发送QUIC白名单日志，填充QUIC_SNI字段v1.2.3.20.06

author: liuxueli <[email protected]> 2020-06-02 09:57:26 +0800
committer: liuxueli <[email protected]> 2020-06-02 09:57:26 +0800
commit: 1456eff40c4eec1241561601e6acabab4e8a1dd5 (patch)
tree: a896222bb93cec50163c633cd9fbe918410bfbf9
parent: 913b3cb35439786ad269c87598a950e5a20be62f (diff)
4 files changed, 52 insertions, 8 deletions
diff --git a/bin/tsg_log_field.conf b/bin/tsg_log_field.conf
index ae00fcd..eca350b 100644
--- a/bin/tsg_log_field.conf
+++ b/bin/tsg_log_field.conf
@@ -46,3 +46,4 @@ STRING		common_clinet_asn	39
 STRING		common_server_asn	40
 STRING		common_clinet_location	41
 STRING		common_server_location	42
+STRING		quic_sni		43
diff --git a/src/tsg_entry.cpp b/src/tsg_entry.cpp
index b17ea5f..aead829 100644
--- a/src/tsg_entry.cpp
+++ b/src/tsg_entry.cpp
@@ -335,6 +335,9 @@ static char *schema_index2string(tsg_protocol_t proto)
 		case	PROTO_STREAMING_MEDIA:
 			schema_field_value=(char *)"STREAMING_MEDIA";
 			break;
+		case	PROTO_QUIC:
+			schema_field_value=(char *)"QUIC";
+			break;
 		default:
 			break;
 	}
@@ -361,10 +364,22 @@ static int master_send_log(struct streaminfo *a_stream, struct Maat_rule_t *p_re
 			TLD_append(TLD_handle, schema_field_name, (void *)schema_field_value, TLD_TYPE_STRING);
 		}
 
-		if(identify_info->proto==PROTO_HTTP || identify_info->proto==PROTO_SSL)
+		switch(identify_info->proto)
 		{
-			domain_field_name=log_field_id2name(g_tsg_log_instance, ((identify_info->proto==PROTO_HTTP) ? LOG_HTTP_HOST : LOG_SSL_SNI));
-			TLD_append(TLD_handle, domain_field_name, (void *)identify_info->domain, TLD_TYPE_STRING);
+			case	PROTO_HTTP:
+				domain_field_name=log_field_id2name(g_tsg_log_instance, LOG_HTTP_HOST);
+				TLD_append(TLD_handle, domain_field_name, (void *)identify_info->domain, TLD_TYPE_STRING);
+				break;
+			case	PROTO_SSL:
+				domain_field_name=log_field_id2name(g_tsg_log_instance, LOG_SSL_SNI);
+				TLD_append(TLD_handle, domain_field_name, (void *)identify_info->domain, TLD_TYPE_STRING);
+				break;
+			case	PROTO_QUIC:
+				domain_field_name=log_field_id2name(g_tsg_log_instance, LOG_QUIC_SNI);
+				TLD_append(TLD_handle, domain_field_name, (void *)identify_info->domain, TLD_TYPE_STRING);
+				break;
+			default:
+				break;
 		}
 	}
 	
@@ -863,7 +878,7 @@ extern "C" char TSG_MASTER_TCP_ENTRY(struct streaminfo *a_tcp, void **pme, int t
 
 extern "C" char TSG_MASTER_UDP_ENTRY(struct streaminfo *a_udp, void **pme, int thread_seq,void *a_packet)
 {
-	int ret=0,opt_value=0;
+	int ret=0;
 	int hit_num=0;
 	scan_status_t mid=NULL;
 	int state=APP_STATE_GIVEME;
@@ -932,20 +947,42 @@ extern "C" char TSG_MASTER_UDP_ENTRY(struct streaminfo *a_udp, void **pme, int t
 				switch((unsigned char)p_result->action)
 				{
 					case	TSG_ACTION_DENY:
-						opt_value=1;
+						#if 0
+						int opt_value=1;
 						MESA_set_stream_opt(a_udp, MSO_DROP_STREAM, (void *)&opt_value, sizeof(opt_value));
 						FS_operate(g_tsg_para.fs2_handle, g_tsg_para.fs2_field_id[TSG_FS2_DENY], 0, FS_OP_ADD, 1);
 						
 						return APP_STATE_DROPME|APP_STATE_DROPPKT;
+						#endif
 						break;
 					case	TSG_ACTION_BYPASS:
 						init_context(pme, identify_info.proto, p_result, thread_seq);
+						if(identify_info.proto>PROTO_UNKONWN && identify_info.proto<PROTO_MAX)
+						{
+							_context=(struct _master_context *)*pme;
+							memcpy(_context->domain, identify_info.domain, identify_info.domain_len);
+							_context->domain_len=identify_info.domain_len;
+						}
+						
 						FS_operate(g_tsg_para.fs2_handle, g_tsg_para.fs2_field_id[TSG_FS2_BYPASS], 0, FS_OP_ADD, 1);
+
+						MESA_handle_runtime_log(g_tsg_para.logger,
+												RLOG_LV_DEBUG,
+												"ALLOW",
+												"Hit allow policy, policy_id: %d service: %d action: %d addr: %s",
+												p_result[0].config_id,
+												p_result[0].service_id,
+												(unsigned char)p_result[0].action,
+												printaddr(&a_udp->addr, thread_seq)
+												);
+						
 						state=APP_STATE_GIVEME|APP_STATE_KILL_OTHER;
 						break;
 					case	TSG_ACTION_MONITOR:
+						#if 0
 						init_context(pme, identify_info.proto, p_result, thread_seq);
 						state=APP_STATE_GIVEME;
+						#endif
 						break;
 					case	TSG_ACTION_INTERCEPT:
 					case	TSG_ACTION_MANIPULATE:
@@ -964,6 +1001,11 @@ extern "C" char TSG_MASTER_UDP_ENTRY(struct streaminfo *a_udp, void **pme, int t
 				{
 					memset(&identify_info, 0, sizeof(identify_info));
 					identify_info.proto=_context->proto;
+					if(_context->domain_len>0)
+					{
+						memcpy(identify_info.domain, _context->domain, _context->domain_len);
+						identify_info.domain_len=_context->domain_len;
+					}
 					
 					master_send_log(a_udp, _context->result, _context->hit_cnt, &identify_info, thread_seq);
 					free_context(pme, thread_seq);
diff --git a/src/tsg_send_log.cpp b/src/tsg_send_log.cpp
index b070806..f1c11b2 100644
--- a/src/tsg_send_log.cpp
+++ b/src/tsg_send_log.cpp
@@ -19,7 +19,7 @@
 #include "tsg_send_log.h"
 #include "tsg_send_log_internal.h"
 
-char TSG_SEND_LOG_VERSION_20200522=0;
+char TSG_SEND_LOG_VERSION_20200602=0;
 struct tsg_log_instance_t *g_tsg_log_instance;
 
 
@@ -191,14 +191,14 @@ int set_common_field_from_label(struct tsg_log_instance_t *_instance, struct TLD
 		if(internal_label->client_location!=NULL)
 		{
 			location=internal_label->client_location;
-			snprintf(buff, sizeof(buff), "%s%s%s", location->country_full, (strlen(location->city_full)>0) ? "." : "", location->city_full);
+			snprintf(buff, sizeof(buff), "%s%s%s%s%s", location->country_full, (strlen(location->province_full)>0) ? ";" : "", location->province_full, (strlen(location->city_full)>0) ? ";" : "", location->city_full);
 			TLD_append(_handle, _instance->id2field[LOG_COMMON_CLINET_LOCATION].name, (void *)buff, TLD_TYPE_STRING);
 		}
 
 		if(internal_label->server_location!=NULL)
 		{
 			location=internal_label->server_location;
-			snprintf(buff, sizeof(buff), "%s%s%s", location->country_full, (strlen(location->city_full)>0) ? "." : "", location->city_full);
+			snprintf(buff, sizeof(buff), "%s%s%s%s%s", location->country_full, (strlen(location->province_full)>0) ? ";" : "", location->province_full, (strlen(location->city_full)>0) ? ";" : "", location->city_full);
 			TLD_append(_handle, _instance->id2field[LOG_COMMON_SERVER_LOCATION].name, (void *)buff, TLD_TYPE_STRING);
 		}
 	}
diff --git a/src/tsg_send_log_internal.h b/src/tsg_send_log_internal.h
index 4aa55e3..c855f4e 100644
--- a/src/tsg_send_log_internal.h
+++ b/src/tsg_send_log_internal.h
@@ -65,6 +65,7 @@ typedef enum _tsg_log_field_id
 	LOG_COMMON_SERVER_ASN,
 	LOG_COMMON_CLINET_LOCATION,
 	LOG_COMMON_SERVER_LOCATION,
+	LOG_QUIC_SNI,
 	LOG_COMMON_MAX
 }tsg_log_field_id_t;
author	liuxueli <[email protected]>	2020-06-02 09:57:26 +0800
committer	liuxueli <[email protected]>	2020-06-02 09:57:26 +0800
commit	1456eff40c4eec1241561601e6acabab4e8a1dd5 (patch)
tree	a896222bb93cec50163c633cd9fbe918410bfbf9
parent	913b3cb35439786ad269c87598a950e5a20be62f (diff)