gfwleak/tango-tsg-master
Archived
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

TSG-15152: 在发送日志统计命中策略的信息,避免统计遗漏

Browse Source
This commit is contained in:
刘学利
2023-05-27 03:13:50 +00:00
parent 7bd3fe594c
commit bc7909e57b
3 changed files with 10 additions and 14 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
src/tsg_entry.cpp
View File

@@ -113,8 +113,6 @@ struct id2field g_tsg_fs2_field[TSG_FS2_MAX]={{0, TSG_FS2_TCP_LINKS, "tcp_links"
{0, TSG_FS2_TUNNEL_LABEL_DEL, "t_label_del"} {0, TSG_FS2_TUNNEL_LABEL_DEL, "t_label_del"}
}; };
#define DECCRYPTION_EXCLUSION_ALLOW_POLICY_ID 1
static int init_page_template(const char *conffile) static int init_page_template(const char *conffile)
{ {
char page_path[256]; char page_path[256];
@@ -1066,7 +1064,6 @@ static int session_runtime_process_log_send(const struct streaminfo *a_stream, s
if (TLD_handle!=NULL) if (TLD_handle!=NULL)
{ {
tsg_send_log(g_tsg_log_instance, TLD_handle, a_stream, LOG_TYPE_SECURITY_EVENT, rules, n_rules, thread_seq); tsg_send_log(g_tsg_log_instance, TLD_handle, a_stream, LOG_TYPE_SECURITY_EVENT, rules, n_rules, thread_seq);
tsg_set_policy_flow(a_stream, rules, thread_seq);
return 1; return 1;
} }
} }
@@ -1157,11 +1154,6 @@ static int session_runtime_process_log_send(const struct streaminfo *a_stream, s
tsg_send_log(g_tsg_log_instance, TLD_handle, a_stream, LOG_TYPE_SECURITY_EVENT, rules, n_rules, thread_seq); tsg_send_log(g_tsg_log_instance, TLD_handle, a_stream, LOG_TYPE_SECURITY_EVENT, rules, n_rules, thread_seq);
if(rules->rule_id!=DECCRYPTION_EXCLUSION_ALLOW_POLICY_ID)
{
tsg_set_policy_flow(a_stream, rules, thread_seq);
}
return 1; return 1;
} }
@@ -1543,7 +1535,6 @@ static unsigned char matched_security_rules_deal(const struct streaminfo *a_stre
if(is_deny_after_N_packets(p_rule)) if(is_deny_after_N_packets(p_rule))
{ {
tsg_set_policy_flow(a_stream, p_rule, a_stream->threadnum);
session_matched_rules_notify(a_stream, TSG_SERVICE_SECURITY, p_rule, 1, a_stream->threadnum); session_matched_rules_notify(a_stream, TSG_SERVICE_SECURITY, p_rule, 1, a_stream->threadnum);
if(a_stream->type==STREAM_TYPE_TCP) if(a_stream->type==STREAM_TYPE_TCP)
{ {
@@ -1563,11 +1554,6 @@ static unsigned char matched_security_rules_deal(const struct streaminfo *a_stre
break; break;
} }
if (srt_process_context->proto == PROTO_SSH)
{
tsg_set_policy_flow(a_stream, p_rule, a_stream->threadnum);
}
session_packet_capture_by_rules_notify(a_stream, security_rules, n_security_rules, a_stream->threadnum); session_packet_capture_by_rules_notify(a_stream, security_rules, n_security_rules, a_stream->threadnum);
session_matched_rules_notify(a_stream, TSG_SERVICE_SECURITY, security_rules, n_security_rules, a_stream->threadnum); session_matched_rules_notify(a_stream, TSG_SERVICE_SECURITY, security_rules, n_security_rules, a_stream->threadnum);
break; break;

5
src/tsg_send_log.cpp
View File

@@ -2148,6 +2148,11 @@ int send_event_log(struct tsg_log_instance_t *_instance, struct TLD_handle_t *_h
continue; continue;
} }
if(a_stream!=NULL)
{
tsg_set_policy_flow(a_stream, &(rules[i]), thread_id);
}
switch(rules[i].do_log) switch(rules[i].do_log)
{ {
case LOG_ABORT: case LOG_ABORT:

5
test/src/gtest_sendlog.cpp
View File

@@ -122,6 +122,11 @@ void plugin_ex_data_security_compile_free(struct maat_compile * maat_compile)
{ {
} }
int tsg_set_policy_flow(const struct streaminfo * a_stream, struct maat_rule * p_result, int thread_seq)
{
return 0;
}
TEST(MasterTest, SetVlan) TEST(MasterTest, SetVlan)
{ {
//int ret=set_vlan(NULL, NULL, NULL, 0, NULL, LOG_COMMON_TUNNELS_VLAN_SRC_ID); //int ret=set_vlan(NULL, NULL, NULL, 0, NULL, LOG_COMMON_TUNNELS_VLAN_SRC_ID);