diff --git a/common/src/tfe_scan.cpp b/common/src/tfe_scan.cpp index a6cfd0b..aa292bc 100644 --- a/common/src/tfe_scan.cpp +++ b/common/src/tfe_scan.cpp @@ -152,16 +152,26 @@ int tfe_get_library_tags(const struct tfe_stream *stream, cJSON *common_obj, tfe struct library_tag_ctx *library_tag =(struct library_tag_ctx *)maat_plugin_table_get_ex_data(tfe_get_maat_handle(), tfe_bussiness_tableid_get(PXY_CTRL_LIBRARY_TAG), (const char *)&tag_id_array[i], sizeof(long long)); if(library_tag != NULL) { - if(library_tag->category == CATEGORY_TYPE_ASN && tlv_type == TFE_CMSG_SRC_IP_TAGS_IDS_STR) + if(library_tag->category == CATEGORY_TYPE_ASN && tlv_type == TFE_CMSG_SRC_IP_TAGS_IDS_STR && atol(library_tag->tag_value) > 0) { - cJSON_AddNumberToObject(common_obj, "client_asn", atol(library_tag->tag_value)); + cJSON_AddNumberToObject(common_obj, "client_asn", atol(library_tag->tag_value)); } - if(library_tag->category == CATEGORY_TYPE_ASN && tlv_type == TFE_CMSG_DST_IP_TAGS_IDS_STR) + if(library_tag->category == CATEGORY_TYPE_CONTRY_CODE && tlv_type== TFE_CMSG_SRC_IP_TAGS_IDS_STR) + { + cJSON_AddStringToObject(common_obj, "client_country", library_tag->tag_value); + } + + if(library_tag->category == CATEGORY_TYPE_ASN && tlv_type == TFE_CMSG_DST_IP_TAGS_IDS_STR && atol(library_tag->tag_value) > 0) { cJSON_AddNumberToObject(common_obj, "server_asn", atol(library_tag->tag_value)); } + if(library_tag->category == CATEGORY_TYPE_CONTRY_CODE && tlv_type== TFE_CMSG_DST_IP_TAGS_IDS_STR) + { + cJSON_AddStringToObject(common_obj, "server_country", library_tag->tag_value); + } + memset(value, 0, sizeof(value)); snprintf(value, sizeof(value), "%s:%s", library_tag->tag_key, library_tag->tag_value); cJSON_AddItemToArray(tags_array, cJSON_CreateString(value)); diff --git a/conf/tfe/tfe.conf b/conf/tfe/tfe.conf index 76e38d7..3706ecd 100644 --- a/conf/tfe/tfe.conf +++ b/conf/tfe/tfe.conf @@ -191,7 +191,7 @@ sasl_username=admin sasl_passwd=galaxy2019 rule_hits_topic=POLICY-RULE-METRIC proxy_event_topic=PROXY-EVENT -file_stream_topic=TRAFFIC-FILE-STREAM-RECORD +file_stream_topic=TRAFFIC-HTTP-FILE-STREAM-RECORD exch_cert_topic=PXY-EXCH-INTERMEDIA-CERT [maat] diff --git a/plugin/business/doh/src/doh.cpp b/plugin/business/doh/src/doh.cpp index a2a28b2..f0370ed 100644 --- a/plugin/business/doh/src/doh.cpp +++ b/plugin/business/doh/src/doh.cpp @@ -308,9 +308,9 @@ static void doh_maat_scan(const struct tfe_stream *stream, const struct tfe_http } scan_ret = tfe_scan_fqdn_tags(stream, result, ctx->scan_mid, hit_cnt, g_doh_conf->tables[TYPE_HOST].id, g_doh_conf->local_logger); - if (scan_ret == MAAT_SCAN_HIT) + if (scan_ret > 0) { - hit_cnt += n_hit_result; + hit_cnt += scan_ret; } } diff --git a/plugin/business/tsg-http/src/tsg_http.cpp b/plugin/business/tsg-http/src/tsg_http.cpp index 511d53e..9c57c56 100644 --- a/plugin/business/tsg-http/src/tsg_http.cpp +++ b/plugin/business/tsg-http/src/tsg_http.cpp @@ -2727,9 +2727,9 @@ enum proxy_action http_scan(const struct tfe_http_session * session, enum tfe_ht } scan_ret = tfe_scan_fqdn_tags(stream, result, ctx->scan_mid, hit_cnt, g_proxy_rt->scan_table_id[PXY_CTRL_HTTP_FQDN], g_proxy_rt->local_logger); - if (scan_ret == MAAT_SCAN_HIT) + if (scan_ret > 0) { - hit_cnt += n_hit_result; + hit_cnt += scan_ret; } } diff --git a/plugin/business/tsg-http/src/tsg_logger.cpp b/plugin/business/tsg-http/src/tsg_logger.cpp index ee28f0d..6aa0c4d 100644 --- a/plugin/business/tsg-http/src/tsg_logger.cpp +++ b/plugin/business/tsg-http/src/tsg_logger.cpp @@ -265,7 +265,7 @@ int proxy_send_log(struct proxy_logger* handle, const struct proxy_log* log_msg) { char *request_line=NULL; struct tfe_http_req_spec req_spec=http->req->req_spec; - asprintf(&request_line, "%s %s HTTP/%d.%d", http_std_method_to_string(req_spec.method), req_spec.url, http->major_version, http->minor_version); + asprintf(&request_line, "%s %s HTTP/%d.%d", http_std_method_to_string(req_spec.method), req_spec.url, http->req->major_version, http->req->minor_version); cJSON_AddStringToObject(common_obj, "http_request_line", request_line); free(request_line); }