gfwleak/stellar-stellar
Archived
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Update API of manipulation session

Browse Source
This commit is contained in:
luwenpeng
2024-04-01 17:13:26 +08:00
parent 772860c1be
commit a509f0ce3b
32 changed files with 1145 additions and 1347 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
src/duplicated_packet_filter/duplicated_packet_filter.cpp
View File

@@ -34,12 +34,12 @@ struct duplicated_packet_filter
// reutrn -1: error
static inline int duplicated_packet_key_get(const struct packet *packet, struct duplicated_packet_key *key)
{
const struct layer *ipv4_layer = packet_get_innermost_layer(packet, LAYER_TYPE_IPV4);
const struct pkt_layer *ipv4_layer = packet_get_innermost_layer(packet, LAYER_TYPE_IPV4);
if (ipv4_layer == NULL)
{
return -1;
}
const struct layer *tcp_layer = packet_get_innermost_layer(packet, LAYER_TYPE_TCP);
const struct pkt_layer *tcp_layer = packet_get_innermost_layer(packet, LAYER_TYPE_TCP);
if (tcp_layer == NULL)
{
return -1;

8
src/ip_reassembly/ip_reassembly.cpp
View File

@@ -300,7 +300,7 @@ static inline void ip_flow_key_zero(struct ip_flow_key *key)
static inline void ip_frag_hdr_init(struct ip_frag_hdr *hdr, const struct packet *pkt)
{
struct layer *layer = pkt->frag_layer;
struct pkt_layer *layer = pkt->frag_layer;
if (layer->type == LAYER_TYPE_IPV6)
{
@@ -854,7 +854,7 @@ struct packet *ip_reassembly_packet(struct ip_reassembly *assy, const struct pac
return NULL;
}
const struct layer *layer = pkt->frag_layer;
const struct pkt_layer *layer = pkt->frag_layer;
if (layer == NULL)
{
return NULL;
@@ -892,7 +892,7 @@ struct packet *ip_reassembly_packet(struct ip_reassembly *assy, const struct pac
struct packet *ipv4_reassembly_packet(struct ip_reassembly *assy, const struct packet *pkt, uint64_t now)
{
const struct layer *layer = pkt->frag_layer;
const struct pkt_layer *layer = pkt->frag_layer;
const struct ip *hdr = (const struct ip *)layer->hdr_ptr;
uint16_t frag_len = ipv4_hdr_get_total_len(hdr) - ipv4_hdr_get_hdr_len(hdr);
if (frag_len > layer->pld_len)
@@ -978,7 +978,7 @@ struct packet *ipv4_reassembly_packet(struct ip_reassembly *assy, const struct p
struct packet *ipv6_reassembly_packet(struct ip_reassembly *assy, const struct packet *pkt, uint64_t now)
{
const struct layer *layer = pkt->frag_layer;
const struct pkt_layer *layer = pkt->frag_layer;
const struct ip6_hdr *hdr = (const struct ip6_hdr *)layer->hdr_ptr;
const struct ip6_frag *frag_hdr = ipv6_hdr_get_frag_ext(hdr);
if (frag_hdr == NULL)

8
src/ip_reassembly/test/gtest_ipv4_reassembly.cpp
View File

@@ -196,7 +196,7 @@ TEST(IPV4_REASSEMBLE, PADDING_ORDER)
{
struct packet pkt;
struct packet *new_pkt;
const struct layer *layer;
const struct pkt_layer *layer;
struct ip_reassembly *assy;
struct ip_reassembly_options opts = {
.enable = true,
@@ -289,7 +289,7 @@ TEST(IPV4_REASSEMBLE, PADDING_UNORDER)
{
struct packet pkt;
struct packet *new_pkt;
const struct layer *layer;
const struct pkt_layer *layer;
struct ip_reassembly *assy;
struct ip_reassembly_options opts = {
.enable = true,
@@ -433,7 +433,7 @@ TEST(IPV4_REASSEMBLE, DUP_FIRST_FRAG)
{
struct packet pkt;
struct packet *new_pkt;
const struct layer *layer;
const struct pkt_layer *layer;
struct ip_reassembly *assy;
struct ip_reassembly_options opts = {
.enable = true,
@@ -537,7 +537,7 @@ TEST(IPV4_REASSEMBLE, DUP_LAST_FRAG)
{
struct packet pkt;
struct packet *new_pkt;
const struct layer *layer;
const struct pkt_layer *layer;
struct ip_reassembly *assy;
struct ip_reassembly_options opts = {
.enable = true,

6
src/ip_reassembly/test/gtest_ipv6_reassembly.cpp
View File

@@ -607,7 +607,7 @@ TEST(IPV6_REASSEMBLE, NORMAL)
{
struct packet pkt;
struct packet *new_pkt;
const struct layer *layer;
const struct pkt_layer *layer;
struct ip_reassembly *assy;
struct ip_reassembly_options opts = {
.enable = true,
@@ -767,7 +767,7 @@ TEST(IPV6_REASSEMBLE, DUP_FIRST_FRAG)
{
struct packet pkt;
struct packet *new_pkt;
const struct layer *layer;
const struct pkt_layer *layer;
struct ip_reassembly *assy;
struct ip_reassembly_options opts = {
.enable = true,
@@ -887,7 +887,7 @@ TEST(IPV6_REASSEMBLE, DUP_LAST_FRAG)
{
struct packet pkt;
struct packet *new_pkt;
const struct layer *layer;
const struct pkt_layer *layer;
struct ip_reassembly *assy;
struct ip_reassembly_options opts = {
.enable = true,

6
src/ip_reassembly/test/gtest_utils.h
View File

@@ -16,7 +16,7 @@ extern "C"
static inline void packet_set_ipv4_src_addr(struct packet *pkt, uint32_t saddr)
{
const struct layer *ipv4_layer = packet_get_innermost_layer(pkt, LAYER_TYPE_IPV4);
const struct pkt_layer *ipv4_layer = packet_get_innermost_layer(pkt, LAYER_TYPE_IPV4);
EXPECT_TRUE(ipv4_layer);
struct ip *hdr = (struct ip *)ipv4_layer->hdr_ptr;
ipv4_hdr_set_src_addr(hdr, saddr);
@@ -24,7 +24,7 @@ static inline void packet_set_ipv4_src_addr(struct packet *pkt, uint32_t saddr)
static inline void packet_set_ipv6_src_addr(struct packet *pkt, struct in6_addr saddr)
{
const struct layer *ipv6_layer = packet_get_innermost_layer(pkt, LAYER_TYPE_IPV6);
const struct pkt_layer *ipv6_layer = packet_get_innermost_layer(pkt, LAYER_TYPE_IPV6);
EXPECT_TRUE(ipv6_layer);
struct ip6_hdr *hdr = (struct ip6_hdr *)ipv6_layer->hdr_ptr;
ipv6_hdr_set_src_in6_addr(hdr, saddr);
@@ -32,7 +32,7 @@ static inline void packet_set_ipv6_src_addr(struct packet *pkt, struct in6_addr
static inline void packet_set_ipv6_frag_offset(struct packet *pkt, uint16_t offset)
{
const struct layer *ipv6_layer = (struct layer *)packet_get_innermost_layer(pkt, LAYER_TYPE_IPV6);
const struct pkt_layer *ipv6_layer = (struct pkt_layer *)packet_get_innermost_layer(pkt, LAYER_TYPE_IPV6);
EXPECT_TRUE(ipv6_layer);
struct ip6_hdr *hdr = (struct ip6_hdr *)ipv6_layer->hdr_ptr;
struct ip6_frag *frag_hdr = ipv6_hdr_get_frag_ext(hdr);

66
src/packet/packet.cpp
View File

@@ -55,7 +55,7 @@ static inline void set_tuple2(const char *data, enum layer_type type, struct tup
static inline void set_tuple4(const char *data, enum layer_type type, struct tuple4 *tuple);
static inline void set_tuple6(const char *data, enum layer_type type, struct tuple6 *tuple, uint64_t domain);
static inline struct layer *get_free_layer(struct packet *pkt);
static inline struct pkt_layer *get_free_layer(struct packet *pkt);
static inline uint16_t get_gtp_hdr_len(const char *data, uint16_t len);
static inline uint16_t get_gre_hdr_len(const char *data, uint16_t len);
@@ -412,7 +412,7 @@ static inline void set_tuple6(const char *data, enum layer_type type, struct tup
}
}
static inline struct layer *get_free_layer(struct packet *pkt)
static inline struct pkt_layer *get_free_layer(struct packet *pkt)
{
if (pkt->layers_used >= pkt->layers_size)
{
@@ -650,7 +650,7 @@ static inline const char *parse_ether(struct packet *pkt, const char *data, uint
return data;
}
struct layer *layer = get_free_layer(pkt);
struct pkt_layer *layer = get_free_layer(pkt);
if (unlikely(layer == NULL))
{
return data;
@@ -670,7 +670,7 @@ static inline const char *parse_ppp(struct packet *pkt, const char *data, uint16
return data;
}
struct layer *layer = get_free_layer(pkt);
struct pkt_layer *layer = get_free_layer(pkt);
if (unlikely(layer == NULL))
{
return data;
@@ -705,7 +705,7 @@ static inline const char *parse_vlan(struct packet *pkt, const char *data, uint1
return data;
}
struct layer *layer = get_free_layer(pkt);
struct pkt_layer *layer = get_free_layer(pkt);
if (unlikely(layer == NULL))
{
return data;
@@ -728,7 +728,7 @@ static inline const char *parse_pppoe_ses(struct packet *pkt, const char *data,
return data;
}
struct layer *layer = get_free_layer(pkt);
struct pkt_layer *layer = get_free_layer(pkt);
if (unlikely(layer == NULL))
{
return data;
@@ -784,7 +784,7 @@ static inline const char *parse_mpls(struct packet *pkt, const char *data, uint1
return data;
}
struct layer *layer = get_free_layer(pkt);
struct pkt_layer *layer = get_free_layer(pkt);
if (unlikely(layer == NULL))
{
return data;
@@ -860,7 +860,7 @@ static inline const char *parse_ipv4(struct packet *pkt, const char *data, uint1
return data;
}
struct layer *layer = get_free_layer(pkt);
struct pkt_layer *layer = get_free_layer(pkt);
if (unlikely(layer == NULL))
{
return data;
@@ -895,7 +895,7 @@ static inline const char *parse_ipv6(struct packet *pkt, const char *data, uint1
return data;
}
struct layer *layer = get_free_layer(pkt);
struct pkt_layer *layer = get_free_layer(pkt);
if (unlikely(layer == NULL))
{
return data;
@@ -929,7 +929,7 @@ static inline const char *parse_gre(struct packet *pkt, const char *data, uint16
return data;
}
struct layer *layer = get_free_layer(pkt);
struct pkt_layer *layer = get_free_layer(pkt);
if (unlikely(layer == NULL))
{
return data;
@@ -960,7 +960,7 @@ static inline const char *parse_udp(struct packet *pkt, const char *data, uint16
return data;
}
struct layer *layer = get_free_layer(pkt);
struct pkt_layer *layer = get_free_layer(pkt);
if (unlikely(layer == NULL))
{
return data;
@@ -993,7 +993,7 @@ static inline const char *parse_tcp(struct packet *pkt, const char *data, uint16
return data;
}
struct layer *layer = get_free_layer(pkt);
struct pkt_layer *layer = get_free_layer(pkt);
if (unlikely(layer == NULL))
{
return data;
@@ -1025,7 +1025,7 @@ static inline const char *parse_vxlan(struct packet *pkt, const char *data, uint
return data;
}
struct layer *layer = get_free_layer(pkt);
struct pkt_layer *layer = get_free_layer(pkt);
if (unlikely(layer == NULL))
{
return data;
@@ -1045,7 +1045,7 @@ static inline const char *parse_gtpv1_u(struct packet *pkt, const char *data, ui
return data;
}
struct layer *layer = get_free_layer(pkt);
struct pkt_layer *layer = get_free_layer(pkt);
if (unlikely(layer == NULL))
{
return data;
@@ -1149,7 +1149,7 @@ void packet_print(const struct packet *pkt)
pkt->layers_used, pkt->layers_size);
for (uint8_t i = 0; i < pkt->layers_used; i++)
{
const struct layer *layer = &pkt->layers[i];
const struct pkt_layer *layer = &pkt->layers[i];
printf(" layer[%u]: %p, type: %s, hdr_offset: %u, hdr_ptr: %p, hdr_len: %u, pld_ptr: %p, pld_len: %u\n",
i, layer, layer_type_to_str(layer->type), layer->hdr_offset,
layer->hdr_ptr, layer->hdr_len, layer->pld_ptr, layer->pld_len);
@@ -1166,7 +1166,7 @@ void packet_print(const struct packet *pkt)
int packet_get_innermost_tuple2(const struct packet *pkt, struct tuple2 *tuple)
{
memset(tuple, 0, sizeof(struct tuple2));
const struct layer *layer = NULL;
const struct pkt_layer *layer = NULL;
for (int8_t i = pkt->layers_used - 1; i >= 0; i--)
{
@@ -1187,7 +1187,7 @@ int packet_get_innermost_tuple2(const struct packet *pkt, struct tuple2 *tuple)
int packet_get_outermost_tuple2(const struct packet *pkt, struct tuple2 *tuple)
{
memset(tuple, 0, sizeof(struct tuple2));
const struct layer *layer = NULL;
const struct pkt_layer *layer = NULL;
for (int8_t i = 0; i < pkt->layers_used; i++)
{
@@ -1208,9 +1208,9 @@ int packet_get_outermost_tuple2(const struct packet *pkt, struct tuple2 *tuple)
int packet_get_innermost_tuple4(const struct packet *pkt, struct tuple4 *tuple)
{
memset(tuple, 0, sizeof(struct tuple4));
const struct layer *layer_l3 = NULL;
const struct layer *layer_l4 = NULL;
const struct layer *layer = NULL;
const struct pkt_layer *layer_l3 = NULL;
const struct pkt_layer *layer_l4 = NULL;
const struct pkt_layer *layer = NULL;
for (int8_t i = pkt->layers_used - 1; i >= 0; i--)
{
@@ -1248,9 +1248,9 @@ int packet_get_innermost_tuple4(const struct packet *pkt, struct tuple4 *tuple)
int packet_get_outermost_tuple4(const struct packet *pkt, struct tuple4 *tuple)
{
memset(tuple, 0, sizeof(struct tuple4));
const struct layer *layer_l3 = NULL;
const struct layer *layer_l4 = NULL;
const struct layer *layer = NULL;
const struct pkt_layer *layer_l3 = NULL;
const struct pkt_layer *layer_l4 = NULL;
const struct pkt_layer *layer = NULL;
for (int8_t i = 0; i < pkt->layers_used; i++)
{
@@ -1288,9 +1288,9 @@ int packet_get_outermost_tuple4(const struct packet *pkt, struct tuple4 *tuple)
int packet_get_innermost_tuple6(const struct packet *pkt, struct tuple6 *tuple)
{
memset(tuple, 0, sizeof(struct tuple6));
const struct layer *layer_l3 = NULL;
const struct layer *layer_l4 = NULL;
const struct layer *layer = NULL;
const struct pkt_layer *layer_l3 = NULL;
const struct pkt_layer *layer_l4 = NULL;
const struct pkt_layer *layer = NULL;
const struct metadata *meta = &pkt->meta;
for (int8_t i = pkt->layers_used - 1; i >= 0; i--)
@@ -1329,9 +1329,9 @@ int packet_get_innermost_tuple6(const struct packet *pkt, struct tuple6 *tuple)
int packet_get_outermost_tuple6(const struct packet *pkt, struct tuple6 *tuple)
{
memset(tuple, 0, sizeof(struct tuple6));
const struct layer *layer_l3 = NULL;
const struct layer *layer_l4 = NULL;
const struct layer *layer = NULL;
const struct pkt_layer *layer_l3 = NULL;
const struct pkt_layer *layer_l4 = NULL;
const struct pkt_layer *layer = NULL;
const struct metadata *meta = &pkt->meta;
for (int8_t i = 0; i < pkt->layers_used; i++)
@@ -1365,9 +1365,9 @@ int packet_get_outermost_tuple6(const struct packet *pkt, struct tuple6 *tuple)
}
}
const struct layer *packet_get_innermost_layer(const struct packet *pkt, enum layer_type type)
const struct pkt_layer *packet_get_innermost_layer(const struct packet *pkt, enum layer_type type)
{
const struct layer *layer = NULL;
const struct pkt_layer *layer = NULL;
for (int8_t i = pkt->layers_used - 1; i >= 0; i--)
{
@@ -1381,9 +1381,9 @@ const struct layer *packet_get_innermost_layer(const struct packet *pkt, enum la
return NULL;
}
const struct layer *packet_get_outermost_layer(const struct packet *pkt, enum layer_type type)
const struct pkt_layer *packet_get_outermost_layer(const struct packet *pkt, enum layer_type type)
{
const struct layer *layer = NULL;
const struct pkt_layer *layer = NULL;
for (int8_t i = 0; i < pkt->layers_used; i++)
{

10
src/packet/packet.h
View File

@@ -102,7 +102,7 @@ struct metadata
enum packet_type type;
};
struct layer
struct pkt_layer
{
enum layer_type type;
const char *hdr_ptr; // header pointer
@@ -114,8 +114,8 @@ struct layer
struct packet
{
struct layer layers[PACKET_MAX_LAYERS];
struct layer *frag_layer; // fragment layer
struct pkt_layer layers[PACKET_MAX_LAYERS];
struct pkt_layer *frag_layer; // fragment layer
int8_t layers_used;
int8_t layers_size;
@@ -145,8 +145,8 @@ int packet_get_outermost_tuple4(const struct packet *pkt, struct tuple4 *tuple);
int packet_get_innermost_tuple6(const struct packet *pkt, struct tuple6 *tuple);
int packet_get_outermost_tuple6(const struct packet *pkt, struct tuple6 *tuple);
const struct layer *packet_get_innermost_layer(const struct packet *pkt, enum layer_type type);
const struct layer *packet_get_outermost_layer(const struct packet *pkt, enum layer_type type);
const struct pkt_layer *packet_get_innermost_layer(const struct packet *pkt, enum layer_type type);
const struct pkt_layer *packet_get_outermost_layer(const struct packet *pkt, enum layer_type type);
// direction 1: E2I
// direction 0: I2E

372
src/packet/test/gtest_packet.cpp
View File

File diff suppressed because it is too large Load Diff

509
src/session/session.cpp
View File

@@ -1,6 +1,7 @@
#include <assert.h>
#include "session_private.h"
#include "session.h"
#include "tcp_utils.h"
#define EX_KEY_MAX_LEN 64
@@ -20,7 +21,7 @@ struct ex_manager
static struct ex_manager g_ex_manager = {0};
/******************************************************************************
* session
* session set/get
******************************************************************************/
void session_init(struct session *sess)
@@ -28,7 +29,6 @@ void session_init(struct session *sess)
memset(sess, 0, sizeof(struct session));
}
// session id
void session_set_id(struct session *sess, uint64_t id)
{
sess->id = id;
@@ -39,28 +39,36 @@ uint64_t session_get_id(const struct session *sess)
return sess->id;
}
// session tuple6
void session_set_key(struct session *sess, const struct tuple6 *tuple)
void session_set_tuple(struct session *sess, const struct tuple6 *tuple)
{
memcpy(&sess->tuple, tuple, sizeof(struct tuple6));
}
const struct tuple6 *session_get0_key(const struct session *sess)
const struct tuple6 *session_get_tuple(const struct session *sess)
{
return &sess->tuple;
}
void session_set_key_dir(struct session *sess, enum session_dir dir)
void session_set_tuple_dir(struct session *sess, enum session_dir dir)
{
sess->tuple_dir = dir;
}
enum session_dir session_get_key_dir(const struct session *sess)
enum session_dir session_get_tuple_dir(const struct session *sess)
{
return sess->tuple_dir;
}
// session state
void session_set_cur_dir(struct session *sess, enum session_dir dir)
{
sess->cur_dir = dir;
}
enum session_dir session_get_cur_dir(const struct session *sess)
{
return sess->cur_dir;
}
void session_set_state(struct session *sess, enum session_state state)
{
sess->state = state;
@@ -71,7 +79,6 @@ enum session_state session_get_state(const struct session *sess)
return sess->state;
}
// session type
void session_set_type(struct session *sess, enum session_type type)
{
sess->type = type;
@@ -82,83 +89,85 @@ enum session_type session_get_type(const struct session *sess)
return sess->type;
}
// session dup traffic flag
void session_set_dup_traffic_flag(struct session *sess, enum dup_traffic_flag flag)
void session_set_dup_traffic(struct session *sess)
{
sess->dup_flag = flag;
sess->dup = 1;
}
enum dup_traffic_flag session_get_dup_traffic_flag(const struct session *sess)
int session_has_dup_traffic(const struct session *sess)
{
return sess->dup_flag;
return sess->dup;
}
// closing reason
void session_set_closing_reason(struct session *sess, enum closing_reason reason)
{
sess->closing_reason = reason;
sess->reason = reason;
}
enum closing_reason session_get_closing_reason(const struct session *sess)
{
return sess->closing_reason;
return sess->reason;
}
// session metrics
void session_inc_c2s_metrics(struct session *sess, uint64_t packets, uint64_t bytes)
void session_inc_metric(struct session *sess, enum session_metric_index idx, uint64_t val)
{
sess->c2s_bytes += bytes;
sess->c2s_packets += packets;
sess->metrics[idx] += val;
}
void session_inc_s2c_metrics(struct session *sess, uint64_t packets, uint64_t bytes)
void session_set_metric(struct session *sess, enum session_metric_index idx, uint64_t val)
{
sess->s2c_bytes += bytes;
sess->s2c_packets += packets;
sess->metrics[idx] = val;
}
uint64_t session_get_c2s_bytes(const struct session *sess)
uint64_t session_get_metric(const struct session *sess, enum session_metric_index idx)
{
return sess->c2s_bytes;
return sess->metrics[idx];
}
uint64_t session_get_s2c_bytes(const struct session *sess)
void session_set_timestamp(struct session *sess, enum session_timestamp_index idx, uint64_t timestamp)
{
return sess->s2c_bytes;
sess->timestamps[idx] = timestamp;
}
uint64_t session_get_c2s_packets(const struct session *sess)
uint64_t session_get_timestamp(const struct session *sess, enum session_timestamp_index idx)
{
return sess->c2s_packets;
return sess->timestamps[idx];
}
uint64_t session_get_s2c_packets(const struct session *sess)
void session_set_packet(struct session *sess, enum session_packet_index idx, const struct packet *pkt)
{
return sess->s2c_packets;
}
// session timestamp
void session_set_new_time(struct session *sess, uint64_t timestamp)
if (idx == SESSION_PACKET_CURRENT)
{
sess->create_time = timestamp;
sess->packets[idx] = pkt;
}
void session_set_last_time(struct session *sess, uint64_t timestamp)
else
{
sess->last_time = timestamp;
}
uint64_t session_get_new_time(const struct session *sess)
if (sess->packets[idx])
{
return sess->create_time;
return;
}
sess->packets[idx] = packet_dup(pkt);
}
}
uint64_t session_get_last_time(const struct session *sess)
void session_clean_packet(struct session *sess, enum session_packet_index idx)
{
return sess->last_time;
if (idx == SESSION_PACKET_CURRENT)
{
sess->packets[idx] = NULL;
}
else
{
packet_free((struct packet *)sess->packets[idx]);
sess->packets[idx] = NULL;
}
}
const struct packet *session_get_packet(const struct session *sess, enum session_packet_index idx)
{
return sess->packets[idx];
}
// session user data
void session_set_user_data(struct session *sess, void *user_data)
{
sess->user_data = user_data;
@@ -170,204 +179,236 @@ void *session_get_user_data(const struct session *sess)
}
/******************************************************************************
* session packet
* to string
******************************************************************************/
void session_set_c2s_1st_pkt(struct session *sess, const struct packet *pkt)
const char *closing_reason_to_str(enum closing_reason reason)
{
if (sess->c2s_1st_pkt)
switch (reason)
{
return;
}
sess->c2s_1st_pkt = packet_dup(pkt);
}
void session_set_s2c_1st_pkt(struct session *sess, const struct packet *pkt)
{
if (sess->s2c_1st_pkt)
{
return;
}
sess->s2c_1st_pkt = packet_dup(pkt);
}
const struct packet *session_get0_c2s_1st_pkt(const struct session *sess)
{
return sess->c2s_1st_pkt;
}
const struct packet *session_get0_s2c_1st_pkt(const struct session *sess)
{
return sess->s2c_1st_pkt;
}
const struct packet *session_get0_1st_pkt(const struct session *sess)
{
const struct packet *c2s_1st_pkt = session_get0_c2s_1st_pkt(sess);
if (c2s_1st_pkt)
{
return c2s_1st_pkt;
}
else
{
return session_get0_s2c_1st_pkt(sess);
case CLOSING_BY_TIMEOUT:
return "closing by timeout";
case CLOSING_BY_EVICTED:
return "closing by evicted";
case CLOSING_BY_CLIENT_FIN:
return "closing by client FIN";
case CLOSING_BY_CLIENT_RST:
return "closing by client RST";
case CLOSING_BY_SERVER_FIN:
return "closing by server FIN";
case CLOSING_BY_SERVER_RST:
return "closing by server RST";
default:
return "unknown";
}
}
// session current packet
void session_set0_cur_pkt(struct session *sess, const struct packet *pkt)
const char *session_state_to_str(enum session_state state)
{
sess->cur_pkt = pkt;
switch (state)
{
case SESSION_STATE_INIT:
return "init";
case SESSION_STATE_OPENING:
return "opening";
case SESSION_STATE_ACTIVE:
return "active";
case SESSION_STATE_CLOSING:
return "closing";
case SESSION_STATE_DISCARD:
return "discard";
case SESSION_STATE_CLOSED:
return "closed";
default:
return "unknown";
}
}
const struct packet *session_get0_cur_pkt(const struct session *sess)
const char *session_type_to_str(enum session_type type)
{
return sess->cur_pkt;
switch (type)
{
case SESSION_TYPE_TCP:
return "TCP";
case SESSION_TYPE_UDP:
return "UDP";
default:
return "unknown";
}
}
// session current dir
void session_set_cur_dir(struct session *sess, enum session_dir dir)
const char *session_dir_to_str(enum session_dir dir)
{
sess->cur_dir = dir;
switch (dir)
{
case SESSION_DIR_C2S:
return "C2S";
case SESSION_DIR_S2C:
return "S2C";
default:
return "unknown";
}
}
enum session_dir session_get_cur_dir(const struct session *sess)
void session_dump(struct session *sess)
{
return sess->cur_dir;
char buffer[1024] = {0};
tuple6_to_str(session_get_tuple(sess), buffer, sizeof(buffer));
printf("session id : %" PRIu64 "\n", session_get_id(sess));
printf("session tuple : %s\n", buffer);
printf("session tuple dir : %s\n", session_dir_to_str(session_get_tuple_dir(sess)));
printf("session state : %s\n", session_state_to_str(session_get_state(sess)));
printf("session type : %s\n", session_type_to_str(session_get_type(sess)));
printf("session dup traffic : %d\n", session_has_dup_traffic(sess));
printf("session closing reason : %s\n", closing_reason_to_str(session_get_closing_reason(sess)));
printf("session C2S packets : %" PRIu64 "\n", session_get_metric(sess, SESSION_METRIC_C2S_PACKETS));
printf("session C2S bytes : %" PRIu64 "\n", session_get_metric(sess, SESSION_METRIC_C2S_BYTES));
printf("session S2C packets : %" PRIu64 "\n", session_get_metric(sess, SESSION_METRIC_S2C_PACKETS));
printf("session S2C bytes : %" PRIu64 "\n", session_get_metric(sess, SESSION_METRIC_S2C_BYTES));
printf("session new time : %" PRIu64 "\n", session_get_timestamp(sess, SESSION_TIMESTAMP_NEW));
printf("session last time : %" PRIu64 "\n", session_get_timestamp(sess, SESSION_TIMESTAMP_LAST));
printf("session current packet ptr : %p\n", (void *)session_get_packet(sess, SESSION_PACKET_CURRENT));
printf("session current packet dir : %s\n", session_dir_to_str(session_get_cur_dir(sess)));
printf("session ex data: \n");
for (uint8_t i = 0; i < g_ex_manager.count; i++)
{
printf(" ex_idx: %d, ex_key: %s, ex_data: %p\n", i, g_ex_manager.schemas[i].key, sess->ex_data[i]);
}
}
/******************************************************************************
* session tcp reassembly
* tcp session
******************************************************************************/
int session_new_tcp_reassembly(struct session *sess, struct tcp_reassembly_options *opts)
static void tcp_sub_state_update(struct tcp_session *tcp_sess, enum session_dir dir, uint8_t tcp_flags)
{
sess->c2s_reassembly = tcp_reassembly_new(opts);
if (sess->c2s_reassembly == NULL)
if (tcp_flags & TH_SYN)
{
tcp_sess->sub_state |= (tcp_flags & TH_ACK) ? TCP_SYN_ACK_RCVD : TCP_SYN_RCVD;
}
if (tcp_flags & TH_FIN)
{
tcp_sess->sub_state |= dir == SESSION_DIR_C2S ? TCP_C2S_FIN_RCVD : TCP_S2C_FIN_RCVD;
}
if (tcp_flags & TH_RST)
{
/*
* https://www.rfc-editor.org/rfc/rfc5961#section-3.2
*
* If the RST bit is set and the sequence number exactly matches the
* next expected sequence number (RCV.NXT), then TCP MUST reset the
* connection.
*/
uint16_t curr_seq = dir == SESSION_DIR_C2S ? tcp_sess->c2s_seq : tcp_sess->s2c_seq;
uint16_t expect_seq = dir == SESSION_DIR_C2S ? tcp_sess->s2c_ack : tcp_sess->c2s_ack;
// if fin is received, the expected sequence number should be increased by 1
expect_seq += dir == SESSION_DIR_C2S ? (tcp_sess->sub_state & TCP_S2C_FIN_RCVD ? 1 : 0) : (tcp_sess->sub_state & TCP_C2S_FIN_RCVD ? 1 : 0);
if (curr_seq == expect_seq)
{
tcp_sess->sub_state |= dir == SESSION_DIR_C2S ? TCP_C2S_RST_RCVD : TCP_S2C_RST_RCVD;
}
// RST is unverified if the sequence number is not as expected
else
{
tcp_sess->sub_state |= dir == SESSION_DIR_C2S ? TCP_C2S_UNVERIFIED_RST_RCVD : TCP_S2C_UNVERIFIED_RST_RCVD;
}
}
}
int tcp_sess_init(struct session *sess, struct tcp_reassembly_options *opts)
{
struct tcp_session *tcp_sess = &sess->data.tcp;
tcp_sess->c2s_data_queue = tcp_reassembly_new(opts);
if (tcp_sess->c2s_data_queue == NULL)
{
return -1;
}
sess->s2c_reassembly = tcp_reassembly_new(opts);
if (sess->s2c_reassembly == NULL)
tcp_sess->s2c_data_queue = tcp_reassembly_new(opts);
if (tcp_sess->s2c_data_queue == NULL)
{
tcp_reassembly_free(sess->c2s_reassembly);
tcp_reassembly_free(tcp_sess->c2s_data_queue);
return -1;
}
return 0;
}
void session_free_tcp_reassembly(struct session *sess)
void tcp_sess_clean(struct session *sess)
{
tcp_reassembly_free(sess->c2s_reassembly);
tcp_reassembly_free(sess->s2c_reassembly);
struct tcp_session *tcp_sess = &sess->data.tcp;
tcp_reassembly_free(tcp_sess->c2s_data_queue);
tcp_reassembly_free(tcp_sess->s2c_data_queue);
}
void session_init_tcp_seq(struct session *sess, uint32_t syn_seq)
void tcp_data_enqueue(struct session *sess, const struct pkt_layer *tcp_layer, uint64_t now)
{
if (sess->type != SESSION_TYPE_TCP)
{
assert(0);
return;
}
struct tcp_session *tcp_sess = &sess->data.tcp;
struct tcphdr *hdr = (struct tcphdr *)tcp_layer->hdr_ptr;
uint8_t flags = tcp_hdr_get_flags(hdr);
if (sess->cur_dir == SESSION_DIR_C2S)
{
sess->c2s_seq = syn_seq;
tcp_reassembly_init(sess->c2s_reassembly, syn_seq);
tcp_sess->c2s_seq = tcp_hdr_get_seq(hdr);
tcp_sess->c2s_ack = tcp_hdr_get_ack(hdr);
if (flags & TH_SYN)
{
tcp_reassembly_init(tcp_sess->c2s_data_queue, tcp_sess->c2s_seq);
}
tcp_reassembly_insert(tcp_sess->c2s_data_queue, tcp_sess->c2s_seq, tcp_layer->pld_ptr, tcp_layer->pld_len, now);
}
else
{
sess->s2c_seq = syn_seq;
tcp_reassembly_init(sess->s2c_reassembly, syn_seq);
tcp_sess->s2c_seq = tcp_hdr_get_seq(hdr);
tcp_sess->s2c_ack = tcp_hdr_get_ack(hdr);
if (flags & TH_SYN)
{
tcp_reassembly_init(tcp_sess->s2c_data_queue, tcp_sess->s2c_seq);
}
tcp_reassembly_insert(tcp_sess->s2c_data_queue, tcp_sess->s2c_seq, tcp_layer->pld_ptr, tcp_layer->pld_len, now);
}
tcp_sub_state_update(tcp_sess, sess->cur_dir, flags);
}
void session_set_tcp_seq_ack(struct session *sess, uint32_t seq, uint32_t ack)
void tcp_data_dequeue(struct session *sess, uint32_t len)
{
if (sess->type != SESSION_TYPE_TCP)
{
assert(0);
return;
}
struct tcp_session *tcp_sess = &sess->data.tcp;
if (sess->cur_dir == SESSION_DIR_C2S)
{
sess->c2s_seq = seq;
sess->c2s_ack = ack;
tcp_reassembly_consume(tcp_sess->c2s_data_queue, len);
}
else
{
sess->s2c_seq = seq;
sess->s2c_ack = ack;
tcp_reassembly_consume(tcp_sess->s2c_data_queue, len);
}
}
void session_insert_tcp_payload(struct session *sess, uint32_t seq, const char *payload, uint32_t len, uint64_t now)
const char *tcp_data_peek(struct session *sess, uint32_t *len)
{
if (sess->type != SESSION_TYPE_TCP)
{
assert(0);
return;
}
struct tcp_session *tcp_sess = &sess->data.tcp;
if (sess->cur_dir == SESSION_DIR_C2S)
{
tcp_reassembly_insert(sess->c2s_reassembly, seq, payload, len, now);
return tcp_reassembly_peek(tcp_sess->c2s_data_queue, len);
}
else
{
tcp_reassembly_insert(sess->s2c_reassembly, seq, payload, len, now);
return tcp_reassembly_peek(tcp_sess->s2c_data_queue, len);
}
}
void session_expire_tcp_payload(struct session *sess, uint64_t now)
void tcp_data_expire(struct session *sess, uint64_t now)
{
if (sess->type != SESSION_TYPE_TCP)
{
assert(0);
return;
}
struct tcp_session *tcp_sess = &sess->data.tcp;
tcp_reassembly_expire(sess->c2s_reassembly, now);
tcp_reassembly_expire(sess->s2c_reassembly, now);
}
const char *session_peek_tcp_payload(struct session *sess, uint32_t *len)
{
if (sess->type != SESSION_TYPE_TCP)
{
*len = 0;
assert(0);
return NULL;
}
if (sess->cur_dir == SESSION_DIR_C2S)
{
return tcp_reassembly_peek(sess->c2s_reassembly, len);
}
else
{
return tcp_reassembly_peek(sess->s2c_reassembly, len);
}
}
void session_consume_tcp_payload(struct session *sess, uint32_t len)
{
if (sess->type != SESSION_TYPE_TCP)
{
assert(0);
return;
}
if (sess->cur_dir == SESSION_DIR_C2S)
{
tcp_reassembly_consume(sess->c2s_reassembly, len);
}
else
{
tcp_reassembly_consume(sess->s2c_reassembly, len);
}
tcp_reassembly_expire(tcp_sess->c2s_data_queue, now);
tcp_reassembly_expire(tcp_sess->s2c_data_queue, now);
}
/******************************************************************************
@@ -471,115 +512,3 @@ void session_free_all_ex_data(struct session *sess)
}
}
}
/******************************************************************************
* session dump
******************************************************************************/
const char *session_closing_reason_to_str(enum closing_reason reason)
{
switch (reason)
{
case CLOSING_BY_TIMEOUT:
return "closing by timeout";
case CLOSING_BY_EVICTED:
return "closing by evicted";
case CLOSING_BY_CLIENT_FIN:
return "closing by client FIN";
case CLOSING_BY_CLIENT_RST:
return "closing by client RST";
case CLOSING_BY_SERVER_FIN:
return "closing by server FIN";
case CLOSING_BY_SERVER_RST:
return "closing by server RST";
default:
return "unknown";
}
}
const char *session_state_to_str(enum session_state state)
{
switch (state)
{
case SESSION_STATE_INIT:
return "init";
case SESSION_STATE_OPENING:
return "opening";
case SESSION_STATE_ACTIVE:
return "active";
case SESSION_STATE_CLOSING:
return "closing";
case SESSION_STATE_DISCARD:
return "discard";
case SESSION_STATE_CLOSED:
return "closed";
default:
return "unknown";
}
}
const char *session_type_to_str(enum session_type type)
{
switch (type)
{
case SESSION_TYPE_TCP:
return "TCP";
case SESSION_TYPE_UDP:
return "UDP";
default:
return "unknown";
}
}
const char *session_dir_to_str(enum session_dir dir)
{
switch (dir)
{
case SESSION_DIR_C2S:
return "C2S";
case SESSION_DIR_S2C:
return "S2C";
default:
return "unknown";
}
}
const char *dup_traffic_flag_to_str(enum dup_traffic_flag flag)
{
switch (flag)
{
case DUP_TRAFFIC_YES:
return "YES";
case DUP_TRAFFIC_NO:
return "NO";
default:
return "unknown";
}
}
void session_dump(struct session *sess)
{
char buffer[1024] = {0};
tuple6_to_str(session_get0_key(sess), buffer, sizeof(buffer));
printf("session id : %" PRIu64 "\n", session_get_id(sess));
printf("session key : %s\n", buffer);
printf("session key dir : %s\n", session_dir_to_str(session_get_key_dir(sess)));
printf("session state : %s\n", session_state_to_str(session_get_state(sess)));
printf("session type : %s\n", session_type_to_str(session_get_type(sess)));
printf("session dup traffic flag : %s\n", dup_traffic_flag_to_str(session_get_dup_traffic_flag(sess)));
printf("session closing reason : %s\n", session_closing_reason_to_str(session_get_closing_reason(sess)));
printf("session C2S packets : %" PRIu64 "\n", session_get_c2s_packets(sess));
printf("session C2S bytes : %" PRIu64 "\n", session_get_c2s_bytes(sess));
printf("session S2C packets : %" PRIu64 "\n", session_get_s2c_packets(sess));
printf("session S2C bytes : %" PRIu64 "\n", session_get_s2c_bytes(sess));
printf("session create time : %" PRIu64 "\n", session_get_new_time(sess));
printf("session last time : %" PRIu64 "\n", session_get_last_time(sess));
printf("session current packet ptr : %p\n", (void *)session_get0_cur_pkt(sess));
printf("session current packet dir : %s\n", session_dir_to_str(session_get_cur_dir(sess)));
printf("session ex data: \n");
for (uint8_t i = 0; i < g_ex_manager.count; i++)
{
printf(" ex_idx: %d, ex_key: %s, ex_data: %p\n", i, g_ex_manager.schemas[i].key, sess->ex_data[i]);
}
}

198
src/session/session.h
View File

@@ -8,8 +8,14 @@ extern "C"
#include <stdint.h>
#include "list.h"
#include "tuple.h"
#include "packet.h"
#include "timeout.h"
#include "uthash.h"
#include "tcp_reassembly.h"
#define EX_DATA_MAX_COUNT 16
enum session_state
{
@@ -35,12 +41,6 @@ enum session_dir
SESSION_DIR_S2C = 0x2,
};
enum dup_traffic_flag
{
DUP_TRAFFIC_NO = 0x0,
DUP_TRAFFIC_YES = 0x1,
};
enum closing_reason
{
CLOSING_BY_TIMEOUT = 0x1,
@@ -51,88 +51,164 @@ enum closing_reason
CLOSING_BY_SERVER_RST = 0x6,
};
struct session;
enum session_metric_index
{
SESSION_METRIC_C2S_BYTES,
SESSION_METRIC_S2C_BYTES,
SESSION_METRIC_C2S_PACKETS,
SESSION_METRIC_S2C_PACKETS,
MAX_METRIC,
};
enum session_timestamp_index
{
SESSION_TIMESTAMP_NEW,
SESSION_TIMESTAMP_LAST,
MAX_TIMESTAMP,
};
enum session_packet_index
{
SESSION_PACKET_C2S_1ST,
SESSION_PACKET_S2C_1ST,
SESSION_PACKET_CURRENT,
MAX_PACKETS,
};
enum tcp_sub_state
{
TCP_SYN_RCVD = 1 << 0,
TCP_SYN_ACK_RCVD = 1 << 1,
TCP_C2S_FIN_RCVD = 1 << 2,
TCP_S2C_FIN_RCVD = 1 << 3,
TCP_C2S_RST_RCVD = 1 << 4,
TCP_S2C_RST_RCVD = 1 << 5,
TCP_C2S_UNVERIFIED_RST_RCVD = 1 << 6,
TCP_S2C_UNVERIFIED_RST_RCVD = 1 << 7,
};
struct tcp_session
{
struct tcp_reassembly *c2s_data_queue;
struct tcp_reassembly *s2c_data_queue;
uint16_t sub_state;
uint32_t c2s_seq;
uint32_t s2c_seq;
uint32_t c2s_ack;
uint32_t s2c_ack;
};
struct udp_session
{
};
struct icmp_session
{
};
struct session
{
uint64_t id;
uint64_t metrics[MAX_METRIC];
uint64_t timestamps[MAX_TIMESTAMP];
enum session_dir tuple_dir;
enum session_dir cur_dir;
enum session_type type;
enum session_state state;
enum closing_reason reason;
int dup;
struct tuple6 tuple;
struct timeout timeout; // used for timer
struct list_head lru; // used for lru queue
struct list_head free; // used for free queue
struct list_head evicte; // used for evicte queue
const struct packet *packets[MAX_PACKETS];
UT_hash_handle hh; // used for hash table
void *ex_data[EX_DATA_MAX_COUNT];
void *user_data;
union
{
struct tcp_session tcp;
struct udp_session udp;
struct icmp_session icmp;
} data;
};
/******************************************************************************
* session base info
* session set/get
******************************************************************************/
void session_init(struct session *sess);
// session id
void session_set_id(struct session *sess, uint64_t id);
uint64_t session_get_id(const struct session *sess);
// session key
void session_set_key(struct session *sess, const struct tuple6 *tuple);
const struct tuple6 *session_get0_key(const struct session *sess);
void session_set_key_dir(struct session *sess, enum session_dir dir);
enum session_dir session_get_key_dir(const struct session *sess);
void session_set_tuple(struct session *sess, const struct tuple6 *key);
const struct tuple6 *session_get_tuple(const struct session *sess);
void session_set_tuple_dir(struct session *sess, enum session_dir dir);
enum session_dir session_get_tuple_dir(const struct session *sess);
void session_set_cur_dir(struct session *sess, enum session_dir dir);
enum session_dir session_get_cur_dir(const struct session *sess);
// session state
void session_set_state(struct session *sess, enum session_state state);
enum session_state session_get_state(const struct session *sess);
// session type
void session_set_type(struct session *sess, enum session_type type);
enum session_type session_get_type(const struct session *sess);
// session dup traffic flag
void session_set_dup_traffic_flag(struct session *sess, enum dup_traffic_flag flag);
enum dup_traffic_flag session_get_dup_traffic_flag(const struct session *sess);
void session_set_dup_traffic(struct session *sess);
int session_has_dup_traffic(const struct session *sess);
// closing reason
void session_set_closing_reason(struct session *sess, enum closing_reason reason);
enum closing_reason session_get_closing_reason(const struct session *sess);
// session metrics
void session_inc_c2s_metrics(struct session *sess, uint64_t packets, uint64_t bytes);
void session_inc_s2c_metrics(struct session *sess, uint64_t packets, uint64_t bytes);
uint64_t session_get_c2s_bytes(const struct session *sess);
uint64_t session_get_s2c_bytes(const struct session *sess);
uint64_t session_get_c2s_packets(const struct session *sess);
uint64_t session_get_s2c_packets(const struct session *sess);
void session_inc_metric(struct session *sess, enum session_metric_index idx, uint64_t val);
void session_set_metric(struct session *sess, enum session_metric_index idx, uint64_t val);
uint64_t session_get_metric(const struct session *sess, enum session_metric_index idx);
// session timestamp
void session_set_new_time(struct session *sess, uint64_t timestamp);
void session_set_last_time(struct session *sess, uint64_t timestamp);
uint64_t session_get_new_time(const struct session *sess);
uint64_t session_get_last_time(const struct session *sess);
void session_set_timestamp(struct session *sess, enum session_timestamp_index idx, uint64_t timestamp);
uint64_t session_get_timestamp(const struct session *sess, enum session_timestamp_index idx);
void session_set_packet(struct session *sess, enum session_packet_index idx, const struct packet *pkt);
void session_clean_packet(struct session *sess, enum session_packet_index idx);
const struct packet *session_get_packet(const struct session *sess, enum session_packet_index idx);
// session user data
void session_set_user_data(struct session *sess, void *user_data);
void *session_get_user_data(const struct session *sess);
/******************************************************************************
* session packet
* to string
******************************************************************************/
void session_set_c2s_1st_pkt(struct session *sess, const struct packet *pkt);
void session_set_s2c_1st_pkt(struct session *sess, const struct packet *pkt);
const struct packet *session_get0_c2s_1st_pkt(const struct session *sess);
const struct packet *session_get0_s2c_1st_pkt(const struct session *sess);
const struct packet *session_get0_1st_pkt(const struct session *sess);
// session current packet
void session_set0_cur_pkt(struct session *sess, const struct packet *pkt);
const struct packet *session_get0_cur_pkt(const struct session *sess);
// session current dir
void session_set_cur_dir(struct session *sess, enum session_dir dir);
enum session_dir session_get_cur_dir(const struct session *sess);
const char *closing_reason_to_str(enum closing_reason reason);
const char *session_state_to_str(enum session_state state);
const char *session_type_to_str(enum session_type type);
const char *session_dir_to_str(enum session_dir dir);
void session_dump(struct session *sess);
/******************************************************************************
* session tcp reassembly
* tcp session
******************************************************************************/
int session_new_tcp_reassembly(struct session *sess, struct tcp_reassembly_options *opts);
void session_free_tcp_reassembly(struct session *sess);
void session_init_tcp_seq(struct session *sess, uint32_t syn_seq);
void session_set_tcp_seq_ack(struct session *sess, uint32_t seq, uint32_t ack);
void session_insert_tcp_payload(struct session *sess, uint32_t offset, const char *payload, uint32_t len, uint64_t now);
void session_expire_tcp_payload(struct session *sess, uint64_t now);
const char *session_peek_tcp_payload(struct session *sess, uint32_t *len);
void session_consume_tcp_payload(struct session *sess, uint32_t len);
int tcp_sess_init(struct session *sess, struct tcp_reassembly_options *opts);
void tcp_sess_clean(struct session *sess);
void tcp_data_enqueue(struct session *sess, const struct pkt_layer *tcp_layer, uint64_t now);
void tcp_data_dequeue(struct session *sess, uint32_t len);
const char *tcp_data_peek(struct session *sess, uint32_t *len);
void tcp_data_expire(struct session *sess, uint64_t now);
/******************************************************************************
* session ex data
@@ -165,16 +241,6 @@ void *session_get0_ex_data(const struct session *sess, uint8_t idx);
void session_free_ex_data(struct session *sess, uint8_t idx);
void session_free_all_ex_data(struct session *sess);
/******************************************************************************
* session dump
******************************************************************************/
const char *session_closing_reason_to_str(enum closing_reason reason);
const char *session_state_to_str(enum session_state state);
const char *session_type_to_str(enum session_type type);
const char *session_dir_to_str(enum session_dir dir);
void session_dump(struct session *sess);
#ifdef __cpluscplus
}
#endif

147
src/session/session_manager.cpp
View File

@@ -9,7 +9,6 @@
#include "session_table.h"
#include "session_timer.h"
#include "session_manager.h"
#include "session_private.h"
#include "session_transition.h"
#include "evicted_session_filter.h"
#include "duplicated_packet_filter.h"
@@ -49,69 +48,6 @@ struct session_manager
#define EVICTE_SESSION_BURST (RX_BURST_MAX)
enum tcp_flags
{
SYN_RECV = 1 << 0,
SYN_ACK_RECV = 1 << 1,
C2S_FIN_RECV = 1 << 2,
S2C_FIN_RECV = 1 << 3,
C2S_RST_RECV = 1 << 4,
S2C_RST_RECV = 1 << 5,
C2S_UNVERIFIED_RST_RECV = 1 << 6,
S2C_UNVERIFIED_RST_RECV = 1 << 7,
};
// TODO
uint8_t tcp_flags_idx = 0;
static uint64_t tcp_flags_update(struct session *sess, uint8_t flags)
{
enum session_dir dir = session_get_cur_dir(sess);
uint64_t history = (uint64_t)session_get0_ex_data(sess, tcp_flags_idx);
if (flags & TH_SYN)
{
history |= (flags & TH_ACK) ? SYN_ACK_RECV : SYN_RECV;
}
if (flags & TH_FIN)
{
history |= (dir == SESSION_DIR_C2S ? C2S_FIN_RECV : S2C_FIN_RECV);
}
if (flags & TH_RST)
{
/*
* https://www.rfc-editor.org/rfc/rfc5961#section-3.2
*
* If the RST bit is set and the sequence number exactly matches the
* next expected sequence number (RCV.NXT), then TCP MUST reset the
* connection.
*/
uint16_t curr_seq = (dir == SESSION_DIR_C2S ? sess->c2s_seq : sess->s2c_seq);
uint16_t expect_seq = (dir == SESSION_DIR_C2S ? sess->s2c_ack : sess->c2s_ack);
// if fin is received, the expected sequence number should be increased by 1
expect_seq += (dir == SESSION_DIR_C2S ? (flags & S2C_FIN_RECV ? 1 : 0) : (flags & C2S_FIN_RECV ? 1 : 0));
if (curr_seq == expect_seq)
{
history |= (dir == SESSION_DIR_C2S ? C2S_RST_RECV : S2C_RST_RECV);
}
// RST is unverified if the sequence number is not as expected
else
{
history |= (dir == SESSION_DIR_C2S ? C2S_UNVERIFIED_RST_RECV : S2C_UNVERIFIED_RST_RECV);
}
}
session_set_ex_data(sess, tcp_flags_idx, (void *)history);
return history;
}
// TODO
int check_options(const struct session_manager_options *opts)
{
@@ -264,13 +200,13 @@ static enum session_dir identify_direction_by_port(uint16_t src_port, uint16_t d
static enum session_dir identify_direction_by_history(const struct session *sess, const struct tuple6 *key)
{
if (tuple6_cmp(session_get0_key(sess), key) == 0)
if (tuple6_cmp(session_get_tuple(sess), key) == 0)
{
return session_get_key_dir(sess);
return session_get_tuple_dir(sess);
}
else
{
return (session_get_key_dir(sess) == SESSION_DIR_C2S ? SESSION_DIR_S2C : SESSION_DIR_C2S);
return (session_get_tuple_dir(sess) == SESSION_DIR_C2S ? SESSION_DIR_S2C : SESSION_DIR_C2S);
}
}
@@ -338,15 +274,15 @@ static int session_manager_filter_evicted_session(struct session_manager *mgr, s
static int session_manager_filter_duplicated_packet(struct session_manager *mgr, struct session *sess, const struct packet *pkt, const struct tuple6 *key, uint64_t now)
{
enum session_dir dir = identify_direction_by_history(sess, key);
if ((dir == SESSION_DIR_C2S && session_get_c2s_packets(sess) < 3) ||
(dir == SESSION_DIR_S2C && session_get_s2c_packets(sess) < 3) ||
(session_get_dup_traffic_flag(sess) == DUP_TRAFFIC_YES))
if ((dir == SESSION_DIR_C2S && session_get_metric(sess, SESSION_METRIC_C2S_PACKETS) < 3) ||
(dir == SESSION_DIR_S2C && session_get_metric(sess, SESSION_METRIC_S2C_PACKETS) < 3) ||
(session_has_dup_traffic(sess) == 1))
{
if (duplicated_packet_filter_lookup(mgr->dup_pkt_filter, pkt, now))
{
mgr->stat.dup_pkt.nr_pkts++;
mgr->stat.dup_pkt.nr_bytes += packet_get_len(pkt);
session_set_dup_traffic_flag(sess, DUP_TRAFFIC_YES);
session_set_dup_traffic(sess);
return 1;
}
else
@@ -410,9 +346,9 @@ static void session_update(struct session *sess, enum session_state next_state,
{
if (session_get_state(sess) == SESSION_STATE_INIT)
{
session_set_key(sess, key);
session_set_key_dir(sess, dir);
session_set_new_time(sess, now);
session_set_tuple(sess, key);
session_set_tuple_dir(sess, dir);
session_set_timestamp(sess, SESSION_TIMESTAMP_NEW, now);
switch (key->ip_proto)
{
case IPPROTO_TCP:
@@ -429,17 +365,19 @@ static void session_update(struct session *sess, enum session_state next_state,
if (dir == SESSION_DIR_C2S)
{
session_inc_c2s_metrics(sess, 1, packet_get_len(pkt));
session_set_c2s_1st_pkt(sess, pkt);
session_inc_metric(sess, SESSION_METRIC_C2S_PACKETS, 1);
session_inc_metric(sess, SESSION_METRIC_C2S_BYTES, packet_get_len(pkt));
session_set_packet(sess, SESSION_PACKET_C2S_1ST, pkt);
}
else
{
session_inc_s2c_metrics(sess, 1, packet_get_len(pkt));
session_set_s2c_1st_pkt(sess, pkt);
session_inc_metric(sess, SESSION_METRIC_S2C_PACKETS, 1);
session_inc_metric(sess, SESSION_METRIC_S2C_BYTES, packet_get_len(pkt));
session_set_packet(sess, SESSION_PACKET_S2C_1ST, pkt);
}
session_set0_cur_pkt(sess, pkt);
session_set_packet(sess, SESSION_PACKET_CURRENT, pkt);
session_set_cur_dir(sess, dir);
session_set_last_time(sess, now);
session_set_timestamp(sess, SESSION_TIMESTAMP_LAST, now);
session_set_state(sess, next_state);
}
@@ -466,13 +404,13 @@ static void session_manager_evicte_session(struct session_manager *mgr, struct s
case SESSION_TYPE_TCP:
SESSION_LOG_DEBUG("evicte tcp old session: %lu", session_get_id(sess));
mgr->stat.tcp_sess.nr_old_sess_evicted++;
session_table_del(mgr->tcp_sess_table, session_get0_key(sess));
session_table_del(mgr->tcp_sess_table, session_get_tuple(sess));
break;
case SESSION_TYPE_UDP:
SESSION_LOG_DEBUG("evicte udp old session: %lu", session_get_id(sess));
mgr->stat.udp_sess.nr_old_sess_evicted++;
session_table_del(mgr->udp_sess_table, session_get0_key(sess));
evicted_session_filter_add(mgr->evicte_sess_filter, session_get0_key(sess), now);
session_table_del(mgr->udp_sess_table, session_get_tuple(sess));
evicted_session_filter_add(mgr->evicte_sess_filter, session_get_tuple(sess), now);
break;
default:
assert(0);
@@ -482,7 +420,7 @@ static void session_manager_evicte_session(struct session_manager *mgr, struct s
static struct session *session_manager_new_tcp_session(struct session_manager *mgr, const struct packet *pkt, const struct tuple6 *key, uint64_t now)
{
const struct layer *tcp_layer = packet_get_innermost_layer(pkt, LAYER_TYPE_TCP);
const struct pkt_layer *tcp_layer = packet_get_innermost_layer(pkt, LAYER_TYPE_TCP);
const struct tcphdr *hdr = (const struct tcphdr *)tcp_layer->hdr_ptr;
uint8_t flags = tcp_hdr_get_flags(hdr);
if (!(flags & TH_SYN))
@@ -505,14 +443,13 @@ static struct session *session_manager_new_tcp_session(struct session_manager *m
}
session_init(sess);
session_set_id(sess, id_generator_alloc());
if (session_new_tcp_reassembly(sess, &mgr->tcp_reassembly_opts) == -1)
if (tcp_sess_init(sess, &mgr->tcp_reassembly_opts) == -1)
{
assert(0);
session_pool_push(mgr->sess_pool, sess);
return NULL;
}
mgr->stat.tcp_sess.nr_sess_used++;
SESSION_LOG_DEBUG("session %lu, c2s reassembler %p, s2c reassembler %p", session_get_id(sess), sess->c2s_reassembly, sess->s2c_reassembly);
enum session_dir dir = tcp_hdr_get_ack_flag(hdr) ? SESSION_DIR_S2C : SESSION_DIR_C2S;
enum session_state next_state = session_transition_run(SESSION_STATE_INIT, TCP_SYN);
@@ -520,9 +457,7 @@ static struct session *session_manager_new_tcp_session(struct session_manager *m
session_transition_log(sess, SESSION_STATE_INIT, next_state, TCP_SYN);
session_stat_inc(&mgr->stat.tcp_sess, next_state);
session_init_tcp_seq(sess, tcp_hdr_get_seq(hdr));
session_set_tcp_seq_ack(sess, tcp_hdr_get_seq(hdr), tcp_hdr_get_ack(hdr));
session_insert_tcp_payload(sess, tcp_hdr_get_seq(hdr), tcp_layer->pld_ptr, tcp_layer->pld_len, now);
tcp_data_enqueue(sess, tcp_layer, now);
uint64_t timeout = (flags & TH_ACK) ? mgr->tcp_handshake_timeout : mgr->tcp_init_timeout;
session_timer_update(mgr->sess_timer, sess, now + timeout);
@@ -566,7 +501,7 @@ static struct session *session_manager_new_udp_session(struct session_manager *m
static int session_manager_update_tcp_session(struct session_manager *mgr, struct session *sess, const struct packet *pkt, const struct tuple6 *key, uint64_t now)
{
const struct layer *tcp_layer = packet_get_innermost_layer(pkt, LAYER_TYPE_TCP);
const struct pkt_layer *tcp_layer = packet_get_innermost_layer(pkt, LAYER_TYPE_TCP);
const struct tcphdr *hdr = (const struct tcphdr *)tcp_layer->hdr_ptr;
enum session_dir dir = identify_direction_by_history(sess, key);
uint8_t flags = tcp_hdr_get_flags(hdr);
@@ -580,14 +515,8 @@ static int session_manager_update_tcp_session(struct session_manager *mgr, struc
session_transition_log(sess, curr_state, next_state, inputs);
session_stat_update(mgr, sess, curr_state, next_state);
if (tcp_hdr_get_syn_flag(hdr))
{
session_init_tcp_seq(sess, tcp_hdr_get_seq(hdr));
}
session_set_tcp_seq_ack(sess, tcp_hdr_get_seq(hdr), tcp_hdr_get_ack(hdr));
session_expire_tcp_payload(sess, now);
session_insert_tcp_payload(sess, tcp_hdr_get_seq(hdr), tcp_layer->pld_ptr, tcp_layer->pld_len, now);
tcp_data_expire(sess, now);
tcp_data_enqueue(sess, tcp_layer, now);
// set closing reason
if (next_state == SESSION_STATE_CLOSING && !session_get_closing_reason(sess))
@@ -602,7 +531,7 @@ static int session_manager_update_tcp_session(struct session_manager *mgr, struc
}
}
uint64_t history = tcp_flags_update(sess, flags);
uint16_t sub_state = sess->data.tcp.sub_state;
uint64_t timeout = 0;
switch (next_state)
@@ -623,11 +552,11 @@ static int session_manager_update_tcp_session(struct session_manager *mgr, struc
case SESSION_STATE_CLOSING:
if (flags & TH_FIN)
{
timeout = (history & C2S_FIN_RECV && history & S2C_FIN_RECV) ? mgr->tcp_time_wait_timeout : mgr->tcp_half_closed_timeout;
timeout = (sub_state & TCP_C2S_FIN_RCVD && sub_state & TCP_S2C_FIN_RCVD) ? mgr->tcp_time_wait_timeout : mgr->tcp_half_closed_timeout;
}
else if (flags & TH_RST)
{
timeout = (history & C2S_RST_RECV || history & S2C_RST_RECV) ? mgr->tcp_time_wait_timeout : mgr->tcp_unverified_rst_timeout;
timeout = (sub_state & TCP_C2S_RST_RCVD || sub_state & TCP_S2C_RST_RCVD) ? mgr->tcp_time_wait_timeout : mgr->tcp_unverified_rst_timeout;
}
else
{
@@ -727,7 +656,6 @@ struct session_manager *session_manager_new(struct session_manager_options *opts
INIT_LIST_HEAD(&mgr->evicte_queue);
session_filter_init();
session_transition_init();
tcp_flags_idx = session_get_ex_new_index("tcp_flags", NULL, NULL);
return mgr;
@@ -795,19 +723,19 @@ void session_manager_free_session(struct session_manager *mgr, struct session *s
{
if (sess)
{
SESSION_LOG_DEBUG("session %lu closed (%s)", session_get_id(sess), session_closing_reason_to_str(session_get_closing_reason(sess)));
SESSION_LOG_DEBUG("session %lu closed (%s)", session_get_id(sess), closing_reason_to_str(session_get_closing_reason(sess)));
session_timer_del(mgr->sess_timer, sess);
switch (session_get_type(sess))
{
case SESSION_TYPE_TCP:
session_free_tcp_reassembly(sess);
session_table_del(mgr->tcp_sess_table, session_get0_key(sess));
tcp_sess_clean(sess);
session_table_del(mgr->tcp_sess_table, session_get_tuple(sess));
session_stat_dec(&mgr->stat.tcp_sess, session_get_state(sess));
mgr->stat.tcp_sess.nr_sess_used--;
break;
case SESSION_TYPE_UDP:
session_table_del(mgr->udp_sess_table, session_get0_key(sess));
session_table_del(mgr->udp_sess_table, session_get_tuple(sess));
session_stat_dec(&mgr->stat.udp_sess, session_get_state(sess));
mgr->stat.udp_sess.nr_sess_used--;
break;
@@ -815,11 +743,10 @@ void session_manager_free_session(struct session_manager *mgr, struct session *s
assert(0);
break;
}
session_set0_cur_pkt(sess, NULL);
session_clean_packet(sess, SESSION_PACKET_C2S_1ST);
session_clean_packet(sess, SESSION_PACKET_S2C_1ST);
session_clean_packet(sess, SESSION_PACKET_CURRENT);
session_set_cur_dir(sess, SESSION_DIR_NONE);
packet_free(sess->c2s_1st_pkt);
packet_free(sess->s2c_1st_pkt);
session_free_all_ex_data(sess);
session_pool_push(mgr->sess_pool, sess);
sess = NULL;

1
src/session/session_pool.cpp
View File

@@ -1,5 +1,4 @@
#include "session_pool.h"
#include "session_private.h"
struct session_pool
{

111
src/session/session_private.h
View File

@@ -1,111 +0,0 @@
/*
* The current file is private to the plugin, and pulgin can only use session.h
* The current file can only be used by session.cpp/session_pool.cpp/session_table.cpp
*/
#ifndef _SESSION_PRIVATE_H
#define _SESSION_PRIVATE_H
#ifdef __cpluscplus
extern "C"
{
#endif
#include "list.h"
#include "timeout.h"
#include "uthash.h"
#include "session.h"
#include "tcp_reassembly.h"
#define EX_DATA_MAX_COUNT 16
struct session
{
// session id
uint64_t id;
// session state
enum session_state state;
// session type
enum session_type type;
// dup traffic flag
enum dup_traffic_flag dup_flag;
// closing reason
enum closing_reason closing_reason;
// session metrics
uint64_t c2s_bytes;
uint64_t s2c_bytes;
uint64_t c2s_packets;
uint64_t s2c_packets;
// session timestamp
uint64_t create_time;
uint64_t last_time;
// session packet
struct packet *c2s_1st_pkt;
struct packet *s2c_1st_pkt;
// session user data
void *user_data;
/******************************
* Session TCP Reassembly
******************************/
struct tcp_reassembly *c2s_reassembly;
struct tcp_reassembly *s2c_reassembly;
uint32_t c2s_seq;
uint32_t s2c_seq;
uint32_t c2s_ack;
uint32_t s2c_ack;
/******************************
* Session Current Packet
******************************/
// session current packet
const struct packet *cur_pkt;
enum session_dir cur_dir;
/******************************
* Session Ex Data Zone
******************************/
void *ex_data[EX_DATA_MAX_COUNT];
/******************************
* Session Timer Zone
******************************/
struct timeout timeout;
/******************************
* Session Table Zone
******************************/
// session table key
struct tuple6 tuple;
enum session_dir tuple_dir;
// session table handle
UT_hash_handle hh;
/******************************
* Session Queue Node
******************************/
struct list_head lru; // used for lru queue
struct list_head free; // used for free queue
struct list_head evicte; // used for evicte queue
};
#ifdef __cpluscplus
}
#endif
#endif

2
src/session/session_table.cpp
View File

@@ -3,8 +3,6 @@
#define HASH_FUNCTION(keyptr, keylen, hashv) HASH_FUNCTION_OVERWRITE(keyptr, keylen, &hashv)
#define HASH_KEYCMP(a, b, len) HASH_KEYCMP_OVERWRITE(a, b, len)
#include "session_table.h"
#include "session_private.h"
#include "list.h"
struct session_table
{

1
src/session/session_timer.cpp
View File

@@ -1,5 +1,4 @@
#include "session_timer.h"
#include "session_private.h"
struct session_timer
{

2
src/session/session_transition.cpp
View File

@@ -157,7 +157,7 @@ void session_transition_log(struct session *sess, enum session_state curr_state,
char buff[128] = {0};
char reason[128] = {0};
tuple6_to_str(session_get0_key(sess), buff, sizeof(buff));
tuple6_to_str(session_get_tuple(sess), buff, sizeof(buff));
session_inputs_to_str(inputs, reason, sizeof(reason));
SESSION_TRANSITION_LOG_INFO("%s session %lu %s (%s) %s -> %s",
session_type_to_str(session_get_type(sess)), session_get_id(sess), buff, reason,

30
src/session/test/gtest_filter_tcp_dupkt.cpp
View File

@@ -48,7 +48,7 @@ struct session_manager_options opts = {
static void packet_set_ip_id(struct packet *pkt, uint16_t ip_id)
{
const struct layer *ipv4_layer = packet_get_innermost_layer(pkt, LAYER_TYPE_IPV4);
const struct pkt_layer *ipv4_layer = packet_get_innermost_layer(pkt, LAYER_TYPE_IPV4);
EXPECT_TRUE(ipv4_layer);
struct ip *hdr = (struct ip *)ipv4_layer->hdr_ptr;
ipv4_hdr_set_ipid(hdr, ip_id);
@@ -75,7 +75,7 @@ TEST(TCP_DUPKT_FILTER_ENABLE, SYN_DUP)
// new session
sess = session_manager_new_session(mgr, &pkt, 1);
EXPECT_TRUE(sess);
EXPECT_TRUE(session_get_dup_traffic_flag(sess) == DUP_TRAFFIC_NO);
EXPECT_TRUE(session_has_dup_traffic(sess) == 0);
stat = session_manager_get_stat(mgr);
EXPECT_TRUE(stat);
EXPECT_TRUE(stat->dup_pkt.nr_pkts == 0);
@@ -91,7 +91,7 @@ TEST(TCP_DUPKT_FILTER_ENABLE, SYN_DUP)
EXPECT_TRUE(sess);
// update session
EXPECT_TRUE(session_manager_update_session(mgr, sess, &pkt, 2) == -1);
EXPECT_TRUE(session_get_dup_traffic_flag(sess) == DUP_TRAFFIC_YES);
EXPECT_TRUE(session_has_dup_traffic(sess) == 1);
stat = session_manager_get_stat(mgr);
EXPECT_TRUE(stat);
EXPECT_TRUE(stat->dup_pkt.nr_pkts == 1);
@@ -110,7 +110,7 @@ TEST(TCP_DUPKT_FILTER_ENABLE, SYN_DUP)
EXPECT_TRUE(sess);
// update session
EXPECT_TRUE(session_manager_update_session(mgr, sess, &pkt, 3) == 0);
EXPECT_TRUE(session_get_dup_traffic_flag(sess) == DUP_TRAFFIC_YES);
EXPECT_TRUE(session_has_dup_traffic(sess) == 1);
stat = session_manager_get_stat(mgr);
EXPECT_TRUE(stat);
EXPECT_TRUE(stat->dup_pkt.nr_pkts == 1);
@@ -141,7 +141,7 @@ TEST(TCP_DUPKT_FILTER_ENABLE, SYNACK_DUP)
// new session
sess = session_manager_new_session(mgr, &pkt, 1);
EXPECT_TRUE(sess);
EXPECT_TRUE(session_get_dup_traffic_flag(sess) == DUP_TRAFFIC_NO);
EXPECT_TRUE(session_has_dup_traffic(sess) == 0);
stat = session_manager_get_stat(mgr);
EXPECT_TRUE(stat);
EXPECT_TRUE(stat->dup_pkt.nr_pkts == 0);
@@ -157,7 +157,7 @@ TEST(TCP_DUPKT_FILTER_ENABLE, SYNACK_DUP)
EXPECT_TRUE(sess);
// update session
EXPECT_TRUE(session_manager_update_session(mgr, sess, &pkt, 2) == -1);
EXPECT_TRUE(session_get_dup_traffic_flag(sess) == DUP_TRAFFIC_YES);
EXPECT_TRUE(session_has_dup_traffic(sess) == 1);
stat = session_manager_get_stat(mgr);
EXPECT_TRUE(stat);
EXPECT_TRUE(stat->dup_pkt.nr_pkts == 1);
@@ -176,7 +176,7 @@ TEST(TCP_DUPKT_FILTER_ENABLE, SYNACK_DUP)
EXPECT_TRUE(sess);
// update session
EXPECT_TRUE(session_manager_update_session(mgr, sess, &pkt, 3) == 0);
EXPECT_TRUE(session_get_dup_traffic_flag(sess) == DUP_TRAFFIC_YES);
EXPECT_TRUE(session_has_dup_traffic(sess) == 1);
stat = session_manager_get_stat(mgr);
EXPECT_TRUE(stat);
EXPECT_TRUE(stat->dup_pkt.nr_pkts == 1);
@@ -208,7 +208,7 @@ TEST(TCP_DUPKT_FILTER_ENABLE, SKIP)
// new session
sess = session_manager_new_session(mgr, &pkt, 1);
EXPECT_TRUE(sess);
EXPECT_TRUE(session_get_dup_traffic_flag(sess) == DUP_TRAFFIC_NO);
EXPECT_TRUE(session_has_dup_traffic(sess) == 0);
stat = session_manager_get_stat(mgr);
EXPECT_TRUE(stat);
EXPECT_TRUE(stat->dup_pkt.nr_pkts == 0);
@@ -226,7 +226,7 @@ TEST(TCP_DUPKT_FILTER_ENABLE, SKIP)
EXPECT_TRUE(sess);
// update session
EXPECT_TRUE(session_manager_update_session(mgr, sess, &pkt, 2) == 0);
EXPECT_TRUE(session_get_dup_traffic_flag(sess) == DUP_TRAFFIC_NO);
EXPECT_TRUE(session_has_dup_traffic(sess) == 0);
stat = session_manager_get_stat(mgr);
EXPECT_TRUE(stat);
EXPECT_TRUE(stat->dup_pkt.nr_pkts == 0);
@@ -244,7 +244,7 @@ TEST(TCP_DUPKT_FILTER_ENABLE, SKIP)
EXPECT_TRUE(sess);
// update session
EXPECT_TRUE(session_manager_update_session(mgr, sess, &pkt, 3) == 0);
EXPECT_TRUE(session_get_dup_traffic_flag(sess) == DUP_TRAFFIC_NO);
EXPECT_TRUE(session_has_dup_traffic(sess) == 0);
stat = session_manager_get_stat(mgr);
EXPECT_TRUE(stat);
EXPECT_TRUE(stat->dup_pkt.nr_pkts == 0);
@@ -260,7 +260,7 @@ TEST(TCP_DUPKT_FILTER_ENABLE, SKIP)
EXPECT_TRUE(sess);
// update session
EXPECT_TRUE(session_manager_update_session(mgr, sess, &pkt, 3) == 0);
EXPECT_TRUE(session_get_dup_traffic_flag(sess) == DUP_TRAFFIC_NO);
EXPECT_TRUE(session_has_dup_traffic(sess) == 0);
stat = session_manager_get_stat(mgr);
EXPECT_TRUE(stat);
EXPECT_TRUE(stat->dup_pkt.nr_pkts == 0);
@@ -294,7 +294,7 @@ TEST(TCP_DUPKT_FILTER_DISABLE, SYN_DUP)
// new session
sess = session_manager_new_session(mgr, &pkt, 1);
EXPECT_TRUE(sess);
EXPECT_TRUE(session_get_dup_traffic_flag(sess) == DUP_TRAFFIC_NO);
EXPECT_TRUE(session_has_dup_traffic(sess) == 0);
stat = session_manager_get_stat(mgr);
EXPECT_TRUE(stat);
EXPECT_TRUE(stat->dup_pkt.nr_pkts == 0);
@@ -310,7 +310,7 @@ TEST(TCP_DUPKT_FILTER_DISABLE, SYN_DUP)
EXPECT_TRUE(sess);
// update session
EXPECT_TRUE(session_manager_update_session(mgr, sess, &pkt, 2) == 0);
EXPECT_TRUE(session_get_dup_traffic_flag(sess) == DUP_TRAFFIC_NO);
EXPECT_TRUE(session_has_dup_traffic(sess) == 0);
stat = session_manager_get_stat(mgr);
EXPECT_TRUE(stat);
EXPECT_TRUE(stat->dup_pkt.nr_pkts == 0);
@@ -344,7 +344,7 @@ TEST(TCP_DUPKT_FILTER_DISABLE, SYNACK_DUP)
// new session
sess = session_manager_new_session(mgr, &pkt, 1);
EXPECT_TRUE(sess);
EXPECT_TRUE(session_get_dup_traffic_flag(sess) == DUP_TRAFFIC_NO);
EXPECT_TRUE(session_has_dup_traffic(sess) == 0);
stat = session_manager_get_stat(mgr);
EXPECT_TRUE(stat);
EXPECT_TRUE(stat->dup_pkt.nr_pkts == 0);
@@ -360,7 +360,7 @@ TEST(TCP_DUPKT_FILTER_DISABLE, SYNACK_DUP)
EXPECT_TRUE(sess);
// update session
EXPECT_TRUE(session_manager_update_session(mgr, sess, &pkt, 2) == 0);
EXPECT_TRUE(session_get_dup_traffic_flag(sess) == DUP_TRAFFIC_NO);
EXPECT_TRUE(session_has_dup_traffic(sess) == 0);
stat = session_manager_get_stat(mgr);
EXPECT_TRUE(stat);
EXPECT_TRUE(stat->dup_pkt.nr_pkts == 0);

2
src/session/test/gtest_overload_evict_tcp_sess.cpp
View File

@@ -50,7 +50,7 @@ struct session_manager_options opts = {
static void packet_set_tcp_src_addr(struct packet *pkt, uint32_t addr)
{
const struct layer *ipv4_layer = packet_get_innermost_layer(pkt, LAYER_TYPE_IPV4);
const struct pkt_layer *ipv4_layer = packet_get_innermost_layer(pkt, LAYER_TYPE_IPV4);
EXPECT_TRUE(ipv4_layer);
struct ip *hdr = (struct ip *)ipv4_layer->hdr_ptr;
ipv4_hdr_set_src_addr(hdr, addr);

2
src/session/test/gtest_overload_evict_udp_sess.cpp
View File

@@ -50,7 +50,7 @@ struct session_manager_options opts = {
static void packet_set_tcp_src_addr(struct packet *pkt, uint32_t addr)
{
const struct layer *ipv4_layer = packet_get_innermost_layer(pkt, LAYER_TYPE_IPV4);
const struct pkt_layer *ipv4_layer = packet_get_innermost_layer(pkt, LAYER_TYPE_IPV4);
EXPECT_TRUE(ipv4_layer);
struct ip *hdr = (struct ip *)ipv4_layer->hdr_ptr;
ipv4_hdr_set_src_addr(hdr, addr);

44
src/session/test/gtest_sess_mgr_tcp_reassembly.cpp
View File

@@ -83,7 +83,7 @@ TEST(SESS_MGR_TCP_REASSEMBLY, OUT_OF_ORDER)
sess = session_manager_new_session(mgr, &pkt, 1);
EXPECT_TRUE(sess);
payload = session_peek_tcp_payload(sess, &len);
payload = tcp_data_peek(sess, &len);
EXPECT_TRUE(payload == NULL);
EXPECT_TRUE(len == 0);
@@ -98,7 +98,7 @@ TEST(SESS_MGR_TCP_REASSEMBLY, OUT_OF_ORDER)
// update session
EXPECT_TRUE(session_manager_update_session(mgr, sess, &pkt, 2) == 0);
payload = session_peek_tcp_payload(sess, &len);
payload = tcp_data_peek(sess, &len);
EXPECT_TRUE(payload == NULL);
EXPECT_TRUE(len == 0);
@@ -113,7 +113,7 @@ TEST(SESS_MGR_TCP_REASSEMBLY, OUT_OF_ORDER)
// update session
EXPECT_TRUE(session_manager_update_session(mgr, sess, &pkt, 3) == 0);
payload = session_peek_tcp_payload(sess, &len);
payload = tcp_data_peek(sess, &len);
EXPECT_TRUE(payload == NULL);
EXPECT_TRUE(len == 0);
@@ -128,7 +128,7 @@ TEST(SESS_MGR_TCP_REASSEMBLY, OUT_OF_ORDER)
// update session
EXPECT_TRUE(session_manager_update_session(mgr, sess, &pkt, 4) == 0);
payload = session_peek_tcp_payload(sess, &len);
payload = tcp_data_peek(sess, &len);
EXPECT_TRUE(payload == NULL);
EXPECT_TRUE(len == 0);
@@ -143,7 +143,7 @@ TEST(SESS_MGR_TCP_REASSEMBLY, OUT_OF_ORDER)
// update session
EXPECT_TRUE(session_manager_update_session(mgr, sess, &pkt, 5) == 0);
payload = session_peek_tcp_payload(sess, &len);
payload = tcp_data_peek(sess, &len);
EXPECT_TRUE(payload == NULL);
EXPECT_TRUE(len == 0);
@@ -158,7 +158,7 @@ TEST(SESS_MGR_TCP_REASSEMBLY, OUT_OF_ORDER)
// update session
EXPECT_TRUE(session_manager_update_session(mgr, sess, &pkt, 6) == 0);
payload = session_peek_tcp_payload(sess, &len);
payload = tcp_data_peek(sess, &len);
EXPECT_TRUE(payload == NULL);
EXPECT_TRUE(len == 0);
@@ -202,40 +202,40 @@ TEST(SESS_MGR_TCP_REASSEMBLY, OUT_OF_ORDER)
0x35, 0x35, 0x35, 0x35, 0x35, 0x35, 0x35, 0x35, 0x35, 0x35, 0x35, 0x35, 0x35, 0x35, 0x35, 0x35, 0x35, 0x35, 0x35, 0x35, 0x35, 0x35, 0x35, 0x35, 0x35,
0x35, 0x35, 0x35, 0x35, 0x35, 0x35, 0x35, 0x35, 0x35, 0x35, 0x35, 0x35, 0x0a};
payload = session_peek_tcp_payload(sess, &len);
payload = tcp_data_peek(sess, &len);
EXPECT_TRUE(payload != NULL);
EXPECT_TRUE(len == sizeof(payload1));
EXPECT_TRUE(memcmp((void *)payload, payload1, sizeof(payload1)) == 0);
hex_dump(payload, len);
session_consume_tcp_payload(sess, len);
tcp_data_dequeue(sess, len);
payload = session_peek_tcp_payload(sess, &len);
payload = tcp_data_peek(sess, &len);
EXPECT_TRUE(payload != NULL);
EXPECT_TRUE(len == sizeof(payload2));
EXPECT_TRUE(memcmp((void *)payload, payload2, sizeof(payload2)) == 0);
hex_dump(payload, len);
session_consume_tcp_payload(sess, len);
tcp_data_dequeue(sess, len);
payload = session_peek_tcp_payload(sess, &len);
payload = tcp_data_peek(sess, &len);
EXPECT_TRUE(payload != NULL);
EXPECT_TRUE(len == sizeof(payload3));
EXPECT_TRUE(memcmp((void *)payload, payload3, sizeof(payload3)) == 0);
hex_dump(payload, len);
session_consume_tcp_payload(sess, len);
tcp_data_dequeue(sess, len);
payload = session_peek_tcp_payload(sess, &len);
payload = tcp_data_peek(sess, &len);
EXPECT_TRUE(payload != NULL);
EXPECT_TRUE(len == sizeof(payload4));
EXPECT_TRUE(memcmp((void *)payload, payload4, sizeof(payload4)) == 0);
hex_dump(payload, len);
session_consume_tcp_payload(sess, len);
tcp_data_dequeue(sess, len);
payload = session_peek_tcp_payload(sess, &len);
payload = tcp_data_peek(sess, &len);
EXPECT_TRUE(payload != NULL);
EXPECT_TRUE(len == sizeof(payload5));
EXPECT_TRUE(memcmp((void *)payload, payload5, sizeof(payload5)) == 0);
hex_dump(payload, len);
session_consume_tcp_payload(sess, len);
tcp_data_dequeue(sess, len);
// expire session
EXPECT_TRUE(session_manager_get_expired_session(mgr, 7 + opts.tcp_data_timeout) == NULL); // active -> closing
@@ -274,7 +274,7 @@ TEST(SESS_MGR_TCP_REASSEMBLY, SEQ_WRAPAROUND)
sess = session_manager_new_session(mgr, &pkt, 1);
EXPECT_TRUE(sess);
payload = session_peek_tcp_payload(sess, &len);
payload = tcp_data_peek(sess, &len);
EXPECT_TRUE(payload == NULL);
EXPECT_TRUE(len == 0);
@@ -289,7 +289,7 @@ TEST(SESS_MGR_TCP_REASSEMBLY, SEQ_WRAPAROUND)
// update session
EXPECT_TRUE(session_manager_update_session(mgr, sess, &pkt, 2) == 0);
payload = session_peek_tcp_payload(sess, &len);
payload = tcp_data_peek(sess, &len);
EXPECT_TRUE(payload == NULL);
EXPECT_TRUE(len == 0);
@@ -304,12 +304,12 @@ TEST(SESS_MGR_TCP_REASSEMBLY, SEQ_WRAPAROUND)
// update session
EXPECT_TRUE(session_manager_update_session(mgr, sess, &pkt, 3) == 0);
payload = session_peek_tcp_payload(sess, &len);
payload = tcp_data_peek(sess, &len);
EXPECT_TRUE(payload != NULL);
EXPECT_TRUE(len == sizeof(tcp_seq_wraparound_pkt3_payload));
EXPECT_TRUE(memcmp((void *)payload, tcp_seq_wraparound_pkt3_payload, sizeof(tcp_seq_wraparound_pkt3_payload)) == 0);
hex_dump(payload, len);
session_consume_tcp_payload(sess, len);
tcp_data_dequeue(sess, len);
// C2S Data Packet
printf("\n=> Packet Parse: TCP C2S Data packet\n");
@@ -322,12 +322,12 @@ TEST(SESS_MGR_TCP_REASSEMBLY, SEQ_WRAPAROUND)
// update session
EXPECT_TRUE(session_manager_update_session(mgr, sess, &pkt, 4) == 0);
payload = session_peek_tcp_payload(sess, &len);
payload = tcp_data_peek(sess, &len);
EXPECT_TRUE(payload != NULL);
EXPECT_TRUE(len == sizeof(tcp_seq_wraparound_pkt4_payload));
EXPECT_TRUE(memcmp((void *)payload, tcp_seq_wraparound_pkt4_payload, sizeof(tcp_seq_wraparound_pkt4_payload)) == 0);
hex_dump(payload, len);
session_consume_tcp_payload(sess, len);
tcp_data_dequeue(sess, len);
// expire session
EXPECT_TRUE(session_manager_get_expired_session(mgr, 4 + opts.tcp_data_timeout) == NULL); // active -> closing

2
src/session/test/gtest_session.cpp
View File

@@ -1,6 +1,6 @@
#include <gtest/gtest.h>
#include "session_private.h"
#include "session.h"
#define SESSION_KEY_IPV4_TCP(name) \
struct tuple6 name; \

12
src/session/test/gtest_session_table.cpp
View File

@@ -77,17 +77,17 @@ TEST(SESSION_TABLE, OP_SESSION)
sess1 = session_pool_pop(sess_pool);
EXPECT_TRUE(sess1 != NULL);
session_set_id(sess1, 1);
session_set_key(sess1, &tuple_1);
session_set_tuple(sess1, &tuple_1);
sess2 = session_pool_pop(sess_pool);
EXPECT_TRUE(sess2 != NULL);
session_set_id(sess2, 2);
session_set_key(sess2, &tuple_2);
session_set_tuple(sess2, &tuple_2);
sess3 = session_pool_pop(sess_pool);
EXPECT_TRUE(sess3 != NULL);
session_set_id(sess3, 3);
session_set_key(sess3, &tuple_3);
session_set_tuple(sess3, &tuple_3);
EXPECT_TRUE(session_table_add(sess_table, &tuple_1, sess1) == 0);
EXPECT_TRUE(session_table_get_count(sess_table) == 1);
@@ -152,21 +152,21 @@ TEST(SESSION_TABLE, FIND_OLDEST_NEWEST)
sess1 = session_pool_pop(sess_pool);
EXPECT_TRUE(sess1 != NULL);
session_set_id(sess1, 1);
session_set_key(sess1, &tuple_1);
session_set_tuple(sess1, &tuple_1);
EXPECT_TRUE(session_table_add(sess_table, &tuple_1, sess1) == 0);
EXPECT_TRUE(session_table_find_lru(sess_table) == sess1);
sess2 = session_pool_pop(sess_pool);
EXPECT_TRUE(sess2 != NULL);
session_set_id(sess2, 2);
session_set_key(sess2, &tuple_2);
session_set_tuple(sess2, &tuple_2);
EXPECT_TRUE(session_table_add(sess_table, &tuple_2, sess2) == 0);
EXPECT_TRUE(session_table_find_lru(sess_table) == sess1);
sess3 = session_pool_pop(sess_pool);
EXPECT_TRUE(sess3 != NULL);
session_set_id(sess3, 3);
session_set_key(sess3, &tuple_3);
session_set_tuple(sess3, &tuple_3);
EXPECT_TRUE(session_table_add(sess_table, &tuple_3, sess3) == 0);
EXPECT_TRUE(session_table_find_lru(sess_table) == sess1);

1
src/session/test/gtest_session_timer.cpp
View File

@@ -1,7 +1,6 @@
#include <gtest/gtest.h>
#include "session_timer.h"
#include "session_private.h"
TEST(SESSION_TIMER, EXPIRE)
{

124
src/session/test/gtest_state_tcp_active_to_closing.cpp
View File

@@ -116,23 +116,23 @@ TEST(TCP_ACTIVE_TO_CLOSING, BY_FIN_FIN)
EXPECT_TRUE(session_manager_update_session(mgr, sess, &pkt, 3) == 0);
EXPECT_TRUE(session_get_id(sess) != 0);
tuple6_to_str(session_get0_key(sess), buffer, sizeof(buffer));
tuple6_to_str(session_get_tuple(sess), buffer, sizeof(buffer));
EXPECT_STREQ(buffer, "192.168.38.105:60111 -> 93.184.216.34:80, proto: 6, domain: 0");
EXPECT_TRUE(session_get_key_dir(sess) == SESSION_DIR_C2S);
EXPECT_TRUE(session_get_tuple_dir(sess) == SESSION_DIR_C2S);
EXPECT_TRUE(session_get_state(sess) == SESSION_STATE_CLOSING);
EXPECT_TRUE(session_get_type(sess) == SESSION_TYPE_TCP);
EXPECT_TRUE(session_get_dup_traffic_flag(sess) == DUP_TRAFFIC_NO);
EXPECT_TRUE(session_has_dup_traffic(sess) == 0);
EXPECT_TRUE(session_get_closing_reason(sess) == CLOSING_BY_CLIENT_FIN);
EXPECT_TRUE(session_get_c2s_bytes(sess) == 78 + 145 + 66);
EXPECT_TRUE(session_get_s2c_bytes(sess) == 66);
EXPECT_TRUE(session_get_c2s_packets(sess) == 1 + 1 + 1);
EXPECT_TRUE(session_get_s2c_packets(sess) == 1);
EXPECT_TRUE(session_get_new_time(sess) == 1);
EXPECT_TRUE(session_get_last_time(sess) == 3);
EXPECT_TRUE(session_get0_cur_pkt(sess) == &pkt);
EXPECT_TRUE(session_get_metric(sess, SESSION_METRIC_C2S_BYTES) == 78 + 145 + 66);
EXPECT_TRUE(session_get_metric(sess, SESSION_METRIC_S2C_BYTES) == 66);
EXPECT_TRUE(session_get_metric(sess, SESSION_METRIC_C2S_PACKETS) == 1 + 1 + 1);
EXPECT_TRUE(session_get_metric(sess, SESSION_METRIC_S2C_PACKETS) == 1);
EXPECT_TRUE(session_get_timestamp(sess, SESSION_TIMESTAMP_NEW) == 1);
EXPECT_TRUE(session_get_timestamp(sess, SESSION_TIMESTAMP_LAST) == 3);
EXPECT_TRUE(session_get_packet(sess, SESSION_PACKET_CURRENT) == &pkt);
EXPECT_TRUE(session_get_cur_dir(sess) == SESSION_DIR_S2C);
EXPECT_TRUE(session_get0_c2s_1st_pkt(sess) != NULL);
EXPECT_TRUE(session_get0_s2c_1st_pkt(sess) != NULL);
EXPECT_TRUE(session_get_packet(sess, SESSION_PACKET_C2S_1ST) != NULL);
EXPECT_TRUE(session_get_packet(sess, SESSION_PACKET_S2C_1ST) != NULL);
session_dump(sess);
// check stat
@@ -190,7 +190,7 @@ TEST(TCP_ACTIVE_TO_CLOSING, BY_C2S_RST)
char tcp_pkt_c2s_rst[1500] = {0};
memcpy(tcp_pkt_c2s_rst, tcp_pkt9_c2s_fin, sizeof(tcp_pkt9_c2s_fin));
packet_parse(&pkt, (const char *)tcp_pkt_c2s_rst, sizeof(tcp_pkt9_c2s_fin));
const struct layer *tcp_layer = packet_get_innermost_layer(&pkt, LAYER_TYPE_TCP);
const struct pkt_layer *tcp_layer = packet_get_innermost_layer(&pkt, LAYER_TYPE_TCP);
EXPECT_TRUE(tcp_layer);
struct tcphdr *hdr = (struct tcphdr *)tcp_layer->hdr_ptr;
tcp_hdr_set_flags(hdr, 0);
@@ -204,23 +204,23 @@ TEST(TCP_ACTIVE_TO_CLOSING, BY_C2S_RST)
EXPECT_TRUE(session_manager_update_session(mgr, sess, &pkt, 3) == 0);
EXPECT_TRUE(session_get_id(sess) != 0);
tuple6_to_str(session_get0_key(sess), buffer, sizeof(buffer));
tuple6_to_str(session_get_tuple(sess), buffer, sizeof(buffer));
EXPECT_STREQ(buffer, "192.168.38.105:60111 -> 93.184.216.34:80, proto: 6, domain: 0");
EXPECT_TRUE(session_get_key_dir(sess) == SESSION_DIR_C2S);
EXPECT_TRUE(session_get_tuple_dir(sess) == SESSION_DIR_C2S);
EXPECT_TRUE(session_get_state(sess) == SESSION_STATE_CLOSING);
EXPECT_TRUE(session_get_type(sess) == SESSION_TYPE_TCP);
EXPECT_TRUE(session_get_dup_traffic_flag(sess) == DUP_TRAFFIC_NO);
EXPECT_TRUE(session_has_dup_traffic(sess) == 0);
EXPECT_TRUE(session_get_closing_reason(sess) == CLOSING_BY_CLIENT_RST);
EXPECT_TRUE(session_get_c2s_bytes(sess) == 78 + 145 + 66);
EXPECT_TRUE(session_get_s2c_bytes(sess) == 0);
EXPECT_TRUE(session_get_c2s_packets(sess) == 1 + 1 + 1);
EXPECT_TRUE(session_get_s2c_packets(sess) == 0);
EXPECT_TRUE(session_get_new_time(sess) == 1);
EXPECT_TRUE(session_get_last_time(sess) == 3);
EXPECT_TRUE(session_get0_cur_pkt(sess) == &pkt);
EXPECT_TRUE(session_get_metric(sess, SESSION_METRIC_C2S_BYTES) == 78 + 145 + 66);
EXPECT_TRUE(session_get_metric(sess, SESSION_METRIC_S2C_BYTES) == 0);
EXPECT_TRUE(session_get_metric(sess, SESSION_METRIC_C2S_PACKETS) == 1 + 1 + 1);
EXPECT_TRUE(session_get_metric(sess, SESSION_METRIC_S2C_PACKETS) == 0);
EXPECT_TRUE(session_get_timestamp(sess, SESSION_TIMESTAMP_NEW) == 1);
EXPECT_TRUE(session_get_timestamp(sess, SESSION_TIMESTAMP_LAST) == 3);
EXPECT_TRUE(session_get_packet(sess, SESSION_PACKET_CURRENT) == &pkt);
EXPECT_TRUE(session_get_cur_dir(sess) == SESSION_DIR_C2S);
EXPECT_TRUE(session_get0_c2s_1st_pkt(sess) != NULL);
EXPECT_TRUE(session_get0_s2c_1st_pkt(sess) == NULL);
EXPECT_TRUE(session_get_packet(sess, SESSION_PACKET_C2S_1ST) != NULL);
EXPECT_TRUE(session_get_packet(sess, SESSION_PACKET_S2C_1ST) == NULL);
session_dump(sess);
// check stat
@@ -278,7 +278,7 @@ TEST(TCP_ACTIVE_TO_CLOSING, BY_S2C_RST)
char tcp_pkt_s2c_rst[1500] = {0};
memcpy(tcp_pkt_s2c_rst, tcp_pkt10_s2c_fin, sizeof(tcp_pkt10_s2c_fin));
packet_parse(&pkt, (const char *)tcp_pkt_s2c_rst, sizeof(tcp_pkt10_s2c_fin));
const struct layer *tcp_layer = packet_get_innermost_layer(&pkt, LAYER_TYPE_TCP);
const struct pkt_layer *tcp_layer = packet_get_innermost_layer(&pkt, LAYER_TYPE_TCP);
EXPECT_TRUE(tcp_layer);
struct tcphdr *hdr = (struct tcphdr *)tcp_layer->hdr_ptr;
tcp_hdr_set_flags(hdr, 0);
@@ -292,23 +292,23 @@ TEST(TCP_ACTIVE_TO_CLOSING, BY_S2C_RST)
EXPECT_TRUE(session_manager_update_session(mgr, sess, &pkt, 3) == 0);
EXPECT_TRUE(session_get_id(sess) != 0);
tuple6_to_str(session_get0_key(sess), buffer, sizeof(buffer));
tuple6_to_str(session_get_tuple(sess), buffer, sizeof(buffer));
EXPECT_STREQ(buffer, "192.168.38.105:60111 -> 93.184.216.34:80, proto: 6, domain: 0");
EXPECT_TRUE(session_get_key_dir(sess) == SESSION_DIR_C2S);
EXPECT_TRUE(session_get_tuple_dir(sess) == SESSION_DIR_C2S);
EXPECT_TRUE(session_get_state(sess) == SESSION_STATE_CLOSING);
EXPECT_TRUE(session_get_type(sess) == SESSION_TYPE_TCP);
EXPECT_TRUE(session_get_dup_traffic_flag(sess) == DUP_TRAFFIC_NO);
EXPECT_TRUE(session_has_dup_traffic(sess) == 0);
EXPECT_TRUE(session_get_closing_reason(sess) == CLOSING_BY_SERVER_RST);
EXPECT_TRUE(session_get_c2s_bytes(sess) == 78 + 145);
EXPECT_TRUE(session_get_s2c_bytes(sess) == 66);
EXPECT_TRUE(session_get_c2s_packets(sess) == 1 + 1);
EXPECT_TRUE(session_get_s2c_packets(sess) == 1);
EXPECT_TRUE(session_get_new_time(sess) == 1);
EXPECT_TRUE(session_get_last_time(sess) == 3);
EXPECT_TRUE(session_get0_cur_pkt(sess) == &pkt);
EXPECT_TRUE(session_get_metric(sess, SESSION_METRIC_C2S_BYTES) == 78 + 145);
EXPECT_TRUE(session_get_metric(sess, SESSION_METRIC_S2C_BYTES) == 66);
EXPECT_TRUE(session_get_metric(sess, SESSION_METRIC_C2S_PACKETS) == 1 + 1);
EXPECT_TRUE(session_get_metric(sess, SESSION_METRIC_S2C_PACKETS) == 1);
EXPECT_TRUE(session_get_timestamp(sess, SESSION_TIMESTAMP_NEW) == 1);
EXPECT_TRUE(session_get_timestamp(sess, SESSION_TIMESTAMP_LAST) == 3);
EXPECT_TRUE(session_get_packet(sess, SESSION_PACKET_CURRENT) == &pkt);
EXPECT_TRUE(session_get_cur_dir(sess) == SESSION_DIR_S2C);
EXPECT_TRUE(session_get0_c2s_1st_pkt(sess) != NULL);
EXPECT_TRUE(session_get0_s2c_1st_pkt(sess) != NULL);
EXPECT_TRUE(session_get_packet(sess, SESSION_PACKET_C2S_1ST) != NULL);
EXPECT_TRUE(session_get_packet(sess, SESSION_PACKET_S2C_1ST) != NULL);
session_dump(sess);
// check stat
@@ -422,23 +422,23 @@ TEST(TCP_ACTIVE_TO_CLOSING, BY_C2S_HALF_CLOSED_TIMEOUT)
EXPECT_TRUE(session_manager_update_session(mgr, sess, &pkt, 3) == 0);
EXPECT_TRUE(session_get_id(sess) != 0);
tuple6_to_str(session_get0_key(sess), buffer, sizeof(buffer));
tuple6_to_str(session_get_tuple(sess), buffer, sizeof(buffer));
EXPECT_STREQ(buffer, "192.168.38.105:60111 -> 93.184.216.34:80, proto: 6, domain: 0");
EXPECT_TRUE(session_get_key_dir(sess) == SESSION_DIR_C2S);
EXPECT_TRUE(session_get_tuple_dir(sess) == SESSION_DIR_C2S);
EXPECT_TRUE(session_get_state(sess) == SESSION_STATE_CLOSING);
EXPECT_TRUE(session_get_type(sess) == SESSION_TYPE_TCP);
EXPECT_TRUE(session_get_dup_traffic_flag(sess) == DUP_TRAFFIC_NO);
EXPECT_TRUE(session_has_dup_traffic(sess) == 0);
EXPECT_TRUE(session_get_closing_reason(sess) == CLOSING_BY_CLIENT_FIN);
EXPECT_TRUE(session_get_c2s_bytes(sess) == 78 + 145 + 66);
EXPECT_TRUE(session_get_s2c_bytes(sess) == 0);
EXPECT_TRUE(session_get_c2s_packets(sess) == 1 + 1 + 1);
EXPECT_TRUE(session_get_s2c_packets(sess) == 0);
EXPECT_TRUE(session_get_new_time(sess) == 1);
EXPECT_TRUE(session_get_last_time(sess) == 3);
EXPECT_TRUE(session_get0_cur_pkt(sess) == &pkt);
EXPECT_TRUE(session_get_metric(sess, SESSION_METRIC_C2S_BYTES) == 78 + 145 + 66);
EXPECT_TRUE(session_get_metric(sess, SESSION_METRIC_S2C_BYTES) == 0);
EXPECT_TRUE(session_get_metric(sess, SESSION_METRIC_C2S_PACKETS) == 1 + 1 + 1);
EXPECT_TRUE(session_get_metric(sess, SESSION_METRIC_S2C_PACKETS) == 0);
EXPECT_TRUE(session_get_timestamp(sess, SESSION_TIMESTAMP_NEW) == 1);
EXPECT_TRUE(session_get_timestamp(sess, SESSION_TIMESTAMP_LAST) == 3);
EXPECT_TRUE(session_get_packet(sess, SESSION_PACKET_CURRENT) == &pkt);
EXPECT_TRUE(session_get_cur_dir(sess) == SESSION_DIR_C2S);
EXPECT_TRUE(session_get0_c2s_1st_pkt(sess) != NULL);
EXPECT_TRUE(session_get0_s2c_1st_pkt(sess) == NULL);
EXPECT_TRUE(session_get_packet(sess, SESSION_PACKET_C2S_1ST) != NULL);
EXPECT_TRUE(session_get_packet(sess, SESSION_PACKET_S2C_1ST) == NULL);
session_dump(sess);
// check stat
@@ -503,23 +503,23 @@ TEST(TCP_ACTIVE_TO_CLOSING, BY_S2C_HALF_CLOSED_TIMEOUT)
EXPECT_TRUE(session_manager_update_session(mgr, sess, &pkt, 3) == 0);
EXPECT_TRUE(session_get_id(sess) != 0);
tuple6_to_str(session_get0_key(sess), buffer, sizeof(buffer));
tuple6_to_str(session_get_tuple(sess), buffer, sizeof(buffer));
EXPECT_STREQ(buffer, "192.168.38.105:60111 -> 93.184.216.34:80, proto: 6, domain: 0");
EXPECT_TRUE(session_get_key_dir(sess) == SESSION_DIR_C2S);
EXPECT_TRUE(session_get_tuple_dir(sess) == SESSION_DIR_C2S);
EXPECT_TRUE(session_get_state(sess) == SESSION_STATE_CLOSING);
EXPECT_TRUE(session_get_type(sess) == SESSION_TYPE_TCP);
EXPECT_TRUE(session_get_dup_traffic_flag(sess) == DUP_TRAFFIC_NO);
EXPECT_TRUE(session_has_dup_traffic(sess) == 0);
EXPECT_TRUE(session_get_closing_reason(sess) == CLOSING_BY_SERVER_FIN);
EXPECT_TRUE(session_get_c2s_bytes(sess) == 78 + 145);
EXPECT_TRUE(session_get_s2c_bytes(sess) == 66);
EXPECT_TRUE(session_get_c2s_packets(sess) == 1 + 1);
EXPECT_TRUE(session_get_s2c_packets(sess) == 1);
EXPECT_TRUE(session_get_new_time(sess) == 1);
EXPECT_TRUE(session_get_last_time(sess) == 3);
EXPECT_TRUE(session_get0_cur_pkt(sess) == &pkt);
EXPECT_TRUE(session_get_metric(sess, SESSION_METRIC_C2S_BYTES) == 78 + 145);
EXPECT_TRUE(session_get_metric(sess, SESSION_METRIC_S2C_BYTES) == 66);
EXPECT_TRUE(session_get_metric(sess, SESSION_METRIC_C2S_PACKETS) == 1 + 1);
EXPECT_TRUE(session_get_metric(sess, SESSION_METRIC_S2C_PACKETS) == 1);
EXPECT_TRUE(session_get_timestamp(sess, SESSION_TIMESTAMP_NEW) == 1);
EXPECT_TRUE(session_get_timestamp(sess, SESSION_TIMESTAMP_LAST) == 3);
EXPECT_TRUE(session_get_packet(sess, SESSION_PACKET_CURRENT) == &pkt);
EXPECT_TRUE(session_get_cur_dir(sess) == SESSION_DIR_S2C);
EXPECT_TRUE(session_get0_c2s_1st_pkt(sess) != NULL);
EXPECT_TRUE(session_get0_s2c_1st_pkt(sess) != NULL);
EXPECT_TRUE(session_get_packet(sess, SESSION_PACKET_C2S_1ST) != NULL);
EXPECT_TRUE(session_get_packet(sess, SESSION_PACKET_S2C_1ST) != NULL);
session_dump(sess);
// check stat

203
src/session/test/gtest_state_tcp_init_to_opening.cpp
View File

@@ -75,24 +75,23 @@ TEST(TCP_INIT_TO_OPENING, BY_SYN)
EXPECT_TRUE(sess);
EXPECT_TRUE(session_get_id(sess) != 0);
tuple6_to_str(session_get0_key(sess), buffer, sizeof(buffer));
tuple6_to_str(session_get_tuple(sess), buffer, sizeof(buffer));
EXPECT_STREQ(buffer, "192.168.38.105:60111 -> 93.184.216.34:80, proto: 6, domain: 0");
EXPECT_TRUE(session_get_key_dir(sess) == SESSION_DIR_C2S);
EXPECT_TRUE(session_get_tuple_dir(sess) == SESSION_DIR_C2S);
EXPECT_TRUE(session_get_state(sess) == SESSION_STATE_OPENING);
EXPECT_TRUE(session_get_type(sess) == SESSION_TYPE_TCP);
EXPECT_TRUE(session_get_dup_traffic_flag(sess) == DUP_TRAFFIC_NO);
EXPECT_TRUE(session_has_dup_traffic(sess) == 0);
EXPECT_TRUE(session_get_closing_reason(sess) == 0);
EXPECT_TRUE(session_get_c2s_bytes(sess) == 78);
EXPECT_TRUE(session_get_s2c_bytes(sess) == 0);
EXPECT_TRUE(session_get_c2s_packets(sess) == 1);
EXPECT_TRUE(session_get_s2c_packets(sess) == 0);
EXPECT_TRUE(session_get_new_time(sess) == 1);
EXPECT_TRUE(session_get_last_time(sess) == 1);
EXPECT_TRUE(session_get0_cur_pkt(sess) == &pkt);
EXPECT_TRUE(session_get_metric(sess, SESSION_METRIC_C2S_BYTES) == 78);
EXPECT_TRUE(session_get_metric(sess, SESSION_METRIC_S2C_BYTES) == 0);
EXPECT_TRUE(session_get_metric(sess, SESSION_METRIC_C2S_PACKETS) == 1);
EXPECT_TRUE(session_get_metric(sess, SESSION_METRIC_S2C_PACKETS) == 0);
EXPECT_TRUE(session_get_timestamp(sess, SESSION_TIMESTAMP_NEW) == 1);
EXPECT_TRUE(session_get_timestamp(sess, SESSION_TIMESTAMP_LAST) == 1);
EXPECT_TRUE(session_get_packet(sess, SESSION_PACKET_CURRENT) == &pkt);
EXPECT_TRUE(session_get_cur_dir(sess) == SESSION_DIR_C2S);
EXPECT_TRUE(session_get0_c2s_1st_pkt(sess) != NULL);
EXPECT_TRUE(session_get0_s2c_1st_pkt(sess) == NULL);
EXPECT_TRUE(session_get0_1st_pkt(sess) == session_get0_c2s_1st_pkt(sess));
EXPECT_TRUE(session_get_packet(sess, SESSION_PACKET_C2S_1ST) != NULL);
EXPECT_TRUE(session_get_packet(sess, SESSION_PACKET_S2C_1ST) == NULL);
session_dump(sess);
// check stat
@@ -155,24 +154,23 @@ TEST(TCP_INIT_TO_OPENING, BY_SYNACK)
EXPECT_TRUE(sess);
EXPECT_TRUE(session_get_id(sess) != 0);
tuple6_to_str(session_get0_key(sess), buffer, sizeof(buffer));
tuple6_to_str(session_get_tuple(sess), buffer, sizeof(buffer));
EXPECT_STREQ(buffer, "93.184.216.34:80 -> 192.168.38.105:60111, proto: 6, domain: 0");
EXPECT_TRUE(session_get_key_dir(sess) == SESSION_DIR_S2C);
EXPECT_TRUE(session_get_tuple_dir(sess) == SESSION_DIR_S2C);
EXPECT_TRUE(session_get_state(sess) == SESSION_STATE_OPENING);
EXPECT_TRUE(session_get_type(sess) == SESSION_TYPE_TCP);
EXPECT_TRUE(session_get_dup_traffic_flag(sess) == DUP_TRAFFIC_NO);
EXPECT_TRUE(session_has_dup_traffic(sess) == 0);
EXPECT_TRUE(session_get_closing_reason(sess) == 0);
EXPECT_TRUE(session_get_c2s_bytes(sess) == 0);
EXPECT_TRUE(session_get_s2c_bytes(sess) == 74);
EXPECT_TRUE(session_get_c2s_packets(sess) == 0);
EXPECT_TRUE(session_get_s2c_packets(sess) == 1);
EXPECT_TRUE(session_get_new_time(sess) == 1);
EXPECT_TRUE(session_get_last_time(sess) == 1);
EXPECT_TRUE(session_get0_cur_pkt(sess) == &pkt);
EXPECT_TRUE(session_get_metric(sess, SESSION_METRIC_C2S_BYTES) == 0);
EXPECT_TRUE(session_get_metric(sess, SESSION_METRIC_S2C_BYTES) == 74);
EXPECT_TRUE(session_get_metric(sess, SESSION_METRIC_C2S_PACKETS) == 0);
EXPECT_TRUE(session_get_metric(sess, SESSION_METRIC_S2C_PACKETS) == 1);
EXPECT_TRUE(session_get_timestamp(sess, SESSION_TIMESTAMP_NEW) == 1);
EXPECT_TRUE(session_get_timestamp(sess, SESSION_TIMESTAMP_LAST) == 1);
EXPECT_TRUE(session_get_packet(sess, SESSION_PACKET_CURRENT) == &pkt);
EXPECT_TRUE(session_get_cur_dir(sess) == SESSION_DIR_S2C);
EXPECT_TRUE(session_get0_c2s_1st_pkt(sess) == NULL);
EXPECT_TRUE(session_get0_s2c_1st_pkt(sess) != NULL);
EXPECT_TRUE(session_get0_1st_pkt(sess) == session_get0_s2c_1st_pkt(sess));
EXPECT_TRUE(session_get_packet(sess, SESSION_PACKET_C2S_1ST) == NULL);
EXPECT_TRUE(session_get_packet(sess, SESSION_PACKET_S2C_1ST) != NULL);
session_dump(sess);
// check stat
@@ -246,24 +244,23 @@ TEST(TCP_INIT_TO_OPENING, BY_SYN_SYNACK)
EXPECT_TRUE(session_manager_update_session(mgr, sess, &pkt, 2) == 0);
EXPECT_TRUE(session_get_id(sess) != 0);
tuple6_to_str(session_get0_key(sess), buffer, sizeof(buffer));
tuple6_to_str(session_get_tuple(sess), buffer, sizeof(buffer));
EXPECT_STREQ(buffer, "192.168.38.105:60111 -> 93.184.216.34:80, proto: 6, domain: 0");
EXPECT_TRUE(session_get_key_dir(sess) == SESSION_DIR_C2S);
EXPECT_TRUE(session_get_tuple_dir(sess) == SESSION_DIR_C2S);
EXPECT_TRUE(session_get_state(sess) == SESSION_STATE_OPENING);
EXPECT_TRUE(session_get_type(sess) == SESSION_TYPE_TCP);
EXPECT_TRUE(session_get_dup_traffic_flag(sess) == DUP_TRAFFIC_NO);
EXPECT_TRUE(session_has_dup_traffic(sess) == 0);
EXPECT_TRUE(session_get_closing_reason(sess) == 0);
EXPECT_TRUE(session_get_c2s_bytes(sess) == 78);
EXPECT_TRUE(session_get_s2c_bytes(sess) == 74);
EXPECT_TRUE(session_get_c2s_packets(sess) == 1);
EXPECT_TRUE(session_get_s2c_packets(sess) == 1);
EXPECT_TRUE(session_get_new_time(sess) == 1);
EXPECT_TRUE(session_get_last_time(sess) == 2);
EXPECT_TRUE(session_get0_cur_pkt(sess) == &pkt);
EXPECT_TRUE(session_get_metric(sess, SESSION_METRIC_C2S_BYTES) == 78);
EXPECT_TRUE(session_get_metric(sess, SESSION_METRIC_S2C_BYTES) == 74);
EXPECT_TRUE(session_get_metric(sess, SESSION_METRIC_C2S_PACKETS) == 1);
EXPECT_TRUE(session_get_metric(sess, SESSION_METRIC_S2C_PACKETS) == 1);
EXPECT_TRUE(session_get_timestamp(sess, SESSION_TIMESTAMP_NEW) == 1);
EXPECT_TRUE(session_get_timestamp(sess, SESSION_TIMESTAMP_LAST) == 2);
EXPECT_TRUE(session_get_packet(sess, SESSION_PACKET_CURRENT) == &pkt);
EXPECT_TRUE(session_get_cur_dir(sess) == SESSION_DIR_S2C);
EXPECT_TRUE(session_get0_c2s_1st_pkt(sess) != NULL);
EXPECT_TRUE(session_get0_s2c_1st_pkt(sess) != NULL);
EXPECT_TRUE(session_get0_1st_pkt(sess) == session_get0_c2s_1st_pkt(sess));
EXPECT_TRUE(session_get_packet(sess, SESSION_PACKET_C2S_1ST) != NULL);
EXPECT_TRUE(session_get_packet(sess, SESSION_PACKET_S2C_1ST) != NULL);
session_dump(sess);
// check stat
@@ -348,23 +345,23 @@ TEST(TCP_INIT_TO_OPENING, BY_SYN_SYNACK_ACK)
EXPECT_TRUE(session_manager_update_session(mgr, sess, &pkt, 3) == 0);
EXPECT_TRUE(session_get_id(sess) != 0);
tuple6_to_str(session_get0_key(sess), buffer, sizeof(buffer));
tuple6_to_str(session_get_tuple(sess), buffer, sizeof(buffer));
EXPECT_STREQ(buffer, "192.168.38.105:60111 -> 93.184.216.34:80, proto: 6, domain: 0");
EXPECT_TRUE(session_get_key_dir(sess) == SESSION_DIR_C2S);
EXPECT_TRUE(session_get_tuple_dir(sess) == SESSION_DIR_C2S);
EXPECT_TRUE(session_get_state(sess) == SESSION_STATE_OPENING);
EXPECT_TRUE(session_get_type(sess) == SESSION_TYPE_TCP);
EXPECT_TRUE(session_get_dup_traffic_flag(sess) == DUP_TRAFFIC_NO);
EXPECT_TRUE(session_has_dup_traffic(sess) == 0);
EXPECT_TRUE(session_get_closing_reason(sess) == 0);
EXPECT_TRUE(session_get_c2s_bytes(sess) == 78 + 66);
EXPECT_TRUE(session_get_s2c_bytes(sess) == 74);
EXPECT_TRUE(session_get_c2s_packets(sess) == 1 + 1);
EXPECT_TRUE(session_get_s2c_packets(sess) == 1);
EXPECT_TRUE(session_get_new_time(sess) == 1);
EXPECT_TRUE(session_get_last_time(sess) == 3);
EXPECT_TRUE(session_get0_cur_pkt(sess) == &pkt);
EXPECT_TRUE(session_get_metric(sess, SESSION_METRIC_C2S_BYTES) == 78 + 66);
EXPECT_TRUE(session_get_metric(sess, SESSION_METRIC_S2C_BYTES) == 74);
EXPECT_TRUE(session_get_metric(sess, SESSION_METRIC_C2S_PACKETS) == 1 + 1);
EXPECT_TRUE(session_get_metric(sess, SESSION_METRIC_S2C_PACKETS) == 1);
EXPECT_TRUE(session_get_timestamp(sess, SESSION_TIMESTAMP_NEW) == 1);
EXPECT_TRUE(session_get_timestamp(sess, SESSION_TIMESTAMP_LAST) == 3);
EXPECT_TRUE(session_get_packet(sess, SESSION_PACKET_CURRENT) == &pkt);
EXPECT_TRUE(session_get_cur_dir(sess) == SESSION_DIR_C2S);
EXPECT_TRUE(session_get0_c2s_1st_pkt(sess) != NULL);
EXPECT_TRUE(session_get0_s2c_1st_pkt(sess) != NULL);
EXPECT_TRUE(session_get_packet(sess, SESSION_PACKET_C2S_1ST) != NULL);
EXPECT_TRUE(session_get_packet(sess, SESSION_PACKET_S2C_1ST) != NULL);
session_dump(sess);
// check stat
@@ -433,7 +430,7 @@ TEST(TCP_INIT_TO_OPENING, BY_SYN_RETRANSMISSION)
char syn_retransmission[1500] = {0};
memcpy(syn_retransmission, tcp_pkt1_c2s_syn, sizeof(tcp_pkt1_c2s_syn));
packet_parse(&pkt, (const char *)syn_retransmission, sizeof(tcp_pkt1_c2s_syn));
const struct layer *ipv4_layer = packet_get_innermost_layer(&pkt, LAYER_TYPE_IPV4);
const struct pkt_layer *ipv4_layer = packet_get_innermost_layer(&pkt, LAYER_TYPE_IPV4);
struct ip *hdr = (struct ip *)ipv4_layer->hdr_ptr;
ipv4_hdr_set_ipid(hdr, 0x1234);
printf("<= Packet Parse: done\n\n");
@@ -445,24 +442,23 @@ TEST(TCP_INIT_TO_OPENING, BY_SYN_RETRANSMISSION)
EXPECT_TRUE(session_manager_update_session(mgr, sess, &pkt, 2) == 0);
EXPECT_TRUE(session_get_id(sess) != 0);
tuple6_to_str(session_get0_key(sess), buffer, sizeof(buffer));
tuple6_to_str(session_get_tuple(sess), buffer, sizeof(buffer));
EXPECT_STREQ(buffer, "192.168.38.105:60111 -> 93.184.216.34:80, proto: 6, domain: 0");
EXPECT_TRUE(session_get_key_dir(sess) == SESSION_DIR_C2S);
EXPECT_TRUE(session_get_tuple_dir(sess) == SESSION_DIR_C2S);
EXPECT_TRUE(session_get_state(sess) == SESSION_STATE_OPENING);
EXPECT_TRUE(session_get_type(sess) == SESSION_TYPE_TCP);
EXPECT_TRUE(session_get_dup_traffic_flag(sess) == DUP_TRAFFIC_NO);
EXPECT_TRUE(session_has_dup_traffic(sess) == 0);
EXPECT_TRUE(session_get_closing_reason(sess) == 0);
EXPECT_TRUE(session_get_c2s_bytes(sess) == 78 + 78);
EXPECT_TRUE(session_get_s2c_bytes(sess) == 0);
EXPECT_TRUE(session_get_c2s_packets(sess) == 1 + 1);
EXPECT_TRUE(session_get_s2c_packets(sess) == 0);
EXPECT_TRUE(session_get_new_time(sess) == 1);
EXPECT_TRUE(session_get_last_time(sess) == 2);
EXPECT_TRUE(session_get0_cur_pkt(sess) == &pkt);
EXPECT_TRUE(session_get_metric(sess, SESSION_METRIC_C2S_BYTES) == 78 + 78);
EXPECT_TRUE(session_get_metric(sess, SESSION_METRIC_S2C_BYTES) == 0);
EXPECT_TRUE(session_get_metric(sess, SESSION_METRIC_C2S_PACKETS) == 1 + 1);
EXPECT_TRUE(session_get_metric(sess, SESSION_METRIC_S2C_PACKETS) == 0);
EXPECT_TRUE(session_get_timestamp(sess, SESSION_TIMESTAMP_NEW) == 1);
EXPECT_TRUE(session_get_timestamp(sess, SESSION_TIMESTAMP_LAST) == 2);
EXPECT_TRUE(session_get_packet(sess, SESSION_PACKET_CURRENT) == &pkt);
EXPECT_TRUE(session_get_cur_dir(sess) == SESSION_DIR_C2S);
EXPECT_TRUE(session_get0_c2s_1st_pkt(sess) != NULL);
EXPECT_TRUE(session_get0_s2c_1st_pkt(sess) == NULL);
EXPECT_TRUE(session_get0_1st_pkt(sess) == session_get0_c2s_1st_pkt(sess));
EXPECT_TRUE(session_get_packet(sess, SESSION_PACKET_C2S_1ST) != NULL);
EXPECT_TRUE(session_get_packet(sess, SESSION_PACKET_S2C_1ST) == NULL);
session_dump(sess);
// check stat
@@ -531,7 +527,7 @@ TEST(TCP_INIT_TO_OPENING, BY_SYNACK_RETRANSMISSION)
char tcp_pkt_s2c_synack_retransmission[1500] = {0};
memcpy(tcp_pkt_s2c_synack_retransmission, tcp_pkt2_s2c_syn_ack, sizeof(tcp_pkt2_s2c_syn_ack));
packet_parse(&pkt, (const char *)tcp_pkt_s2c_synack_retransmission, sizeof(tcp_pkt2_s2c_syn_ack));
const struct layer *ipv4_layer = packet_get_innermost_layer(&pkt, LAYER_TYPE_IPV4);
const struct pkt_layer *ipv4_layer = packet_get_innermost_layer(&pkt, LAYER_TYPE_IPV4);
EXPECT_TRUE(ipv4_layer);
struct ip *hdr = (struct ip *)ipv4_layer->hdr_ptr;
ipv4_hdr_set_ipid(hdr, 0x1234);
@@ -544,24 +540,23 @@ TEST(TCP_INIT_TO_OPENING, BY_SYNACK_RETRANSMISSION)
EXPECT_TRUE(session_manager_update_session(mgr, sess, &pkt, 2) == 0);
EXPECT_TRUE(session_get_id(sess) != 0);
tuple6_to_str(session_get0_key(sess), buffer, sizeof(buffer));
tuple6_to_str(session_get_tuple(sess), buffer, sizeof(buffer));
EXPECT_STREQ(buffer, "93.184.216.34:80 -> 192.168.38.105:60111, proto: 6, domain: 0");
EXPECT_TRUE(session_get_key_dir(sess) == SESSION_DIR_S2C);
EXPECT_TRUE(session_get_tuple_dir(sess) == SESSION_DIR_S2C);
EXPECT_TRUE(session_get_state(sess) == SESSION_STATE_OPENING);
EXPECT_TRUE(session_get_type(sess) == SESSION_TYPE_TCP);
EXPECT_TRUE(session_get_dup_traffic_flag(sess) == DUP_TRAFFIC_NO);
EXPECT_TRUE(session_has_dup_traffic(sess) == 0);
EXPECT_TRUE(session_get_closing_reason(sess) == 0);
EXPECT_TRUE(session_get_c2s_bytes(sess) == 0);
EXPECT_TRUE(session_get_s2c_bytes(sess) == 74 + 74);
EXPECT_TRUE(session_get_c2s_packets(sess) == 0);
EXPECT_TRUE(session_get_s2c_packets(sess) == 1 + 1);
EXPECT_TRUE(session_get_new_time(sess) == 1);
EXPECT_TRUE(session_get_last_time(sess) == 2);
EXPECT_TRUE(session_get0_cur_pkt(sess) == &pkt);
EXPECT_TRUE(session_get_metric(sess, SESSION_METRIC_C2S_BYTES) == 0);
EXPECT_TRUE(session_get_metric(sess, SESSION_METRIC_S2C_BYTES) == 74 + 74);
EXPECT_TRUE(session_get_metric(sess, SESSION_METRIC_C2S_PACKETS) == 0);
EXPECT_TRUE(session_get_metric(sess, SESSION_METRIC_S2C_PACKETS) == 1 + 1);
EXPECT_TRUE(session_get_timestamp(sess, SESSION_TIMESTAMP_NEW) == 1);
EXPECT_TRUE(session_get_timestamp(sess, SESSION_TIMESTAMP_LAST) == 2);
EXPECT_TRUE(session_get_packet(sess, SESSION_PACKET_CURRENT) == &pkt);
EXPECT_TRUE(session_get_cur_dir(sess) == SESSION_DIR_S2C);
EXPECT_TRUE(session_get0_c2s_1st_pkt(sess) == NULL);
EXPECT_TRUE(session_get0_s2c_1st_pkt(sess) != NULL);
EXPECT_TRUE(session_get0_1st_pkt(sess) == session_get0_s2c_1st_pkt(sess));
EXPECT_TRUE(session_get_packet(sess, SESSION_PACKET_C2S_1ST) == NULL);
EXPECT_TRUE(session_get_packet(sess, SESSION_PACKET_S2C_1ST) != NULL);
session_dump(sess);
// check stat
@@ -635,24 +630,23 @@ TEST(TCP_INIT_TO_OPENING, BY_C2S_ASMMETRIC)
EXPECT_TRUE(session_manager_update_session(mgr, sess, &pkt, 2) == 0);
EXPECT_TRUE(session_get_id(sess) != 0);
tuple6_to_str(session_get0_key(sess), buffer, sizeof(buffer));
tuple6_to_str(session_get_tuple(sess), buffer, sizeof(buffer));
EXPECT_STREQ(buffer, "192.168.38.105:60111 -> 93.184.216.34:80, proto: 6, domain: 0");
EXPECT_TRUE(session_get_key_dir(sess) == SESSION_DIR_C2S);
EXPECT_TRUE(session_get_tuple_dir(sess) == SESSION_DIR_C2S);
EXPECT_TRUE(session_get_state(sess) == SESSION_STATE_OPENING);
EXPECT_TRUE(session_get_type(sess) == SESSION_TYPE_TCP);
EXPECT_TRUE(session_get_dup_traffic_flag(sess) == DUP_TRAFFIC_NO);
EXPECT_TRUE(session_has_dup_traffic(sess) == 0);
EXPECT_TRUE(session_get_closing_reason(sess) == 0);
EXPECT_TRUE(session_get_c2s_bytes(sess) == 78 + 66);
EXPECT_TRUE(session_get_s2c_bytes(sess) == 0);
EXPECT_TRUE(session_get_c2s_packets(sess) == 1 + 1);
EXPECT_TRUE(session_get_s2c_packets(sess) == 0);
EXPECT_TRUE(session_get_new_time(sess) == 1);
EXPECT_TRUE(session_get_last_time(sess) == 2);
EXPECT_TRUE(session_get0_cur_pkt(sess) == &pkt);
EXPECT_TRUE(session_get_metric(sess, SESSION_METRIC_C2S_BYTES) == 78 + 66);
EXPECT_TRUE(session_get_metric(sess, SESSION_METRIC_S2C_BYTES) == 0);
EXPECT_TRUE(session_get_metric(sess, SESSION_METRIC_C2S_PACKETS) == 1 + 1);
EXPECT_TRUE(session_get_metric(sess, SESSION_METRIC_S2C_PACKETS) == 0);
EXPECT_TRUE(session_get_timestamp(sess, SESSION_TIMESTAMP_NEW) == 1);
EXPECT_TRUE(session_get_timestamp(sess, SESSION_TIMESTAMP_LAST) == 2);
EXPECT_TRUE(session_get_packet(sess, SESSION_PACKET_CURRENT) == &pkt);
EXPECT_TRUE(session_get_cur_dir(sess) == SESSION_DIR_C2S);
EXPECT_TRUE(session_get0_c2s_1st_pkt(sess) != NULL);
EXPECT_TRUE(session_get0_s2c_1st_pkt(sess) == NULL);
EXPECT_TRUE(session_get0_1st_pkt(sess) == session_get0_c2s_1st_pkt(sess));
EXPECT_TRUE(session_get_packet(sess, SESSION_PACKET_C2S_1ST) != NULL);
EXPECT_TRUE(session_get_packet(sess, SESSION_PACKET_S2C_1ST) == NULL);
session_dump(sess);
// check stat
@@ -726,24 +720,23 @@ TEST(TCP_INIT_TO_OPENING, BY_S2C_ASMMETRIC)
EXPECT_TRUE(session_manager_update_session(mgr, sess, &pkt, 2) == 0);
EXPECT_TRUE(session_get_id(sess) != 0);
tuple6_to_str(session_get0_key(sess), buffer, sizeof(buffer));
tuple6_to_str(session_get_tuple(sess), buffer, sizeof(buffer));
EXPECT_STREQ(buffer, "93.184.216.34:80 -> 192.168.38.105:60111, proto: 6, domain: 0");
EXPECT_TRUE(session_get_key_dir(sess) == SESSION_DIR_S2C);
EXPECT_TRUE(session_get_tuple_dir(sess) == SESSION_DIR_S2C);
EXPECT_TRUE(session_get_state(sess) == SESSION_STATE_OPENING);
EXPECT_TRUE(session_get_type(sess) == SESSION_TYPE_TCP);
EXPECT_TRUE(session_get_dup_traffic_flag(sess) == DUP_TRAFFIC_NO);
EXPECT_TRUE(session_has_dup_traffic(sess) == 0);
EXPECT_TRUE(session_get_closing_reason(sess) == 0);
EXPECT_TRUE(session_get_c2s_bytes(sess) == 0);
EXPECT_TRUE(session_get_s2c_bytes(sess) == 74 + 66);
EXPECT_TRUE(session_get_c2s_packets(sess) == 0);
EXPECT_TRUE(session_get_s2c_packets(sess) == 1 + 1);
EXPECT_TRUE(session_get_new_time(sess) == 1);
EXPECT_TRUE(session_get_last_time(sess) == 2);
EXPECT_TRUE(session_get0_cur_pkt(sess) == &pkt);
EXPECT_TRUE(session_get_metric(sess, SESSION_METRIC_C2S_BYTES) == 0);
EXPECT_TRUE(session_get_metric(sess, SESSION_METRIC_S2C_BYTES) == 74 + 66);
EXPECT_TRUE(session_get_metric(sess, SESSION_METRIC_C2S_PACKETS) == 0);
EXPECT_TRUE(session_get_metric(sess, SESSION_METRIC_S2C_PACKETS) == 1 + 1);
EXPECT_TRUE(session_get_timestamp(sess, SESSION_TIMESTAMP_NEW) == 1);
EXPECT_TRUE(session_get_timestamp(sess, SESSION_TIMESTAMP_LAST) == 2);
EXPECT_TRUE(session_get_packet(sess, SESSION_PACKET_CURRENT) == &pkt);
EXPECT_TRUE(session_get_cur_dir(sess) == SESSION_DIR_S2C);
EXPECT_TRUE(session_get0_c2s_1st_pkt(sess) == NULL);
EXPECT_TRUE(session_get0_s2c_1st_pkt(sess) != NULL);
EXPECT_TRUE(session_get0_1st_pkt(sess) == session_get0_s2c_1st_pkt(sess));
EXPECT_TRUE(session_get_packet(sess, SESSION_PACKET_C2S_1ST) == NULL);
EXPECT_TRUE(session_get_packet(sess, SESSION_PACKET_S2C_1ST) != NULL);
session_dump(sess);
// check stat

264
src/session/test/gtest_state_tcp_init_to_opening_to_active_to_closing_to_closed.cpp
View File

@@ -71,23 +71,23 @@ TEST(TCP_INIT_TO_OPENING_TO_ACTIVE_TO_CLOSING_TO_CLOSED, TEST)
EXPECT_TRUE(session_get_id(sess) != 0);
memset(buffer, 0, sizeof(buffer));
tuple6_to_str(session_get0_key(sess), buffer, sizeof(buffer));
tuple6_to_str(session_get_tuple(sess), buffer, sizeof(buffer));
EXPECT_STREQ(buffer, "192.168.38.105:60111 -> 93.184.216.34:80, proto: 6, domain: 0");
EXPECT_TRUE(session_get_key_dir(sess) == SESSION_DIR_C2S);
EXPECT_TRUE(session_get_tuple_dir(sess) == SESSION_DIR_C2S);
EXPECT_TRUE(session_get_state(sess) == SESSION_STATE_OPENING);
EXPECT_TRUE(session_get_type(sess) == SESSION_TYPE_TCP);
EXPECT_TRUE(session_get_dup_traffic_flag(sess) == DUP_TRAFFIC_NO);
EXPECT_TRUE(session_has_dup_traffic(sess) == 0);
EXPECT_TRUE(session_get_closing_reason(sess) == 0);
EXPECT_TRUE(session_get_c2s_bytes(sess) == 78);
EXPECT_TRUE(session_get_s2c_bytes(sess) == 0);
EXPECT_TRUE(session_get_c2s_packets(sess) == 1);
EXPECT_TRUE(session_get_s2c_packets(sess) == 0);
EXPECT_TRUE(session_get_new_time(sess) == 1);
EXPECT_TRUE(session_get_last_time(sess) == 1);
EXPECT_TRUE(session_get0_cur_pkt(sess) == &pkt);
EXPECT_TRUE(session_get_metric(sess, SESSION_METRIC_C2S_BYTES) == 78);
EXPECT_TRUE(session_get_metric(sess, SESSION_METRIC_S2C_BYTES) == 0);
EXPECT_TRUE(session_get_metric(sess, SESSION_METRIC_C2S_PACKETS) == 1);
EXPECT_TRUE(session_get_metric(sess, SESSION_METRIC_S2C_PACKETS) == 0);
EXPECT_TRUE(session_get_timestamp(sess, SESSION_TIMESTAMP_NEW) == 1);
EXPECT_TRUE(session_get_timestamp(sess, SESSION_TIMESTAMP_LAST) == 1);
EXPECT_TRUE(session_get_packet(sess, SESSION_PACKET_CURRENT) == &pkt);
EXPECT_TRUE(session_get_cur_dir(sess) == SESSION_DIR_C2S);
EXPECT_TRUE(session_get0_c2s_1st_pkt(sess) != NULL);
EXPECT_TRUE(session_get0_s2c_1st_pkt(sess) == NULL);
EXPECT_TRUE(session_get_packet(sess, SESSION_PACKET_C2S_1ST) != NULL);
EXPECT_TRUE(session_get_packet(sess, SESSION_PACKET_S2C_1ST) == NULL);
// S2C SYNACK Packet
printf("\n=> Packet Parse: TCP S2C SYNACK packet\n");
@@ -102,23 +102,23 @@ TEST(TCP_INIT_TO_OPENING_TO_ACTIVE_TO_CLOSING_TO_CLOSED, TEST)
EXPECT_TRUE(session_get_id(sess) != 0);
memset(buffer, 0, sizeof(buffer));
tuple6_to_str(session_get0_key(sess), buffer, sizeof(buffer));
tuple6_to_str(session_get_tuple(sess), buffer, sizeof(buffer));
EXPECT_STREQ(buffer, "192.168.38.105:60111 -> 93.184.216.34:80, proto: 6, domain: 0");
EXPECT_TRUE(session_get_key_dir(sess) == SESSION_DIR_C2S);
EXPECT_TRUE(session_get_tuple_dir(sess) == SESSION_DIR_C2S);
EXPECT_TRUE(session_get_state(sess) == SESSION_STATE_OPENING);
EXPECT_TRUE(session_get_type(sess) == SESSION_TYPE_TCP);
EXPECT_TRUE(session_get_dup_traffic_flag(sess) == DUP_TRAFFIC_NO);
EXPECT_TRUE(session_has_dup_traffic(sess) == 0);
EXPECT_TRUE(session_get_closing_reason(sess) == 0);
EXPECT_TRUE(session_get_c2s_bytes(sess) == 78);
EXPECT_TRUE(session_get_s2c_bytes(sess) == 74);
EXPECT_TRUE(session_get_c2s_packets(sess) == 1);
EXPECT_TRUE(session_get_s2c_packets(sess) == 1);
EXPECT_TRUE(session_get_new_time(sess) == 1);
EXPECT_TRUE(session_get_last_time(sess) == 2);
EXPECT_TRUE(session_get0_cur_pkt(sess) == &pkt);
EXPECT_TRUE(session_get_metric(sess, SESSION_METRIC_C2S_BYTES) == 78);
EXPECT_TRUE(session_get_metric(sess, SESSION_METRIC_S2C_BYTES) == 74);
EXPECT_TRUE(session_get_metric(sess, SESSION_METRIC_C2S_PACKETS) == 1);
EXPECT_TRUE(session_get_metric(sess, SESSION_METRIC_S2C_PACKETS) == 1);
EXPECT_TRUE(session_get_timestamp(sess, SESSION_TIMESTAMP_NEW) == 1);
EXPECT_TRUE(session_get_timestamp(sess, SESSION_TIMESTAMP_LAST) == 2);
EXPECT_TRUE(session_get_packet(sess, SESSION_PACKET_CURRENT) == &pkt);
EXPECT_TRUE(session_get_cur_dir(sess) == SESSION_DIR_S2C);
EXPECT_TRUE(session_get0_c2s_1st_pkt(sess) != NULL);
EXPECT_TRUE(session_get0_s2c_1st_pkt(sess) != NULL);
EXPECT_TRUE(session_get_packet(sess, SESSION_PACKET_C2S_1ST) != NULL);
EXPECT_TRUE(session_get_packet(sess, SESSION_PACKET_S2C_1ST) != NULL);
// C2S ACK Packet
printf("\n=> Packet Parse: TCP C2S ACK packet\n");
@@ -133,23 +133,23 @@ TEST(TCP_INIT_TO_OPENING_TO_ACTIVE_TO_CLOSING_TO_CLOSED, TEST)
EXPECT_TRUE(session_get_id(sess) != 0);
memset(buffer, 0, sizeof(buffer));
tuple6_to_str(session_get0_key(sess), buffer, sizeof(buffer));
tuple6_to_str(session_get_tuple(sess), buffer, sizeof(buffer));
EXPECT_STREQ(buffer, "192.168.38.105:60111 -> 93.184.216.34:80, proto: 6, domain: 0");
EXPECT_TRUE(session_get_key_dir(sess) == SESSION_DIR_C2S);
EXPECT_TRUE(session_get_tuple_dir(sess) == SESSION_DIR_C2S);
EXPECT_TRUE(session_get_state(sess) == SESSION_STATE_OPENING);
EXPECT_TRUE(session_get_type(sess) == SESSION_TYPE_TCP);
EXPECT_TRUE(session_get_dup_traffic_flag(sess) == DUP_TRAFFIC_NO);
EXPECT_TRUE(session_has_dup_traffic(sess) == 0);
EXPECT_TRUE(session_get_closing_reason(sess) == 0);
EXPECT_TRUE(session_get_c2s_bytes(sess) == 78 + 66);
EXPECT_TRUE(session_get_s2c_bytes(sess) == 74);
EXPECT_TRUE(session_get_c2s_packets(sess) == 1 + 1);
EXPECT_TRUE(session_get_s2c_packets(sess) == 1);
EXPECT_TRUE(session_get_new_time(sess) == 1);
EXPECT_TRUE(session_get_last_time(sess) == 3);
EXPECT_TRUE(session_get0_cur_pkt(sess) == &pkt);
EXPECT_TRUE(session_get_metric(sess, SESSION_METRIC_C2S_BYTES) == 78 + 66);
EXPECT_TRUE(session_get_metric(sess, SESSION_METRIC_S2C_BYTES) == 74);
EXPECT_TRUE(session_get_metric(sess, SESSION_METRIC_C2S_PACKETS) == 1 + 1);
EXPECT_TRUE(session_get_metric(sess, SESSION_METRIC_S2C_PACKETS) == 1);
EXPECT_TRUE(session_get_timestamp(sess, SESSION_TIMESTAMP_NEW) == 1);
EXPECT_TRUE(session_get_timestamp(sess, SESSION_TIMESTAMP_LAST) == 3);
EXPECT_TRUE(session_get_packet(sess, SESSION_PACKET_CURRENT) == &pkt);
EXPECT_TRUE(session_get_cur_dir(sess) == SESSION_DIR_C2S);
EXPECT_TRUE(session_get0_c2s_1st_pkt(sess) != NULL);
EXPECT_TRUE(session_get0_s2c_1st_pkt(sess) != NULL);
EXPECT_TRUE(session_get_packet(sess, SESSION_PACKET_C2S_1ST) != NULL);
EXPECT_TRUE(session_get_packet(sess, SESSION_PACKET_S2C_1ST) != NULL);
// C2S REQ Packet
printf("\n=> Packet Parse: TCP C2S REQ packet\n");
@@ -164,23 +164,23 @@ TEST(TCP_INIT_TO_OPENING_TO_ACTIVE_TO_CLOSING_TO_CLOSED, TEST)
EXPECT_TRUE(session_get_id(sess) != 0);
memset(buffer, 0, sizeof(buffer));
tuple6_to_str(session_get0_key(sess), buffer, sizeof(buffer));
tuple6_to_str(session_get_tuple(sess), buffer, sizeof(buffer));
EXPECT_STREQ(buffer, "192.168.38.105:60111 -> 93.184.216.34:80, proto: 6, domain: 0");
EXPECT_TRUE(session_get_key_dir(sess) == SESSION_DIR_C2S);
EXPECT_TRUE(session_get_tuple_dir(sess) == SESSION_DIR_C2S);
EXPECT_TRUE(session_get_state(sess) == SESSION_STATE_ACTIVE);
EXPECT_TRUE(session_get_type(sess) == SESSION_TYPE_TCP);
EXPECT_TRUE(session_get_dup_traffic_flag(sess) == DUP_TRAFFIC_NO);
EXPECT_TRUE(session_has_dup_traffic(sess) == 0);
EXPECT_TRUE(session_get_closing_reason(sess) == 0);
EXPECT_TRUE(session_get_c2s_bytes(sess) == 78 + 66 + 145);
EXPECT_TRUE(session_get_s2c_bytes(sess) == 74);
EXPECT_TRUE(session_get_c2s_packets(sess) == 1 + 1 + 1);
EXPECT_TRUE(session_get_s2c_packets(sess) == 1);
EXPECT_TRUE(session_get_new_time(sess) == 1);
EXPECT_TRUE(session_get_last_time(sess) == 4);
EXPECT_TRUE(session_get0_cur_pkt(sess) == &pkt);
EXPECT_TRUE(session_get_metric(sess, SESSION_METRIC_C2S_BYTES) == 78 + 66 + 145);
EXPECT_TRUE(session_get_metric(sess, SESSION_METRIC_S2C_BYTES) == 74);
EXPECT_TRUE(session_get_metric(sess, SESSION_METRIC_C2S_PACKETS) == 1 + 1 + 1);
EXPECT_TRUE(session_get_metric(sess, SESSION_METRIC_S2C_PACKETS) == 1);
EXPECT_TRUE(session_get_timestamp(sess, SESSION_TIMESTAMP_NEW) == 1);
EXPECT_TRUE(session_get_timestamp(sess, SESSION_TIMESTAMP_LAST) == 4);
EXPECT_TRUE(session_get_packet(sess, SESSION_PACKET_CURRENT) == &pkt);
EXPECT_TRUE(session_get_cur_dir(sess) == SESSION_DIR_C2S);
EXPECT_TRUE(session_get0_c2s_1st_pkt(sess) != NULL);
EXPECT_TRUE(session_get0_s2c_1st_pkt(sess) != NULL);
EXPECT_TRUE(session_get_packet(sess, SESSION_PACKET_C2S_1ST) != NULL);
EXPECT_TRUE(session_get_packet(sess, SESSION_PACKET_S2C_1ST) != NULL);
// S2C ACK Packet
printf("\n=> Packet Parse: TCP S2C ACK packet\n");
@@ -195,23 +195,23 @@ TEST(TCP_INIT_TO_OPENING_TO_ACTIVE_TO_CLOSING_TO_CLOSED, TEST)
EXPECT_TRUE(session_get_id(sess) != 0);
memset(buffer, 0, sizeof(buffer));
tuple6_to_str(session_get0_key(sess), buffer, sizeof(buffer));
tuple6_to_str(session_get_tuple(sess), buffer, sizeof(buffer));
EXPECT_STREQ(buffer, "192.168.38.105:60111 -> 93.184.216.34:80, proto: 6, domain: 0");
EXPECT_TRUE(session_get_key_dir(sess) == SESSION_DIR_C2S);
EXPECT_TRUE(session_get_tuple_dir(sess) == SESSION_DIR_C2S);
EXPECT_TRUE(session_get_state(sess) == SESSION_STATE_ACTIVE);
EXPECT_TRUE(session_get_type(sess) == SESSION_TYPE_TCP);
EXPECT_TRUE(session_get_dup_traffic_flag(sess) == DUP_TRAFFIC_NO);
EXPECT_TRUE(session_has_dup_traffic(sess) == 0);
EXPECT_TRUE(session_get_closing_reason(sess) == 0);
EXPECT_TRUE(session_get_c2s_bytes(sess) == 78 + 66 + 145);
EXPECT_TRUE(session_get_s2c_bytes(sess) == 74 + 66);
EXPECT_TRUE(session_get_c2s_packets(sess) == 1 + 1 + 1);
EXPECT_TRUE(session_get_s2c_packets(sess) == 1 + 1);
EXPECT_TRUE(session_get_new_time(sess) == 1);
EXPECT_TRUE(session_get_last_time(sess) == 5);
EXPECT_TRUE(session_get0_cur_pkt(sess) == &pkt);
EXPECT_TRUE(session_get_metric(sess, SESSION_METRIC_C2S_BYTES) == 78 + 66 + 145);
EXPECT_TRUE(session_get_metric(sess, SESSION_METRIC_S2C_BYTES) == 74 + 66);
EXPECT_TRUE(session_get_metric(sess, SESSION_METRIC_C2S_PACKETS) == 1 + 1 + 1);
EXPECT_TRUE(session_get_metric(sess, SESSION_METRIC_S2C_PACKETS) == 1 + 1);
EXPECT_TRUE(session_get_timestamp(sess, SESSION_TIMESTAMP_NEW) == 1);
EXPECT_TRUE(session_get_timestamp(sess, SESSION_TIMESTAMP_LAST) == 5);
EXPECT_TRUE(session_get_packet(sess, SESSION_PACKET_CURRENT) == &pkt);
EXPECT_TRUE(session_get_cur_dir(sess) == SESSION_DIR_S2C);
EXPECT_TRUE(session_get0_c2s_1st_pkt(sess) != NULL);
EXPECT_TRUE(session_get0_s2c_1st_pkt(sess) != NULL);
EXPECT_TRUE(session_get_packet(sess, SESSION_PACKET_C2S_1ST) != NULL);
EXPECT_TRUE(session_get_packet(sess, SESSION_PACKET_S2C_1ST) != NULL);
// S2C HTTP Resp Packet1
printf("\n=> Packet Parse: TCP S2C Resp packet1\n");
@@ -226,23 +226,23 @@ TEST(TCP_INIT_TO_OPENING_TO_ACTIVE_TO_CLOSING_TO_CLOSED, TEST)
EXPECT_TRUE(session_get_id(sess) != 0);
memset(buffer, 0, sizeof(buffer));
tuple6_to_str(session_get0_key(sess), buffer, sizeof(buffer));
tuple6_to_str(session_get_tuple(sess), buffer, sizeof(buffer));
EXPECT_STREQ(buffer, "192.168.38.105:60111 -> 93.184.216.34:80, proto: 6, domain: 0");
EXPECT_TRUE(session_get_key_dir(sess) == SESSION_DIR_C2S);
EXPECT_TRUE(session_get_tuple_dir(sess) == SESSION_DIR_C2S);
EXPECT_TRUE(session_get_state(sess) == SESSION_STATE_ACTIVE);
EXPECT_TRUE(session_get_type(sess) == SESSION_TYPE_TCP);
EXPECT_TRUE(session_get_dup_traffic_flag(sess) == DUP_TRAFFIC_NO);
EXPECT_TRUE(session_has_dup_traffic(sess) == 0);
EXPECT_TRUE(session_get_closing_reason(sess) == 0);
EXPECT_TRUE(session_get_c2s_bytes(sess) == 78 + 66 + 145);
EXPECT_TRUE(session_get_s2c_bytes(sess) == 74 + 66 + 1354);
EXPECT_TRUE(session_get_c2s_packets(sess) == 1 + 1 + 1);
EXPECT_TRUE(session_get_s2c_packets(sess) == 1 + 1 + 1);
EXPECT_TRUE(session_get_new_time(sess) == 1);
EXPECT_TRUE(session_get_last_time(sess) == 6);
EXPECT_TRUE(session_get0_cur_pkt(sess) == &pkt);
EXPECT_TRUE(session_get_metric(sess, SESSION_METRIC_C2S_BYTES) == 78 + 66 + 145);
EXPECT_TRUE(session_get_metric(sess, SESSION_METRIC_S2C_BYTES) == 74 + 66 + 1354);
EXPECT_TRUE(session_get_metric(sess, SESSION_METRIC_C2S_PACKETS) == 1 + 1 + 1);
EXPECT_TRUE(session_get_metric(sess, SESSION_METRIC_S2C_PACKETS) == 1 + 1 + 1);
EXPECT_TRUE(session_get_timestamp(sess, SESSION_TIMESTAMP_NEW) == 1);
EXPECT_TRUE(session_get_timestamp(sess, SESSION_TIMESTAMP_LAST) == 6);
EXPECT_TRUE(session_get_packet(sess, SESSION_PACKET_CURRENT) == &pkt);
EXPECT_TRUE(session_get_cur_dir(sess) == SESSION_DIR_S2C);
EXPECT_TRUE(session_get0_c2s_1st_pkt(sess) != NULL);
EXPECT_TRUE(session_get0_s2c_1st_pkt(sess) != NULL);
EXPECT_TRUE(session_get_packet(sess, SESSION_PACKET_C2S_1ST) != NULL);
EXPECT_TRUE(session_get_packet(sess, SESSION_PACKET_S2C_1ST) != NULL);
// S2C HTTP Resp Packet2
printf("\n=> Packet Parse: TCP S2C Resp packet2\n");
@@ -257,23 +257,23 @@ TEST(TCP_INIT_TO_OPENING_TO_ACTIVE_TO_CLOSING_TO_CLOSED, TEST)
EXPECT_TRUE(session_get_id(sess) != 0);
memset(buffer, 0, sizeof(buffer));
tuple6_to_str(session_get0_key(sess), buffer, sizeof(buffer));
tuple6_to_str(session_get_tuple(sess), buffer, sizeof(buffer));
EXPECT_STREQ(buffer, "192.168.38.105:60111 -> 93.184.216.34:80, proto: 6, domain: 0");
EXPECT_TRUE(session_get_key_dir(sess) == SESSION_DIR_C2S);
EXPECT_TRUE(session_get_tuple_dir(sess) == SESSION_DIR_C2S);
EXPECT_TRUE(session_get_state(sess) == SESSION_STATE_ACTIVE);
EXPECT_TRUE(session_get_type(sess) == SESSION_TYPE_TCP);
EXPECT_TRUE(session_get_dup_traffic_flag(sess) == DUP_TRAFFIC_NO);
EXPECT_TRUE(session_has_dup_traffic(sess) == 0);
EXPECT_TRUE(session_get_closing_reason(sess) == 0);
EXPECT_TRUE(session_get_c2s_bytes(sess) == 78 + 66 + 145);
EXPECT_TRUE(session_get_s2c_bytes(sess) == 74 + 66 + 1354 + 385);
EXPECT_TRUE(session_get_c2s_packets(sess) == 1 + 1 + 1);
EXPECT_TRUE(session_get_s2c_packets(sess) == 1 + 1 + 1 + 1);
EXPECT_TRUE(session_get_new_time(sess) == 1);
EXPECT_TRUE(session_get_last_time(sess) == 7);
EXPECT_TRUE(session_get0_cur_pkt(sess) == &pkt);
EXPECT_TRUE(session_get_metric(sess, SESSION_METRIC_C2S_BYTES) == 78 + 66 + 145);
EXPECT_TRUE(session_get_metric(sess, SESSION_METRIC_S2C_BYTES) == 74 + 66 + 1354 + 385);
EXPECT_TRUE(session_get_metric(sess, SESSION_METRIC_C2S_PACKETS) == 1 + 1 + 1);
EXPECT_TRUE(session_get_metric(sess, SESSION_METRIC_S2C_PACKETS) == 1 + 1 + 1 + 1);
EXPECT_TRUE(session_get_timestamp(sess, SESSION_TIMESTAMP_NEW) == 1);
EXPECT_TRUE(session_get_timestamp(sess, SESSION_TIMESTAMP_LAST) == 7);
EXPECT_TRUE(session_get_packet(sess, SESSION_PACKET_CURRENT) == &pkt);
EXPECT_TRUE(session_get_cur_dir(sess) == SESSION_DIR_S2C);
EXPECT_TRUE(session_get0_c2s_1st_pkt(sess) != NULL);
EXPECT_TRUE(session_get0_s2c_1st_pkt(sess) != NULL);
EXPECT_TRUE(session_get_packet(sess, SESSION_PACKET_C2S_1ST) != NULL);
EXPECT_TRUE(session_get_packet(sess, SESSION_PACKET_S2C_1ST) != NULL);
// C2S ACK Packet
printf("\n=> Packet Parse: TCP C2S ACK packet\n");
@@ -288,23 +288,23 @@ TEST(TCP_INIT_TO_OPENING_TO_ACTIVE_TO_CLOSING_TO_CLOSED, TEST)
EXPECT_TRUE(session_get_id(sess) != 0);
memset(buffer, 0, sizeof(buffer));
tuple6_to_str(session_get0_key(sess), buffer, sizeof(buffer));
tuple6_to_str(session_get_tuple(sess), buffer, sizeof(buffer));
EXPECT_STREQ(buffer, "192.168.38.105:60111 -> 93.184.216.34:80, proto: 6, domain: 0");
EXPECT_TRUE(session_get_key_dir(sess) == SESSION_DIR_C2S);
EXPECT_TRUE(session_get_tuple_dir(sess) == SESSION_DIR_C2S);
EXPECT_TRUE(session_get_state(sess) == SESSION_STATE_ACTIVE);
EXPECT_TRUE(session_get_type(sess) == SESSION_TYPE_TCP);
EXPECT_TRUE(session_get_dup_traffic_flag(sess) == DUP_TRAFFIC_NO);
EXPECT_TRUE(session_has_dup_traffic(sess) == 0);
EXPECT_TRUE(session_get_closing_reason(sess) == 0);
EXPECT_TRUE(session_get_c2s_bytes(sess) == 78 + 66 + 145 + 66);
EXPECT_TRUE(session_get_s2c_bytes(sess) == 74 + 66 + 1354 + 385);
EXPECT_TRUE(session_get_c2s_packets(sess) == 1 + 1 + 1 + 1);
EXPECT_TRUE(session_get_s2c_packets(sess) == 1 + 1 + 1 + 1);
EXPECT_TRUE(session_get_new_time(sess) == 1);
EXPECT_TRUE(session_get_last_time(sess) == 8);
EXPECT_TRUE(session_get0_cur_pkt(sess) == &pkt);
EXPECT_TRUE(session_get_metric(sess, SESSION_METRIC_C2S_BYTES) == 78 + 66 + 145 + 66);
EXPECT_TRUE(session_get_metric(sess, SESSION_METRIC_S2C_BYTES) == 74 + 66 + 1354 + 385);
EXPECT_TRUE(session_get_metric(sess, SESSION_METRIC_C2S_PACKETS) == 1 + 1 + 1 + 1);
EXPECT_TRUE(session_get_metric(sess, SESSION_METRIC_S2C_PACKETS) == 1 + 1 + 1 + 1);
EXPECT_TRUE(session_get_timestamp(sess, SESSION_TIMESTAMP_NEW) == 1);
EXPECT_TRUE(session_get_timestamp(sess, SESSION_TIMESTAMP_LAST) == 8);
EXPECT_TRUE(session_get_packet(sess, SESSION_PACKET_CURRENT) == &pkt);
EXPECT_TRUE(session_get_cur_dir(sess) == SESSION_DIR_C2S);
EXPECT_TRUE(session_get0_c2s_1st_pkt(sess) != NULL);
EXPECT_TRUE(session_get0_s2c_1st_pkt(sess) != NULL);
EXPECT_TRUE(session_get_packet(sess, SESSION_PACKET_C2S_1ST) != NULL);
EXPECT_TRUE(session_get_packet(sess, SESSION_PACKET_S2C_1ST) != NULL);
// C2S FIN Packet
printf("\n=> Packet Parse: TCP C2S FIN packet\n");
@@ -319,23 +319,23 @@ TEST(TCP_INIT_TO_OPENING_TO_ACTIVE_TO_CLOSING_TO_CLOSED, TEST)
EXPECT_TRUE(session_get_id(sess) != 0);
memset(buffer, 0, sizeof(buffer));
tuple6_to_str(session_get0_key(sess), buffer, sizeof(buffer));
tuple6_to_str(session_get_tuple(sess), buffer, sizeof(buffer));
EXPECT_STREQ(buffer, "192.168.38.105:60111 -> 93.184.216.34:80, proto: 6, domain: 0");
EXPECT_TRUE(session_get_key_dir(sess) == SESSION_DIR_C2S);
EXPECT_TRUE(session_get_tuple_dir(sess) == SESSION_DIR_C2S);
EXPECT_TRUE(session_get_state(sess) == SESSION_STATE_CLOSING);
EXPECT_TRUE(session_get_type(sess) == SESSION_TYPE_TCP);
EXPECT_TRUE(session_get_dup_traffic_flag(sess) == DUP_TRAFFIC_NO);
EXPECT_TRUE(session_has_dup_traffic(sess) == 0);
EXPECT_TRUE(session_get_closing_reason(sess) == CLOSING_BY_CLIENT_FIN);
EXPECT_TRUE(session_get_c2s_bytes(sess) == 78 + 66 + 145 + 66 + 66);
EXPECT_TRUE(session_get_s2c_bytes(sess) == 74 + 66 + 1354 + 385);
EXPECT_TRUE(session_get_c2s_packets(sess) == 1 + 1 + 1 + 1 + 1);
EXPECT_TRUE(session_get_s2c_packets(sess) == 1 + 1 + 1 + 1);
EXPECT_TRUE(session_get_new_time(sess) == 1);
EXPECT_TRUE(session_get_last_time(sess) == 9);
EXPECT_TRUE(session_get0_cur_pkt(sess) == &pkt);
EXPECT_TRUE(session_get_metric(sess, SESSION_METRIC_C2S_BYTES) == 78 + 66 + 145 + 66 + 66);
EXPECT_TRUE(session_get_metric(sess, SESSION_METRIC_S2C_BYTES) == 74 + 66 + 1354 + 385);
EXPECT_TRUE(session_get_metric(sess, SESSION_METRIC_C2S_PACKETS) == 1 + 1 + 1 + 1 + 1);
EXPECT_TRUE(session_get_metric(sess, SESSION_METRIC_S2C_PACKETS) == 1 + 1 + 1 + 1);
EXPECT_TRUE(session_get_timestamp(sess, SESSION_TIMESTAMP_NEW) == 1);
EXPECT_TRUE(session_get_timestamp(sess, SESSION_TIMESTAMP_LAST) == 9);
EXPECT_TRUE(session_get_packet(sess, SESSION_PACKET_CURRENT) == &pkt);
EXPECT_TRUE(session_get_cur_dir(sess) == SESSION_DIR_C2S);
EXPECT_TRUE(session_get0_c2s_1st_pkt(sess) != NULL);
EXPECT_TRUE(session_get0_s2c_1st_pkt(sess) != NULL);
EXPECT_TRUE(session_get_packet(sess, SESSION_PACKET_C2S_1ST) != NULL);
EXPECT_TRUE(session_get_packet(sess, SESSION_PACKET_S2C_1ST) != NULL);
// S2C FIN Packet
printf("\n=> Packet Parse: TCP S2C FIN packet\n");
@@ -350,23 +350,23 @@ TEST(TCP_INIT_TO_OPENING_TO_ACTIVE_TO_CLOSING_TO_CLOSED, TEST)
EXPECT_TRUE(session_get_id(sess) != 0);
memset(buffer, 0, sizeof(buffer));
tuple6_to_str(session_get0_key(sess), buffer, sizeof(buffer));
tuple6_to_str(session_get_tuple(sess), buffer, sizeof(buffer));
EXPECT_STREQ(buffer, "192.168.38.105:60111 -> 93.184.216.34:80, proto: 6, domain: 0");
EXPECT_TRUE(session_get_key_dir(sess) == SESSION_DIR_C2S);
EXPECT_TRUE(session_get_tuple_dir(sess) == SESSION_DIR_C2S);
EXPECT_TRUE(session_get_state(sess) == SESSION_STATE_CLOSING);
EXPECT_TRUE(session_get_type(sess) == SESSION_TYPE_TCP);
EXPECT_TRUE(session_get_dup_traffic_flag(sess) == DUP_TRAFFIC_NO);
EXPECT_TRUE(session_has_dup_traffic(sess) == 0);
EXPECT_TRUE(session_get_closing_reason(sess) == CLOSING_BY_CLIENT_FIN);
EXPECT_TRUE(session_get_c2s_bytes(sess) == 78 + 66 + 145 + 66 + 66);
EXPECT_TRUE(session_get_s2c_bytes(sess) == 74 + 66 + 1354 + 385 + 66);
EXPECT_TRUE(session_get_c2s_packets(sess) == 1 + 1 + 1 + 1 + 1);
EXPECT_TRUE(session_get_s2c_packets(sess) == 1 + 1 + 1 + 1 + 1);
EXPECT_TRUE(session_get_new_time(sess) == 1);
EXPECT_TRUE(session_get_last_time(sess) == 10);
EXPECT_TRUE(session_get0_cur_pkt(sess) == &pkt);
EXPECT_TRUE(session_get_metric(sess, SESSION_METRIC_C2S_BYTES) == 78 + 66 + 145 + 66 + 66);
EXPECT_TRUE(session_get_metric(sess, SESSION_METRIC_S2C_BYTES) == 74 + 66 + 1354 + 385 + 66);
EXPECT_TRUE(session_get_metric(sess, SESSION_METRIC_C2S_PACKETS) == 1 + 1 + 1 + 1 + 1);
EXPECT_TRUE(session_get_metric(sess, SESSION_METRIC_S2C_PACKETS) == 1 + 1 + 1 + 1 + 1);
EXPECT_TRUE(session_get_timestamp(sess, SESSION_TIMESTAMP_NEW) == 1);
EXPECT_TRUE(session_get_timestamp(sess, SESSION_TIMESTAMP_LAST) == 10);
EXPECT_TRUE(session_get_packet(sess, SESSION_PACKET_CURRENT) == &pkt);
EXPECT_TRUE(session_get_cur_dir(sess) == SESSION_DIR_S2C);
EXPECT_TRUE(session_get0_c2s_1st_pkt(sess) != NULL);
EXPECT_TRUE(session_get0_s2c_1st_pkt(sess) != NULL);
EXPECT_TRUE(session_get_packet(sess, SESSION_PACKET_C2S_1ST) != NULL);
EXPECT_TRUE(session_get_packet(sess, SESSION_PACKET_S2C_1ST) != NULL);
// C2S ACK Packet
printf("\n=> Packet Parse: TCP C2S ACK packet\n");
@@ -381,23 +381,23 @@ TEST(TCP_INIT_TO_OPENING_TO_ACTIVE_TO_CLOSING_TO_CLOSED, TEST)
EXPECT_TRUE(session_get_id(sess) != 0);
memset(buffer, 0, sizeof(buffer));
tuple6_to_str(session_get0_key(sess), buffer, sizeof(buffer));
tuple6_to_str(session_get_tuple(sess), buffer, sizeof(buffer));
EXPECT_STREQ(buffer, "192.168.38.105:60111 -> 93.184.216.34:80, proto: 6, domain: 0");
EXPECT_TRUE(session_get_key_dir(sess) == SESSION_DIR_C2S);
EXPECT_TRUE(session_get_tuple_dir(sess) == SESSION_DIR_C2S);
EXPECT_TRUE(session_get_state(sess) == SESSION_STATE_CLOSING);
EXPECT_TRUE(session_get_type(sess) == SESSION_TYPE_TCP);
EXPECT_TRUE(session_get_dup_traffic_flag(sess) == DUP_TRAFFIC_NO);
EXPECT_TRUE(session_has_dup_traffic(sess) == 0);
EXPECT_TRUE(session_get_closing_reason(sess) == CLOSING_BY_CLIENT_FIN);
EXPECT_TRUE(session_get_c2s_bytes(sess) == 78 + 66 + 145 + 66 + 66 + 66);
EXPECT_TRUE(session_get_s2c_bytes(sess) == 74 + 66 + 1354 + 385 + 66);
EXPECT_TRUE(session_get_c2s_packets(sess) == 1 + 1 + 1 + 1 + 1 + 1);
EXPECT_TRUE(session_get_s2c_packets(sess) == 1 + 1 + 1 + 1 + 1);
EXPECT_TRUE(session_get_new_time(sess) == 1);
EXPECT_TRUE(session_get_last_time(sess) == 11);
EXPECT_TRUE(session_get0_cur_pkt(sess) == &pkt);
EXPECT_TRUE(session_get_metric(sess, SESSION_METRIC_C2S_BYTES) == 78 + 66 + 145 + 66 + 66 + 66);
EXPECT_TRUE(session_get_metric(sess, SESSION_METRIC_S2C_BYTES) == 74 + 66 + 1354 + 385 + 66);
EXPECT_TRUE(session_get_metric(sess, SESSION_METRIC_C2S_PACKETS) == 1 + 1 + 1 + 1 + 1 + 1);
EXPECT_TRUE(session_get_metric(sess, SESSION_METRIC_S2C_PACKETS) == 1 + 1 + 1 + 1 + 1);
EXPECT_TRUE(session_get_timestamp(sess, SESSION_TIMESTAMP_NEW) == 1);
EXPECT_TRUE(session_get_timestamp(sess, SESSION_TIMESTAMP_LAST) == 11);
EXPECT_TRUE(session_get_packet(sess, SESSION_PACKET_CURRENT) == &pkt);
EXPECT_TRUE(session_get_cur_dir(sess) == SESSION_DIR_C2S);
EXPECT_TRUE(session_get0_c2s_1st_pkt(sess) != NULL);
EXPECT_TRUE(session_get0_s2c_1st_pkt(sess) != NULL);
EXPECT_TRUE(session_get_packet(sess, SESSION_PACKET_C2S_1ST) != NULL);
EXPECT_TRUE(session_get_packet(sess, SESSION_PACKET_S2C_1ST) != NULL);
// check stat
session_manager_print_stat(mgr);

48
src/session/test/gtest_state_tcp_opening_to_active.cpp
View File

@@ -85,23 +85,23 @@ TEST(TCP_OPENING_TO_ACTIVE, BY_SYN_C2S_DATA)
EXPECT_TRUE(session_manager_update_session(mgr, sess, &pkt, 2) == 0);
EXPECT_TRUE(session_get_id(sess) != 0);
tuple6_to_str(session_get0_key(sess), buffer, sizeof(buffer));
tuple6_to_str(session_get_tuple(sess), buffer, sizeof(buffer));
EXPECT_STREQ(buffer, "192.168.38.105:60111 -> 93.184.216.34:80, proto: 6, domain: 0");
EXPECT_TRUE(session_get_key_dir(sess) == SESSION_DIR_C2S);
EXPECT_TRUE(session_get_tuple_dir(sess) == SESSION_DIR_C2S);
EXPECT_TRUE(session_get_state(sess) == SESSION_STATE_ACTIVE);
EXPECT_TRUE(session_get_type(sess) == SESSION_TYPE_TCP);
EXPECT_TRUE(session_get_dup_traffic_flag(sess) == DUP_TRAFFIC_NO);
EXPECT_TRUE(session_has_dup_traffic(sess) == 0);
EXPECT_TRUE(session_get_closing_reason(sess) == 0);
EXPECT_TRUE(session_get_c2s_bytes(sess) == 78 + 145);
EXPECT_TRUE(session_get_s2c_bytes(sess) == 0);
EXPECT_TRUE(session_get_c2s_packets(sess) == 1 + 1);
EXPECT_TRUE(session_get_s2c_packets(sess) == 0);
EXPECT_TRUE(session_get_new_time(sess) == 1);
EXPECT_TRUE(session_get_last_time(sess) == 2);
EXPECT_TRUE(session_get0_cur_pkt(sess) == &pkt);
EXPECT_TRUE(session_get_metric(sess, SESSION_METRIC_C2S_BYTES) == 78 + 145);
EXPECT_TRUE(session_get_metric(sess, SESSION_METRIC_S2C_BYTES) == 0);
EXPECT_TRUE(session_get_metric(sess, SESSION_METRIC_C2S_PACKETS) == 1 + 1);
EXPECT_TRUE(session_get_metric(sess, SESSION_METRIC_S2C_PACKETS) == 0);
EXPECT_TRUE(session_get_timestamp(sess, SESSION_TIMESTAMP_NEW) == 1);
EXPECT_TRUE(session_get_timestamp(sess, SESSION_TIMESTAMP_LAST) == 2);
EXPECT_TRUE(session_get_packet(sess, SESSION_PACKET_CURRENT) == &pkt);
EXPECT_TRUE(session_get_cur_dir(sess) == SESSION_DIR_C2S);
EXPECT_TRUE(session_get0_c2s_1st_pkt(sess) != NULL);
EXPECT_TRUE(session_get0_s2c_1st_pkt(sess) == NULL);
EXPECT_TRUE(session_get_packet(sess, SESSION_PACKET_C2S_1ST) != NULL);
EXPECT_TRUE(session_get_packet(sess, SESSION_PACKET_S2C_1ST) == NULL);
session_dump(sess);
// check stat
@@ -175,23 +175,23 @@ TEST(TCP_OPENING_TO_ACTIVE, BY_SYNACK_S2C_DATA)
EXPECT_TRUE(session_manager_update_session(mgr, sess, &pkt, 2) == 0);
EXPECT_TRUE(session_get_id(sess) != 0);
tuple6_to_str(session_get0_key(sess), buffer, sizeof(buffer));
tuple6_to_str(session_get_tuple(sess), buffer, sizeof(buffer));
EXPECT_STREQ(buffer, "93.184.216.34:80 -> 192.168.38.105:60111, proto: 6, domain: 0");
EXPECT_TRUE(session_get_key_dir(sess) == SESSION_DIR_S2C);
EXPECT_TRUE(session_get_tuple_dir(sess) == SESSION_DIR_S2C);
EXPECT_TRUE(session_get_state(sess) == SESSION_STATE_ACTIVE);
EXPECT_TRUE(session_get_type(sess) == SESSION_TYPE_TCP);
EXPECT_TRUE(session_get_dup_traffic_flag(sess) == DUP_TRAFFIC_NO);
EXPECT_TRUE(session_has_dup_traffic(sess) == 0);
EXPECT_TRUE(session_get_closing_reason(sess) == 0);
EXPECT_TRUE(session_get_c2s_bytes(sess) == 0);
EXPECT_TRUE(session_get_s2c_bytes(sess) == 74 + 1354);
EXPECT_TRUE(session_get_c2s_packets(sess) == 0);
EXPECT_TRUE(session_get_s2c_packets(sess) == 1 + 1);
EXPECT_TRUE(session_get_new_time(sess) == 1);
EXPECT_TRUE(session_get_last_time(sess) == 2);
EXPECT_TRUE(session_get0_cur_pkt(sess) == &pkt);
EXPECT_TRUE(session_get_metric(sess, SESSION_METRIC_C2S_BYTES) == 0);
EXPECT_TRUE(session_get_metric(sess, SESSION_METRIC_S2C_BYTES) == 74 + 1354);
EXPECT_TRUE(session_get_metric(sess, SESSION_METRIC_C2S_PACKETS) == 0);
EXPECT_TRUE(session_get_metric(sess, SESSION_METRIC_S2C_PACKETS) == 1 + 1);
EXPECT_TRUE(session_get_timestamp(sess, SESSION_TIMESTAMP_NEW) == 1);
EXPECT_TRUE(session_get_timestamp(sess, SESSION_TIMESTAMP_LAST) == 2);
EXPECT_TRUE(session_get_packet(sess, SESSION_PACKET_CURRENT) == &pkt);
EXPECT_TRUE(session_get_cur_dir(sess) == SESSION_DIR_S2C);
EXPECT_TRUE(session_get0_c2s_1st_pkt(sess) == NULL);
EXPECT_TRUE(session_get0_s2c_1st_pkt(sess) != NULL);
EXPECT_TRUE(session_get_packet(sess, SESSION_PACKET_C2S_1ST) == NULL);
EXPECT_TRUE(session_get_packet(sess, SESSION_PACKET_S2C_1ST) != NULL);
session_dump(sess);
// check stat

172
src/session/test/gtest_state_tcp_opening_to_closing.cpp
View File

@@ -97,23 +97,23 @@ TEST(TCP_OPENING_TO_CLOSING, BY_FIN_FIN)
EXPECT_TRUE(session_manager_update_session(mgr, sess, &pkt, 3) == 0);
EXPECT_TRUE(session_get_id(sess) != 0);
tuple6_to_str(session_get0_key(sess), buffer, sizeof(buffer));
tuple6_to_str(session_get_tuple(sess), buffer, sizeof(buffer));
EXPECT_STREQ(buffer, "192.168.38.105:60111 -> 93.184.216.34:80, proto: 6, domain: 0");
EXPECT_TRUE(session_get_key_dir(sess) == SESSION_DIR_C2S);
EXPECT_TRUE(session_get_tuple_dir(sess) == SESSION_DIR_C2S);
EXPECT_TRUE(session_get_state(sess) == SESSION_STATE_CLOSING);
EXPECT_TRUE(session_get_type(sess) == SESSION_TYPE_TCP);
EXPECT_TRUE(session_get_dup_traffic_flag(sess) == DUP_TRAFFIC_NO);
EXPECT_TRUE(session_has_dup_traffic(sess) == 0);
EXPECT_TRUE(session_get_closing_reason(sess) == CLOSING_BY_CLIENT_FIN);
EXPECT_TRUE(session_get_c2s_bytes(sess) == 78 + 66);
EXPECT_TRUE(session_get_s2c_bytes(sess) == 66);
EXPECT_TRUE(session_get_c2s_packets(sess) == 1 + 1);
EXPECT_TRUE(session_get_s2c_packets(sess) == 1);
EXPECT_TRUE(session_get_new_time(sess) == 1);
EXPECT_TRUE(session_get_last_time(sess) == 3);
EXPECT_TRUE(session_get0_cur_pkt(sess) == &pkt);
EXPECT_TRUE(session_get_metric(sess, SESSION_METRIC_C2S_BYTES) == 78 + 66);
EXPECT_TRUE(session_get_metric(sess, SESSION_METRIC_S2C_BYTES) == 66);
EXPECT_TRUE(session_get_metric(sess, SESSION_METRIC_C2S_PACKETS) == 1 + 1);
EXPECT_TRUE(session_get_metric(sess, SESSION_METRIC_S2C_PACKETS) == 1);
EXPECT_TRUE(session_get_timestamp(sess, SESSION_TIMESTAMP_NEW) == 1);
EXPECT_TRUE(session_get_timestamp(sess, SESSION_TIMESTAMP_LAST) == 3);
EXPECT_TRUE(session_get_packet(sess, SESSION_PACKET_CURRENT) == &pkt);
EXPECT_TRUE(session_get_cur_dir(sess) == SESSION_DIR_S2C);
EXPECT_TRUE(session_get0_c2s_1st_pkt(sess) != NULL);
EXPECT_TRUE(session_get0_s2c_1st_pkt(sess) != NULL);
EXPECT_TRUE(session_get_packet(sess, SESSION_PACKET_C2S_1ST) != NULL);
EXPECT_TRUE(session_get_packet(sess, SESSION_PACKET_S2C_1ST) != NULL);
session_dump(sess);
// check stat
@@ -179,7 +179,7 @@ TEST(TCP_OPENING_TO_CLOSING, BY_C2S_RST)
char tcp_pkt_c2s_rst[1500] = {0};
memcpy(tcp_pkt_c2s_rst, tcp_pkt9_c2s_fin, sizeof(tcp_pkt9_c2s_fin));
packet_parse(&pkt, (const char *)tcp_pkt_c2s_rst, sizeof(tcp_pkt9_c2s_fin));
const struct layer *tcp_layer = packet_get_innermost_layer(&pkt, LAYER_TYPE_TCP);
const struct pkt_layer *tcp_layer = packet_get_innermost_layer(&pkt, LAYER_TYPE_TCP);
EXPECT_TRUE(tcp_layer);
struct tcphdr *hdr = (struct tcphdr *)tcp_layer->hdr_ptr;
tcp_hdr_set_flags(hdr, 0);
@@ -193,23 +193,23 @@ TEST(TCP_OPENING_TO_CLOSING, BY_C2S_RST)
EXPECT_TRUE(session_manager_update_session(mgr, sess, &pkt, 2) == 0);
EXPECT_TRUE(session_get_id(sess) != 0);
tuple6_to_str(session_get0_key(sess), buffer, sizeof(buffer));
tuple6_to_str(session_get_tuple(sess), buffer, sizeof(buffer));
EXPECT_STREQ(buffer, "192.168.38.105:60111 -> 93.184.216.34:80, proto: 6, domain: 0");
EXPECT_TRUE(session_get_key_dir(sess) == SESSION_DIR_C2S);
EXPECT_TRUE(session_get_tuple_dir(sess) == SESSION_DIR_C2S);
EXPECT_TRUE(session_get_state(sess) == SESSION_STATE_CLOSING);
EXPECT_TRUE(session_get_type(sess) == SESSION_TYPE_TCP);
EXPECT_TRUE(session_get_dup_traffic_flag(sess) == DUP_TRAFFIC_NO);
EXPECT_TRUE(session_has_dup_traffic(sess) == 0);
EXPECT_TRUE(session_get_closing_reason(sess) == CLOSING_BY_CLIENT_RST);
EXPECT_TRUE(session_get_c2s_bytes(sess) == 78 + 66);
EXPECT_TRUE(session_get_s2c_bytes(sess) == 0);
EXPECT_TRUE(session_get_c2s_packets(sess) == 1 + 1);
EXPECT_TRUE(session_get_s2c_packets(sess) == 0);
EXPECT_TRUE(session_get_new_time(sess) == 1);
EXPECT_TRUE(session_get_last_time(sess) == 2);
EXPECT_TRUE(session_get0_cur_pkt(sess) == &pkt);
EXPECT_TRUE(session_get_metric(sess, SESSION_METRIC_C2S_BYTES) == 78 + 66);
EXPECT_TRUE(session_get_metric(sess, SESSION_METRIC_S2C_BYTES) == 0);
EXPECT_TRUE(session_get_metric(sess, SESSION_METRIC_C2S_PACKETS) == 1 + 1);
EXPECT_TRUE(session_get_metric(sess, SESSION_METRIC_S2C_PACKETS) == 0);
EXPECT_TRUE(session_get_timestamp(sess, SESSION_TIMESTAMP_NEW) == 1);
EXPECT_TRUE(session_get_timestamp(sess, SESSION_TIMESTAMP_LAST) == 2);
EXPECT_TRUE(session_get_packet(sess, SESSION_PACKET_CURRENT) == &pkt);
EXPECT_TRUE(session_get_cur_dir(sess) == SESSION_DIR_C2S);
EXPECT_TRUE(session_get0_c2s_1st_pkt(sess) != NULL);
EXPECT_TRUE(session_get0_s2c_1st_pkt(sess) == NULL);
EXPECT_TRUE(session_get_packet(sess, SESSION_PACKET_C2S_1ST) != NULL);
EXPECT_TRUE(session_get_packet(sess, SESSION_PACKET_S2C_1ST) == NULL);
session_dump(sess);
// check stat
@@ -275,7 +275,7 @@ TEST(TCP_OPENING_TO_CLOSING, BY_S2C_RST)
char tcp_pkt_s2c_rst[1500] = {0};
memcpy(tcp_pkt_s2c_rst, tcp_pkt10_s2c_fin, sizeof(tcp_pkt10_s2c_fin));
packet_parse(&pkt, (const char *)tcp_pkt_s2c_rst, sizeof(tcp_pkt10_s2c_fin));
const struct layer *tcp_layer = packet_get_innermost_layer(&pkt, LAYER_TYPE_TCP);
const struct pkt_layer *tcp_layer = packet_get_innermost_layer(&pkt, LAYER_TYPE_TCP);
EXPECT_TRUE(tcp_layer);
struct tcphdr *hdr = (struct tcphdr *)tcp_layer->hdr_ptr;
tcp_hdr_set_flags(hdr, 0);
@@ -289,23 +289,23 @@ TEST(TCP_OPENING_TO_CLOSING, BY_S2C_RST)
EXPECT_TRUE(session_manager_update_session(mgr, sess, &pkt, 2) == 0);
EXPECT_TRUE(session_get_id(sess) != 0);
tuple6_to_str(session_get0_key(sess), buffer, sizeof(buffer));
tuple6_to_str(session_get_tuple(sess), buffer, sizeof(buffer));
EXPECT_STREQ(buffer, "192.168.38.105:60111 -> 93.184.216.34:80, proto: 6, domain: 0");
EXPECT_TRUE(session_get_key_dir(sess) == SESSION_DIR_C2S);
EXPECT_TRUE(session_get_tuple_dir(sess) == SESSION_DIR_C2S);
EXPECT_TRUE(session_get_state(sess) == SESSION_STATE_CLOSING);
EXPECT_TRUE(session_get_type(sess) == SESSION_TYPE_TCP);
EXPECT_TRUE(session_get_dup_traffic_flag(sess) == DUP_TRAFFIC_NO);
EXPECT_TRUE(session_has_dup_traffic(sess) == 0);
EXPECT_TRUE(session_get_closing_reason(sess) == CLOSING_BY_SERVER_RST);
EXPECT_TRUE(session_get_c2s_bytes(sess) == 78);
EXPECT_TRUE(session_get_s2c_bytes(sess) == 66);
EXPECT_TRUE(session_get_c2s_packets(sess) == 1);
EXPECT_TRUE(session_get_s2c_packets(sess) == 1);
EXPECT_TRUE(session_get_new_time(sess) == 1);
EXPECT_TRUE(session_get_last_time(sess) == 2);
EXPECT_TRUE(session_get0_cur_pkt(sess) == &pkt);
EXPECT_TRUE(session_get_metric(sess, SESSION_METRIC_C2S_BYTES) == 78);
EXPECT_TRUE(session_get_metric(sess, SESSION_METRIC_S2C_BYTES) == 66);
EXPECT_TRUE(session_get_metric(sess, SESSION_METRIC_C2S_PACKETS) == 1);
EXPECT_TRUE(session_get_metric(sess, SESSION_METRIC_S2C_PACKETS) == 1);
EXPECT_TRUE(session_get_timestamp(sess, SESSION_TIMESTAMP_NEW) == 1);
EXPECT_TRUE(session_get_timestamp(sess, SESSION_TIMESTAMP_LAST) == 2);
EXPECT_TRUE(session_get_packet(sess, SESSION_PACKET_CURRENT) == &pkt);
EXPECT_TRUE(session_get_cur_dir(sess) == SESSION_DIR_S2C);
EXPECT_TRUE(session_get0_c2s_1st_pkt(sess) != NULL);
EXPECT_TRUE(session_get0_s2c_1st_pkt(sess) != NULL);
EXPECT_TRUE(session_get_packet(sess, SESSION_PACKET_C2S_1ST) != NULL);
EXPECT_TRUE(session_get_packet(sess, SESSION_PACKET_S2C_1ST) != NULL);
session_dump(sess);
// check stat
@@ -436,23 +436,23 @@ TEST(TCP_OPENING_TO_CLOSING, BY_HANDSHAKE_TIMEOUT)
EXPECT_TRUE(session_manager_update_session(mgr, sess, &pkt, 2) == 0);
EXPECT_TRUE(session_get_id(sess) != 0);
tuple6_to_str(session_get0_key(sess), buffer, sizeof(buffer));
tuple6_to_str(session_get_tuple(sess), buffer, sizeof(buffer));
EXPECT_STREQ(buffer, "192.168.38.105:60111 -> 93.184.216.34:80, proto: 6, domain: 0");
EXPECT_TRUE(session_get_key_dir(sess) == SESSION_DIR_C2S);
EXPECT_TRUE(session_get_tuple_dir(sess) == SESSION_DIR_C2S);
EXPECT_TRUE(session_get_state(sess) == SESSION_STATE_OPENING);
EXPECT_TRUE(session_get_type(sess) == SESSION_TYPE_TCP);
EXPECT_TRUE(session_get_dup_traffic_flag(sess) == DUP_TRAFFIC_NO);
EXPECT_TRUE(session_has_dup_traffic(sess) == 0);
EXPECT_TRUE(session_get_closing_reason(sess) == 0);
EXPECT_TRUE(session_get_c2s_bytes(sess) == 78);
EXPECT_TRUE(session_get_s2c_bytes(sess) == 74);
EXPECT_TRUE(session_get_c2s_packets(sess) == 1);
EXPECT_TRUE(session_get_s2c_packets(sess) == 1);
EXPECT_TRUE(session_get_new_time(sess) == 1);
EXPECT_TRUE(session_get_last_time(sess) == 2);
EXPECT_TRUE(session_get0_cur_pkt(sess) == &pkt);
EXPECT_TRUE(session_get_metric(sess, SESSION_METRIC_C2S_BYTES) == 78);
EXPECT_TRUE(session_get_metric(sess, SESSION_METRIC_S2C_BYTES) == 74);
EXPECT_TRUE(session_get_metric(sess, SESSION_METRIC_C2S_PACKETS) == 1);
EXPECT_TRUE(session_get_metric(sess, SESSION_METRIC_S2C_PACKETS) == 1);
EXPECT_TRUE(session_get_timestamp(sess, SESSION_TIMESTAMP_NEW) == 1);
EXPECT_TRUE(session_get_timestamp(sess, SESSION_TIMESTAMP_LAST) == 2);
EXPECT_TRUE(session_get_packet(sess, SESSION_PACKET_CURRENT) == &pkt);
EXPECT_TRUE(session_get_cur_dir(sess) == SESSION_DIR_S2C);
EXPECT_TRUE(session_get0_c2s_1st_pkt(sess) != NULL);
EXPECT_TRUE(session_get0_s2c_1st_pkt(sess) != NULL);
EXPECT_TRUE(session_get_packet(sess, SESSION_PACKET_C2S_1ST) != NULL);
EXPECT_TRUE(session_get_packet(sess, SESSION_PACKET_S2C_1ST) != NULL);
session_dump(sess);
// check stat
@@ -537,23 +537,23 @@ TEST(TCP_OPENING_TO_CLOSING, BY_DATA_TIMEOUT)
EXPECT_TRUE(session_manager_update_session(mgr, sess, &pkt, 3) == 0);
EXPECT_TRUE(session_get_id(sess) != 0);
tuple6_to_str(session_get0_key(sess), buffer, sizeof(buffer));
tuple6_to_str(session_get_tuple(sess), buffer, sizeof(buffer));
EXPECT_STREQ(buffer, "192.168.38.105:60111 -> 93.184.216.34:80, proto: 6, domain: 0");
EXPECT_TRUE(session_get_key_dir(sess) == SESSION_DIR_C2S);
EXPECT_TRUE(session_get_tuple_dir(sess) == SESSION_DIR_C2S);
EXPECT_TRUE(session_get_state(sess) == SESSION_STATE_OPENING);
EXPECT_TRUE(session_get_type(sess) == SESSION_TYPE_TCP);
EXPECT_TRUE(session_get_dup_traffic_flag(sess) == DUP_TRAFFIC_NO);
EXPECT_TRUE(session_has_dup_traffic(sess) == 0);
EXPECT_TRUE(session_get_closing_reason(sess) == 0);
EXPECT_TRUE(session_get_c2s_bytes(sess) == 78 + 66);
EXPECT_TRUE(session_get_s2c_bytes(sess) == 74);
EXPECT_TRUE(session_get_c2s_packets(sess) == 1 + 1);
EXPECT_TRUE(session_get_s2c_packets(sess) == 1);
EXPECT_TRUE(session_get_new_time(sess) == 1);
EXPECT_TRUE(session_get_last_time(sess) == 3);
EXPECT_TRUE(session_get0_cur_pkt(sess) == &pkt);
EXPECT_TRUE(session_get_metric(sess, SESSION_METRIC_C2S_BYTES) == 78 + 66);
EXPECT_TRUE(session_get_metric(sess, SESSION_METRIC_S2C_BYTES) == 74);
EXPECT_TRUE(session_get_metric(sess, SESSION_METRIC_C2S_PACKETS) == 1 + 1);
EXPECT_TRUE(session_get_metric(sess, SESSION_METRIC_S2C_PACKETS) == 1);
EXPECT_TRUE(session_get_timestamp(sess, SESSION_TIMESTAMP_NEW) == 1);
EXPECT_TRUE(session_get_timestamp(sess, SESSION_TIMESTAMP_LAST) == 3);
EXPECT_TRUE(session_get_packet(sess, SESSION_PACKET_CURRENT) == &pkt);
EXPECT_TRUE(session_get_cur_dir(sess) == SESSION_DIR_C2S);
EXPECT_TRUE(session_get0_c2s_1st_pkt(sess) != NULL);
EXPECT_TRUE(session_get0_s2c_1st_pkt(sess) != NULL);
EXPECT_TRUE(session_get_packet(sess, SESSION_PACKET_C2S_1ST) != NULL);
EXPECT_TRUE(session_get_packet(sess, SESSION_PACKET_S2C_1ST) != NULL);
session_dump(sess);
// check stat
@@ -627,23 +627,23 @@ TEST(TCP_OPENING_TO_CLOSING, BY_C2S_HALF_FIN)
EXPECT_TRUE(session_manager_update_session(mgr, sess, &pkt, 2) == 0);
EXPECT_TRUE(session_get_id(sess) != 0);
tuple6_to_str(session_get0_key(sess), buffer, sizeof(buffer));
tuple6_to_str(session_get_tuple(sess), buffer, sizeof(buffer));
EXPECT_STREQ(buffer, "192.168.38.105:60111 -> 93.184.216.34:80, proto: 6, domain: 0");
EXPECT_TRUE(session_get_key_dir(sess) == SESSION_DIR_C2S);
EXPECT_TRUE(session_get_tuple_dir(sess) == SESSION_DIR_C2S);
EXPECT_TRUE(session_get_state(sess) == SESSION_STATE_CLOSING);
EXPECT_TRUE(session_get_type(sess) == SESSION_TYPE_TCP);
EXPECT_TRUE(session_get_dup_traffic_flag(sess) == DUP_TRAFFIC_NO);
EXPECT_TRUE(session_has_dup_traffic(sess) == 0);
EXPECT_TRUE(session_get_closing_reason(sess) == CLOSING_BY_CLIENT_FIN);
EXPECT_TRUE(session_get_c2s_bytes(sess) == 78 + 66);
EXPECT_TRUE(session_get_s2c_bytes(sess) == 0);
EXPECT_TRUE(session_get_c2s_packets(sess) == 1 + 1);
EXPECT_TRUE(session_get_s2c_packets(sess) == 0);
EXPECT_TRUE(session_get_new_time(sess) == 1);
EXPECT_TRUE(session_get_last_time(sess) == 2);
EXPECT_TRUE(session_get0_cur_pkt(sess) == &pkt);
EXPECT_TRUE(session_get_metric(sess, SESSION_METRIC_C2S_BYTES) == 78 + 66);
EXPECT_TRUE(session_get_metric(sess, SESSION_METRIC_S2C_BYTES) == 0);
EXPECT_TRUE(session_get_metric(sess, SESSION_METRIC_C2S_PACKETS) == 1 + 1);
EXPECT_TRUE(session_get_metric(sess, SESSION_METRIC_S2C_PACKETS) == 0);
EXPECT_TRUE(session_get_timestamp(sess, SESSION_TIMESTAMP_NEW) == 1);
EXPECT_TRUE(session_get_timestamp(sess, SESSION_TIMESTAMP_LAST) == 2);
EXPECT_TRUE(session_get_packet(sess, SESSION_PACKET_CURRENT) == &pkt);
EXPECT_TRUE(session_get_cur_dir(sess) == SESSION_DIR_C2S);
EXPECT_TRUE(session_get0_c2s_1st_pkt(sess) != NULL);
EXPECT_TRUE(session_get0_s2c_1st_pkt(sess) == NULL);
EXPECT_TRUE(session_get_packet(sess, SESSION_PACKET_C2S_1ST) != NULL);
EXPECT_TRUE(session_get_packet(sess, SESSION_PACKET_S2C_1ST) == NULL);
session_dump(sess);
// check stat
@@ -716,23 +716,23 @@ TEST(TCP_OPENING_TO_CLOSING, BY_S2C_HALF_FIN)
EXPECT_TRUE(session_manager_update_session(mgr, sess, &pkt, 2) == 0);
EXPECT_TRUE(session_get_id(sess) != 0);
tuple6_to_str(session_get0_key(sess), buffer, sizeof(buffer));
tuple6_to_str(session_get_tuple(sess), buffer, sizeof(buffer));
EXPECT_STREQ(buffer, "192.168.38.105:60111 -> 93.184.216.34:80, proto: 6, domain: 0");
EXPECT_TRUE(session_get_key_dir(sess) == SESSION_DIR_C2S);
EXPECT_TRUE(session_get_tuple_dir(sess) == SESSION_DIR_C2S);
EXPECT_TRUE(session_get_state(sess) == SESSION_STATE_CLOSING);
EXPECT_TRUE(session_get_type(sess) == SESSION_TYPE_TCP);
EXPECT_TRUE(session_get_dup_traffic_flag(sess) == DUP_TRAFFIC_NO);
EXPECT_TRUE(session_has_dup_traffic(sess) == 0);
EXPECT_TRUE(session_get_closing_reason(sess) == CLOSING_BY_SERVER_FIN);
EXPECT_TRUE(session_get_c2s_bytes(sess) == 78);
EXPECT_TRUE(session_get_s2c_bytes(sess) == 66);
EXPECT_TRUE(session_get_c2s_packets(sess) == 1);
EXPECT_TRUE(session_get_s2c_packets(sess) == 1);
EXPECT_TRUE(session_get_new_time(sess) == 1);
EXPECT_TRUE(session_get_last_time(sess) == 2);
EXPECT_TRUE(session_get0_cur_pkt(sess) == &pkt);
EXPECT_TRUE(session_get_metric(sess, SESSION_METRIC_C2S_BYTES) == 78);
EXPECT_TRUE(session_get_metric(sess, SESSION_METRIC_S2C_BYTES) == 66);
EXPECT_TRUE(session_get_metric(sess, SESSION_METRIC_C2S_PACKETS) == 1);
EXPECT_TRUE(session_get_metric(sess, SESSION_METRIC_S2C_PACKETS) == 1);
EXPECT_TRUE(session_get_timestamp(sess, SESSION_TIMESTAMP_NEW) == 1);
EXPECT_TRUE(session_get_timestamp(sess, SESSION_TIMESTAMP_LAST) == 2);
EXPECT_TRUE(session_get_packet(sess, SESSION_PACKET_CURRENT) == &pkt);
EXPECT_TRUE(session_get_cur_dir(sess) == SESSION_DIR_S2C);
EXPECT_TRUE(session_get0_c2s_1st_pkt(sess) != NULL);
EXPECT_TRUE(session_get0_s2c_1st_pkt(sess) != NULL);
EXPECT_TRUE(session_get_packet(sess, SESSION_PACKET_C2S_1ST) != NULL);
EXPECT_TRUE(session_get_packet(sess, SESSION_PACKET_S2C_1ST) != NULL);
session_dump(sess);
// check stat

48
src/session/test/gtest_state_udp_init_to_opening_to_active_to_closing.cpp
View File

@@ -70,23 +70,23 @@ TEST(UDP_INIT_TO_OPENING_TO_ACTIVE_TO_CLOSING, TEST)
EXPECT_TRUE(sess);
EXPECT_TRUE(session_get_id(sess) != 0);
tuple6_to_str(session_get0_key(sess), buffer, sizeof(buffer));
tuple6_to_str(session_get_tuple(sess), buffer, sizeof(buffer));
EXPECT_STREQ(buffer, "192.168.38.105:61099 -> 121.14.154.93:53, proto: 17, domain: 0");
EXPECT_TRUE(session_get_key_dir(sess) == SESSION_DIR_C2S);
EXPECT_TRUE(session_get_tuple_dir(sess) == SESSION_DIR_C2S);
EXPECT_TRUE(session_get_state(sess) == SESSION_STATE_OPENING);
EXPECT_TRUE(session_get_type(sess) == SESSION_TYPE_UDP);
EXPECT_TRUE(session_get_dup_traffic_flag(sess) == DUP_TRAFFIC_NO);
EXPECT_TRUE(session_has_dup_traffic(sess) == 0);
EXPECT_TRUE(session_get_closing_reason(sess) == 0);
EXPECT_TRUE(session_get_c2s_bytes(sess) == 74);
EXPECT_TRUE(session_get_s2c_bytes(sess) == 0);
EXPECT_TRUE(session_get_c2s_packets(sess) == 1);
EXPECT_TRUE(session_get_s2c_packets(sess) == 0);
EXPECT_TRUE(session_get_new_time(sess) == 1);
EXPECT_TRUE(session_get_last_time(sess) == 1);
EXPECT_TRUE(session_get0_cur_pkt(sess) == &pkt);
EXPECT_TRUE(session_get_metric(sess, SESSION_METRIC_C2S_BYTES) == 74);
EXPECT_TRUE(session_get_metric(sess, SESSION_METRIC_S2C_BYTES) == 0);
EXPECT_TRUE(session_get_metric(sess, SESSION_METRIC_C2S_PACKETS) == 1);
EXPECT_TRUE(session_get_metric(sess, SESSION_METRIC_S2C_PACKETS) == 0);
EXPECT_TRUE(session_get_timestamp(sess, SESSION_TIMESTAMP_NEW) == 1);
EXPECT_TRUE(session_get_timestamp(sess, SESSION_TIMESTAMP_LAST) == 1);
EXPECT_TRUE(session_get_packet(sess, SESSION_PACKET_CURRENT) == &pkt);
EXPECT_TRUE(session_get_cur_dir(sess) == SESSION_DIR_C2S);
EXPECT_TRUE(session_get0_c2s_1st_pkt(sess) != NULL);
EXPECT_TRUE(session_get0_s2c_1st_pkt(sess) == NULL);
EXPECT_TRUE(session_get_packet(sess, SESSION_PACKET_C2S_1ST) != NULL);
EXPECT_TRUE(session_get_packet(sess, SESSION_PACKET_S2C_1ST) == NULL);
// S2C RESP Packet
printf("\n=> Packet Parse: UDP S2C RESP packet\n");
@@ -100,23 +100,23 @@ TEST(UDP_INIT_TO_OPENING_TO_ACTIVE_TO_CLOSING, TEST)
EXPECT_TRUE(session_manager_update_session(mgr, sess, &pkt, 2) == 0);
EXPECT_TRUE(session_get_id(sess) != 0);
tuple6_to_str(session_get0_key(sess), buffer, sizeof(buffer));
tuple6_to_str(session_get_tuple(sess), buffer, sizeof(buffer));
EXPECT_STREQ(buffer, "192.168.38.105:61099 -> 121.14.154.93:53, proto: 17, domain: 0");
EXPECT_TRUE(session_get_key_dir(sess) == SESSION_DIR_C2S);
EXPECT_TRUE(session_get_tuple_dir(sess) == SESSION_DIR_C2S);
EXPECT_TRUE(session_get_state(sess) == SESSION_STATE_ACTIVE);
EXPECT_TRUE(session_get_type(sess) == SESSION_TYPE_UDP);
EXPECT_TRUE(session_get_dup_traffic_flag(sess) == DUP_TRAFFIC_NO);
EXPECT_TRUE(session_has_dup_traffic(sess) == 0);
EXPECT_TRUE(session_get_closing_reason(sess) == 0);
EXPECT_TRUE(session_get_c2s_bytes(sess) == 74);
EXPECT_TRUE(session_get_s2c_bytes(sess) == 550);
EXPECT_TRUE(session_get_c2s_packets(sess) == 1);
EXPECT_TRUE(session_get_s2c_packets(sess) == 1);
EXPECT_TRUE(session_get_new_time(sess) == 1);
EXPECT_TRUE(session_get_last_time(sess) == 2);
EXPECT_TRUE(session_get0_cur_pkt(sess) == &pkt);
EXPECT_TRUE(session_get_metric(sess, SESSION_METRIC_C2S_BYTES) == 74);
EXPECT_TRUE(session_get_metric(sess, SESSION_METRIC_S2C_BYTES) == 550);
EXPECT_TRUE(session_get_metric(sess, SESSION_METRIC_C2S_PACKETS) == 1);
EXPECT_TRUE(session_get_metric(sess, SESSION_METRIC_S2C_PACKETS) == 1);
EXPECT_TRUE(session_get_timestamp(sess, SESSION_TIMESTAMP_NEW) == 1);
EXPECT_TRUE(session_get_timestamp(sess, SESSION_TIMESTAMP_LAST) == 2);
EXPECT_TRUE(session_get_packet(sess, SESSION_PACKET_CURRENT) == &pkt);
EXPECT_TRUE(session_get_cur_dir(sess) == SESSION_DIR_S2C);
EXPECT_TRUE(session_get0_c2s_1st_pkt(sess) != NULL);
EXPECT_TRUE(session_get0_s2c_1st_pkt(sess) != NULL);
EXPECT_TRUE(session_get_packet(sess, SESSION_PACKET_C2S_1ST) != NULL);
EXPECT_TRUE(session_get_packet(sess, SESSION_PACKET_S2C_1ST) != NULL);
session_dump(sess);
// check stat

49
src/session/test/gtest_state_udp_init_to_opening_to_closing.cpp
View File

@@ -75,23 +75,23 @@ TEST(UDP_INIT_TO_OPENING_TO_CLOSING, BY_C2S)
EXPECT_TRUE(sess);
EXPECT_TRUE(session_get_id(sess) != 0);
tuple6_to_str(session_get0_key(sess), buffer, sizeof(buffer));
tuple6_to_str(session_get_tuple(sess), buffer, sizeof(buffer));
EXPECT_STREQ(buffer, "192.168.38.105:61099 -> 121.14.154.93:53, proto: 17, domain: 0");
EXPECT_TRUE(session_get_key_dir(sess) == SESSION_DIR_C2S);
EXPECT_TRUE(session_get_tuple_dir(sess) == SESSION_DIR_C2S);
EXPECT_TRUE(session_get_state(sess) == SESSION_STATE_OPENING);
EXPECT_TRUE(session_get_type(sess) == SESSION_TYPE_UDP);
EXPECT_TRUE(session_get_dup_traffic_flag(sess) == DUP_TRAFFIC_NO);
EXPECT_TRUE(session_has_dup_traffic(sess) == 0);
EXPECT_TRUE(session_get_closing_reason(sess) == 0);
EXPECT_TRUE(session_get_c2s_bytes(sess) == 74);
EXPECT_TRUE(session_get_s2c_bytes(sess) == 0);
EXPECT_TRUE(session_get_c2s_packets(sess) == 1);
EXPECT_TRUE(session_get_s2c_packets(sess) == 0);
EXPECT_TRUE(session_get_new_time(sess) == 1);
EXPECT_TRUE(session_get_last_time(sess) == 1);
EXPECT_TRUE(session_get0_cur_pkt(sess) == &pkt);
EXPECT_TRUE(session_get_metric(sess, SESSION_METRIC_C2S_BYTES) == 74);
EXPECT_TRUE(session_get_metric(sess, SESSION_METRIC_S2C_BYTES) == 0);
EXPECT_TRUE(session_get_metric(sess, SESSION_METRIC_C2S_PACKETS) == 1);
EXPECT_TRUE(session_get_metric(sess, SESSION_METRIC_S2C_PACKETS) == 0);
EXPECT_TRUE(session_get_timestamp(sess, SESSION_TIMESTAMP_NEW) == 1);
EXPECT_TRUE(session_get_timestamp(sess, SESSION_TIMESTAMP_LAST) == 1);
EXPECT_TRUE(session_get_packet(sess, SESSION_PACKET_CURRENT) == &pkt);
EXPECT_TRUE(session_get_cur_dir(sess) == SESSION_DIR_C2S);
EXPECT_TRUE(session_get0_c2s_1st_pkt(sess) != NULL);
EXPECT_TRUE(session_get0_s2c_1st_pkt(sess) == NULL);
EXPECT_TRUE(session_get_packet(sess, SESSION_PACKET_C2S_1ST) != NULL);
EXPECT_TRUE(session_get_packet(sess, SESSION_PACKET_S2C_1ST) == NULL);
session_dump(sess);
// check stat
@@ -155,24 +155,23 @@ TEST(UDP_INIT_TO_OPENING_TO_CLOSING, BY_S2C)
EXPECT_TRUE(sess);
EXPECT_TRUE(session_get_id(sess) != 0);
tuple6_to_str(session_get0_key(sess), buffer, sizeof(buffer));
tuple6_to_str(session_get_tuple(sess), buffer, sizeof(buffer));
EXPECT_STREQ(buffer, "121.14.154.93:53 -> 192.168.38.105:61099, proto: 17, domain: 0");
EXPECT_TRUE(session_get_key_dir(sess) == SESSION_DIR_S2C);
EXPECT_TRUE(session_get_tuple_dir(sess) == SESSION_DIR_S2C);
EXPECT_TRUE(session_get_state(sess) == SESSION_STATE_OPENING);
EXPECT_TRUE(session_get_type(sess) == SESSION_TYPE_UDP);
EXPECT_TRUE(session_get_dup_traffic_flag(sess) == DUP_TRAFFIC_NO);
EXPECT_TRUE(session_has_dup_traffic(sess) == 0);
EXPECT_TRUE(session_get_closing_reason(sess) == 0);
EXPECT_TRUE(session_get_c2s_bytes(sess) == 0);
EXPECT_TRUE(session_get_s2c_bytes(sess) == 550);
EXPECT_TRUE(session_get_c2s_packets(sess) == 0);
EXPECT_TRUE(session_get_s2c_packets(sess) == 1);
EXPECT_TRUE(session_get_new_time(sess) == 1);
EXPECT_TRUE(session_get_last_time(sess) == 1);
EXPECT_TRUE(session_get0_cur_pkt(sess) == &pkt);
EXPECT_TRUE(session_get_metric(sess, SESSION_METRIC_C2S_BYTES) == 0);
EXPECT_TRUE(session_get_metric(sess, SESSION_METRIC_S2C_BYTES) == 550);
EXPECT_TRUE(session_get_metric(sess, SESSION_METRIC_C2S_PACKETS) == 0);
EXPECT_TRUE(session_get_metric(sess, SESSION_METRIC_S2C_PACKETS) == 1);
EXPECT_TRUE(session_get_timestamp(sess, SESSION_TIMESTAMP_NEW) == 1);
EXPECT_TRUE(session_get_timestamp(sess, SESSION_TIMESTAMP_LAST) == 1);
EXPECT_TRUE(session_get_packet(sess, SESSION_PACKET_CURRENT) == &pkt);
EXPECT_TRUE(session_get_cur_dir(sess) == SESSION_DIR_S2C);
EXPECT_TRUE(session_get0_c2s_1st_pkt(sess) == NULL);
EXPECT_TRUE(session_get0_s2c_1st_pkt(sess) != NULL);
EXPECT_TRUE(session_get0_1st_pkt(sess) == session_get0_s2c_1st_pkt(sess));
EXPECT_TRUE(session_get_packet(sess, SESSION_PACKET_C2S_1ST) == NULL);
EXPECT_TRUE(session_get_packet(sess, SESSION_PACKET_S2C_1ST) != NULL);
session_dump(sess);
// check stat

6
src/stellar/stellar.cpp
View File

@@ -97,15 +97,15 @@ void plugin_manager_dispatch(void *plugin_mgr, struct session *sess, const struc
{
do
{
payload = session_peek_tcp_payload(sess, &len);
payload = tcp_data_peek(sess, &len);
if (payload && len > 0)
{
hex_dump(payload, len);
}
session_consume_tcp_payload(sess, len);
tcp_data_dequeue(sess, len);
} while (payload && len > 0);
}
session_set0_cur_pkt(sess, NULL);
session_clean_packet(sess, SESSION_PACKET_CURRENT);
session_set_cur_dir(sess, SESSION_DIR_NONE);
printf("<= plugin dispatch session\n");
}

32
src/tcp_reassembly/tcp_reassembly.cpp
View File

@@ -26,7 +26,7 @@ struct tcp_reassembly
struct rb_root_cached tree_root;
struct list_head list_root;
uint64_t exp_seq;
uint64_t rcv_nxt; // what we want to receive next
};
/******************************************************************************
@@ -116,8 +116,8 @@ void tcp_reassembly_init(struct tcp_reassembly *assy, uint32_t syn_seq)
return;
}
assy->exp_seq = syn_seq + 1;
TCP_REASSEMBLE_DEBUG("reassembler %p init expect seq %lu", assy, assy->exp_seq);
assy->rcv_nxt = syn_seq + 1;
TCP_REASSEMBLE_DEBUG("reassembler %p init expect seq %lu", assy, assy->rcv_nxt);
}
void tcp_reassembly_expire(struct tcp_reassembly *assy, uint64_t now)
@@ -183,11 +183,11 @@ void tcp_reassembly_insert(struct tcp_reassembly *assy, uint32_t offset, const c
return;
}
if (before(offset + len, assy->exp_seq))
if (before(offset + len, assy->rcv_nxt))
{
assy->stat.retrans_bypass_segments++;
assy->stat.retrans_bypass_bytes += len;
TCP_REASSEMBLE_DEBUG("reassembler %p insert [%lu, %lu] failed, less the expect seq %lu", assy, low, high, assy->exp_seq);
TCP_REASSEMBLE_DEBUG("reassembler %p insert [%lu, %lu] failed, less the expect seq %lu", assy, low, high, assy->rcv_nxt);
return;
}
@@ -229,7 +229,7 @@ const char *tcp_reassembly_peek(struct tcp_reassembly *assy, uint32_t *len)
struct segment *seg = NULL;
struct interval_tree_node *tree_node = NULL;
struct interval_tree_node *oldest_node = NULL;
tree_node = interval_tree_iter_first(&assy->tree_root, assy->exp_seq, assy->exp_seq);
tree_node = interval_tree_iter_first(&assy->tree_root, assy->rcv_nxt, assy->rcv_nxt);
while (tree_node)
{
seg = container_of(tree_node, struct segment, tree_node);
@@ -238,7 +238,7 @@ const char *tcp_reassembly_peek(struct tcp_reassembly *assy, uint32_t *len)
id = seg->id;
oldest_node = tree_node;
}
tree_node = interval_tree_iter_next(tree_node, assy->exp_seq, assy->exp_seq);
tree_node = interval_tree_iter_next(tree_node, assy->rcv_nxt, assy->rcv_nxt);
}
if (oldest_node == NULL)
@@ -248,14 +248,14 @@ const char *tcp_reassembly_peek(struct tcp_reassembly *assy, uint32_t *len)
uint64_t payload_len = oldest_node->last - oldest_node->start + 1;
seg = container_of(oldest_node, struct segment, tree_node);
if (oldest_node->start < assy->exp_seq)
if (oldest_node->start < assy->rcv_nxt)
{
uint64_t overlap = assy->exp_seq - oldest_node->start;
uint64_t overlap = assy->rcv_nxt - oldest_node->start;
*len = (uint16_t)(payload_len - overlap);
TCP_REASSEMBLE_DEBUG("reassembler %p peek [%lu, +∞], found segment %p [%lu, %lu] (left overlap: %lu)", assy, assy->exp_seq, seg, oldest_node->start, oldest_node->last, overlap);
TCP_REASSEMBLE_DEBUG("reassembler %p peek [%lu, +∞], found segment %p [%lu, %lu] (left overlap: %lu)", assy, assy->rcv_nxt, seg, oldest_node->start, oldest_node->last, overlap);
return seg->payload + overlap;
}
TCP_REASSEMBLE_DEBUG("reassembler %p peek [%lu, +∞], found segment %p [%lu, %lu]", assy, assy->exp_seq, seg, oldest_node->start, oldest_node->last);
TCP_REASSEMBLE_DEBUG("reassembler %p peek [%lu, +∞], found segment %p [%lu, %lu]", assy, assy->rcv_nxt, seg, oldest_node->start, oldest_node->last);
*len = (uint16_t)payload_len;
return seg->payload;
@@ -286,13 +286,13 @@ void tcp_reassembly_consume(struct tcp_reassembly *assy, uint32_t len)
* seq range: [0, 4294967295]
* seq range: [0, UINT32_MAX]
*/
uint64_t old_exp_seq = assy->exp_seq;
assy->exp_seq += len;
if (assy->exp_seq > UINT32_MAX)
uint64_t old_exp_seq = assy->rcv_nxt;
assy->rcv_nxt += len;
if (assy->rcv_nxt > UINT32_MAX)
{
assy->exp_seq = assy->exp_seq % 4294967296;
assy->rcv_nxt = assy->rcv_nxt % 4294967296;
}
uint64_t new_exp_seq = assy->exp_seq;
uint64_t new_exp_seq = assy->rcv_nxt;
TCP_REASSEMBLE_DEBUG("reassembler %p consume [%lu, %lu], update expect seq %lu -> %lu", assy, old_exp_seq, old_exp_seq + len - 1, old_exp_seq, new_exp_seq);