TSG-11996 策略验证支持Tunnel Object

2022-09-22 16:06:33 +08:00
parent 0557db9334
commit 49f0f69c07
4 changed files with 485 additions and 188 deletions
--- a/common/include/verify_policy.h
+++ b/common/include/verify_policy.h
@@ -53,41 +53,42 @@ enum manipulate_sacn_table

 enum security_scan_table
 {
-    PXY_SECURITY_SOURCE_ADDR,
-    PXY_SECURITY_DESTINATION_ADDR,
-	PXY_SECURITY_HTTP_URL,
-	PXY_SECURITY_HTTP_FQDN,
-	PXY_SECURITY_HTTP_REQ_HDR,
-	PXY_SECURITY_HTTP_REQ_BODY,
-	PXY_SECURITY_HTTP_RES_HDR,
-	PXY_SECURITY_HTTP_RES_BODY,
-	PXY_SECURITY_SUBSCRIBE_ID,
-    PXY_SECURITY_APP_ID,
-    PXY_SECURITY_HTTPS_SNI,
-    PXY_SECURITY_HTTPS_CN,
-    PXY_SECURITY_HTTPS_SAN,
-    PXY_SECURITY_DNS_QNAME,
-    PXY_SECURITY_QUIC_SNI,
-    PXY_SECURITY_MAIL_ACCOUNT,
-    PXY_SECURITY_MAIL_FROM,
-    PXY_SECURITY_MAIL_TO,
-    PXY_SECURITY_MAIL_SUBJECT,
-    PXY_SECURITY_MAIL_CONTENT,
-    PXY_SECURITY_MAIL_ATT_NAME,
-    PXY_SECURITY_MAIL_ATT_CONTENT,
-    PXY_SECURITY_FTP_URI,
-    PXY_SECURITY_FTP_CONTENT,
-    PXY_SECURITY_FTP_ACCOUNT,
-    PXY_SECURITY_SIP_FROM,
-    PXY_SECURITY_SIP_TO,
-    PXY_SECURITY_IMSI,
-    PXY_SECURITY_PHONE_NUMBER,
-    PXY_SECURITY_APN,
-    PXY_SECURITY_EXCLUSION_SSL_SNI,
-    PXY_SECURITY_IP_SRC_ASN,
-    PXY_SECURITY_IP_DST_ASN,
-    PXY_SECURITY_IP_SRC_LOCATION,
-    PXY_SECURITY_IP_DST_LOCATION,
+    TSG_SECURITY_SOURCE_ADDR,
+    TSG_SECURITY_DESTINATION_ADDR,
+	TSG_SECURITY_HTTP_URL,
+	TSG_SECURITY_HTTP_FQDN,
+	TSG_SECURITY_HTTP_REQ_HDR,
+	TSG_SECURITY_HTTP_REQ_BODY,
+	TSG_SECURITY_HTTP_RES_HDR,
+	TSG_SECURITY_HTTP_RES_BODY,
+	TSG_SECURITY_SUBSCRIBE_ID,
+    TSG_SECURITY_APP_ID,
+    TSG_SECURITY_HTTPS_SNI,
+    TSG_SECURITY_HTTPS_CN,
+    TSG_SECURITY_HTTPS_SAN,
+    TSG_SECURITY_DNS_QNAME,
+    TSG_SECURITY_QUIC_SNI,
+    TSG_SECURITY_MAIL_ACCOUNT,
+    TSG_SECURITY_MAIL_FROM,
+    TSG_SECURITY_MAIL_TO,
+    TSG_SECURITY_MAIL_SUBJECT,
+    TSG_SECURITY_MAIL_CONTENT,
+    TSG_SECURITY_MAIL_ATT_NAME,
+    TSG_SECURITY_MAIL_ATT_CONTENT,
+    TSG_SECURITY_FTP_URI,
+    TSG_SECURITY_FTP_CONTENT,
+    TSG_SECURITY_FTP_ACCOUNT,
+    TSG_SECURITY_SIP_FROM,
+    TSG_SECURITY_SIP_TO,
+    TSG_SECURITY_IMSI,
+    TSG_SECURITY_PHONE_NUMBER,
+    TSG_SECURITY_APN,
+    TSG_SECURITY_TUNNEL,
+    TSG_SECURITY_EXCLUSION_SSL_SNI,
+    TSG_SECURITY_IP_SRC_ASN,
+    TSG_SECURITY_IP_DST_ASN,
+    TSG_SECURITY_IP_SRC_LOCATION,
+    TSG_SECURITY_IP_DST_LOCATION,
 	__SECURITY_TABLE_MAX
 };

@@ -144,6 +145,7 @@ struct verify_policy_query_obj
 	char *attri_name;

 	struct ipaddr *ip_addr;
+    struct ipaddr *endpoint;

 	char *subscriberid;