TSG-22512 修复Manipulation配置Server FQDN Tags策略无法命中
TSG-22504 Manipulation日志输出Client Country,server_country字段 TSG-22374 修复Manipulation日志字段中的http版本号
This commit is contained in:
fengweihao
@@ -152,16 +152,26 @@ int tfe_get_library_tags(const struct tfe_stream *stream, cJSON *common_obj, tfe
|
|||||||
struct library_tag_ctx *library_tag =(struct library_tag_ctx *)maat_plugin_table_get_ex_data(tfe_get_maat_handle(), tfe_bussiness_tableid_get(PXY_CTRL_LIBRARY_TAG), (const char *)&tag_id_array[i], sizeof(long long));
|
struct library_tag_ctx *library_tag =(struct library_tag_ctx *)maat_plugin_table_get_ex_data(tfe_get_maat_handle(), tfe_bussiness_tableid_get(PXY_CTRL_LIBRARY_TAG), (const char *)&tag_id_array[i], sizeof(long long));
|
||||||
if(library_tag != NULL)
|
if(library_tag != NULL)
|
||||||
{
|
{
|
||||||
if(library_tag->category == CATEGORY_TYPE_ASN && tlv_type == TFE_CMSG_SRC_IP_TAGS_IDS_STR)
|
if(library_tag->category == CATEGORY_TYPE_ASN && tlv_type == TFE_CMSG_SRC_IP_TAGS_IDS_STR && atol(library_tag->tag_value) > 0)
|
||||||
{
|
{
|
||||||
cJSON_AddNumberToObject(common_obj, "client_asn", atol(library_tag->tag_value));
|
cJSON_AddNumberToObject(common_obj, "client_asn", atol(library_tag->tag_value));
|
||||||
}
|
}
|
||||||
|
|
||||||
if(library_tag->category == CATEGORY_TYPE_ASN && tlv_type == TFE_CMSG_DST_IP_TAGS_IDS_STR)
|
if(library_tag->category == CATEGORY_TYPE_CONTRY_CODE && tlv_type== TFE_CMSG_SRC_IP_TAGS_IDS_STR)
|
||||||
|
{
|
||||||
|
cJSON_AddStringToObject(common_obj, "client_country", library_tag->tag_value);
|
||||||
|
}
|
||||||
|
|
||||||
|
if(library_tag->category == CATEGORY_TYPE_ASN && tlv_type == TFE_CMSG_DST_IP_TAGS_IDS_STR && atol(library_tag->tag_value) > 0)
|
||||||
{
|
{
|
||||||
cJSON_AddNumberToObject(common_obj, "server_asn", atol(library_tag->tag_value));
|
cJSON_AddNumberToObject(common_obj, "server_asn", atol(library_tag->tag_value));
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if(library_tag->category == CATEGORY_TYPE_CONTRY_CODE && tlv_type== TFE_CMSG_DST_IP_TAGS_IDS_STR)
|
||||||
|
{
|
||||||
|
cJSON_AddStringToObject(common_obj, "server_country", library_tag->tag_value);
|
||||||
|
}
|
||||||
|
|
||||||
memset(value, 0, sizeof(value));
|
memset(value, 0, sizeof(value));
|
||||||
snprintf(value, sizeof(value), "%s:%s", library_tag->tag_key, library_tag->tag_value);
|
snprintf(value, sizeof(value), "%s:%s", library_tag->tag_key, library_tag->tag_value);
|
||||||
cJSON_AddItemToArray(tags_array, cJSON_CreateString(value));
|
cJSON_AddItemToArray(tags_array, cJSON_CreateString(value));
|
||||||
|
|||||||
@@ -191,7 +191,7 @@ sasl_username=admin
|
|||||||
sasl_passwd=galaxy2019
|
sasl_passwd=galaxy2019
|
||||||
rule_hits_topic=POLICY-RULE-METRIC
|
rule_hits_topic=POLICY-RULE-METRIC
|
||||||
proxy_event_topic=PROXY-EVENT
|
proxy_event_topic=PROXY-EVENT
|
||||||
file_stream_topic=TRAFFIC-FILE-STREAM-RECORD
|
file_stream_topic=TRAFFIC-HTTP-FILE-STREAM-RECORD
|
||||||
exch_cert_topic=PXY-EXCH-INTERMEDIA-CERT
|
exch_cert_topic=PXY-EXCH-INTERMEDIA-CERT
|
||||||
|
|
||||||
[maat]
|
[maat]
|
||||||
|
|||||||
@@ -308,9 +308,9 @@ static void doh_maat_scan(const struct tfe_stream *stream, const struct tfe_http
|
|||||||
}
|
}
|
||||||
|
|
||||||
scan_ret = tfe_scan_fqdn_tags(stream, result, ctx->scan_mid, hit_cnt, g_doh_conf->tables[TYPE_HOST].id, g_doh_conf->local_logger);
|
scan_ret = tfe_scan_fqdn_tags(stream, result, ctx->scan_mid, hit_cnt, g_doh_conf->tables[TYPE_HOST].id, g_doh_conf->local_logger);
|
||||||
if (scan_ret == MAAT_SCAN_HIT)
|
if (scan_ret > 0)
|
||||||
{
|
{
|
||||||
hit_cnt += n_hit_result;
|
hit_cnt += scan_ret;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|||||||
@@ -2727,9 +2727,9 @@ enum proxy_action http_scan(const struct tfe_http_session * session, enum tfe_ht
|
|||||||
}
|
}
|
||||||
|
|
||||||
scan_ret = tfe_scan_fqdn_tags(stream, result, ctx->scan_mid, hit_cnt, g_proxy_rt->scan_table_id[PXY_CTRL_HTTP_FQDN], g_proxy_rt->local_logger);
|
scan_ret = tfe_scan_fqdn_tags(stream, result, ctx->scan_mid, hit_cnt, g_proxy_rt->scan_table_id[PXY_CTRL_HTTP_FQDN], g_proxy_rt->local_logger);
|
||||||
if (scan_ret == MAAT_SCAN_HIT)
|
if (scan_ret > 0)
|
||||||
{
|
{
|
||||||
hit_cnt += n_hit_result;
|
hit_cnt += scan_ret;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|||||||
@@ -265,7 +265,7 @@ int proxy_send_log(struct proxy_logger* handle, const struct proxy_log* log_msg)
|
|||||||
{
|
{
|
||||||
char *request_line=NULL;
|
char *request_line=NULL;
|
||||||
struct tfe_http_req_spec req_spec=http->req->req_spec;
|
struct tfe_http_req_spec req_spec=http->req->req_spec;
|
||||||
asprintf(&request_line, "%s %s HTTP/%d.%d", http_std_method_to_string(req_spec.method), req_spec.url, http->major_version, http->minor_version);
|
asprintf(&request_line, "%s %s HTTP/%d.%d", http_std_method_to_string(req_spec.method), req_spec.url, http->req->major_version, http->req->minor_version);
|
||||||
cJSON_AddStringToObject(common_obj, "http_request_line", request_line);
|
cJSON_AddStringToObject(common_obj, "http_request_line", request_line);
|
||||||
free(request_line);
|
free(request_line);
|
||||||
}
|
}
|
||||||
|
|||||||
Reference in New Issue
Block a user