|
|
|
package com.monitor.other.maliciousip.job;
|
|
|
|
|
|
|
|
import java.util.ArrayList;
|
|
|
|
import java.util.List;
|
|
|
|
import java.util.Timer;
|
|
|
|
import java.util.TimerTask;
|
|
|
|
|
|
|
|
import org.apache.commons.collections.CollectionUtils;
|
|
|
|
import org.apache.commons.lang3.StringUtils;
|
|
|
|
import org.slf4j.Logger;
|
|
|
|
import org.slf4j.LoggerFactory;
|
|
|
|
import org.springframework.beans.factory.annotation.Autowired;
|
|
|
|
|
|
|
|
import com.alibaba.fastjson.JSON;
|
|
|
|
import com.monitor.other.maliciousip.MaliciousIpBL;
|
|
|
|
import com.monitor.other.maliciousip.util.RedisReadUtil;
|
|
|
|
import com.monitor.other.maliciousip.util.RedisWriteUtil;
|
|
|
|
|
|
|
|
public class MaliciousIpJob {
|
|
|
|
|
|
|
|
/**
|
|
|
|
* 日志接口
|
|
|
|
*/
|
|
|
|
private Logger logger = LoggerFactory.getLogger("banIPLogger");
|
|
|
|
|
|
|
|
@Autowired
|
|
|
|
private RedisReadUtil redisRead;
|
|
|
|
|
|
|
|
@Autowired
|
|
|
|
private RedisWriteUtil redisWrite;
|
|
|
|
|
|
|
|
/**
|
|
|
|
* 公司内部ip,需要过滤掉
|
|
|
|
*/
|
|
|
|
private final static String YOHO_INTERNAL_IP = "172.31|10.66|10.67|54.222";
|
|
|
|
|
|
|
|
/**
|
|
|
|
* 比例大于等于99
|
|
|
|
*/
|
|
|
|
private final static int PERCENT_MAX = 99;
|
|
|
|
|
|
|
|
/**
|
|
|
|
* 次数大于等于100
|
|
|
|
*/
|
|
|
|
private final static int COUNT_MAX = 50;
|
|
|
|
|
|
|
|
/**
|
|
|
|
* 敏感接口比例大于等于99%,且敏感接口QPS大于等于100的值,暂时默认放到黑名单
|
|
|
|
*/
|
|
|
|
public void init(){
|
|
|
|
logger.info("-init job!");
|
|
|
|
Timer timer = new Timer();
|
|
|
|
TimerTask timerTask = new TimerTask() {
|
|
|
|
@Override
|
|
|
|
public void run() {
|
|
|
|
//详情
|
|
|
|
logger.info("-init run job!");
|
|
|
|
uploadMaliciousIp();
|
|
|
|
}
|
|
|
|
}; //0:代表是延迟0
|
|
|
|
timer.scheduleAtFixedRate(timerTask, 0, 1* 30);
|
|
|
|
}
|
|
|
|
|
|
|
|
private void uploadMaliciousIp(){
|
|
|
|
try{
|
|
|
|
String ips_json = redisRead.getIpsBL();
|
|
|
|
if(StringUtils.isBlank(ips_json)){
|
|
|
|
return;
|
|
|
|
}
|
|
|
|
List<MaliciousIpBL> listMaliciousIp;
|
|
|
|
List<MaliciousIpBL> listBlackListIp;
|
|
|
|
String yoho_ip = YOHO_INTERNAL_IP;
|
|
|
|
listMaliciousIp = (List<MaliciousIpBL>) JSON.parseArray(ips_json, MaliciousIpBL.class);
|
|
|
|
if(CollectionUtils.isNotEmpty(listMaliciousIp)){
|
|
|
|
listBlackListIp = new ArrayList<>();
|
|
|
|
for (MaliciousIpBL maliciousIp : listMaliciousIp) {
|
|
|
|
//过滤yoho内外网
|
|
|
|
if(StringUtils.isNotBlank(yoho_ip) && StringUtils.isNoneBlank(maliciousIp.getUserIP())){
|
|
|
|
String []arrIp = StringUtils.split(maliciousIp.getUserIP(),'.');
|
|
|
|
String inIp = arrIp[0] + "." + arrIp[1];
|
|
|
|
if(yoho_ip.indexOf(inIp) >= 0){
|
|
|
|
continue;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
//敏感接口比例大于等于99%,且敏感接口QPS大于等于100的值,暂时默认放到黑名单
|
|
|
|
if((maliciousIp.getPercent() >= PERCENT_MAX) && (maliciousIp.getCount() >= COUNT_MAX)){
|
|
|
|
listBlackListIp.add(maliciousIp);
|
|
|
|
}
|
|
|
|
}
|
|
|
|
//加入黑名单
|
|
|
|
if(CollectionUtils.isEmpty(listBlackListIp)){
|
|
|
|
return;
|
|
|
|
}
|
|
|
|
String[] arr_ip = new String[listBlackListIp.size()];
|
|
|
|
for (int index = 0; index < listBlackListIp.size(); index++) {
|
|
|
|
arr_ip[index] = listBlackListIp.get(index).getUserIP();
|
|
|
|
logger.info("-- Ban IP add to list: IP:{}, QPS:{}, Per:{}.", listBlackListIp.get(index).getUserIP(), listBlackListIp.get(index).getCount(), listBlackListIp.get(index).getPercent());
|
|
|
|
}
|
|
|
|
|
|
|
|
redisWrite.setIps(arr_ip);
|
|
|
|
}
|
|
|
|
}catch(Exception e){
|
|
|
|
logger.error("- MaliciousIpJob - uploadMaliciousIp,", e);
|
|
|
|
}
|
|
|
|
}
|
|
|
|
} |
|
|
\ No newline at end of file |
...
|
...
|
|
