUMC(disposeObject, attackType,
- nfDirection.getValue());
+ nfDirection.getValue());
log.debug("DpTech startAbnormalTaskForUMC response: {}", ret);
if (ret.getResultRetVal() != 0) {
err = ErrorCode.ERR_CALLDEVICE;
log.error("----Error DPTech Start Cleanup Task: {}, {}, {}, {}", disposeObject, nfDirection,
- CommonEnumHandler.codeOf(DpTechAttackType.class, attackType),
- ret.getResultInfo().getValue());
+ CommonEnumHandler.codeOf(DpTechAttackType.class, attackType),
+ ret.getResultInfo().getValue());
} else {
log.debug("----Finish DPTech Start Cleanup Task: {}, {}, {}, {}", disposeObject, nfDirection,
- CommonEnumHandler.codeOf(DpTechAttackType.class, attackType),
- ret.getResultInfo().getValue());
+ CommonEnumHandler.codeOf(DpTechAttackType.class, attackType),
+ ret.getResultInfo().getValue());
}
} catch (Exception ex) {
err = ErrorCode.ERR_SYSTEMEXCEPTION;
log.error("----Exception DPTech Start Cleanup Task: {}, {}, {}", disposeObject, nfDirection,
- CommonEnumHandler.codeOf(DpTechAttackType.class, attackType));
+ CommonEnumHandler.codeOf(DpTechAttackType.class, attackType));
}
return new MulReturnType<>(err, null);
@@ -197,23 +198,23 @@ public class DpTechAbilityImpl implements DisposeAbility {
log.debug("DpTech stopAbnormalTaskForUMC request: {}, {}, {}", disposeObject, attackType, nfDirection);
NtcRequestResultInfo ret = cleanTypePort.stopAbnormalTaskForUMC(disposeObject, attackType,
- nfDirection.getValue());
+ nfDirection.getValue());
log.debug("DpTech stopAbnormalTaskForUMC response: {}", ret);
if (ret.getResultRetVal() != 0) {
err = ErrorCode.ERR_CALLDEVICE;
log.error("----Error DPTech Stop Cleanup Task: {}, {}, {}, {}", disposeObject, nfDirection,
- CommonEnumHandler.codeOf(DpTechAttackType.class, attackType),
- ret.getResultInfo().getValue());
+ CommonEnumHandler.codeOf(DpTechAttackType.class, attackType),
+ ret.getResultInfo().getValue());
} else {
log.info("----Finish DPTech Stop Cleanup Task: {}, {}, {}, {}", disposeObject, nfDirection,
- CommonEnumHandler.codeOf(DpTechAttackType.class, attackType),
- ret.getResultInfo().getValue());
+ CommonEnumHandler.codeOf(DpTechAttackType.class, attackType),
+ ret.getResultInfo().getValue());
}
} catch (Exception ex) {
err = ErrorCode.ERR_SYSTEMEXCEPTION;
log.error("----Exception DPTech Stop Cleanup Task: {}, {}, {}", disposeObject, nfDirection,
- CommonEnumHandler.codeOf(DpTechAttackType.class, attackType));
+ CommonEnumHandler.codeOf(DpTechAttackType.class, attackType));
}
return new MulReturnType<>(err, null);
@@ -253,18 +254,18 @@ public class DpTechAbilityImpl implements DisposeAbility {
@Override
public MulReturnType getAbilityDeviceFireware() {
return new MulReturnType<>(ErrorCode.ERR_OK,
- DeviceFirewareInfo.builder()
- .vendor("DpTech")
- .model("UMC")
- .firmware("Unknown")
- .os("Windows Server")
- .kernel("Windows")
- .arch("x86_64")
- .version("5.7.31")
- .memory(-1)
- .freeMemory(-1)
- .cpuUsed(-1)
- .build());
+ DeviceFirewareInfo.builder()
+ .vendor("DpTech")
+ .model("UMC")
+ .firmware("Unknown")
+ .os("Windows Server")
+ .kernel("Windows")
+ .arch("x86_64")
+ .version("5.7.31")
+ .memory(-1)
+ .freeMemory(-1)
+ .cpuUsed(-1)
+ .build());
}
/**
@@ -275,7 +276,7 @@ public class DpTechAbilityImpl implements DisposeAbility {
*/
@Override
public Long toDeviceAttackType(Long ddosAttackTypeMask) {
- return DpTechAttackType.getTypeMaskFromAttackType(new DpTechAttackType[] {DpTechAttackType.UDP_FLOOD});
+ return DpTechAttackType.getTypeMaskFromAttackType(new DpTechAttackType[]{DpTechAttackType.UDP_FLOOD});
}
/**
diff --git a/src/main/java/com/dispose/ability/impl/HuaWeiAbilityImpl.java b/src/main/java/com/dispose/ability/impl/HuaWeiAbilityImpl.java
index e81113d4..d044131e 100644
--- a/src/main/java/com/dispose/ability/impl/HuaWeiAbilityImpl.java
+++ b/src/main/java/com/dispose/ability/impl/HuaWeiAbilityImpl.java
@@ -10,6 +10,7 @@ import com.dispose.common.NetflowDirection;
import com.dispose.pojo.entity.ServiceInfo;
import com.dispose.pojo.po.MulReturnType;
import com.dispose.pojo.vo.DeviceFirewareInfo;
+import com.dispose.security.arithmetic.CryptoHelper;
import com.fasterxml.jackson.databind.ObjectMapper;
import com.huawei.dispose.common.HuaWeiLoginResp;
import com.huawei.dispose.protocol.HuaWeiInterface;
@@ -85,7 +86,7 @@ public class HuaWeiAbilityImpl implements DisposeAbility {
public void initDeviceEnv(String urlPath, String username, String password) {
this.urlRootPath = urlPath;
this.username = username;
- this.password = password;
+ this.password = new String(CryptoHelper.base64Decryption(password));
upgradeToken();
}
@@ -146,7 +147,7 @@ public class HuaWeiAbilityImpl implements DisposeAbility {
if (resp != ErrorCode.ERR_OK) {
log.error("----Error HuaWei start clean {} return error: {}, {}", disposeObject, resp.getCode(),
- resp.getMsg());
+ resp.getMsg());
return new MulReturnType<>(ErrorCode.ERR_HUAWEI_ERROR, null);
}
@@ -154,9 +155,9 @@ public class HuaWeiAbilityImpl implements DisposeAbility {
return new MulReturnType<>(ErrorCode.ERR_OK, null);
} catch (Exception ex) {
log.error("----Exception HuaWei Start Cleanup Task [{}]: {}, {}, {}, {}, {}", ex.getMessage(),
- disposeObject,
- nfDirection,
- duration, url, token);
+ disposeObject,
+ nfDirection,
+ duration, url, token);
return new MulReturnType<>(ErrorCode.ERR_SYSTEMEXCEPTION, null);
}
}
@@ -228,8 +229,8 @@ public class HuaWeiAbilityImpl implements DisposeAbility {
return new MulReturnType<>(ErrorCode.ERR_OK, null);
} catch (Exception ex) {
log.error("----Exception HuaWei Stop Cleanup Task [{}]: {}, {}, {}, {}", ex.getMessage(),
- disposeObject,
- nfDirection, url, token);
+ disposeObject,
+ nfDirection, url, token);
return new MulReturnType<>(ErrorCode.ERR_SYSTEMEXCEPTION, null);
}
}
@@ -253,18 +254,18 @@ public class HuaWeiAbilityImpl implements DisposeAbility {
@Override
public MulReturnType getAbilityDeviceFireware() {
return new MulReturnType<>(ErrorCode.ERR_OK,
- DeviceFirewareInfo.builder()
- .vendor("HuaWei")
- .model("Unknown")
- .firmware("Unknown")
- .os("Linux Server")
- .kernel("Linux")
- .arch("x86_64")
- .version("Unknown")
- .memory(-1)
- .freeMemory(-1)
- .cpuUsed(-1)
- .build());
+ DeviceFirewareInfo.builder()
+ .vendor("HuaWei")
+ .model("Unknown")
+ .firmware("Unknown")
+ .os("Linux Server")
+ .kernel("Linux")
+ .arch("x86_64")
+ .version("Unknown")
+ .memory(-1)
+ .freeMemory(-1)
+ .cpuUsed(-1)
+ .build());
}
/**
diff --git a/src/main/java/com/dispose/ability/impl/HuaWeiFireWallAbilityImpl.java b/src/main/java/com/dispose/ability/impl/HuaWeiFireWallAbilityImpl.java
index 469f3565..091fb029 100644
--- a/src/main/java/com/dispose/ability/impl/HuaWeiFireWallAbilityImpl.java
+++ b/src/main/java/com/dispose/ability/impl/HuaWeiFireWallAbilityImpl.java
@@ -85,7 +85,7 @@ public class HuaWeiFireWallAbilityImpl implements DisposeAbility {
public void initDeviceEnv(String urlPath, String username, String password) {
this.urlRootPath = urlPath;
this.username = username;
- this.password = password;
+ this.password = new String(CryptoHelper.base64Decryption(password));
upgradeToken();
}
diff --git a/src/main/java/com/dispose/ability/impl/PengXinAbilityImpl.java b/src/main/java/com/dispose/ability/impl/PengXinAbilityImpl.java
index 0eade101..764db468 100644
--- a/src/main/java/com/dispose/ability/impl/PengXinAbilityImpl.java
+++ b/src/main/java/com/dispose/ability/impl/PengXinAbilityImpl.java
@@ -12,6 +12,7 @@ import com.dispose.pojo.dto.protocol.base.ProtocolRespDTO;
import com.dispose.pojo.entity.ServiceInfo;
import com.dispose.pojo.po.MulReturnType;
import com.dispose.pojo.vo.DeviceFirewareInfo;
+import com.dispose.security.arithmetic.CryptoHelper;
import com.pengxin.dispose.common.PengXinDisposeAbilityRsp;
import com.pengxin.dispose.common.PengXinLoginRsp;
import com.pengxin.dispose.common.PengXinStartTaskItem;
@@ -127,7 +128,7 @@ public class PengXinAbilityImpl implements DisposeAbility {
public void initDeviceEnv(String urlPath, String username, String password) {
this.urlRootPath = urlPath;
this.username = username;
- this.password = password;
+ this.password = new String(CryptoHelper.base64Decryption(password));
restfulInterface.setParams(1, 0);
upgradeToken();
@@ -172,19 +173,17 @@ public class PengXinAbilityImpl implements DisposeAbility {
}
reqItems.add(PengXinStartTaskItem.builder()
- .type(getPengXinTaskType(capType))
- .disposeObject(disposeObject)
- .objectType(getPengXinObjectType(objectType))
- .disposeTime(duration)
- .taskReqId(String.valueOf(taskReqId++))
- .build());
+ .type(getPengXinTaskType(capType))
+ .disposeObject(disposeObject)
+ .objectType(getPengXinObjectType(objectType))
+ .disposeTime(duration)
+ .taskReqId(String.valueOf(taskReqId++))
+ .build());
ProtocolRespDTO rspInfo = restfulInterface.startDisposeTask(url, token, reqItems);
// 判断是否token过期
- if (rspInfo != null && rspInfo.getCode() == HttpServletResponse.SC_UNAUTHORIZED) {
- // 重新登录获取 token
- upgradeToken();
+ if (rspInfo != null && reLogin(rspInfo, rspInfo.getMsgContent().getItems().get(0).getStatus())) {
rspInfo = restfulInterface.startDisposeTask(url, token, reqItems);
}
@@ -247,12 +246,10 @@ public class PengXinAbilityImpl implements DisposeAbility {
}
ProtocolRespDTO rspInfo = restfulInterface.stopDisposeTask(url, token,
- new String[]{taskId});
+ new String[]{taskId});
// 判断是否token过期
- if (rspInfo != null && rspInfo.getCode() == HttpServletResponse.SC_UNAUTHORIZED) {
- // 重新登录获取 token
- upgradeToken();
+ if (rspInfo != null && reLogin(rspInfo, rspInfo.getMsgContent().getItems().get(0).getStatus())) {
rspInfo = restfulInterface.stopDisposeTask(url, token, new String[]{taskId});
}
@@ -289,18 +286,18 @@ public class PengXinAbilityImpl implements DisposeAbility {
@Override
public MulReturnType getAbilityDeviceFireware() {
return new MulReturnType<>(ErrorCode.ERR_OK,
- DeviceFirewareInfo.builder()
- .vendor("PengXin")
- .model("Unknown")
- .firmware("Unknown")
- .os("Linux Server")
- .kernel("Linux")
- .arch("x86_64")
- .version("Unknown")
- .memory(-1)
- .freeMemory(-1)
- .cpuUsed(-1)
- .build());
+ DeviceFirewareInfo.builder()
+ .vendor("PengXin")
+ .model("Unknown")
+ .firmware("Unknown")
+ .os("Linux Server")
+ .kernel("Linux")
+ .arch("x86_64")
+ .version("Unknown")
+ .memory(-1)
+ .freeMemory(-1)
+ .cpuUsed(-1)
+ .build());
}
/**
@@ -372,13 +369,12 @@ public class PengXinAbilityImpl implements DisposeAbility {
ProtocolRespDTO rspInfo = restfulInterface.getDeviceDisposeAbility(url, token);
// 判断是否token过期
- if (rspInfo != null && rspInfo.getCode() == HttpServletResponse.SC_UNAUTHORIZED) {
- // 重新登录获取 token
- upgradeToken();
+ if (rspInfo != null && reLogin(rspInfo, rspInfo.getMsgContent().getStatus())) {
rspInfo = restfulInterface.getDeviceDisposeAbility(url, token);
}
- if (rspInfo != null && rspInfo.getCode() == ErrorCode.ERR_OK.getHttpCode()) {
+ if (rspInfo != null && rspInfo.getCode() == ErrorCode.ERR_OK.getHttpCode()
+ && rspInfo.getMsgContent().getStatus() == ErrorCode.ERR_OK.getCode()) {
rspInfo.getMsgContent().getCapacity().forEach(v -> {
if (v.getObjectType().equals(DisposeObjectType.DOMAIN.getValue())) {
@@ -464,23 +460,22 @@ public class PengXinAbilityImpl implements DisposeAbility {
String url = urlRootPath + "dispose_device/task/get";
ProtocolRespDTO rspInfo = restfulInterface.getDeviceTaskStatus(url, token,
- new String[]{taskId});
+ new String[]{taskId});
// 判断是否token过期
- if (rspInfo != null && rspInfo.getCode() == HttpServletResponse.SC_UNAUTHORIZED) {
- // 重新登录获取 token
- upgradeToken();
+ if (rspInfo != null && reLogin(rspInfo, rspInfo.getMsgContent().getItems().get(0).getStatus())) {
rspInfo = restfulInterface.getDeviceTaskStatus(url, token, new String[]{taskId});
}
if (rspInfo != null && rspInfo.getCode() == ErrorCode.ERR_OK.getHttpCode()) {
- if (rspInfo.getMsgContent().getItems().size() == 0) {
+ int errCode = rspInfo.getMsgContent().getItems().get(0).getStatus();
+ if (rspInfo.getMsgContent().getItems().size() == 0 || errCode != ErrorCode.ERR_OK.getCode()) {
return new MulReturnType<>(ErrorCode.ERR_NOSUCHTASK, -1L);
}
return new MulReturnType<>(ErrorCode.ERR_OK,
- rspInfo.getMsgContent().getItems().get(0).getTaskStatus());
+ rspInfo.getMsgContent().getItems().get(0).getTaskStatus());
} else {
return new MulReturnType<>(ErrorCode.ERR_CALLDEVICE, -1L);
}
@@ -504,6 +499,30 @@ public class PengXinAbilityImpl implements DisposeAbility {
}
}
+ /**
+ * reLogin.
+ */
+ private boolean reLogin(ProtocolRespDTO rspInfo, int status) {
+ try {
+ // 判断是否token过期
+ if (rspInfo.getCode() == HttpServletResponse.SC_UNAUTHORIZED) {
+ // 重新登录获取 token
+ upgradeToken();
+ return true;
+ }
+
+ if (rspInfo.getCode() == HttpServletResponse.SC_OK &&
+ (status == ErrorCode.ERR_LOGOUT.getCode() || status == ErrorCode.ERR_TOKENTIMEOUT.getCode() ||
+ status == ErrorCode.ERR_TOKENNOTFOUND.getCode())) {
+ upgradeToken();
+ return true;
+ }
+ return false;
+ } catch (Exception ignored) {
+ return false;
+ }
+ }
+
/**
* Period task runtime.
*/
diff --git a/src/main/java/com/dispose/ability/impl/UpfAbilityImpl.java b/src/main/java/com/dispose/ability/impl/UpfAbilityImpl.java
new file mode 100644
index 00000000..c31a4086
--- /dev/null
+++ b/src/main/java/com/dispose/ability/impl/UpfAbilityImpl.java
@@ -0,0 +1,387 @@
+package com.dispose.ability.impl;
+
+import com.dispose.common.DisposeCapacityType;
+import com.dispose.common.DisposeObjectType;
+import com.dispose.common.ErrorCode;
+import com.dispose.common.NetflowDirection;
+import com.dispose.pojo.dto.protocol.base.ProtocolRespDTO;
+import com.dispose.pojo.entity.ServiceInfo;
+import com.dispose.pojo.po.MulReturnType;
+import com.dispose.pojo.vo.DeviceFirewareInfo;
+import com.dispose.security.arithmetic.CryptoHelper;
+import com.pengxin.dispose.common.PengXinStartTaskItem;
+import com.pengxin.dispose.common.PengXinStartTaskRsp;
+import com.pengxin.dispose.common.PengXinStopTaskRsp;
+import com.pengxin.dispose.common.PengXinTaskStatusRsp;
+import com.pengxin.dispose.protocol.PengXinInterface;
+import lombok.Getter;
+import lombok.Setter;
+import lombok.extern.slf4j.Slf4j;
+import org.apache.commons.lang.RandomStringUtils;
+
+import javax.annotation.Nullable;
+import java.util.ArrayList;
+import java.util.List;
+
+/**
+ * The type upf ability.
+ *
+ * @author Nicole
+ */
+@Slf4j
+public class UpfAbilityImpl extends PengXinAbilityImpl {
+ /**
+ * The Restful interface.
+ */
+ private final PengXinInterface restfulInterface = new PengXinInterface();
+ /**
+ * The upf dispose type.
+ */
+ private final Integer[] upfDisposeType = new Integer[]{0, 4, 1, 3};
+ /**
+ * The Task req id.
+ */
+ private Long taskReqId = System.currentTimeMillis();
+ /**
+ * The Url root path.
+ */
+ @Getter
+ @Setter
+ private String urlRootPath;
+ /**
+ * The Username.
+ */
+ @Getter
+ @Setter
+ private String username;
+ /**
+ * The Password.
+ */
+ @Getter
+ @Setter
+ private String password;
+ /**
+ * The Token.
+ */
+ private String token;
+
+ /**
+ * Gets upf task type.
+ *
+ * @param capType the cap type
+ * @return the upf task type
+ */
+ private int getUpfTaskType(DisposeCapacityType capType) {
+ return upfDisposeType[capType.getValue()];
+ }
+
+ /**
+ * Gets upf object type.
+ *
+ * @param objType the obj type
+ * @return the upf object type
+ */
+ private int getUpfObjectType(DisposeObjectType objType) {
+ switch (objType) {
+ case URL:
+ return 2;
+ case DOMAIN:
+ return 1;
+ default:
+ return 0;
+ }
+ }
+
+ /**
+ * Init device env.
+ *
+ * @param urlPath the url path
+ * @param username the username
+ * @param password the password
+ */
+ @Override
+ public void initDeviceEnv(String urlPath, String username, String password) {
+ this.urlRootPath = urlPath;
+ this.username = username;
+ this.password = new String(CryptoHelper.base64Decryption(password));
+ restfulInterface.setParams(1, 0);
+ //获取token值
+ upgradeToken();
+ }
+
+ /**
+ * Run dispose mul return type.
+ *
+ * @param disposeObject the dispose object
+ * @param objectType the object type
+ * @param capType the cap type
+ * @param nfDirection the nf direction
+ * @param attackType the attack type
+ * @param duration the duration
+ * @return the mul return type
+ */
+ @Override
+ public MulReturnType runDispose(String disposeObject, DisposeObjectType objectType,
+ DisposeCapacityType capType,
+ @Nullable NetflowDirection nfDirection,
+ @Nullable Integer attackType,
+ @Nullable Long duration) {
+ List reqItems = new ArrayList<>();
+ String url = urlRootPath + "dispose_device/task/start";
+ //1.调用upf设备登录接口,生成token值;2.upf不提供登录接口,随机生成token值,保证有token值
+ if (token == null || token.length() == 0) {
+ return new MulReturnType<>(ErrorCode.ERR_LOGOUT, "");
+ }
+
+ try {
+ log.info("++++Begging UPF Start Cleanup Task: {}", disposeObject);
+ if (capType != DisposeCapacityType.BLACKHOOL) {
+ log.error("----Error UPF don't support dispose capacity type: {}", capType);
+ return new MulReturnType<>(ErrorCode.ERR_UNSUPPORT, null);
+ }
+
+ // 适配处置时间参数, -1为不限制处置时间
+ duration = -1L;
+
+ reqItems.add(PengXinStartTaskItem.builder()
+ .type(getUpfTaskType(capType))
+ .disposeObject(disposeObject)
+ .objectType(getUpfObjectType(objectType))
+ .disposeTime(duration)
+ .taskReqId(String.valueOf(taskReqId++))
+ .build());
+
+ ProtocolRespDTO rspInfo = restfulInterface.startDisposeTask(url, token, reqItems);
+
+ // upf设备不判断header认证消息中的token值
+ if (rspInfo == null || rspInfo.getCode() != ErrorCode.ERR_OK.getHttpCode()) {
+ log.error("----Error UPF start clean {} server return error", disposeObject);
+ return new MulReturnType<>(ErrorCode.ERR_UPF_ERROR, null);
+ }
+
+ if (rspInfo.getMsgContent().getItems().size() == 0) {
+ log.error("----Error UPF start clean {} server return nothing", disposeObject);
+ return new MulReturnType<>(ErrorCode.ERR_UPF_ERROR, null);
+ } else {
+ int errCode = rspInfo.getMsgContent().getItems().get(0).getStatus();
+ if (errCode != ErrorCode.ERR_OK.getCode()) {
+ log.error("----Error UPF start clean {} server return error: {}", disposeObject, errCode);
+ return new MulReturnType<>(ErrorCode.ERR_UPF_ERROR, null);
+ }
+
+ log.debug("----Finish UPF Start Cleanup Task: {}", disposeObject);
+ return new MulReturnType<>(ErrorCode.ERR_OK, rspInfo.getMsgContent().getItems().get(0).getTaskId());
+ }
+ } catch (Exception ex) {
+ log.error("----Exception UPF Start Cleanup Task: {}, {}, {}", disposeObject, nfDirection, duration);
+ return new MulReturnType<>(ErrorCode.ERR_SYSTEMEXCEPTION, null);
+ }
+ }
+
+ /**
+ * Stop dispose mul return type.
+ *
+ * @param disposeObject the dispose object
+ * @param capType the cap type
+ * @param nfDirection the nf direction
+ * @param attackType the attack type
+ * @param taskId the task id
+ * @return the mul return type
+ */
+ @Override
+ public MulReturnType stopDispose(String disposeObject, DisposeCapacityType capType,
+ @Nullable NetflowDirection nfDirection,
+ @Nullable Integer attackType,
+ @Nullable String taskId) {
+ String url = urlRootPath + "dispose_device/task/stop";
+ //1.调用upf设备登录接口,生成token值;2.upf不提供登录接口,随机生成token值,保证有token值
+ if (token == null || token.length() == 0) {
+ return new MulReturnType<>(ErrorCode.ERR_LOGOUT, null);
+ }
+
+ try {
+ log.info("++++Begging UPF Stop Cleanup Task: {}", taskId);
+ if (capType != DisposeCapacityType.BLACKHOOL) {
+ log.error("----Error UPF don't support dispose capacity type: {}", capType);
+ return new MulReturnType<>(ErrorCode.ERR_UNSUPPORT, null);
+ }
+
+ if (taskId == null) {
+ return new MulReturnType<>(ErrorCode.ERR_PARAMS, null);
+ }
+
+ ProtocolRespDTO rspInfo = restfulInterface.stopDisposeTask(url, token,
+ new String[]{taskId});
+
+ if (rspInfo == null || rspInfo.getCode() != ErrorCode.ERR_OK.getHttpCode()) {
+ log.error("----Error UPF stop task{} server return error", taskId);
+ return new MulReturnType<>(ErrorCode.ERR_UPF_ERROR, null);
+ }
+
+ if (rspInfo.getMsgContent().getItems().size() == 0) {
+ log.error("----Error UPF stop clean {} server return nothing", disposeObject);
+ return new MulReturnType<>(ErrorCode.ERR_UPF_ERROR, null);
+ } else {
+ int errCode = rspInfo.getMsgContent().getItems().get(0).getStatus();
+ if (errCode != ErrorCode.ERR_OK.getCode()) {
+ log.error("----Error UPF stop clean {} server return error: {}", disposeObject, errCode);
+ return new MulReturnType<>(ErrorCode.ERR_UPF_ERROR, null);
+ }
+
+ log.debug("----Finish UPF Stop Cleanup Task: {}", taskId);
+ return new MulReturnType<>(ErrorCode.ERR_OK, null);
+ }
+ } catch (Exception ex) {
+ log.error("----Exception UPF Stop Cleanup Task: {}, {}, {}", disposeObject, nfDirection, taskId);
+ return new MulReturnType<>(ErrorCode.ERR_SYSTEMEXCEPTION, null);
+ }
+ }
+
+ /**
+ * Gets ability device fireware.
+ *
+ * @return the ability device fireware
+ */
+ @Override
+ public MulReturnType getAbilityDeviceFireware() {
+ return new MulReturnType<>(ErrorCode.ERR_OK,
+ DeviceFirewareInfo.builder()
+ .vendor("UPF")
+ .model("Unknown")
+ .firmware("Unknown")
+ .os("Linux Server")
+ .kernel("Linux")
+ .arch("x86_64")
+ .version("Unknown")
+ .memory(-1)
+ .freeMemory(-1)
+ .cpuUsed(-1)
+ .build());
+ }
+
+ /**
+ * To device attack type long.
+ *
+ * @param ddosAttackTypeMask the ddos attack type mask
+ * @return the long
+ */
+ @Override
+ public Long toDeviceAttackType(Long ddosAttackTypeMask) {
+ return ddosAttackTypeMask;
+ }
+
+ /**
+ * Gets device link status.
+ *
+ * @return the device link status
+ */
+ @Override
+ public boolean getDeviceLinkStatus() {
+ //upf设备不提供链接状态接口,默认该设备在线
+ return true;
+ }
+
+ /**
+ * Gets dispose device protect object.
+ */
+ @Override
+ public void getDisposeDeviceProtectObject() {
+ //upf设备不提供处置能力接口
+ }
+
+ /**
+ * Is carry protect ip boolean.
+ *
+ * @param ipAddress the ip address
+ * @return the boolean
+ */
+ @Override
+ public boolean isCarryProtectIp(String ipAddress) {
+ //根据设备提供的处置能力,涉及处置能力、处置对象类型、IP类型和该能力能够处置的IP,因现在未提供处置能力接口,默认所有的处置IP都支持
+ //如果提供处置能力接口,入参ipAddress会根据能够处置的IP范围进行判断
+ return true;
+ }
+
+ /**
+ * Task status mul return type.
+ *
+ * @param taskId the task id
+ * @return the mul return type
+ */
+ @Override
+ public MulReturnType taskStatus(String taskId) {
+ if (token == null || token.length() == 0) {
+ return new MulReturnType<>(ErrorCode.ERR_LOGOUT, -1L);
+ }
+
+ try {
+ String url = urlRootPath + "dispose_device/task/get";
+ ProtocolRespDTO rspInfo = restfulInterface.getDeviceTaskStatus(url, token,
+ new String[]{taskId});
+
+ if (rspInfo != null && rspInfo.getCode() == ErrorCode.ERR_OK.getHttpCode()) {
+ int errCode = rspInfo.getMsgContent().getItems().get(0).getStatus();
+ if (rspInfo.getMsgContent().getItems().size() == 0 || errCode != ErrorCode.ERR_OK.getCode()) {
+ return new MulReturnType<>(ErrorCode.ERR_NOSUCHTASK, -1L);
+ }
+
+ return new MulReturnType<>(ErrorCode.ERR_OK,
+ rspInfo.getMsgContent().getItems().get(0).getTaskStatus());
+ } else {
+ return new MulReturnType<>(ErrorCode.ERR_CALLDEVICE, -1L);
+ }
+ } catch (Exception ignored) {
+ return new MulReturnType<>(ErrorCode.ERR_SYSTEMEXCEPTION, -1L);
+ }
+ }
+
+ /**
+ * Upgrade token.
+ */
+ private void upgradeToken() {
+ try {
+ //目前1.UPF不提供用户登录接口,使用随机生成的token值;2.UPF登录接口不校验用户名和密码,返回值为REE_OK和token值
+ this.token = RandomStringUtils.randomAlphabetic(10);
+ } catch (Exception ignored) {
+ }
+ }
+
+ /**
+ * Period task runtime.
+ */
+ @Override
+ public void periodTaskRuntime() {
+ //防护对象和设备状态都是默认值,不根据设备实时状态获取,不做处理
+ log.debug("++++UPF Period Task Running");
+ }
+
+ /**
+ * Device ready boolean.
+ *
+ * @return the boolean
+ */
+ @Override
+ public boolean deviceReady() {
+ return true;
+ }
+
+ /**
+ * Upgrade service group.
+ *
+ * @param svrList the svr list
+ */
+ @Override
+ public void upgradeServiceGroup(List svrList) {
+ }
+
+ /**
+ * Is carry attack type boolean.
+ *
+ * @param attackType the attack type
+ * @return the boolean
+ */
+ @Override
+ public boolean isCarryAttackType(Long attackType) {
+ return true;
+ }
+}
diff --git a/src/main/java/com/dispose/ability/impl/VirtualAbilityImpl.java b/src/main/java/com/dispose/ability/impl/VirtualAbilityImpl.java
index 34832aca..3d8335a8 100644
--- a/src/main/java/com/dispose/ability/impl/VirtualAbilityImpl.java
+++ b/src/main/java/com/dispose/ability/impl/VirtualAbilityImpl.java
@@ -82,18 +82,18 @@ public class VirtualAbilityImpl implements DisposeAbility {
@Override
public MulReturnType getAbilityDeviceFireware() {
return new MulReturnType<>(ErrorCode.ERR_OK,
- DeviceFirewareInfo.builder()
- .vendor("Virtual")
- .model("Dispose_1000")
- .firmware("Unknown")
- .os("Unknown")
- .kernel("Linux")
- .arch("x86_64")
- .version("Virtual_Device_2.0")
- .memory(-1)
- .freeMemory(-1)
- .cpuUsed(-1)
- .build());
+ DeviceFirewareInfo.builder()
+ .vendor("Virtual")
+ .model("Dispose_1000")
+ .firmware("Unknown")
+ .os("Unknown")
+ .kernel("Linux")
+ .arch("x86_64")
+ .version("Virtual_Device_2.0")
+ .memory(-1)
+ .freeMemory(-1)
+ .cpuUsed(-1)
+ .build());
}
/**
diff --git a/src/main/java/com/dispose/common/DisposeDeviceType.java b/src/main/java/com/dispose/common/DisposeDeviceType.java
index a2b79ad8..e5dc8bf3 100644
--- a/src/main/java/com/dispose/common/DisposeDeviceType.java
+++ b/src/main/java/com/dispose/common/DisposeDeviceType.java
@@ -30,6 +30,10 @@ public enum DisposeDeviceType implements BaseEnum {
* The Huawei FireWall platform.
*/
HUAWEI_FIREWALL_PLATFORM(5, "华为防火墙"),
+ /**
+ * The upf platform.
+ */
+ UPF_PLATFORM(6, "UPF设备"),
/**
* The Virtual dispose.
*/
diff --git a/src/main/java/com/dispose/common/ErrorCode.java b/src/main/java/com/dispose/common/ErrorCode.java
index 0cba359e..467c6dfb 100644
--- a/src/main/java/com/dispose/common/ErrorCode.java
+++ b/src/main/java/com/dispose/common/ErrorCode.java
@@ -240,7 +240,10 @@ public enum ErrorCode {
* The Err pengxin error.
*/
ERR_PENGXIN_ERROR(117, "鹏信设备返回错误"),
-
+ /**
+ * The Err upf error.
+ */
+ ERR_UPF_ERROR(118, "UPF设备返回错误"),
/**
* The Err nosuchumcprotectobject.
*/
diff --git a/src/main/java/com/dispose/controller/DisposeDeviceManagerController.java b/src/main/java/com/dispose/controller/DisposeDeviceManagerController.java
index 3fcb5e0a..6af04d2b 100644
--- a/src/main/java/com/dispose/controller/DisposeDeviceManagerController.java
+++ b/src/main/java/com/dispose/controller/DisposeDeviceManagerController.java
@@ -28,6 +28,7 @@ import com.dispose.pojo.entity.DisposeDevice;
import com.dispose.pojo.po.MulReturnType;
import com.dispose.security.annotation.Decryption;
import com.dispose.security.annotation.Encryption;
+import com.dispose.security.arithmetic.CryptoHelper;
import com.dispose.service.DisposeDeviceManagerService;
import com.dispose.validation.group.ValidGroups;
import com.github.pagehelper.PageInfo;
@@ -45,6 +46,7 @@ import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.ResponseBody;
import javax.annotation.Resource;
+import java.nio.charset.StandardCharsets;
import java.util.ArrayList;
import java.util.List;
@@ -70,7 +72,7 @@ public class DisposeDeviceManagerController {
private DisposeDeviceManagerService disposeDeviceManagerService;
/**
- * Request to device list list.
+ * Request to device list.
*
* @param req the req
* @return the list
@@ -91,14 +93,14 @@ public class DisposeDeviceManagerController {
.ipAddr(v.getIpAddr())
.ipPort(port)
.deviceType(CommonEnumHandler.codeOf(DisposeDeviceType.class,
- v.getDeviceType()))
+ v.getDeviceType()))
.areaCode(v.getAreaCode())
.deviceName(v.getDeviceName())
.manufacturer(v.getManufacturer())
.model(v.getModel())
.version(v.getVersion())
.userName(v.getUserName())
- .password(v.getPassword())
+ .password(CryptoHelper.base64Encryption(v.getPassword().getBytes(StandardCharsets.UTF_8)))
.urlPath(v.getUrlPath())
.urlType(hType)
.readme(v.getReadme())
@@ -112,7 +114,7 @@ public class DisposeDeviceManagerController {
DisposeCapacity cap = DisposeCapacity.builder()
.capacityType(CommonEnumHandler.codeOf(DisposeCapacityType.class, k.getCapacityType()))
.ipType(k.getIpType() == null ? IpAddrType.IPV4 :
- CommonEnumHandler.codeOf(IpAddrType.class, k.getIpType()))
+ CommonEnumHandler.codeOf(IpAddrType.class, k.getIpType()))
.objectType(CommonEnumHandler.codeOf(DisposeObjectType.class, k.getObjectType()))
.protectIp(k.getProtectIp() == null ? "" : k.getProtectIp())
.reserveNetflow(k.getReserveNetflow())
@@ -265,7 +267,7 @@ public class DisposeDeviceManagerController {
MulReturnType, List> ret =
disposeDeviceManagerService.getPageDisposeDevice(mr.getMsgContent().getStartPage(),
- mr.getMsgContent().getPageSize());
+ mr.getMsgContent().getPageSize());
GetDeviceRsp rspInfo = new GetDeviceRsp();
@@ -284,7 +286,7 @@ public class DisposeDeviceManagerController {
GetDeviceDetail devInfo = new GetDeviceDetail();
devInfo.setId(v.getId().toString());
devInfo.setIpAddr(DisposeConfigValue.USED_PRIVACY_PROTECT ?
- PrivacyHelper.ipAddressPrivacy(v.getIpAddr()) : v.getIpAddr());
+ PrivacyHelper.ipAddressPrivacy(v.getIpAddr()) : v.getIpAddr());
devInfo.setIpPort(Helper.ipPortNormalize(v.getIpPort(), v.getUrlType()));
devInfo.setDeviceType(v.getDeviceType().getValue());
devInfo.setAreaCode(v.getAreaCode());
@@ -293,7 +295,7 @@ public class DisposeDeviceManagerController {
devInfo.setModel(v.getModel());
devInfo.setVersion(v.getVersion());
devInfo.setUserName(DisposeConfigValue.USED_PRIVACY_PROTECT ?
- PrivacyHelper.usernamePrivacy(v.getUserName()) : v.getUserName());
+ PrivacyHelper.usernamePrivacy(v.getUserName()) : v.getUserName());
devInfo.setUrlType(v.getUrlType().getValue());
devInfo.setReadme(v.getReadme());
devInfo.setDevStatus(v.getStatus().getValue());
diff --git a/src/main/java/com/dispose/pojo/dto/protocol/base/ProtocolReqDTO.java b/src/main/java/com/dispose/pojo/dto/protocol/base/ProtocolReqDTO.java
index 76c26ee7..c9b02186 100644
--- a/src/main/java/com/dispose/pojo/dto/protocol/base/ProtocolReqDTO.java
+++ b/src/main/java/com/dispose/pojo/dto/protocol/base/ProtocolReqDTO.java
@@ -34,7 +34,7 @@ public class ProtocolReqDTO extends BaseProtocolDTO {
try {
String authString = Objects.requireNonNull(headers.get("Authorization")).get(0);
- if (authString.length() == 0 || !authString.startsWith(ConstValue.STRING_HTTP_AUTH_HEAD)) {
+ if (!authString.startsWith(ConstValue.STRING_HTTP_AUTH_HEAD)) {
log.error("Input Authorization header error: [{}]", authString);
return "";
}
diff --git a/src/main/java/com/dispose/service/impl/DeviceTaskManagerServiceImpl.java b/src/main/java/com/dispose/service/impl/DeviceTaskManagerServiceImpl.java
index 9d3338a3..ccc3e741 100644
--- a/src/main/java/com/dispose/service/impl/DeviceTaskManagerServiceImpl.java
+++ b/src/main/java/com/dispose/service/impl/DeviceTaskManagerServiceImpl.java
@@ -482,6 +482,13 @@ public class DeviceTaskManagerServiceImpl implements DeviceTaskManagerService {
// 对新建的任务,创建对应处置设备任务信息
for (DisposeTask v : disposeTaskManager.getUnExpiredTasks()) {
+ //数据库数据太多,存在数据库一次性读取的信息和当前最新信息不一致(改动数据库)的情况,再次从数据库获取最新信息
+ DisposeTaskStatus taskStatus = disposeTaskManager.getDisposeTaskById(v.getId()).getCurrentStatus();
+ if (taskStatus.equals(DisposeTaskStatus.TASK_FINISHED) ||
+ taskStatus.equals(DisposeTaskStatus.TASK_CANCELED) ||
+ taskStatus.equals(DisposeTaskStatus.TASK_EXPIRED)) {
+ continue;
+ }
// 设置任务状态, 开始创建任务
disposeTaskManager.changeDisposeTaskStatus(v.getId(), DisposeTaskStatus.TASK_STARTING);
@@ -588,6 +595,10 @@ public class DeviceTaskManagerServiceImpl implements DeviceTaskManagerService {
restfulDeviceTaskRun(ai, v, task, DisposeDeviceType.HUAWEI_FIREWALL_PLATFORM);
break;
+ case UPF_PLATFORM:
+ restfulDeviceTaskRun(ai, v, task, DisposeDeviceType.UPF_PLATFORM);
+ break;
+
default:
log.error("Unknown dispose device type: {}", ai.getDev());
break;
@@ -669,6 +680,10 @@ public class DeviceTaskManagerServiceImpl implements DeviceTaskManagerService {
restfulDeviceTaskStop(ai, v, task, DisposeDeviceType.HUAWEI_FIREWALL_PLATFORM);
break;
+ case UPF_PLATFORM:
+ restfulDeviceTaskStop(ai, v, task, DisposeDeviceType.UPF_PLATFORM);
+ break;
+
default:
log.error("Unknown dispose device type: {}", ai.getDev());
break;
diff --git a/src/main/java/com/dispose/service/impl/DisposeAbilityRouterServiceImpl.java b/src/main/java/com/dispose/service/impl/DisposeAbilityRouterServiceImpl.java
index de72ad6c..37d4a8c3 100644
--- a/src/main/java/com/dispose/service/impl/DisposeAbilityRouterServiceImpl.java
+++ b/src/main/java/com/dispose/service/impl/DisposeAbilityRouterServiceImpl.java
@@ -7,6 +7,7 @@ import com.dispose.ability.impl.HaoHanAbilityImpl;
import com.dispose.ability.impl.HuaWeiAbilityImpl;
import com.dispose.ability.impl.HuaWeiFireWallAbilityImpl;
import com.dispose.ability.impl.PengXinAbilityImpl;
+import com.dispose.ability.impl.UpfAbilityImpl;
import com.dispose.ability.impl.VirtualAbilityImpl;
import com.dispose.common.DisposeCapacityType;
import com.dispose.common.ErrorCode;
@@ -172,6 +173,9 @@ public class DisposeAbilityRouterServiceImpl implements DisposeAbilityRouterServ
case HUAWEI_FIREWALL_PLATFORM:
db = new HuaWeiFireWallAbilityImpl();
break;
+ case UPF_PLATFORM:
+ db = new UpfAbilityImpl();
+ break;
default:
log.error("Unknown dispose device type: {}", dev.getDeviceType());
return ErrorCode.ERR_PARAMS;
diff --git a/src/main/java/com/pengxin/dispose/protocol/PengXinInterface.java b/src/main/java/com/pengxin/dispose/protocol/PengXinInterface.java
index 0e92a39b..b6977c85 100644
--- a/src/main/java/com/pengxin/dispose/protocol/PengXinInterface.java
+++ b/src/main/java/com/pengxin/dispose/protocol/PengXinInterface.java
@@ -89,8 +89,12 @@ public class PengXinInterface {
if (rspInfo != null && rspInfo.getMsgContent() != null) {
if (rspInfo.getCode() == HttpServletResponse.SC_UNAUTHORIZED) {
return ErrorCode.ERR_LOGOUT;
- } else if (rspInfo.getMsgContent().getStatus() == ErrorCode.ERR_OK.getCode()) {
- return ErrorCode.ERR_OK;
+ } else if (rspInfo.getCode() == HttpServletResponse.SC_OK) {
+ if(rspInfo.getMsgContent().getStatus() != ErrorCode.ERR_OK.getCode()){
+ return ErrorCode.ERR_LOGOUT;
+ } else {
+ return ErrorCode.ERR_OK;
+ }
}
}
diff --git a/src/test/java/com/dispose/test/testcase/qa/v200/P2DeviceAdd.java b/src/test/java/com/dispose/test/testcase/qa/v200/P2DeviceAdd.java
index ccc5c20d..6007aaa1 100644
--- a/src/test/java/com/dispose/test/testcase/qa/v200/P2DeviceAdd.java
+++ b/src/test/java/com/dispose/test/testcase/qa/v200/P2DeviceAdd.java
@@ -809,7 +809,7 @@ public class P2DeviceAdd {
Assert.assertEquals(dev.getModel(), "UMC");
Assert.assertEquals(dev.getVersion(), "5.7.13");
Assert.assertEquals(dev.getUserName(), "test");
- Assert.assertEquals(dev.getPassword(), "testpassword");
+ Assert.assertEquals(dev.getPassword(), "dGVzdHBhc3N3b3Jk");
Assert.assertEquals(dev.getReadme(), "实验室测试设备");
Assert.assertEquals(dev.getUrlType(), HttpType.HTTP);