gfwleak/stellar-stellar
Archived
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

optimize session manager config

Browse Source
This commit is contained in:
luwenpeng
2024-08-30 18:33:41 +08:00
parent d1d5e6e09e
commit 82cb1eaeeb
26 changed files with 632 additions and 1319 deletions
Download Patch File Download Diff File Expand all files Collapse all files

294
infra/session_manager/session_manager.c
View File

@@ -4,8 +4,6 @@
#include <errno.h>
#include "utils.h"
#include "toml.h"
#include "log_private.h"
#include "packet_helper.h"
#include "packet_filter.h"
#include "session_private.h"
@@ -141,13 +139,13 @@ static void tcp_clean(struct session_manager *mgr, struct session *sess)
static int tcp_init(struct session_manager *mgr, struct session *sess)
{
if (!mgr->cfg.tcp_reassembly_enable)
if (!mgr->cfg.tcp_reassembly.enable)
{
return 0;
}
sess->tcp_halfs[FLOW_DIRECTION_C2S].assembler = tcp_reassembly_new(mgr->cfg.tcp_reassembly_max_timeout_ms, mgr->cfg.tcp_reassembly_max_segments);
sess->tcp_halfs[FLOW_DIRECTION_S2C].assembler = tcp_reassembly_new(mgr->cfg.tcp_reassembly_max_timeout_ms, mgr->cfg.tcp_reassembly_max_segments);
sess->tcp_halfs[FLOW_DIRECTION_C2S].assembler = tcp_reassembly_new(mgr->cfg.tcp_reassembly.timeout_ms, mgr->cfg.tcp_reassembly.buffered_segments_max);
sess->tcp_halfs[FLOW_DIRECTION_S2C].assembler = tcp_reassembly_new(mgr->cfg.tcp_reassembly.timeout_ms, mgr->cfg.tcp_reassembly.buffered_segments_max);
if (sess->tcp_halfs[FLOW_DIRECTION_C2S].assembler == NULL || sess->tcp_halfs[FLOW_DIRECTION_S2C].assembler == NULL)
{
tcp_clean(mgr, sess);
@@ -180,7 +178,7 @@ static void tcp_update(struct session_manager *mgr, struct session *sess, enum f
half->ack = tcp_hdr_get_ack(hdr);
half->len = tcp_layer->pld_len;
if (!mgr->cfg.tcp_reassembly_enable)
if (!mgr->cfg.tcp_reassembly.enable)
{
if (len)
{
@@ -330,7 +328,7 @@ static enum flow_direction identify_direction_by_history(const struct session *s
// on new session
static int tcp_overload_bypass(struct session_manager *mgr, const struct tuple6 *key)
{
if (key->ip_proto == IPPROTO_TCP && mgr->stat.tcp_sess_used >= mgr->cfg.max_tcp_session_num)
if (key->ip_proto == IPPROTO_TCP && mgr->stat.tcp_sess_used >= mgr->cfg.tcp_session_max)
{
mgr->stat.tcp_pkts_bypass_table_full++;
return 1;
@@ -340,7 +338,7 @@ static int tcp_overload_bypass(struct session_manager *mgr, const struct tuple6
static int udp_overload_bypass(struct session_manager *mgr, const struct tuple6 *key)
{
if (key->ip_proto == IPPROTO_UDP && mgr->stat.udp_sess_used >= mgr->cfg.max_udp_session_num)
if (key->ip_proto == IPPROTO_UDP && mgr->stat.udp_sess_used >= mgr->cfg.udp_session_max)
{
mgr->stat.udp_pkts_bypass_table_full++;
return 1;
@@ -350,7 +348,7 @@ static int udp_overload_bypass(struct session_manager *mgr, const struct tuple6
static int evicted_session_bypass(struct session_manager *mgr, const struct tuple6 *key)
{
if (mgr->cfg.evicted_session_filter_enable && session_filter_lookup(mgr->evicte_sess_filter, key, mgr->now_ms))
if (mgr->cfg.evicted_session_bloom_filter.enable && session_filter_lookup(mgr->evicte_sess_filter, key, mgr->now_ms))
{
mgr->stat.udp_pkts_bypass_session_evicted++;
return 1;
@@ -362,7 +360,7 @@ static int evicted_session_bypass(struct session_manager *mgr, const struct tupl
// on update session
static int duplicated_packet_bypass(struct session_manager *mgr, struct session *sess, const struct packet *pkt, const struct tuple6 *key)
{
if (mgr->cfg.duplicated_packet_filter_enable == 0)
if (mgr->cfg.duplicated_packet_bloom_filter.enable == 0)
{
return 0;
}
@@ -517,7 +515,7 @@ static void session_manager_evicte_session(struct session_manager *mgr, struct s
case SESSION_TYPE_UDP:
SESSION_LOG_DEBUG("evicte udp old session: %lu", session_get_id(sess));
session_table_del(mgr->udp_sess_table, sess);
if (mgr->cfg.evicted_session_filter_enable)
if (mgr->cfg.evicted_session_bloom_filter.enable)
{
session_filter_add(mgr->evicte_sess_filter, session_get_tuple6(sess), mgr->now_ms);
}
@@ -574,7 +572,7 @@ static struct session *session_manager_new_tcp_session(struct session_manager *m
}
// tcp table full evict old session
if (mgr->cfg.tcp_overload_evict_old_sess && mgr->stat.tcp_sess_used >= mgr->cfg.max_tcp_session_num - EVICTE_SESSION_BURST)
if (mgr->cfg.evict_old_on_tcp_table_limit && mgr->stat.tcp_sess_used >= mgr->cfg.tcp_session_max - EVICTE_SESSION_BURST)
{
struct session *evic_sess = session_table_find_lru(mgr->tcp_sess_table);
session_manager_evicte_session(mgr, evic_sess, LRU_EVICT);
@@ -603,11 +601,11 @@ static struct session *session_manager_new_tcp_session(struct session_manager *m
}
tcp_update(mgr, sess, dir, tcp_layer);
uint64_t timeout = (flags & TH_ACK) ? mgr->cfg.tcp_handshake_timeout_ms : mgr->cfg.tcp_init_timeout_ms;
uint64_t timeout = (flags & TH_ACK) ? mgr->cfg.tcp_timeout_ms.handshake : mgr->cfg.tcp_timeout_ms.init;
session_timer_update(mgr->sess_timer, sess, mgr->now_ms + timeout);
session_table_add(mgr->tcp_sess_table, sess);
if (mgr->cfg.duplicated_packet_filter_enable)
if (mgr->cfg.duplicated_packet_bloom_filter.enable)
{
packet_filter_add(mgr->dup_pkt_filter, pkt, mgr->now_ms);
}
@@ -622,7 +620,7 @@ static struct session *session_manager_new_tcp_session(struct session_manager *m
static struct session *session_manager_new_udp_session(struct session_manager *mgr, const struct packet *pkt, const struct tuple6 *key)
{
// udp table full evict old session
if (mgr->cfg.udp_overload_evict_old_sess && mgr->stat.udp_sess_used >= mgr->cfg.max_udp_session_num - EVICTE_SESSION_BURST)
if (mgr->cfg.evict_old_on_udp_table_limit && mgr->stat.udp_sess_used >= mgr->cfg.udp_session_max - EVICTE_SESSION_BURST)
{
struct session *evic_sess = session_table_find_lru(mgr->udp_sess_table);
session_manager_evicte_session(mgr, evic_sess, LRU_EVICT);
@@ -643,7 +641,7 @@ static struct session *session_manager_new_udp_session(struct session_manager *m
session_update(mgr, sess, next_state, pkt, key, dir);
session_transition_log(sess, SESSION_STATE_INIT, next_state, UDP_DATA);
session_timer_update(mgr->sess_timer, sess, mgr->now_ms + mgr->cfg.udp_data_timeout_ms);
session_timer_update(mgr->sess_timer, sess, mgr->now_ms + mgr->cfg.udp_timeout_ms.data);
session_table_add(mgr->udp_sess_table, sess);
SESS_MGR_STAT_INC(&mgr->stat, next_state, udp);
@@ -698,34 +696,34 @@ static int session_manager_update_tcp_session(struct session_manager *mgr, struc
case SESSION_STATE_OPENING:
if (flags & TH_SYN)
{
timeout = (flags & TH_ACK) ? mgr->cfg.tcp_handshake_timeout_ms : mgr->cfg.tcp_init_timeout_ms;
timeout = (flags & TH_ACK) ? mgr->cfg.tcp_timeout_ms.handshake : mgr->cfg.tcp_timeout_ms.init;
}
else
{
timeout = mgr->cfg.tcp_data_timeout_ms;
timeout = mgr->cfg.tcp_timeout_ms.data;
}
break;
case SESSION_STATE_ACTIVE:
timeout = mgr->cfg.tcp_data_timeout_ms;
timeout = mgr->cfg.tcp_timeout_ms.data;
break;
case SESSION_STATE_CLOSING:
if (flags & TH_FIN)
{
timeout = (peer->history & TH_FIN) ? mgr->cfg.tcp_time_wait_timeout_ms : mgr->cfg.tcp_half_closed_timeout_ms;
timeout = (peer->history & TH_FIN) ? mgr->cfg.tcp_timeout_ms.time_wait : mgr->cfg.tcp_timeout_ms.half_closed;
}
else if (flags & TH_RST)
{
// if fin is received, the expected sequence number should be increased by 1
uint32_t expected = (peer->history & TH_FIN) ? peer->ack + 1 : peer->ack;
timeout = (expected == curr->seq) ? mgr->cfg.tcp_time_wait_timeout_ms : mgr->cfg.tcp_unverified_rst_timeout_ms;
timeout = (expected == curr->seq) ? mgr->cfg.tcp_timeout_ms.time_wait : mgr->cfg.tcp_timeout_ms.unverified_rst;
}
else
{
timeout = mgr->cfg.tcp_data_timeout_ms;
timeout = mgr->cfg.tcp_timeout_ms.data;
}
break;
case SESSION_STATE_DISCARD:
timeout = mgr->cfg.tcp_discard_timeout_ms;
timeout = mgr->cfg.tcp_timeout_ms.discard_default;
break;
default:
assert(0);
@@ -748,11 +746,11 @@ static int session_manager_update_udp_session(struct session_manager *mgr, struc
if (session_get_current_state(sess) == SESSION_STATE_DISCARD)
{
session_timer_update(mgr->sess_timer, sess, mgr->now_ms + mgr->cfg.udp_discard_timeout_ms);
session_timer_update(mgr->sess_timer, sess, mgr->now_ms + mgr->cfg.udp_timeout_ms.discard_default);
}
else
{
session_timer_update(mgr->sess_timer, sess, mgr->now_ms + mgr->cfg.udp_data_timeout_ms);
session_timer_update(mgr->sess_timer, sess, mgr->now_ms + mgr->cfg.udp_timeout_ms.data);
}
SESS_MGR_STAT_UPDATE(&mgr->stat, curr_state, next_state, udp);
@@ -774,127 +772,6 @@ static inline uint8_t ipv6_in_range(const struct in6_addr *addr, const struct in
* session manager public API
******************************************************************************/
#define PARSE_AND_CHECK_NUM(table, key, val, min, max) \
do \
{ \
const char *ptr = toml_raw_in(table, (key)); \
if (ptr == NULL) \
{ \
SESSION_LOG_ERROR("config file missing session_manager.%s", (key)); \
goto error_out; \
} \
(val) = atoll(ptr); \
if ((val) < (min) || (val) > (max)) \
{ \
SESSION_LOG_ERROR("invalid session_manager.%s: %lu, supported range: [%lu, %lu]", (key), (val), (min), (max)); \
goto error_out; \
} \
} while (0)
#define PARSE_AND_CHECK_DOUBLE(table, key, val, min, max) \
do \
{ \
const char *ptr = toml_raw_in(table, (key)); \
if (ptr == NULL) \
{ \
SESSION_LOG_ERROR("config file missing session_manager.%s", (key)); \
goto error_out; \
} \
(val) = atof(ptr); \
if ((val) < (min) || (val) > (max)) \
{ \
SESSION_LOG_ERROR("invalid session_manager.%s: %lu, supported range: [%f, %f]", (key), (val), (min), (max)); \
goto error_out; \
} \
} while (0)
int session_manager_config_load(struct session_manager_config *cfg, const char *toml_file)
{
int ret = -1;
char errbuf[200];
FILE *fp = NULL;
toml_table_t *root = NULL;
toml_table_t *table = NULL;
uint64_t zero = 0; // make compiler happy
fp = fopen(toml_file, "r");
if (fp == NULL)
{
SESSION_LOG_ERROR("config file %s open failed, %s", toml_file, strerror(errno));
goto error_out;
}
root = toml_parse_file(fp, errbuf, sizeof(errbuf));
if (root == NULL)
{
SESSION_LOG_ERROR("config file %s parse failed, %s", toml_file, errbuf);
goto error_out;
}
table = toml_table_in(root, "session_manager");
if (table == NULL)
{
SESSION_LOG_ERROR("config file %s missing session_manager", toml_file);
goto error_out;
}
// max session number
PARSE_AND_CHECK_NUM(table, "max_tcp_session_num", cfg->max_tcp_session_num, EVICTE_SESSION_BURST * 2, UINT64_MAX);
PARSE_AND_CHECK_NUM(table, "max_udp_session_num", cfg->max_udp_session_num, EVICTE_SESSION_BURST * 2, UINT64_MAX);
// session overload
PARSE_AND_CHECK_NUM(table, "tcp_overload_evict_old_sess", cfg->tcp_overload_evict_old_sess, zero, 1);
PARSE_AND_CHECK_NUM(table, "udp_overload_evict_old_sess", cfg->udp_overload_evict_old_sess, zero, 1);
// TCP timeout
PARSE_AND_CHECK_NUM(table, "tcp_init_timeout_ms", cfg->tcp_init_timeout_ms, 1, 60000);
PARSE_AND_CHECK_NUM(table, "tcp_handshake_timeout_ms", cfg->tcp_handshake_timeout_ms, 1, 60000);
PARSE_AND_CHECK_NUM(table, "tcp_data_timeout_ms", cfg->tcp_data_timeout_ms, 1, 15999999000);
PARSE_AND_CHECK_NUM(table, "tcp_half_closed_timeout_ms", cfg->tcp_half_closed_timeout_ms, 1, 604800000);
PARSE_AND_CHECK_NUM(table, "tcp_time_wait_timeout_ms", cfg->tcp_time_wait_timeout_ms, 1, 60000);
PARSE_AND_CHECK_NUM(table, "tcp_discard_timeout_ms", cfg->tcp_discard_timeout_ms, 1, 15999999000);
PARSE_AND_CHECK_NUM(table, "tcp_unverified_rst_timeout_ms", cfg->tcp_unverified_rst_timeout_ms, 1, 60000);
// UDP timeout
PARSE_AND_CHECK_NUM(table, "udp_data_timeout_ms", cfg->udp_data_timeout_ms, 1, 15999999000);
PARSE_AND_CHECK_NUM(table, "udp_discard_timeout_ms", cfg->udp_discard_timeout_ms, 1, 15999999000);
// limit
PARSE_AND_CHECK_NUM(table, "session_expire_polling_interval_ms", cfg->session_expire_polling_interval_ms, zero, 60000);
PARSE_AND_CHECK_NUM(table, "session_expire_polling_limit", cfg->session_expire_polling_limit, 1, 1024);
// duplicated packet filter
PARSE_AND_CHECK_NUM(table, "duplicated_packet_filter_enable", cfg->duplicated_packet_filter_enable, zero, 1);
PARSE_AND_CHECK_NUM(table, "duplicated_packet_filter_capacity", cfg->duplicated_packet_filter_capacity, 1, 4294967295);
PARSE_AND_CHECK_NUM(table, "duplicated_packet_filter_timeout_ms", cfg->duplicated_packet_filter_timeout_ms, 1, 60000);
PARSE_AND_CHECK_DOUBLE(table, "duplicated_packet_filter_error_rate", cfg->duplicated_packet_filter_error_rate, 0.0, 1.0);
// eviction session filter
PARSE_AND_CHECK_NUM(table, "evicted_session_filter_enable", cfg->evicted_session_filter_enable, zero, 1);
PARSE_AND_CHECK_NUM(table, "evicted_session_filter_capacity", cfg->evicted_session_filter_capacity, 1, 4294967295);
PARSE_AND_CHECK_NUM(table, "evicted_session_filter_timeout_ms", cfg->evicted_session_filter_timeout_ms, 1, 60000);
PARSE_AND_CHECK_DOUBLE(table, "evicted_session_filter_error_rate", cfg->evicted_session_filter_error_rate, 0.0, 1.0);
// TCP reassembly
PARSE_AND_CHECK_NUM(table, "tcp_reassembly_enable", cfg->tcp_reassembly_enable, zero, 1);
PARSE_AND_CHECK_NUM(table, "tcp_reassembly_max_timeout_ms", cfg->tcp_reassembly_max_timeout_ms, 1, 60000);
PARSE_AND_CHECK_NUM(table, "tcp_reassembly_max_segments", cfg->tcp_reassembly_max_segments, 1, 512);
ret = 0;
error_out:
if (root)
{
toml_free(root);
}
if (fp)
{
fclose(fp);
}
return ret;
}
struct session_manager_config *session_manager_config_new(const char *toml_file)
{
if (toml_file == NULL)
@@ -908,7 +785,42 @@ struct session_manager_config *session_manager_config_new(const char *toml_file)
return NULL;
}
if (session_manager_config_load(cfg, toml_file) == -1)
int ret = 0;
ret += load_and_validate_toml_integer_config(toml_file, "session_manager.tcp_session_max", (uint64_t *)&cfg->tcp_session_max, EVICTE_SESSION_BURST * 2, UINT64_MAX);
ret += load_and_validate_toml_integer_config(toml_file, "session_manager.udp_session_max", (uint64_t *)&cfg->udp_session_max, EVICTE_SESSION_BURST * 2, UINT64_MAX);
ret += load_and_validate_toml_integer_config(toml_file, "session_manager.evict_old_on_tcp_table_limit", (uint64_t *)&cfg->evict_old_on_tcp_table_limit, 0, 1);
ret += load_and_validate_toml_integer_config(toml_file, "session_manager.evict_old_on_udp_table_limit", (uint64_t *)&cfg->evict_old_on_udp_table_limit, 0, 1);
ret += load_and_validate_toml_integer_config(toml_file, "session_manager.expire_period_ms", (uint64_t *)&cfg->expire_period_ms, 0, 60000);
ret += load_and_validate_toml_integer_config(toml_file, "session_manager.expire_batch_max", (uint64_t *)&cfg->expire_batch_max, 1, 1024);
ret += load_and_validate_toml_integer_config(toml_file, "session_manager.tcp_timeout_ms.init", (uint64_t *)&cfg->tcp_timeout_ms.init, 1, 60000);
ret += load_and_validate_toml_integer_config(toml_file, "session_manager.tcp_timeout_ms.handshake", (uint64_t *)&cfg->tcp_timeout_ms.handshake, 1, 60000);
ret += load_and_validate_toml_integer_config(toml_file, "session_manager.tcp_timeout_ms.data", (uint64_t *)&cfg->tcp_timeout_ms.data, 1, 15999999000);
ret += load_and_validate_toml_integer_config(toml_file, "session_manager.tcp_timeout_ms.half_closed", (uint64_t *)&cfg->tcp_timeout_ms.half_closed, 1, 604800000);
ret += load_and_validate_toml_integer_config(toml_file, "session_manager.tcp_timeout_ms.time_wait", (uint64_t *)&cfg->tcp_timeout_ms.time_wait, 1, 60000);
ret += load_and_validate_toml_integer_config(toml_file, "session_manager.tcp_timeout_ms.discard_default", (uint64_t *)&cfg->tcp_timeout_ms.discard_default, 1, 15999999000);
ret += load_and_validate_toml_integer_config(toml_file, "session_manager.tcp_timeout_ms.unverified_rst", (uint64_t *)&cfg->tcp_timeout_ms.unverified_rst, 1, 60000);
ret += load_and_validate_toml_integer_config(toml_file, "session_manager.udp_timeout_ms.data", (uint64_t *)&cfg->udp_timeout_ms.data, 1, 15999999000);
ret += load_and_validate_toml_integer_config(toml_file, "session_manager.udp_timeout_ms.discard_default", (uint64_t *)&cfg->udp_timeout_ms.discard_default, 1, 15999999000);
ret += load_and_validate_toml_integer_config(toml_file, "session_manager.duplicated_packet_bloom_filter.enable", (uint64_t *)&cfg->duplicated_packet_bloom_filter.enable, 0, 1);
ret += load_and_validate_toml_integer_config(toml_file, "session_manager.duplicated_packet_bloom_filter.capacity", (uint64_t *)&cfg->duplicated_packet_bloom_filter.capacity, 1, 4294967295);
ret += load_and_validate_toml_integer_config(toml_file, "session_manager.duplicated_packet_bloom_filter.time_window_ms", (uint64_t *)&cfg->duplicated_packet_bloom_filter.time_window_ms, 1, 60000);
ret += load_and_validate_toml_double_config(toml_file, "session_manager.duplicated_packet_bloom_filter.error_rate", (double *)&cfg->duplicated_packet_bloom_filter.error_rate, 0.0, 1.0);
ret += load_and_validate_toml_integer_config(toml_file, "session_manager.evicted_session_bloom_filter.enable", (uint64_t *)&cfg->evicted_session_bloom_filter.enable, 0, 1);
ret += load_and_validate_toml_integer_config(toml_file, "session_manager.evicted_session_bloom_filter.capacity", (uint64_t *)&cfg->evicted_session_bloom_filter.capacity, 1, 4294967295);
ret += load_and_validate_toml_integer_config(toml_file, "session_manager.evicted_session_bloom_filter.time_window_ms", (uint64_t *)&cfg->evicted_session_bloom_filter.time_window_ms, 1, 60000);
ret += load_and_validate_toml_double_config(toml_file, "session_manager.evicted_session_bloom_filter.error_rate", (double *)&cfg->evicted_session_bloom_filter.error_rate, 0.0, 1.0);
ret += load_and_validate_toml_integer_config(toml_file, "session_manager.tcp_reassembly.enable", (uint64_t *)&cfg->tcp_reassembly.enable, 0, 1);
ret += load_and_validate_toml_integer_config(toml_file, "session_manager.tcp_reassembly.timeout_ms", (uint64_t *)&cfg->tcp_reassembly.timeout_ms, 1, 60000);
ret += load_and_validate_toml_integer_config(toml_file, "session_manager.tcp_reassembly.buffered_segments_max", (uint64_t *)&cfg->tcp_reassembly.buffered_segments_max, 1, 512);
if (ret != 0)
{
session_manager_config_free(cfg);
return NULL;
@@ -931,46 +843,46 @@ void session_manager_config_print(struct session_manager_config *cfg)
if (cfg)
{
// max session number
SESSION_LOG_INFO("session_manager.max_tcp_session_num : %lu", cfg->max_tcp_session_num);
SESSION_LOG_INFO("session_manager.max_udp_session_num : %lu", cfg->max_udp_session_num);
SESSION_LOG_INFO("session_manager.tcp_session_max : %lu", cfg->tcp_session_max);
SESSION_LOG_INFO("session_manager.udp_session_max : %lu", cfg->udp_session_max);
// session overload
SESSION_LOG_INFO("session_manager.tcp_overload_evict_old_sess : %d", cfg->tcp_overload_evict_old_sess);
SESSION_LOG_INFO("session_manager.udp_overload_evict_old_sess : %d", cfg->udp_overload_evict_old_sess);
SESSION_LOG_INFO("session_manager.evict_old_on_tcp_table_limit : %d", cfg->evict_old_on_tcp_table_limit);
SESSION_LOG_INFO("session_manager.evict_old_on_udp_table_limit : %d", cfg->evict_old_on_udp_table_limit);
// TCP timeout
SESSION_LOG_INFO("session_manager.tcp_init_timeout_ms : %lu", cfg->tcp_init_timeout_ms);
SESSION_LOG_INFO("session_manager.tcp_handshake_timeout_ms : %lu", cfg->tcp_handshake_timeout_ms);
SESSION_LOG_INFO("session_manager.tcp_data_timeout_ms : %lu", cfg->tcp_data_timeout_ms);
SESSION_LOG_INFO("session_manager.tcp_half_closed_timeout_ms : %lu", cfg->tcp_half_closed_timeout_ms);
SESSION_LOG_INFO("session_manager.tcp_time_wait_timeout_ms : %lu", cfg->tcp_time_wait_timeout_ms);
SESSION_LOG_INFO("session_manager.tcp_discard_timeout_ms : %lu", cfg->tcp_discard_timeout_ms);
SESSION_LOG_INFO("session_manager.tcp_unverified_rst_timeout_ms : %lu", cfg->tcp_unverified_rst_timeout_ms);
SESSION_LOG_INFO("session_manager.tcp_timeout_ms.init : %lu", cfg->tcp_timeout_ms.init);
SESSION_LOG_INFO("session_manager.tcp_timeout_ms.handshake : %lu", cfg->tcp_timeout_ms.handshake);
SESSION_LOG_INFO("session_manager.tcp_timeout_ms.data : %lu", cfg->tcp_timeout_ms.data);
SESSION_LOG_INFO("session_manager.tcp_timeout_ms.half_closed : %lu", cfg->tcp_timeout_ms.half_closed);
SESSION_LOG_INFO("session_manager.tcp_timeout_ms.time_wait : %lu", cfg->tcp_timeout_ms.time_wait);
SESSION_LOG_INFO("session_manager.tcp_timeout_ms.discard_default : %lu", cfg->tcp_timeout_ms.discard_default);
SESSION_LOG_INFO("session_manager.tcp_timeout_ms.unverified_rst : %lu", cfg->tcp_timeout_ms.unverified_rst);
// UDP timeout
SESSION_LOG_INFO("session_manager.udp_data_timeout_ms : %lu", cfg->udp_data_timeout_ms);
SESSION_LOG_INFO("session_manager.udp_discard_timeout_ms : %lu", cfg->udp_discard_timeout_ms);
SESSION_LOG_INFO("session_manager.udp_timeout_ms.data : %lu", cfg->udp_timeout_ms.data);
SESSION_LOG_INFO("session_manager.udp_timeout_ms.discard_default : %lu", cfg->udp_timeout_ms.discard_default);
// limit
SESSION_LOG_INFO("session_manager.session_expire_polling_interval_ms : %lu", cfg->session_expire_polling_interval_ms);
SESSION_LOG_INFO("session_manager.session_expire_polling_limit : %lu", cfg->session_expire_polling_limit);
SESSION_LOG_INFO("session_manager.expire_period_ms : %lu", cfg->expire_period_ms);
SESSION_LOG_INFO("session_manager.expire_batch_max : %lu", cfg->expire_batch_max);
// duplicated packet filter
SESSION_LOG_INFO("session_manager.duplicated_packet_filter_enable : %d", cfg->duplicated_packet_filter_enable);
SESSION_LOG_INFO("session_manager.duplicated_packet_filter_capacity : %lu", cfg->duplicated_packet_filter_capacity);
SESSION_LOG_INFO("session_manager.duplicated_packet_filter_timeout_ms : %lu", cfg->duplicated_packet_filter_timeout_ms);
SESSION_LOG_INFO("session_manager.duplicated_packet_filter_error_rate : %f", cfg->duplicated_packet_filter_error_rate);
SESSION_LOG_INFO("session_manager.duplicated_packet_bloom_filter.enable : %d", cfg->duplicated_packet_bloom_filter.enable);
SESSION_LOG_INFO("session_manager.duplicated_packet_bloom_filter.capacity : %lu", cfg->duplicated_packet_bloom_filter.capacity);
SESSION_LOG_INFO("session_manager.duplicated_packet_bloom_filter.time_window_ms : %lu", cfg->duplicated_packet_bloom_filter.time_window_ms);
SESSION_LOG_INFO("session_manager.duplicated_packet_bloom_filter.error_rate : %f", cfg->duplicated_packet_bloom_filter.error_rate);
// eviction session filter
SESSION_LOG_INFO("session_manager.evicted_session_filter_enable : %d", cfg->evicted_session_filter_enable);
SESSION_LOG_INFO("session_manager.evicted_session_filter_capacity : %lu", cfg->evicted_session_filter_capacity);
SESSION_LOG_INFO("session_manager.evicted_session_filter_timeout_ms : %lu", cfg->evicted_session_filter_timeout_ms);
SESSION_LOG_INFO("session_manager.evicted_session_filter_error_rate : %f", cfg->evicted_session_filter_error_rate);
SESSION_LOG_INFO("session_manager.evicted_session_bloom_filter.enable : %d", cfg->evicted_session_bloom_filter.enable);
SESSION_LOG_INFO("session_manager.evicted_session_bloom_filter.capacity : %lu", cfg->evicted_session_bloom_filter.capacity);
SESSION_LOG_INFO("session_manager.evicted_session_bloom_filter.time_window_ms : %lu", cfg->evicted_session_bloom_filter.time_window_ms);
SESSION_LOG_INFO("session_manager.evicted_session_bloom_filter.error_rate : %f", cfg->evicted_session_bloom_filter.error_rate);
// TCP reassembly
SESSION_LOG_INFO("session_manager.tcp_reassembly_enable : %d", cfg->tcp_reassembly_enable);
SESSION_LOG_INFO("session_manager.tcp_reassembly_max_timeout_ms : %lu", cfg->tcp_reassembly_max_timeout_ms);
SESSION_LOG_INFO("session_manager.tcp_reassembly_max_segments : %lu", cfg->tcp_reassembly_max_segments);
SESSION_LOG_INFO("session_manager.tcp_reassembly.enable : %d", cfg->tcp_reassembly.enable);
SESSION_LOG_INFO("session_manager.tcp_reassembly.timeout_ms : %lu", cfg->tcp_reassembly.timeout_ms);
SESSION_LOG_INFO("session_manager.tcp_reassembly.buffered_segments_max : %lu", cfg->tcp_reassembly.buffered_segments_max);
}
}
@@ -983,7 +895,7 @@ struct session_manager *session_manager_new(const struct session_manager_config
}
memcpy(&mgr->cfg, cfg, sizeof(struct session_manager_config));
mgr->sess_pool = session_pool_new(mgr->cfg.max_tcp_session_num + mgr->cfg.max_udp_session_num);
mgr->sess_pool = session_pool_new(mgr->cfg.tcp_session_max + mgr->cfg.udp_session_max);
mgr->tcp_sess_table = session_table_new();
mgr->udp_sess_table = session_table_new();
mgr->sess_timer = session_timer_new(now_ms);
@@ -991,21 +903,21 @@ struct session_manager *session_manager_new(const struct session_manager_config
{
goto error;
}
if (mgr->cfg.evicted_session_filter_enable)
if (mgr->cfg.evicted_session_bloom_filter.enable)
{
mgr->evicte_sess_filter = session_filter_new(mgr->cfg.evicted_session_filter_capacity,
mgr->cfg.evicted_session_filter_timeout_ms,
mgr->cfg.evicted_session_filter_error_rate, now_ms);
mgr->evicte_sess_filter = session_filter_new(mgr->cfg.evicted_session_bloom_filter.capacity,
mgr->cfg.evicted_session_bloom_filter.time_window_ms,
mgr->cfg.evicted_session_bloom_filter.error_rate, now_ms);
if (mgr->evicte_sess_filter == NULL)
{
goto error;
}
}
if (mgr->cfg.duplicated_packet_filter_enable)
if (mgr->cfg.duplicated_packet_bloom_filter.enable)
{
mgr->dup_pkt_filter = packet_filter_new(mgr->cfg.duplicated_packet_filter_capacity,
mgr->cfg.duplicated_packet_filter_timeout_ms,
mgr->cfg.duplicated_packet_filter_error_rate, now_ms);
mgr->dup_pkt_filter = packet_filter_new(mgr->cfg.duplicated_packet_bloom_filter.capacity,
mgr->cfg.duplicated_packet_bloom_filter.time_window_ms,
mgr->cfg.duplicated_packet_bloom_filter.error_rate, now_ms);
if (mgr->dup_pkt_filter == NULL)
{
goto error;
@@ -1046,11 +958,11 @@ void session_manager_free(struct session_manager *mgr)
{
session_manager_free_session(mgr, sess);
}
if (mgr->cfg.evicted_session_filter_enable)
if (mgr->cfg.evicted_session_bloom_filter.enable)
{
session_filter_free(mgr->evicte_sess_filter);
}
if (mgr->cfg.duplicated_packet_filter_enable)
if (mgr->cfg.duplicated_packet_bloom_filter.enable)
{
packet_filter_free(mgr->dup_pkt_filter);
}
@@ -1070,7 +982,7 @@ void session_manager_set_session_id_generator(struct session_manager *mgr, sessi
void session_manager_record_duplicated_packet(struct session_manager *mgr, const struct packet *pkt)
{
if (mgr->cfg.duplicated_packet_filter_enable)
if (mgr->cfg.duplicated_packet_bloom_filter.enable)
{
packet_filter_add(mgr->dup_pkt_filter, pkt, mgr->now_ms);
}
@@ -1255,10 +1167,10 @@ struct session *session_manager_get_expired_session(struct session_manager *mgr,
switch (session_get_type(sess))
{
case SESSION_TYPE_TCP:
session_timer_update(mgr->sess_timer, sess, now_ms + mgr->cfg.tcp_data_timeout_ms);
session_timer_update(mgr->sess_timer, sess, now_ms + mgr->cfg.tcp_timeout_ms.data);
break;
case SESSION_TYPE_UDP:
session_timer_update(mgr->sess_timer, sess, now_ms + mgr->cfg.udp_data_timeout_ms);
session_timer_update(mgr->sess_timer, sess, now_ms + mgr->cfg.udp_timeout_ms.data);
break;
default:
assert(0);
@@ -1294,7 +1206,7 @@ uint64_t session_manager_clean_session(struct session_manager *mgr, uint64_t now
uint64_t expired_sess_num = 0;
uint8_t expired_sess_canbe_clean = 0;
if (now_ms - mgr->last_clean_expired_sess_ts >= mgr->cfg.session_expire_polling_interval_ms)
if (now_ms - mgr->last_clean_expired_sess_ts >= mgr->cfg.expire_period_ms)
{
expired_sess_canbe_clean = 1;
}
@@ -1310,7 +1222,7 @@ uint64_t session_manager_clean_session(struct session_manager *mgr, uint64_t now
// then clean expired session
else
{
if (expired_sess_canbe_clean && expired_sess_num < mgr->cfg.session_expire_polling_limit)
if (expired_sess_canbe_clean && expired_sess_num < mgr->cfg.expire_batch_max)
{
mgr->last_clean_expired_sess_ts = now_ms;
sess = session_manager_get_expired_session(mgr, now_ms);
@@ -1356,11 +1268,11 @@ void session_set_discard(struct session *sess)
switch (type)
{
case SESSION_TYPE_TCP:
session_timer_update(mgr->sess_timer, sess, mgr->now_ms + mgr->cfg.tcp_discard_timeout_ms);
session_timer_update(mgr->sess_timer, sess, mgr->now_ms + mgr->cfg.tcp_timeout_ms.discard_default);
SESS_MGR_STAT_UPDATE(&mgr->stat, curr_state, next_state, tcp);
break;
case SESSION_TYPE_UDP:
session_timer_update(mgr->sess_timer, sess, mgr->now_ms + mgr->cfg.udp_discard_timeout_ms);
session_timer_update(mgr->sess_timer, sess, mgr->now_ms + mgr->cfg.udp_timeout_ms.discard_default);
SESS_MGR_STAT_UPDATE(&mgr->stat, curr_state, next_state, udp);
break;
default: