gfwleak/tango-tfe
Archived
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

修改table_info支持IP虚表

Browse Source 
增加对APP_ID配置默认扫描
This commit is contained in:
fengweihao
2020-04-01 11:13:53 +08:00
parent fa36be47db
commit 12e8003d29
2 changed files with 29 additions and 14 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
plugin/business/pangu-http/src/pangu_http.cpp
View File

@@ -63,6 +63,7 @@ enum scan_table
PXY_CTRL_HTTP_RES_HDR,
PXY_CTRL_HTTP_RES_BODY,
PXY_CTRL_SUBSCRIBE_ID,
PXY_CTRL_APP_ID,
__SCAN_TABLE_MAX
};
@@ -845,7 +846,7 @@ int pangu_policy_init(const char* profile_path, const char* static_section, cons
}
const char * table_name[__SCAN_TABLE_MAX];
table_name[PXY_CTRL_IP] = "TSG_OBJ_IP_ADDR";
table_name[PXY_CTRL_IP] = "TSG_SECURITY_ADDR";
table_name[PXY_CTRL_HTTP_URL] = "TSG_FIELD_HTTP_URL";
table_name[PXY_CTRL_HTTP_FQDN] = "TSG_FIELD_HTTP_HOST";
table_name[PXY_CTRL_HTTP_REQ_HDR] = "TSG_FIELD_HTTP_REQ_HDR";
@@ -853,6 +854,7 @@ int pangu_policy_init(const char* profile_path, const char* static_section, cons
table_name[PXY_CTRL_HTTP_RES_HDR] = "TSG_FIELD_HTTP_RES_HDR";
table_name[PXY_CTRL_HTTP_RES_BODY] = "TSG_FIELD_HTTP_RES_CONTENT";
table_name[PXY_CTRL_SUBSCRIBE_ID] = "TSG_OBJ_SUBSCRIBER_ID";
table_name[PXY_CTRL_APP_ID] = "TSG_OBJ_APP_ID";
for (int i = 0; i < __SCAN_TABLE_MAX; i++)
{
g_pangu_rt->scan_table_id[i] = Maat_table_register(g_pangu_rt->maat, table_name[i]);
@@ -2382,12 +2384,20 @@ void pangu_on_http_begin(const struct tfe_stream * stream,
hit_cnt+=scan_ret;
}
}
const char *app_id = "http.";
scan_ret = Maat_full_scan_string(g_pangu_rt->maat, g_pangu_rt->scan_table_id[PXY_CTRL_APP_ID],
CHARSET_UTF8, app_id, strlen(app_id),
result+hit_cnt, NULL, MAX_SCAN_RESULT-hit_cnt,
&(ctx->scan_mid), (int) thread_id);
if(scan_ret>0)
{
hit_cnt+=scan_ret;
}
addr_tfe2sapp(stream->addr, &sapp_addr);
hit_cnt += Maat_scan_proto_addr(g_pangu_rt->maat, g_pangu_rt->scan_table_id[PXY_CTRL_IP], &sapp_addr, 0,
result+hit_cnt, MAX_SCAN_RESULT-hit_cnt, &(ctx->scan_mid), (int) thread_id);
if (hit_cnt > 0)
{
ctx->action = decide_ctrl_action(result, hit_cnt, &ctx->enforce_rules, &ctx->n_enforce, &ctx->param);

29
resource/pangu/table_info.conf
View File

@@ -30,15 +30,20 @@
11 TSG_FIELD_HTTP_REQ_CONTENT virtual TSG_OBJ_KEYWORDS --
12 TSG_FIELD_HTTP_RES_CONTENT virtual TSG_OBJ_KEYWORDS --
13 TSG_OBJ_SUBSCRIBER_ID expr UTF8 UTF8 yes 0 quickon
14 PXY_CACHE_COMPILE compile escape --
14 PXY_CACHE_GROUP group --
15 PXY_CACHE_HTTP_URL expr UTF8 UTF8 yes 0 quickoff
16 PXY_CACHE_HTTP_COOKIE expr UTF8 UTF8 yes 0 quickoff
17 PXY_PROFILE_TRUSTED_CA_CERT plugin {"key":1,"valid":4,"foreign":"3"}
17 PXY_EXCH_INTERMEDIA_CERT plugin {"key":1,"valid":4,"foreign":"3"}
18 PXY_OBJ_TRUSTED_CA_CRL plugin {"valid":4,"foreign":"3"}
19 PXY_PROFILE_RESPONSE_PAGES plugin {"key":1,"foreign":"4","valid":5}
20 PXY_PROFILE_HIJACK_FILES plugin {"key":1,"foreign":"5","valid":6}
21 PXY_PROFILE_INSERT_SCRIPTS plugin {"key":1,"foreign":"4","valid":6}
22 TSG_SECURITY_COMPILE plugin {"key":1,"valid":8}
23 PXY_PROFILE_TRAFFIC_MIRROR plugin {"key":1,"valid":4}
14 TSG_OBJ_APP_ID expr UTF8 UTF8 yes 0
15 TSG_SECURITY_SOURCE_ADDR virtual TSG_OBJ_IP_ADDR --
16 TSG_SECURITY_DESTINATION_ADDR virtual TSG_OBJ_IP_ADDR --
17 TSG_SECURITY_ADDR composition {"source":"TSG_SECURITY_SOURCE_ADDR","destination":"TSG_SECURITY_DESTINATION_ADDR"}
18 PXY_CACHE_COMPILE compile escape --
18 PXY_CACHE_GROUP group --
19 PXY_CACHE_HTTP_URL expr UTF8 UTF8 yes 0 quickoff
20 PXY_CACHE_HTTP_COOKIE expr UTF8 UTF8 yes 0 quickoff
21 PXY_PROFILE_TRUSTED_CA_CERT plugin {"key":1,"valid":4,"foreign":"3"}
21 PXY_EXCH_INTERMEDIA_CERT plugin {"key":1,"valid":4,"foreign":"3"}
22 PXY_OBJ_TRUSTED_CA_CRL plugin {"valid":4,"foreign":"3"}
23 PXY_PROFILE_RESPONSE_PAGES plugin {"key":1,"foreign":"4","valid":5}
24 PXY_PROFILE_HIJACK_FILES plugin {"key":1,"foreign":"5","valid":6}
25 PXY_PROFILE_INSERT_SCRIPTS plugin {"key":1,"foreign":"4","valid":6}
26 TSG_SECURITY_COMPILE plugin {"key":1,"valid":8}
27 PXY_PROFILE_TRAFFIC_MIRROR plugin {"key":1,"valid":4}