97 lines
2.4 KiB
Markdown
97 lines
2.4 KiB
Markdown
|
# 福建项目:策略验证不准确问题
|
|||
|
|
|
|||
|
|
| ID | Creation Date | Assignee | Status |
|
|||
|
|
|----|----------------|----------|--------|
|
|||
|
|
| OMPUB-823 | 2023-02-28T14:53:15.000+0800 | 冯伟浩 | 已关闭 |
|
|||
|
|
|
|||
|
|
|
|||
|
|
---
|
|||
|
|
|
|||
|
|
测试SNI:kf.xn--fiq01iq2nuta337et7ov3wo3y.com
|
|||
|
|
对应生效策略ID:134
|
|||
|
|
对应Object:“中文涉诈域名”
|
|||
|
|
对应item:*xn--fiq01iq2nuta337et7ov3wo3y.com
|
|||
|
|
|
|||
|
|
问题描述:使用策略验证功能无法命中134策略,仅能命中118策略中的item(*.com),但是实际上访问kf.xn--fiq01iq2nuta337et7ov3wo3y.com,有命中134的安全策略日志
|
|||
|
|
!image-2023-02-28-14-49-05-379.png|thumbnail!
|
|||
|
|
!image-2023-02-28-14-49-12-083.png|thumbnail!
|
|||
|
|
!image-2023-02-28-14-49-17-627.png|thumbnail!
|
|||
|
|
!image-2023-02-28-14-49-23-551.png|thumbnail!
|
|||
|
|
!image-2023-02-28-14-53-04-243.png|thumbnail! **fengweihao** commented on *2023-03-01T19:03:27.380+0800*:
|
|||
|
|
|
|||
|
|
当信息前问题已使用港环境验证,不存在此问题
|
|||
|
|
|
|||
|
|
需确认下,策略验证此版本使用的各基础库版本号
|
|||
|
|
|
|||
|
|
查看策略验证基础库版本:
|
|||
|
|
* 进入策略验证所在服务器:
|
|||
|
|
* 查看verify-policy的docker镜像id
|
|||
|
|
|
|||
|
|
{code:java}
|
|||
|
|
# docker ps -a
|
|||
|
|
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
|
|||
|
|
dcc89850d0fe 192.168.40.153:9080/tsg/bifang/verify-policy:tsg_v23.02_20230210 "./bin/verify-policy" 2 weeks ago Up 24 hours 0.0.0.0:9994->9994/tcp verify-policy {code}
|
|||
|
|
* 进入verify-policy镜像
|
|||
|
|
|
|||
|
|
{code:java}
|
|||
|
|
# docker exec -it dcc89850d0fe bash {code}
|
|||
|
|
* 查看版本:
|
|||
|
|
|
|||
|
|
{code:java}
|
|||
|
|
# rpm -qa | grep verify-policy
|
|||
|
|
# rpm -qa | grep libmaatframe
|
|||
|
|
# rpm -qa | grep librulescan{code}
|
|||
|
|
|
|||
|
|
|
|||
|
|
|
|||
|
|
|
|||
|
|
|
|||
|
|
|
|||
|
|
---
|
|||
|
|
|
|||
|
|
**zhangzhihan** commented on *2023-03-02T13:34:22.130+0800*:
|
|||
|
|
|
|||
|
|
现场版本[~fengweihao]
|
|||
|
|
verify-policy-2.3.6.20220926.74b95d1-1.el7.x86_64
|
|||
|
|
libmaatframe-3.6.14.f88f730-1.el7.x86_64
|
|||
|
|
librulescan-3.0.1.6145620-1.el7.x86_64
|
|||
|
|
|
|||
|
|
|
|||
|
|
|
|||
|
|
---
|
|||
|
|
|
|||
|
|
**fengweihao** commented on *2023-03-24T16:26:00.960+0800*:
|
|||
|
|
|
|||
|
|
问题原因:
|
|||
|
|
|
|||
|
|
福建环境CM请求策略验证端口配置错误,导致界面访问的策略验证版本为 22.01,而非最新版,已修改,请复测
|
|||
|
|
|
|||
|
|
|
|||
|
|
|
|||
|
|
---
|
|||
|
|
|
|||
|
|
|
|||
|
|
|
|||
|
|
## Attachments
|
|||
|
|
|
|||
|
|
**35592/image-2023-02-28-14-49-05-379.png**
|
|||
|
|
|
|||
|
|
---
|
|||
|
|
|
|||
|
|
**35591/image-2023-02-28-14-49-12-083.png**
|
|||
|
|
|
|||
|
|
---
|
|||
|
|
|
|||
|
|
**35590/image-2023-02-28-14-49-17-627.png**
|
|||
|
|
|
|||
|
|
---
|
|||
|
|
|
|||
|
|
**35589/image-2023-02-28-14-49-23-551.png**
|
|||
|
|
|
|||
|
|
---
|
|||
|
|
|
|||
|
|
**35588/image-2023-02-28-14-53-04-243.png**
|
|||
|
|
|
|||
|
|
---
|
|||
|
|
|