106 lines
2.2 KiB
Markdown
106 lines
2.2 KiB
Markdown
|
# 使用系统内置OPENVPN进行封堵时会将DHCP拦截
|
|||
|
|
|
|||
|
|
| ID | Creation Date | Assignee | Status |
|
|||
|
|
|----|----------------|----------|--------|
|
|||
|
|
| OMPUB-819 | 2023-02-24T18:57:29.000+0800 | 刘学利 | 已解决 |
|
|||
|
|
|
|||
|
|
|
|||
|
|
---
|
|||
|
|
|
|||
|
|
使用系统内置OPENVPN进行封堵时会将DHCP拦截
|
|||
|
|
|
|||
|
|
!image-2023-02-24-17-27-18-865.png!**liuxueli** commented on *2023-03-05T11:35:43.998+0800*:
|
|||
|
|
|
|||
|
|
* 根据截图显示:L7 protocol 识别为DHCP,但是App Identify Info识别为openvpn,说明openvpn的内置特征存在问题,[~daikaiqiang] [~niuxiang] 需要确认一下openvpn的内置特征。
|
|||
|
|
|
|||
|
|
|
|||
|
|
|
|||
|
|
---
|
|||
|
|
|
|||
|
|
**daikaiqiang** commented on *2023-03-05T12:20:56.138+0800*:
|
|||
|
|
|
|||
|
|
该策略引用特征的是系统内置openvpn特征
|
|||
|
|
|
|||
|
|
|
|||
|
|
|
|||
|
|
---
|
|||
|
|
|
|||
|
|
**liuxueli** commented on *2023-03-11T15:17:06.364+0800*:
|
|||
|
|
|
|||
|
|
* 在京版环境未复现本BUG,该环境为[~daikaiqiang] 的NUC环境,已联系[~daikaiqiang] 方便时开个反代。
|
|||
|
|
|
|||
|
|
|
|||
|
|
|
|||
|
|
---
|
|||
|
|
|
|||
|
|
**liuxueli** commented on *2023-03-13T13:11:45.410+0800*:
|
|||
|
|
|
|||
|
|
* 根据现场提供的数据包,使用京版192.168.44.228环境能复现本问题,DHCP数据包符合OPENVPN_1的特征条件,故存在误识别的现象。
|
|||
|
|
|
|||
|
|
*
|
|||
|
|
** 版本: v22.03
|
|||
|
|
** !image-2023-03-13-13-18-21-737.png!
|
|||
|
|
* 京版测试环境不能复现本BUG,openvpn的特征已变化
|
|||
|
|
** 版本: v23.03
|
|||
|
|
** !image-2023-03-13-13-18-42-533.png!
|
|||
|
|
|
|||
|
|
|
|||
|
|
|
|||
|
|
---
|
|||
|
|
|
|||
|
|
**liuyang** commented on *2023-03-16T09:50:53.264+0800*:
|
|||
|
|
|
|||
|
|
[~daikaiqiang]需要更新APP Sketch DB到TSG23.02版本复测,建议先在DEMO(非用户POC环境)环境上更新APP Sketch DB到TSG23.02版本进行验证。
|
|||
|
|
|
|||
|
|
|
|||
|
|
|
|||
|
|
---
|
|||
|
|
|
|||
|
|
**daikaiqiang** commented on *2023-03-20T15:43:56.518+0800*:
|
|||
|
|
|
|||
|
|
!app sketch db 更新.png|thumbnail!
|
|||
|
|
APP Sketch DB到TSG23.02.604.1版本后,继续进行测试,仍出现上述现象,DHCP被误识别为OPENVPN
|
|||
|
|
!日志.png|thumbnail!
|
|||
|
|
[^0.0.0.0.68-255.255.255.255.67_290484464446570773.pcapng]
|
|||
|
|
|
|||
|
|
|
|||
|
|
|
|||
|
|
---
|
|||
|
|
|
|||
|
|
|
|||
|
|
|
|||
|
|
## Attachments
|
|||
|
|
|
|||
|
|
**36402/0.0.0.0.68-255.255.255.255.67_290484464446570773.pcapng**
|
|||
|
|
|
|||
|
|
---
|
|||
|
|
|
|||
|
|
**36399/app+sketch+db+.png**
|
|||
|
|
|
|||
|
|
---
|
|||
|
|
|
|||
|
|
**36400/app+sketch+db+更新.png**
|
|||
|
|
|
|||
|
|
---
|
|||
|
|
|
|||
|
|
**35514/image-2023-02-24-17-27-18-865.png**
|
|||
|
|
|
|||
|
|
---
|
|||
|
|
|
|||
|
|
**36092/image-2023-03-13-13-18-21-737.png**
|
|||
|
|
|
|||
|
|
---
|
|||
|
|
|
|||
|
|
**36091/image-2023-03-13-13-18-42-533.png**
|
|||
|
|
|
|||
|
|
---
|
|||
|
|
|
|||
|
|
**36090/OMPUB-819-dhcp.openvpn.pcap**
|
|||
|
|
|
|||
|
|
---
|
|||
|
|
|
|||
|
|
**36401/日志.png**
|
|||
|
|
|
|||
|
|
---
|
|||
|
|
|