diff --git a/conf/verify_policy.conf b/conf/verify_policy.conf index f1e4943..d9da9e9 100644 --- a/conf/verify_policy.conf +++ b/conf/verify_policy.conf @@ -31,14 +31,6 @@ maat_redis_db_index=0 effect_interval_s=1 accept_tags={"tags":[{"tag":"location","value":"Astana"}]} -[dynamic_maat] -maat_input_mode=1 -table_info=./resource/dynamic_maat_table_info.conf -maat_redis_server=192.168.40.120 -maat_redis_port_range=7002 -maat_redis_db_index=1 -effect_interval_s=1 - [LISTEN] #Local monitor port number, default is 9991 port = 9994 diff --git a/resource/dynamic_maat_table_info.conf b/resource/dynamic_maat_table_info.conf deleted file mode 100644 index e83c303..0000000 --- a/resource/dynamic_maat_table_info.conf +++ /dev/null @@ -1,19 +0,0 @@ -#each collumn seperate with '\t' -#id (0~65535) -#name string -#type one of ip,expr,expr_plus,digest,intval,compile or plugin -#src_charset one of GBK,BIG5,UNICODE,UTF8 -#dst_charset combined by GBK,BIG5,UNICODE,UTF8,seperate with '/' -#do_merege [yes/no] -#cross cache [number] -#quick mode [quickon/quickoff], default [quickoff] -#For ip/intval/digest/compile/group -#id name type -# -#For plugin table -#id name type json_descr -# -#For expr/expr_plus Table -#id name type src_charset dst_charset do_merge cross_cache quick_mode - -1 TSG_DYN_SUBSCRIBER_IP plugin {"key":3,"valid":5} diff --git a/scan/src/policy_scan.cpp b/scan/src/policy_scan.cpp index f66f719..dee82d9 100644 --- a/scan/src/policy_scan.cpp +++ b/scan/src/policy_scan.cpp @@ -121,8 +121,6 @@ struct pangu_http_ctx struct pangu_rt { Maat_feather_t maat[__SCAN_POLICY_MAX]; - Maat_feather_t dyn_maat; - int subscriber_id_table_id; void * local_logger; int log_level; int thread_num; @@ -1258,59 +1256,6 @@ error_out: return NULL; } -static int get_column_pos(const char* line, int column_seq, size_t *offset, size_t *len) -{ - const char* seps=" \t"; - char* saveptr=NULL, *subtoken=NULL, *str=NULL; - char* dup_line=strdup(line); - int i=0, ret=-1; - for (str = dup_line; ; str = NULL) - { - subtoken = strtok_r(str, seps, &saveptr); - if (subtoken == NULL) - break; - if(i==column_seq-1) - { - *offset=subtoken-dup_line; - *len=strlen(subtoken); - ret=0; - break; - } - i++; - } - free(dup_line); - return ret; -} - -void subscribe_id_new_cb(int table_id, const char* key, const char* table_line, MAAT_PLUGIN_EX_DATA* ad, long argl, void* argp) -{ - int ret=0; - size_t subscribe_id_offset, len; - ret=get_column_pos(table_line, 4, &subscribe_id_offset, &len); - if(ret<0) - { - mesa_runtime_log(RLOG_LV_FATAL, MODULE_NAME, "Add subscribe ID faild: %s", table_line); - return; - } - *ad=ALLOC(char, len+1); - memcpy(*ad, table_line+subscribe_id_offset, len); - mesa_runtime_log(RLOG_LV_INFO, MODULE_NAME, "Add subscribe ID: %s", (char*)*ad); - return; -} - -void subscribe_id_free_cb(int table_id, MAAT_PLUGIN_EX_DATA* ad, long argl, void* argp) -{ - mesa_runtime_log(RLOG_LV_INFO, MODULE_NAME, "Delete subscribe ID: %s", (char*)*ad); - free(*ad); - *ad=NULL; -} - -void subscribe_id_dup_cb(int table_id, MAAT_PLUGIN_EX_DATA* to, MAAT_PLUGIN_EX_DATA* from, long argl, void* argp) -{ - *to = strdup((char*)*from); - return; -} - int proxy_policy_init(struct verify_policy * verify, const char* profile_path) { int ret = -1; @@ -1355,25 +1300,6 @@ int proxy_policy_init(struct verify_policy * verify, const char* profile_path) } mesa_runtime_log(RLOG_LV_DEBUG, MODULE_NAME, "Pangu policy register maat %p, table name %s, table id %d", g_pangu_rt->maat[PXY_TABLE_MANIPULATION], table_name[i], g_pangu_rt->scan_table_id[PXY_TABLE_MANIPULATION][i]); } - g_pangu_rt->dyn_maat = create_maat_feather("dyn", profile_path, "DYNAMIC_MAAT", "table_info", g_pangu_rt->thread_num, g_pangu_rt->local_logger); - if (!g_pangu_rt->dyn_maat) - { - goto error_out; - } - g_pangu_rt->subscriber_id_table_id=Maat_table_register(g_pangu_rt->dyn_maat, "TSG_DYN_SUBSCRIBER_IP"); - ret=Maat_plugin_EX_register(g_pangu_rt->dyn_maat, - g_pangu_rt->subscriber_id_table_id, - subscribe_id_new_cb, - subscribe_id_free_cb, - subscribe_id_dup_cb, - NULL, - 0, - NULL); - if(ret!=0) - { - mesa_runtime_log(RLOG_LV_FATAL, MODULE_NAME, "Pangu HTTP Dynamic Maat TSG_DYN_SUBSCRIBER_IP EX data register failed."); - goto error_out; - } ret = 0; error_out: return ret;