diff options
| -rw-r--r-- | src/tsg_action.cpp | 10 |
1 files changed, 10 insertions, 0 deletions
diff --git a/src/tsg_action.cpp b/src/tsg_action.cpp index e07cd15..3aa332e 100644 --- a/src/tsg_action.cpp +++ b/src/tsg_action.cpp @@ -954,6 +954,11 @@ static unsigned char tsg_do_deny_action(const struct streaminfo *a_stream, struc unsigned char tsg_enforing_deny_application(const struct streaminfo *a_stream, struct maat_rule *p_result, enum TSG_PROTOCOL protocol, int app_id, enum ACTION_RETURN_TYPE type, const void *user_data) { + if(protocol==PROTO_DNS && type==ACTION_RETURN_TYPE_APP && user_data==NULL) + { + return APP_STATE_GIVEME; + } + struct app_id_dict *dict=(struct app_id_dict *)matched_rule_cites_app_id_dict(g_tsg_maat_feather, (long long)app_id); if(dict==NULL || user_data==NULL) { @@ -997,6 +1002,11 @@ unsigned char tsg_enforing_deny(const struct streaminfo *a_stream, struct maat_r return ((type==ACTION_RETURN_TYPE_PROT) ? PROT_STATE_DROPME : APP_STATE_GIVEME); } + if(protocol==PROTO_DNS && type==ACTION_RETURN_TYPE_APP && user_data==NULL) + { + return APP_STATE_GIVEME; + } + struct maat_compile *maat_compile=(struct maat_compile *)matched_rule_cites_security_compile(g_tsg_maat_feather, p_result->rule_id); if(maat_compile==NULL || maat_compile->user_region==NULL || user_data==NULL) { |