1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
|
{
"rule_table": "PXY_CTRL_RULE",
"object2object_table": "OBJECT_GROUP",
"rules": [
{
"uuid": "00001021-0000-0000-0000-000000000000",
"service": 1,
"action": "manipulate",
"blacklist_option": 1,
"log_option": "all",
"action_parameter": {"protocol":"http","method":"redirect","code":302,"to":"https://www.jd.com"},
"is_valid": "yes",
"and_conditions": [
{
"attribute_name": "ATTR_HTTP_URL",
"objects": [
{
"items": [
{
"table_name": "TSG_OBJ_URL",
"table_type": "expr",
"table_content": {
"expression": "baidu.com",
"expr_type": "and"
}
}
]
}
]
},
{
"attribute_name": "ATTR_APP_ID",
"negate_option": false,
"object_uuids": [
"00000201-0000-0000-0000-000000000000"
]
}
]
},
{
"uuid": "00001023-0000-0000-0000-000000000000",
"service": 1,
"action": "manipulate",
"blacklist_option": 1,
"log_option": "all",
"action_parameter": {"protocol":"http","method":"replace","rules":[{"search_in":"http_resp_body","find":"邮箱","replace_with":"test"}]},
"is_valid": "yes",
"and_conditions": [
{
"attribute_name": "ATTR_SERVER_FQDN",
"objects": [
{
"items": [
{
"table_name": "TSG_OBJ_FQDN",
"table_type": "expr",
"table_content": {
"expression": "baidu.com",
"expr_type": "and"
}
}
]
}
]
}
]
},
{
"uuid": "00001026-0000-0000-0000-000000000000",
"service": 1,
"action": "manipulate",
"blacklist_option": 1,
"log_option": "all",
"action_parameter": {"protocol":"http","method":"block","code":403,"message":"error"},
"is_valid": "yes",
"and_conditions": [
{
"attribute_name": "ATTR_HTTP_REQ_HDR",
"objects": [
{
"items": [
{
"table_name": "TSG_OBJ_KEYWORD",
"table_type": "expr",
"table_content": {
"expression": "Chrome",
"expr_type": "and"
}
}
]
}
]
},
{
"attribute_name": "ATTR_HTTP_REQ_HDR",
"objects": [
{
"items": [
{
"table_name": "TSG_OBJ_KEYWORD",
"table_type": "expr",
"table_content": {
"expression": "uid=12345678",
"expr_type": "and"
}
}
]
}
]
}
]
},
{
"uuid": "00001028-0000-0000-0000-000000000000",
"service": 1,
"action": "manipulate",
"blacklist_option": 1,
"log_option": "all",
"action_parameter": {"protocol":"http","method":"block","code":403,"message":"error"},
"is_valid": "yes",
"and_conditions": [
{
"attribute_name": "ATTR_HTTP_URL",
"objects": [
{
"items": [
{
"table_name": "TSG_OBJ_URL",
"table_type": "expr",
"table_content": {
"expression": "bing.com",
"expr_type": "and"
}
}
]
}
]
}
]
}
],
"plugin_table": [
{
"table_name": "TRAFFIC_MIRRORING_PROFILE",
"table_content": [
{"uuid":"TRAFFIC0-MIRR-0000-0000-000000000001","vlan_ids":[1,2,3,4,5,6,7,8,9],"is_valid":1}
]
},
{
"table_name": "RESPONSE_PAGE",
"table_content": [
{"uuid":"00000101-0000-0000-0000-000000000000","profile_name":"404","format":"html","path":"./resource/pangu/policy_file/404.html","is_valid":1,"modified_time":"1716531859000000"}
]
},
{
"table_name": "PROXY_HIJACK_FILE",
"table_content": [
{"uuid":"00000201-0000-0000-0000-000000000000","profile_name":"chakanqi","content_name":"chakanqi-947KB.exe","content_type":"application/x-msdos-program","path":"./resource/pangu/policy_file/chakanqi-947KB.exe","is_valid":1,"modified_time":"1716531859000000"}
]
},
{
"table_name": "PROXY_INJECT_SCRIPT",
"table_content": [
{"uuid":"00000301-0000-0000-0000-000000000000","profile_name":"time","format":"js","insert_on":"before_page_load","path":"./resource/pangu/policy_file/time.js","is_valid":1,"modified_time":"1716531859000000"}
]
},
{
"table_name": " DECRYPTION_PROFILE",
"table_content": [
{"uuid":"DECRYPT0-0000-0000-0000-000000000001","decryption":{"dynamic_bypass":{"ev_cert":0,"cert_transparency":0,"mutual_authentication":1,"cert_pinning":1,"protocol_errors":1,"trusted_root_cert_is_not_installed_on_client":1},"protocol_version":{"min":"ssl3","max":"ssl3","mirror_client":1,"allow_http2":1},"certificate_checks":{"approach":{"cn":1,"issuer":1,"self-signed":1,"expiration":0},"fail_action":"pass-through"}},"is_valid":1},
{"uuid":"DECRYPT0-0000-0000-0000-000000000003","decryption":{"dynamic_bypass":{"ev_cert":1,"cert_transparency":1,"mutual_authentication":1,"cert_pinning":1,"protocol_errors":1,"trusted_root_cert_is_not_installed_on_client":0},"protocol_version":{"min":"ssl3","max":"tls13","mirror_client":1,"allow_http2":1},"certificate_checks":{"approach":{"cn":1,"issuer":1,"self-signed":1,"expiration":1},"fail_action":"fail-close"}},"is_valid":1},
{"uuid":"DECRYPT0-0000-0000-0000-000000000004","decryption":{"dynamic_bypass":{"ev_cert":0,"cert_transparency":0,"mutual_authentication":0,"cert_pinning":0,"protocol_errors":0,"trusted_root_cert_is_not_installed_on_client":0},"protocol_version":{"min":"ssl3","max":"ssl3","mirror_client":0,"allow_http2":0},"certificate_checks":{"approach":{"cn":0,"issuer":0,"self-signed":0,"expiration":0},"fail_action":"pass-through"}},"is_valid":1}
]
},
{
"table_name": "PXY_INTERCEPT_RULE",
"table_content": [
{"uuid":"INTERCEP-0000-0000-0000-000000000001","action":"intercept", "log_option":"none", "action_parameter":{"vsys_id":1,"keyring_for_trusted":"KERING00-TRUS-0000-0000-000000000001","keyring_for_untrusted":"KERING00-UNTR-0000-0000-000000000001","decryption_profile":"DECRYPT0-0000-0000-0000-000000000001","tcp_option_profile":"TCPOPT00-0000-0000-0000-000000000001","traffic_mirroring":{"enable":0}},"is_valid":1},
{"uuid":"INTERCEP-0000-0000-0000-000000000002","action":"intercept", "log_option":"none","action_parameter":{"vsys_id":1,"keyring_for_trusted":"KERING00-TRUS-0000-0000-000000000001","keyring_for_untrusted":"KERING00-UNTR-0000-0000-000000000001","decryption_profile":"DECRYPT0-0000-0000-0000-000000000001","tcp_option_profile":"TCPOPT00-0000-0000-0000-000000000001","traffic_mirroring":{"enable":1,"mirroring_profile":"TRAFFIC0-MIRR-0000-0000-000000000001"}},"is_valid":1}
]
},
{
"table_name": "SERVICE_CHAINING_RULE",
"table_content": [
{"uuid":"SC000000-0000-0000-1111-000000000001","effective_range":{},"action_parameter":{"vsys_id":1,"targeted_traffic":"raw","sff_profiles":["00000000-0000-0000-2222-000000000001"]},"is_valid":1},
{"uuid":"SC000000-0000-0000-1111-000000000011","effective_range":{},"action_parameter":{"vsys_id":1,"targeted_traffic":"decrypted","sff_profiles":["00000000-0000-0000-2222-000000000001"]},"is_valid":1}
]
},
{
"table_name": "PROXY_TCP_OPTION_PROFILE",
"table_content": [
{"uuid":"TCPOPT00-0000-0000-0000-000000000001","tcp_passthrough":0,"bypass_duplicated_packet":0,"client_side_conn_param":{"tcp_maxseg":{"enable":0,"maxseg":1500},"nodelay":1,"keep_alive":{"enable":1,"tcp_keepcnt":8,"tcp_keepidle":30,"tcp_keepintvl":15},"ttl":70,"user_timeout":{"enable":1,"timeout_ms":600}},"server_side_conn_param":{"tcp_maxseg":{"enable":0,"maxseg":1500},"nodelay":1,"keep_alive":{"enable":1,"tcp_keepcnt":8,"tcp_keepidle":30,"tcp_keepintvl":15},"ttl":70,"user_timeout":{"enable":1,"timeout_ms":600}},"is_valid":1}
]
},
{
"table_name": "APP_ID_DICT",
"table_content": [
{"app_id":67,"object_uuid":"00000201-0000-0000-0000-000000000000","app_name":"http","is_valid":1},
{"app_id":68,"object_uuid":"00068000-0000-0000-0000-000000000000","app_name":"https","is_valid":1}
]
}
]
}
|
