diff --git a/decoders/glimpse_detector/app_l7_protocol.cpp b/decoders/glimpse_detector/app_l7_protocol.cpp index 4243155..4a303bc 100644 --- a/decoders/glimpse_detector/app_l7_protocol.cpp +++ b/decoders/glimpse_detector/app_l7_protocol.cpp @@ -23,7 +23,7 @@ #include "stellar/stellar_exdata.h" #include "stellar/stellar_mq.h" -#include "stellar/layer.h" +#include "stellar/packet.h" #include "stellar/appid.h" #include "app_l7_protocol.h" diff --git a/decoders/http/http_decoder_private.h b/decoders/http/http_decoder_private.h index 8c071e8..f838b71 100644 --- a/decoders/http/http_decoder_private.h +++ b/decoders/http/http_decoder_private.h @@ -12,7 +12,6 @@ extern "C" #endif #include #include "stellar/stellar.h" -#include "stellar/layer.h" #include "stellar/packet.h" #include "stellar/utils.h" #include "stellar/session.h" diff --git a/include/CMakeLists.txt b/include/CMakeLists.txt index 12742bd..29dcfeb 100644 --- a/include/CMakeLists.txt +++ b/include/CMakeLists.txt @@ -1,6 +1,4 @@ install(FILES stellar/utils.h DESTINATION include/stellar/ COMPONENT LIBRARIES) -install(FILES stellar/layer.h DESTINATION include/stellar/ COMPONENT LIBRARIES) -install(FILES stellar/tunnel.h DESTINATION include/stellar/ COMPONENT LIBRARIES) install(FILES stellar/packet.h DESTINATION include/stellar/ COMPONENT LIBRARIES) install(FILES stellar/session.h DESTINATION include/stellar/ COMPONENT LIBRARIES) install(FILES stellar/stellar.h DESTINATION include/stellar/ COMPONENT LIBRARIES) diff --git a/include/stellar/layer.h b/include/stellar/layer.h deleted file mode 100644 index 9cf7e4a..0000000 --- a/include/stellar/layer.h +++ /dev/null @@ -1,94 +0,0 @@ -#pragma once - -#ifdef __cplusplus -extern "C" -{ -#endif - -#define __FAVOR_BSD 1 -#include -#include -#include -#include -#include -#include -#include -#include - -enum layer_proto -{ - LAYER_PROTO_NONE = 0, - - // L2 -- data link layer - LAYER_PROTO_ETHER = 1, - LAYER_PROTO_PWETH = 2, - LAYER_PROTO_PPP = 3, - LAYER_PROTO_L2TP = 4, - - // L2 -- tunnel - LAYER_PROTO_VLAN = 21, - LAYER_PROTO_PPPOE = 22, - LAYER_PROTO_MPLS = 23, - - // L3 -- network layer - LAYER_PROTO_IPV4 = 31, - LAYER_PROTO_IPV6 = 32, - LAYER_PROTO_IPAH = 33, - - // L3 -- tunnel - LAYER_PROTO_GRE = 41, - - // L4 -- transport layer - LAYER_PROTO_UDP = 51, - LAYER_PROTO_TCP = 52, - LAYER_PROTO_ICMP = 53, - LAYER_PROTO_ICMP6 = 54, - - // L4 -- tunnel - LAYER_PROTO_VXLAN = 61, - LAYER_PROTO_GTP_U = 62, - LAYER_PROTO_GTP_C = 63, -}; - -struct layer -{ - enum layer_proto proto; - uint16_t hdr_len; - union - { - // all hdr ptr refer to raw packet, read-only - const struct ethhdr *eth; - const struct ip *ip4; - const struct ip6_hdr *ip6; - const struct tcphdr *tcp; - const struct udphdr *udp; - const struct icmphdr *icmp4; - const struct icmp6_hdr *icmp6; - const struct mpls_label *mpls; - const char *raw; // e.g. pppoe, l2tp, gre, gtp, etc. - } hdr; -}; - -int packet_get_layer_count(const struct packet *pkt); -const struct layer *packet_get_layer_by_idx(const struct packet *pkt, int idx); - -// // example: foreach layer in packet (inorder) -// int count = packet_get_layer_count(pkt); -// for (int i = 0; i < count; i++) -// { -// const struct layer *layer = packet_get_layer_by_idx(pkt, i); -// // do something with layer -// } -// -// -// // example: foreach layer in packet (reverse) -// int count = packet_get_layer_count(pkt); -// for (int i = count - 1; i >= 0; i--) -// { -// const struct layer *layer = packet_get_layer_by_idx(pkt, i); -// // do something with layer -// } - -#ifdef __cplusplus -} -#endif diff --git a/include/stellar/packet.h b/include/stellar/packet.h index bf3c54a..efd0be2 100644 --- a/include/stellar/packet.h +++ b/include/stellar/packet.h @@ -6,6 +6,150 @@ extern "C" #endif #include +#define __FAVOR_BSD 1 +#include +#include +#include +#include +#include +#include +#include +#include + +/****************************************************************************** + * layer + ******************************************************************************/ + +enum layer_proto +{ + LAYER_PROTO_NONE = 0, + + // L2 -- data link layer + LAYER_PROTO_ETHER = 1, + LAYER_PROTO_PWETH = 2, + LAYER_PROTO_PPP = 3, + LAYER_PROTO_L2TP = 4, + + // L2 -- tunnel + LAYER_PROTO_VLAN = 21, + LAYER_PROTO_PPPOE = 22, + LAYER_PROTO_MPLS = 23, + + // L3 -- network layer + LAYER_PROTO_IPV4 = 31, + LAYER_PROTO_IPV6 = 32, + LAYER_PROTO_IPAH = 33, + + // L3 -- tunnel + LAYER_PROTO_GRE = 41, + + // L4 -- transport layer + LAYER_PROTO_UDP = 51, + LAYER_PROTO_TCP = 52, + LAYER_PROTO_ICMP = 53, + LAYER_PROTO_ICMP6 = 54, + + // L4 -- tunnel + LAYER_PROTO_VXLAN = 61, + LAYER_PROTO_GTP_U = 62, + LAYER_PROTO_GTP_C = 63, +}; + +struct layer +{ + enum layer_proto proto; + uint16_t hdr_len; + union + { + // all hdr ptr refer to raw packet, read-only + const struct ethhdr *eth; + const struct ip *ip4; + const struct ip6_hdr *ip6; + const struct tcphdr *tcp; + const struct udphdr *udp; + const struct icmphdr *icmp4; + const struct icmp6_hdr *icmp6; + const struct mpls_label *mpls; + const char *raw; // e.g. pppoe, l2tp, gre, gtp, etc. + } hdr; +}; + +int packet_get_layer_count(const struct packet *pkt); +const struct layer *packet_get_layer_by_idx(const struct packet *pkt, int idx); + +// // example: foreach layer in packet (inorder) +// int count = packet_get_layer_count(pkt); +// for (int i = 0; i < count; i++) +// { +// const struct layer *layer = packet_get_layer_by_idx(pkt, i); +// // do something with layer +// } +// +// +// // example: foreach layer in packet (reverse) +// int count = packet_get_layer_count(pkt); +// for (int i = count - 1; i >= 0; i--) +// { +// const struct layer *layer = packet_get_layer_by_idx(pkt, i); +// // do something with layer +// } + +/****************************************************************************** + * tunnel + ******************************************************************************/ + +enum tunnel_type +{ + TUNNEL_IPV4 = 1, // contain layers: IPv4, (next inner layer must be IPv4 / IPv6) + TUNNEL_IPV6 = 2, // contain layers: IPv6, (next inner layer must be IPv4 / IPv6) + + TUNNEL_GRE = 3, // contain layers: IPv4 + GRE + // contain layers: IPv6 + GRE + + TUNNEL_GTP = 4, // contain layers: IPv4 + UDP + GTP + // contain layers: IPv6 + UDP + GTP + + TUNNEL_VXLAN = 5, // contain layers: IPv4 + UDP + VXLAN + // contain layers: IPv6 + UDP + VXLAN + + TUNNEL_L2TP = 6, // contain layers: IPv4 + UDP + L2TP + // contain layers: IPv6 + UDP + L2TP + + TUNNEL_TEREDO = 7, // contain layers: IPv4 + UDP, (next inner layer must be IPv6) +}; + +#define MAX_LAYERS_PER_TUNNEL 3 +struct tunnel +{ + enum tunnel_type type; + + int layer_count; + const struct layer *layers[MAX_LAYERS_PER_TUNNEL]; +}; + +int packet_get_tunnel_count(const struct packet *pkt); +// return 0: success  +// return -1: failed +int packet_get_tunnel_by_idx(const struct packet *pkt, int idx, struct tunnel *out); + +/****************************************************************************** + * build + ******************************************************************************/ + +/* + * tcp_seq: the sequence number of the new TCP packet (in host byte order) + * tcp_ack: the acknowledgment number of the new TCP packet (in host byte order) + * tcp_options_len: the length of the options (must be a multiple of 4) + */ +struct packet *packet_build_tcp(const struct packet *origin_pkt, uint32_t tcp_seq, uint32_t tcp_ack, uint8_t tcp_flags, + const char *tcp_options, uint16_t tcp_options_len, + const char *tcp_payload, uint16_t tcp_payload_len); +struct packet *packet_build_udp(const struct packet *origin_pkt, const char *udp_payload, uint16_t udp_payload_len); +struct packet *packet_build_l3(const struct packet *origin_pkt, uint8_t ip_proto, const char *l3_payload, uint16_t l3_payload_len); + +/****************************************************************************** + * utils + ******************************************************************************/ #define MAX_SIDS 8 struct sids @@ -36,17 +180,6 @@ uint16_t packet_get_raw_len(const struct packet *pkt); const char *packet_get_payload(const struct packet *pkt); uint16_t packet_get_payload_len(const struct packet *pkt); -/* - * tcp_seq: the sequence number of the new TCP packet (in host byte order) - * tcp_ack: the acknowledgment number of the new TCP packet (in host byte order) - * tcp_options_len: the length of the options (must be a multiple of 4) - */ -struct packet *packet_build_tcp(const struct packet *origin_pkt, uint32_t tcp_seq, uint32_t tcp_ack, uint8_t tcp_flags, - const char *tcp_options, uint16_t tcp_options_len, - const char *tcp_payload, uint16_t tcp_payload_len); -struct packet *packet_build_udp(const struct packet *origin_pkt, const char *udp_payload, uint16_t udp_payload_len); -struct packet *packet_build_l3(const struct packet *origin_pkt, uint8_t ip_proto, const char *l3_payload, uint16_t l3_payload_len); - #ifdef __cplusplus } #endif diff --git a/include/stellar/tunnel.h b/include/stellar/tunnel.h deleted file mode 100644 index 17d1d75..0000000 --- a/include/stellar/tunnel.h +++ /dev/null @@ -1,46 +0,0 @@ -#pragma once - -#ifdef __cplusplus -extern "C" -{ -#endif - -#include "layer.h" - -enum tunnel_type -{ - TUNNEL_IPV4 = 1, // contain layers: IPv4, (next inner layer must be IPv4 / IPv6) - TUNNEL_IPV6 = 2, // contain layers: IPv6, (next inner layer must be IPv4 / IPv6) - - TUNNEL_GRE = 3, // contain layers: IPv4 + GRE - // contain layers: IPv6 + GRE - - TUNNEL_GTP = 4, // contain layers: IPv4 + UDP + GTP - // contain layers: IPv6 + UDP + GTP - - TUNNEL_VXLAN = 5, // contain layers: IPv4 + UDP + VXLAN - // contain layers: IPv6 + UDP + VXLAN - - TUNNEL_L2TP = 6, // contain layers: IPv4 + UDP + L2TP - // contain layers: IPv6 + UDP + L2TP - - TUNNEL_TEREDO = 7, // contain layers: IPv4 + UDP, (next inner layer must be IPv6) -}; - -#define MAX_LAYERS_PER_TUNNEL 3 -struct tunnel -{ - enum tunnel_type type; - - int layer_count; - const struct layer *layers[MAX_LAYERS_PER_TUNNEL]; -}; - -int packet_get_tunnel_count(const struct packet *pkt); -// return 0: success  -// return -1: failed -int packet_get_tunnel_by_idx(const struct packet *pkt, int idx, struct tunnel *out); - -#ifdef __cplusplus -} -#endif diff --git a/src/core/main.cpp b/src/core/main.cpp index aee1368..bac5fff 100644 --- a/src/core/main.cpp +++ b/src/core/main.cpp @@ -35,16 +35,12 @@ static void signal_handler(int signo) int main(int argc __attribute__((__unused__)), char **argv __attribute__((__unused__))) { - const char *stellar_cfg_file = "./conf/stellar.toml"; - const char *plugin_cfg_file = "./plugin/spec.toml"; - const char *log_cfg_file = "./conf/log.toml"; - signal(SIGINT, signal_handler); signal(SIGQUIT, signal_handler); signal(SIGTERM, signal_handler); signal(SIGHUP, signal_handler); - st = stellar_new(stellar_cfg_file, plugin_cfg_file, log_cfg_file); + st = stellar_new("./conf/stellar.toml", "./plugin/spec.toml", "./conf/log.toml"); if (st == NULL) { return 0; diff --git a/src/core/stellar_stat.cpp b/src/core/stellar_stat.cpp index b14057c..771044d 100644 --- a/src/core/stellar_stat.cpp +++ b/src/core/stellar_stat.cpp @@ -252,19 +252,13 @@ struct stellar_stat // /opt/MESA/bin/fieldstat_exporter.py local -j log/stellar_fs4.json -e -l --clear-screen struct stellar_stat *stellar_stat_new(uint16_t nr_thread) { - char cwd[1024] = {0}; struct stellar_stat *stat = (struct stellar_stat *)calloc(1, sizeof(struct stellar_stat)); if (stat == NULL) { return NULL; } - if (getcwd(cwd, sizeof(cwd)) == NULL) - { - STAT_LOG_ERROR("failed to get current working directory: %s", strerror(errno)); - goto error_out; - } - snprintf(stat->output_file, sizeof(stat->output_file), "%s/log/stellar_fs4.json", cwd); + snprintf(stat->output_file, sizeof(stat->output_file), "./log/stellar_fs4.json"); stat->fs = fieldstat_easy_new(1, "stellar", NULL, 0); if (stat->fs == NULL) diff --git a/src/log/log.cpp b/src/log/log.cpp index 5c0daef..5743a30 100644 --- a/src/log/log.cpp +++ b/src/log/log.cpp @@ -1,11 +1,9 @@ -#include -#include -#include #include +#include +#include #include #include -#include -#include +#include #include #include "log.h" @@ -22,8 +20,7 @@ struct log_config { enum log_output output; enum log_level level; - char work_dir[1024]; - char log_file[1024]; + char log_file[PATH_MAX]; }; struct log_context @@ -198,11 +195,9 @@ static int log_reopen() int new_fd; int old_fd; struct tm local; - char buff[4096] = {0}; + char buff[PATH_MAX * 2] = {0}; local_time(&local); - snprintf(buff, sizeof(buff), "%s/%s.%d-%02d-%02d", - g_log_ctx->config.work_dir, g_log_ctx->config.log_file, - local.tm_year + 1900, local.tm_mon + 1, local.tm_mday); + snprintf(buff, sizeof(buff), "%s.%d-%02d-%02d", g_log_ctx->config.log_file, local.tm_year + 1900, local.tm_mon + 1, local.tm_mday); new_fd = open(buff, O_WRONLY | O_APPEND | O_CREAT, 0644); if (new_fd == -1) @@ -233,12 +228,6 @@ int log_init(const char *config_file) { memset(g_log_ctx, 0, sizeof(struct log_context)); - if (getcwd(g_log_ctx->config.work_dir, sizeof(g_log_ctx->config.work_dir)) == NULL) - { - fprintf(stderr, "getcwd() failed, %s\n", strerror(errno)); - return -1; - } - if (parse_config(&g_log_ctx->config, config_file) != 0) { return -1; diff --git a/src/packet/CMakeLists.txt b/src/packet/CMakeLists.txt index aad8388..022c993 100644 --- a/src/packet/CMakeLists.txt +++ b/src/packet/CMakeLists.txt @@ -1,5 +1,5 @@ add_library(packet - packet.cpp + packet_utils.cpp packet_parser.cpp packet_builder.cpp packet_filter.cpp diff --git a/src/packet/packet_dump.h b/src/packet/packet_dump.h index c9d4379..689bfd5 100644 --- a/src/packet/packet_dump.h +++ b/src/packet/packet_dump.h @@ -5,8 +5,6 @@ extern "C" { #endif -#include - // return 0: success // return -1: failed int packet_dump_pcap(const struct packet *pkt, const char *file); diff --git a/src/packet/packet_filter.cpp b/src/packet/packet_filter.cpp index 5b1bb2a..6167dbc 100644 --- a/src/packet/packet_filter.cpp +++ b/src/packet/packet_filter.cpp @@ -1,8 +1,6 @@ -#include - #include "dablooms.h" -#include "packet_private.h" #include "packet_filter.h" +#include "packet_private.h" struct packet_key { diff --git a/src/packet/packet_filter.h b/src/packet/packet_filter.h index e5ccae4..8cf4428 100644 --- a/src/packet/packet_filter.h +++ b/src/packet/packet_filter.h @@ -5,8 +5,6 @@ extern "C" { #endif -#include - // Duplicated Packet Filter for IPv4 Packet struct packet_filter; struct packet_filter *packet_filter_new(uint32_t capacity, uint32_t timeout, double error_rate, uint64_t now); diff --git a/src/packet/packet_parser.cpp b/src/packet/packet_parser.cpp index e8c73f7..9d572f6 100644 --- a/src/packet/packet_parser.cpp +++ b/src/packet/packet_parser.cpp @@ -9,9 +9,6 @@ #include "packet_private.h" #include "packet_parser.h" -#define likely(expr) __builtin_expect((expr), 1) -#define unlikely(expr) __builtin_expect((expr), 0) - #define PACKET_PARSE_LOG_DEBUG(format, ...) void(0) // LOG_DEBUG("packet parse", format, ##__VA_ARGS__) #define PACKET_PARSE_LOG_WARN(format, ...) LOG_WARN("packet parse", format, ##__VA_ARGS__) #define PACKET_PARSE_LOG_ERROR(format, ...) LOG_ERROR("packet parse", format, ##__VA_ARGS__) diff --git a/src/packet/packet_parser.h b/src/packet/packet_parser.h index 5a8ce86..4793c86 100644 --- a/src/packet/packet_parser.h +++ b/src/packet/packet_parser.h @@ -5,8 +5,6 @@ extern "C" { #endif -#include - const char *packet_parse(struct packet *pkt, const char *data, uint16_t len); const char *layer_proto_to_str(enum layer_proto proto); diff --git a/src/packet/packet_private.h b/src/packet/packet_private.h index 000fdb5..27b1f6e 100644 --- a/src/packet/packet_private.h +++ b/src/packet/packet_private.h @@ -5,8 +5,6 @@ extern "C" { #endif -#include "stellar/tunnel.h" -#include "stellar/layer.h" #include "stellar/packet.h" #define PACKET_MAX_LAYERS 32 diff --git a/src/packet/packet.cpp b/src/packet/packet_utils.cpp similarity index 99% rename from src/packet/packet.cpp rename to src/packet/packet_utils.cpp index f581240..2aef882 100644 --- a/src/packet/packet.cpp +++ b/src/packet/packet_utils.cpp @@ -1,5 +1,3 @@ -#include - #include "log.h" #include "tuple.h" #include "uthash.h" diff --git a/src/packet/test/gtest_tunnel.cpp b/src/packet/test/gtest_tunnel.cpp index 0ef510a..6d92cf0 100644 --- a/src/packet/test/gtest_tunnel.cpp +++ b/src/packet/test/gtest_tunnel.cpp @@ -4,8 +4,6 @@ #include "packet_private.h" #include "packet_parser.h" #include "packet_dump.h" -#include "stellar/layer.h" -#include "stellar/tunnel.h" /****************************************************************************** * [Protocols in frame: eth:ethertype:vlan:ethertype:vlan:ethertype:ip:ip:udp:data] diff --git a/src/session/CMakeLists.txt b/src/session/CMakeLists.txt index 5a5e1df..3f0f5db 100644 --- a/src/session/CMakeLists.txt +++ b/src/session/CMakeLists.txt @@ -1,5 +1,5 @@ add_library(session_manager - session.cpp + session_utils.cpp session_pool.cpp session_table.cpp session_timer.cpp diff --git a/src/session/session.cpp b/src/session/session_utils.cpp similarity index 100% rename from src/session/session.cpp rename to src/session/session_utils.cpp diff --git a/test/debug_plugin/debug_plugin.cpp b/test/debug_plugin/debug_plugin.cpp index 8016b1b..24e905e 100644 --- a/test/debug_plugin/debug_plugin.cpp +++ b/test/debug_plugin/debug_plugin.cpp @@ -19,7 +19,6 @@ #pragma GCC diagnostic ignored "-Wunused-parameter" -// NOTE: packet hexdump or tcp segment hexdump may be too long, so we need direct output to fd, instead of using log_print static void log_print(int fd, const char *module, const char *fmt, ...) { static unsigned char weekday_str[7][4] = {"Sun", "Mon", "Tue", "Wed", "Thu", "Fri", "Sat"}; @@ -59,7 +58,6 @@ static void log_print(int fd, const char *module, const char *fmt, ...) struct plugin_ctx { struct stellar *st; - char work_dir[1024]; int sess_exdata_idx; int sess_plug_id; int tcp_topic_id; @@ -98,11 +96,11 @@ static void *on_sess_new(struct session *sess, void *plugin_ctx) if (session_get_type(sess) == SESSION_TYPE_TCP) { memset(buff, 0, sizeof(buff)); - sprintf(buff, "%s/log/debug_plugin_%s_c2s_segment", ctx->work_dir, session_get0_readable_addr(sess)); + sprintf(buff, "./log/debug_plugin_%s_c2s_segment", session_get0_readable_addr(sess)); ctx->c2s_tcp_seg_hexdump_fd = open(buff, O_WRONLY | O_APPEND | O_CREAT, 0644); memset(buff, 0, sizeof(buff)); - sprintf(buff, "%s/log/debug_plugin_%s_s2c_segment", ctx->work_dir, session_get0_readable_addr(sess)); + sprintf(buff, "./log/debug_plugin_%s_s2c_segment", session_get0_readable_addr(sess)); ctx->s2c_tcp_seg_hexdump_fd = open(buff, O_WRONLY | O_APPEND | O_CREAT, 0644); } session_exdata_set(sess, ctx->sess_exdata_idx, exdata); @@ -274,13 +272,6 @@ extern "C" free(ctx); return NULL; } - if (getcwd(ctx->work_dir, sizeof(ctx->work_dir)) == NULL) - { - printf("[debug plugin] getcwd failed: %s\n", strerror(errno)); - close(ctx->fd); - free(ctx); - return NULL; - } pthread_spin_init(&ctx->lock, PTHREAD_PROCESS_PRIVATE); diff --git a/test/packet_inject/packet_inject.cpp b/test/packet_inject/packet_inject.cpp index 7c5d50a..417378a 100644 --- a/test/packet_inject/packet_inject.cpp +++ b/test/packet_inject/packet_inject.cpp @@ -7,7 +7,7 @@ #include "toml.h" #include "stellar/stellar.h" -#include "stellar/layer.h" +#include "stellar/packet.h" #include "stellar/session.h" #include "stellar/stellar_mq.h"