gfwleak/tango-tsg-master
Archived
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

功能端安全策略,支持使用GTP信息作为条件

Browse Source
This commit is contained in:
刘学利
2021-05-19 07:10:25 +00:00
parent 61d0ab46e2
commit 2dec508610
14 changed files with 437 additions and 31 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
.gitlab-ci.yml
View File

@@ -3,7 +3,7 @@ variables:
GIT_STRATEGY: "clone"
BUILD_PADDING_PREFIX: /tmp/padding_for_CPACK_RPM_BUILD_SOURCE_DIRS_PREFIX_PREFIX_PREFIX_PREFIX_PREFIX_PREFIX/
INSTALL_PREFIX: "/home/mesasoft/sapp_run/"
INSTALL_DEPENDENCY_LIBRARY: libMESA_handle_logger-devel libcjson-devel libMESA_field_stat2-devel sapp sapp-devel framework_env libMESA_prof_load-devel http-devel dns-devel ftp-devel mail-devel ssl-devel librdkafka-devel libmaatframe-devel quic-devel mesa_sip-devel libasan
INSTALL_DEPENDENCY_LIBRARY: libMESA_handle_logger-devel libcjson-devel libMESA_field_stat2-devel sapp sapp-devel framework_env libMESA_prof_load-devel http-devel dns-devel ftp-devel mail-devel ssl-devel librdkafka-devel libmaatframe-devel quic-devel mesa_sip-devel gtp-devel libMESA_htable-devel libasan
stages:
- build

1
CMakeLists.txt
View File

@@ -57,5 +57,6 @@ install(FILES inc/tsg_rule.h DESTINATION /opt/MESA/include/tsg COMPONENT HEADER)
install(FILES inc/tsg_statistic.h DESTINATION /opt/MESA/include/tsg COMPONENT HEADER)
install(FILES inc/tsg_label.h DESTINATION /opt/MESA/include/tsg COMPONENT HEADER)
install(FILES inc/app_label.h DESTINATION /opt/MESA/include/tsg COMPONENT HEADER)
install(FILES inc/tsg_gtp_signaling.h DESTINATION /opt/MESA/include/tsg COMPONENT HEADER)
include(Package)

4
bin/tsg_log_field.conf
View File

@@ -85,3 +85,7 @@ STRING server_ip 71
STRING c2s_id 72
STRING s2c_id 73
STRING common_service_category 74
STRING common_apn 75
STRING common_imsi 76
STRING common_imei 77
STRING common_phone_number 78

6
bin/tsg_static_tableinfo.conf
View File

@@ -73,3 +73,9 @@
61 TSG_FIELD_SIP_ORIGINATOR_DESCRIPTION virtual TSG_OBJ_ACCOUNT --
62 TSG_FIELD_SIP_RESPONDER_DESCRIPTION virtual TSG_OBJ_ACCOUNT --
63 APP_ID_DICT plugin {"key":1,"valid":18}
64 TSG_OBJ_IMSI expr UTF8 UTF8 yes 0
65 TSG_OBJ_APN expr UTF8 UTF8 yes 0
66 TSG_OBJ_PHONE_NUMBER expr UTF8 UTF8 yes 0
67 TSG_FILED_GTP_IMSI virtual TSG_OBJ_IMSI --
68 TSG_FILED_GTP_APN virtual TSG_OBJ_APN --
69 TSG_FILED_GTP_PHONE_NUMBER virtual TSG_OBJ_PHONE_NUMBER --

33
inc/tsg_gtp_signaling.h Normal file
View File

@@ -0,0 +1,33 @@
#ifndef __TSG_GTP_SIGNALING_H__
#define __TSG_GTP_SIGNALING_H__
#include <MESA/gtp.h>
#include <MESA/MESA_htable.h>
enum GTP_FIELD_IDX
{
GTP_FIELD_APN,
GTP_FIELD_IMEI,
GTP_FIELD_IMSI,
GTP_FIELD_MSISDN, //phone number
GTP_FIELD_END_USER_IP,
GTP_FIELD_PAA,
GTP_FIELD_TEID_CP,
GTP_FIELD_TEID_II,
GTP_FIELD_MAX
};
struct gtp_signaling_field
{
char type;
char version;
unsigned int uplink_teid;
unsigned int downlink_teid;
struct IE_unit ie_unit[GTP_FIELD_MAX];
};
extern MESA_htable_handle g_gtp_signaling_hash_handle;
void tsg_free_gtp_signaling_field(void *data);
#endif

9
inc/tsg_label.h
View File

@@ -73,6 +73,14 @@ struct _subscribe_id_info_t
char subscribe_id[MAX_STR_FIELD_LEN*4];
};
struct umts_user_info
{
char *apn;
char *imsi;
char *imei;
char *msisdn; //MSISDN: phone number
};
struct _session_attribute_label_t
{
int fqdn_category_id_num;
@@ -86,6 +94,7 @@ struct _session_attribute_label_t
struct _subscribe_id_info_t *server_subscribe_id;
char *ja3_fingerprint;
unsigned int fqdn_category_id[MAX_CATEGORY_ID_NUM];
struct umts_user_info *user_info;
};
typedef struct _policy_priority_label

2
src/CMakeLists.txt
View File

@@ -2,7 +2,7 @@ cmake_minimum_required(VERSION 2.8)
add_definitions(-fPIC)
set(SRC tsg_entry.cpp tsg_rule.cpp tsg_ssl_utils.cpp tsg_send_log.cpp tsg_statistic.cpp tsg_ssh_utils.cpp)
set(SRC tsg_entry.cpp tsg_rule.cpp tsg_ssl_utils.cpp tsg_send_log.cpp tsg_statistic.cpp tsg_ssh_utils.cpp tsg_gtp_signaling.cpp)
include_directories(${CMAKE_SOURCE_DIR}/inc)
include_directories(/opt/MESA/include/MESA/)

30
src/tsg_entry.cpp
View File

@@ -91,7 +91,6 @@ id2field_t g_tsg_proto_name2id[PROTO_MAX]={{PROTO_UNKONWN, 0, "unknown"},
#define DECCRYPTION_EXCLUSION_ALLOW_POLICY_ID 1
static int init_context(void **pme, int thread_seq)
{
*pme=dictator_malloc(thread_seq, sizeof(struct master_context));
@@ -148,6 +147,15 @@ static int get_device_id(char *command, int entrance_id)
return (entrance_id<<7)+(atoi(buffer)%128);
}
static void free_user_item(char *item)
{
if(item!=NULL)
{
free(item);
item=NULL;
}
}
static int is_only_monitor(struct Maat_rule_t *result, int hit_cnt)
{
int i=0;
@@ -910,6 +918,17 @@ static void free_session_attribute_label(int thread_seq, void *project_req_value
label->ja3_fingerprint=NULL;
}
if(label->user_info!=NULL)
{
free_user_item(label->user_info->apn);
free_user_item(label->user_info->imsi);
free_user_item(label->user_info->imei);
free_user_item(label->user_info->msisdn);
dictator_free(thread_seq, (void *)label->user_info);
label->user_info=NULL;
}
dictator_free(thread_seq, project_req_value);
project_req_value=NULL;
}
@@ -1334,7 +1353,7 @@ static unsigned char tsg_master_entry(const struct streaminfo *a_stream, void **
state=master_deal_scan_result(a_stream, context, scan_result, hit_num, a_packet);
break;
case OP_STATE_DATA:
case OP_STATE_CLOSE:
//case OP_STATE_CLOSE:
if(is_hited_allow(context->result, context->hit_cnt))
{
break;
@@ -1564,6 +1583,13 @@ extern "C" int TSG_MASTER_INIT()
MESA_load_profile_string_def(tsg_conffile, "SYSTEM", "L7_PROTOCOL_FILE", buff, sizeof(buff), "./tsgconf/tsg_l7_protocol.conf");
l7_protocol_mapper(buff);
ret=tsg_gtp_signaling_hash_init(tsg_conffile, g_tsg_para.logger);
if(ret<0)
{
MESA_handle_runtime_log(g_tsg_para.logger, RLOG_LV_FATAL, "INIT_GTP_HASH", "tsg_gtp_signaling_hash_init failed ...");
return -1;
}
return 0;
}

10
src/tsg_entry.h
View File

@@ -57,6 +57,9 @@ enum MASTER_TABLE{
TABLE_APP_ID_DICT,
TABLE_SELECTOR_ID,
TABLE_SELECTOR_PROPERTIES,
TABLE_GTP_APN,
TABLE_GTP_IMSI,
TABLE_GTP_PHONE_NUMBER,
TABLE_MAX
};
@@ -135,6 +138,8 @@ typedef struct _tsg_para
int app_id_table_type;
int device_id;
int entrance_id;
int hash_timeout;
int hash_slot_size;
int scan_time_interval;
int default_compile_switch;
int default_compile_id;
@@ -244,6 +249,7 @@ typedef struct _tsg_statistic
}tsg_statis_para_t;
int tsg_statistic_init(const char *conffile, void *logger);
int tsg_gtp_signaling_hash_init(const char* conffile, void *logger);
//parent_app_name.app_name
int tsg_app_id2name(int app_id, char *app_name, int app_name_len, int is_joint_parent);
@@ -258,5 +264,9 @@ int tsg_scan_addr(Maat_feather_t maat_feather, const struct streaminfo *a_stream
int tsg_scan_shared_policy(Maat_feather_t maat_feather, const struct streaminfo *a_stream, char *domain, Maat_rule_t *result, int result_num, scan_status_t *mid, int table_id, int thread_seq);
int tsg_scan_app_properties_policy(Maat_feather_t maat_feather, const struct streaminfo *a_stream, struct Maat_rule_t *result, int result_num, scan_status_t *mid, char *property, char *district, int thread_seq);
int tsg_scan_subscribe_id_policy(Maat_feather_t maat_feather, const struct streaminfo *a_stream, struct Maat_rule_t *result, int result_num, scan_status_t *mid, struct _subscribe_id_info_t *user_info, int thread_seq);
int tsg_get_umts_user_info(const struct streaminfo *a_stream, struct umts_user_info **user_info);
int tsg_scan_gtp_apn_policy(Maat_feather_t maat_feather, const struct streaminfo *a_stream, struct Maat_rule_t *result, int result_num, scan_status_t *mid, char *apn, int thread_seq);
int tsg_scan_gtp_imsi_policy(Maat_feather_t maat_feather, const struct streaminfo *a_stream, struct Maat_rule_t *result, int result_num, scan_status_t *mid, char *imsi, int thread_seq);
int tsg_scan_gtp_phone_number_policy(Maat_feather_t maat_feather, const struct streaminfo *a_stream, struct Maat_rule_t *result, int result_num, scan_status_t *mid, char *phone_number, int thread_seq);
#endif

193
src/tsg_gtp_signaling.cpp Normal file
View File

@@ -0,0 +1,193 @@
#include <stdio.h>
#include <string.h>
#include <MESA/stream.h>
#include <MESA/MESA_prof_load.h>
#include <MESA/MESA_handle_logger.h>
#include "tsg_entry.h"
#include "tsg_gtp_signaling.h"
MESA_htable_handle g_gtp_signaling_hash_handle;
static int is_gtp_tunnel(const struct streaminfo *a_stream)
{
int ret=0;
unsigned short is_tunnel=0;
int size=sizeof(unsigned short);
ret=MESA_get_stream_opt(a_stream, MSO_STREAM_TUNNEL_TYPE, (void *)&is_tunnel, &size);
if(ret>=0 && is_tunnel==STREAM_TUNNEL_GPRS_TUNNEL)
{
return 1;
}
return 0;
}
static int get_gtp_teid(const struct streaminfo *a_stream, unsigned int *uplink, unsigned int *downlink)
{
const struct streaminfo *p=a_stream, *q=a_stream->pfather;
while(p)
{
if(p->addr.addrtype==ADDR_TYPE_GPRS_TUNNEL)
{
*uplink=ntohl(p->addr.gtp->teid_c2s);
*downlink=ntohl(p->addr.gtp->teid_s2c);
return 1;
}
p=q;
q=q->pfather;
}
return 0;
}
static int copy_one_field(char **dst, char *src, int src_len)
{
if(src!=NULL && src_len>0)
{
*dst=(char *)calloc(1, src_len+1);
memcpy(*dst, src, src_len);
return 1;
}
return 0;
}
static long copy_user_info(void *data, const uchar *key, uint size, void *user_arg)
{
int num=0;
struct gtp_signaling_field *signal=(struct gtp_signaling_field *)data;
struct umts_user_info *user_info=(struct umts_user_info *)user_arg;
if(signal!=NULL)
{
num+=copy_one_field(&(user_info->apn), (char *)(signal->ie_unit[GTP_FIELD_APN].value), signal->ie_unit[GTP_FIELD_APN].len);
num+=copy_one_field(&(user_info->imsi), (char *)(signal->ie_unit[GTP_FIELD_IMSI].value), signal->ie_unit[GTP_FIELD_IMSI].len);
num+=copy_one_field(&(user_info->imei), (char *)(signal->ie_unit[GTP_FIELD_IMEI].value), signal->ie_unit[GTP_FIELD_IMEI].len);
num+=copy_one_field(&(user_info->msisdn), (char *)(signal->ie_unit[GTP_FIELD_MSISDN].value), signal->ie_unit[GTP_FIELD_MSISDN].len);
}
return num;
}
void free_gtp_signaling_field(void *data)
{
int i=0;
struct gtp_signaling_field *signal=(struct gtp_signaling_field *)data;
if(data==NULL)
{
return ;
}
for(i=0; i<GTP_FIELD_MAX; i++)
{
if(signal->ie_unit[i].value!=NULL)
{
free(signal->ie_unit[i].value);
signal->ie_unit[i].value=NULL;
}
}
return ;
}
void tsg_free_gtp_signaling_field(void *data)
{
if(data!=NULL)
{
free_gtp_signaling_field(data);
data=NULL;
}
}
static int get_umts_user_info(struct umts_user_info **user_info, unsigned int teid, int thread_seq)
{
long cb_ret=0;
struct umts_user_info tmp_user_info={0};
MESA_htable_search_cb(g_gtp_signaling_hash_handle, (unsigned char *)&(teid), sizeof(unsigned int), copy_user_info, (void *)&tmp_user_info, &cb_ret);
if(cb_ret>0)
{
*user_info=(struct umts_user_info *)dictator_malloc(thread_seq, sizeof(struct umts_user_info));
memcpy(*user_info, &tmp_user_info, sizeof(struct umts_user_info));
return 1;
}
return 0;
}
int tsg_get_umts_user_info(const struct streaminfo *a_stream, struct umts_user_info **user_info)
{
int ret=0;
unsigned int uplink=0,downlink=0;
if(*user_info!=NULL)
{
return 1;
}
ret=is_gtp_tunnel(a_stream);
if(ret==0)
{
return 0;
}
ret=get_gtp_teid(a_stream, &uplink, &downlink);
if(ret==0)
{
return 0;
}
ret=get_umts_user_info(user_info, uplink, a_stream->threadnum);
if(ret==1)
{
return 1;
}
ret=get_umts_user_info(user_info, downlink, a_stream->threadnum);
if(ret==1)
{
return 1;
}
return 0;
}
int tsg_gtp_signaling_hash_init(const char* conffile, void *logger)
{
MESA_htable_create_args_t args;
MESA_load_profile_int_def(conffile, "GTP_SIGNALING", "HASH_TIMEOUT", &g_tsg_para.hash_timeout, 300);
MESA_load_profile_int_def(conffile, "GTP_SIGNALING", "HASH_SLOT_SIZE", &g_tsg_para.hash_slot_size, 1024*1024*32);
memset(&args, 0, sizeof(args));
args.thread_safe=128;
args.recursive=1;
args.max_elem_num=0;
args.data_free=free_gtp_signaling_field;
args.eliminate_type=HASH_ELIMINATE_ALGO_LRU;
args.expire_time=g_tsg_para.hash_timeout;
args.hash_slot_size=g_tsg_para.hash_slot_size;
g_gtp_signaling_hash_handle=MESA_htable_create(&args, sizeof(MESA_htable_create_args_t));
if(g_gtp_signaling_hash_handle==NULL)
{
MESA_handle_runtime_log(logger, RLOG_LV_FATAL, "GTP_SIGNALING", "MESA_htable_create failed");
return -1;
}
return 0;
}

138
src/tsg_rule.cpp
View File

@@ -822,6 +822,10 @@ int tsg_rule_init(const char* conffile, void *logger)
MESA_load_profile_string_def(conffile, "MAAT", "SELECTOR_ID_TABLE", g_tsg_para.table_name[TABLE_SELECTOR_ID], _MAX_TABLE_NAME_LEN, "APP_SELECTOR_ID");
MESA_load_profile_string_def(conffile, "MAAT", "SELECTOR_PROPERTIES_TABLE", g_tsg_para.table_name[TABLE_SELECTOR_PROPERTIES], _MAX_TABLE_NAME_LEN, "APP_SELECTOR_PROPERTIES");
MESA_load_profile_string_def(conffile, "MAAT", "GTP_APN", g_tsg_para.table_name[TABLE_GTP_APN], _MAX_TABLE_NAME_LEN, "TSG_FILED_GTP_APN");
MESA_load_profile_string_def(conffile, "MAAT", "GTP_IMSI", g_tsg_para.table_name[TABLE_GTP_IMSI], _MAX_TABLE_NAME_LEN, "TSG_FILED_GTP_IMSI");
MESA_load_profile_string_def(conffile, "MAAT", "GTP_PHONE_NUMBER", g_tsg_para.table_name[TABLE_GTP_PHONE_NUMBER], _MAX_TABLE_NAME_LEN, "TSG_FILED_GTP_PHONE_NUMBER");
//init static maat feather
g_tsg_maat_feather=init_maat_feather(maat_conffile, (char *)"TSG_STATIC", (char *)"STATIC", logger);
if(g_tsg_maat_feather==NULL)
@@ -1353,16 +1357,21 @@ int tsg_scan_nesting_addr(Maat_feather_t maat_feather, const struct streaminfo *
hit_num+=tsg_scan_subscribe_id_policy(maat_feather, a_stream, result+hit_num, result_num-hit_num, mid,attribute_label->server_subscribe_id, (int)a_stream->threadnum);
}
if(hit_num<result_num)
{
ret=tsg_get_umts_user_info(a_stream, &(attribute_label->user_info));
if(ret==1 && attribute_label->user_info!=NULL)
{
hit_num+=tsg_scan_gtp_apn_policy(maat_feather, a_stream, result+hit_num, result_num-hit_num, mid,attribute_label->user_info->apn, (int)a_stream->threadnum);
hit_num+=tsg_scan_gtp_imsi_policy(maat_feather, a_stream, result+hit_num, result_num-hit_num, mid,attribute_label->user_info->imsi, (int)a_stream->threadnum);
hit_num+=tsg_scan_gtp_phone_number_policy(maat_feather, a_stream, result+hit_num, result_num-hit_num, mid,attribute_label->user_info->msisdn, (int)a_stream->threadnum);
}
}
ret=project_req_add_struct((struct streaminfo *)a_stream, g_tsg_para.internal_project_id, (void *)attribute_label);
if(ret<0)
{
MESA_handle_runtime_log(g_tsg_para.logger,
RLOG_LV_FATAL,
"ADD_INTERNAL_LABEL",
"Add internal label failed, ret: %d addr: %s",
ret,
PRINTADDR(a_stream, g_tsg_para.level)
);
MESA_handle_runtime_log(g_tsg_para.logger, RLOG_LV_FATAL, "ADD_INTERNAL_LABEL", "Add internal label failed, ret: %d addr: %s", ret, PRINTADDR(a_stream, g_tsg_para.level));
}
return hit_num;
@@ -1599,16 +1608,7 @@ int tsg_scan_subscribe_id_policy(Maat_feather_t maat_feather, const struct strea
return 0;
}
maat_ret=Maat_full_scan_string(maat_feather,
g_tsg_para.table_id[TABLE_SUBSCRIBER_ID],
CHARSET_GBK,
user_info->subscribe_id,
strlen(user_info->subscribe_id),
result,
NULL,
result_num,
mid,
thread_seq);
maat_ret=Maat_full_scan_string(maat_feather, g_tsg_para.table_id[TABLE_SUBSCRIBER_ID], CHARSET_GBK, user_info->subscribe_id, strlen(user_info->subscribe_id), result, NULL, result_num, mid, thread_seq);
if(maat_ret>0)
{
MESA_handle_runtime_log(g_tsg_para.logger,
@@ -1626,18 +1626,106 @@ int tsg_scan_subscribe_id_policy(Maat_feather_t maat_feather, const struct strea
return maat_ret;
}
MESA_handle_runtime_log(g_tsg_para.logger,
RLOG_LV_DEBUG,
"SCAN_SUBSCRIBER",
"No hit source subscribe id: %s scan ret: %d addr: %s",
user_info->subscribe_id,
maat_ret,
PRINTADDR(a_stream, g_tsg_para.level)
);
MESA_handle_runtime_log(g_tsg_para.logger, RLOG_LV_DEBUG, "SCAN_SUBSCRIBER", "No hit source subscribe id: %s scan ret: %d addr: %s", user_info->subscribe_id, maat_ret, PRINTADDR(a_stream, g_tsg_para.level));
return 0;
}
int tsg_scan_gtp_apn_policy(Maat_feather_t maat_feather, const struct streaminfo *a_stream, struct Maat_rule_t *result, int result_num, scan_status_t *mid, char *apn, int thread_seq)
{
int maat_ret=0;
if(apn==NULL || result==NULL || result_num==0)
{
return 0;
}
maat_ret=Maat_full_scan_string(maat_feather, g_tsg_para.table_id[TABLE_GTP_APN], CHARSET_GBK, apn, strlen(apn), result, NULL, result_num, mid, thread_seq);
if(maat_ret>0)
{
MESA_handle_runtime_log(g_tsg_para.logger,
RLOG_LV_DEBUG,
"SCAN_APN",
"Hit APN: %s scan ret: %d policy_id: %d service: %d action: %d addr: %s",
apn,
maat_ret,
result[0].config_id,
result[0].service_id,
(unsigned char)result[0].action,
PRINTADDR(a_stream, g_tsg_para.level)
);
return maat_ret;
}
MESA_handle_runtime_log(g_tsg_para.logger, RLOG_LV_DEBUG, "SCAN_APN", "No hit APN: %s scan ret: %d addr: %s", apn, maat_ret, PRINTADDR(a_stream, g_tsg_para.level));
return 0;
}
int tsg_scan_gtp_imsi_policy(Maat_feather_t maat_feather, const struct streaminfo *a_stream, struct Maat_rule_t *result, int result_num, scan_status_t *mid, char *imsi, int thread_seq)
{
int maat_ret=0;
if(imsi==NULL || result==NULL || result_num==0)
{
return 0;
}
maat_ret=Maat_full_scan_string(maat_feather, g_tsg_para.table_id[TABLE_GTP_IMSI], CHARSET_GBK, imsi, strlen(imsi), result, NULL, result_num, mid, thread_seq);
if(maat_ret>0)
{
MESA_handle_runtime_log(g_tsg_para.logger,
RLOG_LV_DEBUG,
"SCAN_IMSI",
"Hit IMSI: %s scan ret: %d policy_id: %d service: %d action: %d addr: %s",
imsi,
maat_ret,
result[0].config_id,
result[0].service_id,
(unsigned char)result[0].action,
PRINTADDR(a_stream, g_tsg_para.level)
);
return maat_ret;
}
MESA_handle_runtime_log(g_tsg_para.logger, RLOG_LV_DEBUG, "SCAN_IMSI", "No hit IMSI: %s scan ret: %d addr: %s", imsi, maat_ret, PRINTADDR(a_stream, g_tsg_para.level));
return 0;
}
int tsg_scan_gtp_phone_number_policy(Maat_feather_t maat_feather, const struct streaminfo *a_stream, struct Maat_rule_t *result, int result_num, scan_status_t *mid, char *phone_number, int thread_seq)
{
int maat_ret=0;
if(phone_number==NULL || result==NULL || result_num==0)
{
return 0;
}
maat_ret=Maat_full_scan_string(maat_feather, g_tsg_para.table_id[TABLE_GTP_PHONE_NUMBER], CHARSET_GBK, phone_number, strlen(phone_number), result, NULL, result_num, mid, thread_seq);
if(maat_ret>0)
{
MESA_handle_runtime_log(g_tsg_para.logger,
RLOG_LV_DEBUG,
"PHONE_NUMBER",
"Hit PHONE_NUMBER: %s scan ret: %d policy_id: %d service: %d action: %d addr: %s",
phone_number,
maat_ret,
result[0].config_id,
result[0].service_id,
(unsigned char)result[0].action,
PRINTADDR(a_stream, g_tsg_para.level)
);
return maat_ret;
}
MESA_handle_runtime_log(g_tsg_para.logger, RLOG_LV_DEBUG, "PHONE_NUMBER", "No hit PHONE_NUMBER: %s scan ret: %d addr: %s", phone_number, maat_ret, PRINTADDR(a_stream, g_tsg_para.level));
return 0;
}
int tsg_app_id2name(int app_id, char *app_name, int app_name_len, int is_joint_parent)
{

31
src/tsg_send_log.cpp
View File

@@ -302,6 +302,35 @@ static int set_fqdn_category(struct tsg_log_instance_t *_instance, struct TLD_ha
return 1;
}
static int set_umts_user_info(struct tsg_log_instance_t *_instance, struct TLD_handle_t *_handle, struct streaminfo *a_stream, struct umts_user_info *user_info)
{
if(user_info==NULL)
{
return 0;
}
if(user_info->apn!=NULL)
{
TLD_append(_handle, _instance->id2field[LOG_COMMON_GTP_APN].name, (void *)user_info->apn, TLD_TYPE_STRING);
}
if(user_info->imsi!=NULL)
{
TLD_append(_handle, _instance->id2field[LOG_COMMON_GTP_IMSI].name, (void *)user_info->imsi, TLD_TYPE_STRING);
}
if(user_info->imei!=NULL)
{
TLD_append(_handle, _instance->id2field[LOG_COMMON_GTP_IMEI].name, (void *)user_info->imei, TLD_TYPE_STRING);
}
if(user_info->msisdn!=NULL)
{
TLD_append(_handle, _instance->id2field[LOG_COMMON_GTP_MSISDN].name, (void *)user_info->msisdn, TLD_TYPE_STRING); //phone number
}
return 1;
}
static int set_packet_bytes(struct tsg_log_instance_t *_instance, struct TLD_handle_t *_handle, struct streaminfo *a_stream)
{
@@ -907,6 +936,8 @@ int set_session_attributes(struct tsg_log_instance_t *_instance, struct TLD_hand
{
TLD_append(_handle, _instance->id2field[LOG_SSL_JA3_FINGERPRINT].name, (void *)attribute_label->ja3_fingerprint, TLD_TYPE_STRING);
}
set_umts_user_info(_instance, _handle, a_stream, attribute_label->user_info);
}
return 0;

4
src/tsg_send_log_internal.h
View File

@@ -100,6 +100,10 @@ typedef enum _tsg_log_field_id
LOG_COMMON_TUNNELS_PPTP_C2S_ID,
LOG_COMMON_TUNNELS_PPTP_S2C_ID,
LOG_COMMON_FQDN_CATEGORY,
LOG_COMMON_GTP_APN,
LOG_COMMON_GTP_IMSI,
LOG_COMMON_GTP_IMEI,
LOG_COMMON_GTP_MSISDN, //PHONE_NUMBER
LOG_COMMON_MAX
}tsg_log_field_id_t;

1
src/version.map
View File

@@ -5,6 +5,7 @@ global:
*TSG_MASTER*;
*tsg_scan_nesting_addr*;
*tsg_pull_policy_result*;
*tsg_free_gtp_signaling_field;
*tsg_*;
*TLD_*;
*GIT*;