gfwleak/tango-kni
Archived
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
This repository has been archived on 2025-09-14. You can view files and clone it, but cannot push or open issues or pull requests.
Files
46ad62925bd87c47cee86ab8498c5c40cd87089a
tango-kni/kni_comm.c

359 lines
8.7 KiB
C
Raw Normal View History

kni.c代码2000+行,分解为kni_entry.c,kni_comm.c,kni_connect.c,kni_repair.c;
2018-08-22 14:50:00 +08:00
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
#include <unistd.h>
#include <arpa/inet.h>
#include "stream.h"
#include "MESA_prof_load.h"
#include "MESA_handle_logger.h"
#include "field_stat2.h"
#include "kni_entry.h"
#include "kni_comm.h"
亦庄测试版本
2018-09-18 17:13:28 +08:00
const char *g_kni_fs2_name[FS2_COLUMN_NUM] ={"RECV_PKTS","WRITE_PKTS","READ_PKTS","SEND_PKTS","BMD_IP","BMD_DOMAIN","HTTP_PKTS","SSL_PKTS","DROP_PKTS","CLIENT_HELLO","SSL_SNI"};
kni.c代码2000+行,分解为kni_entry.c,kni_comm.c,kni_connect.c,kni_repair.c;
2018-08-22 14:50:00 +08:00
int kni_log_info_v4(char* module,struct stream_tuple4_v4* addr,unsigned short protocol,char* domain,char* scan_result,char* action)
{
unsigned short sport=0;
unsigned short dport=0;
char saddr_v4[INET_ADDRSTRLEN]={0};
char daddr_v4[INET_ADDRSTRLEN]={0};
sport=ntohs(addr->source);
dport=ntohs(addr->dest);
inet_ntop(AF_INET, (void *)&(addr->saddr), saddr_v4, INET_ADDRSTRLEN);
inet_ntop(AF_INET, (void *)&(addr->daddr), daddr_v4, INET_ADDRSTRLEN);
if(protocol==KNI_FLAG_HTTP)
{
MESA_handle_runtime_log(g_kni_comminfo.logger,RLOG_LV_INFO,module,"addr:%s,%d,%s,%d,%s,domain:%s,%s,%s",saddr_v4,sport,daddr_v4,dport,"HTTP",domain,scan_result,action);
}
else if(protocol==KNI_FLAG_SSL)
{
MESA_handle_runtime_log(g_kni_comminfo.logger,RLOG_LV_INFO,module,"addr:%s,%d,%s,%d,%s,domain:%s,%s,%s",saddr_v4,sport,daddr_v4,dport,"SSL",domain+5,scan_result,action);
}
else
{
MESA_handle_runtime_log(g_kni_comminfo.logger,RLOG_LV_INFO,module,"addr:%s,%d,%s,%d,domain:%s,%s,%s",saddr_v4,sport,daddr_v4,dport,domain,scan_result,action);
}
return 0;
}
int kni_log_debug_v4(int level,char* module,struct ip* a_packet,char* content)
{
struct tcphdr* tcphdr=(struct tcphdr*)((char*)a_packet+4*(a_packet->ip_hl));
unsigned short sport=0;
unsigned short dport=0;
char saddr_v4[INET_ADDRSTRLEN]={0};
char daddr_v4[INET_ADDRSTRLEN]={0};
sport=ntohs(tcphdr->source);
dport=ntohs(tcphdr->dest);
inet_ntop(AF_INET, (void *)&((a_packet->ip_src).s_addr), saddr_v4, INET_ADDRSTRLEN);
inet_ntop(AF_INET, (void *)&((a_packet->ip_dst).s_addr), daddr_v4, INET_ADDRSTRLEN);
MESA_handle_runtime_log(g_kni_comminfo.logger,level,module,"addr:%s,%d,%s,%d %s",saddr_v4,sport,daddr_v4,dport,content);
return 0;
}
/****************************************************************************
if(sport<dport) server=s
else if((sport==dport)&&(sip<dip)) server=s
else server=d
****************************************************************************/
int kni_get_ipaddr_v4(void* a_packet,struct stream_tuple4_v4* ipaddr)
{
int reverse_flag=0;
unsigned short sport=0;
unsigned short dport =0;
struct ip* iphdr=(struct ip*)a_packet;
struct tcphdr* tcphdr=NULL;
iphdr=(struct ip*)a_packet;
tcphdr=(struct tcphdr*)((char*)iphdr+4*(iphdr->ip_hl));
sport=ntohs(tcphdr->source);
dport=ntohs(tcphdr->dest);
if((sport<dport)||((sport==dport)&&(ntohl((iphdr->ip_src).s_addr)<ntohl((iphdr->ip_dst).s_addr))))
{
reverse_flag=1;
}
if(reverse_flag==1)
{
ipaddr->saddr=(iphdr->ip_dst).s_addr;
ipaddr->daddr=(iphdr->ip_src).s_addr;
ipaddr->source=tcphdr->dest;
ipaddr->dest=tcphdr->source;
}
else
{
ipaddr->saddr=(iphdr->ip_src).s_addr;
ipaddr->daddr=(iphdr->ip_dst).s_addr;
ipaddr->source=tcphdr->source;
ipaddr->dest=tcphdr->dest;
}
return reverse_flag;
}
/****************************************************************************
if(sport<dport) server=s
else if((sport==dport)&&(sip<dip)) server=s
else server=d
****************************************************************************/
int kni_get_ipaddr_v6(void* a_packet,struct stream_tuple4_v6* ipaddr)
{
int reverse_flag=0;
unsigned short sport=0;
unsigned short dport =0;
struct kni_ipv6_hdr* ipv6_hdr=(struct kni_ipv6_hdr*)a_packet;
struct tcphdr* tcphdr=(struct tcphdr*)(unsigned char*)a_packet+sizeof(struct kni_ipv6_hdr);
sport=ntohs(tcphdr->source);
dport=ntohs(tcphdr->dest);
if(sport<dport)
{
reverse_flag=1;
}
if(reverse_flag==1)
{
memcpy(ipaddr->saddr,ipv6_hdr->ip6_dst.s6_addr32,IPV6_ADDR_LEN);
memcpy(ipaddr->daddr,ipv6_hdr->ip6_src.s6_addr32,IPV6_ADDR_LEN);
ipaddr->source=tcphdr->dest;
ipaddr->dest=tcphdr->source;
}
else
{
memcpy(ipaddr->saddr,ipv6_hdr->ip6_src.s6_addr32,IPV6_ADDR_LEN);
memcpy(ipaddr->daddr,ipv6_hdr->ip6_dst.s6_addr32,IPV6_ADDR_LEN);
ipaddr->source=tcphdr->source;
ipaddr->dest=tcphdr->dest;
}
return reverse_flag;
}
int kni_get_tcpinfo(struct kni_wndpro_reply_info* lastpkt_info,struct kni_tcp_hdr* tcphdr,int tcplen,struct ip* ip_hdr)
{
lastpkt_info->seq=ntohl(tcphdr->th_seq);
lastpkt_info->ack=ntohl(tcphdr->th_ack);
lastpkt_info->ipid=ntohs(ip_hdr->ip_id);
lastpkt_info->ttl=ip_hdr->ip_ttl;
lastpkt_info->len=tcplen;
lastpkt_info->wndsize=ntohs(tcphdr->th_win);
if(tcphdr->th_flags&TH_SYN)
{
lastpkt_info->syn_flag=1;
}
return 0;
}
int kni_get_tcpopt(struct kni_tcp_hdr* tcphdr,int tcp_hdr_len,unsigned short* mss,unsigned char* winscale,unsigned char* scak,unsigned char* timestamps)
{
*mss=KNI_DEFAULT_MSS;
*winscale=KNI_DEFAULT_WINSCLE;
int remain_len=tcp_hdr_len;
struct kni_tcp_opt_format* tcp_opt=NULL;
if((tcp_hdr_len<=20)||(tcp_hdr_len>64))
{
return 0;
}
tcp_opt=(struct kni_tcp_opt_format*)((char*)tcphdr+TCPHDR_DEFAULT_LEN);
remain_len-=TCPHDR_DEFAULT_LEN;
while(remain_len)
{
if(tcp_opt->type==KNI_TCPOPT_MSS) //MSS
{
remain_len-=tcp_opt->len;
*mss=htons(*(unsigned short*)(tcp_opt->content));
tcp_opt=(struct kni_tcp_opt_format*)((char*)tcp_opt+tcp_opt->len);
continue;
}
else if(tcp_opt->type==KNI_TCPOPT_WINSCALE) //winscale
{
remain_len-=tcp_opt->len;
*winscale=*(unsigned char*)(tcp_opt->content);
tcp_opt=(struct kni_tcp_opt_format*)((char*)tcp_opt+tcp_opt->len);
continue;
}
else if(tcp_opt->type==KNI_TCPOPT_SACKOK) //scak
{
remain_len-=tcp_opt->len;
*scak=1;
tcp_opt=(struct kni_tcp_opt_format*)((char*)tcp_opt+tcp_opt->len);
continue;
}
else if(tcp_opt->type==KNI_TCPOPT_TIMESTAMP) //timestamp
{
remain_len-=tcp_opt->len;
*timestamps=1;
tcp_opt=(struct kni_tcp_opt_format*)((char*)tcp_opt+tcp_opt->len);
continue;
}
else if((tcp_opt->type==0)||(tcp_opt->type==1))
{
remain_len-=1;
tcp_opt=(struct kni_tcp_opt_format*)((char*)tcp_opt+1);
continue;
}
else
{
remain_len-=tcp_opt->len;
tcp_opt=(struct kni_tcp_opt_format*)((char*)tcp_opt+tcp_opt->len);
continue;
}
}
return 0;
}
char* kni_get_data(const struct streaminfo* pstream,int* datalen)
{
char* data=NULL;
if(pstream->type==STREAM_TYPE_TCP)
{
data=(char*)(pstream->ptcpdetail->pdata);
*datalen=pstream->ptcpdetail->datalen;
}
else if(pstream->type==STREAM_TYPE_UDP)
{
data=(char*)(pstream->pudpdetail->pdata);
*datalen=pstream->pudpdetail->datalen;
}
else
{
data=NULL;
*datalen=0;
}
return data;
}
int kni_filestate2_set(int thread_seq,int colum_index,int bytes,int pktnum)
{
g_kni_fs2_info.column_value_pkt[thread_seq][colum_index]+=pktnum;
g_kni_fs2_info.column_value_bytes[thread_seq][colum_index]+=bytes;
return 0;
}
int kni_filestate2_init()
{
int i=0;
// int j=0;
int value=1;
unsigned int fs2_sport=0;
char fs2_filename[KNI_MAX_BUFLEN]={0};
char fs2_sip[KNI_MAX_BUFLEN]={0};
MESA_load_profile_string_def((char*)KNI_CONF_FILENAME,(char*)KNI_CONF_MODE,(char*)"filestat2_filename",fs2_filename,KNI_MAX_BUFLEN,(char*)"./log/kni_fs2.log");
MESA_load_profile_string_def((char*)KNI_CONF_FILENAME,(char*)KNI_CONF_MODE,(char*)"filestat2_sip",fs2_sip,KNI_MAX_BUFLEN,(char*)"0.0.0.0");
MESA_load_profile_uint_def((char*)KNI_CONF_FILENAME,(char*)KNI_CONF_MODE,(char*)"filestat2_sport",(unsigned int*)&fs2_sport,0);
g_kni_fs2_info.handler=FS_create_handle();
FS_set_para(g_kni_fs2_info.handler, OUTPUT_DEVICE,fs2_filename, strlen(fs2_filename)+1);
FS_set_para(g_kni_fs2_info.handler, PRINT_MODE, &value, sizeof(value));
FS_set_para(g_kni_fs2_info.handler, STAT_CYCLE, &value, sizeof(value));
FS_set_para(g_kni_fs2_info.handler, CREATE_THREAD, &value, sizeof(value));
FS_set_para(g_kni_fs2_info.handler, APP_NAME, FS2_APPNAME, strlen(FS2_APPNAME)+1);
if(fs2_sport!=0)
{
FS_set_para(g_kni_fs2_info.handler, STATS_SERVER_IP, fs2_sip, strlen(fs2_sip)+1);
FS_set_para(g_kni_fs2_info.handler, STATS_SERVER_PORT,&fs2_sport,sizeof(int));
}
for(i=0;i<FS2_COLUMN_NUM;i++)
{
g_kni_fs2_info.column_id[i]=FS_register(g_kni_fs2_info.handler, FS_STYLE_FIELD, FS_CALC_CURRENT,g_kni_fs2_name[i]);
}
FS_start(g_kni_fs2_info.handler);
return 0;
}
void* kni_filestat2(void* arg)
{
int i=0;
int j=0;
unsigned long long column_value[FS2_COLUMN_NUM];
kni_filestate2_init();
while(1)
{
for(i=0;i<FS2_COLUMN_NUM;i++)
{
column_value[i]=0;
for(j=0;j<g_iThreadNum;j++)
{
column_value[i]+=g_kni_fs2_info.column_value_pkt[j][i];
}
FS_operate(g_kni_fs2_info.handler,g_kni_fs2_info.column_id[i], 0,FS_OP_SET,column_value[i]);
}
sleep(1);
}
return NULL;
}
Reference in New Issue Copy Permalink