gfwleak/tango-tfe
Archived
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

TSG-14484 Pxoxy支持Maat4

Browse Source
This commit is contained in:
fengweihao
2023-03-30 19:39:18 +08:00
parent a2a4c32384
commit df39fcda90
23 changed files with 1219 additions and 564 deletions
Download Patch File Download Diff File Expand all files Collapse all files

124
common/src/tfe_scan.cpp
View File

@@ -1,12 +1,13 @@
#include <MESA/Maat_rule.h>
#include <MESA/maat.h>
#include <tfe_resource.h>
#include <tfe_scan.h>
int tfe_scan_subscribe_id(const struct tfe_stream *stream, struct Maat_rule_t *result, scan_status_t *scan_mid,
int hit_cnt, unsigned int thread_id, void *logger)
int tfe_scan_subscribe_id(const struct tfe_stream *stream, long long *result, struct maat_state *scan_mid,
int hit_cnt, void *logger)
{
int scan_ret = 0;
int hit_cnt_ip = 0;
size_t n_hit_result = 0;
uint16_t opt_out_size;
char dest_subscribe_id[TFE_STRING_MAX] = {0};
char source_subscribe_id[TFE_STRING_MAX] = {0};
@@ -28,15 +29,14 @@ int tfe_scan_subscribe_id(const struct tfe_stream *stream, struct Maat_rule_t *r
if (strlen(source_subscribe_id))
{
scan_ret = Maat_full_scan_string(tfe_bussiness_resouce_get(STATIC_MAAT), tfe_bussiness_tableid_get(TABLE_OBJ_SUBSCRIBER_ID),
CHARSET_UTF8, source_subscribe_id, strlen(source_subscribe_id),
result + hit_cnt + hit_cnt_ip, NULL, MAX_SCAN_RESULT - hit_cnt - hit_cnt_ip,
scan_mid, (int)thread_id);
if (scan_ret > 0)
scan_ret = maat_scan_string((struct maat *)tfe_bussiness_resouce_get(STATIC_MAAT), tfe_bussiness_tableid_get(TABLE_OBJ_SUBSCRIBER_ID),
source_subscribe_id, strlen(source_subscribe_id),result + hit_cnt + hit_cnt_ip,
MAX_SCAN_RESULT - hit_cnt - hit_cnt_ip, &n_hit_result, scan_mid);
if (scan_ret == MAAT_SCAN_HIT)
{
TFE_LOG_INFO(logger, "Scan src TSG_OBJ_SUBSCRIBER_ID, Hit subid: %s scan ret: %d policy_id: %d service: %d action: %d addr: %s",
source_subscribe_id, scan_ret, result[hit_cnt + hit_cnt_ip].config_id, result[hit_cnt + hit_cnt_ip].service_id, result[hit_cnt + hit_cnt_ip].action, stream->str_stream_info);
hit_cnt_ip += scan_ret;
TFE_LOG_INFO(logger, "Scan src TSG_OBJ_SUBSCRIBER_ID, Hit subid: %s scan ret: %d policy_id: %lld addr: %s",
source_subscribe_id, scan_ret, result[hit_cnt + hit_cnt_ip], stream->str_stream_info);
hit_cnt_ip += n_hit_result;
}
else
{
@@ -47,15 +47,14 @@ int tfe_scan_subscribe_id(const struct tfe_stream *stream, struct Maat_rule_t *r
if (strlen(dest_subscribe_id))
{
scan_ret = Maat_full_scan_string(tfe_bussiness_resouce_get(STATIC_MAAT), tfe_bussiness_tableid_get(TABLE_OBJ_SUBSCRIBER_ID),
CHARSET_UTF8, dest_subscribe_id, strlen(dest_subscribe_id),
result + hit_cnt + hit_cnt_ip, NULL, MAX_SCAN_RESULT - hit_cnt - hit_cnt_ip,
scan_mid, (int)thread_id);
if (scan_ret > 0)
scan_ret = maat_scan_string((struct maat *)tfe_bussiness_resouce_get(STATIC_MAAT), tfe_bussiness_tableid_get(TABLE_OBJ_SUBSCRIBER_ID),
dest_subscribe_id, strlen(dest_subscribe_id),result + hit_cnt + hit_cnt_ip,
MAX_SCAN_RESULT - hit_cnt - hit_cnt_ip,&n_hit_result, scan_mid);
if (scan_ret == MAAT_SCAN_HIT)
{
TFE_LOG_INFO(logger, "Scan dst TSG_OBJ_SUBSCRIBER_ID, Hit subid: %s scan ret: %d policy_id: %d service: %d action: %d addr: %s",
dest_subscribe_id, scan_ret, result[hit_cnt + hit_cnt_ip].config_id, result[hit_cnt + hit_cnt_ip].service_id, result[hit_cnt + hit_cnt_ip].action, stream->str_stream_info);
hit_cnt_ip += scan_ret;
TFE_LOG_INFO(logger, "Scan dst TSG_OBJ_SUBSCRIBER_ID, Hit subid: %s scan ret: %d policy_id: %lld addr: %s",
dest_subscribe_id, scan_ret, result[hit_cnt + hit_cnt_ip], stream->str_stream_info);
hit_cnt_ip += n_hit_result;
}
else
{
@@ -67,13 +66,14 @@ int tfe_scan_subscribe_id(const struct tfe_stream *stream, struct Maat_rule_t *r
return hit_cnt_ip;
}
int tfe_scan_fqdn_cat(const struct tfe_stream *stream, struct Maat_rule_t *result, scan_status_t *scan_mid,
int hit_cnt, unsigned int thread_id, void *logger, int table_id)
int tfe_scan_fqdn_cat(const struct tfe_stream *stream, long long *result, struct maat_state *scan_mid,
int hit_cnt, void *logger, int table_id)
{
int scan_ret = 0;
unsigned int i = 0;
uint16_t opt_out_size;
int hit_cnt_fqdn = 0;
size_t n_hit_result = 0;
unsigned int category_id_num = 0;
unsigned int category_id_val[TFE_SYMBOL_MAX] = {0};
@@ -104,13 +104,13 @@ int tfe_scan_fqdn_cat(const struct tfe_stream *stream, struct Maat_rule_t *resul
for (i = 0; i < category_id_num && i < 8; i++)
{
scan_ret = Maat_scan_intval(tfe_bussiness_resouce_get(STATIC_MAAT), table_id, category_id_val[i], result + hit_cnt + hit_cnt_fqdn,
MAX_SCAN_RESULT - hit_cnt - hit_cnt_fqdn, scan_mid, (int)thread_id);
if (scan_ret > 0)
scan_ret = maat_scan_integer((struct maat *)tfe_bussiness_resouce_get(STATIC_MAAT), table_id, category_id_val[i], result + hit_cnt + hit_cnt_fqdn,
MAX_SCAN_RESULT - hit_cnt - hit_cnt_fqdn, &n_hit_result, scan_mid);
if (scan_ret == MAAT_SCAN_HIT)
{
TFE_LOG_INFO(logger, "Scan FQDN_CAT, Hit catid: %d scan ret: %d policy_id: %d service: %d action: %d addr: %s",
category_id_val[i], scan_ret, result[hit_cnt + hit_cnt_fqdn].config_id, result[hit_cnt + hit_cnt_fqdn].service_id, result[hit_cnt + hit_cnt_fqdn].action, stream->str_stream_info);
hit_cnt_fqdn += scan_ret;
TFE_LOG_INFO(logger, "Scan FQDN_CAT, Hit catid: %d scan ret: %d policy_id: %lld addr: %s",
category_id_val[i], scan_ret, result[hit_cnt + hit_cnt_fqdn], stream->str_stream_info);
hit_cnt_fqdn += n_hit_result;
}
else
{
@@ -121,11 +121,12 @@ int tfe_scan_fqdn_cat(const struct tfe_stream *stream, struct Maat_rule_t *resul
return hit_cnt_fqdn;
}
int tfe_scan_ip_location(const struct tfe_stream *stream, struct Maat_rule_t *result, scan_status_t *scan_mid,
int hit_cnt, unsigned int thread_id, void *logger, char **location_server, char **location_client)
int tfe_scan_ip_location(const struct tfe_stream *stream, long long *result, struct maat_state *scan_mid,
int hit_cnt, void *logger, char **location_server, char **location_client)
{
int scan_ret = 0;
int hit_cnt_ip = 0;
size_t n_hit_result = 0;
uint16_t opt_out_size;
char buff[TFE_STRING_MAX] = {0};
char src_city[TFE_STRING_MAX] = {0};
@@ -187,15 +188,14 @@ int tfe_scan_ip_location(const struct tfe_stream *stream, struct Maat_rule_t *re
memset(buff, 0, sizeof(buff));
snprintf(buff, sizeof(buff),"%s.%s.%s.%s.", dst_country, dst_provine, dst_city, dst_subdivsion);
scan_ret = Maat_full_scan_string(tfe_bussiness_resouce_get(STATIC_MAAT), tfe_bussiness_tableid_get(TABLE_SECURITY_DESTINATION_LOCATION),
CHARSET_GBK, buff, strlen(buff),
result + hit_cnt + hit_cnt_ip, NULL, MAX_SCAN_RESULT - hit_cnt - hit_cnt_ip,
scan_mid, (int)thread_id);
if (scan_ret > 0)
scan_ret = maat_scan_string((struct maat *)tfe_bussiness_resouce_get(STATIC_MAAT), tfe_bussiness_tableid_get(TABLE_SECURITY_DESTINATION_LOCATION),
buff, strlen(buff), result + hit_cnt + hit_cnt_ip,MAX_SCAN_RESULT - hit_cnt - hit_cnt_ip,
&n_hit_result, scan_mid);
if (scan_ret == MAAT_SCAN_HIT)
{
TFE_LOG_INFO(logger, "Scan TSG_SECURITY_DESTINATION_LOCATION, Hit location: %s scan ret: %d policy_id: %d service: %d action: %d addr: %s",
buff, scan_ret, result[hit_cnt + hit_cnt_ip].config_id, result[hit_cnt + hit_cnt_ip].service_id, result[hit_cnt + hit_cnt_ip].action, stream->str_stream_info);
hit_cnt_ip += scan_ret;
TFE_LOG_INFO(logger, "Scan TSG_SECURITY_DESTINATION_LOCATION, Hit location: %s scan ret: %d policy_id: %lld addr: %s",
buff, scan_ret, result[hit_cnt + hit_cnt_ip], stream->str_stream_info);
hit_cnt_ip += n_hit_result;
}
else
{
@@ -218,15 +218,14 @@ int tfe_scan_ip_location(const struct tfe_stream *stream, struct Maat_rule_t *re
memset(buff, 0, sizeof(buff));
snprintf(buff, sizeof(buff), "%s.%s.%s.%s.", src_country, src_provine, src_city, src_subdivsion);
scan_ret = Maat_full_scan_string(tfe_bussiness_resouce_get(STATIC_MAAT), tfe_bussiness_tableid_get(TABLE_SECURITY_SOURCE_LOCATION),
CHARSET_GBK, buff, strlen(buff),
result + hit_cnt + hit_cnt_ip, NULL, MAX_SCAN_RESULT - hit_cnt - hit_cnt_ip,
scan_mid, (int)thread_id);
if (scan_ret > 0)
scan_ret = maat_scan_string((struct maat *)tfe_bussiness_resouce_get(STATIC_MAAT), tfe_bussiness_tableid_get(TABLE_SECURITY_SOURCE_LOCATION),
buff, strlen(buff),result + hit_cnt + hit_cnt_ip, MAX_SCAN_RESULT - hit_cnt - hit_cnt_ip,
&n_hit_result, scan_mid);
if (scan_ret == MAAT_SCAN_HIT)
{
TFE_LOG_INFO(logger, "Scan TSG_SECURITY_SOURCE_LOCATION, Hit location: %s scan ret: %d policy_id: %d service: %d action: %d addr: %s",
buff, scan_ret, result[hit_cnt + hit_cnt_ip].config_id, result[hit_cnt + hit_cnt_ip].service_id, result[hit_cnt + hit_cnt_ip].action, stream->str_stream_info);
hit_cnt_ip += scan_ret;
TFE_LOG_INFO(logger, "Scan TSG_SECURITY_SOURCE_LOCATION, Hit location: %s scan ret: %d policy_id: %lld addr: %s",
buff, scan_ret, result[hit_cnt + hit_cnt_ip], stream->str_stream_info);
hit_cnt_ip += n_hit_result;
}
else
{
@@ -249,11 +248,12 @@ int tfe_scan_ip_location(const struct tfe_stream *stream, struct Maat_rule_t *re
return hit_cnt_ip;
}
int tfe_scan_ip_asn(const struct tfe_stream *stream, struct Maat_rule_t *result, scan_status_t *scan_mid,
int hit_cnt, unsigned int thread_id, void *logger, char **asn_server, char **asn_client)
int tfe_scan_ip_asn(const struct tfe_stream *stream, long long *result, struct maat_state *scan_mid,
int hit_cnt, void *logger, char **asn_server, char **asn_client)
{
int scan_ret = 0;
int hit_cnt_ip = 0;
size_t n_hit_result = 0;
uint16_t opt_out_size;
char buff[TFE_STRING_MAX] = {0};
char src_asn[TFE_STRING_MAX] = {0};
@@ -288,15 +288,14 @@ int tfe_scan_ip_asn(const struct tfe_stream *stream, struct Maat_rule_t *result,
if (strlen(dst_asn))
{
scan_ret = Maat_full_scan_string(tfe_bussiness_resouce_get(STATIC_MAAT), tfe_bussiness_tableid_get(TABLE_SECURITY_DESTINATION_ASN),
CHARSET_UTF8, dst_asn, strlen(dst_asn),
result + hit_cnt + hit_cnt_ip, NULL, MAX_SCAN_RESULT - hit_cnt - hit_cnt_ip,
scan_mid, (int)thread_id);
if (scan_ret > 0)
scan_ret = maat_scan_string((struct maat *)tfe_bussiness_resouce_get(STATIC_MAAT), tfe_bussiness_tableid_get(TABLE_SECURITY_DESTINATION_ASN),
dst_asn, strlen(dst_asn), result + hit_cnt + hit_cnt_ip, MAX_SCAN_RESULT - hit_cnt - hit_cnt_ip,
&n_hit_result, scan_mid);
if (scan_ret == MAAT_SCAN_HIT)
{
TFE_LOG_INFO(logger, "Scan TSG_SECURITY_DESTINATION_ASN, Hit asn: %s scan ret: %d policy_id: %d service: %d action: %d addr: %s",
dst_asn, scan_ret, result[hit_cnt + hit_cnt_ip].config_id, result[hit_cnt + hit_cnt_ip].service_id, result[hit_cnt + hit_cnt_ip].action, stream->str_stream_info);
hit_cnt_ip += scan_ret;
TFE_LOG_INFO(logger, "Scan TSG_SECURITY_DESTINATION_ASN, Hit asn: %s scan ret: %d policy_id: %lld addr: %s",
dst_asn, scan_ret, result[hit_cnt + hit_cnt_ip], stream->str_stream_info);
hit_cnt_ip += n_hit_result;
}
else
{
@@ -309,15 +308,14 @@ int tfe_scan_ip_asn(const struct tfe_stream *stream, struct Maat_rule_t *result,
}
if (strlen(src_asn))
{
scan_ret = Maat_full_scan_string(tfe_bussiness_resouce_get(STATIC_MAAT), tfe_bussiness_tableid_get(TABLE_SECURITY_SOURCE_ASN),
CHARSET_UTF8, src_asn, strlen(src_asn),
result + hit_cnt + hit_cnt_ip, NULL, MAX_SCAN_RESULT - hit_cnt - hit_cnt_ip,
scan_mid, (int)thread_id);
if (scan_ret > 0)
scan_ret = maat_scan_string((struct maat *)tfe_bussiness_resouce_get(STATIC_MAAT), tfe_bussiness_tableid_get(TABLE_SECURITY_SOURCE_ASN),
src_asn, strlen(src_asn),result + hit_cnt + hit_cnt_ip, MAX_SCAN_RESULT - hit_cnt - hit_cnt_ip,
&n_hit_result, scan_mid);
if (scan_ret == MAAT_SCAN_HIT)
{
TFE_LOG_INFO(logger, "Scan TSG_SECURITY_SOURCE_ASN, Hit asn: %s scan ret: %d policy_id: %d service: %d action: %d addr: %s",
src_asn, scan_ret, result[hit_cnt + hit_cnt_ip].config_id, result[hit_cnt + hit_cnt_ip].service_id, result[hit_cnt + hit_cnt_ip].action, stream->str_stream_info);
hit_cnt_ip += scan_ret;
TFE_LOG_INFO(logger, "Scan TSG_SECURITY_SOURCE_ASN, Hit asn: %s scan ret: %d policy_id: %lld addr: %s",
src_asn, scan_ret, result[hit_cnt + hit_cnt_ip], stream->str_stream_info);
hit_cnt_ip += n_hit_result;
}
else
{