gfwleak/tango-tfe
Archived
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

TSG-22707 tfe adapts to maat interface changes

Browse Source
This commit is contained in:
fengweihao
2024-09-29 20:01:49 +08:00
parent a94b7d55b5
commit a032f97535
16 changed files with 909 additions and 1361 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
common/include/tfe_resource.h
View File

@@ -17,7 +17,7 @@ struct app_id_dict
{
int ref_cnt;
int app_id;
long long int group_id;
int object_id;
pthread_mutex_t lock;
};
@@ -25,7 +25,7 @@ struct app_id_dict
struct library_tag_ctx
{
int ref_cnt;
int tag_id;
char *uuid;
char *tag_key;
char *tag_value;
enum category_type category;

16
common/include/tfe_scan.h
View File

@@ -4,13 +4,13 @@
#include <tfe_stream.h>
#define MAX_SCAN_RESULT 16
int tfe_scan_subscribe_id(const struct tfe_stream *stream, long long *result, struct maat_state *scan_mid, int hit_cnt, void *logger);
int tfe_scan_ip_tags(const struct tfe_stream *stream, long long *result, struct maat_state *scan_mid, int hit_cnt, void *logger);
int tfe_scan_fqdn_tags(const struct tfe_stream *stream, long long *result, struct maat_state *scan_mid, int hit_cnt, int table_id, void *logger);
int tfe_scan_app_id(long long *result, struct maat_state *scan_mid, int hit_cnt, long long app_id, int table_id);
int tfe_scan_ipv4_addr(const struct tfe_stream *stream, long long *result, struct maat_state *scan_mid, int hit_cnt, struct ipaddr sapp_addr);
int tfe_scan_ipv6_addr(const struct tfe_stream *stream, long long *result, struct maat_state *scan_mid, int hit_cnt, struct ipaddr sapp_addr);
int tfe_scan_port(const struct tfe_stream *stream, long long *result, struct maat_state *scan_mid, int hit_cnt, uint16_t source, uint16_t dest);
int tfe_scan_device(const struct tfe_stream *stream, long long *result, struct maat_state *scan_mid, int hit_cnt, void *logger);
int tfe_scan_subscribe_id(const struct tfe_stream *stream, uuid_t *result, struct maat_state *scan_mid, int hit_cnt, void *logger);
int tfe_scan_ip_tags(const struct tfe_stream *stream, uuid_t *result, struct maat_state *scan_mid, int hit_cnt, void *logger);
int tfe_scan_fqdn_tags(const struct tfe_stream *stream, uuid_t *result, struct maat_state *scan_mid, int hit_cnt, void *logger);
int tfe_scan_app_id(uuid_t *result, struct maat_state *scan_mid, int hit_cnt, long long app_id);
int tfe_scan_ipv4_addr(const struct tfe_stream *stream, uuid_t *result, struct maat_state *scan_mid, int hit_cnt, struct ipaddr sapp_addr);
int tfe_scan_ipv6_addr(const struct tfe_stream *stream, uuid_t *result, struct maat_state *scan_mid, int hit_cnt, struct ipaddr sapp_addr);
int tfe_scan_port(const struct tfe_stream *stream, uuid_t *result, struct maat_state *scan_mid, int hit_cnt, uint16_t source, uint16_t dest);
int tfe_scan_device(const struct tfe_stream *stream, uuid_t *result, struct maat_state *scan_mid, int hit_cnt, void *logger);
int tfe_get_library_tags(const struct tfe_stream *stream, cJSON *common_obj, tfe_cmsg_tlv_type tlv_type, const char *tag_key);

113
common/src/tfe_resource.cpp
View File

@@ -232,38 +232,35 @@ static char* create_device_tag(const char *profile, const char *section, void *l
return device_tag;
}
void app_dict_table_new_cb(const char *table_name, int table_id, const char* key, const char* table_line, void **ad, long argl, void* argp)
void app_dict_table_new_cb(const char *table_name, const char* key, const char* table_line, void **ad, long argl, void* argp)
{
int ret=0;
size_t offset=0, len=0;
char *app_id_str=NULL, *group_id_str=NULL;
cJSON* app_id_dict_json = cJSON_Parse(table_line);
if(app_id_dict_json == NULL)
{
return;
}
struct app_id_dict *app_dict=ALLOC(struct app_id_dict, 1);
ret = maat_helper_read_column(table_line, 1, &offset, &len);
if(ret >= 0)
cJSON *item = cJSON_GetObjectItem(app_id_dict_json, "app_id");
if(item && item->type==cJSON_Number)
{
app_id_str=ALLOC(char, len+1);
memcpy(app_id_str, table_line+offset, len);
app_dict->app_id=atoi(app_id_str);
FREE(&app_id_str);
app_dict->app_id = item->valueint;
}
ret = maat_helper_read_column(table_line, 18, &offset, &len);
if(ret >= 0)
item = cJSON_GetObjectItem(app_id_dict_json, "object_id");
if(item && item->type==cJSON_Number)
{
group_id_str=ALLOC(char, len+1);
memcpy(group_id_str, table_line+offset, len);
app_dict->group_id=atoll(group_id_str);
FREE(&group_id_str);
app_dict->object_id = item->valueint;
}
cJSON_Delete(app_id_dict_json);
app_dict->ref_cnt=1;
pthread_mutex_init(&(app_dict->lock), NULL);
*ad=app_dict;
return;
}
void app_dict_table_free_cb(int table_id, void **ad, long argl, void* argp)
void app_dict_table_free_cb(const char *table_name, void **ad, long argl, void* argp)
{
if(*ad==NULL)
{
@@ -291,7 +288,7 @@ void app_id_dict_free(struct app_id_dict *app_dict)
app_dict_table_free_cb(0, (void **)&app_dict, 0, NULL);
}
void app_dict_table_dup_cb(int table_id, void **to, void **from, long argl, void* argp)
void app_dict_table_dup_cb(const char *table_name, void **to, void **from, long argl, void* argp)
{
struct app_id_dict *app_dict=(struct app_id_dict *)(*from);
pthread_mutex_lock(&(app_dict->lock));
@@ -314,52 +311,47 @@ int get_category_type_str2idx(const char *category)
return i;
}
void library_tag_new_cb(const char *table_name, int table_id, const char* key, const char* table_line, void **ad, long argl, void* argp)
void library_tag_new_cb(const char *table_name, const char* key, const char* table_line, void **ad, long argl, void* argp)
{
int ret=0;
size_t offset=0, len=0;
char category[256]={0};
cJSON* library_tag_json = cJSON_Parse(table_line);
if(library_tag_json == NULL)
{
return;
}
struct library_tag_ctx *library_tags = ALLOC(struct library_tag_ctx, 1);
ret = maat_helper_read_column(table_line, 1, &offset, &len);
if(ret >= 0)
cJSON *item = cJSON_GetObjectItem(library_tag_json, "uuid");
if(item && item->type==cJSON_String)
{
char *tag_id_str=ALLOC(char, len+1);
memcpy(tag_id_str, table_line+offset, len);
library_tags->tag_id=atoi(tag_id_str);
FREE(&tag_id_str);
library_tags->uuid=strdup(item->valuestring);
}
ret = maat_helper_read_column(table_line, 3, &offset, &len);
if(ret >= 0)
item = cJSON_GetObjectItem(library_tag_json, "category");
if(item && item->type==cJSON_String)
{
memcpy(category, table_line+offset, len);
library_tags->category=(enum category_type)get_category_type_str2idx(category);
library_tags->category=(enum category_type)get_category_type_str2idx(item->valuestring);
}
ret = maat_helper_read_column(table_line, 4, &offset, &len);
if(ret >= 0)
item = cJSON_GetObjectItem(library_tag_json, "tag_key");
if(item && item->type==cJSON_String)
{
library_tags->tag_key=ALLOC(char, len+1);
memcpy(library_tags->tag_key, table_line+offset, len);
library_tags->tag_key=strdup(item->valuestring);
}
ret = maat_helper_read_column(table_line, 5, &offset, &len);
if(ret >= 0)
item = cJSON_GetObjectItem(library_tag_json, "tag_value");
if(item && item->type==cJSON_String)
{
library_tags->tag_value=ALLOC(char, len+1);
memcpy(library_tags->tag_value, table_line+offset, len);
library_tags->tag_value=strdup(item->valuestring);
}
library_tags->ref_cnt=1;
pthread_mutex_init(&(library_tags->lock), NULL);
cJSON_Delete(library_tag_json);
*ad=library_tags;
return;
}
void library_tag_free_cb(int table_id, void **ad, long argl, void* argp)
void library_tag_free_cb(const char *table_name, void **ad, long argl, void* argp)
{
if(*ad==NULL)
{
@@ -385,13 +377,17 @@ void library_tag_free_cb(int table_id, void **ad, long argl, void* argp)
{
FREE(&library_tags->tag_value);
}
if(library_tags->uuid)
{
FREE(&library_tags->uuid);
}
FREE(&library_tags);
*ad=NULL;
return;
}
void library_tag_dup_cb(int table_id, void **to, void **from, long argl, void* argp)
void library_tag_dup_cb(const char *table_name, void **to, void **from, long argl, void* argp)
{
struct library_tag_ctx *library_tags=(struct library_tag_ctx *)(*from);
pthread_mutex_lock(&(library_tags->lock));
@@ -408,33 +404,6 @@ void library_tag_free(struct library_tag_ctx *library_tags)
static int maat_common_table_init()
{
const char * table_name[__SCAN_COMMON_TABLE_MAX];
table_name[PXY_CTRL_SOURCE_IP] = "ATTR_SOURCE_IP";
table_name[PXY_CTRL_DESTINATION_IP]="ATTR_DESTINATION_IP";
table_name[PXY_CTRL_INTERNAL_IP] = "ATTR_INTERNAL_IP";
table_name[PXY_CTRL_EXTERNAL_IP] = "ATTR_EXTERNAL_IP";
table_name[PXY_CTRL_SOURCE_PORT] = "ATTR_SOURCE_PORT";
table_name[PXY_CTRL_DESTINATION_PORT] = "ATTR_DESTINATION_PORT";
table_name[PXY_CTRL_INTERNAL_PORT] = "ATTR_INTERNAL_PORT";
table_name[PXY_CTRL_EXTERNAL_PORT] = "ATTR_EXTERNAL_PORT";
table_name[PXY_CTRL_IP_PROTOCOL] = "ATTR_IP_PROTOCOL";
table_name[PXY_CTRL_SUBSCRIBER_ID] = "ATTR_SUBSCRIBER_ID";
table_name[PXY_CTRL_APP_ID_DICT] = "APP_ID_DICT";
table_name[PXY_CTRL_LIBRARY_TAG] = "LIBRARY_TAG";
table_name[PXY_CTRL_IMSI]="ATTR_GTP_IMSI";
table_name[PXY_CTRL_APN]="ATTR_GTP_APN";
table_name[PXY_CTRL_PHONE_NUMBER]="ATTR_GTP_PHONE_NUMBER";
table_name[PXY_CTRL_GTP_IMEI]="ATTR_GTP_IMEI";
for (int i = 0; i < __SCAN_COMMON_TABLE_MAX; i++)
{
scan_table_id[i] = maat_get_table_id(maat_handle, table_name[i]);
if (scan_table_id[i] < 0)
{
TFE_LOG_ERROR(g_default_logger, "Maat table %s register failed.", table_name[i]);
return -1;
}
}
maat_plugin_table_ex_schema_register(maat_handle, "APP_ID_DICT", app_dict_table_new_cb, app_dict_table_free_cb, app_dict_table_dup_cb, 0, NULL);
maat_plugin_table_ex_schema_register(maat_handle, "LIBRARY_TAG", library_tag_new_cb, library_tag_free_cb, library_tag_dup_cb, 0, NULL);

279
common/src/tfe_scan.cpp
View File

@@ -3,18 +3,18 @@
#include <tfe_scan.h>
#include <MESA/stream.h>
static int scan_group(struct maat_hit_group hit_group, long long *result, struct maat_state *scan_mid, int hit_cnt, int table_id)
static int scan_string(uuid_t *result, struct maat_state *scan_mid, int hit_cnt,const char *data, const char *table_name, const char *attribute_name)
{
size_t n_hit_result=0;
int scan_ret=0, hit_cnt_group=0;
scan_ret = maat_scan_group(tfe_get_maat_handle(), table_id, &hit_group, 1,
result+hit_cnt+hit_cnt_group, MAX_SCAN_RESULT-hit_cnt-hit_cnt_group, &n_hit_result, scan_mid);
scan_ret = maat_scan_string(tfe_get_maat_handle(), table_name, attribute_name, data, strlen(data), result+hit_cnt+hit_cnt_group,
MAX_SCAN_RESULT-hit_cnt-hit_cnt_group, &n_hit_result, scan_mid);
if(scan_ret == MAAT_SCAN_HIT)
{
hit_cnt_group+=n_hit_result;
}
scan_ret = maat_scan_not_logic(tfe_get_maat_handle(), table_id, result+hit_cnt+hit_cnt_group,
scan_ret = maat_scan_not_logic(tfe_get_maat_handle(), table_name, attribute_name, result+hit_cnt+hit_cnt_group,
MAX_SCAN_RESULT-hit_cnt-hit_cnt_group, &n_hit_result, scan_mid);
if (scan_ret == MAAT_SCAN_HIT)
{
@@ -23,27 +23,6 @@ static int scan_group(struct maat_hit_group hit_group, long long *result, struct
return hit_cnt_group;
}
int tfe_get_tags_id_array(char *tag_ids, long long *tag_id_array)
{
if(tag_ids==NULL)
{
return 0;
}
int n_tag_ids=0;
char *tag_ids_tmp = ALLOC(char, strlen(tag_ids)+1);
strcpy(tag_ids_tmp, tag_ids);
char *tag_ids_str=strtok(tag_ids_tmp, ",");
while(tag_ids_str!=NULL && n_tag_ids < 128)
{
tag_id_array[n_tag_ids++]=strtoll(tag_ids_str, NULL, 10);
tag_ids_str=strtok(NULL, ",");
}
FREE(&tag_ids_tmp);
return n_tag_ids;
}
static int get_route_dir(const struct tfe_stream * stream)
{
uint16_t out_size;
@@ -61,9 +40,10 @@ static int get_route_dir(const struct tfe_stream * stream)
return (route_dir==69) ? 1 : 0;
}
int get_table_id(const struct tfe_stream *stream, enum scan_common_table table_type)
const char *get_attribute_name(const struct tfe_stream *stream, enum scan_common_table table_type)
{
int table_id = 0, c2s = 0;
int c2s = 0;
const char *attribute_name=NULL;
int dir_is_e2i = get_route_dir(stream);
if (table_type == PXY_CTRL_SOURCE_IP || table_type == PXY_CTRL_DESTINATION_IP || table_type == PXY_CTRL_SOURCE_PORT || table_type == PXY_CTRL_DESTINATION_PORT)
@@ -72,39 +52,64 @@ int get_table_id(const struct tfe_stream *stream, enum scan_common_table table_t
if(table_type == PXY_CTRL_SOURCE_IP || table_type == PXY_CTRL_DESTINATION_IP)
{
table_id = (c2s == dir_is_e2i) ? tfe_bussiness_tableid_get(PXY_CTRL_INTERNAL_IP) : tfe_bussiness_tableid_get(PXY_CTRL_EXTERNAL_IP);
attribute_name = (c2s == dir_is_e2i) ? "ATTR_INTERNAL_IP" : "ATTR_EXTERNAL_IP";
}
if(table_type == PXY_CTRL_SOURCE_PORT || table_type == PXY_CTRL_DESTINATION_PORT)
{
table_id = (c2s == dir_is_e2i) ? tfe_bussiness_tableid_get(PXY_CTRL_INTERNAL_PORT) : tfe_bussiness_tableid_get(PXY_CTRL_EXTERNAL_PORT);
attribute_name = (c2s == dir_is_e2i) ? "ATTR_INTERNAL_PORT" : "ATTR_EXTERNAL_PORT";
}
}
return table_id;
return attribute_name;
}
int tfe_scan_internal_exteral_by_last_group(const struct tfe_stream *stream, long long *result, struct maat_state *scan_mid, int hit_cnt, enum scan_common_table table_type)
const char *get_table_name(const struct tfe_stream *stream, enum scan_common_table table_type)
{
const char *table_name=NULL;
switch (table_type)
{
case PXY_CTRL_SOURCE_IP:
case PXY_CTRL_DESTINATION_IP:
table_name = "TSG_OBJ_IP_ADDR";
break;
case PXY_CTRL_SOURCE_PORT:
case PXY_CTRL_DESTINATION_PORT:
table_name = "TSG_OBJ_PORT";
break;
default:
break;
}
return table_name;
}
int tfe_scan_internal_exteral_by_last_group(const struct tfe_stream *stream, uuid_t *result, struct maat_state *scan_mid, int hit_cnt, enum scan_common_table table_type)
{
size_t array_size=256, n_hit_result = 0;
int hit_cnt_group = 0, scan_ret = 0, table_id = 0;
struct maat_hit_group last_hit_groups[256] = {0};
int hit_cnt_group = 0, scan_ret = 0;
struct maat_hit_object last_hit_objects[128] = {0};
table_id = get_table_id(stream, table_type);
if(table_id <= 0)
const char *table_name = get_table_name(stream, table_type);
if(table_name == NULL)
{
return hit_cnt_group;
}
size_t n_last_hit_group = maat_state_get_last_hit_group_cnt(scan_mid);
if(n_last_hit_group > 0)
const char *attribute_name = get_attribute_name(stream, table_type);
if(attribute_name == NULL)
{
maat_state_get_last_hit_groups(scan_mid, last_hit_groups, array_size);
scan_ret = maat_scan_group(tfe_get_maat_handle(), table_id, last_hit_groups, array_size, result+hit_cnt+hit_cnt_group,
return hit_cnt_group;
}
size_t n_last_hit_object = maat_state_get_last_hit_object_cnt(scan_mid);
if(n_last_hit_object > 0)
{
maat_state_get_last_hit_objects(scan_mid, last_hit_objects, array_size);
scan_ret = maat_scan_object(tfe_get_maat_handle(), table_name, attribute_name, last_hit_objects, array_size, result+hit_cnt+hit_cnt_group,
MAX_SCAN_RESULT-hit_cnt-hit_cnt_group, &n_hit_result, scan_mid);
if(scan_ret == MAAT_SCAN_HIT)
{
hit_cnt_group += n_hit_result;
}
scan_ret = maat_scan_not_logic(tfe_get_maat_handle(), table_id,
scan_ret = maat_scan_not_logic(tfe_get_maat_handle(), table_name, attribute_name,
result+hit_cnt+hit_cnt_group, MAX_SCAN_RESULT-hit_cnt-hit_cnt_group, &n_hit_result, scan_mid);
if (scan_ret == MAAT_SCAN_HIT)
{
@@ -114,7 +119,7 @@ int tfe_scan_internal_exteral_by_last_group(const struct tfe_stream *stream, lon
return hit_cnt_group;
}
int tfe_get_entry_tags(const struct tfe_stream * stream, enum tfe_cmsg_tlv_type tlv_type, char *opt_val, long long *tag_id_array)
int tfe_get_entry_tags(const struct tfe_stream * stream, enum tfe_cmsg_tlv_type tlv_type, uuid_t *opt_val, char **tag_id_array)
{
int n_tag_ids = 0;
uint16_t opt_out_size = 0;
@@ -128,18 +133,37 @@ int tfe_get_entry_tags(const struct tfe_stream * stream, enum tfe_cmsg_tlv_type
int ret = tfe_cmsg_get_value(cmsg, tlv_type, (unsigned char *)opt_val, 128, &opt_out_size);
if(ret == 0 && opt_out_size > 0)
{
n_tag_ids = tfe_get_tags_id_array(opt_val, tag_id_array);
n_tag_ids = opt_out_size/(int)sizeof(uuid_t);
for (int i=0; i<n_tag_ids; i++)
{
uuid_unparse(opt_val[i],tag_id_array[i]);
}
}
return n_tag_ids;
}
void tfe_tags_log(char **tag_id_array, int n_tag_ids, const char *log_key, void *logger)
{
char *tag_uuids_for_log = ALLOC(char, n_tag_ids*UUID_STRING_SIZE);
for(int i = 0; i < n_tag_ids; i++)
{
strcat(tag_uuids_for_log, tag_id_array[i]);
if (i < n_tag_ids - 1)
{
strcat(tag_uuids_for_log, ",");
}
}
TFE_LOG_DEBUG(logger, "fetch %s tags: %s", log_key, tag_uuids_for_log);
FREE(&tag_uuids_for_log);
}
int tfe_get_library_tags(const struct tfe_stream *stream, cJSON *common_obj, tfe_cmsg_tlv_type tlv_type, const char *tag_key)
{
char opt_val[128]={0};
long long tag_id_array[128]={0};
uuid_t opt_val[128]={0};
char tag_id_array[128][UUID_STRING_SIZE];
int n_tag_ids = tfe_get_entry_tags(stream, tlv_type, opt_val, tag_id_array);
int n_tag_ids = tfe_get_entry_tags(stream, tlv_type, opt_val, (char **)tag_id_array);
if(n_tag_ids == 0)
{
return 0;
@@ -149,7 +173,7 @@ int tfe_get_library_tags(const struct tfe_stream *stream, cJSON *common_obj, tfe
cJSON *tags_array = cJSON_CreateArray();
for(int i = 0; i < n_tag_ids; i++)
{
struct library_tag_ctx *library_tag =(struct library_tag_ctx *)maat_plugin_table_get_ex_data(tfe_get_maat_handle(), tfe_bussiness_tableid_get(PXY_CTRL_LIBRARY_TAG), (const char *)&tag_id_array[i], sizeof(long long));
struct library_tag_ctx *library_tag =(struct library_tag_ctx *)maat_plugin_table_get_ex_data(tfe_get_maat_handle(), "LIBRARY_TAG", (const char *)tag_id_array[i], strlen(tag_id_array[i]));
if(library_tag != NULL)
{
if(library_tag->category == CATEGORY_TYPE_ASN && tlv_type == TFE_CMSG_SRC_IP_TAGS_IDS_ARR && atol(library_tag->tag_value) > 0)
@@ -183,32 +207,32 @@ int tfe_get_library_tags(const struct tfe_stream *stream, cJSON *common_obj, tfe
return 0;
}
int tfe_scan_ip_tags(const struct tfe_stream *stream, long long *result, struct maat_state *scan_mid, int hit_cnt, void *logger)
int tfe_scan_ip_tags(const struct tfe_stream *stream, uuid_t *result, struct maat_state *scan_mid, int hit_cnt, void *logger)
{
size_t n_hit_result = 0;
long long tag_id_array[128]={0};
char tag_id_array[128][UUID_STRING_SIZE];
char result_str[UUID_STRING_SIZE]={0};
int scan_ret = 0, hit_cnt_ip = 0, n_tag_ids = 0;
char opt_val[128]={0};
uuid_t opt_val[128]={0};
n_tag_ids = tfe_get_entry_tags(stream, (enum tfe_cmsg_tlv_type)TFE_CMSG_SRC_IP_TAGS_IDS_ARR, opt_val, tag_id_array);
n_tag_ids = tfe_get_entry_tags(stream, (enum tfe_cmsg_tlv_type)TFE_CMSG_SRC_IP_TAGS_IDS_ARR, opt_val, (char **)tag_id_array);
if(n_tag_ids == 0)
{
TFE_LOG_DEBUG(logger, "fetch src ip tags: NULL");
return hit_cnt_ip;
}
TFE_LOG_DEBUG(logger, "fetch src ip tags: %s", opt_val);
tfe_tags_log((char **)tag_id_array, n_tag_ids, "src ip", logger);
struct maat_hit_group hit_group;
for (int i = 0; i < n_tag_ids; i++)
{
memset(&hit_group, 0, sizeof(hit_group));
hit_group.group_id=tag_id_array[i];
scan_ret = maat_scan_group(tfe_get_maat_handle(), tfe_bussiness_tableid_get(PXY_CTRL_SOURCE_IP), &hit_group, 1, result+hit_cnt+hit_cnt_ip,
scan_ret = maat_scan_string(tfe_get_maat_handle(), "TSG_OBJ_IP_ADDR", "ATTR_SOURCE_IP", tag_id_array[i], strlen(tag_id_array[i]), result+hit_cnt+hit_cnt_ip,
MAX_SCAN_RESULT-hit_cnt-hit_cnt_ip, &n_hit_result, scan_mid);
if(scan_ret == MAAT_SCAN_HIT)
{
TFE_LOG_INFO(logger, "Scan Src TAGS, Hit scan ret: %d policy_id: %lld addr: %s", scan_ret, result[hit_cnt + hit_cnt_ip], stream->str_stream_info);
hit_cnt_ip += scan_ret;
memset(result_str, 0, sizeof(result_str));
uuid_unparse(result[hit_cnt + hit_cnt_ip], result_str);
TFE_LOG_INFO(logger, "Scan Src TAGS, Hit scan ret: %d policy_id: %s addr: %s", scan_ret, result_str, stream->str_stream_info);
hit_cnt_ip+=n_hit_result;
}
else
{
@@ -224,22 +248,23 @@ int tfe_scan_ip_tags(const struct tfe_stream *stream, long long *result, struct
memset(opt_val, 0, sizeof(opt_val));
memset(tag_id_array, 0, sizeof(tag_id_array));
n_tag_ids = tfe_get_entry_tags(stream, (enum tfe_cmsg_tlv_type)TFE_CMSG_DST_IP_TAGS_IDS_ARR, opt_val, tag_id_array);
n_tag_ids = tfe_get_entry_tags(stream, (enum tfe_cmsg_tlv_type)TFE_CMSG_DST_IP_TAGS_IDS_ARR, opt_val, (char **)tag_id_array);
if(n_tag_ids == 0)
{
TFE_LOG_DEBUG(logger, "fetch dst ip tags: NULL");
return hit_cnt_ip;
}
TFE_LOG_DEBUG(logger, "fetch dst ip tags: %s", opt_val);
tfe_tags_log((char **)tag_id_array, n_tag_ids, "dst ip", logger);
for (int i = 0; i < n_tag_ids; i++)
{
memset(&hit_group, 0, sizeof(hit_group));
hit_group.group_id=tag_id_array[i];
scan_ret = maat_scan_group(tfe_get_maat_handle(), tfe_bussiness_tableid_get(PXY_CTRL_DESTINATION_IP), &hit_group, 1, result+hit_cnt+hit_cnt_ip,
scan_ret = maat_scan_string(tfe_get_maat_handle(), "TSG_OBJ_IP_ADDR", "ATTR_DESTINATION_IP", tag_id_array[i], strlen(tag_id_array[i]), result+hit_cnt+hit_cnt_ip,
MAX_SCAN_RESULT-hit_cnt-hit_cnt_ip, &n_hit_result, scan_mid);
if(scan_ret==MAAT_SCAN_HIT)
{
TFE_LOG_INFO(logger, "Scan Dst TAGS, Hit scan ret: %d policy_id: %lld addr: %s", scan_ret, result[hit_cnt + hit_cnt_ip], stream->str_stream_info);
memset(result_str, 0, sizeof(result_str));
uuid_unparse(result[hit_cnt + hit_cnt_ip], result_str);
TFE_LOG_INFO(logger, "Scan Dst TAGS, Hit scan ret: %d policy_id: %s addr: %s", scan_ret, result_str, stream->str_stream_info);
hit_cnt_ip += scan_ret;
}
else
@@ -255,28 +280,28 @@ int tfe_scan_ip_tags(const struct tfe_stream *stream, long long *result, struct
return hit_cnt_ip;
}
int tfe_scan_fqdn_tags(const struct tfe_stream *stream, long long *result, struct maat_state *scan_mid, int hit_cnt, int table_id, void *logger)
int tfe_scan_fqdn_tags(const struct tfe_stream *stream, uuid_t *result, struct maat_state *scan_mid, int hit_cnt, void *logger)
{
char opt_val[128]={0};
long long tag_id_array[128]={0};
uuid_t opt_val[128]={0};
char tag_id_array[128][UUID_STRING_SIZE];
int scan_ret = 0, hit_cnt_fqdn = 0, n_tag_ids = 0;
n_tag_ids = tfe_get_entry_tags(stream, (enum tfe_cmsg_tlv_type)TFE_CMSG_FQDN_TAGS_IDS_ARR, opt_val, tag_id_array);
n_tag_ids = tfe_get_entry_tags(stream, (enum tfe_cmsg_tlv_type)TFE_CMSG_FQDN_TAGS_IDS_ARR, opt_val, (char **)tag_id_array);
if(n_tag_ids == 0)
{
TFE_LOG_DEBUG(logger, "fetch fqdn tags: NULL");
return hit_cnt_fqdn;
}
TFE_LOG_DEBUG(logger, "fetch fqdn tags: %s", opt_val);
tfe_tags_log((char **)tag_id_array, n_tag_ids, "fqdn", logger);
struct maat_hit_group hit_group;
for (int i = 0; i < n_tag_ids; i++)
{
memset(&hit_group, 0, sizeof(hit_group));
hit_group.group_id=tag_id_array[i];
scan_ret = scan_group(hit_group, result, scan_mid, hit_cnt, table_id);
scan_ret = scan_string(result, scan_mid, hit_cnt, tag_id_array[i], "TSG_OBJ_FQDN", "ATTR_SERVER_FQDN");
if (scan_ret > 0)
{
TFE_LOG_INFO(logger, "Scan Fqdn TAGS, Hit scan ret: %d policy_id: %lld addr: %s", scan_ret, result[hit_cnt + hit_cnt_fqdn], stream->str_stream_info);
char result_str[UUID_STRING_SIZE]={0};
uuid_unparse( result[hit_cnt + hit_cnt_fqdn], result_str);
TFE_LOG_INFO(logger, "Scan Fqdn TAGS, Hit scan ret: %d policy_id: %s addr: %s", scan_ret, result_str, stream->str_stream_info);
hit_cnt_fqdn += scan_ret;
}
else
@@ -287,26 +312,22 @@ int tfe_scan_fqdn_tags(const struct tfe_stream *stream, long long *result, struc
return hit_cnt_fqdn;
}
int tfe_scan_app_id(long long *result, struct maat_state *scan_mid, int hit_cnt, long long app_id, int table_id)
int tfe_scan_app_id(uuid_t *result, struct maat_state *scan_mid, int hit_cnt, long long app_id)
{
int scan_ret = 0;
int hit_app_id = 0;
size_t n_hit_result = 0;
struct maat_hit_group hit_group;
struct app_id_dict *app_dict = (struct app_id_dict*)maat_plugin_table_get_ex_data(tfe_get_maat_handle(), tfe_bussiness_tableid_get(PXY_CTRL_APP_ID_DICT),
(const char *)&app_id, sizeof(long long));
struct app_id_dict *app_dict = (struct app_id_dict*)maat_plugin_table_get_ex_data(tfe_get_maat_handle(), "APP_ID_DICT", (const char *)&app_id, sizeof(long long));
if(app_dict!=NULL)
{
memset(&hit_group, 0, sizeof(hit_group));
hit_group.group_id=app_dict->group_id;
scan_ret = maat_scan_group(tfe_get_maat_handle(), table_id, &hit_group, 1, result+hit_cnt+hit_app_id,
scan_ret=maat_scan_integer(tfe_get_maat_handle(), "APP_ID_DICT", "ATTR_APP_ID", app_dict->object_id, result+hit_cnt+hit_app_id,
MAX_SCAN_RESULT-hit_cnt-hit_app_id, &n_hit_result, scan_mid);
if(scan_ret==MAAT_SCAN_HIT)
{
hit_app_id += n_hit_result;
}
scan_ret = maat_scan_not_logic(tfe_get_maat_handle(), table_id, result+hit_cnt+hit_app_id, MAX_SCAN_RESULT-hit_cnt-hit_app_id, &n_hit_result, scan_mid);
scan_ret = maat_scan_not_logic(tfe_get_maat_handle(), "APP_ID_DICT", "ATTR_APP_ID", result+hit_cnt+hit_app_id, MAX_SCAN_RESULT-hit_cnt-hit_app_id, &n_hit_result, scan_mid);
if (scan_ret == MAAT_SCAN_HIT)
{
hit_app_id += n_hit_result;
@@ -316,7 +337,7 @@ int tfe_scan_app_id(long long *result, struct maat_state *scan_mid, int hit_cnt,
return hit_app_id;
}
int tfe_scan_value_by_cmsg(const struct tfe_stream *stream, enum tfe_cmsg_tlv_type tlv_type, long long *result, struct maat_state *scan_mid, int hit_cnt, int table_id, char *opt_val, void *logger)
int tfe_scan_value_by_cmsg(const struct tfe_stream *stream, enum tfe_cmsg_tlv_type tlv_type, uuid_t *result, struct maat_state *scan_mid, int hit_cnt, const char *table_name, const char *attribute_name, char *opt_val)
{
uint16_t opt_out_size = 0;
int hit_cnt_string=0;
@@ -332,13 +353,13 @@ int tfe_scan_value_by_cmsg(const struct tfe_stream *stream, enum tfe_cmsg_tlv_ty
{
size_t n_hit_result=0;
int scan_ret = maat_scan_string(tfe_get_maat_handle(), table_id, opt_val, strlen(opt_val), result+hit_cnt+hit_cnt_string, MAX_SCAN_RESULT-hit_cnt-hit_cnt_string,
int scan_ret = maat_scan_string(tfe_get_maat_handle(), table_name, attribute_name, opt_val, strlen(opt_val), result+hit_cnt+hit_cnt_string, MAX_SCAN_RESULT-hit_cnt-hit_cnt_string,
&n_hit_result,scan_mid);
if(scan_ret == MAAT_SCAN_HIT)
{
hit_cnt_string+=n_hit_result;
}
scan_ret = maat_scan_not_logic(tfe_get_maat_handle(), table_id, result+hit_cnt+hit_cnt_string, MAX_SCAN_RESULT-hit_cnt-hit_cnt_string, &n_hit_result, scan_mid);
scan_ret = maat_scan_not_logic(tfe_get_maat_handle(), table_name, attribute_name, result+hit_cnt+hit_cnt_string, MAX_SCAN_RESULT-hit_cnt-hit_cnt_string, &n_hit_result, scan_mid);
if (scan_ret == MAAT_SCAN_HIT)
{
hit_cnt_string+=n_hit_result;
@@ -347,30 +368,30 @@ int tfe_scan_value_by_cmsg(const struct tfe_stream *stream, enum tfe_cmsg_tlv_ty
return hit_cnt_string;
}
int tfe_scan_device(const struct tfe_stream *stream, long long *result, struct maat_state *scan_mid, int hit_cnt, void *logger)
int tfe_scan_device(const struct tfe_stream *stream, uuid_t *result, struct maat_state *scan_mid, int hit_cnt, void *logger)
{
char opt_val[4][128]={0};
int scan_ret = 0, htt_cnt_device = 0;
scan_ret = tfe_scan_value_by_cmsg(stream, TFE_CMSG_SRC_IMSI_STR, result, scan_mid, hit_cnt, tfe_bussiness_tableid_get(PXY_CTRL_IMSI), opt_val[0], logger);
scan_ret = tfe_scan_value_by_cmsg(stream, TFE_CMSG_SRC_IMSI_STR, result, scan_mid, hit_cnt, "TSG_OBJ_IMSI", "ATTR_GTP_IMSI", opt_val[0]);
if(scan_ret > 0)
{
htt_cnt_device += scan_ret;
}
scan_ret = tfe_scan_value_by_cmsg(stream, TFE_CMSG_SRC_IMEI_STR, result, scan_mid, hit_cnt, tfe_bussiness_tableid_get(PXY_CTRL_GTP_IMEI), opt_val[1], logger);
scan_ret = tfe_scan_value_by_cmsg(stream, TFE_CMSG_SRC_IMEI_STR, result, scan_mid, hit_cnt, "TSG_OBJ_IMEI","ATTR_GTP_IMEI", opt_val[1]);
if(scan_ret > 0)
{
htt_cnt_device += scan_ret;
}
scan_ret = tfe_scan_value_by_cmsg(stream, TFE_CMSG_SRC_PHONE_NUM_STR, result, scan_mid, hit_cnt, tfe_bussiness_tableid_get(PXY_CTRL_PHONE_NUMBER), opt_val[2], logger);
scan_ret = tfe_scan_value_by_cmsg(stream, TFE_CMSG_SRC_PHONE_NUM_STR, result, scan_mid, hit_cnt, "TSG_OBJ_PHONE_NUMBER","ATTR_GTP_PHONE_NUMBER", opt_val[2]);
if(scan_ret > 0)
{
htt_cnt_device += scan_ret;
}
scan_ret = tfe_scan_value_by_cmsg(stream, TFE_CMSG_SRC_APN_STR, result, scan_mid, hit_cnt, tfe_bussiness_tableid_get(PXY_CTRL_APN), opt_val[3], logger);
scan_ret = tfe_scan_value_by_cmsg(stream, TFE_CMSG_SRC_APN_STR, result, scan_mid, hit_cnt, "TSG_OBJ_APN", "ATTR_GTP_APN", opt_val[3]);
if(scan_ret > 0)
{
htt_cnt_device += scan_ret;
@@ -381,13 +402,13 @@ int tfe_scan_device(const struct tfe_stream *stream, long long *result, struct m
return htt_cnt_device;
}
int tfe_scan_port(const struct tfe_stream *stream, long long *result, struct maat_state *scan_mid, int hit_cnt, uint16_t source, uint16_t dest)
int tfe_scan_port(const struct tfe_stream *stream, uuid_t *result, struct maat_state *scan_mid, int hit_cnt, uint16_t source, uint16_t dest)
{
int scan_ret = 0;
int hit_cnt_port = 0;
size_t n_hit_result = 0;
scan_ret=maat_scan_integer(tfe_get_maat_handle(), tfe_bussiness_tableid_get(PXY_CTRL_SOURCE_PORT), ntohs(source),
scan_ret=maat_scan_integer(tfe_get_maat_handle(), "TSG_OBJ_PORT", "ATTR_SOURCE_PORT", ntohs(source),
result+hit_cnt+hit_cnt_port, MAX_SCAN_RESULT-hit_cnt-hit_cnt_port, &n_hit_result, scan_mid);
if(scan_ret == MAAT_SCAN_HIT)
{
@@ -398,14 +419,14 @@ int tfe_scan_port(const struct tfe_stream *stream, long long *result, struct maa
{
hit_cnt_port+=scan_ret;
}
scan_ret = maat_scan_not_logic(tfe_get_maat_handle(), tfe_bussiness_tableid_get(PXY_CTRL_SOURCE_PORT),
scan_ret = maat_scan_not_logic(tfe_get_maat_handle(), "TSG_OBJ_PORT", "ATTR_SOURCE_PORT",
result+hit_cnt+hit_cnt_port, MAX_SCAN_RESULT-hit_cnt-hit_cnt_port, &n_hit_result, scan_mid);
if (scan_ret == MAAT_SCAN_HIT)
{
hit_cnt_port+=n_hit_result;
}
scan_ret=maat_scan_integer(tfe_get_maat_handle(), tfe_bussiness_tableid_get(PXY_CTRL_DESTINATION_PORT), ntohs(dest),
scan_ret=maat_scan_integer(tfe_get_maat_handle(), "TSG_OBJ_PORT", "ATTR_DESTINATION_PORT", ntohs(dest),
result+hit_cnt+hit_cnt_port, MAX_SCAN_RESULT-hit_cnt-hit_cnt_port, &n_hit_result, scan_mid);
if(scan_ret == MAAT_SCAN_HIT)
{
@@ -416,8 +437,8 @@ int tfe_scan_port(const struct tfe_stream *stream, long long *result, struct maa
{
hit_cnt_port+=scan_ret;
}
scan_ret = maat_scan_not_logic(tfe_get_maat_handle(), tfe_bussiness_tableid_get(PXY_CTRL_DESTINATION_PORT),
result+hit_cnt+hit_cnt_port, MAX_SCAN_RESULT-hit_cnt-hit_cnt_port, &n_hit_result, scan_mid);
scan_ret = maat_scan_not_logic(tfe_get_maat_handle(), "TSG_OBJ_PORT", "ATTR_DESTINATION_PORT", result+hit_cnt+hit_cnt_port,
MAX_SCAN_RESULT-hit_cnt-hit_cnt_port, &n_hit_result, scan_mid);
if (scan_ret == MAAT_SCAN_HIT)
{
hit_cnt_port+=n_hit_result;
@@ -426,30 +447,28 @@ int tfe_scan_port(const struct tfe_stream *stream, long long *result, struct maa
return hit_cnt_port;
}
#define PROTOCOL_TCP_GROUP_ID 6
int tfe_scan_ipv4_addr(const struct tfe_stream *stream, long long *result, struct maat_state *scan_mid, int hit_cnt, struct ipaddr sapp_addr)
#define PROTOCOL_TCP_UUID_ID "6"
int tfe_scan_ipv4_addr(const struct tfe_stream *stream, uuid_t *result, struct maat_state *scan_mid, int hit_cnt, struct ipaddr sapp_addr)
{
int scan_ret = 0;
int hit_cnt_ip = 0;
size_t n_hit_result = 0;
struct maat_hit_group hit_group;
memset(&hit_group, 0, sizeof(hit_group));
hit_group.group_id=PROTOCOL_TCP_GROUP_ID;
scan_ret = maat_scan_group(tfe_get_maat_handle(), tfe_bussiness_tableid_get(PXY_CTRL_IP_PROTOCOL), &hit_group, 1,
result+hit_cnt+hit_cnt_ip, MAX_SCAN_RESULT-hit_cnt-hit_cnt_ip, &n_hit_result, scan_mid);
const char *protocol_uuid =PROTOCOL_TCP_UUID_ID;
scan_ret = maat_scan_string(tfe_get_maat_handle(), "TSG_OBJ_IP_PROTOCOL", "ATTR_IP_PROTOCOL", protocol_uuid, strlen(protocol_uuid), result+hit_cnt+hit_cnt_ip,
MAX_SCAN_RESULT-hit_cnt-hit_cnt_ip, &n_hit_result, scan_mid);
if(scan_ret==MAAT_SCAN_HIT)
{
hit_cnt_ip += n_hit_result;
}
scan_ret = maat_scan_not_logic(tfe_get_maat_handle(), tfe_bussiness_tableid_get(PXY_CTRL_IP_PROTOCOL),
result+hit_cnt+hit_cnt_ip, MAX_SCAN_RESULT-hit_cnt-hit_cnt_ip, &n_hit_result, scan_mid);
scan_ret = maat_scan_not_logic(tfe_get_maat_handle(), "TSG_OBJ_IP_PROTOCOL", "ATTR_IP_PROTOCOL", result+hit_cnt+hit_cnt_ip,
MAX_SCAN_RESULT-hit_cnt-hit_cnt_ip, &n_hit_result, scan_mid);
if (scan_ret == MAAT_SCAN_HIT)
{
hit_cnt_ip += n_hit_result;
}
scan_ret = maat_scan_ipv4_port(tfe_get_maat_handle(), tfe_bussiness_tableid_get(PXY_CTRL_SOURCE_IP), sapp_addr.v4->saddr, ntohs(sapp_addr.v4->source),
scan_ret = maat_scan_ipv4_port(tfe_get_maat_handle(), "TSG_OBJ_IP_ADDR", "ATTR_SOURCE_IP", sapp_addr.v4->saddr, ntohs(sapp_addr.v4->source),
result+hit_cnt+hit_cnt_ip, MAX_SCAN_RESULT-hit_cnt-hit_cnt_ip, &n_hit_result, scan_mid);
if (scan_ret == MAAT_SCAN_HIT)
{
@@ -460,14 +479,14 @@ int tfe_scan_ipv4_addr(const struct tfe_stream *stream, long long *result, struc
{
hit_cnt_ip += scan_ret;
}
scan_ret = maat_scan_not_logic(tfe_get_maat_handle(), tfe_bussiness_tableid_get(PXY_CTRL_SOURCE_IP),
result+hit_cnt+hit_cnt_ip, MAX_SCAN_RESULT-hit_cnt-hit_cnt_ip, &n_hit_result, scan_mid);
scan_ret = maat_scan_not_logic(tfe_get_maat_handle(), "TSG_OBJ_IP_ADDR", "ATTR_SOURCE_IP", result+hit_cnt+hit_cnt_ip,
MAX_SCAN_RESULT-hit_cnt-hit_cnt_ip, &n_hit_result, scan_mid);
if (scan_ret == MAAT_SCAN_HIT)
{
hit_cnt_ip += n_hit_result;
}
scan_ret = maat_scan_ipv4_port(tfe_get_maat_handle(), tfe_bussiness_tableid_get(PXY_CTRL_DESTINATION_IP), sapp_addr.v4->daddr, ntohs(sapp_addr.v4->dest),
scan_ret = maat_scan_ipv4_port(tfe_get_maat_handle(), "TSG_OBJ_IP_ADDR", "ATTR_DESTINATION_IP", sapp_addr.v4->daddr, ntohs(sapp_addr.v4->dest),
result+hit_cnt+hit_cnt_ip, MAX_SCAN_RESULT-hit_cnt-hit_cnt_ip, &n_hit_result, scan_mid);
if(scan_ret == MAAT_SCAN_HIT)
{
@@ -478,7 +497,7 @@ int tfe_scan_ipv4_addr(const struct tfe_stream *stream, long long *result, struc
{
hit_cnt_ip += scan_ret;
}
scan_ret = maat_scan_not_logic(tfe_get_maat_handle(), tfe_bussiness_tableid_get(PXY_CTRL_DESTINATION_IP),
scan_ret = maat_scan_not_logic(tfe_get_maat_handle(), "TSG_OBJ_IP_ADDR", "ATTR_DESTINATION_IP",
result+hit_cnt+hit_cnt_ip, MAX_SCAN_RESULT-hit_cnt-hit_cnt_ip, &n_hit_result, scan_mid);
if (scan_ret == MAAT_SCAN_HIT)
{
@@ -488,28 +507,26 @@ int tfe_scan_ipv4_addr(const struct tfe_stream *stream, long long *result, struc
return hit_cnt_ip;
}
int tfe_scan_ipv6_addr(const struct tfe_stream *stream, long long *result, struct maat_state *scan_mid, int hit_cnt, struct ipaddr sapp_addr)
int tfe_scan_ipv6_addr(const struct tfe_stream *stream, uuid_t *result, struct maat_state *scan_mid, int hit_cnt, struct ipaddr sapp_addr)
{
int scan_ret = 0;
int hit_cnt_ip = 0;
size_t n_hit_result = 0;
struct maat_hit_group hit_group;
memset(&hit_group, 0, sizeof(hit_group));
hit_group.group_id=PROTOCOL_TCP_GROUP_ID;
scan_ret = maat_scan_group(tfe_get_maat_handle(), tfe_bussiness_tableid_get(PXY_CTRL_IP_PROTOCOL), &hit_group, 1,
const char *protocol_uuid =PROTOCOL_TCP_UUID_ID;
scan_ret = maat_scan_string(tfe_get_maat_handle(), "TSG_OBJ_IP_PROTOCOL", "ATTR_IP_PROTOCOL", protocol_uuid, strlen(protocol_uuid), result+hit_cnt+hit_cnt_ip,
MAX_SCAN_RESULT-hit_cnt-hit_cnt_ip, &n_hit_result, scan_mid);
if(scan_ret==MAAT_SCAN_HIT)
{
hit_cnt_ip += n_hit_result;
}
scan_ret = maat_scan_not_logic(tfe_get_maat_handle(), "TSG_OBJ_IP_PROTOCOL", "ATTR_IP_PROTOCOL",
result+hit_cnt+hit_cnt_ip, MAX_SCAN_RESULT-hit_cnt-hit_cnt_ip, &n_hit_result, scan_mid);
if (scan_ret == MAAT_SCAN_HIT)
{
hit_cnt_ip += n_hit_result;
}
scan_ret = maat_scan_not_logic(tfe_get_maat_handle(), tfe_bussiness_tableid_get(PXY_CTRL_IP_PROTOCOL),
result+hit_cnt+hit_cnt_ip, MAX_SCAN_RESULT-hit_cnt-hit_cnt_ip, &n_hit_result, scan_mid);
if (scan_ret == MAAT_SCAN_HIT)
{
hit_cnt_ip += n_hit_result;
}
scan_ret = maat_scan_ipv6_port(tfe_get_maat_handle(), tfe_bussiness_tableid_get(PXY_CTRL_SOURCE_IP), sapp_addr.v6->saddr, ntohs(sapp_addr.v6->source),
scan_ret = maat_scan_ipv6_port(tfe_get_maat_handle(), "TSG_OBJ_IP_ADDR", "ATTR_SOURCE_IP", sapp_addr.v6->saddr, ntohs(sapp_addr.v6->source),
result+hit_cnt+hit_cnt_ip, MAX_SCAN_RESULT-hit_cnt-hit_cnt_ip, &n_hit_result, scan_mid);
if (scan_ret == MAAT_SCAN_HIT)
{
@@ -520,14 +537,14 @@ int tfe_scan_ipv6_addr(const struct tfe_stream *stream, long long *result, struc
{
hit_cnt_ip += scan_ret;
}
scan_ret = maat_scan_not_logic(tfe_get_maat_handle(), tfe_bussiness_tableid_get(PXY_CTRL_SOURCE_IP),
scan_ret = maat_scan_not_logic(tfe_get_maat_handle(), "TSG_OBJ_IP_ADDR", "ATTR_SOURCE_IP",
result+hit_cnt+hit_cnt_ip, MAX_SCAN_RESULT-hit_cnt-hit_cnt_ip, &n_hit_result, scan_mid);
if (scan_ret == MAAT_SCAN_HIT)
{
hit_cnt_ip += n_hit_result;
}
scan_ret = maat_scan_ipv6_port(tfe_get_maat_handle(), tfe_bussiness_tableid_get(PXY_CTRL_DESTINATION_IP), sapp_addr.v6->daddr, ntohs(sapp_addr.v6->dest),
scan_ret = maat_scan_ipv6_port(tfe_get_maat_handle(), "TSG_OBJ_IP_ADDR", "ATTR_DESTINATION_IP", sapp_addr.v6->daddr, ntohs(sapp_addr.v6->dest),
result+hit_cnt+hit_cnt_ip, MAX_SCAN_RESULT-hit_cnt-hit_cnt_ip, &n_hit_result, scan_mid);
if (scan_ret == MAAT_SCAN_HIT)
{
@@ -538,7 +555,7 @@ int tfe_scan_ipv6_addr(const struct tfe_stream *stream, long long *result, struc
{
hit_cnt_ip += scan_ret;
}
scan_ret = maat_scan_not_logic(tfe_get_maat_handle(), tfe_bussiness_tableid_get(PXY_CTRL_DESTINATION_IP),
scan_ret = maat_scan_not_logic(tfe_get_maat_handle(), "TSG_OBJ_IP_ADDR", "ATTR_DESTINATION_IP",
result+hit_cnt+hit_cnt_ip, MAX_SCAN_RESULT-hit_cnt-hit_cnt_ip, &n_hit_result, scan_mid);
if (scan_ret == MAAT_SCAN_HIT)
{
@@ -548,7 +565,7 @@ int tfe_scan_ipv6_addr(const struct tfe_stream *stream, long long *result, struc
return hit_cnt_ip;
}
int tfe_scan_subscribe_id(const struct tfe_stream *stream, long long *result, struct maat_state *scan_mid, int hit_cnt, void *logger)
int tfe_scan_subscribe_id(const struct tfe_stream *stream, uuid_t *result, struct maat_state *scan_mid, int hit_cnt, void *logger)
{
int scan_ret = 0;
int hit_cnt_ip = 0;
@@ -568,13 +585,15 @@ int tfe_scan_subscribe_id(const struct tfe_stream *stream, long long *result, st
if (strlen(source_subscribe_id))
{
scan_ret = maat_scan_string(tfe_get_maat_handle(), tfe_bussiness_tableid_get(PXY_CTRL_SUBSCRIBER_ID),
scan_ret = maat_scan_string(tfe_get_maat_handle(), "TSG_OBJ_SUBSCRIBER_ID", "ATTR_SUBSCRIBER_ID",
source_subscribe_id, strlen(source_subscribe_id),result + hit_cnt + hit_cnt_ip,
MAX_SCAN_RESULT - hit_cnt - hit_cnt_ip, &n_hit_result, scan_mid);
if (scan_ret == MAAT_SCAN_HIT)
{
TFE_LOG_INFO(logger, "Scan src TSG_OBJ_SUBSCRIBER_ID, Hit subid: %s scan ret: %d policy_id: %lld addr: %s",
source_subscribe_id, scan_ret, result[hit_cnt + hit_cnt_ip], stream->str_stream_info);
char result_str[UUID_STRING_SIZE]={0};
uuid_unparse(result[hit_cnt + hit_cnt_ip], result_str);
TFE_LOG_INFO(logger, "Scan src TSG_OBJ_SUBSCRIBER_ID, Hit subid: %s scan ret: %d policy_id: %s addr: %s",
source_subscribe_id, scan_ret, result_str, stream->str_stream_info);
hit_cnt_ip += n_hit_result;
}
else
@@ -582,7 +601,7 @@ int tfe_scan_subscribe_id(const struct tfe_stream *stream, long long *result, st
TFE_LOG_INFO(logger, "Scan src TSG_OBJ_SUBSCRIBER_ID, NO hit subid: %s scan ret: %d addr: %s",
source_subscribe_id, scan_ret, stream->str_stream_info);
}
scan_ret = maat_scan_not_logic(tfe_get_maat_handle(), tfe_bussiness_tableid_get(PXY_CTRL_SUBSCRIBER_ID),
scan_ret = maat_scan_not_logic(tfe_get_maat_handle(), "TSG_OBJ_SUBSCRIBER_ID", "ATTR_SUBSCRIBER_ID",
result + hit_cnt + hit_cnt_ip, MAX_SCAN_RESULT - hit_cnt - hit_cnt_ip, &n_hit_result, scan_mid);
if (scan_ret == MAAT_SCAN_HIT)
{

106
plugin/business/doh/src/doh.cpp
View File

@@ -118,7 +118,7 @@ static cJSON *doh_get_answer_records(struct doh_ctx *ctx, cJSON *object, int qty
return NULL;
}
void doh_action_param_free_cb(int table_id, void **ad, long argl, void *argp)
void doh_action_param_free_cb(const char *table_name, void **ad, long argl, void *argp)
{
if(*ad==NULL)
{
@@ -135,14 +135,14 @@ void doh_action_param_free_cb(int table_id, void **ad, long argl, void *argp)
pthread_mutex_unlock(&(param->lock));
pthread_mutex_destroy(&(param->lock));
if(param->hit_rule.srv_def_large)
FREE(&(param->hit_rule.srv_def_large))
if(param->hit_rule.action_parameter)
FREE(&(param->hit_rule.action_parameter))
FREE(&(param));
return;
}
static void doh_get_cheat_data(long long p_result, int qtype, struct doh_ctx *ctx, const char *str_stream_info)
static void doh_get_cheat_data(uuid_t p_result, int qtype, struct doh_ctx *ctx, const char *str_stream_info)
{
int i;
int answer_size = 0;
@@ -150,28 +150,24 @@ static void doh_get_cheat_data(long long p_result, int qtype, struct doh_ctx *ct
cJSON *item = NULL;
cJSON *object = NULL;
cJSON *answer_array = NULL;
int table_id=0;
table_id=maat_get_table_id(g_doh_conf->maat, "PXY_CTRL_COMPILE_PLUGIN");
if(table_id < 0)
{
return;
}
struct doh_action_param *get_ex_param=(struct doh_action_param *)maat_plugin_table_get_ex_data(g_doh_conf->maat, table_id, (const char *)&p_result, sizeof(p_result));
char result_str[UUID_STRING_SIZE]={0};
uuid_unparse(p_result, result_str);
struct doh_action_param *get_ex_param=(struct doh_action_param *)maat_plugin_table_get_ex_data(g_doh_conf->maat, "PXY_CTRL_RULE_PLUGIN", result_str, strlen(result_str));
if(get_ex_param==NULL)
{
return;
}
struct doh_maat_rule_t *hit_rule = &(get_ex_param->hit_rule);
if(hit_rule==NULL || hit_rule->srv_def_large==NULL)
if(hit_rule==NULL || hit_rule->action_parameter==NULL)
{
goto end;
}
memcpy(ctx->result, hit_rule, sizeof(struct doh_maat_rule_t));
TFE_LOG_INFO(g_doh_conf->local_logger, "%s hit %lld %s", str_stream_info, p_result, hit_rule->srv_def_large);
TFE_LOG_INFO(g_doh_conf->local_logger, "%s hit %s %s", str_stream_info, result_str, hit_rule->action_parameter);
object = cJSON_Parse(hit_rule->srv_def_large);
object = cJSON_Parse(hit_rule->action_parameter);
if (object == NULL)
{
goto end;
@@ -240,26 +236,25 @@ end:
}
}
static long long doh_fetch_rule(long long *result, int result_num)
static int doh_fetch_rule(uuid_t *result, uuid_t p_result, int result_num)
{
int i = 0;
long long p_result = 0;
uuid_clear(p_result);
for (i = 0; i < result_num && i < MAX_SCAN_RESULT; i++)
for (int i = 0; i < result_num && i < MAX_SCAN_RESULT; i++)
{
if (p_result == 0)
if (uuid_is_null(p_result) == 1)
{
p_result = result[i];
uuid_copy(p_result, result[i]);
continue;
}
if (result[i] > p_result)
if(uuid_compare(result[i], p_result) > 0)
{
p_result = result[i];
uuid_copy(p_result, result[i]);
}
}
return p_result;
return 0;
}
static void doh_maat_scan(const struct tfe_stream *stream, const struct tfe_http_session *session, struct doh_ctx *ctx, char *qname, int qtype)
@@ -268,8 +263,9 @@ static void doh_maat_scan(const struct tfe_stream *stream, const struct tfe_http
int scan_ret = 0;
size_t n_hit_result;
struct ipaddr sapp_addr;
long long p_result = 0;
long long result[MAX_SCAN_RESULT];
uuid_t p_result;
uuid_t result[MAX_SCAN_RESULT]={0};
char result_str[UUID_STRING_SIZE]={0};
scan_ret = tfe_scan_subscribe_id(stream, result, ctx->scan_mid, hit_cnt, g_doh_conf->local_logger);
if (scan_ret > 0)
@@ -287,27 +283,29 @@ static void doh_maat_scan(const struct tfe_stream *stream, const struct tfe_http
const char *host = session->req->req_spec.host;
if (host)
{
scan_ret = maat_scan_string(g_doh_conf->maat, g_doh_conf->tables[TYPE_HOST].id,host, strlen(host),
scan_ret = maat_scan_string(g_doh_conf->maat, "TSG_OBJ_FQDN", "ATTR_SERVER_FQDN", host, strlen(host),
result + hit_cnt, MAX_SCAN_RESULT - hit_cnt, &n_hit_result, ctx->scan_mid);
if (scan_ret == MAAT_SCAN_HIT)
{
TFE_LOG_INFO(g_doh_conf->local_logger, "Scan %s, Hit host: %s scan ret: %d policy_id: %lld addr: %s",
g_doh_conf->tables[TYPE_HOST].name, host, scan_ret, result[hit_cnt], stream->str_stream_info);
memset(result_str, 0, sizeof(result_str));
uuid_unparse(result[hit_cnt], result_str);
TFE_LOG_INFO(g_doh_conf->local_logger, "Scan %s, Hit host: %s scan ret: %d policy_id: %s addr: %s",
"ATTR_SERVER_FQDN", host, scan_ret, result_str, stream->str_stream_info);
hit_cnt += n_hit_result;
}
else
{
TFE_LOG_INFO(g_doh_conf->local_logger, "Scan %s, NO hit host: %s scan ret: %d addr: %s",
g_doh_conf->tables[TYPE_HOST].name, host, scan_ret, stream->str_stream_info);
"ATTR_SERVER_FQDN", host, scan_ret, stream->str_stream_info);
}
scan_ret = maat_scan_not_logic(g_doh_conf->maat, g_doh_conf->tables[TYPE_HOST].id,
scan_ret = maat_scan_not_logic(g_doh_conf->maat, "TSG_OBJ_FQDN", "ATTR_SERVER_FQDN",
result + hit_cnt, MAX_SCAN_RESULT - hit_cnt, &n_hit_result, ctx->scan_mid);
if (scan_ret == MAAT_SCAN_HIT)
{
hit_cnt += n_hit_result;
}
scan_ret = tfe_scan_fqdn_tags(stream, result, ctx->scan_mid, hit_cnt, g_doh_conf->tables[TYPE_HOST].id, g_doh_conf->local_logger);
scan_ret = tfe_scan_fqdn_tags(stream, result, ctx->scan_mid, hit_cnt, g_doh_conf->local_logger);
if (scan_ret > 0)
{
hit_cnt += scan_ret;
@@ -344,7 +342,7 @@ static void doh_maat_scan(const struct tfe_stream *stream, const struct tfe_http
}
// scan appid
long long app_id = 8006;
scan_ret = tfe_scan_app_id(result, ctx->scan_mid, hit_cnt, app_id, g_doh_conf->tables[TYPE_APPID].id);
scan_ret = tfe_scan_app_id(result, ctx->scan_mid, hit_cnt, app_id);
if(scan_ret > 0)
{
hit_cnt += scan_ret;
@@ -357,20 +355,22 @@ static void doh_maat_scan(const struct tfe_stream *stream, const struct tfe_http
}
// scan qname
scan_ret = maat_scan_string(g_doh_conf->maat, g_doh_conf->tables[TYPE_QNAME].id, qname, strlen(qname),
scan_ret = maat_scan_string(g_doh_conf->maat, "TSG_OBJ_FQDN", "ATTR_DOH_QNAME", qname, strlen(qname),
result + hit_cnt, MAX_SCAN_RESULT - hit_cnt, &n_hit_result, ctx->scan_mid);
if (scan_ret == MAAT_SCAN_HIT)
{
TFE_LOG_INFO(g_doh_conf->local_logger, "Scan %s, Hit domain: %s scan ret: %d qtype: %d policy_id: %lld addr: %s",
g_doh_conf->tables[TYPE_QNAME].name, qname, scan_ret, qtype, result[hit_cnt], stream->str_stream_info);
memset(result_str, 0, sizeof(result_str));
uuid_unparse(result[hit_cnt], result_str);
TFE_LOG_INFO(g_doh_conf->local_logger, "Scan %s, Hit domain: %s scan ret: %d qtype: %d policy_id: %s addr: %s",
"ATTR_DOH_QNAME", qname, scan_ret, qtype, result_str, stream->str_stream_info);
hit_cnt += n_hit_result;
}
else
{
TFE_LOG_INFO(g_doh_conf->local_logger, "Scan %s, NO hit domain: %s scan ret: %d addr: %s",
g_doh_conf->tables[TYPE_QNAME].name, qname, scan_ret, stream->str_stream_info);
"ATTR_DOH_QNAME", qname, scan_ret, stream->str_stream_info);
}
scan_ret = maat_scan_not_logic(g_doh_conf->maat, g_doh_conf->tables[TYPE_QNAME].id,
scan_ret = maat_scan_not_logic(g_doh_conf->maat, "TSG_OBJ_FQDN", "ATTR_DOH_QNAME",
result + hit_cnt, MAX_SCAN_RESULT - hit_cnt, &n_hit_result, ctx->scan_mid);
if (scan_ret == MAAT_SCAN_HIT)
{
@@ -379,8 +379,8 @@ static void doh_maat_scan(const struct tfe_stream *stream, const struct tfe_http
if (hit_cnt)
{
p_result = doh_fetch_rule(result, hit_cnt);
if (p_result != 0)
doh_fetch_rule(result, p_result, hit_cnt);
if (uuid_is_null(p_result) != 1)
{
ctx->result_num = 1;
ctx->result = ALLOC(struct doh_maat_rule_t, ctx->result_num);
@@ -389,26 +389,6 @@ static void doh_maat_scan(const struct tfe_stream *stream, const struct tfe_http
}
}
static int doh_maat_init(const char *profile, const char *section)
{
g_doh_conf->maat = tfe_get_maat_handle();
MESA_load_profile_string_def(profile, section, "table_appid", g_doh_conf->tables[TYPE_APPID].name, TFE_STRING_MAX, "ATTR_APP_ID");
MESA_load_profile_string_def(profile, section, "table_qname", g_doh_conf->tables[TYPE_QNAME].name, TFE_STRING_MAX, "ATTR_DOH_QNAME");
MESA_load_profile_string_def(profile, section, "table_host", g_doh_conf->tables[TYPE_HOST].name, TFE_STRING_MAX, "ATTR_SERVER_FQDN");
for (int i = 0; i < TYPE_MAX; i++)
{
g_doh_conf->tables[i].id = maat_get_table_id(g_doh_conf->maat, g_doh_conf->tables[i].name);
if (g_doh_conf->tables[i].id < 0)
{
TFE_LOG_ERROR(g_doh_conf->local_logger, "maat_get_table_id failed, table_name: %s", g_doh_conf->tables[i].name);
return -1;
}
}
return 0;
}
static void doh_gc_cb(evutil_socket_t fd, short what, void *arg)
{
int i = 0;
@@ -664,12 +644,6 @@ int doh_on_init(struct tfe_proxy *proxy)
TFE_LOG_ERROR(NULL, "Doh init kafka failed.");
goto error;
}
if (doh_maat_init(profile, "maat") != 0)
{
TFE_LOG_ERROR(NULL, "Doh init maat failed.");
goto error;
}
TFE_LOG_INFO(g_doh_conf->local_logger, "Doh init success.");
success:
@@ -838,7 +812,7 @@ void doh_send_metric_log(const struct tfe_stream * stream, struct doh_ctx *ctx,
}
fieldstat->tags[thread_id][TAG_VSYS_ID].value_longlong = ctx->result->vsys_id;
fieldstat->tags[thread_id][TAG_RULE_ID].value_longlong = ctx->result->config_id;
fieldstat->tags[thread_id][TAG_RULE_ID].value_str = ctx->result->config_uuid_string;
fieldstat->tags[thread_id][TAG_ACTION].value_longlong = 48;
fieldstat->tags[thread_id][TAG_SUB_ACTION].value_str = "redirect";

24
plugin/business/doh/src/logger.cpp
View File

@@ -8,20 +8,6 @@ struct json_spec
enum tfe_http_std_field field_id;
};
enum _log_action //Bigger action number is prior.
{
LG_ACTION_NONE = 0x00,
LG_ACTION_MONIT = 0x01,
LG_ACTION_FORWARD = 0x02, /* N/A */
LG_ACTION_REJECT = 0x10,
LG_ACTION_DROP = 0x20, /* N/A */
LG_ACTION_MANIPULATE = 0x30,
LG_ACTION_RATELIMIT = 0x40, /* N/A */
LG_ACTION_WHITELIST = 0x60,
LG_ACTION_SHUNT = 0x80,
__LG_ACTION_MAX
};
#define get_time_ms(tv) ((long long)(tv.tv_sec) * 1000 + (long long)(tv.tv_usec) / 1000)
static int get_rr_str2json(cJSON *object, dns_info_t *dns_info, int *dns_sec)
@@ -473,9 +459,9 @@ int doh_send_log(struct doh_conf *handle, const struct tfe_http_session *http, c
for (size_t i = 0; i < result_num; i++)
{
TFE_LOG_DEBUG(handle->local_logger, "URL: %s, policy_id: %lld, service: %d, do_log:%d",
TFE_LOG_DEBUG(handle->local_logger, "URL: %s, policy_id: %s, service: %d, do_log:%d",
http->req->req_spec.url,
result[i].config_id,
result[i].config_uuid_string,
result[i].service_id,
result[i].do_log);
@@ -485,11 +471,11 @@ int doh_send_log(struct doh_conf *handle, const struct tfe_http_session *http, c
}
cJSON *proxy_rule_list=NULL;
int config_id[1]={0};
char *config_id[1]={0};
per_hit_obj = cJSON_Duplicate(common_obj, 1);
config_id[0]=result[i].config_id;
proxy_rule_list = cJSON_CreateIntArray(config_id, 1);
config_id[0]=result[i].config_uuid_string;
proxy_rule_list = cJSON_CreateStringArray((const char **)config_id, 1);
cJSON_AddItemToObject(per_hit_obj, "proxy_rule_list", proxy_rule_list);
cJSON_AddStringToObject(per_hit_obj, "proxy_action", "redirect");

13
plugin/business/doh/src/pub.h
View File

@@ -41,12 +41,6 @@ enum doh_content_type
DOH_TYPE_UDPWIREFORMAT,
};
struct maat_table
{
int id;
char name[TFE_STRING_MAX];
};
struct doh_conf
{
int enable;
@@ -65,18 +59,19 @@ struct doh_conf
screen_stat_handle_t fs_handle;
struct maat *maat;
struct maat_table tables[TYPE_MAX];
};
struct doh_maat_rule_t
{
int vsys_id;
long long config_id;
uuid_t config_uuid;
char *config_uuid_string;
int service_id;
unsigned char do_log;
unsigned char do_blacklist;
unsigned char action;
char *srv_def_large;
int vsys_id;
char *action_parameter;
};
struct doh_ctx

8
plugin/business/tsg-http/include/http_lua.h
View File

@@ -11,13 +11,13 @@ struct tsg_lua_script
{
int lua_is_cache;
struct elua_vm **http_lua_handle;
int (*http_lua_profile)(int profile_id, struct elua_script ***elua_ctx, char **profile_msg, size_t *msg_len, int *timeout);
int (*http_lua_profile)(char *profile_uuid_str, struct elua_script ***elua_ctx, char **profile_msg, size_t *msg_len, int *timeout);
};
struct tsg_script_ctx
{
int config_id;
int profile_id;
char *config_uuid_str;
char *profile_uuid_str;
int http_req_uri;
int rewrite_header;
char *rewrite_uri;
@@ -37,6 +37,6 @@ struct elua_context * http_lua_ctx_new(struct tsg_lua_script *lua_script, unsign
void http_lua_ctx_free(struct tsg_lua_script *lua_script, unsigned int thread_id, struct elua_context * lua_ctx);
struct elua_script *http_lua_map_cache_script(struct elua_vm *vm, const char *script, size_t script_len, size_t timeout_ms);
size_t execute_lua_script_rule(struct tsg_lua_script *lua_script, int profile_id, struct elua_context * lua_ctx, unsigned int thread_id, void *user_data);
size_t execute_lua_script_rule(struct tsg_lua_script *lua_script, char *profile_uuid_str, struct elua_context * lua_ctx, unsigned int thread_id, void *user_data);
int http_lua_handle_create(struct tsg_lua_script *lua_script, int thread_num, const char *name_space);

7
plugin/business/tsg-http/include/tsg_proxy_logger.h
View File

@@ -5,13 +5,14 @@
struct log_rule_t
{
long long config_id;
int vsys_id;
uuid_t config_uuid;
char *config_uuid_string;
int service_id;
unsigned char do_log;
unsigned char do_blacklist;
unsigned char action;
char *srv_def_large;
int vsys_id;
char *action_parameter;
};
struct proxy_log

14
plugin/business/tsg-http/src/http_lua.cpp
View File

@@ -125,7 +125,7 @@ static int http_lua_log_debug(struct elua_vm *vm)
p += snprintf(p, sizeof(buff) - (p - buff), " %s", in);
}
TFE_LOG_DEBUG(tsg_ctx->local_logger, "policy_id:%d, profile_id:%d, message:%20s", tsg_ctx->config_id, tsg_ctx->profile_id, buff);
TFE_LOG_DEBUG(tsg_ctx->local_logger, "policy_id:%s, profile_id:%s, message:%20s", tsg_ctx->config_uuid_str, tsg_ctx->profile_uuid_str, buff);
http_free_params(out_lua_argv);
return 1;
@@ -161,7 +161,7 @@ static int http_lua_log_info(struct elua_vm *vm)
p += snprintf(p, sizeof(buff) - (p - buff), " %s", in);
}
TFE_LOG_INFO(tsg_ctx->local_logger, "policy_id:%d, profile_id:%d, message:%s", tsg_ctx->config_id, tsg_ctx->profile_id, buff);
TFE_LOG_INFO(tsg_ctx->local_logger, "policy_id:%s, profile_id:%s, message:%s", tsg_ctx->config_uuid_str, tsg_ctx->profile_uuid_str, buff);
http_free_params(out_lua_argv);
return 1;
@@ -197,7 +197,7 @@ static int http_lua_log_error(struct elua_vm *vm)
p += snprintf(p, sizeof(buff) - (p - buff), " %s", in);
}
TFE_LOG_ERROR(tsg_ctx->local_logger, "policy_id:%d, profile_id:%d, message:%s", tsg_ctx->config_id, tsg_ctx->profile_id, buff);
TFE_LOG_ERROR(tsg_ctx->local_logger, "policy_id:%s, profile_id:%s, message:%s", tsg_ctx->config_uuid_str, tsg_ctx->profile_uuid_str, buff);
http_free_params(out_lua_argv);
return 1;
@@ -683,7 +683,7 @@ static int http_lua_get_body(struct elua_vm *vm)
if(tsg_ctx->http_body == NULL)
{
TFE_LOG_ERROR(tsg_ctx->local_logger, "policy_id:%d, profile_id:%d, message:%s", tsg_ctx->config_id, tsg_ctx->profile_id, "Can't to get req/resp body data");
TFE_LOG_ERROR(tsg_ctx->local_logger, "policy_id:%s, profile_id:%s, message:%s", tsg_ctx->config_uuid_str, tsg_ctx->profile_uuid_str, "Can't to get req/resp body data");
return 0;
}
@@ -829,14 +829,14 @@ finish:
return 0;
}
size_t execute_lua_script_rule(struct tsg_lua_script *lua_script, int profile_id, struct elua_context *elua_ctx, unsigned int thread_id, void *user_data)
size_t execute_lua_script_rule(struct tsg_lua_script *lua_script, char *profile_uuid_str, struct elua_context *elua_ctx, unsigned int thread_id, void *user_data)
{
int ret=0;
char *profile_msg=NULL;
size_t msg_len=0; int timeout=0;
struct elua_script **escript=NULL;
ret=lua_script->http_lua_profile(profile_id, &escript, &profile_msg, &msg_len, &timeout);
ret=lua_script->http_lua_profile(profile_uuid_str, &escript, &profile_msg, &msg_len, &timeout);
if(ret<0)
{
return ret;
@@ -856,7 +856,7 @@ size_t execute_lua_script_rule(struct tsg_lua_script *lua_script, int profile_id
struct tsg_script_ctx *tsg_ctx= (struct tsg_script_ctx *)user_data;
if(tsg_ctx != NULL && tsg_ctx->local_logger != NULL)
{
TFE_LOG_ERROR(tsg_ctx->local_logger, "policy_id:%d, profile_id:%d, error_code:%d, error: %s", tsg_ctx->config_id, tsg_ctx->profile_id, ret, elua_get_last_error_string(lua_script->http_lua_handle[thread_id]));
TFE_LOG_ERROR(tsg_ctx->local_logger, "policy_id:%s, profile_id:%s, error_code:%d, error: %s", tsg_ctx->config_uuid_str, tsg_ctx->profile_uuid_str, ret, elua_get_last_error_string(lua_script->http_lua_handle[thread_id]));
}
}
if(profile_msg != NULL)

731
plugin/business/tsg-http/src/tsg_http.cpp
View File

File diff suppressed because it is too large Load Diff

16
plugin/business/tsg-http/src/tsg_logger.cpp
View File

@@ -356,21 +356,21 @@ int proxy_send_log(struct proxy_logger* handle, const struct proxy_log* log_msg)
}
int j=0, enable_monit=0;
int monit_config_id[16]={0};
char *monit_config_id[16]={0};
for(size_t i=0; i<log_msg->result_num; i++)
{
if(log_msg->result[i].action == LG_ACTION_MONIT)
{
monit_config_id[j]=log_msg->result[i].config_id;
monit_config_id[j]=log_msg->result[i].config_uuid_string;
j++;
}
}
for(size_t i=0; i<log_msg->result_num; i++)
{
TFE_LOG_DEBUG(handle->local_logger, "URL: %s, policy_id: %lld, service: %d, do_log:%d",
TFE_LOG_DEBUG(handle->local_logger, "URL: %s, policy_id: %s, service: %d, do_log:%d",
http->req->req_spec.url,
log_msg->result[i].config_id,
log_msg->result[i].config_uuid_string,
log_msg->result[i].service_id,
log_msg->result[i].do_log);
@@ -385,17 +385,17 @@ int proxy_send_log(struct proxy_logger* handle, const struct proxy_log* log_msg)
}
cJSON *proxy_rule_list=NULL;
int config_id[1]={0};
char *config_id[1]={0};
per_hit_obj=cJSON_Duplicate(common_obj, 1);
if(log_msg->result[i].action == LG_ACTION_MONIT)
{
proxy_rule_list = cJSON_CreateIntArray(monit_config_id, j);
proxy_rule_list = cJSON_CreateStringArray((const char **)monit_config_id, j);
enable_monit=1;
}
else
{
config_id[0]=log_msg->result[i].config_id;
proxy_rule_list = cJSON_CreateIntArray(config_id, 1);
config_id[0]=log_msg->result[i].config_uuid_string;
proxy_rule_list = cJSON_CreateStringArray((const char **)config_id, 1);
}
cJSON_AddItemToObject(per_hit_obj, "proxy_rule_list", proxy_rule_list);
cJSON_AddNumberToObject(per_hit_obj, "vsys_id", log_msg->result[i].vsys_id);

47
plugin/business/tsg-http/test/test_http_lua.cpp
View File

@@ -163,10 +163,11 @@ static int lua_http_default_headers_init(struct def_lua_http_headers *lua_http_h
return 0;
}
int http_lua_profile_for_test(int profile_id, struct elua_script ***elua_ctx, char **profile_msg, size_t *msg_len, int *timeout)
int http_lua_profile_for_test(char *profile_id_str, struct elua_script ***elua_ctx, char **profile_msg, size_t *msg_len, int *timeout)
{
size_t input_sz;
const char *filename[]= {"./test_data/http_session.lua", "./test_data/header_filter_by_lua.lua"};
int profile_id=atoi(profile_id_str);
char *input= tfe_read_file(filename[profile_id], &input_sz);
*profile_msg=tfe_strdup(input);
@@ -221,7 +222,8 @@ const struct tfe_http_session *lua_http_session_init()
TEST(TSG_LUA_SCRIPT, Lua_TimeOut)
{
int ret=0;
int profile_id=0,thread_id=0;
int thread_id=0;
const char *profile_id_str = "0";
struct tsg_script_ctx tsg_ctx;
struct timespec start_time, end_time;
@@ -235,7 +237,7 @@ TEST(TSG_LUA_SCRIPT, Lua_TimeOut)
lua_script->http_lua_profile = http_lua_profile_for_test;
clock_gettime(CLOCK_REALTIME, &(start_time));
ret = execute_lua_script_rule(lua_script, profile_id, NULL, thread_id, (void *)&tsg_ctx);
ret = execute_lua_script_rule(lua_script, (char *)profile_id_str, NULL, thread_id, (void *)&tsg_ctx);
EXPECT_TRUE(ret!=0);
clock_gettime(CLOCK_REALTIME, &(end_time));
@@ -250,7 +252,8 @@ TEST(TSG_LUA_SCRIPT, Lua_TimeOut)
TEST(TSG_LUA_SCRIPT, Req_Uri)
{
int ret=0;
int profile_id=0,thread_id=0;
int thread_id=0;
const char *profile_id_str = "0";
struct tsg_script_ctx tsg_ctx;
memset(&tsg_ctx, 0, sizeof(tsg_ctx));
@@ -262,7 +265,7 @@ TEST(TSG_LUA_SCRIPT, Req_Uri)
lua_script->http_lua_profile = http_lua_profile_for_test;
tsg_ctx.session->req->req_spec.uri = tfe_strdup("forecast");
ret = execute_lua_script_rule(lua_script, profile_id, NULL, thread_id, (void *)&tsg_ctx);
ret = execute_lua_script_rule(lua_script, (char *)profile_id_str, NULL, thread_id, (void *)&tsg_ctx);
EXPECT_TRUE(ret==0);
EXPECT_STREQ(tsg_ctx.rewrite_uri,"team");
@@ -276,7 +279,8 @@ TEST(TSG_LUA_SCRIPT, Req_Uri)
TEST(TSG_LUA_SCRIPT, Req_Header)
{
int ret=0;
int profile_id=0,thread_id=0;
int thread_id=0;
const char *profile_id_str = "0";
struct tsg_script_ctx tsg_ctx;
memset(&tsg_ctx, 0, sizeof(tsg_ctx));
@@ -287,7 +291,7 @@ TEST(TSG_LUA_SCRIPT, Req_Header)
lua_script->http_lua_profile = http_lua_profile_for_test;
tsg_ctx.session->req->req_spec.method = TFE_HTTP_METHOD_GET;
ret = execute_lua_script_rule(lua_script, profile_id, NULL, thread_id, (void *)&tsg_ctx);
ret = execute_lua_script_rule(lua_script, (char *)profile_id_str, NULL, thread_id, (void *)&tsg_ctx);
EXPECT_TRUE(ret==0);
const char* user_agent_val=tfe_http_std_field_read(tsg_ctx.session->resp, TFE_HTTP_USER_AGENT);
@@ -307,7 +311,8 @@ TEST(TSG_LUA_SCRIPT, Req_Header)
TEST(TSG_LUA_SCRIPT, Resp_Header)
{
int ret=0;
int profile_id=0,thread_id=0;
int thread_id=0;
const char *profile_id_str = "0";
struct tsg_script_ctx tsg_ctx;
memset(&tsg_ctx,0,sizeof(struct tsg_script_ctx));
@@ -318,7 +323,7 @@ TEST(TSG_LUA_SCRIPT, Resp_Header)
lua_script->http_lua_profile = http_lua_profile_for_test;
tsg_ctx.session->resp->resp_spec.resp_code = 200;
ret = execute_lua_script_rule(lua_script, profile_id, NULL, thread_id, (void *)&tsg_ctx);
ret = execute_lua_script_rule(lua_script, (char *)profile_id_str, NULL, thread_id, (void *)&tsg_ctx);
EXPECT_TRUE(ret==0);
const char* content_type_val=tfe_http_std_field_read(tsg_ctx.session->resp, TFE_HTTP_CONT_TYPE);
@@ -334,7 +339,8 @@ TEST(TSG_LUA_SCRIPT, Resp_Header)
TEST(TSG_LUA_SCRIPT, Req_Data)
{
int ret=0;
int profile_id=0,thread_id=0;
int thread_id=0;
const char *profile_id_str = "0";
struct tsg_script_ctx tsg_ctx;
memset(&tsg_ctx,0,sizeof(struct tsg_script_ctx));
@@ -348,7 +354,7 @@ TEST(TSG_LUA_SCRIPT, Req_Data)
tsg_ctx.http_body = evbuffer_new();
evbuffer_add(tsg_ctx.http_body, input, strlen(input));
ret = execute_lua_script_rule(lua_script, profile_id, NULL, thread_id, (void *)&tsg_ctx);
ret = execute_lua_script_rule(lua_script, (char *)profile_id_str, NULL, thread_id, (void *)&tsg_ctx);
EXPECT_TRUE(ret==0);
ASSERT_TRUE(tsg_ctx.http_lua_body!=NULL);
@@ -372,7 +378,8 @@ TEST(TSG_LUA_SCRIPT, Req_Data)
TEST(TSG_LUA_SCRIPT, Resq_Data)
{
int ret=0;
int profile_id=0,thread_id=0;
int thread_id=0;
const char *profile_id_str = "0";
struct tsg_script_ctx tsg_ctx;
memset(&tsg_ctx,0,sizeof(struct tsg_script_ctx));
@@ -386,7 +393,7 @@ TEST(TSG_LUA_SCRIPT, Resq_Data)
tsg_ctx.http_body = evbuffer_new();
evbuffer_add(tsg_ctx.http_body, input, strlen(input));
ret = execute_lua_script_rule(lua_script, profile_id, NULL, thread_id, (void *)&tsg_ctx);
ret = execute_lua_script_rule(lua_script, (char *)profile_id_str, NULL, thread_id, (void *)&tsg_ctx);
EXPECT_TRUE(ret==0);
ASSERT_TRUE(tsg_ctx.http_lua_body!=NULL);
@@ -410,7 +417,8 @@ TEST(TSG_LUA_SCRIPT, Resq_Data)
TEST(TSG_LUA_SCRIPT, Lua_Http_Session)
{
int ret=0;
int profile_id=0,thread_id=0;
int thread_id=0;
const char *profile_id_str = "0";
struct tsg_script_ctx tsg_ctx;
memset(&tsg_ctx,0,sizeof(struct tsg_script_ctx));
@@ -421,7 +429,7 @@ TEST(TSG_LUA_SCRIPT, Lua_Http_Session)
lua_script->http_lua_profile = http_lua_profile_for_test;
tsg_ctx.elua_ctx=http_lua_ctx_new(lua_script, thread_id);
ret = execute_lua_script_rule(lua_script, profile_id, tsg_ctx.elua_ctx, thread_id, (void *)&tsg_ctx);
ret = execute_lua_script_rule(lua_script, (char *)profile_id_str, tsg_ctx.elua_ctx, thread_id, (void *)&tsg_ctx);
EXPECT_TRUE(ret==0);
const char* content_type_val=tfe_http_std_field_read(tsg_ctx.session->resp, TFE_HTTP_CONT_TYPE);
@@ -433,7 +441,7 @@ TEST(TSG_LUA_SCRIPT, Lua_Http_Session)
const char *user_input="This is response data";
evbuffer_add(tsg_ctx.http_body, user_input, strlen(user_input));
ret = execute_lua_script_rule(lua_script, profile_id, tsg_ctx.elua_ctx, thread_id, (void *)&tsg_ctx);
ret = execute_lua_script_rule(lua_script, (char *)profile_id_str, tsg_ctx.elua_ctx, thread_id, (void *)&tsg_ctx);
EXPECT_TRUE(ret==0);
EXPECT_TRUE(tsg_ctx.http_lua_body!=NULL);
@@ -458,7 +466,8 @@ TEST(TSG_LUA_SCRIPT, Lua_Http_Session)
TEST(TSG_LUA_SCRIPT, Lua_Http_Header_Filter)
{
int ret=0;
int profile_id=1,thread_id=0;
int thread_id=0;
const char *profile_id_str = "1";
struct tsg_script_ctx tsg_ctx;
memset(&tsg_ctx,0,sizeof(struct tsg_script_ctx));
@@ -471,7 +480,7 @@ TEST(TSG_LUA_SCRIPT, Lua_Http_Header_Filter)
lua_http_headers_clear();
tsg_ctx.replacing=tsg_ctx.session->resp;
ret = execute_lua_script_rule(lua_script, profile_id, tsg_ctx.elua_ctx, thread_id, (void *)&tsg_ctx);
ret = execute_lua_script_rule(lua_script, (char *)profile_id_str, tsg_ctx.elua_ctx, thread_id, (void *)&tsg_ctx);
EXPECT_TRUE(ret==0);
const char *server_type_val=tfe_http_std_field_read(tsg_ctx.replacing, TFE_HTTP_SERVER);
@@ -489,7 +498,7 @@ TEST(TSG_LUA_SCRIPT, Lua_Http_Header_Filter)
const char *user_input="This is response data";
evbuffer_add(tsg_ctx.http_body, user_input, strlen(user_input));
ret = execute_lua_script_rule(lua_script, profile_id, tsg_ctx.elua_ctx, thread_id, (void *)&tsg_ctx);
ret = execute_lua_script_rule(lua_script, (char *)profile_id_str, tsg_ctx.elua_ctx, thread_id, (void *)&tsg_ctx);
EXPECT_TRUE(ret==0);
EXPECT_TRUE(tsg_ctx.http_lua_body!=NULL);
char *__http_body=(char *) evbuffer_pullup(tsg_ctx.http_lua_body, -1);

2
resource/pangu/doh.json
View File

@@ -1,5 +1,5 @@
{
"compile_table": "PXY_CTRL_COMPILE",
"compile_table": "PXY_CTRL_RULE",
"group_table": "GROUP_COMPILE_RELATION",
"rules": [
{

244
resource/pangu/pangu_http.json
View File

@@ -1,220 +1,32 @@
{
"compile_table": "PXY_CTRL_COMPILE",
"group2compile_table": "GROUP_PXY_CTRL_COMPILE_RELATION",
"group2group_table": "GROUP_GROUP_RELATION",
"rule_table": "PXY_CTRL_RULE",
"object2object_table": "OBJECT_GROUP",
"rules": [
{
"compile_id": 1021,
"uuid": "40c9c6a7-70a9-48ae-9fba-ec7966edd3c6",
"service": 1,
"action": 48,
"action": 1,
"do_blacklist": 1,
"do_log": 1,
"effective_range": 0,
"tags":"{\"tag_sets\":[[{\"tag\":\"device_id\",\"value\":[\"device_3\",\"device_4\"]}]]}",
"user_region": "{\"protocol\":\"http\",\"method\":\"redirect\",\"code\":302,\"to\":\"https://www.jd.com\"}",
"is_valid": "yes",
"groups": [
"conditions": [
{
"virtual_table":"ATTR_HTTP_URL",
"group_name":"http_url",
"group_id":101,
"not_flag":0,
"regions": [
"attribute_name": "ATTR_HTTP_URL",
"objects": [
{
"items": [
{
"table_name": "TSG_OBJ_URL",
"table_type": "expr",
"table_content": {
"keywords": "baidu.com",
"expr_type": "regex",
"match_method": "sub",
"format": "uncase plain"
}
}
]
},
{
"virtual_table":"ATTR_APP_ID",
"group_name":"app_id",
"group_id":201,
"not_flag":0
}
]
},
{
"compile_id": 1022,
"service": 1,
"action": 48,
"do_blacklist": 1,
"do_log": 1,
"effective_range": 0,
"tags":"{\"tag_sets\":[[{\"tag\":\"device_id\",\"value\":[\"device_3\",\"device_4\"]}]]}",
"user_region": "{\"protocol\":\"http\",\"method\":\"redirect\",\"code\":302,\"to\":\"https://www.jd.com\"}",
"is_valid": "yes",
"groups": [
{
"group_name":"http_url",
"virtual_table":"ATTR_HTTP_URL"
}
]
},
{
"compile_id": 1023,
"service": 1,
"action": 48,
"do_blacklist": 1,
"do_log": 1,
"effective_range": 0,
"user_region": "{\"protocol\":\"http\",\"method\":\"replace\",\"rules\":[{\"search_in\":\"http_resp_body\",\"find\":\"邮箱\",\"replace_with\":\"test\"}]}",
"is_valid": "yes",
"groups": [
{
"virtual_table":"ATTR_SERVER_FQDN",
"group_name":"http_fqdn",
"group_id":102,
"not_flag":0,
"regions": [
{
"table_name": "TSG_OBJ_FQDN",
"table_type": "expr",
"table_content": {
"keywords": "www.126.com",
"expr_type": "regex",
"match_method": "sub",
"format": "uncase plain"
"keywords": "test123456",
"expr_type": "and"
}
}
]
}
]
},
{
"compile_id": 1024,
"service": 1,
"action": 48,
"do_blacklist": 1,
"do_log": 1,
"effective_range": 0,
"user_region":"{\"protocol\":\"http\",\"method\":\"replace\",\"rules\":[{\"search_in\":\"http_resp_body\",\"find\":\"账号登录\",\"replace_with\":\"Login\"}]}",
"is_valid": "yes",
"groups": [
{
"group_name":"http_fqdn",
"virtual_table":"ATTR_HTTP_HOST",
"not_flag":0
}
]
},
{
"compile_id": 1025,
"service": 1,
"action": 48,
"do_blacklist": 1,
"do_log": 1,
"effective_range": 0,
"user_region": "{\"protocol\":\"http\",\"method\":\"replace\",\"rules\":[{\"search_in\":\"http_resp_body\",\"find\":\"会员\",\"replace_with\":\"用户\"}]}",
"is_valid": "yes",
"groups": [
{
"group_name":"http_fqdn",
"virtual_table":"ATTR_DOH_QNAME",
"not_flag":0
}
]
},
{
"compile_id": 1026,
"service": 1,
"action": 48,
"do_blacklist": 1,
"do_log": 1,
"effective_range": 0,
"user_region": "{\"protocol\":\"http\",\"method\":\"block\",\"code\":403,\"message\":\"error\"}",
"is_valid": "yes",
"groups": [
{
"virtual_table":"ATTR_HTTP_REQ_HDR",
"group_name":"http_signature_ua",
"group_id":103,
"not_flag":0,
"regions": [
{
"table_name": "TSG_OBJ_HTTP_SIGNATURE",
"table_type": "expr_plus",
"table_content": {
"district": "User-Agent",
"keywords": "Chrome",
"expr_type": "none",
"match_method": "sub",
"format": "uncase plain"
}
}
]
},
{
"virtual_table":"ATTR_HTTP_REQ_HDR",
"group_name":"http_signature_cookie",
"group_id":104,
"not_flag":0,
"regions": [
{
"table_name": "TSG_OBJ_HTTP_SIGNATURE",
"table_type": "expr_plus",
"table_content": {
"district": "Cookie",
"keywords": "uid=12345678",
"expr_type": "none",
"match_method": "sub",
"format": "uncase plain"
}
}
]
}
]
},
{
"compile_id": 1027,
"service": 1,
"action": 48,
"do_blacklist": 1,
"do_log": 1,
"effective_range": 0,
"user_region": "test",
"is_valid": "yes",
"groups": [
{
"virtual_table":"ATTR_HTTP_URL",
"group_name":"http_url_bing",
"group_id": 105,
"not_flag":0,
"regions": [
{
"table_name": "TSG_OBJ_URL",
"table_type": "expr",
"table_content": {
"keywords": "bing.com",
"expr_type": "regex",
"match_method": "sub",
"format": "uncase plain"
}
}
]
}
]
},
{
"compile_id": 1028,
"service": 1,
"action": 48,
"do_blacklist": 1,
"do_log": 1,
"effective_range": 0,
"user_region": "{\"protocol\":\"http\",\"method\":\"block\",\"code\":403,\"message\":\"error\"}",
"is_valid": "yes",
"groups": [
{
"group_name":"http_url_bing",
"virtual_table":"ATTR_HTTP_URL"
}
]
}
@@ -223,68 +35,68 @@
{
"table_name": "TSG_PROFILE_TRAFFIC_MIRROR",
"table_content": [
"{\"uuid\":\"TRAFFIC0-MIRR-0000-0000-000000000001\",\"vlan_ids\":[1,2,3,4,5,6,7,8,9],\"is_valid\":1}"
{"uuid":"TRAFFIC0-MIRR-0000-0000-000000000001","vlan_ids":[1,2,3,4,5,6,7,8,9],"is_valid":1}
]
},
{
"table_name": "TSG_PROFILE_RESPONSE_PAGES",
"table_content": [
"101\t404\thtml\t./resource/pangu/policy_file/404.html\t1"
{"uuid":"RESPONSE-PAGES-0000-0000-000000000001","profile_name":"404","format":"html","path":"./resource/pangu/policy_file/404.html","is_valid":1,"modified_time":"1716531859000000"}
]
},
{
"table_name": "PXY_PROFILE_HIJACK_FILES",
"table_content": [
"201\tchakanqi\tchakanqi-947KB.exe\tapplication/x-msdos-program\t./resource/pangu/policy_file/chakanqi-947KB.exe\t1"
{"uuid":"HIJACK-FILES-0000-0000-000000000001","profile_name":"chakanqi","content_name":"chakanqi-947KB.exe","content_type":"application/x-msdos-program","path":"./resource/pangu/policy_file/chakanqi-947KB.exe","is_valid":1,"modified_time":"1716531859000000"}
]
},
{
"table_name": "PXY_PROFILE_INSERT_SCRIPTS",
"table_content": [
"301\ttime\tjs\t./resource/pangu/policy_file/time.js\tbefore_page_load\t1"
{"uuid":"INSERT-SCRIPTS-0000-0000-000000000001","profile_name":"time","format":"js","insert_on":"before_page_load","path":"./resource/pangu/policy_file/time.js","is_valid":1,"modified_time":"1716531859000000"}
]
},
{
"table_name": "PXY_PROFILE_DECRYPTION",
"table_content": [
"{\"uuid\":\"DECRYPT0-0000-0000-0000-000000000001\",\"decryption\":{\"dynamic_bypass\":{\"ev_cert\":0,\"cert_transparency\":0,\"mutual_authentication\":1,\"cert_pinning\":1,\"protocol_errors\":1,\"trusted_root_cert_is_not_installed_on_client\":1},\"protocol_version\":{\"min\":\"ssl3\",\"max\":\"ssl3\",\"mirror_client\":1,\"allow_http2\":1},\"certificate_checks\":{\"approach\":{\"cn\":1,\"issuer\":1,\"self-signed\":1,\"expiration\":0},\"fail_action\":\"pass-through\"}},\"is_valid\":1}",
"{\"uuid\":\"DECRYPT0-0000-0000-0000-000000000003\",\"decryption\":{\"dynamic_bypass\":{\"ev_cert\":1,\"cert_transparency\":1,\"mutual_authentication\":1,\"cert_pinning\":1,\"protocol_errors\":1,\"trusted_root_cert_is_not_installed_on_client\":0},\"protocol_version\":{\"min\":\"ssl3\",\"max\":\"tls13\",\"mirror_client\":1,\"allow_http2\":1},\"certificate_checks\":{\"approach\":{\"cn\":1,\"issuer\":1,\"self-signed\":1,\"expiration\":1},\"fail_action\":\"fail-close\"}},\"is_valid\":1}",
"{\"uuid\":\"DECRYPT0-0000-0000-0000-000000000004\",\"decryption\":{\"dynamic_bypass\":{\"ev_cert\":0,\"cert_transparency\":0,\"mutual_authentication\":0,\"cert_pinning\":0,\"protocol_errors\":0,\"trusted_root_cert_is_not_installed_on_client\":0},\"protocol_version\":{\"min\":\"ssl3\",\"max\":\"ssl3\",\"mirror_client\":0,\"allow_http2\":0},\"certificate_checks\":{\"approach\":{\"cn\":0,\"issuer\":0,\"self-signed\":0,\"expiration\":0},\"fail_action\":\"pass-through\"}},\"is_valid\":1}"
{"uuid":"DECRYPT0-0000-0000-0000-000000000001","decryption":{"dynamic_bypass":{"ev_cert":0,"cert_transparency":0,"mutual_authentication":1,"cert_pinning":1,"protocol_errors":1,"trusted_root_cert_is_not_installed_on_client":1},"protocol_version":{"min":"ssl3","max":"ssl3","mirror_client":1,"allow_http2":1},"certificate_checks":{"approach":{"cn":1,"issuer":1,"self-signed":1,"expiration":0},"fail_action":"pass-through"}},"is_valid":1},
{"uuid":"DECRYPT0-0000-0000-0000-000000000003","decryption":{"dynamic_bypass":{"ev_cert":1,"cert_transparency":1,"mutual_authentication":1,"cert_pinning":1,"protocol_errors":1,"trusted_root_cert_is_not_installed_on_client":0},"protocol_version":{"min":"ssl3","max":"tls13","mirror_client":1,"allow_http2":1},"certificate_checks":{"approach":{"cn":1,"issuer":1,"self-signed":1,"expiration":1},"fail_action":"fail-close"}},"is_valid":1},
{"uuid":"DECRYPT0-0000-0000-0000-000000000004","decryption":{"dynamic_bypass":{"ev_cert":0,"cert_transparency":0,"mutual_authentication":0,"cert_pinning":0,"protocol_errors":0,"trusted_root_cert_is_not_installed_on_client":0},"protocol_version":{"min":"ssl3","max":"ssl3","mirror_client":0,"allow_http2":0},"certificate_checks":{"approach":{"cn":0,"issuer":0,"self-signed":0,"expiration":0},"fail_action":"pass-through"}},"is_valid":1}
]
},
{
"table_name": "PXY_INTERCEPT_RULE",
"table_content": [
"{\"uuid\":\"INTERCEP-0000-0000-0000-000000000001\",\"action_parameter\":{\"vsys_id\":1,\"keyring_for_trusted\":\"KERING00-TRUS-0000-0000-000000000001\",\"keyring_for_untrusted\":\"KERING00-UNTR-0000-0000-000000000001\",\"decryption_profile\":\"DECRYPT0-0000-0000-0000-000000000001\",\"tcp_option_profile\":\"TCPOPT00-0000-0000-0000-000000000001\",\"traffic_mirror\":{\"enable\":0}},\"is_valid\":1}",
"{\"uuid\":\"INTERCEP-0000-0000-0000-000000000002\",\"action_parameter\":{\"vsys_id\":1,\"keyring_for_trusted\":\"KERING00-TRUS-0000-0000-000000000001\",\"keyring_for_untrusted\":\"KERING00-UNTR-0000-0000-000000000001\",\"decryption_profile\":\"DECRYPT0-0000-0000-0000-000000000001\",\"tcp_option_profile\":\"TCPOPT00-0000-0000-0000-000000000001\",\"traffic_mirror\":{\"enable\":1,\"mirror_profile\":\"TRAFFIC0-MIRR-0000-0000-000000000001\"}},\"is_valid\":1}"
{"uuid":"INTERCEP-0000-0000-0000-000000000001","action_parameter":{"vsys_id":1,"keyring_for_trusted":"KERING00-TRUS-0000-0000-000000000001","keyring_for_untrusted":"KERING00-UNTR-0000-0000-000000000001","decryption_profile":"DECRYPT0-0000-0000-0000-000000000001","tcp_option_profile":"TCPOPT00-0000-0000-0000-000000000001","traffic_mirror":{"enable":0}},"is_valid":1},
{"uuid":"INTERCEP-0000-0000-0000-000000000002","action_parameter":{"vsys_id":1,"keyring_for_trusted":"KERING00-TRUS-0000-0000-000000000001","keyring_for_untrusted":"KERING00-UNTR-0000-0000-000000000001","decryption_profile":"DECRYPT0-0000-0000-0000-000000000001","tcp_option_profile":"TCPOPT00-0000-0000-0000-000000000001","traffic_mirror":{"enable":1,"mirror_profile":"TRAFFIC0-MIRR-0000-0000-000000000001"}},"is_valid":1}
]
},
{
"table_name": "SERVICE_CHAINING_RULE",
"table_content": [
"{\"uuid\":\"SC000000-0000-0000-1111-000000000001\",\"effective_range\":{},\"action_parameter\":{\"vsys_id\":1,\"targeted_traffic\":\"raw\",\"sff_profiles\":[\"00000000-0000-0000-2222-000000000001\"]},\"is_valid\":1}",
"{\"uuid\":\"SC000000-0000-0000-1111-000000000011\",\"effective_range\":{},\"action_parameter\":{\"vsys_id\":1,\"targeted_traffic\":\"decrypted\",\"sff_profiles\":[\"00000000-0000-0000-2222-000000000001\",]},\"is_valid\":1}"
{"uuid":"SC000000-0000-0000-1111-000000000001","effective_range":{},"action_parameter":{"vsys_id":1,"targeted_traffic":"raw","sff_profiles":["00000000-0000-0000-2222-000000000001"]},"is_valid":1},
{"uuid":"SC000000-0000-0000-1111-000000000011","effective_range":{},"action_parameter":{"vsys_id":1,"targeted_traffic":"decrypted","sff_profiles":["00000000-0000-0000-2222-000000000001",]},"is_valid":1}
]
},
{
"table_name": "PXY_PROFILE_TCP_OPTION",
"table_content": [
"{\"uuid\":\"TCPOPT00-0000-0000-0000-000000000001\",\"tcp_passthrough\":0,\"bypass_duplicated_packet\":0,\"client_side_conn_param\":{\"tcp_maxseg\":{\"enable\":0,\"maxseg\":1500},\"nodelay\":1,\"keep_alive\":{\"enable\":1,\"tcp_keepcnt\":8,\"tcp_keepidle\":30,\"tcp_keepintvl\":15},\"ttl\":70,\"user_timeout\":{\"enable\":1,\"timeout_ms\":600}},\"server_side_conn_param\":{\"tcp_maxseg\":{\"enable\":0,\"maxseg\":1500},\"nodelay\":1,\"keep_alive\":{\"enable\":1,\"tcp_keepcnt\":8,\"tcp_keepidle\":30,\"tcp_keepintvl\":15},\"ttl\":70,\"user_timeout\":{\"enable\":1,\"timeout_ms\":600}},\"is_valid\":1}"
{"uuid":"TCPOPT00-0000-0000-0000-000000000001","tcp_passthrough":0,"bypass_duplicated_packet":0,"client_side_conn_param":{"tcp_maxseg":{"enable":0,"maxseg":1500},"nodelay":1,"keep_alive":{"enable":1,"tcp_keepcnt":8,"tcp_keepidle":30,"tcp_keepintvl":15},"ttl":70,"user_timeout":{"enable":1,"timeout_ms":600}},"server_side_conn_param":{"tcp_maxseg":{"enable":0,"maxseg":1500},"nodelay":1,"keep_alive":{"enable":1,"tcp_keepcnt":8,"tcp_keepidle":30,"tcp_keepintvl":15},"ttl":70,"user_timeout":{"enable":1,"timeout_ms":600}},"is_valid":1}
]
},
{
"table_name": "PXY_SSL_FINGERPRINT",
"table_content": [
"{\"uuid\":\"JA300000-0000-0000-0000-000000000001\",\"ja3_hash\":\"599f223c2c9ee5702f5762913889dc21\",\"pinning_state\":1,\"is_valid\":1}",
"{\"uuid\":\"JA300000-0000-0000-0000-000000000002\",\"ja3_hash\":\"eb149984fc9c44d85ed7f12c90d818be\",\"pinning_state\":1,\"is_valid\":1}",
"{\"uuid\":\"JA300000-0000-0000-0000-000000000003\",\"ja3_hash\":\"e6573e91e6eb777c0933c5b8f97f10cd\",\"pinning_state\":1,\"is_valid\":1}"
{"uuid":"JA300000-0000-0000-0000-000000000001","ja3_hash":"599f223c2c9ee5702f5762913889dc21","pinning_state":1,"is_valid":1},
{"uuid":"JA300000-0000-0000-0000-000000000002","ja3_hash":"eb149984fc9c44d85ed7f12c90d818be","pinning_state":1,"is_valid":1},
{"uuid":"JA300000-0000-0000-0000-000000000003","ja3_hash":"e6573e91e6eb777c0933c5b8f97f10cd","pinning_state":1,"is_valid":1}
]
},
{
"table_name": "APP_ID_DICT",
"table_content": [
"67\thttp\t0\tnull\tnetworking\tinfrastructure\tnetwork-protocol\t3\tused-by-malware,vulnerability,widely-used\tnull\tnull\t{\"method\":\"drop\",\"after_n_packets\":0,\"send_icmp_unreachable\":1,\"send_tcp_reset\":1}\t0\t60\t120\t30\t30\t201\t1",
"68\thttps\t0\tnull\tnetworking\tinfrastructure\tnetwork-protocol\t3\tused-by-malware,vulnerability,widely-used\tnull\tnull\t{\"method\":\"rate_limit\",\"bps\":1000}\t0\t0\t0\t0\t0\t68000\t1"
{"app_id":67,"object_id":201,"app_name":"http","parent_app_id":0,"parent_app_name":null,"category":"general-internet","subcategory":"internet-utility","content":"unknown","risk":"1","characteristics":null,"deny_action":null,"depends_on_app_ids":"null","implicitly_uses_app_ids":"null","continue_scanning":0,"tcp_timeout":120,"udp_timeout":120,"tcp_half_close":0,"tcp_time_wait":0,"is_valid":1,"modified_time":"1716531859000000"},
{"app_id":68,"object_id":68000,"app_name":"https","parent_app_id":0,"parent_app_name":null,"category":"general-internet","subcategory":"internet-utility","content":"unknown","risk":"1","characteristics":null,"deny_action":null,"depends_on_app_ids":"null","implicitly_uses_app_ids":"null","continue_scanning":0,"tcp_timeout":120,"udp_timeout":120,"tcp_half_close":0,"tcp_time_wait":0,"is_valid":1,"modified_time":"1716531859000000"}
]
}
]

526
resource/pangu/table_info.conf
View File

@@ -1,339 +1,135 @@
[
{
"table_id":0,
"table_name":"PXY_CTRL_COMPILE",
"table_type":"compile",
"user_region_encoded":"escape",
"valid_column":9,
"custom": {
"compile_id":1,
"tags":6,
"clause_num":8
}
"table_name":"PXY_CTRL_RULE",
"table_type":"rule"
},
{
"table_id":1,
"table_name":"PXY_CTRL_COMPILE_CONJUNCTION",
"db_tables":["PXY_CTRL_COMPILE"],
"default_compile_table":1,
"table_type":"compile",
"user_region_encoded":"escape",
"valid_column":9,
"custom": {
"compile_id":1,
"tags":6,
"clause_num":8
}
"table_name":"PXY_CTRL_RULE_CONJUNCTION",
"db_tables":["PXY_CTRL_RULE"],
"default_rule_table":1,
"table_type":"rule"
},
{
"table_id":2,
"table_name":"PXY_CTRL_COMPILE_PLUGIN",
"db_tables":["PXY_CTRL_COMPILE"],
"table_name":"PXY_CTRL_RULE_PLUGIN",
"db_tables":["PXY_CTRL_RULE"],
"table_type":"plugin",
"valid_column":9,
"custom": {
"key":1,
"key_type":"integer",
"key_len": 8
"key_name":"uuid",
"key_type":"pointer"
}
},
{
"table_id":3,
"table_name":"GROUP_PXY_CTRL_COMPILE_RELATION",
"table_type":"group2compile",
"associated_compile_table_id":1,
"valid_column":6,
"custom": {
"group_id":1,
"compile_id":2,
"not_flag":3,
"virtual_table_name":4,
"clause_index":5
}
"table_name":"OBJECT_GROUP",
"table_type":"object2object"
},
{
"table_id":4,
"table_name":"OBJECT_GROUP",
"table_type":"group2group",
"valid_column":4,
"custom": {
"group_id":1,
"included_sub_group_ids":2,
"excluded_sub_group_ids":3
}
"table_name":"TSG_OBJ_IP",
"table_type":"ip"
},
{
"table_id":5,
"table_name":"TSG_OBJ_IP",
"db_tables":["TSG_OBJ_IP_ADDR","TSG_OBJ_IP_LEARNING_ADDR"],
"table_type":"ip",
"valid_column":8,
"custom": {
"item_id":1,
"group_id":2,
"addr_type":3,
"addr_format":4,
"ip1":5,
"ip2":6,
"port":7
}
"table_name":"TSG_OBJ_URL",
"table_type":"expr"
},
{
"table_id":6,
"table_name":"TSG_OBJ_URL",
"table_type":"expr",
"valid_column":7,
"custom": {
"item_id":1,
"group_id":2,
"keywords":3,
"expr_type":4,
"match_method":5,
"is_hexbin":6
}
"table_name":"TSG_OBJ_FQDN",
"table_type":"expr"
},
{
"table_id":7,
"table_name":"ATTR_HTTP_URL",
"table_type":"virtual",
"physical_table": "TSG_OBJ_URL"
"table_name":"TSG_OBJ_KEYWORDS",
"table_type":"expr"
},
{
"table_id":8,
"table_name":"TSG_OBJ_FQDN",
"table_type":"expr",
"valid_column":7,
"custom": {
"item_id":1,
"group_id":2,
"keywords":3,
"expr_type":4,
"match_method":5,
"is_hexbin":6
}
"table_name":"TSG_OBJ_SUBSCRIBER_ID",
"table_type":"expr"
},
{
"table_id":9,
"table_name": "ATTR_SERVER_FQDN",
"table_type": "virtual",
"physical_table": "TSG_OBJ_FQDN"
"table_name":"PXY_CACHE_COMPILE",
"table_type":"rule"
},
{
"table_id":10,
"table_name":"TSG_OBJ_HTTP_SIGNATURE",
"table_type":"expr_plus",
"valid_column":8,
"custom": {
"item_id":1,
"group_id":2,
"district":3,
"keywords":4,
"expr_type":5,
"match_method":6,
"is_hexbin":7
}
"table_name":"PXY_CACHE_COMPILE_CONJUNCTION",
"db_tables":["PXY_CACHE_COMPILE"],
"default_rule_table":1,
"table_type":"rule"
},
{
"table_id":11,
"table_name":"ATTR_HTTP_REQ_HDR",
"table_type":"virtual",
"physical_table": "TSG_OBJ_HTTP_SIGNATURE"
},
{
"table_id":12,
"table_name":"ATTR_HTTP_RES_HDR",
"table_type":"virtual",
"physical_table": "TSG_OBJ_HTTP_SIGNATURE"
},
{
"table_id":13,
"table_name":"TSG_OBJ_KEYWORDS",
"table_type":"expr",
"valid_column":7,
"table_name":"PXY_CACHE_COMPILE_PLUGIN",
"db_tables":["PXY_CACHE_COMPILE"],
"table_type":"plugin",
"custom": {
"item_id":1,
"group_id":2,
"keywords":3,
"expr_type":4,
"match_method":5,
"is_hexbin":6
"key_name":"uuid",
"key_type":"pointer"
}
},
{
"table_id":12,
"table_name":"PXY_CACHE_HTTP_URL",
"table_type":"expr"
},
{
"table_id":13,
"table_name":"PXY_CACHE_HTTP_COOKIE",
"table_type":"expr"
},
{
"table_id":14,
"table_name":"ATTR_HTTP_REQ_BODY",
"table_type":"virtual",
"physical_table": "TSG_OBJ_KEYWORDS"
"table_name": "PXY_PROFILE_TRUSTED_CA_CERT",
"table_type": "plugin",
"custom": {
"key_name":"uuid",
"key_type":"pointer"
}
},
{
"table_id":15,
"table_name":"ATTR_HTTP_RES_BODY",
"table_type":"virtual",
"physical_table": "TSG_OBJ_KEYWORDS"
"table_name": "PXY_OBJ_TRUSTED_CA_CRL",
"table_type": "plugin",
"custom": {
"key_name":"uuid",
"key_type":"pointer"
}
},
{
"table_id":16,
"table_name":"TSG_OBJ_SUBSCRIBER_ID",
"table_type":"expr",
"valid_column":7,
"table_name":"TSG_PROFILE_RESPONSE_PAGES",
"table_type":"plugin",
"custom": {
"item_id":1,
"group_id":2,
"keywords":3,
"expr_type":4,
"match_method":5,
"is_hexbin":6
"key_name":"uuid",
"key_type":"pointer"
}
},
{
"table_id":17,
"table_name":"ATTR_SOURCE_IP",
"table_type":"virtual",
"physical_table": "TSG_OBJ_IP"
"table_name":"PXY_PROFILE_HIJACK_FILES",
"table_type":"plugin",
"custom": {
"key_name":"uuid",
"key_type":"pointer"
}
},
{
"table_id":18,
"table_name":"ATTR_DESTINATION_IP",
"table_type":"virtual",
"physical_table": "TSG_OBJ_IP"
"table_name":"PXY_PROFILE_INSERT_SCRIPTS",
"table_type":"plugin",
"custom": {
"key_name":"uuid",
"key_type":"pointer"
}
},
{
"table_id":19,
"table_name":"PXY_CACHE_COMPILE",
"table_type":"compile",
"user_region_encoded":"escape",
"valid_column":9,
"custom": {
"compile_id":1,
"tags":6,
"clause_num":8
}
},
{
"table_id":20,
"table_name":"PXY_CACHE_COMPILE_CONJUNCTION",
"db_tables":["PXY_CACHE_COMPILE"],
"default_compile_table":1,
"table_type":"compile",
"user_region_encoded":"escape",
"valid_column":9,
"custom": {
"compile_id":1,
"tags":6,
"clause_num":8
}
},
{
"table_id":21,
"table_name":"PXY_CACHE_COMPILE_PLUGIN",
"db_tables":["PXY_CACHE_COMPILE"],
"table_type":"plugin",
"valid_column":8,
"custom": {
"key":1,
"key_type":"integer",
"key_len": 8
}
},
{
"table_id":22,
"table_name":"PXY_CACHE_GROUP",
"table_type":"group2compile",
"associated_compile_table_id":0,
"valid_column":6,
"custom": {
"group_id":1,
"compile_id":2,
"not_flag":3,
"virtual_table_name":4,
"clause_index":5
}
},
{
"table_id":23,
"table_name":"PXY_CACHE_HTTP_URL",
"table_type":"expr",
"valid_column":7,
"custom": {
"item_id":1,
"group_id":2,
"keywords":3,
"expr_type":4,
"match_method":5,
"is_hexbin":6
}
},
{
"table_id":24,
"table_name":"PXY_CACHE_HTTP_COOKIE",
"table_type":"expr",
"valid_column":7,
"custom": {
"item_id":1,
"group_id":2,
"keywords":3,
"expr_type":4,
"match_method":5,
"is_hexbin":6
}
},
{
"table_id":25,
"table_name":"PXY_PROFILE_TRUSTED_CA_CERT",
"table_type":"plugin",
"valid_column":4,
"custom": {
"key":1,
"key_type":"pointer",
"foreign": [3]
}
},
{
"table_id":26,
"table_name":"PXY_OBJ_TRUSTED_CA_CRL",
"table_type":"plugin",
"valid_column":4,
"custom": {
"key":1,
"key_type":"pointer",
"foreign": [3]
}
},
{
"table_id":27,
"table_name":"TSG_PROFILE_RESPONSE_PAGES",
"table_type":"plugin",
"valid_column":5,
"custom": {
"key":1,
"key_type":"pointer",
"foreign": [4]
}
},
{
"table_id":28,
"table_name":"PXY_PROFILE_HIJACK_FILES",
"table_type":"plugin",
"valid_column":6,
"custom": {
"key":1,
"key_type":"pointer",
"foreign": [5]
}
},
{
"table_id":29,
"table_name":"PXY_PROFILE_INSERT_SCRIPTS",
"table_type":"plugin",
"valid_column":6,
"custom": {
"key":1,
"key_type":"pointer",
"foreign": [4]
}
},
{
"table_id":30,
"table_name":"PXY_INTERCEPT_RULE",
"table_type":"plugin",
"custom": {
@@ -342,7 +138,7 @@
}
},
{
"table_id":31,
"table_id":20,
"table_name":"TSG_PROFILE_TRAFFIC_MIRROR",
"table_type":"plugin",
"custom": {
@@ -351,7 +147,7 @@
}
},
{
"table_id":32,
"table_id":21,
"table_name":"PXY_PROFILE_DECRYPTION",
"table_type":"plugin",
"custom": {
@@ -360,13 +156,13 @@
}
},
{
"table_id":33,
"table_id":22,
"table_name":"ATTR_DOH_QNAME",
"table_type":"virtual",
"physical_table": "TSG_OBJ_FQDN"
},
{
"table_id":34,
"table_id":23,
"table_name":"PXY_SSL_FINGERPRINT",
"table_type":"plugin",
"custom": {
@@ -375,18 +171,16 @@
}
},
{
"table_id":35,
"table_id":24,
"table_name":"PXY_PROFILE_RUN_SCRIPTS",
"table_type":"plugin",
"valid_column":4,
"custom": {
"key":1,
"key_type":"pointer",
"foreign": [2]
"key_name":"uuid"
}
},
{
"table_id":36,
"table_id":25,
"table_name":"PXY_PROFILE_TCP_OPTION",
"table_type":"plugin",
"custom": {
@@ -395,7 +189,7 @@
}
},
{
"table_id":37,
"table_id":26,
"table_name":"SERVICE_CHAINING_RULE",
"table_type":"plugin",
"custom":{
@@ -404,182 +198,56 @@
}
},
{
"table_id":38,
"table_id":27,
"table_name": "APP_ID_DICT",
"table_type": "plugin",
"valid_column": 19,
"custom": {
"key": 1,
"key_name":"app_id",
"key_type":"integer",
"key_len":8
}
},
{
"table_id":39,
"table_name":"ATTR_APP_ID",
"table_type":"virtual",
"physical_table": "APP_ID_DICT"
},
{
"table_id":40,
"table_name":"ATTR_SUBSCRIBER_ID",
"table_type":"virtual",
"physical_table": "TSG_OBJ_SUBSCRIBER_ID"
},
{
"table_id":41,
"table_name":"ATTR_INTERNAL_IP",
"table_type":"virtual",
"physical_table": "TSG_OBJ_IP"
},
{
"table_id":42,
"table_name":"ATTR_EXTERNAL_IP",
"table_type":"virtual",
"physical_table": "TSG_OBJ_IP"
},
{
"table_id":43,
"table_id":28,
"table_name": "TSG_IP_PROTOCOL",
"table_type": "plugin",
"valid_column": 4,
"custom": {
"key": 1,
"key_type": "integer",
"key_len": 8
"key_name":"uuid",
"key_type":"pointer"
}
},
{
"table_id":44,
"table_id":29,
"table_name":"TSG_OBJ_PORT",
"table_type":"interval",
"valid_column":5,
"custom": {
"item_id":1,
"group_id":2,
"low_boundary":3,
"up_boundary":4
}
"table_type":"interval"
},
{
"table_id":45,
"table_name": "ATTR_SOURCE_PORT",
"table_type": "virtual",
"physical_table": "TSG_OBJ_PORT"
},
{
"table_id":46,
"table_name": "ATTR_DESTINATION_PORT",
"table_type": "virtual",
"physical_table": "TSG_OBJ_PORT"
},
{
"table_id":47,
"table_name": "ATTR_INTERNAL_PORT",
"table_type": "virtual",
"physical_table": "TSG_OBJ_PORT"
},
{
"table_id":48,
"table_name": "ATTR_EXTERNAL_PORT",
"table_type": "virtual",
"physical_table": "TSG_OBJ_PORT"
},
{
"table_id":49,
"table_name": "ATTR_IP_PROTOCOL",
"table_type": "virtual",
"physical_table": "TSG_IP_PROTOCOL"
},
{
"table_id": 50,
"table_id":30,
"table_name": "LIBRARY_TAG",
"table_type": "plugin",
"valid_column": 6,
"custom": {
"key": 1,
"key_type": "integer",
"key_len": 8
"key_name":"uuid",
"key_type":"pointer"
}
},
{
"table_id":51,
"table_id":31,
"table_name":"TSG_OBJ_IMSI",
"table_type":"expr",
"valid_column":7,
"custom": {
"item_id":1,
"group_id":2,
"keywords":3,
"expr_type":4,
"match_method":5,
"is_hexbin":6
}
"table_type":"expr"
},
{
"table_id":52,
"table_id":32,
"table_name":"TSG_OBJ_PHONE_NUMBER",
"table_type":"expr",
"valid_column":7,
"custom": {
"item_id":1,
"group_id":2,
"keywords":3,
"expr_type":4,
"match_method":5,
"is_hexbin":6
}
"table_type":"expr"
},
{
"table_id":53,
"table_id":33,
"table_name":"TSG_OBJ_APN",
"table_type":"expr",
"valid_column":7,
"custom": {
"item_id":1,
"group_id":2,
"keywords":3,
"expr_type":4,
"match_method":5,
"is_hexbin":6
}
"table_type":"expr"
},
{
"table_id":54,
"table_id":34,
"table_name":"TSG_OBJ_IMEI",
"table_type":"expr",
"valid_column":7,
"custom": {
"item_id":1,
"group_id":2,
"keywords":3,
"expr_type":4,
"match_method":5,
"is_hexbin":6
}
},
{
"table_id":55,
"table_name":"ATTR_GTP_IMSI",
"table_type":"virtual",
"physical_table": "TSG_OBJ_IMSI"
},
{
"table_id":56,
"table_name":"ATTR_GTP_PHONE_NUMBER",
"table_type":"virtual",
"physical_table": "TSG_OBJ_PHONE_NUMBER"
},
{
"table_id":57,
"table_name":"ATTR_GTP_APN",
"table_type":"virtual",
"physical_table": "TSG_OBJ_APN"
},
{
"table_id":58,
"table_name":"ATTR_GTP_IMEI",
"table_type":"virtual",
"physical_table": "TSG_OBJ_IMEI"
"table_type":"expr"
}
]