# 自定义特征中SSL的证书字段阻断无效果 | ID | Creation Date | Assignee | Status | |----|----------------|----------|--------| | OMPUB-645 | 2022-09-29T16:50:28.000+0800 | 刘学利 | 已关闭 | --- 使用自定义特征中的 ssl.handshake.certificate.issuer_organization_name ssl.handshake.certificate.subject_organization_name ssl.handshake.certificate.issuer_common_name 进行组合对bilibili进行阻断,无效果,在session records中可以找到对应的字段。 自定app json: [^appSketch_20220929084616701.json] ^!image-2022-09-29-15-18-57-319.png!!image-2022-09-29-15-19-38-394.png!^**liuxueli** commented on *2022-09-30T16:44:40.185+0800*: * 调整2个配置文件 ** 调整tsgconf/main.conf中配置选项,搜索APP_SKETCH_LOCAL并下面添加如下内容 {code:java} [APP_SKETCH_LOCAL] SCAN_UDP_PAYLOAD_NUM=4 SCAN_TCP_PAYLOAD_NUM=4 C2S_PKT_SIZE_NUM=4 S2C_PKT_SIZE_NUM=4 {code}   ** 调整plug/business/app_sketch_local/app_sketch_local.inf配置项 *** 调整前 **** {code:java} [SSL] FUNC_FLAG=SSL_CLIENT_HELLO,SSL_SERVER_HELLO,SSL_APPLICATION_DATA,SSL_CERTIFICATE_DETAIL FUNC_NAME=APP_SKETCH_SSL_PLUG_ENTRY {code} *** 调整后 **** {code:java} [SSL] FUNC_FLAG=SSL_CLIENT_HELLO,SSL_CERTIFICATE_DETAIL FUNC_NAME=APP_SKETCH_SSL_PLUG_ENTRY {code} --- **gitlab** commented on *2022-10-14T16:21:48.972+0800*: [刘学利|https://git.mesalab.cn/liuxueli] mentioned this issue in [a commit|https://git.mesalab.cn/appsketch/app_sketch_local/-/commit/6d9287cb48fae496b4cd72a95c82dfba7b85ecd0] of [AppSketch / app_sketch_local|https://git.mesalab.cn/appsketch/app_sketch_local] on branch [bugfix-OMPUB-645|https://git.mesalab.cn/appsketch/app_sketch_local/-/tree/bugfix-OMPUB-645]:{quote}OMPUB-645: 解析层回调业务层APPLIACTION状态时返回DROPME, 其他状态返回GIVEME{quote} --- **gitlab** commented on *2022-10-14T16:26:26.714+0800*: [刘学利|https://git.mesalab.cn/liuxueli] mentioned this issue in [a merge request|https://git.mesalab.cn/appsketch/app_sketch_local/-/merge_requests/59] of [AppSketch / app_sketch_local|https://git.mesalab.cn/appsketch/app_sketch_local] on branch [bugfix-OMPUB-645|https://git.mesalab.cn/appsketch/app_sketch_local/-/tree/bugfix-OMPUB-645]:{quote}OMPUB-645: 解析层回调业务层APPLIACTION状态时返回DROPME, 其他状态返回GIVEME{quote} --- **gitlab** commented on *2022-10-14T17:15:18.871+0800*: [刘学利|https://git.mesalab.cn/liuxueli] mentioned this issue in [a commit|https://git.mesalab.cn/tsg/tsg-os-buildimage/-/commit/905bcab4d44899ef7587b89496e86b438ded3c83] of [TSG / tsg-os-buildimage|https://git.mesalab.cn/tsg/tsg-os-buildimage] on branch [update-22.10-firewall-v2|https://git.mesalab.cn/tsg/tsg-os-buildimage/-/tree/update-22.10-firewall-v2]:{quote}更新tsg_master、app_sketch_local、app_proto_identify, 新增或修复:{quote} --- **gitlab** commented on *2022-10-14T17:15:38.119+0800*: [刘学利|https://git.mesalab.cn/liuxueli] mentioned this issue in [a merge request|https://git.mesalab.cn/tsg/tsg-os-buildimage/-/merge_requests/943] of [TSG / tsg-os-buildimage|https://git.mesalab.cn/tsg/tsg-os-buildimage] on branch [update-22.10-firewall-v2|https://git.mesalab.cn/tsg/tsg-os-buildimage/-/tree/update-22.10-firewall-v2]:{quote}更新tsg_master、app_sketch_local、app_proto_identify, 新增或修复:{quote} --- **gitlab** commented on *2022-10-14T17:20:37.619+0800*: [付明卫|https://git.mesalab.cn/fumingwei] mentioned this issue in [a merge request|https://git.mesalab.cn/tsg/tsg-os-buildimage/-/merge_requests/944] of [TSG / tsg-os-buildimage|https://git.mesalab.cn/tsg/tsg-os-buildimage] on branch [dev-22.10|https://git.mesalab.cn/tsg/tsg-os-buildimage/-/tree/dev-22.10]:{quote}2022/10/14{quote} --- ## Attachments **31472/appSketch_20220929084616701.json** --- **31471/image-2022-09-29-15-18-57-319.png** --- **31470/image-2022-09-29-15-19-38-394.png** ---