向前兼容升级,主要适配app_id的类型,app_id_dict的有效字段
tsg_static_tableinfo.conf相应的变化,修改APP_ID_DICT表有效标志的位置 配置文件变化: [MAAT] APP_ID_TABLE_TYPE=18(16: before 21.05) [TSG_LOG] APP_ID_TYPE=1(0: int)
This commit is contained in:
liuxueli
@@ -139,7 +139,7 @@ typedef struct _tsg_para
|
||||
{
|
||||
int level;
|
||||
unsigned short timeout;
|
||||
int app_id_table_type;
|
||||
int app_dict_field_num;
|
||||
int device_id;
|
||||
int entrance_id;
|
||||
int hash_timeout;
|
||||
|
||||
@@ -454,7 +454,8 @@ static void app_id_dict_new_data(int table_id, const char* key, const char* tabl
|
||||
|
||||
struct app_id_dict_table *app_id_dict=NULL;
|
||||
app_id_dict=(struct app_id_dict_table *)calloc(1, sizeof(struct app_id_dict_table));
|
||||
|
||||
if(g_tsg_para.app_dict_field_num==18)
|
||||
{
|
||||
ret=sscanf(table_line,
|
||||
"%d\t%s\t%d\t%s\t%s\t%s\t%s\t%s\t%s\t%s\t%s\t%d\t%d\t%d\t%d\t%d\t%d\t%d",
|
||||
&app_id_dict->app_id,
|
||||
@@ -475,7 +476,30 @@ static void app_id_dict_new_data(int table_id, const char* key, const char* tabl
|
||||
&app_id_dict->tcp_half_close,
|
||||
&app_id_dict->tcp_time_wait,
|
||||
&app_id_dict->is_valid);
|
||||
if(ret!=18)
|
||||
}
|
||||
else
|
||||
{
|
||||
ret=sscanf(table_line,
|
||||
"%d\t%s\t%s\t%s\t%s\t%s\t%s\t%s\t%s\t%d\t%d\t%d\t%d\t%d\t%d\t%d",
|
||||
&app_id_dict->app_id,
|
||||
app_id_dict->app_name,
|
||||
app_id_dict->category,
|
||||
app_id_dict->subcategroy,
|
||||
app_id_dict->technology,
|
||||
app_id_dict->risk,
|
||||
app_id_dict->characteristics,
|
||||
app_id_dict->depends_on_app_ids,
|
||||
app_id_dict->implicitly_uses_app_ids,
|
||||
&app_id_dict->deny_action,
|
||||
&app_id_dict->continue_scanning,
|
||||
&app_id_dict->tcp_timeout,
|
||||
&app_id_dict->udp_timeout,
|
||||
&app_id_dict->tcp_half_close,
|
||||
&app_id_dict->tcp_time_wait,
|
||||
&app_id_dict->is_valid);
|
||||
}
|
||||
|
||||
if(ret!=g_tsg_para.app_dict_field_num)
|
||||
{
|
||||
free(app_id_dict);
|
||||
app_id_dict=NULL;
|
||||
@@ -799,7 +823,7 @@ int tsg_rule_init(const char* conffile, void *logger)
|
||||
char maat_conffile[256]={0};
|
||||
char cb_subscriber_ip_table[32]={0};
|
||||
|
||||
MESA_load_profile_int_def(conffile, "MAAT","APP_ID_TABLE_TYPE", &g_tsg_para.app_id_table_type, 1);
|
||||
MESA_load_profile_int_def(conffile, "MAAT","APP_ID_TABLE_TYPE", &g_tsg_para.app_dict_field_num, 18);
|
||||
|
||||
MESA_load_profile_string_def(conffile, "MAAT", "PROFILE", maat_conffile, sizeof(maat_conffile), "./tsgconf/maat.conf");
|
||||
MESA_load_profile_string_def(conffile, "MAAT", "SECURITY_COMPILE", g_tsg_para.table_name[TABLE_SECURITY_COMPILE], _MAX_TABLE_NAME_LEN, "TSG_SECURITY_COMPILE");
|
||||
|
||||
@@ -394,6 +394,20 @@ static int get_l7_protocol(struct app_identify_result *result, char *protocol_li
|
||||
return 1;
|
||||
}
|
||||
|
||||
static int get_app_id(struct app_identify_result *result, unsigned int *app_id, unsigned int *surrogate_id, int *flag)
|
||||
{
|
||||
if(result->app_id_num>0 && (*flag)==0)
|
||||
{
|
||||
(*flag)=1;
|
||||
(*app_id)=result->app_id[result->app_id_num-1];
|
||||
(*surrogate_id)=result->surrogate_id[result->app_id_num-1];
|
||||
|
||||
return 1;
|
||||
}
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
||||
static int get_app_id_list(struct app_identify_result *result, char *app_list, int app_list_len, char *surrogate_list, int surrogate_list_len)
|
||||
{
|
||||
int i=0;
|
||||
@@ -444,6 +458,8 @@ static int set_app_id(struct tsg_log_instance_t *_instance, struct TLD_handle_t
|
||||
char app_name[512]={0};
|
||||
char protocol_list[256]={0};
|
||||
char surrogate_list[512]={0};
|
||||
unsigned int one_app_id=0;
|
||||
unsigned int one_surrogate_id=0;
|
||||
struct gather_app_result *label=NULL;
|
||||
|
||||
label=(struct gather_app_result *)project_req_get_struct(a_stream, g_tsg_para.gather_app_project_id);
|
||||
@@ -463,6 +479,20 @@ static int set_app_id(struct tsg_log_instance_t *_instance, struct TLD_handle_t
|
||||
TLD_append(_handle, _instance->id2field[LOG_COMMON_L7_PROTOCOL].name, (void *)_instance->l7_unknown_name, TLD_TYPE_STRING);
|
||||
}
|
||||
|
||||
if(_instance->app_id_type==0) // int
|
||||
{
|
||||
get_app_id(&(label->result[ORIGIN_USER_DEFINE]), &one_app_id, &one_surrogate_id, &app_id_flag);
|
||||
get_app_id(&(label->result[ORIGIN_DKPT]), &one_app_id, &one_surrogate_id, &app_id_flag);
|
||||
get_app_id(&(label->result[ORIGIN_QM_ENGINE]), &one_app_id, &one_surrogate_id, &app_id_flag);
|
||||
|
||||
if(app_id_flag==1)
|
||||
{
|
||||
TLD_append(_handle, _instance->id2field[LOG_COMMON_APP_ID].name, (void *)(long)one_app_id, TLD_TYPE_LONG);
|
||||
TLD_append(_handle, _instance->id2field[LOG_COMMON_APP_SURROGATE_ID].name, (void *)(long)one_surrogate_id, TLD_TYPE_LONG);
|
||||
}
|
||||
}
|
||||
else //string
|
||||
{
|
||||
app_offset=0;
|
||||
surrogate_offset=0;
|
||||
get_app_id_list(&(label->result[ORIGIN_USER_DEFINE]), app_list+app_offset, sizeof(app_list)-app_offset, surrogate_list+surrogate_offset, sizeof(surrogate_list)-surrogate_offset);
|
||||
@@ -493,6 +523,7 @@ static int set_app_id(struct tsg_log_instance_t *_instance, struct TLD_handle_t
|
||||
|
||||
TLD_append(_handle, _instance->id2field[LOG_COMMON_APP_LABEL].name, (void *)app_name, TLD_TYPE_STRING);
|
||||
}
|
||||
}
|
||||
|
||||
return 1;
|
||||
}
|
||||
@@ -946,6 +977,7 @@ int set_session_attributes(struct tsg_log_instance_t *_instance, struct TLD_hand
|
||||
int TLD_append_streaminfo(struct tsg_log_instance_t *instance, struct TLD_handle_t *handle, struct streaminfo *a_stream)
|
||||
{
|
||||
char *addr_proto=NULL;
|
||||
char stream_id_buff[128]={0};
|
||||
unsigned long long stream_id=0;
|
||||
struct TLD_handle_t *_handle=handle;
|
||||
struct tsg_log_instance_t *_instance=instance;
|
||||
@@ -971,7 +1003,6 @@ int TLD_append_streaminfo(struct tsg_log_instance_t *instance, struct TLD_handle
|
||||
}
|
||||
|
||||
stream_id=tsg_get_stream_id(a_stream);
|
||||
char stream_id_buff[128]="";
|
||||
snprintf(stream_id_buff, sizeof(stream_id_buff), "%llu", stream_id);
|
||||
TLD_append(_handle, _instance->id2field[LOG_COMMON_STREAM_TRACE_ID].name, (void *)stream_id_buff, TLD_TYPE_STRING);
|
||||
|
||||
@@ -1100,6 +1131,7 @@ struct tsg_log_instance_t *tsg_sendlog_init(const char *conffile)
|
||||
MESA_load_profile_string_def(conffile, "TSG_LOG", "LOG_PATH", _instance->log_path, sizeof(_instance->log_path), "./tsglog/tsglog");
|
||||
MESA_load_profile_int_def(conffile, "TSG_LOG", "SEND_USER_REGION",&(_instance->send_user_region), 0);
|
||||
|
||||
MESA_load_profile_int_def(conffile, "TSG_LOG", "APP_ID_TYPE", &(_instance->app_id_type), 1); //0: int, 1: string
|
||||
MESA_load_profile_string_def(conffile, "TSG_LOG", "L7_UNKNOWN_NAME", _instance->l7_unknown_name, sizeof(_instance->l7_unknown_name), "UNCATEGORIZED");
|
||||
|
||||
_instance->logger=MESA_create_runtime_log_handle(_instance->log_path, _instance->level);
|
||||
|
||||
@@ -125,6 +125,7 @@ struct tsg_log_instance_t
|
||||
int mode;
|
||||
int level;
|
||||
int max_service;
|
||||
int app_id_type;
|
||||
int send_user_region;
|
||||
int recovery_interval;
|
||||
int internal_project_id;
|
||||
|
||||
Reference in New Issue
Block a user