1、将dynamic bypass 从tsg_entry.cpp 拆分出来 2、使用ja3信息代替chello信息做bypass ssl信息 3、增加获取ja3流标签,通过cmsg发送给tfe 4、增加dynamic bypass 配置文件开关
This commit is contained in:
fumingwei
@@ -12,7 +12,6 @@
|
||||
#define CALLER_SAPP 0
|
||||
#define CALLER_TFE 1
|
||||
|
||||
#define SSL_INFO_LEN 2048
|
||||
#define _MAX_MAAT_TABLE_NAME_LEN 64
|
||||
|
||||
#define MAX_STRING_LEN 32
|
||||
@@ -216,7 +215,8 @@ struct kni_handle{
|
||||
char dst_mac_addr[6];
|
||||
int tsg_diagnose_enable;
|
||||
int *arr_last_tfe_dispatch_index;
|
||||
struct security_policy_shunt_tsg_diagnose secpolicyid_shunt_tsg_diagnose;
|
||||
struct security_policy_shunt_tsg_diagnose secpolicyid_shunt_tsg_diagnose;
|
||||
int ssl_dynamic_bypass_enable;
|
||||
MESA_htable_handle sslinfo2bypass_htable;
|
||||
int pxy_tcp_option_enable; //for proxy tcp option enable
|
||||
int pxy_tcp_option_enable_override;
|
||||
@@ -231,10 +231,7 @@ struct traceid2pme_search_cb_args{
|
||||
void *logger;
|
||||
};
|
||||
|
||||
struct dynamic_bypass_ssl_feature{
|
||||
char value[SSL_INFO_LEN];
|
||||
size_t vlen;
|
||||
};
|
||||
|
||||
|
||||
#endif
|
||||
|
||||
|
||||
Reference in New Issue
Block a user