summaryrefslogtreecommitdiff
path: root/common/src/tfe_scan.cpp
diff options
context:
space:
mode:
Diffstat (limited to 'common/src/tfe_scan.cpp')
-rw-r--r--common/src/tfe_scan.cpp97
1 files changed, 19 insertions, 78 deletions
diff --git a/common/src/tfe_scan.cpp b/common/src/tfe_scan.cpp
index 4d2e585..3b959ec 100644
--- a/common/src/tfe_scan.cpp
+++ b/common/src/tfe_scan.cpp
@@ -126,123 +126,64 @@ int tfe_scan_ip_location(const struct tfe_stream *stream, long long *result, str
{
int scan_ret = 0;
int hit_cnt_ip = 0;
- size_t n_hit_result = 0;
+ size_t n_hit_result = 0;
uint16_t opt_out_size;
- char buff[TFE_STRING_MAX * 5] = {0};
- char src_city[TFE_STRING_MAX] = {0};
- char dst_city[TFE_STRING_MAX] = {0};
- char src_provine[TFE_STRING_MAX] = {0};
- char dst_provine[TFE_STRING_MAX] = {0};
- char src_country[TFE_STRING_MAX] = {0};
- char dst_country[TFE_STRING_MAX] = {0};
- char src_subdivsion[TFE_STRING_MAX] = {0};
- char dst_subdivsion[TFE_STRING_MAX] = {0};
+ char src_ip_location[TFE_STRING_MAX * 5] = {0};
+ char dst_ip_location[TFE_STRING_MAX * 5] = {0};
+
struct tfe_cmsg *cmsg = tfe_stream_get0_cmsg(stream);
if (cmsg != NULL)
{
- scan_ret = tfe_cmsg_get_value(cmsg, TFE_CMSG_SRC_IP_LOCATION_COUNTRY, (unsigned char *)src_country, sizeof(src_country), &opt_out_size);
+ scan_ret = tfe_cmsg_get_value(cmsg, TFE_CMSG_SRC_IP_LOCATION, (unsigned char *)src_ip_location, sizeof(src_ip_location), &opt_out_size);
if (scan_ret != 0)
{
TFE_LOG_ERROR(logger, "fetch src country from cmsg failed, ret: %d addr: %s", scan_ret, stream->str_stream_info);
}
- scan_ret = tfe_cmsg_get_value(cmsg, TFE_CMSG_DST_IP_LOCATION_COUNTRY, (unsigned char *)dst_country, sizeof(dst_country), &opt_out_size);
+ scan_ret = tfe_cmsg_get_value(cmsg, TFE_CMSG_DST_IP_LOCATION, (unsigned char *)dst_ip_location, sizeof(dst_ip_location), &opt_out_size);
if (scan_ret != 0)
{
TFE_LOG_ERROR(logger, "fetch dst country from cmsg failed, ret: %d addr: %s", scan_ret, stream->str_stream_info);
}
- scan_ret = tfe_cmsg_get_value(cmsg, TFE_CMSG_SRC_IP_LOCATION_PROVINE, (unsigned char *)src_provine, sizeof(src_provine), &opt_out_size);
- if (scan_ret != 0)
- {
- TFE_LOG_ERROR(logger, "fetch src provine from cmsg failed, ret: %d addr: %s", scan_ret, stream->str_stream_info);
- }
- scan_ret = tfe_cmsg_get_value(cmsg, TFE_CMSG_DST_IP_LOCATION_PROVINE, (unsigned char *)dst_provine, sizeof(dst_provine), &opt_out_size);
- if (scan_ret != 0)
- {
- TFE_LOG_ERROR(logger, "fetch dst provine from cmsg failed, ret: %d addr: %s", scan_ret, stream->str_stream_info);
- }
- scan_ret = tfe_cmsg_get_value(cmsg, TFE_CMSG_SRC_IP_LOCATION_CITY, (unsigned char *)src_city, sizeof(src_city), &opt_out_size);
- if (scan_ret != 0)
- {
- TFE_LOG_ERROR(logger, "fetch src city from cmsg failed, ret: %d addr: %s", scan_ret, stream->str_stream_info);
- }
- scan_ret = tfe_cmsg_get_value(cmsg, TFE_CMSG_DST_IP_LOCATION_CITY, (unsigned char *)dst_city, sizeof(dst_city), &opt_out_size);
- if (scan_ret != 0)
- {
- TFE_LOG_ERROR(logger, "fetch dst city from cmsg failed, ret: %d addr: %s", scan_ret, stream->str_stream_info);
- }
- scan_ret = tfe_cmsg_get_value(cmsg, TFE_CMSG_SRC_IP_LOCATION_SUBDIVISION, (unsigned char *)src_subdivsion, sizeof(src_subdivsion), &opt_out_size);
- if (scan_ret != 0)
- {
- TFE_LOG_ERROR(logger, "fetch src subdivsion from cmsg failed, ret: %d addr: %s", scan_ret, stream->str_stream_info);
- }
- scan_ret = tfe_cmsg_get_value(cmsg, TFE_CMSG_DST_IP_LOCATION_SUBDIVISION, (unsigned char *)dst_subdivsion, sizeof(dst_subdivsion), &opt_out_size);
- if (scan_ret != 0)
- {
- TFE_LOG_ERROR(logger, "fetch dst subdivsion from cmsg failed, ret: %d addr: %s", scan_ret, stream->str_stream_info);
- }
}
- TFE_LOG_DEBUG(logger, "fetch src country:%s provine:%s city:%s; subdivsion:%s, dst country:%s provine:%s city:%s subdivsion:%s addr: %s", src_country, src_provine, src_city, src_subdivsion, dst_country, dst_provine, dst_city, dst_subdivsion, stream->str_stream_info);
+ TFE_LOG_DEBUG(logger, "fetch src ip location: %s dst ip location: %s addr: %s", src_ip_location, dst_ip_location, stream->str_stream_info);
- if (strlen(dst_country) || strlen(dst_city))
+ if (strlen(dst_ip_location))
{
- memset(buff, 0, sizeof(buff));
-
- snprintf(buff, sizeof(buff),"%s.%s.%s.%s.", dst_country, dst_provine, dst_city, dst_subdivsion);
scan_ret = maat_scan_string((struct maat *)tfe_bussiness_resouce_get(STATIC_MAAT), tfe_bussiness_tableid_get(TABLE_SECURITY_DESTINATION_LOCATION),
- buff, strlen(buff), result + hit_cnt + hit_cnt_ip,MAX_SCAN_RESULT - hit_cnt - hit_cnt_ip,
+ dst_ip_location, strlen(dst_ip_location), result + hit_cnt + hit_cnt_ip, MAX_SCAN_RESULT - hit_cnt - hit_cnt_ip,
&n_hit_result, scan_mid);
if (scan_ret == MAAT_SCAN_HIT)
{
TFE_LOG_INFO(logger, "Scan TSG_SECURITY_DESTINATION_LOCATION, Hit location: %s scan ret: %d policy_id: %lld addr: %s",
- buff, scan_ret, result[hit_cnt + hit_cnt_ip], stream->str_stream_info);
+ dst_ip_location, scan_ret, result[hit_cnt + hit_cnt_ip], stream->str_stream_info);
hit_cnt_ip += n_hit_result;
}
else
{
TFE_LOG_INFO(logger, "Scan TSG_SECURITY_DESTINATION_LOCATION, NO hit location: %s scan ret: %d addr: %s",
- buff, scan_ret, stream->str_stream_info);
+ dst_ip_location, scan_ret, stream->str_stream_info);
}
- memset(buff, 0, sizeof(buff));
- if(strlen(dst_subdivsion))
- {
- snprintf(buff, sizeof(buff), "%s.%s.%s.%s", dst_country, dst_provine, dst_city, dst_subdivsion);
- }
- else
- {
- snprintf(buff, sizeof(buff), "%s.%s.%s", dst_country, dst_provine, dst_city);
- }
- *location_server = tfe_strdup(buff);
+ *location_server = (char *)ALLOC(char, strlen(dst_ip_location));
+ memcpy(*location_server,dst_ip_location,strlen(dst_ip_location)-1);
}
- if (strlen(src_country) || strlen(src_city))
+ if (strlen(src_ip_location))
{
- memset(buff, 0, sizeof(buff));
-
- snprintf(buff, sizeof(buff), "%s.%s.%s.%s.", src_country, src_provine, src_city, src_subdivsion);
scan_ret = maat_scan_string((struct maat *)tfe_bussiness_resouce_get(STATIC_MAAT), tfe_bussiness_tableid_get(TABLE_SECURITY_SOURCE_LOCATION),
- buff, strlen(buff),result + hit_cnt + hit_cnt_ip, MAX_SCAN_RESULT - hit_cnt - hit_cnt_ip,
+ src_ip_location, strlen(src_ip_location), result + hit_cnt + hit_cnt_ip, MAX_SCAN_RESULT - hit_cnt - hit_cnt_ip,
&n_hit_result, scan_mid);
if (scan_ret == MAAT_SCAN_HIT)
{
TFE_LOG_INFO(logger, "Scan TSG_SECURITY_SOURCE_LOCATION, Hit location: %s scan ret: %d policy_id: %lld addr: %s",
- buff, scan_ret, result[hit_cnt + hit_cnt_ip], stream->str_stream_info);
+ src_ip_location, scan_ret, result[hit_cnt + hit_cnt_ip], stream->str_stream_info);
hit_cnt_ip += n_hit_result;
}
else
{
TFE_LOG_INFO(logger, "Scan TSG_SECURITY_SOURCE_LOCATION, NO hit location: %s scan ret: %d addr: %s",
- buff, scan_ret, stream->str_stream_info);
+ src_ip_location, scan_ret, stream->str_stream_info);
}
-
- memset(buff, 0, sizeof(buff));
- if(strlen(src_subdivsion))
- {
- snprintf(buff, sizeof(buff), "%s.%s.%s.%s", src_country, src_provine, src_city, src_subdivsion);
- }
- else
- {
- snprintf(buff, sizeof(buff), "%s.%s.%s", src_country, src_provine, src_city);
- }
- *location_client = tfe_strdup(buff);
+ *location_client = (char *)ALLOC(char, strlen(src_ip_location));
+ memcpy(*location_client,src_ip_location, strlen(src_ip_location)-1);
}
return hit_cnt_ip;
generated by cgit v1.2.3 (git 2.39.1) at 2025-12-30 17:34:21 +0000