diff options
| author | 彭宣正 <[email protected]> | 2022-09-07 16:01:45 +0800 |
|---|---|---|
| committer | 彭宣正 <[email protected]> | 2022-09-07 19:54:52 +0800 |
| commit | b9fdb44645bc220b90c7fb2dcec36074d3590c6e (patch) | |
| tree | a91de1abd96748b53cfc452143dbb02c4d9e1c25 | |
| parent | 0fcf2b3dff4582ef6e2c47e048dc64edc3aee2de (diff) | |
✨ feat(TSG-11870): 支持dtls
| -rw-r--r-- | bin/tsg_static_tableinfo.conf | 1 | ||||
| -rw-r--r-- | inc/tsg_label.h | 1 | ||||
| -rw-r--r-- | src/tsg_entry.cpp | 29 | ||||
| -rw-r--r-- | src/tsg_entry.h | 4 | ||||
| -rw-r--r-- | src/tsg_rule.cpp | 1 | ||||
| -rw-r--r-- | src/tsg_send_log_internal.h | 1 |
6 files changed, 34 insertions, 3 deletions
diff --git a/bin/tsg_static_tableinfo.conf b/bin/tsg_static_tableinfo.conf index ac243c4..2d9ce82 100644 --- a/bin/tsg_static_tableinfo.conf +++ b/bin/tsg_static_tableinfo.conf @@ -83,3 +83,4 @@ 71 TSG_DYN_SUBSCRIBER_IP plugin {"key":3,"valid":5} -- 72 TSG_PROFILE_TRAFFIC_MIRROR plugin {"key":1,"valid":4} -- 73 TSG_DYN_MOBILE_IDENTITY_APN_TEID plugin {"key":2,"valid":7} -- +74 TSG_FIELD_DTLS_SNI virtual ["TSG_OBJ_FQDN","TSG_OBJ_FQDN_CAT"] --
\ No newline at end of file diff --git a/inc/tsg_label.h b/inc/tsg_label.h index 543b1f7..4aa7690 100644 --- a/inc/tsg_label.h +++ b/inc/tsg_label.h @@ -35,6 +35,7 @@ typedef enum _tsg_protocol PROTO_PPTP, PROTO_STRATUM, PROTO_RDP, + PROTO_DTLS, PROTO_MAX }tsg_protocol_t; diff --git a/src/tsg_entry.cpp b/src/tsg_entry.cpp index bfcadb5..1e9a344 100644 --- a/src/tsg_entry.cpp +++ b/src/tsg_entry.cpp @@ -13,6 +13,7 @@ #include <MESA/quic.h> #include <MESA/sip.h> #include <MESA/stratum.h> +#include <MESA/dtls.h> #include <MESA/stream.h> #include <MESA/MESA_prof_load.h> #include <MESA/MESA_handle_logger.h> @@ -106,7 +107,8 @@ id2field_t g_tsg_proto_name2id[PROTO_MAX]={{PROTO_UNKONWN, 0, "unknown"}, {PROTO_L2TP, 0, "L2TP"}, {PROTO_PPTP, 0, "PPTP"}, {PROTO_STRATUM, 0, "Stratum"}, - {PROTO_RDP, 0, "RDP"} + {PROTO_RDP, 0, "RDP"}, + {PROTO_DTLS, 0, "DTLS"} }; #define DECCRYPTION_EXCLUSION_ALLOW_POLICY_ID 1 @@ -414,6 +416,8 @@ static int get_table_id(tsg_protocol_t protocol) return g_tsg_para.table_id[TABLE_SSL_SNI]; case PROTO_QUIC: return g_tsg_para.table_id[TABLE_QUIC_SNI]; + case PROTO_DTLS: + return g_tsg_para.table_id[TABLE_DTLS_SNI]; default: break; } @@ -627,6 +631,10 @@ static int master_send_log(const struct streaminfo *a_stream, struct Maat_rule_t domain_field_name=log_field_id2name(g_tsg_log_instance, LOG_QUIC_SNI); TLD_append(TLD_handle, domain_field_name, (void *)context->domain, TLD_TYPE_STRING); break; + case PROTO_DTLS: + domain_field_name=log_field_id2name(g_tsg_log_instance, LOG_DTLS_SNI); + TLD_append(TLD_handle, domain_field_name, (void *)context->domain, TLD_TYPE_STRING); + break; default: break; } @@ -1556,6 +1564,23 @@ static int identify_application_protocol(const struct streaminfo *a_stream, stru return 1; } } + + if (g_tsg_para.proto_flag&(1<<PROTO_DTLS)) //DTLS + { + char sni_buff[512] = {0}; + int sni_len = 512; + bool is_dtls = dtls_identifyStream((streaminfo *)a_stream); + if (is_dtls) + { + context->proto = PROTO_DTLS; + ret = dtls_parse_sni((const char *)a_stream->pudpdetail->pdata, a_stream->pudpdetail->datalen, sni_buff, sni_len); + if (ret == 0 && strlen(sni_buff) > 0) + { + context->domain = malloc_copy_string(sni_buff, sni_len, a_stream->threadnum); + return 1; + } + } + } break; default: @@ -2212,7 +2237,7 @@ extern "C" int TSG_MASTER_INIT() g_tsg_para.default_vlan.num=1; MESA_load_profile_int_def(tsg_conffile, "TRAFFIC_MIRROR","DEFAULT_VLAN_ID", &(g_tsg_para.default_vlan.id[0]), 2); - MESA_load_profile_string_def(tsg_conffile, "SYSTEM", "IDENTIFY_PROTO_NAME", identify_proto_name, sizeof(identify_proto_name), "HTTP;SSL;DNS;FTP;BGP;MAIL;STREAMING_MEDIA;QUIC;SIP;SSH;Stratum;RDP;"); + MESA_load_profile_string_def(tsg_conffile, "SYSTEM", "IDENTIFY_PROTO_NAME", identify_proto_name, sizeof(identify_proto_name), "HTTP;SSL;DNS;FTP;BGP;MAIL;STREAMING_MEDIA;QUIC;SIP;SSH;Stratum;RDP;DTLS;"); tsg_proto_name2flag(identify_proto_name, &g_tsg_para.proto_flag); MESA_load_profile_int_def(tsg_conffile, "SYSTEM", "DATACENTER_ID", &g_tsg_para.datacenter_id, 0); diff --git a/src/tsg_entry.h b/src/tsg_entry.h index 4f78413..616d6bc 100644 --- a/src/tsg_entry.h +++ b/src/tsg_entry.h @@ -90,6 +90,7 @@ enum MASTER_STATIC_TABLE{ TABLE_DNS_PROFILE_RECORD,
TABLE_PROFILE_MIRROR,
TABLE_HTTP_URL,
+ TABLE_DTLS_SNI,
TABLE_MAX
};
@@ -171,7 +172,8 @@ struct gather_app_result {
int app_num;
enum APP_IDENTIFY_ORIGIN origin;
- struct app_attributes
attributes[MAX_APP_ID_NUM];
+ struct app_attributes
+ attributes[MAX_APP_ID_NUM];
};
struct l7_protocol
diff --git a/src/tsg_rule.cpp b/src/tsg_rule.cpp index 1930e6b..f6aaac2 100644 --- a/src/tsg_rule.cpp +++ b/src/tsg_rule.cpp @@ -1790,6 +1790,7 @@ int tsg_rule_init(const char* conffile, void *logger) MESA_load_profile_string_def(conffile, "MAAT", "DNS_PROFILE_RECORDS", g_tsg_para.table_name[TABLE_DNS_PROFILE_RECORD], _MAX_TABLE_NAME_LEN, (char *)"TSG_PROFILE_DNS_RECORDS"); MESA_load_profile_string_def(conffile, "MAAT", "TRAFFIC_MIRROR_PROFILE", g_tsg_para.table_name[TABLE_PROFILE_MIRROR], _MAX_TABLE_NAME_LEN, (char *)"TSG_PROFILE_TRAFFIC_MIRROR"); + MESA_load_profile_string_def(conffile, "MAAT", "DTLS_SNI_TABLE", g_tsg_para.table_name[TABLE_DTLS_SNI], _MAX_TABLE_NAME_LEN, "TSG_FIELD_DTLS_SNI"); MESA_load_profile_int_def(conffile, "MAAT","LOG_LEVEL", &log_level, 30); MESA_load_profile_string_def(conffile, "MAAT", "LOG_PATH", log_path, sizeof(log_path), "./tsglog/maat/tsg_maat.log"); diff --git a/src/tsg_send_log_internal.h b/src/tsg_send_log_internal.h index e173480..8c8a5b1 100644 --- a/src/tsg_send_log_internal.h +++ b/src/tsg_send_log_internal.h @@ -126,6 +126,7 @@ typedef enum _tsg_log_field_id LOG_COMMON_HTTP_RESPONSE_S3_FILE, LOG_COMMON_MAIL_EML_FILE, LOG_COMMON_VSYSTEM_ID, + LOG_DTLS_SNI, LOG_COMMON_MAX }tsg_log_field_id_t; |