tango-kni/kni.h

#ifndef KNI_PROCESS_H
#define KNI_PROCESS_H

#ifndef TH_FIN
#define TH_FIN	0x01
#endif

#ifndef TH_SYN
#define TH_SYN	0x02
#endif

#ifndef TH_RST
#define TH_RST	0x04
#endif

#ifndef TH_PUSH
#define TH_PUSH	0x08
#endif

#ifndef TH_ACK
#define TH_ACK	0x10
#endif

#ifndef TH_URG
#define TH_URG	0x20
#endif

#ifndef TCP_REPAIR_WINDOW
#define TCP_REPAIR_WINDOW       29
#endif

struct tcp_repair_window {
        __u32   snd_wl1;
        __u32   snd_wnd;
        __u32   max_window;

        __u32   rcv_wnd;
        __u32   rcv_wup;
};


//#define KNI_DEBUG_SWITCH	0


#define TCPHDR_DEFAULT_LEN	20


#define KNITEST_ETH_LEN		14


#define LOCAL_IP_ADDR   "192.168.100.1"

#define KNI_MAX_BUFLEN		1500		

#define KNI_MAX_PORT		65535

#define PKT_TYPE_REVERSE		1


#define KNI_FDS_INDEX_CLIENT			0
#define KNI_FDS_INDEX_SERVER			1


#define KNI_MAX_THREADNUM			64

#define KNI_ETHER_LEN				14

//runtime log
#define KNI_MODULE_INIT			"kni_init"
#define KNI_MODULE_READTUN		"kni_read_tun"
#define KNI_MODULE_SENDPKT		"kni_sendpkt"
#define KNI_MODULE_WRITETUN		"kni_write_tun"
#define KNI_MODULE_IPENTRY		"kni_process"
#define KNI_MODULE_DEBUG		"kni_debug"
#define KNI_MODULE_SENDFD		"send_fds"
#define KNI_ACTION_EXIT			"exit..."

//init profile info
#define KNI_CONF_MAXLEN			1024
#define KNI_CONF_FILENAME		"./kniconf/kni.conf"
#define KNI_CONF_MODE			"MOUDLE"


//maat
#define PROTO_TYPE_TCP				6
#define PROTO_TYPE_UDP				17

#define KNI_DEFAULT_MSS				1460
#define KNI_DEFAULT_WINSCLE			0


#define KNI_MAX_CFGNUM				50
#define KNI_TABLENAME_IPBMD			"IP_BMD"
#define KNI_TABLENAME_AREA			"USER_AREA"
#define KNI_TABLENAME_SNIBMD		"SNI_BMD"

#define KNI_MAATJSON_FILEPATH		"./kniconf/maat_test.json"
#define KNI_TABLEINFO_PATH			"./kniconf/maat_table_info.conf"
#define KNI_FULLCFG_FILEPATH		"/home/config/full/index"
#define KNI_INCCFG_FILEPATH			"/home/config/inc/index"

//lqueue info
#define KNI_THREAD_SAFE			1
#define KNI_USLEEP_TIME			10
#define KNI_LQUEUE_MAXNUM		100000	


//htable_info
#define KNI_HTABLE_SIZE			1024*1024
#define KNI_HTABLE_MAXNUM		100000
#define KNI_HTABLE_EXPIRE_TIME	60*60*24


//pkt_stat flag
#define STAT_FLAG_NONE			0
#define STAT_FLAG_IPBMD			1
#define STAT_FLAG_OUTUSER		2
#define STAT_FLAG_SNIBMD		3
#define STAT_FLAG_NOTSSL		4
#define STAT_FLAG_SSL_NOBMD			5

//ssl info
#define KNI_SSL_PORT					443
#define KNI_SNI_MAXLEN					65535	

#define SSL_HEADER_LEN					5
#define SSL_CONTENTTYPE_HANDSHAKE		0x16
#define SSL_VERSION_TLS1_0				0x0301
#define SSL_VERSION_TLS1_1				0x0302
#define SSL_VERSION_TLS1_2				0x0303

#define SSL_BODY_LEN					4
#define SSL_HANDSHAR_TYPE_CLIENTHELLO	0x01

#define SSL_EXTENSION_TYPE_SNI			0x0

#define KNI_MACADDR_LEN					6


#define KNI_TCPREPAIR_OPT_NUM			4
#define KNI_QUEUE_NUM					2
#define KNI_INDEX_SRC					0
#define KNI_INDEX_DST					1

struct kni_state_info 
{
	char *addr;
	unsigned int port;
	unsigned int seq;
	unsigned short mss_clamp;
	unsigned short wscale;
};

struct kni_tcp_state
{
	unsigned int src_ip;
	unsigned int dst_ip;
	unsigned short sport;
	unsigned short dport;
	unsigned int seq;
	unsigned int ack;
	unsigned short win;
	unsigned short mss_src;
	unsigned short mss_dst;
	unsigned short wscale_src;
	unsigned short wscale_dst;
};


#define KNI_DIR_DOUBLE		2
#define KNI_DIR_C2S			0
#define KNI_DIR_S2C			1

//htable_data_info
struct datainfo_to_tun
{
	int pktnum;
	int state_flag;											
	int route_dir;
//test
	unsigned char ttl[KNI_DIR_DOUBLE];				//host order
	unsigned short ipid[KNI_DIR_DOUBLE];			//host order
	int pro_reply[KNI_DIR_DOUBLE];					
	unsigned int seq[KNI_DIR_DOUBLE];				//host order
	unsigned int ack[KNI_DIR_DOUBLE];				//host order
	unsigned int len[KNI_DIR_DOUBLE];				//host order
//end
	unsigned short win;								//host order
	unsigned short mss[KNI_QUEUE_NUM];				//host order
	unsigned short wnscal[KNI_QUEUE_NUM];			//host order
	unsigned char smac[KNI_MACADDR_LEN];
	unsigned char dmac[KNI_MACADDR_LEN];
};

struct args_read_tun
{
	int thread_seq;
	int iprevers;								//in
	int iplen;									//in
	char* a_packet;								//in
	unsigned char smac[KNI_MACADDR_LEN];		//out
	unsigned char dmac[KNI_MACADDR_LEN];		//ouit
};

struct args_to_tun
{
	void* a_packet;							//[IN] set fs's tcp_state 
	char* tcpdata;							//[IN] judge ssl and get sni
	int tcpdata_len;						//[IN] judge ssl and get sni
	int thread_seq;							//[IN] arg
	int routdir;							//[IN] add datainfo
	int iprevers;
};

struct datainfo_to_tun_v6
{
	int state_flag;											
};


struct datainfo_to_io_v4
{
	unsigned short	real_port;				
	unsigned int 	real_ip;				
};


//global variable
//comm
struct kni_var_comm
{
	int fd_domain;
	int thread_num;
	unsigned int local_ip;
	int* fd_tun;
	void* logger;
//test
	int* ipv4_fd;
};

//htable and lqueue
struct kni_var_struct
{
	MESA_htable_handle htable_to_tun_v4;
	MESA_htable_handle htable_to_tun_v6;
	MESA_htable_handle htable_to_io_v6;
	MESA_lqueue_head* lqueue_to_tun;
};

//maat
struct kni_var_maat
{
	Maat_feather_t maat_feather;
	short tableid_ipbmd;
	short tableid_area;
	short tableid_snibmd;
};


struct kni_ipv6_hdr
{
	unsigned char ip6_flags[4];
	unsigned int ip6_payload_len;
	unsigned char ip6_nex_hdr;
	unsigned char ip6_hop;
	struct in6_addr ip6_src;
	struct in6_addr ip6_dst;
};

struct kni_tcp_hdr
{
	unsigned short th_sport;
	unsigned short th_dport;
	unsigned int th_seq;
	unsigned int th_ack;
#  if __BYTE_ORDER == __LITTLE_ENDIAN
	unsigned char th_x2:4,
			th_off:4;
#  elif __BYTE_ORDER == __BIG_ENDIAN
	unsigned char th_off:4,
			th_x2:4;
#  else
#   error "Adjust your <bits/endian.h> defines"
#  endif
	unsigned char th_flags;
	unsigned short th_win;
	unsigned short thsum;
	unsigned short th_urp;
};

struct kni_tcp_opt
{
	char type;
	char len;
	char content[32];
};


#endif
初版，可以与TFE进行数据交互。 2018-06-19 11:47:26 +08:00			`#ifndef KNI_PROCESS_H`
			`#define KNI_PROCESS_H`

			`#ifndef TH_FIN`
			`#define TH_FIN 0x01`
			`#endif`

			`#ifndef TH_SYN`
			`#define TH_SYN 0x02`
			`#endif`

			`#ifndef TH_RST`
			`#define TH_RST 0x04`
			`#endif`

			`#ifndef TH_PUSH`
			`#define TH_PUSH 0x08`
			`#endif`

			`#ifndef TH_ACK`
			`#define TH_ACK 0x10`
			`#endif`

			`#ifndef TH_URG`
			`#define TH_URG 0x20`
			`#endif`

使用TCPREPAIR替换FORGESOCKET版本，数据可以联通，代码待整理 2018-07-09 11:03:00 +08:00			`#ifndef TCP_REPAIR_WINDOW`
			`#define TCP_REPAIR_WINDOW 29`
			`#endif`

			`struct tcp_repair_window {`
			`__u32 snd_wl1;`
			`__u32 snd_wnd;`
			`__u32 max_window;`

			`__u32 rcv_wnd;`
			`__u32 rcv_wup;`
			`};`


			`//#define KNI_DEBUG_SWITCH 0`


初版，可以与TFE进行数据交互。 2018-06-19 11:47:26 +08:00			`#define TCPHDR_DEFAULT_LEN 20`




			`#define KNITEST_ETH_LEN 14`



			`#define LOCAL_IP_ADDR "192.168.100.1"`

使用TCPREPAIR替换FORGESOCKET版本，数据可以联通，代码待整理 2018-07-09 11:03:00 +08:00			`#define KNI_MAX_BUFLEN 1500`
初版，可以与TFE进行数据交互。 2018-06-19 11:47:26 +08:00
			`#define KNI_MAX_PORT 65535`

			`#define PKT_TYPE_REVERSE 1`


			`#define KNI_FDS_INDEX_CLIENT 0`
			`#define KNI_FDS_INDEX_SERVER 1`


			`#define KNI_MAX_THREADNUM 64`

			`#define KNI_ETHER_LEN 14`

			`//runtime log`
			`#define KNI_MODULE_INIT "kni_init"`
			`#define KNI_MODULE_READTUN "kni_read_tun"`
			`#define KNI_MODULE_SENDPKT "kni_sendpkt"`
			`#define KNI_MODULE_WRITETUN "kni_write_tun"`
			`#define KNI_MODULE_IPENTRY "kni_process"`
			`#define KNI_MODULE_DEBUG "kni_debug"`
			`#define KNI_MODULE_SENDFD "send_fds"`
			`#define KNI_ACTION_EXIT "exit..."`

			`//init profile info`
			`#define KNI_CONF_MAXLEN 1024`
			`#define KNI_CONF_FILENAME "./kniconf/kni.conf"`
			`#define KNI_CONF_MODE "MOUDLE"`


			`//maat`
			`#define PROTO_TYPE_TCP 6`
			`#define PROTO_TYPE_UDP 17`

			`#define KNI_DEFAULT_MSS 1460`
使用TCPREPAIR替换FORGESOCKET版本，数据可以联通，代码待整理 2018-07-09 11:03:00 +08:00			`#define KNI_DEFAULT_WINSCLE 0`
初版，可以与TFE进行数据交互。 2018-06-19 11:47:26 +08:00

			`#define KNI_MAX_CFGNUM 50`
			`#define KNI_TABLENAME_IPBMD "IP_BMD"`
			`#define KNI_TABLENAME_AREA "USER_AREA"`
			`#define KNI_TABLENAME_SNIBMD "SNI_BMD"`

			`#define KNI_MAATJSON_FILEPATH "./kniconf/maat_test.json"`
			`#define KNI_TABLEINFO_PATH "./kniconf/maat_table_info.conf"`
			`#define KNI_FULLCFG_FILEPATH "/home/config/full/index"`
			`#define KNI_INCCFG_FILEPATH "/home/config/inc/index"`

			`//lqueue info`
			`#define KNI_THREAD_SAFE 1`
			`#define KNI_USLEEP_TIME 10`
			`#define KNI_LQUEUE_MAXNUM 100000`


			`//htable_info`
			`#define KNI_HTABLE_SIZE 1024*1024`
			`#define KNI_HTABLE_MAXNUM 100000`
			`#define KNI_HTABLE_EXPIRE_TIME 606024`


			`//pkt_stat flag`
			`#define STAT_FLAG_NONE 0`
			`#define STAT_FLAG_IPBMD 1`
			`#define STAT_FLAG_OUTUSER 2`
			`#define STAT_FLAG_SNIBMD 3`
			`#define STAT_FLAG_NOTSSL 4`
			`#define STAT_FLAG_SSL_NOBMD 5`

			`//ssl info`
			`#define KNI_SSL_PORT 443`
			`#define KNI_SNI_MAXLEN 65535`

			`#define SSL_HEADER_LEN 5`
			`#define SSL_CONTENTTYPE_HANDSHAKE 0x16`
			`#define SSL_VERSION_TLS1_0 0x0301`
			`#define SSL_VERSION_TLS1_1 0x0302`
			`#define SSL_VERSION_TLS1_2 0x0303`

			`#define SSL_BODY_LEN 4`
			`#define SSL_HANDSHAR_TYPE_CLIENTHELLO 0x01`

			`#define SSL_EXTENSION_TYPE_SNI 0x0`

			`#define KNI_MACADDR_LEN 6`

使用TCPREPAIR替换FORGESOCKET版本，数据可以联通，代码待整理 2018-07-09 11:03:00 +08:00
			`#define KNI_TCPREPAIR_OPT_NUM 4`
			`#define KNI_QUEUE_NUM 2`
			`#define KNI_INDEX_SRC 0`
			`#define KNI_INDEX_DST 1`

			`struct kni_state_info`
			`{`
			`char *addr;`
			`unsigned int port;`
			`unsigned int seq;`
			`unsigned short mss_clamp;`
			`unsigned short wscale;`
			`};`

			`struct kni_tcp_state`
			`{`
			`unsigned int src_ip;`
			`unsigned int dst_ip;`
			`unsigned short sport;`
			`unsigned short dport;`
			`unsigned int seq;`
			`unsigned int ack;`
			`unsigned short win;`
			`unsigned short mss_src;`
			`unsigned short mss_dst;`
			`unsigned short wscale_src;`
			`unsigned short wscale_dst;`
			`};`


			`#define KNI_DIR_DOUBLE 2`
			`#define KNI_DIR_C2S 0`
			`#define KNI_DIR_S2C 1`

初版，可以与TFE进行数据交互。 2018-06-19 11:47:26 +08:00			`//htable_data_info`
			`struct datainfo_to_tun`
			`{`
使用TCPREPAIR替换FORGESOCKET版本，数据可以联通，代码待整理 2018-07-09 11:03:00 +08:00			`int pktnum;`
初版，可以与TFE进行数据交互。 2018-06-19 11:47:26 +08:00			`int state_flag;`
			`int route_dir;`
使用TCPREPAIR替换FORGESOCKET版本，数据可以联通，代码待整理 2018-07-09 11:03:00 +08:00			`//test`
			`unsigned char ttl[KNI_DIR_DOUBLE]; //host order`
			`unsigned short ipid[KNI_DIR_DOUBLE]; //host order`
			`int pro_reply[KNI_DIR_DOUBLE];`
			`unsigned int seq[KNI_DIR_DOUBLE]; //host order`
			`unsigned int ack[KNI_DIR_DOUBLE]; //host order`
			`unsigned int len[KNI_DIR_DOUBLE]; //host order`
			`//end`
			`unsigned short win; //host order`
			`unsigned short mss[KNI_QUEUE_NUM]; //host order`
			`unsigned short wnscal[KNI_QUEUE_NUM]; //host order`
初版，可以与TFE进行数据交互。 2018-06-19 11:47:26 +08:00			`unsigned char smac[KNI_MACADDR_LEN];`
			`unsigned char dmac[KNI_MACADDR_LEN];`
			`};`

使用TCPREPAIR替换FORGESOCKET版本，数据可以联通，代码待整理 2018-07-09 11:03:00 +08:00			`struct args_read_tun`
			`{`
			`int thread_seq;`
			`int iprevers; //in`
			`int iplen; //in`
			`char* a_packet; //in`
			`unsigned char smac[KNI_MACADDR_LEN]; //out`
			`unsigned char dmac[KNI_MACADDR_LEN]; //ouit`
			`};`

初版，可以与TFE进行数据交互。 2018-06-19 11:47:26 +08:00			`struct args_to_tun`
			`{`
			`void* a_packet; //[IN] set fs's tcp_state`
			`char* tcpdata; //[IN] judge ssl and get sni`
			`int tcpdata_len; //[IN] judge ssl and get sni`
			`int thread_seq; //[IN] arg`
			`int routdir; //[IN] add datainfo`
			`int iprevers;`
			`};`

			`struct datainfo_to_tun_v6`
			`{`
			`int state_flag;`
			`};`


			`struct datainfo_to_io_v4`
			`{`
			`unsigned short real_port;`
			`unsigned int real_ip;`
			`};`


			`//global variable`
			`//comm`
			`struct kni_var_comm`
			`{`
			`int fd_domain;`
			`int thread_num;`
			`unsigned int local_ip;`
			`int* fd_tun;`
			`void* logger;`
			`//test`
			`int* ipv4_fd;`
			`};`

			`//htable and lqueue`
			`struct kni_var_struct`
			`{`
			`MESA_htable_handle htable_to_tun_v4;`
			`MESA_htable_handle htable_to_tun_v6;`
			`MESA_htable_handle htable_to_io_v6;`
			`MESA_lqueue_head* lqueue_to_tun;`
			`};`

			`//maat`
			`struct kni_var_maat`
			`{`
			`Maat_feather_t maat_feather;`
			`short tableid_ipbmd;`
			`short tableid_area;`
			`short tableid_snibmd;`
			`};`


			`struct kni_ipv6_hdr`
			`{`
			`unsigned char ip6_flags[4];`
			`unsigned int ip6_payload_len;`
			`unsigned char ip6_nex_hdr;`
			`unsigned char ip6_hop;`
			`struct in6_addr ip6_src;`
			`struct in6_addr ip6_dst;`
			`};`

			`struct kni_tcp_hdr`
			`{`
			`unsigned short th_sport;`
			`unsigned short th_dport;`
			`unsigned int th_seq;`
			`unsigned int th_ack;`
			`# if __BYTE_ORDER == __LITTLE_ENDIAN`
			`unsigned char th_x2:4,`
			`th_off:4;`
			`# elif __BYTE_ORDER == __BIG_ENDIAN`
			`unsigned char th_off:4,`
			`th_x2:4;`
			`# else`
			`# error "Adjust your <bits/endian.h> defines"`
			`# endif`
			`unsigned char th_flags;`
			`unsigned short th_win;`
			`unsigned short thsum;`
			`unsigned short th_urp;`
			`};`

			`struct kni_tcp_opt`
			`{`
			`char type;`
			`char len;`
			`char content[32];`
			`};`


			`#endif`