gfwleak/tango-tsg-master
Archived
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

TSG-7835: 命中block、alert动作,发送应答页面后追加RST包

Browse Source
This commit is contained in:
刘学利
2021-10-06 12:25:15 +00:00
parent b415f15aab
commit b9c38066a1
1 changed files with 10 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
src/tsg_action.cpp
View File

@@ -226,7 +226,7 @@ static int set_tcp_flags(char *packet, int ip_tcp_hdr_len)
{
struct tcphdr *tcp=(struct tcphdr *)(packet+(ip_tcp_hdr_len-20)); // tcp header=20 bytes
tcp->fin=1;
tcp->rst=1;
tcp->psh=0;
tcp->ack=1;
@@ -429,10 +429,10 @@ static int http_build_response_packet(const struct streaminfo *a_stream, struct
}
set_tcp_flags(message, ip_tcp_hdr_len);
http_send_reponse_packet(a_stream, message, 0, v4_or_v6, ip_tcp_hdr_len, 0); //fin
http_send_reponse_packet(a_stream, message, 0, v4_or_v6, ip_tcp_hdr_len, 0); //rst
reverse_ip_tcp_header(message, ip_tcp_hdr_len, v4_or_v6);
http_send_reponse_packet(a_stream, message, 0, v4_or_v6, ip_tcp_hdr_len, 0); //fin
http_send_reponse_packet(a_stream, message, 0, v4_or_v6, ip_tcp_hdr_len, 0); //rst
return send_pkt_len;
}
@@ -594,6 +594,7 @@ static unsigned char do_action_block_mail(const struct streaminfo *a_stream, Maa
static unsigned char do_action_block_http(const struct streaminfo *a_stream, Maat_rule_t *p_result, struct compile_user_region *user_region, const void *a_packet)
{
int opt_value=0;
int send_pkt_len=0;
switch(user_region->deny->code)
@@ -608,6 +609,12 @@ static unsigned char do_action_block_http(const struct streaminfo *a_stream, Maa
default:
break;
}
if(g_tsg_para.reset.remedy==1)
{
opt_value=1;
MESA_set_stream_opt(a_stream, MSO_TCP_RST_REMEDY, (void *)&opt_value, sizeof(opt_value));
}
return STATE_DROPME|STATE_DROPPKT;
}