恶意ip管理

@@ -115,3 +115,6 @@ monitor-service-influxdb/src/main/java/com/monitor/influxdb/QueryResultUtil.java
 monitor-service-middleware/.settings/org.eclipse.wst.common.component
 monitor-service-middleware/.settings/org.eclipse.wst.common.project.facet.core.xml
 monitor-service-middleware/.settings/org.eclipse.wst.validation.prefs
+*/.settings/*
+*.classpath
+*.gitignore

+package com.monitor.other.maliciousip;
+
+/**
+ * 恶意ip内容集合
+ * @author hui.xu
+ *
+ */
+public class MaliciousDetailIp {
+	
+	/**
+	 * 恶意ip
+	 */
+	private String userIP;
+	
+	/**
+	 * 访问的模块
+	 */
+	private String method;
+	
+	/**
+	 * QPS
+	 */
+	private int count;
+
+	public String getUserIP() {
+		return userIP;
+	}
+
+	public void setUserIP(String userIP) {
+		this.userIP = userIP;
+	}
+
+	public String getMethod() {
+		return method;
+	}
+
+	public void setMethod(String method) {
+		this.method = method;
+	}
+
+	public int getCount() {
+		return count;
+	}
+
+	public void setCount(int count) {
+		this.count = count;
+	}
+
+	@Override
+	public String toString() {
+		return "MaliciousDetailIp [userIP=" + userIP + ", method=" + method + ", count=" + count + "]";
+	}
+}
\ No newline at end of file

+package com.monitor.other.maliciousip;
+
+/**
+ * 恶意ip内容集合
+ * @author hui.xu
+ *
+ */
+public class MaliciousIp {
+	
+	/**
+	 * 恶意ip
+	 */
+	private String ip;
+	
+	/**
+	 * QPS
+	 */
+	private int count;
+	
+	/**
+	 * 百分比
+	 */
+	private int percent;
+
+	public String getIp() {
+		return ip;
+	}
+
+	public void setIp(String ip) {
+		this.ip = ip;
+	}
+
+	public int getCount() {
+		return count;
+	}
+
+	public void setCount(int count) {
+		this.count = count;
+	}
+
+	public int getPercent() {
+		return percent;
+	}
+
+	public void setPercent(int percent) {
+		this.percent = percent;
+	}
+
+	@Override
+	public String toString() {
+		return "MaliciousIp [ip=" + ip + ", count=" + count + ", percent=" + percent + "]";
+	}
+}
\ No newline at end of file

+package com.monitor.other.maliciousip;
+
+import lombok.Data;
+
+@Data
+public class UpLoadError {
+	private String status;
+	
+	private String message;
+}
\ No newline at end of file

+package com.monitor.other.maliciousip;
+
+/**
+ * 上传的恶意ip集合
+ * @author hui.xu
+ *
+ */
+public class UpLoadMaliciousIp {
+	private String ips;
+
+	public String getIps() {
+		return ips;
+	}
+
+	public void setIps(String ips) {
+		this.ips = ips;
+	}
+}
\ No newline at end of file

+package com.monitor.other.maliciousip.ctrl;
+
+import java.util.List;
+
+import org.apache.commons.lang3.StringUtils;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.stereotype.Controller;
+import org.springframework.web.bind.annotation.RequestBody;
+import org.springframework.web.bind.annotation.RequestMapping;
+import org.springframework.web.bind.annotation.ResponseBody;
+
+import com.monitor.model.response.BaseResponse;
+import com.monitor.other.maliciousip.MaliciousDetailIp;
+import com.monitor.other.maliciousip.MaliciousIp;
+import com.monitor.other.maliciousip.UpLoadError;
+import com.monitor.other.maliciousip.UpLoadMaliciousIp;
+import com.monitor.other.maliciousip.service.impl.MaliciousIpServiceImpl;
+
+/**
+ * 恶意ip
+ * @author hui.xu
+ *
+ */
+@Controller
+@RequestMapping("maliciousIp")
+public class MaliciousIpController {
+	
+	@Autowired
+	private MaliciousIpServiceImpl ipImpl;
+	
+	/**
+	 * 从Reids中获取恶意的ip集合
+	 * @return
+	 */
+	@RequestMapping("/getIps")
+	@ResponseBody
+	public BaseResponse<List<MaliciousIp>> getIps() {
+		return ipImpl.getIps();
+	}
+	
+	/**
+	 * 从Reids中获取恶意的ip集合
+	 * @return
+	 */
+	@RequestMapping("/getDetail")
+	@ResponseBody
+	public BaseResponse<List<MaliciousDetailIp>> getDetail(String ip) {
+		return ipImpl.getDetail(ip);
+	}
+	
+	/**
+	 * 上传恶意代码
+	 * @return
+	 */
+	@RequestMapping("/uploadIp")
+	@ResponseBody
+	public BaseResponse<UpLoadError> uploadIp(@RequestBody UpLoadMaliciousIp ips) {
+		BaseResponse<UpLoadError> response = new BaseResponse<>();
+		if(null == ips){
+			return response;
+		}
+		if(StringUtils.isBlank(ips.getIps())){
+			return response;
+		}
+		String []arr = StringUtils.split(ips.getIps(), '|');
+		return ipImpl.upLoad(arr);
+	}
+}
\ No newline at end of file

+package com.monitor.other.maliciousip.service;
+
+import java.util.List;
+
+import com.monitor.model.response.BaseResponse;
+import com.monitor.other.maliciousip.MaliciousDetailIp;
+import com.monitor.other.maliciousip.MaliciousIp;
+import com.monitor.other.maliciousip.UpLoadError;
+
+/**
+ * 恶意ip
+ * @author hui.xu
+ *
+ */
+public interface MaliciousIpService {
+	
+	/**
+	 * 从Redis中获取恶意ip集合
+	 * @return
+	 */
+	BaseResponse<List<MaliciousIp>> getIps();
+	
+	/**
+	 * 从Redis中获取恶意ip的内容
+	 * @param ip
+	 * @return
+	 */
+	BaseResponse<List<MaliciousDetailIp>> getDetail(String ip);
+	
+	/**
+	 * 上报恶意ip
+	 * @param ips
+	 * @return
+	 */
+	BaseResponse<UpLoadError> upLoad(String[] ips);
+}
\ No newline at end of file

+package com.monitor.other.maliciousip.service.impl;
+
+import java.util.Collections;
+import java.util.Comparator;
+import java.util.List;
+
+import org.apache.commons.lang3.StringUtils;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.stereotype.Service;
+
+import com.alibaba.fastjson.JSON;
+import com.monitor.model.response.BaseResponse;
+import com.monitor.other.maliciousip.MaliciousDetailIp;
+import com.monitor.other.maliciousip.MaliciousIp;
+import com.monitor.other.maliciousip.UpLoadError;
+import com.monitor.other.maliciousip.service.MaliciousIpService;
+import com.monitor.other.maliciousip.util.RedisReadUtil;
+import com.monitor.other.maliciousip.util.RedisWriteUtil;
+
+/**
+ * 恶意ip
+ * @author hui.xu
+ *
+ */
+@Service
+public class MaliciousIpServiceImpl implements MaliciousIpService {
+
+	/**
+	 * 日志接口
+	 */
+	private Logger logger = LoggerFactory.getLogger(getClass());
+	
+	
+	@Autowired
+	private RedisReadUtil redisRead;
+	
+	@Autowired
+	private RedisWriteUtil redisWrite;
+	
+	/* (non-Javadoc)
+	 * @see com.monitor.other.maliciousip.service.MaliciousIpService#getIps()
+	 * 从Redis中获取恶意ip集合
+	 */
+	@Override
+	public BaseResponse<List<MaliciousIp>> getIps() {
+		BaseResponse<List<MaliciousIp>> response = new BaseResponse<>();
+		List<MaliciousIp> listMaliciousIp;
+		try{
+			String ips_json = redisRead.getIps();
+			if(StringUtils.isBlank(ips_json)){
+				return response;
+			}
+			listMaliciousIp = (List<MaliciousIp>) JSON.parseArray(ips_json, MaliciousIp.class);
+			Comparator comp = new ComparatorIp();
+			Collections.sort(listMaliciousIp, comp);
+			response.setData(listMaliciousIp);
+		}catch(Exception e){
+			logger.error(" - MaliciousIpServiceImpl - getIps - error", e);
+		}
+		return response;
+	}
+
+	/* (non-Javadoc)
+	 * @see com.monitor.other.maliciousip.service.MaliciousIpService#getDetail(java.lang.String)
+	 * 从Redis中获取恶意ip的内容
+	 */
+	@Override
+	public BaseResponse<List<MaliciousDetailIp>> getDetail(String ip) {
+		BaseResponse<List<MaliciousDetailIp>> response = new BaseResponse<>();
+		List<MaliciousDetailIp> listMaliciousDetailIp;
+		try{
+			String detail_json = redisRead.getDetail(ip);
+			if(StringUtils.isBlank(detail_json)){
+				return response;
+			}
+			listMaliciousDetailIp = (List<MaliciousDetailIp>) JSON.parseArray(detail_json, MaliciousDetailIp.class);
+			Comparator comp = new ComparatorDetailIp();
+			Collections.sort(listMaliciousDetailIp, comp);
+			response.setData(listMaliciousDetailIp);
+		}catch(Exception e){
+			logger.error(" - MaliciousIpServiceImpl - getDetail - error", e);
+		}
+		return response;
+	}
+
+	/* (non-Javadoc)
+	 * @see com.monitor.other.maliciousip.service.MaliciousIpService#upLoad(java.lang.String[])
+	 * 上报恶意ip
+	 */
+	@Override
+	public BaseResponse<UpLoadError> upLoad(String[] ips) {
+		BaseResponse<UpLoadError> response = new BaseResponse<>();
+		UpLoadError error = new UpLoadError();
+		try{
+			redisWrite.setIps(ips);		
+			error.setStatus("0");
+		}catch(Exception e){
+			error.setStatus("1");
+			error.setMessage(e.getMessage());
+		}
+		response.setData(error);
+		return response;
+	}
+	
+	class ComparatorIp implements Comparator<MaliciousIp> {
+		public int compare(MaliciousIp e1, MaliciousIp e2) {
+			int count1 = e1.getCount();
+			int count2 = e2.getCount();
+			if (count1 > count2) {
+				return 1;
+			} else if (count1 < count2) {
+				return -1;
+			} else {
+				return 0;
+			}
+		}
+	}
+	
+	class ComparatorDetailIp implements Comparator<MaliciousDetailIp> {
+		public int compare(MaliciousDetailIp e1, MaliciousDetailIp e2) {
+			int count1 = e1.getCount();
+			int count2 = e2.getCount();
+			if (count1 > count2) {
+				return 1;
+			} else if (count1 < count2) {
+				return -1;
+			} else {
+				return 0;
+			}
+		}
+	}
+}
\ No newline at end of file

+package com.monitor.other.maliciousip.util;
+
+import org.springframework.stereotype.Service;
+
+import redis.clients.jedis.Jedis;
+import redis.clients.jedis.JedisPool;
+import redis.clients.jedis.JedisPoolConfig;
+
+/**
+ * Redis 读 基本操作类
+ * @author hui.xu
+ *
+ */
+@Service
+public class RedisReadUtil {
+	
+	/**
+	 * Redis string，里面放ip、ops、百分比
+	 */
+	private static final String MALICIOUS_IP = "yh:malicious:ip:%s:top100";
+	
+	/**
+	 * Redis string ，当前ip访问的接口模块名称
+	 */
+	private static final String MALICIOUS_IP_DETAIL = "yh:malicious:ip:%s:method:detail:%s";
+
+	public static final String TIME_DIMENSION_MINUTE_KEY = "mm";
+    public static final String TIME_DIMENSION_HOUR_KEY = "hh";
+    
+    private JedisPool pool = null;
+
+    private String redis_address;
+
+    public void setRedis_address(String redis_address) {
+		this.redis_address = redis_address;
+	}
+
+	private int redis_port;
+    
+    public void setRedis_port(int redis_port) {
+		this.redis_port = redis_port;
+	}
+
+	public void init(){
+    	JedisPoolConfig config = new JedisPoolConfig();
+        config.setMaxTotal(20);
+        config.setMaxIdle(10);
+        config.setMaxWaitMillis(1000 * 100);
+        pool = new JedisPool(config, redis_address, redis_port);
+    }
+
+	private Jedis getJedis() {
+        Jedis jedis = pool.getResource();
+        return jedis;
+    }
+
+	private void returnResource(Jedis redis) {
+        try {
+            if (redis != null) {
+                redis.close();
+            }
+        } catch (Exception e) {
+        }
+    }
+
+    /**
+     * 获取所有恶意ip集合
+     * @return
+     */
+    public String getIps() {
+        Jedis jedis = getJedis();
+        String value = jedis.get(String.format(MALICIOUS_IP, TIME_DIMENSION_MINUTE_KEY));
+        returnResource(jedis);
+        return value;
+    }
+    
+    /**
+     * 单个
+     * 根据ip获取访问的接口模块名称
+     * @param ip
+     * @return
+     */
+    public String getDetail(String ip){
+    	Jedis jedis = getJedis();
+        String value = jedis.get(String.format(MALICIOUS_IP_DETAIL,TIME_DIMENSION_MINUTE_KEY,ip));
+        returnResource(jedis);
+        return value;
+    }
+}
\ No newline at end of file

+package com.monitor.other.maliciousip.util;
+
+import redis.clients.jedis.Jedis;
+import redis.clients.jedis.JedisPool;
+import redis.clients.jedis.JedisPoolConfig;
+
+/**
+ * Redis 读 基本操作类
+ * @author hui.xu
+ *
+ */
+public class RedisWriteUtil {
+	
+	/**
+	 * Redis set 集合，里面放的都是ip
+	 */
+	private static final String MALICIOUS_IP = "yh:malicious:ips";
+	
+	/**
+	 * 黑名单失效时间10分钟，顺时延长10分钟
+	 */
+	private static final int MALICIOUS_IP_EXPIRE = 10 * 60;
+
+    private JedisPool pool_qq1 = null;
+    private JedisPool pool_qq2 = null;
+    private JedisPool pool_aws1 = null;
+    private JedisPool pool_aws2 = null;
+
+    private String redis_address_qq1;
+    
+    private String redis_address_qq2;
+    
+    private String redis_address_aws1;
+    
+    private String redis_address_aws2;
+
+    public void setRedis_address_qq1(String redis_address_qq1) {
+		this.redis_address_qq1 = redis_address_qq1;
+	}
+
+	public void setRedis_address_qq2(String redis_address_qq2) {
+		this.redis_address_qq2 = redis_address_qq2;
+	}
+
+	public void setRedis_address_aws1(String redis_address_aws1) {
+		this.redis_address_aws1 = redis_address_aws1;
+	}
+
+	public void setRedis_address_aws2(String redis_address_aws2) {
+		this.redis_address_aws2 = redis_address_aws2;
+	}
+
+	private int redis_port = 6379;
+
+    public void setRedis_port(int redis_port) {
+		this.redis_port = redis_port;
+	}
+
+    public void init(){
+    	JedisPoolConfig config = new JedisPoolConfig();
+        config.setMaxTotal(20);
+        config.setMaxIdle(10);
+        config.setMaxWaitMillis(1000 * 100);
+        pool_qq1 = new JedisPool(config, redis_address_qq1, redis_port);
+        pool_qq2 = new JedisPool(config, redis_address_qq2, redis_port);
+        pool_aws1 = new JedisPool(config, redis_address_aws1, redis_port);
+        pool_aws2 = new JedisPool(config, redis_address_aws2, redis_port);
+    }
+
+    private Jedis getJedis_qq1() {
+        Jedis jedis = pool_qq1.getResource();
+        return jedis;
+    }
+    
+    private Jedis getJedis_qq2() {
+        Jedis jedis = pool_qq2.getResource();
+        return jedis;
+    }
+    
+    private Jedis getJedis_aws1() {
+        Jedis jedis = pool_aws1.getResource();
+        return jedis;
+    }
+    
+    private Jedis getJedis_aws2() {
+        Jedis jedis = pool_aws2.getResource();
+        return jedis;
+    }
+
+    private void returnResource(Jedis redis) {
+        try {
+            if (redis != null) {
+                redis.close();
+            }
+        } catch (Exception e) {
+        }
+    }
+
+    /**
+     * 获取所有恶意ip集合
+     * @return
+     */
+    public void setIps(String []ips) {
+        Jedis jedis_qq1 = getJedis_qq1();
+        Jedis jedis_qq2 = getJedis_qq2();
+        Jedis jedis_aws1 = getJedis_aws1();
+        Jedis jedis_aws2 = getJedis_aws2();
+        
+        jedis_qq1.sadd(MALICIOUS_IP, ips);
+        jedis_qq1.expire(MALICIOUS_IP, MALICIOUS_IP_EXPIRE);
+        jedis_qq2.sadd(MALICIOUS_IP, ips);
+        jedis_qq2.expire(MALICIOUS_IP, MALICIOUS_IP_EXPIRE);
+        jedis_aws1.sadd(MALICIOUS_IP, ips);
+        jedis_aws1.expire(MALICIOUS_IP, MALICIOUS_IP_EXPIRE);
+        jedis_aws2.sadd(MALICIOUS_IP, ips);
+        jedis_aws2.expire(MALICIOUS_IP, MALICIOUS_IP_EXPIRE);
+        
+        returnResource(jedis_qq1);
+        returnResource(jedis_qq2);
+        returnResource(jedis_aws1);
+        returnResource(jedis_aws2);
+    }
+}
\ No newline at end of file

@@ -8,6 +8,20 @@
         <constructor-arg name = "url" value="${dns.config.url}"/>
         <constructor-arg name = "dnsApiUrl" value="${dns.config.api.url}"/>
     </bean>
+    
+    <bean id="redisReadUtil" class="com.monitor.other.maliciousip.util.RedisReadUtil" init-method="init">
+        <property name = "redis_address" value="${malicious.ip.redis.host}" />
+        <property name = "redis_port" value="${malicious.ip.redis.port}" />
+    </bean>
+    
+    <bean id="redisWriteUtil" class="com.monitor.other.maliciousip.util.RedisWriteUtil" init-method="init">
+        <property name = "redis_address_qq1" value="${malicious.ip.write.qq.host1}" />
+        <property name = "redis_address_qq2" value="${malicious.ip.write.qq.host2}" />
+        <property name = "redis_address_aws1" value="${malicious.ip.write.aws.host1}" />
+        <property name = "redis_address_aws2" value="${malicious.ip.write.aws.host2}" />
+        <property name = "redis_port" value="${malicious.ip.redis.port}" />
+    </bean>
+    
 
     <bean id="sheduletask" class="com.monitor.other.task.SheduleTask">
         <property name="taskScheduler" ref="scheduler"/>

@@ -18,3 +18,11 @@ zkAddress=172.31.50.139:2181
 
 search.aws.url=http://internal-search-1492740248.cn-north-1.elb.amazonaws.com.cn/
 search.qq.url=http://10.66.4.30/
+
+malicious.ip.redis.host=monitor.redis.yohoops.org
+malicious.ip.redis.port=6379
+
+malicious.ip.write.qq.host1=10.66.0.3
+malicious.ip.write.qq.host2=10.66.0.2
+malicious.ip.write.aws.host1=172.31.20.188
+malicious.ip.write.aws.host2=172.31.20.187
\ No newline at end of file

@@ -18,3 +18,11 @@ zkAddress=127.0.0.1:2181
 
 search.aws.url=http://192.168.102.216:8080/
 search.qq.url=http://192.168.102.224:8080/
+
+malicious.ip.redis.host=192.168.102.22
+malicious.ip.redis.port=6379
+
+malicious.ip.write.qq.host1=192.168.102.22
+malicious.ip.write.qq.host2=192.168.102.22
+malicious.ip.write.aws.host1=192.168.102.22
+malicious.ip.write.aws.host2=192.168.102.22
\ No newline at end of file

@@ -27,4 +27,4 @@ java_service_alarm_count_threshold=50
 union_mobile=15905144483
 java_api_error=15905144483
 
-
+bigdata_mobile=18652925653,18502542319,18610537630

@@ -38,4 +38,6 @@ cron_task_aplipay_voice=0 0 0 * * ?
 cron_task_device_active=0 0 0 * * ?
 device_active_period=60
 
-cron_task_node_mem=0 0 0 * * ?
\ No newline at end of file
+cron_task_node_mem=0 0 0 * * ?
+
+cron_bigdata_alarm=0 0/1 * * * ?
\ No newline at end of file