向前兼容升级,主要适配app_id的类型，app_id_dict的有效字段

tsg_static_tableinfo.conf相应的变化，修改APP_ID_DICT表有效标志的位置
配置文件变化：
[MAAT]
APP_ID_TABLE_TYPE=18(16: before 21.05)
[TSG_LOG]
APP_ID_TYPE=1(0: int)

src/tsg_entry.h

@@ -139,7 +139,7 @@ typedef	struct _tsg_para
 {
 	int level;	
 	unsigned short timeout;
-	int app_id_table_type;
+	int app_dict_field_num;
 	int device_id;
 	int entrance_id;
 	int hash_timeout;

src/tsg_rule.cpp

@@ -454,8 +454,9 @@ static void app_id_dict_new_data(int table_id, const char* key, const char* tabl
 
 	struct app_id_dict_table *app_id_dict=NULL;
 	app_id_dict=(struct app_id_dict_table *)calloc(1, sizeof(struct app_id_dict_table));
-	
+	if(g_tsg_para.app_dict_field_num==18)
-	ret=sscanf(table_line,
+	{
+		ret=sscanf(table_line,
 				"%d\t%s\t%d\t%s\t%s\t%s\t%s\t%s\t%s\t%s\t%s\t%d\t%d\t%d\t%d\t%d\t%d\t%d",
 				&app_id_dict->app_id, 
 				app_id_dict->app_name,
@@ -475,7 +476,30 @@ static void app_id_dict_new_data(int table_id, const char* key, const char* tabl
 				&app_id_dict->tcp_half_close,
 				&app_id_dict->tcp_time_wait, 
 				&app_id_dict->is_valid);
-	if(ret!=18)
+	}
+	else
+	{
+		ret=sscanf(table_line,
+				"%d\t%s\t%s\t%s\t%s\t%s\t%s\t%s\t%s\t%d\t%d\t%d\t%d\t%d\t%d\t%d",
+				&app_id_dict->app_id, 
+				app_id_dict->app_name,
+				app_id_dict->category, 
+				app_id_dict->subcategroy, 
+				app_id_dict->technology,
+				app_id_dict->risk, 
+				app_id_dict->characteristics, 
+				app_id_dict->depends_on_app_ids, 
+				app_id_dict->implicitly_uses_app_ids, 
+				&app_id_dict->deny_action, 
+				&app_id_dict->continue_scanning, 
+				&app_id_dict->tcp_timeout, 
+				&app_id_dict->udp_timeout, 
+				&app_id_dict->tcp_half_close,
+				&app_id_dict->tcp_time_wait, 
+				&app_id_dict->is_valid);
+	}
+	
+	if(ret!=g_tsg_para.app_dict_field_num)
 	{
 		free(app_id_dict);
 		app_id_dict=NULL;
@@ -799,7 +823,7 @@ int tsg_rule_init(const char* conffile, void *logger)
 	char maat_conffile[256]={0};
 	char cb_subscriber_ip_table[32]={0};
 	
-	MESA_load_profile_int_def(conffile, "MAAT","APP_ID_TABLE_TYPE", &g_tsg_para.app_id_table_type, 1);
+	MESA_load_profile_int_def(conffile, "MAAT","APP_ID_TABLE_TYPE", &g_tsg_para.app_dict_field_num, 18);
 
 	MESA_load_profile_string_def(conffile, "MAAT", "PROFILE", maat_conffile, sizeof(maat_conffile), "./tsgconf/maat.conf");		
 	MESA_load_profile_string_def(conffile, "MAAT", "SECURITY_COMPILE", g_tsg_para.table_name[TABLE_SECURITY_COMPILE], _MAX_TABLE_NAME_LEN, "TSG_SECURITY_COMPILE");

src/tsg_send_log.cpp

@@ -394,6 +394,20 @@ static int get_l7_protocol(struct app_identify_result *result, char *protocol_li
 	return 1;
 }
 
+static int get_app_id(struct app_identify_result *result, unsigned int *app_id, unsigned int *surrogate_id, int *flag)
+{
+	if(result->app_id_num>0 && (*flag)==0)
+	{
+		(*flag)=1;
+		(*app_id)=result->app_id[result->app_id_num-1];
+		(*surrogate_id)=result->surrogate_id[result->app_id_num-1];
+
+		return 1;
+	}
+
+	return 0;
+}
+
 static int get_app_id_list(struct app_identify_result *result, char *app_list, int app_list_len, char *surrogate_list, int surrogate_list_len)
 {
 	int i=0;
@@ -444,6 +458,8 @@ static int set_app_id(struct tsg_log_instance_t *_instance, struct TLD_handle_t
 	char app_name[512]={0};
 	char protocol_list[256]={0};
 	char surrogate_list[512]={0};
+	unsigned int one_app_id=0;
+	unsigned int one_surrogate_id=0;
 	struct gather_app_result *label=NULL;
 	
 	label=(struct gather_app_result *)project_req_get_struct(a_stream, g_tsg_para.gather_app_project_id);
@@ -463,37 +479,52 @@ static int set_app_id(struct tsg_log_instance_t *_instance, struct TLD_handle_t
 		TLD_append(_handle, _instance->id2field[LOG_COMMON_L7_PROTOCOL].name, (void *)_instance->l7_unknown_name, TLD_TYPE_STRING);
 	}
 
-	app_offset=0;
+	if(_instance->app_id_type==0) // int
-	surrogate_offset=0;
-	get_app_id_list(&(label->result[ORIGIN_USER_DEFINE]), app_list+app_offset, sizeof(app_list)-app_offset, surrogate_list+surrogate_offset, sizeof(surrogate_list)-surrogate_offset);
-
-	app_offset=strlen(app_list);
-	surrogate_offset=strlen(surrogate_list);
-	get_app_id_list(&(label->result[ORIGIN_DKPT]), app_list+app_offset, sizeof(app_list)-app_offset, surrogate_list+surrogate_offset, sizeof(surrogate_list)-surrogate_offset);
-
-	app_offset=strlen(app_list);
-	surrogate_offset=strlen(surrogate_list);
-	get_app_id_list(&(label->result[ORIGIN_QM_ENGINE]), app_list+app_offset, sizeof(app_list)-app_offset, surrogate_list+surrogate_offset, sizeof(surrogate_list)-surrogate_offset);
-
-	get_app_name_list(&(label->result[ORIGIN_USER_DEFINE]), app_name, sizeof(app_name), &app_id_flag, 1);
-	if(app_id_flag!=1)
 	{
-		get_app_name_list(&(label->result[ORIGIN_DKPT]), app_name, sizeof(app_name), &app_id_flag, 0);
+		get_app_id(&(label->result[ORIGIN_USER_DEFINE]), &one_app_id, &one_surrogate_id, &app_id_flag);
+		get_app_id(&(label->result[ORIGIN_DKPT]), &one_app_id, &one_surrogate_id, &app_id_flag);
+		get_app_id(&(label->result[ORIGIN_QM_ENGINE]), &one_app_id, &one_surrogate_id, &app_id_flag);
+		
+		if(app_id_flag==1)
+		{
+			TLD_append(_handle, _instance->id2field[LOG_COMMON_APP_ID].name, (void *)(long)one_app_id, TLD_TYPE_LONG);		
+			TLD_append(_handle, _instance->id2field[LOG_COMMON_APP_SURROGATE_ID].name, (void *)(long)one_surrogate_id, TLD_TYPE_LONG);
+		}
 	}
-
+	else //string
-	if(app_id_flag!=1)
 	{
-		get_app_name_list(&(label->result[ORIGIN_QM_ENGINE]), app_name, sizeof(app_name), &app_id_flag, 1);
+		app_offset=0;
+		surrogate_offset=0;
+		get_app_id_list(&(label->result[ORIGIN_USER_DEFINE]), app_list+app_offset, sizeof(app_list)-app_offset, surrogate_list+surrogate_offset, sizeof(surrogate_list)-surrogate_offset);
+
+		app_offset=strlen(app_list);
+		surrogate_offset=strlen(surrogate_list);
+		get_app_id_list(&(label->result[ORIGIN_DKPT]), app_list+app_offset, sizeof(app_list)-app_offset, surrogate_list+surrogate_offset, sizeof(surrogate_list)-surrogate_offset);
+
+		app_offset=strlen(app_list);
+		surrogate_offset=strlen(surrogate_list);
+		get_app_id_list(&(label->result[ORIGIN_QM_ENGINE]), app_list+app_offset, sizeof(app_list)-app_offset, surrogate_list+surrogate_offset, sizeof(surrogate_list)-surrogate_offset);
+
+		get_app_name_list(&(label->result[ORIGIN_USER_DEFINE]), app_name, sizeof(app_name), &app_id_flag, 1);
+		if(app_id_flag!=1)
+		{
+			get_app_name_list(&(label->result[ORIGIN_DKPT]), app_name, sizeof(app_name), &app_id_flag, 0);
+		}
+
+		if(app_id_flag!=1)
+		{
+			get_app_name_list(&(label->result[ORIGIN_QM_ENGINE]), app_name, sizeof(app_name), &app_id_flag, 1);
+		}
+		
+		if(app_id_flag==1)
+		{
+			TLD_append(_handle, _instance->id2field[LOG_COMMON_APP_ID].name, (void *)app_list, TLD_TYPE_STRING);		
+			TLD_append(_handle, _instance->id2field[LOG_COMMON_APP_SURROGATE_ID].name, (void *)surrogate_list, TLD_TYPE_STRING);
+
+			TLD_append(_handle, _instance->id2field[LOG_COMMON_APP_LABEL].name, (void *)app_name, TLD_TYPE_STRING);
+		}
 	}
 	
-	if(app_id_flag==1)
-	{
-		TLD_append(_handle, _instance->id2field[LOG_COMMON_APP_ID].name, (void *)app_list, TLD_TYPE_STRING);		
-		TLD_append(_handle, _instance->id2field[LOG_COMMON_APP_SURROGATE_ID].name, (void *)surrogate_list, TLD_TYPE_STRING);
-
-		TLD_append(_handle, _instance->id2field[LOG_COMMON_APP_LABEL].name, (void *)app_name, TLD_TYPE_STRING);
-	}
-
 	return 1;
 }
 
@@ -946,6 +977,7 @@ int set_session_attributes(struct tsg_log_instance_t *_instance, struct TLD_hand
 int TLD_append_streaminfo(struct tsg_log_instance_t *instance, struct TLD_handle_t *handle, struct streaminfo *a_stream)
 {
 	char *addr_proto=NULL;
+	char stream_id_buff[128]={0};
 	unsigned long long stream_id=0;
 	struct TLD_handle_t *_handle=handle;
 	struct tsg_log_instance_t *_instance=instance;
@@ -971,7 +1003,6 @@ int TLD_append_streaminfo(struct tsg_log_instance_t *instance, struct TLD_handle
 	}
 	
 	stream_id=tsg_get_stream_id(a_stream);
-	char stream_id_buff[128]="";
 	snprintf(stream_id_buff, sizeof(stream_id_buff), "%llu", stream_id);
 	TLD_append(_handle, _instance->id2field[LOG_COMMON_STREAM_TRACE_ID].name, (void *)stream_id_buff, TLD_TYPE_STRING);
 	
@@ -1100,6 +1131,7 @@ struct tsg_log_instance_t *tsg_sendlog_init(const char *conffile)
 	MESA_load_profile_string_def(conffile, "TSG_LOG", "LOG_PATH", _instance->log_path, sizeof(_instance->log_path), "./tsglog/tsglog");
 	MESA_load_profile_int_def(conffile, "TSG_LOG", "SEND_USER_REGION",&(_instance->send_user_region), 0);	
 
+	MESA_load_profile_int_def(conffile, "TSG_LOG", "APP_ID_TYPE", &(_instance->app_id_type), 1);	//0: int, 1: string	
 	MESA_load_profile_string_def(conffile, "TSG_LOG", "L7_UNKNOWN_NAME", _instance->l7_unknown_name, sizeof(_instance->l7_unknown_name), "UNCATEGORIZED");
 
 	_instance->logger=MESA_create_runtime_log_handle(_instance->log_path, _instance->level);

src/tsg_send_log_internal.h

@@ -125,6 +125,7 @@ struct tsg_log_instance_t
 	int mode;
 	int level;
 	int max_service;
+	int app_id_type;
 	int send_user_region;
 	int recovery_interval;
 	int internal_project_id;