diff --git a/common/src/tfe_scan.cpp b/common/src/tfe_scan.cpp index 2f22ac4..1c43f93 100644 --- a/common/src/tfe_scan.cpp +++ b/common/src/tfe_scan.cpp @@ -428,7 +428,12 @@ int tfe_scan_ipv4_addr(const struct tfe_stream *stream, long long *result, struc { hit_cnt_ip += n_hit_result; } - + scan_ret = maat_scan_not_logic((struct maat *)tfe_bussiness_resouce_get(STATIC_MAAT), tfe_bussiness_tableid_get(PXY_CTRL_IP_PROTOCOL), + result+hit_cnt+hit_cnt_ip, MAX_SCAN_RESULT-hit_cnt-hit_cnt_ip, &n_hit_result, scan_mid); + if (scan_ret == MAAT_SCAN_HIT) + { + hit_cnt_ip += n_hit_result; + } scan_ret = maat_scan_ipv4((struct maat *)tfe_bussiness_resouce_get(STATIC_MAAT), tfe_bussiness_tableid_get(PXY_CTRL_SOURCE_IP), sapp_addr.v4->saddr, result+hit_cnt+hit_cnt_ip, MAX_SCAN_RESULT-hit_cnt-hit_cnt_ip, &n_hit_result, scan_mid); if (scan_ret == MAAT_SCAN_HIT) diff --git a/plugin/business/doh/src/logger.cpp b/plugin/business/doh/src/logger.cpp index 8dad40c..9420413 100644 --- a/plugin/business/doh/src/logger.cpp +++ b/plugin/business/doh/src/logger.cpp @@ -399,7 +399,7 @@ int doh_send_log(struct doh_conf *handle, const struct tfe_http_session *http, c tfe_stream_info_get(stream, INFO_FROM_UPSTREAM_RX_OFFSET, &s2c_byte_num, sizeof(s2c_byte_num)); cJSON_AddStringToObject(common_obj, "decoded_as", "HTTP"); - cJSON_AddStringToObject(common_obj, "ip_protocol", "TCP"); + cJSON_AddStringToObject(common_obj, "ip_protocol", "tcp"); cJSON_AddNumberToObject(common_obj, "out_link_id", 0); cJSON_AddNumberToObject(common_obj, "in_link_id", 0); cJSON_AddStringToObject(common_obj, "sled_ip", handle->kafka_logger->local_ip_str); diff --git a/plugin/business/tsg-http/src/tsg_http.cpp b/plugin/business/tsg-http/src/tsg_http.cpp index 42afd8c..5f2481a 100644 --- a/plugin/business/tsg-http/src/tsg_http.cpp +++ b/plugin/business/tsg-http/src/tsg_http.cpp @@ -1189,6 +1189,77 @@ struct proxy_http_ctx int thread_id; }; +static inline int ctx_actually_replaced(struct proxy_http_ctx * ctx) +{ + if(ctx->action == PX_ACTION_MANIPULATE && + ctx->param->action == MA_ACTION_REPLACE && + ctx->rep_ctx->actually_replaced==1) + { + return 1; + } + else + { + return 0; + } +} + +static inline int ctx_actually_ran_script(struct proxy_http_ctx * ctx) +{ + if(ctx->action == PX_ACTION_MANIPULATE && + ctx->param->action == MA_ACTION_LUA_SCRIPT && + ctx->tsg_ctx->actually_executed==1) + { + return 1; + } + else + { + return 0; + } +} + +static inline int ctx_actually_inserted(struct proxy_http_ctx * ctx) +{ + if(ctx->action == PX_ACTION_MANIPULATE && + ctx->param->action == MA_ACTION_INSERT && + ctx->ins_ctx->actually_inserted==1) + { + return 1; + } + else + { + return 0; + } +} + +static inline int ctx_actually_edited(struct proxy_http_ctx * ctx) +{ + if(ctx->action == PX_ACTION_MANIPULATE && + ctx->param->action == MA_ACTION_ELEMENT && ctx->edit_ctx != NULL && + ctx->edit_ctx->actually_edited==1) + { + return 1; + } + else + { + return 0; + } +} + +static inline int ctx_actually_manipulate(struct proxy_http_ctx * ctx) +{ + if(ctx->action == PX_ACTION_MANIPULATE && + (ctx->param->action == MA_ACTION_REDIRECT || + ctx->param->action == MA_ACTION_HIJACK)&& + ctx->manipulate_replaced==1) + { + return 1; + } + else + { + return 0; + } +} + void http_repl_ctx_free(struct replace_ctx* rep_ctx) { if (rep_ctx->http_body) @@ -2829,7 +2900,12 @@ void enforce_control_policy(const struct tfe_stream * stream, const struct tfe_h if(ctx->log_resp_body == NULL) ctx->log_resp_body = evbuffer_new(); evbuffer_add(ctx->log_resp_body, body_frag, frag_size); } - proxy_send_metric_log(stream, ctx, thread_id, 1); + + if((((ctx_actually_replaced(ctx)) || (ctx_actually_inserted(ctx)) || (ctx_actually_edited(ctx)) || (ctx_actually_manipulate(ctx)) + || ctx_actually_ran_script(ctx)) || ctx->action == PX_ACTION_REJECT || (ctx->action == PX_ACTION_MONIT))) + { + proxy_send_metric_log(stream, ctx, thread_id, 1); + } return; } @@ -2910,80 +2986,6 @@ void proxy_on_http_begin(const struct tfe_stream *stream, const struct tfe_http_ return; } -static inline int ctx_actually_replaced(struct proxy_http_ctx * ctx) -{ - - if(ctx->action == PX_ACTION_MANIPULATE && - ctx->param->action == MA_ACTION_REPLACE && - ctx->rep_ctx->actually_replaced==1) - { - return 1; - } - else - { - return 0; - } -} - -static inline int ctx_actually_ran_script(struct proxy_http_ctx * ctx) -{ - if(ctx->action == PX_ACTION_MANIPULATE && - ctx->param->action == MA_ACTION_LUA_SCRIPT && - ctx->tsg_ctx->actually_executed==1) - { - return 1; - } - else - { - return 0; - } -} - -static inline int ctx_actually_inserted(struct proxy_http_ctx * ctx) -{ - - if(ctx->action == PX_ACTION_MANIPULATE && - ctx->param->action == MA_ACTION_INSERT && - ctx->ins_ctx->actually_inserted==1) - { - return 1; - } - else - { - return 0; - } -} - -static inline int ctx_actually_edited(struct proxy_http_ctx * ctx) -{ - - if(ctx->action == PX_ACTION_MANIPULATE && - ctx->param->action == MA_ACTION_ELEMENT && ctx->edit_ctx != NULL && - ctx->edit_ctx->actually_edited==1) - { - return 1; - } - else - { - return 0; - } -} - -static inline int ctx_actually_manipulate(struct proxy_http_ctx * ctx) -{ - if(ctx->action == PX_ACTION_MANIPULATE && - (ctx->param->action == MA_ACTION_REDIRECT || - ctx->param->action == MA_ACTION_HIJACK)&& - ctx->manipulate_replaced==1) - { - return 1; - } - else - { - return 0; - } -} - void proxy_on_http_end(const struct tfe_stream * stream, const struct tfe_http_session * session, unsigned int thread_id, void ** pme) { diff --git a/plugin/business/tsg-http/src/tsg_logger.cpp b/plugin/business/tsg-http/src/tsg_logger.cpp index 6673d83..4ae7203 100644 --- a/plugin/business/tsg-http/src/tsg_logger.cpp +++ b/plugin/business/tsg-http/src/tsg_logger.cpp @@ -253,7 +253,7 @@ int proxy_send_log(struct proxy_logger* handle, const struct proxy_log* log_msg) cJSON_AddStringToObject(common_obj, "http_version", app_proto[http->major_version]); cJSON_AddStringToObject(common_obj, "decoded_as", "HTTP"); - cJSON_AddStringToObject(common_obj, "ip_protocol", "TCP"); + cJSON_AddStringToObject(common_obj, "ip_protocol", "tcp"); cJSON_AddNumberToObject(common_obj, "out_link_id", 0); cJSON_AddNumberToObject(common_obj, "in_link_id", 0); cJSON_AddStringToObject(common_obj, "sled_ip", handle->kafka_logger->local_ip_str);