gfwleak/tango-verify-policy
Archived
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

TSG-22738 VerifyPolicy适配MAAT,将Policy的分发格式从行列式变更为JSON

Browse Source
This commit is contained in:
fengweihao
2024-10-18 18:17:51 +08:00
parent be7368a0cc
commit 44259187b2
13 changed files with 1858 additions and 3370 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
ci/travis.sh
View File

@@ -33,7 +33,7 @@ env | sort
: "${COMPILER_IS_GNUCXX:=OFF}"
# Install dependency from YUM
yum install -y libcjson-devel libmaatframe-devel libfieldstat4-devel libMESA_prof_load-devel sapp-devel
yum install -y libcjson-devel libmaatframe-devel libfieldstat4-devel libMESA_prof_load-devel sapp-devel libuuid-devel
mkdir build || true
cd build

2
common/include/verify_policy.h
View File

@@ -22,7 +22,7 @@ enum verify_type
VERIFY_TYPE_REGEX
};
enum compile_table_typle
enum policy_rule_type
{
TSG_TABLE_SECURITY,
PXY_TABLE_MANIPULATION,

4
conf/verify_policy.conf
View File

@@ -14,15 +14,13 @@ breakpad_upload_url="http://127.0.0.1/"
thread-nu = 4
[maat]
# 0:json 1: redis 2: iris
# 0:json 1: redis
maat_input_mode=1
table_info=./resource/table_info.conf
json_cfg_file=./resource/verify-policy.json
stat_switch=1
stat_file=log/maat_stat.db
full_cfg_dir=verify-policy/
inc_cfg_dir=verify-policy/
maat_redis_server=192.168.40.131
maat_redis_port_range=7002

2
platform/CMakeLists.txt
View File

@@ -6,6 +6,6 @@ add_executable(verify-policy src/verify_policy.cpp src/verify_matcher.cpp)
#target_include_directories(verify-policy PUBLIC ${CMAKE_CURRENT_LIST_DIR}/include)
target_link_libraries(verify-policy common cjson maatframe)
target_link_libraries(verify-policy common cjson maatframe uuid)
target_link_libraries(verify-policy pthread dl libevent-static MESA_prof_load breakpad-client-static cjson ${SYSTEMD_LIBRARIES})

1069
platform/src/verify_matcher.cpp
View File

File diff suppressed because it is too large Load Diff

1027
resource/table_info.conf
View File

File diff suppressed because it is too large Load Diff

993
resource/table_info_simple.conf
View File

@@ -1,993 +0,0 @@
[
{
"table_id":0,
"table_name":"SECURITY_COMPILE",
"table_type":"compile",
"user_region_encoded":"escape",
"valid_column":9,
"custom": {
"compile_id":1,
"tags":6,
"clause_num":8
}
},
{
"table_id":1,
"table_name":"SECURITY_COMPILE_CONJUNCTION",
"db_tables":["SECURITY_COMPILE"],
"default_compile_table":1,
"table_type":"compile",
"user_region_encoded":"escape",
"valid_column":9,
"custom": {
"compile_id":1,
"tags":6,
"clause_num":8
}
},
{
"table_id":2,
"table_name":"SECURITY_COMPILE_PLUGIN",
"db_tables":["SECURITY_COMPILE"],
"table_type":"plugin",
"valid_column":9,
"custom": {
"key":1,
"key_type":"integer",
"key_len":8
}
},
{
"table_id":3,
"table_name":"GROUP_SECURITY_COMPILE_RELATION",
"table_type":"group2compile",
"associated_compile_table_id":1,
"valid_column":6,
"custom": {
"group_id":1,
"compile_id":2,
"not_flag":3,
"virtual_table_name":4,
"clause_index":5
}
},
{
"table_id":4,
"table_name":"PXY_CTRL_COMPILE",
"table_type":"compile",
"user_region_encoded":"escape",
"valid_column":9,
"custom": {
"compile_id":1,
"tags":6,
"clause_num":8
}
},
{
"table_id":5,
"table_name":"PXY_CTRL_COMPILE_CONJUNCTION",
"db_tables":["PXY_CTRL_COMPILE"],
"default_compile_table":1,
"table_type":"compile",
"user_region_encoded":"escape",
"valid_column":9,
"custom": {
"compile_id":1,
"tags":6,
"clause_num":8
}
},
{
"table_id":6,
"table_name":"PXY_CTRL_COMPILE_PLUGIN",
"db_tables":["PXY_CTRL_COMPILE"],
"table_type":"plugin",
"valid_column":9,
"custom": {
"key":1,
"key_type":"integer",
"key_len": 8
}
},
{
"table_id":7,
"table_name":"GROUP_PXY_CTRL_COMPILE_RELATION",
"table_type":"group2compile",
"associated_compile_table_id":5,
"valid_column":6,
"custom": {
"group_id":1,
"compile_id":2,
"not_flag":3,
"virtual_table_name":4,
"clause_index":5
}
},
{
"table_id":8,
"table_name":"TRAFFIC_SHAPING_COMPILE",
"table_type":"compile",
"user_region_encoded":"escape",
"valid_column":9,
"custom": {
"compile_id":1,
"tags":6,
"clause_num":8
}
},
{
"table_id":9,
"table_name":"TRAFFIC_SHAPING_COMPILE_CONJUNCTION",
"db_tables":["TRAFFIC_SHAPING_COMPILE"],
"default_compile_table":1,
"table_type":"compile",
"user_region_encoded":"escape",
"valid_column":9,
"custom": {
"compile_id":1,
"tags":6,
"clause_num":8
}
},
{
"table_id":10,
"table_name":"TRAFFIC_SHAPING_COMPILE_PLUGIN",
"db_tables":["TRAFFIC_SHAPING_COMPILE"],
"table_type":"plugin",
"valid_column":9,
"custom": {
"key":1,
"key_type":"integer",
"key_len": 8
}
},
{
"table_id":11,
"table_name":"GROUP_SHAPING_COMPILE_RELATION",
"table_type":"group2compile",
"associated_compile_table_id":9,
"valid_column":6,
"custom": {
"group_id":1,
"compile_id":2,
"not_flag":3,
"virtual_table_name":4,
"clause_index":5
}
},
{
"table_id":12,
"table_name":"SERVICE_CHAINING_COMPILE",
"table_type":"compile",
"user_region_encoded":"escape",
"valid_column":9,
"custom": {
"compile_id":1,
"tags":6,
"clause_num":8
}
},
{
"table_id":13,
"table_name":"SERVICE_CHAINING_COMPILE_CONJUNCTION",
"db_tables":["SERVICE_CHAINING_COMPILE"],
"default_compile_table":1,
"table_type":"compile",
"user_region_encoded":"escape",
"valid_column":9,
"custom": {
"compile_id":1,
"tags":6,
"clause_num":8
}
},
{
"table_id":14,
"table_name":"SERVICE_CHAINING_COMPILE_PLUGIN",
"db_tables":["SERVICE_CHAINING_COMPILE"],
"table_type":"plugin",
"valid_column":9,
"custom": {
"key":1,
"key_type":"integer",
"key_len": 8
}
},
{
"table_id":15,
"table_name":"GROUP_SERVICE_CHAINING_COMPILE_RELATION",
"table_type":"group2compile",
"associated_compile_table_id":13,
"valid_column":6,
"custom": {
"group_id":1,
"compile_id":2,
"not_flag":3,
"virtual_table_name":4,
"clause_index":5
}
},
{
"table_id":16,
"table_name":"PXY_INTERCEPT_COMPILE",
"table_type":"compile",
"user_region_encoded":"escape",
"valid_column":9,
"custom": {
"compile_id":1,
"tags":6,
"clause_num":8
}
},
{
"table_id":17,
"table_name":"PXY_INTERCEPT_COMPILE_CONJUNCTION",
"db_tables":["PXY_INTERCEPT_COMPILE"],
"default_compile_table":1,
"table_type":"compile",
"user_region_encoded":"escape",
"valid_column":9,
"custom": {
"compile_id":1,
"tags":6,
"clause_num":8
}
},
{
"table_id":18,
"table_name":"PXY_INTERCEPT_COMPILE_PLUGIN",
"db_tables":["PXY_INTERCEPT_COMPILE"],
"table_type":"plugin",
"valid_column":9,
"custom": {
"key":1,
"key_type":"integer",
"key_len":8
}
},
{
"table_id":19,
"table_name":"GROUP_PXY_INTERCEPT_COMPILE_RELATION",
"table_type":"group2compile",
"associated_compile_table_id":17,
"valid_column":6,
"custom": {
"group_id":1,
"compile_id":2,
"not_flag":3,
"virtual_table_name":4,
"clause_index":5
}
},
{
"table_id":20,
"table_name":"STATISTICS_COMPILE",
"table_type":"compile",
"user_region_encoded":"escape",
"valid_column":9,
"custom": {
"compile_id":1,
"tags":6,
"clause_num":8
}
},
{
"table_id":21,
"table_name":"STATISTICS_COMPILE_CONJUNCTION",
"db_tables":["STATISTICS_COMPILE"],
"default_compile_table":1,
"table_type":"compile",
"user_region_encoded":"escape",
"valid_column":9,
"custom": {
"compile_id":1,
"tags":6,
"clause_num":8
}
},
{
"table_id":22,
"table_name":"STATISTICS_COMPILE_PLUGIN",
"db_tables":["STATISTICS_COMPILE"],
"table_type":"plugin",
"valid_column":9,
"custom": {
"key":1,
"key_type":"integer",
"key_len": 8
}
},
{
"table_id":23,
"table_name":"GROUP_STATISTICS_COMPILE_RELATION",
"table_type":"group2compile",
"associated_compile_table_id":21,
"valid_column":6,
"custom": {
"group_id":1,
"compile_id":2,
"not_flag":3,
"virtual_table_name":4,
"clause_index":5
}
},
{
"table_id":24,
"table_name":"MONITOR_COMPILE",
"table_type":"compile",
"user_region_encoded":"escape",
"valid_column":9,
"custom": {
"compile_id":1,
"tags":6,
"clause_num":8
}
},
{
"table_id":25,
"table_name":"MONITOR_COMPILE_CONJUNCTION",
"db_tables":["MONITOR_COMPILE"],
"default_compile_table":1,
"table_type":"compile",
"user_region_encoded":"escape",
"valid_column":9,
"custom": {
"compile_id":1,
"tags":6,
"clause_num":8
}
},
{
"table_id":26,
"table_name":"MONITOR_COMPILE_PLUGIN",
"db_tables":["MONITOR_COMPILE"],
"table_type":"plugin",
"valid_column":9,
"custom": {
"key":1,
"key_type":"integer",
"key_len": 8
}
},
{
"table_id":27,
"table_name":"GROUP_MONITOR_COMPILE_RELATION",
"table_type":"group2compile",
"associated_compile_table_id":25,
"valid_column":6,
"custom": {
"group_id":1,
"compile_id":2,
"not_flag":3,
"virtual_table_name":4,
"clause_index":5
}
},
{
"table_id":28,
"table_name":"DOS_PROTECTION_COMPILE",
"table_type":"compile",
"user_region_encoded":"escape",
"valid_column":9,
"custom": {
"compile_id":1,
"tags":6,
"clause_num":8
}
},
{
"table_id":29,
"table_name":"DOS_PROTECTION_COMPILE_CONJUNCTION",
"db_tables":["DOS_PROTECTION_COMPILE"],
"default_compile_table":1,
"table_type":"compile",
"user_region_encoded":"escape",
"valid_column":9,
"custom": {
"compile_id":1,
"tags":6,
"clause_num":8
}
},
{
"table_id":30,
"table_name":"DOS_PROTECTION_COMPILE_PLUGIN",
"db_tables":["DOS_PROTECTION_COMPILE"],
"table_type":"plugin",
"valid_column":9,
"custom": {
"key":1,
"key_type":"integer",
"key_len": 8
}
},
{
"table_id":31,
"table_name":"GROUP_DOS_PROTECTION_COMPILE_RELATION",
"table_type":"group2compile",
"associated_compile_table_id":29,
"valid_column":6,
"custom": {
"group_id":1,
"compile_id":2,
"not_flag":3,
"virtual_table_name":4,
"clause_index":5
}
},
{
"table_id":32,
"table_name":"TUNNEL_COMPILE",
"table_type":"compile",
"user_region_encoded":"escape",
"valid_column":9,
"custom": {
"compile_id":1,
"tags":6,
"clause_num":8
}
},
{
"table_id":33,
"table_name":"TUNNEL_COMPILE_CONJUNCTION",
"db_tables":["TUNNEL_COMPILE"],
"default_compile_table":1,
"table_type":"compile",
"user_region_encoded":"escape",
"valid_column":9,
"custom": {
"compile_id":1,
"tags":6,
"clause_num":8
}
},
{
"table_id":34,
"table_name":"TUNNEL_COMPILE_PLUGIN",
"db_tables":["TUNNEL_COMPILE"],
"table_type":"plugin",
"valid_column":9,
"custom": {
"key":1,
"key_type":"integer",
"key_len": 8
}
},
{
"table_id":35,
"table_name":"GROUP_TUNNEL_COMPILE_RELATION",
"table_type":"group2compile",
"associated_compile_table_id":33,
"valid_column":6,
"custom": {
"group_id":1,
"compile_id":2,
"not_flag":3,
"virtual_table_name":4,
"clause_index":5
}
},
{
"table_id":36,
"table_name":"OBJECT_GROUP",
"table_type":"group2group",
"valid_column":4,
"custom": {
"group_id":1,
"included_sub_group_ids":2,
"excluded_sub_group_ids":3
}
},
{
"table_id":37,
"table_name":"TSG_OBJ_IP",
"db_tables":["TSG_OBJ_IP_ADDR","TSG_OBJ_IP_LEARNING_ADDR"],
"table_type":"ip",
"valid_column":8,
"custom": {
"item_id":1,
"group_id":2,
"addr_type":3,
"addr_format":4,
"ip1":5,
"ip2":6,
"port":7
}
},
{
"table_id":38,
"table_name":"TSG_OBJ_SUBSCRIBER_ID",
"table_type":"expr",
"valid_column":7,
"custom": {
"item_id":1,
"group_id":2,
"keywords":3,
"expr_type":4,
"match_method":5,
"is_hexbin":6
}
},
{
"table_id":39,
"table_name":"TSG_OBJ_ACCOUNT",
"table_type":"expr",
"valid_column":7,
"custom": {
"item_id":1,
"group_id":2,
"keywords":3,
"expr_type":4,
"match_method":5,
"is_hexbin":6
}
},
{
"table_id":40,
"table_name":"TSG_OBJ_URL",
"table_type":"expr",
"valid_column":7,
"custom": {
"item_id":1,
"group_id":2,
"keywords":3,
"expr_type":4,
"match_method":5,
"is_hexbin":6
}
},
{
"table_id":41,
"table_name":"TSG_OBJ_FQDN",
"table_type":"expr",
"valid_column":7,
"custom": {
"item_id":1,
"group_id":2,
"keywords":3,
"expr_type":4,
"match_method":5,
"is_hexbin":6
}
},
{
"table_id":42,
"table_name":"TSG_OBJ_KEYWORDS",
"table_type":"expr",
"valid_column":7,
"custom": {
"item_id":1,
"group_id":2,
"keywords":3,
"expr_type":4,
"match_method":5,
"is_hexbin":6
}
},
{
"table_id":43,
"table_name":"TSG_OBJ_HTTP_SIGNATURE",
"table_type":"expr_plus",
"valid_column":8,
"custom": {
"item_id":1,
"group_id":2,
"district":3,
"keywords":4,
"expr_type":5,
"match_method":6,
"is_hexbin":7
}
},
{
"table_id":44,
"table_name":"ATTR_HTTP_URL",
"table_type":"virtual",
"physical_table": "TSG_OBJ_URL"
},
{
"table_id":45,
"table_name":"ATTR_HTTP_REQ_HDR",
"table_type":"virtual",
"physical_table": "TSG_OBJ_HTTP_SIGNATURE"
},
{
"table_id":46,
"table_name":"ATTR_HTTP_RES_HDR",
"table_type":"virtual",
"physical_table": "TSG_OBJ_HTTP_SIGNATURE"
},
{
"table_id":47,
"table_name":"ATTR_HTTP_REQ_BODY",
"table_type":"virtual",
"physical_table": "TSG_OBJ_KEYWORDS"
},
{
"table_id":48,
"table_name":"ATTR_HTTP_RES_BODY",
"table_type":"virtual",
"physical_table": "TSG_OBJ_KEYWORDS"
},
{
"table_id":49,
"table_name":"ATTR_SSL_CN",
"table_type":"virtual",
"physical_table": "TSG_OBJ_FQDN"
},
{
"table_id":50,
"table_name":"ATTR_SSL_SAN",
"table_type":"virtual",
"physical_table": "TSG_OBJ_FQDN"
},
{
"table_id":51,
"table_name":"ATTR_DNS_QNAME",
"table_type":"virtual",
"physical_table": "TSG_OBJ_FQDN"
},
{
"table_id":52,
"table_name":"ATTR_MAIL_ACCOUNT",
"table_type":"virtual",
"physical_table": "TSG_OBJ_ACCOUNT"
},
{
"table_id":53,
"table_name":"ATTR_MAIL_FROM",
"table_type":"virtual",
"physical_table": "TSG_OBJ_ACCOUNT"
},
{
"table_id":54,
"table_name":"ATTR_MAIL_TO",
"table_type":"virtual",
"physical_table": "TSG_OBJ_ACCOUNT"
},
{
"table_id":55,
"table_name":"ATTR_MAIL_SUBJECT",
"table_type":"virtual",
"physical_table": "TSG_OBJ_KEYWORDS"
},
{
"table_id":56,
"table_name":"ATTR_MAIL_CONTENT",
"table_type":"virtual",
"physical_table": "TSG_OBJ_KEYWORDS"
},
{
"table_id":57,
"table_name":"ATTR_MAIL_ATT_NAME",
"table_type":"virtual",
"physical_table": "TSG_OBJ_KEYWORDS"
},
{
"table_id":58,
"table_name":"ATTR_MAIL_ATT_CONTENT",
"table_type":"virtual",
"physical_table": "TSG_OBJ_KEYWORDS"
},
{
"table_id":59,
"table_name":"ATTR_FTP_URI",
"table_type":"virtual",
"physical_table": "TSG_OBJ_URL"
},
{
"table_id":60,
"table_name":"ATTR_FTP_CONTENT",
"table_type":"virtual",
"physical_table": "TSG_OBJ_KEYWORDS"
},
{
"table_id":61,
"table_name":"ATTR_FTP_ACCOUNT",
"table_type":"virtual",
"physical_table": "TSG_OBJ_ACCOUNT"
},
{
"table_id":62,
"table_name":"ATTR_SOURCE_IP",
"table_type":"virtual",
"physical_table": "TSG_OBJ_IP"
},
{
"table_id":63,
"table_name":"ATTR_DESTINATION_IP",
"table_type":"virtual",
"physical_table": "TSG_OBJ_IP"
},
{
"table_id":64,
"table_name":"ATTR_SIP_ORIGINATOR_DESCRIPTION",
"table_type":"virtual",
"physical_table": "TSG_OBJ_ACCOUNT"
},
{
"table_id":65,
"table_name":"ATTR_SIP_RESPONDER_DESCRIPTION",
"table_type":"virtual",
"physical_table": "TSG_OBJ_ACCOUNT"
},
{
"table_id":66,
"table_name":"TSG_OBJ_IMSI",
"table_type":"expr",
"valid_column":7,
"custom": {
"item_id":1,
"group_id":2,
"keywords":3,
"expr_type":4,
"match_method":5,
"is_hexbin":6
}
},
{
"table_id":67,
"table_name":"TSG_OBJ_PHONE_NUMBER",
"table_type":"expr",
"valid_column":7,
"custom": {
"item_id":1,
"group_id":2,
"keywords":3,
"expr_type":4,
"match_method":5,
"is_hexbin":6
}
},
{
"table_id":68,
"table_name":"TSG_OBJ_APN",
"table_type":"expr",
"valid_column":7,
"custom": {
"item_id":1,
"group_id":2,
"keywords":3,
"expr_type":4,
"match_method":5,
"is_hexbin":6
}
},
{
"table_id":69,
"table_name":"ATTR_GTP_IMSI",
"table_type":"virtual",
"physical_table": "TSG_OBJ_IMSI"
},
{
"table_id":70,
"table_name":"ATTR_GTP_PHONE_NUMBER",
"table_type":"virtual",
"physical_table": "TSG_OBJ_PHONE_NUMBER"
},
{
"table_id":71,
"table_name":"ATTR_GTP_APN",
"table_type":"virtual",
"physical_table": "TSG_OBJ_APN"
},
{
"table_id":72,
"table_name":"TSG_TUNNEL_CATALOG",
"table_type":"bool_plugin",
"valid_column":6,
"custom": {
"item_id":1,
"bool_expr":4
}
},
{
"table_id":73,
"table_name":"TSG_TUNNEL_ENDPOINT",
"table_type":"ip_plugin",
"valid_column":6,
"custom": {
"item_id":1,
"ip_type":2,
"start_ip":3,
"end_ip":4
}
},
{
"table_id":74,
"table_name":"TSG_TUNNEL_LABEL",
"table_type":"plugin",
"valid_column":4,
"custom": {
"key":1,
"key_type":"pointer",
"tag":3
}
},
{
"table_id":75,
"table_name":"ATTR_TUNNEL",
"table_type":"virtual",
"physical_table": "TSG_TUNNEL_CATALOG"
},
{
"table_id":76,
"table_name":"TSG_OBJ_FLAG",
"table_type":"flag",
"valid_column":5,
"custom": {
"item_id":1,
"group_id":2,
"flag":3,
"flag_mask":4
}
},
{
"table_id":77,
"table_name":"ATTR_FLAG",
"table_type":"virtual",
"physical_table": "TSG_OBJ_FLAG"
},
{
"table_id":78,
"table_name":"ATTR_DOH_QNAME",
"table_type":"virtual",
"physical_table": "TSG_OBJ_FQDN"
},
{
"table_id":79,
"table_name":"TSG_OBJ_IMEI",
"table_type":"expr",
"valid_column":7,
"custom": {
"item_id":1,
"group_id":2,
"keywords":3,
"expr_type":4,
"match_method":5,
"is_hexbin":6
}
},
{
"table_id":80,
"table_name":"ATTR_GTP_IMEI",
"table_type":"virtual",
"physical_table": "TSG_OBJ_IMEI"
},
{
"table_id":81,
"table_name": "APP_ID_DICT",
"table_type": "plugin",
"valid_column": 19,
"custom": {
"key": 1,
"key_type": "integer",
"key_len": 8
}
},
{
"table_id":82,
"table_name":"ATTR_SUBSCRIBER_ID",
"table_type":"virtual",
"physical_table": "TSG_OBJ_SUBSCRIBER_ID"
},
{
"table_id":83,
"table_name":"ATTR_APP_ID",
"table_type":"virtual",
"physical_table": "APP_ID_DICT"
},
{
"table_id":84,
"table_name": "ATTR_SERVER_FQDN",
"table_type": "virtual",
"physical_table": "TSG_OBJ_FQDN"
},
{
"table_id":85,
"table_name":"ATTR_INTERNAL_IP",
"table_type":"virtual",
"physical_table": "TSG_OBJ_IP"
},
{
"table_id":86,
"table_name":"ATTR_EXTERNAL_IP",
"table_type":"virtual",
"physical_table": "TSG_OBJ_IP"
},
{
"table_id":87,
"table_name": "TSG_IP_PROTOCOL",
"table_type": "plugin",
"valid_column": 4,
"custom": {
"key": 1,
"key_type": "integer",
"key_len": 8
}
},
{
"table_id":88,
"table_name":"TSG_OBJ_PORT",
"table_type":"interval",
"valid_column":5,
"custom": {
"item_id":1,
"group_id":2,
"low_boundary":3,
"up_boundary":4
}
},
{
"table_id":89,
"table_name": "ATTR_SOURCE_PORT",
"table_type": "virtual",
"physical_table": "TSG_OBJ_PORT"
},
{
"table_id":90,
"table_name": "ATTR_DESTINATION_PORT",
"table_type": "virtual",
"physical_table": "TSG_OBJ_PORT"
},
{
"table_id":91,
"table_name": "ATTR_INTERNAL_PORT",
"table_type": "virtual",
"physical_table": "TSG_OBJ_PORT"
},
{
"table_id":92,
"table_name": "ATTR_EXTERNAL_PORT",
"table_type": "virtual",
"physical_table": "TSG_OBJ_PORT"
},
{
"table_id":93,
"table_name": "ATTR_IP_PROTOCOL",
"table_type": "virtual",
"physical_table": "TSG_IP_PROTOCOL"
},
{
"table_id":94,
"table_name": "ATTR_SSL_ECH",
"table_type": "virtual",
"physical_table": "TSG_OBJ_FQDN"
},
{
"table_id":95,
"table_name": "ATTR_SSL_ESNI",
"table_type": "virtual",
"physical_table": "TSG_OBJ_FQDN"
},
{
"table_id":96,
"table_name": "ATTR_SSL_NO_SNI",
"table_type": "virtual",
"physical_table": "TSG_OBJ_FQDN"
},
{
"table_id":97,
"table_name":"ATTR_TUNNEL_LEVEL",
"table_type":"virtual",
"physical_table": "TSG_TUNNEL_CATALOG"
},
{
"table_id":98,
"table_name":"ATTR_TUNNEL_GTP_ENDPOINT",
"table_type":"virtual",
"physical_table": "TSG_OBJ_IP"
},
{
"table_id":99,
"table_name":"ATTR_TUNNEL_GRE_ENDPOINT",
"table_type":"virtual",
"physical_table": "TSG_OBJ_IP"
},
{
"table_id":100,
"table_name":"ATTR_TUNNEL_IP_IN_IP_ENDPOINT",
"table_type":"virtual",
"physical_table": "TSG_OBJ_IP"
}
]

667
resource/verify-policy.json
View File

@@ -1,480 +1,281 @@
{
"compile_table": "PXY_CTRL_COMPILE",
"group2compile_table": "GROUP_PXY_CTRL_COMPILE_RELATION",
"group2group_table": "GROUP_GROUP_RELATION",
"rule_table": "PXY_CTRL_RULE",
"object2object_table": "OBJECT_GROUP",
"rules": [
{
"compile_id": 1021,
{
"uuid": "40c9c6a7-70a9-48ae-9fba-ec7966edd3c6",
"service": 1,
"action": 48,
"do_blacklist": 1,
"do_log": 1,
"effective_range": 0,
"tags":"{\"tag_sets\":[[{\"tag\":\"device_id\",\"value\":[\"device_3\",\"device_4\"]}]]}",
"user_region": "{\"protocol\":\"http\",\"method\":\"redirect\",\"code\":302,\"to\":\"https://www.jd.com\"}",
"is_valid": "yes",
"groups": [
{
"virtual_table":"ATTR_HTTP_URL",
"group_name":"http_url",
"group_id":101,
"not_flag":0,
"regions": [
{
"table_name": "TSG_OBJ_URL",
"table_type": "expr",
"table_content": {
"keywords": "baidu.com",
"expr_type": "regex",
"match_method": "sub",
"format": "uncase plain"
}
}
]
},
{
"virtual_table":"ATTR_SERVER_FQDN",
"group_name":"http_fqdn",
"group_id":1011,
"not_flag":0,
"regions": [
{
"table_name": "TSG_OBJ_FQDN",
"table_type": "expr",
"table_content": {
"keywords": "baidu.com",
"expr_type": "regex",
"match_method": "sub",
"format": "uncase plain"
}
}
]
},
{
"virtual_table":"ATTR_SSL_SAN",
"group_name":"ssl_san",
"group_id":11011,
"not_flag":0,
"regions": [
{
"table_name": "TSG_OBJ_FQDN",
"table_type": "expr",
"table_content": {
"keywords": "baidu.com",
"expr_type": "regex",
"match_method": "sub",
"format": "uncase plain"
}
}
]
},
{
"virtual_table":"ATTR_APP_ID",
"group_name":"app_id",
"group_id":201,
"not_flag":0
}
]
},
{
"compile_id": 1022,
"service": 1,
"action": 48,
"do_blacklist": 1,
"do_log": 1,
"effective_range": 0,
"tags":"{\"tag_sets\":[[{\"tag\":\"device_id\",\"value\":[\"device_3\",\"device_4\"]}]]}",
"user_region": "{\"protocol\":\"http\",\"method\":\"redirect\",\"code\":302,\"to\":\"https://www.jd.com\"}",
"is_valid": "yes",
"groups": [
{
"group_name":"http_fqdn",
"virtual_table":"ATTR_SERVER_FQDN"
},
{
"group_name":"ssl_san",
"virtual_table":"ATTR_SSL_SAN"
},
{
"not_flag": 0,
"group_id": 604,
"group_name":"IPv4TCPSoureServiceChaining604",
"virtual_table": "ATTR_SOURCE_IP",
"regions": [
{
"table_type": "ip",
"table_name": "TSG_OBJ_IP_ADDR",
"table_content": {
"addr_type": "ipv4",
"addr_format": "range",
"ip1": "192.168.55.4",
"ip2": "192.168.55.4"
}
}
]
},
{
"group_id": 9,
"group_name": "ip.source.ip12",
"virtual_table": "ATTR_SOURCE_IP"
},
{
"group_id": 10,
"group_name": "ip.source.ip13",
"virtual_table": "ATTR_DESTINATION_IP"
},
{
"group_id": 6,
"group_name": "host.fqdn6",
"virtual_table": "ATTR_SERVER_FQDN"
},
{
"group_id": 9,
"group_name": "ip.source.ip14",
"virtual_table": "ATTR_INTERNAL_IP"
},
{
"group_id": 10,
"group_name": "ip.source.ip15",
"virtual_table": "ATTR_EXTERNAL_IP"
}
]
},
{
"compile_id": 11022,
"service": 1,
"action": 48,
"do_blacklist": 1,
"do_log": 1,
"effective_range": 0,
"tags":"{\"tag_sets\":[[{\"tag\":\"device_id\",\"value\":[\"device_3\",\"device_4\"]}]]}",
"user_region": "{\"protocol\":\"http\",\"method\":\"redirect\",\"code\":302,\"to\":\"https://www.jd.com\"}",
"is_valid": "no",
"groups": [
{
"not_flag": 0,
"group_id": 704,
"group_name":"IPv4TCPSoureServiceChaining604",
"virtual_table": "ATTR_SOURCE_IP",
"regions": [
{
"table_type": "ip",
"table_name": "TSG_OBJ_IP_ADDR",
"table_content": {
"addr_type": "ipv4",
"addr_format": "range",
"ip1": "192.168.55.7",
"ip2": "192.168.55.7"
}
}
]
}
]
},
{
"compile_id": 11023,
"service": 1,
"action": 48,
"do_blacklist": 1,
"do_log": 1,
"effective_range": 0,
"tags":"{\"tag_sets\":[[{\"tag\":\"device_id\",\"value\":[\"device_3\",\"device_4\"]}]]}",
"user_region": "{\"protocol\":\"http\",\"method\":\"redirect\",\"code\":302,\"to\":\"https://www.jd.com\"}",
"is_valid": "yes",
"groups": [
{
"not_flag": 0,
"group_id": 604,
"group_name":"IPv4TCPSoureServiceChaining604",
"virtual_table": "ATTR_SOURCE_IP",
"regions": [
{
"table_type": "ip",
"table_name": "TSG_OBJ_IP_ADDR",
"table_content": {
"addr_type": "ipv4",
"addr_format": "range",
"ip1": "192.168.55.4",
"ip2": "192.168.55.4"
}
}
]
},
{
"group_id": 9,
"group_name": "ip.source.ip12",
"virtual_table": "ATTR_SOURCE_IP"
},
{
"group_id": 10,
"group_name": "ip.source.ip13",
"virtual_table": "ATTR_DESTINATION_IP"
},
{
"group_id": 9,
"group_name": "ip.source.ip14",
"virtual_table": "ATTR_INTERNAL_IP"
}
]
},
{
"compile_id": 1023,
"service": 1,
"action": 48,
"do_blacklist": 1,
"do_log": 1,
"effective_range": 0,
"user_region": "{\"protocol\":\"http\",\"method\":\"replace\",\"rules\":[{\"search_in\":\"http_resp_body\",\"find\":\"邮箱\",\"replace_with\":\"test\"}]}",
"action": "manipulate",
"blacklist_option": 1,
"log_option": "all",
"action_parameter": "anything",
"is_valid": "yes",
"groups": [
"and_conditions": [
{
"virtual_table":"ATTR_HTTP_HOST_VIRTUAL",
"group_name":"http_fqdn",
"group_id":102,
"not_flag":0,
"regions": [
"attribute_name": "ATTR_HTTP_URL",
"objects": [
{
"table_name": "TSG_OBJ_FQDN",
"table_type": "expr",
"table_content": {
"keywords": "www.126.com",
"expr_type": "regex",
"match_method": "sub",
"format": "uncase plain"
}
"items": [
{
"table_name": "TSG_OBJ_URL",
"table_type": "expr",
"table_content": {
"expression": "test123456",
"expr_type": "and"
}
}
]
}
]
}
]
},
{
"compile_id": 1024,
"uuid": "00600010-0000-0000-0000-000000000000",
"service": 1,
"action": 48,
"do_blacklist": 1,
"do_log": 1,
"effective_range": 0,
"user_region":"{\"protocol\":\"http\",\"method\":\"replace\",\"rules\":[{\"search_in\":\"http_resp_body\",\"find\":\"账号登录\",\"replace_with\":\"Login\"}]}",
"action": "manipulate",
"blacklist_option": 1,
"log_option": "all",
"action_parameter": "anything",
"is_valid": "yes",
"groups": [
"and_conditions": [
{
"group_name":"http_fqdn",
"virtual_table":"ATTR_HTTP_HOST",
"not_flag":0
}
]
},
{
"compile_id": 1025,
"service": 1,
"action": 48,
"do_blacklist": 1,
"do_log": 1,
"effective_range": 0,
"user_region": "{\"protocol\":\"http\",\"method\":\"replace\",\"rules\":[{\"search_in\":\"http_resp_body\",\"find\":\"会员\",\"replace_with\":\"用户\"}]}",
"is_valid": "yes",
"groups": [
{
"group_name":"http_fqdn",
"virtual_table":"ATTR_DOH_QNAME",
"not_flag":0
}
]
},
{
"compile_id": 1026,
"service": 1,
"action": 48,
"do_blacklist": 1,
"do_log": 1,
"effective_range": 0,
"user_region": "{\"protocol\":\"http\",\"method\":\"block\",\"code\":403,\"message\":\"error\"}",
"is_valid": "yes",
"groups": [
{
"virtual_table":"ATTR_HTTP_REQ_HDR",
"group_name":"http_signature_ua",
"group_id":103,
"not_flag":0,
"regions": [
"attribute_name": "ATTR_SOURCE_IP",
"objects": [
{
"table_name": "TSG_OBJ_HTTP_SIGNATURE",
"table_type": "expr_plus",
"table_content": {
"district": "User-Agent",
"keywords": "Chrome",
"expr_type": "none",
"match_method": "sub",
"format": "uncase plain"
}
"object_name": "IPv4TCPSoureVeiryPolicy01",
"uuid": "00500100-0000-0000-0000-000000000000",
"items": [
{
"table_type": "ip",
"table_name": "TSG_OBJ_IP_ADDR",
"table_content": {
"ip": "192.168.55.4",
"port": "80"
}
}
]
}
]
},
{
"virtual_table":"ATTR_HTTP_REQ_HDR",
"group_name":"http_signature_cookie",
"group_id":104,
"not_flag":0,
"regions": [
{
"attribute_name": "ATTR_APP_ID",
"negate_option": false,
"object_uuids": [
"00000201-0000-0000-0000-000000000000"
]
},
{
"attribute_name": "ATTR_HTTP_REQ_HDR",
"objects": [
{
"items": [
{
"table_name": "TSG_OBJ_KEYWORD",
"table_type": "expr",
"table_content": {
"expression": "test",
"expr_type": "and"
}
}
]
}
]
},
{
"attribute_name": "ATTR_IP_PROTOCOL",
"negate_option": false,
"object_uuids": [
"00000000-0000-0000-0000-000000000006"
]
},
{
"attribute_name": "ATTR_SOURCE_PORT",
"objects": [
{
"table_name": "TSG_OBJ_HTTP_SIGNATURE",
"table_type": "expr_plus",
"table_content": {
"district": "Cookie",
"keywords": "uid=12345678",
"expr_type": "none",
"match_method": "sub",
"format": "uncase plain"
}
}
]
}
"object_name": "IPv4TCPPortVeiryPolicy01",
"uuid": "00500200-0000-0000-0000-000000000000",
"items": [
{
"table_name": "TSG_OBJ_PORT",
"table_type": "interval",
"table_content": {
"interval": "1-100"
}
}
]
}
]
},
{
"attribute_name": "ATTR_TUNNEL_LEVEL",
"negate_option": false,
"object_uuids": [
"00000000-0000-0000-0000-000000000050"
]
},
{
"attribute_name": "ATTR_FLAG",
"objects": [
{
"object_name": "FlagVeiryPolicy01",
"uuid": "00500300-0000-0000-0000-000000000000",
"items": [
{
"table_type": "flag",
"table_name": "TSG_OBJ_FLAG",
"table_content": {
"flag": 15,
"mask": 15
}
}
]
}
]
},
{
"attribute_name": "ATTR_SSL_ECH",
"negate_option": false,
"object_uuids": [
"00000000-0000-0000-0000-000000000002"
]
}
]
},
{
"compile_id": 1027,
"service": 1,
"action": 48,
"do_blacklist": 1,
"do_log": 1,
"effective_range": 0,
"user_region": "test",
"uuid": "00000011-0000-0000-0000-000000000000",
"service": 1,
"action": "manipulate",
"blacklist_option": 1,
"log_option": "all",
"action_parameter": "anything",
"is_valid": "yes",
"groups": [
{
"virtual_table":"ATTR_HTTP_URL",
"group_name":"http_url_bing",
"group_id": 105,
"not_flag":0,
"regions": [
"and_conditions": [
{
"attribute_name": "ATTR_SOURCE_IP",
"negate_option": false,
"object_uuids": [
"00000070-0000-0000-0000-000000000000"
]
}
]
},
{
"uuid": "00000012-0000-0000-0000-000000000000",
"service": 1,
"action": "manipulate",
"blacklist_option": 1,
"log_option": "all",
"action_parameter": "anything",
"is_valid": "yes",
"and_conditions": [
{
"attribute_name": "ATTR_SOURCE_IP",
"objects": [
{
"table_name": "TSG_OBJ_URL",
"table_type": "expr",
"table_content": {
"keywords": "bing.com",
"expr_type": "regex",
"match_method": "sub",
"format": "uncase plain"
}
"object_name": "IPv4TCPSoureVeiryPolicy02",
"uuid": "00000101-0000-0000-0000-000000000000",
"items": [
{
"table_type": "ip",
"table_name": "TSG_OBJ_IP_ADDR",
"table_content": {
"ip": "192.168.0.2/32",
"port": "80"
}
}
]
}
]
}
]
},
{
"compile_id": 1028,
"service": 1,
"action": 48,
"do_blacklist": 1,
"do_log": 1,
"effective_range": 0,
"user_region": "{\"protocol\":\"http\",\"method\":\"block\",\"code\":403,\"message\":\"error\"}",
"is_valid": "yes",
"groups": [
},
{
"group_name":"http_url_bing",
"virtual_table":"ATTR_HTTP_URL"
"attribute_name": "ATTR_DESTINATION_IP",
"objects": [
{
"object_name": "IPv4TCPDestinationVeiryPolicy01",
"uuid": "00000102-0000-0000-0000-000000000000",
"items": [
{
"table_type": "ip",
"table_name": "TSG_OBJ_IP_ADDR",
"table_content": {
"ip": "192.168.0.3/32",
"port": "80"
}
}
]
}
]
},
{
"attribute_name": "ATTR_SERVER_FQDN",
"objects": [
{
"items": [
{
"table_name": "TSG_OBJ_FQDN",
"table_type": "expr",
"table_content": {
"expression": "baidu.com",
"expr_type": "and"
}
}
]
}
]
},
{
"attribute_name": "ATTR_SSL_SAN",
"objects": [
{
"items": [
{
"table_name": "TSG_OBJ_FQDN",
"table_type": "expr",
"table_content": {
"expression": "baidu.com",
"expr_type": "and"
}
}
]
}
]
}
]
}
],
],
"plugin_table": [
{
"table_name": "TSG_PROFILE_TRAFFIC_MIRROR",
"table_content": [
"1234\ttest-traffic-mirror\t[1,2,3,4,5,6,7,8,9]\t1"
]
},
{
"table_name": "TSG_PROFILE_RESPONSE_PAGES",
"table_content": [
"101\t404\thtml\t./resource/pangu/policy_file/404.html\t1"
]
},
{
"table_name": "PXY_PROFILE_HIJACK_FILES",
"table_content": [
"201\tchakanqi\tchakanqi-947KB.exe\tapplication/x-msdos-program\t./resource/pangu/policy_file/chakanqi-947KB.exe\t1"
]
},
{
"table_name": "PXY_PROFILE_INSERT_SCRIPTS",
"table_content": [
"301\ttime\tjs\t./resource/pangu/policy_file/time.js\tbefore_page_load\t1"
]
},
{
"table_name": "PXY_PROFILE_DECRYPTION",
"table_content": [
"0\ttest\t{\"dynamic_bypass\":{\"ev_cert\":0,\"cert_transparency\":0,\"mutual_authentication\":1,\"cert_pinning\":1,\"protocol_errors\":1,\"trusted_root_cert_is_not_installed_on_client\":1},\"protocol_version\":{\"min\":\"ssl3\",\"max\":\"ssl3\",\"mirror_client\":1,\"allow_http2\":1},\"certificate_checks\":{\"approach\":{\"cn\":1,\"issuer\":1,\"self-signed\":1,\"expiration\":0},\"fail_action\":\"pass-through\"}}\t1",
"3\ttest\t{\"dynamic_bypass\":{\"ev_cert\":1,\"cert_transparency\":1,\"mutual_authentication\":1,\"cert_pinning\":1,\"protocol_errors\":1,\"trusted_root_cert_is_not_installed_on_client\":0},\"protocol_version\":{\"min\":\"ssl3\",\"max\":\"tls13\",\"mirror_client\":1,\"allow_http2\":1},\"certificate_checks\":{\"approach\":{\"cn\":1,\"issuer\":1,\"self-signed\":1,\"expiration\":1},\"fail_action\":\"fail-close\"}}\t1",
"4\ttest\t{\"dynamic_bypass\":{\"ev_cert\":0,\"cert_transparency\":0,\"mutual_authentication\":0,\"cert_pinning\":0,\"protocol_errors\":0,\"trusted_root_cert_is_not_installed_on_client\":0},\"protocol_version\":{\"min\":\"ssl3\",\"max\":\"ssl3\",\"mirror_client\":0,\"allow_http2\":0},\"certificate_checks\":{\"approach\":{\"cn\":0,\"issuer\":0,\"self-signed\":0,\"expiration\":0},\"fail_action\":\"pass-through\"}}\t1"
]
},
{
"table_name": "PXY_INTERCEPT_COMPILE",
"table_content": [
"0\t0\t2\t1\t1\t{}\t{\"vsys_id\":1,\"protocol\":\"SSL\",\"keyring_for_trusted\":765,\"keyring_for_untrusted\":10,\"decryption\":0,\"tcp_option_profile\":1,\"traffic_mirror\":{\"enable\":0}}\t1\t1\t2",
"255119\t0\t2\t1\t1\t{}\t{\"vsys_id\":1,\"protocol\":\"SSL\",\"keyring_for_trusted\":1,\"keyring_for_untrusted\":10,\"decryption\":0,\"tcp_option_profile\":1,\"traffic_mirror\":{\"enable\":1,\"mirror_profile\":1234}}\t1\t1\t2"
]
},
{
"table_name": "SERVICE_CHAINING_COMPILE",
"table_content": [
"1\t0\t2\t1\t1\t{}\t{\"targeted_traffic\":\"raw\",\"sff_profiles\":[1]}\t1\t2",
"2\t0\t2\t1\t1\t{}\t{\"targeted_traffic\":\"decrypted\",\"sff_profiles\":[1]}\t1\t2"
]
},
{
"table_name": "PXY_PROFILE_TCP_OPTION",
"table_content": [
"1\t0\t0\t{\"tcp_maxseg\":{\"enable\":0,\"maxseg\":1500},\"nodelay\":1,\"keep_alive\":{\"enable\":1,\"tcp_keepcnt\":8,\"tcp_keepidle\":30,\"tcp_keepintvl\":15},\"ttl\":70,\"user_timeout\":600}\t{\"tcp_maxseg\":{\"enable\":0,\"maxseg\":1500},\"nodelay\":1,\"keep_alive\":{\"enable\":1,\"tcp_keepcnt\":8,\"tcp_keepidle\":30,\"tcp_keepintvl\":15},\"ttl\":75,\"user_timeout\":600}\t1"
]
},
{
"table_name": "PXY_SSL_FINGERPRINT",
"table_content": [
"1\t599f223c2c9ee5702f5762913889dc21\t0\t1",
"2\teb149984fc9c44d85ed7f12c90d818be\t1\t0",
"3\te6573e91e6eb777c0933c5b8f97f10cd\t1\t1"
]
},
{
"table_name": "APP_ID_DICT",
"table_content": [
"67\thttp\t0\tnull\tnetworking\tinfrastructure\tnetwork-protocol\t3\tused-by-malware,vulnerability,widely-used\tnull\tnull\t{\"method\":\"drop\",\"after_n_packets\":0,\"send_icmp_unreachable\":1,\"send_tcp_reset\":1}\t0\t60\t120\t30\t30\t201\t1",
"68\thttps\t0\tnull\tnetworking\tinfrastructure\tnetwork-protocol\t3\tused-by-malware,vulnerability,widely-used\tnull\tnull\t{\"method\":\"rate_limit\",\"bps\":1000}\t0\t0\t0\t0\t0\t68000\t1"
{"app_id":67,"object_uuid":"00000201-0000-0000-0000-000000000000","app_name":"http","is_valid":1},
{"app_id":68,"object_uuid":"00068000-0000-0000-0000-000000000000","app_name":"https","is_valid":1}
]
},
{
"table_name": "FQDN_ENTRY",
"table_content": [
"1\t2,4,5\twww.126.com\t1\t1",
"2\t6,7,8\twww.baidu.com\t1\t1"
]
},
{
{
"table_name": "IP_ADDR_ENTRY",
"table_content": [
"7\t12,14,15\t4\tsingle\t192.168.55.5\t192.168.55.5\t1",
"8\t22,24,25\t4\tsingle\t192.168.55.5\t192.168.55.5\t1",
"9\t9,15\t4\trange\t192.168.55.4\t192.168.55.4\t1",
"10\t10\t4\trange\t192.168.55.6\t192.168.55.6\t1"
{"uuid":"00000064-0000-0000-0000-000000000000","tag_uuids":["00000068-0000-0000-0000-000000000000","00000069-0000-0000-0000-000000000000"],"ip":"192.168.55.1/24","is_valid":1,"modified_time":"1716531859000000"},
{"uuid":"00000065-0000-0000-0000-000000000000","tag_uuids":["00000070-0000-0000-0000-000000000000"],"ip":"192.168.54.1/24","is_valid":1,"modified_time":"1716531859000000"}
]
},
{
{
"table_name": "FQDN_ENTRY",
"table_content": [
{"uuid":"00000066-0000-0000-0000-000000000000","tag_uuids":["00000071-0000-0000-0000-000000000000"],"fqdn":"www.126.com","is_valid":1,"modified_time":"1716531859000000"},
{"uuid":"00000067-0000-0000-0000-000000000000","tag_uuids":["00000072-0000-0000-0000-000000000000"],"fqdn":"www.baidu.com","is_valid":1,"modified_time":"1716531859000000"}
]
},
{
"table_name": "LIBRARY_TAG",
"table_content": [
"6\tnone\twebsite_category\twebsite_category\tsearch\\bengines\t1",
"7\tnone\twebsite_category\twebsite_category\tbusiness\t1",
"8\tnone\twebsite_category\twebsite_category\tsearch\\bengines\t1",
"12\tnone\tgeoip\ttest1\ttest1\t1",
"14\tnone\tgeoip\ttest2\ttest2\t1",
"15\tnone\tgeoip\ttest3\ttest3\t1",
"9\tnone\tgeoip\ttest4\ttest4\t1",
"10\tnone\tgeoip\ttest5\ttest5\t1"
{"uuid":"00000068-0000-0000-0000-000000000000","statistics_option":"brief","category":"geoip_city","tag_key":"Country","tag_value":"China","is_valid":1,"modified_time":"1716531859000000"},
{"uuid":"00000069-0000-0000-0000-000000000000","statistics_option":"brief","category":"geoip_city","tag_key":"Country","tag_value":"China","is_valid":1,"modified_time":"1716531859000000"},
{"uuid":"00000070-0000-0000-0000-000000000000","statistics_option":"brief","category":"geoip_city","tag_key":"Country","tag_value":"China","is_valid":1,"modified_time":"1716531859000000"},
{"uuid":"00000071-0000-0000-0000-000000000000","statistics_option":"brief","category":"geoip_city","tag_key":"Country","tag_value":"China","is_valid":1,"modified_time":"1716531859000000"},
{"uuid":"00000072-0000-0000-0000-000000000000","statistics_option":"brief","category":"geoip_city","tag_key":"Country","tag_value":"China","is_valid":1,"modified_time":"1716531859000000"}
]
}
]
}

2
test/CMakeLists.txt
View File

@@ -2,7 +2,7 @@ cmake_minimum_required(VERSION 3.5)
include_directories(${CMAKE_SOURCE_DIR}/common/include)
add_executable(verify_policy_test verify_policy_test.cpp ${CMAKE_SOURCE_DIR}/platform/src/verify_matcher.cpp)
target_link_libraries(verify_policy_test common MESA_prof_load maatframe cjson gtest)
target_link_libraries(verify_policy_test common MESA_prof_load maatframe cjson uuid gtest)
set(CMAKE_BUILD_DIR ${CMAKE_SOURCE_DIR}/build)
set(TEST_RUN_DIR ${CMAKE_BUILD_DIR}/test)

87
test/resource/HitPolicyRequest.json
View File

@@ -83,6 +83,7 @@
"attribute_name": "tunnel_endpointa",
"attribute_value": {
"ip": "192.168.0.4",
"port":80,
"tunnel_type":"gtp",
"addr_type": 4
}
@@ -168,7 +169,7 @@
"attribute_name": "source",
"attribute_value": {
"ip": "192.168.0.2",
"port":"8080",
"port": "80",
"addr_type": 4
}
},
@@ -178,6 +179,7 @@
"attribute_name": "destination",
"attribute_value": {
"ip": "192.168.0.3",
"port": "80",
"addr_type": 4
}
},
@@ -300,6 +302,89 @@
}
],
"verify_type": "policy"
},
{
"__item_id": 8,
"vsys_id": 1,
"verify_list": [
{
"type": "pxy_manipulation",
"vsys_id": 1,
"verify_session": {
"attributes": [
{
"attribute_type": "ip",
"table_name": "ATTR_SOURCE_IP",
"attribute_name": "source",
"attribute_value": {
"ip": "192.168.55.4",
"port": "80",
"addr_type": 4
}
},
{
"attribute_type": "ip",
"table_name": "ATTR_IP_PROTOCOL",
"attribute_name": "ip_protocol",
"attribute_value": {
"addr_type": 4,
"protocol": 6
}
},
{
"attribute_type": "port",
"table_name": "ATTR_SOURCE_PORT",
"attribute_name": "source",
"attribute_value": {
"port": "80"
}
},
{
"attribute_type": "numeric",
"table_name": "ATTR_APP_ID",
"attribute_name": "app_id",
"attribute_value": {
"numeric": 67
}
},
{
"attribute_type": "string",
"table_name": "ATTR_HTTP_REQ_HDR",
"attribute_name": "req_hdr",
"attribute_value": {
"district":"User-Agent",
"string":"test"
}
},
{
"attribute_type": "string",
"table_name": "ATTR_TUNNEL_LEVEL",
"attribute_name": "tunnel_level",
"attribute_value": {
"numeric": 60
}
},
{
"attribute_type": "flag",
"table_name": "ATTR_FLAG",
"attribute_name": "flag",
"attribute_value": {
"numeric": 15
}
},
{
"attribute_type": "boolean",
"table_name": "ATTR_SSL_ECH",
"attribute_name": "esni",
"attribute_value": {
"numeric": 1
}
}
]
}
}
],
"verify_type": "policy"
}
]
}

505
test/resource/HitPolicyResult.json
View File

@@ -4,17 +4,17 @@
"code": 200,
"msg": "Success",
"data": {
"hitPolicyList": [
"hit_policy_list": [
{
"id": 1021,
"uuid": "00001021-0000-0000-0000-000000000000",
"policyName": "",
"is_execute_policy": true,
"top_object_list": [
{
"object_id": 101,
"object_uuid": "00005000-0000-0000-0000-000000000000",
"table_name": "ATTR_SOURCE_IP",
"not_flag": 0,
"nth_clause": 0
"negate_option": 0,
"condition_index": 0
}
]
}
@@ -32,8 +32,8 @@
},
"hit_paths": [
{
"item_id": 1,
"superior_object_id": 101
"item_uuid": "00000000-0000-0000-0000-000000001000",
"superior_object_uuid": "00005000-0000-0000-0000-000000000000"
}
]
}
@@ -43,108 +43,90 @@
"success": true
},
{
"code": 200,
"msg": "Success",
"code": 200,
"msg": "Success",
"data": {
"hitPolicyList": [
"hit_policy_list": [
{
"id": 1022,
"policyName": "",
"is_execute_policy": true,
"uuid": "00001022-0000-0000-0000-000000000000",
"policyName": "",
"is_execute_policy": true,
"top_object_list": [
{
"tag_id": 11,
"table_name": "ATTR_SOURCE_IP",
"not_flag": 0,
"nth_clause": 0
},
"tag_uuid": "00000011-0000-0000-0000-000000000000",
"table_name": "ATTR_SOURCE_IP",
"negate_option": 0,
"condition_index": 0
},
{
"tag_id": 12,
"table_name": "ATTR_INTERNAL_IP",
"not_flag": 0,
"nth_clause": 1
},
"tag_uuid": "00000012-0000-0000-0000-000000000000",
"table_name": "ATTR_INTERNAL_IP",
"negate_option": 0,
"condition_index": 1
},
{
"tag_id": 1,
"table_name": "ATTR_SERVER_FQDN",
"not_flag": 0,
"nth_clause": 2
"tag_uuid": "00000001-0000-0000-0000-000000000000",
"table_name": "ATTR_SERVER_FQDN",
"negate_option": 0,
"condition_index": 2
}
]
}
],
],
"verify_session": {
"attributes": [
{
"attribute_type": "ip",
"table_name": "ATTR_SOURCE_IP",
"attribute_name": "source",
"attribute_type": "ip",
"table_name": "ATTR_SOURCE_IP",
"attribute_name": "source",
"attribute_value": {
"ip": "192.168.1.1",
"port": "8080",
"ip": "192.168.1.1",
"port": "8080",
"addr_type": 4
},
},
"hit_paths": [
{
"entry_id": 1,
"tag_id": 11
"entry_uuid": "00000001-0000-0000-0000-000000000000",
"tag_uuid": "00000011-0000-0000-0000-000000000000"
}
]
},
},
{
"attribute_type": "ip",
"table_name": "ATTR_INTERNAL_IP",
"attribute_name": "internal",
"attribute_type": "ip",
"table_name": "ATTR_INTERNAL_IP",
"attribute_name": "internal",
"attribute_value": {
"ip": "192.168.1.2",
"port": "80",
"ip": "192.168.1.2",
"port": "80",
"addr_type": 4
},
},
"hit_paths": [
{
"entry_id": 2,
"tag_id": 12
},
"entry_uuid": "00000002-0000-0000-0000-000000000000",
"tag_uuid": "00000012-0000-0000-0000-000000000000"
},
{
"entry_id": 2,
"tag_id": 13
"entry_uuid": "00000002-0000-0000-0000-000000000000",
"tag_uuid": "00000013-0000-0000-0000-000000000000"
}
]
},
},
{
"attribute_type": "string",
"table_name": "ATTR_SERVER_FQDN",
"attribute_name": "server_fqdn",
"attribute_type": "string",
"table_name": "ATTR_SERVER_FQDN",
"attribute_name": "server_fqdn",
"attribute_value": {
"string": "www.126.com"
},
},
"hit_paths": [
{
"entry_id": 1,
"tag_id": 1
"entry_uuid": "00000001-0000-0000-0000-000000000000",
"tag_uuid": "00000001-0000-0000-0000-000000000000"
}
]
}
]
}
},
"success": true
},
{
"code": 200,
"msg": "Success",
"data": {
"verify_session": {
"attributes": [{
"attribute_type": "ip",
"table_name": "ATTR_TUNNEL",
"attribute_name": "tunnel_endpoint_object",
"hit_paths": [{
"item_id": 0,
"superior_object_id": 3021
}]
}]
}
},
"success": true
},
@@ -158,8 +140,8 @@
"table_name": "ATTR_TUNNEL",
"attribute_name": "tunnel_endpoint_object",
"hit_paths": [{
"item_id": 0,
"superior_object_id": 3022
"item_uuid": "00000000-0000-0000-0000-000000000000",
"superior_object_uuid": "00003021-0000-0000-0000-000000000000"
}]
}]
}
@@ -178,12 +160,8 @@
"attribute_name": "tunnel_endpoint_object",
"hit_paths": [
{
"item_id": 0,
"superior_object_id": 3022
},
{
"item_id": 0,
"superior_object_id": 3023
"item_uuid": "00000000-0000-0000-0000-000000000000",
"superior_object_uuid": "00003022-0000-0000-0000-000000000000"
}
]
}
@@ -196,66 +174,92 @@
"code": 200,
"msg": "Success",
"data": {
"hitPolicyList": [
"verify_session": {
"attributes": [
{
"attribute_type": "ip",
"table_name": "ATTR_TUNNEL",
"attribute_name": "tunnel_endpoint_object",
"hit_paths": [
{
"item_uuid": "00000000-0000-0000-0000-000000000000",
"superior_object_uuid": "00003022-0000-0000-0000-000000000000"
},
{
"item_uuid": "00000000-0000-0000-0000-000000000000",
"superior_object_uuid": "00003023-0000-0000-0000-000000000000"
}
]
}
]
}
},
"success": true
},
{
"code": 200,
"msg": "Success",
"data": {
"hit_policy_list": [
{
"id": 1024,
"uuid": "00001024-0000-0000-0000-000000000000",
"policyName": "",
"is_execute_policy": true,
"top_object_list": [
{
"object_id": 10231,
"object_uuid": "00005001-0000-0000-0000-000000000000",
"table_name": "ATTR_SOURCE_IP",
"not_flag": 0,
"nth_clause": 0
"negate_option": 0,
"condition_index": 0
},
{
"object_id": 10232,
"object_uuid": "00005002-0000-0000-0000-000000000000",
"table_name": "ATTR_DESTINATION_IP",
"not_flag": 0,
"nth_clause": 1
"negate_option": 0,
"condition_index": 1
},
{
"object_id": 10234,
"object_uuid": "00005003-0000-0000-0000-000000000000",
"table_name": "ATTR_SERVER_FQDN",
"not_flag": 0,
"nth_clause": 2
"negate_option": 0,
"condition_index": 2
},
{
"object_id": 10235,
"object_uuid": "00005004-0000-0000-0000-000000000000",
"table_name": "ATTR_SSL_SAN",
"not_flag": 0,
"nth_clause": 3
"negate_option": 0,
"condition_index": 3
}
]
},
{
"id": 1023,
"uuid": "00001023-0000-0000-0000-000000000000",
"policyName": "",
"is_execute_policy": false,
"top_object_list": [
{
"object_id": 10231,
"object_uuid": "00005001-0000-0000-0000-000000000000",
"table_name": "ATTR_SOURCE_IP",
"not_flag": 0,
"nth_clause": 0
"negate_option": 0,
"condition_index": 0
},
{
"object_id": 10232,
"object_uuid": "00005002-0000-0000-0000-000000000000",
"table_name": "ATTR_DESTINATION_IP",
"not_flag": 0,
"nth_clause": 1
"negate_option": 0,
"condition_index": 1
},
{
"object_id": 10234,
"object_uuid": "00005003-0000-0000-0000-000000000000",
"table_name": "ATTR_SERVER_FQDN",
"not_flag": 0,
"nth_clause": 2
"negate_option": 0,
"condition_index": 2
},
{
"object_id": 10235,
"object_uuid": "00005004-0000-0000-0000-000000000000",
"table_name": "ATTR_SSL_SAN",
"not_flag": 0,
"nth_clause": 3
"negate_option": 0,
"condition_index": 3
}
]
}
@@ -268,13 +272,13 @@
"attribute_name": "source",
"attribute_value": {
"ip": "192.168.0.2",
"port": "8080",
"port": "80",
"addr_type": 4
},
"hit_paths": [
{
"item_id": 2,
"superior_object_id": 10231
"item_uuid": "00000000-0000-0000-0000-000000001001",
"superior_object_uuid": "00005001-0000-0000-0000-000000000000"
}
]
},
@@ -284,12 +288,13 @@
"attribute_name": "destination",
"attribute_value": {
"ip": "192.168.0.3",
"port": "80",
"addr_type": 4
},
"hit_paths": [
{
"item_id": 3,
"superior_object_id": 10232
"item_uuid": "00000000-0000-0000-0000-000000001002",
"superior_object_uuid": "00005002-0000-0000-0000-000000000000"
}
]
},
@@ -302,20 +307,20 @@
},
"hit_paths": [
{
"entry_id": 2,
"tag_id": 2
"entry_uuid": "00000002-0000-0000-0000-000000000000",
"tag_uuid": "00000002-0000-0000-0000-000000000000"
},
{
"entry_id": 2,
"tag_id": 3
"entry_uuid": "00000002-0000-0000-0000-000000000000",
"tag_uuid": "00000003-0000-0000-0000-000000000000"
},
{
"item_id": 5,
"superior_object_id": 10235
"item_uuid": "00000000-0000-0000-0000-000000001004",
"superior_object_uuid": "00005004-0000-0000-0000-000000000000"
},
{
"item_id": 4,
"superior_object_id": 10234
"item_uuid": "00000000-0000-0000-0000-000000001003",
"superior_object_uuid": "00005003-0000-0000-0000-000000000000"
}
]
},
@@ -328,20 +333,20 @@
},
"hit_paths": [
{
"entry_id": 2,
"tag_id": 2
"entry_uuid": "00000002-0000-0000-0000-000000000000",
"tag_uuid": "00000002-0000-0000-0000-000000000000"
},
{
"entry_id": 2,
"tag_id": 3
"entry_uuid": "00000002-0000-0000-0000-000000000000",
"tag_uuid": "00000003-0000-0000-0000-000000000000"
},
{
"item_id": 5,
"superior_object_id": 10235
"item_uuid": "00000000-0000-0000-0000-000000001004",
"superior_object_uuid": "00005004-0000-0000-0000-000000000000"
},
{
"item_id": 4,
"superior_object_id": 10234
"item_uuid": "00000000-0000-0000-0000-000000001003",
"superior_object_uuid": "00005003-0000-0000-0000-000000000000"
}
]
}
@@ -354,30 +359,30 @@
"code": 200,
"msg": "Success",
"data": {
"hitPolicyList": [
"hit_policy_list": [
{
"id": 1026,
"uuid": "00001026-0000-0000-0000-000000000000",
"policyName": "",
"is_execute_policy": true,
"top_object_list": [
{
"object_id": 3022,
"object_uuid": "00003022-0000-0000-0000-000000000000",
"table_name": "ATTR_TUNNEL",
"not_flag": 0,
"nth_clause": 0
"negate_option": 0,
"condition_index": 0
}
]
},
{
"id": 1025,
"uuid": "00001025-0000-0000-0000-000000000000",
"policyName": "",
"is_execute_policy": false,
"is_execute_policy": true,
"top_object_list": [
{
"object_id": 3023,
"object_uuid": "00003023-0000-0000-0000-000000000000",
"table_name": "ATTR_TUNNEL",
"not_flag": 0,
"nth_clause": 0
"negate_option": 0,
"condition_index": 0
}
]
}
@@ -394,8 +399,8 @@
},
"hit_paths": [
{
"item_id": 0,
"superior_object_id": 6
"item_uuid": "00000000-0000-0000-0000-000000000000",
"superior_object_uuid": "00000000-0000-0000-0000-000000000006"
}
]
},
@@ -405,12 +410,12 @@
"attribute_name": "tunnel_endpoint_object",
"hit_paths": [
{
"item_id": 0,
"superior_object_id": 3022
"item_uuid": "00000000-0000-0000-0000-000000000000",
"superior_object_uuid": "00003022-0000-0000-0000-000000000000"
},
{
"item_id": 0,
"superior_object_id": 3023
"item_uuid": "00000000-0000-0000-0000-000000000000",
"superior_object_uuid": "00003023-0000-0000-0000-000000000000"
}
]
},
@@ -425,8 +430,8 @@
},
"hit_paths": [
{
"entry_id": 1,
"tag_id": 11
"entry_uuid": "00000001-0000-0000-0000-000000000000",
"tag_uuid": "00000011-0000-0000-0000-000000000000"
}
]
}
@@ -439,17 +444,17 @@
"code": 200,
"msg": "Success",
"data": {
"hitPolicyList": [
"hit_policy_list": [
{
"id": 1027,
"uuid": "00001027-0000-0000-0000-000000000000",
"policyName": "",
"is_execute_policy": true,
"top_object_list": [
{
"object_id": 3022,
"object_uuid": "00003022-0000-0000-0000-000000000000",
"table_name": "ATTR_TUNNEL",
"not_flag": 1,
"nth_clause": 0
"negate_option": 1,
"condition_index": 0
}
]
}
@@ -466,8 +471,8 @@
},
"hit_paths": [
{
"item_id": 0,
"superior_object_id": 6
"item_uuid": "00000000-0000-0000-0000-000000000000",
"superior_object_uuid": "00000000-0000-0000-0000-000000000006"
}
]
},
@@ -477,8 +482,196 @@
"attribute_name": "tunnel_endpoint_object",
"hit_paths": [
{
"item_id": 0,
"superior_object_id": 3021
"item_uuid": "00000000-0000-0000-0000-000000000000",
"superior_object_uuid": "00003021-0000-0000-0000-000000000000"
},
{
"item_uuid": "00000000-0000-0000-0000-000000000000",
"superior_object_uuid": "00003022-0000-0000-0000-000000000000"
}
]
}
]
}
},
"success": true
},
{
"code": 200,
"msg": "Success",
"data": {
"hit_policy_list": [
{
"uuid": "00600010-0000-0000-0000-000000000000",
"policyName": "",
"is_execute_policy": true,
"top_object_list": [
{
"object_uuid": "00500100-0000-0000-0000-000000000000",
"table_name": "ATTR_SOURCE_IP",
"negate_option": 0,
"condition_index": 0
},
{
"object_uuid": "00000000-0000-0000-0000-000000000006",
"table_name": "ATTR_IP_PROTOCOL",
"negate_option": 0,
"condition_index": 3
},
{
"object_uuid": "00500200-0000-0000-0000-000000000000",
"table_name": "ATTR_SOURCE_PORT",
"negate_option": 0,
"condition_index": 4
},
{
"object_uuid": "00000201-0000-0000-0000-000000000000",
"table_name": "ATTR_APP_ID",
"negate_option": 0,
"condition_index": 1
},
{
"object_uuid": "00000000-0000-0000-0000-000000001000",
"table_name": "ATTR_HTTP_REQ_HDR",
"negate_option": 0,
"condition_index": 2
},
{
"object_uuid": "00000000-0000-0000-0000-000000000050",
"table_name": "ATTR_TUNNEL_LEVEL",
"negate_option": 0,
"condition_index": 5
},
{
"object_uuid": "00500300-0000-0000-0000-000000000000",
"table_name": "ATTR_FLAG",
"negate_option": 0,
"condition_index": 6
},
{
"object_uuid": "00000000-0000-0000-0000-000000000002",
"table_name": "ATTR_SSL_ECH",
"negate_option": 0,
"condition_index": 7
}
]
}
],
"verify_session": {
"attributes": [
{
"attribute_type": "ip",
"table_name": "ATTR_SOURCE_IP",
"attribute_name": "source",
"attribute_value": {
"ip": "192.168.55.4",
"port": "80",
"addr_type": 4
},
"hit_paths": [
{
"item_uuid": "00000000-0000-0000-0000-000000001009",
"superior_object_uuid": "00500100-0000-0000-0000-000000000000"
}
]
},
{
"attribute_type": "ip",
"table_name": "ATTR_IP_PROTOCOL",
"attribute_name": "ip_protocol",
"attribute_value": {
"addr_type": 4,
"protocol": 6
},
"hit_paths": [
{
"item_uuid": "00000000-0000-0000-0000-000000000000",
"superior_object_uuid": "00000000-0000-0000-0000-000000000006"
}
]
},
{
"attribute_type": "port",
"table_name": "ATTR_SOURCE_PORT",
"attribute_name": "source",
"attribute_value": {
"port": "80"
},
"hit_paths": [
{
"item_uuid": "00000000-0000-0000-0000-000000001011",
"superior_object_uuid": "00500200-0000-0000-0000-000000000000"
}
]
},
{
"attribute_type": "numeric",
"table_name": "ATTR_APP_ID",
"attribute_name": "app_id",
"attribute_value": {
"numeric": 67
},
"hit_paths": [
{
"item_uuid": "00000000-0000-0000-0000-000000000000",
"superior_object_uuid": "00000201-0000-0000-0000-000000000000"
}
]
},
{
"attribute_type": "string",
"table_name": "ATTR_HTTP_REQ_HDR",
"attribute_name": "req_hdr",
"attribute_value": {
"district": "User-Agent",
"string": "test"
},
"hit_paths": [
{
"item_uuid": "00000000-0000-0000-0000-000000001010",
"superior_object_uuid": "00000000-0000-0000-0000-000000001000"
}
]
},
{
"attribute_type": "string",
"table_name": "ATTR_TUNNEL_LEVEL",
"attribute_name": "tunnel_level",
"attribute_value": {
"numeric": 60
},
"hit_paths": [
{
"item_uuid": "00000000-0000-0000-0000-000000000000",
"superior_object_uuid": "00000000-0000-0000-0000-000000000050"
}
]
},
{
"attribute_type": "flag",
"table_name": "ATTR_FLAG",
"attribute_name": "flag",
"attribute_value": {
"numeric": 15
},
"hit_paths": [
{
"item_uuid": "00000000-0000-0000-0000-000000001012",
"superior_object_uuid": "00500300-0000-0000-0000-000000000000"
}
]
},
{
"attribute_type": "boolean",
"table_name": "ATTR_SSL_ECH",
"attribute_name": "esni",
"attribute_value": {
"numeric": 1
},
"hit_paths": [
{
"item_uuid": "00000000-0000-0000-0000-000000000000",
"superior_object_uuid": "00000000-0000-0000-0000-000000000002"
}
]
}

816
test/resource/VerifyPolicyManipulation.json
View File

@@ -1,353 +1,476 @@
{
"compile_table": "PXY_CTRL_COMPILE",
"group2compile_table": "GROUP_PXY_CTRL_COMPILE_RELATION",
"group2group_table": "GROUP_GROUP_RELATION",
"rule_table": "PXY_CTRL_RULE",
"object2object_table": "OBJECT_GROUP",
"rules": [
{
"compile_id": 1021,
{
"uuid": "00001021-0000-0000-0000-000000000000",
"service": 1,
"action": 48,
"do_blacklist": 1,
"do_log": 1,
"effective_range": 0,
"tags":"anything",
"user_region": "anything",
"is_valid": "yes",
"groups": [
{
"not_flag": 0,
"group_id": 101,
"group_name":"IPv4TCPSoureVeiryPolicy01",
"virtual_table": "ATTR_SOURCE_IP",
"regions": [
{
"table_type": "ip",
"table_name": "TSG_OBJ_IP_ADDR",
"table_content": {
"addr_type": "ipv4",
"addr_format": "range",
"ip1": "192.168.0.1",
"ip2": "192.168.0.1"
}
}
]
}
]
},
{
"compile_id": 1022,
"service": 1,
"action": 48,
"do_blacklist": 1,
"do_log": 1,
"effective_range": 0,
"tags":"anything",
"user_region": "anything",
"action": "manipulate",
"blacklist_option": 1,
"log_option": "all",
"action_parameter": "anything",
"is_valid": "yes",
"groups": [
{
"group_id": 11,
"group_name": "IPv4TCPSoureEntry.11",
"virtual_table": "ATTR_SOURCE_IP"
},
"and_conditions": [
{
"group_id": 12,
"group_name": "IPv4TCPSoureEntry.12",
"virtual_table": "ATTR_INTERNAL_IP"
},
{
"group_id": 1,
"group_name": "FQDNEntry.1",
"virtual_table": "ATTR_SERVER_FQDN"
}
]
},
{
"compile_id": 1023,
"service": 1,
"action": 48,
"do_blacklist": 1,
"do_log": 1,
"effective_range": 0,
"tags":"anything",
"user_region": "anything",
"is_valid": "yes",
"groups": [
{
"not_flag": 0,
"group_id": 10231,
"group_name":"IPv4TCPSoureVeiryPolicy02",
"virtual_table": "ATTR_SOURCE_IP",
"regions": [
"attribute_name": "ATTR_SOURCE_IP",
"objects": [
{
"table_type": "ip",
"table_name": "TSG_OBJ_IP_ADDR",
"table_content": {
"addr_type": "ipv4",
"addr_format": "range",
"ip1": "192.168.0.2",
"ip2": "192.168.0.2"
}
}
]
},
{
"not_flag": 0,
"group_id": 10232,
"group_name":"IPv4TCPDestinationVeiryPolicy01",
"virtual_table": "ATTR_DESTINATION_IP",
"regions": [
{
"table_type": "ip",
"table_name": "TSG_OBJ_IP_ADDR",
"table_content": {
"addr_type": "ipv4",
"addr_format": "range",
"ip1": "192.168.0.3",
"ip2": "192.168.0.3"
}
}
]
},
{
"virtual_table":"ATTR_SERVER_FQDN",
"group_name":"ServerFqdnVeiryPolicy01",
"group_id":10234,
"not_flag":0,
"regions": [
{
"table_name": "TSG_OBJ_FQDN",
"table_type": "expr",
"table_content": {
"keywords": "baidu.com",
"expr_type": "regex",
"match_method": "sub",
"format": "uncase plain"
}
}
]
},
{
"virtual_table":"ATTR_SSL_SAN",
"group_name":"SslSanVeiryPolicy01",
"group_id":10235,
"not_flag":0,
"regions": [
{
"table_name": "TSG_OBJ_FQDN",
"table_type": "expr",
"table_content": {
"keywords": "baidu.com",
"expr_type": "regex",
"match_method": "sub",
"format": "uncase plain"
}
}
]
}
]
},
{
"compile_id": 1024,
"service": 1,
"action": 48,
"do_blacklist": 1,
"do_log": 1,
"effective_range": 0,
"tags":"anything",
"user_region": "anything",
"is_valid": "yes",
"groups": [
{
"group_name":"IPv4TCPSoureVeiryPolicy02",
"virtual_table":"ATTR_SOURCE_IP"
},
{
"group_name":"IPv4TCPDestinationVeiryPolicy01",
"virtual_table":"ATTR_DESTINATION_IP"
},
{
"group_name":"ServerFqdnVeiryPolicy01",
"virtual_table":"ATTR_SERVER_FQDN"
},
{
"group_name":"SslSanVeiryPolicy01",
"virtual_table":"ATTR_SSL_SAN"
}
]
},
{
"compile_id": 3021,
"service": 13,
"action": 1,
"do_blacklist": 0,
"do_log": 1,
"tags": "{}",
"user_region": "anything",
"evaluation_order": "0.0",
"compile_table_name": "TUNNEL_COMPILE",
"is_valid": "yes",
"groups": [
{
"not_flag": 0,
"group_id": 248,
"group_name": "TunnelIpv4TCPSoureVeiryPolicy01",
"virtual_table": "ATTR_TUNNEL_GTP_ENDPOINT",
"g2c_table_name": "GROUP_TUNNEL_COMPILE_RELATION",
"regions": [
{
"table_name": "TSG_OBJ_IP_ADDR",
"table_type": "ip",
"table_content": {
"addr_type": "ipv4",
"addr_format": "range",
"ip1": "192.168.0.4",
"ip2": "192.168.0.4"
}
}
]
}
]
},
{
"compile_id": 3022,
"service": 13,
"action": 1,
"do_blacklist": 0,
"do_log": 1,
"tags": "{}",
"user_region": "anything",
"evaluation_order": "0.0",
"compile_table_name": "TUNNEL_COMPILE",
"is_valid": "yes",
"groups": [
{
"not_flag": 0,
"group_id": 2,
"group_name": "TunnelIpv4TCPSoureVeiryPolicy02",
"virtual_table": "ATTR_TUNNEL_GTP_ENDPOINT",
"g2c_table_name": "GROUP_TUNNEL_COMPILE_RELATION",
"regions": [
{
"table_name": "TSG_OBJ_IP_ADDR",
"table_type": "ip",
"table_content": {
"addr_type": "ipv4",
"addr_format": "range",
"ip1": "192.168.0.5",
"ip2": "192.168.0.5"
}
"object_name": "IPv4TCPSoureVeiryPolicy01",
"uuid": "00005000-0000-0000-0000-000000000000",
"items": [
{
"table_type": "ip",
"table_name": "TSG_OBJ_IP_ADDR",
"table_content": {
"ip": "192.168.0.1/32",
"port": "8080"
}
}
]
}
]
}
]
},
{
"compile_id": 3023,
"service": 13,
"action": 1,
"do_blacklist": 0,
"do_log": 1,
"tags": "{}",
"user_region": "anything",
"evaluation_order": "0.0",
"compile_table_name": "TUNNEL_COMPILE",
"is_valid": "yes",
"groups": [
{
"not_flag": 0,
"group_id": 3,
"group_name": "TunnelIpv4TCPSoureVeiryPolicy03",
"virtual_table": "ATTR_TUNNEL_GTP_ENDPOINT",
"g2c_table_name": "GROUP_TUNNEL_COMPILE_RELATION",
"regions": [
"uuid": "00001022-0000-0000-0000-000000000000",
"service": 1,
"action": "manipulate",
"blacklist_option": 1,
"log_option": "all",
"action_parameter": "anything",
"is_valid": "yes",
"and_conditions": [
{
"object_name": "IPv4TCPSoureEntry.11",
"attribute_name": "ATTR_SOURCE_IP",
"negate_option": false,
"object_uuids": [
"00000011-0000-0000-0000-000000000000"
]
},
{
"object_name": "IPv4TCPSoureEntry.12",
"attribute_name": "ATTR_INTERNAL_IP",
"negate_option": false,
"object_uuids": [
"00000012-0000-0000-0000-000000000000"
]
},
{
"object_name": "FQDNEntry.1",
"attribute_name": "ATTR_SERVER_FQDN",
"negate_option": false,
"object_uuids": [
"00000001-0000-0000-0000-000000000000"
]
}
]
},
{
"uuid": "00001023-0000-0000-0000-000000000000",
"service": 1,
"action": "manipulate",
"blacklist_option": 1,
"log_option": "all",
"action_parameter": "anything",
"is_valid": "yes",
"and_conditions": [
{
"attribute_name": "ATTR_SOURCE_IP",
"objects": [
{
"table_name": "TSG_OBJ_IP_ADDR",
"table_type": "ip",
"table_content": {
"addr_type": "ipv4",
"addr_format": "range",
"ip1": "192.168.0.5",
"ip2": "192.168.0.5"
}
"object_name": "IPv4TCPSoureVeiryPolicy02",
"uuid": "00005001-0000-0000-0000-000000000000",
"items": [
{
"table_type": "ip",
"table_name": "TSG_OBJ_IP_ADDR",
"table_content": {
"ip": "192.168.0.2/32",
"port": "80"
}
}
]
}
]
},
{
"not_flag": 0,
"group_id": 4,
"group_name": "TunnelIpv4TCPSoureVeiryPolicy04",
"virtual_table": "ATTR_TUNNEL_GTP_ENDPOINT",
"g2c_table_name": "GROUP_TUNNEL_COMPILE_RELATION",
"regions": [
"attribute_name": "ATTR_DESTINATION_IP",
"objects": [
{
"table_name": "TSG_OBJ_IP_ADDR",
"table_type": "ip",
"table_content": {
"addr_type": "ipv4",
"addr_format": "range",
"ip1": "192.168.0.6",
"ip2": "192.168.0.6"
}
"object_name": "IPv4TCPDestinationVeiryPolicy01",
"uuid": "00005002-0000-0000-0000-000000000000",
"items": [
{
"table_type": "ip",
"table_name": "TSG_OBJ_IP_ADDR",
"table_content": {
"ip": "192.168.0.3/32",
"port": "80"
}
}
]
}
]
},
{
"attribute_name": "ATTR_SERVER_FQDN",
"objects": [
{
"object_name":"ServerFqdnVeiryPolicy01",
"uuid": "00005003-0000-0000-0000-000000000000",
"items": [
{
"table_name": "TSG_OBJ_FQDN",
"table_type": "expr",
"table_content": {
"expression": "baidu.com",
"expr_type": "and"
}
}
]
}
]
},
{
"attribute_name": "ATTR_SSL_SAN",
"objects": [
{
"object_name":"SslSanVeiryPolicy01",
"uuid": "00005004-0000-0000-0000-000000000000",
"items": [
{
"table_name": "TSG_OBJ_FQDN",
"table_type": "expr",
"table_content": {
"expression": "baidu.com",
"expr_type": "and"
}
}
]
}
]
}
]
},
{
"compile_id": 1025,
"service": 1,
"action": 48,
"do_blacklist": 1,
"do_log": 1,
"effective_range": 0,
"tags":"anything",
"user_region": "anything",
"is_valid": "yes",
"groups": [
{
"uuid": "00001024-0000-0000-0000-000000000000",
"service": 1,
"action": "manipulate",
"blacklist_option": 1,
"log_option": "all",
"action_parameter": "anything",
"is_valid": "yes",
"and_conditions": [
{
"not_flag":0,
"group_id": 3023,
"group_name":"TunnelEndpointVeiryPolicy01",
"virtual_table":"ATTR_TUNNEL"
}
]
},
{
"compile_id": 1026,
"service": 1,
"action": 48,
"do_blacklist": 1,
"do_log": 1,
"effective_range": 0,
"tags":"anything",
"user_region": "anything",
"is_valid": "yes",
"groups": [
"object_name": "IPv4TCPSoureVeiryPolicy02",
"attribute_name": "ATTR_SOURCE_IP",
"negate_option": false,
"object_uuids": [
"00005001-0000-0000-0000-000000000000"
]
},
{
"not_flag":0,
"group_id": 3022,
"group_name":"TunnelEndpointVeiryPolicy03",
"virtual_table":"ATTR_TUNNEL"
}
]
},
{
"compile_id": 1027,
"service": 1,
"action": 48,
"do_blacklist": 1,
"do_log": 1,
"effective_range": 0,
"tags":"anything",
"user_region": "anything",
"is_valid": "yes",
"groups": [
"object_name": "IPv4TCPDestinationVeiryPolicy01",
"attribute_name": "ATTR_DESTINATION_IP",
"negate_option": false,
"object_uuids": [
"00005002-0000-0000-0000-000000000000"
]
},
{
"not_flag":1,
"group_id": 3022,
"group_name":"TunnelEndpointVeiryPolicy03",
"virtual_table":"ATTR_TUNNEL"
"object_name": "ServerFqdnVeiryPolicy01",
"attribute_name": "ATTR_SERVER_FQDN",
"negate_option": false,
"object_uuids": [
"00005003-0000-0000-0000-000000000000"
]
},
{
"object_name": "SslSanVeiryPolicy01",
"attribute_name": "ATTR_SSL_SAN",
"negate_option": false,
"object_uuids": [
"00005004-0000-0000-0000-000000000000"
]
}
]
},
{
"uuid": "00003021-0000-0000-0000-000000000000",
"service": 1,
"action": "monitor",
"blacklist_option": 1,
"log_option": "all",
"action_parameter": "anything",
"rule_table_name": "TUNNEL_RULE",
"is_valid": "yes",
"and_conditions": [
{
"attribute_name": "ATTR_TUNNEL_GTP_ENDPOINT",
"objects": [
{
"object_name": "TunnelIpv4TCPSoureVeiryPolicy01",
"uuid": "00005005-0000-0000-0000-000000000000",
"items": [
{
"table_type": "ip",
"table_name": "TSG_OBJ_IP_ADDR",
"table_content": {
"ip": "192.168.0.4"
}
}
]
}
]
}
]
},
{
"uuid": "00003022-0000-0000-0000-000000000000",
"service": 1,
"action": "monitor",
"blacklist_option": 1,
"log_option": "all",
"action_parameter": "anything",
"rule_table_name": "TUNNEL_RULE",
"is_valid": "yes",
"and_conditions": [
{
"attribute_name": "ATTR_TUNNEL_GTP_ENDPOINT",
"objects": [
{
"object_name": "TunnelIpv4TCPSoureVeiryPolicy02",
"uuid": "00005006-0000-0000-0000-000000000000",
"items": [
{
"table_type": "ip",
"table_name": "TSG_OBJ_IP_ADDR",
"table_content": {
"ip": "192.168.0.5/32"
}
}
]
}
]
}
]
},
{
"uuid": "00003023-0000-0000-0000-000000000000",
"service": 1,
"action": "monitor",
"blacklist_option": 1,
"log_option": "all",
"action_parameter": "anything",
"rule_table_name": "TUNNEL_RULE",
"is_valid": "yes",
"and_conditions": [
{
"attribute_name": "ATTR_TUNNEL_GTP_ENDPOINT",
"objects": [
{
"object_name": "TunnelIpv4TCPSoureVeiryPolicy03",
"uuid": "00005007-0000-0000-0000-000000000000",
"items": [
{
"table_type": "ip",
"table_name": "TSG_OBJ_IP_ADDR",
"table_content": {
"ip": "192.168.0.5/32"
}
}
]
}
]
},
{
"attribute_name": "ATTR_TUNNEL_GTP_ENDPOINT",
"objects": [
{
"object_name": "TunnelIpv4TCPSoureVeiryPolicy04",
"uuid": "00005008-0000-0000-0000-000000000000",
"items": [
{
"table_type": "ip",
"table_name": "TSG_OBJ_IP_ADDR",
"table_content": {
"ip": "192.168.0.6/32"
}
}
]
}
]
}
]
},
{
"uuid": "00001025-0000-0000-0000-000000000000",
"service": 1,
"action": "monitor",
"blacklist_option": 1,
"log_option": "all",
"action_parameter": "anything",
"is_valid": "yes",
"and_conditions": [
{
"object_name": "TunnelEndpointVeiryPolicy01",
"attribute_name": "ATTR_TUNNEL",
"negate_option": false,
"object_uuids": [
"00003023-0000-0000-0000-000000000000"
]
}
]
},
{
"uuid": "00001026-0000-0000-0000-000000000000",
"service": 1,
"action": "monitor",
"blacklist_option": 1,
"log_option": "all",
"action_parameter": "anything",
"is_valid": "yes",
"and_conditions": [
{
"object_name": "TunnelEndpointVeiryPolicy03",
"attribute_name": "ATTR_TUNNEL",
"negate_option": false,
"object_uuids": [
"00003022-0000-0000-0000-000000000000"
]
}
]
},
{
"uuid": "00001027-0000-0000-0000-000000000000",
"service": 1,
"action": "monitor",
"blacklist_option": 1,
"log_option": "all",
"action_parameter": "anything",
"is_valid": "yes",
"and_conditions": [
{
"object_name": "TunnelEndpointVeiryPolicy03",
"attribute_name": "ATTR_TUNNEL",
"negate_option": true,
"object_uuids": [
"00003022-0000-0000-0000-000000000000"
]
}
]
},
{
"uuid": "00600010-0000-0000-0000-000000000000",
"service": 1,
"action": "manipulate",
"blacklist_option": 1,
"log_option": "all",
"action_parameter": "anything",
"is_valid": "yes",
"and_conditions": [
{
"attribute_name": "ATTR_SOURCE_IP",
"objects": [
{
"object_name": "IPv4TCPSoureVeiryPolicy01",
"uuid": "00500100-0000-0000-0000-000000000000",
"items": [
{
"table_type": "ip",
"table_name": "TSG_OBJ_IP_ADDR",
"table_content": {
"ip": "192.168.55.4",
"port": "80"
}
}
]
}
]
},
{
"attribute_name": "ATTR_APP_ID",
"negate_option": false,
"object_uuids": [
"00000201-0000-0000-0000-000000000000"
]
},
{
"attribute_name": "ATTR_HTTP_REQ_HDR",
"objects": [
{
"items": [
{
"table_name": "TSG_OBJ_KEYWORD",
"table_type": "expr",
"table_content": {
"expression": "test",
"expr_type": "and"
}
}
]
}
]
},
{
"attribute_name": "ATTR_IP_PROTOCOL",
"negate_option": false,
"object_uuids": [
"00000000-0000-0000-0000-000000000006"
]
},
{
"attribute_name": "ATTR_SOURCE_PORT",
"objects": [
{
"object_name": "IPv4TCPPortVeiryPolicy01",
"uuid": "00500200-0000-0000-0000-000000000000",
"items": [
{
"table_name": "TSG_OBJ_PORT",
"table_type": "interval",
"table_content": {
"interval": "1-100"
}
}
]
}
]
},
{
"attribute_name": "ATTR_TUNNEL_LEVEL",
"negate_option": false,
"object_uuids": [
"00000000-0000-0000-0000-000000000050"
]
},
{
"attribute_name": "ATTR_FLAG",
"objects": [
{
"object_name": "FlagVeiryPolicy01",
"uuid": "00500300-0000-0000-0000-000000000000",
"items": [
{
"table_type": "flag",
"table_name": "TSG_OBJ_FLAG",
"table_content": {
"flag": 15,
"mask": 15
}
}
]
}
]
},
{
"attribute_name": "ATTR_SSL_ECH",
"negate_option": false,
"object_uuids": [
"00000000-0000-0000-0000-000000000002"
]
}
]
}
@@ -356,35 +479,42 @@
{
"table_name": "FQDN_ENTRY",
"table_content": [
"1\t1\twww.126.com\t1\t1",
"2\t2,3\twww.baidu.com\t1\t1",
"4\t4,5,6\twww.qq.com\t1\t1"
{"uuid":"00000001-0000-0000-0000-000000000000","tag_uuids":["00000001-0000-0000-0000-000000000000"],"fqdn":"www.126.com","is_valid":1},
{"uuid":"00000002-0000-0000-0000-000000000000","tag_uuids":["00000002-0000-0000-0000-000000000000","00000003-0000-0000-0000-000000000000"],"fqdn":"www.baidu.com","is_valid":1},
{"uuid":"00000004-0000-0000-0000-000000000000","tag_uuids":["00000004-0000-0000-0000-000000000000","00000005-0000-0000-0000-000000000000","00000006-0000-0000-0000-000000000000"],"fqdn":"www.qq.com","is_valid":1}
]
},
{
"table_name": "IP_ADDR_ENTRY",
"table_content": [
"1\t11\t4\tsingle\t192.168.1.1\t192.168.1.1\t1",
"2\t12,13\t4\tsingle\t192.168.1.2\t192.168.1.2\t1",
"4\t14,15,16\t4\trange\t192.168.1.3\t192.168.1.3\t1"
{"uuid":"00000001-0000-0000-0000-000000000000","tag_uuids":["00000011-0000-0000-0000-000000000000"],"ip":"192.168.1.1/32","is_valid":1},
{"uuid":"00000002-0000-0000-0000-000000000000","tag_uuids":["00000012-0000-0000-0000-000000000000","00000013-0000-0000-0000-000000000000"],"ip":"192.168.1.2/32","is_valid":1},
{"uuid":"00000004-0000-0000-0000-000000000000","tag_uuids":["00000014-0000-0000-0000-000000000000","00000015-0000-0000-0000-000000000000","00000016-0000-0000-0000-000000000000"],"ip":"192.168.1.3/32","is_valid":1}
]
},
{
"table_name": "LIBRARY_TAG",
"table_content": [
"1\tnone\twebsite_category\tfqdn1\tsearch\\bengines\t1",
"2\tnone\twebsite_category\tfqdn2\tRecreation\band\bHobbies\t1",
"3\tnone\twebsite_category\tfqdn3\tbusiness\t1",
"4\tnone\twebsite_category\tfqdn4\tsearch bengines\t1",
"5\tnone\twebsite_category\tfqdn5\tsearch\\bengines\t1",
"6\tnone\twebsite_category\tfqdn6\tsearch\\bengines\t1",
"11\tnone\tgeoip\tadministrative_area\tColombia.Departamento\bdel\bVaupes\t1",
"12\tnone\tgeoip\tadministrative_area\tColombia.Departamento\bdel\bVaupes.Mitú\t1",
"13\tnone\tgeoip\tadministrative_area\tColombia.Antioquia.Marinilla\t1",
"14\tnone\tgeoip\tsuper_administrative_area\tColombia.Departamento\bdel\bVaupes\t1",
"15\tnone\tgeoip\tadministrative_area\tGermany.Bavaria.Mauern\t1",
"16\tnone\tgeoip\tadministrative_area\tGermany.Bavaria.Mellrichstadt\t1"
{"uuid":"00000001-0000-0000-0000-000000000000","statistics_option":"none","category":"website_category","tag_key":"fqdn1","tag_value":"search\\bengines","is_valid":1},
{"uuid":"00000002-0000-0000-0000-000000000000","statistics_option":"none","category":"website_category","tag_key":"fqdn2","tag_value":"Recreation\band\bHobbies","is_valid":1},
{"uuid":"00000003-0000-0000-0000-000000000000","statistics_option":"none","category":"website_category","tag_key":"fqdn3","tag_value":"business","is_valid":1},
{"uuid":"00000004-0000-0000-0000-000000000000","statistics_option":"none","category":"website_category","tag_key":"fqdn4","tag_value":"search bengines","is_valid":1},
{"uuid":"00000005-0000-0000-0000-000000000000","statistics_option":"none","category":"website_category","tag_key":"fqdn5","tag_value":"search\\bengines","is_valid":1},
{"uuid":"00000006-0000-0000-0000-000000000000","statistics_option":"none","category":"website_category","tag_key":"fqdn6","tag_value":"search\\bengines","is_valid":1},
{"uuid":"00000011-0000-0000-0000-000000000000","statistics_option":"none","category":"geoip","tag_key":"administrative_area","tag_value":"Colombia.Departamento","is_valid":1},
{"uuid":"00000012-0000-0000-0000-000000000000","statistics_option":"none","category":"geoip","tag_key":"administrative_area","tag_value":"Colombia.Departamento\bdel\bVaupes.Mitú","is_valid":1},
{"uuid":"00000013-0000-0000-0000-000000000000","statistics_option":"none","category":"geoip","tag_key":"administrative_area","tag_value":"Colombia.Antioquia.Marinilla","is_valid":1},
{"uuid":"00000014-0000-0000-0000-000000000000","statistics_option":"none","category":"geoip","tag_key":"tsuper_administrative_area","tag_value":"Colombia.Departamento\bdel\bVaupes","is_valid":1},
{"uuid":"00000015-0000-0000-0000-000000000000","statistics_option":"none","category":"geoip","tag_key":"administrative_area","tag_value":"Germany.Bavaria.Mauern","is_valid":1},
{"uuid":"00000016-0000-0000-0000-000000000000","statistics_option":"none","category":"geoip","tag_key":"administrative_area","tag_value":"Germany.Bavaria.Mellrichstadt","is_valid":1}
]
}
},
{
"table_name": "APP_ID_DICT",
"table_content": [
{"app_id":67,"object_uuid":"00000201-0000-0000-0000-000000000000","app_name":"http","is_valid":1},
{"app_id":68,"object_uuid":"00068000-0000-0000-0000-000000000000","app_name":"https","is_valid":1}
]
}
]
}

52
test/verify_policy_test.cpp
View File

@@ -90,7 +90,7 @@ static char *select_hit_policy_request_item(int gtest_id)
TEST(LibrarySearch, HitFqdnEntry)
{
const char *hit_policy_request = "{\"ip\":null,\"fqdn\":\"www.126.com\",\"vsys_id\":1}";
const char *hit_policy_result="{\"code\":200,\"msg\":\"Success\",\"data\":{\"hit_library\":[{\"entry_id\":1,\"tag_ids\":\"1\"}]},\"success\":true}";
const char *hit_policy_result="{\"code\":200,\"msg\":\"Success\",\"data\":{\"hit_library\":[{\"tag_uuids\":\"00000001-0000-0000-0000-000000000000\"}]},\"success\":true}";
cJSON *result_json = get_library_search_query(hit_policy_request, strlen(hit_policy_request));
ASSERT_TRUE(result_json != NULL);
@@ -105,7 +105,7 @@ TEST(LibrarySearch, HitFqdnEntry)
FREE(&hit_policy_list);
hit_policy_request = "{\"ip\":null,\"fqdn\":\"www.baidu.com\",\"vsys_id\":1}";
hit_policy_result="{\"code\":200,\"msg\":\"Success\",\"data\":{\"hit_library\":[{\"entry_id\":2,\"tag_ids\":\"2,3\"}]},\"success\":true}";
hit_policy_result="{\"code\":200,\"msg\":\"Success\",\"data\":{\"hit_library\":[{\"tag_uuids\":\"00000002-0000-0000-0000-000000000000,00000003-0000-0000-0000-000000000000\"}]},\"success\":true}";
result_json = get_library_search_query(hit_policy_request, strlen(hit_policy_request));
ASSERT_TRUE(result_json != NULL);
@@ -120,7 +120,7 @@ TEST(LibrarySearch, HitFqdnEntry)
FREE(&hit_policy_list);
hit_policy_request = "{\"ip\":null,\"fqdn\":\"www.qq.com\",\"vsys_id\":1}";
hit_policy_result="{\"code\":200,\"msg\":\"Success\",\"data\":{\"hit_library\":[{\"entry_id\":4,\"tag_ids\":\"4,5,6\"}]},\"success\":true}";
hit_policy_result="{\"code\":200,\"msg\":\"Success\",\"data\":{\"hit_library\":[{\"tag_uuids\":\"00000004-0000-0000-0000-000000000000,00000005-0000-0000-0000-000000000000,00000006-0000-0000-0000-000000000000\"}]},\"success\":true}";
result_json = get_library_search_query(hit_policy_request, strlen(hit_policy_request));
ASSERT_TRUE(result_json != NULL);
@@ -138,7 +138,7 @@ TEST(LibrarySearch, HitFqdnEntry)
TEST(LibrarySearch, HitIpEntry)
{
const char *hit_policy_request = "{\"ip\":\"192.168.1.1\",\"fqdn\":null,\"vsys_id\":1}";
const char *hit_policy_result="{\"code\":200,\"msg\":\"Success\",\"data\":{\"hit_library\":[{\"tag_ids\":\"11\"}]},\"success\":true}";
const char *hit_policy_result="{\"code\":200,\"msg\":\"Success\",\"data\":{\"hit_library\":[{\"tag_uuids\":\"00000011-0000-0000-0000-000000000000\"}]},\"success\":true}";
cJSON *result_json = get_library_search_query(hit_policy_request, strlen(hit_policy_request));
ASSERT_TRUE(result_json != NULL);
@@ -146,6 +146,7 @@ TEST(LibrarySearch, HitIpEntry)
char *hit_policy_list = cJSON_PrintUnformatted(result_json);
ASSERT_TRUE(hit_policy_list != NULL);
printf("hit_policy_list = %s\n", hit_policy_list);
int equal = strncasecmp(hit_policy_list, hit_policy_result, strlen(hit_policy_result));
EXPECT_EQ(equal, 0);
@@ -153,7 +154,7 @@ TEST(LibrarySearch, HitIpEntry)
FREE(&hit_policy_list);
hit_policy_request ="{\"ip\":\"192.168.1.2\",\"fqdn\":null,\"vsys_id\":1}";
hit_policy_result="{\"code\":200,\"msg\":\"Success\",\"data\":{\"hit_library\":[{\"tag_ids\":\"12,13\"}]},\"success\":true}";
hit_policy_result="{\"code\":200,\"msg\":\"Success\",\"data\":{\"hit_library\":[{\"tag_uuids\":\"00000012-0000-0000-0000-000000000000,00000013-0000-0000-0000-000000000000\"}]},\"success\":true}";
result_json = get_library_search_query(hit_policy_request, strlen(hit_policy_request));
ASSERT_TRUE(result_json != NULL);
@@ -161,6 +162,7 @@ TEST(LibrarySearch, HitIpEntry)
hit_policy_list = cJSON_PrintUnformatted(result_json);
ASSERT_TRUE(hit_policy_list != NULL);
printf("hit_policy_list = %s\n", hit_policy_list);
equal = strncasecmp(hit_policy_list, hit_policy_result, strlen(hit_policy_result));
EXPECT_EQ(equal, 0);
@@ -168,7 +170,7 @@ TEST(LibrarySearch, HitIpEntry)
FREE(&hit_policy_list);
hit_policy_request = "{\"ip\":\"192.168.1.3\",\"fqdn\":null,\"vsys_id\":1}";
hit_policy_result="{\"code\":200,\"msg\":\"Success\",\"data\":{\"hit_library\":[{\"tag_ids\":\"14,15,16\"}]},\"success\":true}";
hit_policy_result="{\"code\":200,\"msg\":\"Success\",\"data\":{\"hit_library\":[{\"tag_uuids\":\"00000014-0000-0000-0000-000000000000,00000015-0000-0000-0000-000000000000,00000016-0000-0000-0000-000000000000\"}]},\"success\":true}";
result_json = get_library_search_query(hit_policy_request, strlen(hit_policy_request));
ASSERT_TRUE(result_json != NULL);
@@ -176,6 +178,7 @@ TEST(LibrarySearch, HitIpEntry)
hit_policy_list = cJSON_PrintUnformatted(result_json);
ASSERT_TRUE(hit_policy_list != NULL);
printf("hit_policy_list = %s\n", hit_policy_list);
equal = strncasecmp(hit_policy_list, hit_policy_result, strlen(hit_policy_result));
EXPECT_EQ(equal, 0);
@@ -246,6 +249,9 @@ TEST(VerifyPolicy, HitIpPolicy)
char *hit_policy_query = cJSON_PrintUnformatted(result_json);
ASSERT_TRUE(hit_policy_query != NULL);
printf("hit_policy_query = %s\n", hit_policy_query);
printf("hit_policy_result = %s\n", hit_policy_result);
int equal = strncasecmp(hit_policy_query, hit_policy_result, strlen(hit_policy_result));
EXPECT_EQ(equal, 0);
@@ -268,6 +274,9 @@ TEST(VerifyPolicy, HitLibraryPolicy)
char *hit_policy_query = cJSON_PrintUnformatted(result_json);
ASSERT_TRUE(hit_policy_query != NULL);
printf("hit_policy_query = %s\n", hit_policy_query);
printf("hit_policy_result = %s\n", hit_policy_result);
int equal = strncasecmp(hit_policy_query, hit_policy_result, strlen(hit_policy_result));
EXPECT_EQ(equal, 0);
@@ -290,6 +299,9 @@ TEST(VerifyPolicy, HitMultiplePolicy)
char *hit_policy_query = cJSON_PrintUnformatted(result_json);
ASSERT_TRUE(hit_policy_query != NULL);
printf("hit_policy_query = %s\n", hit_policy_query);
printf("hit_policy_result = %s\n", hit_policy_result);
int equal = strncasecmp(hit_policy_query, hit_policy_result, strlen(hit_policy_result));
EXPECT_EQ(equal, 0);
@@ -334,8 +346,6 @@ TEST(VerifyPolicy, HitTunnelEndpointaPolicy_1027)
char *hit_policy_query = cJSON_PrintUnformatted(result_json);
ASSERT_TRUE(hit_policy_query != NULL);
printf("hit_policy_query = %s\n", hit_policy_query);
int equal = strncasecmp(hit_policy_query, hit_policy_result, strlen(hit_policy_result));
EXPECT_EQ(equal, 0);
@@ -412,6 +422,32 @@ TEST(VerifyPolicy, HitTunnelEndpointPolicy)
FREE(&hit_policy_result);
}
TEST(VerifyPolicy, HitAllObjectPolicy)
{
char *hit_policy_request = select_hit_policy_request_item(8);
ASSERT_TRUE(hit_policy_request != NULL);
char *hit_policy_result = select_hit_policy_result_item(8);
ASSERT_TRUE(hit_policy_result != NULL);
cJSON *result_json = get_verify_policy_query(hit_policy_request, strlen(hit_policy_request), 1);
ASSERT_TRUE(result_json != NULL);
char *hit_policy_query = cJSON_PrintUnformatted(result_json);
ASSERT_TRUE(hit_policy_query != NULL);
printf("hit_policy_request = %s\n", hit_policy_request);
printf("hit_policy_query = %s\n", hit_policy_query);
printf("hit_policy_result = %s\n", hit_policy_result);
int equal = strncasecmp(hit_policy_query, hit_policy_result, strlen(hit_policy_result));
EXPECT_EQ(equal, 0);
cJSON_Delete(result_json);
FREE(&hit_policy_query);
FREE(&hit_policy_request);
FREE(&hit_policy_result);
}
static char *read_json_file(const char *filename, size_t *input_sz)
{
FILE* fp=NULL;