Реализация связки Dlink DGS-3610-26G + DES-1228G(vlan на клиента) на основе схемы Cisco2 + Zyxel ( DGS-3610-26G + DES-1228G )
Материал из BiTel WiKi
Версия от 06:37, 13 октября 2009; Stark (Обсуждение | вклад)
import java.io.IOException; import java.util.ArrayList; import java.util.HashMap; import java.util.List; import java.util.Map; import java.util.regex.Matcher; import java.util.regex.Pattern; import java.util.StringTokenizer; import bitel.billing.common.module.ipn.IPNContractStatus; import bitel.billing.server.ipn.GateWorker; import bitel.billing.server.ipn.UserStatus; import bitel.billing.server.ipn.bean.*; import bitel.billing.server.util.DefaultServerSetup; import bitel.billing.server.util.Utils; import bitel.billing.server.util.telnet.TelnetSession; import ru.bitel.bgbilling.common.DefaultSetup; import bitel.billing.common.IPUtils; import bitel.billing.server.util.Utils; import bitel.billing.server.util.telnet.TelnetSession; //includeBGBS( "bgbs://ru.bitel.bgbilling.kernel.script.common.bean.ScriptLibrary/manad" ); protected void doSync() { log.info( "start of cisco........................................................"); host = gate.getHost(); port = gate.getPort(); DefaultServerSetup gateSetup = new DefaultServerSetup( gate.getConfig(), "\r\n" ); pswd = gate.getKeyword(); login = gateSetup.getStringValue( "login"); timeout = gateSetup.getIntValue( "timeout", 0 ); result = new StringBuffer(); if( log.isDebugEnabled() ) { log.debug( gate.getId() + " gate: " + host + ":" + port + " login: " + login + " passwd: " + pswd ); } log.debug("before connect"); session = new TelnetSession( host, port); session.setTimeout( timeout ); session.setLoginPromptSequence( ":" ); session.connect(); log.debug("after connect"); result.append( session.doCommand( login ) ); log.debug("after login"); session.setLoginPromptSequence( "#" ); result.append( session.doCommand( pswd ) ); log.debug("after pswd"); result.append( session.doCommand( "terminal length 0" ) ); result.append( session.doCommand( "terminal width 0" ) ); log.debug("after terminal"); result.append( session.doCommand( "configure terminal" ) ); log.debug( "execute commands" ); doCommands( session, result, gateSetup ); result.append( session.doCommand( "exit" ) ); result.append( session.doCommand( "write memory" ) ); session.doCommandAsync( "exit" ); log.info("!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!"); log.info( result ); log.info("!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!"); log.debug( "ok" ); log.info( "end of cisco........................................................"); } protected void add() { } private void doCommands( TelnetSession session, StringBuffer result, gateSetup) throws IOException { acl = gateSetup.getStringValue( "acl"); vlanResult = getVlanResult( session ); aclResult = getAclResult( session, acl ); log.info( "!!!!!!!!!!!!!!!!!!!!!!!!!!aclResult!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!" ); log.info( aclResult ); log.info( "!!!!!!!!!!!!!!!!!!!!!!!!!! end aclResult!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!" ); for( UserStatus status : statusList ) { VlanManager manager = new VlanManager(status.mid, con); gateId = gate.getId(); log.info("gateId=" + gateId); vid = manager.getVlan( gateId, status.contractId ); log.info("vid=" + vid); String addr1 = null; String addr2 = null; date = new GregorianCalendar(); AddressRangeManager man = new AddressRangeManager( con, mid ); addressList = man.getContractAddressRange( status.contractId , date, -1 ); if ( addressList.size() > 0 ) { AddressRange range = addressList.get(0); addr1 = IPUtils.convertIpToString( range.getAddr1() ); addr2 = IPUtils.convertIpToString( range.getAddr2() ); } rules = null; if (status.status == IPNContractStatus.STATUS_OPEN && (!vlanExists(vid, vlanResult) || isUserDenied( addr1, addr2, aclResult) ) ) { rules = getOpenRules( status, vid, gateSetup, addr1, addr2, acl ); } else if (status.status == IPNContractStatus.STATUS_REMOVED && vlanExists(vid, vlanResult) ) { rules = getRemoveRules( status, vid, gateSetup, addr1, addr2, acl ); } //if closed and etc else if ( !vlanExists(vid, vlanResult) || !isUserDenied( addr1, addr2, aclResult) ) { rules = getCloseRules( status, vid, gateSetup, addr1, addr2, acl ); } if (vid > 0 && rules != null ) { for ( String rule : rules ) { log.debug ("command=" + rule ); result.append( session.doCommand( rule ) ); } } } } getOpenRules( status, vid, gateSetup, addr1, addr2, acl ) { return getRules( status, "\\[OPEN\\](.*)\\[/OPEN\\]", vid, gateSetup, addr1, addr2, acl ); } getCloseRules( status, vid, gateSetup, addr1, addr2, acl ) { return getRules( status, "\\[CLOSE\\](.*)\\[/CLOSE\\]", vid, gateSetup, addr1, addr2, acl ); } getRemoveRules( UserStatus status, vid, gateSetup, addr1, addr2, acl ) { return getRules( status, "\\[REMOVE\\](.*)\\[/REMOVE\\]", vid, gateSetup, addr1, addr2, acl ); } getRules( status, template, vid, gateSetup, addr1, addr2, acl ) { // пользовательское правило, без типа - то все оставляем как есть rule = status.rule.getRuleText(); log.info("rule=" + rule); //типизированное правило if( status.ruleType != null ) { rule = generateRule( rule, status.gateType, status.ruleType, vid, status.contractId, gateSetup, addr1, addr2, acl ); } log.info("rule=" + rule); pattern = Pattern.compile( template, Pattern.DOTALL ); m = pattern.matcher( rule ); if (m.find()) { rule = m.group( 1 ); } rule.replaceAll( "\r", "" ); parts = rule.split( "\n" ); result = new ArrayList(); for ( String part : parts ) { if ( !Utils.isEmptyString( part )) { result.add( part ); } } return result; } generateRule( addresses, gateType, ruleType, int vid, int cid, gateSetup, addr1, addr2, acl ) { supervlan = gateSetup.getIntValue( "supervlan", 0 ); Map replacements = new HashMap(); if ( addr1 != null && addr2 != null ) { replacements.put( "\\{addr1\\}", addr1 ); replacements.put( "\\{addr2\\}", addr2 ); replacements.put( "\\{SUPERVLAN\\}", String.valueOf( supervlan) ); replacements.put( "\\{ACL\\}", acl ); } ruleText = ManadUtils.getRule( gateType, ruleType ); if ( vid > 0) { replacements.put( "\\{VID\\}", String.valueOf( vid ) ); } return ManadUtils.generateRule( ruleText, addresses, replacements, ruleType ); } private isUserDenied ( addr1, addr2, buffer) { //эскейпируем точки в адресе String address = addr1.replace( ".", "\\." ); log.debug( "aaddr1=" + address ); String template = ".*deny ip host\\s+" + address + "\\s+any.*$"; log.debug( "template=" + template ); Pattern pattern = Pattern.compile( template, Pattern.DOTALL ); Matcher m = pattern.matcher( buffer ); boolean found = m.find(); if ( found ) { log.debug( "user2 denied" ); return true; } pattern = Pattern.compile( ".*deny ip any host\\s" + address + "\\s.*$", Pattern.DOTALL ); m = pattern.matcher( buffer ); found = m.find(); log.debug( found ? "user denied" :"user not denied" ); return found; } private vlanExists ( vlan, buffer) { Pattern pattern = Pattern.compile( ".*" + vlan + "\\s+ON\\s+.*", Pattern.DOTALL ); Matcher m = pattern.matcher( buffer ); found = m.find(); log.debug( found ? "vlan found" : "vlan not found" ); return found; } private getVlanResult( session ) { return session.doCommand( "show supervlan"); } private getAclResult( session, acl ) { return session.doCommand( "show access-lists " + acl ); }
