Merge pull request #115 from Tencent/dev

merge dev to master

.eslintignore

@@ -1 +1,4 @@
 bin/wwwroot
+bin/deps
+node_modules
+

bin/proxy/so.sh

@@ -3,7 +3,6 @@
 echo
 
 CUR_DIR=$(cd $(dirname $0); pwd)
-LIBC_VERSION=$(ls -l /lib64/libc.so.6  | sed -e 's/.*libc-2.\(.*\).so/\1/g')
 
 cd ${CUR_DIR}/../
 pwd
@@ -12,23 +11,13 @@ BIN_DIR=$(pwd)
 
 echo "BIN_DIR: ${BIN_DIR}"
 
-echo "libc-2.${LIBC_VERSION}"
-
-if [ -e "/usr/local/bin/node" ]
-then
-    echo "/usr/local/bin/node"
-    ln -sf /usr/local/bin/node ./TSW
-else
-    echo "/usr/bin/node"
-    ln -sf /usr/bin/node ./TSW
-fi
-
+NODE_PATH=$(node -p process.execPath)
+echo "use node:$NODE_PATH"
+ln -sf $NODE_PATH ./TSW
 chmod +x ./TSW
 
 ./TSW -v
 
-echo "copy so done"
-
 if [ -e "../log" ]
 then
 	echo "log exists"

bin/tsw/context.js

@@ -11,20 +11,20 @@
 const Context = require('runtime/Context');
 const Window = require('runtime/Window');
 
-this.currentContext = function() {
+this.currentContext = function () {
     return (process.domain && process.domain.currentContext) || new Context();
 };
 
 if (!global.context) {
 
     Object.defineProperty(global, 'context', {
-        get: function() {
+        get: function () {
             return module.exports.currentContext();
         }
     });
 
     Object.defineProperty(global, 'window', {
-        get: function() {
+        get: function () {
 
             if (global.windowHasDisabled) {
                 return undefined;

bin/lib/default/config.default.js → bin/tsw/default/config.default.js

@@ -106,6 +106,9 @@ this.memoryLimit = 768 * 1024 * 1024 * (mpc >= 2 ? 2 : 1);
 // 限制
 this.CCIPLimit = 500;
 
+// 超限后自动拉黑
+this.CCIPLimitAutoBlock = false;
+
 // allowHost
 this.allowHost = [];
 

bin/tsw/plug.js

@@ -22,9 +22,8 @@ if (!global.plug) {
     plug.parent = path.join(__dirname, '..');
     plug.paths = [
         path.join(__dirname, '../deps'),
-        path.join(__dirname, '../tsw'),
         path.join(__dirname, '../tencent'),
-        path.join(__dirname, '../lib')
+        path.join(__dirname, '../tsw')
     ];
     module.paths = plug.paths.concat(module.paths);
 

bin/tsw/runtime/CCFinder.js

@@ -21,6 +21,7 @@ let ipConut = CCIPSize;
 let cache = {
     ipCache: {},
     whiteList: {},
+    blackList: {},
     ipCacheLast: {}
 };
 
@@ -30,11 +31,16 @@ if (global[__filename]) {
     global[__filename] = cache;
 }
 
-this.addWhiteList = function(userIp) {
+this.addWhiteList = function (userIp) {
     cache.whiteList[userIp] = true;
 };
 
-this.checkHost = function(req, res) {
+this.addBlackList = function (userIp) {
+    cache.blackList[userIp] = true;
+};
+
+
+this.checkHost = function (req, res) {
 
     const hostAllow = config.allowHost || [];
     const host = req.headers['host'];
@@ -74,12 +80,12 @@ this.checkHost = function(req, res) {
 };
 
 // 计算标准方差
-this.StdX10 = function(ipCache) {
+this.StdX10 = function (ipCache) {
 
     let res = 0;
     let sum = 0;
     let avg = 0;
-    const arr = Object.keys(ipCache).filter(function(item) {
+    const arr = Object.keys(ipCache).filter(function (item) {
         const tmp = ipCache[item];
         if (typeof tmp === 'object' && tmp.list) {
             sum += tmp.list.length;
@@ -94,7 +100,7 @@ this.StdX10 = function(ipCache) {
 
     avg = sum / arr.length;
 
-    const sumXsum = arr.reduce(function(pre, key) {
+    const sumXsum = arr.reduce(function (pre, key) {
         const item = ipCache[key];
         const value = item.list.length;
         item.avg = avg;
@@ -107,19 +113,24 @@ this.StdX10 = function(ipCache) {
     return res;
 };
 
-this.check = function(req, res) {
+this.check = function (req, res) {
 
     const userIp = httpUtil.getUserIp(req);
     const userIp24 = httpUtil.getUserIp24(req);
-
-    let content;
-
     const info = {
         userIp: userIp,
         hostname: req.headers.host,
         pathname: req.REQUEST.pathname
     };
 
+    if (cache.blackList[userIp]) {
+        tnm2.Attr_API('SUM_TSW_CC_LIMIT', 1);
+        logger.report();
+        res.writeHead(403, { 'Content-Type': 'text/plain; charset=UTF-8' });
+        res.end();
+        return false;
+    }
+
     if (cache.whiteList[userIp]) {
         return true;
     }
@@ -195,55 +206,73 @@ this.check = function(req, res) {
         return true;
     }
 
-    // tnm2.Attr_API('SUM_TSW_CC_LIMIT', 1);
-
     // 确认没发送过邮件
     cache.ipCacheLast.hasSendMail = true;
 
     // 发现目标，发邮件
-    const key = `[AVG_TSW_IP_STD_X10]:${serverInfo.intranetIp}`;
-
-    content = '';
+    let content = '';
+    const max = {
+        num: 0,
+        ip: ''
+    };
 
-    Object.keys(cache.ipCacheLast).forEach(function(ip, i) {
+    Object.keys(cache.ipCacheLast).forEach(function (ip, i) {
 
         let num = '';
+        let tmp = '';
 
         if (
             cache.ipCacheLast[ip]
             && cache.ipCacheLast[ip].list
             && cache.ipCacheLast[ip].list.length > 1
         ) {
-            num = String(cache.ipCacheLast[ip].list.length);
-            num = (num + 'XXXXXX').slice(0, 8).replace(/X/g, ' ');
-            content += `<div style="font-size:12px;">${num}${ip}</div>`;
+            num = cache.ipCacheLast[ip].list.length;
+            tmp = (num + '--------').slice(0, 8);
+            content += `<div style="font-size:12px;">${tmp}${ip}</div>`;
+
+            if (num > max.num) {
+                max.num = num;
+                max.ip = ip;
+            }
         }
     });
 
+    const key = `[AVG_TSW_IP_STD_X10]:${max.ip}`;
+    let title = '';
+
+    if (config.CCIPLimitAutoBlock) {
+        title = `[IP聚集自动拉黑周知][${cache.ipCacheLast.StdX10}%]${max.ip}`;
+        this.addBlackList(max.ip);
+    } else {
+        title = `[IP聚集告警][${cache.ipCacheLast.StdX10}%]${max.ip}`;
+    }
+
     mail.SendMail(key, 'TSW', 3600, {
         'to': config.mailTo,
         'cc': config.mailCC,
-        'title': `[IP聚集告警][${cache.ipCacheLast.StdX10}%]${serverInfo.intranetIp}`,
+        'title': title,
         'content': '<p><strong>服务器IP：</strong>' + serverInfo.intranetIp + '</p>'
-                        + '<p><strong>IP聚集度：</strong>' + cache.ipCacheLast.StdX10 + '%</p>'
-                        + '<p><strong>告警阀值：</strong>' + CCIPLimit + '</p>'
-                        + '<p><strong>正常值：</strong>5-50</p>'
-                        + '<p><strong>检测耗时：</strong>' + parseInt((cache.ipCacheLast.end - cache.ipCacheLast.start) / 1000, 10) + 's</p>'
-                        + '<p><strong>证据列表：</strong></p>'
-                        + content
+        + '<p><strong>恶意IP：</strong>' + max.ip + '</p>'
+        + '<p><strong>自动拉黑：</strong>' + (config.CCIPLimitAutoBlock ? '是' : '否') + '</p>'
+        + '<p><strong>IP聚集度：</strong>' + cache.ipCacheLast.StdX10 + '%</p>'
+        + '<p><strong>告警阈值：</strong>' + CCIPLimit + '</p>'
+        + '<p><strong>正常值：</strong>5-50</p>'
+        + '<p><strong>检测耗时：</strong>' + parseInt((cache.ipCacheLast.end - cache.ipCacheLast.start) / 1000, 10) + 's</p>'
+        + '<p><strong>证据列表：</strong></p>'
+        + content
     });
 
 
     return true;
 };
 
 
-this.getIpCache = function() {
+this.getIpCache = function () {
     return cache.ipCacheLast;
 };
 
 
-this.getIpSize = function() {
+this.getIpSize = function () {
     return CCIPSize;
 };
 

bin/tsw/util/auto-report/TEReport.js

@@ -69,9 +69,6 @@ this.report = function() {
 
         const logKey = 'h5test' + logJson.group;
 
-        // 上报自己
-        post.report(logKey, logText, logJson);
-
         // 开放平台上报，不用再分组了
         if (config.appid && config.appkey) {
             logReport.reportCloud({
@@ -87,13 +84,17 @@ this.report = function() {
                 pathname: '',
                 statusCode: ''
             });
+        } else {
+            // 私有化部署上报
+            // 上报自己
+            post.report(logKey, logText, logJson);
+
+            // 上报分组
+            require('util/CD.js').check('h5test' + logJson.group, 1, 60).done(function() {
+                post.report('group.h5test', logText, logJson);
+            });
         }
 
-        // 上报分组
-        require('util/CD.js').check('h5test' + logJson.group, 1, 60).done(function() {
-            post.report('group.h5test', logText, logJson);
-        });
-
     });
 
 };
@@ -119,6 +120,10 @@ this.list = function(group) {
         const map = {};
 
         arr.forEach(function(v) {
+            if (group && v.group !== group) {
+                return;
+            }
+
             if (!map[v.ip]) {
                 map[v.ip] = true;
                 res.push(v);
@@ -134,9 +139,7 @@ this.list = function(group) {
             order: -65536,
             // owner: "TSW",
             groupName: group,
-            ip: 'alpha',
-            moduleId: 0,
-            moduleName: 'null'
+            ip: 'alpha'
         });
 
         res.sort(function(a, b) {
@@ -153,12 +156,24 @@ this.list = function(group) {
 this.getAllGroup = function() {
 
     const defer = Deferred.create();
+    let getLogJsonDefer;
 
-    post.getLogJson('group.h5test').done(function(arr) {
+    // 开平对应的存储
+    if (context.appid && context.appkey) {
+        getLogJsonDefer = postOpenapi.getLogJson(`${context.appid}/tsw/h5test`);
+    } else {
+        getLogJsonDefer = post.getLogJson('group.h5test');
+    }
+
+    getLogJsonDefer.done(function(arr) {
 
         const res = [];
         const map = {};
 
+        arr.sort(function(a, b) {
+            return a.order - b.order;
+        });
+
         arr.forEach(function(v) {
             if (!map[v.group]) {
                 map[v.group] = true;