diff options
| author | zhangchengwei <[email protected]> | 2018-12-18 18:50:04 +0800 |
|---|---|---|
| committer | zhangchengwei <[email protected]> | 2018-12-18 18:50:04 +0800 |
| commit | 8ce0375744f5780b3f844a4d6bcc6a47f75fe5d8 (patch) | |
| tree | 1a76ab4777ee4dd1bb88d72692fcaa19a7d4cac2 | |
| parent | e75fb26213ce53bf6a9b02a135ff08f45b7d7187 (diff) | |
| -rw-r--r-- | bin/conf/maat_table_info_tag.conf | 2 | ||||
| -rw-r--r-- | bin/conf/table_info/maat_info.conf | 2 | ||||
| -rw-r--r-- | bin/conf/table_info/service_id_map.conf | 6 | ||||
| -rw-r--r-- | bin/conf/table_info/table_info_one.conf | 2 | ||||
| -rw-r--r-- | src/pg_valve_deal.cpp | 6 | ||||
| -rw-r--r-- | src/pg_valve_maat.cpp | 3 |
6 files changed, 15 insertions, 6 deletions
diff --git a/bin/conf/maat_table_info_tag.conf b/bin/conf/maat_table_info_tag.conf index 80cb161..cbf6669 100644 --- a/bin/conf/maat_table_info_tag.conf +++ b/bin/conf/maat_table_info_tag.conf @@ -19,3 +19,5 @@ 10 IPD_DYN_SUBSCIBE_IP plugin {"valid":9,"tag":12} 11 ANTI_DDOS_ATTACK_CB plugin {"valid":14,"tag":18} 12 MM_DYN_VOIP_DROP plugin {"valid":14,"tag":18} +13 WHITE_LIST_IP plugin {"valid":14,"tag":18} +14 PXY_OBJ_SPOOFING_IP_POOL plugin {"valid":9,"tag":12} diff --git a/bin/conf/table_info/maat_info.conf b/bin/conf/table_info/maat_info.conf index d363f08..a61880c 100644 --- a/bin/conf/table_info/maat_info.conf +++ b/bin/conf/table_info/maat_info.conf @@ -1,5 +1,5 @@ #INS_NAME MAAT_ROOT VERSION_FILE REDIS_IP RPORT RINDEX TABLE_NAMES_LIST -STATIC ./conf/maat_cfg1/ ./conf/version_static.txt 10.3.34.1 6379 5 APP_POLICY;APP_DOMAIN;PXY_INTERCEPT_DOMAIN;APP_STATIC_SEV_IP;PXY_INTERCEPT_IP;INLINE_IP_CB +STATIC ./conf/maat_cfg1/ ./conf/version_static.txt 10.3.34.1 6379 5 APP_POLICY;APP_DOMAIN;PXY_INTERCEPT_DOMAIN;APP_STATIC_SEV_IP;PXY_INTERCEPT_IP;INLINE_IP_CB;WHITE_LIST_IP;PXY_OBJ_SPOOFING_IP_POOL DYNAMIC1 ./conf/maat_cfg2/ ./conf/version_dynamic2.txt 10.3.47.1 6379 0 ANTI_DDOS_ATTACK_CB;IR_INTERCEPT_IP;MM_DYN_VOIP_DROP DYNAMIC2 ./conf/maat_cfg2/ ./conf/version_dynamic2.txt 10.3.47.1 6379 1 APP_DYN_SEV_IP_CB;PXY_DYN_SEV_IP_CB;IPD_DYN_SUBSCIBE_IP DYNAMIC3 ./conf/maat_cfg2/ ./conf/version_dynamic3.txt 10.3.47.1 6379 2 DK_CLI_IP_CB diff --git a/bin/conf/table_info/service_id_map.conf b/bin/conf/table_info/service_id_map.conf index fd9610a..d3bcf84 100644 --- a/bin/conf/table_info/service_id_map.conf +++ b/bin/conf/table_info/service_id_map.conf @@ -1,8 +1,10 @@ #service_id limit_rate grule_serv_type RULE_SCOPE limit_num +#WHITE_LIST_IP white list +1 0 4 1 1000 #INLINE_IP_CB DROP 3 0 10 1 1000 #ANTIDDOS DROP -5 0 7 1 1000 +5 0 17 1 1000 #INLINE_IP_CB DROP IPSEC/GRE 0x19/0x1C 25 0 10 1 1000 28 0 10 1 1000 @@ -26,6 +28,8 @@ 514 90 21 1 1000 514 100 21 1 1000 517 0 21 1 1000 +518 0 21 1 1000 +642 0 21 1 1000 #PXY_INTERCEPT_DOMAIN MONITOR 0x201/0x203 513 0 22 1 1000 diff --git a/bin/conf/table_info/table_info_one.conf b/bin/conf/table_info/table_info_one.conf index 8045389..96eb57e 100644 --- a/bin/conf/table_info/table_info_one.conf +++ b/bin/conf/table_info/table_info_one.conf @@ -6,4 +6,6 @@ DK_CLI_IP_CB:5 9 REGION_TYPE_IP IPD_DYN_SUBSCIBE_IP:6 10 REGION_TYPE_POOL ANTI_DDOS_ATTACK_CB:7 11 REGION_TYPE_IP MM_DYN_VOIP_DROP:8 12 REGION_TYPE_IP +WHITE_LIST_IP:9 13 REGION_TYPE_IP +PXY_OBJ_SPOOFING_IP_POOL:10 14 REGION_TYPE_POOL diff --git a/src/pg_valve_deal.cpp b/src/pg_valve_deal.cpp index 996aec6..e921335 100644 --- a/src/pg_valve_deal.cpp +++ b/src/pg_valve_deal.cpp @@ -274,7 +274,6 @@ SSCANF_ERROR_NO_t fill_in_region_grule_ip(const char* table_line, one_config_hno iprule->grule.rule_type.pmsk_flag = ((iprule->grule.rule_type.sipmsk_flag||iprule->grule.rule_type.dipmsk_flag) && protocol!=0)?1:0; break; default: - assert(0); return SSCANF_ERROR_PROTOCOL; } @@ -385,7 +384,7 @@ void one_maat_update_callback(int32_t table_id, const char* table_line, void* u_ code = fill_in_region_grule_pool(table_line, &priv.iprule); break; default: - assert(0);return; + return; } if(code!=SSCANF_OK || (check=_wrap_grule_check(&priv.iprule.grule))) { @@ -848,7 +847,7 @@ void onesw_maat_update_callback(int32_t table_id,const char* table_line,void* u_ hash_key.service_id = maat_data->table->service_id; hash_key.table_id = maat_data->table->table_id_key; hash_key.dsetid = dsetid; - hash_key.did = (maat_data->table->parent->parent!=NULL)?did:0; + hash_key.did = did; pthread_rwlock_rdlock(&g_pgvalve_info.rwlock); MESA_htable_search_cb(maat_data->table->hash_handle, (unsigned char *)&hash_key, sizeof(table_hash_key_t), onesw_deal_config_incr_cb, (void*)&priv, &cb_ret); @@ -1063,6 +1062,7 @@ void two_maat_update_callback(int32_t table_id,const char* table_line,void* u_pa MESA_HANDLE_RUNTIME_LOGV2(g_pgvalve_info.log_runtime,RLOG_LV_INFO, MODULE_NAME, "pz_error: table %s invalid line: %s", maat_data->table->table_name, table_line); return ; } + //�����Ķ�����(����)У��ҵ��� if(maat_data->table->parent==NULL && service_to_c3_servtype(service, (limit_rate/10)*10, &priv.gmap_info)) { pz_trans_statistic_count(maat_data->table->service_id, maat_data->table->table_id_key, 1, STAT_FIELD_RERROR); diff --git a/src/pg_valve_maat.cpp b/src/pg_valve_maat.cpp index a04e177..cb59d3a 100644 --- a/src/pg_valve_maat.cpp +++ b/src/pg_valve_maat.cpp @@ -100,7 +100,7 @@ int MaatService::store_latest_version(long long ver) int MaatService::maat_feather_start(void) { char tmp_buffer[1024]; - int ret; + int ret, scan_interval_ms=10; feather = Maat_feather(1, g_pgvalve_info.maat_table_info, g_pgvalve_info.log_runtime); if(feather == NULL) @@ -112,6 +112,7 @@ int MaatService::maat_feather_start(void) ret = Maat_set_feather_opt(feather, MAAT_OPT_STAT_FILE_PATH, tmp_buffer, strlen(tmp_buffer)+1); ret |= Maat_set_feather_opt(feather, MAAT_OPT_STAT_ON, NULL, 0); ret |= Maat_set_feather_opt(feather, MAAT_OPT_PERF_ON, NULL, 0); + ret |= Maat_set_feather_opt(feather, MAAT_OPT_SCANDIR_INTERVAL_MS, &scan_interval_ms, sizeof(scan_interval_ms)); ret |= Maat_set_feather_opt(feather, MAAT_OPT_INSTANCE_NAME, table_relate->instance_name, strlen(table_relate->instance_name)+1); if(strlen(g_pgvalve_info.effective_range)>0) |