gfwleak/tango-tfe
Archived
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

TSG-18425 Proxy支持port object匹配 TSG-19090 Proxy支持Protocol Object匹配

Browse Source
This commit is contained in:
fengweihao
2024-02-01 16:03:49 +08:00
parent 9c9cc1de75
commit 2c32c20e23
9 changed files with 279 additions and 131 deletions
Download Patch File Download Diff File Expand all files Collapse all files

18
plugin/business/tsg-http/src/tsg_http.cpp
View File

@@ -63,8 +63,6 @@ enum manipulate_action
enum scan_table
{
PXY_CTRL_SOURCE_ADDR,
PXY_CTRL_DESTINATION_ADDR,
PXY_CTRL_HTTP_URL,
PXY_CTRL_HTTP_FQDN,
PXY_CTRL_HTTP_REQ_HDR,
@@ -72,8 +70,6 @@ enum scan_table
PXY_CTRL_HTTP_RES_HDR,
PXY_CTRL_HTTP_RES_BODY,
PXY_CTRL_APP_ID,
PXY_CTRL_INTERNAL_ADDR,
PXY_CTRL_EXTERNAL_ADDR,
__SCAN_TABLE_MAX
};
@@ -1011,8 +1007,6 @@ int proxy_policy_init(const char* profile_path, const char* static_section, cons
g_proxy_rt->feather = (struct maat *)tfe_bussiness_resouce_get(STATIC_MAAT);
const char * table_name[__SCAN_TABLE_MAX];
table_name[PXY_CTRL_SOURCE_ADDR] = "ATTR_SOURCE_ADDR";
table_name[PXY_CTRL_DESTINATION_ADDR]="ATTR_DESTINATION_ADDR";
table_name[PXY_CTRL_HTTP_URL] = "ATTR_HTTP_URL";
table_name[PXY_CTRL_HTTP_FQDN] = "ATTR_SERVER_FQDN";
table_name[PXY_CTRL_HTTP_REQ_HDR] = "ATTR_HTTP_REQ_HDR";
@@ -1020,8 +1014,6 @@ int proxy_policy_init(const char* profile_path, const char* static_section, cons
table_name[PXY_CTRL_HTTP_RES_HDR] = "ATTR_HTTP_RES_HDR";
table_name[PXY_CTRL_HTTP_RES_BODY] = "ATTR_HTTP_RES_BODY";
table_name[PXY_CTRL_APP_ID] = "ATTR_APP_ID";
table_name[PXY_CTRL_INTERNAL_ADDR] = "ATTR_INTERNAL_ADDR";
table_name[PXY_CTRL_EXTERNAL_ADDR] = "ATTR_EXTERNAL_ADDR";
for (int i = 0; i < __SCAN_TABLE_MAX; i++)
{
@@ -2889,6 +2881,11 @@ void proxy_on_http_begin(const struct tfe_stream *stream, const struct tfe_http_
{
hit_cnt += scan_ret;
}
scan_ret = tfe_scan_port(stream, result, ctx->scan_mid, hit_cnt, sapp_addr.v4->source, sapp_addr.v4->dest);
if(scan_ret > 0)
{
hit_cnt += scan_ret;
}
}
if (sapp_addr.addrtype == ADDR_TYPE_IPV6)
{
@@ -2897,6 +2894,11 @@ void proxy_on_http_begin(const struct tfe_stream *stream, const struct tfe_http_
{
hit_cnt += scan_ret;
}
scan_ret = tfe_scan_port(stream, result, ctx->scan_mid, hit_cnt, sapp_addr.v6->source, sapp_addr.v6->dest);
if(scan_ret > 0)
{
hit_cnt += scan_ret;
}
}
if(hit_cnt > 0)