gfwleak/tango-tfe
Archived
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

TSG-22093 Manipulation支持Library Tag相关策略的扫描与日志发送

Browse Source
This commit is contained in:
fengweihao
2024-08-16 11:57:20 +08:00
parent 88e6b0ae9b
commit c2c20d3310
9 changed files with 585 additions and 714 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
common/include/tfe_resource.h
View File

@@ -22,16 +22,6 @@ enum scan_common_table
PXY_CTRL_INTERNAL_PORT,
PXY_CTRL_EXTERNAL_PORT,
PXY_CTRL_IP_PROTOCOL,
PXY_CTRL_SOURCE_ASN,
PXY_CTRL_DESTINATION_ASN,
PXY_CTRL_SOURCE_GEO_COUNTRY,
PXY_CTRL_SOURCE_GEO_SUPER_ADMINISTRATIVE_AREA,
PXY_CTRL_SOURCE_GEO_ADMINISTRATIVE_AREA,
PXY_CTRL_SOURCE_GEO_SUB_ADMINISTRATIVE_AREA,
PXY_CTRL_DESTINATION_GEO_COUNTRY,
PXY_CTRL_DESTINATION_GEO_SUPER_ADMINISTRATIVE_AREA,
PXY_CTRL_DESTINATION_GEO_ADMINISTRATIVE_AREA,
PXY_CTRL_DESTINATION_GEO_SUB_ADMINISTRATIVE_AREA,
PXY_CTRL_SUBSCRIBER_ID,
PXY_CTRL_APP_ID_DICT,
__SCAN_COMMON_TABLE_MAX

7
common/include/tfe_scan.h
View File

@@ -3,10 +3,9 @@
#include <tfe_stream.h>
#define MAX_SCAN_RESULT 16
int tfe_scan_subscribe_id(const struct tfe_stream *stream, long long *result, struct maat_state *scan_mid,
int hit_cnt, void *logger);
int tfe_scan_ip_asn(const struct tfe_stream *stream, long long *result, struct maat_state *scan_mid, int hit_cnt, void *logger);
int tfe_scan_ip_location(const struct tfe_stream *stream, long long *result, struct maat_state *scan_mid, int hit_cnt, void *logger);
int tfe_scan_subscribe_id(const struct tfe_stream *stream, long long *result, struct maat_state *scan_mid, int hit_cnt, void *logger);
int tfe_scan_ip_tags(const struct tfe_stream *stream, long long *result, struct maat_state *scan_mid, int hit_cnt, void *logger);
int tfe_scan_fqdn_tags(const struct tfe_stream *stream, long long *result, struct maat_state *scan_mid, int hit_cnt, int table_id, void *logger);
int tfe_scan_app_id(long long *result, struct maat_state *scan_mid, int hit_cnt, long long app_id, int table_id);
int tfe_scan_ipv4_addr(const struct tfe_stream *stream, long long *result, struct maat_state *scan_mid, int hit_cnt, struct ipaddr sapp_addr);
int tfe_scan_ipv6_addr(const struct tfe_stream *stream, long long *result, struct maat_state *scan_mid, int hit_cnt, struct ipaddr sapp_addr);

14
common/src/tfe_resource.cpp
View File

@@ -103,7 +103,7 @@ static struct maat *create_maat_feather(const char *instance_name, const char *p
{
struct maat *target=NULL;
int input_mode = 0, maat_stat_on = 0, maat_perf_on = 0;
int ret = 0, effect_interval = 60, log_level=0;
int ret = 0, effect_interval = 60, log_level=0, max_size_mb=0;
char table_info[TFE_STRING_MAX] = {0}, inc_cfg_dir[TFE_STRING_MAX] = {0}, ful_cfg_dir[TFE_STRING_MAX] = {0};
char redis_server[TFE_STRING_MAX] = {0};
char redis_port_range[TFE_STRING_MAX] = {0};
@@ -130,11 +130,13 @@ static struct maat *create_maat_feather(const char *instance_name, const char *p
MESA_load_profile_int_def(profile, section, "effect_interval_s", &(effect_interval), 60);
MESA_load_profile_int_def(profile, section, "deferred_load_on", &(deferred_load_on), 0);
MESA_load_profile_int_def(profile, section, "log_level", &(log_level), LOG_LEVEL_FATAL);
MESA_load_profile_int_def(profile, section, "log_max_size_mb", &(max_size_mb), 0);
effect_interval *= 1000; //convert s to ms
struct maat_options *opts = maat_options_new();
maat_options_set_logger(opts, "log/maat.log", (enum log_level)log_level);
//maat_options_set_log_file_max_size(opts, max_size_mb);
maat_options_set_instance_name(opts, instance_name);
maat_options_set_caller_thread_number(opts, max_thread);
switch (input_mode)
@@ -329,16 +331,6 @@ static int maat_common_table_init()
table_name[PXY_CTRL_INTERNAL_PORT] = "ATTR_INTERNAL_PORT";
table_name[PXY_CTRL_EXTERNAL_PORT] = "ATTR_EXTERNAL_PORT";
table_name[PXY_CTRL_IP_PROTOCOL] = "ATTR_IP_PROTOCOL";
table_name[PXY_CTRL_SOURCE_ASN] = "ATTR_SOURCE_ASN";
table_name[PXY_CTRL_DESTINATION_ASN]="ATTR_DESTINATION_ASN";
table_name[PXY_CTRL_SOURCE_GEO_COUNTRY]="ATTR_SOURCE_GEO_COUNTRY";
table_name[PXY_CTRL_SOURCE_GEO_SUPER_ADMINISTRATIVE_AREA]="ATTR_SOURCE_GEO_SUPER_ADMINISTRATIVE_AREA";
table_name[PXY_CTRL_SOURCE_GEO_ADMINISTRATIVE_AREA]="ATTR_SOURCE_GEO_ADMINISTRATIVE_AREA";
table_name[PXY_CTRL_SOURCE_GEO_SUB_ADMINISTRATIVE_AREA]="ATTR_SOURCE_GEO_SUB_ADMINISTRATIVE_AREA";
table_name[PXY_CTRL_DESTINATION_GEO_COUNTRY]="ATTR_DESTINATION_GEO_COUNTRY";
table_name[PXY_CTRL_DESTINATION_GEO_SUPER_ADMINISTRATIVE_AREA]="ATTR_DESTINATION_GEO_SUPER_ADMINISTRATIVE_AREA";
table_name[PXY_CTRL_DESTINATION_GEO_ADMINISTRATIVE_AREA]="ATTR_DESTINATION_GEO_ADMINISTRATIVE_AREA";
table_name[PXY_CTRL_DESTINATION_GEO_SUB_ADMINISTRATIVE_AREA]="ATTR_DESTINATION_GEO_SUB_ADMINISTRATIVE_AREA";
table_name[PXY_CTRL_SUBSCRIBER_ID] = "ATTR_SUBSCRIBER_ID";
table_name[PXY_CTRL_APP_ID_DICT] = "APP_ID_DICT";

876
common/src/tfe_scan.cpp
View File

@@ -3,6 +3,446 @@
#include <tfe_scan.h>
#include <MESA/stream.h>
static int scan_group(struct maat_hit_group hit_group, long long *result, struct maat_state *scan_mid, int hit_cnt, int table_id)
{
size_t n_hit_result=0;
int scan_ret=0, hit_cnt_group=0;
scan_ret = maat_scan_group(tfe_get_maat_handle(), table_id, &hit_group, 1,
result+hit_cnt+hit_cnt_group, MAX_SCAN_RESULT-hit_cnt-hit_cnt_group, &n_hit_result, scan_mid);
if(scan_ret == MAAT_SCAN_HIT)
{
hit_cnt_group+=n_hit_result;
}
scan_ret = maat_scan_not_logic(tfe_get_maat_handle(), table_id, result+hit_cnt+hit_cnt_group,
MAX_SCAN_RESULT-hit_cnt-hit_cnt_group, &n_hit_result, scan_mid);
if (scan_ret == MAAT_SCAN_HIT)
{
hit_cnt_group+=n_hit_result;
}
return hit_cnt_group;
}
int tfe_get_tags_id_array(char *tag_ids, long long *tag_id_array)
{
if(tag_ids==NULL)
{
return 0;
}
int n_tag_ids=0;
char *tag_ids_tmp = ALLOC(char, strlen(tag_ids)+1);
strcpy(tag_ids_tmp, tag_ids);
char *tag_ids_str=strtok(tag_ids_tmp, ",");
while(tag_ids_str!=NULL && n_tag_ids < 128)
{
tag_id_array[n_tag_ids++]=strtoll(tag_ids_str, NULL, 10);
tag_ids_str=strtok(NULL, ",");
}
FREE(&tag_ids_tmp);
return n_tag_ids;
}
static int get_route_dir(const struct tfe_stream * stream)
{
uint16_t out_size;
unsigned int route_dir; int ret=0;
struct tfe_cmsg *cmsg = tfe_stream_get0_cmsg(stream);
if (cmsg != NULL)
{
ret = tfe_cmsg_get_value(cmsg, TFE_CMSG_COMMON_DIRECTION, (unsigned char *)&route_dir, sizeof(route_dir), &out_size);
if (ret != 0)
{
return ret;
}
}
return (route_dir==69) ? 1 : 0;
}
int get_table_id(const struct tfe_stream *stream, enum scan_common_table table_type)
{
int table_id = 0, c2s = 0;
int dir_is_e2i = get_route_dir(stream);
if (table_type == PXY_CTRL_SOURCE_IP || table_type == PXY_CTRL_DESTINATION_IP || table_type == PXY_CTRL_SOURCE_PORT || table_type == PXY_CTRL_DESTINATION_PORT)
{
c2s = (table_type == PXY_CTRL_SOURCE_IP || table_type == PXY_CTRL_SOURCE_PORT) ? 1 : 0;
if(table_type == PXY_CTRL_SOURCE_IP || table_type == PXY_CTRL_DESTINATION_IP)
{
table_id = (c2s == dir_is_e2i) ? tfe_bussiness_tableid_get(PXY_CTRL_INTERNAL_IP) : tfe_bussiness_tableid_get(PXY_CTRL_EXTERNAL_IP);
}
if(table_type == PXY_CTRL_SOURCE_PORT || table_type == PXY_CTRL_DESTINATION_PORT)
{
table_id = (c2s == dir_is_e2i) ? tfe_bussiness_tableid_get(PXY_CTRL_INTERNAL_PORT) : tfe_bussiness_tableid_get(PXY_CTRL_EXTERNAL_PORT);
}
}
return table_id;
}
int tfe_scan_internal_exteral_by_last_group(const struct tfe_stream *stream, long long *result, struct maat_state *scan_mid, int hit_cnt, enum scan_common_table table_type)
{
size_t array_size=256, n_hit_result = 0;
int hit_cnt_group = 0, scan_ret = 0, table_id = 0;
struct maat_hit_group last_hit_groups[256] = {0};
table_id = get_table_id(stream, table_type);
if(table_id <= 0)
{
return hit_cnt_group;
}
size_t n_last_hit_group = maat_state_get_last_hit_group_cnt(scan_mid);
if(n_last_hit_group > 0)
{
maat_state_get_last_hit_groups(scan_mid, last_hit_groups, array_size);
scan_ret = maat_scan_group(tfe_get_maat_handle(), table_id, last_hit_groups, array_size, result+hit_cnt+hit_cnt_group,
MAX_SCAN_RESULT-hit_cnt-hit_cnt_group, &n_hit_result, scan_mid);
if(scan_ret == MAAT_SCAN_HIT)
{
hit_cnt_group += n_hit_result;
}
scan_ret = maat_scan_not_logic(tfe_get_maat_handle(), table_id,
result+hit_cnt+hit_cnt_group, MAX_SCAN_RESULT-hit_cnt-hit_cnt_group, &n_hit_result, scan_mid);
if (scan_ret == MAAT_SCAN_HIT)
{
hit_cnt_group += n_hit_result;
}
}
return hit_cnt_group;
}
/**for Provisional compilation definitions**/
#define TFE_CMSG_FQDN_TAGS_ID_STR 60 /*1,2,3,4,5*/
#define TFE_CMSG_SRC_TAGS_ID_STR 61 /*11,12,13,14*/
#define TFE_CMSG_DST_TAGS_ID_STR 62 /*6,7,8,9,10*/
#define TFE_CMSG_FQDN_TAGS_LOG_STR 63 /*"Category Name:Search Engines, Cloude Provider:aws, CDN Provider:aws, category_name: ab"*/
#define TFE_CMSG_SRC_TAGS_LOG_STR 64 /*"administrative_area:Singapore, country:Singapore", CDN Provider:Light CDN*/
#define TFE_CMSG_DST_TAGS_LOG_STR 65 /*"ASN:55967, CDN Provider:Light CDN, country:Hong Kong"*/
int tfe_scan_ip_tags(const struct tfe_stream *stream, long long *result, struct maat_state *scan_mid, int hit_cnt, void *logger)
{
size_t n_hit_result = 0;
long long tag_id_array[128]={0};
int scan_ret = 0, hit_cnt_ip = 0, n_tag_ids = 0;
struct tfe_cmsg *cmsg = tfe_stream_get0_cmsg(stream);
if(cmsg == NULL)
{
return hit_cnt_ip;
}
char opt_val[128]={0}; uint16_t opt_out_size = 0;
int ret = tfe_cmsg_get_value(cmsg, (enum tfe_cmsg_tlv_type)TFE_CMSG_SRC_TAGS_ID_STR, (unsigned char *)opt_val, sizeof(opt_val), &opt_out_size);
if(ret == 0)
{
n_tag_ids = tfe_get_tags_id_array(opt_val, tag_id_array);
if(n_tag_ids == 0)
{
return hit_cnt_ip;
}
}
TFE_LOG_DEBUG(logger, "fetch src ip tags: %s", opt_val);
struct maat_hit_group hit_group;
for (int i = 0; i < n_tag_ids; i++)
{
memset(&hit_group, 0, sizeof(hit_group));
hit_group.group_id=tag_id_array[i];
scan_ret = maat_scan_group(tfe_get_maat_handle(), tfe_bussiness_tableid_get(PXY_CTRL_SOURCE_IP), &hit_group, 1, result+hit_cnt+hit_cnt_ip,
MAX_SCAN_RESULT-hit_cnt-hit_cnt_ip, &n_hit_result, scan_mid);
if(scan_ret==MAAT_SCAN_HIT)
{
TFE_LOG_INFO(logger, "Scan Src TAGS, Hit scan ret: %d policy_id: %lld addr: %s", scan_ret, result[hit_cnt + hit_cnt_ip], stream->str_stream_info);
hit_cnt_ip += scan_ret;
}
else
{
TFE_LOG_INFO(logger, "Scan Src TAGS, NO hit scan ret: %d addr: %s", scan_ret, stream->str_stream_info);
}
scan_ret = tfe_scan_internal_exteral_by_last_group(stream, result, scan_mid, hit_cnt, PXY_CTRL_SOURCE_IP);
if(scan_ret > 0)
{
hit_cnt_ip += scan_ret;
}
}
n_tag_ids=0;
memset(tag_id_array, 0, sizeof(tag_id_array));
ret = tfe_cmsg_get_value(cmsg, (enum tfe_cmsg_tlv_type)TFE_CMSG_DST_TAGS_ID_STR, (unsigned char *)opt_val, sizeof(opt_val), &opt_out_size);
if(ret == 0)
{
n_tag_ids = tfe_get_tags_id_array(opt_val, tag_id_array);
if(n_tag_ids == 0)
{
return hit_cnt_ip;
}
}
TFE_LOG_DEBUG(logger, "fetch dst ip tags: %s", opt_val);
for (int i = 0; i < n_tag_ids; i++)
{
memset(&hit_group, 0, sizeof(hit_group));
hit_group.group_id=tag_id_array[i];
scan_ret = maat_scan_group(tfe_get_maat_handle(), tfe_bussiness_tableid_get(PXY_CTRL_DESTINATION_IP), &hit_group, 1, result+hit_cnt+hit_cnt_ip,
MAX_SCAN_RESULT-hit_cnt-hit_cnt_ip, &n_hit_result, scan_mid);
if(scan_ret==MAAT_SCAN_HIT)
{
TFE_LOG_INFO(logger, "Scan Dst TAGS, Hit scan ret: %d policy_id: %lld addr: %s", scan_ret, result[hit_cnt + hit_cnt_ip], stream->str_stream_info);
hit_cnt_ip += scan_ret;
}
else
{
TFE_LOG_INFO(logger, "Scan Dst TAGS, NO hit scan ret: %d addr: %s", scan_ret, stream->str_stream_info);
}
scan_ret = tfe_scan_internal_exteral_by_last_group(stream, result, scan_mid, hit_cnt, PXY_CTRL_DESTINATION_IP);
if(scan_ret > 0)
{
hit_cnt_ip += scan_ret;
}
}
return hit_cnt_ip;
}
int tfe_scan_fqdn_tags(const struct tfe_stream *stream, long long *result, struct maat_state *scan_mid, int hit_cnt, int table_id, void *logger)
{
long long tag_id_array[128]={0};
int scan_ret = 0, hit_cnt_fqdn = 0, n_tag_ids = 0;
struct tfe_cmsg *cmsg = tfe_stream_get0_cmsg(stream);
if(cmsg == NULL)
{
return hit_cnt_fqdn;
}
char opt_val[128]={0}; uint16_t opt_out_size = 0;
int ret = tfe_cmsg_get_value(cmsg, (enum tfe_cmsg_tlv_type)TFE_CMSG_FQDN_TAGS_ID_STR, (unsigned char *)opt_val, sizeof(opt_val), &opt_out_size);
if(ret == 0)
{
n_tag_ids = tfe_get_tags_id_array(opt_val, tag_id_array);
if(n_tag_ids == 0)
{
return hit_cnt_fqdn;
}
}
TFE_LOG_DEBUG(logger, "fetch fqdn tags: %s", opt_val);
struct maat_hit_group hit_group;
for (int i = 0; i < n_tag_ids; i++)
{
memset(&hit_group, 0, sizeof(hit_group));
hit_group.group_id=tag_id_array[i];
scan_ret = scan_group(hit_group, result, scan_mid, hit_cnt, table_id);
if (scan_ret > 0)
{
TFE_LOG_INFO(logger, "Scan Fqdn TAGS, Hit scan ret: %d policy_id: %lld addr: %s", scan_ret, result[hit_cnt + hit_cnt_fqdn], stream->str_stream_info);
hit_cnt_fqdn += scan_ret;
}
else
{
TFE_LOG_INFO(logger, "Scan Fqdn TAGS, NO hit scan ret: %d addr: %s", scan_ret, stream->str_stream_info);
}
}
return hit_cnt_fqdn;
}
int tfe_scan_app_id(long long *result, struct maat_state *scan_mid, int hit_cnt, long long app_id, int table_id)
{
int scan_ret = 0;
int hit_app_id = 0;
size_t n_hit_result = 0;
struct maat_hit_group hit_group;
struct app_id_dict *app_dict = (struct app_id_dict*)maat_plugin_table_get_ex_data(tfe_get_maat_handle(), tfe_bussiness_tableid_get(PXY_CTRL_APP_ID_DICT),
(const char *)&app_id, sizeof(long long));
if(app_dict!=NULL)
{
memset(&hit_group, 0, sizeof(hit_group));
hit_group.group_id=app_dict->group_id;
scan_ret = maat_scan_group(tfe_get_maat_handle(), table_id, &hit_group, 1, result+hit_cnt+hit_app_id,
MAX_SCAN_RESULT-hit_cnt-hit_app_id, &n_hit_result, scan_mid);
if(scan_ret==MAAT_SCAN_HIT)
{
hit_app_id += n_hit_result;
}
scan_ret = maat_scan_not_logic(tfe_get_maat_handle(), table_id, result+hit_cnt+hit_app_id, MAX_SCAN_RESULT-hit_cnt-hit_app_id, &n_hit_result, scan_mid);
if (scan_ret == MAAT_SCAN_HIT)
{
hit_app_id += n_hit_result;
}
app_id_dict_free(app_dict);
}
return hit_app_id;
}
int tfe_scan_port(const struct tfe_stream *stream, long long *result, struct maat_state *scan_mid, int hit_cnt, uint16_t source, uint16_t dest)
{
int scan_ret = 0;
int hit_cnt_port = 0;
size_t n_hit_result = 0;
scan_ret=maat_scan_integer(tfe_get_maat_handle(), tfe_bussiness_tableid_get(PXY_CTRL_SOURCE_PORT), ntohs(source),
result+hit_cnt+hit_cnt_port, MAX_SCAN_RESULT-hit_cnt-hit_cnt_port, &n_hit_result, scan_mid);
if(scan_ret == MAAT_SCAN_HIT)
{
hit_cnt_port+=n_hit_result;
}
scan_ret = tfe_scan_internal_exteral_by_last_group(stream, result, scan_mid, hit_cnt, PXY_CTRL_SOURCE_PORT);
if(scan_ret > 0)
{
hit_cnt_port+=scan_ret;
}
scan_ret = maat_scan_not_logic(tfe_get_maat_handle(), tfe_bussiness_tableid_get(PXY_CTRL_SOURCE_PORT),
result+hit_cnt+hit_cnt_port, MAX_SCAN_RESULT-hit_cnt-hit_cnt_port, &n_hit_result, scan_mid);
if (scan_ret == MAAT_SCAN_HIT)
{
hit_cnt_port+=n_hit_result;
}
scan_ret=maat_scan_integer(tfe_get_maat_handle(), tfe_bussiness_tableid_get(PXY_CTRL_DESTINATION_PORT), ntohs(dest),
result+hit_cnt+hit_cnt_port, MAX_SCAN_RESULT-hit_cnt-hit_cnt_port, &n_hit_result, scan_mid);
if(scan_ret == MAAT_SCAN_HIT)
{
hit_cnt_port+=n_hit_result;
}
scan_ret = tfe_scan_internal_exteral_by_last_group(stream, result, scan_mid, hit_cnt, PXY_CTRL_DESTINATION_PORT);
if(scan_ret > 0)
{
hit_cnt_port+=scan_ret;
}
scan_ret = maat_scan_not_logic(tfe_get_maat_handle(), tfe_bussiness_tableid_get(PXY_CTRL_DESTINATION_PORT),
result+hit_cnt+hit_cnt_port, MAX_SCAN_RESULT-hit_cnt-hit_cnt_port, &n_hit_result, scan_mid);
if (scan_ret == MAAT_SCAN_HIT)
{
hit_cnt_port+=n_hit_result;
}
return hit_cnt_port;
}
#define PROTOCOL_TCP_GROUP_ID 6
int tfe_scan_ipv4_addr(const struct tfe_stream *stream, long long *result, struct maat_state *scan_mid, int hit_cnt, struct ipaddr sapp_addr)
{
int scan_ret = 0;
int hit_cnt_ip = 0;
size_t n_hit_result = 0;
struct maat_hit_group hit_group;
memset(&hit_group, 0, sizeof(hit_group));
hit_group.group_id=PROTOCOL_TCP_GROUP_ID;
scan_ret = maat_scan_group(tfe_get_maat_handle(), tfe_bussiness_tableid_get(PXY_CTRL_IP_PROTOCOL), &hit_group, 1,
result+hit_cnt+hit_cnt_ip, MAX_SCAN_RESULT-hit_cnt-hit_cnt_ip, &n_hit_result, scan_mid);
if(scan_ret==MAAT_SCAN_HIT)
{
hit_cnt_ip += n_hit_result;
}
scan_ret = maat_scan_not_logic(tfe_get_maat_handle(), tfe_bussiness_tableid_get(PXY_CTRL_IP_PROTOCOL),
result+hit_cnt+hit_cnt_ip, MAX_SCAN_RESULT-hit_cnt-hit_cnt_ip, &n_hit_result, scan_mid);
if (scan_ret == MAAT_SCAN_HIT)
{
hit_cnt_ip += n_hit_result;
}
scan_ret = maat_scan_ipv4_port(tfe_get_maat_handle(), tfe_bussiness_tableid_get(PXY_CTRL_SOURCE_IP), sapp_addr.v4->saddr, ntohs(sapp_addr.v4->source),
result+hit_cnt+hit_cnt_ip, MAX_SCAN_RESULT-hit_cnt-hit_cnt_ip, &n_hit_result, scan_mid);
if (scan_ret == MAAT_SCAN_HIT)
{
hit_cnt_ip += n_hit_result;
}
scan_ret = tfe_scan_internal_exteral_by_last_group(stream, result, scan_mid, hit_cnt, PXY_CTRL_SOURCE_IP);
if(scan_ret > 0)
{
hit_cnt_ip += scan_ret;
}
scan_ret = maat_scan_not_logic(tfe_get_maat_handle(), tfe_bussiness_tableid_get(PXY_CTRL_SOURCE_IP),
result+hit_cnt+hit_cnt_ip, MAX_SCAN_RESULT-hit_cnt-hit_cnt_ip, &n_hit_result, scan_mid);
if (scan_ret == MAAT_SCAN_HIT)
{
hit_cnt_ip += n_hit_result;
}
scan_ret = maat_scan_ipv4_port(tfe_get_maat_handle(), tfe_bussiness_tableid_get(PXY_CTRL_DESTINATION_IP), sapp_addr.v4->daddr, ntohs(sapp_addr.v4->dest),
result+hit_cnt+hit_cnt_ip, MAX_SCAN_RESULT-hit_cnt-hit_cnt_ip, &n_hit_result, scan_mid);
if(scan_ret == MAAT_SCAN_HIT)
{
hit_cnt_ip += n_hit_result;
}
scan_ret = tfe_scan_internal_exteral_by_last_group(stream, result, scan_mid, hit_cnt, PXY_CTRL_DESTINATION_IP);
if(scan_ret > 0)
{
hit_cnt_ip += scan_ret;
}
scan_ret = maat_scan_not_logic(tfe_get_maat_handle(), tfe_bussiness_tableid_get(PXY_CTRL_DESTINATION_IP),
result+hit_cnt+hit_cnt_ip, MAX_SCAN_RESULT-hit_cnt-hit_cnt_ip, &n_hit_result, scan_mid);
if (scan_ret == MAAT_SCAN_HIT)
{
hit_cnt_ip += n_hit_result;
}
return hit_cnt_ip;
}
int tfe_scan_ipv6_addr(const struct tfe_stream *stream, long long *result, struct maat_state *scan_mid, int hit_cnt, struct ipaddr sapp_addr)
{
int scan_ret = 0;
int hit_cnt_ip = 0;
size_t n_hit_result = 0;
struct maat_hit_group hit_group;
memset(&hit_group, 0, sizeof(hit_group));
hit_group.group_id=PROTOCOL_TCP_GROUP_ID;
scan_ret = maat_scan_group(tfe_get_maat_handle(), tfe_bussiness_tableid_get(PXY_CTRL_IP_PROTOCOL), &hit_group, 1,
result+hit_cnt+hit_cnt_ip, MAX_SCAN_RESULT-hit_cnt-hit_cnt_ip, &n_hit_result, scan_mid);
if(scan_ret==MAAT_SCAN_HIT)
{
hit_cnt_ip += n_hit_result;
}
scan_ret = maat_scan_not_logic(tfe_get_maat_handle(), tfe_bussiness_tableid_get(PXY_CTRL_IP_PROTOCOL),
result+hit_cnt+hit_cnt_ip, MAX_SCAN_RESULT-hit_cnt-hit_cnt_ip, &n_hit_result, scan_mid);
if (scan_ret == MAAT_SCAN_HIT)
{
hit_cnt_ip += n_hit_result;
}
scan_ret = maat_scan_ipv6_port(tfe_get_maat_handle(), tfe_bussiness_tableid_get(PXY_CTRL_SOURCE_IP), sapp_addr.v6->saddr, ntohs(sapp_addr.v6->source),
result+hit_cnt+hit_cnt_ip, MAX_SCAN_RESULT-hit_cnt-hit_cnt_ip, &n_hit_result, scan_mid);
if (scan_ret == MAAT_SCAN_HIT)
{
hit_cnt_ip += n_hit_result;
}
scan_ret = tfe_scan_internal_exteral_by_last_group(stream, result, scan_mid, hit_cnt, PXY_CTRL_SOURCE_IP);
if(scan_ret > 0)
{
hit_cnt_ip += scan_ret;
}
scan_ret = maat_scan_not_logic(tfe_get_maat_handle(), tfe_bussiness_tableid_get(PXY_CTRL_SOURCE_IP),
result+hit_cnt+hit_cnt_ip, MAX_SCAN_RESULT-hit_cnt-hit_cnt_ip, &n_hit_result, scan_mid);
if (scan_ret == MAAT_SCAN_HIT)
{
hit_cnt_ip += n_hit_result;
}
scan_ret = maat_scan_ipv6_port(tfe_get_maat_handle(), tfe_bussiness_tableid_get(PXY_CTRL_DESTINATION_IP), sapp_addr.v6->daddr, ntohs(sapp_addr.v6->dest),
result+hit_cnt+hit_cnt_ip, MAX_SCAN_RESULT-hit_cnt-hit_cnt_ip, &n_hit_result, scan_mid);
if (scan_ret == MAAT_SCAN_HIT)
{
hit_cnt_ip += n_hit_result;
}
scan_ret = tfe_scan_internal_exteral_by_last_group(stream, result, scan_mid, hit_cnt, PXY_CTRL_DESTINATION_IP);
if(scan_ret > 0)
{
hit_cnt_ip += scan_ret;
}
scan_ret = maat_scan_not_logic(tfe_get_maat_handle(), tfe_bussiness_tableid_get(PXY_CTRL_DESTINATION_IP),
result+hit_cnt+hit_cnt_ip, MAX_SCAN_RESULT-hit_cnt-hit_cnt_ip, &n_hit_result, scan_mid);
if (scan_ret == MAAT_SCAN_HIT)
{
hit_cnt_ip += n_hit_result;
}
return hit_cnt_ip;
}
int tfe_scan_subscribe_id(const struct tfe_stream *stream, long long *result, struct maat_state *scan_mid,
int hit_cnt, void *logger)
{
@@ -78,439 +518,3 @@ int tfe_scan_subscribe_id(const struct tfe_stream *stream, long long *result, st
return hit_cnt_ip;
}
static int scan_group(struct maat_hit_group hit_group, long long *result, struct maat_state *scan_mid, int hit_cnt, int table_id)
{
size_t n_hit_result=0;
int scan_ret=0, hit_cnt_group=0;
scan_ret = maat_scan_group(tfe_get_maat_handle(), table_id, &hit_group, 1,
result+hit_cnt+hit_cnt_group, MAX_SCAN_RESULT-hit_cnt-hit_cnt_group, &n_hit_result, scan_mid);
if(scan_ret == MAAT_SCAN_HIT)
{
hit_cnt_group+=n_hit_result;
}
scan_ret = maat_scan_not_logic(tfe_get_maat_handle(), table_id, result+hit_cnt+hit_cnt_group,
MAX_SCAN_RESULT-hit_cnt-hit_cnt_group, &n_hit_result, scan_mid);
if (scan_ret == MAAT_SCAN_HIT)
{
hit_cnt_group+=n_hit_result;
}
return hit_cnt_group;
}
int tfe_scan_ip_location(const struct tfe_stream *stream, long long *result, struct maat_state *scan_mid, int hit_cnt, void *logger)
{
int scan_ret = 0;
int hit_cnt_ip = 0;
uint16_t opt_out_size;
unsigned int i=0, group_id_num=0;
uint64_t group_id=0;
uint64_t group_id_val[TFE_SYMBOL_MAX] = {0};
struct tfe_cmsg *cmsg = tfe_stream_get0_cmsg(stream);
if(cmsg == NULL)
{
return hit_cnt_ip;
}
for(i=TFE_CMSG_SRC_REGION_ID; i <= TFE_CMSG_DST_SUBDIVISION_ID; i+=2)
{
scan_ret = tfe_cmsg_get_value(cmsg, (enum tfe_cmsg_tlv_type)i, (unsigned char *)&group_id, sizeof(group_id), &opt_out_size);
if (scan_ret == 0)
{
group_id_val[group_id_num] = group_id;
}
group_id_num++;
}
TFE_LOG_DEBUG(logger, "fetch src ip location region_id:%lu, province_id:%lu, city_id:%lu, subdivision_id:%lu, addr: %s", group_id_val[0], group_id_val[1], group_id_val[2],group_id_val[3], stream->str_stream_info);
struct maat_hit_group hit_group;
for (i = 0; i < group_id_num; i++)
{
memset(&hit_group, 0, sizeof(hit_group));
hit_group.group_id=group_id_val[i];
scan_ret = scan_group(hit_group, result, scan_mid, hit_cnt, tfe_bussiness_tableid_get((enum scan_common_table)(PXY_CTRL_SOURCE_GEO_COUNTRY+i)));
if (scan_ret > 0)
{
TFE_LOG_INFO(logger, "Scan SRC IP_LOCATION, Hit scan ret: %d policy_id: %lld addr: %s", scan_ret, result[hit_cnt + hit_cnt_ip], stream->str_stream_info);
hit_cnt_ip += scan_ret;
}
else
{
TFE_LOG_INFO(logger, "Scan SRC IP_LOCATION, NO hit scan ret: %d addr: %s", scan_ret, stream->str_stream_info);
}
}
group_id_num=0;
memset(group_id_val, 0, sizeof(group_id_val));
for(i=TFE_CMSG_DST_REGION_ID; i <= TFE_CMSG_DST_SUBDIVISION_ID; i+=2)
{
scan_ret = tfe_cmsg_get_value(cmsg, (enum tfe_cmsg_tlv_type)i, (unsigned char *)&group_id, sizeof(group_id), &opt_out_size);
if (scan_ret == 0)
{
group_id_val[group_id_num] = group_id;
}
group_id_num++;
}
TFE_LOG_DEBUG(logger, "fetch dst ip location region_id:%lu, province_id:%lu, city_id:%lu, subdivision_id:%lu, addr: %s", group_id_val[0], group_id_val[1], group_id_val[2],group_id_val[3], stream->str_stream_info);
for (i = 0; i < group_id_num; i++)
{
memset(&hit_group, 0, sizeof(hit_group));
hit_group.group_id=group_id_val[i];
scan_ret = scan_group(hit_group, result, scan_mid, hit_cnt, tfe_bussiness_tableid_get((enum scan_common_table)(PXY_CTRL_DESTINATION_GEO_COUNTRY+i)));
if (scan_ret > 0)
{
TFE_LOG_INFO(logger, "Scan IP_LOCATION, Hit scan ret: %d policy_id: %lld addr: %s", scan_ret, result[hit_cnt + hit_cnt_ip], stream->str_stream_info);
hit_cnt_ip += scan_ret;
}
else
{
TFE_LOG_INFO(logger, "Scan IP_LOCATION, NO hit scan ret: %d addr: %s", scan_ret, stream->str_stream_info);
}
}
return hit_cnt_ip;
}
int tfe_scan_ip_asn(const struct tfe_stream *stream, long long *result, struct maat_state *scan_mid, int hit_cnt, void *logger)
{
int scan_ret = 0;
int hit_cnt_ip = 0;
size_t n_hit_result = 0;
uint16_t opt_out_size;
uint64_t src_asn_group_id=0, dst_asn_group_id=0;
struct tfe_cmsg *cmsg = tfe_stream_get0_cmsg(stream);
if (cmsg != NULL)
{
scan_ret = tfe_cmsg_get_value(cmsg, TFE_CMSG_SRC_ASN_ID, (unsigned char *)&src_asn_group_id, sizeof(src_asn_group_id), &opt_out_size);
if (scan_ret != 0)
{
TFE_LOG_ERROR(logger, "fetch src asn from cmsg failed, ret: %d addr: %s", scan_ret, stream->str_stream_info);
}
scan_ret = tfe_cmsg_get_value(cmsg, TFE_CMSG_DST_ASN_ID, (unsigned char *)&dst_asn_group_id, sizeof(dst_asn_group_id), &opt_out_size);
if (scan_ret != 0)
{
TFE_LOG_ERROR(logger, "fetch dst asn from cmsg failed, ret: %d addr: %s", scan_ret, stream->str_stream_info);
}
}
TFE_LOG_DEBUG(logger, "fetch src asn:%lu; dst asn:%lu addr: %s", src_asn_group_id, dst_asn_group_id, stream->str_stream_info);
struct maat_hit_group hit_group;
if (dst_asn_group_id > 0)
{
memset(&hit_group, 0, sizeof(hit_group));
hit_group.group_id=dst_asn_group_id;
scan_ret = scan_group(hit_group, result, scan_mid, hit_cnt+hit_cnt_ip, tfe_bussiness_tableid_get(PXY_CTRL_DESTINATION_ASN));
if (scan_ret > 0)
{
TFE_LOG_INFO(logger, "Scan ATTR_DESTINATION_ASN, Hit asn: %lu scan ret: %d policy_id: %lld addr: %s",
dst_asn_group_id, scan_ret, result[hit_cnt + hit_cnt_ip], stream->str_stream_info);
hit_cnt_ip += n_hit_result;
}
else
{
TFE_LOG_INFO(logger, "Scan ATTR_DESTINATION_ASN, NO hit asn: %lu scan ret: %d addr: %s",
dst_asn_group_id, scan_ret, stream->str_stream_info);
}
}
if(src_asn_group_id > 0)
{
memset(&hit_group, 0, sizeof(hit_group));
hit_group.group_id=src_asn_group_id;
scan_ret = scan_group(hit_group, result, scan_mid, hit_cnt+hit_cnt_ip, tfe_bussiness_tableid_get(PXY_CTRL_SOURCE_ASN));
if(scan_ret > 0)
{
TFE_LOG_INFO(logger, "Scan ATTR_SOURCE_ASN, Hit asn: %lu scan ret: %d policy_id: %lld addr: %s",
src_asn_group_id, scan_ret, result[hit_cnt + hit_cnt_ip], stream->str_stream_info);
hit_cnt_ip += n_hit_result;
}
else
{
TFE_LOG_INFO(logger, "Scan ATTR_SOURCE_ASN, NO hit asn: %lu scan ret: %d addr: %s",
src_asn_group_id, scan_ret, stream->str_stream_info);
}
}
return hit_cnt_ip;
}
int tfe_scan_app_id(long long *result, struct maat_state *scan_mid, int hit_cnt, long long app_id, int table_id)
{
int scan_ret = 0;
int hit_app_id = 0;
size_t n_hit_result = 0;
struct maat_hit_group hit_group;
struct app_id_dict *app_dict = (struct app_id_dict*)maat_plugin_table_get_ex_data(tfe_get_maat_handle(), tfe_bussiness_tableid_get(PXY_CTRL_APP_ID_DICT),
(const char *)&app_id, sizeof(long long));
if(app_dict!=NULL)
{
memset(&hit_group, 0, sizeof(hit_group));
hit_group.group_id=app_dict->group_id;
scan_ret = maat_scan_group(tfe_get_maat_handle(), table_id, &hit_group, 1, result+hit_cnt+hit_app_id,
MAX_SCAN_RESULT-hit_cnt-hit_app_id, &n_hit_result, scan_mid);
if(scan_ret==MAAT_SCAN_HIT)
{
hit_app_id += n_hit_result;
}
scan_ret = maat_scan_not_logic(tfe_get_maat_handle(), table_id, result+hit_cnt+hit_app_id, MAX_SCAN_RESULT-hit_cnt-hit_app_id, &n_hit_result, scan_mid);
if (scan_ret == MAAT_SCAN_HIT)
{
hit_app_id += n_hit_result;
}
app_id_dict_free(app_dict);
}
return hit_app_id;
}
static int get_route_dir(const struct tfe_stream * stream)
{
uint16_t out_size;
unsigned int route_dir; int ret=0;
struct tfe_cmsg *cmsg = tfe_stream_get0_cmsg(stream);
if (cmsg != NULL)
{
ret = tfe_cmsg_get_value(cmsg, TFE_CMSG_COMMON_DIRECTION, (unsigned char *)&route_dir, sizeof(route_dir), &out_size);
if (ret != 0)
{
return ret;
}
}
return (route_dir==69) ? 1 : 0;
}
int tfe_scan_internal_exteral_addr(const struct tfe_stream *stream, long long *result, struct maat_state *scan_mid, int hit_cnt, int c2s)
{
int scan_ret = 0;
int table_id=0;
int hit_cnt_ip = 0;
size_t array_size=256;
size_t n_hit_result = 0;
struct maat_hit_group last_hit_groups[256] = {0};
int dir_is_e2i = get_route_dir(stream);
if(c2s == 1) table_id = (dir_is_e2i == 1) ? tfe_bussiness_tableid_get(PXY_CTRL_INTERNAL_IP) : tfe_bussiness_tableid_get(PXY_CTRL_EXTERNAL_IP);
if(c2s == 0) table_id = (dir_is_e2i == 0) ? tfe_bussiness_tableid_get(PXY_CTRL_INTERNAL_IP) : tfe_bussiness_tableid_get(PXY_CTRL_EXTERNAL_IP);
size_t n_last_hit_group = maat_state_get_last_hit_group_cnt(scan_mid);
if(n_last_hit_group > 0)
{
maat_state_get_last_hit_groups(scan_mid, last_hit_groups, array_size);
scan_ret = maat_scan_group(tfe_get_maat_handle(), table_id, last_hit_groups, array_size, result+hit_cnt+hit_cnt_ip,
MAX_SCAN_RESULT-hit_cnt-hit_cnt_ip, &n_hit_result, scan_mid);
if(scan_ret == MAAT_SCAN_HIT)
{
hit_cnt_ip += n_hit_result;
}
scan_ret = maat_scan_not_logic(tfe_get_maat_handle(), table_id,
result+hit_cnt+hit_cnt_ip, MAX_SCAN_RESULT-hit_cnt-hit_cnt_ip, &n_hit_result, scan_mid);
if (scan_ret == MAAT_SCAN_HIT)
{
hit_cnt_ip += n_hit_result;
}
}
return hit_cnt_ip;
}
int tfe_scan_internal_exteral_port(const struct tfe_stream *stream, long long *result, struct maat_state *scan_mid, int hit_cnt, int c2s)
{
int scan_ret = 0;
int table_id=0;
int hit_cnt_port = 0;
size_t array_size=256;
size_t n_hit_result = 0;
struct maat_hit_group last_hit_groups[256] = {0};
int dir_is_e2i = get_route_dir(stream);
if(c2s == 1) table_id = (dir_is_e2i == 1) ? tfe_bussiness_tableid_get(PXY_CTRL_INTERNAL_PORT) : tfe_bussiness_tableid_get(PXY_CTRL_EXTERNAL_PORT);
if(c2s == 0) table_id = (dir_is_e2i == 0) ? tfe_bussiness_tableid_get(PXY_CTRL_INTERNAL_PORT) : tfe_bussiness_tableid_get(PXY_CTRL_EXTERNAL_PORT);
size_t n_last_hit_group = maat_state_get_last_hit_group_cnt(scan_mid);
if(n_last_hit_group > 0)
{
maat_state_get_last_hit_groups(scan_mid, last_hit_groups, array_size);
scan_ret = maat_scan_group(tfe_get_maat_handle(), table_id, last_hit_groups, array_size, result+hit_cnt+hit_cnt_port,
MAX_SCAN_RESULT-hit_cnt-hit_cnt_port, &n_hit_result, scan_mid);
if(scan_ret == MAAT_SCAN_HIT)
{
hit_cnt_port += n_hit_result;
}
scan_ret = maat_scan_not_logic(tfe_get_maat_handle(), table_id,
result+hit_cnt+hit_cnt_port, MAX_SCAN_RESULT-hit_cnt-hit_cnt_port, &n_hit_result, scan_mid);
if (scan_ret == MAAT_SCAN_HIT)
{
hit_cnt_port += n_hit_result;
}
}
return hit_cnt_port;
}
int tfe_scan_port(const struct tfe_stream *stream, long long *result, struct maat_state *scan_mid, int hit_cnt, uint16_t source, uint16_t dest)
{
int scan_ret = 0;
int hit_cnt_port = 0;
size_t n_hit_result = 0;
scan_ret=maat_scan_integer(tfe_get_maat_handle(), tfe_bussiness_tableid_get(PXY_CTRL_SOURCE_PORT), ntohs(source),
result+hit_cnt+hit_cnt_port, MAX_SCAN_RESULT-hit_cnt-hit_cnt_port, &n_hit_result, scan_mid);
if(scan_ret == MAAT_SCAN_HIT)
{
hit_cnt_port+=n_hit_result;
}
scan_ret = tfe_scan_internal_exteral_port(stream, result, scan_mid, hit_cnt, 1);
if(scan_ret > 0)
{
hit_cnt_port+=scan_ret;
}
scan_ret = maat_scan_not_logic(tfe_get_maat_handle(), tfe_bussiness_tableid_get(PXY_CTRL_SOURCE_PORT),
result+hit_cnt+hit_cnt_port, MAX_SCAN_RESULT-hit_cnt-hit_cnt_port, &n_hit_result, scan_mid);
if (scan_ret == MAAT_SCAN_HIT)
{
hit_cnt_port+=n_hit_result;
}
scan_ret=maat_scan_integer(tfe_get_maat_handle(), tfe_bussiness_tableid_get(PXY_CTRL_DESTINATION_PORT), ntohs(dest),
result+hit_cnt+hit_cnt_port, MAX_SCAN_RESULT-hit_cnt-hit_cnt_port, &n_hit_result, scan_mid);
if(scan_ret == MAAT_SCAN_HIT)
{
hit_cnt_port+=n_hit_result;
}
scan_ret = tfe_scan_internal_exteral_port(stream, result, scan_mid, hit_cnt, 0);
if(scan_ret > 0)
{
hit_cnt_port+=scan_ret;
}
scan_ret = maat_scan_not_logic(tfe_get_maat_handle(), tfe_bussiness_tableid_get(PXY_CTRL_DESTINATION_PORT),
result+hit_cnt+hit_cnt_port, MAX_SCAN_RESULT-hit_cnt-hit_cnt_port, &n_hit_result, scan_mid);
if (scan_ret == MAAT_SCAN_HIT)
{
hit_cnt_port+=n_hit_result;
}
return hit_cnt_port;
}
#define PROTOCOL_TCP_GROUP_ID 6
int tfe_scan_ipv4_addr(const struct tfe_stream *stream, long long *result, struct maat_state *scan_mid, int hit_cnt, struct ipaddr sapp_addr)
{
int scan_ret = 0;
int hit_cnt_ip = 0;
size_t n_hit_result = 0;
struct maat_hit_group hit_group;
memset(&hit_group, 0, sizeof(hit_group));
hit_group.group_id=PROTOCOL_TCP_GROUP_ID;
scan_ret = maat_scan_group(tfe_get_maat_handle(), tfe_bussiness_tableid_get(PXY_CTRL_IP_PROTOCOL), &hit_group, 1,
result+hit_cnt+hit_cnt_ip, MAX_SCAN_RESULT-hit_cnt-hit_cnt_ip, &n_hit_result, scan_mid);
if(scan_ret==MAAT_SCAN_HIT)
{
hit_cnt_ip += n_hit_result;
}
scan_ret = maat_scan_not_logic(tfe_get_maat_handle(), tfe_bussiness_tableid_get(PXY_CTRL_IP_PROTOCOL),
result+hit_cnt+hit_cnt_ip, MAX_SCAN_RESULT-hit_cnt-hit_cnt_ip, &n_hit_result, scan_mid);
if (scan_ret == MAAT_SCAN_HIT)
{
hit_cnt_ip += n_hit_result;
}
scan_ret = maat_scan_ipv4_port(tfe_get_maat_handle(), tfe_bussiness_tableid_get(PXY_CTRL_SOURCE_IP), sapp_addr.v4->saddr, ntohs(sapp_addr.v4->source),
result+hit_cnt+hit_cnt_ip, MAX_SCAN_RESULT-hit_cnt-hit_cnt_ip, &n_hit_result, scan_mid);
if (scan_ret == MAAT_SCAN_HIT)
{
hit_cnt_ip += n_hit_result;
}
scan_ret = tfe_scan_internal_exteral_addr(stream, result, scan_mid, hit_cnt, 1);
if(scan_ret > 0)
{
hit_cnt_ip += scan_ret;
}
scan_ret = maat_scan_not_logic(tfe_get_maat_handle(), tfe_bussiness_tableid_get(PXY_CTRL_SOURCE_IP),
result+hit_cnt+hit_cnt_ip, MAX_SCAN_RESULT-hit_cnt-hit_cnt_ip, &n_hit_result, scan_mid);
if (scan_ret == MAAT_SCAN_HIT)
{
hit_cnt_ip += n_hit_result;
}
scan_ret = maat_scan_ipv4_port(tfe_get_maat_handle(), tfe_bussiness_tableid_get(PXY_CTRL_DESTINATION_IP), sapp_addr.v4->daddr, ntohs(sapp_addr.v4->dest),
result+hit_cnt+hit_cnt_ip, MAX_SCAN_RESULT-hit_cnt-hit_cnt_ip, &n_hit_result, scan_mid);
if(scan_ret == MAAT_SCAN_HIT)
{
hit_cnt_ip += n_hit_result;
}
scan_ret = tfe_scan_internal_exteral_addr(stream, result, scan_mid, hit_cnt, 0);
if(scan_ret > 0)
{
hit_cnt_ip += scan_ret;
}
scan_ret = maat_scan_not_logic(tfe_get_maat_handle(), tfe_bussiness_tableid_get(PXY_CTRL_DESTINATION_IP),
result+hit_cnt+hit_cnt_ip, MAX_SCAN_RESULT-hit_cnt-hit_cnt_ip, &n_hit_result, scan_mid);
if (scan_ret == MAAT_SCAN_HIT)
{
hit_cnt_ip += n_hit_result;
}
return hit_cnt_ip;
}
int tfe_scan_ipv6_addr(const struct tfe_stream *stream, long long *result, struct maat_state *scan_mid, int hit_cnt, struct ipaddr sapp_addr)
{
int scan_ret = 0;
int hit_cnt_ip = 0;
size_t n_hit_result = 0;
struct maat_hit_group hit_group;
memset(&hit_group, 0, sizeof(hit_group));
hit_group.group_id=PROTOCOL_TCP_GROUP_ID;
scan_ret = maat_scan_group(tfe_get_maat_handle(), tfe_bussiness_tableid_get(PXY_CTRL_IP_PROTOCOL), &hit_group, 1,
result+hit_cnt+hit_cnt_ip, MAX_SCAN_RESULT-hit_cnt-hit_cnt_ip, &n_hit_result, scan_mid);
if(scan_ret==MAAT_SCAN_HIT)
{
hit_cnt_ip += n_hit_result;
}
scan_ret = maat_scan_not_logic(tfe_get_maat_handle(), tfe_bussiness_tableid_get(PXY_CTRL_IP_PROTOCOL),
result+hit_cnt+hit_cnt_ip, MAX_SCAN_RESULT-hit_cnt-hit_cnt_ip, &n_hit_result, scan_mid);
if (scan_ret == MAAT_SCAN_HIT)
{
hit_cnt_ip += n_hit_result;
}
scan_ret = maat_scan_ipv6_port(tfe_get_maat_handle(), tfe_bussiness_tableid_get(PXY_CTRL_SOURCE_IP), sapp_addr.v6->saddr, ntohs(sapp_addr.v6->source),
result+hit_cnt+hit_cnt_ip, MAX_SCAN_RESULT-hit_cnt-hit_cnt_ip, &n_hit_result, scan_mid);
if (scan_ret == MAAT_SCAN_HIT)
{
hit_cnt_ip += n_hit_result;
}
scan_ret = tfe_scan_internal_exteral_addr(stream, result, scan_mid, hit_cnt, 1);
if(scan_ret > 0)
{
hit_cnt_ip += scan_ret;
}
scan_ret = maat_scan_not_logic(tfe_get_maat_handle(), tfe_bussiness_tableid_get(PXY_CTRL_SOURCE_IP),
result+hit_cnt+hit_cnt_ip, MAX_SCAN_RESULT-hit_cnt-hit_cnt_ip, &n_hit_result, scan_mid);
if (scan_ret == MAAT_SCAN_HIT)
{
hit_cnt_ip += n_hit_result;
}
scan_ret = maat_scan_ipv6_port(tfe_get_maat_handle(), tfe_bussiness_tableid_get(PXY_CTRL_DESTINATION_IP), sapp_addr.v6->daddr, ntohs(sapp_addr.v6->dest),
result+hit_cnt+hit_cnt_ip, MAX_SCAN_RESULT-hit_cnt-hit_cnt_ip, &n_hit_result, scan_mid);
if (scan_ret == MAAT_SCAN_HIT)
{
hit_cnt_ip += n_hit_result;
}
scan_ret = tfe_scan_internal_exteral_addr(stream, result, scan_mid, hit_cnt, 0);
if(scan_ret > 0)
{
hit_cnt_ip += scan_ret;
}
scan_ret = maat_scan_not_logic(tfe_get_maat_handle(), tfe_bussiness_tableid_get(PXY_CTRL_DESTINATION_IP),
result+hit_cnt+hit_cnt_ip, MAX_SCAN_RESULT-hit_cnt-hit_cnt_ip, &n_hit_result, scan_mid);
if (scan_ret == MAAT_SCAN_HIT)
{
hit_cnt_ip += n_hit_result;
}
return hit_cnt_ip;
}

16
plugin/business/doh/src/doh.cpp
View File

@@ -277,14 +277,8 @@ static void doh_maat_scan(const struct tfe_stream *stream, const struct tfe_http
hit_cnt += scan_ret;
}
scan_ret = tfe_scan_ip_location(stream, result, ctx->scan_mid, hit_cnt, g_doh_conf->local_logger);
if (scan_ret > 0)
{
hit_cnt += scan_ret;
}
scan_ret = tfe_scan_ip_asn(stream, result, ctx->scan_mid, hit_cnt, g_doh_conf->local_logger);
if (scan_ret > 0)
scan_ret = tfe_scan_ip_tags(stream, result, ctx->scan_mid, hit_cnt, g_doh_conf->local_logger);
if(scan_ret>0)
{
hit_cnt += scan_ret;
}
@@ -312,6 +306,12 @@ static void doh_maat_scan(const struct tfe_stream *stream, const struct tfe_http
{
hit_cnt += n_hit_result;
}
scan_ret = tfe_scan_fqdn_tags(stream, result, ctx->scan_mid, hit_cnt, g_doh_conf->tables[TYPE_HOST].id, g_doh_conf->local_logger);
if (scan_ret == MAAT_SCAN_HIT)
{
hit_cnt += n_hit_result;
}
}
// scan addr

86
plugin/business/doh/src/logger.cpp
View File

@@ -292,44 +292,6 @@ int doh_kafka_init(const char *profile, struct doh_conf *conf)
return 0;
}
static int doh_get_ip_client_geolocation(struct tfe_cmsg * cmsg, cJSON *common_obj)
{
unsigned int i=0, j=0;
char opt_val[128]={0}; uint16_t opt_out_size;
const char *client_geo_area_map[] = {"client_country","client_province","client_city","client_subdivision"};
for(i=TFE_CMSG_SRC_REGION_STR; i <= TFE_CMSG_DST_SUBDIVISION_STR; i+=2)
{
memset(opt_val, 0, sizeof(opt_val));
int ret = tfe_cmsg_get_value(cmsg, (enum tfe_cmsg_tlv_type)i, (unsigned char *)opt_val, sizeof(opt_val), &opt_out_size);
if (ret == 0)
{
cJSON_AddStringToObject(common_obj, client_geo_area_map[j], opt_val);
}
j++;
}
return 0;
}
static int doh_get_ip_server_geolocation(struct tfe_cmsg * cmsg, cJSON *common_obj)
{
unsigned int i=0, j=0;
char opt_val[128]={0}; uint16_t opt_out_size;
const char *server_geo_area_map[] = {"server_country","server_province","server_city","server_subdivision"};
for(i=TFE_CMSG_DST_REGION_STR; i <= TFE_CMSG_DST_SUBDIVISION_STR; i+=2)
{
memset(opt_val, 0, sizeof(opt_val));
int ret = tfe_cmsg_get_value(cmsg, (enum tfe_cmsg_tlv_type)i, (unsigned char *)opt_val, sizeof(opt_val), &opt_out_size);
if (ret == 0)
{
cJSON_AddStringToObject(common_obj, server_geo_area_map[j], opt_val);
}
j++;
}
return 0;
}
int doh_add_host_to_object(cJSON *common_obj, const char *req_spec_host)
{
unsigned int port;
@@ -341,6 +303,29 @@ int doh_add_host_to_object(cJSON *common_obj, const char *req_spec_host)
return 0;
}
int doh_tags_line_to_json_array(cJSON *per_hit_obj, const char *tags_key, char *opt_val)
{
if(per_hit_obj == NULL || tags_key == NULL || opt_val == NULL)
{
return 0;
}
char *opt_val_tmp = strdup(opt_val);
cJSON *tags_array = cJSON_CreateArray();
char *token = strtok(opt_val_tmp, ",");
while (token != NULL)
{
while (*token == ' ') token++;
cJSON_AddItemToArray(tags_array, cJSON_CreateString(token));
token = strtok(NULL, ",");
}
cJSON_AddItemToObject(per_hit_obj, tags_key, tags_array);
FREE(&opt_val_tmp)
return 1;
}
int doh_send_log(struct doh_conf *handle, const struct tfe_http_session *http, const struct tfe_stream *stream, struct doh_ctx *ctx)
{
struct doh_maat_rule_t *result = ctx->result;
@@ -475,19 +460,26 @@ int doh_send_log(struct doh_conf *handle, const struct tfe_http_session *http, c
if (cmsg!=NULL)
{
uint64_t src_asn=0, dst_asn=0;
ret = tfe_cmsg_get_value(cmsg, TFE_CMSG_SRC_ASN_VAL, (unsigned char *)&src_asn, sizeof(src_asn), &opt_out_size);
if (ret == 0)
char opt_val[128]={0}; uint16_t opt_out_size=0;
ret = tfe_cmsg_get_value(cmsg, (enum tfe_cmsg_tlv_type)64, (unsigned char *)opt_val, sizeof(opt_val), &opt_out_size);
if (ret == 0 && strlen(opt_val) > 0)
{
cJSON_AddNumberToObject(common_obj, "client_asn", src_asn);
doh_tags_line_to_json_array(common_obj, "client_ip_tags", opt_val);
}
ret = tfe_cmsg_get_value(cmsg, TFE_CMSG_DST_ASN_VAL, (unsigned char *)&dst_asn, sizeof(dst_asn), &opt_out_size);
if (ret == 0)
memset(opt_val, 0, sizeof(opt_val));
ret = tfe_cmsg_get_value(cmsg, (enum tfe_cmsg_tlv_type)65, (unsigned char *)opt_val, sizeof(opt_val), &opt_out_size);
if (ret == 0 && strlen(opt_val) > 0)
{
cJSON_AddNumberToObject(common_obj, "server_asn", dst_asn);
doh_tags_line_to_json_array(common_obj, "server_ip_tags", opt_val);
}
memset(opt_val, 0, sizeof(opt_val));
ret = tfe_cmsg_get_value(cmsg, (enum tfe_cmsg_tlv_type)63, (unsigned char *)opt_val, sizeof(opt_val), &opt_out_size);
if (ret == 0 && strlen(opt_val) > 0)
{
doh_tags_line_to_json_array(common_obj, "server_fqdn_tags", opt_val);
}
doh_get_ip_client_geolocation(cmsg, common_obj);
doh_get_ip_server_geolocation(cmsg, common_obj);
}
add_dns_info_to_log(common_obj, dns_info);

18
plugin/business/tsg-http/src/tsg_http.cpp
View File

@@ -2720,6 +2720,12 @@ enum proxy_action http_scan(const struct tfe_http_session * session, enum tfe_ht
{
hit_cnt += n_hit_result;
}
scan_ret = tfe_scan_fqdn_tags(stream, result, ctx->scan_mid, hit_cnt, g_proxy_rt->scan_table_id[PXY_CTRL_HTTP_FQDN], g_proxy_rt->local_logger);
if (scan_ret == MAAT_SCAN_HIT)
{
hit_cnt += n_hit_result;
}
}
const char * str_url = session->req->req_spec.url;
@@ -2915,19 +2921,15 @@ void proxy_on_http_begin(const struct tfe_stream *stream, const struct tfe_http_
scan_ret = tfe_scan_subscribe_id(stream, result, ctx->scan_mid, hit_cnt, g_proxy_rt->local_logger);
if(scan_ret>0)
{
hit_cnt+=scan_ret;
}
scan_ret = tfe_scan_ip_location(stream, result, ctx->scan_mid, hit_cnt, g_proxy_rt->local_logger);
if(scan_ret>0)
{
hit_cnt+=scan_ret;
hit_cnt += scan_ret;
}
scan_ret = tfe_scan_ip_asn(stream, result, ctx->scan_mid, hit_cnt, g_proxy_rt->local_logger);
scan_ret = tfe_scan_ip_tags(stream, result, ctx->scan_mid, hit_cnt, g_proxy_rt->local_logger);
if(scan_ret>0)
{
hit_cnt+=scan_ret;
hit_cnt += scan_ret;
}
long long app_id=67;
scan_ret = tfe_scan_app_id(result, ctx->scan_mid, hit_cnt, app_id, g_proxy_rt->scan_table_id[PXY_CTRL_APP_ID]);
if(scan_ret > 0)

90
plugin/business/tsg-http/src/tsg_logger.cpp
View File

@@ -110,44 +110,6 @@ struct proxy_logger* proxy_log_handle_create(const char* profile, const char* se
return instance;
}
static int get_ip_client_geolocation(struct tfe_cmsg * cmsg, cJSON *per_hit_obj)
{
unsigned int i=0, j=0;
char opt_val[128]={0}; uint16_t opt_out_size;
const char *client_geo_area_map[] = {"client_country","client_super_administrative_area","client_administrative_area","client_sub_administrative_area"};
for(i=TFE_CMSG_SRC_REGION_STR; i <= TFE_CMSG_DST_SUBDIVISION_STR; i+=2)
{
memset(opt_val, 0, sizeof(opt_val));
int ret = tfe_cmsg_get_value(cmsg, (enum tfe_cmsg_tlv_type)i, (unsigned char *)opt_val, sizeof(opt_val), &opt_out_size);
if (ret == 0)
{
cJSON_AddStringToObject(per_hit_obj, client_geo_area_map[j], opt_val);
}
j++;
}
return 0;
}
static int get_ip_server_geolocation(struct tfe_cmsg * cmsg, cJSON *per_hit_obj)
{
unsigned int i=0, j=0;
char opt_val[128]={0}; uint16_t opt_out_size;
const char *server_geo_area_map[] = {"server_country","server_super_administrative_area","server_administrative_area","server_sub_administrative_area"};
for(i=TFE_CMSG_DST_REGION_STR; i <= TFE_CMSG_DST_SUBDIVISION_STR; i+=2)
{
memset(opt_val, 0, sizeof(opt_val));
int ret = tfe_cmsg_get_value(cmsg, (enum tfe_cmsg_tlv_type)i, (unsigned char *)opt_val, sizeof(opt_val), &opt_out_size);
if (ret == 0)
{
cJSON_AddStringToObject(per_hit_obj, server_geo_area_map[j], opt_val);
}
j++;
}
return 0;
}
int proxy_add_host_to_object(cJSON *common_obj, const char *req_spec_host)
{
unsigned int port;
@@ -159,6 +121,29 @@ int proxy_add_host_to_object(cJSON *common_obj, const char *req_spec_host)
return 0;
}
int tags_line_to_json_array(cJSON *per_hit_obj, const char *tags_key, char *opt_val)
{
if(per_hit_obj == NULL || tags_key == NULL || opt_val == NULL)
{
return 0;
}
char *opt_val_tmp = strdup(opt_val);
cJSON *tags_array = cJSON_CreateArray();
char *token = strtok(opt_val_tmp, ",");
while (token != NULL)
{
while (*token == ' ') token++;
cJSON_AddItemToArray(tags_array, cJSON_CreateString(token));
token = strtok(NULL, ",");
}
cJSON_AddItemToObject(per_hit_obj, tags_key, tags_array);
FREE(&opt_val_tmp)
return 1;
}
int proxy_send_log(struct proxy_logger* handle, const struct proxy_log* log_msg)
{
const struct tfe_http_session* http=log_msg->http;
@@ -412,19 +397,26 @@ int proxy_send_log(struct proxy_logger* handle, const struct proxy_log* log_msg)
}
if (cmsg!=NULL)
{
uint64_t src_asn=0, dst_asn=0;
ret = tfe_cmsg_get_value(cmsg, TFE_CMSG_SRC_ASN_VAL, (unsigned char *)&src_asn, sizeof(src_asn), &opt_out_size);
if (ret == 0)
{
cJSON_AddNumberToObject(per_hit_obj, "client_asn", src_asn);
}
ret = tfe_cmsg_get_value(cmsg, TFE_CMSG_DST_ASN_VAL, (unsigned char *)&dst_asn, sizeof(dst_asn), &opt_out_size);
if (ret == 0)
char opt_val[128]={0}; uint16_t opt_out_size;
ret = tfe_cmsg_get_value(cmsg, (enum tfe_cmsg_tlv_type)64, (unsigned char *)opt_val, sizeof(opt_val), &opt_out_size);
if (ret == 0 && strlen(opt_val) > 0)
{
cJSON_AddNumberToObject(per_hit_obj, "server_asn", dst_asn);
tags_line_to_json_array(per_hit_obj, "client_ip_tags", opt_val);
}
memset(opt_val, 0, sizeof(opt_val));
ret = tfe_cmsg_get_value(cmsg, (enum tfe_cmsg_tlv_type)65, (unsigned char *)opt_val, sizeof(opt_val), &opt_out_size);
if (ret == 0 && strlen(opt_val) > 0)
{
tags_line_to_json_array(per_hit_obj, "server_ip_tags", opt_val);
}
memset(opt_val, 0, sizeof(opt_val));
ret = tfe_cmsg_get_value(cmsg, (enum tfe_cmsg_tlv_type)63, (unsigned char *)opt_val, sizeof(opt_val), &opt_out_size);
if (ret == 0 && strlen(opt_val) > 0)
{
tags_line_to_json_array(per_hit_obj, "server_fqdn_tags", opt_val);
}
get_ip_client_geolocation(cmsg, per_hit_obj);
get_ip_server_geolocation(cmsg, per_hit_obj);
}
log_payload = cJSON_PrintUnformatted(per_hit_obj);

182
resource/pangu/table_info.conf
View File

@@ -111,27 +111,15 @@
"match_method":5,
"is_hexbin":6
}
},
{
"table_id":9,
"table_name":"TSG_OBJ_FQDN_CAT",
"table_type":"interval",
"valid_column":5,
"custom": {
"item_id":1,
"group_id":2,
"low_boundary":3,
"up_boundary":4
}
},
{
"table_id": 10,
"table_id":9,
"table_name": "ATTR_SERVER_FQDN",
"table_type": "virtual",
"physical_table": "TSG_OBJ_FQDN"
},
{
"table_id":12,
"table_id":10,
"table_name":"TSG_OBJ_HTTP_SIGNATURE",
"table_type":"expr_plus",
"valid_column":8,
@@ -146,19 +134,19 @@
}
},
{
"table_id":13,
"table_id":11,
"table_name":"ATTR_HTTP_REQ_HDR",
"table_type":"virtual",
"physical_table": "TSG_OBJ_HTTP_SIGNATURE"
},
{
"table_id":14,
"table_id":12,
"table_name":"ATTR_HTTP_RES_HDR",
"table_type":"virtual",
"physical_table": "TSG_OBJ_HTTP_SIGNATURE"
},
{
"table_id":15,
"table_id":13,
"table_name":"TSG_OBJ_KEYWORDS",
"table_type":"expr",
"valid_column":7,
@@ -172,19 +160,19 @@
}
},
{
"table_id":16,
"table_id":14,
"table_name":"ATTR_HTTP_REQ_BODY",
"table_type":"virtual",
"physical_table": "TSG_OBJ_KEYWORDS"
},
{
"table_id":17,
"table_id":15,
"table_name":"ATTR_HTTP_RES_BODY",
"table_type":"virtual",
"physical_table": "TSG_OBJ_KEYWORDS"
},
{
"table_id":18,
"table_id":16,
"table_name":"TSG_OBJ_SUBSCRIBER_ID",
"table_type":"expr",
"valid_column":7,
@@ -198,19 +186,19 @@
}
},
{
"table_id":19,
"table_id":17,
"table_name":"ATTR_SOURCE_IP",
"table_type":"virtual",
"physical_table": "TSG_OBJ_IP"
},
{
"table_id":20,
"table_id":18,
"table_name":"ATTR_DESTINATION_IP",
"table_type":"virtual",
"physical_table": "TSG_OBJ_IP"
},
{
"table_id":21,
"table_id":19,
"table_name":"PXY_CACHE_COMPILE",
"table_type":"compile",
"user_region_encoded":"escape",
@@ -222,7 +210,7 @@
}
},
{
"table_id":22,
"table_id":20,
"table_name":"PXY_CACHE_COMPILE_CONJUNCTION",
"db_tables":["PXY_CACHE_COMPILE"],
"default_compile_table":1,
@@ -236,7 +224,7 @@
}
},
{
"table_id":23,
"table_id":21,
"table_name":"PXY_CACHE_COMPILE_PLUGIN",
"db_tables":["PXY_CACHE_COMPILE"],
"table_type":"plugin",
@@ -248,7 +236,7 @@
}
},
{
"table_id":24,
"table_id":22,
"table_name":"PXY_CACHE_GROUP",
"table_type":"group2compile",
"associated_compile_table_id":0,
@@ -262,7 +250,7 @@
}
},
{
"table_id":25,
"table_id":23,
"table_name":"PXY_CACHE_HTTP_URL",
"table_type":"expr",
"valid_column":7,
@@ -276,7 +264,7 @@
}
},
{
"table_id":26,
"table_id":24,
"table_name":"PXY_CACHE_HTTP_COOKIE",
"table_type":"expr",
"valid_column":7,
@@ -290,7 +278,7 @@
}
},
{
"table_id":27,
"table_id":25,
"table_name":"PXY_PROFILE_TRUSTED_CA_CERT",
"table_type":"plugin",
"valid_column":4,
@@ -301,7 +289,7 @@
}
},
{
"table_id":28,
"table_id":26,
"table_name":"PXY_OBJ_TRUSTED_CA_CRL",
"table_type":"plugin",
"valid_column":4,
@@ -312,7 +300,7 @@
}
},
{
"table_id":29,
"table_id":27,
"table_name":"TSG_PROFILE_RESPONSE_PAGES",
"table_type":"plugin",
"valid_column":5,
@@ -323,7 +311,7 @@
}
},
{
"table_id":30,
"table_id":28,
"table_name":"PXY_PROFILE_HIJACK_FILES",
"table_type":"plugin",
"valid_column":6,
@@ -334,7 +322,7 @@
}
},
{
"table_id":31,
"table_id":29,
"table_name":"PXY_PROFILE_INSERT_SCRIPTS",
"table_type":"plugin",
"valid_column":6,
@@ -345,7 +333,7 @@
}
},
{
"table_id":32,
"table_id":30,
"table_name":"PXY_INTERCEPT_COMPILE",
"table_type":"plugin",
"valid_column":9,
@@ -355,7 +343,7 @@
}
},
{
"table_id":33,
"table_id":31,
"table_name":"TSG_PROFILE_TRAFFIC_MIRROR",
"table_type":"plugin",
"valid_column":4,
@@ -365,7 +353,7 @@
}
},
{
"table_id":34,
"table_id":32,
"table_name":"PXY_PROFILE_DECRYPTION",
"table_type":"plugin",
"valid_column":4,
@@ -375,101 +363,13 @@
}
},
{
"table_id":35,
"table_name":"TSG_OBJ_AS_NUMBER",
"table_type":"expr",
"valid_column":7,
"custom": {
"item_id":1,
"group_id":2,
"keywords":3,
"expr_type":4,
"match_method":5,
"is_hexbin":6
}
},
{
"table_id":36,
"table_name":"ATTR_SOURCE_ASN",
"table_type":"virtual",
"physical_table": "TSG_OBJ_AS_NUMBER"
},
{
"table_id":37,
"table_name":"ATTR_DESTINATION_ASN",
"table_type":"virtual",
"physical_table": "TSG_OBJ_AS_NUMBER"
},
{
"table_id":38,
"table_name":"TSG_OBJ_GEO_LOCATION",
"table_type":"expr",
"valid_column":7,
"custom": {
"item_id":1,
"group_id":2,
"keywords":3,
"expr_type":4,
"match_method":5,
"is_hexbin":6
}
},
{
"table_id":39,
"table_name":"ATTR_SOURCE_GEO_COUNTRY",
"table_type":"virtual",
"physical_table": "TSG_OBJ_GEO_LOCATION"
},
{
"table_id":40,
"table_name":"ATTR_SOURCE_GEO_SUPER_ADMINISTRATIVE_AREA",
"table_type":"virtual",
"physical_table": "TSG_OBJ_GEO_LOCATION"
},
{
"table_id":41,
"table_name":"ATTR_SOURCE_GEO_ADMINISTRATIVE_AREA",
"table_type":"virtual",
"physical_table": "TSG_OBJ_GEO_LOCATION"
},
{
"table_id":42,
"table_name":"ATTR_SOURCE_GEO_SUB_ADMINISTRATIVE_AREA",
"table_type":"virtual",
"physical_table": "TSG_OBJ_GEO_LOCATION"
},
{
"table_id":43,
"table_name":"ATTR_DESTINATION_GEO_COUNTRY",
"table_type":"virtual",
"physical_table": "TSG_OBJ_GEO_LOCATION"
},
{
"table_id":44,
"table_name":"ATTR_DESTINATION_GEO_SUPER_ADMINISTRATIVE_AREA",
"table_type":"virtual",
"physical_table": "TSG_OBJ_GEO_LOCATION"
},
{
"table_id":45,
"table_name":"ATTR_DESTINATION_GEO_ADMINISTRATIVE_AREA",
"table_type":"virtual",
"physical_table": "TSG_OBJ_GEO_LOCATION"
},
{
"table_id":46,
"table_name":"ATTR_DESTINATION_GEO_SUB_ADMINISTRATIVE_AREA",
"table_type":"virtual",
"physical_table": "TSG_OBJ_GEO_LOCATION"
},
{
"table_id":47,
"table_id":33,
"table_name":"ATTR_DOH_QNAME",
"table_type":"virtual",
"physical_table": "TSG_OBJ_FQDN"
},
{
"table_id":48,
"table_id":34,
"table_name":"PXY_SSL_FINGERPRINT",
"table_type":"plugin",
"valid_column":4,
@@ -479,7 +379,7 @@
}
},
{
"table_id":49,
"table_id":35,
"table_name":"PXY_PROFILE_RUN_SCRIPTS",
"table_type":"plugin",
"valid_column":4,
@@ -490,7 +390,7 @@
}
},
{
"table_id":50,
"table_id":36,
"table_name":"PXY_PROFILE_TCP_OPTION",
"table_type":"plugin",
"valid_column":6,
@@ -500,7 +400,7 @@
}
},
{
"table_id":51,
"table_id":37,
"table_name":"SERVICE_CHAINING_COMPILE",
"table_type":"plugin",
"valid_column":9,
@@ -510,7 +410,7 @@
}
},
{
"table_id": 52,
"table_id":38,
"table_name": "APP_ID_DICT",
"table_type": "plugin",
"valid_column": 19,
@@ -521,31 +421,31 @@
}
},
{
"table_id":53,
"table_id":39,
"table_name":"ATTR_APP_ID",
"table_type":"virtual",
"physical_table": "APP_ID_DICT"
},
{
"table_id":54,
"table_id":40,
"table_name":"ATTR_SUBSCRIBER_ID",
"table_type":"virtual",
"physical_table": "TSG_OBJ_SUBSCRIBER_ID"
},
{
"table_id":55,
"table_id":41,
"table_name":"ATTR_INTERNAL_IP",
"table_type":"virtual",
"physical_table": "TSG_OBJ_IP"
},
{
"table_id":56,
"table_id":42,
"table_name":"ATTR_EXTERNAL_IP",
"table_type":"virtual",
"physical_table": "TSG_OBJ_IP"
},
{
"table_id":57,
"table_id":43,
"table_name": "TSG_IP_PROTOCOL",
"table_type": "plugin",
"valid_column": 4,
@@ -556,7 +456,7 @@
}
},
{
"table_id":58,
"table_id":44,
"table_name":"TSG_OBJ_PORT",
"table_type":"interval",
"valid_column":5,
@@ -568,31 +468,31 @@
}
},
{
"table_id":59,
"table_id":45,
"table_name": "ATTR_SOURCE_PORT",
"table_type": "virtual",
"physical_table": "TSG_OBJ_PORT"
},
{
"table_id":60,
"table_id":46,
"table_name": "ATTR_DESTINATION_PORT",
"table_type": "virtual",
"physical_table": "TSG_OBJ_PORT"
},
{
"table_id":61,
"table_id":47,
"table_name": "ATTR_INTERNAL_PORT",
"table_type": "virtual",
"physical_table": "TSG_OBJ_PORT"
},
{
"table_id":62,
"table_id":48,
"table_name": "ATTR_EXTERNAL_PORT",
"table_type": "virtual",
"physical_table": "TSG_OBJ_PORT"
},
{
"table_id":63,
"table_id":49,
"table_name": "ATTR_IP_PROTOCOL",
"table_type": "virtual",
"physical_table": "TSG_IP_PROTOCOL"