3.2 KiB
福建项目:策略验证不准确问题
| ID | Creation Date | Assignee | Status |
|---|---|---|---|
| OMPUB-823 | 2023-02-28T14:53:15.000+0800 | 冯伟浩 | 已关闭 |
测试SNI:kf.xn--fiq01iq2nuta337et7ov3wo3y.com 对应生效策略ID:134 对应Object:“中文涉诈域名” 对应item:*xn--fiq01iq2nuta337et7ov3wo3y.com
问题描述:使用策略验证功能无法命中134策略,仅能命中118策略中的item(*.com),但是实际上访问kf.xn--fiq01iq2nuta337et7ov3wo3y.com,有命中134的安全策略日志 !image-2023-02-28-14-49-05-379.png|thumbnail! !image-2023-02-28-14-49-12-083.png|thumbnail! !image-2023-02-28-14-49-17-627.png|thumbnail! !image-2023-02-28-14-49-23-551.png|thumbnail! !image-2023-02-28-14-53-04-243.png|thumbnail! fengweihao commented on 2023-03-01T19:03:27.380+0800:
当信息前问题已使用港环境验证,不存在此问题
需确认下,策略验证此版本使用的各基础库版本号
查看策略验证基础库版本:
- 进入策略验证所在服务器:
- 查看verify-policy的docker镜像id
{code:java}
docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES dcc89850d0fe 192.168.40.153:9080/tsg/bifang/verify-policy:tsg_v23.02_20230210 "./bin/verify-policy" 2 weeks ago Up 24 hours 0.0.0.0:9994->9994/tcp verify-policy {code}
- 进入verify-policy镜像
{code:java}
docker exec -it dcc89850d0fe bash {code}
- 查看版本:
{code:java}
rpm -qa | grep verify-policy
rpm -qa | grep libmaatframe
rpm -qa | grep librulescan{code}
zhangzhihan commented on 2023-03-02T13:34:22.130+0800:
现场版本[~fengweihao] verify-policy-2.3.6.20220926.74b95d1-1.el7.x86_64 libmaatframe-3.6.14.f88f730-1.el7.x86_64 librulescan-3.0.1.6145620-1.el7.x86_64
fengweihao commented on 2023-03-24T16:26:00.960+0800:
问题原因:
福建环境CM请求策略验证端口配置错误,导致界面访问的策略验证版本为 22.01,而非最新版,已修改,请复测
Attachments
Attachment: image-2023-02-28-14-49-05-379.png
Attachment: image-2023-02-28-14-49-12-083.png
Attachment: image-2023-02-28-14-49-17-627.png
Attachment: image-2023-02-28-14-49-23-551.png
Attachment: image-2023-02-28-14-53-04-243.png
