diff options
| author | fengweihao <[email protected]> | 2023-04-04 16:06:40 +0800 |
|---|---|---|
| committer | fengweihao <[email protected]> | 2023-04-04 16:06:40 +0800 |
| commit | ed9a4739a1736dcb3cd1758dd75c8ab071f0106d (patch) | |
| tree | cae6b51f6ca83b1f478db1c20eb05378babf68ae /plugin/business/tsg-http/src/tsg_http.cpp | |
| parent | 26b533cba9865afdef4682ee99ed07932dce6947 (diff) | |
TSG-14379 Monitor策略日志多命中情况下Vsys ID填写错误v4.8.2-20230404
Diffstat (limited to 'plugin/business/tsg-http/src/tsg_http.cpp')
| -rw-r--r-- | plugin/business/tsg-http/src/tsg_http.cpp | 39 |
1 files changed, 19 insertions, 20 deletions
diff --git a/plugin/business/tsg-http/src/tsg_http.cpp b/plugin/business/tsg-http/src/tsg_http.cpp index 6f8947d..af64d20 100644 --- a/plugin/business/tsg-http/src/tsg_http.cpp +++ b/plugin/business/tsg-http/src/tsg_http.cpp @@ -128,6 +128,7 @@ struct maat_rule_t unsigned char do_blacklist; unsigned char action; char *srv_def_large; + int vsys_id; }; struct policy_action_param @@ -137,7 +138,6 @@ struct policy_action_param char *message; char *position; float enforcement_ratio; - int vsys_id; int profile_id; int status_code; @@ -390,13 +390,14 @@ void octal_utf8_escapes(char *input) void policy_action_param_new(const char *table_name, int table_id, const char* key, const char* table_line, void **ad, long argl, void* argp) { int ret=0; - int config_id=0, service_id=0, action=0; + long long config_id=0; + int service_id=0, action=0; int do_log=0,do_blacklist=0,is_valid=0; char effective_range[1024]={0}; char srv_def_large[8192]={0}; struct policy_action_param* param=NULL; - ret=sscanf(table_line, "%d\t%d\t%d\t%d\t%d\t%s\t%s\t%d", &config_id, &service_id, &action, &do_blacklist, &do_log,effective_range, srv_def_large, &is_valid); + ret=sscanf(table_line, "%lld\t%d\t%d\t%d\t%d\t%s\t%s\t%d", &config_id, &service_id, &action, &do_blacklist, &do_log,effective_range, srv_def_large, &is_valid); if(ret!=8) { TFE_LOG_ERROR(g_proxy_rt->local_logger, "ctrl policy table parse failed, ret:%d, %s", ret, table_line); @@ -415,14 +416,14 @@ void policy_action_param_new(const char *table_name, int table_id, const char* k json=cJSON_Parse(srv_def_large); if(json==NULL) { - TFE_LOG_ERROR(g_proxy_rt->local_logger, "invalid policy parameter: id = %d", config_id); + TFE_LOG_ERROR(g_proxy_rt->local_logger, "invalid policy parameter: id = %lld", config_id); return; } item=cJSON_GetObjectItem(json, "protocol"); if(unlikely(!item || !cJSON_IsString(item))) { - TFE_LOG_ERROR(g_proxy_rt->local_logger, "Invalid policy parameter: %d invalid protocol format", config_id); + TFE_LOG_ERROR(g_proxy_rt->local_logger, "Invalid policy parameter: %lld invalid protocol format", config_id); goto error_out; } @@ -454,14 +455,14 @@ void policy_action_param_new(const char *table_name, int table_id, const char* k item=cJSON_GetObjectItem(json,"vsys_id"); if(item && item->type==cJSON_Number) { - param->vsys_id= item->valueint; + param->hit_rule.vsys_id=item->valueint; } break; case MA_ACTION_REDIRECT: item=cJSON_GetObjectItem(json,"vsys_id"); if(item && item->type==cJSON_Number) { - param->vsys_id= item->valueint; + param->hit_rule.vsys_id=item->valueint; } item=cJSON_GetObjectItem(json,"code"); if(item && item->type==cJSON_Number) @@ -487,7 +488,7 @@ void policy_action_param_new(const char *table_name, int table_id, const char* k item=cJSON_GetObjectItem(json,"vsys_id"); if(item && item->type==cJSON_Number) { - param->vsys_id= item->valueint; + param->hit_rule.vsys_id=item->valueint; } item=cJSON_GetObjectItem(json,"code"); if(item && item->type==cJSON_Number) @@ -509,7 +510,7 @@ void policy_action_param_new(const char *table_name, int table_id, const char* k item=cJSON_GetObjectItem(json,"vsys_id"); if(item && item->type==cJSON_Number) { - param->vsys_id= item->valueint; + param->hit_rule.vsys_id=item->valueint; } item=cJSON_GetObjectItem(json,"enforcement_ratio"); if(item && item->type==cJSON_Number) @@ -549,7 +550,7 @@ void policy_action_param_new(const char *table_name, int table_id, const char* k item=cJSON_GetObjectItem(json,"vsys_id"); if(item && item->type==cJSON_Number) { - param->vsys_id= item->valueint; + param->hit_rule.vsys_id=item->valueint; } item=cJSON_GetObjectItem(json,"hijack_profile"); if(item && item->type==cJSON_Number){ @@ -569,7 +570,7 @@ void policy_action_param_new(const char *table_name, int table_id, const char* k item=cJSON_GetObjectItem(json,"vsys_id"); if(item && item->type==cJSON_Number) { - param->vsys_id= item->valueint; + param->hit_rule.vsys_id=item->valueint; } item=cJSON_GetObjectItem(json,"insert_profile"); if(item && item->type==cJSON_Number){ @@ -593,7 +594,7 @@ void policy_action_param_new(const char *table_name, int table_id, const char* k item=cJSON_GetObjectItem(json,"vsys_id"); if(item && item->type==cJSON_Number) { - param->vsys_id= item->valueint; + param->hit_rule.vsys_id=item->valueint; } rules = cJSON_GetObjectItem(json, "rules"); if(rules == NULL) @@ -636,7 +637,7 @@ void policy_action_param_new(const char *table_name, int table_id, const char* k item=cJSON_GetObjectItem(json,"vsys_id"); if(item && item->type==cJSON_Number) { - param->vsys_id= item->valueint; + param->hit_rule.vsys_id=item->valueint; } item=cJSON_GetObjectItem(json,"run_script_profile"); if(item && item->type==cJSON_Number){ @@ -656,7 +657,7 @@ void policy_action_param_new(const char *table_name, int table_id, const char* k break; } *ad=param; - TFE_LOG_INFO(g_proxy_rt->local_logger, "Add ctrl policy: %d", config_id); + TFE_LOG_INFO(g_proxy_rt->local_logger, "Add ctrl policy: %lld", config_id); error_out: cJSON_Delete(json); return; @@ -1560,6 +1561,10 @@ static enum proxy_action decide_ctrl_action(long long *results, size_t n_hit, { *param=(struct policy_action_param*)ex_data; } + if(hit_rules) + { + FREE(&hit_rules); + } return prior_action; } @@ -3249,12 +3254,6 @@ void proxy_on_http_end(const struct tfe_stream * stream, .req_body=ctx->log_req_body, .resp_body=ctx->log_resp_body, .action=0, .inject_sz=ctx->inject_sz, .asn_client=ctx->ip_ctx.asn_client, .asn_server=ctx->ip_ctx.asn_server, .location_client=ctx->ip_ctx.location_client, .location_server=ctx->ip_ctx.location_server}; - - if(ctx != NULL && ctx->param != NULL) - { - log_msg.vsys_id = ctx->param->vsys_id; - } - if(ctx->action == PX_ACTION_MANIPULATE) { log_msg.action = ctx->param->action; |