2019-05-17 17:04:50 +08:00
|
|
|
|
#include "kni_utils.h"
|
|
|
|
|
|
#include "kni_maat.h"
|
|
|
|
|
|
|
|
|
|
|
|
extern int g_iThreadNum;
|
2019-05-19 17:50:51 +08:00
|
|
|
|
int g_maat_default_action = -1;
|
2019-05-17 17:04:50 +08:00
|
|
|
|
|
|
|
|
|
|
void kni_maat_destroy(struct kni_maat_handle *handle){
|
|
|
|
|
|
if(handle != NULL){
|
|
|
|
|
|
if(handle->feather != NULL){
|
|
|
|
|
|
Maat_burn_feather(handle->feather);
|
|
|
|
|
|
}
|
|
|
|
|
|
}
|
|
|
|
|
|
FREE(&handle);
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2019-05-19 17:23:18 +08:00
|
|
|
|
|
|
|
|
|
|
void compile_ex_param_new(int idx, const struct Maat_rule_t* rule, const char* srv_def_large, MAAT_RULE_EX_DATA* ad, long argl, void *argp){
|
|
|
|
|
|
printf("call compile_ex_param_new\n");
|
|
|
|
|
|
if(rule->config_id == 0){
|
2019-05-19 17:50:51 +08:00
|
|
|
|
g_maat_default_action = rule->action;
|
2019-05-19 17:23:18 +08:00
|
|
|
|
}
|
|
|
|
|
|
return;
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
void compile_ex_param_free(int idx, const struct Maat_rule_t* rule, const char* srv_def_large, MAAT_RULE_EX_DATA* ad, long argl, void *argp){
|
2019-05-19 17:50:51 +08:00
|
|
|
|
printf("call compile_ex_param_free\n");
|
2019-05-19 17:23:18 +08:00
|
|
|
|
return;
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
void compile_ex_param_dup(int idx, MAAT_RULE_EX_DATA *to, MAAT_RULE_EX_DATA *from, long argl, void *argp){
|
2019-05-19 17:50:51 +08:00
|
|
|
|
printf("call compile_ex_param_dup\n");
|
2019-05-19 17:23:18 +08:00
|
|
|
|
return;
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2019-05-17 17:04:50 +08:00
|
|
|
|
struct kni_maat_handle* kni_maat_init(const char* profile, void *logger){
|
|
|
|
|
|
const char *section = "maat";
|
|
|
|
|
|
int readconf_mode;
|
|
|
|
|
|
char tableinfo_path[KNI_PATH_MAX];
|
2019-05-19 17:23:18 +08:00
|
|
|
|
char tablename_intercept_ip[KNI_SYMBOL_MAX];
|
|
|
|
|
|
char tablename_intercept_domain[KNI_SYMBOL_MAX];
|
|
|
|
|
|
char compile_alias[KNI_SYMBOL_MAX];
|
2019-05-17 17:04:50 +08:00
|
|
|
|
MESA_load_profile_int_def(profile, section, "readconf_mode", &readconf_mode, KNI_MAAT_READCONF_IRIS);
|
|
|
|
|
|
MESA_load_profile_string_def(profile, section, "tableinfo_path", tableinfo_path, sizeof(tableinfo_path), "unknown");
|
2019-05-19 17:23:18 +08:00
|
|
|
|
MESA_load_profile_string_def(profile, section, "tablename_intercept_ip", tablename_intercept_ip, sizeof(tablename_intercept_ip), "unknown");
|
|
|
|
|
|
MESA_load_profile_string_def(profile, section, "tablename_intercept_domain", tablename_intercept_domain, sizeof(tablename_intercept_domain), "unknown");
|
|
|
|
|
|
MESA_load_profile_string_def(profile, section, "compile_alias", compile_alias, sizeof(compile_alias), "unknown");
|
|
|
|
|
|
KNI_LOG_INFO(logger, "MESA_prof_load, [%s]:\n readconf_mode: %d\n tableinfo_path: %s\n tablename_intercept_ip: %s\n tablename_intercept_domain: %s\n"
|
|
|
|
|
|
"compile_alias: %s\n", section, readconf_mode, tableinfo_path, tablename_intercept_ip, tablename_intercept_domain, compile_alias);
|
2019-05-17 17:04:50 +08:00
|
|
|
|
Maat_feather_t feather = Maat_feather(g_iThreadNum, tableinfo_path, logger);
|
|
|
|
|
|
if(feather == NULL){
|
|
|
|
|
|
KNI_LOG_ERROR(logger, "Failed at Maat_feather, max_thread_num is %d, tableinfo_path is %s", g_iThreadNum, tableinfo_path);
|
|
|
|
|
|
return NULL;
|
|
|
|
|
|
}
|
|
|
|
|
|
if(readconf_mode == KNI_MAAT_READCONF_JSON){
|
|
|
|
|
|
char maatjson_path[KNI_PATH_MAX];
|
|
|
|
|
|
MESA_load_profile_string_def(profile, section, "maatjson_path", maatjson_path, sizeof(maatjson_path), "unknown");
|
|
|
|
|
|
KNI_LOG_INFO(logger, "MESA_prof_load, [%s]:\n maatjson_path: %s", section, maatjson_path);
|
|
|
|
|
|
Maat_set_feather_opt(feather, MAAT_OPT_JSON_FILE_PATH, maatjson_path, strlen(maatjson_path));
|
|
|
|
|
|
}
|
|
|
|
|
|
if(readconf_mode == KNI_MAAT_READCONF_IRIS){
|
|
|
|
|
|
//TODO
|
|
|
|
|
|
}
|
|
|
|
|
|
if(readconf_mode == KNI_MAAT_READCONF_REDIS){
|
|
|
|
|
|
char redis_ip[KNI_SYMBOL_MAX];
|
|
|
|
|
|
int redis_port;
|
|
|
|
|
|
int redis_index;
|
|
|
|
|
|
MESA_load_profile_string_def(profile, section, "redis_ip", redis_ip, sizeof(redis_ip), "unknown");
|
|
|
|
|
|
MESA_load_profile_int_def(profile, section, "redis_port", &redis_port, -1);
|
|
|
|
|
|
MESA_load_profile_int_def(profile, section, "redis_index", &redis_index, -1);
|
|
|
|
|
|
KNI_LOG_INFO(logger, "MESA_prof_load, [%s]:\n redis_ip: %s\n redis_port: %s\n redis_index: %d",
|
|
|
|
|
|
section, redis_ip, redis_port, redis_index);
|
|
|
|
|
|
Maat_set_feather_opt(feather, MAAT_OPT_REDIS_IP, (void*)redis_ip, strlen(redis_ip) + 1);
|
|
|
|
|
|
Maat_set_feather_opt(feather, MAAT_OPT_REDIS_PORT, (void*)&redis_port, sizeof(redis_port));
|
|
|
|
|
|
Maat_set_feather_opt(feather, MAAT_OPT_REDIS_INDEX, (void*)&redis_index, sizeof(redis_index));
|
|
|
|
|
|
}
|
|
|
|
|
|
int ret = Maat_initiate_feather(feather);
|
|
|
|
|
|
if(ret < 0){
|
|
|
|
|
|
KNI_LOG_ERROR(logger, "Failed at Maat_initiate_feather");
|
|
|
|
|
|
return NULL;
|
|
|
|
|
|
}
|
2019-05-19 17:23:18 +08:00
|
|
|
|
int tableid_intercept_ip = Maat_table_register(feather, tablename_intercept_ip);
|
|
|
|
|
|
int tableid_intercept_domain = Maat_table_register(feather, tablename_intercept_domain);
|
|
|
|
|
|
if(tableid_intercept_ip < 0){
|
|
|
|
|
|
KNI_LOG_ERROR(logger, "Failed at Maat_table_register, tablename is %d, ret is %d",
|
|
|
|
|
|
tablename_intercept_ip, tableid_intercept_ip);
|
|
|
|
|
|
return NULL;
|
|
|
|
|
|
}
|
|
|
|
|
|
if(tableid_intercept_domain < 0){
|
2019-05-17 17:04:50 +08:00
|
|
|
|
KNI_LOG_ERROR(logger, "Failed at Maat_table_register, tablename is %d, ret is %d",
|
2019-05-19 17:23:18 +08:00
|
|
|
|
tablename_intercept_domain, tableid_intercept_domain);
|
2019-05-17 17:04:50 +08:00
|
|
|
|
return NULL;
|
|
|
|
|
|
}
|
|
|
|
|
|
struct kni_maat_handle *handle = ALLOC(struct kni_maat_handle, 1);
|
2019-05-19 17:50:51 +08:00
|
|
|
|
ret = Maat_rule_get_ex_new_index(feather, compile_alias, compile_ex_param_new, compile_ex_param_free, compile_ex_param_dup, 0, NULL);
|
|
|
|
|
|
printf("Maat_rule_get_ex_new_index: compile_alias is %s, ret is %d\n", compile_alias, ret);
|
2019-05-19 17:23:18 +08:00
|
|
|
|
if(ret < 0){
|
|
|
|
|
|
KNI_LOG_ERROR(logger, "Failed at Maat_rule_get_ex_new_index, ret is %d", ret);
|
|
|
|
|
|
kni_maat_destroy(handle);
|
|
|
|
|
|
return NULL;
|
|
|
|
|
|
}
|
2019-05-17 17:04:50 +08:00
|
|
|
|
handle->feather = feather;
|
2019-05-19 17:23:18 +08:00
|
|
|
|
handle->tableid_intercept_ip = tableid_intercept_ip;
|
|
|
|
|
|
handle->tableid_intercept_domain = tableid_intercept_domain;
|
2019-05-17 17:04:50 +08:00
|
|
|
|
handle->logger = logger;
|
|
|
|
|
|
return handle;
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
static int maat_process_scan_result(struct kni_maat_handle *handle, int num, struct Maat_rule_t *result){
|
|
|
|
|
|
//void *logger = handle->logger;
|
2019-05-19 17:50:51 +08:00
|
|
|
|
int action = g_maat_default_action;
|
2019-05-17 17:04:50 +08:00
|
|
|
|
for(int i = 0; i < num; i++){
|
|
|
|
|
|
action = result[i].action;
|
|
|
|
|
|
if(action == KNI_ACTION_BYPASS){
|
|
|
|
|
|
return action;
|
|
|
|
|
|
}
|
|
|
|
|
|
}
|
|
|
|
|
|
return action;
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
//TODO: Maat_rule_get_ex_new_index compile_ex_param_new: config_id = 0, 取action即为全局变量, 一旦配置更新就回调, tableinfo怎么写,回调表, 编译配置表
|
|
|
|
|
|
int kni_maat_scan_ip(struct kni_maat_handle *handle, struct ipaddr *addr, int thread_seq){
|
2019-05-19 17:50:51 +08:00
|
|
|
|
//printf("default action is %d\n", g_maat_default_action);
|
2019-05-17 17:04:50 +08:00
|
|
|
|
void *logger = handle->logger;
|
|
|
|
|
|
struct Maat_rule_t result[KNI_MAAT_RULE_NUM_MAX];
|
2019-05-19 17:23:18 +08:00
|
|
|
|
scan_status_t mid = NULL;
|
|
|
|
|
|
int ret = Maat_scan_proto_addr(handle->feather, handle->tableid_intercept_ip, addr, 0, result,
|
|
|
|
|
|
KNI_MAAT_RULE_NUM_MAX, &mid, thread_seq);
|
2019-05-17 17:04:50 +08:00
|
|
|
|
if(ret < 0){
|
|
|
|
|
|
KNI_LOG_ERROR(logger, "Failed at Maat_scan_proto_addr, ret is %d", ret);
|
2019-05-19 17:50:51 +08:00
|
|
|
|
return g_maat_default_action;
|
2019-05-17 17:04:50 +08:00
|
|
|
|
}
|
2019-05-19 17:23:18 +08:00
|
|
|
|
int action = maat_process_scan_result(handle, ret, result);
|
|
|
|
|
|
|
|
|
|
|
|
//for debug
|
|
|
|
|
|
char saddr[INET_ADDRSTRLEN];
|
|
|
|
|
|
inet_ntop(AF_INET, &(addr->v4->saddr), saddr, INET_ADDRSTRLEN);
|
|
|
|
|
|
KNI_LOG_DEBUG(logger, "ip is %s, ret is %d, action is %d\n", saddr, ret, action);
|
|
|
|
|
|
|
|
|
|
|
|
return action;
|
2019-05-17 17:04:50 +08:00
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
int kni_maat_scan_domain(struct kni_maat_handle* handle, char *domain, int domain_len, int thread_seq){
|
|
|
|
|
|
void *logger = handle->logger;
|
|
|
|
|
|
struct Maat_rule_t result[KNI_MAAT_RULE_NUM_MAX];
|
2019-05-19 17:23:18 +08:00
|
|
|
|
//必须要初始化为NULL, 不懂为什么
|
|
|
|
|
|
scan_status_t mid = NULL;
|
|
|
|
|
|
int ret = Maat_full_scan_string(handle->feather, handle->tableid_intercept_domain, CHARSET_UTF8,
|
|
|
|
|
|
domain, domain_len, result, NULL, KNI_MAAT_RULE_NUM_MAX, &mid, thread_seq);
|
2019-05-17 17:04:50 +08:00
|
|
|
|
if(ret < 0){
|
|
|
|
|
|
KNI_LOG_ERROR(logger, "Failed at Maat_full_scan_string, ret is %d", ret);
|
2019-05-19 17:50:51 +08:00
|
|
|
|
return g_maat_default_action;
|
2019-05-17 17:04:50 +08:00
|
|
|
|
}
|
2019-05-19 17:23:18 +08:00
|
|
|
|
int action = maat_process_scan_result(handle, ret, result);
|
|
|
|
|
|
|
|
|
|
|
|
//for debug
|
|
|
|
|
|
char domain1[100] = "";
|
|
|
|
|
|
memcpy(domain1, domain, domain_len);
|
|
|
|
|
|
domain1[domain_len] = '\0';
|
|
|
|
|
|
KNI_LOG_DEBUG(logger, "domain is %s, ret is %d, action is %d\n", domain, ret, action);
|
|
|
|
|
|
|
|
|
|
|
|
return action;
|
2019-05-17 17:04:50 +08:00
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
