gfwleak/tango-verify-policy
Archived
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

bugfix: Adapt the compilation table and grouping table structure changes

Browse Source
This commit is contained in:
fengweihao
2023-11-30 18:24:21 +08:00
parent ae2dba8146
commit 7ce3d87440
5 changed files with 350 additions and 362 deletions
Download Patch File Download Diff File Expand all files Collapse all files

15
platform/src/verify_matcher.cpp
View File

@@ -816,14 +816,14 @@ void fqdn_cat_table_free(struct fqdn_category_ctx *fqdn_cat)
void compile_table_new_cb(const char *table_name, int table_id, const char* key, const char* table_line, void **ad, long argl, void* argp)
{
int ret=0;
int ret=0, group_num=0;
int config_id=0, service_id=0, action=0;
int do_log=0,do_blacklist=0,is_valid=0;
char effective_range[VERIFY_ARRAY_MAX]={0};
char srv_def_large[VERIFY_STRING_MAX]={0};
ret=sscanf(table_line, "%d\t%d\t%d\t%d\t%d\t%s\t%s\t%d", &config_id, &service_id, &action, &do_blacklist, &do_log,effective_range,srv_def_large, &is_valid);
if(ret!=8)
ret=sscanf(table_line, "%d\t%d\t%d\t%d\t%d\t%s\t%s\t%d\t%d", &config_id, &service_id, &action, &do_blacklist, &do_log,effective_range,srv_def_large,&group_num,&is_valid);
if(ret!=9)
{
mesa_runtime_log(RLOG_LV_FATAL, "Security compile table parse failed, ret:%d, %s", ret, table_line);
return;
@@ -1721,8 +1721,7 @@ static int policy_verify_scan_http_hdr(struct request_query_obj *request, struct
int table_id = request->table_id;
const char *value = request->keyword;
const char * str_field_name = request->district;
scan_ret = maat_state_set_scan_district(ctx->scan_mid, g_policy_rt->scan_table_id[table_id], str_field_name, strlen(str_field_name));
assert(scan_ret == 0);
maat_state_set_scan_district(ctx->scan_mid, g_policy_rt->scan_table_id[table_id], str_field_name, strlen(str_field_name));
scan_ret = maat_scan_string(g_policy_rt->feather[vsys_id], g_policy_rt->scan_table_id[table_id],
value, strlen(value), ctx->result + hit_cnt, MAX_SCAN_RESULT - hit_cnt,
&n_hit_result, ctx->scan_mid);
@@ -1754,7 +1753,7 @@ static int ip_addr_scan(struct request_query_obj *request, struct policy_scan_ct
size_t n_hit_result=0;
int table_id = request->table_id;
int protocol = 0;
int protocol = request->protocol;
if (request->ip_addr->addrtype == ADDR_TYPE_IPV4)
{
if(0 == strcasecmp(request->attri_name, "source"))
@@ -2192,6 +2191,10 @@ int maat_table_init(struct verify_policy * verify, const char* profile_path)
}
}
ret = maat_app_dict_table_init(POLICY_APP_DI_DICT, vsys_id, app_dict_table_new_cb, app_dict_table_free_cb, app_dict_table_dup_cb);
if(ret<0)
{
goto error_out;
}
}
ret = 0;
error_out:

5
platform/src/verify_policy.cpp
View File

@@ -263,6 +263,11 @@ static int get_attribute_from_json(int curr_id, cJSON* subchild, struct verify_p
if(item && item->type==cJSON_String)
{
policy_query->verify_object[curr_id].table_id = protoco_field_type_str2idx(item->valuestring, buff, &p);
if(policy_query->verify_object[curr_id].table_id == __TSG_OBJ_MAX)
{
mesa_runtime_log(RLOG_LV_FATAL, "Get table id failed form table name:%s", item->valuestring);
return xret;
}
}
attributeValue = cJSON_GetObjectItem(subchild, "attributeValue");

174
resource/table_info.conf
View File

@@ -4,11 +4,11 @@
"table_name":"TSG_SECURITY_COMPILE",
"table_type":"compile",
"user_region_encoded":"escape",
"valid_column":8,
"valid_column":9,
"custom": {
"compile_id":1,
"tags":6,
"clause_num":9
"clause_num":8
}
},
{
@@ -18,11 +18,11 @@
"default_compile_table":1,
"table_type":"compile",
"user_region_encoded":"escape",
"valid_column":8,
"valid_column":9,
"custom": {
"compile_id":1,
"tags":6,
"clause_num":9
"clause_num":8
}
},
{
@@ -30,7 +30,7 @@
"table_name":"TSG_SECURITY_COMPILE_PLUGIN",
"db_tables":["TSG_SECURITY_COMPILE"],
"table_type":"plugin",
"valid_column":8,
"valid_column":9,
"custom": {
"key":1,
"key_type":"integer",
@@ -42,13 +42,13 @@
"table_name":"GROUP_SECURITY_COMPILE_RELATION",
"table_type":"group2compile",
"associated_compile_table_id":1,
"valid_column":3,
"valid_column":6,
"custom": {
"group_id":1,
"compile_id":2,
"not_flag":4,
"virtual_table_name":5,
"clause_index":6
"not_flag":3,
"virtual_table_name":4,
"clause_index":5
}
},
{
@@ -56,11 +56,11 @@
"table_name":"PXY_CTRL_COMPILE",
"table_type":"compile",
"user_region_encoded":"escape",
"valid_column":8,
"valid_column":9,
"custom": {
"compile_id":1,
"tags":6,
"clause_num":9
"clause_num":8
}
},
{
@@ -70,11 +70,11 @@
"default_compile_table":1,
"table_type":"compile",
"user_region_encoded":"escape",
"valid_column":8,
"valid_column":9,
"custom": {
"compile_id":1,
"tags":6,
"clause_num":9
"clause_num":8
}
},
{
@@ -82,7 +82,7 @@
"table_name":"PXY_CTRL_COMPILE_PLUGIN",
"db_tables":["PXY_CTRL_COMPILE"],
"table_type":"plugin",
"valid_column":8,
"valid_column":9,
"custom": {
"key":1,
"key_type":"integer",
@@ -94,13 +94,13 @@
"table_name":"GROUP_PXY_CTRL_COMPILE_RELATION",
"table_type":"group2compile",
"associated_compile_table_id":5,
"valid_column":3,
"valid_column":6,
"custom": {
"group_id":1,
"compile_id":2,
"not_flag":4,
"virtual_table_name":5,
"clause_index":6
"not_flag":3,
"virtual_table_name":4,
"clause_index":5
}
},
{
@@ -108,11 +108,11 @@
"table_name":"TRAFFIC_SHAPING_COMPILE",
"table_type":"compile",
"user_region_encoded":"escape",
"valid_column":8,
"valid_column":9,
"custom": {
"compile_id":1,
"tags":6,
"clause_num":9
"clause_num":8
}
},
{
@@ -122,11 +122,11 @@
"default_compile_table":1,
"table_type":"compile",
"user_region_encoded":"escape",
"valid_column":8,
"valid_column":9,
"custom": {
"compile_id":1,
"tags":6,
"clause_num":9
"clause_num":8
}
},
{
@@ -134,7 +134,7 @@
"table_name":"TRAFFIC_SHAPING_COMPILE_PLUGIN",
"db_tables":["TRAFFIC_SHAPING_COMPILE"],
"table_type":"plugin",
"valid_column":8,
"valid_column":9,
"custom": {
"key":1,
"key_type":"integer",
@@ -146,13 +146,13 @@
"table_name":"GROUP_SHAPING_COMPILE_RELATION",
"table_type":"group2compile",
"associated_compile_table_id":9,
"valid_column":3,
"valid_column":6,
"custom": {
"group_id":1,
"compile_id":2,
"not_flag":4,
"virtual_table_name":5,
"clause_index":6
"not_flag":3,
"virtual_table_name":4,
"clause_index":5
}
},
{
@@ -160,11 +160,11 @@
"table_name":"SERVICE_CHAINING_COMPILE",
"table_type":"compile",
"user_region_encoded":"escape",
"valid_column":8,
"valid_column":9,
"custom": {
"compile_id":1,
"tags":6,
"clause_num":9
"clause_num":8
}
},
{
@@ -174,11 +174,11 @@
"default_compile_table":1,
"table_type":"compile",
"user_region_encoded":"escape",
"valid_column":8,
"valid_column":9,
"custom": {
"compile_id":1,
"tags":6,
"clause_num":9
"clause_num":8
}
},
{
@@ -186,7 +186,7 @@
"table_name":"SERVICE_CHAINING_COMPILE_PLUGIN",
"db_tables":["SERVICE_CHAINING_COMPILE"],
"table_type":"plugin",
"valid_column":8,
"valid_column":9,
"custom": {
"key":1,
"key_type":"integer",
@@ -198,13 +198,13 @@
"table_name":"GROUP_SERVICE_CHAINING_COMPILE_RELATION",
"table_type":"group2compile",
"associated_compile_table_id":13,
"valid_column":3,
"valid_column":6,
"custom": {
"group_id":1,
"compile_id":2,
"not_flag":4,
"virtual_table_name":5,
"clause_index":6
"not_flag":3,
"virtual_table_name":4,
"clause_index":5
}
},
{
@@ -212,11 +212,11 @@
"table_name":"PXY_INTERCEPT_COMPILE",
"table_type":"compile",
"user_region_encoded":"escape",
"valid_column":8,
"valid_column":9,
"custom": {
"compile_id":1,
"tags":6,
"clause_num":9
"clause_num":8
}
},
{
@@ -226,11 +226,11 @@
"default_compile_table":1,
"table_type":"compile",
"user_region_encoded":"escape",
"valid_column":8,
"valid_column":9,
"custom": {
"compile_id":1,
"tags":6,
"clause_num":9
"clause_num":8
}
},
{
@@ -238,7 +238,7 @@
"table_name":"PXY_INTERCEPT_COMPILE_PLUGIN",
"db_tables":["PXY_INTERCEPT_COMPILE"],
"table_type":"plugin",
"valid_column":8,
"valid_column":9,
"custom": {
"key":1,
"key_type":"integer",
@@ -250,13 +250,13 @@
"table_name":"GROUP_PXY_INTERCEPT_COMPILE_RELATION",
"table_type":"group2compile",
"associated_compile_table_id":17,
"valid_column":3,
"valid_column":6,
"custom": {
"group_id":1,
"compile_id":2,
"not_flag":4,
"virtual_table_name":5,
"clause_index":6
"not_flag":3,
"virtual_table_name":4,
"clause_index":5
}
},
{
@@ -264,11 +264,11 @@
"table_name":"STATISTICS_COMPILE",
"table_type":"compile",
"user_region_encoded":"escape",
"valid_column":8,
"valid_column":9,
"custom": {
"compile_id":1,
"tags":6,
"clause_num":9
"clause_num":8
}
},
{
@@ -278,11 +278,11 @@
"default_compile_table":1,
"table_type":"compile",
"user_region_encoded":"escape",
"valid_column":8,
"valid_column":9,
"custom": {
"compile_id":1,
"tags":6,
"clause_num":9
"clause_num":8
}
},
{
@@ -290,7 +290,7 @@
"table_name":"STATISTICS_COMPILE_PLUGIN",
"db_tables":["STATISTICS_COMPILE"],
"table_type":"plugin",
"valid_column":8,
"valid_column":9,
"custom": {
"key":1,
"key_type":"integer",
@@ -302,13 +302,13 @@
"table_name":"GROUP_STATISTICS_COMPILE_RELATION",
"table_type":"group2compile",
"associated_compile_table_id":21,
"valid_column":3,
"valid_column":6,
"custom": {
"group_id":1,
"compile_id":2,
"not_flag":4,
"virtual_table_name":5,
"clause_index":6
"not_flag":3,
"virtual_table_name":4,
"clause_index":5
}
},
{
@@ -316,11 +316,11 @@
"table_name":"MONITOR_COMPILE",
"table_type":"compile",
"user_region_encoded":"escape",
"valid_column":8,
"valid_column":9,
"custom": {
"compile_id":1,
"tags":6,
"clause_num":9
"clause_num":8
}
},
{
@@ -330,11 +330,11 @@
"default_compile_table":1,
"table_type":"compile",
"user_region_encoded":"escape",
"valid_column":8,
"valid_column":9,
"custom": {
"compile_id":1,
"tags":6,
"clause_num":9
"clause_num":8
}
},
{
@@ -342,7 +342,7 @@
"table_name":"MONITOR_COMPILE_PLUGIN",
"db_tables":["MONITOR_COMPILE"],
"table_type":"plugin",
"valid_column":8,
"valid_column":9,
"custom": {
"key":1,
"key_type":"integer",
@@ -354,13 +354,13 @@
"table_name":"GROUP_MONITOR_COMPILE_RELATION",
"table_type":"group2compile",
"associated_compile_table_id":25,
"valid_column":3,
"valid_column":6,
"custom": {
"group_id":1,
"compile_id":2,
"not_flag":4,
"virtual_table_name":5,
"clause_index":6
"not_flag":3,
"virtual_table_name":4,
"clause_index":5
}
},
{
@@ -772,7 +772,7 @@
"table_id":75,
"table_name":"TSG_FQDN_CATEGORY_BUILT_IN",
"table_type":"fqdn_plugin",
"valid_column":5,
"valid_column":6,
"custom": {
"item_id":1,
"suffix_match_method":4,
@@ -783,7 +783,7 @@
"table_id":76,
"table_name":"TSG_FQDN_CATEGORY_USER_DEFINED",
"table_type":"fqdn_plugin",
"valid_column":5,
"valid_column":6,
"custom": {
"item_id":1,
"suffix_match_method":4,
@@ -870,28 +870,16 @@
},
{
"table_id":86,
"table_name":"TSG_OBJ_TUNNEL_ID",
"table_type":"interval",
"valid_column":5,
"custom": {
"item_id":1,
"group_id":2,
"low_bound":3,
"up_bound":4
}
},
{
"table_id":87,
"table_name":"TSG_TUNNEL_CATALOG",
"table_type":"bool_plugin",
"valid_column":5,
"valid_column":6,
"custom": {
"item_id":1,
"bool_expr":4
}
},
{
"table_id":88,
"table_id":87,
"table_name":"TSG_TUNNEL_ENDPOINT",
"table_type":"ip_plugin",
"valid_column":6,
@@ -904,7 +892,7 @@
}
},
{
"table_id":89,
"table_id":88,
"table_name":"TSG_TUNNEL_LABEL",
"table_type":"plugin",
"valid_column":4,
@@ -915,13 +903,13 @@
}
},
{
"table_id":90,
"table_id":89,
"table_name":"ATTR_TUNNEL",
"table_type":"virtual",
"physical_table": "TSG_OBJ_TUNNEL_ID"
"physical_table": "TSG_TUNNEL_CATALOG"
},
{
"table_id":91,
"table_id":90,
"table_name":"TSG_OBJ_FLAG",
"table_type":"flag",
"valid_column":5,
@@ -933,31 +921,31 @@
}
},
{
"table_id":92,
"table_id":91,
"table_name":"ATTR_FLAG",
"table_type":"virtual",
"physical_table": "TSG_OBJ_FLAG"
},
{
"table_id":93,
"table_id":92,
"table_name":"ATTR_DOH_QNAME",
"table_type":"virtual",
"physical_table": "TSG_OBJ_FQDN"
},
{
"table_id":94,
"table_id":93,
"table_name":"ATTR_DOH_HOST",
"table_type":"virtual",
"physical_table": "TSG_OBJ_FQDN"
},
{
"table_id":95,
"table_id":94,
"table_name":"ATTR_DOH_HOST_CAT",
"table_type":"virtual",
"physical_table": "TSG_OBJ_FQDN_CAT"
},
{
"table_id":96,
"table_id":95,
"table_name":"TSG_OBJ_IMEI",
"table_type":"expr",
"valid_column":7,
@@ -971,16 +959,16 @@
}
},
{
"table_id":97,
"table_id":96,
"table_name":"ATTR_GTP_IMEI",
"table_type":"virtual",
"physical_table": "TSG_OBJ_IMEI"
},
{
"table_id":98,
"table_id":97,
"table_name": "APP_ID_DICT",
"table_type": "plugin",
"valid_column": 18,
"valid_column": 19,
"custom": {
"key": 1,
"key_type": "integer",
@@ -988,13 +976,13 @@
}
},
{
"table_id":99,
"table_id":98,
"table_name":"ATTR_SUBSCRIBER_ID",
"table_type":"virtual",
"physical_table": "TSG_OBJ_SUBSCRIBER_ID"
},
{
"table_id":100,
"table_id":99,
"table_name":"ATTR_APP_ID",
"table_type":"virtual",
"physical_table": "APP_ID_DICT"

170
resource/table_info_simple.conf
View File

@@ -4,11 +4,11 @@
"table_name":"TSG_SECURITY_COMPILE",
"table_type":"compile",
"user_region_encoded":"escape",
"valid_column":8,
"valid_column":9,
"custom": {
"compile_id":1,
"tags":6,
"clause_num":9
"clause_num":8
}
},
{
@@ -18,11 +18,11 @@
"default_compile_table":1,
"table_type":"compile",
"user_region_encoded":"escape",
"valid_column":8,
"valid_column":9,
"custom": {
"compile_id":1,
"tags":6,
"clause_num":9
"clause_num":8
}
},
{
@@ -30,7 +30,7 @@
"table_name":"TSG_SECURITY_COMPILE_PLUGIN",
"db_tables":["TSG_SECURITY_COMPILE"],
"table_type":"plugin",
"valid_column":8,
"valid_column":9,
"custom": {
"key":1,
"key_type":"integer",
@@ -42,13 +42,13 @@
"table_name":"GROUP_SECURITY_COMPILE_RELATION",
"table_type":"group2compile",
"associated_compile_table_id":1,
"valid_column":3,
"valid_column":6,
"custom": {
"group_id":1,
"compile_id":2,
"not_flag":4,
"virtual_table_name":5,
"clause_index":6
"not_flag":3,
"virtual_table_name":4,
"clause_index":5
}
},
{
@@ -56,11 +56,11 @@
"table_name":"PXY_CTRL_COMPILE",
"table_type":"compile",
"user_region_encoded":"escape",
"valid_column":8,
"valid_column":9,
"custom": {
"compile_id":1,
"tags":6,
"clause_num":9
"clause_num":8
}
},
{
@@ -70,11 +70,11 @@
"default_compile_table":1,
"table_type":"compile",
"user_region_encoded":"escape",
"valid_column":8,
"valid_column":9,
"custom": {
"compile_id":1,
"tags":6,
"clause_num":9
"clause_num":8
}
},
{
@@ -82,7 +82,7 @@
"table_name":"PXY_CTRL_COMPILE_PLUGIN",
"db_tables":["PXY_CTRL_COMPILE"],
"table_type":"plugin",
"valid_column":8,
"valid_column":9,
"custom": {
"key":1,
"key_type":"integer",
@@ -94,13 +94,13 @@
"table_name":"GROUP_PXY_CTRL_COMPILE_RELATION",
"table_type":"group2compile",
"associated_compile_table_id":5,
"valid_column":3,
"valid_column":6,
"custom": {
"group_id":1,
"compile_id":2,
"not_flag":4,
"virtual_table_name":5,
"clause_index":6
"not_flag":3,
"virtual_table_name":4,
"clause_index":5
}
},
{
@@ -108,11 +108,11 @@
"table_name":"TRAFFIC_SHAPING_COMPILE",
"table_type":"compile",
"user_region_encoded":"escape",
"valid_column":8,
"valid_column":9,
"custom": {
"compile_id":1,
"tags":6,
"clause_num":9
"clause_num":8
}
},
{
@@ -122,11 +122,11 @@
"default_compile_table":1,
"table_type":"compile",
"user_region_encoded":"escape",
"valid_column":8,
"valid_column":9,
"custom": {
"compile_id":1,
"tags":6,
"clause_num":9
"clause_num":8
}
},
{
@@ -134,7 +134,7 @@
"table_name":"TRAFFIC_SHAPING_COMPILE_PLUGIN",
"db_tables":["TRAFFIC_SHAPING_COMPILE"],
"table_type":"plugin",
"valid_column":8,
"valid_column":9,
"custom": {
"key":1,
"key_type":"integer",
@@ -146,13 +146,13 @@
"table_name":"GROUP_SHAPING_COMPILE_RELATION",
"table_type":"group2compile",
"associated_compile_table_id":9,
"valid_column":3,
"valid_column":6,
"custom": {
"group_id":1,
"compile_id":2,
"not_flag":4,
"virtual_table_name":5,
"clause_index":6
"not_flag":3,
"virtual_table_name":4,
"clause_index":5
}
},
{
@@ -160,11 +160,11 @@
"table_name":"SERVICE_CHAINING_COMPILE",
"table_type":"compile",
"user_region_encoded":"escape",
"valid_column":8,
"valid_column":9,
"custom": {
"compile_id":1,
"tags":6,
"clause_num":9
"clause_num":8
}
},
{
@@ -174,11 +174,11 @@
"default_compile_table":1,
"table_type":"compile",
"user_region_encoded":"escape",
"valid_column":8,
"valid_column":9,
"custom": {
"compile_id":1,
"tags":6,
"clause_num":9
"clause_num":8
}
},
{
@@ -186,7 +186,7 @@
"table_name":"SERVICE_CHAINING_COMPILE_PLUGIN",
"db_tables":["SERVICE_CHAINING_COMPILE"],
"table_type":"plugin",
"valid_column":8,
"valid_column":9,
"custom": {
"key":1,
"key_type":"integer",
@@ -198,13 +198,13 @@
"table_name":"GROUP_SERVICE_CHAINING_COMPILE_RELATION",
"table_type":"group2compile",
"associated_compile_table_id":13,
"valid_column":3,
"valid_column":6,
"custom": {
"group_id":1,
"compile_id":2,
"not_flag":4,
"virtual_table_name":5,
"clause_index":6
"not_flag":3,
"virtual_table_name":4,
"clause_index":5
}
},
{
@@ -212,11 +212,11 @@
"table_name":"PXY_INTERCEPT_COMPILE",
"table_type":"compile",
"user_region_encoded":"escape",
"valid_column":8,
"valid_column":9,
"custom": {
"compile_id":1,
"tags":6,
"clause_num":9
"clause_num":8
}
},
{
@@ -226,11 +226,11 @@
"default_compile_table":1,
"table_type":"compile",
"user_region_encoded":"escape",
"valid_column":8,
"valid_column":9,
"custom": {
"compile_id":1,
"tags":6,
"clause_num":9
"clause_num":8
}
},
{
@@ -238,7 +238,7 @@
"table_name":"PXY_INTERCEPT_COMPILE_PLUGIN",
"db_tables":["PXY_INTERCEPT_COMPILE"],
"table_type":"plugin",
"valid_column":8,
"valid_column":9,
"custom": {
"key":1,
"key_type":"integer",
@@ -250,13 +250,13 @@
"table_name":"GROUP_PXY_INTERCEPT_COMPILE_RELATION",
"table_type":"group2compile",
"associated_compile_table_id":17,
"valid_column":3,
"valid_column":6,
"custom": {
"group_id":1,
"compile_id":2,
"not_flag":4,
"virtual_table_name":5,
"clause_index":6
"not_flag":3,
"virtual_table_name":4,
"clause_index":5
}
},
{
@@ -264,11 +264,11 @@
"table_name":"STATISTICS_COMPILE",
"table_type":"compile",
"user_region_encoded":"escape",
"valid_column":8,
"valid_column":9,
"custom": {
"compile_id":1,
"tags":6,
"clause_num":9
"clause_num":8
}
},
{
@@ -278,11 +278,11 @@
"default_compile_table":1,
"table_type":"compile",
"user_region_encoded":"escape",
"valid_column":8,
"valid_column":9,
"custom": {
"compile_id":1,
"tags":6,
"clause_num":9
"clause_num":8
}
},
{
@@ -290,7 +290,7 @@
"table_name":"STATISTICS_COMPILE_PLUGIN",
"db_tables":["STATISTICS_COMPILE"],
"table_type":"plugin",
"valid_column":8,
"valid_column":9,
"custom": {
"key":1,
"key_type":"integer",
@@ -302,13 +302,13 @@
"table_name":"GROUP_STATISTICS_COMPILE_RELATION",
"table_type":"group2compile",
"associated_compile_table_id":21,
"valid_column":3,
"valid_column":6,
"custom": {
"group_id":1,
"compile_id":2,
"not_flag":4,
"virtual_table_name":5,
"clause_index":6
"not_flag":3,
"virtual_table_name":4,
"clause_index":5
}
},
{
@@ -316,11 +316,11 @@
"table_name":"MONITOR_COMPILE",
"table_type":"compile",
"user_region_encoded":"escape",
"valid_column":8,
"valid_column":9,
"custom": {
"compile_id":1,
"tags":6,
"clause_num":9
"clause_num":8
}
},
{
@@ -330,11 +330,11 @@
"default_compile_table":1,
"table_type":"compile",
"user_region_encoded":"escape",
"valid_column":8,
"valid_column":9,
"custom": {
"compile_id":1,
"tags":6,
"clause_num":9
"clause_num":8
}
},
{
@@ -342,7 +342,7 @@
"table_name":"MONITOR_COMPILE_PLUGIN",
"db_tables":["MONITOR_COMPILE"],
"table_type":"plugin",
"valid_column":8,
"valid_column":9,
"custom": {
"key":1,
"key_type":"integer",
@@ -354,13 +354,13 @@
"table_name":"GROUP_MONITOR_COMPILE_RELATION",
"table_type":"group2compile",
"associated_compile_table_id":25,
"valid_column":3,
"valid_column":6,
"custom": {
"group_id":1,
"compile_id":2,
"not_flag":4,
"virtual_table_name":5,
"clause_index":6
"not_flag":3,
"virtual_table_name":4,
"clause_index":5
}
},
{
@@ -796,28 +796,16 @@
},
{
"table_id":86,
"table_name":"TSG_OBJ_TUNNEL_ID",
"table_type":"interval",
"valid_column":5,
"custom": {
"item_id":1,
"group_id":2,
"low_bound":3,
"up_bound":4
}
},
{
"table_id":87,
"table_name":"TSG_TUNNEL_CATALOG",
"table_type":"bool_plugin",
"valid_column":5,
"valid_column":6,
"custom": {
"item_id":1,
"bool_expr":4
}
},
{
"table_id":88,
"table_id":87,
"table_name":"TSG_TUNNEL_ENDPOINT",
"table_type":"ip_plugin",
"valid_column":6,
@@ -830,7 +818,7 @@
}
},
{
"table_id":89,
"table_id":88,
"table_name":"TSG_TUNNEL_LABEL",
"table_type":"plugin",
"valid_column":4,
@@ -841,13 +829,13 @@
}
},
{
"table_id":90,
"table_id":89,
"table_name":"ATTR_TUNNEL",
"table_type":"virtual",
"physical_table": "TSG_OBJ_TUNNEL_ID"
"physical_table": "TSG_TUNNEL_CATALOG"
},
{
"table_id":91,
"table_id":90,
"table_name":"TSG_OBJ_FLAG",
"table_type":"flag",
"valid_column":5,
@@ -859,31 +847,31 @@
}
},
{
"table_id":92,
"table_id":91,
"table_name":"ATTR_FLAG",
"table_type":"virtual",
"physical_table": "TSG_OBJ_FLAG"
},
{
"table_id":93,
"table_id":92,
"table_name":"ATTR_DOH_QNAME",
"table_type":"virtual",
"physical_table": "TSG_OBJ_FQDN"
},
{
"table_id":94,
"table_id":93,
"table_name":"ATTR_DOH_HOST",
"table_type":"virtual",
"physical_table": "TSG_OBJ_FQDN"
},
{
"table_id":95,
"table_id":94,
"table_name":"ATTR_DOH_HOST_CAT",
"table_type":"virtual",
"physical_table": "TSG_OBJ_FQDN_CAT"
},
{
"table_id":96,
"table_id":95,
"table_name":"TSG_OBJ_IMEI",
"table_type":"expr",
"valid_column":7,
@@ -897,16 +885,16 @@
}
},
{
"table_id":97,
"table_id":96,
"table_name":"ATTR_GTP_IMEI",
"table_type":"virtual",
"physical_table": "TSG_OBJ_IMEI"
},
{
"table_id":98,
"table_id":97,
"table_name": "APP_ID_DICT",
"table_type": "plugin",
"valid_column": 18,
"valid_column": 19,
"custom": {
"key": 1,
"key_type": "integer",
@@ -914,13 +902,13 @@
}
},
{
"table_id":99,
"table_id":98,
"table_name":"ATTR_SUBSCRIBER_ID",
"table_type":"virtual",
"physical_table": "TSG_OBJ_SUBSCRIBER_ID"
},
{
"table_id":100,
"table_id":99,
"table_name":"ATTR_APP_ID",
"table_type":"virtual",
"physical_table": "APP_ID_DICT"

348
resource/verify-policy.json
View File

@@ -1,30 +1,64 @@
{
"compile_table": "PXY_CTRL_COMPILE",
"group_table": "PXY_CTRL_GROUP",
"group2compile_table": "GROUP_PXY_CTRL_COMPILE_RELATION",
"group2group_table": "GROUP_GROUP_RELATION",
"rules": [
{
"compile_id": 1021,
"service": 1,
"action": 48,
"do_blacklist": 1,
"do_log": 1,
"do_log": 1,
"effective_range": 0,
"user_region": "{\"protocol\":\"http\",\"method\":\"redirect\",\"code\":302,\"to\":\"https://www.baidu.com/index.html\"}",
"is_valid": "yes",
"tags":"{\"tag_sets\":[[{\"tag\":\"device_id\",\"value\":[\"device_3\",\"device_4\"]}]]}",
"user_region": "{\"protocol\":\"http\",\"method\":\"redirect\",\"code\":302,\"to\":\"https://www.jd.com\"}",
"is_valid": "yes",
"groups": [
{
"virtual_table":"ATTR_HTTP_URL",
"group_name":"http_url",
"group_id":101,
"not_flag":0,
"regions": [
{
"table_name": "PXY_CTRL_HTTP_URL",
"table_type": "string",
"table_name": "TSG_OBJ_URL",
"table_type": "expr",
"table_content": {
"keywords": "www.rbc.ru",
"keywords": "baidu.com",
"expr_type": "regex",
"match_method": "sub",
"format": "uncase plain"
}
}
]
},
{
"virtual_table":"ATTR_APP_ID",
"group_name":"app_id",
"group_id":201,
"not_flag":0
},
{
"not_flag": 0,
"group_id": 301,
"group_name":"ipv4_addr",
"virtual_table": "ATTR_SOURCE_ADDR",
"regions": [
{
"table_type": "ip_plus",
"table_name": "TSG_OBJ_IP_ADDR",
"table_content": {
"addr_type": "ipv4",
"addr_format": "range",
"ip1": "192.168.55.4",
"ip2": "192.168.55.4",
"port_format": "range",
"port1": "80",
"port2": "80",
"protocol": -1
}
}
]
}
]
},
@@ -33,24 +67,15 @@
"service": 1,
"action": 48,
"do_blacklist": 1,
"do_log": 1,
"do_log": 1,
"effective_range": 0,
"user_region": "{\"protocol\":\"http\",\"method\":\"block\",\"code\":403,\"message\":\"error\",\"html_profile\":101}",
"tags":"{\"tag_sets\":[[{\"tag\":\"device_id\",\"value\":[\"device_3\",\"device_4\"]}]]}",
"user_region": "{\"protocol\":\"http\",\"method\":\"redirect\",\"code\":302,\"to\":\"https://www.jd.com\"}",
"is_valid": "yes",
"groups": [
{
"regions": [
{
"table_name": "PXY_CTRL_HTTP_URL",
"table_type": "string",
"table_content": {
"keywords": "bing.com",
"expr_type": "regex",
"match_method": "sub",
"format": "uncase plain"
}
}
]
"group_name":"http_url",
"virtual_table":"ATTR_HTTP_URL"
}
]
},
@@ -61,16 +86,20 @@
"do_blacklist": 1,
"do_log": 1,
"effective_range": 0,
"user_region": "{\"protocol\":\"http\",\"method\":\"block\",\"code\":403,\"message\":\"error\",\"html_profile\":102}",
"is_valid": "yes",
"user_region": "{\"protocol\":\"http\",\"method\":\"replace\",\"rules\":[{\"search_in\":\"http_resp_body\",\"find\":\"邮箱\",\"replace_with\":\"test\"}]}",
"is_valid": "yes",
"groups": [
{
"virtual_table":"ATTR_HTTP_HOST_VIRTUAL",
"group_name":"http_fqdn",
"group_id":102,
"not_flag":0,
"regions": [
{
"table_name": "PXY_CTRL_HTTP_URL",
"table_type": "string",
"table_name": "TSG_OBJ_FQDN",
"table_type": "expr",
"table_content": {
"keywords": "pc.wps.cn",
"keywords": "www.126.com",
"expr_type": "regex",
"match_method": "sub",
"format": "uncase plain"
@@ -85,24 +114,15 @@
"service": 1,
"action": 48,
"do_blacklist": 1,
"do_log": 1,
"do_log": 1,
"effective_range": 0,
"user_region": "{\"protocol\":\"http\",\"method\":\"replace\",\"rules\":[{\"search_in\":\"http_resp_body\",\"find\":\"比特币\",\"replace_with\":\"硬币\"}]}",
"user_region":"{\"protocol\":\"http\",\"method\":\"replace\",\"rules\":[{\"search_in\":\"http_resp_body\",\"find\":\"账号登录\",\"replace_with\":\"Login\"}]}",
"is_valid": "yes",
"groups": [
{
"regions": [
{
"table_name": "PXY_CTRL_HTTP_URL",
"table_type": "string",
"table_content": {
"keywords": "edu.csdn.net/course/detail/6998",
"expr_type": "regex",
"match_method": "sub",
"format": "uncase plain"
}
}
]
"group_name":"http_fqdn",
"virtual_table":"ATTR_HTTP_HOST",
"not_flag":0
}
]
},
@@ -113,22 +133,13 @@
"do_blacklist": 1,
"do_log": 1,
"effective_range": 0,
"user_region": "{\"protocol\":\"http\",\"method\":\"hijack\",\"hijack_profile\":201}",
"user_region": "{\"protocol\":\"http\",\"method\":\"replace\",\"rules\":[{\"search_in\":\"http_resp_body\",\"find\":\"会员\",\"replace_with\":\"用户\"}]}",
"is_valid": "yes",
"groups": [
{
"regions": [
{
"table_name": "PXY_CTRL_HTTP_URL",
"table_type": "string",
"table_content": {
"keywords": "www.wireshark.org/download/win32/WiresharkPortable_2.6.8.paf.exe",
"expr_type": "regex",
"match_method": "sub",
"format": "uncase plain"
}
}
]
"group_name":"http_fqdn",
"virtual_table":"ATTR_DOH_QNAME",
"not_flag":0
}
]
},
@@ -137,25 +148,50 @@
"service": 1,
"action": 48,
"do_blacklist": 1,
"do_log": 1,
"do_log": 1,
"effective_range": 0,
"user_region": "{\"protocol\":\"http\",\"method\":\"hijack\",\"hijack_profile\":201}",
"is_valid": "yes",
"user_region": "{\"protocol\":\"http\",\"method\":\"block\",\"code\":403,\"message\":\"error\"}",
"is_valid": "yes",
"groups": [
{
"virtual_table":"ATTR_HTTP_REQ_HDR",
"group_name":"http_signature_ua",
"group_id":103,
"not_flag":0,
"regions": [
{
"table_name": "PXY_CTRL_HTTP_URL",
"table_type": "string",
"table_name": "TSG_OBJ_HTTP_SIGNATURE",
"table_type": "expr_plus",
"table_content": {
"keywords": "www.downcc.com/ajax.asp",
"expr_type": "regex",
"district": "User-Agent",
"keywords": "Chrome",
"expr_type": "none",
"match_method": "sub",
"format": "uncase plain"
}
}
]
}
},
{
"virtual_table":"ATTR_HTTP_REQ_HDR",
"group_name":"http_signature_cookie",
"group_id":104,
"not_flag":0,
"regions": [
{
"table_name": "TSG_OBJ_HTTP_SIGNATURE",
"table_type": "expr_plus",
"table_content": {
"district": "Cookie",
"keywords": "uid=12345678",
"expr_type": "none",
"match_method": "sub",
"format": "uncase plain"
}
}
]
}
]
},
{
@@ -165,23 +201,27 @@
"do_blacklist": 1,
"do_log": 1,
"effective_range": 0,
"user_region": "{\"protocol\":\"http\",\"method\":\"hijack\",\"hijack_profile\":202}",
"is_valid": "yes",
"user_region": "test",
"is_valid": "yes",
"groups": [
{
"virtual_table":"ATTR_HTTP_URL",
"group_name":"http_url_bing",
"group_id": 105,
"not_flag":0,
"regions": [
{
"table_name": "PXY_CTRL_HTTP_URL",
"table_type": "string",
"table_name": "TSG_OBJ_URL",
"table_type": "expr",
"table_content": {
"keywords": "dldir1.qq.com/foxmail/windows/FoxmailSetup_7.2.10.151.exe",
"keywords": "bing.com",
"expr_type": "regex",
"match_method": "sub",
"format": "uncase plain"
}
}
]
}
}
]
},
{
@@ -189,134 +229,98 @@
"service": 1,
"action": 48,
"do_blacklist": 1,
"do_log": 1,
"do_log": 1,
"effective_range": 0,
"user_region": "{\"protocol\":\"http\",\"method\":\"insert\",\"insert_profile\":302}",
"user_region": "{\"protocol\":\"http\",\"method\":\"block\",\"code\":403,\"message\":\"error\"}",
"is_valid": "yes",
"groups": [
{
"regions": [
{
"table_name": "PXY_CTRL_HTTP_URL",
"table_type": "string",
"table_content": {
"keywords": "mirror.hoster.kz/centos",
"expr_type": "regex",
"match_method": "sub",
"format": "uncase plain"
}
}
]
}
]
},
{
"compile_id": 1029,
"service": 1,
"action": 48,
"do_blacklist": 1,
"do_log": 1,
"effective_range": 0,
"user_region": "{\"protocol\":\"http\",\"method\":\"insert\",\"insert_profile\":303,\"position\":\"after-page-load\"}",
"is_valid": "yes",
"groups": [
{
"regions": [
{
"table_name": "PXY_CTRL_HTTP_URL",
"table_type": "string",
"table_content": {
"keywords": "100wa.com/music",
"expr_type": "regex",
"match_method": "sub",
"format": "uncase plain"
}
}
]
}
]
},
{
"compile_id": 1030,
"service": 1,
"action": 48,
"do_blacklist": 1,
"do_log": 1,
"effective_range": 0,
"user_region": "{\"protocol\":\"http\",\"method\":\"insert\",\"insert_profile\":303,\"position\":\"before-page-load\"}",
"is_valid": "yes",
"groups": [
{
"regions": [
{
"table_name": "PXY_CTRL_HTTP_URL",
"table_type": "string",
"table_content": {
"keywords": "www.youku.com",
"expr_type": "regex",
"match_method": "sub",
"format": "uncase plain"
}
}
]
}
]
},
{
"compile_id": 1031,
"service": 1,
"action": 48,
"do_blacklist": 1,
"do_log": 1,
"effective_range": 0,
"user_region": "{\"protocol\":\"http\",\"method\":\"replace\",\"rules\":[{\"search_in\":\"http_req_uri\",\"find\":\"(?<=\\\\\\?|^|&)q=([^&|^#]*)(?=&|$)\",\"replace_with\":\"q=find\"},{\"search_in\":\"http_req_uri\",\"find\":\"(?<=\\\\\\?|^|&)ei=([^&|^#]*)(?=&|$)\",\"replace_with\":\"ei=chaxun\"}]}",
"is_valid": "yes",
"groups": [
{
"regions": [
{
"table_name": "PXY_CTRL_HTTP_URL",
"table_type": "string",
"table_content": {
"keywords": "www.google.com/search?",
"expr_type": "regex",
"match_method": "sub",
"format": "uncase plain"
}
}
]
{
"group_name":"http_url_bing",
"virtual_table":"ATTR_HTTP_URL"
}
]
}
],
"plugin_table": [
{
"table_name": "PXY_PROFILE_RESPONSE_PAGES",
"table_name": "TSG_PROFILE_TRAFFIC_MIRROR",
"table_content": [
"101\t404\thtml\t./resource/pangu/policy_file/404.html\t1",
"102\tHTTP403\ttemplate\t./resource/pangu/HTTP403.html\t1"
"1234\ttest-traffic-mirror\t[1,2,3,4,5,6,7,8,9]\t1"
]
},
{
"table_name": "TSG_PROFILE_RESPONSE_PAGES",
"table_content": [
"101\t404\thtml\t./resource/pangu/policy_file/404.html\t1"
]
},
{
"table_name": "PXY_PROFILE_HIJACK_FILES",
"table_content": [
"201\tchakanqi\tchakanqi-947KB.exe\tapplication/x-msdos-program\t./resource/pangu/policy_file/chakanqi-947KB.exe\t1",
"202\tWPS8648\tWPS8648-132M.exe\tapplication/x-msdos-program\t./resource/pangu/policy_file/WPS8648-132M.exe\t1"
"201\tchakanqi\tchakanqi-947KB.exe\tapplication/x-msdos-program\t./resource/pangu/policy_file/chakanqi-947KB.exe\t1"
]
},
{
"table_name": "PXY_PROFILE_INSERT_SCRIPTS",
"table_content": [
"301\ttime\tjs\t./resource/pangu/policy_file/time.js\tbefore_page_load\t1",
"302\tu1\tcss\t./resource/pangu/policy_file/u1.css\tbefore_page_load\t1",
"303\tu1\tjs\t./resource/pangu/policy_file/alert.js\tbefore_page_load\t1"
"301\ttime\tjs\t./resource/pangu/policy_file/time.js\tbefore_page_load\t1"
]
},
{
"table_name": "TSG_SECURITY_COMPILE",
{
"table_name": "PXY_PROFILE_DECRYPTION",
"table_content": [
"0\t0\t2\t1\t1\t{}\t{\"protocol\":\"SSL/HTTP\",\"keyring\":765,\"dynamic_bypass\":{\"ev_cert\":0,\"cert_transparency\":0,\"mutual_authentication\":1,\"cert_pinning\":1,\"protocol_errors\":1},\"certificate_checks\":{\"approach\":{\"cn\":1,\"issuer\":1,\"self-signed\":1,\"expiration\":0},\"fail_action\":\"pass-through\"},\"protocol_version\":{\"min\":\"ssl3\",\"max\":\"ssl3\",\"mirror_client\":1,\"allow_http2\":1},\"decrypt_mirror\":{\"enable\":0}}\t1\t2",
"1\t0\t2\t1\t1\t{}\t{\"protocol\":\"SSL/HTTP\",\"keyring\":0,\"dynamic_bypass\":{\"ev_cert\":0,\"cert_transparency\":0,\"mutual_authentication\":1,\"cert_pinning\":1},\"certificate_checks\":{\"approach\":{\"cn\":1,\"issuer\":1,\"self-signed\":1,\"expiration\":1},\"fail_action\":\"pass-through\"},\"protocol_version\":{\"min\":\"ssl3\",\"max\":\"tls13\",\"mirror_client\":1},\"decrypt_mirror\":{\"enable\":1,\"mirror_profile\":4}}\t1\t2"
"0\ttest\t{\"dynamic_bypass\":{\"ev_cert\":0,\"cert_transparency\":0,\"mutual_authentication\":1,\"cert_pinning\":1,\"protocol_errors\":1,\"trusted_root_cert_is_not_installed_on_client\":1},\"protocol_version\":{\"min\":\"ssl3\",\"max\":\"ssl3\",\"mirror_client\":1,\"allow_http2\":1},\"certificate_checks\":{\"approach\":{\"cn\":1,\"issuer\":1,\"self-signed\":1,\"expiration\":0},\"fail_action\":\"pass-through\"}}\t1",
"3\ttest\t{\"dynamic_bypass\":{\"ev_cert\":1,\"cert_transparency\":1,\"mutual_authentication\":1,\"cert_pinning\":1,\"protocol_errors\":1,\"trusted_root_cert_is_not_installed_on_client\":0},\"protocol_version\":{\"min\":\"ssl3\",\"max\":\"tls13\",\"mirror_client\":1,\"allow_http2\":1},\"certificate_checks\":{\"approach\":{\"cn\":1,\"issuer\":1,\"self-signed\":1,\"expiration\":1},\"fail_action\":\"fail-close\"}}\t1",
"4\ttest\t{\"dynamic_bypass\":{\"ev_cert\":0,\"cert_transparency\":0,\"mutual_authentication\":0,\"cert_pinning\":0,\"protocol_errors\":0,\"trusted_root_cert_is_not_installed_on_client\":0},\"protocol_version\":{\"min\":\"ssl3\",\"max\":\"ssl3\",\"mirror_client\":0,\"allow_http2\":0},\"certificate_checks\":{\"approach\":{\"cn\":0,\"issuer\":0,\"self-signed\":0,\"expiration\":0},\"fail_action\":\"pass-through\"}}\t1"
]
},
{
"table_name": "PXY_INTERCEPT_COMPILE",
"table_content": [
"0\t0\t2\t1\t1\t{}\t{\"vsys_id\":1,\"protocol\":\"SSL\",\"keyring_for_trusted\":765,\"keyring_for_untrusted\":10,\"decryption\":0,\"tcp_option_profile\":1,\"traffic_mirror\":{\"enable\":0}}\t1\t1\t2",
"255119\t0\t2\t1\t1\t{}\t{\"vsys_id\":1,\"protocol\":\"SSL\",\"keyring_for_trusted\":1,\"keyring_for_untrusted\":10,\"decryption\":0,\"tcp_option_profile\":1,\"traffic_mirror\":{\"enable\":1,\"mirror_profile\":1234}}\t1\t1\t2"
]
},
{
"table_name": "SERVICE_CHAINING_COMPILE",
"table_content": [
"1\t0\t2\t1\t1\t{}\t{\"targeted_traffic\":\"raw\",\"sff_profiles\":[1]}\t1\t2",
"2\t0\t2\t1\t1\t{}\t{\"targeted_traffic\":\"decrypted\",\"sff_profiles\":[1]}\t1\t2"
]
},
{
"table_name": "PXY_PROFILE_TCP_OPTION",
"table_content": [
"1\t0\t0\t{\"tcp_maxseg\":{\"enable\":0,\"maxseg\":1500},\"nodelay\":1,\"keep_alive\":{\"enable\":1,\"tcp_keepcnt\":8,\"tcp_keepidle\":30,\"tcp_keepintvl\":15},\"ttl\":70,\"user_timeout\":600}\t{\"tcp_maxseg\":{\"enable\":0,\"maxseg\":1500},\"nodelay\":1,\"keep_alive\":{\"enable\":1,\"tcp_keepcnt\":8,\"tcp_keepidle\":30,\"tcp_keepintvl\":15},\"ttl\":75,\"user_timeout\":600}\t1"
]
},
{
"table_name": "PXY_SSL_FINGERPRINT",
"table_content": [
"1\t599f223c2c9ee5702f5762913889dc21\t0\t1",
"2\teb149984fc9c44d85ed7f12c90d818be\t1\t0",
"3\te6573e91e6eb777c0933c5b8f97f10cd\t1\t1"
]
},
{
"table_name": "APP_ID_DICT",
"table_content": [
"67\thttp\t0\tnull\tnetworking\tinfrastructure\tnetwork-protocol\t3\tused-by-malware,vulnerability,widely-used\tnull\tnull\t{\"method\":\"drop\",\"after_n_packets\":0,\"send_icmp_unreachable\":1,\"send_tcp_reset\":1}\t0\t60\t120\t30\t30\t201\t1",
"68\thttps\t0\tnull\tnetworking\tinfrastructure\tnetwork-protocol\t3\tused-by-malware,vulnerability,widely-used\tnull\tnull\t{\"method\":\"rate_limit\",\"bps\":1000}\t0\t0\t0\t0\t0\t68000\t1"
]
},
{
"table_name": "TSG_FQDN_CATEGORY_BUILT_IN",
"table_content": [
"0\t1\t126.com\t1\t601\t1",
"1\t2\tbaidu.com\t1\t602\t1"
]
},
{
"table_name": "TSG_FQDN_CATEGORY_USER_DEFINED",
"table_content": [
"0\t3\t126.com\t1\t701\t1",
"1\t4\tbaidu.com\t1\t702\t1"
]
}
]