diff options
| author | fengweihao <[email protected]> | 2024-10-12 11:20:39 +0800 |
|---|---|---|
| committer | fengweihao <[email protected]> | 2024-10-12 11:20:39 +0800 |
| commit | b7fb2d8a42edd813048eef616fc7edf9d53c65de (patch) | |
| tree | 910d2179ee06ea736160a8e7ed940552893c8947 /resource | |
| parent | c9ae13042d0e44f19e0d5cc64b70a409861c77af (diff) | |
Fix the scanning interface for UUID objects and adapt to changes in the APP_ID_DICT dictionary table.
Diffstat (limited to 'resource')
| -rw-r--r-- | resource/pangu/pangu_http.json | 122 |
1 files changed, 115 insertions, 7 deletions
diff --git a/resource/pangu/pangu_http.json b/resource/pangu/pangu_http.json index 5798ee4..0ddf0c3 100644 --- a/resource/pangu/pangu_http.json +++ b/resource/pangu/pangu_http.json @@ -3,7 +3,7 @@ "object2object_table": "OBJECT_GROUP", "rules": [ { - "uuid": "40c9c6a7-70a9-48ae-9fba-ec7966edd3c6", + "uuid": "00001021-0000-0000-0000-000000000000", "service": 1, "action": "manipulate", "blacklist_option": 1, @@ -20,7 +20,115 @@ "table_name": "TSG_OBJ_URL", "table_type": "expr", "table_content": { - "keywords": "test123456", + "expression": "baidu.com", + "expr_type": "and" + } + } + ] + } + ] + }, + { + "attribute_name": "ATTR_APP_ID", + "negate_option": false, + "object_uuids": [ + "00000201-0000-0000-0000-000000000000" + ] + } + ] + }, + { + "uuid": "00001023-0000-0000-0000-000000000000", + "service": 1, + "action": "manipulate", + "blacklist_option": 1, + "log_option": "all", + "action_parameter": {"protocol":"http","method":"replace","rules":[{"search_in":"http_resp_body","find":"����","replace_with":"test"}]}, + "is_valid": "yes", + "conditions": [ + { + "attribute_name": "ATTR_SERVER_FQDN", + "objects": [ + { + "items": [ + { + "table_name": "TSG_OBJ_FQDN", + "table_type": "expr", + "table_content": { + "expression": "baidu.com", + "expr_type": "and" + } + } + ] + } + ] + } + ] + }, + { + "uuid": "00001026-0000-0000-0000-000000000000", + "service": 1, + "action": "manipulate", + "blacklist_option": 1, + "log_option": "all", + "action_parameter": {"protocol":"http","method":"block","code":403,"message":"error"}, + "is_valid": "yes", + "conditions": [ + { + "attribute_name": "ATTR_HTTP_REQ_HDR", + "objects": [ + { + "items": [ + { + "table_name": "TSG_OBJ_KEYWORD", + "table_type": "expr", + "table_content": { + "expression": "Chrome", + "expr_type": "and" + } + } + ] + } + ] + }, + { + "attribute_name": "ATTR_HTTP_REQ_HDR", + "objects": [ + { + "items": [ + { + "table_name": "TSG_OBJ_KEYWORD", + "table_type": "expr", + "table_content": { + "expression": "uid=12345678", + "expr_type": "and" + } + } + ] + } + ] + } + ] + }, + { + "uuid": "00001028-0000-0000-0000-000000000000", + "service": 1, + "action": "manipulate", + "blacklist_option": 1, + "log_option": "all", + "action_parameter": {"protocol":"http","method":"block","code":403,"message":"error"}, + "is_valid": "yes", + "conditions": [ + { + "attribute_name": "ATTR_HTTP_URL", + "objects": [ + { + "items": [ + { + "table_name": "TSG_OBJ_URL", + "table_type": "expr", + "table_content": { + "expression": "bing.com", "expr_type": "and" } } @@ -41,19 +149,19 @@ { "table_name": "TSG_PROFILE_RESPONSE_PAGES", "table_content": [ - {"uuid":"RESPONSE-PAGES-0000-0000-000000000001","profile_name":"404","format":"html","path":"./resource/pangu/policy_file/404.html","is_valid":1,"modified_time":"1716531859000000"} + {"uuid":"00000101-0000-0000-0000-000000000000","profile_name":"404","format":"html","path":"./resource/pangu/policy_file/404.html","is_valid":1,"modified_time":"1716531859000000"} ] }, { "table_name": "PXY_PROFILE_HIJACK_FILES", "table_content": [ - {"uuid":"HIJACK-FILES-0000-0000-000000000001","profile_name":"chakanqi","content_name":"chakanqi-947KB.exe","content_type":"application/x-msdos-program","path":"./resource/pangu/policy_file/chakanqi-947KB.exe","is_valid":1,"modified_time":"1716531859000000"} + {"uuid":"00000201-0000-0000-0000-000000000000","profile_name":"chakanqi","content_name":"chakanqi-947KB.exe","content_type":"application/x-msdos-program","path":"./resource/pangu/policy_file/chakanqi-947KB.exe","is_valid":1,"modified_time":"1716531859000000"} ] }, { "table_name": "PXY_PROFILE_INSERT_SCRIPTS", "table_content": [ - {"uuid":"INSERT-SCRIPTS-0000-0000-000000000001","profile_name":"time","format":"js","insert_on":"before_page_load","path":"./resource/pangu/policy_file/time.js","is_valid":1,"modified_time":"1716531859000000"} + {"uuid":"00000301-0000-0000-0000-000000000000","profile_name":"time","format":"js","insert_on":"before_page_load","path":"./resource/pangu/policy_file/time.js","is_valid":1,"modified_time":"1716531859000000"} ] }, { @@ -95,8 +203,8 @@ { "table_name": "APP_ID_DICT", "table_content": [ - {"app_id":67,"object_id":201,"app_name":"http","parent_app_id":0,"parent_app_name":null,"category":"general-internet","subcategory":"internet-utility","content":"unknown","risk":"1","characteristics":null,"deny_action":null,"depends_on_app_ids":"null","implicitly_uses_app_ids":"null","continue_scanning":0,"tcp_timeout":120,"udp_timeout":120,"tcp_half_close":0,"tcp_time_wait":0,"is_valid":1,"modified_time":"1716531859000000"}, - {"app_id":68,"object_id":68000,"app_name":"https","parent_app_id":0,"parent_app_name":null,"category":"general-internet","subcategory":"internet-utility","content":"unknown","risk":"1","characteristics":null,"deny_action":null,"depends_on_app_ids":"null","implicitly_uses_app_ids":"null","continue_scanning":0,"tcp_timeout":120,"udp_timeout":120,"tcp_half_close":0,"tcp_time_wait":0,"is_valid":1,"modified_time":"1716531859000000"} + {"app_id":67,"object_uuid":"00000201-0000-0000-0000-000000000000","app_name":"http","parent_app_id":0,"parent_app_name":null,"category":"general-internet","subcategory":"internet-utility","content":"unknown","risk":"1","characteristics":null,"deny_action":null,"depends_on_app_ids":"null","implicitly_uses_app_ids":"null","continue_scanning":0,"tcp_timeout":120,"udp_timeout":120,"tcp_half_close":0,"tcp_time_wait":0,"is_valid":1,"modified_time":"1716531859000000"}, + {"app_id":68,"object_uuid":"00068000-0000-0000-0000-000000000000","app_name":"https","parent_app_id":0,"parent_app_name":null,"category":"general-internet","subcategory":"internet-utility","content":"unknown","risk":"1","characteristics":null,"deny_action":null,"depends_on_app_ids":"null","implicitly_uses_app_ids":"null","continue_scanning":0,"tcp_timeout":120,"udp_timeout":120,"tcp_half_close":0,"tcp_time_wait":0,"is_valid":1,"modified_time":"1716531859000000"} ] } ] |