diff options
| author | 刘学利 <[email protected]> | 2021-04-28 09:23:05 +0000 |
|---|---|---|
| committer | 刘学利 <[email protected]> | 2021-04-28 09:23:05 +0000 |
| commit | a64f0fa34f2153b3b1ae61404c7c99a44c2208f8 (patch) | |
| tree | 8f4cf32593e227b7e846ac626851af075da1786d /src/tsg_rule.cpp | |
| parent | d6393940779a53352c761db9102e817e3b3e444d (diff) | |
支持每隔N秒扫描一次,支持配置文件修改,默认10Sv4.0.1
发送common_service_category日志字段
Diffstat (limited to 'src/tsg_rule.cpp')
| -rw-r--r-- | src/tsg_rule.cpp | 33 |
1 files changed, 21 insertions, 12 deletions
diff --git a/src/tsg_rule.cpp b/src/tsg_rule.cpp index b75af05..0d76c83 100644 --- a/src/tsg_rule.cpp +++ b/src/tsg_rule.cpp @@ -1152,23 +1152,14 @@ int tsg_scan_ip_location(Maat_feather_t maat_feather, const struct streaminfo *a return 0; } -int tsg_scan_nesting_addr(Maat_feather_t maat_feather, const struct streaminfo *a_stream, tsg_protocol_t proto, scan_status_t *mid, Maat_rule_t*result, int result_num) +int tsg_scan_addr(Maat_feather_t maat_feather, const struct streaminfo *a_stream, tsg_protocol_t proto, scan_status_t *mid, Maat_rule_t*result, int result_num) { - int ret=0; - unsigned int proto_id=0; - struct ipaddr t_addr; - struct ipaddr* p_addr=NULL; int hit_num=0,tans_proto=0; + struct ipaddr t_addr; + struct ipaddr* p_addr=NULL; int is_scan_addr=1, maat_ret=0; const struct streaminfo *cur_stream = a_stream; - struct _session_attribute_label_t *attribute_label=NULL; - if(result==NULL || result_num<=0 || a_stream==NULL || maat_feather==NULL) - { - MESA_handle_runtime_log(g_tsg_para.logger, RLOG_LV_DEBUG, "SCAN_NESTING_ADDR", "result==NULL || result_num<=0 || maat_feather==NULL || a_stream==NULL"); - return -1; - } - do { if(cur_stream->addr.addrtype == __ADDR_TYPE_IP_PAIR_V4 || cur_stream->addr.addrtype == ADDR_TYPE_IPV4 || cur_stream->addr.addrtype == __ADDR_TYPE_IP_PAIR_V6 || cur_stream->addr.addrtype == ADDR_TYPE_IPV6) @@ -1235,6 +1226,24 @@ int tsg_scan_nesting_addr(Maat_feather_t maat_feather, const struct streaminfo * }while(cur_stream != NULL && hit_num < result_num); + return hit_num; +} + +int tsg_scan_nesting_addr(Maat_feather_t maat_feather, const struct streaminfo *a_stream, tsg_protocol_t proto, scan_status_t *mid, Maat_rule_t*result, int result_num) +{ + int ret=0; + unsigned int proto_id=0; + int hit_num=0; + struct _session_attribute_label_t *attribute_label=NULL; + + if(result==NULL || result_num<=0 || a_stream==NULL || maat_feather==NULL) + { + MESA_handle_runtime_log(g_tsg_para.logger, RLOG_LV_DEBUG, "SCAN_NESTING_ADDR", "result==NULL || result_num<=0 || maat_feather==NULL || a_stream==NULL"); + return -1; + } + + hit_num+=tsg_scan_addr(maat_feather, a_stream, proto, mid, result+hit_num, result_num-hit_num); + if(hit_num<result_num && proto>PROTO_UNKONWN && proto<PROTO_MAX) { proto_id=tsg_l7_protocol_name2id(g_tsg_proto_name2id[proto].name); |