gfwleak/tsg-tsg-os-buildimage
Archived
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Update firewall-3.2.17.041fe8e main.conf firewall_logger_transmitter_schema.json

Browse Source
This commit is contained in:
liuxueli
2024-05-16 17:34:20 +08:00
committed by 付明卫
parent 258f14d3af
commit e2bb125fff
4 changed files with 151 additions and 44 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
ansible/install_config/group_vars/rpm_version.yml
View File

@@ -3,7 +3,7 @@ certstore_rpm_version:
firewall_rpm_version:
conn_telemetry: conn_telemetry-1.0.3.4ef6df6
firewall: firewall-3.2.16.a0334ca
firewall: firewall-3.2.17.041fe8e
glimpse_detector: glimpse_detector-3.0.3.5555ba7
qdpi_detector: qdpi_detector-4.0.5.5cd1ccb
#tsg_ddos_sketch: tsg_ddos_sketch-2.0.2.35e03d0

4
ansible/roles/firewall/templates/main.conf.j2.j2
View File

@@ -28,10 +28,6 @@ SEND_TRANSACTION_RECORD=1
SEND_TRANSACTION_RECORD=0
{% endif %}
{% endraw %}
TCP_MIN_PKTS=3
TCP_MIN_BYTES=5
UDP_MIN_PKTS=3
UDP_MIN_BYTES=5
[SYSTEM]
NIC_NAME="{{ control_and_policy.nic_name }}"

154
ansible/roles/traffic-engine/files/helm/conf/firewall_logger_transmitter_schema.json
View File

@@ -37,6 +37,7 @@
"switch": "on",
"async": "off",
"name": "IPFIX-TEMPLATE",
"topic": "IPFIX-TEMPLATE",
"mode": [
{
"channel": "udpsock",
@@ -55,6 +56,7 @@
{{- end }}
"async": "on",
"name": "SESSION-RECORD",
"topic": "SESSION-RECORD",
"mode": [
{{- if eq .Values.external_resources.olap.udp_collectors.enable .Values.define_enable_val_yes }}
{
@@ -73,13 +75,14 @@
]
},
{
{{- if eq .Values.session_record.enable .Values.define_enable_val_yes }}
{{- if eq .Values.define_enable_val_yes .Values.transaction_record.enable_http }}
"switch": "on",
{{- else }}
"switch": "off",
{{- end }}
"async": "on",
"name": "TRANSACTION-RECORD",
"name": "HTTP-TRANSACTION-RECORD",
"topic": "TRANSACTION-RECORD",
"mode": [
{
"channel": "kafka",
@@ -90,9 +93,68 @@
]
},
{
{{- if eq .Values.define_enable_val_yes .Values.transaction_record.enable_mail }}
"switch": "on",
{{- else }}
"switch": "off",
{{- end }}
"async": "on",
"name": "VOIP-RECORD",
"name": "MAIL-TRANSACTION-RECORD",
"topic": "TRANSACTION-RECORD",
"mode": [
{
"channel": "kafka",
"format": [
"json"
]
}
]
},
{
{{- if eq .Values.define_enable_val_yes .Values.transaction_record.enable_dns }}
"switch": "on",
{{- else }}
"switch": "off",
{{- end }}
"async": "on",
"name": "DNS-TRANSACTION-RECORD",
"topic": "TRANSACTION-RECORD",
"mode": [
{
"channel": "kafka",
"format": [
"json"
]
}
]
},
{
{{- if eq .Values.define_enable_val_yes .Values.voip_record.enable_sip }}
"switch": "on",
{{- else }}
"switch": "off",
{{- end }}
"async": "on",
"name": "SIP-VOIP-RECORD",
"topic": "VOIP-RECORD",
"mode": [
{
"channel": "kafka",
"format": [
"json"
]
}
]
},
{
{{- if eq .Values.define_enable_val_yes .Values.voip_record.enable_rtp }}
"switch": "on",
{{- else }}
"switch": "off",
{{- end }}
"async": "on",
"name": "RTP-VOIP-RECORD",
"topic": "VOIP-RECORD",
"mode": [
{
"channel": "kafka",
@@ -109,7 +171,8 @@
"switch": "off",
{{- end }}
"async": "on",
"name": "TRAFFIC-FILE-STREAM-RECORD",
"name": "POLICY-PACKET-TRAFFIC-FILE-STREAM-RECORD",
"topic": "TRAFFIC-FILE-STREAM-RECORD",
"mode": [
{
"channel": "kafka",
@@ -120,9 +183,86 @@
]
},
{
{{- if eq .Values.file_stream_record.enable .Values.define_enable_val_yes }}
"switch": "on",
{{- else }}
"switch": "off",
{{- end }}
"async": "on",
"name": "HTTP-REQ-BODY-TRAFFIC-FILE-STREAM-RECORD",
"topic": "TRAFFIC-FILE-STREAM-RECORD",
"mode": [
{
"channel": "kafka",
"format": [
"mpack"
]
}
]
},
{
{{- if eq .Values.file_stream_record.enable .Values.define_enable_val_yes }}
"switch": "on",
{{- else }}
"switch": "off",
{{- end }}
"async": "on",
"name": "HTTP-RES-BODY-TRAFFIC-FILE-STREAM-RECORD",
"topic": "TRAFFIC-FILE-STREAM-RECORD",
"mode": [
{
"channel": "kafka",
"format": [
"mpack"
]
}
]
},
{
{{- if eq .Values.file_stream_record.enable .Values.define_enable_val_yes }}
"switch": "on",
{{- else }}
"switch": "off",
{{- end }}
"async": "on",
"name": "MAIL-EML-TRAFFIC-FILE-STREAM-RECORD",
"topic": "TRAFFIC-FILE-STREAM-RECORD",
"mode": [
{
"channel": "kafka",
"format": [
"mpack"
]
}
]
},
{
{{- if eq .Values.file_stream_record.enable .Values.define_enable_val_yes }}
"switch": "on",
{{- else }}
"switch": "off",
{{- end }}
"async": "on",
"name": "RTP-PACKET-TRAFFIC-FILE-STREAM-RECORD",
"topic": "TRAFFIC-FILE-STREAM-RECORD",
"mode": [
{
"channel": "kafka",
"format": [
"mpack"
]
}
]
},
{
{{- if eq .Values.define_enable_val_yes .Values.packet_capture.enable }}
"switch": "on",
{{- else }}
"switch": "off",
{{- end }}
"async": "on",
"name": "TROUBLESHOOTING-FILE-STREAM-RECORD",
"topic": "TROUBLESHOOTING-FILE-STREAM-RECORD",
"mode": [
{
"channel": "kafka",
@@ -136,6 +276,7 @@
"switch": "on",
"async": "off",
"name": "DOS-SKETCH-RECORD",
"topic": "DOS-SKETCH-RECORD",
"mode": [
{
"channel": "kafka",
@@ -149,6 +290,7 @@
"switch": "on",
"async": "off",
"name": "POLICY-RULE-METRIC",
"topic": "POLICY-RULE-METRIC",
"mode": [
{
"channel": "kafka",
@@ -162,6 +304,7 @@
"switch": "on",
"async": "off",
"name": "NETWORK-TRAFFIC-METRIC",
"topic": "NETWORK-TRAFFIC-METRIC",
"mode": [
{
"channel": "kafka",
@@ -175,6 +318,7 @@
"switch": "on",
"async": "off",
"name": "TRAFFIC-TOP-METRIC",
"topic": "TRAFFIC-TOP-METRIC",
"mode": [
{
"channel": "kafka",
@@ -188,6 +332,7 @@
"switch": "on",
"async": "off",
"name": "STATISTICS-RULE-METRIC",
"topic": "STATISTICS-RULE-METRIC",
"mode": [
{
"channel": "kafka",
@@ -201,6 +346,7 @@
"switch": "on",
"async": "off",
"name": "OBJECT-STATISTICS-METRIC",
"topic": "OBJECT-STATISTICS-METRIC",
"mode": [
{
"channel": "kafka",

35
ansible/roles/traffic-engine/files/helm/conf/main.conf
View File

@@ -25,41 +25,6 @@ SEND_DNS_RR_SWITCH=1
{{- else }}
SEND_DNS_RR_SWITCH=0
{{- end }}
SEND_INTERCEPT_LOG=1
TCP_MIN_PKTS=3
TCP_MIN_BYTES=5
UDP_MIN_PKTS=3
UDP_MIN_BYTES=5
{{- if eq .Values.define_enable_val_yes .Values.transaction_record.enable_http }}
SEND_HTTP_TRANSACTION_RECORD=1
{{- else }}
SEND_HTTP_TRANSACTION_RECORD=0
{{- end }}
{{- if eq .Values.define_enable_val_yes .Values.transaction_record.enable_dns }}
SEND_DNS_TRANSACTION_RECORD=1
{{- else }}
SEND_DNS_TRANSACTION_RECORD=0
{{- end }}
{{- if eq .Values.define_enable_val_yes .Values.transaction_record.enable_mail }}
SEND_MAIL_TRANSACTION_RECORD=1
{{- else }}
SEND_MAIL_TRANSACTION_RECORD=0
{{- end }}
{{- if eq .Values.define_enable_val_yes .Values.voip_record.enable_sip }}
SEND_SIP_RECORD=1
{{- else }}
SEND_SIP_RECORD=0
{{- end }}
{{- if eq .Values.define_enable_val_yes .Values.voip_record.enable_rtp }}
SEND_RTP_RECORD=1
{{- else }}
SEND_RTP_RECORD=0
{{- end }}
{{- if eq .Values.define_enable_val_yes .Values.packet_capture.enable }}
ENFORCE_TROUBLESHOOTING_SWITCH=1
{{- else }}
ENFORCE_TROUBLESHOOTING_SWITCH=0
{{- end }}
[SYSTEM]
DATACENTER_ID={{ .Values.session_id_generator.snowflake_worker_id_base }}