gfwleak/tango-verify-policy
Archived
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

TSG-15190 Proxy-Intercept的策略当Filter选择Category时,策略验证无法命中

Browse Source
This commit is contained in:
fengweihao
2023-05-22 15:34:21 +08:00
parent 0c0c6bdeac
commit 300ee80aa5
4 changed files with 723 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
common/include/verify_policy.h
View File

@@ -140,7 +140,7 @@ extern struct verify_policy * g_verify_proxy;
void *policy_scan_ctx_new(unsigned int thread_id, int vsys_id, int compile_table_id); void *policy_scan_ctx_new(unsigned int thread_id, int vsys_id, int compile_table_id);
void policy_scan_ctx_free(void * pme); void policy_scan_ctx_free(void * pme);
size_t policy_verify_scan(int vsys_id, int compile_table_id, struct request_query_obj *query_obj, cJSON *data_obj, void *pme); size_t policy_verify_scan(int vsys_id, int compile_table_id, struct request_query_obj *query_obj, void *pme);
void http_get_scan_status(struct request_query_obj *query_obj, int type, cJSON *attributes, cJSON *data_obj, void *pme); void http_get_scan_status(struct request_query_obj *query_obj, int type, cJSON *attributes, cJSON *data_obj, void *pme);
int maat_table_init(struct verify_policy * verify, const char* profile_path); int maat_table_init(struct verify_policy * verify, const char* profile_path);
int http_hit_policy_list(int vsys_id, int compile_table_id, size_t hit_cnt, cJSON *data_obj, void *pme); int http_hit_policy_list(int vsys_id, int compile_table_id, size_t hit_cnt, cJSON *data_obj, void *pme);

40
platform/src/verify_matcher.cpp
View File

@@ -158,6 +158,8 @@ struct verify_policy_rt
void * local_logger; void * local_logger;
int log_level; int log_level;
int thread_num; int thread_num;
int load_ip_location;
int load_fqdn_cat;
int compile_table_id[__SCAN_POLICY_MAX]; int compile_table_id[__SCAN_POLICY_MAX];
int profile_table_id [POLICY_PROFILE_TABLE_MAX]; int profile_table_id [POLICY_PROFILE_TABLE_MAX];
int scan_table_id[__TSG_OBJ_MAX]; int scan_table_id[__TSG_OBJ_MAX];
@@ -1167,6 +1169,11 @@ int ip_location_scan(long long *result, struct ip_addr *sip, struct ip_addr *dip
struct maat_hit_path hit_path[HIT_PATH_SIZE]; struct maat_hit_path hit_path[HIT_PATH_SIZE];
struct ip_data_table* ip_location_client=NULL, *ip_location_server=NULL; struct ip_data_table* ip_location_client=NULL, *ip_location_server=NULL;
if(!g_policy_rt->load_ip_location)
{
return 0;
}
maat_ip_plugin_table_get_ex_data(g_policy_rt->feather[vsys_id], g_policy_rt->profile_table_id[POLICY_LOCATION_USER_DEFINED], sip, (void **)&ip_location_client, 1); maat_ip_plugin_table_get_ex_data(g_policy_rt->feather[vsys_id], g_policy_rt->profile_table_id[POLICY_LOCATION_USER_DEFINED], sip, (void **)&ip_location_client, 1);
maat_ip_plugin_table_get_ex_data(g_policy_rt->feather[vsys_id], g_policy_rt->profile_table_id[POLICY_LOCATION_USER_DEFINED], dip, (void **)&ip_location_server, 1); maat_ip_plugin_table_get_ex_data(g_policy_rt->feather[vsys_id], g_policy_rt->profile_table_id[POLICY_LOCATION_USER_DEFINED], dip, (void **)&ip_location_server, 1);
@@ -1258,6 +1265,11 @@ int http_ip_asn_scan(long long *result, struct ip_addr* sip, struct ip_addr* dip
struct maat_hit_path hit_path[HIT_PATH_SIZE]; struct maat_hit_path hit_path[HIT_PATH_SIZE];
struct ip_data_table* ip_asn_client=NULL, *ip_asn_server=NULL; struct ip_data_table* ip_asn_client=NULL, *ip_asn_server=NULL;
if(!g_policy_rt->load_ip_location)
{
return 0;
}
maat_ip_plugin_table_get_ex_data(g_policy_rt->feather[vsys_id], g_policy_rt->profile_table_id[POLICY_ASN_USER_DEFINED], sip, (void **)&ip_asn_client, 1); maat_ip_plugin_table_get_ex_data(g_policy_rt->feather[vsys_id], g_policy_rt->profile_table_id[POLICY_ASN_USER_DEFINED], sip, (void **)&ip_asn_client, 1);
maat_ip_plugin_table_get_ex_data(g_policy_rt->feather[vsys_id], g_policy_rt->profile_table_id[POLICY_ASN_USER_DEFINED], dip, (void **)&ip_asn_server, 1); maat_ip_plugin_table_get_ex_data(g_policy_rt->feather[vsys_id], g_policy_rt->profile_table_id[POLICY_ASN_USER_DEFINED], dip, (void **)&ip_asn_server, 1);
@@ -1316,6 +1328,11 @@ int get_fqdn_category_id(long long *result, const char *fqdn, int table_id, int
int i=0,ret=0, hit_cnt_fqdn=0; int i=0,ret=0, hit_cnt_fqdn=0;
struct fqdn_category_t *fqdn_cat_user[8]={0},*fqdn_cat_built[8]={0}; struct fqdn_category_t *fqdn_cat_user[8]={0},*fqdn_cat_built[8]={0};
if(!g_policy_rt->load_fqdn_cat)
{
return 0;
}
ret=maat_fqdn_plugin_table_get_ex_data(g_policy_rt->feather[vsys_id], g_policy_rt->profile_table_id[POLICY_FQDN_CAT_USER_DEFINED], fqdn, (void **)fqdn_cat_user, 8); ret=maat_fqdn_plugin_table_get_ex_data(g_policy_rt->feather[vsys_id], g_policy_rt->profile_table_id[POLICY_FQDN_CAT_USER_DEFINED], fqdn, (void **)fqdn_cat_user, 8);
for(i=0; i <ret; i++) for(i=0; i <ret; i++)
{ {
@@ -1439,8 +1456,8 @@ int policy_verify_scan_tunnel_id(long long *result, struct ip_addr *sip, int hit
static inline int secy_request_in_fqdn_cat(int compile_table_id, int table_id) static inline int secy_request_in_fqdn_cat(int compile_table_id, int table_id)
{ {
if(compile_table_id == TSG_TABLE_SECURITY && (table_id == TSG_OBJ_HTTP_HOST || table_id == TSG_OBJ_SSL_SNI if((compile_table_id == TSG_TABLE_SECURITY || compile_table_id == TSG_TRAFFIC_SHAPING || compile_table_id == TSG_SERVICE_CHAINGNG || compile_table_id == PXY_TABLE_INTERCEPT)
|| table_id==TSG_OBJ_SSL_CN || table_id==TSG_OBJ_SSL_SAN || table_id==TSG_OBJ_DNS_QNAME && (table_id == TSG_OBJ_HTTP_HOST || table_id == TSG_OBJ_SSL_SNI || table_id==TSG_OBJ_SSL_CN || table_id==TSG_OBJ_SSL_SAN || table_id==TSG_OBJ_DNS_QNAME
|| table_id == TSG_OBJ_QUIC_SNI)) || table_id == TSG_OBJ_QUIC_SNI))
{ {
return 1; return 1;
@@ -1631,7 +1648,7 @@ static int policy_verify_scan_ip_addr(struct request_query_obj *request, struct
return hit_cnt_ip; return hit_cnt_ip;
} }
size_t policy_verify_scan(int vsys_id, int compile_table_id, struct request_query_obj *request, cJSON *data_obj, void *pme) size_t policy_verify_scan(int vsys_id, int compile_table_id, struct request_query_obj *request, void *pme)
{ {
size_t n_hit_result=0; size_t n_hit_result=0;
int scan_ret=0, n_read; int scan_ret=0, n_read;
@@ -1830,6 +1847,11 @@ static struct maat *create_maat_feather(const char * instance_name, const char *
mesa_runtime_log(RLOG_LV_FATAL, "%s MAAT init failed.", __FUNCTION__); mesa_runtime_log(RLOG_LV_FATAL, "%s MAAT init failed.", __FUNCTION__);
goto error_out; goto error_out;
} }
mesa_runtime_log(RLOG_LV_INFO, "%s:%s", "Maat Redis Ip", redis_ip);
mesa_runtime_log(RLOG_LV_INFO, "%s:%s", "Maat Redis Port", redis_port_range);
mesa_runtime_log(RLOG_LV_INFO, "%s:%d", "Maat Redis_db_index", db_index);
maat_options_free(opts); maat_options_free(opts);
return target; return target;
@@ -1901,6 +1923,7 @@ static void common_table_name_int(const char *table_name[__TSG_OBJ_MAX])
int maat_table_init(struct verify_policy * verify, const char* profile_path) int maat_table_init(struct verify_policy * verify, const char* profile_path)
{ {
int ret = -1; int vsys_id=0; int ret = -1; int vsys_id=0;
int load_vsys_num=0;
char log_path[VERIFY_PATH_MAX]; char log_path[VERIFY_PATH_MAX];
snprintf(log_path, sizeof(log_path), "logs/maat.log"); snprintf(log_path, sizeof(log_path), "logs/maat.log");
@@ -1908,7 +1931,12 @@ int maat_table_init(struct verify_policy * verify, const char* profile_path)
g_policy_rt->local_logger = verify->logger; g_policy_rt->local_logger = verify->logger;
g_policy_rt->thread_num = verify->nr_work_threads; g_policy_rt->thread_num = verify->nr_work_threads;
for(vsys_id=0; vsys_id < VSYS_ID_MAX; vsys_id++) MESA_load_profile_int_def(profile_path, "MAAT", "load_ip_location", &(g_policy_rt->load_ip_location), 1);
MESA_load_profile_int_def(profile_path, "MAAT", "load_fqdn_cat", &(g_policy_rt->load_fqdn_cat), 1);
MESA_load_profile_int_def(profile_path, "MAAT", "load_vsys_num", &(load_vsys_num), 255);
load_vsys_num = load_vsys_num > VSYS_ID_MAX ? VSYS_ID_MAX : load_vsys_num;
for(vsys_id=0; vsys_id < load_vsys_num; vsys_id++)
{ {
g_policy_rt->feather[vsys_id] = create_maat_feather("static", profile_path, "MAAT", g_policy_rt->thread_num, log_path, vsys_id); g_policy_rt->feather[vsys_id] = create_maat_feather("static", profile_path, "MAAT", g_policy_rt->thread_num, log_path, vsys_id);
if (!g_policy_rt->feather[vsys_id]) if (!g_policy_rt->feather[vsys_id])
@@ -1966,7 +1994,7 @@ int maat_table_init(struct verify_policy * verify, const char* profile_path)
maat_plugin_table_ex_schema_register(g_policy_rt->feather[vsys_id], "PXY_INTERCEPT_COMPILE", compile_table_new_cb, compile_free_data, compile_dup_data, 0,NULL); maat_plugin_table_ex_schema_register(g_policy_rt->feather[vsys_id], "PXY_INTERCEPT_COMPILE", compile_table_new_cb, compile_free_data, compile_dup_data, 0,NULL);
} }
for(int i = POLICY_ASN_USER_DEFINED; i < POLICY_FQDN_CAT_USER_DEFINED; i++) for(int i = POLICY_ASN_USER_DEFINED; i < POLICY_FQDN_CAT_USER_DEFINED && g_policy_rt->load_ip_location; i++)
{ {
ret = maat_ip_table_init(i, vsys_id, ip_table_free_cb, ip_table_dup_cb); ret = maat_ip_table_init(i, vsys_id, ip_table_free_cb, ip_table_dup_cb);
if(ret<0) if(ret<0)
@@ -1974,7 +2002,7 @@ int maat_table_init(struct verify_policy * verify, const char* profile_path)
goto error_out; goto error_out;
} }
} }
for(int i = POLICY_FQDN_CAT_USER_DEFINED; i <= POLICY_FQDN_CAT_BUILT_IN; i++) for(int i = POLICY_FQDN_CAT_USER_DEFINED; i <= POLICY_FQDN_CAT_BUILT_IN && g_policy_rt->load_fqdn_cat; i++)
{ {
ret = maat_fqdn_cat_table_init(i, vsys_id, fqdn_cat_new_data, fqdn_cat_free_data, fqdn_cat_dup_data); ret = maat_fqdn_cat_table_init(i, vsys_id, fqdn_cat_new_data, fqdn_cat_free_data, fqdn_cat_dup_data);
if(ret<0) if(ret<0)

2
platform/src/verify_policy.cpp
View File

@@ -435,7 +435,7 @@ int get_query_result_policy(cJSON *subitem, cJSON *data_obj, int thread_id)
{ {
goto free; goto free;
} }
hit_cnt = policy_verify_scan(verify_policy->vsys_id, verify_policy->compile_table_id, &verify_policy->verify_object[i], data_obj, ctx); hit_cnt = policy_verify_scan(verify_policy->vsys_id, verify_policy->compile_table_id, &verify_policy->verify_object[i], ctx);
if(0 == strcasecmp(verify_policy->verify_object[i].attri_name, "source") || if(0 == strcasecmp(verify_policy->verify_object[i].attri_name, "source") ||
0 == strcasecmp(verify_policy->verify_object[i].attri_name, "destination")) 0 == strcasecmp(verify_policy->verify_object[i].attri_name, "destination"))
{ {

687
resource/table_info_simple.conf Normal file
View File

@@ -0,0 +1,687 @@
[
{
"table_id":0,
"table_name":"TSG_SECURITY_COMPILE",
"table_type":"compile",
"user_region_encoded":"escape",
"valid_column":8,
"custom": {
"compile_id":1,
"service_id":2,
"action":3,
"do_blacklist":4,
"do_log":5,
"tags":6,
"user_region":7,
"clause_num":9,
"evaluation_order":10
}
},
{
"table_id":1,
"table_name":"GROUP_SECURITY_COMPILE_RELATION",
"table_type":"group2compile",
"associated_compile_table_id":0,
"valid_column":3,
"custom": {
"group_id":1,
"compile_id":2,
"not_flag":4,
"virtual_table_name":5,
"clause_index":6
}
},
{
"table_id":2,
"table_name":"PXY_CTRL_COMPILE",
"table_type":"compile",
"user_region_encoded":"escape",
"valid_column":8,
"custom": {
"compile_id":1,
"service_id":2,
"action":3,
"do_blacklist":4,
"do_log":5,
"tags":6,
"user_region":7,
"clause_num":9,
"evaluation_order":10
}
},
{
"table_id":3,
"table_name":"GROUP_PXY_CTRL_COMPILE_RELATION",
"table_type":"group2compile",
"associated_compile_table_id":2,
"valid_column":3,
"custom": {
"group_id":1,
"compile_id":2,
"not_flag":4,
"virtual_table_name":5,
"clause_index":6
}
},
{
"table_id":4,
"table_name":"TRAFFIC_SHAPING_COMPILE",
"table_type":"compile",
"user_region_encoded":"escape",
"valid_column":8,
"custom": {
"compile_id":1,
"service_id":2,
"action":3,
"do_blacklist":4,
"do_log":5,
"tags":6,
"user_region":7,
"clause_num":9,
"evaluation_order":10
}
},
{
"table_id":5,
"table_name":"GROUP_SHAPING_COMPILE_RELATION",
"table_type":"group2compile",
"associated_compile_table_id":4,
"valid_column":3,
"custom": {
"group_id":1,
"compile_id":2,
"not_flag":4,
"virtual_table_name":5,
"clause_index":6
}
},
{
"table_id":6,
"table_name":"SERVICE_CHAINING_COMPILE",
"table_type":"compile",
"user_region_encoded":"escape",
"valid_column":8,
"custom": {
"compile_id":1,
"service_id":2,
"action":3,
"do_blacklist":4,
"do_log":5,
"tags":6,
"user_region":7,
"clause_num":9,
"evaluation_order":10
}
},
{
"table_id":7,
"table_name":"GROUP_SERVICE_CHAINING_COMPILE_RELATION",
"table_type":"group2compile",
"associated_compile_table_id":6,
"valid_column":3,
"custom": {
"group_id":1,
"compile_id":2,
"not_flag":4,
"virtual_table_name":5,
"clause_index":6
}
},
{
"table_id":8,
"table_name":"PXY_INTERCEPT_COMPILE",
"table_type":"compile",
"user_region_encoded":"escape",
"valid_column":8,
"custom": {
"compile_id":1,
"service_id":2,
"action":3,
"do_blacklist":4,
"do_log":5,
"tags":6,
"user_region":7,
"clause_num":9,
"evaluation_order":10
}
},
{
"table_id":9,
"table_name":"GROUP_PXY_INTERCEPT_COMPILE_RELATION",
"table_type":"group2compile",
"associated_compile_table_id":8,
"valid_column":3,
"custom": {
"group_id":1,
"compile_id":2,
"not_flag":4,
"virtual_table_name":5,
"clause_index":6
}
},
{
"table_id":10,
"table_name":"GROUP_GROUP_RELATION",
"table_type":"group2group",
"valid_column":4,
"custom": {
"group_id":1,
"super_group_id":2,
"is_exclude":3
}
},
{
"table_id":11,
"table_name":"TSG_OBJ_IP",
"db_tables":["TSG_OBJ_IP_ADDR","TSG_OBJ_IP_LEARNING_ADDR"],
"table_type":"ip_plus",
"valid_column":11,
"custom": {
"item_id":1,
"group_id":2,
"addr_type":3,
"addr_format":4,
"ip1":5,
"ip2":6,
"port_format":7,
"port1":8,
"port2":9,
"protocol":10
}
},
{
"table_id":12,
"table_name":"TSG_OBJ_SUBSCRIBER_ID",
"table_type":"expr",
"valid_column":7,
"custom": {
"item_id":1,
"group_id":2,
"keywords":3,
"expr_type":4,
"match_method":5,
"is_hexbin":6
}
},
{
"table_id":13,
"table_name":"TSG_OBJ_ACCOUNT",
"table_type":"expr",
"valid_column":7,
"custom": {
"item_id":1,
"group_id":2,
"keywords":3,
"expr_type":4,
"match_method":5,
"is_hexbin":6
}
},
{
"table_id":14,
"table_name":"TSG_OBJ_URL",
"table_type":"expr",
"valid_column":7,
"custom": {
"item_id":1,
"group_id":2,
"keywords":3,
"expr_type":4,
"match_method":5,
"is_hexbin":6
}
},
{
"table_id":15,
"table_name":"TSG_OBJ_FQDN",
"table_type":"expr",
"valid_column":7,
"custom": {
"item_id":1,
"group_id":2,
"keywords":3,
"expr_type":4,
"match_method":5,
"is_hexbin":6
}
},
{
"table_id":16,
"table_name":"TSG_OBJ_FQDN_CAT",
"table_type":"intval",
"valid_column":5,
"custom": {
"item_id":1,
"group_id":2,
"low_bound":3,
"up_bound":4
}
},
{
"table_id":17,
"table_name":"TSG_OBJ_KEYWORDS",
"table_type":"expr",
"valid_column":7,
"custom": {
"item_id":1,
"group_id":2,
"keywords":3,
"expr_type":4,
"match_method":5,
"is_hexbin":6
}
},
{
"table_id":18,
"table_name":"TSG_OBJ_APP_ID",
"table_type":"intval",
"valid_column":5,
"custom": {
"item_id":1,
"group_id":2,
"low_bound":3,
"up_bound":4
}
},
{
"table_id":19,
"table_name":"TSG_OBJ_HTTP_SIGNATURE",
"table_type":"expr_plus",
"valid_column":8,
"custom": {
"item_id":1,
"group_id":2,
"district":3,
"keywords":4,
"expr_type":5,
"match_method":6,
"is_hexbin":7
}
},
{
"table_id":20,
"table_name":"TSG_FIELD_HTTP_HOST",
"table_type":"virtual",
"physical_table": "TSG_OBJ_FQDN"
},
{
"table_id":21,
"table_name":"TSG_FIELD_HTTP_HOST_CAT",
"table_type":"virtual",
"physical_table": "TSG_OBJ_FQDN_CAT"
},
{
"table_id":22,
"table_name":"TSG_FIELD_HTTP_URL",
"table_type":"virtual",
"physical_table": "TSG_OBJ_URL"
},
{
"table_id":23,
"table_name":"TSG_FIELD_HTTP_REQ_HDR",
"table_type":"virtual",
"physical_table": "TSG_OBJ_HTTP_SIGNATURE"
},
{
"table_id":24,
"table_name":"TSG_FIELD_HTTP_RES_HDR",
"table_type":"virtual",
"physical_table": "TSG_OBJ_HTTP_SIGNATURE"
},
{
"table_id":25,
"table_name":"TSG_FIELD_HTTP_REQ_BODY",
"table_type":"virtual",
"physical_table": "TSG_OBJ_KEYWORDS"
},
{
"table_id":26,
"table_name":"TSG_FIELD_HTTP_RES_BODY",
"table_type":"virtual",
"physical_table": "TSG_OBJ_KEYWORDS"
},
{
"table_id":27,
"table_name":"TSG_FIELD_SSL_SNI",
"table_type":"virtual",
"physical_table": "TSG_OBJ_FQDN"
},
{
"table_id":28,
"table_name":"TSG_FIELD_SSL_SNI_CAT",
"table_type":"virtual",
"physical_table": "TSG_OBJ_FQDN_CAT"
},
{
"table_id":29,
"table_name":"TSG_FIELD_SSL_CN",
"table_type":"virtual",
"physical_table": "TSG_OBJ_FQDN"
},
{
"table_id":30,
"table_name":"TSG_FIELD_SSL_CN_CAT",
"table_type":"virtual",
"physical_table": "TSG_OBJ_FQDN_CAT"
},
{
"table_id":31,
"table_name":"TSG_FIELD_SSL_SAN",
"table_type":"virtual",
"physical_table": "TSG_OBJ_FQDN"
},
{
"table_id":32,
"table_name":"TSG_FIELD_SSL_SAN_CAT",
"table_type":"virtual",
"physical_table":"TSG_OBJ_FQDN_CAT"
},
{
"table_id":33,
"table_name":"TSG_FIELD_DNS_QNAME",
"table_type":"virtual",
"physical_table": "TSG_OBJ_FQDN"
},
{
"table_id":34,
"table_name":"TSG_FIELD_QUIC_SNI",
"table_type":"virtual",
"physical_table": "TSG_OBJ_FQDN"
},
{
"table_id":35,
"table_name":"TSG_FIELD_QUIC_SNI_CAT",
"table_type":"virtual",
"physical_table": "TSG_OBJ_FQDN_CAT"
},
{
"table_id":36,
"table_name":"TSG_FIELD_MAIL_ACCOUNT",
"table_type":"virtual",
"physical_table": "TSG_OBJ_ACCOUNT"
},
{
"table_id":37,
"table_name":"TSG_FIELD_MAIL_FROM",
"table_type":"virtual",
"physical_table": "TSG_OBJ_ACCOUNT"
},
{
"table_id":38,
"table_name":"TSG_FIELD_MAIL_TO",
"table_type":"virtual",
"physical_table": "TSG_OBJ_ACCOUNT"
},
{
"table_id":39,
"table_name":"TSG_FIELD_MAIL_SUBJECT",
"table_type":"virtual",
"physical_table": "TSG_OBJ_KEYWORDS"
},
{
"table_id":40,
"table_name":"TSG_FIELD_MAIL_CONTENT",
"table_type":"virtual",
"physical_table": "TSG_OBJ_KEYWORDS"
},
{
"table_id":41,
"table_name":"TSG_FIELD_MAIL_ATT_NAME",
"table_type":"virtual",
"physical_table": "TSG_OBJ_KEYWORDS"
},
{
"table_id":42,
"table_name":"TSG_FIELD_MAIL_ATT_CONTENT",
"table_type":"virtual",
"physical_table": "TSG_OBJ_KEYWORDS"
},
{
"table_id":43,
"table_name":"TSG_FIELD_FTP_URI",
"table_type":"virtual",
"physical_table": "TSG_OBJ_URL"
},
{
"table_id":44,
"table_name":"TSG_FIELD_FTP_CONTENT",
"table_type":"virtual",
"physical_table": "TSG_OBJ_KEYWORDS"
},
{
"table_id":45,
"table_name":"TSG_FIELD_FTP_ACCOUNT",
"table_type":"virtual",
"physical_table": "TSG_OBJ_ACCOUNT"
},
{
"table_id":46,
"table_name":"TSG_SECURITY_SOURCE_ADDR",
"table_type":"virtual",
"physical_table": "TSG_OBJ_IP"
},
{
"table_id":47,
"table_name":"TSG_SECURITY_DESTINATION_ADDR",
"table_type":"virtual",
"physical_table": "TSG_OBJ_IP"
},
{
"table_id":52,
"table_name":"TSG_OBJ_AS_NUMBER",
"table_type":"expr",
"valid_column":7,
"custom": {
"item_id":1,
"group_id":2,
"keywords":3,
"expr_type":4,
"match_method":5,
"is_hexbin":6
}
},
{
"table_id":53,
"table_name":"TSG_SECURITY_SOURCE_ASN",
"table_type":"virtual",
"physical_table": "TSG_OBJ_AS_NUMBER"
},
{
"table_id":54,
"table_name":"TSG_SECURITY_DESTINATION_ASN",
"table_type":"virtual",
"physical_table": "TSG_OBJ_AS_NUMBER"
},
{
"table_id":55,
"table_name":"TSG_OBJ_GEO_LOCATION",
"table_type":"expr",
"valid_column":7,
"custom": {
"item_id":1,
"group_id":2,
"keywords":3,
"expr_type":4,
"match_method":5,
"is_hexbin":6
}
},
{
"table_id":56,
"table_name":"TSG_SECURITY_SOURCE_LOCATION",
"table_type":"virtual",
"physical_table": "TSG_OBJ_GEO_LOCATION"
},
{
"table_id":57,
"table_name":"TSG_SECURITY_DESTINATION_LOCATION",
"table_type":"virtual",
"physical_table": "TSG_OBJ_GEO_LOCATION"
},
{
"table_id":60,
"table_name":"TSG_FIELD_SIP_ORIGINATOR_DESCRIPTION",
"table_type":"virtual",
"physical_table": "TSG_OBJ_ACCOUNT"
},
{
"table_id":61,
"table_name":"TSG_FIELD_SIP_RESPONDER_DESCRIPTION",
"table_type":"virtual",
"physical_table": "TSG_OBJ_ACCOUNT"
},
{
"table_id":62,
"table_name":"TSG_OBJ_IMSI",
"table_type":"expr",
"valid_column":7,
"custom": {
"item_id":1,
"group_id":2,
"keywords":3,
"expr_type":4,
"match_method":5,
"is_hexbin":6
}
},
{
"table_id":63,
"table_name":"TSG_OBJ_PHONE_NUMBER",
"table_type":"expr",
"valid_column":7,
"custom": {
"item_id":1,
"group_id":2,
"keywords":3,
"expr_type":4,
"match_method":5,
"is_hexbin":6
}
},
{
"table_id":64,
"table_name":"TSG_OBJ_APN",
"table_type":"expr",
"valid_column":7,
"custom": {
"item_id":1,
"group_id":2,
"keywords":3,
"expr_type":4,
"match_method":5,
"is_hexbin":6
}
},
{
"table_id":65,
"table_name":"TSG_FILED_GTP_IMSI",
"table_type":"virtual",
"physical_table": "TSG_OBJ_IMSI"
},
{
"table_id":66,
"table_name":"TSG_FILED_GTP_PHONE_NUMBER",
"table_type":"virtual",
"physical_table": "TSG_OBJ_PHONE_NUMBER"
},
{
"table_id":67,
"table_name":"TSG_FILED_GTP_APN",
"table_type":"virtual",
"physical_table": "TSG_OBJ_APN"
},
{
"table_id":68,
"table_name":"TSG_DECYPTION_EXCLUSION_SSL_SNI",
"table_type":"virtual",
"physical_table": "TSG_OBJ_FQDN"
},
{
"table_id":69,
"table_name":"TSG_OBJ_TUNNEL_ID",
"table_type":"intval",
"valid_column":5,
"custom": {
"item_id":1,
"group_id":2,
"low_bound":3,
"up_bound":4
}
},
{
"table_id":70,
"table_name":"TSG_TUNNEL_CATALOG",
"table_type":"bool_plugin",
"valid_column":5,
"custom": {
"item_id":1,
"bool_expr":4
}
},
{
"table_id":71,
"table_name":"TSG_TUNNEL_ENDPOINT",
"table_type":"ip_plugin",
"valid_column":6,
"custom": {
"item_id":1,
"ip_type":2,
"start_ip":3,
"end_ip":4,
"addr_format":7
}
},
{
"table_id":72,
"table_name":"TSG_TUNNEL_LABEL",
"table_type":"plugin",
"valid_column":4,
"custom": {
"key":1,
"key_type":"pointer",
"tag":3
}
},
{
"table_id":73,
"table_name":"TSG_SECURITY_TUNNEL",
"table_type":"virtual",
"physical_table": "TSG_OBJ_TUNNEL_ID"
},
{
"table_id":74,
"table_name":"TSG_OBJ_FLAG",
"table_type":"flag",
"valid_column":5,
"custom": {
"item_id":1,
"group_id":2,
"flag":3,
"flag_mask":4
}
},
{
"table_id":75,
"table_name":"TSG_SECURITY_FLAG",
"table_type":"virtual",
"physical_table": "TSG_OBJ_FLAG"
},
{
"table_id":76,
"table_name":"TSG_FIELD_DOH_QNAME",
"table_type":"virtual",
"physical_table": "TSG_OBJ_FQDN"
},
{
"table_id":77,
"table_name":"TSG_FIELD_DOH_HOST",
"table_type":"virtual",
"physical_table": "TSG_OBJ_FQDN"
},
{
"table_id":78,
"table_name":"TSG_FIELD_DOH_HOST_CAT",
"table_type":"virtual",
"physical_table": "TSG_OBJ_FQDN_CAT"
}
]