From 5302adb66aa00f543a99133cdc81be0492d13e2c Mon Sep 17 00:00:00 2001 From: fengweihao Date: Thu, 3 Sep 2020 11:50:52 +0800 Subject: [PATCH] =?UTF-8?q?APP=5FID=E5=9F=9F=E8=A1=A8intval=E5=8C=B9?= =?UTF-8?q?=E9=85=8D=E6=A8=A1=E5=BC=8F=E4=BF=AE=E6=94=B9?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- plugin/business/doh/src/doh.cpp | 13 +++++---- plugin/business/pangu-http/src/pangu_http.cpp | 27 +++++++++---------- resource/pangu/table_info.conf | 2 +- 3 files changed, 19 insertions(+), 23 deletions(-) diff --git a/plugin/business/doh/src/doh.cpp b/plugin/business/doh/src/doh.cpp index 82f4131..7b7fd64 100644 --- a/plugin/business/doh/src/doh.cpp +++ b/plugin/business/doh/src/doh.cpp @@ -203,7 +203,7 @@ static void doh_maat_scan(const struct tfe_stream *stream, const struct tfe_http { int hit_cnt = 0; int scan_ret = 0; - const char *app_id = "doh."; + int app_id = 135; struct ipaddr sapp_addr; struct Maat_rule_t *p_result = NULL; struct Maat_rule_t result[MAX_SCAN_RESULT]; @@ -213,7 +213,7 @@ static void doh_maat_scan(const struct tfe_stream *stream, const struct tfe_http { hit_cnt += scan_ret; } - + scan_ret = tfe_scan_ip_location(stream, result, &(ctx->scan_mid), hit_cnt, ctx->thread_id, g_doh_conf->local_logger, ctx->addr_string, &(ctx->location_server), &(ctx->location_client)); if (scan_ret > 0) { @@ -262,17 +262,16 @@ static void doh_maat_scan(const struct tfe_stream *stream, const struct tfe_http } // scan appid - scan_ret = Maat_full_scan_string(g_doh_conf->maat, g_doh_conf->tables[TYPE_APPID].id, CHARSET_UTF8, - app_id, strlen(app_id), result + hit_cnt, NULL, MAX_SCAN_RESULT - hit_cnt, &(ctx->scan_mid), ctx->thread_id); + scan_ret=Maat_scan_intval(g_doh_conf->maat, g_doh_conf->tables[TYPE_APPID].id, app_id, result + hit_cnt, MAX_SCAN_RESULT - hit_cnt, &(ctx->scan_mid), ctx->thread_id); if (scan_ret > 0) { - TFE_LOG_INFO(g_doh_conf->local_logger, "Scan %s, Hit proto: %s scan ret: %d policy_id: %d service: %d action: %d addr: %s", + TFE_LOG_INFO(g_doh_conf->local_logger, "Scan %s, Hit proto: %d scan ret: %d policy_id: %d service: %d action: %d addr: %s", g_doh_conf->tables[TYPE_APPID].name, app_id, scan_ret, result[hit_cnt].config_id, result[hit_cnt].service_id, result[hit_cnt].action, ctx->addr_string); hit_cnt += scan_ret; } else { - TFE_LOG_INFO(g_doh_conf->local_logger, "Scan %s, NO hit proto: %s scan ret: %d addr: %s", + TFE_LOG_INFO(g_doh_conf->local_logger, "Scan %s, NO hit proto: %d scan ret: %d addr: %s", g_doh_conf->tables[TYPE_APPID].name, app_id, scan_ret, ctx->addr_string); } @@ -678,7 +677,7 @@ int doh_on_data(const struct tfe_stream *stream, const struct tfe_http_session * * may either be an explicit media type (e.g. ct=application/dns- * udpwireformat&dns=...) or it may be empty. An empty value indicates * the default application/dns-udpwireformat type (e.g. ct&dns=...). - * + * * NOTE: evhttp_parse_query_str() * support "ct=x&dns=xxx" * support "ct=&dns=xxx" diff --git a/plugin/business/pangu-http/src/pangu_http.cpp b/plugin/business/pangu-http/src/pangu_http.cpp index d6003dc..1dd8507 100644 --- a/plugin/business/pangu-http/src/pangu_http.cpp +++ b/plugin/business/pangu-http/src/pangu_http.cpp @@ -173,15 +173,15 @@ static void pangu_http_stat_init(struct pangu_rt * pangu_runtime) const char* spec[__PG_STAT_MAX]={0}; spec[STAT_SESSION]="http_sess"; spec[STAT_LOG_NUM]="log_num"; - spec[STAT_ACTION_MONIT]="intercept_monitor_conn_num"; - spec[STAT_ACTION_REJECT]="intercept_deny_conn_num"; - spec[STAT_ACTION_REDIRECT]="intercept_redirect_conn_num"; - spec[STAT_ACTION_REPLACE]="intercept_replace_conn_num"; - spec[STAT_ACTION_HIJACK]="intercept_hijack_conn_num"; - spec[STAT_ACTION_HIJACK_SZ]="hijack_bytes"; - spec[STAT_ACTION_INSERT]="intercept_insert_conn_num"; - spec[STAT_ACTION_INSERT_SZ]="insert_bytes"; - spec[STAT_ACTION_WHITELSIT]="intercept_allow_conn_num"; + spec[STAT_ACTION_MONIT]="intcp_mon_num"; + spec[STAT_ACTION_REJECT]="intcp_deny_num"; + spec[STAT_ACTION_REDIRECT]="intcp_rdirt_num"; + spec[STAT_ACTION_REPLACE]="intcp_repl_num"; + spec[STAT_ACTION_HIJACK]="intcp_hijk_num"; + spec[STAT_ACTION_HIJACK_SZ]="hijk_bytes"; + spec[STAT_ACTION_INSERT]="intcp_ins_num"; + spec[STAT_ACTION_INSERT_SZ]="ins_bytes"; + spec[STAT_ACTION_WHITELSIT]="intcp_allow_num"; spec[STAT_SUSPENDING]="suspending"; for(i=0;i<__PG_STAT_MAX;i++) @@ -2368,11 +2368,8 @@ void pangu_on_http_begin(const struct tfe_stream * stream, hit_cnt+=scan_ret; } - const char *app_id = "http."; - scan_ret = Maat_full_scan_string(g_pangu_rt->maat, g_pangu_rt->scan_table_id[PXY_CTRL_APP_ID], - CHARSET_UTF8, app_id, strlen(app_id), - result+hit_cnt, NULL, MAX_SCAN_RESULT-hit_cnt, - &(ctx->scan_mid), (int) thread_id); + int scan_val=106; + scan_ret=Maat_scan_intval(g_pangu_rt->maat, g_pangu_rt->scan_table_id[PXY_CTRL_APP_ID], scan_val, result+hit_cnt, MAX_SCAN_RESULT-hit_cnt, &(ctx->scan_mid), (int) thread_id); if(scan_ret>0) { hit_cnt+=scan_ret; @@ -2498,7 +2495,7 @@ void pangu_on_http_end(const struct tfe_stream * stream, ret=pangu_send_log(g_pangu_rt->send_logger, &log_msg); ATOMIC_ADD(&(g_pangu_rt->stat_val[STAT_LOG_NUM]), ret); } - if(ctx->rep_ctx && ctx->rep_ctx->actually_replaced==0) + if(ctx->rep_ctx && ctx->rep_ctx->actually_replaced==1) { ATOMIC_INC(&(g_pangu_rt->stat_val[STAT_ACTION_REPLACE])); } diff --git a/resource/pangu/table_info.conf b/resource/pangu/table_info.conf index 024c48d..90b70df 100644 --- a/resource/pangu/table_info.conf +++ b/resource/pangu/table_info.conf @@ -32,7 +32,7 @@ 12 TSG_FIELD_HTTP_REQ_CONTENT virtual TSG_OBJ_KEYWORDS -- 13 TSG_FIELD_HTTP_RES_CONTENT virtual TSG_OBJ_KEYWORDS -- 14 TSG_OBJ_SUBSCRIBER_ID expr UTF8 UTF8 yes 0 quickon -15 TSG_OBJ_APP_ID expr UTF8 UTF8 yes 0 +15 TSG_OBJ_APP_ID intval UTF8 UTF8 yes 0 16 TSG_SECURITY_SOURCE_ADDR virtual TSG_OBJ_IP_ADDR -- 17 TSG_SECURITY_DESTINATION_ADDR virtual TSG_OBJ_IP_ADDR -- 18 TSG_SECURITY_ADDR composition {"source":"TSG_SECURITY_SOURCE_ADDR","destination":"TSG_SECURITY_DESTINATION_ADDR"}