TSG-20185 Proxy支持IP+Port组合objectv4.8.73-20240328

TSG-19907 修复笔误doH日志中多次发送decoded_as字段 TSG-19820 Protocol Field中Request Body/Response Body选择非运算时，无法命中策略 TSG-19540 修复Manipulation策略中Protocol选择UDP/ICMP时,选择非无法命中策略 TSG-19337 界面展示一致性，Proxy的Manipulate日志中的IP Protocol统一小写 TSG-19480 修复Metric中命中策略统计和Throughput的时机不一致，造成界面展示歧义
author: fengweihao <[email protected]> 2024-03-28 16:50:15 +0800
committer: fengweihao <[email protected]> 2024-03-28 16:50:15 +0800
commit: 32226c97345d3397b6c8ee11246ec0a07c4069b4 (patch)
tree: fe73e9a6bba08cd79766b01fb735ccec7df23be5 /common/src/tfe_scan.cpp
parent: a2dce7672acb5f21f2d4e111d3a9965de5cd1327 (diff)
1 files changed, 22 insertions, 10 deletions
diff --git a/common/src/tfe_scan.cpp b/common/src/tfe_scan.cpp
index 2f22ac4..022db89 100644
--- a/common/src/tfe_scan.cpp
+++ b/common/src/tfe_scan.cpp
@@ -428,9 +428,15 @@ int tfe_scan_ipv4_addr(const struct tfe_stream *stream, long long *result, struc
     {
         hit_cnt_ip += n_hit_result;
     }
+    scan_ret = maat_scan_not_logic((struct maat *)tfe_bussiness_resouce_get(STATIC_MAAT), tfe_bussiness_tableid_get(PXY_CTRL_IP_PROTOCOL), 
+                                  result+hit_cnt+hit_cnt_ip, MAX_SCAN_RESULT-hit_cnt-hit_cnt_ip, &n_hit_result, scan_mid);
+    if (scan_ret == MAAT_SCAN_HIT)
+    {
+        hit_cnt_ip += n_hit_result;
+    }
 
-    scan_ret = maat_scan_ipv4((struct maat *)tfe_bussiness_resouce_get(STATIC_MAAT), tfe_bussiness_tableid_get(PXY_CTRL_SOURCE_IP), sapp_addr.v4->saddr,
-                               result+hit_cnt+hit_cnt_ip, MAX_SCAN_RESULT-hit_cnt-hit_cnt_ip, &n_hit_result, scan_mid);
+    scan_ret = maat_scan_ipv4_port((struct maat *)tfe_bussiness_resouce_get(STATIC_MAAT), tfe_bussiness_tableid_get(PXY_CTRL_SOURCE_IP), sapp_addr.v4->saddr, ntohs(sapp_addr.v4->source),
+                                    result+hit_cnt+hit_cnt_ip, MAX_SCAN_RESULT-hit_cnt-hit_cnt_ip, &n_hit_result, scan_mid);
     if (scan_ret == MAAT_SCAN_HIT)
     {
         hit_cnt_ip += n_hit_result;
@@ -447,8 +453,8 @@ int tfe_scan_ipv4_addr(const struct tfe_stream *stream, long long *result, struc
         hit_cnt_ip += scan_ret;
     }
 
-    scan_ret = maat_scan_ipv4((struct maat *)tfe_bussiness_resouce_get(STATIC_MAAT), tfe_bussiness_tableid_get(PXY_CTRL_DESTINATION_IP), sapp_addr.v4->daddr, 
-                              result+hit_cnt+hit_cnt_ip, MAX_SCAN_RESULT-hit_cnt-hit_cnt_ip, &n_hit_result, scan_mid);
+    scan_ret = maat_scan_ipv4_port((struct maat *)tfe_bussiness_resouce_get(STATIC_MAAT), tfe_bussiness_tableid_get(PXY_CTRL_DESTINATION_IP), sapp_addr.v4->daddr, ntohs(sapp_addr.v4->dest),
+                                   result+hit_cnt+hit_cnt_ip, MAX_SCAN_RESULT-hit_cnt-hit_cnt_ip, &n_hit_result, scan_mid);
     if(scan_ret == MAAT_SCAN_HIT)
     {
         hit_cnt_ip += n_hit_result;
@@ -483,9 +489,15 @@ int tfe_scan_ipv6_addr(const struct tfe_stream *stream, long long *result, struc
     {
         hit_cnt_ip += n_hit_result;
     }
-    
-    scan_ret = maat_scan_ipv6((struct maat *)tfe_bussiness_resouce_get(STATIC_MAAT), tfe_bussiness_tableid_get(PXY_CTRL_SOURCE_IP), sapp_addr.v6->saddr,
-                              result+hit_cnt+hit_cnt_ip, MAX_SCAN_RESULT-hit_cnt-hit_cnt_ip, &n_hit_result, scan_mid);
+    scan_ret = maat_scan_not_logic((struct maat *)tfe_bussiness_resouce_get(STATIC_MAAT), tfe_bussiness_tableid_get(PXY_CTRL_IP_PROTOCOL), 
+                                   result+hit_cnt+hit_cnt_ip, MAX_SCAN_RESULT-hit_cnt-hit_cnt_ip, &n_hit_result, scan_mid);
+    if (scan_ret == MAAT_SCAN_HIT)
+    {
+        hit_cnt_ip += n_hit_result;
+    }
+
+    scan_ret = maat_scan_ipv6_port((struct maat *)tfe_bussiness_resouce_get(STATIC_MAAT), tfe_bussiness_tableid_get(PXY_CTRL_SOURCE_IP), sapp_addr.v6->saddr, ntohs(sapp_addr.v6->source),
+                                   result+hit_cnt+hit_cnt_ip, MAX_SCAN_RESULT-hit_cnt-hit_cnt_ip, &n_hit_result, scan_mid);
     if (scan_ret == MAAT_SCAN_HIT)
     {
         hit_cnt_ip += n_hit_result;
@@ -501,9 +513,9 @@ int tfe_scan_ipv6_addr(const struct tfe_stream *stream, long long *result, struc
     {
         hit_cnt_ip += scan_ret;
     }
-
-    scan_ret = maat_scan_ipv6((struct maat *)tfe_bussiness_resouce_get(STATIC_MAAT), tfe_bussiness_tableid_get(PXY_CTRL_DESTINATION_IP), sapp_addr.v6->daddr, 
-                              result+hit_cnt+hit_cnt_ip, MAX_SCAN_RESULT-hit_cnt-hit_cnt_ip, &n_hit_result, scan_mid);
+    
+    scan_ret = maat_scan_ipv6_port((struct maat *)tfe_bussiness_resouce_get(STATIC_MAAT), tfe_bussiness_tableid_get(PXY_CTRL_DESTINATION_IP), sapp_addr.v6->daddr, ntohs(sapp_addr.v6->dest),
+                                  result+hit_cnt+hit_cnt_ip, MAX_SCAN_RESULT-hit_cnt-hit_cnt_ip, &n_hit_result, scan_mid);
     if (scan_ret == MAAT_SCAN_HIT)
     {
         hit_cnt_ip += n_hit_result;
author	fengweihao <[email protected]>	2024-03-28 16:50:15 +0800
committer	fengweihao <[email protected]>	2024-03-28 16:50:15 +0800
commit	32226c97345d3397b6c8ee11246ec0a07c4069b4 (patch)
tree	fe73e9a6bba08cd79766b01fb735ccec7df23be5 /common/src/tfe_scan.cpp
parent	a2dce7672acb5f21f2d4e111d3a9965de5cd1327 (diff)