TSG-304 tfe日志中增加common_sub_action字段
1)更新配置文件tfe.conf,kni域 2)更新table_info关键字表名
This commit is contained in:
fengweihao
@@ -4,10 +4,10 @@ enable_kni_v1=0
|
||||
enable_kni_v2=1
|
||||
|
||||
[kni]
|
||||
uxdomain=/home/server_unixsocket_file
|
||||
ip=127.0.0.1
|
||||
scm_port=8888
|
||||
send_switch=1
|
||||
ip=192.168.100.1
|
||||
cmsg_port=2475
|
||||
watchdog_switch=1
|
||||
watchdog_port=2476
|
||||
|
||||
[ssl]
|
||||
ssl_max_version=tls13
|
||||
|
||||
@@ -2462,7 +2462,12 @@ void pangu_on_http_end(const struct tfe_stream * stream,
|
||||
}
|
||||
}
|
||||
struct pangu_log log_msg = {.stream=stream, .http=session, .result=ctx->enforce_rules, .result_num=ctx->n_enforce,
|
||||
.req_body= ctx->log_req_body, .resp_body=ctx->log_resp_body};
|
||||
.req_body= ctx->log_req_body, .resp_body=ctx->log_resp_body, .action=5};
|
||||
|
||||
if(ctx->action == PG_ACTION_MANIPULATE)
|
||||
{
|
||||
log_msg.action = ctx->param->action;
|
||||
}
|
||||
|
||||
if ((ctx->action != PG_ACTION_NONE&&
|
||||
!(ctx_actually_replaced(ctx))) ||
|
||||
|
||||
@@ -191,6 +191,8 @@ int pangu_send_log(struct pangu_logger* handle, const struct pangu_log* log_msg)
|
||||
|
||||
const char *app_proto[]= {"unkonw","http1", "http2"};
|
||||
|
||||
const char *clue_action_map[]= {"redirect","block","replace","hijack","insert"};
|
||||
|
||||
struct json_spec req_fields[]={ {"http_cookie", TFE_HTTP_COOKIE},
|
||||
{"http_referer", TFE_HTTP_REFERER},
|
||||
{"http_user_agent", TFE_HTTP_USER_AGENT} };
|
||||
@@ -347,6 +349,10 @@ int pangu_send_log(struct pangu_logger* handle, const struct pangu_log* log_msg)
|
||||
cJSON_AddNumberToObject(per_hit_obj, "common_policy_id", log_msg->result[i].config_id);
|
||||
cJSON_AddNumberToObject(per_hit_obj, "common_service", log_msg->result[i].service_id);
|
||||
cJSON_AddNumberToObject(per_hit_obj, "common_action", (unsigned char)log_msg->result[i].action);
|
||||
if(log_msg->action<5)
|
||||
{
|
||||
cJSON_AddStringToObject(per_hit_obj, "common_sub_action", clue_action_map[log_msg->action]);
|
||||
}
|
||||
log_payload = cJSON_PrintUnformatted(per_hit_obj);
|
||||
|
||||
TFE_LOG_DEBUG(handle->local_logger, "%s", log_payload);
|
||||
|
||||
@@ -11,6 +11,7 @@ struct pangu_log
|
||||
const Maat_rule_t*result;
|
||||
size_t result_num;
|
||||
struct evbuffer* req_body, *resp_body;
|
||||
unsigned char action;
|
||||
};
|
||||
struct pangu_logger;
|
||||
struct pangu_logger* pangu_log_handle_create(const char* profile, const char* section, void* local_logger);
|
||||
|
||||
@@ -26,9 +26,9 @@
|
||||
7 TSG_OBJ_HTTP_SIGNATURE expr_plus UTF8 UTF8 yes 0 quickoff
|
||||
8 TSG_FIELD_HTTP_REQ_HDR virtual TSG_OBJ_HTTP_SIGNATURE --
|
||||
9 TSG_FIELD_HTTP_RES_HDR virtual TSG_OBJ_HTTP_SIGNATURE --
|
||||
10 TSG_OBJ_CONTENT expr UTF8 GBK/UNICODE/UTF8 yes 128 quickoff
|
||||
11 TSG_FIELD_HTTP_REQ_CONTENT virtual TSG_OBJ_CONTENT --
|
||||
12 TSG_FIELD_HTTP_RES_CONTENT virtual TSG_OBJ_CONTENT --
|
||||
10 TSG_OBJ_KEYWORDS expr UTF8 GBK/UNICODE/UTF8 yes 128 quickoff
|
||||
11 TSG_FIELD_HTTP_REQ_CONTENT virtual TSG_OBJ_KEYWORDS --
|
||||
12 TSG_FIELD_HTTP_RES_CONTENT virtual TSG_OBJ_KEYWORDS --
|
||||
13 TSG_OBJ_SUBSCRIBER_ID expr UTF8 UTF8 yes 0 quickon
|
||||
14 PXY_CACHE_COMPILE compile escape --
|
||||
14 PXY_CACHE_GROUP group --
|
||||
|
||||
Reference in New Issue
Block a user