gfwleak/tango-tfe
Archived
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

TSG-91

Browse Source 
* 修改策略编译配置表名称
* 增加对用户自定域协议字段处理
* 修改配置文件,json文件
This commit is contained in:
fengweihao
2019-11-19 10:02:51 +08:00
parent 8cf9453980
commit ba3eb05957
8 changed files with 175 additions and 80 deletions
Download Patch File Download Diff File Expand all files Collapse all files

18
plugin/business/pangu-http/src/pangu_http.cpp
View File

@@ -469,6 +469,8 @@ static enum manipulate_action manipulate_action_str2idx(const char *action_str)
void policy_action_param_new(int idx, const struct Maat_rule_t* rule, const char* srv_def_large,
MAAT_RULE_EX_DATA* ad, long argl, void *argp)
{
struct policy_action_param* param=NULL;
*ad=NULL;
if((unsigned int)rule->serv_def_len<strlen("{}")+1)
{
@@ -487,8 +489,18 @@ void policy_action_param_new(int idx, const struct Maat_rule_t* rule, const char
return;
}
struct policy_action_param* param=ALLOC(struct policy_action_param, 1);
item=cJSON_GetObjectItem(json, "protocol");
if(unlikely(!item || !cJSON_IsString(item)))
{
TFE_LOG_ERROR(g_pangu_rt->local_logger, "Invalid policy parameter: %d invalid protocol format", rule->config_id);
goto error_out;
}
if(0!=strcasecmp(item->valuestring, "http"))
{
goto error_out;
}
param=ALLOC(struct policy_action_param, 1);
param->ref_cnt=1;
pthread_mutex_init(&(param->lock), NULL);
@@ -572,8 +584,10 @@ void policy_action_param_new(int idx, const struct Maat_rule_t* rule, const char
default: assert(0);
break;
}
cJSON_Delete(json);
*ad=param;
TFE_LOG_INFO(g_pangu_rt->local_logger, "Add ctrl policy: %d", rule->config_id);
error_out:
cJSON_Delete(json);
return;
}

80
plugin/business/pangu-http/src/pangu_logger.cpp
View File

@@ -191,12 +191,13 @@ int pangu_send_log(struct pangu_logger* handle, const struct pangu_log* log_msg)
const char *app_proto[]= {"unkonw","http1", "http2"};
struct json_spec req_fields[]={ {"cookie", TFE_HTTP_COOKIE},
{"referer", TFE_HTTP_REFERER},
{"user_agent", TFE_HTTP_USER_AGENT} };
struct json_spec req_fields[]={ {"http_cookie", TFE_HTTP_COOKIE},
{"http_referer", TFE_HTTP_REFERER},
{"http_user_agent", TFE_HTTP_USER_AGENT} };
struct json_spec resp_fields[]={ {"content_type", TFE_HTTP_CONT_TYPE},
{"content_len", TFE_HTTP_CONT_LENGTH} };
struct json_spec resp_fields[]={ {"http_content_type", TFE_HTTP_CONT_TYPE},
{"http_content_length", TFE_HTTP_CONT_LENGTH},
{"http_set_cookie", TFE_HTTP_SET_COOKIE}};
if (!handle->en_sendlog)
{
@@ -206,43 +207,55 @@ int pangu_send_log(struct pangu_logger* handle, const struct pangu_log* log_msg)
common_obj=cJSON_CreateObject();
cur_time = time(NULL);
cJSON_AddNumberToObject(common_obj, "start_time", cur_time);
cJSON_AddNumberToObject(common_obj, "end_time", cur_time);
cJSON_AddStringToObject(common_obj, "app_proto", app_proto[http->major_version]);
cJSON_AddNumberToObject(common_obj, "common_start_time", cur_time);
cJSON_AddNumberToObject(common_obj, "common_end_time", cur_time);
cJSON_AddStringToObject(common_obj, "http_version", app_proto[http->major_version]);
uint64_t opt_val;
uint16_t opt_out_size;
struct tfe_cmsg * cmsg = tfe_stream_get0_cmsg(log_msg->stream);
if (cmsg!=NULL)
{
int ret = tfe_cmsg_get_value(cmsg, TFE_CMSG_STREAM_TRACE_ID, (unsigned char *) &opt_val, sizeof(opt_val), &opt_out_size);
if (ret==0)
{
cJSON_AddNumberToObject(common_obj, "common_stream_trace_id", opt_val);
}
}
switch(addr->addrtype)
{
case TFE_ADDR_STREAM_TUPLE4_V4:
cJSON_AddNumberToObject(common_obj, "addr_type", 4);
cJSON_AddNumberToObject(common_obj, "common_address_type", 4);
inet_ntop(AF_INET, &addr->tuple4_v4->saddr, src_ip_str, sizeof(src_ip_str));
inet_ntop(AF_INET, &addr->tuple4_v4->daddr, dst_ip_str, sizeof(dst_ip_str));
cJSON_AddStringToObject(common_obj, "client_ip", src_ip_str);
cJSON_AddStringToObject(common_obj, "server_ip", dst_ip_str);
cJSON_AddNumberToObject(common_obj, "client_port", ntohs(addr->tuple4_v4->source));
cJSON_AddNumberToObject(common_obj, "server_port", ntohs(addr->tuple4_v4->dest));
cJSON_AddStringToObject(common_obj, "trans_proto", "IPv4_TCP");
cJSON_AddStringToObject(common_obj, "common_client_ip", src_ip_str);
cJSON_AddStringToObject(common_obj, "common_server_ip", dst_ip_str);
cJSON_AddNumberToObject(common_obj, "common_client_port", ntohs(addr->tuple4_v4->source));
cJSON_AddNumberToObject(common_obj, "common_server_port", ntohs(addr->tuple4_v4->dest));
cJSON_AddStringToObject(common_obj, "common_l4_protocol", "IPv4_TCP");
break;
case TFE_ADDR_STREAM_TUPLE4_V6:
cJSON_AddNumberToObject(common_obj, "addr_type", 6);
cJSON_AddNumberToObject(common_obj, "common_address_type", 6);
inet_ntop(AF_INET6, &addr->tuple4_v6->saddr, src_ip_str, sizeof(src_ip_str));
inet_ntop(AF_INET6, &addr->tuple4_v6->daddr, dst_ip_str, sizeof(dst_ip_str));
cJSON_AddStringToObject(common_obj, "client_ip", src_ip_str);
cJSON_AddStringToObject(common_obj, "server_ip", dst_ip_str);
cJSON_AddNumberToObject(common_obj, "client_port", ntohs(addr->tuple4_v6->source));
cJSON_AddNumberToObject(common_obj, "server_port", ntohs(addr->tuple4_v6->dest));
cJSON_AddStringToObject(common_obj, "trans_proto", "IPv6_TCP");
cJSON_AddStringToObject(common_obj, "common_client_ip", src_ip_str);
cJSON_AddStringToObject(common_obj, "common_server_ip", dst_ip_str);
cJSON_AddNumberToObject(common_obj, "common_client_port", ntohs(addr->tuple4_v6->source));
cJSON_AddNumberToObject(common_obj, "common_server_port", ntohs(addr->tuple4_v6->dest));
cJSON_AddStringToObject(common_obj, "common_l4_protocol", "IPv6_TCP");
break;
default:
break;
}
cJSON_AddNumberToObject(common_obj, "direction", 0); //0域内->域外1域外->域内描述的是CLIENT_IP信息
cJSON_AddNumberToObject(common_obj, "Link_id", 0);
cJSON_AddNumberToObject(common_obj, "stream_dir", 3); //1:c2s, 2:s2c, 3:double
cJSON_AddStringToObject(common_obj, "cap_ip", handle->local_ip_str);
cJSON_AddNumberToObject(common_obj, "entrance_id", handle->entry_id);
cJSON_AddNumberToObject(common_obj, "device_id", 0);
cJSON_AddStringToObject(common_obj, "url", http->req->req_spec.url);
cJSON_AddStringToObject(common_obj, "host", http->req->req_spec.host);
cJSON_AddNumberToObject(common_obj, "common_direction", 0); //0域内->域外1域外->域内描述的是CLIENT_IP信息
cJSON_AddNumberToObject(common_obj, "common_link_id", 0);
cJSON_AddNumberToObject(common_obj, "common_stream_dir", 3); //1:c2s, 2:s2c, 3:double
cJSON_AddStringToObject(common_obj, "common_sled_ip", handle->local_ip_str);
cJSON_AddNumberToObject(common_obj, "common_entrance_id", handle->entry_id);
cJSON_AddNumberToObject(common_obj, "common_device_id", 0);
cJSON_AddStringToObject(common_obj, "http_url", http->req->req_spec.url);
cJSON_AddStringToObject(common_obj, "http_host", http->req->req_spec.host);
for(size_t i=0;i<sizeof(req_fields)/sizeof(struct json_spec);i++)
{
tmp_val=tfe_http_std_field_read(http->req, req_fields[i].field_id);
@@ -280,7 +293,7 @@ int pangu_send_log(struct pangu_logger* handle, const struct pangu_log* log_msg)
log_file_upload_path, sizeof(log_file_upload_path));
if(tmp==0)
{
cJSON_AddStringToObject(common_obj, "req_body", log_file_upload_path);
cJSON_AddStringToObject(common_obj, "http_request_body", log_file_upload_path);
}
else
{
@@ -306,8 +319,7 @@ int pangu_send_log(struct pangu_logger* handle, const struct pangu_log* log_msg)
if(tmp==0)
{
cJSON_AddStringToObject(common_obj, "resp_body", log_file_upload_path);
cJSON_AddStringToObject(common_obj, "http_response_body", log_file_upload_path);
}
else
{
@@ -331,9 +343,9 @@ int pangu_send_log(struct pangu_logger* handle, const struct pangu_log* log_msg)
}
per_hit_obj=cJSON_Duplicate(common_obj, 1);
cJSON_AddNumberToObject(per_hit_obj, "policy_id", log_msg->result[i].config_id);
cJSON_AddNumberToObject(per_hit_obj, "service", log_msg->result[i].service_id);
cJSON_AddNumberToObject(per_hit_obj, "action", (unsigned char)log_msg->result[i].action);
cJSON_AddNumberToObject(per_hit_obj, "common_policy_id", log_msg->result[i].config_id);
cJSON_AddNumberToObject(per_hit_obj, "common_service", log_msg->result[i].service_id);
cJSON_AddNumberToObject(per_hit_obj, "common_action", (unsigned char)log_msg->result[i].action);
log_payload = cJSON_PrintUnformatted(per_hit_obj);
TFE_LOG_DEBUG(handle->local_logger, "%s", log_payload);

14
plugin/business/ssl-policy/src/ssl_policy.cpp
View File

@@ -72,6 +72,18 @@ void intercept_param_new_cb(int table_id, const char* key, const char* table_lin
TFE_LOG_ERROR(enforcer->logger, "Invalid intercept parameter: id = %s", key);
goto error_out;
}
item=cJSON_GetObjectItem(json, "protocol");
if(unlikely(!item || !cJSON_IsString(item)))
{
TFE_LOG_ERROR(enforcer->logger, "Invalid intercept parameter: %s invalid protocol format", key);
goto error_out;
}
if (0!=strcasecmp(item->valuestring, "SSL/HTTP"))
{
goto error_out;
}
param=ALLOC(struct intercept_param, 1);
param->policy_id=atoi(key);
param->ref_cnt=1;
@@ -189,7 +201,7 @@ struct ssl_policy_enforcer* ssl_policy_enforcer_create(void* logger)
struct ssl_policy_enforcer* enforcer=ALLOC(struct ssl_policy_enforcer, 1);
enforcer->maat=g_business_maat;
enforcer->logger=logger;
enforcer->table_id=Maat_table_register(enforcer->maat, "PXY_INTERCEPT_COMPILE");
enforcer->table_id=Maat_table_register(enforcer->maat, "TSG_SECURITY_COMPILE");
UNUSED int ret=Maat_plugin_EX_register(enforcer->maat,
enforcer->table_id,
intercept_param_new_cb,

15
plugin/business/traffic-mirror/src/entry.cpp
View File

@@ -83,6 +83,17 @@ void policy_table_ex_data_new_cb(int table_id, const char * key, const char * ta
goto ignore;
}
json_item=cJSON_GetObjectItem(json_root, "protocol");
if (unlikely(!json_item || !cJSON_IsString(json_item)))
{
TFE_LOG_ERROR(instance->logger, "invalid JSON, protocol not existed or invalid type.");
goto ignore;
}
if (0!=strcasecmp(json_item->valuestring, "SSL/HTTP"))
{
goto out;
}
json_subroot = cJSON_GetObjectItem(json_root, "decrypt_mirror");
if (unlikely(!json_subroot))
{
@@ -496,10 +507,10 @@ int traffic_mirror_init(struct tfe_proxy * proxy)
}
/* REGISTER MAAT FEATHER */
instance->policy_table_id = Maat_table_register(instance->maat_feather, "PXY_INTERCEPT_COMPILE");
instance->policy_table_id = Maat_table_register(instance->maat_feather, "TSG_SECURITY_COMPILE");
if (unlikely(instance->policy_table_id < 0))
{
TFE_LOG_ERROR(instance->logger, "failed at register table PXY_INTERCEPT_COMPILE, ret = %d",
TFE_LOG_ERROR(instance->logger, "failed at register table TSG_SECURITY_COMPILE, ret = %d",
instance->policy_table_id); goto errout;
}

46
plugin/protocol/http2/src/http2_stream.cpp
View File

@@ -2003,6 +2003,32 @@ nghttp2_client_on_frame_recv(nghttp2_session *session,
return 0;
}
static enum tfe_stream_action
nghttp2_submit_data_by_user(struct tfe_h2_stream *connection,
struct tfe_h2_session *h2_session,
enum tfe_conn_dir dir)
{
int rv = -1;
enum tfe_stream_action stream_action = ACTION_DROP_DATA;
struct tfe_h2_half_private *h2_half = tfe_h2_stream_get_half(h2_session, dir);
nghttp2_session *ngh2_session = tfe_h2_stream_get_nghttp2_session(connection, dir);
struct tfe_h2_payload *body = &h2_half->h2_payload;
nghttp2_data_provider upstream_data_provider;
upstream_data_provider.source.ptr = (void *)body;
upstream_data_provider.read_callback = upstream_read_callback;
rv = nghttp2_submit_data(ngh2_session, body->flags,
h2_session->ngh2_stream_id, &upstream_data_provider);
if (rv != 0){
stream_action = ACTION_FORWARD_DATA;
//printf("Fatal server submit data error: %s\n", nghttp2_strerror(rv));
}
return stream_action;
}
static int
nghttp2_client_on_data_chunk_recv(nghttp2_session *session, uint8_t flags,
int32_t stream_id, const uint8_t *input,
@@ -2041,6 +2067,26 @@ nghttp2_client_on_data_chunk_recv(nghttp2_session *session, uint8_t flags,
input = (const uint8_t*)uncompr;
input_len = uncompr_len;
}
else
{
/*if input is end_stream, send by nghttp2_submit_frame_data **/
if (flags != NGHTTP2_FLAG_END_STREAM)
{
/**Decompression failed, send this data**/
stream_action = nghttp2_submit_data_by_user(h2_stream_info, h2_session, CONN_DIR_UPSTREAM);
if (stream_action == ACTION_DROP_DATA)
{
xret = nghttp2_session_send(h2_stream_info->as_server);
if (xret != 0)
{
stream_action = ACTION_FORWARD_DATA;
TFE_LOG_ERROR(logger()->handle, "Fatal upstream(%d) send error: %s\n",stream_id, nghttp2_strerror(xret));
}
}
h2_stream_info->stream_action = stream_action;
return 0;
}
}
}
data = input;
len = input_len;

38
resource/pangu/pangu_http.json
View File

@@ -9,7 +9,7 @@
"do_blacklist": 1,
"do_log": 1,
"effective_range": 0,
"user_region": "{\"method\":\"redirect\",\"code\":302,\"to\":\"https://www.baidu.com/index.html\"}",
"user_region": "{\"protocol\":\"http\",\"method\":\"redirect\",\"code\":302,\"to\":\"https://www.baidu.com/index.html\"}",
"is_valid": "yes",
"groups": [
{
@@ -35,7 +35,7 @@
"do_blacklist": 1,
"do_log": 1,
"effective_range": 0,
"user_region": "{\"method\":\"block\",\"code\":403,\"message\":\"error\",\"html_profile\":101}",
"user_region": "{\"protocol\":\"http\",\"method\":\"block\",\"code\":403,\"message\":\"error\",\"html_profile\":101}",
"is_valid": "yes",
"groups": [
{
@@ -61,7 +61,7 @@
"do_blacklist": 1,
"do_log": 1,
"effective_range": 0,
"user_region": "{\"method\":\"block\",\"code\":403,\"message\":\"error\",\"html_profile\":102}",
"user_region": "{\"protocol\":\"http\",\"method\":\"block\",\"code\":403,\"message\":\"error\",\"html_profile\":102}",
"is_valid": "yes",
"groups": [
{
@@ -87,7 +87,7 @@
"do_blacklist": 1,
"do_log": 1,
"effective_range": 0,
"user_region": "{\"method\":\"replace\",\"rules\":[{\"search_in\":\"http_resp_body\",\"find\":\"比特币\",\"replace_with\":\"硬币\"}]}",
"user_region": "{\"protocol\":\"http\",\"method\":\"replace\",\"rules\":[{\"search_in\":\"http_resp_body\",\"find\":\"比特币\",\"replace_with\":\"硬币\"}]}",
"is_valid": "yes",
"groups": [
{
@@ -113,7 +113,7 @@
"do_blacklist": 1,
"do_log": 1,
"effective_range": 0,
"user_region": "{\"method\":\"hijack\",\"hijack_profile\":201}",
"user_region": "{\"protocol\":\"http\",\"method\":\"hijack\",\"hijack_profile\":201}",
"is_valid": "yes",
"groups": [
{
@@ -139,7 +139,7 @@
"do_blacklist": 1,
"do_log": 1,
"effective_range": 0,
"user_region": "{\"method\":\"hijack\",\"hijack_profile\":201}",
"user_region": "{\"protocol\":\"http\",\"method\":\"hijack\",\"hijack_profile\":201}",
"is_valid": "yes",
"groups": [
{
@@ -165,7 +165,7 @@
"do_blacklist": 1,
"do_log": 1,
"effective_range": 0,
"user_region": "{\"method\":\"hijack\",\"hijack_profile\":202}",
"user_region": "{\"protocol\":\"http\",\"method\":\"hijack\",\"hijack_profile\":202}",
"is_valid": "yes",
"groups": [
{
@@ -191,7 +191,7 @@
"do_blacklist": 1,
"do_log": 1,
"effective_range": 0,
"user_region": "{\"method\":\"insert\",\"insert_profile\":302}",
"user_region": "{\"protocol\":\"http\",\"method\":\"insert\",\"insert_profile\":302}",
"is_valid": "yes",
"groups": [
{
@@ -217,7 +217,7 @@
"do_blacklist": 1,
"do_log": 1,
"effective_range": 0,
"user_region": "{\"method\":\"insert\",\"insert_profile\":303,\"position\":\"after-page-load\"}",
"user_region": "{\"protocol\":\"http\",\"method\":\"insert\",\"insert_profile\":303,\"position\":\"after-page-load\"}",
"is_valid": "yes",
"groups": [
{
@@ -243,7 +243,7 @@
"do_blacklist": 1,
"do_log": 1,
"effective_range": 0,
"user_region": "{\"method\":\"insert\",\"insert_profile\":303,\"position\":\"before-page-load\"}",
"user_region": "{\"protocol\":\"http\",\"method\":\"insert\",\"insert_profile\":303,\"position\":\"before-page-load\"}",
"is_valid": "yes",
"groups": [
{
@@ -269,7 +269,7 @@
"do_blacklist": 1,
"do_log": 1,
"effective_range": 0,
"user_region": "{\"method\":\"replace\",\"rules\":[{\"search_in\":\"http_req_uri\",\"find\":\"(?<=\\\\\\?|^|&)q=([^&|^#]*)(?=&|$)\",\"replace_with\":\"q=find\"},{\"search_in\":\"http_req_uri\",\"find\":\"(?<=\\\\\\?|^|&)ei=([^&|^#]*)(?=&|$)\",\"replace_with\":\"ei=chaxun\"}]}",
"user_region": "{\"protocol\":\"http\",\"method\":\"replace\",\"rules\":[{\"search_in\":\"http_req_uri\",\"find\":\"(?<=\\\\\\?|^|&)q=([^&|^#]*)(?=&|$)\",\"replace_with\":\"q=find\"},{\"search_in\":\"http_req_uri\",\"find\":\"(?<=\\\\\\?|^|&)ei=([^&|^#]*)(?=&|$)\",\"replace_with\":\"ei=chaxun\"}]}",
"is_valid": "yes",
"groups": [
{
@@ -300,23 +300,23 @@
{
"table_name": "PXY_PROFILE_HIJACK_FILES",
"table_content": [
"201\tchakanqi-947KB.exe\tapplication/x-msdos-program\t./resource/pangu/policy_file/chakanqi-947KB.exe\t1",
"202\tWPS8648-132M.exe\tapplication/x-msdos-program\t./resource/pangu/policy_file/WPS8648-132M.exe\t1"
"201\tchakanqi\tchakanqi-947KB.exe\tapplication/x-msdos-program\t./resource/pangu/policy_file/chakanqi-947KB.exe\t1",
"202\tWPS8648\tWPS8648-132M.exe\tapplication/x-msdos-program\t./resource/pangu/policy_file/WPS8648-132M.exe\t1"
]
},
{
"table_name": "PXY_PROFILE_INSERT_SCRIPTS",
"table_content": [
"301\ttime\tjs\t./resource/pangu/policy_file/time.js\t1",
"302\tu1\tcss\t./resource/pangu/policy_file/u1.css\t1",
"303\tu1\tjs\t./resource/pangu/policy_file/alert.js\t1"
"301\ttime\tjs\t./resource/pangu/policy_file/time.js\tbefore_page_load\t1",
"302\tu1\tcss\t./resource/pangu/policy_file/u1.css\tbefore_page_load\t1",
"303\tu1\tjs\t./resource/pangu/policy_file/alert.js\tbefore_page_load\t1"
]
},
{
"table_name": "PXY_INTERCEPT_COMPILE",
"table_name": "TSG_SECURITY_COMPILE",
"table_content": [
"0\t0\t2\t1\t1\t{}\t{\"keyring\":765,\"dynamic_bypass\":{\"ev_cert\":0,\"cert_transparency\":0,\"mutual_authentication\":1,\"cert_pinning\":1,\"protocol_errors\":1},\"certificate_checks\":{\"approach\":{\"cn\":1,\"issuer\":1,\"self-signed\":1,\"expiration\":0},\"fail_action\":\"pass-through\"},\"protocol_version\":{\"min\":\"ssl3\",\"max\":\"ssl3\",\"mirror_client\":1,\"allow_http2\":1},\"decrypt_mirror\":{\"enable\":0}}\t1\t2",
"1\t0\t2\t1\t1\t{}\t{\"keyring\":0,\"dynamic_bypass\":{\"ev_cert\":0,\"cert_transparency\":0,\"mutual_authentication\":1,\"cert_pinning\":1},\"certificate_checks\":{\"approach\":{\"cn\":1,\"issuer\":1,\"self-signed\":1,\"expiration\":1},\"fail_action\":\"pass-through\"},\"protocol_version\":{\"min\":\"ssl3\",\"max\":\"tls13\",\"mirror_client\":1},\"decrypt_mirror\":{\"enable\":1,\"mirror_profile\":4}}\t1\t2"
"0\t0\t2\t1\t1\t{}\t{\"protocol\":\"SSL/HTTP\",\"keyring\":765,\"dynamic_bypass\":{\"ev_cert\":0,\"cert_transparency\":0,\"mutual_authentication\":1,\"cert_pinning\":1,\"protocol_errors\":1},\"certificate_checks\":{\"approach\":{\"cn\":1,\"issuer\":1,\"self-signed\":1,\"expiration\":0},\"fail_action\":\"pass-through\"},\"protocol_version\":{\"min\":\"ssl3\",\"max\":\"ssl3\",\"mirror_client\":1,\"allow_http2\":1},\"decrypt_mirror\":{\"enable\":0}}\t1\t2",
"1\t0\t2\t1\t1\t{}\t{\"protocol\":\"SSL/HTTP\",\"keyring\":0,\"dynamic_bypass\":{\"ev_cert\":0,\"cert_transparency\":0,\"mutual_authentication\":1,\"cert_pinning\":1},\"certificate_checks\":{\"approach\":{\"cn\":1,\"issuer\":1,\"self-signed\":1,\"expiration\":1},\"fail_action\":\"pass-through\"},\"protocol_version\":{\"min\":\"ssl3\",\"max\":\"tls13\",\"mirror_client\":1},\"decrypt_mirror\":{\"enable\":1,\"mirror_profile\":4}}\t1\t2"
]
}
]

2
resource/pangu/table_info.conf
View File

@@ -42,5 +42,5 @@
16 PXY_PROFILE_RESPONSE_PAGES plugin {"key":1,"foreign":"4","valid":5}
17 PXY_PROFILE_HIJACK_FILES plugin {"key":1,"foreign":"5","valid":6}
18 PXY_PROFILE_INSERT_SCRIPTS plugin {"key":1,"foreign":"4","valid":6}
19 PXY_INTERCEPT_COMPILE plugin {"key":1,"valid":8}
19 TSG_SECURITY_COMPILE plugin {"key":1,"valid":8}
20 PXY_PROFILE_TRAFFIC_MIRROR plugin {"key":1,"valid":4}

2
resource/pangu/table_info_traffic_mirror.conf
View File

@@ -15,5 +15,5 @@
#
#For expr/expr_plus Table
#id name type src_charset dst_charset do_merge cross_cache quick_mode
0 PXY_INTERCEPT_COMPILE plugin {"key":1,"valid":8}
0 TSG_SECURITY_COMPILE plugin {"key":1,"valid":8}
1 PXY_PROFILE_TRAFFIC_MIRROR plugin {"key":1,"valid":4}