ops / monitor-service · Commits

Go to a project

Authored by qinchao
Commit 0d403273bd0d969e8594faa466179bce14dba401 1 parent e77d8a2f

恶意ip封杀

Inline Side-by-side
Showing 6 changed files with 197 additions and 1 deletions
  1 +package com.model;
  2 +
  3 +import lombok.Data;
  4 +
  5 +import java.util.Date;
  6 +
  7 +/**
  8 + * Created by craig.qin
  9 + */
  10 +@Data
  11 +public class MaliciousIpsRecordForbid {
  12 + private int id;
  13 + private String ip;
  14 + private String reason;
  15 +
  16 + /**
  17 + * 创建时间
  18 + */
  19 + private Date createTime;
  20 +
  21 + //封禁status 1 表示封
  22 + private String forbidStatus;
  23 +}
  1 +package com.monitor.mysql.mapper;
  2 +
  3 +import com.model.MaliciousIpsRecordForbid;
  4 +import com.monitor.model.domain.PageBean;
  5 +
  6 +import java.util.List;
  7 +
  8 +/**
  9 + * Created by craig.qin
  10 + */
  11 +public interface MaliciousIpsRecordForbidMapper {
  12 +
  13 + int selectCount(PageBean page);//查询总数量
  14 +
  15 + List<MaliciousIpsRecordForbid> selectByPage(PageBean page);
  16 +
  17 + int insert(MaliciousIpsRecordForbid record);
  18 +
  19 + void updateForbidStatusByPrimaryKey(MaliciousIpsRecordForbid record);
  20 +
  21 +}
  1 +<?xml version="1.0" encoding="UTF-8" ?>
  2 +<!DOCTYPE mapper PUBLIC "-//mybatis.org//DTD Mapper 3.0//EN" "http://mybatis.org/dtd/mybatis-3-mapper.dtd" >
  3 +<mapper namespace="com.monitor.mysql.mapper.MaliciousIpsRecordForbidMapper" >
  4 + <resultMap id="BaseResultMap" type="com.model.MaliciousIpsRecordForbid" >
  5 + <id column="id" property="id" jdbcType="INTEGER" />
  6 + <result column="ip" property="ip" jdbcType="VARCHAR" />
  7 + <result column="reason" property="reason" jdbcType="VARCHAR" />
  8 + <result column="forbid_status" property="forbidStatus" jdbcType="VARCHAR" />
  9 + <result column="create_time" property="createTime" jdbcType="TIMESTAMP" />
  10 + </resultMap>
  11 + <sql id="Base_Column_List" >
  12 + id, ip,reason,create_time,forbid_status
  13 + </sql>
  14 +
  15 + <select id="selectCount" resultType="java.lang.Integer">
  16 + select count(1) from malicious_ips_record_forbid
  17 + where 1=1
  18 + <if test="params.beginTime !=null &amp;&amp; params.beginTime !=''">
  19 + and create_time &gt;= #{params.beginTime,jdbcType=TIMESTAMP}
  20 + </if>
  21 + <if test="params.endTime !=null &amp;&amp; params.endTime !=''">
  22 + and create_time &lt;= #{params.endTime,jdbcType=TIMESTAMP}
  23 + </if>
  24 + </select>
  25 +
  26 + <select id="selectByPage" resultMap="BaseResultMap">
  27 + select
  28 + <include refid="Base_Column_List"/>
  29 + from malicious_ips_record_forbid
  30 + where 1=1
  31 + <if test="params.beginTime !=null &amp;&amp; params.beginTime !=''">
  32 + and create_time &gt;= #{params.beginTime,jdbcType=TIMESTAMP}
  33 + </if>
  34 + <if test="params.endTime !=null &amp;&amp; params.endTime !=''">
  35 + and create_time &lt;= #{params.endTime,jdbcType=TIMESTAMP}
  36 + </if>
  37 + order by id desc
  38 + limit #{startIndex},#{pageSize}
  39 + </select>
  40 +
  41 + <insert id="insert" parameterType="com.model.MaliciousIpsRecordForbid">
  42 + insert into malicious_ips_record_forbid(ip,reason,create_time)
  43 + values(#{ip,jdbcType=VARCHAR},#{reason,jdbcType=VARCHAR},now())
  44 + </insert>
  45 +
  46 + <update id="updateForbidStatusByPrimaryKey" parameterType="com.model.MaliciousIpsRecordForbid" >
  47 + update malicious_ips_record_forbid
  48 + set forbid_status = #{forbidStatus,jdbcType=VARCHAR}
  49 + where id = #{id,jdbcType=INTEGER}
  50 + </update>
  51 +
  52 +</mapper>
@@ -83,6 +83,26 @@ public class MaliciousIpController { @@ -83,6 +83,26 @@ public class MaliciousIpController {
83 } 83 }
84 84
85 /** 85 /**
  86 + * 捕获的恶意ip写入运维系统的mysql
  87 + * @return
  88 + */
  89 + @RequestMapping("/writeForbidMipsInfoToOpsDb")
  90 + @ResponseBody
  91 + public void writeForbidMipsInfoToOpsDb(@RequestBody String ipsObjs) {
  92 + ipImpl.writeForbidMipsInfoToOpsDb(ipsObjs);
  93 + }
  94 +
  95 + @RequestMapping("/updateForbidStatus")
  96 + @ResponseBody
  97 + public BaseResponse updateForbidStatus(int id,String status) {
  98 + ipImpl.updateForbidStatus(id,status);
  99 + return new BaseResponse();
  100 + }
  101 +
  102 +
  103 +
  104 +
  105 + /**
86 * 从运维系统的db获取恶意ip 106 * 从运维系统的db获取恶意ip
87 * @return 107 * @return
88 */ 108 */
@@ -92,6 +112,12 @@ public class MaliciousIpController { @@ -92,6 +112,12 @@ public class MaliciousIpController {
92 return ipImpl.getMipsInfoToOpsDb(pageRequest); 112 return ipImpl.getMipsInfoToOpsDb(pageRequest);
93 } 113 }
94 114
  115 + @RequestMapping("/getMaliciousIpRecordForbidList")
  116 + @ResponseBody
  117 + public BaseResponse getMaliciousIpRecordForbidList(@RequestBody MaliciousIpRecordReq pageRequest){
  118 + return ipImpl.getForbidMipsInfoToOpsDb(pageRequest);
  119 + }
  120 +
95 121
96 /** 122 /**
97 * 从运维系统的redis获取恶意ip 123 * 从运维系统的redis获取恶意ip
@@ -26,8 +26,14 @@ public interface MaliciousIpService { @@ -26,8 +26,14 @@ public interface MaliciousIpService {
26 26
27 void writeMipsInfoToOpsDb(String ipsObjs); 27 void writeMipsInfoToOpsDb(String ipsObjs);
28 28
  29 + void writeForbidMipsInfoToOpsDb(String ipsObjs);
  30 +
  31 + void updateForbidStatus(int id ,String status);
  32 +
29 BaseResponse getMipsInfoToOpsDb(MaliciousIpRecordReq request); 33 BaseResponse getMipsInfoToOpsDb(MaliciousIpRecordReq request);
30 34
  35 + BaseResponse getForbidMipsInfoToOpsDb(MaliciousIpRecordReq request);
  36 +
31 /** 37 /**
32 *从运维系统的redis查询恶意ip 38 *从运维系统的redis查询恶意ip
33 */ 39 */
@@ -6,6 +6,7 @@ import com.alibaba.fastjson.JSONObject; @@ -6,6 +6,7 @@ import com.alibaba.fastjson.JSONObject;
6 import com.contants.AlarmGroupContants; 6 import com.contants.AlarmGroupContants;
7 import com.model.MalIpRule; 7 import com.model.MalIpRule;
8 import com.model.MaliciousIpsRecord; 8 import com.model.MaliciousIpsRecord;
  9 +import com.model.MaliciousIpsRecordForbid;
9 import com.monitor.common.service.AlarmMsgService; 10 import com.monitor.common.service.AlarmMsgService;
10 import com.monitor.influxdb.contants.InfluxDBContants; 11 import com.monitor.influxdb.contants.InfluxDBContants;
11 import com.monitor.influxdb.mapper.MaliciousIpMapper; 12 import com.monitor.influxdb.mapper.MaliciousIpMapper;
@@ -15,6 +16,7 @@ import com.monitor.model.request.MaliciousIpRecordReq; @@ -15,6 +16,7 @@ import com.monitor.model.request.MaliciousIpRecordReq;
15 import com.monitor.model.response.BaseResponse; 16 import com.monitor.model.response.BaseResponse;
16 import com.monitor.model.response.PageResponse; 17 import com.monitor.model.response.PageResponse;
17 import com.monitor.mysql.mapper.MalIpRuleMapper; 18 import com.monitor.mysql.mapper.MalIpRuleMapper;
  19 +import com.monitor.mysql.mapper.MaliciousIpsRecordForbidMapper;
18 import com.monitor.mysql.mapper.MaliciousIpsRecordMapper; 20 import com.monitor.mysql.mapper.MaliciousIpsRecordMapper;
19 import com.monitor.other.maliciousip.contants.MaliciousIpContants; 21 import com.monitor.other.maliciousip.contants.MaliciousIpContants;
20 import com.monitor.other.maliciousip.contants.MaliciousIpModel; 22 import com.monitor.other.maliciousip.contants.MaliciousIpModel;
@@ -70,6 +72,9 @@ public class MaliciousIpServiceImpl implements MaliciousIpService { @@ -70,6 +72,9 @@ public class MaliciousIpServiceImpl implements MaliciousIpService {
70 private MaliciousIpsRecordMapper maliciousIpsRecordMapper; 72 private MaliciousIpsRecordMapper maliciousIpsRecordMapper;
71 73
72 @Autowired 74 @Autowired
  75 + private MaliciousIpsRecordForbidMapper maliciousIpsRecordForbidMapper;
  76 +
  77 + @Autowired
73 @Qualifier("awsRedisTemplate") 78 @Qualifier("awsRedisTemplate")
74 private RedisTemplate<String,String> awsRedisTemplate; 79 private RedisTemplate<String,String> awsRedisTemplate;
75 80
@@ -183,7 +188,7 @@ public class MaliciousIpServiceImpl implements MaliciousIpService { @@ -183,7 +188,7 @@ public class MaliciousIpServiceImpl implements MaliciousIpService {
183 188
184 189
185 public void writeMipsInfoToOpsDb(String ipsObjs){ 190 public void writeMipsInfoToOpsDb(String ipsObjs){
186 - logger.info("begin writeMipsInfoToOpsDb :"+ipsObjs); 191 + //logger.info("begin writeMipsInfoToOpsDb :"+ipsObjs);
187 if(StringUtils.isNotBlank(ipsObjs)){ 192 if(StringUtils.isNotBlank(ipsObjs)){
188 JSONArray ipsObjArray=JSON.parseArray(ipsObjs); 193 JSONArray ipsObjArray=JSON.parseArray(ipsObjs);
189 for(int i=0;i<ipsObjArray.size();i++){ 194 for(int i=0;i<ipsObjArray.size();i++){
@@ -200,6 +205,32 @@ public class MaliciousIpServiceImpl implements MaliciousIpService { @@ -200,6 +205,32 @@ public class MaliciousIpServiceImpl implements MaliciousIpService {
200 } 205 }
201 } 206 }
202 207
  208 + public void writeForbidMipsInfoToOpsDb(String ipsObjs){
  209 + //logger.info("begin writeForbidMipsInfoToOpsDb :"+ipsObjs);
  210 + if(StringUtils.isNotBlank(ipsObjs)){
  211 + JSONArray ipsObjArray=JSON.parseArray(ipsObjs);
  212 + for(int i=0;i<ipsObjArray.size();i++){
  213 + JSONObject jo= ipsObjArray.getJSONObject(i);
  214 + String ip=jo.getString("ip");
  215 + String reason=jo.toJSONString();
  216 +
  217 + //写入mysql
  218 + MaliciousIpsRecordForbid record=new MaliciousIpsRecordForbid();
  219 + record.setIp(ip);
  220 + record.setReason(reason);
  221 + maliciousIpsRecordForbidMapper.insert(record);
  222 + }
  223 + }
  224 + }
  225 +
  226 + public void updateForbidStatus(int id ,String status){
  227 + MaliciousIpsRecordForbid recordForbid=new MaliciousIpsRecordForbid();
  228 + recordForbid.setId(id);
  229 + recordForbid.setForbidStatus(status);
  230 + maliciousIpsRecordForbidMapper.updateForbidStatusByPrimaryKey(recordForbid);
  231 + }
  232 +
  233 +
203 public BaseResponse getMipsInfoToOpsDb(MaliciousIpRecordReq request){ 234 public BaseResponse getMipsInfoToOpsDb(MaliciousIpRecordReq request){
204 PageBean page = PageBean.initPageInfo(request.getCurrentPage(), request.getPageSize(), request); 235 PageBean page = PageBean.initPageInfo(request.getCurrentPage(), request.getPageSize(), request);
205 maliciousIpsRecordMapper.selectByPage(page); 236 maliciousIpsRecordMapper.selectByPage(page);
@@ -237,6 +268,43 @@ public class MaliciousIpServiceImpl implements MaliciousIpService { @@ -237,6 +268,43 @@ public class MaliciousIpServiceImpl implements MaliciousIpService {
237 return new BaseResponse<>(pageResp); 268 return new BaseResponse<>(pageResp);
238 } 269 }
239 270
  271 + public BaseResponse getForbidMipsInfoToOpsDb(MaliciousIpRecordReq request){
  272 + PageBean page = PageBean.initPageInfo(request.getCurrentPage(), request.getPageSize(), request);
  273 + maliciousIpsRecordForbidMapper.selectByPage(page);
  274 + // 先查询符合条件的总数量
  275 + int total = maliciousIpsRecordForbidMapper.selectCount(page);
  276 + // 数量为0 直接返回
  277 + if (total == 0) {
  278 + return new BaseResponse<>();
  279 + }
  280 + // 获取列表
  281 + List<MaliciousIpsRecordForbid> ls = maliciousIpsRecordForbidMapper.selectByPage(page);
  282 + if (org.springframework.util.CollectionUtils.isEmpty(ls)) {
  283 + return new BaseResponse<>();
  284 + }
  285 + //解析reason到汉字
  286 + for(MaliciousIpsRecordForbid record:ls){
  287 + String reasonForbid=record.getReason();
  288 + if(StringUtils.isNotBlank(reasonForbid)){
  289 + try{
  290 + MaliciousIpModel model=JSON.parseObject(reasonForbid,MaliciousIpModel.class);
  291 + reasonForbid=model.toHtmlString4DB();
  292 + record.setReason(reasonForbid);
  293 + }catch (Exception e){
  294 + ///查询异常就不管了
  295 + }
  296 +
  297 + }
  298 + }
  299 +
  300 + PageResponse<MaliciousIpsRecordForbid> pageResp = new PageResponse<>();
  301 + pageResp.setCurrentPage(request.getCurrentPage());
  302 + pageResp.setPageSize(request.getPageSize());
  303 + pageResp.setTotal(total);
  304 + pageResp.setRows(ls);
  305 + return new BaseResponse<>(pageResp);
  306 + }
  307 +
240 /** 308 /**
241 *从运维系统的redis查询恶意ip,并且从influxdb中取对应的ip信息 309 *从运维系统的redis查询恶意ip,并且从influxdb中取对应的ip信息
242 */ 310 */