diff --git a/common/include/tfe_kafka_logger.h b/common/include/tfe_kafka_logger.h index 316dfe4..de182ba 100644 --- a/common/include/tfe_kafka_logger.h +++ b/common/include/tfe_kafka_logger.h @@ -12,7 +12,7 @@ extern "C" typedef struct tfe_kafka_logger_s { int enable; - int vsys_id; + int t_vsys_id; unsigned int local_ip_num; char local_ip_str[TFE_SYMBOL_MAX]; diff --git a/common/src/tfe_resource.cpp b/common/src/tfe_resource.cpp index 49241b8..c6dcd55 100644 --- a/common/src/tfe_resource.cpp +++ b/common/src/tfe_resource.cpp @@ -183,7 +183,7 @@ static tfe_kafka_logger_t *create_kafka_logger(const char *profile, const char * TFE_LOG_ERROR(logger, "tfe kafka init failed, error to create kafka logger."); return NULL; } - kafka_logger->vsys_id=vsystem_id; + kafka_logger->t_vsys_id=vsystem_id; TFE_LOG_INFO(logger, "tfe kafka logger : %s", enable ? "ENABLE" : "DISABLE"); TFE_LOG_INFO(logger, "tfe kafka vsystem id : %d", vsystem_id); diff --git a/platform/src/ssl_fetch_cert.cpp b/platform/src/ssl_fetch_cert.cpp index 1d5d5c2..2851758 100644 --- a/platform/src/ssl_fetch_cert.cpp +++ b/platform/src/ssl_fetch_cert.cpp @@ -69,7 +69,7 @@ skip: g_kafka_logger = tfe_kafka_logger_create(enable, nic_name, broker_list, topic_name, sasl_username, sasl_passwd, g_default_logger); if (g_kafka_logger) { - g_kafka_logger->vsys_id=vsystem_id; + g_kafka_logger->t_vsys_id=vsystem_id; return 0; } else @@ -91,7 +91,7 @@ static void ssl_mid_cert_kafka_logger_send(const char *sni, const char *fingerpr obj = cJSON_CreateObject(); cJSON_AddStringToObject(obj, "sni", sni); cJSON_AddStringToObject(obj, "fingerprint", fingerprint); - cJSON_AddNumberToObject(obj, "vsys_id", g_kafka_logger->vsys_id); + cJSON_AddNumberToObject(obj, "t_vsys_id", g_kafka_logger->t_vsys_id); cJSON_AddStringToObject(obj, "cert", cert); cJSON_AddStringToObject(obj, "tfe_ip", g_kafka_logger->local_ip_str); dup = cJSON_Duplicate(obj, 1); diff --git a/plugin/business/doh/src/doh.cpp b/plugin/business/doh/src/doh.cpp index 59cf502..8c2b1a0 100644 --- a/plugin/business/doh/src/doh.cpp +++ b/plugin/business/doh/src/doh.cpp @@ -74,10 +74,15 @@ static int doh_get_answer_ttl(cJSON *object) return (rand() % (max - min + 1) + min); } -static cJSON *doh_get_answer_records(cJSON *object, int qtype) +static cJSON *doh_get_answer_records(struct doh_ctx *ctx, cJSON *object, int qtype) { int i = 0; + cJSON *vsys_id=cJSON_GetObjectItem(object, "vsys_id"); + if(vsys_id && vsys_id->type==cJSON_Number) + { + ctx->vsys_id = vsys_id->valueint; + } cJSON *resolution = cJSON_GetObjectItem(object, "resolution"); int size = cJSON_GetArraySize(resolution); for (i = 0; i < size; i++) @@ -114,7 +119,7 @@ static void doh_get_cheat_data(Maat_rule_t *p_result, int qtype, struct doh_ctx goto end; } - answer_array = doh_get_answer_records(object, qtype); + answer_array = doh_get_answer_records(ctx, object, qtype); if (answer_array != NULL) { answer_size = cJSON_GetArraySize(answer_array); diff --git a/plugin/business/doh/src/logger.cpp b/plugin/business/doh/src/logger.cpp index f0632ed..1c65288 100644 --- a/plugin/business/doh/src/logger.cpp +++ b/plugin/business/doh/src/logger.cpp @@ -400,7 +400,8 @@ int doh_send_log(struct doh_conf *handle, const struct tfe_http_session *http, c cJSON_AddNumberToObject(common_obj, "common_link_id", 0); cJSON_AddNumberToObject(common_obj, "common_stream_dir", 3); //1:c2s, 2:s2c, 3:double cJSON_AddStringToObject(common_obj, "common_sled_ip", handle->kafka_logger->local_ip_str); - cJSON_AddNumberToObject(common_obj, "common_vsys_id", handle->kafka_logger->vsys_id); + cJSON_AddNumberToObject(common_obj, "common_t_vsys_id", handle->kafka_logger->t_vsys_id); + cJSON_AddNumberToObject(common_obj, "common_vsys_id", ctx->vsys_id); cJSON_AddNumberToObject(common_obj, "common_entrance_id", handle->entry_id); cJSON_AddStringToObject(common_obj, "common_device_id", handle->device_id); cJSON_AddNumberToObject(common_obj, "common_c2s_byte_num", c2s_byte_num); diff --git a/plugin/business/doh/src/pub.h b/plugin/business/doh/src/pub.h index 18f706f..82b9ec2 100644 --- a/plugin/business/doh/src/pub.h +++ b/plugin/business/doh/src/pub.h @@ -80,6 +80,7 @@ struct doh_ctx int magic_num; int manipulate; int opts_num; + int vsys_id; size_t result_num; Maat_rule_t *result; cheat_pkt_opt_t *opts; diff --git a/plugin/business/tsg-http/include/tsg_proxy_logger.h b/plugin/business/tsg-http/include/tsg_proxy_logger.h index 182485b..7903bb7 100644 --- a/plugin/business/tsg-http/include/tsg_proxy_logger.h +++ b/plugin/business/tsg-http/include/tsg_proxy_logger.h @@ -17,6 +17,7 @@ struct proxy_log char *asn_server; char *location_client; char *location_server; + int vsys_id; }; struct proxy_logger; struct proxy_logger* proxy_log_handle_create(const char* profile, const char* section, void* local_logger); diff --git a/plugin/business/tsg-http/src/tsg_http.cpp b/plugin/business/tsg-http/src/tsg_http.cpp index 97f2d1d..7856462 100644 --- a/plugin/business/tsg-http/src/tsg_http.cpp +++ b/plugin/business/tsg-http/src/tsg_http.cpp @@ -57,6 +57,8 @@ enum manipulate_action MA_ACTION_INSERT, MA_ACTION_ELEMENT, MA_ACTION_LUA_SCRIPT, + MA_ACTION_ALLOW, + MA_ACTION_MONITOR, __MA_ACTION_MAX }; @@ -125,6 +127,7 @@ struct policy_action_param char *position; float enforcement_ratio; + int vsys_id; int profile_id; int status_code; @@ -326,6 +329,8 @@ static enum manipulate_action manipulate_action_str2idx(const char *action_str) clue_action_map[MA_ACTION_INSERT]= "insert"; clue_action_map[MA_ACTION_ELEMENT] = "edit_element"; clue_action_map[MA_ACTION_LUA_SCRIPT] = "run_script"; + clue_action_map[MA_ACTION_ALLOW] = "allow"; + clue_action_map[MA_ACTION_MONITOR] = "monitor"; size_t i = 0; @@ -419,7 +424,20 @@ void policy_action_param_new(int idx, const struct Maat_rule_t* rule, const char switch(param->action) { + case MA_ACTION_ALLOW: + case MA_ACTION_MONITOR: + item=cJSON_GetObjectItem(json,"vsys_id"); + if(item && item->type==cJSON_Number) + { + param->vsys_id= item->valueint; + } + break; case MA_ACTION_REDIRECT: + item=cJSON_GetObjectItem(json,"vsys_id"); + if(item && item->type==cJSON_Number) + { + param->vsys_id= item->valueint; + } item=cJSON_GetObjectItem(json,"code"); if(item && item->type==cJSON_Number) { @@ -441,6 +459,11 @@ void policy_action_param_new(int idx, const struct Maat_rule_t* rule, const char } break; case MA_ACTION_BLOCK: + item=cJSON_GetObjectItem(json,"vsys_id"); + if(item && item->type==cJSON_Number) + { + param->vsys_id= item->valueint; + } item=cJSON_GetObjectItem(json,"code"); if(item && item->type==cJSON_Number) { @@ -458,6 +481,11 @@ void policy_action_param_new(int idx, const struct Maat_rule_t* rule, const char } break; case MA_ACTION_REPLACE: + item=cJSON_GetObjectItem(json,"vsys_id"); + if(item && item->type==cJSON_Number) + { + param->vsys_id= item->valueint; + } item=cJSON_GetObjectItem(json,"enforcement_ratio"); if(item && item->type==cJSON_Number) { @@ -493,6 +521,11 @@ void policy_action_param_new(int idx, const struct Maat_rule_t* rule, const char param->n_rule = rule_id; break; case MA_ACTION_HIJACK: + item=cJSON_GetObjectItem(json,"vsys_id"); + if(item && item->type==cJSON_Number) + { + param->vsys_id= item->valueint; + } item=cJSON_GetObjectItem(json,"hijack_profile"); if(item && item->type==cJSON_Number){ param->profile_id = item->valueint; @@ -508,6 +541,11 @@ void policy_action_param_new(int idx, const struct Maat_rule_t* rule, const char } break; case MA_ACTION_INSERT: + item=cJSON_GetObjectItem(json,"vsys_id"); + if(item && item->type==cJSON_Number) + { + param->vsys_id= item->valueint; + } item=cJSON_GetObjectItem(json,"insert_profile"); if(item && item->type==cJSON_Number){ param->profile_id = item->valueint; @@ -527,6 +565,11 @@ void policy_action_param_new(int idx, const struct Maat_rule_t* rule, const char } break; case MA_ACTION_ELEMENT: + item=cJSON_GetObjectItem(json,"vsys_id"); + if(item && item->type==cJSON_Number) + { + param->vsys_id= item->valueint; + } rules = cJSON_GetObjectItem(json, "rules"); if(rules == NULL) { @@ -565,6 +608,11 @@ void policy_action_param_new(int idx, const struct Maat_rule_t* rule, const char param->e_rule = rule_id; break; case MA_ACTION_LUA_SCRIPT: + item=cJSON_GetObjectItem(json,"vsys_id"); + if(item && item->type==cJSON_Number) + { + param->vsys_id= item->valueint; + } item=cJSON_GetObjectItem(json,"run_script_profile"); if(item && item->type==cJSON_Number){ param->profile_id = item->valueint; @@ -3114,7 +3162,7 @@ void proxy_on_http_end(const struct tfe_stream * stream, struct proxy_log log_msg = {.stream=stream, .http=session, .result=ctx->enforce_rules, .result_num=ctx->n_enforce, .req_body=ctx->log_req_body, .resp_body=ctx->log_resp_body, .action=0, .inject_sz=ctx->inject_sz, .asn_client=ctx->ip_ctx.asn_client, .asn_server=ctx->ip_ctx.asn_server, .location_client=ctx->ip_ctx.location_client, - .location_server=ctx->ip_ctx.location_server}; + .location_server=ctx->ip_ctx.location_server, .vsys_id=ctx->param->vsys_id}; if(ctx->action == PX_ACTION_MANIPULATE) { diff --git a/plugin/business/tsg-http/src/tsg_logger.cpp b/plugin/business/tsg-http/src/tsg_logger.cpp index 3564b95..b0d7a6f 100644 --- a/plugin/business/tsg-http/src/tsg_logger.cpp +++ b/plugin/business/tsg-http/src/tsg_logger.cpp @@ -224,7 +224,8 @@ int proxy_send_log(struct proxy_logger* handle, const struct proxy_log* log_msg) cJSON_AddNumberToObject(common_obj, "common_link_id", 0); cJSON_AddNumberToObject(common_obj, "common_stream_dir", 3); //1:c2s, 2:s2c, 3:double cJSON_AddStringToObject(common_obj, "common_sled_ip", handle->kafka_logger->local_ip_str); - cJSON_AddNumberToObject(common_obj, "common_vsys_id", handle->kafka_logger->vsys_id); + cJSON_AddNumberToObject(common_obj, "common_t_vsys_id", handle->kafka_logger->t_vsys_id); + cJSON_AddNumberToObject(common_obj, "common_vsys_id", log_msg->vsys_id); cJSON_AddNumberToObject(common_obj, "common_entrance_id", handle->entry_id); cJSON_AddStringToObject(common_obj, "common_device_id", handle->device_id); cJSON_AddNumberToObject(common_obj, "common_c2s_byte_num", c2s_byte_num);