From 75d9cfb13b033bd6c818b936840e3429e3544bee Mon Sep 17 00:00:00 2001
From: fengweihao <fengweihao@iie.ac.cn>
Date: Fri, 3 Jul 2020 19:16:53 +0800
Subject: [PATCH] =?UTF-8?q?=E7=AD=96=E7=95=A5=E9=AA=8C=E8=AF=81=E6=94=AF?=
 =?UTF-8?q?=E6=8C=81=E7=AE=A1=E6=8E=A7=E7=AD=96=E7=95=A5DOH=E5=8D=8F?=
 =?UTF-8?q?=E8=AE=AE?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 common/include/verify_policy.h |  2 ++
 platform/src/verify_policy.cpp |  2 ++
 resource/table_info_proxy.conf | 32 +++++++++++++++++---------------
 scan/src/pangu_http.cpp        |  2 ++
 4 files changed, 23 insertions(+), 15 deletions(-)

diff --git a/common/include/verify_policy.h b/common/include/verify_policy.h
index 43cd518..bf266dc 100644
--- a/common/include/verify_policy.h
+++ b/common/include/verify_policy.h
@@ -30,6 +30,8 @@ enum manipulate_sacn_table
 	PXY_CTRL_HTTP_RES_BODY,
 	PXY_CTRL_SUBSCRIBE_ID,
     PXY_CTRL_APP_ID,
+    PXY_CTRL_DOH_QNAME,
+    PXY_CTRL_DOH_HOST,
     PXY_CTRL_IP_SRC_ASN,
 	PXY_CTRL_IP_DST_ASN,
 	PXY_CTRL_IP_SRC_LOCATION,
diff --git a/platform/src/verify_policy.cpp b/platform/src/verify_policy.cpp
index 69f5504..c46f313 100644
--- a/platform/src/verify_policy.cpp
+++ b/platform/src/verify_policy.cpp
@@ -94,6 +94,8 @@ int protoco_field_type_str2idx(enum verify_policy_type type, const char *action_
 			table_name[PXY_CTRL_HTTP_RES_BODY] = "TSG_FIELD_HTTP_RES_CONTENT";
 			table_name[PXY_CTRL_SUBSCRIBE_ID] = "TSG_OBJ_SUBSCRIBER_ID";
 			table_name[PXY_CTRL_APP_ID] = "TSG_OBJ_APP_ID";
+			table_name[PXY_CTRL_DOH_QNAME]="TSG_FIELD_DOH_QNAME";
+			table_name[PXY_CTRL_DOH_HOST]="TSG_FIELD_DOH_HOST";
 			break;
 		case PXY_TABLE_SECURITY:
 			table_name[PXY_SECURITY_IP] = "TSG_OBJ_IP_ADDR";
diff --git a/resource/table_info_proxy.conf b/resource/table_info_proxy.conf
index 88249fe..3c0f0bc 100644
--- a/resource/table_info_proxy.conf
+++ b/resource/table_info_proxy.conf
@@ -45,19 +45,21 @@
 26	TSG_OBJ_GEO_LOCATION    expr    UTF8    UTF8/GBK    yes 0
 27	TSG_SECURITY_SOURCE_LOCATION    virtual TSG_OBJ_GEO_LOCATION    --
 28	TSG_SECURITY_DESTINATION_LOCATION   virtual TSG_OBJ_GEO_LOCATION    --
+29	TSG_FIELD_DOH_QNAME virtual TSG_OBJ_FQDN    --
+30	TSG_FIELD_DOH_HOST  virtual TSG_OBJ_FQDN    --
 #eliminate the alarm
-29      TSG_OBJ_ACCOUNT expr    UTF8    UTF8    yes     0
-30      TSG_FIELD_SSL_SNI       virtual TSG_OBJ_FQDN    --
-31      TSG_FIELD_SSL_CN        virtual TSG_OBJ_FQDN    --
-32      TSG_FIELD_SSL_SAN       virtual TSG_OBJ_FQDN    --
-33      TSG_FIELD_DNS_QNAME     virtual TSG_OBJ_FQDN    --
-34      TSG_FIELD_MAIL_ACCOUNT  virtual TSG_OBJ_ACCOUNT --
-35      TSG_FIELD_MAIL_FROM     virtual TSG_OBJ_ACCOUNT --
-36      TSG_FIELD_MAIL_TO       virtual TSG_OBJ_ACCOUNT --
-37      TSG_FIELD_MAIL_SUBJECT  virtual TSG_OBJ_KEYWORDS        --
-38      TSG_FIELD_MAIL_CONTENT  virtual TSG_OBJ_KEYWORDS        --
-39      TSG_FIELD_MAIL_ATT_NAME virtual TSG_OBJ_KEYWORDS        --
-40      TSG_FIELD_MAIL_ATT_CONTENT      virtual TSG_OBJ_KEYWORDS        --
-41      TSG_FIELD_FTP_URI       virtual TSG_OBJ_URL     --
-42      TSG_FIELD_FTP_CONTENT   virtual TSG_OBJ_KEYWORDS        --
-43      TSG_FIELD_FTP_ACCOUNT   virtual TSG_OBJ_ACCOUNT --
+31      TSG_OBJ_ACCOUNT expr    UTF8    UTF8    yes     0
+32      TSG_FIELD_SSL_SNI       virtual TSG_OBJ_FQDN    --
+33      TSG_FIELD_SSL_CN        virtual TSG_OBJ_FQDN    --
+34      TSG_FIELD_SSL_SAN       virtual TSG_OBJ_FQDN    --
+35      TSG_FIELD_DNS_QNAME     virtual TSG_OBJ_FQDN    --
+36      TSG_FIELD_MAIL_ACCOUNT  virtual TSG_OBJ_ACCOUNT --
+37      TSG_FIELD_MAIL_FROM     virtual TSG_OBJ_ACCOUNT --
+38      TSG_FIELD_MAIL_TO       virtual TSG_OBJ_ACCOUNT --
+39      TSG_FIELD_MAIL_SUBJECT  virtual TSG_OBJ_KEYWORDS        --
+40      TSG_FIELD_MAIL_CONTENT  virtual TSG_OBJ_KEYWORDS        --
+41      TSG_FIELD_MAIL_ATT_NAME virtual TSG_OBJ_KEYWORDS        --
+42      TSG_FIELD_MAIL_ATT_CONTENT      virtual TSG_OBJ_KEYWORDS        --
+43      TSG_FIELD_FTP_URI       virtual TSG_OBJ_URL     --
+44      TSG_FIELD_FTP_CONTENT   virtual TSG_OBJ_KEYWORDS        --
+45      TSG_FIELD_FTP_ACCOUNT   virtual TSG_OBJ_ACCOUNT --
diff --git a/scan/src/pangu_http.cpp b/scan/src/pangu_http.cpp
index 8bd169e..487aad9 100644
--- a/scan/src/pangu_http.cpp
+++ b/scan/src/pangu_http.cpp
@@ -826,6 +826,8 @@ int pangu_policy_init(struct verify_policy * verify, const char* profile_path)
 	table_name[PXY_CTRL_HTTP_RES_BODY] = "TSG_FIELD_HTTP_RES_CONTENT";
 	table_name[PXY_CTRL_SUBSCRIBE_ID] = "TSG_OBJ_SUBSCRIBER_ID";
 	table_name[PXY_CTRL_APP_ID] = "TSG_OBJ_APP_ID";
+	table_name[PXY_CTRL_DOH_QNAME]="TSG_FIELD_DOH_QNAME";
+	table_name[PXY_CTRL_DOH_HOST]="TSG_FIELD_DOH_HOST";
 	table_name[PXY_CTRL_IP_SRC_ASN]="TSG_SECURITY_SOURCE_ASN";
 	table_name[PXY_CTRL_IP_DST_ASN]="TSG_SECURITY_DESTINATION_ASN";
 	table_name[PXY_CTRL_IP_SRC_LOCATION]="TSG_SECURITY_SOURCE_LOCATION";