feature: 删除一直未使用的Wannat MAAT句柄的初始化及实现

2022-01-19 16:49:59 +08:00
parent b081271a88
commit 697a98192a
5 changed files with 0 additions and 66 deletions
--- a/common/include/verify_policy.h
+++ b/common/include/verify_policy.h
@@ -17,7 +17,6 @@ enum verify_policy_type
 {
    PXY_TABLE_SECURITY,
    PXY_TABLE_MANIPULATION,
-    PXY_TABLE_WANNAT,
    PXY_TABLE_DEFENCE,
    __SCAN_POLICY_MAX
 };
@@ -92,14 +91,6 @@ enum security_scan_table
 	__SECURITY_TABLE_MAX
 };

-enum wannat_scan_table
-{
-    PXY_WANNAT_SOURCE_ADDR,
-    PXY_WANNAT_DESTINATION_ADDR,
-	__WANNAT_TABLE_MAX
-};
-
-
 enum http_ev_bit_number
 {
 	IP_BITNUM = 0,
@@ -185,8 +176,6 @@ void http_get_scan_status(struct verify_policy_query_obj *query_obj, int type, c

 int security_policy_init(struct verify_policy * verify, const char* profile_path);

-int wannat_policy_init(struct verify_policy * verify, const char* profile_path);
-
 int http_hit_policy_list(enum verify_policy_type policy_type, size_t hit_cnt, cJSON *data_obj, void *pme);

 #endif
--- a/conf/verify_policy.conf
+++ b/conf/verify_policy.conf
@@ -20,7 +20,6 @@ thread-nu = 4
 maat_input_mode=1
 table_info=./resource/table_info_proxy.conf
 table_info_tsg=./resource/table_info_security.conf
-table_info_wannat=./resource/table_info_wannat.conf
 json_cfg_file=./resource/pangu_http.json
 stat_file=logs/verify-policy.status
 full_cfg_dir=verify-policy/
--- a/platform/src/verify_policy.cpp
+++ b/platform/src/verify_policy.cpp
@@ -73,7 +73,6 @@ enum verify_policy_type tsg_policy_type_str2idx(const char *action_str)
 	const char * policy_name[__SCAN_POLICY_MAX];
 	policy_name[PXY_TABLE_SECURITY] = "tsg_security";
 	policy_name[PXY_TABLE_MANIPULATION] = "pxy_manipulation";
-	policy_name[PXY_TABLE_WANNAT] = "pxy_wannat";
 	policy_name[PXY_TABLE_DEFENCE] = "active_defence";

 	size_t i = 0;
@@ -146,11 +145,6 @@ int protoco_field_type_str2idx(enum verify_policy_type type, const char *action_
 			table_name[PXY_SECURITY_EXCLUSION_SSL_SNI]="TSG_DECYPTION_EXCLUSION_SSL_SNI";
 			scan_table_max = PXY_SECURITY_EXCLUSION_SSL_SNI;
 			break;
-		case PXY_TABLE_WANNAT:
-			table_name[PXY_WANNAT_SOURCE_ADDR]="TSG_SECURITY_SOURCE_ADDR";
-			table_name[PXY_WANNAT_DESTINATION_ADDR]="TSG_SECURITY_DESTINATION_ADDR";
-			scan_table_max = PXY_WANNAT_DESTINATION_ADDR;
-			break;
 		case PXY_TABLE_DEFENCE:
 			break;
 		default:
@@ -904,9 +898,6 @@ int main(int argc, char * argv[])
 	ret = proxy_policy_init(g_verify_proxy, main_profile);
 	CHECK_OR_EXIT(ret == 0, "Failed at init panggu module, Exit.");

-	ret = wannat_policy_init(g_verify_proxy, main_profile);
-	CHECK_OR_EXIT(ret == 0, "Failed at init wannat module, Exit.");
-
 	clock_gettime(CLOCK_REALTIME, &(end_time));
 	mesa_runtime_log(RLOG_LV_DEBUG, MODULE_NAME, "Read table_info_proxy.conf, take time %lu(s)", end_time.tv_sec - start_time.tv_sec);
 	printf("Read table_info_proxy.conf, take time %lu(s)\n", end_time.tv_sec - start_time.tv_sec);
--- a/resource/table_info_wannat.conf
+++ b/resource/table_info_wannat.conf
@@ -1,17 +0,0 @@
-#each collumn seperate with '\t'
-#id	(0~65535)
-#name string
-#type one of ip,expr,expr_plus,digest,intval,compile or plugin
-#src_charset one of GBK,BIG5,UNICODE,UTF8
-#dst_charset combined by GBK,BIG5,UNICODE,UTF8,seperate with '/'
-#do_merege yes or no
-#cross cache 0~max
-#quickswitch quickon or quick off
-#id	name			type	src_charset	dst_charset	do_merge cross_cache quickswitch
-0	WANNAT_COMPILE	compile escape  --
-1	GROUP_COMPILE_RELATION	group2compile   --
-2	GROUP_GROUP_RELATION	group2group     --
-3	TSG_OBJ_IP_ADDR ip_plus --
-4	TSG_SECURITY_SOURCE_ADDR	virtual	TSG_OBJ_IP_ADDR --
-5	TSG_SECURITY_DESTINATION_ADDR   virtual TSG_OBJ_IP_ADDR --
-6	TSG_SECURITY_ADDR	composition	{"source":"TSG_SECURITY_SOURCE_ADDR","destination":"TSG_SECURITY_DESTINATION_ADDR"}
--- a/scan/src/policy_scan.cpp
+++ b/scan/src/policy_scan.cpp
@@ -1311,34 +1311,6 @@ void subscribe_id_dup_cb(int table_id, MAAT_PLUGIN_EX_DATA* to, MAAT_PLUGIN_EX_D
 	return;
 }

-int wannat_policy_init(struct verify_policy * verify, const char* profile_path)
-{
-	int ret = -1;
-
-	g_pangu_rt->maat[PXY_TABLE_WANNAT] = create_maat_feather("static", profile_path, "MAAT", "table_info_wannat", g_pangu_rt->thread_num, g_pangu_rt->local_logger);
-	if (!g_pangu_rt->maat[PXY_TABLE_WANNAT])
-	{
-		goto error_out;
-	}
-	const char * table_name[__WANNAT_TABLE_MAX];
-	table_name[PXY_WANNAT_SOURCE_ADDR] = "TSG_SECURITY_SOURCE_ADDR";
-	table_name[PXY_WANNAT_DESTINATION_ADDR] = "TSG_SECURITY_DESTINATION_ADDR";
-
-	for (int i = 0; i < __WANNAT_TABLE_MAX; i++)
-	{
-		g_pangu_rt->scan_table_id[PXY_TABLE_WANNAT][i] = Maat_table_register(g_pangu_rt->maat[PXY_TABLE_WANNAT], table_name[i]);
-		if (g_pangu_rt->scan_table_id[PXY_TABLE_WANNAT][i] < 0)
-		{
-			mesa_runtime_log(RLOG_LV_FATAL, MODULE_NAME, "Wannat policy maat table %s register failed.", table_name[i]);
-			goto error_out;
-		}
-		mesa_runtime_log(RLOG_LV_DEBUG, MODULE_NAME, "Wannat policy register maat %p, table name %s, table id %d", g_pangu_rt->maat[PXY_TABLE_WANNAT], table_name[i], g_pangu_rt->scan_table_id[PXY_TABLE_WANNAT][i]);
-	}
-	ret = 0;
-error_out:
-	return ret;
-}
-
 int proxy_policy_init(struct verify_policy * verify, const char* profile_path)
 {
 	int ret = -1;