tango-tsg-master/inc/tsg_rule.h

#pragma once

#include "tsg_label.h"

#define	TSG_ACTION_NONE			0x00
#define	TSG_ACTION_MONITOR		0x01
#define	TSG_ACTION_INTERCEPT	0x02
#define	TSG_ACTION_NO_INTERCEPT	0x03
#define	TSG_ACTION_DENY			0x10
#define	TSG_ACTION_SHAPING		0x20
#define	TSG_ACTION_MANIPULATE	0x30
#define	TSG_ACTION_S_CHAINING	0x40
#define	TSG_ACTION_BYPASS		0x60
#define	TSG_ACTION_SHUNT		0x80
#define	TSG_ACTION_STATISTICS	0x81
#define	TSG_ACTION_MAX			0x81

enum TSG_SERVICE
{
	TSG_SERVICE_SECURITY=2,
	TSG_SERVICE_INTERCEPT=3,
	TSG_SERVICE_CHAINING=5,
	TSG_SERVICE_SHAPING=6,
	TSG_SERVICE_PRE_SIGNATURE=7,
	TSG_SERVICE_SIGNATURE=8,
	TSG_SERVICE_STATISTICS=10,
	TSG_SERVICE_MAX
};

enum TSG_METHOD_TYPE
{
	TSG_METHOD_TYPE_UNKNOWN=0,
	TSG_METHOD_TYPE_DROP,
	TSG_METHOD_TYPE_REDIRECTION,
	TSG_METHOD_TYPE_BLOCK,
	TSG_METHOD_TYPE_RESET,
	TSG_METHOD_TYPE_RST,
	TSG_METHOD_TYPE_ALERT,
	TSG_METHOD_TYPE_RATE_LIMIT,
	TSG_METHOD_TYPE_MIRRORED,
	TSG_METHOD_TYPE_TAMPER,
	TSG_METHOD_TYPE_DEFAULT,
	TSG_METHOD_TYPE_APP_DROP,
	TSG_METHOD_TYPE_ALLOW,
	TSG_METHOD_TYPE_SHUNT,
	TSG_METHOD_TYPE_MAX
};

enum ACTION_RETURN_TYPE
{
	ACTION_RETURN_TYPE_PROT=0,
	ACTION_RETURN_TYPE_APP,
	ACTION_RETURN_TYPE_TCPALL
};

extern struct maat *g_tsg_maat_feather;

struct maat_rule
{
	long long rule_id;
	unsigned char action;
	unsigned char service_id;
	unsigned char do_log;
	unsigned char padding;
	int vsys_id;
};

struct matched_policy_rules
{
	size_t n_rules;
	struct maat_rule rules[MAX_RESULT_NUM];
};

int session_packet_capture_by_rules_notify(const struct streaminfo * a_stream, struct maat_rule * rules, size_t n_rules, int thread_seq);
void session_matched_rules_notify(const struct streaminfo *a_stream, TSG_SERVICE service, struct maat_rule *rules, size_t n_rules, int thread_seq);
size_t tsg_matched_rules_select(struct maat *feather, TSG_SERVICE service, long long *matched_rules, size_t n_matched_rules, struct maat_rule *rules, size_t n_rules);
size_t tsg_scan_nesting_addr(const struct streaminfo *a_stream, struct maat *feather, enum TSG_PROTOCOL proto, struct maat_state *s_mid, struct maat_rule *rules, size_t n_rules);
size_t session_matched_rules_copy(const struct streaminfo *a_stream, enum TSG_SERVICE service, struct maat_rule *rules, size_t n_rules);
size_t tsg_select_rules_by_service_id(struct maat_rule *matched_rules, size_t n_matched_rules, struct maat_rule *rules, size_t n_rules, enum TSG_SERVICE service_id);
size_t tsg_select_rules_by_action(struct maat_rule *matched_rules, size_t n_matched_rules, struct maat_rule *rules, size_t n_rules, unsigned char action);

int tsg_get_fqdn_category_ids(struct maat *feather, char *fqdn, unsigned int *category_ids, int n_category_ids);

unsigned char tsg_enforing_deny(const struct streaminfo *a_stream, struct maat_rule *p_result, enum TSG_PROTOCOL protocol, enum ACTION_RETURN_TYPE type, const void *user_data);
TSG-13778 TSG master支持MAAT4 2023-04-03 08:30:49 +00:00			`#pragma once`
create version 2019-11-12 13:35:19 +08:00
共享链接属性流标签结构体：https://jira.geedge.net/browse/TSG-2848 2020-08-19 16:56:10 +08:00			`#include "tsg_label.h"`

完成链接统计信息功能 monitor日志等到CLOSE状态发送日志 2020-01-07 13:04:00 +08:00			`#define TSG_ACTION_NONE 0x00`
			`#define TSG_ACTION_MONITOR 0x01`
			`#define TSG_ACTION_INTERCEPT 0x02`
TSG-14654: 控制报文格式调整, 增加将cmsg字段发送给TFE, 控制报文采用mpack封装格式 2023-05-06 02:23:12 +00:00			`#define TSG_ACTION_NO_INTERCEPT 0x03`
完成链接统计信息功能 monitor日志等到CLOSE状态发送日志 2020-01-07 13:04:00 +08:00			`#define TSG_ACTION_DENY 0x10`
TSG-13520,TSG-13356: 支持通过tsg_pull_shaping_result函数获取命中的shaping策略,增加common_shaping_rule_ids日志字段,支持通过bridge接口及时通知命中的shaping策略,增加gtest测试用例 2023-02-07 02:51:03 +00:00			`#define TSG_ACTION_SHAPING 0x20`
完成链接统计信息功能 monitor日志等到CLOSE状态发送日志 2020-01-07 13:04:00 +08:00			`#define TSG_ACTION_MANIPULATE 0x30`
TSG-13777: 支持同步流状态及命中策略ID 2023-03-01 05:09:34 +00:00			`#define TSG_ACTION_S_CHAINING 0x40`
TSG-13778 TSG master支持MAAT4 2023-04-03 08:30:49 +00:00			`#define TSG_ACTION_BYPASS 0x60`
			`#define TSG_ACTION_SHUNT 0x80`
TSG-16060: 支持statistics policy 2023-08-06 10:45:19 +00:00			`#define TSG_ACTION_STATISTICS 0x81`
			`#define TSG_ACTION_MAX 0x81`
完成链接统计信息功能 monitor日志等到CLOSE状态发送日志 2020-01-07 13:04:00 +08:00
TSG-13778 TSG master支持MAAT4 2023-04-03 08:30:49 +00:00			`enum TSG_SERVICE`
			`{`
			`TSG_SERVICE_SECURITY=2,`
			`TSG_SERVICE_INTERCEPT=3,`
			`TSG_SERVICE_CHAINING=5,`
			`TSG_SERVICE_SHAPING=6,`
			`TSG_SERVICE_PRE_SIGNATURE=7,`
			`TSG_SERVICE_SIGNATURE=8,`
TSG-16060: 支持statistics policy 2023-08-06 10:45:19 +00:00			`TSG_SERVICE_STATISTICS=10,`
TSG-13778 TSG master支持MAAT4 2023-04-03 08:30:49 +00:00			`TSG_SERVICE_MAX`
			`};`

支持APP的管控 2021-03-02 10:39:33 +08:00			`enum TSG_METHOD_TYPE`
提供阻断方式判断函数接口提供统计命中策略流量信息函数接口根据sapp提供信息，实现部分统计信息 2019-12-20 11:15:29 +08:00			`{`
			`TSG_METHOD_TYPE_UNKNOWN=0,`
			`TSG_METHOD_TYPE_DROP,`
			`TSG_METHOD_TYPE_REDIRECTION,`
			`TSG_METHOD_TYPE_BLOCK,`
			`TSG_METHOD_TYPE_RESET,`
TSG-8795: 适配Sub Action(method)参数rst修改为reset 2021-12-06 11:37:05 +03:00			`TSG_METHOD_TYPE_RST,`
支持alert动作，发送common_sub_action日志字段 2020-04-16 13:03:56 +08:00			`TSG_METHOD_TYPE_ALERT,`
TSG-7568: facebook、twitter，Monitor动作无日志 2021-08-27 19:33:54 +08:00			`TSG_METHOD_TYPE_RATE_LIMIT,`
Feature ratelimit 2021-08-04 02:08:30 +00:00			`TSG_METHOD_TYPE_MIRRORED,`
TSG-13778 TSG master支持MAAT4 2023-04-03 08:30:49 +00:00			`TSG_METHOD_TYPE_TAMPER,`
			`TSG_METHOD_TYPE_DEFAULT,`
			`TSG_METHOD_TYPE_APP_DROP,`
			`TSG_METHOD_TYPE_ALLOW,`
			`TSG_METHOD_TYPE_SHUNT,`
提供阻断方式判断函数接口提供统计命中策略流量信息函数接口根据sapp提供信息，实现部分统计信息 2019-12-20 11:15:29 +08:00			`TSG_METHOD_TYPE_MAX`
			`};`

✨ feat(traffic mirror): 添加traffic mirror 功能 2021-08-01 10:48:19 +00:00			`enum ACTION_RETURN_TYPE`
			`{`
			`ACTION_RETURN_TYPE_PROT=0,`
TSG-12885: 安全策略支持drop动作中包含send reset/send icmp子动作，reset动作向前兼容 2022-12-23 11:54:29 +08:00			`ACTION_RETURN_TYPE_APP,`
			`ACTION_RETURN_TYPE_TCPALL`
✨ feat(traffic mirror): 添加traffic mirror 功能 2021-08-01 10:48:19 +00:00			`};`

TSG-13778 TSG master支持MAAT4 2023-04-03 08:30:49 +00:00			`extern struct maat *g_tsg_maat_feather;`
提供阻断方式判断函数接口提供统计命中策略流量信息函数接口根据sapp提供信息，实现部分统计信息 2019-12-20 11:15:29 +08:00
TSG-13778 TSG master支持MAAT4 2023-04-03 08:30:49 +00:00			`struct maat_rule`
			`{`
			`long long rule_id;`
			`unsigned char action;`
			`unsigned char service_id;`
			`unsigned char do_log;`
TSG-14911: 支持从策略用户自定义中解析vsys id, Secutiry Rule Hits metrics中填写策略指定的vsys id 2023-04-28 06:03:16 +00:00			`unsigned char padding;`
			`int vsys_id;`
TSG-13778 TSG master支持MAAT4 2023-04-03 08:30:49 +00:00			`};`
✨ feat(traffic mirror): 添加traffic mirror 功能 2021-08-01 10:48:19 +00:00
TSG-13778 TSG master支持MAAT4 2023-04-03 08:30:49 +00:00			`struct matched_policy_rules`
			`{`
			`size_t n_rules;`
			`struct maat_rule rules[MAX_RESULT_NUM];`
			`};`
DNS的DENY动作由总控统一处理 TSG-7250: tsg_master统一设置RST包特征 TSG-7051: 功能端支持按连接执行ratelimit动作 2021-08-07 17:27:55 +08:00
提供根据策略通知捕包或者镜像流量的接口 2023-04-28 10:17:10 +08:00			`int session_packet_capture_by_rules_notify(const struct streaminfo * a_stream, struct maat_rule * rules, size_t n_rules, int thread_seq);`
TSG-13778 TSG master支持MAAT4 2023-04-03 08:30:49 +00:00			`void session_matched_rules_notify(const struct streaminfo a_stream, TSG_SERVICE service, struct maat_rule rules, size_t n_rules, int thread_seq);`
			`size_t tsg_matched_rules_select(struct maat feather, TSG_SERVICE service, long long matched_rules, size_t n_matched_rules, struct maat_rule *rules, size_t n_rules);`
			`size_t tsg_scan_nesting_addr(const struct streaminfo a_stream, struct maat feather, enum TSG_PROTOCOL proto, struct maat_state s_mid, struct maat_rule rules, size_t n_rules);`
			`size_t session_matched_rules_copy(const struct streaminfo a_stream, enum TSG_SERVICE service, struct maat_rule rules, size_t n_rules);`
TSG-14654: 控制报文格式调整, 增加将cmsg字段发送给TFE, 控制报文采用mpack封装格式 2023-05-06 02:23:12 +00:00			`size_t tsg_select_rules_by_service_id(struct maat_rule matched_rules, size_t n_matched_rules, struct maat_rule rules, size_t n_rules, enum TSG_SERVICE service_id);`
TSG-14946: 安全策略支持allow(deny)和monitor动作同时命中 2023-05-27 09:37:46 +00:00			`size_t tsg_select_rules_by_action(struct maat_rule matched_rules, size_t n_matched_rules, struct maat_rule rules, size_t n_rules, unsigned char action);`

TSG-13778 TSG master支持MAAT4 2023-04-03 08:30:49 +00:00			`int tsg_get_fqdn_category_ids(struct maat feather, char fqdn, unsigned int *category_ids, int n_category_ids);`
DNS的DENY动作由总控统一处理 TSG-7250: tsg_master统一设置RST包特征 TSG-7051: 功能端支持按连接执行ratelimit动作 2021-08-07 17:27:55 +08:00
TSG-13778 TSG master支持MAAT4 2023-04-03 08:30:49 +00:00			`unsigned char tsg_enforing_deny(const struct streaminfo a_stream, struct maat_rule p_result, enum TSG_PROTOCOL protocol, enum ACTION_RETURN_TYPE type, const void *user_data);`
适配FQDN接口 2020-09-28 17:13:39 +08:00