Add SERVER_FQDN virtual table initialization and scanning
This commit is contained in:
fengweihao
@@ -81,6 +81,8 @@ enum tsg_obj_table
|
|||||||
TSG_OBJ_IP_DST_ASN,
|
TSG_OBJ_IP_DST_ASN,
|
||||||
TSG_OBJ_IP_SRC_LOCATION,
|
TSG_OBJ_IP_SRC_LOCATION,
|
||||||
TSG_OBJ_IP_DST_LOCATION,
|
TSG_OBJ_IP_DST_LOCATION,
|
||||||
|
TSG_OBJ_DST_SERVER_FQDN,
|
||||||
|
TSG_OBJ_DST_SERVER_FQDN_CAT,
|
||||||
__TSG_OBJ_MAX
|
__TSG_OBJ_MAX
|
||||||
};
|
};
|
||||||
|
|
||||||
|
|||||||
@@ -995,10 +995,11 @@ static enum policy_action decide_ctrl_action(int vsys_id, int compile_table_id,
|
|||||||
return prior_action;
|
return prior_action;
|
||||||
}
|
}
|
||||||
|
|
||||||
int http_table_in_fqdn(int table_id)
|
static inline int request_in_fqdn_cat(int table_id)
|
||||||
{
|
{
|
||||||
if(table_id == TSG_OBJ_HTTP_HOST || table_id == TSG_OBJ_SSL_SNI || table_id==TSG_OBJ_SSL_CN || table_id==TSG_OBJ_SSL_SAN
|
if(table_id==TSG_OBJ_HTTP_HOST || table_id==TSG_OBJ_SSL_SNI || table_id==TSG_OBJ_SSL_CN || table_id==TSG_OBJ_SSL_SAN
|
||||||
|| table_id==TSG_OBJ_DNS_QNAME || table_id == TSG_OBJ_QUIC_SNI || table_id == TSG_OBJ_DOH_QNAME || table_id==TSG_OBJ_DOH_HOST)
|
|| table_id==TSG_OBJ_DNS_QNAME || table_id==TSG_OBJ_QUIC_SNI || table_id==TSG_OBJ_DOH_QNAME || table_id==TSG_OBJ_DOH_HOST
|
||||||
|
|| table_id==TSG_OBJ_DST_SERVER_FQDN)
|
||||||
{
|
{
|
||||||
return 1;
|
return 1;
|
||||||
}
|
}
|
||||||
@@ -1013,13 +1014,20 @@ void http_get_fqdn_cat_id(struct request_query_obj *query_obj, cJSON *attributeO
|
|||||||
int i=0;
|
int i=0;
|
||||||
cJSON *sniCategory=NULL;
|
cJSON *sniCategory=NULL;
|
||||||
|
|
||||||
if(!http_table_in_fqdn(query_obj->table_id))
|
if(!request_in_fqdn_cat(query_obj->table_id))
|
||||||
{
|
{
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
|
||||||
sniCategory=cJSON_CreateArray();
|
sniCategory=cJSON_CreateArray();
|
||||||
cJSON_AddItemToObject(attributeObj, "sniCategory", sniCategory);
|
if(query_obj->table_id == TSG_OBJ_DST_SERVER_FQDN)
|
||||||
|
{
|
||||||
|
cJSON_AddItemToObject(attributeObj, "serverCategory", sniCategory);
|
||||||
|
}
|
||||||
|
else
|
||||||
|
{
|
||||||
|
cJSON_AddItemToObject(attributeObj, "sniCategory", sniCategory);
|
||||||
|
}
|
||||||
|
|
||||||
cJSON *fqdnObj=NULL;
|
cJSON *fqdnObj=NULL;
|
||||||
for(i=0; i<query_obj->fqdn_user.fqdn_cat_num; i++)
|
for(i=0; i<query_obj->fqdn_user.fqdn_cat_num; i++)
|
||||||
@@ -1643,19 +1651,6 @@ int policy_verify_scan_tunnel_id(long long *result, struct ip_addr *sip, int hit
|
|||||||
return hit_cnt_tunnel;
|
return hit_cnt_tunnel;
|
||||||
}
|
}
|
||||||
|
|
||||||
static inline int request_in_fqdn_cat(int table_id)
|
|
||||||
{
|
|
||||||
if(table_id == TSG_OBJ_HTTP_HOST || table_id == TSG_OBJ_SSL_SNI || table_id==TSG_OBJ_SSL_CN || table_id==TSG_OBJ_SSL_SAN
|
|
||||||
|| table_id==TSG_OBJ_DNS_QNAME || table_id == TSG_OBJ_QUIC_SNI || table_id == TSG_OBJ_DOH_QNAME || table_id==TSG_OBJ_DOH_HOST)
|
|
||||||
{
|
|
||||||
return 1;
|
|
||||||
}
|
|
||||||
else
|
|
||||||
{
|
|
||||||
return 0;
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
static int policy_verify_scan_app_id(struct request_query_obj *request, struct policy_scan_ctx *ctx, int vsys_id, int hit_cnt)
|
static int policy_verify_scan_app_id(struct request_query_obj *request, struct policy_scan_ctx *ctx, int vsys_id, int hit_cnt)
|
||||||
{
|
{
|
||||||
int n_read=0;
|
int n_read=0;
|
||||||
@@ -2028,14 +2023,14 @@ error_out:
|
|||||||
static void http_table_name_init(const char *table_name[__TSG_OBJ_MAX])
|
static void http_table_name_init(const char *table_name[__TSG_OBJ_MAX])
|
||||||
{
|
{
|
||||||
table_name[TSG_OBJ_HTTP_URL] = "ATTR_HTTP_URL";
|
table_name[TSG_OBJ_HTTP_URL] = "ATTR_HTTP_URL";
|
||||||
table_name[TSG_OBJ_HTTP_HOST] = "ATTR_HTTP_HOST_VIRTUAL";
|
table_name[TSG_OBJ_HTTP_HOST] = "ATTR_HTTP_HOST";
|
||||||
table_name[TSG_OBJ_HTTP_HOST_CAT] = "ATTR_HTTP_HOST_CAT_VIRTUAL";
|
table_name[TSG_OBJ_HTTP_HOST_CAT] = "ATTR_HTTP_HOST_CAT";
|
||||||
table_name[TSG_OBJ_HTTP_REQ_HDR] = "ATTR_HTTP_REQ_HDR";
|
table_name[TSG_OBJ_HTTP_REQ_HDR] = "ATTR_HTTP_REQ_HDR";
|
||||||
table_name[TSG_OBJ_HTTP_REQ_BODY] = "ATTR_HTTP_REQ_BODY";
|
table_name[TSG_OBJ_HTTP_REQ_BODY] = "ATTR_HTTP_REQ_BODY";
|
||||||
table_name[TSG_OBJ_HTTP_RES_HDR] = "ATTR_HTTP_RES_HDR";
|
table_name[TSG_OBJ_HTTP_RES_HDR] = "ATTR_HTTP_RES_HDR";
|
||||||
table_name[TSG_OBJ_HTTP_RES_BODY] = "ATTR_HTTP_RES_BODY";
|
table_name[TSG_OBJ_HTTP_RES_BODY] = "ATTR_HTTP_RES_BODY";
|
||||||
table_name[TSG_OBJ_SSL_SNI] = "ATTR_SSL_SNI_VIRTUAL";
|
table_name[TSG_OBJ_SSL_SNI] = "ATTR_SSL_SNI";
|
||||||
table_name[TSG_OBJ_SSL_SNI_CAT] = "ATTR_SSL_SNI_CAT_VIRTUAL";
|
table_name[TSG_OBJ_SSL_SNI_CAT] = "ATTR_SSL_SNI_CAT";
|
||||||
table_name[TSG_OBJ_SSL_CN] = "ATTR_SSL_CN";
|
table_name[TSG_OBJ_SSL_CN] = "ATTR_SSL_CN";
|
||||||
table_name[TSG_OBJ_SSL_CN_CAT] = "ATTR_SSL_CN_CAT";
|
table_name[TSG_OBJ_SSL_CN_CAT] = "ATTR_SSL_CN_CAT";
|
||||||
table_name[TSG_OBJ_SSL_SAN] = "ATTR_SSL_SAN";
|
table_name[TSG_OBJ_SSL_SAN] = "ATTR_SSL_SAN";
|
||||||
@@ -2049,8 +2044,8 @@ static void doq_table_name_init(const char *table_name[__TSG_OBJ_MAX])
|
|||||||
table_name[TSG_OBJ_DOH_HOST]="ATTR_DOH_HOST";
|
table_name[TSG_OBJ_DOH_HOST]="ATTR_DOH_HOST";
|
||||||
table_name[TSG_OBJ_DOH_HOST_CAT]="ATTR_DOH_HOST_CAT";
|
table_name[TSG_OBJ_DOH_HOST_CAT]="ATTR_DOH_HOST_CAT";
|
||||||
table_name[TSG_OBJ_DNS_QNAME] = "ATTR_DOH_QNAME";
|
table_name[TSG_OBJ_DNS_QNAME] = "ATTR_DOH_QNAME";
|
||||||
table_name[TSG_OBJ_QUIC_SNI] = "ATTR_QUIC_SNI_VIRTUAL";
|
table_name[TSG_OBJ_QUIC_SNI] = "ATTR_QUIC_SNI";
|
||||||
table_name[TSG_OBJ_QUIC_SNI_CAT] = "ATTR_QUIC_SNI_CAT_VIRTUAL";
|
table_name[TSG_OBJ_QUIC_SNI_CAT] = "ATTR_QUIC_SNI_CAT";
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -2083,6 +2078,8 @@ static void common_table_name_int(const char *table_name[__TSG_OBJ_MAX])
|
|||||||
table_name[TSG_OBJ_IP_DST_ASN]="ATTR_DESTINATION_ASN";
|
table_name[TSG_OBJ_IP_DST_ASN]="ATTR_DESTINATION_ASN";
|
||||||
table_name[TSG_OBJ_IP_SRC_LOCATION]="ATTR_SOURCE_LOCATION";
|
table_name[TSG_OBJ_IP_SRC_LOCATION]="ATTR_SOURCE_LOCATION";
|
||||||
table_name[TSG_OBJ_IP_DST_LOCATION]="ATTR_DESTINATION_LOCATION";
|
table_name[TSG_OBJ_IP_DST_LOCATION]="ATTR_DESTINATION_LOCATION";
|
||||||
|
table_name[TSG_OBJ_DST_SERVER_FQDN]="ATTR_DESTINATION_SERVER_FQDN";
|
||||||
|
table_name[TSG_OBJ_DST_SERVER_FQDN_CAT]="ATTR_DESTINATION_SERVER_FQDN_CAT";
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|||||||
@@ -138,6 +138,8 @@ int protoco_field_type_str2idx(const char *action_str, char *buff, char **p)
|
|||||||
table_name[TSG_OBJ_IP_DST_ASN]="ATTR_DESTINATION_ASN";
|
table_name[TSG_OBJ_IP_DST_ASN]="ATTR_DESTINATION_ASN";
|
||||||
table_name[TSG_OBJ_IP_SRC_LOCATION]="ATTR_SOURCE_LOCATION";
|
table_name[TSG_OBJ_IP_SRC_LOCATION]="ATTR_SOURCE_LOCATION";
|
||||||
table_name[TSG_OBJ_IP_DST_LOCATION]="ATTR_DESTINATION_LOCATION";
|
table_name[TSG_OBJ_IP_DST_LOCATION]="ATTR_DESTINATION_LOCATION";
|
||||||
|
table_name[TSG_OBJ_DST_SERVER_FQDN]="ATTR_DESTINATION_SERVER_FQDN";
|
||||||
|
table_name[TSG_OBJ_DST_SERVER_FQDN_CAT]="ATTR_DESTINATION_SERVER_FQDN_CAT";
|
||||||
|
|
||||||
size_t i = 0;
|
size_t i = 0;
|
||||||
for (i = 0; i < __TSG_OBJ_MAX; i++)
|
for (i = 0; i < __TSG_OBJ_MAX; i++)
|
||||||
|
|||||||
@@ -491,16 +491,14 @@
|
|||||||
}
|
}
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
"table_id": 37,
|
"table_id":37,
|
||||||
"table_name": "ATTR_HTTP_HOST_VIRTUAL",
|
"table_name": "ATTR_HTTP_HOST",
|
||||||
"db_tables": ["ATTR_HTTP_HOST", "ATTR_DESTINATION_SERVER_FQDN"],
|
|
||||||
"table_type": "virtual",
|
"table_type": "virtual",
|
||||||
"physical_table": "TSG_OBJ_FQDN"
|
"physical_table": "TSG_OBJ_FQDN"
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
"table_id": 38,
|
"table_id":38,
|
||||||
"table_name": "ATTR_HTTP_HOST_CAT_VIRTUAL",
|
"table_name": "ATTR_HTTP_HOST_CAT",
|
||||||
"db_tables": ["ATTR_HTTP_HOST_CAT", "ATTR_DESTINATION_SERVER_FQDN_CAT"],
|
|
||||||
"table_type": "virtual",
|
"table_type": "virtual",
|
||||||
"physical_table": "TSG_OBJ_FQDN_CAT"
|
"physical_table": "TSG_OBJ_FQDN_CAT"
|
||||||
},
|
},
|
||||||
@@ -535,16 +533,14 @@
|
|||||||
"physical_table": "TSG_OBJ_KEYWORDS"
|
"physical_table": "TSG_OBJ_KEYWORDS"
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
"table_id": 44,
|
"table_id":44,
|
||||||
"table_name": "ATTR_SSL_SNI_VIRTUAL",
|
"table_name": "ATTR_SSL_SNI",
|
||||||
"db_tables": ["ATTR_SSL_SNI", "ATTR_DESTINATION_SERVER_FQDN"],
|
|
||||||
"table_type": "virtual",
|
"table_type": "virtual",
|
||||||
"physical_table": "TSG_OBJ_FQDN"
|
"physical_table": "TSG_OBJ_FQDN"
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
"table_id": 45,
|
"table_id":45,
|
||||||
"table_name": "ATTR_SSL_SNI_CAT_VIRTUAL",
|
"table_name": "ATTR_SSL_SNI_CAT",
|
||||||
"db_tables": ["ATTR_SSL_SNI_CAT", "ATTR_DESTINATION_SERVER_FQDN_CAT"],
|
|
||||||
"table_type": "virtual",
|
"table_type": "virtual",
|
||||||
"physical_table": "TSG_OBJ_FQDN_CAT"
|
"physical_table": "TSG_OBJ_FQDN_CAT"
|
||||||
},
|
},
|
||||||
@@ -580,15 +576,13 @@
|
|||||||
},
|
},
|
||||||
{
|
{
|
||||||
"table_id":51,
|
"table_id":51,
|
||||||
"table_name": "ATTR_QUIC_SNI_VIRTUAL",
|
"table_name": "ATTR_QUIC_SNI",
|
||||||
"db_tables": ["ATTR_QUIC_SNI", "ATTR_DESTINATION_SERVER_FQDN"],
|
|
||||||
"table_type": "virtual",
|
"table_type": "virtual",
|
||||||
"physical_table": "TSG_OBJ_FQDN"
|
"physical_table": "TSG_OBJ_FQDN"
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
"table_id":52,
|
"table_id":52,
|
||||||
"table_name": "ATTR_QUIC_SNI_CAT_VIRTUAL",
|
"table_name": "ATTR_QUIC_SNI_CAT",
|
||||||
"db_tables": ["ATTR_QUIC_SNI_CAT", "ATTR_DESTINATION_SERVER_FQDN_CAT"],
|
|
||||||
"table_type": "virtual",
|
"table_type": "virtual",
|
||||||
"physical_table": "TSG_OBJ_FQDN_CAT"
|
"physical_table": "TSG_OBJ_FQDN_CAT"
|
||||||
},
|
},
|
||||||
@@ -986,5 +980,17 @@
|
|||||||
"table_name":"ATTR_APP_ID",
|
"table_name":"ATTR_APP_ID",
|
||||||
"table_type":"virtual",
|
"table_type":"virtual",
|
||||||
"physical_table": "APP_ID_DICT"
|
"physical_table": "APP_ID_DICT"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"table_id": 100,
|
||||||
|
"table_name": "ATTR_DESTINATION_SERVER_FQDN",
|
||||||
|
"table_type": "virtual",
|
||||||
|
"physical_table": "TSG_OBJ_FQDN"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"table_id": 101,
|
||||||
|
"table_name": "ATTR_DESTINATION_SERVER_FQDN_CAT",
|
||||||
|
"table_type": "virtual",
|
||||||
|
"physical_table": "TSG_OBJ_FQDN_CAT"
|
||||||
}
|
}
|
||||||
]
|
]
|
||||||
@@ -491,16 +491,14 @@
|
|||||||
}
|
}
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
"table_id": 37,
|
"table_id":37,
|
||||||
"table_name": "ATTR_HTTP_HOST_VIRTUAL",
|
"table_name": "ATTR_HTTP_HOST",
|
||||||
"db_tables": ["ATTR_HTTP_HOST", "ATTR_DESTINATION_SERVER_FQDN"],
|
|
||||||
"table_type": "virtual",
|
"table_type": "virtual",
|
||||||
"physical_table": "TSG_OBJ_FQDN"
|
"physical_table": "TSG_OBJ_FQDN"
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
"table_id": 38,
|
"table_id":38,
|
||||||
"table_name": "ATTR_HTTP_HOST_CAT_VIRTUAL",
|
"table_name": "ATTR_HTTP_HOST_CAT",
|
||||||
"db_tables": ["ATTR_HTTP_HOST_CAT", "ATTR_DESTINATION_SERVER_FQDN_CAT"],
|
|
||||||
"table_type": "virtual",
|
"table_type": "virtual",
|
||||||
"physical_table": "TSG_OBJ_FQDN_CAT"
|
"physical_table": "TSG_OBJ_FQDN_CAT"
|
||||||
},
|
},
|
||||||
@@ -535,16 +533,14 @@
|
|||||||
"physical_table": "TSG_OBJ_KEYWORDS"
|
"physical_table": "TSG_OBJ_KEYWORDS"
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
"table_id": 44,
|
"table_id":44,
|
||||||
"table_name": "ATTR_SSL_SNI_VIRTUAL",
|
"table_name": "ATTR_SSL_SNI",
|
||||||
"db_tables": ["ATTR_SSL_SNI", "ATTR_DESTINATION_SERVER_FQDN"],
|
|
||||||
"table_type": "virtual",
|
"table_type": "virtual",
|
||||||
"physical_table": "TSG_OBJ_FQDN"
|
"physical_table": "TSG_OBJ_FQDN"
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
"table_id": 45,
|
"table_id":45,
|
||||||
"table_name": "ATTR_SSL_SNI_CAT_VIRTUAL",
|
"table_name": "ATTR_SSL_SNI_CAT",
|
||||||
"db_tables": ["ATTR_SSL_SNI_CAT", "ATTR_DESTINATION_SERVER_FQDN_CAT"],
|
|
||||||
"table_type": "virtual",
|
"table_type": "virtual",
|
||||||
"physical_table": "TSG_OBJ_FQDN_CAT"
|
"physical_table": "TSG_OBJ_FQDN_CAT"
|
||||||
},
|
},
|
||||||
@@ -580,15 +576,13 @@
|
|||||||
},
|
},
|
||||||
{
|
{
|
||||||
"table_id":51,
|
"table_id":51,
|
||||||
"table_name": "ATTR_QUIC_SNI_VIRTUAL",
|
"table_name": "ATTR_QUIC_SNI",
|
||||||
"db_tables": ["ATTR_QUIC_SNI", "ATTR_DESTINATION_SERVER_FQDN"],
|
|
||||||
"table_type": "virtual",
|
"table_type": "virtual",
|
||||||
"physical_table": "TSG_OBJ_FQDN"
|
"physical_table": "TSG_OBJ_FQDN"
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
"table_id":52,
|
"table_id":52,
|
||||||
"table_name": "ATTR_QUIC_SNI_CAT_VIRTUAL",
|
"table_name": "ATTR_QUIC_SNI_CAT",
|
||||||
"db_tables": ["ATTR_QUIC_SNI_CAT", "ATTR_DESTINATION_SERVER_FQDN_CAT"],
|
|
||||||
"table_type": "virtual",
|
"table_type": "virtual",
|
||||||
"physical_table": "TSG_OBJ_FQDN_CAT"
|
"physical_table": "TSG_OBJ_FQDN_CAT"
|
||||||
},
|
},
|
||||||
@@ -912,5 +906,17 @@
|
|||||||
"table_name":"ATTR_APP_ID",
|
"table_name":"ATTR_APP_ID",
|
||||||
"table_type":"virtual",
|
"table_type":"virtual",
|
||||||
"physical_table": "APP_ID_DICT"
|
"physical_table": "APP_ID_DICT"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"table_id": 100,
|
||||||
|
"table_name": "ATTR_DESTINATION_SERVER_FQDN",
|
||||||
|
"table_type": "virtual",
|
||||||
|
"physical_table": "TSG_OBJ_FQDN"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"table_id": 101,
|
||||||
|
"table_name": "ATTR_DESTINATION_SERVER_FQDN_CAT",
|
||||||
|
"table_type": "virtual",
|
||||||
|
"physical_table": "TSG_OBJ_FQDN_CAT"
|
||||||
}
|
}
|
||||||
]
|
]
|
||||||
Reference in New Issue
Block a user