gfwleak/tango-tfe
Archived
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

适配TSG产品的库表,变更tableinfo和测试用maat json。

Browse Source
This commit is contained in:
zhengchao
2019-05-20 15:11:04 +08:00
parent e4291c0fda
commit a268c52abc
2 changed files with 167 additions and 176 deletions
Download Patch File Download Diff File Expand all files Collapse all files

327
resource/misc/pangu_ctrl.json → resource/misc/pangu_http.json
View File

@@ -3,91 +3,13 @@
"group_table": "PXY_CTRL_GROUP", "group_table": "PXY_CTRL_GROUP",
"rules": [ "rules": [
{ {
"compile_id": 125, "compile_id": 1021,
"service": 1, "service": 1,
"action": 48, "action": 48,
"do_blacklist": 1, "do_blacklist": 1,
"do_log": 1, "do_log": 1,
"effective_range": 0, "effective_range": 0,
"user_region": "code=302;url=http://news.baidu.com", "user_region": "{\"method\":\"redirect\",\"code\":302,\"to\":\"https://www.baidu.com/index.html\"}",
"is_valid": "yes",
"groups": [
{
"regions": [
{
"table_name": "PXY_CTRL_HTTP_URL",
"table_type": "string",
"table_content": {
"keywords": "kernel-3.10.0-327.el7.src.rpm",
"expr_type": "regex",
"match_method": "sub",
"format": "uncase plain"
}
}
]
}
]
},
{
"compile_id": 128,
"service": 1,
"action": 16,
"do_blacklist": 1,
"do_log": 1,
"effective_range": 0,
"user_region": "code=302;url=http://news.baidu.com",
"is_valid": "yes",
"groups": [
{
"regions": [
{
"table_name": "PXY_CTRL_HTTP_RES_BODY",
"table_type": "string",
"table_content": {
"keywords": "hello=world",
"expr_type": "regex",
"match_method": "sub",
"format": "uncase plain"
}
}
]
}
]
},
{
"compile_id": 127,
"service": 1,
"action": 80,
"do_blacklist": 1,
"do_log": 1,
"effective_range": 0,
"user_region": "zone=http_resp_body;regex=/house.qq.com/www.renren.com",
"is_valid": "yes",
"groups": [
{
"regions": [
{
"table_name": "PXY_CTRL_HTTP_URL",
"table_type": "string",
"table_content": {
"keywords": "www.qq.com",
"expr_type": "none",
"match_method": "left",
"format": "uncase plain"
}
}
]
}
]
},
{
"compile_id": 130,
"service": 1,
"action": 48,
"do_blacklist": 1,
"do_log": 1,
"effective_range": 0,
"user_region": "code=404;content=",
"is_valid": "yes", "is_valid": "yes",
"groups": [ "groups": [
{ {
@@ -97,7 +19,7 @@
"table_type": "string", "table_type": "string",
"table_content": { "table_content": {
"keywords": "www.google.com", "keywords": "www.google.com",
"expr_type": "none", "expr_type": "regex",
"match_method": "sub", "match_method": "sub",
"format": "uncase plain" "format": "uncase plain"
} }
@@ -107,104 +29,153 @@
] ]
}, },
{ {
"compile_id": 131, "compile_id": 1022,
"service": 1, "service": 1,
"action": 48, "action": 48,
"do_blacklist": 1, "do_blacklist": 1,
"do_log": 1, "do_log": 1,
"effective_range": 0, "effective_range": 0,
"user_region": "code=404;content=", "user_region": "{\"method\":\"block\",\"code\":403,\"message\":\"error\",\"html_profile\":101}",
"is_valid": "yes", "is_valid": "yes",
"groups": [ "groups": [
{ {
"regions": [ "regions": [
{ {
"table_name": "PXY_CTRL_HTTP_RES_BODY", "table_name": "PXY_CTRL_HTTP_URL",
"table_type": "string",
"table_content": {
"keywords": "动物世界",
"expr_type": "none",
"match_method": "sub",
"format": "uncase plain"
}
}
]
}
]
},
{
"compile_id": 133,
"service": 1,
"action": 48,
"do_blacklist": 1,
"do_log": 1,
"effective_range": 0,
"user_region": "{\"cache_key\":{\"ignore_qs\":[\"sqp\",\"rs\"],\"cookie\":\"jsession_id\"},\"no_revalidate\":0,\"cache_dyn_url\":1,\"cache_cookied_cont\":1,\"ignore_srv_nocache\":1,\"ignore_cli_nocache\":1,\"force_caching\":1,\"min_use\":1,\"pinning_time\":\"60m\",\"max_cache_size\":\"1t\",\"inactive_time\":\"1h\"}",
"is_valid": "yes",
"table_name":"PXY_CACHE_COMPILE",
"groups": [
{
"regions": [
{
"table_name": "PXY_CACHE_HTTP_URL",
"table_type": "string",
"table_content": {
"keywords": "i.ytimg.com",
"expr_type": "none",
"match_method": "sub",
"format": "uncase plain"
}
}
]
}
]
},
{
"compile_id": 134,
"service": 1,
"action": 128,
"do_blacklist": 1,
"do_log": 1,
"effective_range": 0,
"user_region": "{}",
"is_valid": "yes",
"table_name":"PXY_CACHE_COMPILE",
"groups": [
{
"regions": [
{
"table_name": "PXY_CACHE_HTTP_URL",
"table_type": "string",
"table_content": {
"keywords": "mesalab.cn",
"expr_type": "none",
"match_method": "sub",
"format": "uncase plain"
}
}
]
}
]
},
{
"compile_id": 135,
"service": 1,
"action": 48,
"do_blacklist": 1,
"do_log": 1,
"effective_range": 0,
"user_region": "{\"cache_key\":{\"cookie\":\"MUID\"},\"cache_dyn_url\":1,\"cache_cookied_cont\":1}",
"is_valid": "yes",
"table_name":"PXY_CACHE_COMPILE",
"groups": [
{
"regions": [
{
"table_name": "PXY_CACHE_HTTP_URL",
"table_type": "string", "table_type": "string",
"table_content": { "table_content": {
"keywords": "cn.bing.com", "keywords": "cn.bing.com",
"expr_type": "none", "expr_type": "regex",
"match_method": "sub",
"format": "uncase plain"
}
}
]
}
]
},
{
"compile_id": 1023,
"service": 1,
"action": 48,
"do_blacklist": 1,
"do_log": 1,
"effective_range": 0,
"user_region": "{\"method\":\"replace\",\"rules\":[{\"search_in\":\"http_resp_body\",\"find\":\"比特币\",\"replace_with\":\"硬币\"}]}",
"is_valid": "yes",
"groups": [
{
"regions": [
{
"table_name": "PXY_CTRL_HTTP_URL",
"table_type": "string",
"table_content": {
"keywords": "edu.csdn.net/course/detail/6998",
"expr_type": "regex",
"match_method": "sub",
"format": "uncase plain"
}
}
]
}
]
},
{
"compile_id": 1024,
"service": 1,
"action": 48,
"do_blacklist": 1,
"do_log": 1,
"effective_range": 0,
"user_region": "{\"method\":\"hijack\",\"hijack_profile\":201}",
"is_valid": "yes",
"groups": [
{
"regions": [
{
"table_name": "PXY_CTRL_HTTP_URL",
"table_type": "string",
"table_content": {
"keywords": "www.wireshark.org/download/win32/WiresharkPortable_2.6.8.paf.exe",
"expr_type": "regex",
"match_method": "sub",
"format": "uncase plain"
}
}
]
}
]
},
{
"compile_id": 1025,
"service": 1,
"action": 48,
"do_blacklist": 1,
"do_log": 1,
"effective_range": 0,
"user_region": "{\"method\":\"hijack\",\"hijack_profile\":201}",
"is_valid": "yes",
"groups": [
{
"regions": [
{
"table_name": "PXY_CTRL_HTTP_URL",
"table_type": "string",
"table_content": {
"keywords": "www.downcc.com/ajax.asp",
"expr_type": "regex",
"match_method": "sub",
"format": "uncase plain"
}
}
]
}
]
},
{
"compile_id": 1026,
"service": 1,
"action": 48,
"do_blacklist": 1,
"do_log": 1,
"effective_range": 0,
"user_region": "{\"method\":\"insert\",\"insert_profile\":302}",
"is_valid": "yes",
"groups": [
{
"regions": [
{
"table_name": "PXY_CTRL_HTTP_URL",
"table_type": "string",
"table_content": {
"keywords": "mirror.hoster.kz/centos",
"expr_type": "regex",
"match_method": "sub",
"format": "uncase plain"
}
}
]
}
]
},
{
"compile_id": 1027,
"service": 1,
"action": 48,
"do_blacklist": 1,
"do_log": 1,
"effective_range": 0,
"user_region": "{\"method\":\"insert\",\"insert_profile\":303,\"position\":\"before-page-load\"}",
"is_valid": "yes",
"groups": [
{
"regions": [
{
"table_name": "PXY_CTRL_HTTP_URL",
"table_type": "string",
"table_content": {
"keywords": "100wa.com/music",
"expr_type": "regex",
"match_method": "sub", "match_method": "sub",
"format": "uncase plain" "format": "uncase plain"
} }
@@ -216,15 +187,31 @@
], ],
"plugin_table": [ "plugin_table": [
{ {
"table_name": "PXY_OBJ_TRUSTED_CA_CERT", "table_name": "PXY_PROFILE_RESPONSE_PAGES",
"table_content": [ "table_content": [
"1\tDigiCertSHA2SecureServerCA\t./pangu_files/DigiCertSHA2SecureServerCA.pem\t1" "101\t404\thtml\t./resource/pangu/404.html\t1",
"102\tHTTP403\ttemplate\t./resource/pangu/HTTP403.html\t1"
] ]
}, },
{ {
"table_name": "PXY_OBJ_TRUSTED_CA_CRL", "table_name": "PXY_PROFILE_HIJACK_FILES",
"table_content": [ "table_content": [
"1\t1\t./pangu_files/ssca-sha2-g5.crl\t1" "201\tchakanqi.exe\tapplication/x-msdos-program\t./resource/pangu/chakanqi.exe\t1"
]
},
{
"table_name": "PXY_PROFILE_INSERT_SCRIPTS",
"table_content": [
"301\ttime\tjs\t./resource/pangu/time.js\t1",
"302\tu1\tcss\t./resource/pangu/u1.css\t1",
"303\tu1\tjs\t./resource/pangu/alert.js\t1"
]
},
{
"table_name": "PXY_INTERCEPT_COMPILE",
"table_content": [
"0\t0\t2\t1\t1\t{}\t{\"keyring\":1,\"exclusions\":{\"ev_cert\":1,\"cert_transparency\":1,\"client_cert_req\":1,\"pinning\":1},\"cert_verify\":{\"approach\":{\"cn\":1,\"issuer\":1,\"self-signed\":1,\"expiration\":0},\"fail_method\":\"fail-close\"},\"ssl_ver\":{\"min\":\"ssl3\",\"max\":\"tls13\",\"mirror_client\":1},\"decrypt_mirror\":{\"enable\":0}}\t1\t2",
"1\t0\t2\t1\t1\t{}\t{\"keyring\":2,\"exclusions\":{\"ev_cert\":0,\"cert_transparency\":0,\"client_cert_req\":1,\"pinning\":1},\"cert_verify\":{\"approach\":{\"cn\":1,\"issuer\":1,\"self-signed\":1,\"expiration\":1},\"fail_method\":\"pass-through\"},\"ssl_ver\":{\"min\":\"ssl3\",\"max\":\"tls13\",\"mirror_client\":1},\"decrypt_mirror\":{\"enable\":1,\"mirror_profile\":4}}\t1\t2"
] ]
} }
] ]

4
resource/pangu/table_info.conf
View File

@@ -30,3 +30,7 @@
12 PXY_CACHE_HTTP_COOKIE expr UTF8 UTF8 yes 0 quickoff 12 PXY_CACHE_HTTP_COOKIE expr UTF8 UTF8 yes 0 quickoff
13 PXY_OBJ_TRUSTED_CA_CERT plugin {"valid":4,"foreign":"3"} 13 PXY_OBJ_TRUSTED_CA_CERT plugin {"valid":4,"foreign":"3"}
14 PXY_OBJ_TRUSTED_CA_CRL plugin {"valid":4,"foreign":"3"} 14 PXY_OBJ_TRUSTED_CA_CRL plugin {"valid":4,"foreign":"3"}
15 PXY_PROFILE_RESPONSE_PAGES plugin {"key":1,"valid":5}
16 PXY_PROFILE_HIJACK_FILES plugin {"key":1,"valid":5}
17 PXY_PROFILE_INSERT_SCRIPTS plugin {"key":1,"valid":5}
18 PXY_INTERCEPT_COMPILE plugin {"key":1,"valid":8}