diff options
| author | 刘学利 <[email protected]> | 2023-05-27 03:13:50 +0000 |
|---|---|---|
| committer | 刘学利 <[email protected]> | 2023-05-27 03:13:50 +0000 |
| commit | bc7909e57bba412ff1f7f5d323f5c44c20486d3a (patch) | |
| tree | f6c8b38459bd2084f1b6ff2fab0734a9d4ae340e | |
| parent | 7bd3fe594c32e865a3ab066d49326d0e5001b34b (diff) | |
TSG-15152: 在发送日志统计命中策略的信息,避免统计遗漏
| -rw-r--r-- | src/tsg_entry.cpp | 14 | ||||
| -rw-r--r-- | src/tsg_send_log.cpp | 5 | ||||
| -rw-r--r-- | test/src/gtest_sendlog.cpp | 5 |
3 files changed, 10 insertions, 14 deletions
diff --git a/src/tsg_entry.cpp b/src/tsg_entry.cpp index 2f98f78..fb72631 100644 --- a/src/tsg_entry.cpp +++ b/src/tsg_entry.cpp @@ -113,8 +113,6 @@ struct id2field g_tsg_fs2_field[TSG_FS2_MAX]={{0, TSG_FS2_TCP_LINKS, "tcp_links" {0, TSG_FS2_TUNNEL_LABEL_DEL, "t_label_del"} }; -#define DECCRYPTION_EXCLUSION_ALLOW_POLICY_ID 1 - static int init_page_template(const char *conffile) { char page_path[256]; @@ -1066,7 +1064,6 @@ static int session_runtime_process_log_send(const struct streaminfo *a_stream, s if (TLD_handle!=NULL) { tsg_send_log(g_tsg_log_instance, TLD_handle, a_stream, LOG_TYPE_SECURITY_EVENT, rules, n_rules, thread_seq); - tsg_set_policy_flow(a_stream, rules, thread_seq); return 1; } } @@ -1157,11 +1154,6 @@ static int session_runtime_process_log_send(const struct streaminfo *a_stream, s tsg_send_log(g_tsg_log_instance, TLD_handle, a_stream, LOG_TYPE_SECURITY_EVENT, rules, n_rules, thread_seq); - if(rules->rule_id!=DECCRYPTION_EXCLUSION_ALLOW_POLICY_ID) - { - tsg_set_policy_flow(a_stream, rules, thread_seq); - } - return 1; } @@ -1543,7 +1535,6 @@ static unsigned char matched_security_rules_deal(const struct streaminfo *a_stre if(is_deny_after_N_packets(p_rule)) { - tsg_set_policy_flow(a_stream, p_rule, a_stream->threadnum); session_matched_rules_notify(a_stream, TSG_SERVICE_SECURITY, p_rule, 1, a_stream->threadnum); if(a_stream->type==STREAM_TYPE_TCP) { @@ -1563,11 +1554,6 @@ static unsigned char matched_security_rules_deal(const struct streaminfo *a_stre break; } - if (srt_process_context->proto == PROTO_SSH) - { - tsg_set_policy_flow(a_stream, p_rule, a_stream->threadnum); - } - session_packet_capture_by_rules_notify(a_stream, security_rules, n_security_rules, a_stream->threadnum); session_matched_rules_notify(a_stream, TSG_SERVICE_SECURITY, security_rules, n_security_rules, a_stream->threadnum); break; diff --git a/src/tsg_send_log.cpp b/src/tsg_send_log.cpp index 7278af7..8bf86ff 100644 --- a/src/tsg_send_log.cpp +++ b/src/tsg_send_log.cpp @@ -2148,6 +2148,11 @@ int send_event_log(struct tsg_log_instance_t *_instance, struct TLD_handle_t *_h continue; } + if(a_stream!=NULL) + { + tsg_set_policy_flow(a_stream, &(rules[i]), thread_id); + } + switch(rules[i].do_log) { case LOG_ABORT: diff --git a/test/src/gtest_sendlog.cpp b/test/src/gtest_sendlog.cpp index 44d8497..b7d1214 100644 --- a/test/src/gtest_sendlog.cpp +++ b/test/src/gtest_sendlog.cpp @@ -122,6 +122,11 @@ void plugin_ex_data_security_compile_free(struct maat_compile * maat_compile) {
}
+int tsg_set_policy_flow(const struct streaminfo * a_stream, struct maat_rule * p_result, int thread_seq)
+{
+ return 0;
+}
+
TEST(MasterTest, SetVlan)
{
//int ret=set_vlan(NULL, NULL, NULL, 0, NULL, LOG_COMMON_TUNNELS_VLAN_SRC_ID);
|