gfwleak/tsg-tsg-os-buildimage
Archived
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
1,550 Commits 92 Branches 330 Tags
f31633e718ea26747876d08a263f423b3ee8a8b2
Commit Graph

832 Commits

Author SHA1 Message Date
liuxueli
f31633e718 更新session record, 修复: TSG-16183 - Security http协议的Session日志中http字段数值异常 2023-07-20 19:46:41 +08:00
liuxueli
3730dd8c4e 更新BGP, 修复 OMPUB-840: 增强校验BGP协议的逻辑,避免误识别导致CPU消耗 2023-07-19 12:11:13 +00:00
wangmenglan
1b562ba86a Clixon更新至1.0.59 
TSG-16271: Clixon中增加日志字段开关
 2023-07-19 11:15:53 +00:00
linxin
d34a8eff2b TSG-16258: 修复部分core文件无法查到info信息 2023-07-19 18:05:12 +08:00
liuxueli
f678dad09f 更新sapp, 支持: 
调整ipv6判断上层承载协议的逻辑,对于未知类型默认执行pass
无systemd时,检测到死锁直接exit(-1)
修复未正确更新SAPP_STAT_TCP_STREAM_DEL的bug
增加tcp.opening_timeout参数,默认10s
移除新设置超时时间必须大于已有的限制
 2023-07-18 15:58:34 +00:00
liuxueli
8b4aa1f056 修正RAPIDJSON_CHUNK_CAPACITY变量默认值,由8192改为2048 2023-07-18 23:52:48 +08:00
wangmenglan
3ac8136443 Clixon更新至1.0.58 
TSG-16254: Clixon增加SSL decode certificate的开关
 2023-07-18 11:35:09 +00:00
liuxueli
2703ce5306 更新ssl, 增加是否解析证书的开关: PARSE_CERTIFICATE_DETAIL 2023-07-18 19:22:41 +08:00
liuxueli
fdbd3b36b1 更新tsg_master, 修复: OMPUB-965 - 【P19现场】tsg-os打开日志压缩开关,无压缩效果 2023-07-17 11:49:15 +08:00
杨威
29d73abb7f 更新tsg_master-6.0.38.613bc2b,修复 OMPUB-963,发送日志时单核死锁 2023-07-16 07:34:59 +00:00
liuxueli
feac7f001b 更新app_proto_identify-2.1.10.222e48e, OMPUB-960 - P19现场: 基础协议识别插件(app_proto_identify)占用CPU较高(15%左右) 2023-07-14 23:13:44 +08:00
liuxueli
2359b01529 更新tsg_master、app_proto_identify, 修复: 
OMPUB-961 - P19现场: TSG MASTER解析SYN/SYN_ACK占用CPU2.6%左右
OMPUB-960 - P19现场: 基础协议识别插件(app_proto_identify)占用CPU较高(15%左右)
 2023-07-14 21:08:12 +08:00
liuchang
1ad7863d30 shaping borrow profile do not drop packet 2023-07-14 10:39:55 +00:00
liuxueli
859e5c0607 更新: tsg_master、session_record,修复: 
TSG-15999 - 日志中的app_full_path出现异常内容
TSG-15855 - Session Records存在大量重复Session ID
发送日志时开启KAFKA压缩 COMPRESSION_TYPE="snappy"
 2023-07-13 11:03:55 +00:00
wangmenglan
d47065b2b3 bugfix: SCE更新至1.0.14 
TSG-14170: Service Function的Health Check为None时,未获取到SF状态和MAC Address
 2023-07-13 11:02:35 +00:00
liuxueli
079e9646db 更新http、session_record、firewall, 修复: 
firewall: TCP/UDP未注册FS Line ID, 使用FS-operate函数操作可能会导致重启
http,session_record: 修正输出本地日志的级别
 2023-07-12 23:43:26 +08:00
liuchang
069ecd24a0 没有缓存报文时,减少CPU使用率 2023-07-12 12:03:02 +00:00
yangwei
53c8a6bc7d feat(rpm and sapp.toml update): sapp.toml & mail.so 
1、sapp.toml 默认polling_priority=100
2、update to mail-1.0.19.e982b44, Fix TSG-12082 and Fix TSG-11013
 2023-07-12 14:50:23 +08:00
liuxueli
7b3dcefe5d 更新tsg_master、firewall、session_record,修复: 
TSG-13811 - 策略条件为flag+application,日志中出现其他application的日志
TSG-15779 - 建议SSL协议日志中增加ECH相关字段
TSG-16028 - 功能端未按照0号策略配置发送reset、icmp包
TSG-15934 - Security Events中的Request body文件下载时提示失败,未发现文件
 2023-07-11 13:51:49 +00:00
fengweihao
cf4df8a18b 更新tfe到v4.8.32, 版本修改: TSG-16056 修复deny动作 2023-07-11 18:11:54 +08:00
wangmenglan
2b90184a7b Clixon更新至1.0.57 
修复Clixon加载failsafe_db时, 配置带有默认值的字段不生效
 2023-07-10 18:24:31 +08:00
Lu Qiuwen
777982d4b5 TSG-15972 update mrzcpd to 4.6.37 2023-07-07 20:37:47 +08:00
liuwentan
6153d63b11 maat4.0.30 2023-07-07 16:18:11 +08:00
luwenpeng
6287040946 bugfix(hasp-tools): open too many files 2023-07-07 13:29:59 +08:00
fumingwei
3cfbc5275f bugfix:update libfieldstat3 to 3.0.9 2023-07-06 21:46:03 +08:00
luwenpeng
aa967fd9b2 优化hasp_login的逻辑 2023-07-06 17:50:48 +08:00
liuxueli
94cbee8854 更新sapp、tsg_master、packet_pacture_plug、radius_collect_plug, 修复: 
TSG-15514 - 对于dns协议,流量未遵循天然条件优先级命中规则
TSG-15585 - http流量命中deny-alert-204策略,功能端未发送204响应码
TSG-15642 - 功能端未发送icmp不可达报文
TSG-15673 - 【LTS版本】Monitor动作会对dns协议多记录一条无返回的安全日志
TSG-15682 - 【LTS版本】Radius Records中,firewall未将MAC相关字段发送给OLAP
 2023-07-05 20:28:49 +08:00
wangmenglan
c96d3ac7bf Clixon更新至1.0.56 增加HTTP_GZIP和MAIL_BASE64开关 2023-07-05 11:16:38 +00:00
fengweihao
23d2acbb6e 更新app-proto-engine到v3.0.2, 版本修改: 配置项变更,删除debug日志无效输出 2023-07-05 18:44:02 +08:00
liuchang
3af2a592d2 change max processed session num when polling for different priority 
check diabled rule for existed session every interval, default interval 120s
 2023-07-05 07:57:29 +00:00
songyanchao
fecfda4bcf 🐞 fix(TSG-15643): mrzcpd升级至v4.6.36 
ctrlmsg 添加 tcp keepalive 、 从mrzcpd.service中删除k3s相关依赖项
 2023-07-04 22:17:39 -04:00
liuxueli
97fa373fea 更新session record,修复: 
TSG-15760 - Security Events握手延迟不准确
TSG-15829 - Logs统计HTTP的HTTP.Response Latency (ms)与HTTP.Session Duration (ms)字段出现负值
 2023-07-04 21:04:19 +08:00
wangmenglan
cd950c722a feat(TSG-15852):Clixon cm_policy_local_cache命令支持主备切换 2023-07-04 12:02:35 +00:00
liuxueli
8fbd4b1dab 更新sapp、ssl、tsg_master、session_record、firewall,修复: 
TSG-15591 - tsg-x和9140环境,deny-quic协议的drop after n packet设置为非0值时有阻断效果,但未产生安全日志 RESOLVED
TSG-14336 - deny ftp的策略,当Drop packet after N packet设置为64时无阻断效果
 2023-07-04 10:22:57 +00:00
fengweihao
39bc5d8016 更新tfe到v4.8.31, 版本修改: TSG-15781 删除策略用户自定域中的protocol字段检查 2023-07-03 18:56:47 +08:00
linxin
a4c7fc8dbe TSG-15646:调整coredump磁盘使用率限制为60% 2023-07-03 10:27:59 +00:00
wangmenglan
dbcf3a45e7 Clixon更新至1.0.53 
TSG-15731: Clixon支持配置bond_mode以及bond_xmit_policy
 2023-06-30 19:37:53 +08:00
liuxueli
32776525e7 OMPUB-937: 福建项目:LUA虚拟机线程不安全,多线程执行LUA脚本导致程序重启(两个线程分别加载LUA和执行LUA) 2023-06-30 11:17:19 +00:00
liuchang
222f846c7e drop packet when delay over 2 seconds 2023-06-30 11:14:11 +00:00
liuxueli
c61e86ce9b 更新tsg_master、ssl,支持: 
TSG-15162 - ssl解析层支持识别ECH
TSG-15163 - tsg_master支持将ECH识别映射为对应的APPID,并参与执行策略
 2023-06-30 18:11:00 +08:00
songyanchao
a048e0ed6e 🎈 perf: mrzcpd 升级至v4.6.34 (修复 mrpdump 工具在设置bpf参数时捕包异常问题) 
mrzcpd 升级至v4.6.34 (修复 mrpdump 工具在设置bpf参数时捕包异常问题)
 2023-06-29 12:44:15 +00:00
songyanchao
d6e49fd5ef 🎈 perf: MRZCPD升级至v4.6.33 
MRZCPD升级至v4.6.33
 2023-06-28 12:22:29 +00:00
liuwentan
3ade1804b6 maat4.0.29 2023-06-28 12:22:05 +00:00
luwenpeng
53dba15ce9 更新hasp-tools到1.0.7 
* 共享内存支持无锁访问
    * hasp_monitor运行过程中独占一个授权坐席
    * hasp_monitor & hasp_policy支持SIGUSER1/SIGUSER2信号调整日志级别
    * hasp_monitor检测到授权过期后重新login尝试获取新授权
 2023-06-28 14:44:52 +08:00
wangmenglan
7da946f108 Clixon更新至1.0.51 
TSG-15708: OS适配session flag插件名字修改
TSG-15713: Clixon支持平滑升级
 2023-06-27 12:25:31 +00:00
刘学利
3cd287f168 更新sapp、tsg_master、quic、session_record: 2023-06-27 12:25:15 +00:00
songyanchao
dce2dfb204 🎈 perf(DPISDN-13): MRZCPD 升级至V4.6.23 (DPDK 升级至 21.11.4) 
MRZCPD 升级至V4.6.23 (DPDK 升级至 21.11.4)
 2023-06-27 03:47:18 -04:00
liuchang
04f34ba72d change plugin name from session_marker_record to session_flags 2023-06-27 06:16:41 +00:00
liuxueli
d95f1731b2 更新tsg-master、firewall, 修复或支持: 
TSG-15656 - 功能端输出MAC地址
TSG-15446 - Live Traffic Chart多个统计数据量低于同时间范围内Report对应统计
 2023-06-25 20:01:54 +08:00
wangmenglan
0e07448419 Clixon更新至1.0.50, 创建vsys前查询helm版本 2023-06-25 10:45:13 +00:00