TSG_OBJ_APP_ID域表变更修改
日志定时删除修改
This commit is contained in:
fengweihao
@@ -17,17 +17,16 @@ set(CPACK_RPM_FILE_NAME "RPM-DEFAULT")
|
|||||||
set(CPACK_RPM_PACKAGE_AUTOREQPROV "no")
|
set(CPACK_RPM_PACKAGE_AUTOREQPROV "no")
|
||||||
set(CPACK_RPM_PACKAGE_RELEASE_DIST on)
|
set(CPACK_RPM_PACKAGE_RELEASE_DIST on)
|
||||||
set(CPACK_RPM_DEBUGINFO_PACKAGE on)
|
set(CPACK_RPM_DEBUGINFO_PACKAGE on)
|
||||||
set(CPACK_RPM_PRE_INSTALL_SCRIPT_FILE ${CMAKE_SOURCE_DIR}/cmake/PreInstall.in)
|
set(CPACK_RPM_POST_INSTALL_SCRIPT_FILE ${CMAKE_SOURCE_DIR}/cmake/PostInstall.in)
|
||||||
#set(CPACK_RPM_POST_INSTALL_SCRIPT_FILE ${CMAKE_SOURCE_DIR}/cmake/PostInstall.in)
|
set(CPACK_RPM_POST_UNINSTALL_SCRIPT_FILE ${CMAKE_SOURCE_DIR}/cmake/PostUninstall.in)
|
||||||
#set(CPACK_RPM_POST_UNINSTALL_SCRIPT_FILE ${CMAKE_SOURCE_DIR}/cmake/PostUninstall.in)
|
set(CPACK_RPM_PRE_UNINSTALL_SCRIPT_FILE ${CMAKE_SOURCE_DIR}/cmake/PreUninstall.in)
|
||||||
#set(CPACK_RPM_PRE_UNINSTALL_SCRIPT_FILE ${CMAKE_SOURCE_DIR}/cmake/PreUninstall.in)
|
|
||||||
|
|
||||||
set(CMAKE_INSTALL_PREFIX "/opt/tsg/verify-policy")
|
set(CMAKE_INSTALL_PREFIX "/opt/tsg/verify-policy")
|
||||||
set(CPACK_RPM_BUILD_SOURCE_DIRS_PREFIX /opt/tsg)
|
set(CPACK_RPM_BUILD_SOURCE_DIRS_PREFIX /opt/tsg)
|
||||||
|
|
||||||
install(PROGRAMS build/platform/verify-policy DESTINATION ./bin)
|
install(PROGRAMS build/platform/verify-policy DESTINATION ./bin)
|
||||||
install(DIRECTORY ./conf DESTINATION ./)
|
install(DIRECTORY ./conf DESTINATION ${CMAKE_INSTALL_PREFIX}/)
|
||||||
install(DIRECTORY ./resource DESTINATION ./)
|
install(DIRECTORY ./resource DESTINATION ${CMAKE_INSTALL_PREFIX}/)
|
||||||
|
|
||||||
install(FILES script/service/verify-policy.service DESTINATION /usr/lib/systemd/system/)
|
install(FILES script/service/verify-policy.service DESTINATION /usr/lib/systemd/system/)
|
||||||
install(FILES script/tmpfiles/verify_policy.conf DESTINATION /usr/lib/tmpfiles.d/)
|
install(FILES script/tmpfiles/verify_policy.conf DESTINATION /usr/lib/tmpfiles.d/)
|
||||||
|
|||||||
3
cmake/PostInstall.in
Normal file
3
cmake/PostInstall.in
Normal file
@@ -0,0 +1,3 @@
|
|||||||
|
%sysctl_apply
|
||||||
|
%tmpfiles_create
|
||||||
|
/sbin/ldconfig
|
||||||
3
cmake/PostUninstall.in
Normal file
3
cmake/PostUninstall.in
Normal file
@@ -0,0 +1,3 @@
|
|||||||
|
%sysctl_apply
|
||||||
|
%tmpfiles_create
|
||||||
|
/sbin/ldconfig
|
||||||
2
cmake/PreUninstall.in
Normal file
2
cmake/PreUninstall.in
Normal file
@@ -0,0 +1,2 @@
|
|||||||
|
%sysctl_apply
|
||||||
|
%tmpfiles_create
|
||||||
@@ -31,7 +31,7 @@
|
|||||||
12 TSG_FIELD_HTTP_REQ_CONTENT virtual TSG_OBJ_KEYWORDS --
|
12 TSG_FIELD_HTTP_REQ_CONTENT virtual TSG_OBJ_KEYWORDS --
|
||||||
13 TSG_FIELD_HTTP_RES_CONTENT virtual TSG_OBJ_KEYWORDS --
|
13 TSG_FIELD_HTTP_RES_CONTENT virtual TSG_OBJ_KEYWORDS --
|
||||||
14 TSG_OBJ_SUBSCRIBER_ID expr UTF8 UTF8 yes 0 quickon
|
14 TSG_OBJ_SUBSCRIBER_ID expr UTF8 UTF8 yes 0 quickon
|
||||||
15 TSG_OBJ_APP_ID expr UTF8 UTF8 yes 0
|
15 TSG_OBJ_APP_ID intval UTF8 UTF8 yes 0
|
||||||
16 TSG_SECURITY_SOURCE_ADDR virtual TSG_OBJ_IP_ADDR --
|
16 TSG_SECURITY_SOURCE_ADDR virtual TSG_OBJ_IP_ADDR --
|
||||||
17 TSG_SECURITY_DESTINATION_ADDR virtual TSG_OBJ_IP_ADDR --
|
17 TSG_SECURITY_DESTINATION_ADDR virtual TSG_OBJ_IP_ADDR --
|
||||||
18 TSG_SECURITY_ADDR composition {"source":"TSG_SECURITY_SOURCE_ADDR","destination":"TSG_SECURITY_DESTINATION_ADDR"}
|
18 TSG_SECURITY_ADDR composition {"source":"TSG_SECURITY_SOURCE_ADDR","destination":"TSG_SECURITY_DESTINATION_ADDR"}
|
||||||
@@ -47,19 +47,3 @@
|
|||||||
28 TSG_SECURITY_DESTINATION_LOCATION virtual TSG_OBJ_GEO_LOCATION --
|
28 TSG_SECURITY_DESTINATION_LOCATION virtual TSG_OBJ_GEO_LOCATION --
|
||||||
29 TSG_FIELD_DOH_QNAME virtual TSG_OBJ_FQDN --
|
29 TSG_FIELD_DOH_QNAME virtual TSG_OBJ_FQDN --
|
||||||
30 TSG_FIELD_DOH_HOST virtual TSG_OBJ_FQDN --
|
30 TSG_FIELD_DOH_HOST virtual TSG_OBJ_FQDN --
|
||||||
#eliminate the alarm
|
|
||||||
31 TSG_OBJ_ACCOUNT expr UTF8 UTF8 yes 0
|
|
||||||
32 TSG_FIELD_SSL_SNI virtual TSG_OBJ_FQDN --
|
|
||||||
33 TSG_FIELD_SSL_CN virtual TSG_OBJ_FQDN --
|
|
||||||
34 TSG_FIELD_SSL_SAN virtual TSG_OBJ_FQDN --
|
|
||||||
35 TSG_FIELD_DNS_QNAME virtual TSG_OBJ_FQDN --
|
|
||||||
36 TSG_FIELD_MAIL_ACCOUNT virtual TSG_OBJ_ACCOUNT --
|
|
||||||
37 TSG_FIELD_MAIL_FROM virtual TSG_OBJ_ACCOUNT --
|
|
||||||
38 TSG_FIELD_MAIL_TO virtual TSG_OBJ_ACCOUNT --
|
|
||||||
39 TSG_FIELD_MAIL_SUBJECT virtual TSG_OBJ_KEYWORDS --
|
|
||||||
40 TSG_FIELD_MAIL_CONTENT virtual TSG_OBJ_KEYWORDS --
|
|
||||||
41 TSG_FIELD_MAIL_ATT_NAME virtual TSG_OBJ_KEYWORDS --
|
|
||||||
42 TSG_FIELD_MAIL_ATT_CONTENT virtual TSG_OBJ_KEYWORDS --
|
|
||||||
43 TSG_FIELD_FTP_URI virtual TSG_OBJ_URL --
|
|
||||||
44 TSG_FIELD_FTP_CONTENT virtual TSG_OBJ_KEYWORDS --
|
|
||||||
45 TSG_FIELD_FTP_ACCOUNT virtual TSG_OBJ_ACCOUNT --
|
|
||||||
|
|||||||
@@ -18,7 +18,7 @@
|
|||||||
7 TSG_OBJ_FQDN expr UTF8 UTF8 yes 0
|
7 TSG_OBJ_FQDN expr UTF8 UTF8 yes 0
|
||||||
7 TSG_OBJ_FQDN_CAT expr UTF8 UTF8 yes 0
|
7 TSG_OBJ_FQDN_CAT expr UTF8 UTF8 yes 0
|
||||||
8 TSG_OBJ_KEYWORDS expr UTF8 UTF8/GBK/windows-1251 yes 0
|
8 TSG_OBJ_KEYWORDS expr UTF8 UTF8/GBK/windows-1251 yes 0
|
||||||
9 TSG_OBJ_APP_ID expr UTF8 UTF8 yes 0
|
9 TSG_OBJ_APP_ID intval UTF8 UTF8 yes 0
|
||||||
10 TSG_OBJ_HTTP_SIGNATURE expr_plus UTF8 UTF8/GBK yes 0
|
10 TSG_OBJ_HTTP_SIGNATURE expr_plus UTF8 UTF8/GBK yes 0
|
||||||
11 TSG_FIELD_HTTP_HOST virtual TSG_OBJ_FQDN --
|
11 TSG_FIELD_HTTP_HOST virtual TSG_OBJ_FQDN --
|
||||||
12 TSG_FIELD_HTTP_URL virtual TSG_OBJ_URL --
|
12 TSG_FIELD_HTTP_URL virtual TSG_OBJ_URL --
|
||||||
|
|||||||
@@ -723,6 +723,20 @@ size_t http_policy_scan(enum verify_policy_type policy_type, struct verify_polic
|
|||||||
goto decide;
|
goto decide;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if (protocol_field == PXY_CTRL_APP_ID || protocol_field == PXY_SECURITY_APP_ID)
|
||||||
|
{
|
||||||
|
int scan_val=atoi(value);
|
||||||
|
scan_ret=Maat_scan_intval(g_pangu_rt->maat[policy_type], g_pangu_rt->scan_table_id[policy_type][protocol_field], scan_val, ctx->result+hit_cnt, MAX_SCAN_RESULT-hit_cnt, &(ctx->scan_mid), ctx->thread_id);
|
||||||
|
if(scan_ret>0)
|
||||||
|
{
|
||||||
|
hit_cnt+=scan_ret;
|
||||||
|
}
|
||||||
|
n_read=Maat_get_scan_status(g_pangu_rt->maat[policy_type], &(ctx->scan_mid), MAAT_GET_SCAN_HIT_PATH, ctx->hit_path, sizeof(ctx->hit_path));
|
||||||
|
query_obj->nth_scan = ctx->hit_path[ctx->n_read].Nth_scan;
|
||||||
|
ctx->n_read=n_read;
|
||||||
|
goto decide;
|
||||||
|
}
|
||||||
|
|
||||||
if ((protocol_field == PXY_CTRL_HTTP_REQ_HDR) || protocol_field == PXY_CTRL_HTTP_RES_HDR)
|
if ((protocol_field == PXY_CTRL_HTTP_REQ_HDR) || protocol_field == PXY_CTRL_HTTP_RES_HDR)
|
||||||
{
|
{
|
||||||
struct http_field_name *field_name = (protocol_field == PXY_CTRL_HTTP_REQ_HDR) ? req_fields : resp_fields;
|
struct http_field_name *field_name = (protocol_field == PXY_CTRL_HTTP_REQ_HDR) ? req_fields : resp_fields;
|
||||||
|
|||||||
@@ -3,8 +3,8 @@ Description=Verify Policy Engine
|
|||||||
After=redis.service
|
After=redis.service
|
||||||
|
|
||||||
[Service]
|
[Service]
|
||||||
WorkingDirectory=/home/tsg/verify-policy
|
WorkingDirectory=/opt/tsg/verify-policy
|
||||||
ExecStart=/home/tsg/verify-policy/bin/verify-policy
|
ExecStart=/opt/tsg/verify-policy/bin/verify-policy
|
||||||
Restart=always
|
Restart=always
|
||||||
RestartSec=5s
|
RestartSec=5s
|
||||||
|
|
||||||
|
|||||||
Reference in New Issue
Block a user