TSG-13520,TSG-13356: 支持通过tsg_pull_shaping_result函数获取命中的shaping策略,增加common_shaping_rule_ids日志字段,支持通过bridge接口及时通知命中的shaping策略,增加gtest测试用例v5.10.0

24 files changed, 1128 insertions, 436 deletions

diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml
index 6f69be0..666e385 100644
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@@ -8,6 +8,8 @@ variables:
 
 stages:
 - build
+- test
+- package
 
 .build_before_script:
   before_script:
@@ -42,7 +44,31 @@ stages:
     - ./ci/travis.sh
   tags:
     - share
-  
+
+run_test_for_centos7:
+  stage: test
+  extends: .build_by_travis_for_centos7
+  script:
+    - yum makecache
+    - ./ci/travis.sh
+    - cd build
+    - make test
+    - cd testing
+    - ./gtest_rule
+    - ./gtest_master
+
+run_test_for_centos8:
+  stage: test
+  extends: .build_by_travis_for_centos8
+  script:
+    - yum makecache
+    - ./ci/travis.sh
+    - cd build
+    - make test
+    - cd testing
+    - ./gtest_rule
+    - ./gtest_master
+
 branch_build_debug_for_centos7:
   stage: build
   extends: .build_by_travis_for_centos7
@@ -101,7 +127,7 @@ develop_build_release_for_centos7:
     - /^master.*$/i
 
 release_build_debug_for_centos7:
-  stage: build
+  stage: package
   variables:
     BUILD_TYPE: Debug
     PACKAGE: 1
@@ -117,7 +143,7 @@ release_build_debug_for_centos7:
     - tags
 
 release_build_release_for_centos7:
-  stage: build
+  stage: package
   variables:
     BUILD_TYPE: RelWithDebInfo
     PACKAGE: 1
@@ -192,7 +218,7 @@ develop_build_release_for_centos8:
     - /^master.*$/i
 
 release_build_debug_for_centos8:
-  stage: build
+  stage: package
   variables:
     BUILD_TYPE: Debug
     PACKAGE: 1
@@ -208,7 +234,7 @@ release_build_debug_for_centos8:
     - tags
 
 release_build_release_for_centos8:
-  stage: build
+  stage: package
   variables:
     BUILD_TYPE: RelWithDebInfo
     PACKAGE: 1
diff --git a/CMakeLists.txt b/CMakeLists.txt
index d39c8f4..9944579 100644
--- a/CMakeLists.txt
+++ b/CMakeLists.txt
@@ -37,7 +37,7 @@ set(CMAKE_INSTALL_PREFIX /home/mesasoft/sapp_run)
 add_subdirectory(support)
 add_subdirectory(src) 
 add_subdirectory(vendor)
-add_subdirectory(test)
+add_subdirectory(test/src)
 
 enable_testing()
 add_subdirectory(./ctest)
diff --git a/bin/tsg_log_field.conf b/bin/tsg_log_field.conf
index 3a5b7f8..ecfaeb7 100644
--- a/bin/tsg_log_field.conf
+++ b/bin/tsg_log_field.conf
@@ -122,3 +122,4 @@ STRING  	common_tunnel_endpoint_b_desc   109
 LONG		common_t_vsys_id		110
 STRING		common_app_full_path	111
 LONG		common_flags		112
+LONG		common_shaping_rule_ids	113
diff --git a/bin/tsg_static_tableinfo.conf b/bin/tsg_static_tableinfo.conf
index d76ed27..dd9fa64 100644
--- a/bin/tsg_static_tableinfo.conf
+++ b/bin/tsg_static_tableinfo.conf
@@ -9,7 +9,9 @@
 #quickswitch quickon or quick off
 #id	name			type	src_charset	dst_charset	do_merge cross_cache quickswitch
 0	TSG_SECURITY_COMPILE	compile	escape	--
+0	TRAFFIC_SHAPING_COMPILE	compile	escape	--
 1	GROUP_COMPILE_RELATION	group2compile	--
+1	GROUP_SHAPING_COMPILE_RELATION	group2compile	--
 2	GROUP_GROUP_RELATION	group2group	--
 3	TSG_OBJ_IP_ADDR	ip_plus	UTF8	UTF8	no	0
 3	TSG_OBJ_IP_LEARNING_ADDR	ip_plus	UTF8	UTF8	no	0
@@ -90,4 +92,5 @@
 78	TSG_TUNNEL_LABEL	plugin	{"key":2,"valid":3}	--
 79	TSG_SECURITY_TUNNEL	virtual	TSG_OBJ_TUNNEL_ID	--
 80 	TSG_OBJ_FLAG	flag	--
-81  	TSG_SECURITY_FLAG	virtual		TSG_OBJ_FLAG	--
\ No newline at end of file
+81  	TSG_SECURITY_FLAG	virtual		TSG_OBJ_FLAG	--
+82	TRAFFIC_SHAPING_PROFILE	plugin	{"key":1,"valid":8}
\ No newline at end of file
diff --git a/ctest/CMakeLists.txt b/ctest/CMakeLists.txt
index 9b22c63..ba5a437 100644
--- a/ctest/CMakeLists.txt
+++ b/ctest/CMakeLists.txt
@@ -2,16 +2,16 @@ cmake_minimum_required (VERSION 2.8)
 
 project(sapp_ctest)
 
-add_test(NAME COPY_CREATE_DIR COMMAND sh -c "mkdir -p ${CMAKE_BINARY_DIR}/testing/ ${CMAKE_BINARY_DIR}/testing/plug")
-add_test(NAME COPY_MASTER_GTEST_BIN COMMAND sh -c "cp ${CMAKE_BINARY_DIR}/test/master_gtest ${CMAKE_BINARY_DIR}/testing/")
-add_test(NAME COPY_MASTER_GTEST_CONF COMMAND sh -c "cp -r ${CMAKE_SOURCE_DIR}/test/bin/etc/ ${CMAKE_BINARY_DIR}/testing/")
-add_test(NAME COPY_MASTER_GTEST_CONFLIST COMMAND sh -c "cp -r ${CMAKE_SOURCE_DIR}/test/bin/conflist.inf ${CMAKE_BINARY_DIR}/testing/plug")
+add_test(NAME COPY_CREATE_DIR COMMAND sh -c "mkdir -p ${CMAKE_BINARY_DIR}/testing/tsgconf/ ")
+add_test(NAME COPY_GTEST_MAIN_CONF COMMAND sh -c "cp -r ${CMAKE_SOURCE_DIR}/bin/main.conf ${CMAKE_BINARY_DIR}/testing/tsgconf/")
+add_test(NAME COPY_GTEST_MAAT_CONF COMMAND sh -c "cp -r ${CMAKE_SOURCE_DIR}/bin/maat.conf ${CMAKE_BINARY_DIR}/testing/tsgconf/")
+add_test(NAME COPY_GTEST_LOG_CONF COMMAND sh -c "cp -r ${CMAKE_SOURCE_DIR}/bin/tsg_log_field.conf ${CMAKE_BINARY_DIR}/testing/tsgconf/")
+add_test(NAME COPY_GTEST_PROTO_CONF COMMAND sh -c "cp -r ${CMAKE_SOURCE_DIR}/bin/tsg_l7_protocol.conf ${CMAKE_BINARY_DIR}/testing/tsgconf/")
+add_test(NAME COPY_GTEST_TABLEINFO COMMAND sh -c "cp -r ${CMAKE_SOURCE_DIR}/bin/tsg_static_tableinfo.conf ${CMAKE_BINARY_DIR}/testing/tsgconf/")
+add_test(NAME COPY_GTEST_MAAT_RULE COMMAND sh -c "cp -r ${CMAKE_SOURCE_DIR}/test/bin/gtest_maat.json ${CMAKE_BINARY_DIR}/testing/tsgconf/tsg_maat.json")
 
-
-add_test(NAME COPY_MASTER_DIR COMMAND sh -c "mkdir -p ${CMAKE_BINARY_DIR}/testing/plug/platform/tsg_master/")
-add_test(NAME COPY_MASTER_INF COMMAND sh -c "cp ${CMAKE_SOURCE_DIR}/bin/tsg_master.inf ${CMAKE_BINARY_DIR}/testing/plug/platform/tsg_master/tsg_master.inf")
-add_test(NAME COPY_MASTER_SO COMMAND sh -c "cp ${CMAKE_BINARY_DIR}/test/tsg_master_gtest.so ${CMAKE_BINARY_DIR}/testing/plug/platform/tsg_master/tsg_master.so")
-add_test(NAME COPY_MASTER_CONF COMMAND sh -c "cp -r ${CMAKE_SOURCE_DIR}/bin/ ${CMAKE_BINARY_DIR}/testing/tsgconf")
+add_test(NAME COPY_GTEST_RULE_BIN COMMAND sh -c "cp ${CMAKE_BINARY_DIR}/test/src/gtest_rule ${CMAKE_BINARY_DIR}/testing/")
+add_test(NAME COPY_GTEST_MASTER COMMAND sh -c "cp -r ${CMAKE_BINARY_DIR}/test/src/gtest_master ${CMAKE_BINARY_DIR}/testing/")
 
 add_test(NAME FAKE_TEST COMMAND sh -c "pwd")
 
diff --git a/inc/tsg_label.h b/inc/tsg_label.h
index a674ded..03258e7 100644
--- a/inc/tsg_label.h
+++ b/inc/tsg_label.h
@@ -107,23 +107,6 @@ struct session_attribute_label
 	unsigned long session_flags;
 };
 
-struct policy_priority_label
-{
-	tsg_protocol_t proto;	//enum _tsg_protocol (tsg_types.h)
-	int domain_len;
-	int result_type;	//enum _PULL_RESULT_TYPE (tsg_rule.h)
-	int result_num;
-	union
-	{
-		char *http_url;
-		char *quic_ua;
-		void *para;
-	};
-	char domain[MAX_DOMAIN_LEN];
-	Maat_rule_t result[MAX_RESULT_NUM];
-};
-
-
 struct tsg_conn_sketch_notify_data
 {
 	tsg_protocol_t protocol;
@@ -135,6 +118,11 @@ struct tsg_conn_sketch_notify_data
 	}pdata;
 };
 
+struct notify_shaping_policy
+{
+	int shaping_result_num;
+	struct Maat_rule_t shaping_result[MAX_RESULT_NUM];
+};
 
 enum NOTIFY_TYPE
 {
diff --git a/inc/tsg_rule.h b/inc/tsg_rule.h
index 3545288..42f3542 100644
--- a/inc/tsg_rule.h
+++ b/inc/tsg_rule.h
@@ -12,6 +12,7 @@
 #define	TSG_ACTION_MONITOR		0x01
 #define	TSG_ACTION_INTERCEPT	0x02
 #define	TSG_ACTION_DENY			0x10
+#define	TSG_ACTION_SHAPING		0x20
 #define	TSG_ACTION_MANIPULATE	0x30
 #define	TSG_ACTION_BYPASS		0x80
 #define	TSG_ACTION_MAX			0x80
@@ -54,6 +55,8 @@ int tsg_rule_init(const char *conffile, void *logger);
 
 int tsg_scan_nesting_addr(Maat_feather_t maat_feather, const struct streaminfo *a_stream, tsg_protocol_t proto, scan_status_t *mid, Maat_rule_t*result, int result_num);
 int tsg_pull_policy_result(struct streaminfo *a_stream, PULL_RESULT_TYPE pull_result_type, Maat_rule_t*result, int result_num, struct identify_info *identify_info);
+int tsg_pull_shaping_result(struct streaminfo *a_stream, Maat_rule_t*result, int result_num);
+
 char *tsg_pull_quic_ua(struct streaminfo *a_stream);
 char *tsg_pull_http_url(struct streaminfo *a_stream);
 
@@ -86,5 +89,6 @@ int tsg_get_fqdn_category_id(Maat_feather_t maat_feather, char *fqdn, unsigned i
 int tsg_scan_app_id_policy(Maat_feather_t maat_feather, const struct streaminfo *a_stream, struct Maat_rule_t *result, int result_num, scan_status_t *mid, char *name, unsigned int id, int thread_seq);
 int tsg_scan_fqdn_category_id(Maat_feather_t maat_feather, const struct streaminfo *a_stream, struct Maat_rule_t *result, int result_num, scan_status_t *mid, int table_id, unsigned int *category_id, int category_id_num, int thread_seq);
 int tsg_notify_hited_monitor_result(const struct streaminfo *a_stream, struct Maat_rule_t *result, int result_num, int thread_seq);
+int tsg_notify_hited_shaping_result(const struct streaminfo *a_stream, struct Maat_rule_t *result, int result_num, int thread_seq);
 
 #endif
diff --git a/src/tsg_entry.cpp b/src/tsg_entry.cpp
index 94f6b30..245bc9c 100644
--- a/src/tsg_entry.cpp
+++ b/src/tsg_entry.cpp
@@ -66,6 +66,7 @@ id2field_t g_tsg_fs2_field[TSG_FS2_MAX]={{0, TSG_FS2_TCP_LINKS, "tcp_links"},
 										 {0, TSG_FS2_HIT_ADDR, "hit_addr"},
 										 {0, TSG_FS2_HIT_SHARE, "hit_share"},
 										 {0, TSG_FS2_INTERCEPT, "intercept"},
+										 {0, TSG_FS2_SHAPING, "shaping"},
 										 {0, TSG_FS2_EXCLUSION, "exclusion"},
 										 {0, TSG_FS2_APP_DPKT_RESULT, "D_result"},
 										 {0, TSG_FS2_APP_Q_RESULT, "Q_result"},
@@ -880,6 +881,15 @@ static void free_tcpall_label(int thread_seq, void *project_req_value)
 	return ;
 }
 
+void free_shaping_result(const struct streaminfo *stream, int bridge_id, void *data)
+{
+	if(data!=NULL)
+	{
+		dictator_free(stream->threadnum, data);
+		data=NULL;
+	}
+}
+
 void free_policy_label(int thread_seq, void *project_req_value)
 {
 	if(project_req_value!=NULL)
@@ -956,84 +966,6 @@ static void copy_monitor_result(const struct streaminfo *a_stream, struct master
 
 }
 
-static void copy_result_to_project(const struct streaminfo *a_stream, struct master_context *context, struct Maat_rule_t *p_result, PULL_RESULT_TYPE result_type, int thread_seq)
-{
-	int ret=0;
-	struct policy_priority_label *priority_label=NULL;	
-
-	priority_label=(struct policy_priority_label *)project_req_get_struct((struct streaminfo *)a_stream, g_tsg_para.priority_project_id);
-	if(priority_label==NULL)
-	{
-		priority_label=(struct policy_priority_label *)dictator_malloc(thread_seq, sizeof(struct policy_priority_label));	
-		memset(priority_label, 0, sizeof(struct policy_priority_label));
-	}
-	else
-	{
-		MESA_handle_runtime_log(g_tsg_para.logger, 
-										RLOG_LV_DEBUG,
-										"DUP_HIT_POLICY",
-										"Hit policy, domain: %s policy_id: %d action: %d addr: %s",
-										(context->domain!=NULL ? context->domain : ""),
-										p_result->config_id,
-										(unsigned char)p_result->action,
-										PRINTADDR(a_stream, g_tsg_para.level)
-									);
-	}
-	
-
-	priority_label->proto=context->proto;
-	if(context->domain!=NULL)
-	{
-		priority_label->domain_len=MIN(sizeof(priority_label->domain)-1 ,strlen(context->domain));
-		memcpy(priority_label->domain, context->domain, priority_label->domain_len);
-	}
-
-	if(context->para!=NULL)
-	{
-		int length=strlen(context->http_url);
-		priority_label->para=dictator_malloc(thread_seq,length+1);
-		memcpy(priority_label->para, context->para, length);
-		((char *)priority_label->para)[length]='\0';
-	}
-
-	if(priority_label->result_num<=0 || (priority_label->result[0].action < p_result->action))
-	{
-		priority_label->result_num=1;
-		priority_label->result_type=result_type;
-		memcpy(priority_label->result, p_result, sizeof(struct Maat_rule_t));
-	}
-	
-	ret=project_req_add_struct((struct streaminfo *)a_stream, g_tsg_para.priority_project_id, (void *)priority_label);
-	if(ret<0)
-	{
-		free_policy_label(thread_seq, (void *)priority_label);
-		MESA_handle_runtime_log(g_tsg_para.logger,
-										RLOG_LV_FATAL,
-										"PROJECT_ADD",
-										"Add policy_priority_label failed, policy, domain: %s para(url/ua): %s policy_id: %d action: %d addr: %s",
-										(context->domain!=NULL ? context->domain : ""),
-										(context->para!=NULL ? context->http_url : ""),
-										priority_label->result[0].config_id,
-										(unsigned char)priority_label->result[0].action,
-										PRINTADDR(a_stream, g_tsg_para.level)
-									);
-		return ;
-	}
-	
-	MESA_handle_runtime_log(g_tsg_para.logger, 
-									RLOG_LV_DEBUG,
-									"COPY_RESULT",
-									"Hit policy, domain: %s para(url/ua): %s policy_id: %d action: %d addr: %s",
-									(context->domain!=NULL ? context->domain : ""),
-									(context->para!=NULL ? context->http_url : ""),
-									priority_label->result[0].config_id,
-									(unsigned char)priority_label->result[0].action,
-									PRINTADDR(a_stream, g_tsg_para.level)
-								);
-
-	return ;
-}
-
 static void copy_bypass_result(const struct streaminfo *a_stream, struct master_context *context, struct Maat_rule_t *p_result, int thread_seq)
 {
 	if(context->result==NULL)
@@ -1424,6 +1356,155 @@ char get_direction_from_tcpall(const struct streaminfo *a_stream)
 	return -1;
 }
 
+int get_shaping_result(struct Maat_rule_t *hit_result, int hit_num, struct Maat_rule_t *shaping_result, int shaping_result_num)
+{
+	int shaping_cnt=0;
+	for(int i=0; i<hit_num; i++)
+	{
+		if(hit_result[i].action==TSG_ACTION_SHAPING && shaping_cnt<shaping_result_num)
+		{
+			memcpy(&shaping_result[shaping_cnt++], &hit_result[i], sizeof(struct Maat_rule_t));
+		}
+	}
+
+	return shaping_cnt;
+}
+
+static void set_shaping_result_to_project(const struct streaminfo *a_stream, struct Maat_rule_t *p_result, int p_result_num, int thread_seq)
+{
+	if(p_result==NULL || p_result_num==0)
+	{
+		return ;
+	}
+	
+	struct notify_shaping_policy *shaping_label=(struct notify_shaping_policy *)stream_bridge_async_data_get((struct streaminfo *)a_stream, g_tsg_para.bridge_id[BRIDGE_TYPE_NOTIFY_SHAPING_RESULT]);
+	if(shaping_label==NULL)
+	{
+		shaping_label=(struct notify_shaping_policy *)dictator_malloc(thread_seq, sizeof(struct notify_shaping_policy));	
+		memset(shaping_label, 0, sizeof(struct notify_shaping_policy));
+	}
+
+	int inc_result_num=0;
+	struct Maat_rule_t *inc_result=&(shaping_label->shaping_result[shaping_label->shaping_result_num]);
+	int num=MIN(MAX_RESULT_NUM-shaping_label->shaping_result_num, p_result_num);
+	for(int i=0; i<num; i++)
+	{
+		int repeat_result=0;
+		for(int j=0; j<shaping_label->shaping_result_num+inc_result_num; j++)
+		{
+			if(p_result[i].config_id==shaping_label->shaping_result[j].config_id)
+			{
+				repeat_result=1;
+				break;
+			}
+		}
+
+		if(repeat_result==0)
+		{
+			memcpy(&(inc_result[inc_result_num++]), &(p_result[i]), sizeof(struct Maat_rule_t));
+		}
+	}
+
+	struct notify_shaping_policy sync_result={0, {0}};
+	sync_result.shaping_result_num=inc_result_num;
+	memcpy(sync_result.shaping_result, inc_result, inc_result_num*sizeof(struct Maat_rule_t));
+	stream_bridge_sync_data_put(a_stream, g_tsg_para.bridge_id[BRIDGE_TYPE_NOTIFY_SHAPING_RESULT], (void *)&sync_result);
+
+	shaping_label->shaping_result_num+=inc_result_num;
+	int ret=stream_bridge_async_data_put((struct streaminfo *)a_stream, g_tsg_para.bridge_id[BRIDGE_TYPE_NOTIFY_SHAPING_RESULT], (void *)shaping_label);
+	if(ret<0)
+	{
+		free_shaping_result(a_stream, g_tsg_para.bridge_id[BRIDGE_TYPE_NOTIFY_SHAPING_RESULT], (void *)shaping_label);
+		return ;
+	}
+}
+
+int tsg_notify_hited_shaping_result(const struct streaminfo *a_stream, struct Maat_rule_t *result, int result_num, int thread_seq)
+{
+	set_shaping_result_to_project(a_stream, result, result_num, thread_seq);
+	return 0;
+}
+
+
+static void set_security_result_to_project(const struct streaminfo *a_stream, struct master_context *context, struct Maat_rule_t *p_result, int p_result_num, PULL_RESULT_TYPE result_type, int thread_seq)
+{
+	if(p_result==NULL || p_result_num==0)
+	{
+		return ;
+	}
+
+	struct policy_priority_label *priority_label=(struct policy_priority_label *)project_req_get_struct((struct streaminfo *)a_stream, g_tsg_para.priority_project_id);
+	if(priority_label==NULL)
+	{
+		priority_label=(struct policy_priority_label *)dictator_malloc(thread_seq, sizeof(struct policy_priority_label));	
+		memset(priority_label, 0, sizeof(struct policy_priority_label));
+	}
+	else
+	{
+		MESA_handle_runtime_log(g_tsg_para.logger, 
+										RLOG_LV_DEBUG,
+										"DUP_HIT_POLICY",
+										"Hit policy, domain: %s policy_id: %d action: %d addr: %s",
+										(context->domain!=NULL ? context->domain : ""),
+										p_result->config_id,
+										(unsigned char)p_result->action,
+										PRINTADDR(a_stream, g_tsg_para.level)
+									);
+	}
+
+	priority_label->proto=context->proto;
+	if(context->domain!=NULL)
+	{
+		priority_label->domain_len=MIN(sizeof(priority_label->domain)-1 ,strlen(context->domain));
+		memcpy(priority_label->domain, context->domain, priority_label->domain_len);
+	}
+
+	if(context->para!=NULL)
+	{
+		int length=strlen(context->http_url);
+		priority_label->para=dictator_malloc(thread_seq,length+1);
+		memcpy(priority_label->para, context->para, length);
+		((char *)priority_label->para)[length]='\0';
+	}
+
+	if(priority_label->security_result_num<=0 || (priority_label->security_result[0].action < p_result->action))
+	{
+		priority_label->security_result_num=1;
+		priority_label->result_type=result_type;
+		memcpy(priority_label->security_result, p_result, sizeof(struct Maat_rule_t));
+	}
+	
+	int ret=project_req_add_struct((struct streaminfo *)a_stream, g_tsg_para.priority_project_id, (void *)priority_label);
+	if(ret<0)
+	{
+		free_policy_label(thread_seq, (void *)priority_label);
+		MESA_handle_runtime_log(g_tsg_para.logger,
+										RLOG_LV_FATAL,
+										"PROJECT_ADD",
+										"Add policy_priority_label failed, policy, domain: %s para(url/ua): %s policy_id: %d action: %d addr: %s",
+										(context->domain!=NULL ? context->domain : ""),
+										(context->para!=NULL ? context->http_url : ""),
+										priority_label->security_result[0].config_id,
+										(unsigned char)priority_label->security_result[0].action,
+										PRINTADDR(a_stream, g_tsg_para.level)
+									);
+		return ;
+	}
+	
+	MESA_handle_runtime_log(g_tsg_para.logger, 
+									RLOG_LV_DEBUG,
+									"COPY_RESULT",
+									"Hit policy, domain: %s para(url/ua): %s policy_id: %d action: %d addr: %s",
+									(context->domain!=NULL ? context->domain : ""),
+									(context->para!=NULL ? context->http_url : ""),
+									priority_label->security_result[0].config_id,
+									(unsigned char)priority_label->security_result[0].action,
+									PRINTADDR(a_stream, g_tsg_para.level)
+								);
+
+	return ;
+}
+
 
 void set_session_attribute_label(const struct streaminfo *a_stream, enum TSG_ATTRIBUTE_TYPE type, void *value, int value_len, int thread_seq)
 {
@@ -1654,6 +1735,11 @@ struct Maat_rule_t *tsg_policy_decision_criteria(Maat_rule_t *result, int result
 
 	for(i=0; i<result_num; i++)
 	{
+		if((unsigned char)result[i].action==TSG_ACTION_SHAPING)
+		{
+			continue;
+		}
+			
 		if(p_result==NULL)
 		{
 			p_result=&result[i];
@@ -1947,10 +2033,23 @@ int scan_application_id_and_properties(const struct streaminfo *a_stream, struct
 	return hit_num;
 }
 
+static int master_deal_shaping_result(const struct streaminfo *a_stream, struct Maat_rule_t *result, int hit_num)
+{
+	//get shaping rule
+	struct Maat_rule_t shaping_result[hit_num];
+	int shaping_result_num=get_shaping_result(result, hit_num, shaping_result, hit_num);
+	set_shaping_result_to_project(a_stream, shaping_result, shaping_result_num, a_stream->threadnum);
+
+	FS_operate(g_tsg_para.fs2_handle, g_tsg_para.fs2_field_id[TSG_FS2_SHAPING], 0, FS_OP_ADD, 1);
+	set_method_to_tcpall(a_stream, TSG_METHOD_TYPE_UNKNOWN, a_stream->threadnum);
+
+	return 0;
+}
+
 static unsigned char master_deal_scan_result(const struct streaminfo *a_stream, struct master_context *context, struct Maat_rule_t *result, int hit_num, const void *a_packet)
 {
 	Maat_rule_t *p_result=NULL;
-	unsigned char state=APP_STATE_GIVEME;	
+	unsigned char state=APP_STATE_GIVEME;
 
 	p_result=tsg_policy_decision_criteria(result, hit_num);
 	if(p_result!=NULL)
@@ -1977,7 +2076,7 @@ static unsigned char master_deal_scan_result(const struct streaminfo *a_stream,
 				if((state&APP_STATE_DROPPKT)==APP_STATE_DROPPKT || (state&APP_STATE_KILL_OTHER))
 				{
 					copy_deny_result(a_stream, context, p_result, a_stream->threadnum);
-					copy_result_to_project(a_stream, context, p_result, PULL_FW_RESULT, a_stream->threadnum);
+					set_security_result_to_project(a_stream, context, p_result, 1, PULL_FW_RESULT, a_stream->threadnum);
 					MESA_handle_runtime_log(g_tsg_para.logger,
 												RLOG_LV_DEBUG,
 												"DENY",
@@ -1999,7 +2098,7 @@ static unsigned char master_deal_scan_result(const struct streaminfo *a_stream,
 				break;
 			case	TSG_ACTION_BYPASS:
 				copy_bypass_result(a_stream, context, p_result, a_stream->threadnum);				
-				copy_result_to_project(a_stream, context, p_result, PULL_FW_RESULT, a_stream->threadnum);
+				set_security_result_to_project(a_stream, context, p_result, 1, PULL_FW_RESULT, a_stream->threadnum);
 				FS_operate(g_tsg_para.fs2_handle, g_tsg_para.fs2_field_id[TSG_FS2_BYPASS], 0, FS_OP_ADD, 1);
 				state=APP_STATE_GIVEME|APP_STATE_KILL_OTHER;
 
@@ -2012,7 +2111,7 @@ static unsigned char master_deal_scan_result(const struct streaminfo *a_stream,
 					break;
 				}
 				
-				copy_result_to_project(a_stream, context, p_result, PULL_KNI_RESULT, a_stream->threadnum);
+				set_security_result_to_project(a_stream, context, p_result, 1, PULL_KNI_RESULT, a_stream->threadnum);
 				FS_operate(g_tsg_para.fs2_handle, g_tsg_para.fs2_field_id[TSG_FS2_INTERCEPT], 0, FS_OP_ADD, 1);
 				state=APP_STATE_DROPME|APP_STATE_KILL_OTHER;
 
@@ -2023,6 +2122,11 @@ static unsigned char master_deal_scan_result(const struct streaminfo *a_stream,
 		}
 	}
 
+	if(state==APP_STATE_GIVEME)
+	{	
+		master_deal_shaping_result(a_stream, result, hit_num);
+	}
+
 	return state;
 }
 
@@ -2030,7 +2134,7 @@ static int app_identify_result_cb(const struct streaminfo *a_stream, int bridge_
 {
 	int hit_num=0,app_id=-1;
 	int is_parent_ssl=0;
-	struct master_context *context=NULL;	
+	struct master_context *context=NULL;
 	struct gather_app_result *gather_result=NULL;
 	struct Maat_rule_t scan_result[MAX_RESULT_NUM]={0}, *p_result=NULL;
 	struct app_identify_result *identify_result=(struct app_identify_result *)data;
@@ -2139,7 +2243,6 @@ static int session_flags_identify_result_cb(const struct streaminfo *a_stream, i
 
 	context->sync_cb_state=master_deal_scan_result(a_stream, context, scan_result, hit_num, NULL);
 
-
 	return 0;
 }
 
@@ -2248,7 +2351,6 @@ static unsigned char tsg_master_data_entry(const struct streaminfo *a_stream, vo
 			}
 			
 			hit_num+=deal_pending_state(a_stream, context, scan_result+hit_num, MAX_RESULT_NUM-hit_num, a_packet);
-			p_result=tsg_policy_decision_criteria(scan_result, hit_num);
 			state=master_deal_scan_result(a_stream, context, scan_result, hit_num, a_packet);
 			context->deal_pkt_num++;
 			break;
@@ -2348,7 +2450,7 @@ static unsigned char tsg_master_all_entry(const struct streaminfo *a_stream, uns
 	struct Maat_rule_t *p_result=NULL;	
 	unsigned char state=APP_STATE_GIVEME;	
 	struct identify_info tmp_identify_info; 
-	struct Maat_rule_t result[MAX_RESULT_NUM]={0};	
+	struct Maat_rule_t security_result[MAX_RESULT_NUM]={0};	
 	struct tcpall_context *all_context=(struct tcpall_context *)(*pme);
 		
 	if(stream_state==OP_STATE_PENDING && all_context->method_type!=TSG_METHOD_TYPE_ALLOW && !(all_context->udp_data_dropme))
@@ -2359,21 +2461,29 @@ static unsigned char tsg_master_all_entry(const struct streaminfo *a_stream, uns
 			all_context->default_policy_after_n_packets=get_default_para(a_stream, g_tsg_para.default_compile_id);
 		}
 		
-		hit_num=tsg_scan_nesting_addr(g_tsg_maat_feather, a_stream, PROTO_UNKONWN, &scan_mid, result, MAX_RESULT_NUM);
+		hit_num=tsg_scan_nesting_addr(g_tsg_maat_feather, a_stream, PROTO_UNKONWN, &scan_mid, security_result, MAX_RESULT_NUM);
 		if(hit_num>0)
 		{
-			p_result=tsg_policy_decision_criteria(result, hit_num);
-			switch(p_result->action)
+			p_result=tsg_policy_decision_criteria(security_result, hit_num);
+			if(p_result!=NULL)
 			{
-				case	TSG_ACTION_DENY:
-					state=tsg_deal_deny_action(a_stream, p_result, PROTO_UNKONWN, ACTION_RETURN_TYPE_TCPALL, a_packet);
-					master_send_log(a_stream, p_result, 1, NULL, thread_seq);
-					break;
-				case	TSG_ACTION_MONITOR:
-					tsg_notify_hited_monitor_result(a_stream, result, hit_num, thread_seq);
-					break;
-				default:
-					break;
+				switch(p_result->action)
+				{
+					case	TSG_ACTION_DENY:
+						state=tsg_deal_deny_action(a_stream, p_result, PROTO_UNKONWN, ACTION_RETURN_TYPE_TCPALL, a_packet);
+						master_send_log(a_stream, p_result, 1, NULL, thread_seq);
+						break;
+					case	TSG_ACTION_MONITOR:
+						tsg_notify_hited_monitor_result(a_stream, security_result, hit_num, thread_seq);
+						break;
+					default:
+						break;
+				}
+			}
+
+			if(state==APP_STATE_GIVEME)
+			{
+				master_deal_shaping_result(a_stream, security_result, hit_num);
 			}
 		}
 		
@@ -2396,21 +2506,22 @@ static unsigned char tsg_master_all_entry(const struct streaminfo *a_stream, uns
 				state|=APP_STATE_GIVEME|APP_STATE_DROPPKT;
 			}
 			break;
-        case    TSG_METHOD_TYPE_TAMPER:
-            if(0 == send_tamper_xxx(a_stream, &all_context->tamper_count, a_packet)){
-                state|=APP_STATE_GIVEME|APP_STATE_DROPPKT;
-            }
-            break;
+		case    TSG_METHOD_TYPE_TAMPER:
+			if(0 == send_tamper_xxx(a_stream, &all_context->tamper_count, a_packet))
+			{
+				state|=APP_STATE_GIVEME|APP_STATE_DROPPKT;
+			}
+			break;
 		case	TSG_METHOD_TYPE_DEFAULT:
 			if(!is_do_default_policy(a_stream, all_context->default_policy_after_n_packets) || stream_state==OP_STATE_CLOSE)
 			{
 				break;
 			}
 			
-			if(get_default_policy(g_tsg_para.default_compile_id, &result[0]))
+			if(get_default_policy(g_tsg_para.default_compile_id, &security_result[0]))
 			{
-				state=tsg_deal_deny_action(a_stream, &result[0], PROTO_UNKONWN, ACTION_RETURN_TYPE_TCPALL, a_packet);				
-				master_send_log(a_stream, &result[0], 1, NULL, thread_seq);
+				state=tsg_deal_deny_action(a_stream, &security_result[0], PROTO_UNKONWN, ACTION_RETURN_TYPE_TCPALL, a_packet);				
+				master_send_log(a_stream, &security_result[0], 1, NULL, thread_seq);
 			}
 			break;
 		case	TSG_METHOD_TYPE_DROP:
@@ -2424,7 +2535,7 @@ static unsigned char tsg_master_all_entry(const struct streaminfo *a_stream, uns
 				break;
 			}
 
-			ret=tsg_pull_policy_result((struct streaminfo *)a_stream,PULL_FW_RESULT, &result[0], 1, &tmp_identify_info);
+			ret=tsg_pull_policy_result((struct streaminfo *)a_stream,PULL_FW_RESULT, &security_result[0], 1, &tmp_identify_info);
 			if(ret<=0)
 			{
 				break;
@@ -2432,11 +2543,11 @@ static unsigned char tsg_master_all_entry(const struct streaminfo *a_stream, uns
 
 			if(all_context->hited_para.hited_app_id<=0)
 			{
-				state=tsg_deal_deny_action(a_stream, &result[0], all_context->protocol, ACTION_RETURN_TYPE_TCPALL, a_packet);
+				state=tsg_deal_deny_action(a_stream, &security_result[0], all_context->protocol, ACTION_RETURN_TYPE_TCPALL, a_packet);
 			}
 			else
 			{
-				state=tsg_deny_application(a_stream, &result[0], all_context->protocol, all_context->hited_para.hited_app_id, ACTION_RETURN_TYPE_TCPALL, a_packet);
+				state=tsg_deny_application(a_stream, &security_result[0], all_context->protocol, all_context->hited_para.hited_app_id, ACTION_RETURN_TYPE_TCPALL, a_packet);
 			}
 			break;
 		default:
@@ -2625,6 +2736,7 @@ extern "C" int TSG_MASTER_INIT()
 	MESA_load_profile_string_def(tsg_conffile, "SYSTEM", "SKETCH_NOTIFY_BRIDGE_NAME", g_tsg_para.bridge_name[BRIDGE_TYPE_RECV_CONN_SKETCH_DATA],_MAX_TABLE_NAME_LEN, "TSG_CONN_SKETCH_NOTIFY_DATA");
 	MESA_load_profile_string_def(tsg_conffile, "SYSTEM", "MASTER_NOTIFY_BRIDGE_NAME", g_tsg_para.bridge_name[BRIDGE_TYPE_SEND_CONN_SKETCH_DATA],_MAX_TABLE_NAME_LEN, "TSG_MASTER_NOTIFY_DATA");
 	MESA_load_profile_string_def(tsg_conffile, "SESSION_FLAGS", "FLAGS_NOTIFY_BRIDGE_NAME", g_tsg_para.bridge_name[BRIDGE_TYPE_NOTIFY_FLAGS],_MAX_TABLE_NAME_LEN, "SESSION_FLAGS_SYNC_NOTIFY_DATA");
+	MESA_load_profile_string_def(tsg_conffile, "SYSTEM", "SHAPING_RESULT_BRIDGE_NAME", g_tsg_para.bridge_name[BRIDGE_TYPE_NOTIFY_SHAPING_RESULT],_MAX_TABLE_NAME_LEN, "NOTIFY_SHAPING_RESULT");
 
 	for(i=0; i<BRIDGE_TYPE_MAX; i++)
 	{
@@ -2659,6 +2771,18 @@ extern "C" int TSG_MASTER_INIT()
 		return -1;
 	}
 
+	ret=stream_bridge_register_data_free_cb(g_tsg_para.bridge_id[BRIDGE_TYPE_NOTIFY_SHAPING_RESULT], free_shaping_result);
+	if(ret<0)
+	{		
+		MESA_handle_runtime_log(g_tsg_para.logger,
+									RLOG_LV_FATAL,
+									"APP_BRIDGE",
+									"Register async free callback failed, bridge_name: %d",
+									g_tsg_para.bridge_name[BRIDGE_TYPE_NOTIFY_SHAPING_RESULT]
+								);	
+		return -1;
+	}
+
 	g_tsg_para.context_project_id=project_producer_register("TSG_MASTER_CONTEXT", PROJECT_VAL_TYPE_STRUCT, free_context_label);
 	if(g_tsg_para.context_project_id<0)
 	{
diff --git a/src/tsg_entry.h b/src/tsg_entry.h
index ffaaaab..c1fd5a2 100644
--- a/src/tsg_entry.h
+++ b/src/tsg_entry.h
@@ -112,6 +112,7 @@ enum TSG_FS2_TYPE{
 	TSG_FS2_HIT_ADDR,

 	TSG_FS2_HIT_SHARE,

 	TSG_FS2_INTERCEPT,

+	TSG_FS2_SHAPING,

 	TSG_FS2_EXCLUSION,

 	TSG_FS2_APP_DPKT_RESULT,

 	TSG_FS2_APP_Q_RESULT,

@@ -184,6 +185,7 @@ enum BRIDGE_TYPE
 	BRIDGE_TYPE_RECV_CONN_SKETCH_DATA,

 	BRIDGE_TYPE_APP_IDENTIFY_RESULT,

 	BRIDGE_TYPE_NOTIFY_FLAGS,

+	BRIDGE_TYPE_NOTIFY_SHAPING_RESULT,

 	BRIDGE_TYPE_MAX

 };

 

@@ -216,9 +218,25 @@ struct l7_protocol
     UT_hash_handle hh2;        /* handle for second hash table */

 };

 

+struct policy_priority_label

+{

+	tsg_protocol_t proto;	//enum _tsg_protocol (tsg_types.h)

+	int domain_len;

+	int result_type;	//enum _PULL_RESULT_TYPE (tsg_rule.h)

+	int security_result_num;

+	union

+	{

+		char *http_url;

+		char *quic_ua;

+		void *para;

+	};

+	char domain[MAX_DOMAIN_LEN];

+	Maat_rule_t security_result[MAX_RESULT_NUM];

+};

+

 struct fqdn_category

 {

-	int ref_cnt;	

+	int ref_cnt;

 	unsigned int category_id;

 };

 

@@ -342,6 +360,7 @@ typedef	struct tsg_para
 	int table_id[TABLE_MAX];	

 	int dyn_table_id[DYN_TABLE_MAX];

 	int priority_project_id;

+	int shaping_project_id;

 	int session_attribute_project_id;

 	int context_project_id;

 	int tcpall_project_id;

diff --git a/src/tsg_rule.cpp b/src/tsg_rule.cpp
index 80d4f15..e9b336d 100644
--- a/src/tsg_rule.cpp
+++ b/src/tsg_rule.cpp
@@ -2247,9 +2247,9 @@ int tsg_set_policy_result(const struct streaminfo *a_stream, PULL_RESULT_TYPE re
 	
 
 	priority_label->proto=proto;
-	priority_label->result_num=1;
+	priority_label->security_result_num=1;
 	priority_label->result_type=result_type;
-	memcpy(priority_label->result, p_result, sizeof(struct Maat_rule_t));
+	memcpy(priority_label->security_result, p_result, sizeof(struct Maat_rule_t));
 	
 	int ret=project_req_add_struct((struct streaminfo *)a_stream, g_tsg_para.priority_project_id, (void *)priority_label);
 	if(ret<0)
@@ -2259,8 +2259,8 @@ int tsg_set_policy_result(const struct streaminfo *a_stream, PULL_RESULT_TYPE re
 										RLOG_LV_FATAL,
 										"PROJECT_ADD",
 										"Add policy_priority_label failed, policy, policy_id: %d action: %d addr: %s",
-										priority_label->result[0].config_id,
-										(unsigned char)priority_label->result[0].action,
+										priority_label->security_result[0].config_id,
+										(unsigned char)priority_label->security_result[0].action,
 										PRINTADDR(a_stream, g_tsg_para.level)
 									);
 		return -1;
@@ -2270,14 +2270,26 @@ int tsg_set_policy_result(const struct streaminfo *a_stream, PULL_RESULT_TYPE re
 									RLOG_LV_DEBUG,
 									"COPY_RESULT",
 									"Hit policy, policy_id: %d action: %d addr: %s",
-									priority_label->result[0].config_id,
-									(unsigned char)priority_label->result[0].action,
+									priority_label->security_result[0].config_id,
+									(unsigned char)priority_label->security_result[0].action,
 									PRINTADDR(a_stream, g_tsg_para.level)
 								);
 
 	return 0;
 }
 
+int tsg_pull_shaping_result(struct streaminfo *a_stream, Maat_rule_t*result, int result_num)
+{
+	struct notify_shaping_policy *shaping_label=(struct notify_shaping_policy *)stream_bridge_async_data_get(a_stream, g_tsg_para.bridge_id[BRIDGE_TYPE_NOTIFY_SHAPING_RESULT]);
+	if(shaping_label!=NULL && result!=NULL && result_num>0)
+	{
+		int num=MIN(shaping_label->shaping_result_num, result_num);
+		memcpy(result, shaping_label->shaping_result, num*sizeof(Maat_rule_t));
+		return num;
+	}
+
+	return 0;
+}
 
 int tsg_pull_policy_result(struct streaminfo *a_stream, PULL_RESULT_TYPE pull_result_type, Maat_rule_t*result, int result_num, struct identify_info *identify_info)
 {
@@ -2289,8 +2301,8 @@ int tsg_pull_policy_result(struct streaminfo *a_stream, PULL_RESULT_TYPE pull_re
 	{
 		if((label->result_type==pull_result_type) || (pull_result_type==PULL_ALL_RESULT))
 		{
-			num=MIN(label->result_num, result_num);
-			memcpy(result, label->result, num*sizeof(Maat_rule_t));
+			num=MIN(label->security_result_num, result_num);
+			memcpy(result, label->security_result, num*sizeof(Maat_rule_t));
 
 			if(label->domain_len>0)
 			{
diff --git a/src/tsg_send_log.cpp b/src/tsg_send_log.cpp
index bf9d74d..b28849a 100644
--- a/src/tsg_send_log.cpp
+++ b/src/tsg_send_log.cpp
@@ -1209,6 +1209,17 @@ struct TLD_handle_t *TLD_create(int thread_id)
 	return _handle;
 }
 
+int TLD_convert_json(struct TLD_handle_t *_handle, char *buff, unsigned int buff_len)
+{
+	StringBuffer sb(0, 2048);
+	Writer<StringBuffer> writer(sb);
+	_handle->document->Accept(writer);
+
+	memcpy(buff, sb.GetString(), MIN(sb.GetSize(), buff_len));
+	
+	return 1;
+}
+
 static int set_mail_eml(struct tsg_log_instance_t *_instance, struct TLD_handle_t *_handle, struct streaminfo *a_stream)
 {
 	struct tsg_conn_sketch_notify_data *notify_mail=(struct tsg_conn_sketch_notify_data *)stream_bridge_async_data_get(a_stream, g_tsg_para.bridge_id[BRIDGE_TYPE_RECV_CONN_SKETCH_DATA]);
@@ -1326,6 +1337,27 @@ static int set_tunnel_ipv4v6_port(struct tsg_log_instance_t *_instance, struct T
 	return 0;
 }
 
+int set_shaping_rule_ids(struct tsg_log_instance_t *_instance, struct TLD_handle_t *_handle, struct streaminfo *a_stream)
+{
+	struct notify_shaping_policy *shaping_label=(struct notify_shaping_policy *)stream_bridge_async_data_get(a_stream, g_tsg_para.bridge_id[BRIDGE_TYPE_NOTIFY_SHAPING_RESULT]);
+	if(shaping_label==NULL)
+	{
+		return 0;
+	}
+
+	int offset=0;
+	char shaping_rule_ids[512]={0};
+	for(int i=0; i<shaping_label->shaping_result_num; i++)
+	{
+		offset+=snprintf(shaping_rule_ids+offset, sizeof(shaping_rule_ids)-offset, "%d,", shaping_label->shaping_result[i].config_id);
+	}
+
+	shaping_rule_ids[offset-1]='\0';
+	TLD_append(_handle, _instance->id2field[LOG_COMMON_SHAPING_RULE_IDS].name, (void *)shaping_rule_ids, TLD_TYPE_STRING);
+	
+	return 1;
+}
+
 static int set_common_tunnels(struct tsg_log_instance_t *_instance, struct TLD_handle_t *_handle, struct streaminfo *a_stream)
 {
 	int ret=0;	
@@ -2082,7 +2114,7 @@ int tsg_send_log(struct tsg_log_instance_t *instance, struct TLD_handle_t *handl
 
 	if(_instance->mode==CLOSE)
 	{
-		TLD_cancel(handle);		
+		TLD_cancel(handle);
 		FS_operate(_instance->fs2_handle, _instance->sum_line_id, _instance->fs2_field_id[LOG_COLUMN_STATUS_DROP], FS_OP_ADD, 1);
 		MESA_handle_runtime_log(_instance->logger, RLOG_LV_INFO, "TSG_SEND_LOG", "Disable tsg_send_log.");
 		return 0;
@@ -2108,6 +2140,11 @@ int tsg_send_log(struct tsg_log_instance_t *instance, struct TLD_handle_t *handl
 	TLD_append(_handle, _instance->id2field[LOG_COMMON_TRAFFIC_VSYSTEM_ID].name, (void *)(long)_instance->vsystem_id, TLD_TYPE_LONG);
 
 	set_application_behavior(_instance, _handle, log_msg->a_stream);
+
+	if(log_msg->result[i].service_id==2 && log_msg->a_stream!=NULL)		// stream of intercept is NULL
+	{
+		set_shaping_rule_ids(_instance, _handle, log_msg->a_stream);
+	}
 		
 	for(i=0;i<log_msg->result_num; i++)
 	{
@@ -2170,7 +2207,7 @@ int tsg_send_log(struct tsg_log_instance_t *instance, struct TLD_handle_t *handl
 									);
 			continue;	
 		}
-
+		
 		TLD_append(_handle, _instance->id2field[LOG_COMMON_POLICY_ID].name, (void *)(long)(log_msg->result[i].config_id), TLD_TYPE_LONG);
 		TLD_append(_handle, _instance->id2field[LOG_COMMON_SERVICE].name, (void *)(long)(log_msg->result[i].service_id), TLD_TYPE_LONG);
 		TLD_append(_handle, _instance->id2field[LOG_COMMON_ACTION].name, (void *)(long)((unsigned char)log_msg->result[i].action), TLD_TYPE_LONG);
diff --git a/src/tsg_send_log_internal.h b/src/tsg_send_log_internal.h
index f7dd452..aeef081 100644
--- a/src/tsg_send_log_internal.h
+++ b/src/tsg_send_log_internal.h
@@ -134,6 +134,7 @@ typedef enum _tsg_log_field_id
 	LOG_COMMON_TRAFFIC_VSYSTEM_ID,
 	LOG_COMMON_APP_FULL_PATH,
 	LOG_COMMON_FLAGS,
+	LOG_COMMON_SHAPING_RULE_IDS,
 	LOG_COMMON_MAX
 }tsg_log_field_id_t;
 
diff --git a/src/tsg_variable.cpp b/src/tsg_variable.cpp
new file mode 100644
index 0000000..8a6d55b
--- /dev/null
+++ b/src/tsg_variable.cpp
@@ -0,0 +1,89 @@
+#include <stdio.h>
+#include <string.h>
+#include <stdlib.h>
+#include <assert.h>
+#include <sys/time.h>
+#include <unistd.h>
+
+#include "tsg_variable.h"
+
+g_tsg_para_t g_tsg_para;
+
+id2field_t g_tsg_fs2_field[TSG_FS2_MAX]={{0, TSG_FS2_TCP_LINKS, "tcp_links"},
+										 {0, TSG_FS2_UDP_LINKS, "udp_links"}, 
+										 {0, TSG_FS2_BYPASS, "bypass"},
+										 {0, TSG_FS2_HIT_ADDR, "hit_addr"},
+										 {0, TSG_FS2_HIT_SHARE, "hit_share"},
+										 {0, TSG_FS2_INTERCEPT, "intercept"},
+										 {0, TSG_FS2_SHAPING, "shaping"},
+										 {0, TSG_FS2_EXCLUSION, "exclusion"},
+										 {0, TSG_FS2_APP_DPKT_RESULT, "D_result"},
+										 {0, TSG_FS2_APP_Q_RESULT, "Q_result"},
+										 {0, TSG_FS2_APP_USER_RESULT, "U_result"},
+										 {0, TSG_FS2_APP_BUILT_IN_RESULT, "B_result"},
+										 {0, TSG_FS2_INJECT_PKT_SUCCESS, "inject_succuess"},
+										 {0, TSG_FS2_INJECT_PKT_FAILED, "inject_failed"},
+										 {0, TSG_FS2_MIRRORED_PKT_SUCCESS, "mirror_pkt_suc"},
+										 {0, TSG_FS2_MIRRORED_BYTE_SUCCESS, "mirror_byte_suc"},
+										 {0, TSG_FS2_MIRRORED_PKT_FAILED, "mirror_pkt_fai"},
+										 {0, TSG_FS2_MIRRORED_BYTE_FAILED, "mirror_byte_fai"},
+										 {0, TSG_FS2_SET_TIMOUT_SUCCESS, "set_timeout_suc"},
+										 {0, TSG_FS2_SET_TIMOUT_FAILED, "set_timeout_fai"},
+                                         {0, TSG_FS2_SUCESS_TAMPER, "tamper_sucess"},
+                                         {0, TSG_FS2_TAMPER_FAILED_PLOAD_LESS_4, "tamper_nopload"},
+                                         {0, TSG_FS2_TAMPER_FAILED_NOSWAP, "tamper_noswap"},
+										 {0, TSG_FS2_ASN_ADD, "asn_add"},
+										 {0, TSG_FS2_ASN_DEL, "asn_del"},
+										 {0, TSG_FS2_GTPC_ADD, "gtpc_add"},
+										 {0, TSG_FS2_GTPC_DEL, "gtpc_del"},
+										 {0, TSG_FS2_LOCATION_ADD, "location_add"},
+										 {0, TSG_FS2_LOCATION_DEL, "location_del"},
+										 {0, TSG_FS2_FQDN_ADD, "fqdn_add"},
+										 {0, TSG_FS2_FQDN_DEL, "fqdn_del"},
+										 {0, TSG_FS2_SUBSCRIBER_ADD, "subscriber_add"},
+										 {0, TSG_FS2_SUBSCRIBER_DEL, "subscriber_del"},
+										 {0, TSG_FS2_SECURIRY_ADD, "security_add"},
+										 {0, TSG_FS2_SECURIRY_DEL, "security_del"},
+										 {0, TSG_FS2_MIRRORED_ADD, "mirrored_add"},
+										 {0, TSG_FS2_MIRRORED_DEL, "mirrored_del"},
+										 {0, TSG_FS2_HTTP_RES_ADD, "http_res_add"},
+										 {0, TSG_FS2_HTTP_RES_DEL, "http_res_del"},
+										 {0, TSG_FS2_DNS_RES_ADD, "dns_profile_add"},
+										 {0, TSG_FS2_DNS_RES_DEL, "dns_profile_del"},
+										 {0, TSG_FS2_APP_ID_ADD, "app_id_add"},
+										 {0, TSG_FS2_APP_ID_DEL, "app_id_del"},
+										 {0, TSG_FS2_TUNNEL_CATALOG_ADD, "t_catalog_add"},
+										 {0, TSG_FS2_TUNNEL_CATALOG_DEL, "t_catalog_del"},
+										 {0, TSG_FS2_TUNNEL_ENDPOINT_ADD, "t_endpoint_add"},
+										 {0, TSG_FS2_TUNNEL_ENDPOINT_DEL, "t_endpoint_del"},
+										 {0, TSG_FS2_TUNNEL_LABEL_ADD, "t_label_add"},
+										 {0, TSG_FS2_TUNNEL_LABEL_DEL, "t_label_del"}
+										};
+
+id2field_t g_tsg_proto_name2id[PROTO_MAX]={{PROTO_UNKONWN, 0, "unknown"}, 
+										 {PROTO_IPv4, 	0,	"IPV4"},
+										 {PROTO_IPv6, 	0,	"IPV6"},
+										 {PROTO_TCP, 	0, 	"TCP"},
+										 {PROTO_UDP, 	0, 	"UDP"},
+										 {PROTO_HTTP, 	0, 	"HTTP"},
+										 {PROTO_MAIL, 	0, 	"MAIL"},
+										 {PROTO_DNS, 	0, 	"DNS"},
+										 {PROTO_FTP, 	0, 	"FTP"},
+										 {PROTO_SSL, 	0, 	"SSL"},
+										 {PROTO_SIP, 	0, 	"SIP"},
+										 {PROTO_BGP, 	0, 	"BGP"},
+										 {PROTO_STREAMING_MEDIA, 0, "STREAMING_MEDIA"},
+										 {PROTO_QUIC, 	0,	 "QUIC"},
+										 {PROTO_SSH, 	0, 	"SSH"},
+										 {PROTO_SMTP, 	0, 	"SMTP"},
+										 {PROTO_IMAP, 	0, 	"IMAP"},
+										 {PROTO_POP3, 	0, 	"POP3"},
+										 {PROTO_RTP, 	0, 	"RTP"},
+										 {PROTO_APP, 	0,	"BASE"},
+										 {PROTO_L2TP, 	0,	"L2TP"},
+										 {PROTO_PPTP, 	0,	"PPTP"},
+										 {PROTO_STRATUM, 	0,	"Stratum"},
+										 {PROTO_RDP, 	0,	"RDP"},
+										 {PROTO_DTLS, 	0,	"DTLS"}
+										};
+
diff --git a/src/tsg_variable.h b/src/tsg_variable.h
new file mode 100644
index 0000000..0e4a433
--- /dev/null
+++ b/src/tsg_variable.h
@@ -0,0 +1,69 @@
+#pragma once
+
+struct reset_argv
+{
+	int pkt_num;
+	int seed1;
+	int seed2;
+	int th_flags;
+	int dir;
+	int remedy;
+};
+
+#define	_MAX_TABLE_NAME_LEN	64
+typedef	struct tsg_para
+{
+	int level;
+	short mirror_switch;
+	unsigned short timeout;
+	int dynamic_maat_switch;
+	int location_field_num;
+	int app_dict_field_num;
+	int device_seq_in_dc;
+	int datacenter_id;
+	int scan_signaling_switch;
+	int hash_timeout;
+	int hash_slot_size;
+	int hash_thread_safe;
+	int feature_tamper;
+	enum DEPLOY_MODE deploy_mode;
+	int scan_time_interval;
+	int identify_app_max_pkt_num;
+	int unknown_app_id;
+	int hit_path_switch;
+	int default_compile_id;
+	int table_id[TABLE_MAX];	
+	int dyn_table_id[DYN_TABLE_MAX];
+	int priority_project_id;
+	int shaping_project_id;
+	int session_attribute_project_id;
+	int context_project_id;
+	int tcpall_project_id;
+	int gather_app_project_id;	
+	int bridge_id[BRIDGE_TYPE_MAX];
+	int proto_flag; //tsg_protocol_t
+	int fs2_field_id[TSG_FS2_MAX];
+	char device_sn[MAX_DOMAIN_LEN/8];
+	char log_path[MAX_DOMAIN_LEN/8];
+	char device_id_command[MAX_DOMAIN_LEN/8];
+	char data_center[_MAX_TABLE_NAME_LEN];
+	char device_tag[MAX_DOMAIN_LEN/2];
+	char table_name[TABLE_MAX][_MAX_TABLE_NAME_LEN];	
+	char dyn_table_name[DYN_TABLE_MAX][_MAX_TABLE_NAME_LEN];
+	char bridge_name[BRIDGE_TYPE_MAX][_MAX_TABLE_NAME_LEN];
+	void *logger;
+	void *maat_logger;
+	struct reset_argv reset;
+	struct mirrored_vlan default_vlan;
+	screen_stat_handle_t fs2_handle;
+	struct l7_protocol *name_by_id;
+	struct l7_protocol *id_by_name;
+	struct traffic_mirror *mirror_handle;
+	ctemplate::Template *tpl_403,*tpl_404;
+	ctemplate::Template *tpl_200,*tpl_204;
+	ctemplate::Template *tpl_303;
+}g_tsg_para_t;
+
+extern g_tsg_para_t g_tsg_para;
+extern Maat_feather_t g_tsg_dynamic_maat_feather;
+extern id2field_t g_tsg_proto_name2id[PROTO_MAX];
\ No newline at end of file
diff --git a/test/src/CMakeLists.txt b/test/src/CMakeLists.txt
index bbd1323..40e398d 100644
--- a/test/src/CMakeLists.txt
+++ b/test/src/CMakeLists.txt
@@ -1,36 +1,30 @@
 cmake_minimum_required(VERSION 2.8)
 
-set(SRC ../src/tsg_entry.cpp ../src/tsg_rule.cpp ../src/tsg_ssl_utils.cpp ../src/tsg_send_log.cpp ../src/tsg_statistic.cpp ../src/tsg_ssh_utils.cpp ../src/tsg_gtp_signaling.cpp ../src/tsg_action.cpp ../src/tsg_leaky_bucket.cpp ../src/tsg_dns.cpp ../src/tsg_icmp.cpp ../src/tsg_tamper.cpp tsg_master_gtest_protocol.cpp tsg_master_gtest_entry.cpp)
-
 include_directories(${CMAKE_SOURCE_DIR}/inc)
 include_directories(/opt/MESA/include/MESA/)
 include_directories(/opt/MESA/include)
 include_directories(/usr/include/)
-
-set(TSG_MASTER_DEPEND_DYN_LIB  MESA_handle_logger MESA_prof_load maatframe pthread MESA_field_stat2 rdkafka cjson MESA_jump_layer)
-
-set(CMAKE_INSTALL_PREFIX /home/mesasoft/sapp_run)
-
-add_library(tsg_master_gtest SHARED ${SRC})
-set_target_properties(tsg_master_gtest PROPERTIES LINK_FLAGS "-Wl,--version-script=${PROJECT_SOURCE_DIR}/src/version.map")
-target_link_libraries(tsg_master_gtest ${TSG_MASTER_DEPEND_DYN_LIB} ctemplate-static)
-set_target_properties(tsg_master_gtest  PROPERTIES PREFIX "")
-
-install(TARGETS tsg_master_gtest LIBRARY DESTINATION ${CMAKE_INSTALL_PREFIX}/plug/platform/tsg_master_gtest COMPONENT LIBRARIES)
-install(FILES ../bin/tsg_master.inf DESTINATION ${CMAKE_INSTALL_PREFIX}/plug/platform/tsg_master_gtest COMPONENT PROFILE)
-
+include_directories(${PROJECT_SOURCE_DIR}/src/)
 
 add_definitions(-std=c++11)
 LINK_DIRECTORIES(/opt/MESA/lib)
 
-file(GLOB TEST_CASE "tsg_master_gtest_main.cpp")
-
-add_executable(master_gtest ${TEST_CASE})
-target_compile_options(master_gtest PUBLIC ${MEM_POOL_DEFINITIONS})
-target_link_libraries(master_gtest nsl pthread dl m pcap systemd cjson MESA_prof_load MESA_htable MESA_handle_logger MESA_jump_layer breakpad_mini MESA_field_stat2 rdkafka)
-target_link_libraries(master_gtest /home/mesasoft/sapp_run/lib/libsapp_devel.so)
-target_link_libraries(master_gtest gtest-static ctemplate-static)
-
-install(TARGETS master_gtest DESTINATION ${CMAKE_INSTALL_PREFIX}/ COMPONENT EXECUTABLE)
-
-
+add_executable(gtest_rule ${PROJECT_SOURCE_DIR}/src/tsg_rule.cpp gtest_common.cpp gtest_rule.cpp)
+target_link_libraries(gtest_rule gtest-static ctemplate-static cjson MESA_prof_load MESA_handle_logger MESA_jump_layer MESA_field_stat2 maatframe)
+
+set(TSG_MASTER_SRC ${PROJECT_SOURCE_DIR}/src/tsg_entry.cpp 
+	${PROJECT_SOURCE_DIR}/src/tsg_rule.cpp 
+	${PROJECT_SOURCE_DIR}/src/tsg_ssl_utils.cpp 
+	${PROJECT_SOURCE_DIR}/src/tsg_send_log.cpp 
+	${PROJECT_SOURCE_DIR}/src/tsg_statistic.cpp
+	${PROJECT_SOURCE_DIR}/src/tsg_ssh_utils.cpp 
+	${PROJECT_SOURCE_DIR}/src/tsg_gtp_signaling.cpp 
+	${PROJECT_SOURCE_DIR}/src/tsg_action.cpp
+	${PROJECT_SOURCE_DIR}/src/tsg_leaky_bucket.cpp 
+	${PROJECT_SOURCE_DIR}/src/tsg_dns.cpp 
+	${PROJECT_SOURCE_DIR}/src/tsg_icmp.cpp
+	${PROJECT_SOURCE_DIR}/src/tsg_tamper.cpp
+)
+
+add_executable(gtest_master ${TSG_MASTER_SRC} gtest_common.cpp gtest_master.cpp)
+target_link_libraries(gtest_master gtest-static ctemplate-static cjson MESA_prof_load MESA_handle_logger MESA_jump_layer MESA_field_stat2 maatframe rdkafka MESA_htable)
diff --git a/test/src/gtest_common.cpp b/test/src/gtest_common.cpp
new file mode 100644
index 0000000..105d812
--- /dev/null
+++ b/test/src/gtest_common.cpp
@@ -0,0 +1,239 @@
+#include <MESA/stream.h>
+#include "tsg_entry.h"
+
+const char *gtest_addrlist="127.0.0.1.37690>127.0.0.1.443";
+
+void dictator_free(int thread_seq, void * pbuf)
+{
+	free(pbuf);
+	pbuf=NULL;
+}
+
+void *dictator_malloc(int thread_seq,size_t size)
+{
+	return calloc(1, size);
+}
+
+const char *printaddr (const struct layer_addr *paddrinfo, int threadindex)
+{
+	return gtest_addrlist;
+}
+
+int get_thread_count(void)
+{
+	return 1;
+}
+
+int MESA_rst_tcp(struct streaminfo * stream, struct rst_tcp_para * paras, int para_len)
+{
+	return 0;
+}
+
+int sapp_inject_pkt(struct streaminfo * stream, enum sapp_inject_opt sio, const void * payload, int payload_len, unsigned char snd_routedir)
+{
+	return 0;
+}
+
+
+unsigned char MESA_dir_reverse(unsigned char raw_route_dir)
+{
+	return 0;
+}
+
+extern "C" int MESA_get_dev_ipv4(const char * device, int * ip_add)
+{
+	return 0;
+}
+
+
+extern "C" int sendpacket_do_checksum(unsigned char *buf, int protocol, int len)
+{
+	return 0;
+}
+
+char *layer_addr_ntop_r(const struct streaminfo * pstream, char * out_buf, int out_buf_len)
+{
+	return NULL;
+}
+
+
+const char *layer_addr_prefix_ntop(const struct streaminfo * pstream)
+{
+	return NULL;
+}
+
+int stream_addr_list_ntop(const struct streaminfo * pstream, char * dst, int size)
+{
+	return 0;
+}
+
+int MESA_dir_link_to_human(int link_route_dir)
+{
+	return 0;
+}
+
+
+int MESA_set_stream_opt(const struct streaminfo * pstream, enum MESA_stream_opt opt, void * opt_val, int opt_val_len)
+{
+	return 0;
+}
+
+int MESA_get_stream_opt(const struct streaminfo * pstream, enum MESA_stream_opt opt, void * opt_val, int * opt_val_len)
+{
+	return 0;
+}
+
+
+int sapp_get_platform_opt(enum sapp_platform_opt opt, void * opt_val, int * opt_val_len)
+{
+	return 0;
+}
+
+int get_rawpkt_opt_from_streaminfo(const struct streaminfo * pstream, int type, void * out_value)
+{
+	return 0;
+}
+
+#define	MAX_BRIDGE_NUM	16
+void *g_bridge_async_data[MAX_BRIDGE_NUM]={0};
+stream_bridge_free_cb_t *g_bridge_async_free[MAX_BRIDGE_NUM]={0};
+stream_bridge_sync_cb_t *g_bridge_sync_cb[MAX_BRIDGE_NUM]={0};
+
+int stream_bridge_register_data_free_cb(int bridge_id, stream_bridge_free_cb_t * free_cb_fun)
+{
+	g_bridge_async_free[bridge_id]=free_cb_fun;
+
+	return 0;
+}
+
+int stream_bridge_register_data_sync_cb(int bridge_id, stream_bridge_sync_cb_t * sync_cb_fun)
+{
+	if(g_bridge_sync_cb[bridge_id])
+	{
+		g_bridge_sync_cb[bridge_id]=sync_cb_fun;
+	}
+	
+	return 0;
+}
+
+int stream_bridge_sync_data_put(const struct streaminfo *stream, int bridge_id, void *data)
+{
+	if(g_bridge_sync_cb[bridge_id])
+	{
+		g_bridge_sync_cb[bridge_id](stream, bridge_id, data);
+	}
+	
+	return 0;
+}
+
+void *stream_bridge_async_data_get(const struct streaminfo *stream, int bridge_id)
+{
+	return g_bridge_async_data[bridge_id];
+}
+
+int stream_bridge_async_data_put(const struct streaminfo * stream, int bridge_id, void * data)
+{
+	g_bridge_async_data[bridge_id]=data;
+	return 0;
+}
+
+int stream_bridge_build(const char * bridge_name, const char * rw_mode)
+{
+	static int bridge_id=0;
+	assert(bridge_id<MAX_BRIDGE_NUM);
+	return bridge_id++;
+}
+
+int project_req_add_struct(struct streaminfo *stream, int project_req_id, const void *project_req_value)
+{
+	return 0;
+}
+
+const void *project_req_get_struct(const struct streaminfo *stream, int project_req_id)
+{
+	return NULL;
+}
+
+int project_customer_register(const char * project_req_name, const char * project_req_val_type)
+{
+	return 0;
+}
+
+int project_producer_register(const char * project_req_name, const char * project_req_val_type, project_req_free_t * free_cb)
+{
+	return 0;
+}
+
+extern "C" void *http_field_parser(const char* buf, unsigned int buflen, int http_dir)
+{
+	return NULL;
+}
+
+extern "C" int http_get_filed_result(void *result, long long field_flag, char **field_value)
+{
+	return 0;
+}
+
+extern "C" void http_free_filed_result(void *result)
+{
+}
+
+extern "C" int ftp_control_identify(struct streaminfo *a_tcp)
+{
+	return 0;
+}
+
+extern "C" int ftp_data_identify(struct streaminfo *a_tcp)
+{
+	return 0;
+}
+
+extern "C" int mail_protocol_identify_by_first_payload(struct streaminfo *a_tcp, char *payload, int payload_len, int thread_seq)
+{
+	return 0;
+}
+
+extern "C" char stratum_identify(struct streaminfo* pstream,void** pme,int thread_seq,const void* a_packet)
+{
+	return 0;
+}
+
+extern "C" int rdp_protocol_identify(const char *payload, unsigned int payload_len, int thread_seq)
+{
+	return 0;
+}
+
+extern "C" int rdpudp_protocol_identify(const char *payload, unsigned int payload_len, int thread_seq)
+{
+	return 0;
+}
+
+int quic_version_int2string(unsigned int version, char *buff, int buff_len)
+{
+	return 0;
+}
+
+unsigned int quic_protocol_identify(struct streaminfo *a_stream, void *a_packet, char *out_sni, int *out_sni_len, char *out_ua, int *out_ua_len)
+{
+	return 0;
+}
+
+extern "C" unsigned char sip_identify_from_to(char* buff,UINT32 buflen,char** from,UINT32* from_len,char** to,UINT32* to_len)
+{
+	return 0;
+}
+
+extern "C" int dtls_parse_sni(const char *udp_payload, int udp_payload_len, char *servername, int servername_len)
+{
+	return 0;
+}
+
+extern "C" bool dtls_identifyStream(struct streaminfo *a_udp)
+{
+	return 0;
+}
+
+extern "C" struct _ssl_ja3_info_t *ssl_get_ja3_fingerprint(struct streaminfo *stream, unsigned char *payload, int payload_len, int thread_seq)
+{
+	return NULL;
+}
diff --git a/test/src/gtest_common.h b/test/src/gtest_common.h
new file mode 100644
index 0000000..4a26b25
--- /dev/null
+++ b/test/src/gtest_common.h
@@ -0,0 +1,10 @@
+#pragma once
+
+#include "tsg_send_log.h"
+
+extern "C" int TSG_MASTER_INIT();
+void free_shaping_result(const struct streaminfo *stream, int bridge_id, void *data);
+
+int TLD_convert_json(struct TLD_handle_t *_handle, char *buff, unsigned int buff_len);
+int set_shaping_rule_ids(struct tsg_log_instance_t *_instance, struct TLD_handle_t *_handle, struct streaminfo *a_stream);
+
diff --git a/test/src/tsg_master_gtest_function.h b/test/src/gtest_function.h
index 5d8de40..5d8de40 100644
--- a/test/src/tsg_master_gtest_function.h
+++ b/test/src/gtest_function.h
diff --git a/test/src/gtest_master.cpp b/test/src/gtest_master.cpp
new file mode 100644
index 0000000..7b5026b
--- /dev/null
+++ b/test/src/gtest_master.cpp
@@ -0,0 +1,223 @@
+#include <stdio.h>
+#include <string.h>
+#include <unistd.h>
+
+#include "gtest_common.h"
+#include "tsg_rule.h"
+#include "tsg_entry.h"
+#include <gtest/gtest.h>
+
+TEST(TSGMaster, ShapingSetRuleIds)
+{
+	const struct streaminfo a_stream={0};
+	struct Maat_rule_t shaping_result[MAX_RESULT_NUM]={0};
+
+	for(int i=0; i<MAX_RESULT_NUM; i++)
+	{
+		shaping_result[i].action=TSG_ACTION_SHAPING;
+		shaping_result[i].config_id=TSG_ACTION_SHAPING+i;
+	}
+	
+	tsg_notify_hited_shaping_result(&a_stream, shaping_result, MAX_RESULT_NUM, 0);
+
+	struct TLD_handle_t *handle=TLD_create(0);
+	set_shaping_rule_ids(g_tsg_log_instance, handle, (struct streaminfo *)&a_stream);
+	char shaping_rule_ids[256]={0};
+	TLD_convert_json(handle, shaping_rule_ids, sizeof(shaping_rule_ids));
+	EXPECT_STREQ("{\"common_shaping_rule_ids\":\"32,33,34,35,36,37,38,39\"}", shaping_rule_ids);
+
+	struct notify_shaping_policy *shaping_label=(struct notify_shaping_policy *)stream_bridge_async_data_get(&a_stream, g_tsg_para.bridge_id[BRIDGE_TYPE_NOTIFY_SHAPING_RESULT]);
+	EXPECT_NE(nullptr, shaping_label);
+	EXPECT_EQ(MAX_RESULT_NUM, shaping_label->shaping_result_num);
+	for(int i=0; i<shaping_label->shaping_result_num; i++)
+	{	
+		EXPECT_EQ(TSG_ACTION_SHAPING, shaping_label->shaping_result[i].action);
+		EXPECT_EQ(TSG_ACTION_SHAPING+i, shaping_label->shaping_result[i].config_id);
+	}
+	
+	free_shaping_result(&a_stream, g_tsg_para.bridge_id[BRIDGE_TYPE_NOTIFY_SHAPING_RESULT], (void *)shaping_label);
+	stream_bridge_async_data_put(&a_stream, g_tsg_para.bridge_id[BRIDGE_TYPE_NOTIFY_SHAPING_RESULT], NULL);
+	EXPECT_EQ(nullptr, stream_bridge_async_data_get(&a_stream, g_tsg_para.bridge_id[BRIDGE_TYPE_NOTIFY_SHAPING_RESULT]));
+}
+
+int shaping_policy_notify_cb(const struct streaminfo *stream, int bridge_id, void *data)
+{
+	struct notify_shaping_policy *shaping_label=(struct notify_shaping_policy *)data;
+	EXPECT_NE(nullptr, shaping_label);
+	EXPECT_EQ(MAX_RESULT_NUM, shaping_label->shaping_result_num);
+	for(int i=0; i<shaping_label->shaping_result_num; i++)
+	{	
+		EXPECT_EQ(TSG_ACTION_SHAPING, shaping_label->shaping_result[i].action);
+		EXPECT_EQ(TSG_ACTION_SHAPING+i, shaping_label->shaping_result[i].config_id);
+	}
+	
+	return 0;
+}
+
+TEST(TSGMaster, ShapingPolicyNotify)
+{
+	const struct streaminfo a_stream={0};
+	struct Maat_rule_t shaping_result[MAX_RESULT_NUM]={0};
+
+	for(int i=0; i<MAX_RESULT_NUM; i++)
+	{
+		shaping_result[i].action=TSG_ACTION_SHAPING;
+		shaping_result[i].config_id=TSG_ACTION_SHAPING+i;
+	}
+
+	stream_bridge_register_data_sync_cb(g_tsg_para.bridge_id[BRIDGE_TYPE_NOTIFY_SHAPING_RESULT], shaping_policy_notify_cb);
+	
+	tsg_notify_hited_shaping_result(&a_stream, shaping_result, MAX_RESULT_NUM, 0);
+	int shaping_result_num=tsg_pull_shaping_result((struct streaminfo *)&a_stream, shaping_result, MAX_RESULT_NUM);
+	EXPECT_EQ(MAX_RESULT_NUM, shaping_result_num);
+	for(int i=0; i<shaping_result_num; i++)
+	{	
+		EXPECT_EQ(TSG_ACTION_SHAPING, shaping_result[i].action);
+		EXPECT_EQ(TSG_ACTION_SHAPING+i, shaping_result[i].config_id);
+	}
+	
+	struct notify_shaping_policy *shaping_label=(struct notify_shaping_policy *)stream_bridge_async_data_get(&a_stream, g_tsg_para.bridge_id[BRIDGE_TYPE_NOTIFY_SHAPING_RESULT]);
+	EXPECT_NE(nullptr, shaping_label);
+	EXPECT_EQ(MAX_RESULT_NUM, shaping_label->shaping_result_num);
+	for(int i=0; i<shaping_label->shaping_result_num; i++)
+	{	
+		EXPECT_EQ(TSG_ACTION_SHAPING, shaping_label->shaping_result[i].action);
+		EXPECT_EQ(TSG_ACTION_SHAPING+i, shaping_label->shaping_result[i].config_id);
+	}
+
+	free_shaping_result(&a_stream, g_tsg_para.bridge_id[BRIDGE_TYPE_NOTIFY_SHAPING_RESULT], (void *)shaping_label);
+	stream_bridge_async_data_put(&a_stream, g_tsg_para.bridge_id[BRIDGE_TYPE_NOTIFY_SHAPING_RESULT], NULL);
+	EXPECT_EQ(nullptr, stream_bridge_async_data_get(&a_stream, g_tsg_para.bridge_id[BRIDGE_TYPE_NOTIFY_SHAPING_RESULT]));
+}
+
+int shaping_policy_notify_null_cb(const struct streaminfo *stream, int bridge_id, void *data)
+{
+	EXPECT_EQ(nullptr, data);
+	return 0;
+}
+
+TEST(TSGMaster, ShapingPolicyNotifyNULL)
+{
+	const struct streaminfo a_stream={0};
+	struct Maat_rule_t shaping_result[MAX_RESULT_NUM]={0};
+
+	stream_bridge_register_data_sync_cb(g_tsg_para.bridge_id[BRIDGE_TYPE_NOTIFY_SHAPING_RESULT], shaping_policy_notify_null_cb);
+	
+	tsg_notify_hited_shaping_result(&a_stream, shaping_result, 0, 0);
+	struct notify_shaping_policy *shaping_label=(struct notify_shaping_policy *)stream_bridge_async_data_get(&a_stream, g_tsg_para.bridge_id[BRIDGE_TYPE_NOTIFY_SHAPING_RESULT]);
+	EXPECT_EQ(nullptr, shaping_label);
+}
+
+int shaping_duplicate_policy_notify_cb(const struct streaminfo *stream, int bridge_id, void *data)
+{
+	struct notify_shaping_policy *shaping_label=(struct notify_shaping_policy *)data;
+	EXPECT_NE(nullptr, shaping_label);
+	EXPECT_EQ(MAX_RESULT_NUM/2, shaping_label->shaping_result_num);
+	for(int i=0; i<shaping_label->shaping_result_num; i++)
+	{	
+		EXPECT_EQ(TSG_ACTION_SHAPING, shaping_label->shaping_result[i].action);
+		EXPECT_EQ(TSG_ACTION_SHAPING+i, shaping_label->shaping_result[i].config_id);
+	}
+
+	return 0;
+}
+
+TEST(TSGMaster, ShapingDuplicatePolicyNotify)
+{
+	const struct streaminfo a_stream={0};
+	struct Maat_rule_t shaping_result[MAX_RESULT_NUM]={0};
+
+	for(int i=0; i<MAX_RESULT_NUM; i++)
+	{
+		shaping_result[i].action=TSG_ACTION_SHAPING;
+		shaping_result[i].config_id=TSG_ACTION_SHAPING+(i%4);
+	}
+
+	stream_bridge_register_data_sync_cb(g_tsg_para.bridge_id[BRIDGE_TYPE_NOTIFY_SHAPING_RESULT], shaping_duplicate_policy_notify_cb);
+	
+	tsg_notify_hited_shaping_result(&a_stream, shaping_result, MAX_RESULT_NUM, 0);
+	int shaping_result_num=tsg_pull_shaping_result((struct streaminfo *)&a_stream, shaping_result, MAX_RESULT_NUM);
+	EXPECT_EQ(MAX_RESULT_NUM/2, shaping_result_num);
+	for(int i=0; i<shaping_result_num; i++)
+	{	
+		EXPECT_EQ(TSG_ACTION_SHAPING, shaping_result[i].action);
+		EXPECT_EQ(TSG_ACTION_SHAPING+i, shaping_result[i].config_id);
+	}
+	
+	struct notify_shaping_policy *shaping_label=(struct notify_shaping_policy *)stream_bridge_async_data_get(&a_stream, g_tsg_para.bridge_id[BRIDGE_TYPE_NOTIFY_SHAPING_RESULT]);
+	EXPECT_NE(nullptr, shaping_label);
+	EXPECT_EQ(MAX_RESULT_NUM/2, shaping_label->shaping_result_num);
+	for(int i=0; i<shaping_label->shaping_result_num; i++)
+	{	
+		EXPECT_EQ(TSG_ACTION_SHAPING, shaping_label->shaping_result[i].action);
+		EXPECT_EQ(TSG_ACTION_SHAPING+i, shaping_label->shaping_result[i].config_id);
+	}
+
+	free_shaping_result(&a_stream, g_tsg_para.bridge_id[BRIDGE_TYPE_NOTIFY_SHAPING_RESULT], (void *)shaping_label);
+	stream_bridge_async_data_put(&a_stream, g_tsg_para.bridge_id[BRIDGE_TYPE_NOTIFY_SHAPING_RESULT], NULL);
+	EXPECT_EQ(nullptr, stream_bridge_async_data_get(&a_stream, g_tsg_para.bridge_id[BRIDGE_TYPE_NOTIFY_SHAPING_RESULT]));
+}
+
+TEST(TSGMaster, ShapingDuplicatePolicyMultipleNotify)
+{
+	const struct streaminfo a_stream={0};
+	struct Maat_rule_t shaping_result[MAX_RESULT_NUM]={0};
+
+	for(int i=0; i<MAX_RESULT_NUM/2; i++)
+	{
+		shaping_result[i].action=TSG_ACTION_SHAPING;
+		shaping_result[i].config_id=TSG_ACTION_SHAPING+i;
+	}
+
+	stream_bridge_register_data_sync_cb(g_tsg_para.bridge_id[BRIDGE_TYPE_NOTIFY_SHAPING_RESULT], shaping_duplicate_policy_notify_cb);
+
+	// First notify
+	tsg_notify_hited_shaping_result(&a_stream, shaping_result, MAX_RESULT_NUM/2, 0);
+	int shaping_result_num=tsg_pull_shaping_result((struct streaminfo *)&a_stream, shaping_result, MAX_RESULT_NUM);
+	EXPECT_EQ(MAX_RESULT_NUM/2, shaping_result_num);
+	for(int i=0; i<shaping_result_num; i++)
+	{	
+		EXPECT_EQ(TSG_ACTION_SHAPING, shaping_result[i].action);
+		EXPECT_EQ(TSG_ACTION_SHAPING+i, shaping_result[i].config_id);
+	}
+	
+	struct notify_shaping_policy *shaping_label=(struct notify_shaping_policy *)stream_bridge_async_data_get(&a_stream, g_tsg_para.bridge_id[BRIDGE_TYPE_NOTIFY_SHAPING_RESULT]);
+	EXPECT_NE(nullptr, shaping_label);
+	EXPECT_EQ(MAX_RESULT_NUM/2, shaping_label->shaping_result_num);
+	for(int i=0; i<shaping_label->shaping_result_num; i++)
+	{	
+		EXPECT_EQ(TSG_ACTION_SHAPING, shaping_label->shaping_result[i].action);
+		EXPECT_EQ(TSG_ACTION_SHAPING+i, shaping_label->shaping_result[i].config_id);
+	}
+
+	// Second notify
+	tsg_notify_hited_shaping_result(&a_stream, shaping_result, MAX_RESULT_NUM/2, 0);
+	shaping_result_num=tsg_pull_shaping_result((struct streaminfo *)&a_stream, shaping_result, MAX_RESULT_NUM);
+	EXPECT_EQ(MAX_RESULT_NUM/2, shaping_result_num);
+	for(int i=0; i<shaping_result_num; i++)
+	{	
+		EXPECT_EQ(TSG_ACTION_SHAPING, shaping_result[i].action);
+		EXPECT_EQ(TSG_ACTION_SHAPING+i, shaping_result[i].config_id);
+	}
+	
+	shaping_label=(struct notify_shaping_policy *)stream_bridge_async_data_get(&a_stream, g_tsg_para.bridge_id[BRIDGE_TYPE_NOTIFY_SHAPING_RESULT]);
+	EXPECT_NE(nullptr, shaping_label);
+	EXPECT_EQ(MAX_RESULT_NUM/2, shaping_label->shaping_result_num);
+	for(int i=0; i<shaping_label->shaping_result_num; i++)
+	{	
+		EXPECT_EQ(TSG_ACTION_SHAPING, shaping_label->shaping_result[i].action);
+		EXPECT_EQ(TSG_ACTION_SHAPING+i, shaping_label->shaping_result[i].config_id);
+	}
+
+	free_shaping_result(&a_stream, g_tsg_para.bridge_id[BRIDGE_TYPE_NOTIFY_SHAPING_RESULT], (void *)shaping_label);
+	stream_bridge_async_data_put(&a_stream, g_tsg_para.bridge_id[BRIDGE_TYPE_NOTIFY_SHAPING_RESULT], NULL);
+	EXPECT_EQ(nullptr, stream_bridge_async_data_get(&a_stream, g_tsg_para.bridge_id[BRIDGE_TYPE_NOTIFY_SHAPING_RESULT]));
+}
+
+int main(int argc, char *argv[])
+{
+	TSG_MASTER_INIT();
+	testing::InitGoogleTest(&argc, argv);
+	return RUN_ALL_TESTS();
+}
+
diff --git a/test/src/tsg_master_gtest_protocol.cpp b/test/src/gtest_protocol.cpp
index 2103ba6..2103ba6 100644
--- a/test/src/tsg_master_gtest_protocol.cpp
+++ b/test/src/gtest_protocol.cpp
diff --git a/test/src/gtest_rule.cpp b/test/src/gtest_rule.cpp
new file mode 100644
index 0000000..9b346ab
--- /dev/null
+++ b/test/src/gtest_rule.cpp
@@ -0,0 +1,69 @@
+#include <stdio.h>
+#include <string.h>
+#include <unistd.h>
+
+#include "tsg_entry.h"
+#include "gtest_common.h"
+
+#include <gtest/gtest.h>
+
+g_tsg_para_t g_tsg_para;
+id2field_t g_tsg_proto_name2id[PROTO_MAX]={{PROTO_UNKONWN, 0, "unknown"}, 
+										 {PROTO_IPv4, 	0,	"IPV4"},
+										 {PROTO_IPv6, 	0,	"IPV6"},
+										 {PROTO_TCP, 	0, 	"TCP"},
+										 {PROTO_UDP, 	0, 	"UDP"},
+										 {PROTO_HTTP, 	0, 	"HTTP"},
+										 {PROTO_MAIL, 	0, 	"MAIL"},
+										 {PROTO_DNS, 	0, 	"DNS"},
+										 {PROTO_FTP, 	0, 	"FTP"},
+										 {PROTO_SSL, 	0, 	"SSL"},
+										 {PROTO_SIP, 	0, 	"SIP"},
+										 {PROTO_BGP, 	0, 	"BGP"},
+										 {PROTO_STREAMING_MEDIA, 0, "STREAMING_MEDIA"},
+										 {PROTO_QUIC, 	0,	 "QUIC"},
+										 {PROTO_SSH, 	0, 	"SSH"},
+										 {PROTO_SMTP, 	0, 	"SMTP"},
+										 {PROTO_IMAP, 	0, 	"IMAP"},
+										 {PROTO_POP3, 	0, 	"POP3"},
+										 {PROTO_RTP, 	0, 	"RTP"},
+										 {PROTO_APP, 	0,	"BASE"},
+										 {PROTO_L2TP, 	0,	"L2TP"},
+										 {PROTO_PPTP, 	0,	"PPTP"},
+										 {PROTO_STRATUM, 	0,	"Stratum"},
+										 {PROTO_RDP, 	0,	"RDP"},
+										 {PROTO_DTLS, 	0,	"DTLS"}
+										};
+
+unsigned int tsg_l7_protocol_name2id(const char *l7_protocol_name)
+{
+	return 0;
+}
+
+void free_policy_label(int thread_seq, void *project_req_value)
+{
+}
+
+void set_session_attribute_label(const struct streaminfo *a_stream, enum TSG_ATTRIBUTE_TYPE type, void *value, int value_len, int thread_seq)
+{
+}
+
+int tsg_get_umts_user_info(const struct streaminfo *a_stream, struct umts_user_info **user_info)
+{
+	return 0;
+}
+
+
+TEST(MasterTest, SetVlan)
+{
+	//int ret=set_vlan(NULL, NULL, NULL, 0, NULL, LOG_COMMON_TUNNELS_VLAN_SRC_ID);
+	//EXPECT_EQ(1, ret);
+}
+
+
+int main(int argc, char *argv[])
+{
+	testing::InitGoogleTest(&argc, argv);
+	return RUN_ALL_TESTS();
+}
+
diff --git a/test/src/gtest_sendlog.cpp b/test/src/gtest_sendlog.cpp
new file mode 100644
index 0000000..e87d876
--- /dev/null
+++ b/test/src/gtest_sendlog.cpp
@@ -0,0 +1,41 @@
+#include <stdio.h>
+#include <string.h>
+#include <unistd.h>
+
+#include "gtest_common.h"
+
+#include <gtest/gtest.h>
+
+int tsg_app_id2name(int app_id, char *app_name, int app_name_len, int is_joint_parent)
+{
+	return 0;
+}
+
+int tsg_get_location_type(void)
+{
+	return 19;
+}
+
+char *tsg_l7_protocol_id2name(unsigned int l7_protocol_id)
+{
+	return NULL;
+}
+
+char get_direction_from_tcpall(const struct streaminfo *a_stream)
+{
+	return 0;
+}
+
+TEST(MasterTest, SetVlan)
+{
+	//int ret=set_vlan(NULL, NULL, NULL, 0, NULL, LOG_COMMON_TUNNELS_VLAN_SRC_ID);
+	//EXPECT_EQ(1, ret);
+}
+
+
+int main(int argc, char *argv[])
+{
+	testing::InitGoogleTest(&argc, argv);
+	return RUN_ALL_TESTS();
+}
+
diff --git a/test/src/tsg_master_gtest_entry.cpp b/test/src/tsg_master_gtest_entry.cpp
deleted file mode 100644
index 1c47b9d..0000000
--- a/test/src/tsg_master_gtest_entry.cpp
+++ /dev/null
@@ -1,207 +0,0 @@
-#include <stdio.h>
-#include <string.h>
-#include <stdlib.h>
-#include <assert.h>
-#include <sys/time.h>
-#include <unistd.h>
-
-#include "app_label.h"
-
-#include <MESA/stream.h>
-#include <MESA/MESA_prof_load.h>
-#include <MESA/MESA_handle_logger.h>
-#include <MESA/MESA_jump_layer.h>
-
-enum GTEST_BRIDGE
-{
-	GTEST_BRIDGE_TYPE_APP_IDENTIFY_RESULT=0,
-	GTEST_BRIDGE_TYPE_MAX
-};
-
-struct gtest_para
-{
-	int bridge_id[GTEST_BRIDGE_TYPE_MAX];
-	char bridge_name[GTEST_BRIDGE_TYPE_MAX][64];
-};
-
-
-struct gtest_para g_gtest_para;
-
-extern "C" unsigned char GTEST_APP_FULL_PATH_1_ENTRY(const struct streaminfo *a_stream, void **pme, int thread_seq, const void *a_packet)
-{
-	struct app_identify_result lpi;
-	memset(&lpi, 0, sizeof(lpi));
-
-	lpi.app_id_num=2;
-	lpi.origin=ORIGIN_BASIC_PROTOCOL;
-	lpi.app_id[0]=336;  //openvpn
-	lpi.app_id[1]=199;  //ssl
-	stream_bridge_sync_data_put(a_stream, g_gtest_para.bridge_id[GTEST_BRIDGE_TYPE_APP_IDENTIFY_RESULT], (void *)&lpi);
-
-	struct app_identify_result user_define;
-	memset(&user_define, 0, sizeof(user_define));
-
-	user_define.app_id_num=1;
-	user_define.origin=ORIGIN_USER_DEFINE;
-	user_define.app_id[0]=3145;  //qq_web
-	stream_bridge_sync_data_put(a_stream, g_gtest_para.bridge_id[GTEST_BRIDGE_TYPE_APP_IDENTIFY_RESULT], (void *)&user_define);
-
-	struct app_identify_result qm;
-	memset(&qm, 0, sizeof(qm));
-
-	qm.app_id_num=4;
-	qm.origin=ORIGIN_QM_ENGINE;
-	qm.app_id[0]=336;  //openvpn
-	qm.app_id[1]=199;  //ssl
-	qm.app_id[2]=1241;  //qq_web
-	qm.app_id[3]=3145;  //qq_r2
-	stream_bridge_sync_data_put(a_stream, g_gtest_para.bridge_id[GTEST_BRIDGE_TYPE_APP_IDENTIFY_RESULT], (void *)&qm);
-
-	return APP_STATE_DROPME;
-}
-
-extern "C" unsigned char GTEST_APP_FULL_PATH_2_ENTRY(const struct streaminfo *a_stream, void **pme, int thread_seq, const void *a_packet)
-{
-	struct app_identify_result lpi;
-	memset(&lpi, 0, sizeof(lpi));
-
-	lpi.app_id_num=2;
-	lpi.origin=ORIGIN_BASIC_PROTOCOL;
-	lpi.app_id[0]=336;  //openvpn
-	lpi.app_id[1]=199;  //ssl
-	stream_bridge_sync_data_put(a_stream, g_gtest_para.bridge_id[GTEST_BRIDGE_TYPE_APP_IDENTIFY_RESULT], (void *)&lpi);
-
-	struct app_identify_result built_in;
-	memset(&built_in, 0, sizeof(built_in));
-	
-	built_in.app_id_num=1;
-	built_in.origin=ORIGIN_BUILT_IN;
-	built_in.app_id[0]=3145;  //qq_web
-	stream_bridge_sync_data_put(a_stream, g_gtest_para.bridge_id[GTEST_BRIDGE_TYPE_APP_IDENTIFY_RESULT], (void *)&built_in);
-
-	struct app_identify_result qm;
-	memset(&qm, 0, sizeof(qm));
-
-	qm.app_id_num=3;
-	qm.origin=ORIGIN_QM_ENGINE;
-	qm.app_id[0]=336;  //openvpn
-	qm.app_id[1]=1241;  //qq_web
-	qm.app_id[2]=3145;  //qq_r2
-	stream_bridge_sync_data_put(a_stream, g_gtest_para.bridge_id[GTEST_BRIDGE_TYPE_APP_IDENTIFY_RESULT], (void *)&qm);
-
-	return APP_STATE_DROPME;
-}
-
-extern "C" unsigned char GTEST_APP_FULL_PATH_3_ENTRY(const struct streaminfo *a_stream, void **pme, int thread_seq, const void *a_packet)
-{
-	struct app_identify_result lpi;
-	memset(&lpi, 0, sizeof(lpi));
-
-	lpi.app_id_num=2;
-	lpi.origin=ORIGIN_BASIC_PROTOCOL;
-	lpi.app_id[0]=336;  //openvpn
-	lpi.app_id[1]=199;  //ssl
-	stream_bridge_sync_data_put(a_stream, g_gtest_para.bridge_id[GTEST_BRIDGE_TYPE_APP_IDENTIFY_RESULT], (void *)&lpi);
-
-	struct app_identify_result built_in;
-	memset(&built_in, 0, sizeof(built_in));
-	
-	built_in.app_id_num=1;
-	built_in.origin=ORIGIN_BUILT_IN;
-	built_in.app_id[0]=3145;  //qq_web
-	stream_bridge_sync_data_put(a_stream, g_gtest_para.bridge_id[GTEST_BRIDGE_TYPE_APP_IDENTIFY_RESULT], (void *)&built_in);
-
-	return APP_STATE_DROPME;
-}
-
-extern "C" unsigned char GTEST_APP_FULL_PATH_4_ENTRY(const struct streaminfo *a_stream, void **pme, int thread_seq, const void *a_packet)
-{
-	struct app_identify_result lpi;
-	memset(&lpi, 0, sizeof(lpi));
-
-	lpi.app_id_num=1;
-	lpi.origin=ORIGIN_BASIC_PROTOCOL;
-	lpi.app_id[0]=199;  //ssl
-	stream_bridge_sync_data_put(a_stream, g_gtest_para.bridge_id[GTEST_BRIDGE_TYPE_APP_IDENTIFY_RESULT], (void *)&lpi);
-
-	struct app_identify_result user_define;
-	memset(&user_define, 0, sizeof(user_define));
-	
-	struct app_identify_result built_in;
-	memset(&built_in, 0, sizeof(built_in));
-	
-	built_in.app_id_num=2;
-	built_in.origin=ORIGIN_BUILT_IN;
-	built_in.app_id[0]=3145;  //qq_web	
-	built_in.app_id[1]=156;  //qq
-	stream_bridge_sync_data_put(a_stream, g_gtest_para.bridge_id[GTEST_BRIDGE_TYPE_APP_IDENTIFY_RESULT], (void *)&built_in);
-
-
-	struct app_identify_result qm;
-	memset(&qm, 0, sizeof(qm));
-
-	qm.app_id_num=4;
-	qm.origin=ORIGIN_QM_ENGINE;
-	qm.app_id[0]=336;  //openvpn
-	qm.app_id[1]=199;  //ssl
-	qm.app_id[2]=1241;  //qq_web
-	qm.app_id[3]=3145;  //qq_r2
-	stream_bridge_sync_data_put(a_stream, g_gtest_para.bridge_id[GTEST_BRIDGE_TYPE_APP_IDENTIFY_RESULT], (void *)&qm);
-
-	return APP_STATE_DROPME;
-}
-
-extern "C" unsigned char GTEST_APP_FULL_PATH_5_ENTRY(const struct streaminfo *a_stream, void **pme, int thread_seq, const void *a_packet)
-{
-	struct app_identify_result built_in;
-	memset(&built_in, 0, sizeof(built_in));
-	
-	built_in.app_id_num=2;
-	built_in.origin=ORIGIN_BUILT_IN;
-	built_in.app_id[0]=3145;  //qq_web	
-	built_in.app_id[1]=156;  //qq
-	stream_bridge_sync_data_put(a_stream, g_gtest_para.bridge_id[GTEST_BRIDGE_TYPE_APP_IDENTIFY_RESULT], (void *)&built_in);
-	
-	struct app_identify_result qm;
-	memset(&qm, 0, sizeof(qm));
-
-	qm.app_id_num=4;
-	qm.origin=ORIGIN_QM_ENGINE;
-	qm.app_id[0]=336;  //openvpn
-	qm.app_id[1]=199;  //ssl
-	qm.app_id[2]=1241;  //qq_web
-	qm.app_id[3]=3145;  //qq_r2
-	stream_bridge_sync_data_put(a_stream, g_gtest_para.bridge_id[GTEST_BRIDGE_TYPE_APP_IDENTIFY_RESULT], (void *)&qm);
-
-	return APP_STATE_DROPME;
-}
-
-extern "C" unsigned char GTEST_UNKNOWN_APP_ENTRY(const struct streaminfo *a_stream, void **pme, int thread_seq, const void *a_packet)
-{
-	return APP_STATE_DROPME;
-}
-
-extern "C" int GTEST_INIT()
-{
-	memset(&g_gtest_para, 0, sizeof(g_gtest_para));
-	
-	MESA_load_profile_string_def("tsgconf/main.conf", "SYSTEM", "APP_IDENTIFY_RESULT_BRIDGE", g_gtest_para.bridge_name[GTEST_BRIDGE_TYPE_APP_IDENTIFY_RESULT], 64, "APP_IDENTIFY_RESULT_BRIDGE");
-
-	for(int i=0; i<GTEST_BRIDGE_TYPE_MAX; i++)
-	{
-		g_gtest_para.bridge_id[i]=stream_bridge_build(g_gtest_para.bridge_name[i], "w");
-		if(g_gtest_para.bridge_id[i]<0)
-		{
-			printf("stream_bridge_build is error, bridge_name: %s", g_gtest_para.bridge_name[i]);	
-			return -1;
-		}
-	}
-
-	return 0;
-}
-
-extern "C" int GTEST_UNLOAD()
-{
-	return 0;
-}
-
diff --git a/test/src/tsg_master_gtest_main.cpp b/test/src/tsg_master_gtest_main.cpp
deleted file mode 100644
index bc54833..0000000
--- a/test/src/tsg_master_gtest_main.cpp
+++ /dev/null
@@ -1,50 +0,0 @@
-#include <stdio.h>
-#include <string.h>
-#include <unistd.h>
-#include "../inc/app_label.h"
-#include "../inc/tsg_rule.h"
-#include "../inc/tsg_send_log.h"
-#include "../inc/tsg_statistic.h"
-//#include "../src/tsg_entry.h"
-#include "../src/tsg_send_log_internal.h"
-#include "../inc/tsg_ssl_utils.h"
-#include "../src/tsg_ssh_utils.h"
-#include "../src/tsg_protocol_common.h"
-
-#include "tsg_master_gtest_function.h"
-
-#include <gtest/gtest.h>
-
-/*
-	L7(openvpn), appSketch(psiphon), Thrid(openvpn.ssl.wechat) = openvpn.ssl.psiphon
-	L7(openvpn), appSketch(psiphon), Thrid(openvpn.qq_web.wechat) = openvpn.psiphon
-	L7(openvpn), appSketch(psiphon), Thrid(openvpn.wechat) = openvpn.psiphon
-	L7(openvpn.ssl), appSketch(psiphon), Thrid(openvpn.wechat) = openvpn.ssl.psiphon
-	L7(openvpn.ssl), appSketch(psiphon), Thrid(openvpn) = openvpn.ssl.psiphon
-	L7(openvpn.ssl), appSketch(psiphon), Thrid(openvpn.ssl.wechat) = openvpn.ssl.psiphon
-	L7(null), appSketch(psiphon), Thrid(openvpn.ssl.wechat) = openvpn.ssl.psiphon
-	L7(null), appSketch(psiphon), Thrid(wechat) = psiphon
-	L7(null), appSketch(null), Thrid(openvpn.ssl.wechat) = openvpn.ssl.wechat
-	L7(null), appSketch(null), Thrid(null) = unknown
-*/
-
-TEST(MasterTest, AppFullPath)
-{
-
-}
-
-
-TEST(MasterTest, SetVlan)
-{
-	//int ret=set_vlan(NULL, NULL, NULL, 0, NULL, LOG_COMMON_TUNNELS_VLAN_SRC_ID);
-	//EXPECT_EQ(1, ret);
-}
-
-
-int main(int argc, char *argv[])
-{
-	libsapp_setup_env(argc,argv);
-	testing::InitGoogleTest(&argc, argv);
-	return RUN_ALL_TESTS();
-}
-