admin/geedge-jira
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
6a8bfef5778fc7ddd06fa05776bf1ecd0f61d4c4
geedge-jira/md/OMPUB-645.md

107 lines
3.9 KiB
Markdown
Raw Normal View History

first
2025-09-14 21:52:36 +00:00
# 自定义特征中SSL的证书字段阻断无效果
| ID | Creation Date | Assignee | Status |
|----|----------------|----------|--------|
| OMPUB-645 | 2022-09-29T16:50:28.000+0800 | 刘学利 | 已关闭 |
---
使用自定义特征中的 ssl.handshake.certificate.issuer_organization_name
ssl.handshake.certificate.subject_organization_name
ssl.handshake.certificate.issuer_common_name
进行组合对bilibili进行阻断无效果在session records中可以找到对应的字段。
自定app json [^appSketch_20220929084616701.json]
^!image-2022-09-29-15-18-57-319.png!!image-2022-09-29-15-19-38-394.png!^**liuxueli** commented on *2022-09-30T16:44:40.185+0800*:
* 调整2个配置文件
** 调整tsgconf/main.conf中配置选项搜索APP_SKETCH_LOCAL并下面添加如下内容
{code:java}
[APP_SKETCH_LOCAL]
SCAN_UDP_PAYLOAD_NUM=4
SCAN_TCP_PAYLOAD_NUM=4
C2S_PKT_SIZE_NUM=4
S2C_PKT_SIZE_NUM=4 {code}
 
** 调整plug/business/app_sketch_local/app_sketch_local.inf配置项
*** 调整前
****
{code:java}
[SSL]
FUNC_FLAG=SSL_CLIENT_HELLO,SSL_SERVER_HELLO,SSL_APPLICATION_DATA,SSL_CERTIFICATE_DETAIL
FUNC_NAME=APP_SKETCH_SSL_PLUG_ENTRY {code}
*** 调整后
****
{code:java}
[SSL]
FUNC_FLAG=SSL_CLIENT_HELLO,SSL_CERTIFICATE_DETAIL
FUNC_NAME=APP_SKETCH_SSL_PLUG_ENTRY {code}
---
**gitlab** commented on *2022-10-14T16:21:48.972+0800*:
[刘学利|https://git.mesalab.cn/liuxueli] mentioned this issue in [a commit|https://git.mesalab.cn/appsketch/app_sketch_local/-/commit/6d9287cb48fae496b4cd72a95c82dfba7b85ecd0] of [AppSketch / app_sketch_local|https://git.mesalab.cn/appsketch/app_sketch_local] on branch [bugfix-OMPUB-645|https://git.mesalab.cn/appsketch/app_sketch_local/-/tree/bugfix-OMPUB-645]:{quote}OMPUB-645: 解析层回调业务层APPLIACTION状态时返回DROPME, 其他状态返回GIVEME{quote}
---
**gitlab** commented on *2022-10-14T16:26:26.714+0800*:
[刘学利|https://git.mesalab.cn/liuxueli] mentioned this issue in [a merge request|https://git.mesalab.cn/appsketch/app_sketch_local/-/merge_requests/59] of [AppSketch / app_sketch_local|https://git.mesalab.cn/appsketch/app_sketch_local] on branch [bugfix-OMPUB-645|https://git.mesalab.cn/appsketch/app_sketch_local/-/tree/bugfix-OMPUB-645]:{quote}OMPUB-645: 解析层回调业务层APPLIACTION状态时返回DROPME, 其他状态返回GIVEME{quote}
---
**gitlab** commented on *2022-10-14T17:15:18.871+0800*:
[刘学利|https://git.mesalab.cn/liuxueli] mentioned this issue in [a commit|https://git.mesalab.cn/tsg/tsg-os-buildimage/-/commit/905bcab4d44899ef7587b89496e86b438ded3c83] of [TSG / tsg-os-buildimage|https://git.mesalab.cn/tsg/tsg-os-buildimage] on branch [update-22.10-firewall-v2|https://git.mesalab.cn/tsg/tsg-os-buildimage/-/tree/update-22.10-firewall-v2]:{quote}更新tsg_master、app_sketch_local、app_proto_identify, 新增或修复:{quote}
---
**gitlab** commented on *2022-10-14T17:15:38.119+0800*:
[刘学利|https://git.mesalab.cn/liuxueli] mentioned this issue in [a merge request|https://git.mesalab.cn/tsg/tsg-os-buildimage/-/merge_requests/943] of [TSG / tsg-os-buildimage|https://git.mesalab.cn/tsg/tsg-os-buildimage] on branch [update-22.10-firewall-v2|https://git.mesalab.cn/tsg/tsg-os-buildimage/-/tree/update-22.10-firewall-v2]:{quote}更新tsg_master、app_sketch_local、app_proto_identify, 新增或修复:{quote}
---
**gitlab** commented on *2022-10-14T17:20:37.619+0800*:
[付明卫|https://git.mesalab.cn/fumingwei] mentioned this issue in [a merge request|https://git.mesalab.cn/tsg/tsg-os-buildimage/-/merge_requests/944] of [TSG / tsg-os-buildimage|https://git.mesalab.cn/tsg/tsg-os-buildimage] on branch [dev-22.10|https://git.mesalab.cn/tsg/tsg-os-buildimage/-/tree/dev-22.10]:{quote}2022/10/14{quote}
---
## Attachments
**31472/appSketch_20220929084616701.json**
---
**31471/image-2022-09-29-15-18-57-319.png**
---
**31470/image-2022-09-29-15-19-38-394.png**
---
Reference in New Issue Copy Permalink