From 12e8003d29a520d14da1c991b616a5ad83300b9e Mon Sep 17 00:00:00 2001
From: fengweihao <fengweihao@iie.ac.cn>
Date: Wed, 1 Apr 2020 11:13:53 +0800
Subject: [PATCH] =?UTF-8?q?=E4=BF=AE=E6=94=B9table=5Finfo=E6=94=AF?=
 =?UTF-8?q?=E6=8C=81IP=E8=99=9A=E8=A1=A8=20=E5=A2=9E=E5=8A=A0=E5=AF=B9APP?=
 =?UTF-8?q?=5FID=E9=85=8D=E7=BD=AE=E9=BB=98=E8=AE=A4=E6=89=AB=E6=8F=8F?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 plugin/business/pangu-http/src/pangu_http.cpp | 14 +++++++--
 resource/pangu/table_info.conf                | 29 +++++++++++--------
 2 files changed, 29 insertions(+), 14 deletions(-)

diff --git a/plugin/business/pangu-http/src/pangu_http.cpp b/plugin/business/pangu-http/src/pangu_http.cpp
index 9846acc..ec744ae 100644
--- a/plugin/business/pangu-http/src/pangu_http.cpp
+++ b/plugin/business/pangu-http/src/pangu_http.cpp
@@ -63,6 +63,7 @@ enum scan_table
 	PXY_CTRL_HTTP_RES_HDR,
 	PXY_CTRL_HTTP_RES_BODY,
 	PXY_CTRL_SUBSCRIBE_ID,
+	PXY_CTRL_APP_ID,
 	__SCAN_TABLE_MAX
 };
 
@@ -845,7 +846,7 @@ int pangu_policy_init(const char* profile_path, const char* static_section, cons
 	}
 
 	const char * table_name[__SCAN_TABLE_MAX];
-	table_name[PXY_CTRL_IP] = "TSG_OBJ_IP_ADDR";
+	table_name[PXY_CTRL_IP] = "TSG_SECURITY_ADDR";
 	table_name[PXY_CTRL_HTTP_URL] = "TSG_FIELD_HTTP_URL";
 	table_name[PXY_CTRL_HTTP_FQDN] = "TSG_FIELD_HTTP_HOST";
 	table_name[PXY_CTRL_HTTP_REQ_HDR] = "TSG_FIELD_HTTP_REQ_HDR";
@@ -853,6 +854,7 @@ int pangu_policy_init(const char* profile_path, const char* static_section, cons
 	table_name[PXY_CTRL_HTTP_RES_HDR] = "TSG_FIELD_HTTP_RES_HDR";
 	table_name[PXY_CTRL_HTTP_RES_BODY] = "TSG_FIELD_HTTP_RES_CONTENT";
 	table_name[PXY_CTRL_SUBSCRIBE_ID] = "TSG_OBJ_SUBSCRIBER_ID";
+	table_name[PXY_CTRL_APP_ID] = "TSG_OBJ_APP_ID";
 	for (int i = 0; i < __SCAN_TABLE_MAX; i++)
 	{
 		g_pangu_rt->scan_table_id[i] = Maat_table_register(g_pangu_rt->maat, table_name[i]);
@@ -2382,12 +2384,20 @@ void pangu_on_http_begin(const struct tfe_stream * stream,
 			hit_cnt+=scan_ret;
 		}
 	}
+	const char *app_id = "http.";
+	scan_ret = Maat_full_scan_string(g_pangu_rt->maat, g_pangu_rt->scan_table_id[PXY_CTRL_APP_ID],
+										CHARSET_UTF8, app_id, strlen(app_id),
+										result+hit_cnt, NULL, MAX_SCAN_RESULT-hit_cnt,
+										&(ctx->scan_mid), (int) thread_id);
+	if(scan_ret>0)
+	{
+		hit_cnt+=scan_ret;
+	}
 
 	addr_tfe2sapp(stream->addr, &sapp_addr);
 	hit_cnt += Maat_scan_proto_addr(g_pangu_rt->maat, g_pangu_rt->scan_table_id[PXY_CTRL_IP], &sapp_addr, 0,
 		result+hit_cnt, MAX_SCAN_RESULT-hit_cnt, &(ctx->scan_mid), (int) thread_id);
 
-
 	if (hit_cnt > 0)
 	{
 		ctx->action = decide_ctrl_action(result, hit_cnt, &ctx->enforce_rules, &ctx->n_enforce, &ctx->param);
diff --git a/resource/pangu/table_info.conf b/resource/pangu/table_info.conf
index 313e638..63010c7 100644
--- a/resource/pangu/table_info.conf
+++ b/resource/pangu/table_info.conf
@@ -30,15 +30,20 @@
 11	TSG_FIELD_HTTP_REQ_CONTENT	virtual	TSG_OBJ_KEYWORDS --
 12	TSG_FIELD_HTTP_RES_CONTENT	virtual	TSG_OBJ_KEYWORDS --
 13	TSG_OBJ_SUBSCRIBER_ID	expr	UTF8	UTF8	yes	0	quickon
-14	PXY_CACHE_COMPILE	compile	escape	--
-14	PXY_CACHE_GROUP	group	--
-15	PXY_CACHE_HTTP_URL	expr	UTF8	UTF8	yes	0	quickoff
-16	PXY_CACHE_HTTP_COOKIE	expr	UTF8	UTF8	yes	0	quickoff
-17	PXY_PROFILE_TRUSTED_CA_CERT	plugin	{"key":1,"valid":4,"foreign":"3"}
-17	PXY_EXCH_INTERMEDIA_CERT	plugin	{"key":1,"valid":4,"foreign":"3"}
-18	PXY_OBJ_TRUSTED_CA_CRL	plugin	{"valid":4,"foreign":"3"}
-19	PXY_PROFILE_RESPONSE_PAGES plugin	{"key":1,"foreign":"4","valid":5}
-20	PXY_PROFILE_HIJACK_FILES   plugin	{"key":1,"foreign":"5","valid":6}
-21	PXY_PROFILE_INSERT_SCRIPTS plugin	{"key":1,"foreign":"4","valid":6}
-22	TSG_SECURITY_COMPILE	plugin	{"key":1,"valid":8}
-23	PXY_PROFILE_TRAFFIC_MIRROR	plugin	{"key":1,"valid":4}
+14	TSG_OBJ_APP_ID	expr	UTF8	UTF8	yes	0
+15	TSG_SECURITY_SOURCE_ADDR    virtual TSG_OBJ_IP_ADDR --
+16 	TSG_SECURITY_DESTINATION_ADDR   virtual TSG_OBJ_IP_ADDR --
+17 	TSG_SECURITY_ADDR   composition {"source":"TSG_SECURITY_SOURCE_ADDR","destination":"TSG_SECURITY_DESTINATION_ADDR"}
+18	PXY_CACHE_COMPILE   compile escape  --
+18	PXY_CACHE_GROUP group   --
+19	PXY_CACHE_HTTP_URL  expr    UTF8    UTF8    yes 0   quickoff
+20	PXY_CACHE_HTTP_COOKIE   expr    UTF8    UTF8    yes 0   quickoff
+21	PXY_PROFILE_TRUSTED_CA_CERT plugin  {"key":1,"valid":4,"foreign":"3"}
+21	PXY_EXCH_INTERMEDIA_CERT    plugin  {"key":1,"valid":4,"foreign":"3"}
+22	PXY_OBJ_TRUSTED_CA_CRL  plugin  {"valid":4,"foreign":"3"}
+23	PXY_PROFILE_RESPONSE_PAGES plugin   {"key":1,"foreign":"4","valid":5}
+24	PXY_PROFILE_HIJACK_FILES   plugin   {"key":1,"foreign":"5","valid":6}
+25	PXY_PROFILE_INSERT_SCRIPTS plugin   {"key":1,"foreign":"4","valid":6}
+26	TSG_SECURITY_COMPILE    plugin  {"key":1,"valid":8}
+27	PXY_PROFILE_TRAFFIC_MIRROR  plugin  {"key":1,"valid":4}
+