gfwleak/tango-verify-policy
Archived
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

TSG-22949 Distinguish between source and destination when acquiring tag for ip address TSG-23127 Adapt VerifyPolicy to interface structure changes.

Browse Source
This commit is contained in:
fengweihao
2024-10-30 16:43:49 +08:00
parent faa531da8c
commit b62c1037f6
9 changed files with 516 additions and 338 deletions
Download Patch File Download Diff File Expand all files Collapse all files

185
test/resource/HitPolicyRequest.json
View File

@@ -2,17 +2,15 @@
"Verify_Policy_Request": [
{
"__item_id": 0,
"vsys_id": 1,
"vsys": 1,
"verify_list": [
{
"type": "pxy_manipulation",
"vsys_id": 1,
"verify_session": {
"attributes": [
{
"attribute_type": "ip",
"table_name": "ATTR_SOURCE_IP",
"attribute_name": "source",
"attribute_value_type": "ip",
"attribute_name": "ATTR_SOURCE_IP",
"attribute_value": {
"ip": "192.168.0.1",
"port":"8080",
@@ -27,17 +25,15 @@
},
{
"__item_id": 1,
"vsys_id": 1,
"vsys": 1,
"verify_list": [
{
"type": "pxy_manipulation",
"vsys_id": 1,
"verify_session": {
"attributes": [
{
"attribute_type": "ip",
"table_name": "ATTR_SOURCE_IP",
"attribute_name": "source",
"attribute_value_type": "ip",
"attribute_name": "ATTR_SOURCE_IP",
"attribute_value": {
"ip": "192.168.1.1",
"port":"8080",
@@ -45,9 +41,8 @@
}
},
{
"attribute_type": "ip",
"table_name": "ATTR_INTERNAL_IP",
"attribute_name": "internal",
"attribute_value_type": "ip",
"attribute_name": "ATTR_INTERNAL_IP",
"attribute_value": {
"ip": "192.168.1.2",
"port": "80",
@@ -55,9 +50,8 @@
}
},
{
"attribute_type": "string",
"table_name": "ATTR_SERVER_FQDN",
"attribute_name": "server_fqdn",
"attribute_value_type": "string",
"attribute_name": "ATTR_SERVER_FQDN",
"attribute_value": {
"string": "www.126.com"
}
@@ -70,7 +64,7 @@
},
{
"__item_id": 2,
"vsys_id": 1,
"vsys": 1,
"verify_list": [
{
"type": "security",
@@ -78,9 +72,8 @@
"verify_session": {
"attributes": [
{
"attribute_type": "ip",
"table_name": "ATTR_TUNNEL",
"attribute_name": "tunnel_endpointa",
"attribute_value_type": "ip",
"attribute_name": "ATTR_TUNNEL",
"attribute_value": {
"ip": "192.168.0.4",
"port":80,
@@ -96,17 +89,15 @@
},
{
"__item_id": 3,
"vsys_id": 1,
"vsys": 1,
"verify_list": [
{
"type": "security",
"vsys_id": 1,
"verify_session": {
"attributes": [
{
"attribute_type": "ip",
"table_name": "ATTR_TUNNEL",
"attribute_name": "tunnel_endpointb",
"attribute_value_type": "ip",
"attribute_name": "ATTR_TUNNEL",
"attribute_value": {
"ip": "192.168.0.5",
"tunnel_type":"gtp",
@@ -121,17 +112,15 @@
},
{
"__item_id": 4,
"vsys_id": 1,
"vsys": 1,
"verify_list": [
{
"type": "security",
"vsys_id": 1,
"verify_session": {
"attributes": [
{
"attribute_type": "ip",
"table_name": "ATTR_TUNNEL",
"attribute_name": "tunnel_endpointa",
"attribute_value_type": "ip",
"attribute_name": "ATTR_TUNNEL",
"attribute_value": {
"ip": "192.168.0.5",
"tunnel_type":"gtp",
@@ -139,9 +128,8 @@
}
},
{
"attribute_type": "ip",
"table_name": "ATTR_TUNNEL",
"attribute_name": "tunnel_endpointb",
"attribute_value_type": "ip",
"attribute_name": "ATTR_TUNNEL",
"attribute_value": {
"ip": "192.168.0.6",
"tunnel_type":"gtp",
@@ -156,17 +144,15 @@
},
{
"__item_id": 5,
"vsys_id": 1,
"vsys": 1,
"verify_list": [
{
"type": "pxy_manipulation",
"vsys_id": 1,
"verify_session": {
"attributes": [
{
"attribute_type": "ip",
"table_name": "ATTR_SOURCE_IP",
"attribute_name": "source",
"attribute_value_type": "ip",
"attribute_name": "ATTR_SOURCE_IP",
"attribute_value": {
"ip": "192.168.0.2",
"port": "80",
@@ -174,9 +160,8 @@
}
},
{
"attribute_type": "ip",
"table_name": "ATTR_DESTINATION_IP",
"attribute_name": "destination",
"attribute_value_type": "ip",
"attribute_name": "ATTR_DESTINATION_IP",
"attribute_value": {
"ip": "192.168.0.3",
"port": "80",
@@ -184,17 +169,15 @@
}
},
{
"attribute_type": "string",
"table_name": "ATTR_SERVER_FQDN",
"attribute_name": "server_fqdn",
"attribute_value_type": "string",
"attribute_name": "ATTR_SERVER_FQDN",
"attribute_value": {
"string": "www.baidu.com"
}
},
{
"attribute_type": "string",
"table_name": "ATTR_SSL_SAN",
"attribute_name": "ssl_san",
"attribute_value_type": "string",
"attribute_name": "ATTR_SSL_SAN",
"attribute_value": {
"string": "www.baidu.com"
}
@@ -207,26 +190,23 @@
},
{
"__item_id": 6,
"vsys_id": 1,
"vsys": 1,
"verify_list": [
{
"type": "pxy_manipulation",
"vsys_id": 1,
"verify_session": {
"attributes": [
{
"attribute_type": "ip",
"table_name": "ATTR_IP_PROTOCOL",
"attribute_name": "ip_protocol",
"attribute_value_type": "ip",
"attribute_name": "ATTR_IP_PROTOCOL",
"attribute_value": {
"addr_type": 4,
"protocol": 6
}
},
{
"attribute_type": "ip",
"table_name": "ATTR_TUNNEL",
"attribute_name": "tunnel_endpointa",
"attribute_value_type": "ip",
"attribute_name": "ATTR_TUNNEL",
"attribute_value": {
"ip": "192.168.0.5",
"tunnel_type":"gtp",
@@ -234,9 +214,8 @@
}
},
{
"attribute_type": "ip",
"table_name": "ATTR_TUNNEL",
"attribute_name": "tunnel_endpointb",
"attribute_value_type": "ip",
"attribute_name": "ATTR_TUNNEL",
"attribute_value": {
"ip": "192.168.0.6",
"tunnel_type":"gtp",
@@ -244,9 +223,8 @@
}
},
{
"attribute_type": "ip",
"table_name": "ATTR_SOURCE_IP",
"attribute_name": "source",
"attribute_value_type": "ip",
"attribute_name": "ATTR_SOURCE_IP",
"attribute_value": {
"ip": "192.168.1.1",
"port":"8080",
@@ -261,26 +239,23 @@
},
{
"__item_id": 7,
"vsys_id": 1,
"vsys": 1,
"verify_list": [
{
"type": "pxy_manipulation",
"vsys_id": 1,
"verify_session": {
"attributes": [
{
"attribute_type": "ip",
"table_name": "ATTR_IP_PROTOCOL",
"attribute_name": "ip_protocol",
"attribute_value_type": "ip",
"attribute_name": "ATTR_IP_PROTOCOL",
"attribute_value": {
"addr_type": 4,
"protocol": 6
}
},
{
"attribute_type": "ip",
"table_name": "ATTR_TUNNEL",
"attribute_name": "tunnel_endpointa",
"attribute_value_type": "ip",
"attribute_name": "ATTR_TUNNEL",
"attribute_value": {
"ip": "192.168.0.4",
"tunnel_type":"gtp",
@@ -288,9 +263,8 @@
}
},
{
"attribute_type": "ip",
"table_name": "ATTR_TUNNEL",
"attribute_name": "tunnel_endpointb",
"attribute_value_type": "ip",
"attribute_name": "ATTR_TUNNEL",
"attribute_value": {
"ip": "192.168.0.6",
"tunnel_type":"gtp",
@@ -305,17 +279,15 @@
},
{
"__item_id": 8,
"vsys_id": 1,
"vsys": 1,
"verify_list": [
{
"type": "pxy_manipulation",
"vsys_id": 1,
"verify_session": {
"attributes": [
{
"attribute_type": "ip",
"table_name": "ATTR_SOURCE_IP",
"attribute_name": "source",
"attribute_value_type": "ip",
"attribute_name": "ATTR_SOURCE_IP",
"attribute_value": {
"ip": "192.168.55.4",
"port": "80",
@@ -323,59 +295,52 @@
}
},
{
"attribute_type": "ip",
"table_name": "ATTR_IP_PROTOCOL",
"attribute_name": "ip_protocol",
"attribute_value_type": "ip",
"attribute_name": "ATTR_IP_PROTOCOL",
"attribute_value": {
"addr_type": 4,
"protocol": 6
}
},
{
"attribute_type": "port",
"table_name": "ATTR_SOURCE_PORT",
"attribute_name": "source",
"attribute_value_type": "port",
"attribute_name": "ATTR_SOURCE_PORT",
"attribute_value": {
"port": "80"
}
},
{
"attribute_type": "numeric",
"table_name": "ATTR_APP_ID",
"attribute_name": "app_id",
"attribute_value_type": "numeric",
"attribute_name": "ATTR_APP_ID",
"attribute_value": {
"numeric": 67
}
},
{
"attribute_type": "string",
"table_name": "ATTR_HTTP_REQ_HDR",
"attribute_name": "req_hdr",
"attribute_value_type": "string",
"attribute_name": "ATTR_HTTP_REQ_HDR",
"attribute_value": {
"district":"User-Agent",
"string":"test"
}
},
{
"attribute_type": "string",
"table_name": "ATTR_TUNNEL_LEVEL",
"attribute_name": "tunnel_level",
"attribute_value_type": "string",
"attribute_name": "ATTR_TUNNEL_LEVEL",
"attribute_value": {
"numeric": 60
}
},
{
"attribute_type": "flag",
"table_name": "ATTR_FLAG",
"attribute_name": "flag",
"attribute_value_type": "flag",
"attribute_name": "ATTR_FLAG",
"attribute_value": {
"numeric": 15
}
},
{
"attribute_type": "boolean",
"table_name": "ATTR_SSL_ECH",
"attribute_name": "esni",
"attribute_value_type": "boolean",
"attribute_name": "ATTR_SSL_ECH",
"attribute_value": {
"numeric": 1
}
@@ -385,6 +350,30 @@
}
],
"verify_type": "policy"
},
{
"__item_id": 9,
"vsys": 1,
"verify_list": [
{
"type": "pxy_manipulation",
"vsys": 1,
"verify_session": {
"attributes": [
{
"attribute_value_type": "ip",
"attribute_name": "ATTR_SOURCE_IP",
"attribute_value": {
"ip": "192.168.2.1",
"port":"8080",
"addr_type": 4
}
}
]
}
}
],
"verify_type": "policy"
}
]
}

207
test/resource/HitPolicyResult.json
View File

@@ -1,6 +1,7 @@
{
"Verify_Policy_Result": [
{
"__item_id": 0,
"code": 200,
"msg": "Success",
"data": {
@@ -12,7 +13,7 @@
"top_object_list": [
{
"object_uuid": "00005000-0000-0000-0000-000000000000",
"table_name": "ATTR_SOURCE_IP",
"attribute_name": "ATTR_SOURCE_IP",
"negate_option": 0,
"condition_index": 0
}
@@ -22,9 +23,8 @@
"verify_session": {
"attributes": [
{
"attribute_type": "ip",
"table_name": "ATTR_SOURCE_IP",
"attribute_name": "source",
"attribute_value_type": "ip",
"attribute_name": "ATTR_SOURCE_IP",
"attribute_value": {
"ip": "192.168.0.1",
"port": "8080",
@@ -43,6 +43,7 @@
"success": true
},
{
"__item_id": 1,
"code": 200,
"msg": "Success",
"data": {
@@ -54,19 +55,19 @@
"top_object_list": [
{
"tag_uuid": "00000011-0000-0000-0000-000000000000",
"table_name": "ATTR_SOURCE_IP",
"attribute_name": "ATTR_SOURCE_IP",
"negate_option": 0,
"condition_index": 0
},
{
"tag_uuid": "00000012-0000-0000-0000-000000000000",
"table_name": "ATTR_INTERNAL_IP",
"attribute_name": "ATTR_INTERNAL_IP",
"negate_option": 0,
"condition_index": 1
},
{
"tag_uuid": "00000001-0000-0000-0000-000000000000",
"table_name": "ATTR_SERVER_FQDN",
"attribute_name": "ATTR_SERVER_FQDN",
"negate_option": 0,
"condition_index": 2
}
@@ -76,9 +77,8 @@
"verify_session": {
"attributes": [
{
"attribute_type": "ip",
"table_name": "ATTR_SOURCE_IP",
"attribute_name": "source",
"attribute_value_type": "ip",
"attribute_name": "ATTR_SOURCE_IP",
"attribute_value": {
"ip": "192.168.1.1",
"port": "8080",
@@ -92,9 +92,8 @@
]
},
{
"attribute_type": "ip",
"table_name": "ATTR_INTERNAL_IP",
"attribute_name": "internal",
"attribute_value_type": "ip",
"attribute_name": "ATTR_INTERNAL_IP",
"attribute_value": {
"ip": "192.168.1.2",
"port": "80",
@@ -112,9 +111,8 @@
]
},
{
"attribute_type": "string",
"table_name": "ATTR_SERVER_FQDN",
"attribute_name": "server_fqdn",
"attribute_value_type": "string",
"attribute_name": "ATTR_SERVER_FQDN",
"attribute_value": {
"string": "www.126.com"
},
@@ -131,13 +129,13 @@
"success": true
},
{
"__item_id": 2,
"code": 200,
"msg": "Success",
"data": {
"verify_session": {
"attributes": [{
"attribute_type": "ip",
"table_name": "ATTR_TUNNEL",
"attribute_value_type": "ip",
"attribute_name": "tunnel_endpoint_object",
"hit_paths": [{
"item_uuid": "00000000-0000-0000-0000-000000000000",
@@ -149,14 +147,14 @@
"success": true
},
{
"__item_id": 3,
"code": 200,
"msg": "Success",
"data": {
"verify_session": {
"attributes": [
{
"attribute_type": "ip",
"table_name": "ATTR_TUNNEL",
"attribute_value_type": "ip",
"attribute_name": "tunnel_endpoint_object",
"hit_paths": [
{
@@ -171,14 +169,14 @@
"success": true
},
{
"__item_id": 4,
"code": 200,
"msg": "Success",
"data": {
"verify_session": {
"attributes": [
{
"attribute_type": "ip",
"table_name": "ATTR_TUNNEL",
"attribute_value_type": "ip",
"attribute_name": "tunnel_endpoint_object",
"hit_paths": [
{
@@ -197,6 +195,7 @@
"success": true
},
{
"__item_id": 5,
"code": 200,
"msg": "Success",
"data": {
@@ -208,25 +207,25 @@
"top_object_list": [
{
"object_uuid": "00005001-0000-0000-0000-000000000000",
"table_name": "ATTR_SOURCE_IP",
"attribute_name": "ATTR_SOURCE_IP",
"negate_option": 0,
"condition_index": 0
},
{
"object_uuid": "00005002-0000-0000-0000-000000000000",
"table_name": "ATTR_DESTINATION_IP",
"attribute_name": "ATTR_DESTINATION_IP",
"negate_option": 0,
"condition_index": 1
},
{
"object_uuid": "00005003-0000-0000-0000-000000000000",
"table_name": "ATTR_SERVER_FQDN",
"attribute_name": "ATTR_SERVER_FQDN",
"negate_option": 0,
"condition_index": 2
},
{
"object_uuid": "00005004-0000-0000-0000-000000000000",
"table_name": "ATTR_SSL_SAN",
"attribute_name": "ATTR_SSL_SAN",
"negate_option": 0,
"condition_index": 3
}
@@ -239,25 +238,25 @@
"top_object_list": [
{
"object_uuid": "00005001-0000-0000-0000-000000000000",
"table_name": "ATTR_SOURCE_IP",
"attribute_name": "ATTR_SOURCE_IP",
"negate_option": 0,
"condition_index": 0
},
{
"object_uuid": "00005002-0000-0000-0000-000000000000",
"table_name": "ATTR_DESTINATION_IP",
"attribute_name": "ATTR_DESTINATION_IP",
"negate_option": 0,
"condition_index": 1
},
{
"object_uuid": "00005003-0000-0000-0000-000000000000",
"table_name": "ATTR_SERVER_FQDN",
"attribute_name": "ATTR_SERVER_FQDN",
"negate_option": 0,
"condition_index": 2
},
{
"object_uuid": "00005004-0000-0000-0000-000000000000",
"table_name": "ATTR_SSL_SAN",
"attribute_name": "ATTR_SSL_SAN",
"negate_option": 0,
"condition_index": 3
}
@@ -267,9 +266,8 @@
"verify_session": {
"attributes": [
{
"attribute_type": "ip",
"table_name": "ATTR_SOURCE_IP",
"attribute_name": "source",
"attribute_value_type": "ip",
"attribute_name": "ATTR_SOURCE_IP",
"attribute_value": {
"ip": "192.168.0.2",
"port": "80",
@@ -283,9 +281,8 @@
]
},
{
"attribute_type": "ip",
"table_name": "ATTR_DESTINATION_IP",
"attribute_name": "destination",
"attribute_value_type": "ip",
"attribute_name": "ATTR_DESTINATION_IP",
"attribute_value": {
"ip": "192.168.0.3",
"port": "80",
@@ -299,9 +296,8 @@
]
},
{
"attribute_type": "string",
"table_name": "ATTR_SERVER_FQDN",
"attribute_name": "server_fqdn",
"attribute_value_type": "string",
"attribute_name": "ATTR_SERVER_FQDN",
"attribute_value": {
"string": "www.baidu.com"
},
@@ -325,9 +321,8 @@
]
},
{
"attribute_type": "string",
"table_name": "ATTR_SSL_SAN",
"attribute_name": "ssl_san",
"attribute_value_type": "string",
"attribute_name": "ATTR_SSL_SAN",
"attribute_value": {
"string": "www.baidu.com"
},
@@ -356,6 +351,7 @@
"success": true
},
{
"__item_id": 6,
"code": 200,
"msg": "Success",
"data": {
@@ -367,7 +363,7 @@
"top_object_list": [
{
"object_uuid": "00003022-0000-0000-0000-000000000000",
"table_name": "ATTR_TUNNEL",
"attribute_name": "ATTR_TUNNEL",
"negate_option": 0,
"condition_index": 0
}
@@ -380,7 +376,7 @@
"top_object_list": [
{
"object_uuid": "00003023-0000-0000-0000-000000000000",
"table_name": "ATTR_TUNNEL",
"attribute_name": "ATTR_TUNNEL",
"negate_option": 0,
"condition_index": 0
}
@@ -390,9 +386,8 @@
"verify_session": {
"attributes": [
{
"attribute_type": "ip",
"table_name": "ATTR_IP_PROTOCOL",
"attribute_name": "ip_protocol",
"attribute_value_type": "ip",
"attribute_name": "ATTR_IP_PROTOCOL",
"attribute_value": {
"addr_type": 4,
"protocol": 6
@@ -405,8 +400,7 @@
]
},
{
"attribute_type": "ip",
"table_name": "ATTR_TUNNEL",
"attribute_value_type": "ip",
"attribute_name": "tunnel_endpoint_object",
"hit_paths": [
{
@@ -420,9 +414,8 @@
]
},
{
"attribute_type": "ip",
"table_name": "ATTR_SOURCE_IP",
"attribute_name": "source",
"attribute_value_type": "ip",
"attribute_name": "ATTR_SOURCE_IP",
"attribute_value": {
"ip": "192.168.1.1",
"port": "8080",
@@ -441,6 +434,7 @@
"success": true
},
{
"__item_id": 7,
"code": 200,
"msg": "Success",
"data": {
@@ -452,7 +446,7 @@
"top_object_list": [
{
"object_uuid": "00003022-0000-0000-0000-000000000000",
"table_name": "ATTR_TUNNEL",
"attribute_name": "ATTR_TUNNEL",
"negate_option": 1,
"condition_index": 0
}
@@ -462,9 +456,8 @@
"verify_session": {
"attributes": [
{
"attribute_type": "ip",
"table_name": "ATTR_IP_PROTOCOL",
"attribute_name": "ip_protocol",
"attribute_value_type": "ip",
"attribute_name": "ATTR_IP_PROTOCOL",
"attribute_value": {
"addr_type": 4,
"protocol": 6
@@ -477,8 +470,7 @@
]
},
{
"attribute_type": "ip",
"table_name": "ATTR_TUNNEL",
"attribute_value_type": "ip",
"attribute_name": "tunnel_endpoint_object",
"hit_paths": [
{
@@ -497,6 +489,7 @@
"success": true
},
{
"__item_id": 8,
"code": 200,
"msg": "Success",
"data": {
@@ -508,49 +501,49 @@
"top_object_list": [
{
"object_uuid": "00500100-0000-0000-0000-000000000000",
"table_name": "ATTR_SOURCE_IP",
"attribute_name": "ATTR_SOURCE_IP",
"negate_option": 0,
"condition_index": 0
},
{
"object_uuid": "00000000-0000-0000-0000-000000000006",
"table_name": "ATTR_IP_PROTOCOL",
"attribute_name": "ATTR_IP_PROTOCOL",
"negate_option": 0,
"condition_index": 3
},
{
"object_uuid": "00500200-0000-0000-0000-000000000000",
"table_name": "ATTR_SOURCE_PORT",
"attribute_name": "ATTR_SOURCE_PORT",
"negate_option": 0,
"condition_index": 4
},
{
"object_uuid": "00000201-0000-0000-0000-000000000000",
"table_name": "ATTR_APP_ID",
"attribute_name": "ATTR_APP_ID",
"negate_option": 0,
"condition_index": 1
},
{
"object_uuid": "00000000-0000-0000-0000-000000001000",
"table_name": "ATTR_HTTP_REQ_HDR",
"attribute_name": "ATTR_HTTP_REQ_HDR",
"negate_option": 0,
"condition_index": 2
},
{
"object_uuid": "00000000-0000-0000-0000-000000000050",
"table_name": "ATTR_TUNNEL_LEVEL",
"attribute_name": "ATTR_TUNNEL_LEVEL",
"negate_option": 0,
"condition_index": 5
},
{
"object_uuid": "00500300-0000-0000-0000-000000000000",
"table_name": "ATTR_FLAG",
"attribute_name": "ATTR_FLAG",
"negate_option": 0,
"condition_index": 6
},
{
"object_uuid": "00000000-0000-0000-0000-000000000002",
"table_name": "ATTR_SSL_ECH",
"attribute_name": "ATTR_SSL_ECH",
"negate_option": 0,
"condition_index": 7
}
@@ -560,9 +553,8 @@
"verify_session": {
"attributes": [
{
"attribute_type": "ip",
"table_name": "ATTR_SOURCE_IP",
"attribute_name": "source",
"attribute_value_type": "ip",
"attribute_name": "ATTR_SOURCE_IP",
"attribute_value": {
"ip": "192.168.55.4",
"port": "80",
@@ -576,9 +568,8 @@
]
},
{
"attribute_type": "ip",
"table_name": "ATTR_IP_PROTOCOL",
"attribute_name": "ip_protocol",
"attribute_value_type": "ip",
"attribute_name": "ATTR_IP_PROTOCOL",
"attribute_value": {
"addr_type": 4,
"protocol": 6
@@ -591,9 +582,8 @@
]
},
{
"attribute_type": "port",
"table_name": "ATTR_SOURCE_PORT",
"attribute_name": "source",
"attribute_value_type": "port",
"attribute_name": "ATTR_SOURCE_PORT",
"attribute_value": {
"port": "80"
},
@@ -605,9 +595,8 @@
]
},
{
"attribute_type": "numeric",
"table_name": "ATTR_APP_ID",
"attribute_name": "app_id",
"attribute_value_type": "numeric",
"attribute_name": "ATTR_APP_ID",
"attribute_value": {
"numeric": 67
},
@@ -619,9 +608,8 @@
]
},
{
"attribute_type": "string",
"table_name": "ATTR_HTTP_REQ_HDR",
"attribute_name": "req_hdr",
"attribute_value_type": "string",
"attribute_name": "ATTR_HTTP_REQ_HDR",
"attribute_value": {
"district": "User-Agent",
"string": "test"
@@ -634,9 +622,8 @@
]
},
{
"attribute_type": "string",
"table_name": "ATTR_TUNNEL_LEVEL",
"attribute_name": "tunnel_level",
"attribute_value_type": "string",
"attribute_name": "ATTR_TUNNEL_LEVEL",
"attribute_value": {
"numeric": 60
},
@@ -648,9 +635,8 @@
]
},
{
"attribute_type": "flag",
"table_name": "ATTR_FLAG",
"attribute_name": "flag",
"attribute_value_type": "flag",
"attribute_name": "ATTR_FLAG",
"attribute_value": {
"numeric": 15
},
@@ -662,9 +648,8 @@
]
},
{
"attribute_type": "boolean",
"table_name": "ATTR_SSL_ECH",
"attribute_name": "esni",
"attribute_value_type": "boolean",
"attribute_name": "ATTR_SSL_ECH",
"attribute_value": {
"numeric": 1
},
@@ -679,6 +664,48 @@
}
},
"success": true
},
{
"__item_id": 9,
"code": 200,
"msg": "Success",
"data": {
"hit_policy_list": [
{
"uuid": "00002020-0000-0000-0000-000000000000",
"policyName": "",
"is_execute_policy": true,
"top_object_list": [
{
"object_uuid": "00008000-0000-0000-0000-000000000000",
"attribute_name": "ATTR_SOURCE_IP",
"negate_option": 0,
"condition_index": 0
}
]
}
],
"verify_session": {
"attributes": [
{
"attribute_value_type": "ip",
"attribute_name": "ATTR_SOURCE_IP",
"attribute_value": {
"ip": "192.168.2.1",
"port": "8080",
"addr_type": 4
},
"hit_paths": [
{
"item_uuid": "00000000-0000-0000-0000-000000001013",
"superior_object_uuid": "00008000-0000-0000-0000-000000000000"
}
]
}
]
}
},
"success": true
}
]
}

41
test/resource/VerifyPolicyManipulation.json
View File

@@ -1,6 +1,6 @@
{
"rule_table": "PXY_CTRL_RULE",
"object2object_table": "OBJECT_GROUP",
"object_group_table": "OBJECT_GROUP",
"rules": [
{
"uuid": "00001021-0000-0000-0000-000000000000",
@@ -473,6 +473,37 @@
]
}
]
},
{
"uuid": "00002020-0000-0000-0000-000000000000",
"service": 1,
"action": "manipulate",
"blacklist_option": 1,
"log_option": "all",
"action_parameter": "anything",
"is_valid": "yes",
"and_conditions": [
{
"attribute_name": "ATTR_SOURCE_IP",
"negate_option": false,
"objects": [
{
"object_name": "IPv4TCPSoureVeiryPolicy03",
"uuid": "00008000-0000-0000-0000-000000000000",
"items": [
{
"table_type": "ip",
"table_name": "TSG_OBJ_IP_ADDR",
"table_content": {
"ip": "192.168.2.1/32",
"port": "8080"
}
}
]
}
]
}
]
}
],
"plugin_table": [
@@ -515,6 +546,14 @@
{"app_id":67,"object_uuid":"00000201-0000-0000-0000-000000000000","app_name":"http","is_valid":1},
{"app_id":68,"object_uuid":"00068000-0000-0000-0000-000000000000","app_name":"https","is_valid":1}
]
},
{
"table_name": "ATTRIBUTE_DICT",
"table_content": [
{"uuid":"4fff0ed4-f02b-17ee-3f74-b66310c5d1e2","is_valid":1,"attribute_name":"ATTR_SERVER_FQDN","available_object_type":"fqdn","object_table_name":"TSG_OBJ_FQDN"},
{"uuid":"4fff0ed4-f02b-17ee-3f74-b66310c5d1e2","is_valid":1,"attribute_name":"ATTR_SSL_SAN","available_object_type":"fqdn","object_table_name":"TSG_OBJ_FQDN"},
{"uuid":"ca317931-96f8-1979-ea7c-2bb791858df6","is_valid":1,"attribute_name":"ATTR_HTTP_REQ_HDR","available_object_type":"keyword","object_table_name":"tsg_obj_keyword"}
]
}
]
}