diff --git a/bin/tsg_static_tableinfo.conf b/bin/tsg_static_tableinfo.conf
index ac243c4..2d9ce82 100644
--- a/bin/tsg_static_tableinfo.conf
+++ b/bin/tsg_static_tableinfo.conf
@@ -83,3 +83,4 @@
 71	TSG_DYN_SUBSCRIBER_IP	plugin	{"key":3,"valid":5}	--
 72	TSG_PROFILE_TRAFFIC_MIRROR	plugin	{"key":1,"valid":4}	--
 73	TSG_DYN_MOBILE_IDENTITY_APN_TEID	plugin	{"key":2,"valid":7}	--
+74	TSG_FIELD_DTLS_SNI	virtual	["TSG_OBJ_FQDN","TSG_OBJ_FQDN_CAT"]	--
\ No newline at end of file
diff --git a/inc/tsg_label.h b/inc/tsg_label.h
index 543b1f7..4aa7690 100644
--- a/inc/tsg_label.h
+++ b/inc/tsg_label.h
@@ -35,6 +35,7 @@ typedef enum _tsg_protocol
    PROTO_PPTP,
    PROTO_STRATUM,
    PROTO_RDP,
+   PROTO_DTLS,
    PROTO_MAX
 }tsg_protocol_t;
 
diff --git a/src/tsg_entry.cpp b/src/tsg_entry.cpp
index bfcadb5..1e9a344 100644
--- a/src/tsg_entry.cpp
+++ b/src/tsg_entry.cpp
@@ -13,6 +13,7 @@
 #include <MESA/quic.h>
 #include <MESA/sip.h>
 #include <MESA/stratum.h>
+#include <MESA/dtls.h>
 #include <MESA/stream.h>
 #include <MESA/MESA_prof_load.h>
 #include <MESA/MESA_handle_logger.h>
@@ -106,7 +107,8 @@ id2field_t g_tsg_proto_name2id[PROTO_MAX]={{PROTO_UNKONWN, 0, "unknown"},
 										 {PROTO_L2TP, 	0,	"L2TP"},
 										 {PROTO_PPTP, 	0,	"PPTP"},
 										 {PROTO_STRATUM, 	0,	"Stratum"},
-										 {PROTO_RDP, 	0,	"RDP"}
+										 {PROTO_RDP, 	0,	"RDP"},
+										 {PROTO_DTLS, 	0,	"DTLS"}
 										};
 
 #define	DECCRYPTION_EXCLUSION_ALLOW_POLICY_ID	1
@@ -414,6 +416,8 @@ static int get_table_id(tsg_protocol_t protocol)
 			return g_tsg_para.table_id[TABLE_SSL_SNI];
 		case	PROTO_QUIC:
 			return g_tsg_para.table_id[TABLE_QUIC_SNI];
+		case	PROTO_DTLS:
+			return g_tsg_para.table_id[TABLE_DTLS_SNI];
 		default:
 			break;
 	}
@@ -627,6 +631,10 @@ static int master_send_log(const struct streaminfo *a_stream, struct Maat_rule_t
 					domain_field_name=log_field_id2name(g_tsg_log_instance, LOG_QUIC_SNI);
 					TLD_append(TLD_handle, domain_field_name, (void *)context->domain, TLD_TYPE_STRING);
 					break;
+				case	PROTO_DTLS:
+					domain_field_name=log_field_id2name(g_tsg_log_instance, LOG_DTLS_SNI);
+					TLD_append(TLD_handle, domain_field_name, (void *)context->domain, TLD_TYPE_STRING);
+					break;
 				default:
 					break;
 			}
@@ -1556,6 +1564,23 @@ static int identify_application_protocol(const struct streaminfo *a_stream, stru
 					return 1;
 				}
 			}
+
+			if (g_tsg_para.proto_flag&(1<<PROTO_DTLS)) //DTLS
+			{
+				char sni_buff[512] = {0};
+				int sni_len = 512;
+				bool is_dtls = dtls_identifyStream((streaminfo *)a_stream);
+				if (is_dtls)
+				{
+					context->proto = PROTO_DTLS;
+					ret = dtls_parse_sni((const char *)a_stream->pudpdetail->pdata, a_stream->pudpdetail->datalen, sni_buff, sni_len);
+					if (ret == 0 && strlen(sni_buff) > 0)
+					{
+						context->domain = malloc_copy_string(sni_buff, sni_len, a_stream->threadnum);
+						return 1;
+					}
+				}
+			}
 						
 			break;
 		default:
@@ -2212,7 +2237,7 @@ extern "C" int TSG_MASTER_INIT()
 	g_tsg_para.default_vlan.num=1;
 	MESA_load_profile_int_def(tsg_conffile, "TRAFFIC_MIRROR","DEFAULT_VLAN_ID", &(g_tsg_para.default_vlan.id[0]), 2);
 
-	MESA_load_profile_string_def(tsg_conffile, "SYSTEM", "IDENTIFY_PROTO_NAME", identify_proto_name, sizeof(identify_proto_name), "HTTP;SSL;DNS;FTP;BGP;MAIL;STREAMING_MEDIA;QUIC;SIP;SSH;Stratum;RDP;");
+	MESA_load_profile_string_def(tsg_conffile, "SYSTEM", "IDENTIFY_PROTO_NAME", identify_proto_name, sizeof(identify_proto_name), "HTTP;SSL;DNS;FTP;BGP;MAIL;STREAMING_MEDIA;QUIC;SIP;SSH;Stratum;RDP;DTLS;");
 	tsg_proto_name2flag(identify_proto_name, &g_tsg_para.proto_flag);
 
 	MESA_load_profile_int_def(tsg_conffile, "SYSTEM", "DATACENTER_ID", &g_tsg_para.datacenter_id, 0);
diff --git a/src/tsg_entry.h b/src/tsg_entry.h
index 4f78413..616d6bc 100644
--- a/src/tsg_entry.h
+++ b/src/tsg_entry.h
@@ -90,6 +90,7 @@ enum MASTER_STATIC_TABLE{
 	TABLE_DNS_PROFILE_RECORD,
 	TABLE_PROFILE_MIRROR,
 	TABLE_HTTP_URL,
+	TABLE_DTLS_SNI,
 	TABLE_MAX
 };
 
@@ -171,7 +172,8 @@ struct gather_app_result
 {
 	int app_num;
 	enum APP_IDENTIFY_ORIGIN origin;
-	struct app_attributes
 attributes[MAX_APP_ID_NUM];
+	struct app_attributes
+ attributes[MAX_APP_ID_NUM];
 };
 
 struct l7_protocol 
diff --git a/src/tsg_rule.cpp b/src/tsg_rule.cpp
index 1930e6b..f6aaac2 100644
--- a/src/tsg_rule.cpp
+++ b/src/tsg_rule.cpp
@@ -1790,6 +1790,7 @@ int tsg_rule_init(const char* conffile, void *logger)
 	MESA_load_profile_string_def(conffile, "MAAT", "DNS_PROFILE_RECORDS", g_tsg_para.table_name[TABLE_DNS_PROFILE_RECORD], _MAX_TABLE_NAME_LEN, (char *)"TSG_PROFILE_DNS_RECORDS");
 	MESA_load_profile_string_def(conffile, "MAAT", "TRAFFIC_MIRROR_PROFILE", g_tsg_para.table_name[TABLE_PROFILE_MIRROR], _MAX_TABLE_NAME_LEN, (char *)"TSG_PROFILE_TRAFFIC_MIRROR");
 
+	MESA_load_profile_string_def(conffile, "MAAT", "DTLS_SNI_TABLE", g_tsg_para.table_name[TABLE_DTLS_SNI], _MAX_TABLE_NAME_LEN, "TSG_FIELD_DTLS_SNI");
 
 	MESA_load_profile_int_def(conffile, "MAAT","LOG_LEVEL", &log_level, 30);
 	MESA_load_profile_string_def(conffile, "MAAT", "LOG_PATH", log_path, sizeof(log_path), "./tsglog/maat/tsg_maat.log");
diff --git a/src/tsg_send_log_internal.h b/src/tsg_send_log_internal.h
index e173480..8c8a5b1 100644
--- a/src/tsg_send_log_internal.h
+++ b/src/tsg_send_log_internal.h
@@ -126,6 +126,7 @@ typedef enum _tsg_log_field_id
 	LOG_COMMON_HTTP_RESPONSE_S3_FILE,
 	LOG_COMMON_MAIL_EML_FILE,
 	LOG_COMMON_VSYSTEM_ID,
+	LOG_DTLS_SNI,
 	LOG_COMMON_MAX
 }tsg_log_field_id_t;