gfwleak/tango-tfe
Archived
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

TSG-23921 Tfe uses field instead of attribute and field_name value to remove the attr prefix

Browse Source
This commit is contained in:
fengweihao
2024-11-27 10:40:40 +08:00
parent 2cf0db86ea
commit 43cbb3745f
8 changed files with 102 additions and 102 deletions
Download Patch File Download Diff File Expand all files Collapse all files

92
common/src/tfe_scan.cpp
View File

@@ -3,18 +3,18 @@
#include <tfe_scan.h>
#include <MESA/stream.h>
static int scan_object(uuid_t *result, struct maat_state *scan_mid, int hit_cnt, struct maat_hit_object objects, const char *table_name, const char *attribute_name)
static int scan_object(uuid_t *result, struct maat_state *scan_mid, int hit_cnt, struct maat_hit_object objects, const char *table_name, const char *filed_name)
{
size_t n_hit_result=0;
int scan_ret=0, hit_cnt_group=0;
scan_ret = maat_scan_object(tfe_get_maat_handle(), table_name, attribute_name, &objects, 1, result+hit_cnt+hit_cnt_group,
scan_ret = maat_scan_object(tfe_get_maat_handle(), table_name, filed_name, &objects, 1, result+hit_cnt+hit_cnt_group,
MAX_SCAN_RESULT-hit_cnt-hit_cnt_group, &n_hit_result, scan_mid);
if(scan_ret == MAAT_SCAN_HIT)
{
hit_cnt_group+=n_hit_result;
}
scan_ret = maat_scan_not_logic(tfe_get_maat_handle(), table_name, attribute_name, result+hit_cnt+hit_cnt_group,
scan_ret = maat_scan_not_logic(tfe_get_maat_handle(), table_name, filed_name, result+hit_cnt+hit_cnt_group,
MAX_SCAN_RESULT-hit_cnt-hit_cnt_group, &n_hit_result, scan_mid);
if (scan_ret == MAAT_SCAN_HIT)
{
@@ -40,10 +40,10 @@ static int get_route_dir(const struct tfe_stream * stream)
return (route_dir==69) ? 1 : 0;
}
const char *get_attribute_name(const struct tfe_stream *stream, enum scan_common_table table_type)
const char *get_filed_name(const struct tfe_stream *stream, enum scan_common_table table_type)
{
int c2s = 0;
const char *attribute_name=NULL;
const char *filed_name=NULL;
int dir_is_e2i = get_route_dir(stream);
if (table_type == PXY_CTRL_SOURCE_IP || table_type == PXY_CTRL_DESTINATION_IP || table_type == PXY_CTRL_SOURCE_PORT || table_type == PXY_CTRL_DESTINATION_PORT)
@@ -52,14 +52,14 @@ const char *get_attribute_name(const struct tfe_stream *stream, enum scan_common
if(table_type == PXY_CTRL_SOURCE_IP || table_type == PXY_CTRL_DESTINATION_IP)
{
attribute_name = (c2s == dir_is_e2i) ? "ATTR_INTERNAL_IP" : "ATTR_EXTERNAL_IP";
filed_name = (c2s == dir_is_e2i) ? "INTERNAL_IP" : "EXTERNAL_IP";
}
if(table_type == PXY_CTRL_SOURCE_PORT || table_type == PXY_CTRL_DESTINATION_PORT)
{
attribute_name = (c2s == dir_is_e2i) ? "ATTR_INTERNAL_PORT" : "ATTR_EXTERNAL_PORT";
filed_name = (c2s == dir_is_e2i) ? "INTERNAL_PORT" : "EXTERNAL_PORT";
}
}
return attribute_name;
return filed_name;
}
const char *get_table_name(const struct tfe_stream *stream, enum scan_common_table table_type)
@@ -93,8 +93,8 @@ int tfe_scan_internal_exteral_by_last_group(const struct tfe_stream *stream, uui
return hit_cnt_group;
}
const char *attribute_name = get_attribute_name(stream, table_type);
if(attribute_name == NULL)
const char *filed_name = get_filed_name(stream, table_type);
if(filed_name == NULL)
{
return hit_cnt_group;
}
@@ -103,13 +103,13 @@ int tfe_scan_internal_exteral_by_last_group(const struct tfe_stream *stream, uui
if(n_last_hit_object > 0)
{
maat_state_get_last_hit_objects(scan_mid, last_hit_objects, array_size);
scan_ret = maat_scan_object(tfe_get_maat_handle(), table_name, attribute_name, last_hit_objects, array_size, result+hit_cnt+hit_cnt_group,
scan_ret = maat_scan_object(tfe_get_maat_handle(), table_name, filed_name, last_hit_objects, array_size, result+hit_cnt+hit_cnt_group,
MAX_SCAN_RESULT-hit_cnt-hit_cnt_group, &n_hit_result, scan_mid);
if(scan_ret == MAAT_SCAN_HIT)
{
hit_cnt_group += n_hit_result;
}
scan_ret = maat_scan_not_logic(tfe_get_maat_handle(), table_name, attribute_name,
scan_ret = maat_scan_not_logic(tfe_get_maat_handle(), table_name, filed_name,
result+hit_cnt+hit_cnt_group, MAX_SCAN_RESULT-hit_cnt-hit_cnt_group, &n_hit_result, scan_mid);
if (scan_ret == MAAT_SCAN_HIT)
{
@@ -179,22 +179,22 @@ int tfe_get_library_tags(const struct tfe_stream *stream, cJSON *common_obj, tfe
{
if(library_tag->category == CATEGORY_TYPE_ASN && tlv_type == TFE_CMSG_SRC_IP_TAGS_IDS_ARR && atol(library_tag->tag_value) > 0)
{
cJSON_AddNumberToObject(common_obj, "client_asn", atol(library_tag->tag_value));
cJSON_AddNumberToObject(common_obj, "source_asn", atol(library_tag->tag_value));
}
if(library_tag->category == CATEGORY_TYPE_CONTRY_CODE && tlv_type== TFE_CMSG_SRC_IP_TAGS_IDS_ARR)
{
cJSON_AddStringToObject(common_obj, "client_country", library_tag->tag_value);
cJSON_AddStringToObject(common_obj, "source_country", library_tag->tag_value);
}
if(library_tag->category == CATEGORY_TYPE_ASN && tlv_type == TFE_CMSG_DST_IP_TAGS_IDS_ARR && atol(library_tag->tag_value) > 0)
{
cJSON_AddNumberToObject(common_obj, "server_asn", atol(library_tag->tag_value));
cJSON_AddNumberToObject(common_obj, "destination_asn", atol(library_tag->tag_value));
}
if(library_tag->category == CATEGORY_TYPE_CONTRY_CODE && tlv_type== TFE_CMSG_DST_IP_TAGS_IDS_ARR)
{
cJSON_AddStringToObject(common_obj, "server_country", library_tag->tag_value);
cJSON_AddStringToObject(common_obj, "destination_country", library_tag->tag_value);
}
memset(value, 0, sizeof(value));
@@ -227,7 +227,7 @@ int tfe_scan_ip_tags(const struct tfe_stream *stream, uuid_t *result, struct maa
{
memset(&objects, 0, sizeof(objects));
uuid_copy(objects.object_uuid, opt_val[i]);
scan_ret = maat_scan_object(tfe_get_maat_handle(), "TSG_OBJ_IP_ADDR", "ATTR_SOURCE_IP", &objects, 1, result+hit_cnt+hit_cnt_ip,
scan_ret = maat_scan_object(tfe_get_maat_handle(), "TSG_OBJ_IP_ADDR", "SOURCE_IP", &objects, 1, result+hit_cnt+hit_cnt_ip,
MAX_SCAN_RESULT-hit_cnt-hit_cnt_ip, &n_hit_result, scan_mid);
if(scan_ret == MAAT_SCAN_HIT)
{
@@ -260,7 +260,7 @@ int tfe_scan_ip_tags(const struct tfe_stream *stream, uuid_t *result, struct maa
{
memset(&objects, 0, sizeof(objects));
uuid_copy(objects.object_uuid, opt_val[i]);
scan_ret = maat_scan_object(tfe_get_maat_handle(), "TSG_OBJ_IP_ADDR", "ATTR_DESTINATION_IP", &objects, 1, result+hit_cnt+hit_cnt_ip,
scan_ret = maat_scan_object(tfe_get_maat_handle(), "TSG_OBJ_IP_ADDR", "DESTINATION_IP", &objects, 1, result+hit_cnt+hit_cnt_ip,
MAX_SCAN_RESULT-hit_cnt-hit_cnt_ip, &n_hit_result, scan_mid);
if(scan_ret==MAAT_SCAN_HIT)
{
@@ -300,7 +300,7 @@ int tfe_scan_fqdn_tags(const struct tfe_stream *stream, uuid_t *result, struct m
{
memset(&objects, 0, sizeof(objects));
uuid_copy(objects.object_uuid, opt_val[i]);
scan_ret = scan_object(result, scan_mid, hit_cnt, objects, "TSG_OBJ_FQDN", "ATTR_SERVER_FQDN");
scan_ret = scan_object(result, scan_mid, hit_cnt, objects, "TSG_OBJ_FQDN", "SERVER_FQDN");
if (scan_ret > 0)
{
char result_str[UUID_STRING_SIZE]={0};
@@ -328,13 +328,13 @@ int tfe_scan_app_id(uuid_t *result, struct maat_state *scan_mid, int hit_cnt, lo
{
memset(&objects, 0, sizeof(objects));
uuid_copy(objects.object_uuid, app_dict->object_uuid);
scan_ret=maat_scan_object(tfe_get_maat_handle(), "APP_ID_DICT", "ATTR_APP_ID", &objects, 1, result+hit_cnt+hit_app_id,
scan_ret=maat_scan_object(tfe_get_maat_handle(), "APP_ID_DICT", "APP_ID", &objects, 1, result+hit_cnt+hit_app_id,
MAX_SCAN_RESULT-hit_cnt-hit_app_id, &n_hit_result, scan_mid);
if(scan_ret==MAAT_SCAN_HIT)
{
hit_app_id += n_hit_result;
}
scan_ret = maat_scan_not_logic(tfe_get_maat_handle(), "APP_ID_DICT", "ATTR_APP_ID", result+hit_cnt+hit_app_id, MAX_SCAN_RESULT-hit_cnt-hit_app_id, &n_hit_result, scan_mid);
scan_ret = maat_scan_not_logic(tfe_get_maat_handle(), "APP_ID_DICT", "APP_ID", result+hit_cnt+hit_app_id, MAX_SCAN_RESULT-hit_cnt-hit_app_id, &n_hit_result, scan_mid);
if (scan_ret == MAAT_SCAN_HIT)
{
hit_app_id += n_hit_result;
@@ -344,7 +344,7 @@ int tfe_scan_app_id(uuid_t *result, struct maat_state *scan_mid, int hit_cnt, lo
return hit_app_id;
}
int tfe_scan_value_by_cmsg(const struct tfe_stream *stream, enum tfe_cmsg_tlv_type tlv_type, uuid_t *result, struct maat_state *scan_mid, int hit_cnt, const char *table_name, const char *attribute_name, char *opt_val)
int tfe_scan_value_by_cmsg(const struct tfe_stream *stream, enum tfe_cmsg_tlv_type tlv_type, uuid_t *result, struct maat_state *scan_mid, int hit_cnt, const char *table_name, const char *filed_name, char *opt_val)
{
uint16_t opt_out_size = 0;
int hit_cnt_string=0;
@@ -360,13 +360,13 @@ int tfe_scan_value_by_cmsg(const struct tfe_stream *stream, enum tfe_cmsg_tlv_ty
{
size_t n_hit_result=0;
int scan_ret = maat_scan_string(tfe_get_maat_handle(), table_name, attribute_name, opt_val, strlen(opt_val), result+hit_cnt+hit_cnt_string, MAX_SCAN_RESULT-hit_cnt-hit_cnt_string,
int scan_ret = maat_scan_string(tfe_get_maat_handle(), table_name, filed_name, opt_val, strlen(opt_val), result+hit_cnt+hit_cnt_string, MAX_SCAN_RESULT-hit_cnt-hit_cnt_string,
&n_hit_result,scan_mid);
if(scan_ret == MAAT_SCAN_HIT)
{
hit_cnt_string+=n_hit_result;
}
scan_ret = maat_scan_not_logic(tfe_get_maat_handle(), table_name, attribute_name, result+hit_cnt+hit_cnt_string, MAX_SCAN_RESULT-hit_cnt-hit_cnt_string, &n_hit_result, scan_mid);
scan_ret = maat_scan_not_logic(tfe_get_maat_handle(), table_name, filed_name, result+hit_cnt+hit_cnt_string, MAX_SCAN_RESULT-hit_cnt-hit_cnt_string, &n_hit_result, scan_mid);
if (scan_ret == MAAT_SCAN_HIT)
{
hit_cnt_string+=n_hit_result;
@@ -380,25 +380,25 @@ int tfe_scan_device(const struct tfe_stream *stream, uuid_t *result, struct maat
char opt_val[4][128]={0};
int scan_ret = 0, htt_cnt_device = 0;
scan_ret = tfe_scan_value_by_cmsg(stream, TFE_CMSG_SRC_IMSI_STR, result, scan_mid, hit_cnt, "TSG_OBJ_IMSI", "ATTR_GTP_IMSI", opt_val[0]);
scan_ret = tfe_scan_value_by_cmsg(stream, TFE_CMSG_SRC_IMSI_STR, result, scan_mid, hit_cnt, "TSG_OBJ_IMSI", "GTP_IMSI", opt_val[0]);
if(scan_ret > 0)
{
htt_cnt_device += scan_ret;
}
scan_ret = tfe_scan_value_by_cmsg(stream, TFE_CMSG_SRC_IMEI_STR, result, scan_mid, hit_cnt, "TSG_OBJ_IMEI","ATTR_GTP_IMEI", opt_val[1]);
scan_ret = tfe_scan_value_by_cmsg(stream, TFE_CMSG_SRC_IMEI_STR, result, scan_mid, hit_cnt, "TSG_OBJ_IMEI","GTP_IMEI", opt_val[1]);
if(scan_ret > 0)
{
htt_cnt_device += scan_ret;
}
scan_ret = tfe_scan_value_by_cmsg(stream, TFE_CMSG_SRC_PHONE_NUM_STR, result, scan_mid, hit_cnt, "TSG_OBJ_PHONE_NUMBER","ATTR_GTP_PHONE_NUMBER", opt_val[2]);
scan_ret = tfe_scan_value_by_cmsg(stream, TFE_CMSG_SRC_PHONE_NUM_STR, result, scan_mid, hit_cnt, "TSG_OBJ_PHONE_NUMBER","GTP_PHONE_NUMBER", opt_val[2]);
if(scan_ret > 0)
{
htt_cnt_device += scan_ret;
}
scan_ret = tfe_scan_value_by_cmsg(stream, TFE_CMSG_SRC_APN_STR, result, scan_mid, hit_cnt, "TSG_OBJ_APN", "ATTR_GTP_APN", opt_val[3]);
scan_ret = tfe_scan_value_by_cmsg(stream, TFE_CMSG_SRC_APN_STR, result, scan_mid, hit_cnt, "TSG_OBJ_APN", "GTP_APN", opt_val[3]);
if(scan_ret > 0)
{
htt_cnt_device += scan_ret;
@@ -415,7 +415,7 @@ int tfe_scan_port(const struct tfe_stream *stream, uuid_t *result, struct maat_s
int hit_cnt_port = 0;
size_t n_hit_result = 0;
scan_ret=maat_scan_integer(tfe_get_maat_handle(), "TSG_OBJ_PORT", "ATTR_SOURCE_PORT", ntohs(source),
scan_ret=maat_scan_integer(tfe_get_maat_handle(), "TSG_OBJ_PORT", "SOURCE_PORT", ntohs(source),
result+hit_cnt+hit_cnt_port, MAX_SCAN_RESULT-hit_cnt-hit_cnt_port, &n_hit_result, scan_mid);
if(scan_ret == MAAT_SCAN_HIT)
{
@@ -426,14 +426,14 @@ int tfe_scan_port(const struct tfe_stream *stream, uuid_t *result, struct maat_s
{
hit_cnt_port+=scan_ret;
}
scan_ret = maat_scan_not_logic(tfe_get_maat_handle(), "TSG_OBJ_PORT", "ATTR_SOURCE_PORT",
scan_ret = maat_scan_not_logic(tfe_get_maat_handle(), "TSG_OBJ_PORT", "SOURCE_PORT",
result+hit_cnt+hit_cnt_port, MAX_SCAN_RESULT-hit_cnt-hit_cnt_port, &n_hit_result, scan_mid);
if (scan_ret == MAAT_SCAN_HIT)
{
hit_cnt_port+=n_hit_result;
}
scan_ret=maat_scan_integer(tfe_get_maat_handle(), "TSG_OBJ_PORT", "ATTR_DESTINATION_PORT", ntohs(dest),
scan_ret=maat_scan_integer(tfe_get_maat_handle(), "TSG_OBJ_PORT", "DESTINATION_PORT", ntohs(dest),
result+hit_cnt+hit_cnt_port, MAX_SCAN_RESULT-hit_cnt-hit_cnt_port, &n_hit_result, scan_mid);
if(scan_ret == MAAT_SCAN_HIT)
{
@@ -444,7 +444,7 @@ int tfe_scan_port(const struct tfe_stream *stream, uuid_t *result, struct maat_s
{
hit_cnt_port+=scan_ret;
}
scan_ret = maat_scan_not_logic(tfe_get_maat_handle(), "TSG_OBJ_PORT", "ATTR_DESTINATION_PORT", result+hit_cnt+hit_cnt_port,
scan_ret = maat_scan_not_logic(tfe_get_maat_handle(), "TSG_OBJ_PORT", "DESTINATION_PORT", result+hit_cnt+hit_cnt_port,
MAX_SCAN_RESULT-hit_cnt-hit_cnt_port, &n_hit_result, scan_mid);
if (scan_ret == MAAT_SCAN_HIT)
{
@@ -467,20 +467,20 @@ int tfe_scan_ipv4_addr(const struct tfe_stream *stream, uuid_t *result, struct m
memset(&objects, 0, sizeof(objects));
uuid_parse(protocol_uuid, objects_uuid);
uuid_copy(objects.object_uuid, objects_uuid);
scan_ret = maat_scan_object(tfe_get_maat_handle(), "TSG_OBJ_IP_PROTOCOL", "ATTR_IP_PROTOCOL", &objects, 1, result+hit_cnt+hit_cnt_ip,
scan_ret = maat_scan_object(tfe_get_maat_handle(), "TSG_OBJ_IP_PROTOCOL", "IP_PROTOCOL", &objects, 1, result+hit_cnt+hit_cnt_ip,
MAX_SCAN_RESULT-hit_cnt-hit_cnt_ip, &n_hit_result, scan_mid);
if(scan_ret==MAAT_SCAN_HIT)
{
hit_cnt_ip += n_hit_result;
}
scan_ret = maat_scan_not_logic(tfe_get_maat_handle(), "TSG_OBJ_IP_PROTOCOL", "ATTR_IP_PROTOCOL", result+hit_cnt+hit_cnt_ip,
scan_ret = maat_scan_not_logic(tfe_get_maat_handle(), "TSG_OBJ_IP_PROTOCOL", "IP_PROTOCOL", result+hit_cnt+hit_cnt_ip,
MAX_SCAN_RESULT-hit_cnt-hit_cnt_ip, &n_hit_result, scan_mid);
if (scan_ret == MAAT_SCAN_HIT)
{
hit_cnt_ip += n_hit_result;
}
scan_ret = maat_scan_ipv4_port(tfe_get_maat_handle(), "TSG_OBJ_IP_ADDR", "ATTR_SOURCE_IP", sapp_addr.v4->saddr, ntohs(sapp_addr.v4->source),
scan_ret = maat_scan_ipv4_port(tfe_get_maat_handle(), "TSG_OBJ_IP_ADDR", "SOURCE_IP", sapp_addr.v4->saddr, ntohs(sapp_addr.v4->source),
result+hit_cnt+hit_cnt_ip, MAX_SCAN_RESULT-hit_cnt-hit_cnt_ip, &n_hit_result, scan_mid);
if (scan_ret == MAAT_SCAN_HIT)
{
@@ -491,14 +491,14 @@ int tfe_scan_ipv4_addr(const struct tfe_stream *stream, uuid_t *result, struct m
{
hit_cnt_ip += scan_ret;
}
scan_ret = maat_scan_not_logic(tfe_get_maat_handle(), "TSG_OBJ_IP_ADDR", "ATTR_SOURCE_IP", result+hit_cnt+hit_cnt_ip,
scan_ret = maat_scan_not_logic(tfe_get_maat_handle(), "TSG_OBJ_IP_ADDR", "SOURCE_IP", result+hit_cnt+hit_cnt_ip,
MAX_SCAN_RESULT-hit_cnt-hit_cnt_ip, &n_hit_result, scan_mid);
if (scan_ret == MAAT_SCAN_HIT)
{
hit_cnt_ip += n_hit_result;
}
scan_ret = maat_scan_ipv4_port(tfe_get_maat_handle(), "TSG_OBJ_IP_ADDR", "ATTR_DESTINATION_IP", sapp_addr.v4->daddr, ntohs(sapp_addr.v4->dest),
scan_ret = maat_scan_ipv4_port(tfe_get_maat_handle(), "TSG_OBJ_IP_ADDR", "DESTINATION_IP", sapp_addr.v4->daddr, ntohs(sapp_addr.v4->dest),
result+hit_cnt+hit_cnt_ip, MAX_SCAN_RESULT-hit_cnt-hit_cnt_ip, &n_hit_result, scan_mid);
if(scan_ret == MAAT_SCAN_HIT)
{
@@ -509,7 +509,7 @@ int tfe_scan_ipv4_addr(const struct tfe_stream *stream, uuid_t *result, struct m
{
hit_cnt_ip += scan_ret;
}
scan_ret = maat_scan_not_logic(tfe_get_maat_handle(), "TSG_OBJ_IP_ADDR", "ATTR_DESTINATION_IP",
scan_ret = maat_scan_not_logic(tfe_get_maat_handle(), "TSG_OBJ_IP_ADDR", "DESTINATION_IP",
result+hit_cnt+hit_cnt_ip, MAX_SCAN_RESULT-hit_cnt-hit_cnt_ip, &n_hit_result, scan_mid);
if (scan_ret == MAAT_SCAN_HIT)
{
@@ -531,19 +531,19 @@ int tfe_scan_ipv6_addr(const struct tfe_stream *stream, uuid_t *result, struct m
memset(&objects, 0, sizeof(objects));
uuid_parse(protocol_uuid, objects_uuid);
uuid_copy(objects.object_uuid, objects_uuid);
scan_ret = maat_scan_object(tfe_get_maat_handle(), "TSG_OBJ_IP_PROTOCOL", "ATTR_IP_PROTOCOL", &objects, 1, result+hit_cnt+hit_cnt_ip,
scan_ret = maat_scan_object(tfe_get_maat_handle(), "TSG_OBJ_IP_PROTOCOL", "IP_PROTOCOL", &objects, 1, result+hit_cnt+hit_cnt_ip,
MAX_SCAN_RESULT-hit_cnt-hit_cnt_ip, &n_hit_result, scan_mid);
if(scan_ret==MAAT_SCAN_HIT)
{
hit_cnt_ip += n_hit_result;
}
scan_ret = maat_scan_not_logic(tfe_get_maat_handle(), "TSG_OBJ_IP_PROTOCOL", "ATTR_IP_PROTOCOL",
scan_ret = maat_scan_not_logic(tfe_get_maat_handle(), "TSG_OBJ_IP_PROTOCOL", "IP_PROTOCOL",
result+hit_cnt+hit_cnt_ip, MAX_SCAN_RESULT-hit_cnt-hit_cnt_ip, &n_hit_result, scan_mid);
if (scan_ret == MAAT_SCAN_HIT)
{
hit_cnt_ip += n_hit_result;
}
scan_ret = maat_scan_ipv6_port(tfe_get_maat_handle(), "TSG_OBJ_IP_ADDR", "ATTR_SOURCE_IP", sapp_addr.v6->saddr, ntohs(sapp_addr.v6->source),
scan_ret = maat_scan_ipv6_port(tfe_get_maat_handle(), "TSG_OBJ_IP_ADDR", "SOURCE_IP", sapp_addr.v6->saddr, ntohs(sapp_addr.v6->source),
result+hit_cnt+hit_cnt_ip, MAX_SCAN_RESULT-hit_cnt-hit_cnt_ip, &n_hit_result, scan_mid);
if (scan_ret == MAAT_SCAN_HIT)
{
@@ -554,14 +554,14 @@ int tfe_scan_ipv6_addr(const struct tfe_stream *stream, uuid_t *result, struct m
{
hit_cnt_ip += scan_ret;
}
scan_ret = maat_scan_not_logic(tfe_get_maat_handle(), "TSG_OBJ_IP_ADDR", "ATTR_SOURCE_IP",
scan_ret = maat_scan_not_logic(tfe_get_maat_handle(), "TSG_OBJ_IP_ADDR", "SOURCE_IP",
result+hit_cnt+hit_cnt_ip, MAX_SCAN_RESULT-hit_cnt-hit_cnt_ip, &n_hit_result, scan_mid);
if (scan_ret == MAAT_SCAN_HIT)
{
hit_cnt_ip += n_hit_result;
}
scan_ret = maat_scan_ipv6_port(tfe_get_maat_handle(), "TSG_OBJ_IP_ADDR", "ATTR_DESTINATION_IP", sapp_addr.v6->daddr, ntohs(sapp_addr.v6->dest),
scan_ret = maat_scan_ipv6_port(tfe_get_maat_handle(), "TSG_OBJ_IP_ADDR", "DESTINATION_IP", sapp_addr.v6->daddr, ntohs(sapp_addr.v6->dest),
result+hit_cnt+hit_cnt_ip, MAX_SCAN_RESULT-hit_cnt-hit_cnt_ip, &n_hit_result, scan_mid);
if (scan_ret == MAAT_SCAN_HIT)
{
@@ -572,7 +572,7 @@ int tfe_scan_ipv6_addr(const struct tfe_stream *stream, uuid_t *result, struct m
{
hit_cnt_ip += scan_ret;
}
scan_ret = maat_scan_not_logic(tfe_get_maat_handle(), "TSG_OBJ_IP_ADDR", "ATTR_DESTINATION_IP",
scan_ret = maat_scan_not_logic(tfe_get_maat_handle(), "TSG_OBJ_IP_ADDR", "DESTINATION_IP",
result+hit_cnt+hit_cnt_ip, MAX_SCAN_RESULT-hit_cnt-hit_cnt_ip, &n_hit_result, scan_mid);
if (scan_ret == MAAT_SCAN_HIT)
{
@@ -602,7 +602,7 @@ int tfe_scan_subscribe_id(const struct tfe_stream *stream, uuid_t *result, struc
if (strlen(source_subscribe_id))
{
scan_ret = maat_scan_string(tfe_get_maat_handle(), "TSG_OBJ_SUBSCRIBER_ID", "ATTR_SUBSCRIBER_ID",
scan_ret = maat_scan_string(tfe_get_maat_handle(), "TSG_OBJ_SUBSCRIBER_ID", "SUBSCRIBER_ID",
source_subscribe_id, strlen(source_subscribe_id),result + hit_cnt + hit_cnt_ip,
MAX_SCAN_RESULT - hit_cnt - hit_cnt_ip, &n_hit_result, scan_mid);
if (scan_ret == MAAT_SCAN_HIT)
@@ -618,7 +618,7 @@ int tfe_scan_subscribe_id(const struct tfe_stream *stream, uuid_t *result, struc
TFE_LOG_INFO(logger, "Scan src TSG_OBJ_SUBSCRIBER_ID, NO hit subid: %s scan ret: %d addr: %s",
source_subscribe_id, scan_ret, stream->str_stream_info);
}
scan_ret = maat_scan_not_logic(tfe_get_maat_handle(), "TSG_OBJ_SUBSCRIBER_ID", "ATTR_SUBSCRIBER_ID",
scan_ret = maat_scan_not_logic(tfe_get_maat_handle(), "TSG_OBJ_SUBSCRIBER_ID", "SUBSCRIBER_ID",
result + hit_cnt + hit_cnt_ip, MAX_SCAN_RESULT - hit_cnt - hit_cnt_ip, &n_hit_result, scan_mid);
if (scan_ret == MAAT_SCAN_HIT)
{

6
conf/doh/doh.conf
View File

@@ -2,9 +2,9 @@
enable=1
[maat]
table_appid=ATTR_APP_ID
table_qname=ATTR_DOH_QNAME
table_host=ATTR_SERVER_FQDN
table_appid=APP_ID
table_qname=DOH_QNAME
table_host=SERVER_FQDN
[kafka]
ENTRANCE_ID=0

16
plugin/business/doh/src/doh.cpp
View File

@@ -283,22 +283,22 @@ static void doh_maat_scan(const struct tfe_stream *stream, const struct tfe_http
const char *host = session->req->req_spec.host;
if (host)
{
scan_ret = maat_scan_string(g_doh_conf->maat, "TSG_OBJ_FQDN", "ATTR_SERVER_FQDN", host, strlen(host),
scan_ret = maat_scan_string(g_doh_conf->maat, "TSG_OBJ_FQDN", "SERVER_FQDN", host, strlen(host),
result + hit_cnt, MAX_SCAN_RESULT - hit_cnt, &n_hit_result, ctx->scan_mid);
if (scan_ret == MAAT_SCAN_HIT)
{
memset(result_str, 0, sizeof(result_str));
uuid_unparse(result[hit_cnt], result_str);
TFE_LOG_INFO(g_doh_conf->local_logger, "Scan %s, Hit host: %s scan ret: %d policy_id: %s addr: %s",
"ATTR_SERVER_FQDN", host, scan_ret, result_str, stream->str_stream_info);
"SERVER_FQDN", host, scan_ret, result_str, stream->str_stream_info);
hit_cnt += n_hit_result;
}
else
{
TFE_LOG_INFO(g_doh_conf->local_logger, "Scan %s, NO hit host: %s scan ret: %d addr: %s",
"ATTR_SERVER_FQDN", host, scan_ret, stream->str_stream_info);
"SERVER_FQDN", host, scan_ret, stream->str_stream_info);
}
scan_ret = maat_scan_not_logic(g_doh_conf->maat, "TSG_OBJ_FQDN", "ATTR_SERVER_FQDN",
scan_ret = maat_scan_not_logic(g_doh_conf->maat, "TSG_OBJ_FQDN", "SERVER_FQDN",
result + hit_cnt, MAX_SCAN_RESULT - hit_cnt, &n_hit_result, ctx->scan_mid);
if (scan_ret == MAAT_SCAN_HIT)
{
@@ -355,22 +355,22 @@ static void doh_maat_scan(const struct tfe_stream *stream, const struct tfe_http
}
// scan qname
scan_ret = maat_scan_string(g_doh_conf->maat, "TSG_OBJ_FQDN", "ATTR_DOH_QNAME", qname, strlen(qname),
scan_ret = maat_scan_string(g_doh_conf->maat, "TSG_OBJ_FQDN", "DOH_QNAME", qname, strlen(qname),
result + hit_cnt, MAX_SCAN_RESULT - hit_cnt, &n_hit_result, ctx->scan_mid);
if (scan_ret == MAAT_SCAN_HIT)
{
memset(result_str, 0, sizeof(result_str));
uuid_unparse(result[hit_cnt], result_str);
TFE_LOG_INFO(g_doh_conf->local_logger, "Scan %s, Hit domain: %s scan ret: %d qtype: %d policy_id: %s addr: %s",
"ATTR_DOH_QNAME", qname, scan_ret, qtype, result_str, stream->str_stream_info);
"DOH_QNAME", qname, scan_ret, qtype, result_str, stream->str_stream_info);
hit_cnt += n_hit_result;
}
else
{
TFE_LOG_INFO(g_doh_conf->local_logger, "Scan %s, NO hit domain: %s scan ret: %d addr: %s",
"ATTR_DOH_QNAME", qname, scan_ret, stream->str_stream_info);
"DOH_QNAME", qname, scan_ret, stream->str_stream_info);
}
scan_ret = maat_scan_not_logic(g_doh_conf->maat, "TSG_OBJ_FQDN", "ATTR_DOH_QNAME",
scan_ret = maat_scan_not_logic(g_doh_conf->maat, "TSG_OBJ_FQDN", "DOH_QNAME",
result + hit_cnt, MAX_SCAN_RESULT - hit_cnt, &n_hit_result, ctx->scan_mid);
if (scan_ret == MAAT_SCAN_HIT)
{

22
plugin/business/doh/src/logger.cpp
View File

@@ -372,9 +372,9 @@ int doh_send_log(struct doh_conf *handle, const struct tfe_http_session *http, c
doh_get_integer_by_cmsg(common_obj, cmsg, TFE_CMSG_COMMON_DIRECTION, "direction");
}
tfe_get_library_tags(stream, common_obj, TFE_CMSG_SRC_IP_TAGS_IDS_ARR, "client_ip_tags");
tfe_get_library_tags(stream, common_obj, TFE_CMSG_DST_IP_TAGS_IDS_ARR, "server_ip_tags");
tfe_get_library_tags(stream, common_obj, TFE_CMSG_FQDN_TAGS_IDS_ARR, "server_fqdn_tags");
tfe_get_library_tags(stream, common_obj, TFE_CMSG_SRC_IP_TAGS_IDS_ARR, "source_ip_tags");
tfe_get_library_tags(stream, common_obj, TFE_CMSG_DST_IP_TAGS_IDS_ARR, "destination_ip_tags");
tfe_get_library_tags(stream, common_obj, TFE_CMSG_FQDN_TAGS_IDS_ARR, "destination_fqdn_tags");
if (http->req)
{
@@ -400,19 +400,19 @@ int doh_send_log(struct doh_conf *handle, const struct tfe_http_session *http, c
cJSON_AddNumberToObject(common_obj, "address_type", 4);
inet_ntop(AF_INET, &addr->tuple4_v4->saddr, src_ip_str, sizeof(src_ip_str));
inet_ntop(AF_INET, &addr->tuple4_v4->daddr, dst_ip_str, sizeof(dst_ip_str));
cJSON_AddStringToObject(common_obj, "client_ip", src_ip_str);
cJSON_AddStringToObject(common_obj, "server_ip", dst_ip_str);
cJSON_AddNumberToObject(common_obj, "client_port", ntohs(addr->tuple4_v4->source));
cJSON_AddNumberToObject(common_obj, "server_port", ntohs(addr->tuple4_v4->dest));
cJSON_AddStringToObject(common_obj, "source_ip", src_ip_str);
cJSON_AddStringToObject(common_obj, "destination_ip", dst_ip_str);
cJSON_AddNumberToObject(common_obj, "source_port", ntohs(addr->tuple4_v4->source));
cJSON_AddNumberToObject(common_obj, "destination_port", ntohs(addr->tuple4_v4->dest));
break;
case TFE_ADDR_STREAM_TUPLE4_V6:
cJSON_AddNumberToObject(common_obj, "address_type", 6);
inet_ntop(AF_INET6, &addr->tuple4_v6->saddr, src_ip_str, sizeof(src_ip_str));
inet_ntop(AF_INET6, &addr->tuple4_v6->daddr, dst_ip_str, sizeof(dst_ip_str));
cJSON_AddStringToObject(common_obj, "client_ip", src_ip_str);
cJSON_AddStringToObject(common_obj, "server_ip", dst_ip_str);
cJSON_AddNumberToObject(common_obj, "client_port", ntohs(addr->tuple4_v6->source));
cJSON_AddNumberToObject(common_obj, "server_port", ntohs(addr->tuple4_v6->dest));
cJSON_AddStringToObject(common_obj, "source_ip", src_ip_str);
cJSON_AddStringToObject(common_obj, "destination_ip", dst_ip_str);
cJSON_AddNumberToObject(common_obj, "source_port", ntohs(addr->tuple4_v6->source));
cJSON_AddNumberToObject(common_obj, "destination_port", ntohs(addr->tuple4_v6->dest));
break;
default:
break;

24
plugin/business/tsg-http/src/tsg_http.cpp
View File

@@ -2808,7 +2808,7 @@ enum proxy_action http_scan(const struct tfe_http_session * session, enum tfe_ht
const unsigned char * body_frag, size_t frag_size, struct proxy_http_ctx * ctx, const struct tfe_stream * stream)
{
void * iterator = NULL;
const char *attribute_name=NULL;
const char *filed_name=NULL;
const char * field_val = NULL;
struct http_field_name field_name;
struct tfe_http_half * http_half;
@@ -2824,13 +2824,13 @@ enum proxy_action http_scan(const struct tfe_http_session * session, enum tfe_ht
int str_host_length = get_fqdn_len(str_host);
if (str_host != NULL && str_host_length != 0)
{
scan_ret = maat_scan_string(g_proxy_rt->feather, "TSG_OBJ_FQDN", "ATTR_SERVER_FQDN", str_host, str_host_length,
scan_ret = maat_scan_string(g_proxy_rt->feather, "TSG_OBJ_FQDN", "SERVER_FQDN", str_host, str_host_length,
result + hit_cnt, MAX_SCAN_RESULT - hit_cnt, &n_hit_result, ctx->scan_mid);
if (scan_ret == MAAT_SCAN_HIT)
{
hit_cnt += n_hit_result;
}
scan_ret = maat_scan_not_logic(g_proxy_rt->feather, "TSG_OBJ_FQDN", "ATTR_SERVER_FQDN",
scan_ret = maat_scan_not_logic(g_proxy_rt->feather, "TSG_OBJ_FQDN", "SERVER_FQDN",
result + hit_cnt, MAX_SCAN_RESULT - hit_cnt, &n_hit_result, ctx->scan_mid);
if (scan_ret == MAAT_SCAN_HIT)
{
@@ -2846,14 +2846,14 @@ enum proxy_action http_scan(const struct tfe_http_session * session, enum tfe_ht
const char * str_url = session->req->req_spec.url;
int str_url_length = (int) (strlen(session->req->req_spec.url));
scan_ret = maat_scan_string(g_proxy_rt->feather, "TSG_OBJ_URL", "ATTR_HTTP_URL", str_url, str_url_length,
scan_ret = maat_scan_string(g_proxy_rt->feather, "TSG_OBJ_URL", "HTTP_URL", str_url, str_url_length,
result + hit_cnt, MAX_SCAN_RESULT - hit_cnt, &n_hit_result, ctx->scan_mid);
if (scan_ret == MAAT_SCAN_HIT)
{
hit_cnt += n_hit_result;
}
scan_ret = maat_scan_not_logic(g_proxy_rt->feather, "TSG_OBJ_URL", "ATTR_HTTP_URL",
scan_ret = maat_scan_not_logic(g_proxy_rt->feather, "TSG_OBJ_URL", "HTTP_URL",
result + hit_cnt, MAX_SCAN_RESULT - hit_cnt, &n_hit_result, ctx->scan_mid);
if (scan_ret == MAAT_SCAN_HIT)
{
@@ -2863,8 +2863,8 @@ enum proxy_action http_scan(const struct tfe_http_session * session, enum tfe_ht
if ((events & EV_HTTP_REQ_HDR) || (events & EV_HTTP_RESP_HDR))
{
attribute_name = events & EV_HTTP_REQ_HDR ? "ATTR_HTTP_REQ_HDR" : "ATTR_HTTP_RES_HDR";
struct maat_stream *sp = maat_stream_new(g_proxy_rt->feather, "TSG_OBJ_KEYWORD", attribute_name, ctx->scan_mid);
filed_name = events & EV_HTTP_REQ_HDR ? "HTTP_REQ_HDR" : "HTTP_RES_HDR";
struct maat_stream *sp = maat_stream_new(g_proxy_rt->feather, "TSG_OBJ_KEYWORD", filed_name, ctx->scan_mid);
http_half = events & EV_HTTP_REQ_HDR ? session->req : session->resp;
while (hit_cnt < MAX_SCAN_RESULT)
@@ -2892,7 +2892,7 @@ enum proxy_action http_scan(const struct tfe_http_session * session, enum tfe_ht
hit_cnt += n_hit_result;
}
}
scan_ret = maat_scan_not_logic(g_proxy_rt->feather, "TSG_OBJ_KEYWORD", attribute_name, result + hit_cnt, MAX_SCAN_RESULT - hit_cnt,
scan_ret = maat_scan_not_logic(g_proxy_rt->feather, "TSG_OBJ_KEYWORD", filed_name, result + hit_cnt, MAX_SCAN_RESULT - hit_cnt,
&n_hit_result, ctx->scan_mid);
if (scan_ret == MAAT_SCAN_HIT)
{
@@ -2904,8 +2904,8 @@ enum proxy_action http_scan(const struct tfe_http_session * session, enum tfe_ht
if ((events & EV_HTTP_REQ_BODY_BEGIN) | (events & EV_HTTP_RESP_BODY_BEGIN))
{
assert(ctx->sp == NULL);
attribute_name = events & EV_HTTP_REQ_BODY_BEGIN ? "ATTR_HTTP_REQ_BODY" : "ATTR_HTTP_RES_BODY";
ctx->sp = maat_stream_new(g_proxy_rt->feather, "TSG_OBJ_KEYWORD", attribute_name, ctx->scan_mid);
filed_name = events & EV_HTTP_REQ_BODY_BEGIN ? "HTTP_REQ_BODY" : "HTTP_RES_BODY";
ctx->sp = maat_stream_new(g_proxy_rt->feather, "TSG_OBJ_KEYWORD", filed_name, ctx->scan_mid);
}
const unsigned char *scan_body_frag=NULL; size_t scan_len=0;
@@ -2928,8 +2928,8 @@ enum proxy_action http_scan(const struct tfe_http_session * session, enum tfe_ht
if ((events & EV_HTTP_REQ_BODY_END) | (events & EV_HTTP_RESP_BODY_END))
{
attribute_name = events & EV_HTTP_REQ_BODY_END ? "ATTR_HTTP_REQ_BODY" : "ATTR_HTTP_RES_BODY";
scan_ret = maat_scan_not_logic(g_proxy_rt->feather, "TSG_OBJ_KEYWORD", "attribute_name", result + hit_cnt, MAX_SCAN_RESULT - hit_cnt,
filed_name = events & EV_HTTP_REQ_BODY_END ? "HTTP_REQ_BODY" : "HTTP_RES_BODY";
scan_ret = maat_scan_not_logic(g_proxy_rt->feather, "TSG_OBJ_KEYWORD", filed_name, result + hit_cnt, MAX_SCAN_RESULT - hit_cnt,
&n_hit_result, ctx->scan_mid);
if (scan_ret == MAAT_SCAN_HIT)
{

22
plugin/business/tsg-http/src/tsg_logger.cpp
View File

@@ -255,9 +255,9 @@ int proxy_send_log(struct proxy_logger* handle, const struct proxy_log* log_msg)
tfe_get_integer_by_cmsg(common_obj, cmsg, TFE_CMSG_COMMON_DIRECTION, "direction");
}
tfe_get_library_tags(log_msg->stream, common_obj, TFE_CMSG_SRC_IP_TAGS_IDS_ARR, "client_ip_tags");
tfe_get_library_tags(log_msg->stream, common_obj, TFE_CMSG_DST_IP_TAGS_IDS_ARR, "server_ip_tags");
tfe_get_library_tags(log_msg->stream, common_obj, TFE_CMSG_FQDN_TAGS_IDS_ARR, "server_fqdn_tags");
tfe_get_library_tags(log_msg->stream, common_obj, TFE_CMSG_SRC_IP_TAGS_IDS_ARR, "source_ip_tags");
tfe_get_library_tags(log_msg->stream, common_obj, TFE_CMSG_DST_IP_TAGS_IDS_ARR, "destination_ip_tags");
tfe_get_library_tags(log_msg->stream, common_obj, TFE_CMSG_FQDN_TAGS_IDS_ARR, "destination_fqdn_tags");
if (http->req)
{
@@ -284,19 +284,19 @@ int proxy_send_log(struct proxy_logger* handle, const struct proxy_log* log_msg)
cJSON_AddNumberToObject(common_obj, "address_type", 4);
inet_ntop(AF_INET, &addr->tuple4_v4->saddr, src_ip_str, sizeof(src_ip_str));
inet_ntop(AF_INET, &addr->tuple4_v4->daddr, dst_ip_str, sizeof(dst_ip_str));
cJSON_AddStringToObject(common_obj, "client_ip", src_ip_str);
cJSON_AddStringToObject(common_obj, "server_ip", dst_ip_str);
cJSON_AddNumberToObject(common_obj, "client_port", ntohs(addr->tuple4_v4->source));
cJSON_AddNumberToObject(common_obj, "server_port", ntohs(addr->tuple4_v4->dest));
cJSON_AddStringToObject(common_obj, "source_ip", src_ip_str);
cJSON_AddStringToObject(common_obj, "destination_ip", dst_ip_str);
cJSON_AddNumberToObject(common_obj, "source_port", ntohs(addr->tuple4_v4->source));
cJSON_AddNumberToObject(common_obj, "destination_port", ntohs(addr->tuple4_v4->dest));
break;
case TFE_ADDR_STREAM_TUPLE4_V6:
cJSON_AddNumberToObject(common_obj, "address_type", 6);
inet_ntop(AF_INET6, &addr->tuple4_v6->saddr, src_ip_str, sizeof(src_ip_str));
inet_ntop(AF_INET6, &addr->tuple4_v6->daddr, dst_ip_str, sizeof(dst_ip_str));
cJSON_AddStringToObject(common_obj, "client_ip", src_ip_str);
cJSON_AddStringToObject(common_obj, "server_ip", dst_ip_str);
cJSON_AddNumberToObject(common_obj, "client_port", ntohs(addr->tuple4_v6->source));
cJSON_AddNumberToObject(common_obj, "server_port", ntohs(addr->tuple4_v6->dest));
cJSON_AddStringToObject(common_obj, "source_ip", src_ip_str);
cJSON_AddStringToObject(common_obj, "destination_ip", dst_ip_str);
cJSON_AddNumberToObject(common_obj, "source_port", ntohs(addr->tuple4_v6->source));
cJSON_AddNumberToObject(common_obj, "destination_port", ntohs(addr->tuple4_v6->dest));
break;
default:
break;

4
resource/pangu/doh.json
View File

@@ -12,7 +12,7 @@
"is_valid": "yes",
"and_conditions": [
{
"attribute_name": "ATTR_DOH_QNAME",
"filed_name": "DOH_QNAME",
"objects": [
{
"items": [
@@ -40,7 +40,7 @@
"is_valid": "yes",
"and_conditions": [
{
"attribute_name": "ATTR_DOH_QNAME",
"filed_name": "DOH_QNAME",
"objects": [
{
"items": [

18
resource/pangu/pangu_http.json
View File

@@ -12,7 +12,7 @@
"is_valid": "yes",
"and_conditions": [
{
"attribute_name": "ATTR_HTTP_URL",
"filed_name": "HTTP_URL",
"objects": [
{
"items": [
@@ -29,7 +29,7 @@
]
},
{
"attribute_name": "ATTR_APP_ID",
"filed_name": "APP_ID",
"negate_option": false,
"object_uuids": [
"00000201-0000-0000-0000-000000000000"
@@ -47,7 +47,7 @@
"is_valid": "yes",
"and_conditions": [
{
"attribute_name": "ATTR_SERVER_FQDN",
"filed_name": "SERVER_FQDN",
"objects": [
{
"items": [
@@ -75,7 +75,7 @@
"is_valid": "yes",
"and_conditions": [
{
"attribute_name": "ATTR_HTTP_REQ_HDR",
"filed_name": "HTTP_REQ_HDR",
"objects": [
{
"items": [
@@ -92,7 +92,7 @@
]
},
{
"attribute_name": "ATTR_HTTP_REQ_HDR",
"filed_name": "HTTP_REQ_HDR",
"objects": [
{
"items": [
@@ -120,7 +120,7 @@
"is_valid": "yes",
"and_conditions": [
{
"attribute_name": "ATTR_HTTP_URL",
"filed_name": "HTTP_URL",
"objects": [
{
"items": [
@@ -149,19 +149,19 @@
{
"table_name": "RESPONSE_PAGE",
"table_content": [
{"uuid":"00000101-0000-0000-0000-000000000000","profile_name":"404","format":"html","path":"./resource/pangu/policy_file/404.html","is_valid":1,"modified_time":"1716531859000000"}
{"uuid":"00000101-0000-0000-0000-000000000000","profile_name":"404","format":"html","path":"./resource/pangu/policy_file/404.html","is_valid":1}
]
},
{
"table_name": "PROXY_REPLACEMENT_FILE",
"table_content": [
{"uuid":"00000201-0000-0000-0000-000000000000","profile_name":"chakanqi","content_name":"chakanqi-947KB.exe","content_type":"application/x-msdos-program","path":"./resource/pangu/policy_file/chakanqi-947KB.exe","is_valid":1,"modified_time":"1716531859000000"}
{"uuid":"00000201-0000-0000-0000-000000000000","profile_name":"chakanqi","content_name":"chakanqi-947KB.exe","content_type":"application/x-msdos-program","path":"./resource/pangu/policy_file/chakanqi-947KB.exe","is_valid":1}
]
},
{
"table_name": "PROXY_JS_FILE",
"table_content": [
{"uuid":"00000301-0000-0000-0000-000000000000","profile_name":"time","format":"js","insert_on":"before_page_load","path":"./resource/pangu/policy_file/time.js","is_valid":1,"modified_time":"1716531859000000"}
{"uuid":"00000301-0000-0000-0000-000000000000","profile_name":"time","format":"js","insert_on":"before_page_load","path":"./resource/pangu/policy_file/time.js","is_valid":1}
]
},
{