diff options
| author | 刘学利 <[email protected]> | 2023-05-27 03:13:50 +0000 |
|---|---|---|
| committer | 刘学利 <[email protected]> | 2023-05-27 03:13:50 +0000 |
| commit | bc7909e57bba412ff1f7f5d323f5c44c20486d3a (patch) | |
| tree | f6c8b38459bd2084f1b6ff2fab0734a9d4ae340e /src/tsg_entry.cpp | |
| parent | 7bd3fe594c32e865a3ab066d49326d0e5001b34b (diff) | |
TSG-15152: 在发送日志统计命中策略的信息,避免统计遗漏
Diffstat (limited to 'src/tsg_entry.cpp')
| -rw-r--r-- | src/tsg_entry.cpp | 14 |
1 files changed, 0 insertions, 14 deletions
diff --git a/src/tsg_entry.cpp b/src/tsg_entry.cpp index 2f98f78..fb72631 100644 --- a/src/tsg_entry.cpp +++ b/src/tsg_entry.cpp @@ -113,8 +113,6 @@ struct id2field g_tsg_fs2_field[TSG_FS2_MAX]={{0, TSG_FS2_TCP_LINKS, "tcp_links" {0, TSG_FS2_TUNNEL_LABEL_DEL, "t_label_del"} }; -#define DECCRYPTION_EXCLUSION_ALLOW_POLICY_ID 1 - static int init_page_template(const char *conffile) { char page_path[256]; @@ -1066,7 +1064,6 @@ static int session_runtime_process_log_send(const struct streaminfo *a_stream, s if (TLD_handle!=NULL) { tsg_send_log(g_tsg_log_instance, TLD_handle, a_stream, LOG_TYPE_SECURITY_EVENT, rules, n_rules, thread_seq); - tsg_set_policy_flow(a_stream, rules, thread_seq); return 1; } } @@ -1157,11 +1154,6 @@ static int session_runtime_process_log_send(const struct streaminfo *a_stream, s tsg_send_log(g_tsg_log_instance, TLD_handle, a_stream, LOG_TYPE_SECURITY_EVENT, rules, n_rules, thread_seq); - if(rules->rule_id!=DECCRYPTION_EXCLUSION_ALLOW_POLICY_ID) - { - tsg_set_policy_flow(a_stream, rules, thread_seq); - } - return 1; } @@ -1543,7 +1535,6 @@ static unsigned char matched_security_rules_deal(const struct streaminfo *a_stre if(is_deny_after_N_packets(p_rule)) { - tsg_set_policy_flow(a_stream, p_rule, a_stream->threadnum); session_matched_rules_notify(a_stream, TSG_SERVICE_SECURITY, p_rule, 1, a_stream->threadnum); if(a_stream->type==STREAM_TYPE_TCP) { @@ -1563,11 +1554,6 @@ static unsigned char matched_security_rules_deal(const struct streaminfo *a_stre break; } - if (srt_process_context->proto == PROTO_SSH) - { - tsg_set_policy_flow(a_stream, p_rule, a_stream->threadnum); - } - session_packet_capture_by_rules_notify(a_stream, security_rules, n_security_rules, a_stream->threadnum); session_matched_rules_notify(a_stream, TSG_SERVICE_SECURITY, security_rules, n_security_rules, a_stream->threadnum); break; |