TSG-12300 代理日志增加Traffic Vsys id字段

2022-10-26 14:30:45 +08:00
parent 87adce7cbf
commit 6e4fc2a978
9 changed files with 66 additions and 9 deletions
--- a/common/include/tfe_kafka_logger.h
+++ b/common/include/tfe_kafka_logger.h
@@ -12,7 +12,7 @@ extern "C"
    typedef struct tfe_kafka_logger_s
    {
        int enable;
-        int vsys_id;
+        int t_vsys_id;

        unsigned int local_ip_num;
        char local_ip_str[TFE_SYMBOL_MAX];
--- a/common/src/tfe_resource.cpp
+++ b/common/src/tfe_resource.cpp
@@ -183,7 +183,7 @@ static tfe_kafka_logger_t *create_kafka_logger(const char *profile, const char *
        TFE_LOG_ERROR(logger, "tfe kafka init failed, error to create kafka logger.");
        return NULL;
    }
-	kafka_logger->vsys_id=vsystem_id;
+	kafka_logger->t_vsys_id=vsystem_id;

    TFE_LOG_INFO(logger, "tfe kafka logger     : %s", enable ? "ENABLE" : "DISABLE");
 	TFE_LOG_INFO(logger, "tfe kafka vsystem id : %d", vsystem_id);
--- a/platform/src/ssl_fetch_cert.cpp
+++ b/platform/src/ssl_fetch_cert.cpp
@@ -69,7 +69,7 @@ skip:
 	g_kafka_logger = tfe_kafka_logger_create(enable, nic_name, broker_list, topic_name, sasl_username, sasl_passwd, g_default_logger);
 	if (g_kafka_logger)
 	{
-		g_kafka_logger->vsys_id=vsystem_id;
+		g_kafka_logger->t_vsys_id=vsystem_id;
 		return 0;
 	}
 	else
@@ -91,7 +91,7 @@ static void ssl_mid_cert_kafka_logger_send(const char *sni, const char *fingerpr
 	obj = cJSON_CreateObject();
 	cJSON_AddStringToObject(obj, "sni", sni);
 	cJSON_AddStringToObject(obj, "fingerprint", fingerprint);
-	cJSON_AddNumberToObject(obj, "vsys_id", g_kafka_logger->vsys_id);
+	cJSON_AddNumberToObject(obj, "t_vsys_id", g_kafka_logger->t_vsys_id);
 	cJSON_AddStringToObject(obj, "cert", cert);
 	cJSON_AddStringToObject(obj, "tfe_ip", g_kafka_logger->local_ip_str);
 	dup = cJSON_Duplicate(obj, 1);
--- a/plugin/business/doh/src/doh.cpp
+++ b/plugin/business/doh/src/doh.cpp
@@ -74,10 +74,15 @@ static int doh_get_answer_ttl(cJSON *object)
 	return (rand() % (max - min + 1) + min);
 }

-static cJSON *doh_get_answer_records(cJSON *object, int qtype)
+static cJSON *doh_get_answer_records(struct doh_ctx *ctx, cJSON *object, int qtype)
 {
 	int i = 0;

+	cJSON *vsys_id=cJSON_GetObjectItem(object, "vsys_id");
+	if(vsys_id && vsys_id->type==cJSON_Number)
+	{
+		ctx->vsys_id = vsys_id->valueint;
+	}
 	cJSON *resolution = cJSON_GetObjectItem(object, "resolution");
 	int size = cJSON_GetArraySize(resolution);
 	for (i = 0; i < size; i++)
@@ -114,7 +119,7 @@ static void doh_get_cheat_data(Maat_rule_t *p_result, int qtype, struct doh_ctx
 		goto end;
 	}

-	answer_array = doh_get_answer_records(object, qtype);
+	answer_array = doh_get_answer_records(ctx, object, qtype);
 	if (answer_array != NULL)
 	{
 		answer_size = cJSON_GetArraySize(answer_array);
--- a/plugin/business/doh/src/logger.cpp
+++ b/plugin/business/doh/src/logger.cpp
@@ -400,7 +400,8 @@ int doh_send_log(struct doh_conf *handle, const struct tfe_http_session *http, c
    cJSON_AddNumberToObject(common_obj, "common_link_id", 0);
    cJSON_AddNumberToObject(common_obj, "common_stream_dir", 3); //1:c2s, 2:s2c, 3:double
    cJSON_AddStringToObject(common_obj, "common_sled_ip", handle->kafka_logger->local_ip_str);
-	cJSON_AddNumberToObject(common_obj, "common_vsys_id", handle->kafka_logger->vsys_id);
+	cJSON_AddNumberToObject(common_obj, "common_t_vsys_id", handle->kafka_logger->t_vsys_id);
+	cJSON_AddNumberToObject(common_obj, "common_vsys_id", ctx->vsys_id);
    cJSON_AddNumberToObject(common_obj, "common_entrance_id", handle->entry_id);
    cJSON_AddStringToObject(common_obj, "common_device_id", handle->device_id);
    cJSON_AddNumberToObject(common_obj, "common_c2s_byte_num", c2s_byte_num);
--- a/plugin/business/doh/src/pub.h
+++ b/plugin/business/doh/src/pub.h
@@ -80,6 +80,7 @@ struct doh_ctx
 	int magic_num;
 	int manipulate;
 	int opts_num;
+    int vsys_id;
 	size_t result_num;
 	Maat_rule_t *result;
 	cheat_pkt_opt_t *opts;
--- a/plugin/business/tsg-http/include/tsg_proxy_logger.h
+++ b/plugin/business/tsg-http/include/tsg_proxy_logger.h
@@ -17,6 +17,7 @@ struct proxy_log
    char *asn_server;
    char *location_client;
    char *location_server;
+    int vsys_id;
 };
 struct proxy_logger;
 struct proxy_logger*  proxy_log_handle_create(const char* profile, const char* section, void* local_logger);
--- a/plugin/business/tsg-http/src/tsg_http.cpp
+++ b/plugin/business/tsg-http/src/tsg_http.cpp
@@ -57,6 +57,8 @@ enum manipulate_action
 	MA_ACTION_INSERT,
 	MA_ACTION_ELEMENT,
 	MA_ACTION_LUA_SCRIPT,
+	MA_ACTION_ALLOW,
+	MA_ACTION_MONITOR,
 	__MA_ACTION_MAX
 };

@@ -125,6 +127,7 @@ struct policy_action_param
 	char *position;

 	float enforcement_ratio;
+	int vsys_id;
 	int profile_id;
 	int status_code;

@@ -326,6 +329,8 @@ static enum manipulate_action manipulate_action_str2idx(const char *action_str)
 	clue_action_map[MA_ACTION_INSERT]= "insert";
 	clue_action_map[MA_ACTION_ELEMENT] = "edit_element";
 	clue_action_map[MA_ACTION_LUA_SCRIPT] = "run_script";
+	clue_action_map[MA_ACTION_ALLOW] = "allow";
+	clue_action_map[MA_ACTION_MONITOR] = "monitor";

 	size_t i = 0;

@@ -419,7 +424,20 @@ void policy_action_param_new(int idx, const struct Maat_rule_t* rule, const char

 	switch(param->action)
 	{
+		case MA_ACTION_ALLOW:
+		case MA_ACTION_MONITOR:
+			item=cJSON_GetObjectItem(json,"vsys_id");
+			if(item && item->type==cJSON_Number)
+			{
+				param->vsys_id= item->valueint;
+			}
+			break;
 		case MA_ACTION_REDIRECT:
+			item=cJSON_GetObjectItem(json,"vsys_id");
+			if(item && item->type==cJSON_Number)
+			{
+				param->vsys_id= item->valueint;
+			}
 			item=cJSON_GetObjectItem(json,"code");
 			if(item && item->type==cJSON_Number)
 			{
@@ -441,6 +459,11 @@ void policy_action_param_new(int idx, const struct Maat_rule_t* rule, const char
 			}
 			break;
 		case MA_ACTION_BLOCK:
+			item=cJSON_GetObjectItem(json,"vsys_id");
+			if(item && item->type==cJSON_Number)
+			{
+				param->vsys_id= item->valueint;
+			}
 			item=cJSON_GetObjectItem(json,"code");
 			if(item && item->type==cJSON_Number)
 			{
@@ -458,6 +481,11 @@ void policy_action_param_new(int idx, const struct Maat_rule_t* rule, const char
 			}
 			break;
 		case MA_ACTION_REPLACE:
+			item=cJSON_GetObjectItem(json,"vsys_id");
+			if(item && item->type==cJSON_Number)
+			{
+				param->vsys_id= item->valueint;
+			}
 			item=cJSON_GetObjectItem(json,"enforcement_ratio");
 			if(item && item->type==cJSON_Number)
 			{
@@ -493,6 +521,11 @@ void policy_action_param_new(int idx, const struct Maat_rule_t* rule, const char
 			param->n_rule = rule_id;
 			break;
 		case MA_ACTION_HIJACK:
+			item=cJSON_GetObjectItem(json,"vsys_id");
+			if(item && item->type==cJSON_Number)
+			{
+				param->vsys_id= item->valueint;
+			}
 			item=cJSON_GetObjectItem(json,"hijack_profile");
 			if(item && item->type==cJSON_Number){
 				param->profile_id = item->valueint;
@@ -508,6 +541,11 @@ void policy_action_param_new(int idx, const struct Maat_rule_t* rule, const char
 			}
 			break;
 		case MA_ACTION_INSERT:
+			item=cJSON_GetObjectItem(json,"vsys_id");
+			if(item && item->type==cJSON_Number)
+			{
+				param->vsys_id= item->valueint;
+			}
 			item=cJSON_GetObjectItem(json,"insert_profile");
 			if(item && item->type==cJSON_Number){
 				param->profile_id = item->valueint;
@@ -527,6 +565,11 @@ void policy_action_param_new(int idx, const struct Maat_rule_t* rule, const char
 			}
 			break;
 		case MA_ACTION_ELEMENT:
+			item=cJSON_GetObjectItem(json,"vsys_id");
+			if(item && item->type==cJSON_Number)
+			{
+				param->vsys_id= item->valueint;
+			}
 			rules = cJSON_GetObjectItem(json, "rules");
 			if(rules == NULL)
 			{
@@ -565,6 +608,11 @@ void policy_action_param_new(int idx, const struct Maat_rule_t* rule, const char
 			param->e_rule = rule_id;
 			break;
 		case MA_ACTION_LUA_SCRIPT:
+			item=cJSON_GetObjectItem(json,"vsys_id");
+			if(item && item->type==cJSON_Number)
+			{
+				param->vsys_id= item->valueint;
+			}
 			item=cJSON_GetObjectItem(json,"run_script_profile");
 			if(item && item->type==cJSON_Number){
 				param->profile_id = item->valueint;
@@ -3114,7 +3162,7 @@ void proxy_on_http_end(const struct tfe_stream * stream,
 	struct proxy_log log_msg =  {.stream=stream, .http=session, .result=ctx->enforce_rules, .result_num=ctx->n_enforce,
 								.req_body=ctx->log_req_body, .resp_body=ctx->log_resp_body, .action=0, .inject_sz=ctx->inject_sz,
 								.asn_client=ctx->ip_ctx.asn_client, .asn_server=ctx->ip_ctx.asn_server, .location_client=ctx->ip_ctx.location_client,
-								.location_server=ctx->ip_ctx.location_server};
+								.location_server=ctx->ip_ctx.location_server, .vsys_id=ctx->param->vsys_id};

 	if(ctx->action == PX_ACTION_MANIPULATE)
 	{
--- a/plugin/business/tsg-http/src/tsg_logger.cpp
+++ b/plugin/business/tsg-http/src/tsg_logger.cpp
@@ -224,7 +224,8 @@ int proxy_send_log(struct proxy_logger* handle, const struct proxy_log* log_msg)
 	cJSON_AddNumberToObject(common_obj, "common_link_id", 0);
 	cJSON_AddNumberToObject(common_obj, "common_stream_dir", 3);	//1:c2s, 2:s2c, 3:double
 	cJSON_AddStringToObject(common_obj, "common_sled_ip", handle->kafka_logger->local_ip_str);
-	cJSON_AddNumberToObject(common_obj, "common_vsys_id", handle->kafka_logger->vsys_id);
+	cJSON_AddNumberToObject(common_obj, "common_t_vsys_id", handle->kafka_logger->t_vsys_id);
+	cJSON_AddNumberToObject(common_obj, "common_vsys_id", log_msg->vsys_id);
 	cJSON_AddNumberToObject(common_obj, "common_entrance_id", handle->entry_id);
 	cJSON_AddStringToObject(common_obj, "common_device_id", handle->device_id);
 	cJSON_AddNumberToObject(common_obj, "common_c2s_byte_num", c2s_byte_num);