From 02e880ebd080078bc1f911e6a262490fb6d8cfc5 Mon Sep 17 00:00:00 2001 From: liuxueli Date: Tue, 4 Jul 2023 11:56:11 +0800 Subject: [PATCH] =?UTF-8?q?master=E5=91=BD=E4=B8=ADDNS=E5=8D=8F=E8=AE=AE?= =?UTF-8?q?=E6=89=A7=E8=A1=8C=E5=8A=A8=E4=BD=9C=E5=87=BA=E7=8E=B0=E5=BC=82?= =?UTF-8?q?=E5=B8=B8=E6=97=B6=EF=BC=8C=E4=BA=A4=E7=94=B1firewall=E6=8F=92?= =?UTF-8?q?=E4=BB=B6=E5=A4=84=E7=90=86?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- src/tsg_action.cpp | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/src/tsg_action.cpp b/src/tsg_action.cpp index e07cd15..3aa332e 100644 --- a/src/tsg_action.cpp +++ b/src/tsg_action.cpp @@ -954,6 +954,11 @@ static unsigned char tsg_do_deny_action(const struct streaminfo *a_stream, struc unsigned char tsg_enforing_deny_application(const struct streaminfo *a_stream, struct maat_rule *p_result, enum TSG_PROTOCOL protocol, int app_id, enum ACTION_RETURN_TYPE type, const void *user_data) { + if(protocol==PROTO_DNS && type==ACTION_RETURN_TYPE_APP && user_data==NULL) + { + return APP_STATE_GIVEME; + } + struct app_id_dict *dict=(struct app_id_dict *)matched_rule_cites_app_id_dict(g_tsg_maat_feather, (long long)app_id); if(dict==NULL || user_data==NULL) { @@ -997,6 +1002,11 @@ unsigned char tsg_enforing_deny(const struct streaminfo *a_stream, struct maat_r return ((type==ACTION_RETURN_TYPE_PROT) ? PROT_STATE_DROPME : APP_STATE_GIVEME); } + if(protocol==PROTO_DNS && type==ACTION_RETURN_TYPE_APP && user_data==NULL) + { + return APP_STATE_GIVEME; + } + struct maat_compile *maat_compile=(struct maat_compile *)matched_rule_cites_security_compile(g_tsg_maat_feather, p_result->rule_id); if(maat_compile==NULL || maat_compile->user_region==NULL || user_data==NULL) {