2019-06-17 20:52:22 +08:00
|
|
|
#pragma once
|
2019-05-17 17:04:50 +08:00
|
|
|
#define KNI_MAAT_READCONF_IRIS 0
|
|
|
|
|
#define KNI_MAAT_READCONF_JSON 1
|
|
|
|
|
#define KNI_MAAT_READCONF_REDIS 2
|
|
|
|
|
#define KNI_MAAT_RULE_NUM_MAX 8
|
2019-06-03 20:19:04 +08:00
|
|
|
struct kni_maat_handle;
|
2019-05-17 17:04:50 +08:00
|
|
|
|
2019-06-04 15:38:27 +08:00
|
|
|
|
|
|
|
|
/* action
|
|
|
|
|
0x00: none
|
|
|
|
|
0x01: monitor
|
|
|
|
|
0x02: intercept
|
|
|
|
|
0x10: reject
|
|
|
|
|
0x30: Manipulate
|
|
|
|
|
0x60: steer
|
|
|
|
|
0x80: bypass
|
|
|
|
|
*/
|
2019-05-17 17:04:50 +08:00
|
|
|
enum kni_action{
|
2019-06-04 13:25:44 +08:00
|
|
|
KNI_ACTION_NONE = 0x00,
|
2019-06-04 19:50:34 +08:00
|
|
|
KNI_ACTION_MONITOR = 0x01,
|
2019-06-04 13:25:44 +08:00
|
|
|
KNI_ACTION_INTERCEPT = 0x02,
|
2019-06-04 19:50:34 +08:00
|
|
|
KNI_ACTION_REJECT = 0x10,
|
|
|
|
|
KNI_ACTION_MANIPULATE = 0x30,
|
|
|
|
|
KNI_ACTION_STEER = 0x60,
|
|
|
|
|
KNI_ACTION_BYPASS = 0x80
|
2019-05-17 17:04:50 +08:00
|
|
|
};
|
2019-06-03 20:19:04 +08:00
|
|
|
|
2019-05-17 17:04:50 +08:00
|
|
|
struct kni_maat_handle* kni_maat_init(const char* profile, void *logger);
|
|
|
|
|
void kni_maat_destroy(struct kni_maat_handle *handle);
|
2019-06-19 16:15:11 +08:00
|
|
|
enum kni_action intercept_policy_scan(struct kni_maat_handle* handle, struct ipaddr *addr, char *domain, int domain_len,
|
|
|
|
|
int thread_seq, int *policy_id, int *do_log, int *is_hit_policy);
|
2019-06-14 11:13:15 +08:00
|
|
|
char* kni_maat_action_trans(enum kni_action action);
|
