diff --git a/plugin/business/tsg-http/src/tsg_http.cpp b/plugin/business/tsg-http/src/tsg_http.cpp index 073140c..085e7e2 100644 --- a/plugin/business/tsg-http/src/tsg_http.cpp +++ b/plugin/business/tsg-http/src/tsg_http.cpp @@ -36,35 +36,18 @@ enum proxy_action { PX_ACTION_NONE = 0, - PX_ACTION_MONIT = 1, - PX_ACTION_INTERCEPT = 2, /* N/A */ - PX_ACTION_NO_INTERCEPT = 3, - PX_ACTION_ACTIVE_DEFENCE = 4, - PX_ACTION_WANNAT = 8, - PX_ACTION_REJECT = 16, - PX_ACTION_SHAPING = 32, - PX_ACTION_MANIPULATE = 48, - PX_ACTION_SERVICE_CHAINING=64, - PX_ACTION_WHITELIST = 96, - PX_ACTION_SHUNT = 128, - PX_STATISTICS = 129, + PX_ACTION_DENY = 1, + PX_ACTION_ALLOW = 2, + PX_ACTION_MONITOR = 3, + PX_ACTION_REDIRECT = 4, + PX_ACTION_REPLACE = 5, + PX_ACTION_HIJACK = 6, + PX_ACTION_REJECT = 7, + PX_ACTION_EDIT_ELEMENT = 8, + PX_ACTION_RUN_SCRIPT = 9, __PX_ACTION_MAX }; -enum manipulate_action -{ - MA_ACTION_REDIRECT = 0, - MA_ACTION_BLOCK, - MA_ACTION_REPLACE, - MA_ACTION_HIJACK, - MA_ACTION_INSERT, - MA_ACTION_ELEMENT, - MA_ACTION_LUA_SCRIPT, - MA_ACTION_ALLOW, - MA_ACTION_MONITOR, - __MA_ACTION_MAX -}; - enum scan_table { PXY_CTRL_HTTP_URL, @@ -135,7 +118,7 @@ struct maat_rule_t struct policy_action_param { int ref_cnt; - enum manipulate_action action; + enum proxy_action action; char *message; char *position; float enforcement_ratio; @@ -346,29 +329,6 @@ void trusted_CA_update_finish_cb(void* u_para) } } -static enum manipulate_action manipulate_action_str2idx(const char *action_str) -{ - const char *clue_action_map[__MA_ACTION_MAX]; - clue_action_map[MA_ACTION_REDIRECT]= "redirect"; - clue_action_map[MA_ACTION_BLOCK]= "block"; - clue_action_map[MA_ACTION_REPLACE]= "replace"; - clue_action_map[MA_ACTION_HIJACK]= "hijack"; - clue_action_map[MA_ACTION_INSERT]= "insert"; - clue_action_map[MA_ACTION_ELEMENT] = "edit_element"; - clue_action_map[MA_ACTION_LUA_SCRIPT] = "run_script"; - clue_action_map[MA_ACTION_ALLOW] = "allow"; - clue_action_map[MA_ACTION_MONITOR] = "monitor"; - - size_t i = 0; - - for (i = 0; i < sizeof(clue_action_map) / sizeof(const char *); i++) - { - if (0 == strcasecmp(action_str, clue_action_map[i])) - break; - } - return (enum manipulate_action)i; -} - void octal_utf8_escapes(char *input) { #define AFMTSIZE (67+2+1+2) @@ -446,18 +406,15 @@ unsigned char action_type_str2idx(const char *action_str) { const char * action_name[__PX_ACTION_MAX] ={0}; action_name[PX_ACTION_NONE] = "none"; - action_name[PX_ACTION_MONIT] = "monitor"; - action_name[PX_ACTION_INTERCEPT] = "intercept"; - action_name[PX_ACTION_NO_INTERCEPT] = "no_intercept"; - action_name[PX_ACTION_ACTIVE_DEFENCE] = "active_defence"; - action_name[PX_ACTION_WANNAT] = "wannat"; - action_name[PX_ACTION_REJECT] = "deny"; - action_name[PX_ACTION_SHAPING] = "shaping"; - action_name[PX_ACTION_MANIPULATE] = "manipulate"; - action_name[PX_ACTION_SERVICE_CHAINING] = "service_chaining"; - action_name[PX_ACTION_WHITELIST] = "allow"; - action_name[PX_ACTION_SHUNT] = "shunt"; - action_name[PX_STATISTICS] = "statistics"; + action_name[PX_ACTION_DENY] = "deny"; + action_name[PX_ACTION_ALLOW] = "allow"; + action_name[PX_ACTION_MONITOR] = "monitor"; + action_name[PX_ACTION_REDIRECT] = "redirect"; + action_name[PX_ACTION_REPLACE] = "replace"; + action_name[PX_ACTION_HIJACK] = "hijack"; + action_name[PX_ACTION_REJECT] = "inject"; + action_name[PX_ACTION_EDIT_ELEMENT] = "edit_element"; + action_name[PX_ACTION_RUN_SCRIPT] = "run_script"; int action = 0; for ( action = PX_ACTION_NONE; action < __PX_ACTION_MAX; action++) @@ -528,26 +485,21 @@ void policy_action_param_new(const char *table_name, const char* key, const char param->ref_cnt=1; pthread_mutex_init(&(param->lock), NULL); param->hit_rule.action_parameter = cJSON_PrintUnformatted(action_parameter); - - cJSON *method=cJSON_GetObjectItem(action_parameter,"method"); - if(method && method->type==cJSON_String) - { - param->action=manipulate_action_str2idx(method->valuestring); - } + param->action = (enum proxy_action)param->hit_rule.action; int rule_id=0; cJSON *rules=NULL, *item=NULL, *sub_item=NULL; switch(param->action) { - case MA_ACTION_ALLOW: - case MA_ACTION_MONITOR: + case PX_ACTION_ALLOW: + case PX_ACTION_MONITOR: item=cJSON_GetObjectItem(action_parameter,"vsys_id"); if(item && item->type==cJSON_Number) { param->hit_rule.vsys_id=item->valueint; } break; - case MA_ACTION_REDIRECT: + case PX_ACTION_REDIRECT: item=cJSON_GetObjectItem(action_parameter,"vsys_id"); if(item && item->type==cJSON_Number) { @@ -573,7 +525,7 @@ void policy_action_param_new(const char *table_name, const char* key, const char param->enforcement_ratio = 1; } break; - case MA_ACTION_BLOCK: + case PX_ACTION_DENY: item=cJSON_GetObjectItem(action_parameter,"vsys_id"); if(item && item->type==cJSON_Number) { @@ -595,7 +547,7 @@ void policy_action_param_new(const char *table_name, const char* key, const char param->profile_uuid_str = tfe_strdup(item->valuestring); } break; - case MA_ACTION_REPLACE: + case PX_ACTION_REPLACE: item=cJSON_GetObjectItem(action_parameter,"vsys_id"); if(item && item->type==cJSON_Number) { @@ -635,7 +587,7 @@ void policy_action_param_new(const char *table_name, const char* key, const char } param->n_rule = rule_id; break; - case MA_ACTION_HIJACK: + case PX_ACTION_HIJACK: item=cJSON_GetObjectItem(action_parameter,"vsys_id"); if(item && item->type==cJSON_Number) { @@ -656,7 +608,7 @@ void policy_action_param_new(const char *table_name, const char* key, const char param->enforcement_ratio = 1; } break; - case MA_ACTION_INSERT: + case PX_ACTION_REJECT: item=cJSON_GetObjectItem(action_parameter,"vsys_id"); if(item && item->type==cJSON_Number) { @@ -681,7 +633,7 @@ void policy_action_param_new(const char *table_name, const char* key, const char param->enforcement_ratio = 1; } break; - case MA_ACTION_ELEMENT: + case PX_ACTION_EDIT_ELEMENT: item=cJSON_GetObjectItem(action_parameter,"vsys_id"); if(item && item->type==cJSON_Number) { @@ -724,7 +676,7 @@ void policy_action_param_new(const char *table_name, const char* key, const char } param->e_rule = rule_id; break; - case MA_ACTION_LUA_SCRIPT: + case PX_ACTION_RUN_SCRIPT: item=cJSON_GetObjectItem(action_parameter,"vsys_id"); if(item && item->type==cJSON_Number) { @@ -745,7 +697,8 @@ void policy_action_param_new(const char *table_name, const char* key, const char param->enforcement_ratio = 1; } break; - default: assert(0); + default: + assert(0); break; } *ad=param; @@ -1292,9 +1245,7 @@ struct proxy_http_ctx static inline int ctx_actually_replaced(struct proxy_http_ctx * ctx) { - if(ctx->action == PX_ACTION_MANIPULATE && - ctx->param->action == MA_ACTION_REPLACE && - ctx->rep_ctx->actually_replaced==1) + if(ctx->action == PX_ACTION_REPLACE && ctx->rep_ctx->actually_replaced==1) { return 1; } @@ -1306,9 +1257,7 @@ static inline int ctx_actually_replaced(struct proxy_http_ctx * ctx) static inline int ctx_actually_ran_script(struct proxy_http_ctx * ctx) { - if(ctx->action == PX_ACTION_MANIPULATE && - ctx->param->action == MA_ACTION_LUA_SCRIPT && - ctx->tsg_ctx->actually_executed==1) + if(ctx->action == PX_ACTION_RUN_SCRIPT && ctx->tsg_ctx->actually_executed==1) { return 1; } @@ -1320,9 +1269,7 @@ static inline int ctx_actually_ran_script(struct proxy_http_ctx * ctx) static inline int ctx_actually_inserted(struct proxy_http_ctx * ctx) { - if(ctx->action == PX_ACTION_MANIPULATE && - ctx->param->action == MA_ACTION_INSERT && - ctx->ins_ctx->actually_inserted==1) + if(ctx->action == PX_ACTION_REJECT && ctx->ins_ctx->actually_inserted==1) { return 1; } @@ -1334,9 +1281,7 @@ static inline int ctx_actually_inserted(struct proxy_http_ctx * ctx) static inline int ctx_actually_edited(struct proxy_http_ctx * ctx) { - if(ctx->action == PX_ACTION_MANIPULATE && - ctx->param->action == MA_ACTION_ELEMENT && ctx->edit_ctx != NULL && - ctx->edit_ctx->actually_edited==1) + if(ctx->action == PX_ACTION_EDIT_ELEMENT && ctx->edit_ctx != NULL && ctx->edit_ctx->actually_edited==1) { return 1; } @@ -1348,10 +1293,7 @@ static inline int ctx_actually_edited(struct proxy_http_ctx * ctx) static inline int ctx_actually_manipulate(struct proxy_http_ctx * ctx) { - if(ctx->action == PX_ACTION_MANIPULATE && - (ctx->param->action == MA_ACTION_REDIRECT || - ctx->param->action == MA_ACTION_HIJACK)&& - ctx->manipulate_replaced==1) + if((ctx->action == PX_ACTION_REDIRECT || ctx->action == PX_ACTION_HIJACK) && ctx->manipulate_replaced==1) { return 1; } @@ -1512,11 +1454,7 @@ void proxy_send_metric_log(const struct tfe_stream * stream, struct proxy_http_c { size_t i=0; int hit_cnt=0; - const char *proxy_action_map[__PX_ACTION_MAX]; - proxy_action_map[PX_ACTION_MONIT]="monitor"; - proxy_action_map[PX_ACTION_REJECT]="deny"; - proxy_action_map[PX_ACTION_WHITELIST]="allow"; - const char *manipulate_action_map[]= {"redirect","block","replace","hijack","insert","edit_element","run_script"}; + const char *manipulate_action_map[]= {"none","deny","allow","monitor","redirect","replace","hijack","inject","edit_element","run_script"}; struct filedstat_easy_manipulation *fieldstat = tfe_get_fieldstat_handle()->manipulation; if(fieldstat == NULL) @@ -1528,16 +1466,8 @@ void proxy_send_metric_log(const struct tfe_stream * stream, struct proxy_http_c { fieldstat->tags[thread_id][TAG_VSYS_ID].value_longlong = ctx->enforce_rules[i].vsys_id; fieldstat->tags[thread_id][TAG_RULE_ID].value_str = ctx->enforce_rules[i].config_uuid_string; - fieldstat->tags[thread_id][TAG_ACTION].value_longlong = PX_ACTION_MANIPULATE; - if(ctx->enforce_rules[i].action == PX_ACTION_MANIPULATE) - { - fieldstat->tags[thread_id][TAG_SUB_ACTION].value_str = manipulate_action_map[ctx->param->action]; - } - else - { - fieldstat->tags[thread_id][TAG_SUB_ACTION].value_str = proxy_action_map[ctx->enforce_rules[i].action]; - } - + fieldstat->tags[thread_id][TAG_ACTION].value_longlong = 48; + fieldstat->tags[thread_id][TAG_SUB_ACTION].value_str = manipulate_action_map[ctx->param->action]; size_t c2s_byte_num = 0, s2c_byte_num =0; tfe_stream_info_get(stream, INFO_FROM_DOWNSTREAM_RX_OFFSET, &c2s_byte_num, sizeof(c2s_byte_num)); tfe_stream_info_get(stream, INFO_FROM_UPSTREAM_RX_OFFSET, &s2c_byte_num, sizeof(s2c_byte_num)); @@ -1609,10 +1539,15 @@ void __pangu_action_weight_init() __attribute__((constructor, used)); void __pangu_action_weight_init() { pangu_action_weight[PX_ACTION_NONE] = 0; - pangu_action_weight[PX_ACTION_MONIT] = 1; - pangu_action_weight[PX_ACTION_MANIPULATE] = 2; - pangu_action_weight[PX_ACTION_REJECT] = 3; - pangu_action_weight[PX_ACTION_WHITELIST] = 4; + pangu_action_weight[PX_ACTION_MONITOR] = 1; + pangu_action_weight[PX_ACTION_REDIRECT] = 2; + pangu_action_weight[PX_ACTION_REPLACE] = 2; + pangu_action_weight[PX_ACTION_HIJACK] = 2; + pangu_action_weight[PX_ACTION_REJECT] = 2; + pangu_action_weight[PX_ACTION_EDIT_ELEMENT] = 2; + pangu_action_weight[PX_ACTION_RUN_SCRIPT] = 2; + pangu_action_weight[PX_ACTION_DENY] = 3; + pangu_action_weight[PX_ACTION_ALLOW] = 4; } static inline int action_cmp(enum proxy_action a1, enum proxy_action a2) @@ -1653,7 +1588,7 @@ static enum proxy_action decide_ctrl_action(uuid_t *result, size_t n_hit, unsigned char __expand_action = (unsigned char) hit_rules[i].action; enum proxy_action __action = (enum proxy_action) __expand_action; - if (__action == PX_ACTION_MONIT) + if (__action == PX_ACTION_MONITOR) { memcpy(monit_rule + n_monit, hit_rules + i, sizeof(struct maat_rule_t)); n_monit++; @@ -1676,7 +1611,7 @@ static enum proxy_action decide_ctrl_action(uuid_t *result, size_t n_hit, } } - if (prior_action == PX_ACTION_WHITELIST) + if (prior_action == PX_ACTION_ALLOW) { if(*n_enforce==0) { @@ -1694,11 +1629,11 @@ static enum proxy_action decide_ctrl_action(uuid_t *result, size_t n_hit, { FREE(&hit_rules); } - return PX_ACTION_WHITELIST; + return PX_ACTION_ALLOW; } exist_enforce_num = *n_enforce; - if (prior_action == PX_ACTION_MONIT) + if (prior_action == PX_ACTION_MONITOR) { *n_enforce += n_monit; } @@ -1708,7 +1643,7 @@ static enum proxy_action decide_ctrl_action(uuid_t *result, size_t n_hit, } *enforce_rules = (struct maat_rule_t *) realloc(*enforce_rules, sizeof(struct maat_rule_t) * (*n_enforce)); - if (prior_action == PX_ACTION_MONIT) + if (prior_action == PX_ACTION_MONITOR) { memcpy(*enforce_rules + exist_enforce_num, monit_rule, n_monit * sizeof(struct maat_rule_t)); } @@ -2756,25 +2691,22 @@ static void http_manipulate(const struct tfe_stream * stream, const struct tfe_h switch(param->action) { - case MA_ACTION_REDIRECT: + case PX_ACTION_REDIRECT: http_redirect(stream, session, events, ctx); break; - case MA_ACTION_BLOCK: - http_block(stream, session, events, ctx); - break; - case MA_ACTION_REPLACE: + case PX_ACTION_REPLACE: http_replace(stream, session, events, body_frag, frag_size, ctx); break; - case MA_ACTION_HIJACK: + case PX_ACTION_HIJACK: http_hijack(session, events, ctx); break; - case MA_ACTION_INSERT: + case PX_ACTION_REJECT: http_insert(stream, session, events, body_frag, frag_size, ctx); break; - case MA_ACTION_ELEMENT: + case PX_ACTION_EDIT_ELEMENT: http_element(stream, session, events, body_frag, frag_size, ctx); break; - case MA_ACTION_LUA_SCRIPT: + case PX_ACTION_RUN_SCRIPT: http_lua(stream, session, events, body_frag, frag_size, ctx); break; default: assert(0); @@ -2875,7 +2807,6 @@ enum proxy_action http_scan(const struct tfe_http_session * session, enum tfe_ht { break; } - scan_ret = maat_scan_string(g_proxy_rt->feather, "TSG_OBJ_KEYWORD", attribute_name, field_val, strlen(field_val), result + hit_cnt, MAX_SCAN_RESULT - hit_cnt, &n_hit_result, ctx->scan_mid); if (scan_ret == MAAT_SCAN_HIT) @@ -2932,7 +2863,7 @@ enum proxy_action http_scan(const struct tfe_http_session * session, enum tfe_ht if (hit_cnt > 0) { ctx->action = decide_ctrl_action(result, hit_cnt, &ctx->enforce_rules, &ctx->n_enforce, &ctx->param); - if (ctx->action == PX_ACTION_WHITELIST) + if (ctx->action == PX_ACTION_ALLOW) { TFE_LOG_INFO(g_proxy_rt->local_logger, "Bypass rules matched: url=%s policy id=%s.", session->req->req_spec.url, ctx->enforce_rules[0].config_uuid_string); @@ -2963,7 +2894,7 @@ void enforce_control_policy(const struct tfe_stream * stream, const struct tfe_h enum tfe_http_event events, const unsigned char * body_frag, size_t frag_size, unsigned int thread_id, struct proxy_http_ctx * ctx) { - if(ctx->action==PX_ACTION_NONE||ctx->action==PX_ACTION_MONIT) + if(ctx->action==PX_ACTION_NONE||ctx->action==PX_ACTION_MONITOR) { //ctx->action changed in http_scan. http_scan(session, events, body_frag, frag_size, ctx, stream); @@ -2972,25 +2903,23 @@ void enforce_control_policy(const struct tfe_stream * stream, const struct tfe_h { case PX_ACTION_NONE: break; - case PX_ACTION_MONIT: + case PX_ACTION_MONITOR: //send log on close. break; - case PX_ACTION_REJECT: + case PX_ACTION_DENY: http_block(stream, session, events, ctx); break; - case PX_ACTION_MANIPULATE: - http_manipulate(stream, session, events, body_frag, frag_size, ctx); - break; - case PX_ACTION_WHITELIST: + case PX_ACTION_ALLOW: tfe_http_session_detach(session); ATOMIC_INC(&(g_proxy_rt->stat_val[STAT_ACTION_WHITELSIT])); break; - default: assert(0); + default: + http_manipulate(stream, session, events, body_frag, frag_size, ctx); break; } /* Don't store reqeust/response body when NOT hit or hit whitelist */ - if(ctx->action == PX_ACTION_NONE || ctx->action == PX_ACTION_WHITELIST) + if(ctx->action == PX_ACTION_NONE || ctx->action == PX_ACTION_ALLOW) { return; } @@ -3009,7 +2938,7 @@ void enforce_control_policy(const struct tfe_stream * stream, const struct tfe_h } if((((ctx_actually_replaced(ctx)) || (ctx_actually_inserted(ctx)) || (ctx_actually_edited(ctx)) || (ctx_actually_manipulate(ctx)) - || ctx_actually_ran_script(ctx)) || ctx->action == PX_ACTION_REJECT || (ctx->action == PX_ACTION_MONIT))) + || ctx_actually_ran_script(ctx)) || ctx->action == PX_ACTION_DENY || (ctx->action == PX_ACTION_MONITOR))) { proxy_send_metric_log(stream, ctx, thread_id, 1); } @@ -3106,11 +3035,11 @@ void proxy_on_http_end(const struct tfe_stream * stream, size_t i=0, j=0; int ret=0; - if(ctx->action == PX_ACTION_MANIPULATE && ctx->param->action == MA_ACTION_REPLACE && ctx->rep_ctx->actually_replaced==0) + if(ctx->param != NULL && ctx->param->action == PX_ACTION_REPLACE && ctx->rep_ctx->actually_replaced==0) { for(i=0; i< ctx->n_enforce; i++) { - if((unsigned char)ctx->enforce_rules[i].action == PX_ACTION_MANIPULATE) + if((unsigned char)ctx->enforce_rules[i].action == PX_ACTION_REPLACE) { if(i+1 > ctx->n_enforce) { @@ -3127,24 +3056,20 @@ void proxy_on_http_end(const struct tfe_stream * stream, } } struct proxy_log log_msg = {.stream=stream, .http=session, .result=(struct log_rule_t *)ctx->enforce_rules, .result_num=ctx->n_enforce, - .req_body=ctx->log_req_body, .resp_body=ctx->log_resp_body, .action=0, .inject_sz=ctx->inject_sz, .c2s_byte_num=ctx->c2s_byte_num, + .req_body=ctx->log_req_body, .resp_body=ctx->log_resp_body, .action=ctx->action, .inject_sz=ctx->inject_sz, .c2s_byte_num=ctx->c2s_byte_num, .s2c_byte_num=ctx->s2c_byte_num}; - if(ctx->action == PX_ACTION_MANIPULATE) - { - log_msg.action = ctx->param->action; - } if(ctx->action != PX_ACTION_NONE && (((ctx_actually_replaced(ctx)) || (ctx_actually_inserted(ctx)) || (ctx_actually_edited(ctx)) || - (ctx_actually_manipulate(ctx)) || ctx_actually_ran_script(ctx)) || (ctx->action == PX_ACTION_MONIT || - ctx->action == PX_ACTION_REJECT || ctx->action == PX_ACTION_WHITELIST))) + (ctx_actually_manipulate(ctx)) || ctx_actually_ran_script(ctx)) || (ctx->action == PX_ACTION_MONITOR || + ctx->action == PX_ACTION_DENY || ctx->action == PX_ACTION_ALLOW))) { ret=proxy_send_log(g_proxy_rt->send_logger, &log_msg); ATOMIC_ADD(&(g_proxy_rt->stat_val[STAT_LOG_NUM]), ret); for(i=0; i< ctx->n_enforce; i++) { - if(ctx->enforce_rules[i].action == PX_ACTION_MONIT) + if(ctx->enforce_rules[i].action == PX_ACTION_MONITOR) { ATOMIC_INC(&(g_proxy_rt->stat_val[STAT_ACTION_MONIT])); } diff --git a/plugin/business/tsg-http/src/tsg_logger.cpp b/plugin/business/tsg-http/src/tsg_logger.cpp index 258c184..3e25f82 100644 --- a/plugin/business/tsg-http/src/tsg_logger.cpp +++ b/plugin/business/tsg-http/src/tsg_logger.cpp @@ -29,17 +29,18 @@ struct proxy_logger struct cache_evbase_instance * log_file_upload_instance; }; -enum _log_action //Bigger action number is prior. +enum _log_action { - LG_ACTION_NONE = 0x00, - LG_ACTION_MONIT = 0x01, - LG_ACTION_FORWARD = 0x02, /* N/A */ - LG_ACTION_REJECT = 0x10, - LG_ACTION_DROP = 0x20, /* N/A */ - LG_ACTION_MANIPULATE = 0x30, - LG_ACTION_RATELIMIT = 0x40, /* N/A */ - LG_ACTION_WHITELIST = 0x60, - LG_ACTION_SHUNT = 0x80, + LG_ACTION_NONE = 0, + LG_ACTION_DENY = 1, + LG_ACTION_ALLOW = 2, + LG_ACTION_MONITOR = 3, + LG_ACTION_REDIRECT = 4, + LG_ACTION_REPLACE = 5, + LG_ACTION_HIJACK = 6, + LG_ACTION_REJECT = 7, + LG_ACTION_EDIT_ELEMENT = 8, + LG_ACTION_RUN_SCRIPT = 9, __LG_ACTION_MAX }; @@ -213,13 +214,7 @@ int proxy_send_log(struct proxy_logger* handle, const struct proxy_log* log_msg) char dst_ip_str[MAX(INET6_ADDRSTRLEN,INET_ADDRSTRLEN)] = {0}; const char *app_proto[]= {"unkonw","http1", "http2"}; - - const char *manipulate_action_map[]= {"redirect","block","replace","hijack","insert","edit_element","run_script"}; - - const char *panggu_action_map[__LG_ACTION_MAX]; - panggu_action_map[LG_ACTION_MONIT]="monitor"; - panggu_action_map[LG_ACTION_REJECT]="deny"; - panggu_action_map[LG_ACTION_WHITELIST]="allow"; + const char *manipulate_action_map[]= {"none","deny","allow","monitor","redirect","replace","hijack","inject","edit_element","run_script"}; struct json_spec req_fields[]={ {"http_cookie", TFE_HTTP_COOKIE}, {"http_referer", TFE_HTTP_REFERER}, @@ -359,7 +354,7 @@ int proxy_send_log(struct proxy_logger* handle, const struct proxy_log* log_msg) char *monit_config_id[16]={0}; for(size_t i=0; iresult_num; i++) { - if(log_msg->result[i].action == LG_ACTION_MONIT) + if(log_msg->result[i].action == LG_ACTION_MONITOR) { monit_config_id[j]=log_msg->result[i].config_uuid_string; j++; @@ -379,7 +374,7 @@ int proxy_send_log(struct proxy_logger* handle, const struct proxy_log* log_msg) continue; } - if(log_msg->result[i].action == LG_ACTION_MONIT && enable_monit==1) + if(log_msg->result[i].action == LG_ACTION_MONITOR && enable_monit==1) { continue; } @@ -387,7 +382,7 @@ int proxy_send_log(struct proxy_logger* handle, const struct proxy_log* log_msg) cJSON *proxy_rule_list=NULL; char *config_id[1]={0}; per_hit_obj=cJSON_Duplicate(common_obj, 1); - if(log_msg->result[i].action == LG_ACTION_MONIT) + if(log_msg->result[i].action == LG_ACTION_MONITOR) { proxy_rule_list = cJSON_CreateStringArray((const char **)monit_config_id, j); enable_monit=1; @@ -399,16 +394,8 @@ int proxy_send_log(struct proxy_logger* handle, const struct proxy_log* log_msg) } cJSON_AddItemToObject(per_hit_obj, "proxy_rule_list", proxy_rule_list); cJSON_AddNumberToObject(per_hit_obj, "vsys_id", log_msg->result[i].vsys_id); - if(log_msg->result[i].action == LG_ACTION_MANIPULATE) - { - cJSON_AddStringToObject(per_hit_obj, "proxy_action", manipulate_action_map[log_msg->action]); - cJSON_AddNumberToObject(per_hit_obj, "http_action_file_size", log_msg->inject_sz); - } - else - { - cJSON_AddStringToObject(per_hit_obj, "proxy_action", panggu_action_map[(unsigned char)(log_msg->result[i].action)]); - } - + cJSON_AddStringToObject(per_hit_obj, "proxy_action", manipulate_action_map[log_msg->result[i].action]); + cJSON_AddNumberToObject(per_hit_obj, "http_action_file_size", log_msg->inject_sz); log_payload = cJSON_PrintUnformatted(per_hit_obj); TFE_LOG_DEBUG(handle->local_logger, "%s", log_payload);