APP_ID域表intval匹配模式修改
This commit is contained in:
fengweihao
@@ -203,7 +203,7 @@ static void doh_maat_scan(const struct tfe_stream *stream, const struct tfe_http
|
|||||||
{
|
{
|
||||||
int hit_cnt = 0;
|
int hit_cnt = 0;
|
||||||
int scan_ret = 0;
|
int scan_ret = 0;
|
||||||
const char *app_id = "doh.";
|
int app_id = 135;
|
||||||
struct ipaddr sapp_addr;
|
struct ipaddr sapp_addr;
|
||||||
struct Maat_rule_t *p_result = NULL;
|
struct Maat_rule_t *p_result = NULL;
|
||||||
struct Maat_rule_t result[MAX_SCAN_RESULT];
|
struct Maat_rule_t result[MAX_SCAN_RESULT];
|
||||||
@@ -213,7 +213,7 @@ static void doh_maat_scan(const struct tfe_stream *stream, const struct tfe_http
|
|||||||
{
|
{
|
||||||
hit_cnt += scan_ret;
|
hit_cnt += scan_ret;
|
||||||
}
|
}
|
||||||
|
|
||||||
scan_ret = tfe_scan_ip_location(stream, result, &(ctx->scan_mid), hit_cnt, ctx->thread_id, g_doh_conf->local_logger, ctx->addr_string, &(ctx->location_server), &(ctx->location_client));
|
scan_ret = tfe_scan_ip_location(stream, result, &(ctx->scan_mid), hit_cnt, ctx->thread_id, g_doh_conf->local_logger, ctx->addr_string, &(ctx->location_server), &(ctx->location_client));
|
||||||
if (scan_ret > 0)
|
if (scan_ret > 0)
|
||||||
{
|
{
|
||||||
@@ -262,17 +262,16 @@ static void doh_maat_scan(const struct tfe_stream *stream, const struct tfe_http
|
|||||||
}
|
}
|
||||||
|
|
||||||
// scan appid
|
// scan appid
|
||||||
scan_ret = Maat_full_scan_string(g_doh_conf->maat, g_doh_conf->tables[TYPE_APPID].id, CHARSET_UTF8,
|
scan_ret=Maat_scan_intval(g_doh_conf->maat, g_doh_conf->tables[TYPE_APPID].id, app_id, result + hit_cnt, MAX_SCAN_RESULT - hit_cnt, &(ctx->scan_mid), ctx->thread_id);
|
||||||
app_id, strlen(app_id), result + hit_cnt, NULL, MAX_SCAN_RESULT - hit_cnt, &(ctx->scan_mid), ctx->thread_id);
|
|
||||||
if (scan_ret > 0)
|
if (scan_ret > 0)
|
||||||
{
|
{
|
||||||
TFE_LOG_INFO(g_doh_conf->local_logger, "Scan %s, Hit proto: %s scan ret: %d policy_id: %d service: %d action: %d addr: %s",
|
TFE_LOG_INFO(g_doh_conf->local_logger, "Scan %s, Hit proto: %d scan ret: %d policy_id: %d service: %d action: %d addr: %s",
|
||||||
g_doh_conf->tables[TYPE_APPID].name, app_id, scan_ret, result[hit_cnt].config_id, result[hit_cnt].service_id, result[hit_cnt].action, ctx->addr_string);
|
g_doh_conf->tables[TYPE_APPID].name, app_id, scan_ret, result[hit_cnt].config_id, result[hit_cnt].service_id, result[hit_cnt].action, ctx->addr_string);
|
||||||
hit_cnt += scan_ret;
|
hit_cnt += scan_ret;
|
||||||
}
|
}
|
||||||
else
|
else
|
||||||
{
|
{
|
||||||
TFE_LOG_INFO(g_doh_conf->local_logger, "Scan %s, NO hit proto: %s scan ret: %d addr: %s",
|
TFE_LOG_INFO(g_doh_conf->local_logger, "Scan %s, NO hit proto: %d scan ret: %d addr: %s",
|
||||||
g_doh_conf->tables[TYPE_APPID].name, app_id, scan_ret, ctx->addr_string);
|
g_doh_conf->tables[TYPE_APPID].name, app_id, scan_ret, ctx->addr_string);
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -678,7 +677,7 @@ int doh_on_data(const struct tfe_stream *stream, const struct tfe_http_session *
|
|||||||
* may either be an explicit media type (e.g. ct=application/dns-
|
* may either be an explicit media type (e.g. ct=application/dns-
|
||||||
* udpwireformat&dns=...) or it may be empty. An empty value indicates
|
* udpwireformat&dns=...) or it may be empty. An empty value indicates
|
||||||
* the default application/dns-udpwireformat type (e.g. ct&dns=...).
|
* the default application/dns-udpwireformat type (e.g. ct&dns=...).
|
||||||
*
|
*
|
||||||
* NOTE: evhttp_parse_query_str()
|
* NOTE: evhttp_parse_query_str()
|
||||||
* support "ct=x&dns=xxx"
|
* support "ct=x&dns=xxx"
|
||||||
* support "ct=&dns=xxx"
|
* support "ct=&dns=xxx"
|
||||||
|
|||||||
@@ -173,15 +173,15 @@ static void pangu_http_stat_init(struct pangu_rt * pangu_runtime)
|
|||||||
const char* spec[__PG_STAT_MAX]={0};
|
const char* spec[__PG_STAT_MAX]={0};
|
||||||
spec[STAT_SESSION]="http_sess";
|
spec[STAT_SESSION]="http_sess";
|
||||||
spec[STAT_LOG_NUM]="log_num";
|
spec[STAT_LOG_NUM]="log_num";
|
||||||
spec[STAT_ACTION_MONIT]="intercept_monitor_conn_num";
|
spec[STAT_ACTION_MONIT]="intcp_mon_num";
|
||||||
spec[STAT_ACTION_REJECT]="intercept_deny_conn_num";
|
spec[STAT_ACTION_REJECT]="intcp_deny_num";
|
||||||
spec[STAT_ACTION_REDIRECT]="intercept_redirect_conn_num";
|
spec[STAT_ACTION_REDIRECT]="intcp_rdirt_num";
|
||||||
spec[STAT_ACTION_REPLACE]="intercept_replace_conn_num";
|
spec[STAT_ACTION_REPLACE]="intcp_repl_num";
|
||||||
spec[STAT_ACTION_HIJACK]="intercept_hijack_conn_num";
|
spec[STAT_ACTION_HIJACK]="intcp_hijk_num";
|
||||||
spec[STAT_ACTION_HIJACK_SZ]="hijack_bytes";
|
spec[STAT_ACTION_HIJACK_SZ]="hijk_bytes";
|
||||||
spec[STAT_ACTION_INSERT]="intercept_insert_conn_num";
|
spec[STAT_ACTION_INSERT]="intcp_ins_num";
|
||||||
spec[STAT_ACTION_INSERT_SZ]="insert_bytes";
|
spec[STAT_ACTION_INSERT_SZ]="ins_bytes";
|
||||||
spec[STAT_ACTION_WHITELSIT]="intercept_allow_conn_num";
|
spec[STAT_ACTION_WHITELSIT]="intcp_allow_num";
|
||||||
spec[STAT_SUSPENDING]="suspending";
|
spec[STAT_SUSPENDING]="suspending";
|
||||||
|
|
||||||
for(i=0;i<__PG_STAT_MAX;i++)
|
for(i=0;i<__PG_STAT_MAX;i++)
|
||||||
@@ -2368,11 +2368,8 @@ void pangu_on_http_begin(const struct tfe_stream * stream,
|
|||||||
hit_cnt+=scan_ret;
|
hit_cnt+=scan_ret;
|
||||||
}
|
}
|
||||||
|
|
||||||
const char *app_id = "http.";
|
int scan_val=106;
|
||||||
scan_ret = Maat_full_scan_string(g_pangu_rt->maat, g_pangu_rt->scan_table_id[PXY_CTRL_APP_ID],
|
scan_ret=Maat_scan_intval(g_pangu_rt->maat, g_pangu_rt->scan_table_id[PXY_CTRL_APP_ID], scan_val, result+hit_cnt, MAX_SCAN_RESULT-hit_cnt, &(ctx->scan_mid), (int) thread_id);
|
||||||
CHARSET_UTF8, app_id, strlen(app_id),
|
|
||||||
result+hit_cnt, NULL, MAX_SCAN_RESULT-hit_cnt,
|
|
||||||
&(ctx->scan_mid), (int) thread_id);
|
|
||||||
if(scan_ret>0)
|
if(scan_ret>0)
|
||||||
{
|
{
|
||||||
hit_cnt+=scan_ret;
|
hit_cnt+=scan_ret;
|
||||||
@@ -2498,7 +2495,7 @@ void pangu_on_http_end(const struct tfe_stream * stream,
|
|||||||
ret=pangu_send_log(g_pangu_rt->send_logger, &log_msg);
|
ret=pangu_send_log(g_pangu_rt->send_logger, &log_msg);
|
||||||
ATOMIC_ADD(&(g_pangu_rt->stat_val[STAT_LOG_NUM]), ret);
|
ATOMIC_ADD(&(g_pangu_rt->stat_val[STAT_LOG_NUM]), ret);
|
||||||
}
|
}
|
||||||
if(ctx->rep_ctx && ctx->rep_ctx->actually_replaced==0)
|
if(ctx->rep_ctx && ctx->rep_ctx->actually_replaced==1)
|
||||||
{
|
{
|
||||||
ATOMIC_INC(&(g_pangu_rt->stat_val[STAT_ACTION_REPLACE]));
|
ATOMIC_INC(&(g_pangu_rt->stat_val[STAT_ACTION_REPLACE]));
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -32,7 +32,7 @@
|
|||||||
12 TSG_FIELD_HTTP_REQ_CONTENT virtual TSG_OBJ_KEYWORDS --
|
12 TSG_FIELD_HTTP_REQ_CONTENT virtual TSG_OBJ_KEYWORDS --
|
||||||
13 TSG_FIELD_HTTP_RES_CONTENT virtual TSG_OBJ_KEYWORDS --
|
13 TSG_FIELD_HTTP_RES_CONTENT virtual TSG_OBJ_KEYWORDS --
|
||||||
14 TSG_OBJ_SUBSCRIBER_ID expr UTF8 UTF8 yes 0 quickon
|
14 TSG_OBJ_SUBSCRIBER_ID expr UTF8 UTF8 yes 0 quickon
|
||||||
15 TSG_OBJ_APP_ID expr UTF8 UTF8 yes 0
|
15 TSG_OBJ_APP_ID intval UTF8 UTF8 yes 0
|
||||||
16 TSG_SECURITY_SOURCE_ADDR virtual TSG_OBJ_IP_ADDR --
|
16 TSG_SECURITY_SOURCE_ADDR virtual TSG_OBJ_IP_ADDR --
|
||||||
17 TSG_SECURITY_DESTINATION_ADDR virtual TSG_OBJ_IP_ADDR --
|
17 TSG_SECURITY_DESTINATION_ADDR virtual TSG_OBJ_IP_ADDR --
|
||||||
18 TSG_SECURITY_ADDR composition {"source":"TSG_SECURITY_SOURCE_ADDR","destination":"TSG_SECURITY_DESTINATION_ADDR"}
|
18 TSG_SECURITY_ADDR composition {"source":"TSG_SECURITY_SOURCE_ADDR","destination":"TSG_SECURITY_DESTINATION_ADDR"}
|
||||||
|
|||||||
Reference in New Issue
Block a user