TSG-22751 In the manipulation of the Proxy, remove the method definition in action_parameter and update the action definition.

2024-10-21 18:32:15 +08:00
parent 5c1b881b95
commit c1df25d745
2 changed files with 91 additions and 179 deletions
--- a/plugin/business/tsg-http/src/tsg_http.cpp
+++ b/plugin/business/tsg-http/src/tsg_http.cpp
@@ -36,35 +36,18 @@
 enum proxy_action
 {
 	PX_ACTION_NONE = 0,
-	PX_ACTION_MONIT = 1,
+	PX_ACTION_DENY = 1,
-	PX_ACTION_INTERCEPT = 2,    /* N/A */
+	PX_ACTION_ALLOW = 2,
-	PX_ACTION_NO_INTERCEPT = 3,
+	PX_ACTION_MONITOR = 3,
-	PX_ACTION_ACTIVE_DEFENCE = 4,
+	PX_ACTION_REDIRECT = 4,
-	PX_ACTION_WANNAT = 8,
+	PX_ACTION_REPLACE = 5,
-	PX_ACTION_REJECT = 16,
+	PX_ACTION_HIJACK = 6,
-	PX_ACTION_SHAPING = 32,
+	PX_ACTION_REJECT = 7,
-	PX_ACTION_MANIPULATE = 48,
+	PX_ACTION_EDIT_ELEMENT = 8,
-	PX_ACTION_SERVICE_CHAINING=64,
+	PX_ACTION_RUN_SCRIPT = 9,
 	PX_ACTION_WHITELIST = 96,
 	PX_ACTION_SHUNT = 128,
 	PX_STATISTICS = 129,
 	__PX_ACTION_MAX
 };
 enum manipulate_action
 {
 	MA_ACTION_REDIRECT = 0,
 	MA_ACTION_BLOCK,
 	MA_ACTION_REPLACE,
 	MA_ACTION_HIJACK,
 	MA_ACTION_INSERT,
 	MA_ACTION_ELEMENT,
 	MA_ACTION_LUA_SCRIPT,
 	MA_ACTION_ALLOW,
 	MA_ACTION_MONITOR,
 	__MA_ACTION_MAX
 };
 enum scan_table
 {
 	PXY_CTRL_HTTP_URL,
@@ -135,7 +118,7 @@ struct maat_rule_t
 struct policy_action_param
 {
 	int ref_cnt;
-	enum manipulate_action action;
+	enum proxy_action action;
 	char *message;
 	char *position;
 	float enforcement_ratio;
@@ -346,29 +329,6 @@ void trusted_CA_update_finish_cb(void* u_para)
 	}
 }
 static enum manipulate_action manipulate_action_str2idx(const char *action_str)
 {
 	const char *clue_action_map[__MA_ACTION_MAX];
 	clue_action_map[MA_ACTION_REDIRECT]= "redirect";
 	clue_action_map[MA_ACTION_BLOCK]= "block";
 	clue_action_map[MA_ACTION_REPLACE]= "replace";
 	clue_action_map[MA_ACTION_HIJACK]= "hijack";
 	clue_action_map[MA_ACTION_INSERT]= "insert";
 	clue_action_map[MA_ACTION_ELEMENT] = "edit_element";
 	clue_action_map[MA_ACTION_LUA_SCRIPT] = "run_script";
 	clue_action_map[MA_ACTION_ALLOW] = "allow";
 	clue_action_map[MA_ACTION_MONITOR] = "monitor";
 	size_t i = 0;
 	for (i = 0; i < sizeof(clue_action_map) / sizeof(const char *); i++)
 	{
 		if (0 == strcasecmp(action_str, clue_action_map[i]))
 			break;
 	}
 	return (enum manipulate_action)i;
 }
 void octal_utf8_escapes(char *input)
 {
 #define AFMTSIZE (67+2+1+2)
@@ -446,18 +406,15 @@ unsigned char action_type_str2idx(const char *action_str)
 {
 	const char * action_name[__PX_ACTION_MAX] ={0};
 	action_name[PX_ACTION_NONE] = "none";
-	action_name[PX_ACTION_MONIT] = "monitor";
+	action_name[PX_ACTION_DENY] = "deny";
-	action_name[PX_ACTION_INTERCEPT] = "intercept";
+	action_name[PX_ACTION_ALLOW] = "allow";
-	action_name[PX_ACTION_NO_INTERCEPT] = "no_intercept";
+	action_name[PX_ACTION_MONITOR] = "monitor";
-	action_name[PX_ACTION_ACTIVE_DEFENCE] = "active_defence";
+	action_name[PX_ACTION_REDIRECT] = "redirect";
-	action_name[PX_ACTION_WANNAT] = "wannat";
+	action_name[PX_ACTION_REPLACE] = "replace";
-	action_name[PX_ACTION_REJECT] = "deny";
+	action_name[PX_ACTION_HIJACK] = "hijack";
-	action_name[PX_ACTION_SHAPING] = "shaping";
+	action_name[PX_ACTION_REJECT] = "inject";
-	action_name[PX_ACTION_MANIPULATE] = "manipulate";
+	action_name[PX_ACTION_EDIT_ELEMENT] = "edit_element";
-	action_name[PX_ACTION_SERVICE_CHAINING] = "service_chaining";
+	action_name[PX_ACTION_RUN_SCRIPT] = "run_script";
 	action_name[PX_ACTION_WHITELIST] = "allow";
 	action_name[PX_ACTION_SHUNT] = "shunt";
 	action_name[PX_STATISTICS] = "statistics";
 	int action = 0;
 	for ( action = PX_ACTION_NONE; action < __PX_ACTION_MAX; action++)
@@ -528,26 +485,21 @@ void policy_action_param_new(const char *table_name, const char* key, const char
 	param->ref_cnt=1;
 	pthread_mutex_init(&(param->lock), NULL);
 	param->hit_rule.action_parameter = cJSON_PrintUnformatted(action_parameter);
-
+	param->action = (enum proxy_action)param->hit_rule.action;
 	cJSON *method=cJSON_GetObjectItem(action_parameter,"method");
 	if(method && method->type==cJSON_String)
 	{
 		param->action=manipulate_action_str2idx(method->valuestring);
 	}
 	int rule_id=0;
 	cJSON *rules=NULL, *item=NULL, *sub_item=NULL;
 	switch(param->action)
 	{
-		case MA_ACTION_ALLOW:
+		case PX_ACTION_ALLOW:
-		case MA_ACTION_MONITOR:
+		case PX_ACTION_MONITOR:
 			item=cJSON_GetObjectItem(action_parameter,"vsys_id");
 			if(item && item->type==cJSON_Number)
 			{
 				param->hit_rule.vsys_id=item->valueint;
 			}
 			break;
-		case MA_ACTION_REDIRECT:
+		case PX_ACTION_REDIRECT:
 			item=cJSON_GetObjectItem(action_parameter,"vsys_id");
 			if(item && item->type==cJSON_Number)
 			{
@@ -573,7 +525,7 @@ void policy_action_param_new(const char *table_name, const char* key, const char
 				param->enforcement_ratio = 1;
 			}
 			break;
-		case MA_ACTION_BLOCK:
+		case PX_ACTION_DENY:
 			item=cJSON_GetObjectItem(action_parameter,"vsys_id");
 			if(item && item->type==cJSON_Number)
 			{
@@ -595,7 +547,7 @@ void policy_action_param_new(const char *table_name, const char* key, const char
 				param->profile_uuid_str = tfe_strdup(item->valuestring);
 			}
 			break;
-		case MA_ACTION_REPLACE:
+		case PX_ACTION_REPLACE:
 			item=cJSON_GetObjectItem(action_parameter,"vsys_id");
 			if(item && item->type==cJSON_Number)
 			{
@@ -635,7 +587,7 @@ void policy_action_param_new(const char *table_name, const char* key, const char
 			}
 			param->n_rule = rule_id;
 			break;
-		case MA_ACTION_HIJACK:
+		case PX_ACTION_HIJACK:
 			item=cJSON_GetObjectItem(action_parameter,"vsys_id");
 			if(item && item->type==cJSON_Number)
 			{
@@ -656,7 +608,7 @@ void policy_action_param_new(const char *table_name, const char* key, const char
 				param->enforcement_ratio = 1;
 			}
 			break;
-		case MA_ACTION_INSERT:
+		case PX_ACTION_REJECT:
 			item=cJSON_GetObjectItem(action_parameter,"vsys_id");
 			if(item && item->type==cJSON_Number)
 			{
@@ -681,7 +633,7 @@ void policy_action_param_new(const char *table_name, const char* key, const char
 				param->enforcement_ratio = 1;
 			}
 			break;
-		case MA_ACTION_ELEMENT:
+		case PX_ACTION_EDIT_ELEMENT:
 			item=cJSON_GetObjectItem(action_parameter,"vsys_id");
 			if(item && item->type==cJSON_Number)
 			{
@@ -724,7 +676,7 @@ void policy_action_param_new(const char *table_name, const char* key, const char
 			}
 			param->e_rule = rule_id;
 			break;
-		case MA_ACTION_LUA_SCRIPT:
+		case PX_ACTION_RUN_SCRIPT:
 			item=cJSON_GetObjectItem(action_parameter,"vsys_id");
 			if(item && item->type==cJSON_Number)
 			{
@@ -745,7 +697,8 @@ void policy_action_param_new(const char *table_name, const char* key, const char
 				param->enforcement_ratio = 1;
 			}
 			break;
-		default: assert(0);
+		default: 
 			assert(0);
 			break;
 	}
 	*ad=param;
@@ -1292,9 +1245,7 @@ struct proxy_http_ctx
 static inline int ctx_actually_replaced(struct proxy_http_ctx * ctx)
 {
-	if(ctx->action == PX_ACTION_MANIPULATE &&
+	if(ctx->action == PX_ACTION_REPLACE && ctx->rep_ctx->actually_replaced==1)
 	   ctx->param->action == MA_ACTION_REPLACE &&
 	   ctx->rep_ctx->actually_replaced==1)
 	{
 		return 1;
 	}
@@ -1306,9 +1257,7 @@ static inline int ctx_actually_replaced(struct proxy_http_ctx * ctx)
 static inline int ctx_actually_ran_script(struct proxy_http_ctx * ctx)
 {
-	if(ctx->action == PX_ACTION_MANIPULATE &&
+	if(ctx->action == PX_ACTION_RUN_SCRIPT && ctx->tsg_ctx->actually_executed==1)
 	   ctx->param->action == MA_ACTION_LUA_SCRIPT &&
 	   ctx->tsg_ctx->actually_executed==1)
 	{
 		return 1;
 	}
@@ -1320,9 +1269,7 @@ static inline int ctx_actually_ran_script(struct proxy_http_ctx * ctx)
 static inline int ctx_actually_inserted(struct proxy_http_ctx * ctx)
 {
-	if(ctx->action == PX_ACTION_MANIPULATE &&
+	if(ctx->action == PX_ACTION_REJECT && ctx->ins_ctx->actually_inserted==1)
 	   ctx->param->action == MA_ACTION_INSERT &&
 	   ctx->ins_ctx->actually_inserted==1)
 	{
 		return 1;
 	}
@@ -1334,9 +1281,7 @@ static inline int ctx_actually_inserted(struct proxy_http_ctx * ctx)
 static inline int ctx_actually_edited(struct proxy_http_ctx * ctx)
 {
-	if(ctx->action == PX_ACTION_MANIPULATE &&
+	if(ctx->action == PX_ACTION_EDIT_ELEMENT && ctx->edit_ctx != NULL && ctx->edit_ctx->actually_edited==1)
 	   ctx->param->action == MA_ACTION_ELEMENT && ctx->edit_ctx != NULL &&
 	   ctx->edit_ctx->actually_edited==1)
 	{
 		return 1;
 	}
@@ -1348,10 +1293,7 @@ static inline int ctx_actually_edited(struct proxy_http_ctx * ctx)
 static inline int ctx_actually_manipulate(struct proxy_http_ctx * ctx)
 {
-	if(ctx->action == PX_ACTION_MANIPULATE &&
+	if((ctx->action == PX_ACTION_REDIRECT || ctx->action == PX_ACTION_HIJACK) && ctx->manipulate_replaced==1)
 	   (ctx->param->action == MA_ACTION_REDIRECT ||
 	    ctx->param->action == MA_ACTION_HIJACK)&&
 	    ctx->manipulate_replaced==1)
 	{
 		return 1;
 	}
@@ -1512,11 +1454,7 @@ void proxy_send_metric_log(const struct tfe_stream * stream, struct proxy_http_c
 {
 	size_t i=0;
 	int hit_cnt=0;
-	const char *proxy_action_map[__PX_ACTION_MAX];
+	const char *manipulate_action_map[]= {"none","deny","allow","monitor","redirect","replace","hijack","inject","edit_element","run_script"};
 	proxy_action_map[PX_ACTION_MONIT]="monitor";
 	proxy_action_map[PX_ACTION_REJECT]="deny";
 	proxy_action_map[PX_ACTION_WHITELIST]="allow";
 	const char *manipulate_action_map[]= {"redirect","block","replace","hijack","insert","edit_element","run_script"};
 	struct filedstat_easy_manipulation *fieldstat = tfe_get_fieldstat_handle()->manipulation;
 	if(fieldstat == NULL)
@@ -1528,16 +1466,8 @@ void proxy_send_metric_log(const struct tfe_stream * stream, struct proxy_http_c
 	{
 		fieldstat->tags[thread_id][TAG_VSYS_ID].value_longlong = ctx->enforce_rules[i].vsys_id;
 		fieldstat->tags[thread_id][TAG_RULE_ID].value_str = ctx->enforce_rules[i].config_uuid_string;
-		fieldstat->tags[thread_id][TAG_ACTION].value_longlong = PX_ACTION_MANIPULATE;
+		fieldstat->tags[thread_id][TAG_ACTION].value_longlong = 48;
 		if(ctx->enforce_rules[i].action == PX_ACTION_MANIPULATE)
 		{
 		fieldstat->tags[thread_id][TAG_SUB_ACTION].value_str = manipulate_action_map[ctx->param->action];
 		}
 		else
 		{
 			fieldstat->tags[thread_id][TAG_SUB_ACTION].value_str = proxy_action_map[ctx->enforce_rules[i].action];
 		}
 		size_t c2s_byte_num = 0, s2c_byte_num =0;
 		tfe_stream_info_get(stream, INFO_FROM_DOWNSTREAM_RX_OFFSET, &c2s_byte_num, sizeof(c2s_byte_num));
 		tfe_stream_info_get(stream, INFO_FROM_UPSTREAM_RX_OFFSET, &s2c_byte_num, sizeof(s2c_byte_num));
@@ -1609,10 +1539,15 @@ void __pangu_action_weight_init()  __attribute__((constructor, used));
 void __pangu_action_weight_init()
 {
 	pangu_action_weight[PX_ACTION_NONE] = 0;
-	pangu_action_weight[PX_ACTION_MONIT] = 1;
+	pangu_action_weight[PX_ACTION_MONITOR] = 1;
-	pangu_action_weight[PX_ACTION_MANIPULATE] = 2;
+	pangu_action_weight[PX_ACTION_REDIRECT] = 2;
-	pangu_action_weight[PX_ACTION_REJECT] = 3;
+	pangu_action_weight[PX_ACTION_REPLACE] = 2;
-	pangu_action_weight[PX_ACTION_WHITELIST] = 4;
+	pangu_action_weight[PX_ACTION_HIJACK] = 2;
 	pangu_action_weight[PX_ACTION_REJECT] = 2;
 	pangu_action_weight[PX_ACTION_EDIT_ELEMENT] = 2;
 	pangu_action_weight[PX_ACTION_RUN_SCRIPT] = 2;
 	pangu_action_weight[PX_ACTION_DENY] = 3;
 	pangu_action_weight[PX_ACTION_ALLOW] = 4;
 }
 static inline int action_cmp(enum proxy_action a1, enum proxy_action a2)
@@ -1653,7 +1588,7 @@ static enum proxy_action decide_ctrl_action(uuid_t *result, size_t n_hit,
 		unsigned char __expand_action = (unsigned char) hit_rules[i].action;
 		enum proxy_action __action = (enum proxy_action) __expand_action;
-		if (__action == PX_ACTION_MONIT)
+		if (__action == PX_ACTION_MONITOR)
 		{
 			memcpy(monit_rule + n_monit, hit_rules + i, sizeof(struct maat_rule_t));
 			n_monit++;
@@ -1676,7 +1611,7 @@ static enum proxy_action decide_ctrl_action(uuid_t *result, size_t n_hit,
 		}
 	}
-	if (prior_action == PX_ACTION_WHITELIST)
+	if (prior_action == PX_ACTION_ALLOW)
 	{
 		if(*n_enforce==0)
 		{
@@ -1694,11 +1629,11 @@ static enum proxy_action decide_ctrl_action(uuid_t *result, size_t n_hit,
 		{
 			FREE(&hit_rules);
 		}
-		return PX_ACTION_WHITELIST;
+		return PX_ACTION_ALLOW;
 	}
 	exist_enforce_num = *n_enforce;
-	if (prior_action == PX_ACTION_MONIT)
+	if (prior_action == PX_ACTION_MONITOR)
 	{
 		*n_enforce += n_monit;
 	}
@@ -1708,7 +1643,7 @@ static enum proxy_action decide_ctrl_action(uuid_t *result, size_t n_hit,
 	}
 	*enforce_rules = (struct maat_rule_t *) realloc(*enforce_rules, sizeof(struct maat_rule_t) * (*n_enforce));
-	if (prior_action == PX_ACTION_MONIT)
+	if (prior_action == PX_ACTION_MONITOR)
 	{
 		memcpy(*enforce_rules + exist_enforce_num, monit_rule, n_monit * sizeof(struct maat_rule_t));
 	}
@@ -2756,25 +2691,22 @@ static void http_manipulate(const struct tfe_stream * stream, const struct tfe_h
 	switch(param->action)
 	{
-		case MA_ACTION_REDIRECT:
+		case PX_ACTION_REDIRECT:
 			http_redirect(stream, session, events, ctx);
 			break;
-		case MA_ACTION_BLOCK:
+		case PX_ACTION_REPLACE:
 			http_block(stream, session, events, ctx);
 			break;
 		case MA_ACTION_REPLACE:
 			http_replace(stream, session, events, body_frag, frag_size, ctx);
 			break;
-		case MA_ACTION_HIJACK:
+		case PX_ACTION_HIJACK:
 			http_hijack(session, events, ctx);
 			break;
-		case MA_ACTION_INSERT:
+		case PX_ACTION_REJECT:
 			http_insert(stream, session, events, body_frag, frag_size, ctx);
 			break;
-		case MA_ACTION_ELEMENT:
+		case PX_ACTION_EDIT_ELEMENT:
 			http_element(stream, session, events, body_frag, frag_size, ctx);
 			break;
-		case MA_ACTION_LUA_SCRIPT:
+		case PX_ACTION_RUN_SCRIPT:
 			http_lua(stream, session, events, body_frag, frag_size, ctx);
 			break;
 		default: assert(0);
@@ -2875,7 +2807,6 @@ enum proxy_action http_scan(const struct tfe_http_session * session, enum tfe_ht
 			{
 				break;
 			}
 			scan_ret = maat_scan_string(g_proxy_rt->feather, "TSG_OBJ_KEYWORD", attribute_name, field_val, strlen(field_val),
 					  				    result + hit_cnt, MAX_SCAN_RESULT - hit_cnt, &n_hit_result, ctx->scan_mid);
 			if (scan_ret == MAAT_SCAN_HIT)
@@ -2932,7 +2863,7 @@ enum proxy_action http_scan(const struct tfe_http_session * session, enum tfe_ht
 	if (hit_cnt > 0)
 	{
 		ctx->action = decide_ctrl_action(result, hit_cnt, &ctx->enforce_rules, &ctx->n_enforce, &ctx->param);
-		if (ctx->action == PX_ACTION_WHITELIST)
+		if (ctx->action == PX_ACTION_ALLOW)
 		{
 			TFE_LOG_INFO(g_proxy_rt->local_logger, "Bypass rules matched: url=%s policy id=%s.",
 				session->req->req_spec.url, ctx->enforce_rules[0].config_uuid_string);
@@ -2963,7 +2894,7 @@ void enforce_control_policy(const struct tfe_stream * stream, const struct tfe_h
 					enum tfe_http_event events, const unsigned char * body_frag, size_t frag_size, unsigned int thread_id,
 					struct proxy_http_ctx * ctx)
 {
-	if(ctx->action==PX_ACTION_NONE||ctx->action==PX_ACTION_MONIT)
+	if(ctx->action==PX_ACTION_NONE||ctx->action==PX_ACTION_MONITOR)
 	{
 		//ctx->action changed in http_scan.
 		http_scan(session, events, body_frag, frag_size, ctx, stream);
@@ -2972,25 +2903,23 @@ void enforce_control_policy(const struct tfe_stream * stream, const struct tfe_h
 	{
 		case PX_ACTION_NONE:
 			break;
-		case PX_ACTION_MONIT:
+		case PX_ACTION_MONITOR:
 			//send log on close.
 			break;
-		case PX_ACTION_REJECT:
+		case PX_ACTION_DENY:
 			http_block(stream, session, events, ctx);
 			break;
-		case PX_ACTION_MANIPULATE:
+		case PX_ACTION_ALLOW:
 			http_manipulate(stream, session, events, body_frag, frag_size, ctx);
 			break;
 		case PX_ACTION_WHITELIST:
 			tfe_http_session_detach(session);
 			ATOMIC_INC(&(g_proxy_rt->stat_val[STAT_ACTION_WHITELSIT]));
 			break;
-		default: assert(0);
+		default:
 			http_manipulate(stream, session, events, body_frag, frag_size, ctx);
 			break;
 	}
 	/* Don't store reqeust/response body when NOT hit or hit whitelist */
-	if(ctx->action == PX_ACTION_NONE || ctx->action == PX_ACTION_WHITELIST)
+	if(ctx->action == PX_ACTION_NONE || ctx->action == PX_ACTION_ALLOW)
 	{
 		return;
 	}
@@ -3009,7 +2938,7 @@ void enforce_control_policy(const struct tfe_stream * stream, const struct tfe_h
 	}
 	if((((ctx_actually_replaced(ctx)) || (ctx_actually_inserted(ctx)) || (ctx_actually_edited(ctx)) || (ctx_actually_manipulate(ctx))
-	     || ctx_actually_ran_script(ctx)) || ctx->action == PX_ACTION_REJECT || (ctx->action == PX_ACTION_MONIT)))
+	     || ctx_actually_ran_script(ctx)) || ctx->action == PX_ACTION_DENY || (ctx->action == PX_ACTION_MONITOR)))
 	{
 		proxy_send_metric_log(stream, ctx, thread_id, 1);
 	}
@@ -3106,11 +3035,11 @@ void proxy_on_http_end(const struct tfe_stream * stream,
 	size_t i=0, j=0;
 	int ret=0;
-	if(ctx->action == PX_ACTION_MANIPULATE && ctx->param->action == MA_ACTION_REPLACE && ctx->rep_ctx->actually_replaced==0)
+	if(ctx->param != NULL && ctx->param->action == PX_ACTION_REPLACE && ctx->rep_ctx->actually_replaced==0)
 	{
 		for(i=0; i< ctx->n_enforce; i++)
 		{
-			if((unsigned char)ctx->enforce_rules[i].action == PX_ACTION_MANIPULATE)
+			if((unsigned char)ctx->enforce_rules[i].action == PX_ACTION_REPLACE)
 			{
 				if(i+1 > ctx->n_enforce)
 				{
@@ -3127,24 +3056,20 @@ void proxy_on_http_end(const struct tfe_stream * stream,
 		}
 	}
 	struct proxy_log log_msg =  {.stream=stream, .http=session, .result=(struct log_rule_t *)ctx->enforce_rules, .result_num=ctx->n_enforce,
-								.req_body=ctx->log_req_body, .resp_body=ctx->log_resp_body, .action=0, .inject_sz=ctx->inject_sz, .c2s_byte_num=ctx->c2s_byte_num,
+								.req_body=ctx->log_req_body, .resp_body=ctx->log_resp_body, .action=ctx->action, .inject_sz=ctx->inject_sz, .c2s_byte_num=ctx->c2s_byte_num,
 							    .s2c_byte_num=ctx->s2c_byte_num};
 	if(ctx->action == PX_ACTION_MANIPULATE)
 	{
 		log_msg.action = ctx->param->action;
 	}
 	if(ctx->action != PX_ACTION_NONE &&
 	   (((ctx_actually_replaced(ctx)) || (ctx_actually_inserted(ctx)) || (ctx_actually_edited(ctx)) ||
-	   (ctx_actually_manipulate(ctx)) || ctx_actually_ran_script(ctx)) || (ctx->action == PX_ACTION_MONIT ||
+	   (ctx_actually_manipulate(ctx)) || ctx_actually_ran_script(ctx)) || (ctx->action == PX_ACTION_MONITOR ||
-	   	ctx->action == PX_ACTION_REJECT || ctx->action == PX_ACTION_WHITELIST)))
+	   	ctx->action == PX_ACTION_DENY || ctx->action == PX_ACTION_ALLOW)))
 	{
 		ret=proxy_send_log(g_proxy_rt->send_logger, &log_msg);
 		ATOMIC_ADD(&(g_proxy_rt->stat_val[STAT_LOG_NUM]), ret);
 		for(i=0; i< ctx->n_enforce; i++)
 		{
-			if(ctx->enforce_rules[i].action == PX_ACTION_MONIT)
+			if(ctx->enforce_rules[i].action == PX_ACTION_MONITOR)
 			{
 				ATOMIC_INC(&(g_proxy_rt->stat_val[STAT_ACTION_MONIT]));
 			}
--- a/plugin/business/tsg-http/src/tsg_logger.cpp
+++ b/plugin/business/tsg-http/src/tsg_logger.cpp
@@ -29,17 +29,18 @@ struct proxy_logger
 	struct cache_evbase_instance * log_file_upload_instance;
 };
-enum _log_action //Bigger action number is prior.
+enum _log_action
 {
-	LG_ACTION_NONE = 0x00,
+	LG_ACTION_NONE = 0,
-	LG_ACTION_MONIT = 0x01,
+	LG_ACTION_DENY = 1,
-	LG_ACTION_FORWARD = 0x02,    /* N/A */
+	LG_ACTION_ALLOW = 2,
-	LG_ACTION_REJECT = 0x10,
+	LG_ACTION_MONITOR = 3,
-	LG_ACTION_DROP = 0x20,    /* N/A */
+	LG_ACTION_REDIRECT = 4,
-	LG_ACTION_MANIPULATE = 0x30,
+	LG_ACTION_REPLACE = 5,
-	LG_ACTION_RATELIMIT = 0x40,    /* N/A */
+	LG_ACTION_HIJACK = 6,
-	LG_ACTION_WHITELIST = 0x60,
+	LG_ACTION_REJECT = 7,
-	LG_ACTION_SHUNT = 0x80,
+	LG_ACTION_EDIT_ELEMENT = 8,
 	LG_ACTION_RUN_SCRIPT = 9,
 	__LG_ACTION_MAX
 };
@@ -213,13 +214,7 @@ int proxy_send_log(struct proxy_logger* handle, const struct proxy_log* log_msg)
 	char dst_ip_str[MAX(INET6_ADDRSTRLEN,INET_ADDRSTRLEN)] = {0};
 	const char *app_proto[]= {"unkonw","http1", "http2"};
-
+	const char *manipulate_action_map[]= {"none","deny","allow","monitor","redirect","replace","hijack","inject","edit_element","run_script"};
 	const char *manipulate_action_map[]= {"redirect","block","replace","hijack","insert","edit_element","run_script"};
 	const char *panggu_action_map[__LG_ACTION_MAX];
 	panggu_action_map[LG_ACTION_MONIT]="monitor";
 	panggu_action_map[LG_ACTION_REJECT]="deny";
 	panggu_action_map[LG_ACTION_WHITELIST]="allow";
 	struct json_spec req_fields[]={	{"http_cookie", TFE_HTTP_COOKIE},
 									{"http_referer", TFE_HTTP_REFERER},
@@ -359,7 +354,7 @@ int proxy_send_log(struct proxy_logger* handle, const struct proxy_log* log_msg)
 	char *monit_config_id[16]={0};
 	for(size_t i=0; i<log_msg->result_num; i++)
 	{
-		if(log_msg->result[i].action == LG_ACTION_MONIT)
+		if(log_msg->result[i].action == LG_ACTION_MONITOR)
 		{
 			monit_config_id[j]=log_msg->result[i].config_uuid_string;
 			j++;
@@ -379,7 +374,7 @@ int proxy_send_log(struct proxy_logger* handle, const struct proxy_log* log_msg)
 			continue;
 		}
-		if(log_msg->result[i].action == LG_ACTION_MONIT && enable_monit==1)
+		if(log_msg->result[i].action == LG_ACTION_MONITOR && enable_monit==1)
 		{
 			continue;
 		}
@@ -387,7 +382,7 @@ int proxy_send_log(struct proxy_logger* handle, const struct proxy_log* log_msg)
 		cJSON *proxy_rule_list=NULL;
 		char *config_id[1]={0};
 		per_hit_obj=cJSON_Duplicate(common_obj, 1);
-		if(log_msg->result[i].action == LG_ACTION_MONIT)
+		if(log_msg->result[i].action == LG_ACTION_MONITOR)
 		{
 			proxy_rule_list = cJSON_CreateStringArray((const char **)monit_config_id, j);
 			enable_monit=1;
@@ -399,16 +394,8 @@ int proxy_send_log(struct proxy_logger* handle, const struct proxy_log* log_msg)
 		}
 		cJSON_AddItemToObject(per_hit_obj, "proxy_rule_list", proxy_rule_list);
 		cJSON_AddNumberToObject(per_hit_obj, "vsys_id", log_msg->result[i].vsys_id);
-		if(log_msg->result[i].action == LG_ACTION_MANIPULATE)
+		cJSON_AddStringToObject(per_hit_obj, "proxy_action", manipulate_action_map[log_msg->result[i].action]);
 		{
 			cJSON_AddStringToObject(per_hit_obj, "proxy_action", manipulate_action_map[log_msg->action]);
 		cJSON_AddNumberToObject(per_hit_obj, "http_action_file_size", log_msg->inject_sz);
 		}
 		else
 		{
 			cJSON_AddStringToObject(per_hit_obj, "proxy_action", panggu_action_map[(unsigned char)(log_msg->result[i].action)]);
 		}
 		log_payload = cJSON_PrintUnformatted(per_hit_obj);
 		TFE_LOG_DEBUG(handle->local_logger, "%s", log_payload);