fengweihao
|
ad21a6ac3d
|
TSG-18596 修复Redirect-DoH策略无法命中
TSG-18558 Manipulation日志中,有字节数和包数均为0的日志存在
|
2024-01-15 15:50:58 +08:00 |
|
luwenpeng
|
6f07c2a8bf
|
bugfix: CMSG log update flag
|
2024-01-03 19:48:49 +08:00 |
|
luwenpeng
|
cbd98507a2
|
TSG-18285 TFE的Packet IO模块支持重复流量识别
|
2024-01-02 18:47:49 +08:00 |
|
fengweihao
|
ced991b4a0
|
TSG-18286 Proxy支持虚拟表表名变更,删除代理本地缓存,删除tsg-http相关配置
|
2023-12-29 14:39:03 +08:00 |
|
fengweihao
|
7fcaefccad
|
优化kafka句柄创建和TOPIC注册
|
2023-12-19 14:23:55 +08:00 |
|
fengweihao
|
b3700966fd
|
TSG-17862 Proxy支持Internal IP address和Exteral IP Address的扫描, 支持以Topic方式上传HTTP请求体/应答体
|
2023-12-14 15:08:19 +08:00 |
|
luwenpeng
|
c3b887f1c5
|
perf: 性能优化
* io_uring使用buffer pool避免内存分配与释放
* packet io thread与worker thread无锁访问cmsg
* 为解密流量的fd设置默认的TTL
|
2023-11-14 18:54:40 +08:00 |
|
fengweihao
|
80f4909fe3
|
修复Keeper构建的http保活请求格式错误
|
2023-08-09 10:14:30 +08:00 |
|
luwenpeng
|
bc39cd0706
|
TFE适配MRZCPD的分流算法的变更;并增加分流的调试日志
|
2023-08-08 10:55:42 +08:00 |
|
fengweihao
|
2451bd795c
|
TSG-16056 修复deny动作,修复tsg_lua多线程调用问题和tfe编译告警
|
2023-07-11 16:28:52 +08:00 |
|
luwenpeng
|
db5530aa56
|
TSG-15381 TFE适配MAAT4的maat_plugin_table_get_ex_data()接口变更
|
2023-06-08 16:44:34 +08:00 |
|
wangmenglan
|
a97a90ac7d
|
TFE Packet IO 创建metric句柄
|
2023-06-05 19:24:37 +08:00 |
|
luwenpeng
|
cb39660a1a
|
TSG-15328 TLS Decrypted的HTTP2流量未Steering给第三方设备
TSG-15329 命中Intercept & Decrypted Service Chaining Policy且开启tcp_passthrough的流量仍Steering给第三方设备
|
2023-06-05 17:37:25 +08:00 |
|
wangmenglan
|
409dfb7e4b
|
🐞 fix: 调整TFE conf 文件, 使用四元组分流; 调整metric接口调用位置
|
2023-06-05 17:20:19 +08:00 |
|
luwenpeng
|
934d796d65
|
feature: worker thread不再发送intercept metrics
|
2023-06-01 15:48:23 +08:00 |
|
luwenpeng
|
a9df9ebe81
|
perf: TFE启动后关闭stderr输出
|
2023-06-01 11:02:46 +08:00 |
|
wangmenglan
|
0973d8c35a
|
🐞 fix(TSG-15308): 修复packet io thread启动时,intercept_policy_enforcer为空导致core
|
2023-05-31 20:17:22 +08:00 |
|
luwenpeng
|
5af89ccc93
|
bugfix
|
2023-05-30 20:08:26 +08:00 |
|
wangmenglan
|
f32535e557
|
🐞 fix(TSG-15212): 修复TFE_CMSG_SSL_INTERCEPT_STATE字段设置错误; 修复msgpack默写字段为空时, 增加默认值
|
2023-05-30 19:40:01 +08:00 |
|
luwenpeng
|
8082a3f9e8
|
TSG-15240 对于Decrypted Traffic,TFE先执行Manipulation再执行Steering
|
2023-05-25 14:21:19 +08:00 |
|
luwenpeng
|
e1b16ee339
|
bugfix: close fd_fake_c/fd_fake_s on error
|
2023-05-22 16:03:06 +08:00 |
|
wangmenglan
|
fc2625c691
|
bugfix:修复packet io内存泄漏
|
2023-05-22 15:19:29 +08:00 |
|
wangmenglan
|
b931a3dc58
|
packet io增加fieldstat状态统计
|
2023-05-15 16:41:59 +08:00 |
|
wangmenglan
|
542f4cbdfa
|
TSG-14930 TFE支持发送控制报文给SAPP
|
2023-05-09 22:13:20 +08:00 |
|
luwenpeng
|
4e1c470720
|
TFE Acceptor V3 不扫描Service Chaining Rule;
tcp_passthrough执行优先级: No Intercept Rule大于Tcp Option Profile
|
2023-05-09 15:39:45 +08:00 |
|
wangmenglan
|
ceffc9b168
|
TSG-14930 TFE支持发送控制报文给SAPP
|
2023-05-09 14:23:39 +08:00 |
|
luwenpeng
|
7c3b77fb2f
|
TSG-14890 TFE输出Intercept Policy Hits Metrics
|
2023-05-08 15:32:55 +08:00 |
|
wangmenglan
|
5dcc85c1ee
|
解决编译报错
|
2023-05-06 20:48:09 +08:00 |
|
wangmenglan
|
8de8ec1c5f
|
TSG-14938 TFE支持新控制报文格式; 调整代码结构
|
2023-05-06 17:53:08 +08:00 |
|
wangmenglan
|
8a7c196c20
|
修改文件编码
|
2023-05-06 17:47:47 +08:00 |
|
wangmenglan
|
11a46269f1
|
将kni合并到tfe中
|
2023-05-06 17:47:38 +08:00 |
|
fengweihao
|
0bb38a6969
|
TSG-14786 TFE输出Proxy Rule Hits Metric
|
2023-04-25 10:13:38 +08:00 |
|
luwenpeng
|
cbf424884c
|
cmsg适配控制报文类型, TFE_CMSG_SSL_INTERCEPT_STATE/TFE_CMSG_SSL_PINNING_STATE/TFE_CMSG_SSL_CERT_VERIFY的类型从uint64改为uint8
|
2023-04-23 16:55:30 +08:00 |
|
luwenpeng
|
2138d7f13e
|
TFE适配MAAT4,编译表只注册一次
|
2023-04-23 16:35:42 +08:00 |
|
luwenpeng
|
2ee26d758d
|
bugfix
|
2023-04-21 18:31:36 +08:00 |
|
luwenpeng
|
f421e4df54
|
TSG-14789 TFE扫描service chaining策略,执行Decrypted Traffic Steering
|
2023-04-21 18:31:36 +08:00 |
|
luwenpeng
|
f741c3c025
|
TSG-14628 TFE适配TCP Option Profile库表的变更
|
2023-04-21 18:31:36 +08:00 |
|
fengweihao
|
df39fcda90
|
TSG-14484 Pxoxy支持Maat4
|
2023-03-30 19:39:18 +08:00 |
|
luwenpeng
|
a2a4c32384
|
TSG-13204 Decrypted Traffic Steering适配第三方设备状态的切换
-> 当第三方设备的状态从可用变为不可用时
* 当前Stream依然按照Steering的流程处理,从eventcb中退出
* 下一个新的Stream开始UnSteering
-> 当第三方设备的状态从不可用变为可用时
* 当前Stream依然按照UnSteering的流程处理
* 下一个新Stream开始Steering
|
2022-12-30 15:53:19 +08:00 |
|
luwenpeng
|
b2c01eaa05
|
修改Decrypted Traffic Steering access log的输出
* 将 FACKFD/ERR/DOWN 改为 FACKFD/ERR/CLIENT
* 将 FACKFD/EOF/DOWN 改为 FACKFD/EOF/CLIENT
* 将 FACKFD/ERR/UP 改为 FACKFD/ERR/SERVER
* 将 FACKFD/EOF/UP 改为 FACKFD/EOF/SERVER
|
2022-12-30 14:36:03 +08:00 |
|
luwenpeng
|
1e1214cf12
|
Decrypted Traffic Steering功能启用时仍然支持Pinning检测和Pinning Dynamic Bypass
|
2022-12-29 18:16:52 +08:00 |
|
luwenpeng
|
f2856eaa0b
|
TSG-13196 Decrypted Traffic Steering增加FieldStat字段
* stee_c_err
* stee_s_err
* stee_c_eof
* stee_s_eof
|
2022-12-29 17:24:06 +08:00 |
|
luwenpeng
|
cd93796cce
|
bugfix: 修正decrypted traffic steering debug log输出的BEV_EVENT
|
2022-12-29 15:29:23 +08:00 |
|
luwenpeng
|
2a2bead767
|
TSG-13196 Decrypted Traffic Steering时照常统计intercept bytes
* STAT_STREAM_INCPT_DOWN_BYTES
* STAT_STREAM_INCPT_UP_BYTES
* STAT_STREAM_INCPT_BYTES
|
2022-12-29 14:28:53 +08:00 |
|
luwenpeng
|
0f542d376f
|
TSG-13196 Decrypted Traffic Steering增加FieldStat字段
* stee_ssl_conn
* stee_http_conn
* stee_c_tx_B
* stee_s_rx_B
* stee_s_tx_B
* stee_c_rx_B
|
2022-12-29 10:24:05 +08:00 |
|
luwenpeng
|
3268648414
|
TSG-13196 STAT_FD_CLOSE字段不统计Decrypted Traffic Steering的FD
|
2022-12-28 17:35:43 +08:00 |
|
luwenpeng
|
60d8f67f85
|
TSG-13171 Decrypted Traffic Steering构造的SYN/SYN ACK/ACK支持TimeStamp选项
|
2022-12-27 18:40:57 +08:00 |
|
luwenpeng
|
ee9f66a196
|
TSG-13175 Decrypted Traffic Steering构造的SYN/SYN ACK支持MSS选项
|
2022-12-27 14:12:42 +08:00 |
|
luwenpeng
|
fdf203b25e
|
NF QUEUE未配置eth时,默认不绑定eth device
|
2022-12-26 17:09:33 +08:00 |
|
luwenpeng
|
dc4205c9b0
|
TSG-13170 Decrypted Traffic Steering构造的SYN/SYN ACK支持SACK选项
bugfix: IPv6 ACK Packet: invalid flag
|
2022-12-26 16:57:09 +08:00 |
|