admin/geedge-jira
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
6a8bfef5778fc7ddd06fa05776bf1ecd0f61d4c4
geedge-jira/md/OMPUB-544.md

128 lines
5.3 KiB
Markdown
Raw Normal View History

first
2025-09-14 21:52:36 +00:00
# POC现场使用内置OpenVPN特征策略无命中
| ID | Creation Date | Assignee | Status |
|----|----------------|----------|--------|
| OMPUB-544 | 2022-07-01T14:14:33.000+0800 | 刘学利 | 已关闭 |
---
POC演示现场使用OpenVPN内置特征进行阻断业主的OpenVPN正常访问策略无命中日志
附件是对应的pcap包 以及 业主OpenVPN的配置文件**liuxueli** commented on *2022-07-04T14:00:10.767+0800*:
* 增加识别方式参照https://github.com/ntop/nDPI/blob/dev/src/lib/protocols/openvpn.c
---
**zhangzhihan** commented on *2022-07-11T17:52:39.101+0800*:
[~liuxueli] POC现场更新 app_proto_identify-2.1.2 更新后openvpn依然无法拦截 [^openvpn_udp.pcap] [^openvpn_udp_pure.pcap]
---
**liuxueli** commented on *2022-07-11T19:06:06.313+0800*:
* 新提供的数据包读包能识别出openvpn请确认openvpn的相关策略是否正确。[~zhangzhihan]
---
**gitlab** commented on *2022-07-12T17:39:45.343+0800*:
[刘学利|https://git.mesalab.cn/liuxueli] mentioned this issue in [a commit|https://git.mesalab.cn/tsg/tsg-os-buildimage/-/commit/af0c34f77af99db374f9572ef86c114cf1f7c2e5] of [TSG / tsg-os-buildimage|https://git.mesalab.cn/tsg/tsg-os-buildimage] on branch [update-22.07-firewall-v3|https://git.mesalab.cn/tsg/tsg-os-buildimage/-/tree/update-22.07-firewall-v3]:{quote}更新app_proto_identify、app_sketch_local修复:{quote}
---
**gitlab** commented on *2022-07-12T17:40:21.416+0800*:
[刘学利|https://git.mesalab.cn/liuxueli] mentioned this issue in [a merge request|https://git.mesalab.cn/tsg/tsg-os-buildimage/-/merge_requests/838] of [TSG / tsg-os-buildimage|https://git.mesalab.cn/tsg/tsg-os-buildimage] on branch [update-22.07-firewall-v3|https://git.mesalab.cn/tsg/tsg-os-buildimage/-/tree/update-22.07-firewall-v3]:{quote}更新app_proto_identify、app_sketch_local修复:{quote}
---
**gitlab** commented on *2022-07-12T17:40:24.284+0800*:
[刘学利|https://git.mesalab.cn/liuxueli] mentioned this issue in [a commit|https://git.mesalab.cn/tsg/tsg-os-buildimage/-/commit/43c09861448d71fd590a4b96ee9080d024b7c179] of [TSG / tsg-os-buildimage|https://git.mesalab.cn/tsg/tsg-os-buildimage] on branch [update-22.07-firewall-v3|https://git.mesalab.cn/tsg/tsg-os-buildimage/-/tree/update-22.07-firewall-v3]:{quote}更新app_proto_identify、app_sketch_local修复:{quote}
---
**liuxueli** commented on *2022-07-12T18:18:12.622+0800*:
* 2022/0712 查看现场日志,发现加载配置报错,报错如下:
**
{code:java}
Tue Jul 12 16:25:58 2022, FATAL, ./tsglog/maat/tsg_maat.log, MAAT_REDIS_MONITOR(2167), Invalid Redis Key List type 5
Tue Jul 12 16:26:29 2022, INFO, ./tsglog/maat/tsg_maat.log, MAAT_REDIS_MONITOR(2167), Initiate full udpate from instance_version 0 to 38.
Tue Jul 12 16:26:29 2022, FATAL, ./tsglog/maat/tsg_maat.log, MAAT_REDIS_MONITOR(2167), Invalid Redis Key List type 5
Tue Jul 12 16:27:00 2022, INFO, ./tsglog/maat/tsg_maat.log, MAAT_REDIS_MONITOR(2167), Initiate full udpate from instance_version 0 to 38.
Tue Jul 12 16:27:00 2022, FATAL, ./tsglog/maat/tsg_maat.log, MAAT_REDIS_MONITOR(2167), Invalid Redis Key List type 5
Tue Jul 12 16:27:31 2022, INFO, ./tsglog/maat/tsg_maat.log, MAAT_REDIS_MONITOR(2167), Initiate full udpate from instance_version 0 to 38.
Tue Jul 12 16:27:31 2022, FATAL, ./tsglog/maat/tsg_maat.log, MAAT_REDIS_MONITOR(2167), Invalid Redis Key List type 5
Tue Jul 12 16:28:22 2022, INFO, ./tsglog/maat/tsg_maat.log, MAAT_REDIS_MONITOR(2167), Initiate full udpate from instance_version 0 to 38.
Tue Jul 12 16:28:22 2022, FATAL, ./tsglog/maat/tsg_maat.log, MAAT_REDIS_MONITOR(2167), Invalid Redis Key List type 5
Tue Jul 12 16:29:13 2022, INFO, ./tsglog/maat/tsg_maat.log, MAAT_REDIS_MONITOR(2167), Initiate full udpate from instance_version 0 to 38.
Tue Jul 12 16:29:13 2022, FATAL, ./tsglog/maat/tsg_maat.log, MAAT_REDIS_MONITOR(2167), Invalid Redis Key List type 5
Tue Jul 12 16:29:50 2022, INFO, ./tsglog/maat/tsg_maat.log, MAAT_REDIS_MONITOR(2167), Initiate full udpate from instance_version 0 to 38.
Tue Jul 12 16:29:50 2022, FATAL, ./tsglog/maat/tsg_maat.log, MAAT_REDIS_MONITOR(2167), Invalid Redis Key List type 5 {code}
* 重启SAPP正常加载配置后OPENVPN有阻断效果。
---
**gitlab** commented on *2022-07-12T22:24:44.441+0800*:
[付明卫|https://git.mesalab.cn/fumingwei] mentioned this issue in [a commit|https://git.mesalab.cn/tsg/tsg-os-buildimage/-/commit/724fa577188613a8b94a1bbc4dac62348dd14ffe] of [TSG / tsg-os-buildimage|https://git.mesalab.cn/tsg/tsg-os-buildimage] on branch [update-22.07-firewall-v3|https://git.mesalab.cn/tsg/tsg-os-buildimage/-/tree/update-22.07-firewall-v3]:{quote}更新app_proto_identify、app_sketch_local修复:{quote}
---
**gitlab** commented on *2022-07-12T22:26:21.781+0800*:
[付明卫|https://git.mesalab.cn/fumingwei] mentioned this issue in [a merge request|https://git.mesalab.cn/tsg/tsg-os-buildimage/-/merge_requests/839] of [TSG / tsg-os-buildimage|https://git.mesalab.cn/tsg/tsg-os-buildimage] on branch [dev-22.07|https://git.mesalab.cn/tsg/tsg-os-buildimage/-/tree/dev-22.07]:{quote}2022/7/12{quote}
---
## Attachments
**29253/MMH_JP_CMP.ovpn**
---
**29533/openvpn_udp_pure.pcap**
---
**29532/openvpn_udp.pcap**
---
**29255/OpenVPN+tcpdump_mesa捕包.pcap**
---
**29254/OpenVPN+客户端捕包.cap**
---
**29267/OpenVPN+客户端捕包-1.cap**
---
Reference in New Issue Copy Permalink