1、修改sni 虚拟表为fqdn虚拟表 2、修改日志输出
This commit is contained in:
fumingwei
@@ -276,21 +276,7 @@ void pxy_tcp_option_default_param_new(int idx, const struct Maat_rule_t* rule, c
|
||||
if(ret == 1)
|
||||
{
|
||||
memcpy((void *)&g_kni_handle->pxy_tcp_option, (const void *)&pxy_tcp_option, sizeof(pxy_tcp_option));
|
||||
KNI_LOG_INFO(logger, "Proxy tcp option default Policy: "
|
||||
"{client_side_conn_param:{tcp_maxseg:%d,nodelay=%d,keep_alive:"
|
||||
"{enable:%d,tcp_keepcnt:%d,tcp_keepidle:%d,tcp_keepintvl:%d}ttl:%d,user_timeout:%d},"
|
||||
"server_side_conn_param:{tcp_maxseg:%d,nodelay=%d,keep_alive:"
|
||||
"{enable:%d,tcp_keepcnt:%d,tcp_keepidle:%d,tcp_keepintvl:%d}ttl:%d,user_timeout:%d},"
|
||||
"bypass_duplicated_packet:%d,tcp_passthrough:%d}",
|
||||
pxy_tcp_option.client_tcp_maxseg, pxy_tcp_option.client_tcp_nodelay,
|
||||
pxy_tcp_option.client_tcp_keepalive_enable, pxy_tcp_option.client_tcp_keepalive_keepcnt,
|
||||
pxy_tcp_option.client_tcp_keepalive_keepidle, pxy_tcp_option.client_tcp_keepalive_keepintvl,
|
||||
pxy_tcp_option.client_tcp_ttl, pxy_tcp_option.client_tcp_user_timeout,
|
||||
pxy_tcp_option.server_tcp_maxseg, pxy_tcp_option.server_tcp_nodelay,
|
||||
pxy_tcp_option.server_tcp_keepalive_enable, pxy_tcp_option.server_tcp_keepalive_keepcnt,
|
||||
pxy_tcp_option.server_tcp_keepalive_keepidle, pxy_tcp_option.server_tcp_keepalive_keepintvl,
|
||||
pxy_tcp_option.server_tcp_ttl, pxy_tcp_option.server_tcp_user_timeout,
|
||||
pxy_tcp_option.bypass_duplicated_packet, pxy_tcp_option.tcp_passthrough);
|
||||
KNI_LOG_INFO(logger, "Proxy tcp option default Policy: %s", srv_def_large);
|
||||
}
|
||||
else{
|
||||
KNI_LOG_ERROR(logger, "Fail to get proxy tcp option default policy, Error: json data parse fail");
|
||||
@@ -321,8 +307,8 @@ int pxy_tcp_option_rule_init(const char* conffile, void *logger)
|
||||
{
|
||||
int i=0;
|
||||
MESA_load_profile_string_def(conffile, "proxy_tcp_option", "maat_table_compile", g_kni_handle->table_name[TABLE_COMPILE], _MAX_TABLE_NAME_LEN, "PXY_TCP_OPTION_COMPILE");
|
||||
MESA_load_profile_string_def(conffile, "proxy_tcp_option", "maat_table_addr", g_kni_handle->table_name[TABLE_IP_ADDR], _MAX_TABLE_NAME_LEN, "PXY_TCP_OPTION_COMPILE");
|
||||
MESA_load_profile_string_def(conffile, "proxy_tcp_option", "maat_table_sni", g_kni_handle->table_name[TABLE_SSL_SNI], _MAX_TABLE_NAME_LEN, "PXY_TCP_OPTION_COMPILE");
|
||||
MESA_load_profile_string_def(conffile, "proxy_tcp_option", "maat_table_addr", g_kni_handle->table_name[TABLE_IP_ADDR], _MAX_TABLE_NAME_LEN, "PXY_TCP_OPTION_ADDR");
|
||||
MESA_load_profile_string_def(conffile, "proxy_tcp_option", "maat_table_fqdn", g_kni_handle->table_name[TABLE_SSL_FQDN], _MAX_TABLE_NAME_LEN, "PXY_TCP_OPTION_SERVER_FQDN");
|
||||
|
||||
for(i=0; i<TABLE_COMPILE; i++)
|
||||
{
|
||||
@@ -427,7 +413,7 @@ static int pxy_tcp_option_scan_domain(Maat_feather_t maat_feather, Maat_rule_t *
|
||||
if(hit_num < result_num)
|
||||
{
|
||||
maat_ret = Maat_full_scan_string(maat_feather,
|
||||
g_kni_handle->table_id[TABLE_SSL_SNI],
|
||||
g_kni_handle->table_id[TABLE_SSL_FQDN],
|
||||
CHARSET_UTF8,
|
||||
(const char *)&pmeinfo->domain,
|
||||
pmeinfo->domain_len,
|
||||
@@ -521,6 +507,7 @@ int pxy_tcp_option_get_param(Maat_feather_t maat_feather,const struct streaminfo
|
||||
KNI_LOG_DEBUG(logger,"Scan hit, json parse error,Proxy tcp option using default param,streamid = %d", pmeinfo->stream_traceid);
|
||||
break;
|
||||
}
|
||||
KNI_LOG_DEBUG(logger, "Proxy tcp option, streamid: %d,param:%s", pmeinfo->stream_traceid,tmp_buff);
|
||||
is_not_default = 1;
|
||||
free(tmp_buff);
|
||||
tmp_buff = NULL;
|
||||
@@ -529,24 +516,9 @@ int pxy_tcp_option_get_param(Maat_feather_t maat_feather,const struct streaminfo
|
||||
if(is_not_default != 1)
|
||||
{
|
||||
memcpy((void *)pxy_tcpop, (const void *)&g_kni_handle->pxy_tcp_option, sizeof(g_kni_handle->pxy_tcp_option));
|
||||
}
|
||||
KNI_LOG_DEBUG(logger, "Proxy tcp option, streamid: %d,param: "
|
||||
"{client_side_conn_param:{tcp_maxseg:%d,nodelay=%d,keep_alive:"
|
||||
"{enable:%d,tcp_keepcnt:%d,tcp_keepidle:%d,tcp_keepintvl:%d}ttl:%d,user_timeout:%d},"
|
||||
"server_side_conn_param:{tcp_maxseg:%d,nodelay=%d,keep_alive:"
|
||||
"{enable:%d,tcp_keepcnt:%d,tcp_keepidle:%d,tcp_keepintvl:%d}ttl:%d,user_timeout:%d},"
|
||||
"bypass_duplicated_packet:%d,tcp_passthrough:%d}",
|
||||
pmeinfo->stream_traceid,
|
||||
pxy_tcpop->client_tcp_maxseg, pxy_tcpop->client_tcp_nodelay,
|
||||
pxy_tcpop->client_tcp_keepalive_enable, pxy_tcpop->client_tcp_keepalive_keepcnt,
|
||||
pxy_tcpop->client_tcp_keepalive_keepidle, pxy_tcpop->client_tcp_keepalive_keepintvl,
|
||||
pxy_tcpop->client_tcp_ttl, pxy_tcpop->client_tcp_user_timeout,
|
||||
pxy_tcpop->server_tcp_maxseg, pxy_tcpop->server_tcp_nodelay,
|
||||
pxy_tcpop->server_tcp_keepalive_enable, pxy_tcpop->server_tcp_keepalive_keepcnt,
|
||||
pxy_tcpop->server_tcp_keepalive_keepidle, pxy_tcpop->server_tcp_keepalive_keepintvl,
|
||||
pxy_tcpop->server_tcp_ttl, pxy_tcpop->server_tcp_user_timeout,
|
||||
pxy_tcpop->bypass_duplicated_packet, pxy_tcpop->tcp_passthrough);
|
||||
KNI_LOG_DEBUG(logger, "Proxy tcp option, streamid: %d, Using default policy", pmeinfo->stream_traceid);
|
||||
|
||||
}
|
||||
if(mid!=NULL)
|
||||
{
|
||||
Maat_clean_status(&mid);
|
||||
|
||||
Reference in New Issue
Block a user