用于EagleEye3.0 规则集漏报和误报测试的示例项目,项目收集于github和gitee
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
 
 
 
 
 
 

135 lines
3.9 KiB

# This config tries to involve the various possible combinations of connection
# handshakes, on the accept side and on the connect side. It also produces logs
# indicating the handshake time.
#
# May be tested with tcploop as the server, both for TCP and HTTP mode :
# - accept new connection
# - pause 100ms
# - send what looks like an HTTP response
# - wait 500ms and close
#
# Starting log server (mainly to check timers) :
# $ socat udp-recvfrom:5514,fork -
#
# Starting server :
# $ tcploop 8000 L N A W P100 S:"HTTP/1.0 200 OK\r\nConnection: close\r\n\r\n" P500
#
# Testing all combinations with server-speaks-first (tcp) :
# $ nc 0 8007
#
# Testing all combinations with client-speaks-first (tcp) :
# $ (printf "GET / HTTP/1.0\r\n\r\n";sleep 1) | nc 0 8007
#
# Testing all combinations with client-speaks-first after pause (tcp) :
# $ (usleep 0.05 ; printf "GET / HTTP/1.0\r\n\r\n";sleep 1) | nc 0 8007
#
# Testing all combinations with client-speaks-first (http) :
# $ (printf "GET / HTTP/1.0\r\n\r\n";sleep 1) | nc 0 8017
#
# Testing all combinations with client-speaks-first after pause (http) :
# $ (usleep 0.05 ; printf "GET / HTTP/1.0\r\n\r\n";sleep 1) | nc 0 8017
#
# Same tests must be redone after surrounding connect() in tcp_connect_server()
# with fcntl(fd, F_SETFL, 0) and fcntl(fd, F_SETFL, O_NONBLOCK) for sycnhronous
# connect().
global
stats socket /tmp/sock1 level admin
stats timeout 1h
ssl-server-verify none
tune.ssl.default-dh-param 2048
log 127.0.0.1:5514 local0 debug debug
#################################################################
## TCP instances connect to port 8000 and listen to 8001..8007
#################################################################
defaults TCP
timeout client 5s
timeout server 4s
timeout connect 3s
log global
log-format "%ci:%cp %ft %b/%s h=%Th/w=%Tw/c=%Tc/t=%Tt %ST %B %tsc %ac/%fc/%bc/%sc/%rc %sq/%bq %hr %hs"
# connects to port local 8000
listen tcp-none-in-none-out
bind :8001
server s 127.0.0.1:8000
# takes ssl+pp on input, nothing on output
listen tcp-sslpp-in-none-out
bind :8002 ssl crt rsa2048.pem accept-proxy
server s 127.0.0.1:8001
# takes nothing on input, sends ssl+pp
listen tcp-none-in-sslpp-out
bind :8003
server s 127.0.0.1:8002 ssl send-proxy-v2
# takes pp on input, nothing on output
listen tcp-pp-in-none-out
bind :8004 accept-proxy
server s 127.0.0.1:8003
# takes nothing on input, sends pp
listen tcp-none-in-pp-out
bind :8005
server s 127.0.0.1:8004 send-proxy-v2
# takes ssl on input, sends nothing
listen tcp-ssl-in-none-out
bind :8006 ssl crt rsa2048.pem
server s 127.0.0.1:8005
# takes nothing on input, sends ssl
listen tcp-none-in-ssl-out
bind :8007
server s 127.0.0.1:8006 ssl
#################################################################
## HTTP instances also connect to port 8000 but they listen to
## 8011..8017
#################################################################
defaults HTTP
timeout client 5s
timeout server 4s
timeout connect 3s
mode http
log global
log-format "%ci:%cp [%tr] %ft %b/%s h=%Th/i=%Ti/R=%TR/w=%Tw/c=%Tc/r=%Tr/a=%Ta/t=%Tt %ST %B %CC %CS %tsc %ac/%fc/%bc/%sc/%rc %sq/%bq %hr %hs %{+Q}r"
# connects to port local 8000
listen http-none-in-none-out
bind :8011
server s 127.0.0.1:8000
# takes ssl+pp on input, nothing on output
listen http-sslpp-in-none-out
bind :8012 ssl crt rsa2048.pem accept-proxy
server s 127.0.0.1:8011
# takes nothing on input, sends ssl+pp
listen http-none-in-sslpp-out
bind :8013
server s 127.0.0.1:8012 ssl send-proxy-v2
# takes pp on input, nothing on output
listen http-pp-in-none-out
bind :8014 accept-proxy
server s 127.0.0.1:8013
# takes nothing on input, sends pp
listen http-none-in-pp-out
bind :8015
server s 127.0.0.1:8014 send-proxy-v2
# takes ssl on input, sends nothing
listen http-ssl-in-none-out
bind :8016 ssl crt rsa2048.pem
server s 127.0.0.1:8015
# takes nothing on input, sends ssl
listen http-none-in-ssl-out
bind :8017
server s 127.0.0.1:8016 ssl