add socks_decoder, stratum_decoder and session_flags

test/decoders/session_flags/test_based_on_stellar/env/log.toml

@@ -0,0 +1,4 @@
+[log]
+output = "stderr"        # stderr, file
+file = "log/stellar.log"
+level = "ERROR"          # TRACE, DEBUG, INFO, WARN, ERROR, FATAL

test/decoders/session_flags/test_based_on_stellar/env/session_flags.toml

@@ -0,0 +1,9 @@
+[SESSION_FLAGS]
+FET_ENABLED=1
+INTERACTIVE_STARTTIME_MS = 10000
+INTERACTIVE_PULSE_NUM = 4
+INTERACTIVE_LATENCY_MS = 5000
+MAIN_DIR_FRONT_N_PKTS = 100
+LARGE_PKTS_INIT_SIZE = 1000
+RANDOM_LOOKING_JUDGE_LIST="{\"random_looking_judge_list\":[ \"frequency\", \"block_frequency\", \"cumulative_sums\", \"runs\", \"longest_run\", \"rank\", \"non_overlapping_template_matching\", \"overlapping_template_matching\", \"universal\", \"random_excursions\", \"random_excursions_variant\", \"poker_detect\", \"runs_distribution\", \"self_correlation\", \"binary_derivative\" ]}"
+TUNNELING_PCRE_LIST="{\"tunneling_pcre_list\":[\"(B|C)(d){3,5}(a|b|c|d)(A|B)b(A|B|C|D)\", \"(B|C)(d){3,5}(a|b|c|d)Aa(A|B|C|D)\", \"(B|C)(d){2}(b|c)(A|B)b(A|B|C|D)\", \"(B|C)(d){2}(b|c)Aa(A|B|C|D)\"]}"

test/decoders/session_flags/test_based_on_stellar/env/spec.toml

@@ -0,0 +1,9 @@
+[[plugin]]
+path = "./plugin/session_flags.so"
+init = "session_flags_plugin_init"
+exit = "session_flags_plugin_exit"
+
+[[plugin]]
+path = "./plugin/session_flags_test.so"
+init = "SESSION_FLAGS_TEST_PLUG_INIT"
+exit = "SESSION_FLAGS_TEST_PLUG_DESTROY"

test/decoders/session_flags/test_based_on_stellar/env/stellar.toml

@@ -0,0 +1,64 @@
+[instance]
+    id = 1 # range: [0, 4095] (20 bit)
+
+[packet_io]
+    mode = "pcapfile"                      # pcapfile, pcaplist, marsio
+    app_symbol = "stellar"
+    dev_symbol = "nf_0_fw"
+    pcap_path = "./pcap/test.pcap"
+    nr_worker_thread = 1                   # range: [1, 256]
+    cpu_mask = [5, 6, 7, 8, 9, 10, 11, 12]
+    idle_yield_interval_ms = 90           # range: [0, 60000] (ms)
+
+[ip_reassembly]
+    enable = 1
+    bucket_entries = 32 # range: [1, 4294967295] (must be power of 2)
+    bucket_num = 1024   # range: [1, 4294967295]
+
+    ip_frag_timeout_ms = 1000             # range: [1, 60000] (ms)
+    ip_frag_expire_polling_interval_ms = 0 # range: [0, 60000] (ms)
+    ip_frag_expire_polling_limit = 1024    # range: [1, 1024]
+
+[session_manager]
+    tcp_session_max = 500
+    udp_session_max = 500
+
+    evict_old_on_tcp_table_limit = 1 # range: [0, 1]
+    evict_old_on_udp_table_limit = 1 # range: [0, 1]
+
+    expire_period_ms = 0    # range: [0, 60000] (ms)
+    expire_batch_max = 1024 # range: [1, 1024]
+
+    [session_manager.tcp_timeout_ms]
+        init = 500             # range: [1, 60000] (ms)
+        handshake = 500        # range: [1, 60000] (ms)
+        data = 500             # range: [1, 15999999000] (ms)
+        half_closed = 500      # range: [1, 604800000] (ms)
+        time_wait = 500        # range: [1, 600000] (ms)
+        discard_default = 1000 # range: [1, 15999999000] (ms)
+        unverified_rst = 500   # range: [1, 600000] (ms)
+
+    [session_manager.udp_timeout_ms]
+        data = 500            # range: [1, 15999999000] (ms)
+        discard_default = 500 # range: [1, 15999999000] (ms)
+
+    [session_manager.duplicated_packet_bloom_filter]
+        enable = 0
+        capacity = 1000000     # range: [1, 4294967295]
+        time_window_ms = 10000 # range: [1, 60000] (ms)
+        error_rate = 0.00001   # range: [0.0, 1.0]
+
+    [session_manager.evicted_session_bloom_filter]
+        enable = 0             # range: [0, 1]
+        capacity = 1000000     # range: [1, 4294967295]
+        time_window_ms = 10000 # range: [1, 60000] (ms)
+        error_rate = 0.00001   # range: [0.0, 1.0]
+
+    [session_manager.tcp_reassembly]
+        enable = 1                  # range: [0, 1]
+        timeout_ms = 100          # range: [1, 60000] (ms)
+        buffered_segments_max = 256 # range: [2, 4096] per flow
+
+[stat]
+    merge_interval_ms = 500    # range: [0, 60000] (ms)
+    output_interval_ms = 1000  # range: [0, 60000] (ms)