gfwleak/tango-tfe
Archived
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

TSG-14379 Monitor策略日志多命中情况下Vsys ID填写错误

Browse Source
This commit is contained in:
fengweihao
2023-04-04 16:06:40 +08:00
parent 26b533cba9
commit ed9a4739a1
7 changed files with 40 additions and 26 deletions
Download Patch File Download Diff File Expand all files Collapse all files

39
plugin/business/tsg-http/src/tsg_http.cpp
View File

@@ -128,6 +128,7 @@ struct maat_rule_t
unsigned char do_blacklist;
unsigned char action;
char *srv_def_large;
int vsys_id;
};
struct policy_action_param
@@ -137,7 +138,6 @@ struct policy_action_param
char *message;
char *position;
float enforcement_ratio;
int vsys_id;
int profile_id;
int status_code;
@@ -390,13 +390,14 @@ void octal_utf8_escapes(char *input)
void policy_action_param_new(const char *table_name, int table_id, const char* key, const char* table_line, void **ad, long argl, void* argp)
{
int ret=0;
int config_id=0, service_id=0, action=0;
long long config_id=0;
int service_id=0, action=0;
int do_log=0,do_blacklist=0,is_valid=0;
char effective_range[1024]={0};
char srv_def_large[8192]={0};
struct policy_action_param* param=NULL;
ret=sscanf(table_line, "%d\t%d\t%d\t%d\t%d\t%s\t%s\t%d", &config_id, &service_id, &action, &do_blacklist, &do_log,effective_range, srv_def_large, &is_valid);
ret=sscanf(table_line, "%lld\t%d\t%d\t%d\t%d\t%s\t%s\t%d", &config_id, &service_id, &action, &do_blacklist, &do_log,effective_range, srv_def_large, &is_valid);
if(ret!=8)
{
TFE_LOG_ERROR(g_proxy_rt->local_logger, "ctrl policy table parse failed, ret:%d, %s", ret, table_line);
@@ -415,14 +416,14 @@ void policy_action_param_new(const char *table_name, int table_id, const char* k
json=cJSON_Parse(srv_def_large);
if(json==NULL)
{
TFE_LOG_ERROR(g_proxy_rt->local_logger, "invalid policy parameter: id = %d", config_id);
TFE_LOG_ERROR(g_proxy_rt->local_logger, "invalid policy parameter: id = %lld", config_id);
return;
}
item=cJSON_GetObjectItem(json, "protocol");
if(unlikely(!item || !cJSON_IsString(item)))
{
TFE_LOG_ERROR(g_proxy_rt->local_logger, "Invalid policy parameter: %d invalid protocol format", config_id);
TFE_LOG_ERROR(g_proxy_rt->local_logger, "Invalid policy parameter: %lld invalid protocol format", config_id);
goto error_out;
}
@@ -454,14 +455,14 @@ void policy_action_param_new(const char *table_name, int table_id, const char* k
item=cJSON_GetObjectItem(json,"vsys_id");
if(item && item->type==cJSON_Number)
{
param->vsys_id= item->valueint;
param->hit_rule.vsys_id=item->valueint;
}
break;
case MA_ACTION_REDIRECT:
item=cJSON_GetObjectItem(json,"vsys_id");
if(item && item->type==cJSON_Number)
{
param->vsys_id= item->valueint;
param->hit_rule.vsys_id=item->valueint;
}
item=cJSON_GetObjectItem(json,"code");
if(item && item->type==cJSON_Number)
@@ -487,7 +488,7 @@ void policy_action_param_new(const char *table_name, int table_id, const char* k
item=cJSON_GetObjectItem(json,"vsys_id");
if(item && item->type==cJSON_Number)
{
param->vsys_id= item->valueint;
param->hit_rule.vsys_id=item->valueint;
}
item=cJSON_GetObjectItem(json,"code");
if(item && item->type==cJSON_Number)
@@ -509,7 +510,7 @@ void policy_action_param_new(const char *table_name, int table_id, const char* k
item=cJSON_GetObjectItem(json,"vsys_id");
if(item && item->type==cJSON_Number)
{
param->vsys_id= item->valueint;
param->hit_rule.vsys_id=item->valueint;
}
item=cJSON_GetObjectItem(json,"enforcement_ratio");
if(item && item->type==cJSON_Number)
@@ -549,7 +550,7 @@ void policy_action_param_new(const char *table_name, int table_id, const char* k
item=cJSON_GetObjectItem(json,"vsys_id");
if(item && item->type==cJSON_Number)
{
param->vsys_id= item->valueint;
param->hit_rule.vsys_id=item->valueint;
}
item=cJSON_GetObjectItem(json,"hijack_profile");
if(item && item->type==cJSON_Number){
@@ -569,7 +570,7 @@ void policy_action_param_new(const char *table_name, int table_id, const char* k
item=cJSON_GetObjectItem(json,"vsys_id");
if(item && item->type==cJSON_Number)
{
param->vsys_id= item->valueint;
param->hit_rule.vsys_id=item->valueint;
}
item=cJSON_GetObjectItem(json,"insert_profile");
if(item && item->type==cJSON_Number){
@@ -593,7 +594,7 @@ void policy_action_param_new(const char *table_name, int table_id, const char* k
item=cJSON_GetObjectItem(json,"vsys_id");
if(item && item->type==cJSON_Number)
{
param->vsys_id= item->valueint;
param->hit_rule.vsys_id=item->valueint;
}
rules = cJSON_GetObjectItem(json, "rules");
if(rules == NULL)
@@ -636,7 +637,7 @@ void policy_action_param_new(const char *table_name, int table_id, const char* k
item=cJSON_GetObjectItem(json,"vsys_id");
if(item && item->type==cJSON_Number)
{
param->vsys_id= item->valueint;
param->hit_rule.vsys_id=item->valueint;
}
item=cJSON_GetObjectItem(json,"run_script_profile");
if(item && item->type==cJSON_Number){
@@ -656,7 +657,7 @@ void policy_action_param_new(const char *table_name, int table_id, const char* k
break;
}
*ad=param;
TFE_LOG_INFO(g_proxy_rt->local_logger, "Add ctrl policy: %d", config_id);
TFE_LOG_INFO(g_proxy_rt->local_logger, "Add ctrl policy: %lld", config_id);
error_out:
cJSON_Delete(json);
return;
@@ -1560,6 +1561,10 @@ static enum proxy_action decide_ctrl_action(long long *results, size_t n_hit,
{
*param=(struct policy_action_param*)ex_data;
}
if(hit_rules)
{
FREE(&hit_rules);
}
return prior_action;
}
@@ -3249,12 +3254,6 @@ void proxy_on_http_end(const struct tfe_stream * stream,
.req_body=ctx->log_req_body, .resp_body=ctx->log_resp_body, .action=0, .inject_sz=ctx->inject_sz,
.asn_client=ctx->ip_ctx.asn_client, .asn_server=ctx->ip_ctx.asn_server, .location_client=ctx->ip_ctx.location_client,
.location_server=ctx->ip_ctx.location_server};
if(ctx != NULL && ctx->param != NULL)
{
log_msg.vsys_id = ctx->param->vsys_id;
}
if(ctx->action == PX_ACTION_MANIPULATE)
{
log_msg.action = ctx->param->action;