// // Created by luqiu on 2018-5-15. // #ifndef TFE_HTTPSCAN_H #define TFE_HTTPSCAN_H #include #include "opts.h" #include "httpaction.h" /* Forward Declare */ class HttpScanSession; class HttpScan; class HttpSession; /* HttpScan Module Init/Deinit */ class HttpScan { public: HttpScan(struct tfe_instance * instance, struct tfe_config *config); ~HttpScan() = default; void handlerConnectionCreate(HttpConnection & ct); void handlerConnectionClose(HttpConnection & ct); /* Table Symbols */ protected: /* Global Instance */ tfe_instance * tfe_instance; /* Global Config */ tfe_config * tfe_config; /* Maat扫描句柄 */ Maat_feather_t maat_feather_ref; /* 控制编译表ID */ int table_id_ctrl_compile; /* IP配置表ID */ int table_id_ctrl_ip; /* URL配置表ID */ int table_id_ctrl_http_url; /* HTTP请求头部配置表ID */ int table_id_ctrl_http_req_hdr; /* HTTP请求体配置表ID */ int table_id_ctrl_http_req_body; /* HTTP应答头部配置表ID */ int table_id_ctrl_http_res_hdr; /* HTTP应答体配置表ID */ int table_id_ctrl_http_res_body; /* IP白名单扫描 */ int connection_bypass_scan(); int connection_bypass_do_action(); friend HttpScanSession; }; /* Httpscan Ctx per HTTP Session */ class HttpScanSession { public: explicit HttpScanSession(const HttpScan & httpscan_module); ~HttpScanSession(); /* HTTP请求、应答扫描 */ void ScanRequestHeader(HttpSession *http_session_ctx); void ScanRequestBody(HttpSession *http_session_ctx); void ScanResponseHeader(HttpSession *http_session_ctx); void ScanResponseBody(HttpSession *http_session_ctx); private: void hit_config_and_do_action(HttpSession *http_session_ctx); void hit_scan_error(); /* 最大命中结果数量 */ static constexpr int MAAT_SCAN_RESULT_ = 4; /* 默认内容编码 */ static constexpr auto MAAT_DEFAULT_CHARSET_ = CHARSET_GBK; /* HTTPSCAN Module句柄引用 */ const HttpScan & httpscan_module_ref_; /* 扫描中间句柄 */ scan_status_t maat_scan_mid_{nullptr}; /* 扫描命中结果 */ Maat_rule_t maat_scan_result_[MAAT_SCAN_RESULT_]; /* 扫描命中数量 */ int nr_maat_scan_result_{0}; }; #endif //TFE_HTTPSCAN_H