gfwleak/tango-kni
Archived
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

1、删除tsg 相关头文件 2、增加cmsg 相关日志

Browse Source
This commit is contained in:
fumingwei
2020-08-25 14:27:34 +08:00
parent dca9c67275
commit 0ef75857d5
10 changed files with 86 additions and 301 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
entry/include/kni_entry.h
View File

@@ -4,9 +4,9 @@
#include "tsg/tsg_rule.h"
#include "kni_utils.h"
#include "tsg/tsg_statistic.h"
#include <tsg/tsg_statistic.h>
#include "tfe_mgr.h"
#include "tsg/tsg_label.h"
#include <tsg/tsg_label.h>
#define BURST_MAX 1
#define CALLER_SAPP 0

60
entry/include/tsg/tsg_label.h
View File

@@ -1,60 +0,0 @@
#ifndef __TSG_LABEL_H__
#define __TSG_LABEL_H__
#include "tsg_rule.h"
#define MAX_STR_FIELD_LEN 64
struct _asn_info_t
{
int ref_cnt;
int addr_type;
int table_id;
char start_ip[MAX_STR_FIELD_LEN];
char end_ip[MAX_STR_FIELD_LEN];
char asn[MAX_STR_FIELD_LEN];
char organization[MAX_STR_FIELD_LEN*4];
};
struct _location_info_t
{
int geoname_id;
int table_id;
int ref_cnt;
int addr_type;
double latitude;
double longitude;
double coords;
char start_ip[MAX_STR_FIELD_LEN];
char end_ip[MAX_STR_FIELD_LEN];
char language[MAX_STR_FIELD_LEN];
char continent_abbr[MAX_STR_FIELD_LEN*4];
char continent_full[MAX_STR_FIELD_LEN*4];
char country_abbr[MAX_STR_FIELD_LEN*4];
char country_full[MAX_STR_FIELD_LEN*4];
char province_abbr[MAX_STR_FIELD_LEN*4];
char province_full[MAX_STR_FIELD_LEN*4];
char city_full[MAX_STR_FIELD_LEN*4];
char time_zone[MAX_STR_FIELD_LEN*4];
};
struct _subscribe_id_info_t
{
int ref_cnt;
int table_id;
char subscribe_id[MAX_STR_FIELD_LEN*4];
};
struct _session_attribute_label_t
{
tsg_protocol_t proto;
long establish_latency_ms;
struct _asn_info_t *client_asn;
struct _asn_info_t *server_asn;
struct _location_info_t *client_location;
struct _location_info_t *server_location;
struct _subscribe_id_info_t *client_subscribe_id;
struct _subscribe_id_info_t *server_subscribe_id;
};
#endif

83
entry/include/tsg/tsg_rule.h
View File

@@ -1,83 +0,0 @@
#ifndef __TSG_RULE_H__
#define __TSG_RULE_H__
#include <MESA/Maat_rule.h>
#define TSG_ACTION_NONE 0x00
#define TSG_ACTION_MONITOR 0x01
#define TSG_ACTION_INTERCEPT 0x02
#define TSG_ACTION_DENY 0x10
#define TSG_ACTION_MANIPULATE 0x30
#define TSG_ACTION_BYPASS 0x80
#define TSG_ACTION_MAX 0x80
enum TSG_ETHOD_TYPE
{
TSG_METHOD_TYPE_UNKNOWN=0,
TSG_METHOD_TYPE_DROP,
TSG_METHOD_TYPE_REDIRECTION,
TSG_METHOD_TYPE_BLOCK,
TSG_METHOD_TYPE_RESET,
TSG_METHOD_TYPE_MAX
};
typedef enum _tsg_protocol
{
PROTO_UNKONWN=0,
PROTO_IPv4=1,
PROTO_IPv6,
PROTO_TCP,
PROTO_UDP,
PROTO_HTTP,
PROTO_MAIL,
PROTO_DNS,
PROTO_FTP,
PROTO_SSL,
PROTO_SIP,
PROTO_BGP,
PROTO_STREAMING_MEDIA,
PROTO_SSH,
PROTO_MAX
}tsg_protocol_t;
#define MAX_RESULT_NUM 8
#define MAX_DOAMIN_LEN 2048
struct _identify_info
{
tsg_protocol_t proto; //enum _tsg_protocol (tsg_types.h)
int domain_len;
char domain[MAX_DOAMIN_LEN];
};
typedef enum _PULL_RESULT_TYPE
{
PULL_KNI_RESULT,
PULL_FW_RESULT
}PULL_RESULT_TYPE;
#define TSG_DOMAIN_MAX 256
extern Maat_feather_t g_tsg_maat_feather;
int tsg_rule_init(const char *conffile, void *logger);
int tsg_scan_nesting_addr(Maat_feather_t maat_feather, const struct streaminfo *a_stream, tsg_protocol_t proto, scan_status_t *mid, Maat_rule_t*result, int result_num);
//return 0 if failed, return >0 on success;
int tsg_pull_policy_result(struct streaminfo *a_stream, PULL_RESULT_TYPE pull_result_type, Maat_rule_t *result, int result_num, struct _identify_info *identify_info);
//return -1 if failed, return 0 on success;
int tsg_shared_table_init(const char *conffile, Maat_feather_t maat_feather, void *logger);
//return value: -1: failed, 0: not hit, >0: hit count
int tsg_scan_shared_policy(Maat_feather_t maat_feather, void *pkt, int pkt_len, Maat_rule_t *result, int result_num, struct _identify_info *identify_info, scan_status_t *mid, void *logger, int thread_seq);
//return NULL if none exists, otherwise return one deny rule;
struct Maat_rule_t *tsg_fetch_deny_rule(Maat_rule_t *result, int result_num);
int tsg_get_method_id(char *method);
#endif

39
entry/include/tsg/tsg_send_log.h
View File

@@ -1,39 +0,0 @@
#ifndef __TSG_SEND_LOG_H__
#define __TSG_SEND_LOG_H__
#include <MESA/Maat_rule.h>
typedef struct _tsg_log
{
int result_num;
Maat_rule_t *result;
struct streaminfo *a_stream;
}tsg_log_t;
typedef enum _tld_type
{
TLD_TYPE_UNKNOWN=0,
TLD_TYPE_LONG=1,
TLD_TYPE_STRING,
TLD_TYPE_FILE,
TLD_TYPE_MAX
}TLD_TYPE;
struct TLD_handle_t;
struct tsg_log_instance_t;
extern struct tsg_log_instance_t *g_tsg_log_instance;
struct TLD_handle_t *TLD_create(int thread_id);
int TLD_append(struct TLD_handle_t *handle, char *key, void *value, TLD_TYPE type);
int TLD_append_streaminfo(struct tsg_log_instance_t *instance, struct TLD_handle_t *handle, struct streaminfo *a_stream);
int TLD_cancel(struct TLD_handle_t *handle);
int tsg_send_log(struct tsg_log_instance_t *instance, struct TLD_handle_t *handle, tsg_log_t *log_msg, int thread_id);
unsigned long long tsg_get_stream_id(struct streaminfo *a_stream);
#endif

27
entry/include/tsg/tsg_statistic.h
View File

@@ -1,27 +0,0 @@
#ifndef __TSG_STATISTIC_H__
#define __TSG_STATISTIC_H__
enum _STATISTIC_OPT_TYPE
{
OPT_TYPE_ALERT_BYTES,
OPT_TYPE_BLOCK_BYTES,
OPT_TYPE_PINNING_YES,
OPT_TYPE_PINNING_MAYBE,
OPT_TYPE_PINNING_NOT,
_OPT_TYPE_MAX
};
struct _traffic_info
{
long long con_num;
long long in_bytes;
long long out_bytes;
long long in_packets;
long long out_packets;
};
int tsg_set_policy_flow(struct streaminfo *a_stream, Maat_rule_t *p_result, int thread_seq);
int tsg_set_intercept_flow(Maat_rule_t *p_result, struct _traffic_info *traffic_info, int thread_seq);
int tsg_set_statistic_opt(int value, enum _STATISTIC_OPT_TYPE type, int thread_seq);
#endif

83
entry/include/tsg_rule.h
View File

@@ -1,83 +0,0 @@
#ifndef __TSG_RULE_H__
#define __TSG_RULE_H__
#include <MESA/Maat_rule.h>
#define TSG_ACTION_NONE 0x00
#define TSG_ACTION_MONITOR 0x01
#define TSG_ACTION_INTERCEPT 0x02
#define TSG_ACTION_DENY 0x10
#define TSG_ACTION_MANIPULATE 0x30
#define TSG_ACTION_BYPASS 0x80
#define TSG_ACTION_MAX 0x80
enum TSG_ETHOD_TYPE
{
TSG_METHOD_TYPE_UNKNOWN=0,
TSG_METHOD_TYPE_DROP,
TSG_METHOD_TYPE_REDIRECTION,
TSG_METHOD_TYPE_BLOCK,
TSG_METHOD_TYPE_RESET,
TSG_METHOD_TYPE_MAX
};
typedef enum _tsg_protocol
{
PROTO_UNKONWN=0,
PROTO_IPv4=1,
PROTO_IPv6,
PROTO_TCP,
PROTO_UDP,
PROTO_HTTP,
PROTO_MAIL,
PROTO_DNS,
PROTO_FTP,
PROTO_SSL,
PROTO_SIP,
PROTO_BGP,
PROTO_STREAMING_MEDIA,
PROTO_SSH,
PROTO_MAX
}tsg_protocol_t;
#define MAX_RESULT_NUM 8
#define MAX_DOAMIN_LEN 2048
struct _identify_info
{
tsg_protocol_t proto; //enum _tsg_protocol (tsg_types.h)
int domain_len;
char domain[MAX_DOAMIN_LEN];
};
typedef enum _PULL_RESULT_TYPE
{
PULL_KNI_RESULT,
PULL_FW_RESULT
}PULL_RESULT_TYPE;
#define TSG_DOMAIN_MAX 256
extern Maat_feather_t g_tsg_maat_feather;
int tsg_rule_init(const char *conffile, void *logger);
int tsg_scan_nesting_addr(Maat_feather_t maat_feather, const struct streaminfo *a_stream, tsg_protocol_t proto, scan_status_t *mid, Maat_rule_t*result, int result_num);
//return 0 if failed, return >0 on success;
int tsg_pull_policy_result(struct streaminfo *a_stream, PULL_RESULT_TYPE pull_result_type, Maat_rule_t *result, int result_num, struct _identify_info *identify_info);
//return -1 if failed, return 0 on success;
int tsg_shared_table_init(const char *conffile, Maat_feather_t maat_feather, void *logger);
//return value: -1: failed, 0: not hit, >0: hit count
int tsg_scan_shared_policy(Maat_feather_t maat_feather, void *pkt, int pkt_len, Maat_rule_t *result, int result_num, struct _identify_info *identify_info, scan_status_t *mid, void *logger, int thread_seq);
//return NULL if none exists, otherwise return one deny rule;
struct Maat_rule_t *tsg_fetch_deny_rule(Maat_rule_t *result, int result_num);
int tsg_get_method_id(char *method);
#endif