TSG-6000 策略验证接口支持移动网流量属性验证
This commit is contained in:
fengweihao
@@ -42,6 +42,9 @@ enum manipulate_sacn_table
|
|||||||
PXY_CTRL_APP_ID,
|
PXY_CTRL_APP_ID,
|
||||||
PXY_CTRL_DOH_QNAME,
|
PXY_CTRL_DOH_QNAME,
|
||||||
PXY_CTRL_DOH_HOST,
|
PXY_CTRL_DOH_HOST,
|
||||||
|
PXY_CTRL_IMSI,
|
||||||
|
PXY_CTRL_PHONE_NUMBER,
|
||||||
|
PXY_CTRL_APN,
|
||||||
PXY_CTRL_IP_SRC_ASN,
|
PXY_CTRL_IP_SRC_ASN,
|
||||||
PXY_CTRL_IP_DST_ASN,
|
PXY_CTRL_IP_DST_ASN,
|
||||||
PXY_CTRL_IP_SRC_LOCATION,
|
PXY_CTRL_IP_SRC_LOCATION,
|
||||||
@@ -78,6 +81,9 @@ enum security_scan_table
|
|||||||
PXY_SECURITY_FTP_ACCOUNT,
|
PXY_SECURITY_FTP_ACCOUNT,
|
||||||
PXY_SECURITY_SIP_FROM,
|
PXY_SECURITY_SIP_FROM,
|
||||||
PXY_SECURITY_SIP_TO,
|
PXY_SECURITY_SIP_TO,
|
||||||
|
PXY_SECURITY_IMSI,
|
||||||
|
PXY_SECURITY_PHONE_NUMBER,
|
||||||
|
PXY_SECURITY_APN,
|
||||||
PXY_SECURITY_IP_SRC_ASN,
|
PXY_SECURITY_IP_SRC_ASN,
|
||||||
PXY_SECURITY_IP_DST_ASN,
|
PXY_SECURITY_IP_DST_ASN,
|
||||||
PXY_SECURITY_IP_SRC_LOCATION,
|
PXY_SECURITY_IP_SRC_LOCATION,
|
||||||
|
|||||||
@@ -107,7 +107,10 @@ int protoco_field_type_str2idx(enum verify_policy_type type, const char *action_
|
|||||||
table_name[PXY_CTRL_APP_ID] = "TSG_OBJ_APP_ID";
|
table_name[PXY_CTRL_APP_ID] = "TSG_OBJ_APP_ID";
|
||||||
table_name[PXY_CTRL_DOH_QNAME]="TSG_FIELD_DOH_QNAME";
|
table_name[PXY_CTRL_DOH_QNAME]="TSG_FIELD_DOH_QNAME";
|
||||||
table_name[PXY_CTRL_DOH_HOST]="TSG_FIELD_DOH_HOST";
|
table_name[PXY_CTRL_DOH_HOST]="TSG_FIELD_DOH_HOST";
|
||||||
scan_table_max = PXY_CTRL_DOH_HOST;
|
table_name[PXY_CTRL_IMSI]="TSG_FILED_GTP_IMSI";
|
||||||
|
table_name[PXY_CTRL_PHONE_NUMBER]="TSG_FILED_GTP_PHONE_NUMBER";
|
||||||
|
table_name[PXY_CTRL_APN]="TSG_FILED_GTP_APN";
|
||||||
|
scan_table_max = PXY_CTRL_APN;
|
||||||
break;
|
break;
|
||||||
case PXY_TABLE_SECURITY:
|
case PXY_TABLE_SECURITY:
|
||||||
table_name[PXY_SECURITY_SOURCE_ADDR]="TSG_SECURITY_SOURCE_ADDR";
|
table_name[PXY_SECURITY_SOURCE_ADDR]="TSG_SECURITY_SOURCE_ADDR";
|
||||||
@@ -137,7 +140,10 @@ int protoco_field_type_str2idx(enum verify_policy_type type, const char *action_
|
|||||||
table_name[PXY_SECURITY_FTP_ACCOUNT] = "TSG_FIELD_FTP_ACCOUNT";
|
table_name[PXY_SECURITY_FTP_ACCOUNT] = "TSG_FIELD_FTP_ACCOUNT";
|
||||||
table_name[PXY_SECURITY_SIP_FROM]="TSG_FIELD_SIP_ORIGINATOR_DESCRIPTION";
|
table_name[PXY_SECURITY_SIP_FROM]="TSG_FIELD_SIP_ORIGINATOR_DESCRIPTION";
|
||||||
table_name[PXY_SECURITY_SIP_TO]="TSG_FIELD_SIP_RESPONDER_DESCRIPTION";
|
table_name[PXY_SECURITY_SIP_TO]="TSG_FIELD_SIP_RESPONDER_DESCRIPTION";
|
||||||
scan_table_max = PXY_SECURITY_SIP_TO;
|
table_name[PXY_SECURITY_IMSI]="TSG_FILED_GTP_PHONE_NUMBER";
|
||||||
|
table_name[PXY_SECURITY_PHONE_NUMBER]="TSG_FILED_GTP_PHONE_NUMBER";
|
||||||
|
table_name[PXY_SECURITY_APN]="TSG_FILED_GTP_APN";
|
||||||
|
scan_table_max = PXY_SECURITY_APN;
|
||||||
break;
|
break;
|
||||||
case PXY_TABLE_WANNAT:
|
case PXY_TABLE_WANNAT:
|
||||||
table_name[PXY_WANNAT_SOURCE_ADDR]="TSG_SECURITY_SOURCE_ADDR";
|
table_name[PXY_WANNAT_SOURCE_ADDR]="TSG_SECURITY_SOURCE_ADDR";
|
||||||
|
|||||||
@@ -48,3 +48,9 @@
|
|||||||
29 TSG_SECURITY_DESTINATION_LOCATION virtual TSG_OBJ_GEO_LOCATION --
|
29 TSG_SECURITY_DESTINATION_LOCATION virtual TSG_OBJ_GEO_LOCATION --
|
||||||
30 TSG_FIELD_DOH_QNAME virtual ["TSG_OBJ_FQDN","TSG_OBJ_FQDN_CAT"] --
|
30 TSG_FIELD_DOH_QNAME virtual ["TSG_OBJ_FQDN","TSG_OBJ_FQDN_CAT"] --
|
||||||
31 TSG_FIELD_DOH_HOST virtual ["TSG_OBJ_FQDN","TSG_OBJ_FQDN_CAT"] --
|
31 TSG_FIELD_DOH_HOST virtual ["TSG_OBJ_FQDN","TSG_OBJ_FQDN_CAT"] --
|
||||||
|
32 TSG_OBJ_IMSI expr UTF8 UTF8 yes 0
|
||||||
|
33 TSG_OBJ_PHONE_NUMBER expr UTF8 UTF8 yes 0
|
||||||
|
34 TSG_OBJ_APN expr UTF8 UTF8 yes 0
|
||||||
|
35 TSG_FILED_GTP_IMSI virtual TSG_OBJ_IMSI --
|
||||||
|
36 TSG_FILED_GTP_PHONE_NUMBER virtual TSG_OBJ_PHONE_NUMBER --
|
||||||
|
37 TSG_FILED_GTP_APN virtual TSG_OBJ_APN --
|
||||||
|
|||||||
@@ -59,3 +59,9 @@
|
|||||||
47 TSG_FQDN_CATEGORY_USER_DEFINED fqdn_plugin {"row_id":1,"is_suffix_match":4,"fqdn":3,"valid":5} --
|
47 TSG_FQDN_CATEGORY_USER_DEFINED fqdn_plugin {"row_id":1,"is_suffix_match":4,"fqdn":3,"valid":5} --
|
||||||
48 TSG_FIELD_SIP_ORIGINATOR_DESCRIPTION virtual TSG_OBJ_ACCOUNT --
|
48 TSG_FIELD_SIP_ORIGINATOR_DESCRIPTION virtual TSG_OBJ_ACCOUNT --
|
||||||
49 TSG_FIELD_SIP_RESPONDER_DESCRIPTION virtual TSG_OBJ_ACCOUNT --
|
49 TSG_FIELD_SIP_RESPONDER_DESCRIPTION virtual TSG_OBJ_ACCOUNT --
|
||||||
|
50 TSG_OBJ_IMSI expr UTF8 UTF8 yes 0
|
||||||
|
51 TSG_OBJ_PHONE_NUMBER expr UTF8 UTF8 yes 0
|
||||||
|
52 TSG_OBJ_APN expr UTF8 UTF8 yes 0
|
||||||
|
53 TSG_FILED_GTP_IMSI virtual TSG_OBJ_IMSI --
|
||||||
|
54 TSG_FILED_GTP_PHONE_NUMBER virtual TSG_OBJ_PHONE_NUMBER --
|
||||||
|
55 TSG_FILED_GTP_APN virtual TSG_OBJ_APN --
|
||||||
|
|||||||
@@ -1298,6 +1298,9 @@ int proxy_policy_init(struct verify_policy * verify, const char* profile_path)
|
|||||||
table_name[PXY_CTRL_IP_DST_ASN]="TSG_SECURITY_DESTINATION_ASN";
|
table_name[PXY_CTRL_IP_DST_ASN]="TSG_SECURITY_DESTINATION_ASN";
|
||||||
table_name[PXY_CTRL_IP_SRC_LOCATION]="TSG_SECURITY_SOURCE_LOCATION";
|
table_name[PXY_CTRL_IP_SRC_LOCATION]="TSG_SECURITY_SOURCE_LOCATION";
|
||||||
table_name[PXY_CTRL_IP_DST_LOCATION]="TSG_SECURITY_DESTINATION_LOCATION";
|
table_name[PXY_CTRL_IP_DST_LOCATION]="TSG_SECURITY_DESTINATION_LOCATION";
|
||||||
|
table_name[PXY_CTRL_IMSI]="TSG_FILED_GTP_PHONE_NUMBER";
|
||||||
|
table_name[PXY_CTRL_PHONE_NUMBER]="TSG_OBJ_PHONE_NUMBER";
|
||||||
|
table_name[PXY_CTRL_APN]="TSG_FILED_GTP_APN";
|
||||||
for (int i = 0; i < __SCAN_TABLE_MAX; i++)
|
for (int i = 0; i < __SCAN_TABLE_MAX; i++)
|
||||||
{
|
{
|
||||||
g_pangu_rt->scan_table_id[PXY_TABLE_MANIPULATION][i] = Maat_table_register(g_pangu_rt->maat[PXY_TABLE_MANIPULATION], table_name[i]);
|
g_pangu_rt->scan_table_id[PXY_TABLE_MANIPULATION][i] = Maat_table_register(g_pangu_rt->maat[PXY_TABLE_MANIPULATION], table_name[i]);
|
||||||
@@ -1373,6 +1376,9 @@ int security_policy_init(struct verify_policy * verify, const char* profile_path
|
|||||||
table_name[PXY_SECURITY_IP_DST_LOCATION]="TSG_SECURITY_DESTINATION_LOCATION";
|
table_name[PXY_SECURITY_IP_DST_LOCATION]="TSG_SECURITY_DESTINATION_LOCATION";
|
||||||
table_name[PXY_SECURITY_SIP_FROM]="TSG_FIELD_SIP_ORIGINATOR_DESCRIPTION";
|
table_name[PXY_SECURITY_SIP_FROM]="TSG_FIELD_SIP_ORIGINATOR_DESCRIPTION";
|
||||||
table_name[PXY_SECURITY_SIP_TO]="TSG_FIELD_SIP_RESPONDER_DESCRIPTION";
|
table_name[PXY_SECURITY_SIP_TO]="TSG_FIELD_SIP_RESPONDER_DESCRIPTION";
|
||||||
|
table_name[PXY_SECURITY_IMSI]="TSG_FILED_GTP_IMSI";
|
||||||
|
table_name[PXY_SECURITY_PHONE_NUMBER]="TSG_FILED_GTP_PHONE_NUMBER";
|
||||||
|
table_name[PXY_SECURITY_APN]="TSG_FILED_GTP_APN";
|
||||||
|
|
||||||
for (int i = 0; i < __SECURITY_TABLE_MAX; i++)
|
for (int i = 0; i < __SECURITY_TABLE_MAX; i++)
|
||||||
{
|
{
|
||||||
|
|||||||
Reference in New Issue
Block a user