#pragma once
#include <stdint.h>
#include "onlinemean.h"

#include "stellar/session.h"
#include "stellar/session_flags.h"
#include "toml/toml.h"

#define SESSION_FLAGS_LOG_MODULE "SESSION_FLAGS"

enum random_looking_flags
{
	session_flags_frequency_mask = 0,
	session_flags_block_frequency_mask,
	session_flags_cumulative_sums_mask,
	session_flags_runs_mask,
	session_flags_longest_run_mask,
	session_flags_rank_mask,
	session_flags_non_overlapping_template_matching_mask,
	session_flags_overlapping_template_matching_mask,
	session_flags_universal_mask,
	session_flags_random_excursions_mask,
	session_flags_random_excursions_variant_mask,
	session_flags_poker_detect_mask,
	session_flags_runs_distribution_mask,
	session_flags_self_correlation_mask,
	session_flags_binary_derivative_mask,
};
#define SESSION_FLAGS_FREQUENCY 		(0x0000000000000001)
#define SESSION_FLAGS_BLOCK_FREQUENCY 		(SESSION_FLAGS_FREQUENCY << session_flags_block_frequency_mask)
#define SESSION_FLAGS_CUMULATIVE_SUMS 		(SESSION_FLAGS_FREQUENCY << session_flags_cumulative_sums_mask)
#define SESSION_FLAGS_RUNS 			(SESSION_FLAGS_FREQUENCY << session_flags_runs_mask)
#define SESSION_FLAGS_LONGEST_RUN 		(SESSION_FLAGS_FREQUENCY << session_flags_longest_run_mask)
#define SESSION_FLAGS_RANK 			(SESSION_FLAGS_FREQUENCY << session_flags_rank_mask)
#define SESSION_FLAGS_NON_OVERLAPPING_TEMPLATE_MATCHING 	(SESSION_FLAGS_FREQUENCY << session_flags_non_overlapping_template_matching_mask)
#define SESSION_FLAGS_OVERLAPPING_TEMPLATE_MATCHING 	(SESSION_FLAGS_FREQUENCY << session_flags_overlapping_template_matching_mask)
#define SESSION_FLAGS_UNIVERSAL 		(SESSION_FLAGS_FREQUENCY << session_flags_universal_mask)
#define SESSION_FLAGS_RANDOM_EXCURSIONS 	(SESSION_FLAGS_FREQUENCY << session_flags_random_excursions_mask)
#define SESSION_FLAGS_RANDOM_EXCURSIONS_VARIANT 	(SESSION_FLAGS_FREQUENCY << session_flags_random_excursions_variant_mask)
#define SESSION_FLAGS_POKER_DETECT 		(SESSION_FLAGS_FREQUENCY << session_flags_poker_detect_mask)
#define SESSION_FLAGS_RUNS_DISTRIBUTION 	(SESSION_FLAGS_FREQUENCY << session_flags_runs_distribution_mask)
#define SESSION_FLAGS_SELF_CORRELATION 	(SESSION_FLAGS_FREQUENCY << session_flags_self_correlation_mask)
#define SESSION_FLAGS_BINARY_DERIVATIVE 	(SESSION_FLAGS_FREQUENCY << session_flags_binary_derivative_mask)

#define MAIN_DIR_UNKONWN -1

#define START_JUDGE_TIME_MS 5000

struct session_flags_result {
	uint64_t flags;
	uint64_t random_looking_flags;
	uint32_t identify[session_flags_all_mask];
	bool is_tls;
};

struct session_flags_init_conf{
	uint32_t interactive_starttime_ms;
	uint32_t interactive_pulse_num;
	uint32_t main_dir_front_n_pkts;
	uint64_t interactive_latency_ms;
	uint32_t large_ptks_init_size;
	uint32_t random_judge_flags_cnt;
	uint32_t session_max_process_time_ms;
	uint32_t fet_enabled;
	uint32_t tunneling_enabled;
	int32_t random_looking_udp_ignore_pkts;
	uint32_t tunneling_tls_ignore_pkts;
	uint32_t tunneling_max_scan_pkts;
	char tunneling_pcre_list[2048];
	char random_looking_judge_list[2048];
};

struct session_flags_plugin_info{
	int plugin_id;
    int sess_ctx_exdata_idx;
	struct stellar *st;
	struct logger *log_handle;
	int session_flags_topic_id;
	int tcp_topic_id;
	int udp_topic_id;
};

struct session_flags_iter_values
{
	float bulky;
	float CBR;
	float download;
	float interactive;
	float pseudo_unidirectional;
	float streaming;
	OnlineMean_t omean;
};

struct session_flags_iter
{
	uint32_t iter_cnt;
	float bidirectional;
	struct session_flags_iter_values c2s;
	struct session_flags_iter_values s2c;
};

struct flow_stat
{
	uint64_t bytes;
	uint64_t pkts;
	uint64_t payload_pkts;
	uint64_t large_pkts;

	uint32_t delta_pkts;
	uint32_t delta_large_pkts;
	uint32_t delta_payload_pkts;
	uint32_t delta_bytes;

	float rate;
};

struct random_looking_stat_info
{
	uint8_t has_judged_sts;
	uint8_t has_judged_fet;
	uint8_t payload_pkt_num;
};

struct session_flags_stat
{
	struct flow_stat c2s, s2c;
	uint64_t last_pkt_ts_ms;
	uint64_t interactive_pulse_num;
	uint64_t session_start_time_ms;
	uint64_t stream_live_time_ms;
	uint64_t last_iter_ts_ms;
	int main_dir; 
	struct random_looking_stat_info random_looking_stat;
	struct session_flags_iter iter;
	struct session_flags_result result;
};

struct session_flags_ctx
{
	struct session_flags_stat stat;
	uint64_t history_flags;
};

void session_flags_stat_init(struct session_flags_stat *stat, enum session_direction session_dir);
struct session_flags_result *session_flags(struct session_flags_plugin_info *sf_plugin_info, struct session_flags_ctx *ctx, struct session *session, int etopic_id, uint32_t bytes, enum flow_type flow_type, uint64_t ms);
struct session_flags_result *session_flags_get_flags(struct session_flags_stat *session_flags);
struct session_flags_message *session_flags_generate_firewall_message(uint64_t flags, const uint32_t identify[session_flags_all_mask]);
float session_flags_calculate_CV(OnlineMean_t * omean);