TSG-18425 Proxy支持port object匹配 TSG-19090 Proxy支持Protocol Object匹配
This commit is contained in:
fengweihao
@@ -323,6 +323,11 @@ static void doh_maat_scan(const struct tfe_stream *stream, const struct tfe_http
|
||||
{
|
||||
hit_cnt += scan_ret;
|
||||
}
|
||||
scan_ret = tfe_scan_port(stream, result, ctx->scan_mid, hit_cnt, sapp_addr.v4->source, sapp_addr.v4->dest);
|
||||
if(scan_ret > 0)
|
||||
{
|
||||
hit_cnt += scan_ret;
|
||||
}
|
||||
}
|
||||
if (sapp_addr.addrtype == ADDR_TYPE_IPV6)
|
||||
{
|
||||
@@ -331,6 +336,11 @@ static void doh_maat_scan(const struct tfe_stream *stream, const struct tfe_http
|
||||
{
|
||||
hit_cnt += scan_ret;
|
||||
}
|
||||
scan_ret = tfe_scan_port(stream, result, ctx->scan_mid, hit_cnt, sapp_addr.v6->source, sapp_addr.v6->dest);
|
||||
if(scan_ret > 0)
|
||||
{
|
||||
hit_cnt += scan_ret;
|
||||
}
|
||||
}
|
||||
// scan appid
|
||||
long long app_id = 8006;
|
||||
@@ -377,12 +387,8 @@ static int doh_maat_init(const char *profile, const char *section)
|
||||
{
|
||||
g_doh_conf->maat = (struct maat *)tfe_bussiness_resouce_get(STATIC_MAAT);
|
||||
MESA_load_profile_string_def(profile, section, "table_appid", g_doh_conf->tables[TYPE_APPID].name, TFE_STRING_MAX, "ATTR_APP_ID");
|
||||
MESA_load_profile_string_def(profile, section, "table_src_addr", g_doh_conf->tables[TYPE_SRC_ADDR].name, TFE_STRING_MAX, "ATTR_SOURCE_ADDR");
|
||||
MESA_load_profile_string_def(profile, section, "table_dst_addr", g_doh_conf->tables[TYPE_DST_ADDR].name, TFE_STRING_MAX, "ATTR_DESTINATION_ADDR");
|
||||
MESA_load_profile_string_def(profile, section, "table_qname", g_doh_conf->tables[TYPE_QNAME].name, TFE_STRING_MAX, "ATTR_DOH_QNAME");
|
||||
MESA_load_profile_string_def(profile, section, "table_host", g_doh_conf->tables[TYPE_HOST].name, TFE_STRING_MAX, "ATTR_SERVER_FQDN");
|
||||
MESA_load_profile_string_def(profile, section, "table_internal_addr", g_doh_conf->tables[TYPE_INTERNAL_ADDR].name, TFE_STRING_MAX, "ATTR_INTERNAL_ADDR");
|
||||
MESA_load_profile_string_def(profile, section, "table_external_addr", g_doh_conf->tables[TYPE_EXTERNAL_ADDR].name, TFE_STRING_MAX, "ATTR_EXTERNAL_ADDR");
|
||||
|
||||
for (int i = 0; i < TYPE_MAX; i++)
|
||||
{
|
||||
|
||||
@@ -30,13 +30,9 @@ enum pangu_http_stat
|
||||
|
||||
enum table_type
|
||||
{
|
||||
TYPE_SRC_ADDR,
|
||||
TYPE_DST_ADDR,
|
||||
TYPE_APPID,
|
||||
TYPE_QNAME,
|
||||
TYPE_HOST,
|
||||
TYPE_INTERNAL_ADDR,
|
||||
TYPE_EXTERNAL_ADDR,
|
||||
TYPE_MAX
|
||||
};
|
||||
|
||||
|
||||
@@ -63,8 +63,6 @@ enum manipulate_action
|
||||
|
||||
enum scan_table
|
||||
{
|
||||
PXY_CTRL_SOURCE_ADDR,
|
||||
PXY_CTRL_DESTINATION_ADDR,
|
||||
PXY_CTRL_HTTP_URL,
|
||||
PXY_CTRL_HTTP_FQDN,
|
||||
PXY_CTRL_HTTP_REQ_HDR,
|
||||
@@ -72,8 +70,6 @@ enum scan_table
|
||||
PXY_CTRL_HTTP_RES_HDR,
|
||||
PXY_CTRL_HTTP_RES_BODY,
|
||||
PXY_CTRL_APP_ID,
|
||||
PXY_CTRL_INTERNAL_ADDR,
|
||||
PXY_CTRL_EXTERNAL_ADDR,
|
||||
__SCAN_TABLE_MAX
|
||||
};
|
||||
|
||||
@@ -1011,8 +1007,6 @@ int proxy_policy_init(const char* profile_path, const char* static_section, cons
|
||||
g_proxy_rt->feather = (struct maat *)tfe_bussiness_resouce_get(STATIC_MAAT);
|
||||
|
||||
const char * table_name[__SCAN_TABLE_MAX];
|
||||
table_name[PXY_CTRL_SOURCE_ADDR] = "ATTR_SOURCE_ADDR";
|
||||
table_name[PXY_CTRL_DESTINATION_ADDR]="ATTR_DESTINATION_ADDR";
|
||||
table_name[PXY_CTRL_HTTP_URL] = "ATTR_HTTP_URL";
|
||||
table_name[PXY_CTRL_HTTP_FQDN] = "ATTR_SERVER_FQDN";
|
||||
table_name[PXY_CTRL_HTTP_REQ_HDR] = "ATTR_HTTP_REQ_HDR";
|
||||
@@ -1020,8 +1014,6 @@ int proxy_policy_init(const char* profile_path, const char* static_section, cons
|
||||
table_name[PXY_CTRL_HTTP_RES_HDR] = "ATTR_HTTP_RES_HDR";
|
||||
table_name[PXY_CTRL_HTTP_RES_BODY] = "ATTR_HTTP_RES_BODY";
|
||||
table_name[PXY_CTRL_APP_ID] = "ATTR_APP_ID";
|
||||
table_name[PXY_CTRL_INTERNAL_ADDR] = "ATTR_INTERNAL_ADDR";
|
||||
table_name[PXY_CTRL_EXTERNAL_ADDR] = "ATTR_EXTERNAL_ADDR";
|
||||
|
||||
for (int i = 0; i < __SCAN_TABLE_MAX; i++)
|
||||
{
|
||||
@@ -2889,6 +2881,11 @@ void proxy_on_http_begin(const struct tfe_stream *stream, const struct tfe_http_
|
||||
{
|
||||
hit_cnt += scan_ret;
|
||||
}
|
||||
scan_ret = tfe_scan_port(stream, result, ctx->scan_mid, hit_cnt, sapp_addr.v4->source, sapp_addr.v4->dest);
|
||||
if(scan_ret > 0)
|
||||
{
|
||||
hit_cnt += scan_ret;
|
||||
}
|
||||
}
|
||||
if (sapp_addr.addrtype == ADDR_TYPE_IPV6)
|
||||
{
|
||||
@@ -2897,6 +2894,11 @@ void proxy_on_http_begin(const struct tfe_stream *stream, const struct tfe_http_
|
||||
{
|
||||
hit_cnt += scan_ret;
|
||||
}
|
||||
scan_ret = tfe_scan_port(stream, result, ctx->scan_mid, hit_cnt, sapp_addr.v6->source, sapp_addr.v6->dest);
|
||||
if(scan_ret > 0)
|
||||
{
|
||||
hit_cnt += scan_ret;
|
||||
}
|
||||
}
|
||||
|
||||
if(hit_cnt > 0)
|
||||
|
||||
Reference in New Issue
Block a user