gfwleak/tango-verify-policy
Archived
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

TSG-21927 策略验证支持Library扫描

Browse Source
This commit is contained in:
fengweihao
2024-07-25 15:29:45 +08:00
parent 5b25651ff6
commit 60cd4283db
7 changed files with 837 additions and 1447 deletions
Download Patch File Download Diff File Expand all files Collapse all files

339
resource/table_info.conf
View File

@@ -552,18 +552,6 @@
},
{
"table_id":42,
"table_name":"TSG_OBJ_FQDN_CAT",
"table_type":"interval",
"valid_column":5,
"custom": {
"item_id":1,
"group_id":2,
"low_boundary":3,
"up_boundary":4
}
},
{
"table_id":43,
"table_name":"TSG_OBJ_KEYWORDS",
"table_type":"expr",
"valid_column":7,
@@ -577,7 +565,7 @@
}
},
{
"table_id":44,
"table_id":43,
"table_name":"TSG_OBJ_HTTP_SIGNATURE",
"table_type":"expr_plus",
"valid_column":8,
@@ -592,315 +580,139 @@
}
},
{
"table_id":45,
"table_id":44,
"table_name":"ATTR_HTTP_URL",
"table_type":"virtual",
"physical_table": "TSG_OBJ_URL"
},
{
"table_id":46,
"table_id":45,
"table_name":"ATTR_HTTP_REQ_HDR",
"table_type":"virtual",
"physical_table": "TSG_OBJ_HTTP_SIGNATURE"
},
{
"table_id":47,
"table_id":46,
"table_name":"ATTR_HTTP_RES_HDR",
"table_type":"virtual",
"physical_table": "TSG_OBJ_HTTP_SIGNATURE"
},
{
"table_id":48,
"table_id":47,
"table_name":"ATTR_HTTP_REQ_BODY",
"table_type":"virtual",
"physical_table": "TSG_OBJ_KEYWORDS"
},
{
"table_id":49,
"table_id":48,
"table_name":"ATTR_HTTP_RES_BODY",
"table_type":"virtual",
"physical_table": "TSG_OBJ_KEYWORDS"
},
{
"table_id":50,
"table_id":49,
"table_name":"ATTR_SSL_CN",
"table_type":"virtual",
"physical_table": "TSG_OBJ_FQDN"
},
{
"table_id":51,
"table_name":"ATTR_SSL_CN_CAT",
"table_type":"virtual",
"physical_table": "TSG_OBJ_FQDN_CAT"
},
{
"table_id":52,
"table_id":50,
"table_name":"ATTR_SSL_SAN",
"table_type":"virtual",
"physical_table": "TSG_OBJ_FQDN"
},
{
"table_id":53,
"table_name":"ATTR_SSL_SAN_CAT",
"table_type":"virtual",
"physical_table":"TSG_OBJ_FQDN_CAT"
},
{
"table_id":54,
"table_id":51,
"table_name":"ATTR_DNS_QNAME",
"table_type":"virtual",
"physical_table": "TSG_OBJ_FQDN"
},
{
"table_id":55,
"table_id":52,
"table_name":"ATTR_MAIL_ACCOUNT",
"table_type":"virtual",
"physical_table": "TSG_OBJ_ACCOUNT"
},
{
"table_id":56,
"table_id":53,
"table_name":"ATTR_MAIL_FROM",
"table_type":"virtual",
"physical_table": "TSG_OBJ_ACCOUNT"
},
{
"table_id":57,
"table_id":54,
"table_name":"ATTR_MAIL_TO",
"table_type":"virtual",
"physical_table": "TSG_OBJ_ACCOUNT"
},
{
"table_id":58,
"table_id":55,
"table_name":"ATTR_MAIL_SUBJECT",
"table_type":"virtual",
"physical_table": "TSG_OBJ_KEYWORDS"
},
{
"table_id":59,
"table_id":56,
"table_name":"ATTR_MAIL_CONTENT",
"table_type":"virtual",
"physical_table": "TSG_OBJ_KEYWORDS"
},
{
"table_id":60,
"table_id":57,
"table_name":"ATTR_MAIL_ATT_NAME",
"table_type":"virtual",
"physical_table": "TSG_OBJ_KEYWORDS"
},
{
"table_id":61,
"table_id":58,
"table_name":"ATTR_MAIL_ATT_CONTENT",
"table_type":"virtual",
"physical_table": "TSG_OBJ_KEYWORDS"
},
{
"table_id":62,
"table_id":59,
"table_name":"ATTR_FTP_URI",
"table_type":"virtual",
"physical_table": "TSG_OBJ_URL"
},
{
"table_id":63,
"table_id":60,
"table_name":"ATTR_FTP_CONTENT",
"table_type":"virtual",
"physical_table": "TSG_OBJ_KEYWORDS"
},
{
"table_id":64,
"table_id":61,
"table_name":"ATTR_FTP_ACCOUNT",
"table_type":"virtual",
"physical_table": "TSG_OBJ_ACCOUNT"
},
{
"table_id":65,
"table_id":62,
"table_name":"ATTR_SOURCE_IP",
"table_type":"virtual",
"physical_table": "TSG_OBJ_IP"
},
{
"table_id":66,
"table_id":63,
"table_name":"ATTR_DESTINATION_IP",
"table_type":"virtual",
"physical_table": "TSG_OBJ_IP"
},
{
"table_id":67,
"table_name":"TSG_OBJ_IP_ASN_BUILT_IN",
"table_type":"ip_plugin",
"valid_column":9,
"custom": {
"item_id":1,
"group_id":2,
"ip_type":3,
"addr_format":4,
"start_ip":5,
"end_ip":6
}
},
{
"table_id":68,
"table_name":"TSG_OBJ_IP_ASN_USER_DEFINED",
"table_type":"ip_plugin",
"valid_column":9,
"custom": {
"item_id":1,
"group_id":2,
"ip_type":3,
"addr_format":4,
"start_ip":5,
"end_ip":6
}
},
{
"table_id":69,
"table_name":"TSG_IP_LOCATION_BUILT_IN",
"table_type":"ip_plugin",
"valid_column":24,
"custom": {
"item_id":1,
"ip_type":7,
"start_ip":9,
"end_ip":10,
"addr_format":8
}
},
{
"table_id":70,
"table_name":"TSG_IP_LOCATION_USER_DEFINED",
"table_type":"ip_plugin",
"valid_column":24,
"custom": {
"item_id":1,
"ip_type":7,
"start_ip":9,
"end_ip":10,
"addr_format":8
}
},
{
"table_id":71,
"table_name":"TSG_OBJ_AS_NUMBER",
"table_type":"expr",
"valid_column":7,
"custom": {
"item_id":1,
"group_id":2,
"keywords":3,
"expr_type":4,
"match_method":5,
"is_hexbin":6
}
},
{
"table_id":72,
"table_name":"ATTR_SOURCE_ASN",
"table_type":"virtual",
"physical_table": "TSG_OBJ_AS_NUMBER"
},
{
"table_id":73,
"table_name":"ATTR_DESTINATION_ASN",
"table_type":"virtual",
"physical_table": "TSG_OBJ_AS_NUMBER"
},
{
"table_id":74,
"table_name":"TSG_OBJ_GEO_LOCATION",
"table_type":"expr",
"valid_column":7,
"custom": {
"item_id":1,
"group_id":2,
"keywords":3,
"expr_type":4,
"match_method":5,
"is_hexbin":6
}
},
{
"table_id":75,
"table_name":"ATTR_SOURCE_GEO_COUNTRY",
"table_type":"virtual",
"physical_table": "TSG_OBJ_GEO_LOCATION"
},
{
"table_id":76,
"table_name":"ATTR_SOURCE_GEO_SUPER_ADMINISTRATIVE_AREA",
"table_type":"virtual",
"physical_table": "TSG_OBJ_GEO_LOCATION"
},
{
"table_id":77,
"table_name":"ATTR_SOURCE_GEO_ADMINISTRATIVE_AREA",
"table_type":"virtual",
"physical_table": "TSG_OBJ_GEO_LOCATION"
},
{
"table_id":78,
"table_name":"ATTR_SOURCE_GEO_SUB_ADMINISTRATIVE_AREA",
"table_type":"virtual",
"physical_table": "TSG_OBJ_GEO_LOCATION"
},
{
"table_id":79,
"table_name":"ATTR_DESTINATION_GEO_COUNTRY",
"table_type":"virtual",
"physical_table": "TSG_OBJ_GEO_LOCATION"
},
{
"table_id":80,
"table_name":"ATTR_DESTINATION_GEO_SUPER_ADMINISTRATIVE_AREA",
"table_type":"virtual",
"physical_table": "TSG_OBJ_GEO_LOCATION"
},
{
"table_id":81,
"table_name":"ATTR_DESTINATION_GEO_ADMINISTRATIVE_AREA",
"table_type":"virtual",
"physical_table": "TSG_OBJ_GEO_LOCATION"
},
{
"table_id":82,
"table_name":"ATTR_DESTINATION_GEO_SUB_ADMINISTRATIVE_AREA",
"table_type":"virtual",
"physical_table": "TSG_OBJ_GEO_LOCATION"
},
{
"table_id":83,
"table_name":"TSG_FQDN_CATEGORY_BUILT_IN",
"table_type":"fqdn_plugin",
"valid_column":6,
"custom": {
"item_id":1,
"suffix_match_method":4,
"fqdn":3
}
},
{
"table_id":84,
"table_name":"TSG_FQDN_CATEGORY_USER_DEFINED",
"table_type":"fqdn_plugin",
"valid_column":6,
"custom": {
"item_id":1,
"suffix_match_method":4,
"fqdn":3
}
},
{
"table_id":85,
"table_id":64,
"table_name":"ATTR_SIP_ORIGINATOR_DESCRIPTION",
"table_type":"virtual",
"physical_table": "TSG_OBJ_ACCOUNT"
},
{
"table_id":86,
"table_id":65,
"table_name":"ATTR_SIP_RESPONDER_DESCRIPTION",
"table_type":"virtual",
"physical_table": "TSG_OBJ_ACCOUNT"
},
{
"table_id":87,
"table_id":66,
"table_name":"TSG_OBJ_IMSI",
"table_type":"expr",
"valid_column":7,
@@ -914,7 +726,7 @@
}
},
{
"table_id":88,
"table_id":67,
"table_name":"TSG_OBJ_PHONE_NUMBER",
"table_type":"expr",
"valid_column":7,
@@ -928,7 +740,7 @@
}
},
{
"table_id":89,
"table_id":68,
"table_name":"TSG_OBJ_APN",
"table_type":"expr",
"valid_column":7,
@@ -942,25 +754,25 @@
}
},
{
"table_id":90,
"table_id":69,
"table_name":"ATTR_GTP_IMSI",
"table_type":"virtual",
"physical_table": "TSG_OBJ_IMSI"
},
{
"table_id":91,
"table_id":70,
"table_name":"ATTR_GTP_PHONE_NUMBER",
"table_type":"virtual",
"physical_table": "TSG_OBJ_PHONE_NUMBER"
},
{
"table_id":92,
"table_id":71,
"table_name":"ATTR_GTP_APN",
"table_type":"virtual",
"physical_table": "TSG_OBJ_APN"
},
{
"table_id":93,
"table_id":72,
"table_name":"TSG_TUNNEL_CATALOG",
"table_type":"bool_plugin",
"valid_column":6,
@@ -970,7 +782,7 @@
}
},
{
"table_id":94,
"table_id":73,
"table_name":"TSG_TUNNEL_ENDPOINT",
"table_type":"ip_plugin",
"valid_column":6,
@@ -982,7 +794,7 @@
}
},
{
"table_id":95,
"table_id":74,
"table_name":"TSG_TUNNEL_LABEL",
"table_type":"plugin",
"valid_column":4,
@@ -993,13 +805,13 @@
}
},
{
"table_id":96,
"table_id":75,
"table_name":"ATTR_TUNNEL",
"table_type":"virtual",
"physical_table": "TSG_TUNNEL_CATALOG"
},
{
"table_id":97,
"table_id":76,
"table_name":"TSG_OBJ_FLAG",
"table_type":"flag",
"valid_column":5,
@@ -1011,19 +823,19 @@
}
},
{
"table_id":98,
"table_id":77,
"table_name":"ATTR_FLAG",
"table_type":"virtual",
"physical_table": "TSG_OBJ_FLAG"
},
{
"table_id":99,
"table_id":78,
"table_name":"ATTR_DOH_QNAME",
"table_type":"virtual",
"physical_table": "TSG_OBJ_FQDN"
},
{
"table_id":100,
"table_id":79,
"table_name":"TSG_OBJ_IMEI",
"table_type":"expr",
"valid_column":7,
@@ -1037,13 +849,13 @@
}
},
{
"table_id":101,
"table_id":80,
"table_name":"ATTR_GTP_IMEI",
"table_type":"virtual",
"physical_table": "TSG_OBJ_IMEI"
},
{
"table_id":102,
"table_id":81,
"table_name": "APP_ID_DICT",
"table_type": "plugin",
"valid_column": 19,
@@ -1054,43 +866,37 @@
}
},
{
"table_id":103,
"table_id":82,
"table_name":"ATTR_SUBSCRIBER_ID",
"table_type":"virtual",
"physical_table": "TSG_OBJ_SUBSCRIBER_ID"
},
{
"table_id":104,
"table_id":83,
"table_name":"ATTR_APP_ID",
"table_type":"virtual",
"physical_table": "APP_ID_DICT"
},
{
"table_id":105,
"table_id":84,
"table_name": "ATTR_SERVER_FQDN",
"table_type": "virtual",
"physical_table": "TSG_OBJ_FQDN"
},
{
"table_id":106,
"table_name": "ATTR_SERVER_FQDN_CAT",
"table_type": "virtual",
"physical_table": "TSG_OBJ_FQDN_CAT"
},
{
"table_id":107,
"table_id":85,
"table_name":"ATTR_INTERNAL_IP",
"table_type":"virtual",
"physical_table": "TSG_OBJ_IP"
},
{
"table_id":108,
"table_id":86,
"table_name":"ATTR_EXTERNAL_IP",
"table_type":"virtual",
"physical_table": "TSG_OBJ_IP"
},
{
"table_id":109,
"table_id":87,
"table_name": "TSG_IP_PROTOCOL",
"table_type": "plugin",
"valid_column": 4,
@@ -1101,7 +907,7 @@
}
},
{
"table_id":110,
"table_id":88,
"table_name":"TSG_OBJ_PORT",
"table_type":"interval",
"valid_column":5,
@@ -1113,91 +919,90 @@
}
},
{
"table_id":111,
"table_id":89,
"table_name": "ATTR_SOURCE_PORT",
"table_type": "virtual",
"physical_table": "TSG_OBJ_PORT"
},
{
"table_id":112,
"table_id":90,
"table_name": "ATTR_DESTINATION_PORT",
"table_type": "virtual",
"physical_table": "TSG_OBJ_PORT"
},
{
"table_id":113,
"table_id":91,
"table_name": "ATTR_INTERNAL_PORT",
"table_type": "virtual",
"physical_table": "TSG_OBJ_PORT"
},
{
"table_id":114,
"table_id":92,
"table_name": "ATTR_EXTERNAL_PORT",
"table_type": "virtual",
"physical_table": "TSG_OBJ_PORT"
},
{
"table_id":115,
"table_id":93,
"table_name": "ATTR_IP_PROTOCOL",
"table_type": "virtual",
"physical_table": "TSG_IP_PROTOCOL"
},
{
"table_id":116,
"table_id":94,
"table_name": "ATTR_SSL_ECH",
"table_type": "virtual",
"physical_table": "TSG_OBJ_FQDN"
},
{
"table_id":117,
"table_id":95,
"table_name": "ATTR_SSL_ESNI",
"table_type": "virtual",
"physical_table": "TSG_OBJ_FQDN"
},
{
"table_id":118,
"table_id":96,
"table_name": "ATTR_SSL_NO_SNI",
"table_type": "virtual",
"physical_table": "TSG_OBJ_FQDN"
},
{
"table_id":119,
"table_id":97,
"table_name":"ATTR_TUNNEL_LEVEL",
"table_type":"virtual",
"physical_table": "TSG_TUNNEL_CATALOG"
},
{
"table_id":120,
"table_name":"ATTR_INTERNAL_ASN",
"table_type":"virtual",
"physical_table": "TSG_OBJ_AS_NUMBER"
},
{
"table_id":121,
"table_name":"ATTR_EXTERNAL_ASN",
"table_type":"virtual",
"physical_table": "TSG_OBJ_AS_NUMBER"
},
{
"table_id":122,
"table_id":98,
"table_name":"ATTR_TUNNEL_GTP_ENDPOINT",
"table_type":"virtual",
"physical_table": "TSG_OBJ_IP"
},
{
"table_id":123,
"table_id":99,
"table_name":"ATTR_TUNNEL_GRE_ENDPOINT",
"table_type":"virtual",
"physical_table": "TSG_OBJ_IP"
},
{
"table_id":124,
"table_id":100,
"table_name":"ATTR_TUNNEL_IP_IN_IP_ENDPOINT",
"table_type":"virtual",
"physical_table": "TSG_OBJ_IP"
},
{
"table_id":125,
"table_id": 101,
"table_name": "LIBRARY_TAG",
"table_type": "plugin",
"valid_column": 6,
"custom": {
"key": 1,
"key_type": "integer",
"key_len": 8
}
},
{
"table_id":102,
"table_name":"FQDN_ENTRY",
"table_type":"fqdn_plugin",
"valid_column":5,
@@ -1208,10 +1013,10 @@
}
},
{
"table_id":126,
"table_id":103,
"table_name":"IP_ADDR_ENTRY",
"table_type":"ip_plugin",
"valid_column":8,
"valid_column":7,
"custom": {
"item_id":1,
"ip_type":3,

263
resource/table_info_simple.conf
View File

@@ -552,18 +552,6 @@
},
{
"table_id":42,
"table_name":"TSG_OBJ_FQDN_CAT",
"table_type":"interval",
"valid_column":5,
"custom": {
"item_id":1,
"group_id":2,
"low_boundary":3,
"up_boundary":4
}
},
{
"table_id":43,
"table_name":"TSG_OBJ_KEYWORDS",
"table_type":"expr",
"valid_column":7,
@@ -577,7 +565,7 @@
}
},
{
"table_id":44,
"table_id":43,
"table_name":"TSG_OBJ_HTTP_SIGNATURE",
"table_type":"expr_plus",
"valid_column":8,
@@ -592,239 +580,139 @@
}
},
{
"table_id":45,
"table_id":44,
"table_name":"ATTR_HTTP_URL",
"table_type":"virtual",
"physical_table": "TSG_OBJ_URL"
},
{
"table_id":46,
"table_id":45,
"table_name":"ATTR_HTTP_REQ_HDR",
"table_type":"virtual",
"physical_table": "TSG_OBJ_HTTP_SIGNATURE"
},
{
"table_id":47,
"table_id":46,
"table_name":"ATTR_HTTP_RES_HDR",
"table_type":"virtual",
"physical_table": "TSG_OBJ_HTTP_SIGNATURE"
},
{
"table_id":48,
"table_id":47,
"table_name":"ATTR_HTTP_REQ_BODY",
"table_type":"virtual",
"physical_table": "TSG_OBJ_KEYWORDS"
},
{
"table_id":49,
"table_id":48,
"table_name":"ATTR_HTTP_RES_BODY",
"table_type":"virtual",
"physical_table": "TSG_OBJ_KEYWORDS"
},
{
"table_id":50,
"table_id":49,
"table_name":"ATTR_SSL_CN",
"table_type":"virtual",
"physical_table": "TSG_OBJ_FQDN"
},
{
"table_id":51,
"table_name":"ATTR_SSL_CN_CAT",
"table_type":"virtual",
"physical_table": "TSG_OBJ_FQDN_CAT"
},
{
"table_id":52,
"table_id":50,
"table_name":"ATTR_SSL_SAN",
"table_type":"virtual",
"physical_table": "TSG_OBJ_FQDN"
},
{
"table_id":53,
"table_name":"ATTR_SSL_SAN_CAT",
"table_type":"virtual",
"physical_table":"TSG_OBJ_FQDN_CAT"
},
{
"table_id":54,
"table_id":51,
"table_name":"ATTR_DNS_QNAME",
"table_type":"virtual",
"physical_table": "TSG_OBJ_FQDN"
},
{
"table_id":55,
"table_id":52,
"table_name":"ATTR_MAIL_ACCOUNT",
"table_type":"virtual",
"physical_table": "TSG_OBJ_ACCOUNT"
},
{
"table_id":56,
"table_id":53,
"table_name":"ATTR_MAIL_FROM",
"table_type":"virtual",
"physical_table": "TSG_OBJ_ACCOUNT"
},
{
"table_id":57,
"table_id":54,
"table_name":"ATTR_MAIL_TO",
"table_type":"virtual",
"physical_table": "TSG_OBJ_ACCOUNT"
},
{
"table_id":58,
"table_id":55,
"table_name":"ATTR_MAIL_SUBJECT",
"table_type":"virtual",
"physical_table": "TSG_OBJ_KEYWORDS"
},
{
"table_id":59,
"table_id":56,
"table_name":"ATTR_MAIL_CONTENT",
"table_type":"virtual",
"physical_table": "TSG_OBJ_KEYWORDS"
},
{
"table_id":60,
"table_id":57,
"table_name":"ATTR_MAIL_ATT_NAME",
"table_type":"virtual",
"physical_table": "TSG_OBJ_KEYWORDS"
},
{
"table_id":61,
"table_id":58,
"table_name":"ATTR_MAIL_ATT_CONTENT",
"table_type":"virtual",
"physical_table": "TSG_OBJ_KEYWORDS"
},
{
"table_id":62,
"table_id":59,
"table_name":"ATTR_FTP_URI",
"table_type":"virtual",
"physical_table": "TSG_OBJ_URL"
},
{
"table_id":63,
"table_id":60,
"table_name":"ATTR_FTP_CONTENT",
"table_type":"virtual",
"physical_table": "TSG_OBJ_KEYWORDS"
},
{
"table_id":64,
"table_id":61,
"table_name":"ATTR_FTP_ACCOUNT",
"table_type":"virtual",
"physical_table": "TSG_OBJ_ACCOUNT"
},
{
"table_id":65,
"table_id":62,
"table_name":"ATTR_SOURCE_IP",
"table_type":"virtual",
"physical_table": "TSG_OBJ_IP"
},
{
"table_id":66,
"table_id":63,
"table_name":"ATTR_DESTINATION_IP",
"table_type":"virtual",
"physical_table": "TSG_OBJ_IP"
},
{
"table_id":67,
"table_name":"TSG_OBJ_AS_NUMBER",
"table_type":"expr",
"valid_column":7,
"custom": {
"item_id":1,
"group_id":2,
"keywords":3,
"expr_type":4,
"match_method":5,
"is_hexbin":6
}
},
{
"table_id":72,
"table_name":"ATTR_SOURCE_ASN",
"table_type":"virtual",
"physical_table": "TSG_OBJ_AS_NUMBER"
},
{
"table_id":73,
"table_name":"ATTR_DESTINATION_ASN",
"table_type":"virtual",
"physical_table": "TSG_OBJ_AS_NUMBER"
},
{
"table_id":74,
"table_name":"TSG_OBJ_GEO_LOCATION",
"table_type":"expr",
"valid_column":7,
"custom": {
"item_id":1,
"group_id":2,
"keywords":3,
"expr_type":4,
"match_method":5,
"is_hexbin":6
}
},
{
"table_id":75,
"table_name":"ATTR_SOURCE_GEO_COUNTRY",
"table_type":"virtual",
"physical_table": "TSG_OBJ_GEO_LOCATION"
},
{
"table_id":76,
"table_name":"ATTR_SOURCE_GEO_SUPER_ADMINISTRATIVE_AREA",
"table_type":"virtual",
"physical_table": "TSG_OBJ_GEO_LOCATION"
},
{
"table_id":77,
"table_name":"ATTR_SOURCE_GEO_ADMINISTRATIVE_AREA",
"table_type":"virtual",
"physical_table": "TSG_OBJ_GEO_LOCATION"
},
{
"table_id":78,
"table_name":"ATTR_SOURCE_GEO_SUB_ADMINISTRATIVE_AREA",
"table_type":"virtual",
"physical_table": "TSG_OBJ_GEO_LOCATION"
},
{
"table_id":79,
"table_name":"ATTR_DESTINATION_GEO_COUNTRY",
"table_type":"virtual",
"physical_table": "TSG_OBJ_GEO_LOCATION"
},
{
"table_id":80,
"table_name":"ATTR_DESTINATION_GEO_SUPER_ADMINISTRATIVE_AREA",
"table_type":"virtual",
"physical_table": "TSG_OBJ_GEO_LOCATION"
},
{
"table_id":81,
"table_name":"ATTR_DESTINATION_GEO_ADMINISTRATIVE_AREA",
"table_type":"virtual",
"physical_table": "TSG_OBJ_GEO_LOCATION"
},
{
"table_id":82,
"table_name":"ATTR_DESTINATION_GEO_SUB_ADMINISTRATIVE_AREA",
"table_type":"virtual",
"physical_table": "TSG_OBJ_GEO_LOCATION"
},
{
"table_id":85,
"table_id":64,
"table_name":"ATTR_SIP_ORIGINATOR_DESCRIPTION",
"table_type":"virtual",
"physical_table": "TSG_OBJ_ACCOUNT"
},
{
"table_id":86,
"table_id":65,
"table_name":"ATTR_SIP_RESPONDER_DESCRIPTION",
"table_type":"virtual",
"physical_table": "TSG_OBJ_ACCOUNT"
},
{
"table_id":87,
"table_id":66,
"table_name":"TSG_OBJ_IMSI",
"table_type":"expr",
"valid_column":7,
@@ -838,7 +726,7 @@
}
},
{
"table_id":88,
"table_id":67,
"table_name":"TSG_OBJ_PHONE_NUMBER",
"table_type":"expr",
"valid_column":7,
@@ -852,7 +740,7 @@
}
},
{
"table_id":89,
"table_id":68,
"table_name":"TSG_OBJ_APN",
"table_type":"expr",
"valid_column":7,
@@ -866,25 +754,25 @@
}
},
{
"table_id":90,
"table_id":69,
"table_name":"ATTR_GTP_IMSI",
"table_type":"virtual",
"physical_table": "TSG_OBJ_IMSI"
},
{
"table_id":91,
"table_id":70,
"table_name":"ATTR_GTP_PHONE_NUMBER",
"table_type":"virtual",
"physical_table": "TSG_OBJ_PHONE_NUMBER"
},
{
"table_id":92,
"table_id":71,
"table_name":"ATTR_GTP_APN",
"table_type":"virtual",
"physical_table": "TSG_OBJ_APN"
},
{
"table_id":93,
"table_id":72,
"table_name":"TSG_TUNNEL_CATALOG",
"table_type":"bool_plugin",
"valid_column":6,
@@ -894,7 +782,7 @@
}
},
{
"table_id":94,
"table_id":73,
"table_name":"TSG_TUNNEL_ENDPOINT",
"table_type":"ip_plugin",
"valid_column":6,
@@ -906,7 +794,7 @@
}
},
{
"table_id":95,
"table_id":74,
"table_name":"TSG_TUNNEL_LABEL",
"table_type":"plugin",
"valid_column":4,
@@ -917,13 +805,13 @@
}
},
{
"table_id":96,
"table_id":75,
"table_name":"ATTR_TUNNEL",
"table_type":"virtual",
"physical_table": "TSG_TUNNEL_CATALOG"
},
{
"table_id":97,
"table_id":76,
"table_name":"TSG_OBJ_FLAG",
"table_type":"flag",
"valid_column":5,
@@ -935,19 +823,19 @@
}
},
{
"table_id":98,
"table_id":77,
"table_name":"ATTR_FLAG",
"table_type":"virtual",
"physical_table": "TSG_OBJ_FLAG"
},
{
"table_id":99,
"table_id":78,
"table_name":"ATTR_DOH_QNAME",
"table_type":"virtual",
"physical_table": "TSG_OBJ_FQDN"
},
{
"table_id":100,
"table_id":79,
"table_name":"TSG_OBJ_IMEI",
"table_type":"expr",
"valid_column":7,
@@ -961,13 +849,13 @@
}
},
{
"table_id":101,
"table_id":80,
"table_name":"ATTR_GTP_IMEI",
"table_type":"virtual",
"physical_table": "TSG_OBJ_IMEI"
},
{
"table_id":102,
"table_id":81,
"table_name": "APP_ID_DICT",
"table_type": "plugin",
"valid_column": 19,
@@ -978,43 +866,37 @@
}
},
{
"table_id":103,
"table_id":82,
"table_name":"ATTR_SUBSCRIBER_ID",
"table_type":"virtual",
"physical_table": "TSG_OBJ_SUBSCRIBER_ID"
},
{
"table_id":104,
"table_id":83,
"table_name":"ATTR_APP_ID",
"table_type":"virtual",
"physical_table": "APP_ID_DICT"
},
{
"table_id":105,
"table_id":84,
"table_name": "ATTR_SERVER_FQDN",
"table_type": "virtual",
"physical_table": "TSG_OBJ_FQDN"
},
{
"table_id":106,
"table_name": "ATTR_SERVER_FQDN_CAT",
"table_type": "virtual",
"physical_table": "TSG_OBJ_FQDN_CAT"
},
{
"table_id":107,
"table_id":85,
"table_name":"ATTR_INTERNAL_IP",
"table_type":"virtual",
"physical_table": "TSG_OBJ_IP"
},
{
"table_id":108,
"table_id":86,
"table_name":"ATTR_EXTERNAL_IP",
"table_type":"virtual",
"physical_table": "TSG_OBJ_IP"
},
{
"table_id":109,
"table_id":87,
"table_name": "TSG_IP_PROTOCOL",
"table_type": "plugin",
"valid_column": 4,
@@ -1025,7 +907,7 @@
}
},
{
"table_id":110,
"table_id":88,
"table_name":"TSG_OBJ_PORT",
"table_type":"interval",
"valid_column":5,
@@ -1037,91 +919,90 @@
}
},
{
"table_id":111,
"table_id":89,
"table_name": "ATTR_SOURCE_PORT",
"table_type": "virtual",
"physical_table": "TSG_OBJ_PORT"
},
{
"table_id":112,
"table_id":90,
"table_name": "ATTR_DESTINATION_PORT",
"table_type": "virtual",
"physical_table": "TSG_OBJ_PORT"
},
{
"table_id":113,
"table_id":91,
"table_name": "ATTR_INTERNAL_PORT",
"table_type": "virtual",
"physical_table": "TSG_OBJ_PORT"
},
{
"table_id":114,
"table_id":92,
"table_name": "ATTR_EXTERNAL_PORT",
"table_type": "virtual",
"physical_table": "TSG_OBJ_PORT"
},
{
"table_id":115,
"table_id":93,
"table_name": "ATTR_IP_PROTOCOL",
"table_type": "virtual",
"physical_table": "TSG_IP_PROTOCOL"
},
{
"table_id":116,
"table_id":94,
"table_name": "ATTR_SSL_ECH",
"table_type": "virtual",
"physical_table": "TSG_OBJ_FQDN"
},
{
"table_id":117,
"table_id":95,
"table_name": "ATTR_SSL_ESNI",
"table_type": "virtual",
"physical_table": "TSG_OBJ_FQDN"
},
{
"table_id":118,
"table_id":96,
"table_name": "ATTR_SSL_NO_SNI",
"table_type": "virtual",
"physical_table": "TSG_OBJ_FQDN"
},
{
"table_id":119,
"table_id":97,
"table_name":"ATTR_TUNNEL_LEVEL",
"table_type":"virtual",
"physical_table": "TSG_TUNNEL_CATALOG"
},
{
"table_id":120,
"table_name":"ATTR_INTERNAL_ASN",
"table_type":"virtual",
"physical_table": "TSG_OBJ_AS_NUMBER"
},
{
"table_id":121,
"table_name":"ATTR_EXTERNAL_ASN",
"table_type":"virtual",
"physical_table": "TSG_OBJ_AS_NUMBER"
},
{
"table_id":122,
"table_id":98,
"table_name":"ATTR_TUNNEL_GTP_ENDPOINT",
"table_type":"virtual",
"physical_table": "TSG_OBJ_IP"
},
{
"table_id":123,
"table_id":99,
"table_name":"ATTR_TUNNEL_GRE_ENDPOINT",
"table_type":"virtual",
"physical_table": "TSG_OBJ_IP"
},
{
"table_id":124,
"table_id":100,
"table_name":"ATTR_TUNNEL_IP_IN_IP_ENDPOINT",
"table_type":"virtual",
"physical_table": "TSG_OBJ_IP"
},
{
"table_id":125,
"table_id": 101,
"table_name": "LIBRARY_TAG",
"table_type": "plugin",
"valid_column": 6,
"custom": {
"key": 1,
"key_type": "integer",
"key_len": 8
}
},
{
"table_id":102,
"table_name":"FQDN_ENTRY",
"table_type":"fqdn_plugin",
"valid_column":5,
@@ -1132,10 +1013,10 @@
}
},
{
"table_id":126,
"table_id":103,
"table_name":"IP_ADDR_ENTRY",
"table_type":"ip_plugin",
"valid_column":8,
"valid_column":7,
"custom": {
"item_id":1,
"ip_type":3,

225
resource/verify-policy.json
View File

@@ -31,34 +31,48 @@
}
}
]
},
{
"virtual_table":"ATTR_SERVER_FQDN",
"group_name":"http_fqdn",
"group_id":1011,
"not_flag":0,
"regions": [
{
"table_name": "TSG_OBJ_FQDN",
"table_type": "expr",
"table_content": {
"keywords": "baidu.com",
"expr_type": "regex",
"match_method": "sub",
"format": "uncase plain"
}
}
]
},
{
"virtual_table":"ATTR_SSL_SAN",
"group_name":"ssl_san",
"group_id":11011,
"not_flag":0,
"regions": [
{
"table_name": "TSG_OBJ_FQDN",
"table_type": "expr",
"table_content": {
"keywords": "baidu.com",
"expr_type": "regex",
"match_method": "sub",
"format": "uncase plain"
}
}
]
},
{
"virtual_table":"ATTR_APP_ID",
"group_name":"app_id",
"group_id":201,
"not_flag":0
},
{
"not_flag": 0,
"group_id": 301,
"group_name":"ipv4_addr",
"virtual_table": "ATTR_SOURCE_IP",
"regions": [
{
"table_type": "ip",
"table_name": "TSG_IP_ADDR",
"table_content": {
"addr_type": "ipv4",
"addr_format": "range",
"ip1": "192.168.55.4",
"ip2": "192.168.55.4",
"port_format": "range",
"port1": "80",
"port2": "80",
"protocol": -1
}
}
]
}
]
},
@@ -74,8 +88,132 @@
"is_valid": "yes",
"groups": [
{
"group_name":"http_url",
"virtual_table":"ATTR_HTTP_URL"
"group_name":"http_fqdn",
"virtual_table":"ATTR_SERVER_FQDN"
},
{
"group_name":"ssl_san",
"virtual_table":"ATTR_SSL_SAN"
},
{
"not_flag": 0,
"group_id": 604,
"group_name":"IPv4TCPSoureServiceChaining604",
"virtual_table": "ATTR_SOURCE_IP",
"regions": [
{
"table_type": "ip",
"table_name": "TSG_OBJ_IP_ADDR",
"table_content": {
"addr_type": "ipv4",
"addr_format": "range",
"ip1": "192.168.55.4",
"ip2": "192.168.55.4"
}
}
]
},
{
"group_id": 9,
"group_name": "ip.source.ip12",
"virtual_table": "ATTR_SOURCE_IP"
},
{
"group_id": 10,
"group_name": "ip.source.ip13",
"virtual_table": "ATTR_DESTINATION_IP"
},
{
"group_id": 6,
"group_name": "host.fqdn6",
"virtual_table": "ATTR_SERVER_FQDN"
},
{
"group_id": 9,
"group_name": "ip.source.ip14",
"virtual_table": "ATTR_INTERNAL_IP"
},
{
"group_id": 10,
"group_name": "ip.source.ip15",
"virtual_table": "ATTR_EXTERNAL_IP"
}
]
},
{
"compile_id": 11022,
"service": 1,
"action": 48,
"do_blacklist": 1,
"do_log": 1,
"effective_range": 0,
"tags":"{\"tag_sets\":[[{\"tag\":\"device_id\",\"value\":[\"device_3\",\"device_4\"]}]]}",
"user_region": "{\"protocol\":\"http\",\"method\":\"redirect\",\"code\":302,\"to\":\"https://www.jd.com\"}",
"is_valid": "no",
"groups": [
{
"not_flag": 0,
"group_id": 704,
"group_name":"IPv4TCPSoureServiceChaining604",
"virtual_table": "ATTR_SOURCE_IP",
"regions": [
{
"table_type": "ip",
"table_name": "TSG_OBJ_IP_ADDR",
"table_content": {
"addr_type": "ipv4",
"addr_format": "range",
"ip1": "192.168.55.7",
"ip2": "192.168.55.7"
}
}
]
}
]
},
{
"compile_id": 11023,
"service": 1,
"action": 48,
"do_blacklist": 1,
"do_log": 1,
"effective_range": 0,
"tags":"{\"tag_sets\":[[{\"tag\":\"device_id\",\"value\":[\"device_3\",\"device_4\"]}]]}",
"user_region": "{\"protocol\":\"http\",\"method\":\"redirect\",\"code\":302,\"to\":\"https://www.jd.com\"}",
"is_valid": "yes",
"groups": [
{
"not_flag": 0,
"group_id": 604,
"group_name":"IPv4TCPSoureServiceChaining604",
"virtual_table": "ATTR_SOURCE_IP",
"regions": [
{
"table_type": "ip",
"table_name": "TSG_OBJ_IP_ADDR",
"table_content": {
"addr_type": "ipv4",
"addr_format": "range",
"ip1": "192.168.55.4",
"ip2": "192.168.55.4"
}
}
]
},
{
"group_id": 9,
"group_name": "ip.source.ip12",
"virtual_table": "ATTR_SOURCE_IP"
},
{
"group_id": 10,
"group_name": "ip.source.ip13",
"virtual_table": "ATTR_DESTINATION_IP"
},
{
"group_id": 9,
"group_name": "ip.source.ip14",
"virtual_table": "ATTR_INTERNAL_IP"
}
]
},
@@ -309,33 +447,34 @@
"68\thttps\t0\tnull\tnetworking\tinfrastructure\tnetwork-protocol\t3\tused-by-malware,vulnerability,widely-used\tnull\tnull\t{\"method\":\"rate_limit\",\"bps\":1000}\t0\t0\t0\t0\t0\t68000\t1"
]
},
{
"table_name": "TSG_FQDN_CATEGORY_BUILT_IN",
"table_content": [
"0\t1\t126.com\t1\t601\t1",
"1\t2\tbaidu.com\t1\t602\t1"
]
},
{
"table_name": "TSG_FQDN_CATEGORY_USER_DEFINED",
"table_content": [
"0\t3\t126.com\t1\t701\t1",
"1\t4\tbaidu.com\t1\t702\t1"
]
},
{
{
"table_name": "FQDN_ENTRY",
"table_content": [
"1\t2,4,5\twww.126.com\t1\t1",
"2\t6,7,8\twww.baidu.com\t1\t1"
]
},
{
{
"table_name": "IP_ADDR_ENTRY",
"table_content": [
"1\t2,4,5\t4\tsingle\t192.168.55.4\t192.168.55.4\t0\t1",
"1\t2,4,5\t4\tsingle\t192.168.55.4\t192.168.55.4\t0\t1"
"7\t12,14,15\t4\tsingle\t192.168.55.5\t192.168.55.5\t1",
"8\t22,24,25\t4\tsingle\t192.168.55.5\t192.168.55.5\t1",
"9\t9,15\t4\trange\t192.168.55.4\t192.168.55.4\t1",
"10\t10\t4\trange\t192.168.55.6\t192.168.55.6\t1"
]
}
},
{
"table_name": "LIBRARY_TAG",
"table_content": [
"6\tnone\twebsite_category\twebsite_category\tsearch\\bengines\t1",
"7\tnone\twebsite_category\twebsite_category\tbusiness\t1",
"8\tnone\twebsite_category\twebsite_category\tsearch\\bengines\t1",
"12\tnone\tgeoip\ttest1\ttest1\t1",
"14\tnone\tgeoip\ttest2\ttest2\t1",
"15\tnone\tgeoip\ttest3\ttest3\t1",
"9\tnone\tgeoip\ttest4\ttest4\t1",
"10\tnone\tgeoip\ttest5\ttest5\t1"
]
}
]
}