gfwleak/tango-verify-policy
Archived
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

TSG_OBJ_APP_ID域表变更修改

Browse Source 
日志定时删除修改
This commit is contained in:
fengweihao
2020-09-10 09:39:31 +08:00
parent 9e111481ef
commit d5f48877e4
9 changed files with 31 additions and 26 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
cmake/Package.cmake
View File

@@ -17,17 +17,16 @@ set(CPACK_RPM_FILE_NAME "RPM-DEFAULT")
set(CPACK_RPM_PACKAGE_AUTOREQPROV "no")
set(CPACK_RPM_PACKAGE_RELEASE_DIST on)
set(CPACK_RPM_DEBUGINFO_PACKAGE on)
set(CPACK_RPM_PRE_INSTALL_SCRIPT_FILE ${CMAKE_SOURCE_DIR}/cmake/PreInstall.in)
#set(CPACK_RPM_POST_INSTALL_SCRIPT_FILE ${CMAKE_SOURCE_DIR}/cmake/PostInstall.in)
#set(CPACK_RPM_POST_UNINSTALL_SCRIPT_FILE ${CMAKE_SOURCE_DIR}/cmake/PostUninstall.in)
#set(CPACK_RPM_PRE_UNINSTALL_SCRIPT_FILE ${CMAKE_SOURCE_DIR}/cmake/PreUninstall.in)
set(CPACK_RPM_POST_INSTALL_SCRIPT_FILE ${CMAKE_SOURCE_DIR}/cmake/PostInstall.in)
set(CPACK_RPM_POST_UNINSTALL_SCRIPT_FILE ${CMAKE_SOURCE_DIR}/cmake/PostUninstall.in)
set(CPACK_RPM_PRE_UNINSTALL_SCRIPT_FILE ${CMAKE_SOURCE_DIR}/cmake/PreUninstall.in)
set(CMAKE_INSTALL_PREFIX "/opt/tsg/verify-policy")
set(CPACK_RPM_BUILD_SOURCE_DIRS_PREFIX /opt/tsg)
install(PROGRAMS build/platform/verify-policy DESTINATION ./bin)
install(DIRECTORY ./conf DESTINATION ./)
install(DIRECTORY ./resource DESTINATION ./)
install(DIRECTORY ./conf DESTINATION ${CMAKE_INSTALL_PREFIX}/)
install(DIRECTORY ./resource DESTINATION ${CMAKE_INSTALL_PREFIX}/)
install(FILES script/service/verify-policy.service DESTINATION /usr/lib/systemd/system/)
install(FILES script/tmpfiles/verify_policy.conf DESTINATION /usr/lib/tmpfiles.d/)

3
cmake/PostInstall.in Normal file
View File

@@ -0,0 +1,3 @@
%sysctl_apply
%tmpfiles_create
/sbin/ldconfig

3
cmake/PostUninstall.in Normal file
View File

@@ -0,0 +1,3 @@
%sysctl_apply
%tmpfiles_create
/sbin/ldconfig

0
cmake/PreInstall.in
View File

2
cmake/PreUninstall.in Normal file
View File

@@ -0,0 +1,2 @@
%sysctl_apply
%tmpfiles_create

18
resource/table_info_proxy.conf
View File

@@ -31,7 +31,7 @@
12 TSG_FIELD_HTTP_REQ_CONTENT virtual TSG_OBJ_KEYWORDS --
13 TSG_FIELD_HTTP_RES_CONTENT virtual TSG_OBJ_KEYWORDS --
14 TSG_OBJ_SUBSCRIBER_ID expr UTF8 UTF8 yes 0 quickon
15 TSG_OBJ_APP_ID expr UTF8 UTF8 yes 0
15 TSG_OBJ_APP_ID intval UTF8 UTF8 yes 0
16 TSG_SECURITY_SOURCE_ADDR virtual TSG_OBJ_IP_ADDR --
17 TSG_SECURITY_DESTINATION_ADDR virtual TSG_OBJ_IP_ADDR --
18 TSG_SECURITY_ADDR composition {"source":"TSG_SECURITY_SOURCE_ADDR","destination":"TSG_SECURITY_DESTINATION_ADDR"}
@@ -47,19 +47,3 @@
28 TSG_SECURITY_DESTINATION_LOCATION virtual TSG_OBJ_GEO_LOCATION --
29 TSG_FIELD_DOH_QNAME virtual TSG_OBJ_FQDN --
30 TSG_FIELD_DOH_HOST virtual TSG_OBJ_FQDN --
#eliminate the alarm
31 TSG_OBJ_ACCOUNT expr UTF8 UTF8 yes 0
32 TSG_FIELD_SSL_SNI virtual TSG_OBJ_FQDN --
33 TSG_FIELD_SSL_CN virtual TSG_OBJ_FQDN --
34 TSG_FIELD_SSL_SAN virtual TSG_OBJ_FQDN --
35 TSG_FIELD_DNS_QNAME virtual TSG_OBJ_FQDN --
36 TSG_FIELD_MAIL_ACCOUNT virtual TSG_OBJ_ACCOUNT --
37 TSG_FIELD_MAIL_FROM virtual TSG_OBJ_ACCOUNT --
38 TSG_FIELD_MAIL_TO virtual TSG_OBJ_ACCOUNT --
39 TSG_FIELD_MAIL_SUBJECT virtual TSG_OBJ_KEYWORDS --
40 TSG_FIELD_MAIL_CONTENT virtual TSG_OBJ_KEYWORDS --
41 TSG_FIELD_MAIL_ATT_NAME virtual TSG_OBJ_KEYWORDS --
42 TSG_FIELD_MAIL_ATT_CONTENT virtual TSG_OBJ_KEYWORDS --
43 TSG_FIELD_FTP_URI virtual TSG_OBJ_URL --
44 TSG_FIELD_FTP_CONTENT virtual TSG_OBJ_KEYWORDS --
45 TSG_FIELD_FTP_ACCOUNT virtual TSG_OBJ_ACCOUNT --

2
resource/table_info_security.conf
View File

@@ -18,7 +18,7 @@
7 TSG_OBJ_FQDN expr UTF8 UTF8 yes 0
7 TSG_OBJ_FQDN_CAT expr UTF8 UTF8 yes 0
8 TSG_OBJ_KEYWORDS expr UTF8 UTF8/GBK/windows-1251 yes 0
9 TSG_OBJ_APP_ID expr UTF8 UTF8 yes 0
9 TSG_OBJ_APP_ID intval UTF8 UTF8 yes 0
10 TSG_OBJ_HTTP_SIGNATURE expr_plus UTF8 UTF8/GBK yes 0
11 TSG_FIELD_HTTP_HOST virtual TSG_OBJ_FQDN --
12 TSG_FIELD_HTTP_URL virtual TSG_OBJ_URL --

14
scan/src/pangu_http.cpp
View File

@@ -723,6 +723,20 @@ size_t http_policy_scan(enum verify_policy_type policy_type, struct verify_polic
goto decide;
}
if (protocol_field == PXY_CTRL_APP_ID || protocol_field == PXY_SECURITY_APP_ID)
{
int scan_val=atoi(value);
scan_ret=Maat_scan_intval(g_pangu_rt->maat[policy_type], g_pangu_rt->scan_table_id[policy_type][protocol_field], scan_val, ctx->result+hit_cnt, MAX_SCAN_RESULT-hit_cnt, &(ctx->scan_mid), ctx->thread_id);
if(scan_ret>0)
{
hit_cnt+=scan_ret;
}
n_read=Maat_get_scan_status(g_pangu_rt->maat[policy_type], &(ctx->scan_mid), MAAT_GET_SCAN_HIT_PATH, ctx->hit_path, sizeof(ctx->hit_path));
query_obj->nth_scan = ctx->hit_path[ctx->n_read].Nth_scan;
ctx->n_read=n_read;
goto decide;
}
if ((protocol_field == PXY_CTRL_HTTP_REQ_HDR) || protocol_field == PXY_CTRL_HTTP_RES_HDR)
{
struct http_field_name *field_name = (protocol_field == PXY_CTRL_HTTP_REQ_HDR) ? req_fields : resp_fields;

4
script/service/verify-policy.service
View File

@@ -3,8 +3,8 @@ Description=Verify Policy Engine
After=redis.service
[Service]
WorkingDirectory=/home/tsg/verify-policy
ExecStart=/home/tsg/verify-policy/bin/verify-policy
WorkingDirectory=/opt/tsg/verify-policy
ExecStart=/opt/tsg/verify-policy/bin/verify-policy
Restart=always
RestartSec=5s