gfwleak/tango-tfe
Archived
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
This repository has been archived on 2025-09-14. You can view files and clone it, but cannot push or open issues or pull requests.
Files
3d99178958d99a2ee6a7c94c58ae8f7479ea1e2a
tango-tfe/resource/pangu/doh.json

106 lines
7.8 KiB
JSON
Raw Blame History

{
"rule_table": "PXY_CTRL_RULE",
"object_group_table": "OBJECT_GROUP",
"rules": [
{
"uuid": "40c9c6a7-70a9-48ae-9fba-ec7966edd3c6",
"service": 1,
"action": "manipulate",
"blacklist_option": 1,
"log_option": "all",
"action_parameter":{"protocol":"DoH","method":"redirect","resolution":[{"qtype":"A","answer":[{"atype":"CNAME","value":"www.abc.com","ttl":{"min":60,"max":300}},{"atype":"A","value":"1.1.1.1","ttl":{"min":60,"max":300}}]},{"qtype":"AAAA","answer":[{"atype":"AAAA","value":"aaaa:ffff:00","ttl":{"min":60,"max":300}},{"atype":"CNAME","value":"abc.com.cn","ttl":{"min":60,"max":300}}]}]},
"is_valid": "yes",
"and_conditions": [
{
"attribute_name": "ATTR_DOH_QNAME",
"objects": [
{
"items": [
{
"table_name": "TSG_OBJ_FQDN",
"table_type": "expr",
"table_content": {
"keywords": "www.126.com",
"expr_type": "and"
}
}
]
}
]
}
]
},
{
"uuid": "40c9c6a7-70a9-48ae-9fba-ec7966edd3c7",
"service": 1,
"action": "manipulate",
"blacklist_option": 1,
"log_option": "all",
"action_parameter":{"protocol":"DoH","method":"redirect","resolution":[{"qtype":"A","answer":[{"atype":"CNAME","value":"www.a.shifen.com","ttl":{"min":10,"max":10}},{"atype":"A","value":"182.61.200.6","ttl":{"min":20,"max":30}},{"atype":"A","value":"182.61.200.7","ttl":{"min":60,"max":61}}]},{"qtype":"AAAA","answer":[{"atype":"CNAME","value":"www.taobao.com.danuoyi.tbcache.com","ttl":{"min":100,"max":100}},{"atype":"AAAA","value":"2408:871a:2800:4:3::3fa","ttl":{"min":200,"max":300}},{"atype":"AAAA","value":"2408:871a:2800:2:3::3fa","ttl":{"min":600,"max":310}}]}]},
"is_valid": "yes",
"and_conditions": [
{
"attribute_name": "ATTR_DOH_QNAME",
"objects": [
{
"items": [
{
"table_name": "TSG_OBJ_FQDN",
"table_type": "expr",
"table_content": {
"keywords": "www.126.com",
"expr_type": "and"
}
}
]
}
]
}
]
}
],
"plugin_table": [
{
"table_name": "TRAFFIC_MIRRORING_PROFILE",
"table_content": [
{"uuid":"0192dc7e-a87b-7ce9-a1c6-80974e6de3d8","vlan_ids":[1,2,3,4,5,6,7,8,9],"is_valid":1}
]
},
{
"table_name": " DECRYPTION_PROFILE",
"table_content": [
{"uuid":"00000000-0000-0000-0000-000000000001","decryption":{"dynamic_bypass":{"ev_cert":0,"cert_transparency":0,"mutual_authentication":1,"cert_pinning":1,"protocol_errors":1,"trusted_root_cert_is_not_installed_on_client":1},"protocol_version":{"min":"ssl3","max":"ssl3","mirror_client":1,"allow_http2":1},"certificate_checks":{"approach":{"cn":1,"issuer":1,"self-signed":1,"expiration":0},"fail_action":"pass-through"}},"is_valid":1},
{"uuid":"00000000-0000-0000-0000-000000000003","decryption":{"dynamic_bypass":{"ev_cert":1,"cert_transparency":1,"mutual_authentication":1,"cert_pinning":1,"protocol_errors":1,"trusted_root_cert_is_not_installed_on_client":0},"protocol_version":{"min":"ssl3","max":"tls13","mirror_client":1,"allow_http2":1},"certificate_checks":{"approach":{"cn":1,"issuer":1,"self-signed":1,"expiration":1},"fail_action":"fail-close"}},"is_valid":1},
{"uuid":"00000000-0000-0000-0000-000000000004","decryption":{"dynamic_bypass":{"ev_cert":0,"cert_transparency":0,"mutual_authentication":0,"cert_pinning":0,"protocol_errors":0,"trusted_root_cert_is_not_installed_on_client":0},"protocol_version":{"min":"ssl3","max":"ssl3","mirror_client":0,"allow_http2":0},"certificate_checks":{"approach":{"cn":0,"issuer":0,"self-signed":0,"expiration":0},"fail_action":"pass-through"}},"is_valid":1}
]
},
{
"table_name": "PXY_INTERCEPT_RULE",
"table_content": [
{"uuid":"00000000-0000-0000-0000-000000000001","action":"intercept", "log_option":"none", "action_parameter":{"vsys_id":1,"keyring_for_trusted":"00000000-0000-0000-0000-000000000002","keyring_for_untrusted":"00000000-0000-0000-0000-000000000000","decryption_profile":"00000000-0000-0000-0000-000000000001","tcp_option_profile":"00000000-0000-0000-0000-000000000001","traffic_mirroring":{"enable":0}},"is_valid":1},
{"uuid":"00000000-0000-0000-0000-000000000002","action":"intercept", "log_option":"none","action_parameter":{"vsys_id":1,"keyring_for_trusted":"00000000-0000-0000-0000-000000000002","keyring_for_untrusted":"00000000-0000-0000-0000-000000000000","decryption_profile":"00000000-0000-0000-0000-000000000001","tcp_option_profile":"00000000-0000-0000-0000-000000000001","traffic_mirroring":{"enable":1,"mirroring_profile":"0192dc7e-a87b-7ce9-a1c6-80974e6de3d8"}},"is_valid":1}
]
},
{
"table_name": "SERVICE_CHAINING_RULE",
"table_content": [
{"uuid":"00000000-0000-0000-0000-000000000001","effective_range":{},"action_parameter":{"vsys_id":1,"targeted_traffic":"raw","sff_profiles":["00000000-0000-0000-2222-000000000001"]},"is_valid":1},
{"uuid":"00000000-0000-0000-1111-000000000011","effective_range":{},"action_parameter":{"vsys_id":1,"targeted_traffic":"decrypted","sff_profiles":["00000000-0000-0000-2222-000000000001"]},"is_valid":1}
]
},
{
"table_name": "PROXY_TCP_OPTION_PROFILE",
"table_content": [
{"uuid":"00000000-0000-0000-0000-000000000001","tcp_passthrough":0,"bypass_duplicated_packet":0,"client_side_conn_param":{"tcp_maxseg":{"enable":0,"maxseg":1500},"nodelay":1,"keep_alive":{"enable":1,"tcp_keepcnt":8,"tcp_keepidle":30,"tcp_keepintvl":15},"ttl":70,"user_timeout":{"enable":1,"timeout_ms":600}},"server_side_conn_param":{"tcp_maxseg":{"enable":0,"maxseg":1500},"nodelay":1,"keep_alive":{"enable":1,"tcp_keepcnt":8,"tcp_keepidle":30,"tcp_keepintvl":15},"ttl":70,"user_timeout":{"enable":1,"timeout_ms":600}},"is_valid":1}
]
},
{
"table_name": "APP_ID_DICT",
"table_content": [
{"app_id":67,"object_id":201,"app_name":"http","parent_app_id":0,"parent_app_name":null,"category":"general-internet","subcategory":"internet-utility","content":"unknown","risk":"1","characteristics":null,"deny_action":null,"depends_on_app_ids":"null","implicitly_uses_app_ids":"null","continue_scanning":0,"tcp_timeout":120,"udp_timeout":120,"tcp_half_close":0,"tcp_time_wait":0,"is_valid":1,"modified_time":"1716531859000000"},
{"app_id":68,"object_id":68000,"app_name":"https","parent_app_id":0,"parent_app_name":null,"category":"general-internet","subcategory":"internet-utility","content":"unknown","risk":"1","characteristics":null,"deny_action":null,"depends_on_app_ids":"null","implicitly_uses_app_ids":"null","continue_scanning":0,"tcp_timeout":120,"udp_timeout":120,"tcp_half_close":0,"tcp_time_wait":0,"is_valid":1,"modified_time":"1716531859000000"}
]
}
]
}
Reference in New Issue View Git Blame Copy Permalink