diff --git a/common/include/verify_policy.h b/common/include/verify_policy.h
index f2a2dba..ea4cf7d 100644
--- a/common/include/verify_policy.h
+++ b/common/include/verify_policy.h
@@ -87,6 +87,7 @@ enum security_scan_table
     TSG_SECURITY_APN,
     TSG_SECURITY_TUNNEL,
     TSG_SECURITY_EXCLUSION_SSL_SNI,
+    TSG_SECURITY_FLAG,
     TSG_SECURITY_IP_SRC_ASN,
     TSG_SECURITY_IP_DST_ASN,
     TSG_SECURITY_IP_SRC_LOCATION,
@@ -142,6 +143,7 @@ struct verify_policy_query_obj
 {
 	int protocol_field;
 
+    int numeric;
 	char *keyword;
     char *district;
 	char *attri_name;
diff --git a/common/include/verify_policy_utils.h b/common/include/verify_policy_utils.h
index 145c20e..68e6041 100644
--- a/common/include/verify_policy_utils.h
+++ b/common/include/verify_policy_utils.h
@@ -5,6 +5,7 @@
 #define EVAL_TM_STYLE   "%Y-%m-%d"
 
 #define VERIFY_SYMBOL_MAX			64
+#define VERIFY_PATH_MAX             258
 #define VERIFY_STRING_MAX			2048
 #define VERIFY_ARRAY_MAX			512
 
diff --git a/conf/verify_policy.conf b/conf/verify_policy.conf
index e2ed0e2..3b03b54 100644
--- a/conf/verify_policy.conf
+++ b/conf/verify_policy.conf
@@ -13,7 +13,7 @@ breakpad_upload_url="http://127.0.0.1/"
 
 [CONFIG]
 #Number of running threads
-thread-nu = 3
+thread-nu = 4
 
 [maat]
 # 0:json 1: redis 2: iris
@@ -23,8 +23,8 @@ table_info_security=./resource/table_info_security.conf
 json_cfg_file=./resource/verify-policy.json
 
 stat_switch=1
-proxy_stat_file=logs/verify_policy_proxy.status
-security_stat_file=logs/verify_policy_security.status
+proxy_stat_file=log/proxy_policy.status
+security_stat_file=log/security_policy.status
 full_cfg_dir=verify-policy/
 inc_cfg_dir=verify-policy/
 
diff --git a/conf/zlog.conf b/conf/zlog.conf
index 29726bc..d2f1ef6 100644
--- a/conf/zlog.conf
+++ b/conf/zlog.conf
@@ -7,7 +7,7 @@ DEBUG=10
 INFO=20
 FATAL=30
 [rules]
-*.fatal                               "./logs/error.log.%d(%F)";
+*.fatal                               "./log/error.log.%d(%F)";
 verify_policy.fatal                   "./logs/verify_policy.log.%d(%F)";
 proxy_policy_maat.fatal	              "./logs/proxy_policy_maat.log.%d(%F)";
 security_policy_maat.fatal	      "./logs/security_policy_maat.log.%d(%F)";
diff --git a/platform/src/verify_policy.cpp b/platform/src/verify_policy.cpp
index 4f1639c..61799d6 100644
--- a/platform/src/verify_policy.cpp
+++ b/platform/src/verify_policy.cpp
@@ -144,7 +144,8 @@ int protoco_field_type_str2idx(enum verify_policy_type type, const char *action_
 			table_name[TSG_SECURITY_APN]="TSG_FILED_GTP_APN";
 			table_name[TSG_SECURITY_TUNNEL]="TSG_SECURITY_TUNNEL";
 			table_name[TSG_SECURITY_EXCLUSION_SSL_SNI]="TSG_DECYPTION_EXCLUSION_SSL_SNI";
-			scan_table_max = TSG_SECURITY_EXCLUSION_SSL_SNI;
+			table_name[TSG_SECURITY_FLAG]="TSG_SECURITY_FLAG";
+			scan_table_max = TSG_SECURITY_FLAG;
 			break;
 		case PXY_TABLE_DEFENCE:
 			break;
@@ -308,11 +309,24 @@ static int get_attribute_from_json(int curr_id, cJSON* subchild, struct verify_p
 		p += snprintf(p, sizeof(buff) - (p - buff), ", district = %s",policy_query->verify_object[curr_id].district);
 	}
 
-	item = cJSON_GetObjectItem(attributeValue,"string");
-	if(item!=NULL)
+	if(policy_query->verify_object[curr_id].protocol_field == PXY_CTRL_APP_ID ||
+	   policy_query->verify_object[curr_id].protocol_field == TSG_SECURITY_FLAG)
 	{
-		policy_query->verify_object[curr_id].keyword = item->valuestring;
-		p += snprintf(p, sizeof(buff) - (p - buff), ", content = %s",policy_query->verify_object[curr_id].keyword);
+		item = cJSON_GetObjectItem(attributeValue, "numeric");
+		if(item && item->type==cJSON_Number)
+		{
+			policy_query->verify_object[curr_id].numeric = item->valueint;
+			p += snprintf(p, sizeof(buff) - (p - buff), ", content = %d", policy_query->verify_object[curr_id].numeric);
+		}
+	}
+	else
+	{
+		item = cJSON_GetObjectItem(attributeValue, "string");
+		if(item!=NULL)
+		{
+			policy_query->verify_object[curr_id].keyword = item->valuestring;
+			p += snprintf(p, sizeof(buff) - (p - buff), ", content = %s",policy_query->verify_object[curr_id].keyword);
+		}
 	}
 	mesa_runtime_log(RLOG_LV_DEBUG, MODULE_NAME, "[I]    %s", buff);
 	memset(buff, 0, VERIFY_STRING_MAX);
diff --git a/resource/table_info_security.conf b/resource/table_info_security.conf
index 73b61d5..fde324b 100644
--- a/resource/table_info_security.conf
+++ b/resource/table_info_security.conf
@@ -66,9 +66,10 @@
 54	TSG_FILED_GTP_PHONE_NUMBER	virtual	TSG_OBJ_PHONE_NUMBER	--
 55	TSG_FILED_GTP_APN	virtual	TSG_OBJ_APN	--
 56	TSG_DECYPTION_EXCLUSION_SSL_SNI	virtual	["TSG_OBJ_FQDN","TSG_OBJ_FQDN_CAT"]	--
-57      TSG_OBJ_TUNNEL_ID       intval  UTF8    UTF8    yes     0
-58      TSG_TUNNEL_CATALOG      bool_plugin     {"row_id":1,"bool_expr":4,"valid":5}    --
+57	TSG_OBJ_TUNNEL_ID       intval  UTF8    UTF8    yes     0
+58	TSG_TUNNEL_CATALOG      bool_plugin     {"row_id":1,"bool_expr":4,"valid":5}    --
 59	TSG_TUNNEL_ENDPOINT	ip_plugin	{"row_id":1,"ip_type":2,"start_ip":3,"end_ip":4,"valid":6,"estimate_size":4194304}
-60      TSG_TUNNEL_LABEL        plugin  {"key":2,"valid":3}     --
-61      TSG_SECURITY_TUNNEL     virtual TSG_OBJ_TUNNEL_ID       --
-
+60	TSG_TUNNEL_LABEL        plugin  {"key":2,"valid":3}     --
+61	TSG_SECURITY_TUNNEL     virtual TSG_OBJ_TUNNEL_ID       --
+62	TSG_OBJ_FLAG flag --
+63	TSG_SECURITY_FLAG virtual  TSG_OBJ_FLAG --
\ No newline at end of file
diff --git a/scan/src/policy_scan.cpp b/scan/src/policy_scan.cpp
index 1e3eeb8..73f33a8 100644
--- a/scan/src/policy_scan.cpp
+++ b/scan/src/policy_scan.cpp
@@ -1398,6 +1398,7 @@ size_t verify_policy_scan(int vsys_id, enum verify_policy_type policy_type, stru
 
 	int protocol_field = query_obj->protocol_field;
 	const char *value = query_obj->keyword;
+	int numeric = query_obj->numeric;
 
 	if ((protocol_field == PXY_COMMON_SOURCE_ADDR || protocol_field == PXY_COMMON_DESTINATION_ADDR) && query_obj->ip_addr != NULL)
 	{
@@ -1442,7 +1443,7 @@ size_t verify_policy_scan(int vsys_id, enum verify_policy_type policy_type, stru
 
 	if (protocol_field == PXY_CTRL_APP_ID)
 	{
-		int scan_val=atoi(value);
+		int scan_val=numeric;
 		scan_ret=Maat_scan_intval(g_policy_rt->maat[vsys_id][policy_type], g_policy_rt->scan_table_id[policy_type][protocol_field], scan_val, ctx->result+hit_cnt, MAX_SCAN_RESULT-hit_cnt, &(ctx->scan_mid), ctx->thread_id);
 		if(scan_ret>0)
 		{
@@ -1454,6 +1455,21 @@ size_t verify_policy_scan(int vsys_id, enum verify_policy_type policy_type, stru
 		goto decide;
 	}
 
+	if (protocol_field == TSG_SECURITY_FLAG)
+	{
+		int flag=numeric;
+
+		scan_ret=Maat_scan_flag(g_policy_rt->maat[vsys_id][policy_type], g_policy_rt->scan_table_id[policy_type][protocol_field], flag, ctx->result+hit_cnt, MAX_SCAN_RESULT-hit_cnt, &(ctx->scan_mid), ctx->thread_id);
+		if(scan_ret>0)
+		{
+			hit_cnt+=scan_ret;
+		}
+		n_read=Maat_get_scan_status(g_policy_rt->maat[vsys_id][policy_type], &(ctx->scan_mid), MAAT_GET_SCAN_HIT_PATH, ctx->hit_path, sizeof(ctx->hit_path));
+		query_obj->nth_scan[0] = ctx->hit_path[ctx->n_read].Nth_scan;
+		ctx->n_read=n_read;
+		goto decide;
+	}
+
 	if ((protocol_field == PXY_CTRL_HTTP_REQ_HDR) || protocol_field == PXY_CTRL_HTTP_RES_HDR)
 	{
 		if(query_obj->district != NULL && value != NULL)
@@ -1535,7 +1551,8 @@ static Maat_feather_t create_maat_feather(const char * instance_name, const char
 	char accept_tags[VERIFY_STRING_MAX] = {0};
 	int redis_port_begin=0, redis_port_end=0;
 	int redis_port_select=0;
-	char json_cfg_file[VERIFY_STRING_MAX] = {0}, maat_stat_file[VERIFY_STRING_MAX] = {0};
+	char json_cfg_file[VERIFY_STRING_MAX] = {0}, maat_stat_file[VERIFY_PATH_MAX] = {0};
+	char maat_stat_db_file[VERIFY_PATH_MAX] = {0};
 	MESA_load_profile_int_def(profile, section, "maat_input_mode", &(input_mode), 0);
 	MESA_load_profile_int_def(profile, section, "perf_switch", &(maat_perf_on), 1);
 
@@ -1603,7 +1620,8 @@ static Maat_feather_t create_maat_feather(const char * instance_name, const char
 
 	if(strlen(maat_stat_file) > 0 && maat_stat_on)
 	{
-		Maat_set_feather_opt(target, MAAT_OPT_STAT_FILE_PATH, maat_stat_file, strlen(maat_stat_file) + 1);
+		snprintf(maat_stat_db_file, VERIFY_PATH_MAX, "%s.%d", maat_stat_file, db_index);
+		Maat_set_feather_opt(target, MAAT_OPT_STAT_FILE_PATH, maat_stat_db_file, strlen(maat_stat_db_file) + 1);
         Maat_set_feather_opt(target, MAAT_OPT_STAT_ON, NULL, 0);
 	}
 
@@ -1739,7 +1757,8 @@ int security_policy_init(struct verify_policy * verify, const char* profile_path
 		table_name[TSG_SECURITY_PHONE_NUMBER]="TSG_FILED_GTP_PHONE_NUMBER";
 		table_name[TSG_SECURITY_APN]="TSG_FILED_GTP_APN";
 		table_name[TSG_SECURITY_TUNNEL]="TSG_SECURITY_TUNNEL",
-		table_name[TSG_SECURITY_EXCLUSION_SSL_SNI]="TSG_DECYPTION_EXCLUSION_SSL_SNI";
+		table_name[TSG_SECURITY_EXCLUSION_SSL_SNI]="TSG_DECYPTION_EXCLUSION_SSL_SNI",
+		table_name[TSG_SECURITY_FLAG]="TSG_SECURITY_FLAG";
 
 		for (int i = 0; i < __SECURITY_TABLE_MAX; i++)
 		{