gfwleak/tango-tsg-master
Archived
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
This repository has been archived on 2025-09-14. You can view files and clone it, but cannot push or open issues or pull requests.
Files
4b023ef2305b676ae9932d4f644d42de98f108ce
tango-tsg-master/src/tsg_rule.cpp

3202 lines
100 KiB
C++
Raw Normal View History

删除不可见字符
2021-12-31 17:28:53 +03:00
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
#include <assert.h>
#include <time.h>
#include <arpa/inet.h>
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
#include "MESA/http.h"
#include "MESA/cJSON.h"
删除不可见字符
2021-12-31 17:28:53 +03:00
#include <MESA/stream.h>
#include <MESA/MESA_prof_load.h>
#include "MESA/MESA_handle_logger.h"
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
删除不可见字符
2021-12-31 17:28:53 +03:00
#include "tsg_rule.h"
#include "tsg_label.h"
#include "tsg_entry.h"
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
#include "tsg_variable.h"
#include "tsg_rule_internal.h"
删除不可见字符
2021-12-31 17:28:53 +03:00
#include "tsg_protocol_common.h"
TSG-13584: Firewall的安全日志依赖session record日志,修复TRAFFIC_SHAPING_PROFILE表是否生效字段编号定义错误,使用cppcheck进行代码检查
2023-02-09 07:14:55 +00:00
struct str2index
{
int index;
int len;
char *type;
};
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
struct maat *g_tsg_maat_feather;
struct maat_runtime_para g_tsg_maat_rt_para;
TSG-13584: Firewall的安全日志依赖session record日志,修复TRAFFIC_SHAPING_PROFILE表是否生效字段编号定义错误,使用cppcheck进行代码检查
2023-02-09 07:14:55 +00:00
const struct str2index method2index[TSG_METHOD_TYPE_MAX]={ {TSG_METHOD_TYPE_UNKNOWN, 7, (char *)"unknown"},
删除不可见字符
2021-12-31 17:28:53 +03:00
{TSG_METHOD_TYPE_DROP, 4, (char *)"drop"},
{TSG_METHOD_TYPE_REDIRECTION, 8, (char *)"redirect"},
{TSG_METHOD_TYPE_BLOCK, 5, (char *)"block"},
{TSG_METHOD_TYPE_RESET, 5, (char *)"reset"},
{TSG_METHOD_TYPE_RESET, 3, (char *)"rst"},
{TSG_METHOD_TYPE_ALERT, 5, (char *)"alert"},
{TSG_METHOD_TYPE_RATE_LIMIT, 10, (char *)"rate_limit"},
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
{TSG_METHOD_TYPE_MIRRORED, 8, (char *)"mirrored"},
{TSG_METHOD_TYPE_TAMPER, 6, (char *)"tamper"},
{TSG_METHOD_TYPE_DEFAULT, 14, (char *)"default_policy"}, // policy id=0, default policy
{TSG_METHOD_TYPE_APP_DROP, 7, (char *)"default"}, // use action of app_id_dict
{TSG_METHOD_TYPE_ALLOW, 7, (char *)"allow"}, // use action of app_id_dict
{TSG_METHOD_TYPE_SHUNT, 7, (char *)"shunt"} // use action of app_id_dict
};
删除不可见字符
2021-12-31 17:28:53 +03:00
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
extern const char *tsg_l7_protocol_id2name(unsigned int l7_protocol_id);
extern unsigned int tsg_l7_protocol_name2id(const char *l7_protocol_name);
删除不可见字符
2021-12-31 17:28:53 +03:00
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
static char* tm_strdup(const char* s)
删除不可见字符
2021-12-31 17:28:53 +03:00
{
char*d=NULL;
if(s==NULL)
{
return NULL;
}
d=(char*)malloc(strlen(s)+1);
memcpy(d,s,strlen(s)+1);
return d;
}
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
enum MAAT_MODE get_maat_mode(char *maat_mode)
{
if(strcasecmp(maat_mode, "redis")==0)
{
return MAAT_MODE_REDIS;
}
if(strcasecmp(maat_mode, "json")==0)
{
return MAAT_MODE_JSON;
}
if(strcasecmp(maat_mode, "file")==0)
{
return MAAT_MODE_FILE;
}
return MAAT_MODE_MAX;
}
删除不可见字符
2021-12-31 17:28:53 +03:00
unsigned short get_redis_port(char *redis_port_range)
{
TSG-13584: Firewall的安全日志依赖session record日志,修复TRAFFIC_SHAPING_PROFILE表是否生效字段编号定义错误,使用cppcheck进行代码检查
2023-02-09 07:14:55 +00:00
int port_num=0;
删除不可见字符
2021-12-31 17:28:53 +03:00
int range_len=0,used_len=0;
char buf[256]={0};
unsigned short s_port=0,e_port=0;
unsigned short redis_port[32]={0};
char *begin=NULL,*end=NULL,*pchr=NULL;
if(redis_port_range==NULL)
{
return 0;
}
begin=redis_port_range;
end=NULL;
range_len=strlen(redis_port_range);
while(range_len>used_len)
{
end=index(begin, ';');
if(end==NULL)
{
end=begin+range_len-used_len;
}
if(end==begin)
{
break;
}
memset(buf, 0, sizeof(buf));
strncpy(buf, begin, end-begin);
used_len+=end-begin+1;
if(range_len>used_len)
{
begin=end+1;
}
pchr=strchr(buf, '-');
if(pchr == NULL)
{
s_port=(unsigned short)atoi(buf);
e_port=s_port;
}
else
{
TSG-14945: 输出Application and Protocol Metrics
2023-06-02 08:19:50 +00:00
sscanf(buf, "%hu-%hu", &s_port, &e_port);
删除不可见字符
2021-12-31 17:28:53 +03:00
}
TSG-13584: Firewall的安全日志依赖session record日志,修复TRAFFIC_SHAPING_PROFILE表是否生效字段编号定义错误,使用cppcheck进行代码检查
2023-02-09 07:14:55 +00:00
for(int i=s_port; i<=e_port && port_num<32; i++)
删除不可见字符
2021-12-31 17:28:53 +03:00
{
redis_port[port_num++]=i;
}
}
if(port_num==0)
{
return 0;
}
srand((unsigned int)time(NULL));
TSG-13584: Firewall的安全日志依赖session record日志,修复TRAFFIC_SHAPING_PROFILE表是否生效字段编号定义错误,使用cppcheck进行代码检查
2023-02-09 07:14:55 +00:00
int idx=rand()%port_num;
删除不可见字符
2021-12-31 17:28:53 +03:00
return redis_port[idx];
}
static int get_column_pos(const char* line, int column_seq, size_t *offset, size_t *len)
{
const char* seps=" \t";
char* saveptr=NULL, *subtoken=NULL, *str=NULL;
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
char* dup_line=tm_strdup(line);
删除不可见字符
2021-12-31 17:28:53 +03:00
int i=0, ret=-1;
for (str = dup_line; ; str = NULL)
{
subtoken = strtok_r(str, seps, &saveptr);
if (subtoken == NULL)
break;
if(i==column_seq-1)
{
*offset=subtoken-dup_line;
*len=strlen(subtoken);
ret=0;
break;
}
i++;
}
free(dup_line);
return ret;
}
提供根据策略通知捕包或者镜像流量的接口
2023-04-28 10:17:10 +08:00
static char* tsg_str_unescape(char* s)
删除不可见字符
2021-12-31 17:28:53 +03:00
{
if(s==NULL)
{
return NULL;
}
int i=0,j=0;
int len=strlen(s);
for(i=0,j=0;i<len;i++)
{
if(s[i]=='\\')
{
switch(s[i+1])
{
case '&':
s[j]='&';
break;
case 'b':
s[j]=' ';//space,0x20;
break;
case '\\':
s[j]='\\';
break;
default:
s[j]=s[i];
i--; //undo the followed i++
break;
}
i++;
j++;
}
else
{
s[j]=s[i];
j++;
}
}
s[j]='\0';
return s;
}
static int get_dns_qtype(char *qtype, int qtype_len)
{
switch(qtype_len)
{
case 1:
if(qtype[0]=='A')
{
return DNS_TYPE_A;
}
break;
case 4:
if((strcasecmp(qtype, "AAAA"))==0)
{
return DNS_TYPE_AAAA;
}
break;
case 5:
if((strcasecmp(qtype, "CNAME"))==0)
{
return DNS_TYPE_CNAME;
}
break;
default:
break;
}
return -1;
}
static int get_fqdn_len(char *domain)
{
char *p=NULL;
int fqdn_len=0;
p=index(domain, ':');
if(p==NULL)
{
fqdn_len=strlen(domain);
}
else
{
fqdn_len=p-domain;
}
return fqdn_len;
}
static int get_data_center(char *accept_tag, char *effective_tag_key, char *data_center, int data_center_len)
{
cJSON *object=cJSON_Parse(accept_tag);
if(object!=NULL)
{
cJSON *array=cJSON_GetObjectItem(object, "tags");
if(array!=NULL)
{
TSG-13584: Firewall的安全日志依赖session record日志,修复TRAFFIC_SHAPING_PROFILE表是否生效字段编号定义错误,使用cppcheck进行代码检查
2023-02-09 07:14:55 +00:00
for(int i=0; i<cJSON_GetArraySize(array); i++)
删除不可见字符
2021-12-31 17:28:53 +03:00
{
cJSON *item=cJSON_GetArrayItem(array, i);
if(item!=NULL)
{
cJSON *tag_item=cJSON_GetObjectItem(item, "tag");
if(tag_item!=NULL && tag_item->valuestring!=NULL && (memcmp(effective_tag_key, tag_item->valuestring, strlen(effective_tag_key)))==0)
{
cJSON *v_item=cJSON_GetObjectItem(item, "value");
if(v_item!=NULL && v_item->valuestring!=NULL)
{
TSG-13584: Firewall的安全日志依赖session record日志,修复TRAFFIC_SHAPING_PROFILE表是否生效字段编号定义错误,使用cppcheck进行代码检查
2023-02-09 07:14:55 +00:00
int len=strlen(v_item->valuestring);
删除不可见字符
2021-12-31 17:28:53 +03:00
memcpy(data_center, v_item->valuestring, (len>data_center_len-1 ? data_center_len-1 : len));
}
cJSON_Delete(object);
object=NULL;
return 1;
}
}
}
}
cJSON_Delete(object);
object=NULL;
}
return 0;
}
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
static void tsg_free_field(char *field)
删除不可见字符
2021-12-31 17:28:53 +03:00
{
if(field!=NULL)
{
free(field);
field=NULL;
}
}
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
static char *tsg_malloc_field(const char *field_start, size_t field_len)
删除不可见字符
2021-12-31 17:28:53 +03:00
{
TSG-13584: Firewall的安全日志依赖session record日志,修复TRAFFIC_SHAPING_PROFILE表是否生效字段编号定义错误,使用cppcheck进行代码检查
2023-02-09 07:14:55 +00:00
if(field_start==NULL || field_len==0)
删除不可见字符
2021-12-31 17:28:53 +03:00
{
return NULL;
}
if(field_len==4 && (memcmp(field_start, "null", 4))==0)
{
return NULL;
}
char *field=(char *)malloc(field_len+1);
memcpy(field, field_start, field_len);
field[field_len]='\0';
return field;
}
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
void tsg_maat_state_free(struct maat_state *state)
{
if(state)
{
maat_state_free(state);
}
}
TSG-9521: 支持按Application属性,按会话执行deny action和设置timeout参数
2022-02-09 21:25:49 +08:00
static int get_string_from_json(cJSON *object, const char *key, char **value)
{
if(object==NULL || key==NULL)
{
return 0;
}
cJSON *item=cJSON_GetObjectItem(object, key);
if(item!=NULL)
{
TSG-13584: Firewall的安全日志依赖session record日志,修复TRAFFIC_SHAPING_PROFILE表是否生效字段编号定义错误,使用cppcheck进行代码检查
2023-02-09 07:14:55 +00:00
int len=strlen(item->valuestring);
TSG-9521: 支持按Application属性,按会话执行deny action和设置timeout参数
2022-02-09 21:25:49 +08:00
(*value)=(char *)malloc(len+1);
memcpy((*value), item->valuestring, len);
(*value)[len]='\0';
return 1;
}
return 0;
}
static int get_integer_from_json(cJSON *object, const char *key, int *value)
{
if(object==NULL || key==NULL || (value)==NULL)
{
return 0;
}
cJSON *item=cJSON_GetObjectItem(object, key);
if(item!=NULL)
{
(*value)=item->valueint;
return 1;
}
return 0;
}
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
int tsg_get_method_id(char *method)
{
for(int i=0; i<TSG_METHOD_TYPE_MAX; i++)
{
if(method2index[i].len==(int)strlen(method) && (strncasecmp(method2index[i].type, method, method2index[i].len))==0)
{
return method2index[i].index;
}
}
return -1;
}
char *column_string_get_value(const char* line, int column_seq)
{
int ret=0;
size_t offset=0;
size_t length=0;
ret=get_column_pos(line, column_seq, &offset, &length);
if(ret>=0)
{
return tsg_malloc_field(line+offset, length);
}
return NULL;
}
int column_integer_get_value(const char* line, int column_seq)
{
int ret=0;
size_t offset=0;
size_t length=0;
ret=get_column_pos(line, column_seq, &offset, &length);
if(ret>=0)
{
return atoi(line+offset);
}
return -1;
}
void ex_data_gtp_c_dup(int table_id, void **to, void **from, long argl, void* argp)
TSG-11250: 支持从REDIS中读取移动网用户标识映射关系表并执行对应策略
2022-07-29 10:41:09 +00:00
{
if((*from)!=NULL)
{
struct umts_user_info *user_info=(struct umts_user_info *)(*from);
atomic_inc(&user_info->ref_cnt);
*to=*from;
}
return;
}
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
void ex_data_gtp_c_new(const char *table_name, int table_id, const char* key, const char* table_line, void **ad, long argl, void* argp)
TSG-11250: 支持从REDIS中读取移动网用户标识映射关系表并执行对应策略
2022-07-29 10:41:09 +00:00
{
int imsi=3,msisdn=4,apn=5,imei=6;
struct umts_user_info *user_info=(struct umts_user_info *)calloc(1, sizeof(struct umts_user_info));
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
user_info->imsi=column_string_get_value(table_line, imsi);
user_info->msisdn=column_string_get_value(table_line, msisdn);
user_info->apn=column_string_get_value(table_line, apn);
user_info->imei=column_string_get_value(table_line, imei);
TSG-11250: 支持从REDIS中读取移动网用户标识映射关系表并执行对应策略
2022-07-29 10:41:09 +00:00
提供根据策略通知捕包或者镜像流量的接口
2023-04-28 10:17:10 +08:00
tsg_str_unescape(user_info->imsi);
tsg_str_unescape(user_info->msisdn);
tsg_str_unescape(user_info->apn);
tsg_str_unescape(user_info->imei);
TSG-11250: 支持从REDIS中读取移动网用户标识映射关系表并执行对应策略
2022-07-29 10:41:09 +00:00
atomic_inc(&user_info->ref_cnt);
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
*ad=(void *)user_info;
TSG-11250: 支持从REDIS中读取移动网用户标识映射关系表并执行对应策略
2022-07-29 10:41:09 +00:00
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
//FS_operate(g_tsg_para.fs2_handle, g_tsg_para.fs2_field_id[TSG_FS2_GTPC_ADD], 0, FS_OP_ADD, 1);
TSG-11250: 支持从REDIS中读取移动网用户标识映射关系表并执行对应策略
2022-07-29 10:41:09 +00:00
return;
}
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
void ex_data_gtp_c_free(int table_id, void **ad, long argl, void* argp)
TSG-11250: 支持从REDIS中读取移动网用户标识映射关系表并执行对应策略
2022-07-29 10:41:09 +00:00
{
if(*ad!=NULL)
{
struct umts_user_info *user_info=(struct umts_user_info *)(*ad);
if((__sync_sub_and_fetch(&user_info->ref_cnt, 1) == 0))
{
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
tsg_free_field(user_info->imsi);
tsg_free_field(user_info->msisdn);
tsg_free_field(user_info->apn);
tsg_free_field(user_info->imei);
TSG-11250: 支持从REDIS中读取移动网用户标识映射关系表并执行对应策略
2022-07-29 10:41:09 +00:00
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
tsg_free_field((char *)(*ad));
TSG-11250: 支持从REDIS中读取移动网用户标识映射关系表并执行对应策略
2022-07-29 10:41:09 +00:00
*ad=NULL;
TSG-11896: 增加回调表计数统计,便于统计回调表中的配置量、定位内存是否及时释放
2022-09-08 14:01:36 +08:00
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
//FS_operate(g_tsg_para.fs2_handle, g_tsg_para.fs2_field_id[TSG_FS2_GTPC_DEL], 0, FS_OP_ADD, 1);
TSG-11250: 支持从REDIS中读取移动网用户标识映射关系表并执行对应策略
2022-07-29 10:41:09 +00:00
}
}
return;
}
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
void plugin_ex_data_gtp_c_free(struct umts_user_info *user_info)
{
ex_data_gtp_c_free(g_tsg_maat_rt_para.plugin_tb[MAAT_PLUGIN_GTP_IP2SIGNALING].id, (void **)&user_info, 0, NULL);
}
TSG-9521: 支持按Application属性,按会话执行deny action和设置timeout参数
2022-02-09 21:25:49 +08:00
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
void ex_data_asn_number_dup(int table_id, void **to, void **from, long argl, void* argp)
删除不可见字符
2021-12-31 17:28:53 +03:00
{
if((*from)!=NULL)
{
struct asn_info *asn=(struct asn_info *)(*from);
atomic_inc(&asn->ref_cnt);
*to=*from;
}
return;
}
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
void ex_data_asn_number_new(const char *table_name, int table_id, const char* key, const char* table_line, void **ad, long argl, void* argp)
删除不可见字符
2021-12-31 17:28:53 +03:00
{
int asn_field=5;
int organization_field=6;
struct asn_info *asn=(struct asn_info *)calloc(1, sizeof(struct asn_info));
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
asn->asn_id=column_string_get_value(table_line, asn_field);
asn->organization=column_string_get_value(table_line, organization_field);
删除不可见字符
2021-12-31 17:28:53 +03:00
if(asn->asn_id==NULL && asn->organization==NULL)
{
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
tsg_free_field((char *)asn);
删除不可见字符
2021-12-31 17:28:53 +03:00
asn=NULL;
return ;
}
提供根据策略通知捕包或者镜像流量的接口
2023-04-28 10:17:10 +08:00
tsg_str_unescape(asn->asn_id);
tsg_str_unescape(asn->organization);
删除不可见字符
2021-12-31 17:28:53 +03:00
atomic_inc(&asn->ref_cnt);
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
*ad=(void *)asn;
删除不可见字符
2021-12-31 17:28:53 +03:00
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
//FS_operate(g_tsg_para.fs2_handle, g_tsg_para.fs2_field_id[TSG_FS2_ASN_ADD], 0, FS_OP_ADD, 1);
删除不可见字符
2021-12-31 17:28:53 +03:00
return;
}
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
void ex_data_asn_number_free(int table_id, void **ad, long argl, void* argp)
删除不可见字符
2021-12-31 17:28:53 +03:00
{
if(*ad!=NULL)
{
struct asn_info *asn=(struct asn_info *)(*ad);
if((__sync_sub_and_fetch(&asn->ref_cnt, 1) == 0))
{
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
tsg_free_field(asn->asn_id);
tsg_free_field(asn->organization);
tsg_free_field((char *)(*ad));
删除不可见字符
2021-12-31 17:28:53 +03:00
*ad=NULL;
TSG-11896: 增加回调表计数统计,便于统计回调表中的配置量、定位内存是否及时释放
2022-09-08 14:01:36 +08:00
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
//FS_operate(g_tsg_para.fs2_handle, g_tsg_para.fs2_field_id[TSG_FS2_ASN_DEL], 0, FS_OP_ADD, 1);
删除不可见字符
2021-12-31 17:28:53 +03:00
}
}
return;
}
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
void plugin_ex_data_asn_number_free(struct asn_info *asn)
{
ex_data_asn_number_free(g_tsg_maat_rt_para.plugin_tb[MAAT_PLUGIN_ASN_USER_DEFINED].id, (void **)&asn, 0, NULL);
}
void ex_data_location_dup(int table_id, void **to, void **from, long argl, void* argp)
删除不可见字符
2021-12-31 17:28:53 +03:00
{
if((*from)!=NULL)
{
struct location_info *location=(struct location_info *)(*from);
atomic_inc(&location->ref_cnt);
*to=*from;
}
return;
}
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
void ex_data_location_new(const char *table_name, int table_id, const char* key, const char* table_line, void **ad, long argl, void* argp)
删除不可见字符
2021-12-31 17:28:53 +03:00
{
struct location_info *location=(struct location_info *)calloc(1, sizeof(struct location_info));
Feature 4 layer location
2022-02-10 02:46:49 +00:00
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
location->country_full=column_string_get_value(table_line, 13); // country_full
location->province_full=column_string_get_value(table_line, 15); // province_full
location->city_full=column_string_get_value(table_line, 16); // city_full
提供根据策略通知捕包或者镜像流量的接口
2023-04-28 10:17:10 +08:00
tsg_str_unescape(location->country_full);
tsg_str_unescape(location->province_full);
tsg_str_unescape(location->city_full);
Feature 4 layer location
2022-02-10 02:46:49 +00:00
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
if(g_tsg_maat_rt_para.location_field_num==19)
Feature 4 layer location
2022-02-10 02:46:49 +00:00
{
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
location->subdivision_addr=column_string_get_value(table_line, 17); // subdivision_addr
提供根据策略通知捕包或者镜像流量的接口
2023-04-28 10:17:10 +08:00
tsg_str_unescape(location->subdivision_addr);
Feature 4 layer location
2022-02-10 02:46:49 +00:00
}
删除不可见字符
2021-12-31 17:28:53 +03:00
atomic_inc(&location->ref_cnt);
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
*ad=(void *)location;
删除不可见字符
2021-12-31 17:28:53 +03:00
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
//FS_operate(g_tsg_para.fs2_handle, g_tsg_para.fs2_field_id[TSG_FS2_LOCATION_ADD], 0, FS_OP_ADD, 1);
删除不可见字符
2021-12-31 17:28:53 +03:00
return;
}
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
void ex_data_location_free(int table_id, void **ad, long argl, void* argp)
删除不可见字符
2021-12-31 17:28:53 +03:00
{
if(*ad!=NULL)
{
struct location_info *location=(struct location_info *)(*ad);
if((__sync_sub_and_fetch(&location->ref_cnt, 1) == 0))
{
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
tsg_free_field(location->country_full);
tsg_free_field(location->province_full);
tsg_free_field(location->city_full);
tsg_free_field(location->subdivision_addr);
Feature 4 layer location
2022-02-10 02:46:49 +00:00
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
tsg_free_field((char *)(*ad));
删除不可见字符
2021-12-31 17:28:53 +03:00
*ad=NULL;
TSG-11896: 增加回调表计数统计,便于统计回调表中的配置量、定位内存是否及时释放
2022-09-08 14:01:36 +08:00
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
//FS_operate(g_tsg_para.fs2_handle, g_tsg_para.fs2_field_id[TSG_FS2_LOCATION_DEL], 0, FS_OP_ADD, 1);
删除不可见字符
2021-12-31 17:28:53 +03:00
}
}
return;
}
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
void plugin_ex_data_location_free(struct location_info *location)
{
ex_data_location_free(g_tsg_maat_rt_para.plugin_tb[MAAT_PLUGIN_LOCATION_USER_DEFINED].id, (void **)&location, 0, NULL);
}
void ex_data_fqdn_category_id_dup(int table_id, void **to, void **from, long argl, void* argp)
删除不可见字符
2021-12-31 17:28:53 +03:00
{
if((*from)!=NULL)
{
struct fqdn_category *fqdn_cat=(struct fqdn_category *)(*from);
atomic_inc(&fqdn_cat->ref_cnt);
*to=*from;
}
return;
}
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
void ex_data_fqdn_category_id_new(const char *table_name, int table_id, const char* key, const char* table_line, void **ad, long argl, void* argp)
删除不可见字符
2021-12-31 17:28:53 +03:00
{
int category_id=2;
struct fqdn_category * fqdn_cat=(struct fqdn_category *)calloc(1, sizeof(struct fqdn_category));
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
fqdn_cat->category_id=(unsigned int)column_integer_get_value(table_line, category_id);
删除不可见字符
2021-12-31 17:28:53 +03:00
if(fqdn_cat->category_id==((unsigned int)-1))
{
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
tsg_free_field((char *)fqdn_cat);
删除不可见字符
2021-12-31 17:28:53 +03:00
fqdn_cat=NULL;
return ;
}
atomic_inc(&fqdn_cat->ref_cnt);
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
*ad=(void *)fqdn_cat;
删除不可见字符
2021-12-31 17:28:53 +03:00
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
//FS_operate(g_tsg_para.fs2_handle, g_tsg_para.fs2_field_id[TSG_FS2_FQDN_ADD], 0, FS_OP_ADD, 1);
删除不可见字符
2021-12-31 17:28:53 +03:00
return;
}
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
void ex_data_fqdn_category_id_free(int table_id, void **ad, long argl, void* argp)
删除不可见字符
2021-12-31 17:28:53 +03:00
{
if((*ad)!=NULL)
{
struct fqdn_category *fqdn_cat=(struct fqdn_category *)(*ad);
if((__sync_sub_and_fetch(&fqdn_cat->ref_cnt, 1) == 0))
{
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
tsg_free_field((char *)(*ad));
*ad=NULL;
//FS_operate(g_tsg_para.fs2_handle, g_tsg_para.fs2_field_id[TSG_FS2_FQDN_DEL], 0, FS_OP_ADD, 1);
删除不可见字符
2021-12-31 17:28:53 +03:00
}
}
return;
}
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
void ex_data_subscriber_id_dup(int table_id, void **to, void **from, long argl, void* argp)
删除不可见字符
2021-12-31 17:28:53 +03:00
{
if((*from)!=NULL)
{
struct subscribe_id_info *subscribe_id=(struct subscribe_id_info *)(*from);
atomic_inc(&subscribe_id->ref_cnt);
*to=*from;
}
return;
}
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
void ex_data_subscriber_id_new(const char *table_name, int table_id, const char* key, const char* table_line, void **ad, long argl, void* argp)
删除不可见字符
2021-12-31 17:28:53 +03:00
{
int subscribe_id=4;
struct subscribe_id_info *subscriber=(struct subscribe_id_info *)calloc(1, sizeof(struct subscribe_id_info));
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
subscriber->subscribe_id=column_string_get_value(table_line, subscribe_id);
删除不可见字符
2021-12-31 17:28:53 +03:00
if(subscriber->subscribe_id==NULL)
{
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
tsg_free_field((char *)subscriber);
删除不可见字符
2021-12-31 17:28:53 +03:00
subscriber=NULL;
return;
}
atomic_inc(&subscriber->ref_cnt);
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
*ad=(void *)subscriber;
删除不可见字符
2021-12-31 17:28:53 +03:00
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
//FS_operate(g_tsg_para.fs2_handle, g_tsg_para.fs2_field_id[TSG_FS2_SUBSCRIBER_ADD], 0, FS_OP_ADD, 1);
删除不可见字符
2021-12-31 17:28:53 +03:00
return;
}
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
void ex_data_subscriber_id_free(int table_id, void **ad, long argl, void* argp)
删除不可见字符
2021-12-31 17:28:53 +03:00
{
if((*ad)!=NULL)
{
struct subscribe_id_info *subscriber=(struct subscribe_id_info *)(*ad);
if((__sync_sub_and_fetch(&subscriber->ref_cnt, 1) == 0))
{
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
tsg_free_field(subscriber->subscribe_id);
tsg_free_field((char *)(*ad));
删除不可见字符
2021-12-31 17:28:53 +03:00
*ad=NULL;
TSG-11896: 增加回调表计数统计,便于统计回调表中的配置量、定位内存是否及时释放
2022-09-08 14:01:36 +08:00
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
//FS_operate(g_tsg_para.fs2_handle, g_tsg_para.fs2_field_id[TSG_FS2_SUBSCRIBER_DEL], 0, FS_OP_ADD, 1);
删除不可见字符
2021-12-31 17:28:53 +03:00
}
}
return;
}
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
void plugin_ex_data_subscriber_id_free(struct subscribe_id_info *subscriber)
{
ex_data_subscriber_id_free(g_tsg_maat_rt_para.plugin_tb[MAAT_PLUGIN_SUBSCRIBER_IP2ID].id, (void **)&subscriber, 0, NULL);
}
static int parse_security_deny_action(char *deny_action_str, struct deny_user_region *deny_app_para)
TSG-9521: 支持按Application属性,按会话执行deny action和设置timeout参数
2022-02-09 21:25:49 +08:00
{
if(deny_action_str==NULL)
{
return 0;
}
cJSON *app_para=cJSON_Parse(deny_action_str);
if(app_para==NULL)
{
return 0;
}
char *method=NULL;
int ret=get_string_from_json(app_para, "method", &method);
if(ret==1)
{
int method_type=tsg_get_method_id(method);
switch(method_type)
{
case TSG_METHOD_TYPE_DROP:
deny_app_para->type=TSG_DENY_TYPE_APP_DROP;
TSG-12885: 安全策略支持drop动作中包含send reset/send icmp子动作,reset动作向前兼容
2022-12-23 11:54:29 +08:00
get_integer_from_json(app_para, "send_tcp_reset", &(deny_app_para->drop_para.send_reset_enable));
TSG-9521: 支持按Application属性,按会话执行deny action和设置timeout参数
2022-02-09 21:25:49 +08:00
get_integer_from_json(app_para, "after_n_packets", &(deny_app_para->after_n_packets));
TSG-12885: 安全策略支持drop动作中包含send reset/send icmp子动作,reset动作向前兼容
2022-12-23 11:54:29 +08:00
get_integer_from_json(app_para, "send_icmp_unreachable", &(deny_app_para->drop_para.send_icmp_enable));
TSG-9521: 支持按Application属性,按会话执行deny action和设置timeout参数
2022-02-09 21:25:49 +08:00
break;
case TSG_METHOD_TYPE_RATE_LIMIT:
deny_app_para->type=TSG_DENY_TYPE_APP_RATELIMIT;
get_integer_from_json(app_para, "bps", &(deny_app_para->bps));
break;
default:
break;
}
free(method);
method=NULL;
}
cJSON_Delete(app_para);
app_para=NULL;
return 1;
}
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
void ex_data_app_id_dict_dup(int table_id, void **to, void **from, long argl, void* argp)
删除不可见字符
2021-12-31 17:28:53 +03:00
{
if((*from)!=NULL)
{
struct app_id_dict *dict=(struct app_id_dict *)(*from);
atomic_inc(&dict->ref_cnt);
*to=*from;
}
return;
}
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
void ex_data_app_id_dict_new(const char *table_name, int table_id, const char* key, const char* table_line, void **ad, long argl, void* argp)
删除不可见字符
2021-12-31 17:28:53 +03:00
{
TSG-9521: 支持按Application属性,按会话执行deny action和设置timeout参数
2022-02-09 21:25:49 +08:00
char *deny_action_str=NULL;
删除不可见字符
2021-12-31 17:28:53 +03:00
struct app_id_dict *dict=NULL;
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
dict=(struct app_id_dict *)calloc(1, sizeof(struct app_id_dict));
dict->app_id=column_integer_get_value(table_line, 1);
dict->app_name=column_string_get_value(table_line, 2);
dict->parent_app_id=column_integer_get_value(table_line, 3);
dict->parent_app_name=column_string_get_value(table_line, 4);
dict->category=column_string_get_value(table_line, 5);
dict->subcategory=column_string_get_value(table_line, 6);
dict->technology=column_string_get_value(table_line, 7);
dict->risk=column_string_get_value(table_line, 8);
dict->characteristics=column_string_get_value(table_line, 9);
dict->continue_scanning=column_integer_get_value(table_line, 13);
dict->tcp_timeout=column_integer_get_value(table_line, 14);
dict->udp_timeout=column_integer_get_value(table_line, 15);
dict->tcp_half_close=column_integer_get_value(table_line, 16);
dict->tcp_time_wait=column_integer_get_value(table_line, 17);
deny_action_str=column_string_get_value(table_line, 12);
parse_security_deny_action(deny_action_str, &(dict->deny_app_para));
tsg_free_field(deny_action_str);
TSG-9521: 支持按Application属性,按会话执行deny action和设置timeout参数
2022-02-09 21:25:49 +08:00
deny_action_str=NULL;
提供根据策略通知捕包或者镜像流量的接口
2023-04-28 10:17:10 +08:00
tsg_str_unescape(dict->risk);
tsg_str_unescape(dict->app_name);
tsg_str_unescape(dict->parent_app_name);
tsg_str_unescape(dict->category);
tsg_str_unescape(dict->subcategory);
tsg_str_unescape(dict->technology);
tsg_str_unescape(dict->characteristics);
删除不可见字符
2021-12-31 17:28:53 +03:00
atomic_inc(&dict->ref_cnt);
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
*ad=(void *)dict;
删除不可见字符
2021-12-31 17:28:53 +03:00
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
//FS_operate(g_tsg_para.fs2_handle, g_tsg_para.fs2_field_id[TSG_FS2_APP_ID_ADD], 0, FS_OP_ADD, 1);
删除不可见字符
2021-12-31 17:28:53 +03:00
return;
}
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
void ex_data_app_id_dict_free(int table_id, void **ad, long argl, void* argp)
删除不可见字符
2021-12-31 17:28:53 +03:00
{
if((*ad)!=NULL)
{
struct app_id_dict *dict=(struct app_id_dict *)(*ad);
if((__sync_sub_and_fetch(&dict->ref_cnt, 1) == 0))
{
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
tsg_free_field(dict->app_name);
tsg_free_field(dict->parent_app_name);
tsg_free_field(dict->category);
tsg_free_field(dict->subcategory);
tsg_free_field(dict->technology);
tsg_free_field(dict->risk);
tsg_free_field(dict->characteristics);
tsg_free_field((char *)(*ad));
删除不可见字符
2021-12-31 17:28:53 +03:00
*ad=NULL;
TSG-11896: 增加回调表计数统计,便于统计回调表中的配置量、定位内存是否及时释放
2022-09-08 14:01:36 +08:00
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
//FS_operate(g_tsg_para.fs2_handle, g_tsg_para.fs2_field_id[TSG_FS2_APP_ID_DEL], 0, FS_OP_ADD, 1);
删除不可见字符
2021-12-31 17:28:53 +03:00
}
}
return;
}
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
static int parse_dns_answer_ttl(struct dns_user_region *user_region_records, cJSON *one_record, int answer_type)
删除不可见字符
2021-12-31 17:28:53 +03:00
{
if(one_record==NULL || user_region_records==NULL)
{
return 0;
}
cJSON *ttl=cJSON_GetObjectItem(one_record, "ttl");
if(ttl==NULL)
{
return 0;
}
struct dns_answer_records *answer_record_tmp=NULL;
switch(answer_type)
{
case DNS_TYPE_A:
answer_record_tmp=user_region_records->a;
break;
case DNS_TYPE_AAAA:
answer_record_tmp=user_region_records->aaaa;
break;
case DNS_TYPE_CNAME:
answer_record_tmp=user_region_records->cname;
break;
default:
return 0;
}
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
get_integer_from_json(ttl, "min", &(answer_record_tmp->min_ttl));
get_integer_from_json(ttl, "max", &(answer_record_tmp->max_ttl));
删除不可见字符
2021-12-31 17:28:53 +03:00
return 1;
}
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
static int parse_dns_answer_profile(struct dns_user_region *user_region_records, cJSON *record_profile, int answer_type)
删除不可见字符
2021-12-31 17:28:53 +03:00
{
struct dns_answer_records *answer_records=(struct dns_answer_records *)calloc(1, sizeof(struct dns_answer_records));
answer_records->record_val.answer_type=answer_type;
get_integer_from_json(record_profile, "record_id", &(answer_records->record_val.selected.profile_id));
get_integer_from_json(record_profile, "selected_num", &(answer_records->record_val.selected.selected_num));
answer_records->record_val.selected_flag=1;
switch(answer_type)
{
case DNS_TYPE_A:
user_region_records->a=answer_records;
break;
case DNS_TYPE_AAAA:
user_region_records->aaaa=answer_records;
break;
case DNS_TYPE_CNAME:
user_region_records->cname=answer_records;
break;
default:
return 0;
}
return 1;
}
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
static int parse_dns_answer_value(struct dns_user_region *user_region_records, cJSON *record_value, int answer_type)
删除不可见字符
2021-12-31 17:28:53 +03:00
{
switch(answer_type)
{
case DNS_TYPE_A:
user_region_records->a=(struct dns_answer_records *)calloc(1, sizeof(struct dns_answer_records));
user_region_records->a->record_val.answer_type=answer_type;
user_region_records->a->record_val.len=sizeof(struct in_addr);
inet_pton(AF_INET, record_value->valuestring, (void *)&(user_region_records->a->record_val.v4_addr.s_addr));
break;
case DNS_TYPE_AAAA:
user_region_records->aaaa=(struct dns_answer_records *)calloc(1, sizeof(struct dns_answer_records));
user_region_records->aaaa->record_val.answer_type=answer_type;
user_region_records->aaaa->record_val.len=sizeof(struct in6_addr);
inet_pton(AF_INET6, record_value->valuestring, (void *)(user_region_records->aaaa->record_val.v6_addr.s6_addr));
break;
case DNS_TYPE_CNAME:
user_region_records->cname=(struct dns_answer_records *)calloc(1, sizeof(struct dns_answer_records));
user_region_records->cname->record_val.answer_type=answer_type;
user_region_records->cname->record_val.len=strlen(record_value->valuestring);
user_region_records->cname->record_val.cname=(char *)calloc(1, user_region_records->cname->record_val.len+1);
memcpy(user_region_records->cname->record_val.cname, record_value->valuestring, user_region_records->cname->record_val.len);
break;
default:
return -1;
}
return 1;
}
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
static int parse_dns_answer_records(struct dns_user_region *user_region_records, cJSON *answer_array)
删除不可见字符
2021-12-31 17:28:53 +03:00
{
int answer_type=-1;
int i=0,ret=0,answer_size=0;
cJSON *a_item=NULL, *one_record=NULL;
if(answer_array==NULL || user_region_records==NULL)
{
return -1;
}
answer_size=cJSON_GetArraySize(answer_array);
for(i=0; i<answer_size; i++)
{
one_record=cJSON_GetArrayItem(answer_array, i);
a_item=cJSON_GetObjectItem(one_record, "atype");
if(a_item==NULL || a_item->valuestring==NULL)
{
continue;
}
answer_type=get_dns_qtype(a_item->valuestring, strlen(a_item->valuestring));
TSG-9700: 支持优雅退出
2022-02-23 18:43:00 +08:00
if(answer_type==-1)
删除不可见字符
2021-12-31 17:28:53 +03:00
{
continue;
}
a_item=cJSON_GetObjectItem(one_record, "value");
if(a_item!=NULL)
{
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
ret=parse_dns_answer_value(user_region_records, a_item, answer_type);
删除不可见字符
2021-12-31 17:28:53 +03:00
}
else
{
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
ret=parse_dns_answer_profile(user_region_records, one_record, answer_type);
删除不可见字符
2021-12-31 17:28:53 +03:00
}
if(ret>0)
{
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
parse_dns_answer_ttl(user_region_records, one_record, answer_type);
删除不可见字符
2021-12-31 17:28:53 +03:00
}
}
return 0;
}
static struct dns_user_region *parse_dns_user_region(cJSON *resolution_array, int arrary_num)
{
int i=0;
cJSON *resolution=NULL,*qtype=NULL;
cJSON *answer_array=NULL;
struct dns_user_region *records=NULL;
records=(struct dns_user_region *)calloc(1, sizeof(struct dns_user_region)*arrary_num);
for(i=0; i<arrary_num; i++)
{
resolution=cJSON_GetArrayItem(resolution_array, i);
if(resolution==NULL)
{
continue;
}
qtype=cJSON_GetObjectItem(resolution, "qtype");
if(qtype==NULL || qtype->valuestring==NULL)
{
continue;
}
records[i].query_type=get_dns_qtype(qtype->valuestring, strlen(qtype->valuestring));
if(records[i].query_type==-1)
{
continue;
}
answer_array=cJSON_GetObjectItem(resolution, "answer");
if(answer_array==NULL)
{
continue;
}
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
parse_dns_answer_records(&(records[i]), answer_array);
删除不可见字符
2021-12-31 17:28:53 +03:00
}
return records;
}
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
static int parse_default_policy_para(cJSON *deny_user_region_object, struct compile_user_region *user_region)
TSG-8709: 支持执行Default Security Policy(Deny/Allow)
2021-12-31 16:28:00 +03:00
{
cJSON *method_item=NULL;
cJSON *tcp_session_item=cJSON_GetObjectItem(deny_user_region_object, "tcp_session");
cJSON *udp_session_item=cJSON_GetObjectItem(deny_user_region_object, "udp_session");
if(tcp_session_item==NULL || udp_session_item==NULL)
{
return 0;
}
user_region->method_type=TSG_METHOD_TYPE_DEFAULT;
user_region->session_para=(struct default_session_para *)calloc(1, sizeof(struct default_session_para));
method_item=cJSON_GetObjectItem(tcp_session_item, "method");
if(method_item!=NULL)
{
int method_type=tsg_get_method_id(method_item->valuestring);
switch(method_type)
{
case TSG_METHOD_TYPE_RST:
case TSG_METHOD_TYPE_RESET:
user_region->session_para->tcp.type=TSG_DENY_TYPE_DEFAULT_RST;
get_integer_from_json(tcp_session_item, "after_n_packets", &(user_region->session_para->tcp.after_n_packets));
break;
case TSG_METHOD_TYPE_DROP:
TSG-12885: 安全策略支持drop动作中包含send reset/send icmp子动作,reset动作向前兼容
2022-12-23 11:54:29 +08:00
user_region->session_para->tcp.type=TSG_DENY_TYPE_DROP;
TSG-8709: 支持执行Default Security Policy(Deny/Allow)
2021-12-31 16:28:00 +03:00
get_integer_from_json(tcp_session_item, "after_n_packets", &(user_region->session_para->tcp.after_n_packets));
TSG-12885: 安全策略支持drop动作中包含send reset/send icmp子动作,reset动作向前兼容
2022-12-23 11:54:29 +08:00
get_integer_from_json(tcp_session_item, "send_icmp_unreachable", &(user_region->session_para->tcp.drop_para.send_icmp_enable));
get_integer_from_json(tcp_session_item, "send_tcp_reset", &(user_region->session_para->tcp.drop_para.send_reset_enable));
TSG-8709: 支持执行Default Security Policy(Deny/Allow)
2021-12-31 16:28:00 +03:00
break;
default:
break;
}
}
method_item=cJSON_GetObjectItem(udp_session_item, "method");
if(method_item!=NULL)
{
TSG-12885: 安全策略支持drop动作中包含send reset/send icmp子动作,reset动作向前兼容
2022-12-23 11:54:29 +08:00
user_region->session_para->udp.type=TSG_DENY_TYPE_DROP;
TSG-8709: 支持执行Default Security Policy(Deny/Allow)
2021-12-31 16:28:00 +03:00
get_integer_from_json(udp_session_item, "after_n_packets", &(user_region->session_para->udp.after_n_packets));
TSG-12885: 安全策略支持drop动作中包含send reset/send icmp子动作,reset动作向前兼容
2022-12-23 11:54:29 +08:00
get_integer_from_json(udp_session_item, "send_icmp_unreachable", &(user_region->session_para->udp.drop_para.send_icmp_enable));
TSG-8709: 支持执行Default Security Policy(Deny/Allow)
2021-12-31 16:28:00 +03:00
}
return 1;
}
TSG-9289: 修复Deny策略未执行捕包动作的问题
2022-01-06 17:41:03 +03:00
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
static int parse_policy_packet_capture(cJSON *packet_capture_object, struct compile_user_region *user_region)
TSG-9152,TSG-8537,TSG-9153: 总控支持与原始包处理插件交互mirror和capture信息,命中监测策略镜像流量到第三方逻辑从tsg_master总控分离
2021-12-28 20:27:37 +03:00
{
if(packet_capture_object==NULL || user_region==NULL)
{
return 0;
}
int ret=get_integer_from_json(packet_capture_object, "enable", &(user_region->capture.enabled));
if(ret!=1 || user_region->capture.enabled!=1)
{
return 0;
}
ret=get_integer_from_json(packet_capture_object, "capture_depth", &(user_region->capture.depth));
if(ret==1)
{
return 1;
}
return 0;
}
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
static int parse_policy_packet_mirrored(cJSON *user_region_object, struct compile_user_region *user_region)
TSG-9289: 修复Deny策略未执行捕包动作的问题
2022-01-06 17:41:03 +03:00
{
if(user_region_object==NULL || user_region==NULL)
{
return 0;
}
cJSON *mirror_item=NULL;
mirror_item=cJSON_GetObjectItem(user_region_object, "traffic_mirror");
if(mirror_item==NULL)
{
return 0;
}
user_region->mirror=(struct monitor_user_region *)calloc(1, sizeof(struct monitor_user_region));
int ret=get_integer_from_json(mirror_item, "enable", &(user_region->mirror->enabled));
if(ret!=1)
{
return 0;
}
user_region->method_type=TSG_METHOD_TYPE_MIRRORED;
get_integer_from_json(mirror_item, "mirror_profile", &(user_region->mirror->profile_id));
return 1;
}
TSG-9152,TSG-8537,TSG-9153: 总控支持与原始包处理插件交互mirror和capture信息,命中监测策略镜像流量到第三方逻辑从tsg_master总控分离
2021-12-28 20:27:37 +03:00
static struct compile_user_region *parse_deny_user_region(cJSON *deny_user_region_object)
删除不可见字符
2021-12-31 17:28:53 +03:00
{
int ret=0;
cJSON *item=NULL;
cJSON *resolution_array=NULL;
struct compile_user_region *user_region=(struct compile_user_region *)calloc(1, sizeof(struct compile_user_region));
TSG-9152,TSG-8537,TSG-9153: 总控支持与原始包处理插件交互mirror和capture信息,命中监测策略镜像流量到第三方逻辑从tsg_master总控分离
2021-12-28 20:27:37 +03:00
item=cJSON_GetObjectItem(deny_user_region_object, "method");
删除不可见字符
2021-12-31 17:28:53 +03:00
if(item!=NULL)
{
user_region->method_type=(TSG_METHOD_TYPE)tsg_get_method_id(item->valuestring);
}
switch(user_region->method_type)
{
case TSG_METHOD_TYPE_ALERT:
case TSG_METHOD_TYPE_BLOCK:
user_region->deny=(struct deny_user_region *)calloc(1, sizeof(struct deny_user_region));
TSG-9152,TSG-8537,TSG-9153: 总控支持与原始包处理插件交互mirror和capture信息,命中监测策略镜像流量到第三方逻辑从tsg_master总控分离
2021-12-28 20:27:37 +03:00
get_integer_from_json(deny_user_region_object, "code", &(user_region->deny->code));
ret=get_integer_from_json(deny_user_region_object, "html_profile", &(user_region->deny->profile_id));
删除不可见字符
2021-12-31 17:28:53 +03:00
if(ret==1)
{
user_region->deny->type=TSG_DENY_TYPE_PROFILE;
break;
}
TSG-9152,TSG-8537,TSG-9153: 总控支持与原始包处理插件交互mirror和capture信息,命中监测策略镜像流量到第三方逻辑从tsg_master总控分离
2021-12-28 20:27:37 +03:00
ret=get_string_from_json(deny_user_region_object, "message", &(user_region->deny->message));
删除不可见字符
2021-12-31 17:28:53 +03:00
if(ret==1)
{
user_region->deny->type=TSG_DENY_TYPE_MESSAGE;
break;
}
user_region->deny->type=TSG_DENY_TYPE_MAX;
break;
case TSG_METHOD_TYPE_REDIRECTION:
user_region->deny=(struct deny_user_region *)calloc(1, sizeof(struct deny_user_region));
TSG-9152,TSG-8537,TSG-9153: 总控支持与原始包处理插件交互mirror和capture信息,命中监测策略镜像流量到第三方逻辑从tsg_master总控分离
2021-12-28 20:27:37 +03:00
get_integer_from_json(deny_user_region_object, "code", &(user_region->deny->code));
ret=get_string_from_json(deny_user_region_object, "redirect_url", &(user_region->deny->redirect_url_to));
删除不可见字符
2021-12-31 17:28:53 +03:00
if(ret==1)
{
user_region->deny->type=TSG_DENY_TYPE_REDIRECT_TO;
break;
}
TSG-9152,TSG-8537,TSG-9153: 总控支持与原始包处理插件交互mirror和capture信息,命中监测策略镜像流量到第三方逻辑从tsg_master总控分离
2021-12-28 20:27:37 +03:00
ret=get_string_from_json(deny_user_region_object, "to", &(user_region->deny->redirect_url_to));
删除不可见字符
2021-12-31 17:28:53 +03:00
if(ret==1)
{
user_region->deny->type=TSG_DENY_TYPE_REDIRECT_TO;
break;
}
TSG-9152,TSG-8537,TSG-9153: 总控支持与原始包处理插件交互mirror和capture信息,命中监测策略镜像流量到第三方逻辑从tsg_master总控分离
2021-12-28 20:27:37 +03:00
resolution_array=cJSON_GetObjectItem(deny_user_region_object, "resolution");
删除不可见字符
2021-12-31 17:28:53 +03:00
if(resolution_array!=NULL)
{
user_region->deny->records_num=cJSON_GetArraySize(resolution_array);
if(user_region->deny->records_num<=0)
{
break;
}
user_region->deny->records=parse_dns_user_region(resolution_array, user_region->deny->records_num);
if(user_region->deny->records!=NULL)
{
user_region->deny->type=TSG_DENY_TYPE_REDIRECT_RECORD;
break;
}
}
break;
case TSG_METHOD_TYPE_RATE_LIMIT:
user_region->deny=(struct deny_user_region *)calloc(1, sizeof(struct deny_user_region));
user_region->deny->type=TSG_DENY_TYPE_MAX;
TSG-9152,TSG-8537,TSG-9153: 总控支持与原始包处理插件交互mirror和capture信息,命中监测策略镜像流量到第三方逻辑从tsg_master总控分离
2021-12-28 20:27:37 +03:00
get_integer_from_json(deny_user_region_object, "bps", &(user_region->deny->bps));
删除不可见字符
2021-12-31 17:28:53 +03:00
break;
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
case TSG_METHOD_TYPE_DROP:
TSG-9152,TSG-8537,TSG-9153: 总控支持与原始包处理插件交互mirror和capture信息,命中监测策略镜像流量到第三方逻辑从tsg_master总控分离
2021-12-28 20:27:37 +03:00
user_region->deny=(struct deny_user_region *)calloc(1, sizeof(struct deny_user_region));
TSG-12885: 安全策略支持drop动作中包含send reset/send icmp子动作,reset动作向前兼容
2022-12-23 11:54:29 +08:00
user_region->deny->type=TSG_DENY_TYPE_DROP;
get_integer_from_json(deny_user_region_object, "send_icmp_unreachable", &(user_region->deny->drop_para.send_icmp_enable));
get_integer_from_json(deny_user_region_object, "send_tcp_reset", &(user_region->deny->drop_para.send_reset_enable));
get_integer_from_json(deny_user_region_object, "after_n_packets", &(user_region->deny->after_n_packets));
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
break;
TSG-9722: 适配APP执行default动作
2022-03-02 20:05:31 +08:00
case TSG_METHOD_TYPE_APP_DROP:
break;
删除不可见字符
2021-12-31 17:28:53 +03:00
case TSG_METHOD_TYPE_RST:
case TSG_METHOD_TYPE_RESET:
break;
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
case TSG_METHOD_TYPE_TAMPER:
break;
default:
parse_default_policy_para(deny_user_region_object, user_region);
删除不可见字符
2021-12-31 17:28:53 +03:00
break;
}
return user_region;
}
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
void ex_data_security_compile_new(const char *table_name, int table_id, const char* key, const char* table_line, void **ad, long argl, void *argp)
TSG-9152,TSG-8537,TSG-9153: 总控支持与原始包处理插件交互mirror和capture信息,命中监测策略镜像流量到第三方逻辑从tsg_master总控分离
2021-12-28 20:27:37 +03:00
{
cJSON *user_region_object=NULL;
cJSON *packet_capture_object=NULL;
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
//struct compile_user_region *user_region=NULL;
struct maat_compile *compile=(struct maat_compile *)calloc(1, sizeof(struct maat_compile));
删除不可见字符
2021-12-31 17:28:53 +03:00
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
compile->rule.rule_id=column_integer_get_value(table_line, 1); //policy id
compile->rule.service_id = column_integer_get_value(table_line, 2); // service id
compile->rule.action = column_integer_get_value(table_line, 3); // action
compile->rule.do_log = column_integer_get_value(table_line, 5); // do_log
compile->p_user_region=column_string_get_value(table_line, 7);
if(compile->p_user_region!=NULL && strlen(compile->p_user_region)>2)
删除不可见字符
2021-12-31 17:28:53 +03:00
{
提供根据策略通知捕包或者镜像流量的接口
2023-04-28 10:17:10 +08:00
tsg_str_unescape(compile->p_user_region);
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
user_region_object=cJSON_Parse(compile->p_user_region);
TSG-9152,TSG-8537,TSG-9153: 总控支持与原始包处理插件交互mirror和capture信息,命中监测策略镜像流量到第三方逻辑从tsg_master总控分离
2021-12-28 20:27:37 +03:00
if(user_region_object!=NULL)
{
packet_capture_object=cJSON_GetObjectItem(user_region_object, "packet_capture");
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
switch(compile->rule.action)
删除不可见字符
2021-12-31 17:28:53 +03:00
{
case TSG_ACTION_DENY:
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
compile->user_region=parse_deny_user_region(user_region_object);
parse_policy_packet_capture(packet_capture_object, compile->user_region);
parse_policy_packet_mirrored(user_region_object,compile->user_region);
删除不可见字符
2021-12-31 17:28:53 +03:00
break;
case TSG_ACTION_MONITOR:
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
compile->user_region=(struct compile_user_region *)calloc(1, sizeof(struct compile_user_region));
parse_policy_packet_capture(packet_capture_object, compile->user_region);
parse_policy_packet_mirrored(user_region_object,compile->user_region);
删除不可见字符
2021-12-31 17:28:53 +03:00
break;
default:
break;
}
TSG-14911: 支持从策略用户自定义中解析vsys id, Secutiry Rule Hits metrics中填写策略指定的vsys id
2023-04-28 06:03:16 +00:00
cJSON *item=cJSON_GetObjectItem(user_region_object, "vsys_id");
if(item!=NULL)
{
compile->rule.vsys_id=item->valueint;
}
TSG-9152,TSG-8537,TSG-9153: 总控支持与原始包处理插件交互mirror和capture信息,命中监测策略镜像流量到第三方逻辑从tsg_master总控分离
2021-12-28 20:27:37 +03:00
cJSON_Delete(user_region_object);
user_region_object=NULL;
删除不可见字符
2021-12-31 17:28:53 +03:00
}
}
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
if(g_tsg_maat_rt_para.default_compile_id==compile->rule.rule_id && compile->user_region!=NULL)
删除不可见字符
2021-12-31 17:28:53 +03:00
{
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
if(compile->user_region->method_type==TSG_METHOD_TYPE_DEFAULT && compile->user_region->session_para!=NULL)
删除不可见字符
2021-12-31 17:28:53 +03:00
{
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
memcpy(&(compile->user_region->session_para->result), &(compile->rule), sizeof(struct maat_rule));
删除不可见字符
2021-12-31 17:28:53 +03:00
}
}
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
atomic_inc(&compile->ref_cnt);
*ad=(void *)compile;
//FS_operate(g_tsg_para.fs2_handle, g_tsg_para.fs2_field_id[TSG_FS2_SECURIRY_ADD], 0, FS_OP_ADD, 1);
删除不可见字符
2021-12-31 17:28:53 +03:00
return ;
}
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
void ex_data_security_compile_dup(int table_id, void **to, void **from, long argl, void *argp)
删除不可见字符
2021-12-31 17:28:53 +03:00
{
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
struct maat_compile *compile=(struct maat_compile *)(*from);
if(compile!=NULL)
删除不可见字符
2021-12-31 17:28:53 +03:00
{
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
atomic_inc(&compile->ref_cnt);
删除不可见字符
2021-12-31 17:28:53 +03:00
*to=*from;
}
}
static void free_dns_records_val(struct dns_record_val *record_val, int record_val_num)
{
int i=0;
for(i=0; i<record_val_num; i++)
{
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
tsg_free_field(record_val[i].cname);
删除不可见字符
2021-12-31 17:28:53 +03:00
record_val[i].cname=NULL;
}
}
static void free_dns_answer_records(struct dns_answer_records *answer_records)
{
if(answer_records!=NULL)
{
if(answer_records->record_val.answer_type==DNS_TYPE_CNAME && answer_records->record_val.selected_flag==0)
{
free_dns_records_val(&(answer_records->record_val), 1);
}
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
tsg_free_field((char *)answer_records);
删除不可见字符
2021-12-31 17:28:53 +03:00
answer_records=NULL;
}
}
static void free_deny_user_region(struct deny_user_region *deny)
{
if(deny==NULL || deny->para==NULL)
{
return ;
}
switch(deny->type)
{
case TSG_DENY_TYPE_MESSAGE:
case TSG_DENY_TYPE_REDIRECT_TO:
case TSG_DENY_TYPE_REDIRECT_URL:
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
tsg_free_field(deny->message);
删除不可见字符
2021-12-31 17:28:53 +03:00
deny->message=NULL;
break;
case TSG_DENY_TYPE_REDIRECT_RECORD:
free_dns_answer_records(deny->records->a);
free_dns_answer_records(deny->records->aaaa);
free_dns_answer_records(deny->records->cname);
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
tsg_free_field(deny->message);
删除不可见字符
2021-12-31 17:28:53 +03:00
deny->message=NULL;
break;
default:
break;
}
}
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
void ex_data_security_compile_free(int table_id, void **ad, long argl, void *argp)
删除不可见字符
2021-12-31 17:28:53 +03:00
{
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
struct maat_compile *compile=(struct maat_compile *)(*ad);
if(compile==NULL)
删除不可见字符
2021-12-31 17:28:53 +03:00
{
return ;
}
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
if((__sync_sub_and_fetch(&compile->ref_cnt, 1) == 0))
删除不可见字符
2021-12-31 17:28:53 +03:00
{
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
if (compile->user_region != NULL)
删除不可见字符
2021-12-31 17:28:53 +03:00
{
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
switch(compile->user_region->method_type)
{
case TSG_METHOD_TYPE_ALERT:
case TSG_METHOD_TYPE_BLOCK:
case TSG_METHOD_TYPE_RATE_LIMIT:
case TSG_METHOD_TYPE_REDIRECTION:
free_deny_user_region(compile->user_region->deny);
break;
default:
break;
}
if(compile->user_region->user_region_para!=NULL)
{
tsg_free_field((char *)(compile->user_region->user_region_para));
compile->user_region->user_region_para=NULL;
}
删除不可见字符
2021-12-31 17:28:53 +03:00
}
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
tsg_free_field(compile->p_user_region);
删除不可见字符
2021-12-31 17:28:53 +03:00
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
tsg_free_field((char *)(*ad));
删除不可见字符
2021-12-31 17:28:53 +03:00
*ad=NULL;
TSG-11896: 增加回调表计数统计,便于统计回调表中的配置量、定位内存是否及时释放
2022-09-08 14:01:36 +08:00
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
//FS_operate(g_tsg_para.fs2_handle, g_tsg_para.fs2_field_id[TSG_FS2_SECURIRY_DEL], 0, FS_OP_ADD, 1);
删除不可见字符
2021-12-31 17:28:53 +03:00
}
}
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
static char *get_http_pages_content(const char *filename, int *filelen)
删除不可见字符
2021-12-31 17:28:53 +03:00
{
FILE *file = NULL;
long length = 0;
char *content = NULL;
size_t read_chars = 0;
file = fopen(filename, "rb");
if(file == NULL)
{
goto cleanup;
}
if(fseek(file, 0, SEEK_END) != 0)
{
goto cleanup;
}
length = ftell(file);
if(length < 0)
{
goto cleanup;
}
if(fseek(file, 0, SEEK_SET) != 0)
{
goto cleanup;
}
content = (char*)malloc((size_t)length + sizeof(""));
if(content == NULL)
{
goto cleanup;
}
read_chars = fread(content, sizeof(char), (size_t)length, file);
if ((long)read_chars != length)
{
free(content);
content = NULL;
goto cleanup;
}
*filelen = read_chars;
content[read_chars] = '\0';
cleanup:
if (file != NULL)
{
fclose(file);
}
return content;
}
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
void ex_data_http_response_pages_dup(int table_id, void **to, void **from, long argl, void* argp)
删除不可见字符
2021-12-31 17:28:53 +03:00
{
if((*from)!=NULL)
{
struct http_response_pages *res_pages=(struct http_response_pages *)(*from);
*to=*from;
atomic_inc(&res_pages->ref_cnt);
}
}
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
void ex_data_http_response_pages_new(const char *table_name, int table_id, const char* key, const char* table_line, void **ad, long argl, void* argp)
删除不可见字符
2021-12-31 17:28:53 +03:00
{
char *path=NULL, *format=NULL;
struct http_response_pages *res_pages=(struct http_response_pages *)calloc(1, sizeof(struct http_response_pages));
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
res_pages->profile_id=column_integer_get_value(table_line, 1);
删除不可见字符
2021-12-31 17:28:53 +03:00
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
format=column_string_get_value(table_line, 3);
path=column_string_get_value(table_line, 4);
删除不可见字符
2021-12-31 17:28:53 +03:00
if(format==NULL && path==NULL)
{
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
tsg_free_field((char *)res_pages);
删除不可见字符
2021-12-31 17:28:53 +03:00
res_pages=NULL;
return;
}
if((strncasecmp(format, "template", strlen(format)))==0)
{
res_pages->format=HTTP_RESPONSE_FORMAT_TEMPLATE;
}
else
{
res_pages->format=HTTP_RESPONSE_FORMAT_HTML;
}
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
tsg_free_field(format);
删除不可见字符
2021-12-31 17:28:53 +03:00
format=NULL;
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
res_pages->content=get_http_pages_content(path, &res_pages->content_len);
tsg_free_field(path);
删除不可见字符
2021-12-31 17:28:53 +03:00
path=NULL;
if(res_pages->content!=NULL && res_pages->content_len>0)
{
atomic_inc(&res_pages->ref_cnt);
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
*ad=(void *)res_pages;
删除不可见字符
2021-12-31 17:28:53 +03:00
}
else
{
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
tsg_free_field(res_pages->content);
tsg_free_field((char *)res_pages);
删除不可见字符
2021-12-31 17:28:53 +03:00
res_pages=NULL;
}
TSG-11896: 增加回调表计数统计,便于统计回调表中的配置量、定位内存是否及时释放
2022-09-08 14:01:36 +08:00
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
//FS_operate(g_tsg_para.fs2_handle, g_tsg_para.fs2_field_id[TSG_FS2_HTTP_RES_ADD], 0, FS_OP_ADD, 1);
删除不可见字符
2021-12-31 17:28:53 +03:00
}
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
void ex_data_http_response_pages_free(int table_id, void **ad, long argl, void* argp)
删除不可见字符
2021-12-31 17:28:53 +03:00
{
if((*ad)!=NULL)
{
struct http_response_pages *res_pages=(struct http_response_pages *)(*ad);
if((__sync_sub_and_fetch(&res_pages->ref_cnt, 1) == 0))
{
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
tsg_free_field(res_pages->content);
tsg_free_field((char *)(*ad));
TSG-11896: 增加回调表计数统计,便于统计回调表中的配置量、定位内存是否及时释放
2022-09-08 14:01:36 +08:00
*ad=NULL;
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
//FS_operate(g_tsg_para.fs2_handle, g_tsg_para.fs2_field_id[TSG_FS2_HTTP_RES_DEL], 0, FS_OP_ADD, 1);
删除不可见字符
2021-12-31 17:28:53 +03:00
}
}
}
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
void ex_data_dns_profile_records_new(const char *table_name, int table_id, const char* key, const char* table_line, void **ad, long argl, void *argp)
删除不可见字符
2021-12-31 17:28:53 +03:00
{
struct dns_profile_records *profile_records=(struct dns_profile_records *)calloc(1, sizeof(struct dns_profile_records));
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
profile_records->record_id=column_integer_get_value(table_line, 1);
char *answer_type=column_string_get_value(table_line, 3);
char *json_record=column_string_get_value(table_line, 4);
删除不可见字符
2021-12-31 17:28:53 +03:00
TSG-13584: Firewall的安全日志依赖session record日志,修复TRAFFIC_SHAPING_PROFILE表是否生效字段编号定义错误,使用cppcheck进行代码检查
2023-02-09 07:14:55 +00:00
cJSON *records_array=cJSON_Parse(json_record);
删除不可见字符
2021-12-31 17:28:53 +03:00
if(records_array!=NULL)
{
profile_records->record_num=cJSON_GetArraySize(records_array);
profile_records->record_val=(struct dns_record_val *)calloc(1, profile_records->record_num*sizeof(struct dns_record_val));
profile_records->answer_type=get_dns_qtype(answer_type, strlen(answer_type));
TSG-13584: Firewall的安全日志依赖session record日志,修复TRAFFIC_SHAPING_PROFILE表是否生效字段编号定义错误,使用cppcheck进行代码检查
2023-02-09 07:14:55 +00:00
for(int i=0; i<profile_records->record_num; i++)
删除不可见字符
2021-12-31 17:28:53 +03:00
{
TSG-13584: Firewall的安全日志依赖session record日志,修复TRAFFIC_SHAPING_PROFILE表是否生效字段编号定义错误,使用cppcheck进行代码检查
2023-02-09 07:14:55 +00:00
cJSON *one_record=cJSON_GetArrayItem(records_array, i);
删除不可见字符
2021-12-31 17:28:53 +03:00
if(one_record==NULL)
{
continue;
}
TSG-13584: Firewall的安全日志依赖session record日志,修复TRAFFIC_SHAPING_PROFILE表是否生效字段编号定义错误,使用cppcheck进行代码检查
2023-02-09 07:14:55 +00:00
cJSON *pSub=cJSON_GetObjectItem(one_record, "value");
删除不可见字符
2021-12-31 17:28:53 +03:00
if(NULL==pSub )
{
continue;
}
switch(profile_records->answer_type)
{
case DNS_TYPE_A:
profile_records->record_val[i].answer_type=profile_records->answer_type;
profile_records->record_val[i].len=sizeof(struct in_addr);
inet_pton(AF_INET, pSub->valuestring, &(profile_records->record_val[i].v4_addr.s_addr));
break;
case DNS_TYPE_AAAA:
profile_records->record_val[i].answer_type=profile_records->answer_type;
profile_records->record_val[i].len=sizeof(struct in6_addr);
inet_pton(AF_INET6, pSub->valuestring, (profile_records->record_val[i].v6_addr.s6_addr));
break;
case DNS_TYPE_CNAME:
profile_records->record_val[i].answer_type=profile_records->answer_type;
profile_records->record_val[i].len=strlen(pSub->valuestring);
profile_records->record_val[i].cname=(char *)calloc(1, profile_records->record_val[i].len+1);
memcpy(profile_records->record_val[i].cname, pSub->valuestring, profile_records->record_val[i].len);
break;
default:
continue;
}
}
atomic_inc(&profile_records->ref_cnt);
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
(*ad)=(void *)profile_records;
删除不可见字符
2021-12-31 17:28:53 +03:00
cJSON_Delete(records_array);
records_array=NULL;
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
tsg_free_field(json_record);
删除不可见字符
2021-12-31 17:28:53 +03:00
json_record=NULL;
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
tsg_free_field(answer_type);
删除不可见字符
2021-12-31 17:28:53 +03:00
answer_type=NULL;
}
else
{
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
tsg_free_field((char *)profile_records);
删除不可见字符
2021-12-31 17:28:53 +03:00
profile_records=NULL;
}
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
//FS_operate(g_tsg_para.fs2_handle, g_tsg_para.fs2_field_id[TSG_FS2_DNS_RES_ADD], 0, FS_OP_ADD, 1);
TSG-11896: 增加回调表计数统计,便于统计回调表中的配置量、定位内存是否及时释放
2022-09-08 14:01:36 +08:00
删除不可见字符
2021-12-31 17:28:53 +03:00
return ;
}
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
void ex_data_dns_profile_records_dup(int table_id, void **to, void **from, long argl, void *argp)
删除不可见字符
2021-12-31 17:28:53 +03:00
{
if((*from)!=NULL)
{
struct dns_profile_records *profile_records=(struct dns_profile_records *)(*from);
atomic_inc(&profile_records->ref_cnt);
(*to)=(*from);
}
return ;
}
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
void ex_data_dns_profile_records_free(int table_id, void **ad, long argl, void *argp)
删除不可见字符
2021-12-31 17:28:53 +03:00
{
if((*ad)!=NULL)
{
struct dns_profile_records *profile_records=(struct dns_profile_records *)*ad;
if((__sync_sub_and_fetch(&profile_records->ref_cnt, 1) == 0))
{
if(profile_records->answer_type==DNS_TYPE_CNAME)
{
free_dns_records_val(profile_records->record_val, profile_records->record_num);
}
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
tsg_free_field((char *)(profile_records->record_val));
删除不可见字符
2021-12-31 17:28:53 +03:00
profile_records->record_val=NULL;
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
tsg_free_field((char *)(*ad));
删除不可见字符
2021-12-31 17:28:53 +03:00
*ad=NULL;
TSG-11896: 增加回调表计数统计,便于统计回调表中的配置量、定位内存是否及时释放
2022-09-08 14:01:36 +08:00
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
//FS_operate(g_tsg_para.fs2_handle, g_tsg_para.fs2_field_id[TSG_FS2_DNS_RES_DEL], 0, FS_OP_ADD, 1);
删除不可见字符
2021-12-31 17:28:53 +03:00
}
}
}
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
void ex_data_mirrored_profile_new(const char *table_name, int table_id, const char* key, const char* table_line, void **ad, long argl, void *argp)
TSG-9152,TSG-8537,TSG-9153: 总控支持与原始包处理插件交互mirror和capture信息,命中监测策略镜像流量到第三方逻辑从tsg_master总控分离
2021-12-28 20:27:37 +03:00
{
struct traffic_mirror_profile *mirror_profile=(struct traffic_mirror_profile *)calloc(1, sizeof(struct traffic_mirror_profile));
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
mirror_profile->profile_id=column_integer_get_value(table_line, 1);
char *vlan_ids_str=column_string_get_value(table_line, 3);
TSG-9152,TSG-8537,TSG-9153: 总控支持与原始包处理插件交互mirror和capture信息,命中监测策略镜像流量到第三方逻辑从tsg_master总控分离
2021-12-28 20:27:37 +03:00
cJSON *vlan_ids_object=cJSON_Parse(vlan_ids_str);
if(vlan_ids_object!=NULL)
{
TSG-13584: Firewall的安全日志依赖session record日志,修复TRAFFIC_SHAPING_PROFILE表是否生效字段编号定义错误,使用cppcheck进行代码检查
2023-02-09 07:14:55 +00:00
int vlan_id_num=cJSON_GetArraySize(vlan_ids_object);
for(int i=0; i<vlan_id_num; i++)
TSG-9152,TSG-8537,TSG-9153: 总控支持与原始包处理插件交互mirror和capture信息,命中监测策略镜像流量到第三方逻辑从tsg_master总控分离
2021-12-28 20:27:37 +03:00
{
TSG-13584: Firewall的安全日志依赖session record日志,修复TRAFFIC_SHAPING_PROFILE表是否生效字段编号定义错误,使用cppcheck进行代码检查
2023-02-09 07:14:55 +00:00
cJSON *one_vlan=cJSON_GetArrayItem(vlan_ids_object, i);
TSG-9152,TSG-8537,TSG-9153: 总控支持与原始包处理插件交互mirror和capture信息,命中监测策略镜像流量到第三方逻辑从tsg_master总控分离
2021-12-28 20:27:37 +03:00
if(one_vlan==NULL)
{
continue;
}
mirror_profile->vlan.id[mirror_profile->vlan.num++]=one_vlan->valueint;
}
}
atomic_inc(&mirror_profile->ref_cnt);
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
*ad=(void *)mirror_profile;
TSG-9152,TSG-8537,TSG-9153: 总控支持与原始包处理插件交互mirror和capture信息,命中监测策略镜像流量到第三方逻辑从tsg_master总控分离
2021-12-28 20:27:37 +03:00
cJSON_Delete(vlan_ids_object);
vlan_ids_object=NULL;
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
tsg_free_field(vlan_ids_str);
TSG-9152,TSG-8537,TSG-9153: 总控支持与原始包处理插件交互mirror和capture信息,命中监测策略镜像流量到第三方逻辑从tsg_master总控分离
2021-12-28 20:27:37 +03:00
vlan_ids_str=NULL;
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
//FS_operate(g_tsg_para.fs2_handle, g_tsg_para.fs2_field_id[TSG_FS2_MIRRORED_ADD], 0, FS_OP_ADD, 1);
TSG-11896: 增加回调表计数统计,便于统计回调表中的配置量、定位内存是否及时释放
2022-09-08 14:01:36 +08:00
TSG-9152,TSG-8537,TSG-9153: 总控支持与原始包处理插件交互mirror和capture信息,命中监测策略镜像流量到第三方逻辑从tsg_master总控分离
2021-12-28 20:27:37 +03:00
return ;
}
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
void ex_data_mirrored_profile_dup(int table_id, void **to, void **from, long argl, void *argp)
TSG-9152,TSG-8537,TSG-9153: 总控支持与原始包处理插件交互mirror和capture信息,命中监测策略镜像流量到第三方逻辑从tsg_master总控分离
2021-12-28 20:27:37 +03:00
{
if((*from)!=NULL)
{
struct traffic_mirror_profile *mirror_profile=(struct traffic_mirror_profile *)(*from);
atomic_inc(&mirror_profile->ref_cnt);
(*to)=(*from);
}
return ;
}
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
void ex_data_mirrored_profile_free(int table_id, void **ad, long argl, void *argp)
TSG-9152,TSG-8537,TSG-9153: 总控支持与原始包处理插件交互mirror和capture信息,命中监测策略镜像流量到第三方逻辑从tsg_master总控分离
2021-12-28 20:27:37 +03:00
{
if((*ad)!=NULL)
{
struct traffic_mirror_profile *mirror_profile=(struct traffic_mirror_profile *)*ad;
if((__sync_sub_and_fetch(&mirror_profile->ref_cnt, 1) == 0))
{
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
tsg_free_field((char *)(*ad));
*ad=NULL;
//FS_operate(g_tsg_para.fs2_handle, g_tsg_para.fs2_field_id[TSG_FS2_MIRRORED_DEL], 0, FS_OP_ADD, 1);
TSG-9152,TSG-8537,TSG-9153: 总控支持与原始包处理插件交互mirror和capture信息,命中监测策略镜像流量到第三方逻辑从tsg_master总控分离
2021-12-28 20:27:37 +03:00
}
}
}
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
void ex_data_session_log_profile_new(const char *table_name, int table_id, const char* key, const char* table_line, void **ad, long argl, void *argp)
TSG-13959: 支持从redis中读取是否开启Session Record的开关,开关可控制session record、transcation log、interim log
2023-02-28 11:17:45 +08:00
{
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
g_tsg_maat_rt_para.session_record_switch=column_integer_get_value(table_line, 2);
TSG-13959: 支持从redis中读取是否开启Session Record的开关,开关可控制session record、transcation log、interim log
2023-02-28 11:17:45 +08:00
}
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
void ex_data_session_log_profile_dup(int table_id, void **to, void **from, long argl, void *argp)
TSG-13959: 支持从redis中读取是否开启Session Record的开关,开关可控制session record、transcation log、interim log
2023-02-28 11:17:45 +08:00
{
}
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
void ex_data_session_log_profile_free(int table_id, void **ad, long argl, void *argp)
TSG-13959: 支持从redis中读取是否开启Session Record的开关,开关可控制session record、transcation log、interim log
2023-02-28 11:17:45 +08:00
{
}
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
void ex_data_tunnel_catalog_new(const char *table_name, int table_id, const char* key, const char* table_line, void **ad, long argl, void *argp)
删除不可见字符
2021-12-31 17:28:53 +03:00
{
TSG-11860 - 支持匹配Tunnel Object作为策略条件,以及输出Tunnel Object信息至安全日志和过渡日志
2022-09-09 14:52:05 +08:00
struct tunnel_catalog *t_catalog=(struct tunnel_catalog *)calloc(sizeof(struct tunnel_catalog), 1);
删除不可见字符
2021-12-31 17:28:53 +03:00
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
t_catalog->id=column_integer_get_value(table_line, 1);
t_catalog->name=column_string_get_value(table_line, 2);
t_catalog->type=column_string_get_value(table_line, 3);
t_catalog->composition=column_string_get_value(table_line, 4);
TSG-11860 - 支持匹配Tunnel Object作为策略条件,以及输出Tunnel Object信息至安全日志和过渡日志
2022-09-09 14:52:05 +08:00
atomic_inc(&t_catalog->ref_cnt);
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
*ad=(void *)t_catalog;
TSG-11860 - 支持匹配Tunnel Object作为策略条件,以及输出Tunnel Object信息至安全日志和过渡日志
2022-09-09 14:52:05 +08:00
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
//FS_operate(g_tsg_para.fs2_handle, g_tsg_para.fs2_field_id[TSG_FS2_TUNNEL_CATALOG_ADD], 0, FS_OP_ADD, 1);
TSG-11860 - 支持匹配Tunnel Object作为策略条件,以及输出Tunnel Object信息至安全日志和过渡日志
2022-09-09 14:52:05 +08:00
return;
}
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
void ex_data_tunnel_catalog_free(int table_id, void **ad, long argl, void *argp)
TSG-11860 - 支持匹配Tunnel Object作为策略条件,以及输出Tunnel Object信息至安全日志和过渡日志
2022-09-09 14:52:05 +08:00
{
if(*ad==NULL)
删除不可见字符
2021-12-31 17:28:53 +03:00
{
TSG-11860 - 支持匹配Tunnel Object作为策略条件,以及输出Tunnel Object信息至安全日志和过渡日志
2022-09-09 14:52:05 +08:00
return ;
}
struct tunnel_catalog *t_catalog=(struct tunnel_catalog *)(*ad);
if ((__sync_sub_and_fetch(&t_catalog->ref_cnt, 1) == 0))
{
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
tsg_free_field(t_catalog->name);
tsg_free_field(t_catalog->type);
tsg_free_field(t_catalog->composition);
tsg_free_field((char *)(*ad));
TSG-11860 - 支持匹配Tunnel Object作为策略条件,以及输出Tunnel Object信息至安全日志和过渡日志
2022-09-09 14:52:05 +08:00
*ad=NULL;
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
//FS_operate(g_tsg_para.fs2_handle, g_tsg_para.fs2_field_id[TSG_FS2_TUNNEL_CATALOG_DEL], 0, FS_OP_ADD, 1);
TSG-11860 - 支持匹配Tunnel Object作为策略条件,以及输出Tunnel Object信息至安全日志和过渡日志
2022-09-09 14:52:05 +08:00
}
}
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
void ex_data_tunnel_catalog_dup(int table_id, void **to, void **from, long argl, void *argp)
TSG-11860 - 支持匹配Tunnel Object作为策略条件,以及输出Tunnel Object信息至安全日志和过渡日志
2022-09-09 14:52:05 +08:00
{
if((*from)!=NULL)
{
struct tunnel_catalog *t_catalog=(struct tunnel_catalog *)(*from);
__sync_add_and_fetch(&(t_catalog->ref_cnt), 1);
*to=*from;
}
}
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
void ex_data_tunnel_endpoint_new(const char *table_name, int table_id, const char* key, const char* table_line, void **ad, long argl, void *argp)
TSG-11860 - 支持匹配Tunnel Object作为策略条件,以及输出Tunnel Object信息至安全日志和过渡日志
2022-09-09 14:52:05 +08:00
{
struct tunnel_endpoint *t_endpoint=(struct tunnel_endpoint *)calloc(1, sizeof(struct tunnel_endpoint));
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
t_endpoint->id=column_integer_get_value(table_line, 1);
t_endpoint->description=column_string_get_value(table_line, 5);
TSG-11860 - 支持匹配Tunnel Object作为策略条件,以及输出Tunnel Object信息至安全日志和过渡日志
2022-09-09 14:52:05 +08:00
atomic_inc(&t_endpoint->ref_cnt);
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
*ad=(void *)t_endpoint;
TSG-11860 - 支持匹配Tunnel Object作为策略条件,以及输出Tunnel Object信息至安全日志和过渡日志
2022-09-09 14:52:05 +08:00
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
//FS_operate(g_tsg_para.fs2_handle, g_tsg_para.fs2_field_id[TSG_FS2_TUNNEL_ENDPOINT_ADD], 0, FS_OP_ADD, 1);
TSG-11860 - 支持匹配Tunnel Object作为策略条件,以及输出Tunnel Object信息至安全日志和过渡日志
2022-09-09 14:52:05 +08:00
return ;
}
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
void ex_data_tunnel_endpoint_dup(int table_id, void **to, void **from, long argl, void *argp)
TSG-11860 - 支持匹配Tunnel Object作为策略条件,以及输出Tunnel Object信息至安全日志和过渡日志
2022-09-09 14:52:05 +08:00
{
if((*from)!=NULL)
{
struct tunnel_endpoint *t_endpoint=(struct tunnel_endpoint *)(*from);
atomic_inc(&t_endpoint->ref_cnt);
(*to)=(*from);
}
return ;
}
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
void ex_data_tunnel_endpoint_free(int table_id, void **ad, long argl, void *argp)
TSG-11860 - 支持匹配Tunnel Object作为策略条件,以及输出Tunnel Object信息至安全日志和过渡日志
2022-09-09 14:52:05 +08:00
{
if((*ad)!=NULL)
{
struct tunnel_endpoint *t_endpoint=(struct tunnel_endpoint *)*ad;
if((__sync_sub_and_fetch(&t_endpoint->ref_cnt, 1) == 0))
删除不可见字符
2021-12-31 17:28:53 +03:00
{
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
tsg_free_field(t_endpoint->description);
tsg_free_field((char *)(*ad));
TSG-13584: Firewall的安全日志依赖session record日志,修复TRAFFIC_SHAPING_PROFILE表是否生效字段编号定义错误,使用cppcheck进行代码检查
2023-02-09 07:14:55 +00:00
*ad=NULL;
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
//FS_operate(g_tsg_para.fs2_handle, g_tsg_para.fs2_field_id[TSG_FS2_TUNNEL_ENDPOINT_DEL], 0, FS_OP_ADD, 1);
删除不可见字符
2021-12-31 17:28:53 +03:00
}
TSG-11860 - 支持匹配Tunnel Object作为策略条件,以及输出Tunnel Object信息至安全日志和过渡日志
2022-09-09 14:52:05 +08:00
}
}
删除不可见字符
2021-12-31 17:28:53 +03:00
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
void plugin_ex_data_tunnel_endpoint_free(struct tunnel_endpoint *t_enpoint)
{
ex_data_tunnel_endpoint_free(g_tsg_maat_rt_para.plugin_tb[MAAT_PLUGIN_TUNNEL_ENDPOINT].id, (void **)&t_enpoint, 0, NULL);
}
void ex_data_tunnel_label_new(const char *table_name, int table_id, const char* key, const char* table_line, void **ad, long argl, void *argp)
TSG-11860 - 支持匹配Tunnel Object作为策略条件,以及输出Tunnel Object信息至安全日志和过渡日志
2022-09-09 14:52:05 +08:00
{
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
int label_id=column_integer_get_value(table_line, 1);
*ad=(void *)(long)label_id;
//FS_operate(g_tsg_para.fs2_handle, g_tsg_para.fs2_field_id[TSG_FS2_TUNNEL_LABEL_ADD], 0, FS_OP_ADD, 1);
TSG-11860 - 支持匹配Tunnel Object作为策略条件,以及输出Tunnel Object信息至安全日志和过渡日志
2022-09-09 14:52:05 +08:00
return ;
}
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
void ex_data_tunnel_label_dup(int table_id, void **to, void **from, long argl, void *argp)
TSG-11860 - 支持匹配Tunnel Object作为策略条件,以及输出Tunnel Object信息至安全日志和过渡日志
2022-09-09 14:52:05 +08:00
{
TSG-13584: Firewall的安全日志依赖session record日志,修复TRAFFIC_SHAPING_PROFILE表是否生效字段编号定义错误,使用cppcheck进行代码检查
2023-02-09 07:14:55 +00:00
(*to)=(*from);
TSG-11860 - 支持匹配Tunnel Object作为策略条件,以及输出Tunnel Object信息至安全日志和过渡日志
2022-09-09 14:52:05 +08:00
return ;
}
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
void ex_data_tunnel_label_free(int table_id, void **ad, long argl, void *argp)
{
//FS_operate(g_tsg_para.fs2_handle, g_tsg_para.fs2_field_id[TSG_FS2_TUNNEL_LABEL_DEL], 0, FS_OP_ADD, 1);
}
int init_scan_table(struct maat *feather, const char *conffile)
TSG-11860 - 支持匹配Tunnel Object作为策略条件,以及输出Tunnel Object信息至安全日志和过渡日志
2022-09-09 14:52:05 +08:00
{
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
MESA_load_profile_string_def(conffile, "MAAT", "IP_SRC_ADDR_TABLE", g_tsg_maat_rt_para.scan_tb[MAAT_SCAN_SRC_IP_ADDR].name, MAX_TABLE_NAME_LEN, "TSG_SECURITY_SOURCE_ADDR");
MESA_load_profile_string_def(conffile, "MAAT", "IP_DST_ADDR_TABLE", g_tsg_maat_rt_para.scan_tb[MAAT_SCAN_DST_IP_ADDR].name, MAX_TABLE_NAME_LEN, "TSG_SECURITY_DESTINATION_ADDR");
MESA_load_profile_string_def(conffile, "MAAT", "SUBSCRIBER_ID_TABLE", g_tsg_maat_rt_para.scan_tb[MAAT_SCAN_SUBSCRIBER_ID].name, MAX_TABLE_NAME_LEN, "TSG_OBJ_SUBSCRIBER_ID");
MESA_load_profile_string_def(conffile, "MAAT", "APP_ID_TABLE", g_tsg_maat_rt_para.scan_tb[MAAT_SCAN_APP_ID].name, MAX_TABLE_NAME_LEN, "TSG_OBJ_APP_ID");
MESA_load_profile_string_def(conffile, "MAAT", "HTTP_HOST_TABLE", g_tsg_maat_rt_para.scan_tb[MAAT_SCAN_HTTP_HOST].name, MAX_TABLE_NAME_LEN, "TSG_FIELD_HTTP_HOST");
MESA_load_profile_string_def(conffile, "MAAT", "HTTP_URL_TABLE", g_tsg_maat_rt_para.scan_tb[MAAT_SCAN_HTTP_URL].name, MAX_TABLE_NAME_LEN, "TSG_FIELD_HTTP_URL");
MESA_load_profile_string_def(conffile, "MAAT", "SSL_SNI_TABLE", g_tsg_maat_rt_para.scan_tb[MAAT_SCAN_SSL_SNI].name, MAX_TABLE_NAME_LEN, "TSG_FIELD_SSL_SNI");
MESA_load_profile_string_def(conffile, "MAAT", "DECYPTION_EXCLUSION_SSL_SNI", g_tsg_maat_rt_para.scan_tb[MAAT_SCAN_EXCLUSION_SSL_SNI].name, MAX_TABLE_NAME_LEN, "TSG_DECYPTION_EXCLUSION_SSL_SNI");
MESA_load_profile_string_def(conffile, "MAAT", "SRC_ASN_TABLE", g_tsg_maat_rt_para.scan_tb[MAAT_SCAN_SRC_ASN].name, MAX_TABLE_NAME_LEN, "TSG_SECURITY_SOURCE_ASN");
MESA_load_profile_string_def(conffile, "MAAT", "DST_ASN_TABLE", g_tsg_maat_rt_para.scan_tb[MAAT_SCAN_DST_ASN].name, MAX_TABLE_NAME_LEN, "TSG_SECURITY_DESTINATION_ASN");
MESA_load_profile_string_def(conffile, "MAAT", "SRC_LOCATION_TABLE", g_tsg_maat_rt_para.scan_tb[MAAT_SCAN_SRC_LOCATION].name, MAX_TABLE_NAME_LEN, "TSG_SECURITY_SOURCE_LOCATION");
MESA_load_profile_string_def(conffile, "MAAT", "DST_LOCATION_TABLE", g_tsg_maat_rt_para.scan_tb[MAAT_SCAN_DST_LOCATION].name, MAX_TABLE_NAME_LEN, "TSG_SECURITY_DESTINATION_LOCATION");
MESA_load_profile_string_def(conffile, "MAAT", "QUIC_SNI_TABLE", g_tsg_maat_rt_para.scan_tb[MAAT_SCAN_QUIC_SNI].name, MAX_TABLE_NAME_LEN, "TSG_FIELD_QUIC_SNI");
//MESA_load_profile_string_def(conffile, "MAAT", "FQDN_CAT_ID_TABLE", g_tsg_maat_rt_para.scan_tb[MAAT_SCAN_FQDN_CAT_ID].name, MAX_TABLE_NAME_LEN, "TSG_OBJ_FQDN_CAT");
MESA_load_profile_string_def(conffile, "MAAT", "SELECTOR_ID_TABLE", g_tsg_maat_rt_para.scan_tb[MAAT_SCAN_SELECTOR_ID].name, MAX_TABLE_NAME_LEN, "APP_SELECTOR_ID");
MESA_load_profile_string_def(conffile, "MAAT", "SELECTOR_PROPERTIES_TABLE", g_tsg_maat_rt_para.scan_tb[MAAT_SCAN_SELECTOR_PROPERTIES].name, MAX_TABLE_NAME_LEN, "APP_SELECTOR_PROPERTIES");
MESA_load_profile_string_def(conffile, "MAAT", "GTP_APN", g_tsg_maat_rt_para.scan_tb[MAAT_SCAN_GTP_APN].name, MAX_TABLE_NAME_LEN, "TSG_FILED_GTP_APN");
MESA_load_profile_string_def(conffile, "MAAT", "GTP_IMSI", g_tsg_maat_rt_para.scan_tb[MAAT_SCAN_GTP_IMSI].name, MAX_TABLE_NAME_LEN, "TSG_FILED_GTP_IMSI");
MESA_load_profile_string_def(conffile, "MAAT", "GTP_PHONE_NUMBER", g_tsg_maat_rt_para.scan_tb[MAAT_SCAN_GTP_PHONE_NUMBER].name, MAX_TABLE_NAME_LEN, "TSG_FILED_GTP_PHONE_NUMBER");
MESA_load_profile_string_def(conffile, "MAAT", "DTLS_SNI_TABLE", g_tsg_maat_rt_para.scan_tb[MAAT_SCAN_DTLS_SNI].name, MAX_TABLE_NAME_LEN, "TSG_FIELD_DTLS_SNI");
MESA_load_profile_string_def(conffile, "MAAT", "TUNNEL_ID_TABLE", g_tsg_maat_rt_para.scan_tb[MAAT_SCAN_TUNNEL_ID].name, MAX_TABLE_NAME_LEN, "TSG_SECURITY_TUNNEL");
MESA_load_profile_string_def(conffile, "MAAT", "SESSION_FLAG_TABLE", g_tsg_maat_rt_para.scan_tb[MAAT_SCAN_SESSION_FLAGS].name, MAX_TABLE_NAME_LEN, "TSG_SECURITY_FLAG");
TSG-15187: 增加遗漏的category的库表注册
2023-05-26 07:23:57 +00:00
MESA_load_profile_string_def(conffile, "MAAT", "HTTP_HOST_CAT", g_tsg_maat_rt_para.scan_tb[MAAT_SCAN_HTTP_HOST_CAT].name, MAX_TABLE_NAME_LEN, "TSG_FIELD_HTTP_HOST_CAT");
MESA_load_profile_string_def(conffile, "MAAT", "SSL_SNI_CAT", g_tsg_maat_rt_para.scan_tb[MAAT_SCAN_SSL_SNI_CAT].name, MAX_TABLE_NAME_LEN, "TSG_FIELD_SSL_SNI_CAT");
MESA_load_profile_string_def(conffile, "MAAT", "QUIC_SNI_CAT", g_tsg_maat_rt_para.scan_tb[MAAT_SCAN_QUIC_SNI_CAT].name, MAX_TABLE_NAME_LEN, "TSG_FIELD_QUIC_SNI_CAT");
MESA_load_profile_string_def(conffile, "MAAT", "DTLS_SNI_CAT", g_tsg_maat_rt_para.scan_tb[MAAT_SCAN_DTLS_SNI_CAT].name, MAX_TABLE_NAME_LEN, "TSG_FIELD_DTLS_SNI_CAT");
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
for(int i=0; i<MAAT_SCAN_MAX; i++)
{
g_tsg_maat_rt_para.scan_tb[i].id=maat_get_table_id(feather, g_tsg_maat_rt_para.scan_tb[i].name);
if(g_tsg_maat_rt_para.scan_tb[i].id<0)
{
MESA_handle_runtime_log(g_tsg_maat_rt_para.logger, RLOG_LV_FATAL, "maat_table_get_id failed, table_name: %s", g_tsg_maat_rt_para.scan_tb[i].name);
return -1;
}
}
return 0;
}
int init_plugin_table(struct maat *feather, const char *conffile)
{
struct maat_plugin_table p_table[MAAT_PLUGIN_MAX]={
{-1, "TSG_COMPILE", ex_data_security_compile_new, ex_data_security_compile_free, ex_data_security_compile_dup},
{-1, "TSG_IP_ASN_BUILT_IN", ex_data_asn_number_new, ex_data_asn_number_free, ex_data_asn_number_dup},
{-1, "TSG_IP_ASN_USER_DEFINED", ex_data_asn_number_new, ex_data_asn_number_free, ex_data_asn_number_dup},
{-1, "TSG_IP_LOCATION_BUILT_IN", ex_data_location_new, ex_data_location_free, ex_data_location_dup},
{-1, "TSG_IP_LOCATION_USER_DEFINED", ex_data_location_new, ex_data_location_free, ex_data_location_dup},
{-1, "TSG_FQDN_CATEGORY_BUILT_IN", ex_data_fqdn_category_id_new, ex_data_fqdn_category_id_free, ex_data_fqdn_category_id_dup},
{-1, "TSG_FQDN_CATEGORY_USER_DEFINED", ex_data_fqdn_category_id_new, ex_data_fqdn_category_id_free, ex_data_fqdn_category_id_dup},
{-1, "APP_ID_DICT", ex_data_app_id_dict_new, ex_data_app_id_dict_free, ex_data_app_id_dict_dup},
{-1, "TSG_PROFILE_RESPONSE_PAGES", ex_data_http_response_pages_new, ex_data_http_response_pages_free, ex_data_http_response_pages_dup},
{-1, "TSG_PROFILE_DNS_RECORDS", ex_data_dns_profile_records_new, ex_data_dns_profile_records_free, ex_data_dns_profile_records_dup},
{-1, "TSG_PROFILE_TRAFFIC_MIRROR", ex_data_mirrored_profile_new, ex_data_mirrored_profile_free, ex_data_mirrored_profile_dup},
{-1, "TSG_TUNNEL_CATALOG", ex_data_tunnel_catalog_new, ex_data_tunnel_catalog_free, ex_data_tunnel_catalog_dup},
{-1, "TSG_TUNNEL_ENDPOINT", ex_data_tunnel_endpoint_new, ex_data_tunnel_endpoint_free, ex_data_tunnel_endpoint_dup},
{-1, "TSG_TUNNEL_LABEL", ex_data_tunnel_label_new, ex_data_tunnel_label_free, ex_data_tunnel_label_dup},
{-1, "T_VSYS_INFO", ex_data_session_log_profile_new, ex_data_session_log_profile_free, ex_data_session_log_profile_dup},
{-1, "TSG_DYN_SUBSCRIBER_IP", ex_data_subscriber_id_new, ex_data_subscriber_id_free, ex_data_subscriber_id_dup},
{-1, "TSG_DYN_MOBILE_IDENTITY_APN_TEID", ex_data_gtp_c_new, ex_data_gtp_c_free, ex_data_gtp_c_dup}
};
memcpy(g_tsg_maat_rt_para.plugin_tb, p_table, MAAT_PLUGIN_MAX*sizeof(struct maat_plugin_table));
MESA_load_profile_string_def(conffile, "MAAT", "SECURITY_COMPILE", g_tsg_maat_rt_para.plugin_tb[MAAT_PLUGIN_SECURITY_COMPILE].name, MAX_TABLE_NAME_LEN, "TSG_COMPILE");
MESA_load_profile_string_def(conffile, "MAAT", "ASN_BUILT_IN_TABLE", g_tsg_maat_rt_para.plugin_tb[MAAT_PLUGIN_ASN_BUILT_IN].name, MAX_TABLE_NAME_LEN, "TSG_IP_ASN_BUILT_IN");
MESA_load_profile_string_def(conffile, "MAAT", "ASN_USER_DEFINED_TABLE", g_tsg_maat_rt_para.plugin_tb[MAAT_PLUGIN_ASN_USER_DEFINED].name, MAX_TABLE_NAME_LEN, "TSG_IP_ASN_USER_DEFINED");
MESA_load_profile_string_def(conffile, "MAAT", "LOCATION_BUILT_IN_TABLE", g_tsg_maat_rt_para.plugin_tb[MAAT_PLUGIN_LOCATION_BUILT_IN].name, MAX_TABLE_NAME_LEN, "TSG_IP_LOCATION_BUILT_IN");
MESA_load_profile_string_def(conffile, "MAAT", "LOCATION_USER_DEFINED_TABLE", g_tsg_maat_rt_para.plugin_tb[MAAT_PLUGIN_LOCATION_USER_DEFINED].name, MAX_TABLE_NAME_LEN, "TSG_IP_LOCATION_USER_DEFINED");
MESA_load_profile_string_def(conffile, "MAAT", "FQDN_CAT_BUILT_IN_TABLE", g_tsg_maat_rt_para.plugin_tb[MAAT_PLUGIN_FQDN_CAT_BUILT_IN].name, MAX_TABLE_NAME_LEN, "TSG_FQDN_CATEGORY_BUILT_IN");
MESA_load_profile_string_def(conffile, "MAAT", "FQDN_CAT_USER_DEFINED_TABLE", g_tsg_maat_rt_para.plugin_tb[MAAT_PLUGIN_FQDN_CAT_USER_DEFINED].name, MAX_TABLE_NAME_LEN, "TSG_FQDN_CATEGORY_USER_DEFINED");
MESA_load_profile_string_def(conffile, "MAAT", "APP_ID_DICT_TABLE", g_tsg_maat_rt_para.plugin_tb[MAAT_PLUGIN_APP_ID_DICT].name, MAX_TABLE_NAME_LEN, "APP_ID_DICT");
MESA_load_profile_string_def(conffile, "MAAT", "RESPONSE_PAGES_TABLE", g_tsg_maat_rt_para.plugin_tb[MAAT_PLUGIN_RESPONSE_PAGES].name, MAX_TABLE_NAME_LEN, "TSG_PROFILE_RESPONSE_PAGES");
MESA_load_profile_string_def(conffile, "MAAT", "DNS_PROFILE_RECORDS", g_tsg_maat_rt_para.plugin_tb[MAAT_PLUGIN_DNS_PROFILE_RECORD].name, MAX_TABLE_NAME_LEN, (char *)"TSG_PROFILE_DNS_RECORDS");
MESA_load_profile_string_def(conffile, "MAAT", "TRAFFIC_MIRROR_PROFILE", g_tsg_maat_rt_para.plugin_tb[MAAT_PLUGIN_PROFILE_MIRROR].name, MAX_TABLE_NAME_LEN, (char *)"TSG_PROFILE_TRAFFIC_MIRROR");
MESA_load_profile_string_def(conffile, "MAAT", "TUNNEL_CATALOG_TABLE", g_tsg_maat_rt_para.plugin_tb[MAAT_PLUGIN_TUNNEL_CATALOG].name, MAX_TABLE_NAME_LEN, "TSG_TUNNEL_CATALOG");
MESA_load_profile_string_def(conffile, "MAAT", "TUNNEL_ENDPOINT_TABLE", g_tsg_maat_rt_para.plugin_tb[MAAT_PLUGIN_TUNNEL_ENDPOINT].name, MAX_TABLE_NAME_LEN, "TSG_TUNNEL_ENDPOINT");
MESA_load_profile_string_def(conffile, "MAAT", "TUNNEL_LABEL_TABLE", g_tsg_maat_rt_para.plugin_tb[MAAT_PLUGIN_TUNNEL_LABEL].name, MAX_TABLE_NAME_LEN, "TSG_TUNNEL_LABEL");
MESA_load_profile_string_def(conffile, "MAAT", "SESSION_RECORD_TABLE", g_tsg_maat_rt_para.plugin_tb[MAAT_PLUGIN_SESSION_LOG].name, MAX_TABLE_NAME_LEN, "T_VSYS_INFO");
MESA_load_profile_string_def(conffile, "MAAT", "CB_SUBSCRIBER_IP_TABLE", g_tsg_maat_rt_para.plugin_tb[MAAT_PLUGIN_SUBSCRIBER_IP2ID].name, MAX_TABLE_NAME_LEN, "TSG_DYN_SUBSCRIBER_IP");
MESA_load_profile_string_def(conffile, "MAAT", "GTP_SIGNALING_TABLE", g_tsg_maat_rt_para.plugin_tb[MAAT_PLUGIN_GTP_IP2SIGNALING].name, MAX_TABLE_NAME_LEN, (char *)"TSG_DYN_MOBILE_IDENTITY_APN_TEID");
for(int i=0; i<MAAT_PLUGIN_MAX; i++)
{
g_tsg_maat_rt_para.plugin_tb[i].id=maat_get_table_id(feather, g_tsg_maat_rt_para.plugin_tb[i].name);
if(g_tsg_maat_rt_para.plugin_tb[i].id<0)
{
return -1;
}
int ret=maat_plugin_table_ex_schema_register(feather,
g_tsg_maat_rt_para.plugin_tb[i].name,
g_tsg_maat_rt_para.plugin_tb[i].ex_new,
g_tsg_maat_rt_para.plugin_tb[i].ex_free,
g_tsg_maat_rt_para.plugin_tb[i].ex_dup,
0,
NULL
);
if(ret<0)
{
return -1;
}
}
return 0;
删除不可见字符
2021-12-31 17:28:53 +03:00
}
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
struct maat *init_maat_feather(const char* conffile, char* instance_name, char *module)
删除不可见字符
2021-12-31 17:28:53 +03:00
{
TSG-13584: Firewall的安全日志依赖session record日志,修复TRAFFIC_SHAPING_PROFILE表是否生效字段编号定义错误,使用cppcheck进行代码检查
2023-02-09 07:14:55 +00:00
int deferred_load=0;
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
char maat_mode[32]={0};
增加MAAT4的输出统计
2023-06-05 06:01:33 +00:00
int effect_interval_ms=60000;
int rule_update_interval_ms=60000;
int garbage_collect_ms=30000;
删除不可见字符
2021-12-31 17:28:53 +03:00
char effective_range_filename[1024]={0};
TSG-13584: Firewall的安全日志依赖session record日志,修复TRAFFIC_SHAPING_PROFILE表是否生效字段编号定义错误,使用cppcheck进行代码检查
2023-02-09 07:14:55 +00:00
char effective_flag[1024]={0};
删除不可见字符
2021-12-31 17:28:53 +03:00
int output_prometheus=0;
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
int maat_stat_on=0,maat_perf_on=0;
char maat_stat_file[MAX_FILEPATH_LEN]={0};
char table_info[MAX_FILEPATH_LEN]={0};
删除不可见字符
2021-12-31 17:28:53 +03:00
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
memset(effective_flag, 0, sizeof(effective_flag));
删除不可见字符
2021-12-31 17:28:53 +03:00
MESA_load_profile_string_def(conffile, module, "EFFECTIVE_RANGE_FILE", effective_range_filename, sizeof(effective_range_filename),"./tsgconf/maat.conf");
if(strlen(effective_range_filename)>0)
{
MESA_load_profile_string_def(effective_range_filename, "MAAT", "ACCEPT_TAGS", effective_flag, sizeof(effective_flag),"");
}
if(strlen(effective_flag)==0)
{
MESA_load_profile_string_def(conffile, "MAAT", "ACCEPT_TAGS", effective_flag, sizeof(effective_flag),"");
}
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
if(strlen(g_tsg_maat_rt_para.device_tag)==0 && strlen(effective_flag)>0)
删除不可见字符
2021-12-31 17:28:53 +03:00
{
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
memcpy(g_tsg_maat_rt_para.device_tag, effective_flag, MIN(strlen(effective_flag), sizeof(g_tsg_maat_rt_para.device_tag)-1));
删除不可见字符
2021-12-31 17:28:53 +03:00
}
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
if(strlen(g_tsg_maat_rt_para.data_center)==0 && strlen(effective_flag)>0)
删除不可见字符
2021-12-31 17:28:53 +03:00
{
TSG-13584: Firewall的安全日志依赖session record日志,修复TRAFFIC_SHAPING_PROFILE表是否生效字段编号定义错误,使用cppcheck进行代码检查
2023-02-09 07:14:55 +00:00
char effective_tag_key[128]={0};
删除不可见字符
2021-12-31 17:28:53 +03:00
MESA_load_profile_string_def(conffile, module, "EFFECTIVE_TAG_KEY", effective_tag_key, sizeof(effective_tag_key),"data_center");
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
get_data_center(effective_flag, effective_tag_key, g_tsg_maat_rt_para.data_center, sizeof(g_tsg_maat_rt_para.data_center));
删除不可见字符
2021-12-31 17:28:53 +03:00
}
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
int _log_level=LOG_LEVEL_FATAL;
MESA_load_profile_int_def(conffile, module,"LOG_LEVEL", &(_log_level), LOG_LEVEL_FATAL);
char log_path[128]={0};
MESA_load_profile_string_def(conffile,module,"LOG_PATH", log_path, sizeof(log_path), "./log/maat.log");
删除不可见字符
2021-12-31 17:28:53 +03:00
MESA_load_profile_int_def(conffile, module,"STAT_SWITCH", &(maat_stat_on),1);
MESA_load_profile_int_def(conffile, module,"PERF_SWITCH", &(maat_perf_on),1);
MESA_load_profile_int_def(conffile, module,"OUTPUT_PROMETHEUS", &(output_prometheus), 1);
支持启动时延迟加载配置
2022-09-20 17:39:44 +08:00
MESA_load_profile_int_def(conffile, module,"DEFERRED_LOAD", &(deferred_load), 0);
删除不可见字符
2021-12-31 17:28:53 +03:00
MESA_load_profile_string_def(conffile,module,"TABLE_INFO",table_info, sizeof(table_info), "");
MESA_load_profile_string_def(conffile,module,"STAT_FILE",maat_stat_file, sizeof(maat_stat_file), "");
OMPUB-941: 同时命中security(shunt)和intercept策略,优先执行security策略
2023-06-07 14:42:07 +08:00
MESA_load_profile_int_def(conffile, module,"EFFECT_INTERVAL_MS", &(effect_interval_ms), 1000); //
MESA_load_profile_int_def(conffile, module,"RULE_UPDATE_CHECK_INTERVAL_MS", &(rule_update_interval_ms), 1000); //check redis
MESA_load_profile_int_def(conffile, module,"GARBAGE_COLLECT_MS", &(garbage_collect_ms), 60000); //
删除不可见字符
2021-12-31 17:28:53 +03:00
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
struct maat_options *opts=maat_options_new();
size_t thread_max=(size_t)get_thread_count();
maat_options_set_logger(opts, log_path, (enum log_level)_log_level);
maat_options_set_caller_thread_number(opts, thread_max);
maat_options_set_accept_tags(opts, (const char *)effective_flag);
增加MAAT4的输出统计
2023-06-05 06:01:33 +00:00
maat_options_set_rule_effect_interval_ms(opts, effect_interval_ms);
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
maat_options_set_instance_name(opts, instance_name);
增加MAAT4的输出统计
2023-06-05 06:01:33 +00:00
maat_options_set_foreign_cont_dir(opts, "./alerts_files");
maat_options_set_stat_file(opts, maat_stat_file);
maat_options_set_rule_update_checking_interval_ms(opts, rule_update_interval_ms);
maat_options_set_gc_timeout_ms(opts, garbage_collect_ms);
if(maat_stat_on==1)
{
maat_options_set_stat_on(opts);
}
if(maat_perf_on)
{
maat_options_set_perf_on(opts);
}
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
if(deferred_load==1)
删除不可见字符
2021-12-31 17:28:53 +03:00
{
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
maat_options_set_deferred_load_on(opts);
删除不可见字符
2021-12-31 17:28:53 +03:00
}
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
MESA_load_profile_string_def(conffile, module, "MAAT_MODE", maat_mode, sizeof(maat_mode),"json");
enum MAAT_MODE mode=get_maat_mode(maat_mode);
switch(mode)
删除不可见字符
2021-12-31 17:28:53 +03:00
{
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
case MAAT_MODE_FILE:
删除不可见字符
2021-12-31 17:28:53 +03:00
{
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
char inc_cfg_dir[MAX_FILEPATH_LEN]={0},ful_cfg_dir[MAX_FILEPATH_LEN]={0};
MESA_load_profile_string_def(conffile,module,"INC_CFG_DIR",inc_cfg_dir, sizeof(inc_cfg_dir),"");
MESA_load_profile_string_def(conffile,module,"FULL_CFG_DIR",ful_cfg_dir, sizeof(ful_cfg_dir),"");
assert(strlen(inc_cfg_dir)!=0&&strlen(ful_cfg_dir)!=0);
maat_options_set_iris(opts, (const char *)ful_cfg_dir, (const char *)inc_cfg_dir);
删除不可见字符
2021-12-31 17:28:53 +03:00
}
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
break;
case MAAT_MODE_JSON:
{
char json_filename[MAX_FILEPATH_LEN]={0};
MESA_load_profile_string_def(conffile,module,"JSON_CFG_FILE",json_filename, sizeof(json_filename),"");
maat_options_set_json_file(opts, (const char *)json_filename);
}
break;
case MAAT_MODE_REDIS:
{
int redis_index=0;
char redis_ip[16]={0};
char redis_port_range[256]={0};
MESA_load_profile_string_def(conffile,module,"REDIS_IP", redis_ip, sizeof(redis_ip),"");
MESA_load_profile_int_def(conffile, module,"REDIS_INDEX", &redis_index, 0);
MESA_load_profile_string_def(conffile,module,"REDIS_PORT", redis_port_range, sizeof(redis_port_range), "6379;");
unsigned short redis_port=get_redis_port(redis_port_range);
maat_options_set_redis(opts, redis_ip, redis_port, redis_index);
}
break;
default:
break;
删除不可见字符
2021-12-31 17:28:53 +03:00
}
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
return maat_new(opts, table_info);
删除不可见字符
2021-12-31 17:28:53 +03:00
}
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
int tsg_maat_rule_init(const char* conffile)
删除不可见字符
2021-12-31 17:28:53 +03:00
{
int log_level=30;
char log_path[128]={0};
char maat_conffile[256]={0};
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
memset(&g_tsg_maat_rt_para, 0, sizeof(struct maat_runtime_para));
TSG-13106: 支持Flag Object作为策略条件之一
2022-12-28 16:36:40 +08:00
删除不可见字符
2021-12-31 17:28:53 +03:00
MESA_load_profile_int_def(conffile, "MAAT","LOG_LEVEL", &log_level, 30);
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
MESA_load_profile_string_def(conffile, "MAAT", "LOG_PATH", log_path, sizeof(log_path), "./log/tsg_maat.log");
g_tsg_maat_rt_para.logger=MESA_create_runtime_log_handle(log_path, log_level);
if(g_tsg_maat_rt_para.logger==NULL)
删除不可见字符
2021-12-31 17:28:53 +03:00
{
printf("MESA_create_runtime_log_handle failed ...\n");
return -1;
}
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
MESA_load_profile_int_def(conffile, "MAAT","SESSION_RECORD_SWITCH", &g_tsg_maat_rt_para.session_record_switch, 0);
删除不可见字符
2021-12-31 17:28:53 +03:00
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
MESA_load_profile_int_def(conffile, "MAAT","LOCATION_TABLE_TYPE", &g_tsg_maat_rt_para.location_field_num, 18);
MESA_load_profile_string_def(conffile, "MAAT", "PROFILE", maat_conffile, sizeof(maat_conffile), "./tsgconf/maat.conf");
g_tsg_maat_feather=init_maat_feather(maat_conffile, (char *)"STATIC", (char *)"STATIC");
if(g_tsg_maat_feather==NULL)
删除不可见字符
2021-12-31 17:28:53 +03:00
{
return -1;
}
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
int ret=init_scan_table(g_tsg_maat_feather, conffile);
删除不可见字符
2021-12-31 17:28:53 +03:00
if(ret<0)
{
return -1;
}
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
ret=init_plugin_table(g_tsg_maat_feather, conffile);
TSG-9152,TSG-8537,TSG-9153: 总控支持与原始包处理插件交互mirror和capture信息,命中监测策略镜像流量到第三方逻辑从tsg_master总控分离
2021-12-28 20:27:37 +03:00
if(ret<0)
{
return -1;
}
删除不可见字符
2021-12-31 17:28:53 +03:00
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
return 0;
}
TSG-13959: 支持从redis中读取是否开启Session Record的开关,开关可控制session record、transcation log、interim log
2023-02-28 11:17:45 +08:00
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
static int sort_category_id(const void * a, const void * b)
{
struct fqdn_category *x = (struct fqdn_category *) a;
struct fqdn_category *y = (struct fqdn_category *) b;
TSG-11250: 支持从REDIS中读取移动网用户标识映射关系表并执行对应策略
2022-07-29 10:41:09 +00:00
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
return (int)(x->category_id - y->category_id);
删除不可见字符
2021-12-31 17:28:53 +03:00
}
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
static int get_fqdn_category_id(struct maat *feather, int table_id, char *fqdn, unsigned int *category_id, int category_id_num)
TSG-11860 - 支持匹配Tunnel Object作为策略条件,以及输出Tunnel Object信息至安全日志和过渡日志
2022-09-09 14:52:05 +08:00
{
struct fqdn_category *ex_data_array[8]={0};
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
int ret=maat_fqdn_plugin_table_get_ex_data(feather, table_id, fqdn, (void **)ex_data_array, 8);
TSG-11860 - 支持匹配Tunnel Object作为策略条件,以及输出Tunnel Object信息至安全日志和过渡日志
2022-09-09 14:52:05 +08:00
if(ret>0)
TSG-13584: Firewall的安全日志依赖session record日志,修复TRAFFIC_SHAPING_PROFILE表是否生效字段编号定义错误,使用cppcheck进行代码检查
2023-02-09 07:14:55 +00:00
{
int cnt=0;
TSG-11860 - 支持匹配Tunnel Object作为策略条件,以及输出Tunnel Object信息至安全日志和过渡日志
2022-09-09 14:52:05 +08:00
qsort(ex_data_array, ret, sizeof(struct fqdn_category *), sort_category_id);
TSG-13584: Firewall的安全日志依赖session record日志,修复TRAFFIC_SHAPING_PROFILE表是否生效字段编号定义错误,使用cppcheck进行代码检查
2023-02-09 07:14:55 +00:00
for(int i=0; i<ret; i++)
TSG-11860 - 支持匹配Tunnel Object作为策略条件,以及输出Tunnel Object信息至安全日志和过渡日志
2022-09-09 14:52:05 +08:00
{
TSG-13584: Firewall的安全日志依赖session record日志,修复TRAFFIC_SHAPING_PROFILE表是否生效字段编号定义错误,使用cppcheck进行代码检查
2023-02-09 07:14:55 +00:00
if(cnt==0)
TSG-11860 - 支持匹配Tunnel Object作为策略条件,以及输出Tunnel Object信息至安全日志和过渡日志
2022-09-09 14:52:05 +08:00
{
TSG-13584: Firewall的安全日志依赖session record日志,修复TRAFFIC_SHAPING_PROFILE表是否生效字段编号定义错误,使用cppcheck进行代码检查
2023-02-09 07:14:55 +00:00
category_id[cnt++]=ex_data_array[i]->category_id;
TSG-11860 - 支持匹配Tunnel Object作为策略条件,以及输出Tunnel Object信息至安全日志和过渡日志
2022-09-09 14:52:05 +08:00
}
else
{
TSG-13584: Firewall的安全日志依赖session record日志,修复TRAFFIC_SHAPING_PROFILE表是否生效字段编号定义错误,使用cppcheck进行代码检查
2023-02-09 07:14:55 +00:00
if(cnt<category_id_num && ex_data_array[i]->category_id!=category_id[cnt-1])
TSG-11860 - 支持匹配Tunnel Object作为策略条件,以及输出Tunnel Object信息至安全日志和过渡日志
2022-09-09 14:52:05 +08:00
{
TSG-13584: Firewall的安全日志依赖session record日志,修复TRAFFIC_SHAPING_PROFILE表是否生效字段编号定义错误,使用cppcheck进行代码检查
2023-02-09 07:14:55 +00:00
category_id[cnt++]=ex_data_array[i]->category_id;
TSG-11860 - 支持匹配Tunnel Object作为策略条件,以及输出Tunnel Object信息至安全日志和过渡日志
2022-09-09 14:52:05 +08:00
}
}
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
ex_data_fqdn_category_id_free(table_id, (void **)&(ex_data_array[i]), 0, NULL);
TSG-11860 - 支持匹配Tunnel Object作为策略条件,以及输出Tunnel Object信息至安全日志和过渡日志
2022-09-09 14:52:05 +08:00
}
TSG-13584: Firewall的安全日志依赖session record日志,修复TRAFFIC_SHAPING_PROFILE表是否生效字段编号定义错误,使用cppcheck进行代码检查
2023-02-09 07:14:55 +00:00
return cnt;
TSG-11860 - 支持匹配Tunnel Object作为策略条件,以及输出Tunnel Object信息至安全日志和过渡日志
2022-09-09 14:52:05 +08:00
}
return 0;
}
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
int ip_int2string(const struct streaminfo *a_stream, char *s_ip, size_t s_ip_len, char *d_ip, size_t d_ip_len)
TSG-12885: 安全策略支持drop动作中包含send reset/send icmp子动作,reset动作向前兼容
2022-12-23 11:54:29 +08:00
{
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
struct stream_tuple4_v4 *v4=NULL;
struct stream_tuple4_v6 *v6=NULL;
TSG-12885: 安全策略支持drop动作中包含send reset/send icmp子动作,reset动作向前兼容
2022-12-23 11:54:29 +08:00
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
switch(a_stream->addr.addrtype)
TSG-12885: 安全策略支持drop动作中包含send reset/send icmp子动作,reset动作向前兼容
2022-12-23 11:54:29 +08:00
{
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
case ADDR_TYPE_IPV4:
v4=a_stream->addr.tuple4_v4;
inet_ntop(AF_INET, &(v4->saddr), s_ip, s_ip_len);
inet_ntop(AF_INET, &(v4->daddr), d_ip, d_ip_len);
break;
case ADDR_TYPE_IPV6:
v6=a_stream->addr.tuple4_v6;
inet_ntop(AF_INET6, v6->saddr, s_ip, s_ip_len);
inet_ntop(AF_INET6, v6->daddr, d_ip, d_ip_len);
break;
default:
return 0;
break;
TSG-12885: 安全策略支持drop动作中包含send reset/send icmp子动作,reset动作向前兼容
2022-12-23 11:54:29 +08:00
}
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
return 1;
TSG-12885: 安全策略支持drop动作中包含send reset/send icmp子动作,reset动作向前兼容
2022-12-23 11:54:29 +08:00
}
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
int ip_address_convert(const struct streaminfo *a_stream, struct ip_addr *s_ip, struct ip_addr *d_ip)
TSG-13520,TSG-13356: 支持通过tsg_pull_shaping_result函数获取命中的shaping策略,增加common_shaping_rule_ids日志字段,支持通过bridge接口及时通知命中的shaping策略,增加gtest测试用例
2023-02-07 02:51:03 +00:00
{
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
switch(a_stream->addr.addrtype)
TSG-13520,TSG-13356: 支持通过tsg_pull_shaping_result函数获取命中的shaping策略,增加common_shaping_rule_ids日志字段,支持通过bridge接口及时通知命中的shaping策略,增加gtest测试用例
2023-02-07 02:51:03 +00:00
{
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
case ADDR_TYPE_IPV4:
s_ip->ip_type=4;
s_ip->ipv4=a_stream->addr.tuple4_v4->saddr;
d_ip->ip_type=4;
d_ip->ipv4=a_stream->addr.tuple4_v4->daddr;
break;
case ADDR_TYPE_IPV6:
s_ip->ip_type=6;
memcpy((char *)(s_ip->ipv6), a_stream->addr.tuple4_v6->saddr, IPV6_ADDR_LEN);
d_ip->ip_type=6;
memcpy((char *)(d_ip->ipv6), a_stream->addr.tuple4_v6->daddr, IPV6_ADDR_LEN);
break;
default:
return 0;
break;
TSG-13520,TSG-13356: 支持通过tsg_pull_shaping_result函数获取命中的shaping策略,增加common_shaping_rule_ids日志字段,支持通过bridge接口及时通知命中的shaping策略,增加gtest测试用例
2023-02-07 02:51:03 +00:00
}
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
return 1;
TSG-13520,TSG-13356: 支持通过tsg_pull_shaping_result函数获取命中的shaping策略,增加common_shaping_rule_ids日志字段,支持通过bridge接口及时通知命中的shaping策略,增加gtest测试用例
2023-02-07 02:51:03 +00:00
}
TSG-12885: 安全策略支持drop动作中包含send reset/send icmp子动作,reset动作向前兼容
2022-12-23 11:54:29 +08:00
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
int srt_attribute_set_ip_asn(const struct streaminfo *a_stream, struct maat *feather, struct asn_info **client_asn, struct asn_info **server_asn)
删除不可见字符
2021-12-31 17:28:53 +03:00
{
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
struct ip_addr dest_ip={0}, source_ip={0};
ip_address_convert(a_stream, &source_ip, &dest_ip);
if(*client_asn==NULL)
删除不可见字符
2021-12-31 17:28:53 +03:00
{
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
maat_ip_plugin_table_get_ex_data(feather, g_tsg_maat_rt_para.plugin_tb[MAAT_PLUGIN_ASN_USER_DEFINED].id, &source_ip, (void **)client_asn, 1);
}
if(*client_asn==NULL)
{
maat_ip_plugin_table_get_ex_data(feather, g_tsg_maat_rt_para.plugin_tb[MAAT_PLUGIN_ASN_BUILT_IN].id, &source_ip, (void **)client_asn, 1);
删除不可见字符
2021-12-31 17:28:53 +03:00
}
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
if(*server_asn==NULL)
{
maat_ip_plugin_table_get_ex_data(feather, g_tsg_maat_rt_para.plugin_tb[MAAT_PLUGIN_ASN_USER_DEFINED].id, &dest_ip, (void **)server_asn, 1);
}
删除不可见字符
2021-12-31 17:28:53 +03:00
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
if(*server_asn==NULL)
TSG-9128: HOST和URL属于同一优先级,保证安全模块和代理模块相同策略条件下,优先级效一致
2022-06-02 10:48:00 +08:00
{
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
maat_ip_plugin_table_get_ex_data(feather, g_tsg_maat_rt_para.plugin_tb[MAAT_PLUGIN_ASN_BUILT_IN].id, &dest_ip, (void **)server_asn, 1);
TSG-9128: HOST和URL属于同一优先级,保证安全模块和代理模块相同策略条件下,优先级效一致
2022-06-02 10:48:00 +08:00
}
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
return 1;
TSG-9128: HOST和URL属于同一优先级,保证安全模块和代理模块相同策略条件下,优先级效一致
2022-06-02 10:48:00 +08:00
}
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
int srt_attribute_set_ip_location(const struct streaminfo *a_stream, struct maat *feather, struct location_info **client_location, struct location_info **server_location)
TSG-9128: HOST和URL属于同一优先级,保证安全模块和代理模块相同策略条件下,优先级效一致
2022-06-02 10:48:00 +08:00
{
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
struct ip_addr dest_ip={0}, source_ip={0};
ip_address_convert(a_stream, &source_ip, &dest_ip);
if(*client_location==NULL)
TSG-9128: HOST和URL属于同一优先级,保证安全模块和代理模块相同策略条件下,优先级效一致
2022-06-02 10:48:00 +08:00
{
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
maat_ip_plugin_table_get_ex_data(feather, g_tsg_maat_rt_para.plugin_tb[MAAT_PLUGIN_LOCATION_USER_DEFINED].id, &source_ip, (void **)client_location, 1);
}
if(*client_location==NULL)
{
maat_ip_plugin_table_get_ex_data(feather, g_tsg_maat_rt_para.plugin_tb[MAAT_PLUGIN_LOCATION_BUILT_IN].id, &source_ip, (void **)client_location, 1);
}
if(*server_location==NULL)
{
maat_ip_plugin_table_get_ex_data(feather, g_tsg_maat_rt_para.plugin_tb[MAAT_PLUGIN_LOCATION_USER_DEFINED].id, &dest_ip, (void **)server_location, 1);
TSG-9128: HOST和URL属于同一优先级,保证安全模块和代理模块相同策略条件下,优先级效一致
2022-06-02 10:48:00 +08:00
}
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
if(*server_location==NULL)
{
maat_ip_plugin_table_get_ex_data(feather, g_tsg_maat_rt_para.plugin_tb[MAAT_PLUGIN_LOCATION_BUILT_IN].id, &dest_ip, (void **)server_location, 1);
}
return 1;
TSG-9128: HOST和URL属于同一优先级,保证安全模块和代理模块相同策略条件下,优先级效一致
2022-06-02 10:48:00 +08:00
}
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
int srt_attribute_set_subscriber_id(const struct streaminfo *a_stream, struct maat *feather, struct subscribe_id_info **source_subscribe_id, struct subscribe_id_info **dest_subscribe_id)
删除不可见字符
2021-12-31 17:28:53 +03:00
{
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
char source_ip[MAX_IPV6_ADDR_LEN]={0};
char dest_ip[MAX_IPV6_ADDR_LEN]={0};
int ret=ip_int2string(a_stream, source_ip, MAX_IPV6_ADDR_LEN, dest_ip, MAX_IPV6_ADDR_LEN);
if(ret==0)
删除不可见字符
2021-12-31 17:28:53 +03:00
{
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
return 0;
删除不可见字符
2021-12-31 17:28:53 +03:00
}
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
if(strlen(dest_ip)>0 && *dest_subscribe_id==NULL)
删除不可见字符
2021-12-31 17:28:53 +03:00
{
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
*dest_subscribe_id=(struct subscribe_id_info *)maat_plugin_table_get_ex_data(feather, g_tsg_maat_rt_para.plugin_tb[MAAT_PLUGIN_SUBSCRIBER_IP2ID].id, dest_ip);
删除不可见字符
2021-12-31 17:28:53 +03:00
}
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
if(strlen(source_ip)>0 && *source_subscribe_id==NULL)
删除不可见字符
2021-12-31 17:28:53 +03:00
{
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
*source_subscribe_id=(struct subscribe_id_info *)maat_plugin_table_get_ex_data(feather, g_tsg_maat_rt_para.plugin_tb[MAAT_PLUGIN_SUBSCRIBER_IP2ID].id, source_ip);
删除不可见字符
2021-12-31 17:28:53 +03:00
}
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
删除不可见字符
2021-12-31 17:28:53 +03:00
return 0;
}
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
size_t matche_rules_convert(struct maat *feather,long long *matched_rules, size_t n_matched_rules, struct maat_rule *results, size_t n_results)
{
size_t offset=0;
for(size_t i=0; i<n_matched_rules && offset<n_results; i++)
{
struct maat_compile *maat_compile=(struct maat_compile *)maat_plugin_table_get_ex_data(feather, g_tsg_maat_rt_para.plugin_tb[MAAT_PLUGIN_SECURITY_COMPILE].id, (const char *)&(matched_rules[i]));
if(maat_compile==NULL)
{
continue;
}
删除不可见字符
2021-12-31 17:28:53 +03:00
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
results[offset++]=maat_compile->rule;
ex_data_security_compile_free(g_tsg_maat_rt_para.plugin_tb[MAAT_PLUGIN_SECURITY_COMPILE].id, (void **)&(maat_compile), 0, NULL);
}
return offset;
}
size_t tsg_scan_integer(const struct streaminfo *a_stream, struct maat *feather, long long s_integer, enum MAAT_SCAN_TB idx, struct maat_state *s_mid, struct maat_rule *results, size_t n_results)
删除不可见字符
2021-12-31 17:28:53 +03:00
{
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
size_t n_matched_rules=0;
long long matched_rules[MAX_RESULT_NUM];
int is_hited=maat_scan_integer(feather, g_tsg_maat_rt_para.scan_tb[idx].id, s_integer, matched_rules, MAX_RESULT_NUM, &n_matched_rules, s_mid);
if(is_hited==MAAT_SCAN_HIT)
删除不可见字符
2021-12-31 17:28:53 +03:00
{
🦄 refactor(tsg rule log): 增加扫描命中结果记录本地日志
2023-04-17 21:46:15 +08:00
MESA_handle_runtime_log(g_tsg_maat_rt_para.logger,
RLOG_LV_DEBUG,
"SCAN_INTEGER",
"Hit: %lld: scan ret: %d table_name: %s addr: %s, mid: %p",
s_integer,
is_hited,
g_tsg_maat_rt_para.scan_tb[idx].name,
PRINTADDR(a_stream, g_tsg_maat_rt_para.level),
s_mid
);
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
return matche_rules_convert(feather, matched_rules, n_matched_rules, results, n_results);
删除不可见字符
2021-12-31 17:28:53 +03:00
}
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
MESA_handle_runtime_log(g_tsg_maat_rt_para.logger,
RLOG_LV_DEBUG,
"SCAN_INTEGER",
🦄 refactor(maat scan log): 记录mid地址,用于比对多句柄多条件扫描结果
2023-04-14 15:34:03 +08:00
"No hit: %lld: scan ret: %d table_name: %s addr: %s, mid: %p",
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
s_integer,
is_hited,
g_tsg_maat_rt_para.scan_tb[idx].name,
🦄 refactor(maat scan log): 记录mid地址,用于比对多句柄多条件扫描结果
2023-04-14 15:34:03 +08:00
PRINTADDR(a_stream, g_tsg_maat_rt_para.level),
s_mid
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
);
return 0;
}
size_t tsg_scan_flags(const struct streaminfo *a_stream, struct maat *feather, unsigned long long flags, enum MAAT_SCAN_TB idx, struct maat_state *s_mid, struct maat_rule *results, size_t n_results)
{
size_t n_matched_rules=0;
long long matched_rules[MAX_RESULT_NUM];
int is_hited=maat_scan_flag(feather, g_tsg_maat_rt_para.scan_tb[idx].id, flags, matched_rules, MAX_RESULT_NUM, &n_matched_rules, s_mid);
if(is_hited==MAAT_SCAN_HIT)
删除不可见字符
2021-12-31 17:28:53 +03:00
{
🦄 refactor(tsg rule log): 增加扫描命中结果记录本地日志
2023-04-17 21:46:15 +08:00
MESA_handle_runtime_log(g_tsg_maat_rt_para.logger,
RLOG_LV_DEBUG,
"SCAN_FLAGS",
"Hit: %llu scan ret: %d table_name: %s addr: %s, mid: %p",
flags,
is_hited,
g_tsg_maat_rt_para.scan_tb[idx].name,
PRINTADDR(a_stream, g_tsg_maat_rt_para.level),
s_mid
);
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
return matche_rules_convert(feather, matched_rules, n_matched_rules, results, n_results);
删除不可见字符
2021-12-31 17:28:53 +03:00
}
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
MESA_handle_runtime_log(g_tsg_maat_rt_para.logger,
RLOG_LV_DEBUG,
"SCAN_FLAGS",
🦄 refactor(maat scan log): 记录mid地址,用于比对多句柄多条件扫描结果
2023-04-14 15:34:03 +08:00
"No hit: %llu scan ret: %d table_name: %s addr: %s, mid: %p",
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
flags,
is_hited,
g_tsg_maat_rt_para.scan_tb[idx].name,
🦄 refactor(maat scan log): 记录mid地址,用于比对多句柄多条件扫描结果
2023-04-14 15:34:03 +08:00
PRINTADDR(a_stream, g_tsg_maat_rt_para.level),
s_mid
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
);
return 0;
}
size_t tsg_scan_string(const struct streaminfo *a_stream, struct maat *feather, const char *s_data, size_t s_data_len, enum MAAT_SCAN_TB idx, struct maat_state *s_mid, struct maat_rule *results, size_t n_results)
{
size_t n_matched_rules=0;
long long matched_rules[MAX_RESULT_NUM];
int is_hited=maat_scan_string(feather, g_tsg_maat_rt_para.scan_tb[idx].id, s_data, s_data_len, matched_rules, MAX_RESULT_NUM, &n_matched_rules, s_mid);
if(is_hited==MAAT_SCAN_HIT)
删除不可见字符
2021-12-31 17:28:53 +03:00
{
🦄 refactor(tsg_scan_string): 输出字符串扫描命中结果至本地日志,debug级别
2023-04-17 19:54:13 +08:00
MESA_handle_runtime_log(g_tsg_maat_rt_para.logger,
RLOG_LV_DEBUG,
"SCAN_STRING",
"Hit: %s len: %lu scan ret: %d table_name: %s addr: %s, mid: %p",
s_data,
s_data_len,
is_hited,
g_tsg_maat_rt_para.scan_tb[idx].name,
PRINTADDR(a_stream, g_tsg_maat_rt_para.level),
s_mid);
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
return matche_rules_convert(feather, matched_rules, n_matched_rules, results, n_results);
删除不可见字符
2021-12-31 17:28:53 +03:00
}
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
MESA_handle_runtime_log(g_tsg_maat_rt_para.logger,
RLOG_LV_DEBUG,
"SCAN_STRING",
🦄 refactor(maat scan log): 记录mid地址,用于比对多句柄多条件扫描结果
2023-04-14 15:34:03 +08:00
"No hit: %s len: %lu scan ret: %d table_name: %s addr: %s, mid: %p",
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
s_data,
s_data_len,
is_hited,
g_tsg_maat_rt_para.scan_tb[idx].name,
🦄 refactor(maat scan log): 记录mid地址,用于比对多句柄多条件扫描结果
2023-04-14 15:34:03 +08:00
PRINTADDR(a_stream, g_tsg_maat_rt_para.level),
s_mid
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
);
删除不可见字符
2021-12-31 17:28:53 +03:00
return 0;
}
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
size_t tsg_scan_ipv4_address(const struct streaminfo *a_stream, struct maat *feather, struct ipaddr* p_addr, enum MAAT_SCAN_TB idx, struct maat_state *s_mid, struct maat_rule *rules, size_t n_rules)
删除不可见字符
2021-12-31 17:28:53 +03:00
{
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
if(p_addr==NULL)
删除不可见字符
2021-12-31 17:28:53 +03:00
{
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
return 0;
}
int is_hited=0;
tableID定义出现重复, 定义扫描LUA返回值的库表结构, 扫描时传入的protocol错误
2023-04-06 08:39:08 +00:00
int protocol=-1;
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
size_t n_matched_rules=0;
long long matched_rules[MAX_RESULT_NUM];
tableID定义出现重复, 定义扫描LUA返回值的库表结构, 扫描时传入的protocol错误
2023-04-06 08:39:08 +00:00
switch(a_stream->type)
{
case STREAM_TYPE_TCP:
protocol=6;
break;
case STREAM_TYPE_UDP:
protocol=17;
break;
default:
protocol=-1;
break;
}
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
switch(idx)
{
case MAAT_SCAN_SRC_IP_ADDR:
tableID定义出现重复, 定义扫描LUA返回值的库表结构, 扫描时传入的protocol错误
2023-04-06 08:39:08 +00:00
is_hited=maat_scan_ipv4(feather, g_tsg_maat_rt_para.scan_tb[idx].id, p_addr->v4->saddr, p_addr->v4->source, protocol,
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
matched_rules+n_matched_rules, MAX_RESULT_NUM, &n_matched_rules, s_mid);
删除不可见字符
2021-12-31 17:28:53 +03:00
break;
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
case MAAT_SCAN_DST_IP_ADDR:
tableID定义出现重复, 定义扫描LUA返回值的库表结构, 扫描时传入的protocol错误
2023-04-06 08:39:08 +00:00
is_hited=maat_scan_ipv4(feather, g_tsg_maat_rt_para.scan_tb[idx].id, p_addr->v4->daddr, p_addr->v4->dest, protocol,
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
matched_rules+n_matched_rules, MAX_RESULT_NUM, &n_matched_rules, s_mid);
删除不可见字符
2021-12-31 17:28:53 +03:00
break;
default:
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
return 0;
删除不可见字符
2021-12-31 17:28:53 +03:00
}
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
if(n_matched_rules>0)
删除不可见字符
2021-12-31 17:28:53 +03:00
{
🦄 refactor(scan log): 扫描结果日志统一写入g_tsg_maat_rt_para句柄
2023-04-14 15:17:18 +08:00
MESA_handle_runtime_log(g_tsg_maat_rt_para.logger,
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
RLOG_LV_DEBUG,
"SCAN_IPV4",
🦄 refactor(maat scan log): 记录mid地址,用于比对多句柄多条件扫描结果
2023-04-14 15:34:03 +08:00
"Hit %s addr: %s return n_rules: %llu, mid: %p",
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
g_tsg_maat_rt_para.scan_tb[idx].name,
🦄 refactor(scan log): 扫描结果日志统一写入g_tsg_maat_rt_para句柄
2023-04-14 15:17:18 +08:00
PRINTADDR(a_stream, g_tsg_maat_rt_para.level),
🦄 refactor(maat scan log): 记录mid地址,用于比对多句柄多条件扫描结果
2023-04-14 15:34:03 +08:00
n_matched_rules,
s_mid
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
);
return matche_rules_convert(feather, matched_rules, n_matched_rules, rules, n_rules);
删除不可见字符
2021-12-31 17:28:53 +03:00
}
🦄 refactor(scan log): 扫描结果日志统一写入g_tsg_maat_rt_para句柄
2023-04-14 15:17:18 +08:00
MESA_handle_runtime_log(g_tsg_maat_rt_para.logger,
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
RLOG_LV_DEBUG,
"SCAN_IPV4",
🦄 refactor(maat scan log): 记录mid地址,用于比对多句柄多条件扫描结果
2023-04-14 15:34:03 +08:00
"Not hit %s addr: %s Scan return: %d, mid: %p",
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
g_tsg_maat_rt_para.scan_tb[idx].name,
🦄 refactor(scan log): 扫描结果日志统一写入g_tsg_maat_rt_para句柄
2023-04-14 15:17:18 +08:00
PRINTADDR(a_stream, g_tsg_maat_rt_para.level),
🦄 refactor(maat scan log): 记录mid地址,用于比对多句柄多条件扫描结果
2023-04-14 15:34:03 +08:00
is_hited,
s_mid
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
);
删除不可见字符
2021-12-31 17:28:53 +03:00
return 0;
}
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
size_t tsg_scan_ipv6_address(const struct streaminfo *a_stream, struct maat *feather, struct ipaddr* p_addr, enum MAAT_SCAN_TB idx, struct maat_state *s_mid, struct maat_rule *rules, size_t n_rules)
删除不可见字符
2021-12-31 17:28:53 +03:00
{
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
if(p_addr==NULL)
删除不可见字符
2021-12-31 17:28:53 +03:00
{
return 0;
}
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
int is_hited=0;
提供根据策略通知捕包或者镜像流量的接口
2023-04-28 10:17:10 +08:00
int protocol=-1;
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
size_t n_matched_rules=0;
long long matched_rules[MAX_RESULT_NUM];
提供根据策略通知捕包或者镜像流量的接口
2023-04-28 10:17:10 +08:00
switch(a_stream->type)
{
case STREAM_TYPE_TCP:
protocol=6;
break;
case STREAM_TYPE_UDP:
protocol=17;
break;
default:
protocol=-1;
break;
}
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
switch(idx)
{
case MAAT_SCAN_SRC_IP_ADDR:
提供根据策略通知捕包或者镜像流量的接口
2023-04-28 10:17:10 +08:00
is_hited=maat_scan_ipv6(feather, g_tsg_maat_rt_para.scan_tb[idx].id, p_addr->v6->saddr, p_addr->v6->source, protocol,
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
matched_rules+n_matched_rules, MAX_RESULT_NUM, &n_matched_rules, s_mid);
break;
case MAAT_SCAN_DST_IP_ADDR:
提供根据策略通知捕包或者镜像流量的接口
2023-04-28 10:17:10 +08:00
is_hited=maat_scan_ipv6(feather, g_tsg_maat_rt_para.scan_tb[idx].id, p_addr->v6->daddr, p_addr->v6->dest, protocol,
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
matched_rules+n_matched_rules, MAX_RESULT_NUM, &n_matched_rules, s_mid);
break;
default:
return 0;
}
if(n_matched_rules>0)
删除不可见字符
2021-12-31 17:28:53 +03:00
{
🦄 refactor(scan log): 扫描结果日志统一写入g_tsg_maat_rt_para句柄
2023-04-14 15:17:18 +08:00
MESA_handle_runtime_log(g_tsg_maat_rt_para.logger,
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
RLOG_LV_DEBUG,
"SCAN_IPV6",
🦄 refactor(maat scan log): 记录mid地址,用于比对多句柄多条件扫描结果
2023-04-14 15:34:03 +08:00
"Hit %s addr: %s return n_rules: %llu, mid: %p",
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
g_tsg_maat_rt_para.scan_tb[idx].name,
🦄 refactor(scan log): 扫描结果日志统一写入g_tsg_maat_rt_para句柄
2023-04-14 15:17:18 +08:00
PRINTADDR(a_stream, g_tsg_maat_rt_para.level),
🦄 refactor(maat scan log): 记录mid地址,用于比对多句柄多条件扫描结果
2023-04-14 15:34:03 +08:00
n_matched_rules,
s_mid
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
);
return matche_rules_convert(feather, matched_rules, n_matched_rules, rules, n_rules);
删除不可见字符
2021-12-31 17:28:53 +03:00
}
🦄 refactor(scan log): 扫描结果日志统一写入g_tsg_maat_rt_para句柄
2023-04-14 15:17:18 +08:00
MESA_handle_runtime_log(g_tsg_maat_rt_para.logger,
删除不可见字符
2021-12-31 17:28:53 +03:00
RLOG_LV_DEBUG,
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
"SCAN_IPV6",
🦄 refactor(maat scan log): 记录mid地址,用于比对多句柄多条件扫描结果
2023-04-14 15:34:03 +08:00
"Not hit %s addr: %s Scan return: %d, mid: %p",
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
g_tsg_maat_rt_para.scan_tb[idx].name,
🦄 refactor(scan log): 扫描结果日志统一写入g_tsg_maat_rt_para句柄
2023-04-14 15:17:18 +08:00
PRINTADDR(a_stream, g_tsg_maat_rt_para.level),
🦄 refactor(maat scan log): 记录mid地址,用于比对多句柄多条件扫描结果
2023-04-14 15:34:03 +08:00
is_hited,
s_mid
删除不可见字符
2021-12-31 17:28:53 +03:00
);
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
删除不可见字符
2021-12-31 17:28:53 +03:00
return 0;
}
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
size_t tsg_scan_ip_asn(const struct streaminfo *a_stream, struct maat *feather, struct asn_info *asn, enum MAAT_SCAN_TB idx, struct maat_state *s_mid, struct maat_rule *results, size_t n_result)
{
if(asn==NULL || asn->asn_id==NULL|| results==NULL || n_result==0)
{
return 0;
}
return tsg_scan_string(a_stream, feather, asn->asn_id, strlen(asn->asn_id), idx, s_mid, results, n_result);
}
删除不可见字符
2021-12-31 17:28:53 +03:00
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
size_t tsg_scan_ip_location(const struct streaminfo *a_stream, struct maat *feather, struct location_info *location, enum MAAT_SCAN_TB idx, struct maat_state *s_mid, struct maat_rule *results, size_t n_results)
删除不可见字符
2021-12-31 17:28:53 +03:00
{
Feature 4 layer location
2022-02-10 02:46:49 +00:00
char full_address[1024]={0};
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
if(location==NULL || results==NULL || n_results==0)
删除不可见字符
2021-12-31 17:28:53 +03:00
{
return 0;
}
Feature 4 layer location
2022-02-10 02:46:49 +00:00
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
if(g_tsg_maat_rt_para.location_field_num==19)
Feature 4 layer location
2022-02-10 02:46:49 +00:00
{
snprintf(full_address,
sizeof(full_address),
"%s.%s.%s.%s.",
location->country_full,
location->province_full,
location->city_full,
location->subdivision_addr==NULL ? "" : location->subdivision_addr);
}
else
{
snprintf(full_address, sizeof(full_address), "%s.%s.", location->country_full, location->city_full);
}
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
return tsg_scan_string(a_stream, feather, full_address, strlen(full_address), idx, s_mid, results, n_results);
}
int tsg_scan_intercept_exclusion(const struct streaminfo *a_stream, struct maat *feather, struct maat_rule *p_result, char *domain, int thread_seq)
{
if(domain==NULL)
删除不可见字符
2021-12-31 17:28:53 +03:00
{
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
return 0;
}
struct maat_state *s_mid=maat_state_new(g_tsg_maat_feather, thread_seq);
struct maat_rule tmp_result;
size_t ret=tsg_scan_string(a_stream, g_tsg_maat_feather, domain, strlen(domain), MAAT_SCAN_EXCLUSION_SSL_SNI, s_mid, &tmp_result, 1);
maat_state_free(s_mid);
s_mid=NULL;
if(ret>0)
{
🦄 refactor(scan log): 扫描结果日志统一写入g_tsg_maat_rt_para句柄
2023-04-14 15:17:18 +08:00
MESA_handle_runtime_log(g_tsg_maat_rt_para.logger,
删除不可见字符
2021-12-31 17:28:53 +03:00
RLOG_LV_DEBUG,
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
"EXCLUSION_SSL_SNI",
"Hit %s policy_id: %d service: %d action: %d Decryption Exclusion: [ policy_id: %d service: %d action: %d ] addr: %s",
domain,
tmp_result.rule_id,
tmp_result.service_id,
(unsigned char)tmp_result.action,
p_result->rule_id,
p_result->service_id,
(unsigned char)p_result->action,
🦄 refactor(scan log): 扫描结果日志统一写入g_tsg_maat_rt_para句柄
2023-04-14 15:17:18 +08:00
PRINTADDR(a_stream, g_tsg_maat_rt_para.level)
删除不可见字符
2021-12-31 17:28:53 +03:00
);
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
return 1;
删除不可见字符
2021-12-31 17:28:53 +03:00
}
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
🦄 refactor(scan log): 扫描结果日志统一写入g_tsg_maat_rt_para句柄
2023-04-14 15:17:18 +08:00
MESA_handle_runtime_log(g_tsg_maat_rt_para.logger,
删除不可见字符
2021-12-31 17:28:53 +03:00
RLOG_LV_DEBUG,
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
"EXCLUSION_SSL_SNI",
"Not hit %s stream_dir: %d addr: %s scan ret: %d",
domain,
a_stream->dir,
🦄 refactor(scan log): 扫描结果日志统一写入g_tsg_maat_rt_para句柄
2023-04-14 15:17:18 +08:00
PRINTADDR(a_stream, g_tsg_maat_rt_para.level),
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
ret
删除不可见字符
2021-12-31 17:28:53 +03:00
);
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
return 0;
删除不可见字符
2021-12-31 17:28:53 +03:00
}
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
static int get_one_endpoint_ids(const struct streaminfo *a_stream, struct maat *feather, struct ip_addr *ip, struct tunnel_endpoint **endpoint, long long *id_array, int id_array_num)
TSG-11860 - 支持匹配Tunnel Object作为策略条件,以及输出Tunnel Object信息至安全日志和过渡日志
2022-09-09 14:52:05 +08:00
{
TSG-11974: Tunnel Endpoint表为IP Plugin表结构,适配tsg_tunnel_endpoint表结构有变更
2022-09-16 17:37:48 +08:00
int i=0,ret=0,offset=0,free_flag=0;
struct tunnel_endpoint *all_endpoint[TUNNEL_BOOL_ID_MAX];
if(id_array_num<=0)
{
return 0;
}
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
ret=maat_ip_plugin_table_get_ex_data(feather, g_tsg_maat_rt_para.plugin_tb[MAAT_PLUGIN_TUNNEL_ENDPOINT].id, (const struct ip_addr *)ip, (void **)all_endpoint, TUNNEL_BOOL_ID_MAX);
TSG-11974: Tunnel Endpoint表为IP Plugin表结构,适配tsg_tunnel_endpoint表结构有变更
2022-09-16 17:37:48 +08:00
for(i=0; i<ret; i++)
{
if(offset>=id_array_num)
{
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
ex_data_tunnel_endpoint_free(g_tsg_maat_rt_para.plugin_tb[MAAT_PLUGIN_TUNNEL_ENDPOINT].id, (void **)&(all_endpoint[i]), 0, NULL);
TSG-11974: Tunnel Endpoint表为IP Plugin表结构,适配tsg_tunnel_endpoint表结构有变更
2022-09-16 17:37:48 +08:00
continue;
}
if(*endpoint==NULL)
{
*endpoint=all_endpoint[i];
}
else if((*endpoint)->id < all_endpoint[i]->id)
{
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
ex_data_tunnel_endpoint_free(g_tsg_maat_rt_para.plugin_tb[MAAT_PLUGIN_TUNNEL_ENDPOINT].id, (void **)endpoint, 0, NULL);
TSG-11974: Tunnel Endpoint表为IP Plugin表结构,适配tsg_tunnel_endpoint表结构有变更
2022-09-16 17:37:48 +08:00
*endpoint=all_endpoint[i];
}
else
{
free_flag=1;
}
id_array[offset++]=all_endpoint[i]->id;
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
MESA_handle_runtime_log(g_tsg_maat_rt_para.logger, RLOG_LV_DEBUG, "endpoint", "addr: %s Get endpoint id: %d", PRINTADDR(a_stream, g_tsg_maat_rt_para.level), all_endpoint[i]->id);
TSG-11974: Tunnel Endpoint表为IP Plugin表结构,适配tsg_tunnel_endpoint表结构有变更
2022-09-16 17:37:48 +08:00
if(free_flag==1)
{
free_flag=0;
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
ex_data_tunnel_endpoint_free(g_tsg_maat_rt_para.plugin_tb[MAAT_PLUGIN_TUNNEL_ENDPOINT].id, (void **)&(all_endpoint[i]), 0, NULL);
TSG-11974: Tunnel Endpoint表为IP Plugin表结构,适配tsg_tunnel_endpoint表结构有变更
2022-09-16 17:37:48 +08:00
}
}
return offset;
}
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
int tsg_get_endpoint_id(const struct streaminfo *a_stream, struct maat *feather, struct tunnel_endpoint **client_endpoint, struct tunnel_endpoint **server_endpoint, long long *endpoint_id_array, int endpoint_id_array_num)
TSG-11974: Tunnel Endpoint表为IP Plugin表结构,适配tsg_tunnel_endpoint表结构有变更
2022-09-16 17:37:48 +08:00
{
int offset=0;
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
struct ip_addr dest_ip={0}, source_ip={0};
ip_address_convert(a_stream, &source_ip, &dest_ip);
offset+=get_one_endpoint_ids(a_stream, feather, &source_ip, client_endpoint, endpoint_id_array+offset, endpoint_id_array_num-offset);
offset+=get_one_endpoint_ids(a_stream, feather, &dest_ip, server_endpoint, endpoint_id_array+offset, endpoint_id_array_num-offset);
TSG-11860 - 支持匹配Tunnel Object作为策略条件,以及输出Tunnel Object信息至安全日志和过渡日志
2022-09-09 14:52:05 +08:00
TSG-11974: Tunnel Endpoint表为IP Plugin表结构,适配tsg_tunnel_endpoint表结构有变更
2022-09-16 17:37:48 +08:00
return offset;
TSG-11860 - 支持匹配Tunnel Object作为策略条件,以及输出Tunnel Object信息至安全日志和过渡日志
2022-09-09 14:52:05 +08:00
}
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
int tsg_get_vlan_label_id(struct maat *feather, struct single_layer_vlan_addr *vlan_array, int vlan_array_num, long long *label_id_array, int label_id_array_num)
删除不可见字符
2021-12-31 17:28:53 +03:00
{
TSG-11860 - 支持匹配Tunnel Object作为策略条件,以及输出Tunnel Object信息至安全日志和过渡日志
2022-09-09 14:52:05 +08:00
if(vlan_array_num<=0 || label_id_array_num<=0 || vlan_array==NULL || label_id_array==NULL)
{
return 0;
}
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
int idx=0;
for(int i=0; i<vlan_array_num; i++)
TSG-11860 - 支持匹配Tunnel Object作为策略条件,以及输出Tunnel Object信息至安全日志和过渡日志
2022-09-09 14:52:05 +08:00
{
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
void *label_id=maat_plugin_table_get_ex_data(feather, g_tsg_maat_rt_para.plugin_tb[MAAT_PLUGIN_TUNNEL_LABEL].id, (const char *)&(vlan_array[i].VID));
TSG-11860 - 支持匹配Tunnel Object作为策略条件,以及输出Tunnel Object信息至安全日志和过渡日志
2022-09-09 14:52:05 +08:00
if(label_id==NULL)
{
continue;
}
if(idx>=label_id_array_num)
{
break;
}
label_id_array[idx++]=(long long)(label_id);
}
return idx;
}
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
size_t tsg_scan_tunnel_id(const struct streaminfo *a_stream, struct maat *feather, struct maat_rule *results, size_t n_results, struct maat_state *s_mid, long long *bool_id_array, size_t n_bool_id_array)
TSG-11860 - 支持匹配Tunnel Object作为策略条件,以及输出Tunnel Object信息至安全日志和过渡日志
2022-09-09 14:52:05 +08:00
{
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
size_t hit_num=0;
TSG-11860 - 支持匹配Tunnel Object作为策略条件,以及输出Tunnel Object信息至安全日志和过渡日志
2022-09-09 14:52:05 +08:00
struct tunnel_catalog *t_catalog[TUNNEL_CATALOG_MAX];
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
int ret=maat_bool_plugin_table_get_ex_data(feather, g_tsg_maat_rt_para.plugin_tb[MAAT_PLUGIN_TUNNEL_CATALOG].id, (unsigned long long *)bool_id_array, n_bool_id_array, (void**)(&t_catalog), TUNNEL_CATALOG_MAX);
TSG-13584: Firewall的安全日志依赖session record日志,修复TRAFFIC_SHAPING_PROFILE表是否生效字段编号定义错误,使用cppcheck进行代码检查
2023-02-09 07:14:55 +00:00
for(int i=0; i<ret; i++)
TSG-11860 - 支持匹配Tunnel Object作为策略条件,以及输出Tunnel Object信息至安全日志和过渡日志
2022-09-09 14:52:05 +08:00
{
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
hit_num+=tsg_scan_integer(a_stream, feather, (long long)t_catalog[i]->id, MAAT_SCAN_TUNNEL_ID, s_mid, results+hit_num, n_results-hit_num);
ex_data_tunnel_catalog_free(g_tsg_maat_rt_para.plugin_tb[MAAT_PLUGIN_TUNNEL_CATALOG].id, (void **)&(t_catalog[i]), 0, NULL);
TSG-11860 - 支持匹配Tunnel Object作为策略条件,以及输出Tunnel Object信息至安全日志和过渡日志
2022-09-09 14:52:05 +08:00
}
return hit_num;
}
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
size_t tsg_scan_subscribe_id_policy(const struct streaminfo *a_stream, struct maat *feather, struct subscribe_id_info *user_info, struct maat_state *s_mid, struct maat_rule *results, size_t n_results)
TSG-11860 - 支持匹配Tunnel Object作为策略条件,以及输出Tunnel Object信息至安全日志和过渡日志
2022-09-09 14:52:05 +08:00
{
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
if(user_info==NULL || user_info->subscribe_id==NULL || results==NULL || n_results==0)
删除不可见字符
2021-12-31 17:28:53 +03:00
{
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
return 0;
删除不可见字符
2021-12-31 17:28:53 +03:00
}
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
return tsg_scan_string(a_stream, feather, user_info->subscribe_id, strlen(user_info->subscribe_id), MAAT_SCAN_SUBSCRIBER_ID, s_mid, results, n_results);
}
删除不可见字符
2021-12-31 17:28:53 +03:00
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
size_t tsg_scan_gtp_apn_policy(const struct streaminfo *a_stream, struct maat *feather, char *apn, struct maat_state *s_mid,struct maat_rule *results, size_t n_results)
{
if(apn==NULL || results==NULL || n_results==0)
删除不可见字符
2021-12-31 17:28:53 +03:00
{
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
return 0;
删除不可见字符
2021-12-31 17:28:53 +03:00
}
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
return tsg_scan_string(a_stream, feather, apn, strlen(apn), MAAT_SCAN_GTP_APN, s_mid, results, n_results);
}
删除不可见字符
2021-12-31 17:28:53 +03:00
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
size_t tsg_scan_gtp_imsi_policy(const struct streaminfo *a_stream, struct maat *feather, char *imsi, struct maat_state *s_mid, struct maat_rule *results, size_t n_results)
{
if(imsi==NULL || results==NULL || n_results==0)
删除不可见字符
2021-12-31 17:28:53 +03:00
{
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
return 0;
删除不可见字符
2021-12-31 17:28:53 +03:00
}
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
return tsg_scan_string(a_stream, feather, imsi, strlen(imsi), MAAT_SCAN_GTP_IMSI, s_mid, results, n_results);
}
TSG-11860 - 支持匹配Tunnel Object作为策略条件,以及输出Tunnel Object信息至安全日志和过渡日志
2022-09-09 14:52:05 +08:00
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
size_t tsg_scan_gtp_phone_number_policy(const struct streaminfo *a_stream, struct maat *feather, char *phone_number, struct maat_state *s_mid, struct maat_rule *results, size_t n_results)
{
if(phone_number==NULL || results==NULL || n_results==0)
删除不可见字符
2021-12-31 17:28:53 +03:00
{
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
return 0;
删除不可见字符
2021-12-31 17:28:53 +03:00
}
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
return tsg_scan_string(a_stream, feather, phone_number, strlen(phone_number), MAAT_SCAN_GTP_PHONE_NUMBER, s_mid, results, n_results);
删除不可见字符
2021-12-31 17:28:53 +03:00
}
//return value: -1: failed, 0: not hit, >0: hit count
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
size_t tsg_scan_shared_policy(const struct streaminfo *a_stream, struct maat *feather, char *domain, int idx, struct maat_state *s_mid, struct maat_rule *results, size_t n_results)
删除不可见字符
2021-12-31 17:28:53 +03:00
{
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
if(domain==NULL)
删除不可见字符
2021-12-31 17:28:53 +03:00
{
return 0;
}
TSG-13584: Firewall的安全日志依赖session record日志,修复TRAFFIC_SHAPING_PROFILE表是否生效字段编号定义错误,使用cppcheck进行代码检查
2023-02-09 07:14:55 +00:00
int fqdn_len=get_fqdn_len(domain);
master命中策略的链接,链接结束时需单独发送日志
2023-02-10 21:54:35 +08:00
if(fqdn_len==0)
{
return 0;
}
删除不可见字符
2021-12-31 17:28:53 +03:00
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
return tsg_scan_string(a_stream, feather, domain, fqdn_len, (enum MAAT_SCAN_TB)idx, s_mid, results, n_results);
删除不可见字符
2021-12-31 17:28:53 +03:00
}
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
size_t tsg_scan_session_flags(const struct streaminfo *a_stream, struct maat *feather, unsigned long flag, struct maat_state *s_mid, struct maat_rule *results, size_t n_results)
TSG-13106: 支持Flag Object作为策略条件之一
2022-12-28 16:36:40 +08:00
{
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
return tsg_scan_flags(a_stream, feather, flag, MAAT_SCAN_SESSION_FLAGS, s_mid, results, n_results);
TSG-13106: 支持Flag Object作为策略条件之一
2022-12-28 16:36:40 +08:00
}
删除不可见字符
2021-12-31 17:28:53 +03:00
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
struct maat_rule *tsg_select_deny_rule(struct maat_rule *rules, size_t n_rules)
删除不可见字符
2021-12-31 17:28:53 +03:00
{
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
struct maat_rule *p_result=NULL;
删除不可见字符
2021-12-31 17:28:53 +03:00
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
for(size_t i=0; i< n_rules; i++)
删除不可见字符
2021-12-31 17:28:53 +03:00
{
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
if(rules[i].action==TSG_ACTION_DENY || rules[i].action==TSG_ACTION_BYPASS)
删除不可见字符
2021-12-31 17:28:53 +03:00
{
if(p_result==NULL)
{
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
p_result=&rules[i];
删除不可见字符
2021-12-31 17:28:53 +03:00
continue;
}
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
if(rules[i].action > p_result->action)
删除不可见字符
2021-12-31 17:28:53 +03:00
{
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
p_result=&rules[i];
删除不可见字符
2021-12-31 17:28:53 +03:00
continue;
}
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
if((rules[i].action==p_result->action) && (rules[i].rule_id > p_result->rule_id))
删除不可见字符
2021-12-31 17:28:53 +03:00
{
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
p_result=&rules[i];
删除不可见字符
2021-12-31 17:28:53 +03:00
}
}
}
return p_result;
}
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
int tsg_get_fqdn_category_ids(struct maat *feather, char *fqdn, unsigned int *category_ids, int n_category_ids)
删除不可见字符
2021-12-31 17:28:53 +03:00
{
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
if(category_ids!=NULL && n_category_ids>0)
删除不可见字符
2021-12-31 17:28:53 +03:00
{
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
int ret=get_fqdn_category_id(feather, g_tsg_maat_rt_para.plugin_tb[MAAT_PLUGIN_FQDN_CAT_USER_DEFINED].id, fqdn, category_ids, n_category_ids);
删除不可见字符
2021-12-31 17:28:53 +03:00
if(ret>0)
{
return ret;
}
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
ret=get_fqdn_category_id(feather, g_tsg_maat_rt_para.plugin_tb[MAAT_PLUGIN_FQDN_CAT_BUILT_IN].id, fqdn, category_ids, n_category_ids);
删除不可见字符
2021-12-31 17:28:53 +03:00
if(ret>0)
{
return ret;
}
}
return 0;
}
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
size_t tsg_scan_fqdn_category_id(const struct streaminfo *a_stream, struct maat *feather, unsigned int *category_ids, int n_category_ids, int table_idx, struct maat_state *s_mid, struct maat_rule *results, size_t n_results)
删除不可见字符
2021-12-31 17:28:53 +03:00
{
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
if(n_results==0 || category_ids==NULL || n_category_ids<=0 || table_idx<0)
删除不可见字符
2021-12-31 17:28:53 +03:00
{
return 0;
}
TSG-13584: Firewall的安全日志依赖session record日志,修复TRAFFIC_SHAPING_PROFILE表是否生效字段编号定义错误,使用cppcheck进行代码检查
2023-02-09 07:14:55 +00:00
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
size_t hit_num=0;
删除不可见字符
2021-12-31 17:28:53 +03:00
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
for(int i=0; i<n_category_ids; i++)
删除不可见字符
2021-12-31 17:28:53 +03:00
{
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
hit_num+=tsg_scan_integer(a_stream, feather, (long long)category_ids[i], (enum MAAT_SCAN_TB)table_idx, s_mid, results, n_results);
删除不可见字符
2021-12-31 17:28:53 +03:00
}
return hit_num;
}
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
size_t tsg_scan_app_id_policy(const struct streaminfo *a_stream, struct maat *feather, unsigned int app_id, struct maat_state *s_mid, struct maat_rule *results, size_t n_results)
删除不可见字符
2021-12-31 17:28:53 +03:00
{
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
return tsg_scan_integer(a_stream, feather, (long long)app_id, MAAT_SCAN_APP_ID, s_mid, results, n_results);
删除不可见字符
2021-12-31 17:28:53 +03:00
}
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
size_t tsg_scan_app_properties_policy(const struct streaminfo *a_stream, struct maat *feather, char *property, char *district, struct maat_state *s_mid, struct maat_rule *results, int n_results)
删除不可见字符
2021-12-31 17:28:53 +03:00
{
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
if(property==NULL || district==NULL)
删除不可见字符
2021-12-31 17:28:53 +03:00
{
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
return 0;
}
删除不可见字符
2021-12-31 17:28:53 +03:00
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
size_t hit_num=0;
struct maat_rule property_result[MAX_RESULT_NUM]={0};
适配maat_state_set_scan_district函数参数调整
2023-04-04 19:07:41 +08:00
maat_state_set_scan_district(s_mid, g_tsg_maat_rt_para.scan_tb[MAAT_SCAN_SELECTOR_PROPERTIES].id, (const char *)district, strlen(district));
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
size_t ret=tsg_scan_string(a_stream, feather, property, strlen(property), MAAT_SCAN_SELECTOR_PROPERTIES, s_mid, property_result, MAX_RESULT_NUM);
for(size_t i=0; i<ret; i++)
{
hit_num+=tsg_scan_integer(a_stream, feather, property_result[i].rule_id, MAAT_SCAN_SELECTOR_ID, s_mid, results+hit_num, n_results-hit_num);
删除不可见字符
2021-12-31 17:28:53 +03:00
}
return hit_num;
}
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
size_t tsg_scan_nesting_addr(const struct streaminfo *a_stream, struct maat *feather, enum TSG_PROTOCOL proto, struct maat_state *s_mid, struct maat_rule *results, size_t n_results)
删除不可见字符
2021-12-31 17:28:53 +03:00
{
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
size_t hit_num=0;
unsigned int proto_id=0;
struct ipaddr t_addr;
struct ipaddr* p_addr=NULL;
const struct streaminfo *cur_stream = a_stream;
int bool_id_array_idx=0;
long long bool_id_array[TUNNEL_BOOL_ID_MAX]={0};
删除不可见字符
2021-12-31 17:28:53 +03:00
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
if(results==NULL || n_results==0 || a_stream==NULL || feather==NULL)
删除不可见字符
2021-12-31 17:28:53 +03:00
{
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
MESA_handle_runtime_log(g_tsg_maat_rt_para.logger, RLOG_LV_DEBUG, "SCAN_NESTING_ADDR", "result==NULL || result_num<=0 || maat_feather==NULL || a_stream==NULL");
删除不可见字符
2021-12-31 17:28:53 +03:00
return 0;
}
TSG-15014: 使用错误的bridge id获取异步存储空间,导致内存被覆写
2023-05-15 16:38:56 +08:00
struct session_runtime_attribute *srt_attribute=(struct session_runtime_attribute *)session_runtime_attribute_new(a_stream);
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
srt_attribute_set_ip_asn(a_stream, feather, &(srt_attribute->client_asn), &(srt_attribute->server_asn));
srt_attribute_set_ip_location(a_stream, feather, &(srt_attribute->client_location), &(srt_attribute->server_location));
删除不可见字符
2021-12-31 17:28:53 +03:00
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
do
{
switch(cur_stream->addr.addrtype)
{
case ADDR_TYPE_IPV4:
case __ADDR_TYPE_IP_PAIR_V4:
if(cur_stream->addr.addrtype == __ADDR_TYPE_IP_PAIR_V4)
{
memcpy(&t_addr, &cur_stream->addr, sizeof(t_addr));
t_addr.addrtype = ADDR_TYPE_IPV4;
p_addr=&t_addr;
}
else
{
p_addr=(struct ipaddr *)&cur_stream->addr;
}
hit_num+=tsg_scan_ipv4_address(cur_stream, feather,p_addr, MAAT_SCAN_SRC_IP_ADDR, s_mid, results+hit_num, n_results-hit_num);
hit_num+=tsg_scan_ipv4_address(cur_stream, feather,p_addr, MAAT_SCAN_DST_IP_ADDR, s_mid, results+hit_num, n_results-hit_num);
break;
case ADDR_TYPE_IPV6:
case __ADDR_TYPE_IP_PAIR_V6:
if(cur_stream->addr.addrtype == __ADDR_TYPE_IP_PAIR_V6)
{
memcpy(&t_addr, &cur_stream->addr, sizeof(t_addr));
t_addr.addrtype = ADDR_TYPE_IPV6;
p_addr=&t_addr;
}
else
{
p_addr=(struct ipaddr *)&cur_stream->addr;
}
删除不可见字符
2021-12-31 17:28:53 +03:00
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
hit_num+=tsg_scan_ipv6_address(cur_stream, feather, p_addr, MAAT_SCAN_SRC_IP_ADDR, s_mid, results+hit_num, n_results-hit_num);
hit_num+=tsg_scan_ipv6_address(cur_stream, feather, p_addr, MAAT_SCAN_DST_IP_ADDR, s_mid, results+hit_num, n_results-hit_num);
break;
case ADDR_TYPE_L2TP:
proto_id=tsg_l7_protocol_name2id(g_tsg_proto_name2id[PROTO_L2TP].name);
hit_num+=tsg_scan_integer(cur_stream, feather, (long long)proto_id, MAAT_SCAN_APP_ID, s_mid, results+hit_num, n_results-hit_num);
break;
case ADDR_TYPE_PPTP:
proto_id=tsg_l7_protocol_name2id(g_tsg_proto_name2id[PROTO_PPTP].name);
hit_num+=tsg_scan_integer(cur_stream, feather, (long long)proto_id, MAAT_SCAN_APP_ID, s_mid, results+hit_num, n_results-hit_num);
break;
case ADDR_TYPE_VLAN:
bool_id_array_idx+=tsg_get_vlan_label_id(feather, cur_stream->addr.vlan->c2s_addr_array, cur_stream->addr.vlan->c2s_layer_num, bool_id_array+bool_id_array_idx, TUNNEL_BOOL_ID_MAX-bool_id_array_idx);
bool_id_array_idx+=tsg_get_vlan_label_id(feather, cur_stream->addr.vlan->s2c_addr_array, cur_stream->addr.vlan->s2c_layer_num, bool_id_array+bool_id_array_idx, TUNNEL_BOOL_ID_MAX-bool_id_array_idx);
break;
case ADDR_TYPE_GPRS_TUNNEL:
bool_id_array_idx+=tsg_get_endpoint_id(cur_stream->pfather,
feather,
&(srt_attribute->client_endpoint),
&(srt_attribute->server_endpoint),
bool_id_array+bool_id_array_idx,
TUNNEL_BOOL_ID_MAX-bool_id_array_idx
);
cur_stream=cur_stream->pfather; // skip gtp tuple4
break;
default:
break;
}
cur_stream=cur_stream->pfather;
}while(cur_stream!=NULL && hit_num<n_results);
删除不可见字符
2021-12-31 17:28:53 +03:00
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
if(hit_num<n_results)
删除不可见字符
2021-12-31 17:28:53 +03:00
{
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
hit_num+=tsg_scan_tunnel_id(a_stream, feather, results+hit_num, n_results-hit_num, s_mid, bool_id_array, bool_id_array_idx);
删除不可见字符
2021-12-31 17:28:53 +03:00
}
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
if(hit_num<n_results && proto>PROTO_UNKONWN && proto<PROTO_MAX)
{
proto_id=tsg_l7_protocol_name2id(g_tsg_proto_name2id[proto].name);
hit_num+=tsg_scan_integer(a_stream, feather, (long long)proto_id, MAAT_SCAN_APP_ID, s_mid, results+hit_num, n_results-hit_num);
if(proto==PROTO_SMTP || proto==PROTO_IMAP || proto==PROTO_POP3)
{
proto_id=tsg_l7_protocol_name2id(g_tsg_proto_name2id[PROTO_MAIL].name);
hit_num+=tsg_scan_integer(a_stream, feather, (long long)proto_id, MAAT_SCAN_APP_ID, s_mid, results+hit_num, n_results-hit_num);
}
删除不可见字符
2021-12-31 17:28:53 +03:00
}
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
if(hit_num<n_results)
删除不可见字符
2021-12-31 17:28:53 +03:00
{
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
hit_num+=tsg_scan_ip_location(a_stream, feather,srt_attribute->client_location, MAAT_SCAN_SRC_LOCATION, s_mid, results+hit_num, n_results-hit_num);
hit_num+=tsg_scan_ip_location(a_stream, feather, srt_attribute->server_location, MAAT_SCAN_DST_LOCATION, s_mid, results+hit_num, n_results-hit_num);
删除不可见字符
2021-12-31 17:28:53 +03:00
}
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
if(hit_num<n_results)
{
hit_num+=tsg_scan_ip_asn(a_stream, feather, srt_attribute->client_asn, MAAT_SCAN_SRC_ASN, s_mid, results+hit_num, n_results-hit_num);
hit_num+=tsg_scan_ip_asn(a_stream, feather, srt_attribute->server_asn, MAAT_SCAN_DST_ASN, s_mid, results+hit_num, n_results-hit_num);
删除不可见字符
2021-12-31 17:28:53 +03:00
}
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
if(hit_num<n_results)
删除不可见字符
2021-12-31 17:28:53 +03:00
{
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
srt_attribute_set_subscriber_id(a_stream, feather, &srt_attribute->client_subscribe_id, &srt_attribute->server_subscribe_id);
hit_num+=tsg_scan_subscribe_id_policy(a_stream, feather, srt_attribute->client_subscribe_id, s_mid, results+hit_num, n_results-hit_num);
hit_num+=tsg_scan_subscribe_id_policy(a_stream, feather, srt_attribute->server_subscribe_id, s_mid, results+hit_num, n_results-hit_num);
删除不可见字符
2021-12-31 17:28:53 +03:00
}
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
if(hit_num<n_results)
{
int ret=session_runtine_attribute_get_umts_user_info(a_stream, &(srt_attribute->user_info));
if(ret==1 && srt_attribute->user_info!=NULL)
{
hit_num+=tsg_scan_gtp_apn_policy(a_stream, feather, srt_attribute->user_info->apn, s_mid, results+hit_num, n_results-hit_num);
hit_num+=tsg_scan_gtp_imsi_policy(a_stream, feather, srt_attribute->user_info->imsi, s_mid, results+hit_num, n_results-hit_num);
hit_num+=tsg_scan_gtp_phone_number_policy(a_stream, feather, srt_attribute->user_info->msisdn, s_mid, results+hit_num, n_results-hit_num);
}
删除不可见字符
2021-12-31 17:28:53 +03:00
}
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
return hit_num;
删除不可见字符
2021-12-31 17:28:53 +03:00
}
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
int tsg_get_app_name_by_id(struct maat *feather, int app_id, char *app_name, int app_name_len, int is_joint_parent)
删除不可见字符
2021-12-31 17:28:53 +03:00
{
if(app_id<=0 || app_name==NULL || app_name_len<=0)
{
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
return 0;
删除不可见字符
2021-12-31 17:28:53 +03:00
}
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
int offset=0;
long long ll_app_id=(long long)app_id;
struct app_id_dict *dict=(struct app_id_dict *)maat_plugin_table_get_ex_data(feather, g_tsg_maat_rt_para.plugin_tb[MAAT_PLUGIN_APP_ID_DICT].id, (const char *)&(ll_app_id));
删除不可见字符
2021-12-31 17:28:53 +03:00
if(dict!=NULL)
{
TSG-13243,TSG-13252: 从用户自定义的所有结果中选第一个被识别的APP拼接到app_full_path字段; 将用户自定义的所有结果拼接到app_full_path中存在写越界导致应用重启
2023-01-04 16:51:23 +08:00
if((int)strlen(dict->app_name) > app_name_len)
{
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
ex_data_app_id_dict_free(g_tsg_maat_rt_para.plugin_tb[MAAT_PLUGIN_APP_ID_DICT].id, (void **)&dict, 0, NULL);
TSG-13243,TSG-13252: 从用户自定义的所有结果中选第一个被识别的APP拼接到app_full_path字段; 将用户自定义的所有结果拼接到app_full_path中存在写越界导致应用重启
2023-01-04 16:51:23 +08:00
return offset;
}
删除不可见字符
2021-12-31 17:28:53 +03:00
if(dict->parent_app_id!=0 && is_joint_parent==1)
{
offset=snprintf(app_name, app_name_len, "%s.%s", dict->parent_app_name, dict->app_name);
}
else
{
offset=snprintf(app_name, app_name_len, "%s", dict->app_name);
}
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
ex_data_app_id_dict_free(g_tsg_maat_rt_para.plugin_tb[MAAT_PLUGIN_APP_ID_DICT].id, (void **)&dict, 0, NULL);
删除不可见字符
2021-12-31 17:28:53 +03:00
return offset;
}
return offset;
}
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
struct maat_compile *matched_rule_cites_security_compile(struct maat *feather, struct maat_rule *result)
删除不可见字符
2021-12-31 17:28:53 +03:00
{
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
return (struct maat_compile *)maat_plugin_table_get_ex_data(feather, g_tsg_maat_rt_para.plugin_tb[MAAT_PLUGIN_SECURITY_COMPILE].id, (const char *)&(result->rule_id));
删除不可见字符
2021-12-31 17:28:53 +03:00
}
提供根据策略通知捕包或者镜像流量的接口
2023-04-28 10:17:10 +08:00
int session_packet_capture_by_rules_notify(const struct streaminfo *a_stream, struct maat_rule *rules, size_t n_rules, int thread_seq)
删除不可见字符
2021-12-31 17:28:53 +03:00
{
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
struct maat_compile *maat_compile=NULL;
TSG-9152,TSG-8537,TSG-9153: 总控支持与原始包处理插件交互mirror和capture信息,命中监测策略镜像流量到第三方逻辑从tsg_master总控分离
2021-12-28 20:27:37 +03:00
struct traffic_mirror_profile *mirror_profile=NULL;
删除不可见字符
2021-12-31 17:28:53 +03:00
提供根据策略通知捕包或者镜像流量的接口
2023-04-28 10:17:10 +08:00
for(size_t i=0; i<n_rules; i++)
删除不可见字符
2021-12-31 17:28:53 +03:00
{
提供根据策略通知捕包或者镜像流量的接口
2023-04-28 10:17:10 +08:00
if(rules[i].action!=TSG_ACTION_MONITOR && rules[i].action!=TSG_ACTION_DENY)
删除不可见字符
2021-12-31 17:28:53 +03:00
{
continue;
}
提供根据策略通知捕包或者镜像流量的接口
2023-04-28 10:17:10 +08:00
maat_compile=matched_rule_cites_security_compile(g_tsg_maat_feather, &(rules[i]));
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
if(maat_compile==NULL)
{
continue;
}
if(maat_compile->user_region==NULL)
删除不可见字符
2021-12-31 17:28:53 +03:00
{
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
plugin_ex_data_security_compile_free(maat_compile);
删除不可见字符
2021-12-31 17:28:53 +03:00
continue;
}
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
if(maat_compile->user_region->method_type==TSG_METHOD_TYPE_MIRRORED && maat_compile->user_region->mirror!=NULL && maat_compile->user_region->mirror->enabled==1)
删除不可见字符
2021-12-31 17:28:53 +03:00
{
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
mirror_profile=(struct traffic_mirror_profile *)maat_plugin_table_get_ex_data(g_tsg_maat_feather, g_tsg_maat_rt_para.plugin_tb[MAAT_PLUGIN_PROFILE_MIRROR].id, (const char *)&(maat_compile->user_region->mirror->profile_id));
TSG-9152,TSG-8537,TSG-9153: 总控支持与原始包处理插件交互mirror和capture信息,命中监测策略镜像流量到第三方逻辑从tsg_master总控分离
2021-12-28 20:27:37 +03:00
if(mirror_profile!=NULL)
{
提供根据策略通知捕包或者镜像流量的接口
2023-04-28 10:17:10 +08:00
session_mirror_packets_sync(a_stream, &rules[i], &(mirror_profile->vlan));
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
ex_data_mirrored_profile_free(0, (void **)&mirror_profile, 0, NULL);
TSG-9152,TSG-8537,TSG-9153: 总控支持与原始包处理插件交互mirror和capture信息,命中监测策略镜像流量到第三方逻辑从tsg_master总控分离
2021-12-28 20:27:37 +03:00
}
TSG-9289: 修复Deny策略未执行捕包动作的问题
2022-01-06 17:41:03 +03:00
else
{
提供根据策略通知捕包或者镜像流量的接口
2023-04-28 10:17:10 +08:00
session_mirror_packets_sync(a_stream, &rules[i], &(g_tsg_maat_rt_para.default_vlan));
TSG-9289: 修复Deny策略未执行捕包动作的问题
2022-01-06 17:41:03 +03:00
}
删除不可见字符
2021-12-31 17:28:53 +03:00
}
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
if(maat_compile->user_region->capture.enabled==1)
删除不可见字符
2021-12-31 17:28:53 +03:00
{
提供根据策略通知捕包或者镜像流量的接口
2023-04-28 10:17:10 +08:00
session_capture_packets_sync(a_stream, &rules[i], maat_compile->user_region->capture.depth);
删除不可见字符
2021-12-31 17:28:53 +03:00
}
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
plugin_ex_data_security_compile_free(maat_compile);
maat_compile=NULL;
删除不可见字符
2021-12-31 17:28:53 +03:00
}
TSG-9152,TSG-8537,TSG-9153: 总控支持与原始包处理插件交互mirror和capture信息,命中监测策略镜像流量到第三方逻辑从tsg_master总控分离
2021-12-28 20:27:37 +03:00
return 1;
删除不可见字符
2021-12-31 17:28:53 +03:00
}
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
struct umts_user_info *tsg_get_umts_user_info_form_redis(struct maat *feather, long long teid)
删除不可见字符
2021-12-31 17:28:53 +03:00
{
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
return (struct umts_user_info *)maat_plugin_table_get_ex_data(g_tsg_maat_feather, g_tsg_maat_rt_para.plugin_tb[MAAT_PLUGIN_GTP_IP2SIGNALING].id, (const char *)&(teid));
}
删除不可见字符
2021-12-31 17:28:53 +03:00
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
void *matched_rule_cites_http_response_pages(struct maat *feather, long long profile_id)
{
return maat_plugin_table_get_ex_data(feather, g_tsg_maat_rt_para.plugin_tb[MAAT_PLUGIN_RESPONSE_PAGES].id, (const char *)&profile_id);
}
删除不可见字符
2021-12-31 17:28:53 +03:00
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
void plugin_ex_data_http_response_pages_free(struct http_response_pages *response_pages)
{
ex_data_http_response_pages_free(g_tsg_maat_rt_para.plugin_tb[MAAT_PLUGIN_RESPONSE_PAGES].id, (void **)&response_pages, 0, NULL);
删除不可见字符
2021-12-31 17:28:53 +03:00
}
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
void *matched_rule_cites_security_compile(struct maat *feather, long long compile_id)
删除不可见字符
2021-12-31 17:28:53 +03:00
{
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
return maat_plugin_table_get_ex_data(feather, g_tsg_maat_rt_para.plugin_tb[MAAT_PLUGIN_SECURITY_COMPILE].id, (const char *)&compile_id);
}
删除不可见字符
2021-12-31 17:28:53 +03:00
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
void plugin_ex_data_security_compile_free(struct maat_compile *maat_compile)
{
ex_data_security_compile_free(g_tsg_maat_rt_para.plugin_tb[MAAT_PLUGIN_SECURITY_COMPILE].id, (void **)&maat_compile, 0, NULL);
}
删除不可见字符
2021-12-31 17:28:53 +03:00
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
void *matched_rule_cites_app_id_dict(struct maat *feather, long long app_id)
{
return maat_plugin_table_get_ex_data(feather, g_tsg_maat_rt_para.plugin_tb[MAAT_PLUGIN_APP_ID_DICT].id, (const char *)&app_id);
删除不可见字符
2021-12-31 17:28:53 +03:00
}
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
void plugin_ex_data_app_id_dict_free(struct app_id_dict *dict)
删除不可见字符
2021-12-31 17:28:53 +03:00
{
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
ex_data_app_id_dict_free(g_tsg_maat_rt_para.plugin_tb[MAAT_PLUGIN_APP_ID_DICT].id, (void **)&dict, 0, NULL);
删除不可见字符
2021-12-31 17:28:53 +03:00
}
TSG-10006: 兼容三、四级(N)地址库
2022-05-18 11:41:41 +08:00
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
void *matched_rule_cites_dns_profile_record(struct maat *feather, long long profile_id)
TSG-10006: 兼容三、四级(N)地址库
2022-05-18 11:41:41 +08:00
{
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
return maat_plugin_table_get_ex_data(feather, g_tsg_maat_rt_para.plugin_tb[MAAT_PLUGIN_DNS_PROFILE_RECORD].id, (const char *)&profile_id);
TSG-10006: 兼容三、四级(N)地址库
2022-05-18 11:41:41 +08:00
}
TSG-11250: 支持从REDIS中读取移动网用户标识映射关系表并执行对应策略
2022-07-29 10:41:09 +00:00
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
void plugin_ex_data_dns_profile_record_free(struct dns_profile_records *records)
TSG-11250: 支持从REDIS中读取移动网用户标识映射关系表并执行对应策略
2022-07-29 10:41:09 +00:00
{
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
ex_data_app_id_dict_free(g_tsg_maat_rt_para.plugin_tb[MAAT_PLUGIN_DNS_PROFILE_RECORD].id, (void **)&records, 0, NULL);
TSG-11250: 支持从REDIS中读取移动网用户标识映射关系表并执行对应策略
2022-07-29 10:41:09 +00:00
}
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
size_t tsg_matched_rules_select(struct maat *feather, TSG_SERVICE service, long long *matched_rules, size_t n_matched_rules, struct maat_rule *rules, size_t n_rules)
TSG-13584: Firewall的安全日志依赖session record日志,修复TRAFFIC_SHAPING_PROFILE表是否生效字段编号定义错误,使用cppcheck进行代码检查
2023-02-09 07:14:55 +00:00
{
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
size_t offset=0;
for(size_t i=0; i<n_matched_rules; i++)
TSG-13584: Firewall的安全日志依赖session record日志,修复TRAFFIC_SHAPING_PROFILE表是否生效字段编号定义错误,使用cppcheck进行代码检查
2023-02-09 07:14:55 +00:00
{
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
struct maat_compile *maat_compile=(struct maat_compile *)maat_plugin_table_get_ex_data(feather, g_tsg_maat_rt_para.plugin_tb[MAAT_PLUGIN_SECURITY_COMPILE].id, (const char *)&(matched_rules[i]));
if(maat_compile==NULL)
TSG-13584: Firewall的安全日志依赖session record日志,修复TRAFFIC_SHAPING_PROFILE表是否生效字段编号定义错误,使用cppcheck进行代码检查
2023-02-09 07:14:55 +00:00
{
continue;
}
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
if(maat_compile->rule.service_id==service && offset<n_rules)
TSG-13584: Firewall的安全日志依赖session record日志,修复TRAFFIC_SHAPING_PROFILE表是否生效字段编号定义错误,使用cppcheck进行代码检查
2023-02-09 07:14:55 +00:00
{
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
rules[offset++]=maat_compile->rule;
TSG-13584: Firewall的安全日志依赖session record日志,修复TRAFFIC_SHAPING_PROFILE表是否生效字段编号定义错误,使用cppcheck进行代码检查
2023-02-09 07:14:55 +00:00
}
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
ex_data_security_compile_free(g_tsg_maat_rt_para.plugin_tb[MAAT_PLUGIN_SECURITY_COMPILE].id, (void **)&(maat_compile), 0, NULL);
TSG-13584: Firewall的安全日志依赖session record日志,修复TRAFFIC_SHAPING_PROFILE表是否生效字段编号定义错误,使用cppcheck进行代码检查
2023-02-09 07:14:55 +00:00
}
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
return offset;
TSG-13584: Firewall的安全日志依赖session record日志,修复TRAFFIC_SHAPING_PROFILE表是否生效字段编号定义错误,使用cppcheck进行代码检查
2023-02-09 07:14:55 +00:00
}
TSG-14946: 安全策略支持allow(deny)和monitor动作同时命中
2023-05-27 09:37:46 +00:00
size_t tsg_select_rules_by_action(struct maat_rule *matched_rules, size_t n_matched_rules, struct maat_rule *rules, size_t n_rules, unsigned char action)
{
size_t offset=0;
for(size_t i=0; i<n_matched_rules; i++)
{
if(offset>=n_rules)
{
break;
}
if(matched_rules[i].action!=action)
{
continue;
}
rules[offset++]=matched_rules[i];
}
return offset;
}
TSG-14654: 控制报文格式调整, 增加将cmsg字段发送给TFE, 控制报文采用mpack封装格式
2023-05-06 02:23:12 +00:00
size_t tsg_select_rules_by_service_id(struct maat_rule *matched_rules, size_t n_matched_rules, struct maat_rule *rules, size_t n_rules, enum TSG_SERVICE service_id)
TSG-13584: Firewall的安全日志依赖session record日志,修复TRAFFIC_SHAPING_PROFILE表是否生效字段编号定义错误,使用cppcheck进行代码检查
2023-02-09 07:14:55 +00:00
{
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
size_t offset=0;
for(size_t i=0; i<n_matched_rules; i++)
TSG-13584: Firewall的安全日志依赖session record日志,修复TRAFFIC_SHAPING_PROFILE表是否生效字段编号定义错误,使用cppcheck进行代码检查
2023-02-09 07:14:55 +00:00
{
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
if(matched_rules[i].service_id==service_id && offset<n_rules)
TSG-13584: Firewall的安全日志依赖session record日志,修复TRAFFIC_SHAPING_PROFILE表是否生效字段编号定义错误,使用cppcheck进行代码检查
2023-02-09 07:14:55 +00:00
{
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
rules[offset++]=matched_rules[i];
TSG-13584: Firewall的安全日志依赖session record日志,修复TRAFFIC_SHAPING_PROFILE表是否生效字段编号定义错误,使用cppcheck进行代码检查
2023-02-09 07:14:55 +00:00
}
}
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
return offset;
TSG-13584: Firewall的安全日志依赖session record日志,修复TRAFFIC_SHAPING_PROFILE表是否生效字段编号定义错误,使用cppcheck进行代码检查
2023-02-09 07:14:55 +00:00
}
TSG-13777: 支持同步流状态及命中策略ID
2023-03-01 05:09:34 +00:00
TSG-15187: 增加遗漏的category的库表注册
2023-05-26 07:23:57 +00:00
int tsg_domain_table_idx_get(enum TSG_PROTOCOL proto)
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
{
switch(proto)
{
case PROTO_HTTP:
return MAAT_SCAN_HTTP_HOST;
case PROTO_SSL:
return MAAT_SCAN_SSL_SNI;
case PROTO_QUIC:
return MAAT_SCAN_QUIC_SNI;
case PROTO_DTLS:
return MAAT_SCAN_DTLS_SNI;
default:
TSG-13777: 支持同步流状态及命中策略ID
2023-03-01 05:09:34 +00:00
break;
}
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
return -1;
}
TSG-15187: 增加遗漏的category的库表注册
2023-05-26 07:23:57 +00:00
int tsg_fqdn_category_table_idx_get(enum TSG_PROTOCOL proto)
{
switch(proto)
{
case PROTO_HTTP:
return MAAT_SCAN_HTTP_HOST_CAT;
case PROTO_SSL:
return MAAT_SCAN_SSL_SNI_CAT;
case PROTO_QUIC:
return MAAT_SCAN_QUIC_SNI_CAT;
case PROTO_DTLS:
return MAAT_SCAN_DTLS_SNI_CAT;
default:
break;
}
return -1;
}
TSG-13778 TSG master支持MAAT4
2023-04-03 08:30:49 +00:00
int tsg_http_url_table_idx_get(void)
{
return MAAT_SCAN_HTTP_URL;
}
int tsg_session_record_switch_get(void)
{
return g_tsg_maat_rt_para.session_record_switch;
}
int tsg_location_type_get(void)
{
return g_tsg_maat_rt_para.location_field_num;
}
long long tsg_default_compile_id_get(void)
{
return g_tsg_maat_rt_para.default_compile_id;
}
char *tsg_data_center_get(void)
{
return g_tsg_maat_rt_para.data_center;
}
char *tsg_device_tag_get(void)
{
return g_tsg_maat_rt_para.device_tag;
TSG-13777: 支持同步流状态及命中策略ID
2023-03-01 05:09:34 +00:00
}
Reference in New Issue Copy Permalink