diff --git a/conf/maat/dynamic_maat_tableinfo.conf b/conf/maat/dynamic_maat_tableinfo.conf index 020a7c2..b7a9450 100644 --- a/conf/maat/dynamic_maat_tableinfo.conf +++ b/conf/maat/dynamic_maat_tableinfo.conf @@ -1 +1 @@ -1 TSG_DYN_SUBSCRIBE_IP plugin {"key":3,"valid":5} \ No newline at end of file +1 TSG_DYN_SUBSCRIBER_IP plugin {"key":3,"valid":5} \ No newline at end of file diff --git a/conf/maat/static_maat_tableinfo.conf b/conf/maat/static_maat_tableinfo.conf index 01b6d6f..73bdac0 100644 --- a/conf/maat/static_maat_tableinfo.conf +++ b/conf/maat/static_maat_tableinfo.conf @@ -7,4 +7,4 @@ 4 TSG_OBJ_FQDN expr utf8 utf8 yes 0 4 TSG_OBJ_FQDN_CAT expr utf8 utf8 yes 0 5 COMPILE_ALIAS compile escape -- -6 TSG_OBJ_SUBSCRIBE_ID expr UTF8 UTF8 yes 0 quickon +6 TSG_OBJ_SUBSCRIBER_ID expr UTF8 UTF8 yes 0 quickon diff --git a/entry/src/kni_entry.cpp b/entry/src/kni_entry.cpp index 58a189e..0f2bc1d 100644 --- a/entry/src/kni_entry.cpp +++ b/entry/src/kni_entry.cpp @@ -2248,6 +2248,10 @@ extern "C" int kni_init(){ //init tun if(g_kni_handle->deploy_mode == KNI_DEPLOY_MODE_TUN){ + if(g_kni_handle->thread_count != 1){ + KNI_LOG_ERROR(local_logger, "Tun mode, thread count must be 1, while it's %d", g_kni_handle->thread_count); + goto error_out; + } char tun_name[KNI_SYMBOL_MAX]; ret = MESA_load_profile_string_nodef(profile, section, "tun_name", tun_name, sizeof(tun_name)); if(ret < 0){ diff --git a/entry/src/kni_maat.cpp b/entry/src/kni_maat.cpp index db82e0e..ed4d115 100644 --- a/entry/src/kni_maat.cpp +++ b/entry/src/kni_maat.cpp @@ -6,7 +6,7 @@ enum scan_table { PXY_INTERCEPT_IP, PXY_INTERCEPT_DOMAIN, - TSG_OBJ_SUBSCRIBE_ID, + TSG_OBJ_SUBSCRIBER_ID, SCAN_TABLE_MAX }; @@ -201,7 +201,7 @@ struct kni_maat_handle* kni_maat_init(const char* profile, void *logger, int thr //static maat const char *table_name[SCAN_TABLE_MAX]; char tablename_intercept_compile[] = "PXY_INTERCEPT_COMPILE"; - char tablename_subscriber_id[] = "TSG_DYN_SUBSCRIBE_IP"; + char tablename_subscriber_id[] = "TSG_DYN_SUBSCRIBER_IP"; int ret, i; handle->static_maat = create_maat_feather("static", profile, "static_maat", logger, thread_count); if(handle->static_maat == NULL){ @@ -209,7 +209,7 @@ struct kni_maat_handle* kni_maat_init(const char* profile, void *logger, int thr } table_name[PXY_INTERCEPT_IP] = "PXY_INTERCEPT_IP"; table_name[PXY_INTERCEPT_DOMAIN] = "PXY_INTERCEPT_DOMAIN"; - table_name[TSG_OBJ_SUBSCRIBE_ID] = "TSG_OBJ_SUBSCRIBE_ID"; + table_name[TSG_OBJ_SUBSCRIBER_ID] = "TSG_OBJ_SUBSCRIBER_ID"; for(i = 0; i < SCAN_TABLE_MAX; i++){ handle->scan_tableid[i] = Maat_table_register(handle->static_maat, table_name[i]); if(handle->scan_tableid[i] < 0){ @@ -318,7 +318,7 @@ enum kni_action intercept_policy_scan(struct kni_maat_handle* handle, struct ipa source_subscribe_id = (char*)Maat_plugin_get_EX_data(handle->dynamic_maat, handle->subscriber_id_tableid, sip); dest_subscribe_id = (char*)Maat_plugin_get_EX_data(handle->dynamic_maat, handle->subscriber_id_tableid, dip); if(source_subscribe_id != NULL){ - scan_ret = Maat_full_scan_string(handle->static_maat, handle->scan_tableid[TSG_OBJ_SUBSCRIBE_ID], + scan_ret = Maat_full_scan_string(handle->static_maat, handle->scan_tableid[TSG_OBJ_SUBSCRIBER_ID], CHARSET_UTF8, source_subscribe_id, strlen(source_subscribe_id), result+hit_policy_cnt, NULL, KNI_MAAT_RULE_NUM_MAX-hit_policy_cnt, &scan_mid, thread_seq); @@ -328,7 +328,7 @@ enum kni_action intercept_policy_scan(struct kni_maat_handle* handle, struct ipa free(source_subscribe_id); } if(dest_subscribe_id != NULL){ - scan_ret = Maat_full_scan_string(handle->static_maat, handle->scan_tableid[TSG_OBJ_SUBSCRIBE_ID], + scan_ret = Maat_full_scan_string(handle->static_maat, handle->scan_tableid[TSG_OBJ_SUBSCRIBER_ID], CHARSET_UTF8, dest_subscribe_id, strlen(dest_subscribe_id), result+hit_policy_cnt, NULL, KNI_MAAT_RULE_NUM_MAX-hit_policy_cnt, &scan_mid, thread_seq);