fs统计和通联日志优化

common/include/kni_utils.h

@@ -75,24 +75,23 @@ enum kni_field{
 	KNI_FIELD_BYP_STM_POLICY,
 	KNI_FIELD_BYP_STM_PME_NEW_FAIL,
 	KNI_FIELD_BYP_STM_NO_TFE,
-	KNI_FIELD_BYP_STM_ERR,
 	KNI_FIELD_BYP_STM_DUP_TFC,
-	KNI_FIELD_STATE_UNKNOWN,
+	KNI_FIELD_BYP_STM_ERR,
-	KNI_FIELD_DUP_TFC_STM,
 	//stream error
-	KNI_FIELD_STM_ERR,
+	KNI_FIELD_STMERR_NO_SYN,
-	KNI_FIELD_NO_SYN,
+	KNI_FIELD_STMERR_SINGLE_DIR,
-	KNI_FIELD_SINGLE_DIR,
+	KNI_FIELD_STMERR_PROTO_UNKNOWN,
-	KNI_FIELD_PROTO_UNKNOWN,
+	KNI_FIELD_STMERR_NO_SA,
-	KNI_FIELD_NO_SA,
+	KNI_FIELD_STMERR_ACTION_INVALID,
-	KNI_FIELD_ACTION_INVALID,
+	KNI_FIELD_STMERR_NO_DATA,
-	KNI_FIELD_NO_DATA,
+	KNI_FIELD_STMERR_IPHDR_PARSE_FAIL,
-	KNI_FIELD_IPHDR_PARSE_FAIL,
+	KNI_FIELD_STMERR_EXCEED_MTU,
-	KNI_FIELD_EXCEED_MTU,
 	KNI_FIELD_STMERR_TUPLE2STM_ADD_FAIL,
-	KNI_FIELD_SENDTO_TFE_FAIL,
+	KNI_FIELD_STMERR_SENDTO_TFE_FAIL,
 	//others
 	KNI_FIELD_NULL_PKT,
+	KNI_FIELD_STATE_UNKNOWN,
+	KNI_FIELD_DUP_TFC_STM,
 	KNI_FIELD_IPV4_STM,
 	KNI_FIELD_IPV6_STM,
 	KNI_FIELD_SSL_STM,
@@ -111,8 +110,6 @@ enum kni_field{
 	KNI_FIELD_TUPLE2STM_ADD_FAIL,
 	KNI_FIELD_TUPLE2STM_DEL_SUCC,
 	KNI_FIELD_TUPLE2STM_DEL_FAIL,
-	KNI_FIELD_KNI_INTCP_BYTES,
-	KNI_FIELD_KNI_INTCP_STM,
 	KNI_FIELD_TUPLE2STM_SEARCH_SUCC,
 	KNI_FIELD_TUPLE2STM_SEARCH_FAIL,
 	KNI_FIELD_SAPP_INJECT_SUCC,
@@ -123,6 +120,11 @@ enum kni_field{
 	KNI_FIELD_BLOOM_ADD_FAIL,
 	KNI_FIELD_BLOOM_HIT,
 	KNI_FIELD_BLOOM_MISS,
+	//intercetp traffic stat
+	KNI_FIELD_INTCP_READY_STM,
+	KNI_FIELD_INTCP_READY_BYTE,
+	KNI_FIELD_TX_TFE_STM,
+	KNI_FIELD_TX_TFE_BYTE,
 	//KNI_FIELD_TFE_STATUS_BASE must be last 
 	KNI_FIELD_TFE_STATUS_BASE,
 };

entry/src/kni_entry.cpp

@@ -334,11 +334,13 @@ static int log_generate(struct pme_info *pmeinfo, void *local_logger){
 	cJSON_AddNumberToObject(log_obj, "service", pmeinfo->service);
 	//start_time
 	cJSON_AddNumberToObject(log_obj, "start_time", pmeinfo->start_time.tv_sec);
-	//end_time
+	if(pmeinfo->error >= 0){
-	cJSON_AddNumberToObject(log_obj, "end_time", pmeinfo->end_time.tv_sec);
+		//end_time
-	//con_duration_ms
+		cJSON_AddNumberToObject(log_obj, "end_time", pmeinfo->end_time.tv_sec);
-	cJSON_AddNumberToObject(log_obj, "con_duration_ms", (pmeinfo->end_time.tv_sec - pmeinfo->start_time.tv_sec) * 1000 
+		//con_duration_ms
-				+ (pmeinfo->end_time.tv_nsec - pmeinfo->start_time.tv_nsec) / 1000000);
+		cJSON_AddNumberToObject(log_obj, "con_duration_ms", (pmeinfo->end_time.tv_sec - pmeinfo->start_time.tv_sec) * 1000 
+					+ (pmeinfo->end_time.tv_nsec - pmeinfo->start_time.tv_nsec) / 1000000);
+	}
 	//stream_info: addr_type, trans_proto, client_ip, client_port, server_ip, server_port
 	const struct layer_addr *addr = pmeinfo->addr;
 	char client_ip_str[INET6_ADDRSTRLEN] = "";
@@ -746,10 +748,6 @@ static int send_to_tfe(char *raw_data, uint16_t raw_len, int thread_seq, int tfe
 	else{
 		ret = send_to_tfe_normal_mode(raw_data, raw_len, thread_seq, tfe_id, addr_type);
 	}
-	if(ret >= 0){
-		//intercept traffic stat
-		FS_operate(g_kni_fs_handle->handle, g_kni_fs_handle->fields[KNI_FIELD_KNI_INTCP_BYTES], 0, FS_OP_ADD, raw_len);
-	}
 	return ret;
 }
 
@@ -901,12 +899,13 @@ static char pending_opstate(struct streaminfo *stream, struct pme_info *pmeinfo,
 	int ret = wrapped_kni_header_parse(a_packet, pmeinfo, &pktinfo);
 	if(ret < 0){
 		pmeinfo->error = STREAM_ERROR_IPHDR_PARSE_FAIL;
+		FS_operate(g_kni_fs_handle->handle, g_kni_fs_handle->fields[KNI_FIELD_STMERR_IPHDR_PARSE_FAIL], 0, FS_OP_ADD, 1);
 		return APP_STATE_FAWPKT | APP_STATE_DROPME;
 	}
 	if(!pktinfo.tcphdr->syn){
 		//pending_opstate not syn, bypass and dropme
 		KNI_LOG_DEBUG(logger, "Stream error: pending opstate, not syn, stream traceid = %s", pmeinfo->stream_traceid);
-		FS_operate(g_kni_fs_handle->handle, g_kni_fs_handle->fields[KNI_FIELD_NO_SYN], 0, FS_OP_ADD, 1);
+		FS_operate(g_kni_fs_handle->handle, g_kni_fs_handle->fields[KNI_FIELD_STMERR_NO_SYN], 0, FS_OP_ADD, 1);
 		pmeinfo->error = STREAM_ERROR_PENDING_NO_SYN;
 		return APP_STATE_FAWPKT | APP_STATE_DROPME;
 	}
@@ -1026,7 +1025,7 @@ static int first_data_intercept(struct streaminfo *stream, struct pme_info *pmei
 	ret = send_to_tfe(buff, len, thread_seq, pmeinfo->tfe_id, pmeinfo->addr_type);
 	if(ret < 0){
 		KNI_LOG_DEBUG(logger, "Stream error: failed at send first packet to tfe%d, stream traceid = %s", pmeinfo->tfe_id, pmeinfo->stream_traceid);
-		FS_operate(g_kni_fs_handle->handle, g_kni_fs_handle->fields[KNI_FIELD_SENDTO_TFE_FAIL], 0, FS_OP_ADD, 1);
+		FS_operate(g_kni_fs_handle->handle, g_kni_fs_handle->fields[KNI_FIELD_STMERR_SENDTO_TFE_FAIL], 0, FS_OP_ADD, 1);
 		pmeinfo->error = STREAM_ERROR_SENDTO_TFE_FAIL;
 		FREE(&buff);
 		tuple2stream_htable_del(g_kni_handle->threads_handle[thread_seq].tuple2stream_htable, stream);
@@ -1035,7 +1034,6 @@ static int first_data_intercept(struct streaminfo *stream, struct pme_info *pmei
 	}
 	else{
 		KNI_LOG_DEBUG(logger, "Succeed at send first packet to tfe%d, stream traceid = %s", pmeinfo->tfe_id, pmeinfo->stream_traceid);
-		FS_operate(g_kni_fs_handle->handle, g_kni_fs_handle->fields[KNI_FIELD_KNI_INTCP_STM], 0, FS_OP_ADD, 1);
 	}
 	FREE(&buff);
 	return APP_STATE_DROPPKT | APP_STATE_GIVEME;
@@ -1112,13 +1110,18 @@ static char data_opstate(struct streaminfo *stream, struct pme_info *pmeinfo, co
 	ret = wrapped_kni_header_parse(a_packet, pmeinfo, &pktinfo);
 	if(ret < 0){
 		pmeinfo->error = STREAM_ERROR_IPHDR_PARSE_FAIL;
+		FS_operate(g_kni_fs_handle->handle, g_kni_fs_handle->fields[KNI_FIELD_STMERR_IPHDR_PARSE_FAIL], 0, FS_OP_ADD, 1);
 		return APP_STATE_FAWPKT | APP_STATE_DROPME;
 	}
 	//pmeinfo->action has only 3 value: KNI_ACTION_NONE， KNI_ACTION_INTERCEPT， KNI_ACTION_BYPASS
+	if(pmeinfo->action != KNI_ACTION_NONE){
+		FS_operate(g_kni_fs_handle->handle, g_kni_fs_handle->fields[KNI_FIELD_INTCP_READY_BYTE], 0, FS_OP_ADD, pktinfo.ip_totlen);
+	}
 	switch (pmeinfo->action){
 		case KNI_ACTION_NONE:
 			break;
 		case KNI_ACTION_INTERCEPT:
+			FS_operate(g_kni_fs_handle->handle, g_kni_fs_handle->fields[KNI_FIELD_TX_TFE_BYTE], 0, FS_OP_ADD, pktinfo.ip_totlen);
 			//search dabloom
 			if(g_kni_handle->dup_traffic_switch == 1){
 				if(pmeinfo->has_dup_traffic == 1){
@@ -1140,7 +1143,7 @@ static char data_opstate(struct streaminfo *stream, struct pme_info *pmeinfo, co
 			ret = send_to_tfe((char*)a_packet, len, thread_seq, pmeinfo->tfe_id, pmeinfo->addr_type);
 			if(ret < 0){
 				KNI_LOG_ERROR(logger, "Failed at send continue packet to tfe%d, stream traceid = %s", pmeinfo->tfe_id, pmeinfo->stream_traceid);
-				FS_operate(g_kni_fs_handle->handle, g_kni_fs_handle->fields[KNI_FIELD_SENDTO_TFE_FAIL], 0, FS_OP_ADD, 1);
+				FS_operate(g_kni_fs_handle->handle, g_kni_fs_handle->fields[KNI_FIELD_STMERR_SENDTO_TFE_FAIL], 0, FS_OP_ADD, 1);
 			}
 			return APP_STATE_DROPPKT | APP_STATE_GIVEME;
 		case KNI_ACTION_BYPASS:
@@ -1153,7 +1156,7 @@ static char data_opstate(struct streaminfo *stream, struct pme_info *pmeinfo, co
 	if(pktinfo.ip_totlen > KNI_DEFAULT_MTU){
 		pmeinfo->error = STREAM_ERROR_EXCEED_MTU;
 		KNI_LOG_DEBUG(logger, "Stream error: first data packet exceed MTU(1500), stream traceid = %s", pmeinfo->stream_traceid);
-		FS_operate(g_kni_fs_handle->handle, g_kni_fs_handle->fields[KNI_FIELD_EXCEED_MTU], 0, FS_OP_ADD, 1);
+		FS_operate(g_kni_fs_handle->handle, g_kni_fs_handle->fields[KNI_FIELD_STMERR_EXCEED_MTU], 0, FS_OP_ADD, 1);
 		return APP_STATE_FAWPKT | APP_STATE_DROPME;
 	}
 	// syn/ack
@@ -1186,7 +1189,7 @@ static char data_opstate(struct streaminfo *stream, struct pme_info *pmeinfo, co
 	//not double dir, bypass and dropme
 	if(stream->dir != DIR_DOUBLE){
 		KNI_LOG_DEBUG(logger, "Stream error: single dir = %d, stream traceid = %s", stream->dir, pmeinfo->stream_traceid);
-		FS_operate(g_kni_fs_handle->handle, g_kni_fs_handle->fields[KNI_FIELD_SINGLE_DIR], 0, FS_OP_ADD, 1);
+		FS_operate(g_kni_fs_handle->handle, g_kni_fs_handle->fields[KNI_FIELD_STMERR_SINGLE_DIR], 0, FS_OP_ADD, 1);
 		pmeinfo->error = STREAM_ERROR_SINGLE_DIR;
 		return APP_STATE_FAWPKT | APP_STATE_DROPME;
 	}
@@ -1198,7 +1201,7 @@ static char data_opstate(struct streaminfo *stream, struct pme_info *pmeinfo, co
 		//can not identify protocol from first data packet, bypass and dropme
 		case KNI_PROTOCOL_UNKNOWN:
 			KNI_LOG_DEBUG(logger, "Stream error: failed at protocol_identify, stream traceid = %s", pmeinfo->stream_traceid);
-			FS_operate(g_kni_fs_handle->handle, g_kni_fs_handle->fields[KNI_FIELD_PROTO_UNKNOWN], 0, FS_OP_ADD, 1);
+			FS_operate(g_kni_fs_handle->handle, g_kni_fs_handle->fields[KNI_FIELD_STMERR_PROTO_UNKNOWN], 0, FS_OP_ADD, 1);
 			pmeinfo->error = STREAM_ERROR_PROTOCOL_UNKNOWN;
 			return APP_STATE_FAWPKT | APP_STATE_DROPME;
 		case KNI_PROTOCOL_SSL:
@@ -1216,7 +1219,7 @@ static char data_opstate(struct streaminfo *stream, struct pme_info *pmeinfo, co
 	if(pmeinfo->client_tcpopt == NULL || pmeinfo->server_tcpopt == NULL){
 		KNI_LOG_DEBUG(logger, "Stream error: %s, %s, stream traceid = %s", pmeinfo->client_tcpopt == NULL ? "no syn" : "have syn", 
 								pmeinfo->server_tcpopt == NULL ? "no syn/ack" : "have syn/ack", pmeinfo->stream_traceid);
-		FS_operate(g_kni_fs_handle->handle, g_kni_fs_handle->fields[KNI_FIELD_NO_SA], 0, FS_OP_ADD, 1);
+		FS_operate(g_kni_fs_handle->handle, g_kni_fs_handle->fields[KNI_FIELD_STMERR_NO_SA], 0, FS_OP_ADD, 1);
 		pmeinfo->error = STREAM_ERROR_NO_SYN_ACK;
 		return APP_STATE_FAWPKT | APP_STATE_DROPME;
 	}
@@ -1244,6 +1247,8 @@ static char data_opstate(struct streaminfo *stream, struct pme_info *pmeinfo, co
 	char *action_str = kni_maat_action_trans(pmeinfo->action);
 	KNI_LOG_INFO(logger, "intercept_policy_scan: %s, %s, policy_id = %d, action = %d(%s), maat_hit = %d, stream traceid = %s", 
 			stream_addr, protocol_identify_res.domain, pmeinfo->policy_id, pmeinfo->action, action_str, pmeinfo->maat_hit, pmeinfo->stream_traceid);
+	FS_operate(g_kni_fs_handle->handle, g_kni_fs_handle->fields[KNI_FIELD_INTCP_READY_STM], 0, FS_OP_ADD, 1);
+	FS_operate(g_kni_fs_handle->handle, g_kni_fs_handle->fields[KNI_FIELD_INTCP_READY_BYTE], 0, FS_OP_ADD, pktinfo.ip_totlen);
 	switch(pmeinfo->action){
 		case KNI_ACTION_BYPASS:
 			FS_operate(g_kni_fs_handle->handle, g_kni_fs_handle->fields[KNI_FIELD_BYP_STM_POLICY], 0, FS_OP_ADD, 1);
@@ -1252,12 +1257,14 @@ static char data_opstate(struct streaminfo *stream, struct pme_info *pmeinfo, co
 			return APP_STATE_FAWPKT | APP_STATE_GIVEME;  //GIVEME: for session record
 		case KNI_ACTION_INTERCEPT:
 			pmeinfo->intercept_state=1;
+			FS_operate(g_kni_fs_handle->handle, g_kni_fs_handle->fields[KNI_FIELD_TX_TFE_STM], 0, FS_OP_ADD, 1);
+			FS_operate(g_kni_fs_handle->handle, g_kni_fs_handle->fields[KNI_FIELD_TX_TFE_BYTE], 0, FS_OP_ADD, pktinfo.ip_totlen);
 			return first_data_intercept(stream, pmeinfo, &pktinfo, stream_addr, thread_seq);
 		default:
 			//action != intercept && action != bypass，bypass and dropme
 			KNI_LOG_DEBUG(logger, "Stream error: action %d(%s) = invalid: policy_id = %d, stream traceid = %s, domain = ",
 				  pmeinfo->action, action_str, pmeinfo->policy_id, pmeinfo->stream_traceid, protocol_identify_res.domain);
-			FS_operate(g_kni_fs_handle->handle, g_kni_fs_handle->fields[KNI_FIELD_ACTION_INVALID], 0, FS_OP_ADD, 1);
+			FS_operate(g_kni_fs_handle->handle, g_kni_fs_handle->fields[KNI_FIELD_STMERR_ACTION_INVALID], 0, FS_OP_ADD, 1);
 			pmeinfo->error = STREAM_ERROR_INVALID_ACTION;
 			return APP_STATE_FAWPKT | APP_STATE_DROPME;
 	}
@@ -1288,7 +1295,7 @@ static char close_opstate(const struct streaminfo *stream, struct pme_info *pmei
 		default:
 			char *action_str = kni_maat_action_trans(pmeinfo->action);
 			pmeinfo->error = STREAM_ERROR_NO_DATA;
-			FS_operate(g_kni_fs_handle->handle, g_kni_fs_handle->fields[KNI_FIELD_NO_DATA], 0, FS_OP_ADD, 1);
+			FS_operate(g_kni_fs_handle->handle, g_kni_fs_handle->fields[KNI_FIELD_STMERR_NO_DATA], 0, FS_OP_ADD, 1);
 			KNI_LOG_DEBUG(logger, "Stream error: close_opstate, action %d(%s) = abnormal, stream_traceid = %s", 
 					pmeinfo->action, action_str, pmeinfo->stream_traceid);
 			return APP_STATE_FAWPKT | APP_STATE_DROPME;
@@ -1372,6 +1379,7 @@ error_out:
 	FS_operate(g_kni_fs_handle->handle, g_kni_fs_handle->fields[KNI_FIELD_BYP_STM_ERR], 0, FS_OP_ADD, 1);
 	FS_operate(g_kni_fs_handle->handle, g_kni_fs_handle->fields[KNI_FIELD_BYP_STM], 0, FS_OP_ADD, 1);
 	if(pmeinfo != NULL){
+		pmeinfo->policy_id = -1;
 		stream_destroy(pmeinfo, 1);
 	}
 	return ret;
@@ -1837,24 +1845,23 @@ static struct kni_field_stat_handle * fs_init(const char *profile){
 	fs_handle->fields[KNI_FIELD_BYP_STM_POLICY] = FS_register(handle, FS_STYLE_FIELD, FS_CALC_CURRENT, "byp_policy");
 	fs_handle->fields[KNI_FIELD_BYP_STM_PME_NEW_FAIL] = FS_register(handle, FS_STYLE_FIELD, FS_CALC_CURRENT, "byp_pme_new_F");
 	fs_handle->fields[KNI_FIELD_BYP_STM_NO_TFE] = FS_register(handle, FS_STYLE_FIELD, FS_CALC_CURRENT, "byp_no_tfe");
-	fs_handle->fields[KNI_FIELD_BYP_STM_ERR] = FS_register(handle, FS_STYLE_FIELD, FS_CALC_CURRENT, "byp_stm_err");
 	fs_handle->fields[KNI_FIELD_BYP_STM_DUP_TFC] = FS_register(handle, FS_STYLE_FIELD, FS_CALC_CURRENT, "byp_dup_tfc");
-	fs_handle->fields[KNI_FIELD_STATE_UNKNOWN] = FS_register(handle, FS_STYLE_FIELD, FS_CALC_CURRENT, "state_unknow");
+	fs_handle->fields[KNI_FIELD_BYP_STM_ERR] = FS_register(handle, FS_STYLE_FIELD, FS_CALC_CURRENT, "byp_stm_err");
-	fs_handle->fields[KNI_FIELD_DUP_TFC_STM] = FS_register(handle, FS_STYLE_FIELD, FS_CALC_CURRENT, "dup_tfc_stm");
 	//stream error
-	fs_handle->fields[KNI_FIELD_NO_SYN] = FS_register(handle, FS_STYLE_FIELD, FS_CALC_CURRENT, "err_no_syn");
+	fs_handle->fields[KNI_FIELD_STMERR_NO_SYN] = FS_register(handle, FS_STYLE_FIELD, FS_CALC_CURRENT, "err_no_syn");
-	fs_handle->fields[KNI_FIELD_SINGLE_DIR] = FS_register(handle, FS_STYLE_FIELD, FS_CALC_CURRENT, "err_sig_dir");
+	fs_handle->fields[KNI_FIELD_STMERR_SINGLE_DIR] = FS_register(handle, FS_STYLE_FIELD, FS_CALC_CURRENT, "err_sig_dir");
-	fs_handle->fields[KNI_FIELD_PROTO_UNKNOWN] = FS_register(handle, FS_STYLE_FIELD, FS_CALC_CURRENT, "err_pro_unknow");
+	fs_handle->fields[KNI_FIELD_STMERR_PROTO_UNKNOWN] = FS_register(handle, FS_STYLE_FIELD, FS_CALC_CURRENT, "err_pro_unknow");
-	fs_handle->fields[KNI_FIELD_NO_SA] = FS_register(handle, FS_STYLE_FIELD, FS_CALC_CURRENT, "err_no_s/a");
+	fs_handle->fields[KNI_FIELD_STMERR_NO_SA] = FS_register(handle, FS_STYLE_FIELD, FS_CALC_CURRENT, "err_no_s/a");
-	fs_handle->fields[KNI_FIELD_ACTION_INVALID] = FS_register(handle, FS_STYLE_FIELD, FS_CALC_CURRENT, "err_act_invaid");
+	fs_handle->fields[KNI_FIELD_STMERR_ACTION_INVALID] = FS_register(handle, FS_STYLE_FIELD, FS_CALC_CURRENT, "err_act_invaid");
-	fs_handle->fields[KNI_FIELD_NO_DATA] = FS_register(handle, FS_STYLE_FIELD, FS_CALC_CURRENT, "err_no_data");
+	fs_handle->fields[KNI_FIELD_STMERR_NO_DATA] = FS_register(handle, FS_STYLE_FIELD, FS_CALC_CURRENT, "err_no_data");
-	fs_handle->fields[KNI_FIELD_IPV4HDR_PARSE_FAIL] = FS_register(handle, FS_STYLE_FIELD, FS_CALC_CURRENT, "err_v4_parse");
+	fs_handle->fields[KNI_FIELD_STMERR_IPHDR_PARSE_FAIL] = FS_register(handle, FS_STYLE_FIELD, FS_CALC_CURRENT, "err_ip_hdr");
-	fs_handle->fields[KNI_FIELD_IPV6HDR_PARSE_FAIL] = FS_register(handle, FS_STYLE_FIELD, FS_CALC_CURRENT, "err_v6_parse");
+	fs_handle->fields[KNI_FIELD_STMERR_EXCEED_MTU] = FS_register(handle, FS_STYLE_FIELD, FS_CALC_CURRENT, "err_exced_mtu");
-	fs_handle->fields[KNI_FIELD_EXCEED_MTU] = FS_register(handle, FS_STYLE_FIELD, FS_CALC_CURRENT, "err_exced_mtu");
+	fs_handle->fields[KNI_FIELD_STMERR_SENDTO_TFE_FAIL] = FS_register(handle, FS_STYLE_FIELD, FS_CALC_CURRENT, "err_tfe_tx");
-	fs_handle->fields[KNI_FIELD_SENDTO_TFE_FAIL] = FS_register(handle, FS_STYLE_FIELD, FS_CALC_CURRENT, "err_sdtfe_F");
+	fs_handle->fields[KNI_FIELD_STMERR_TUPLE2STM_ADD_FAIL] = FS_register(handle, FS_STYLE_FIELD, FS_CALC_CURRENT, "err_tup2stmAdd");
-	fs_handle->fields[KNI_FIELD_STMERR_TUPLE2STM_ADD_FAIL] = FS_register(handle, FS_STYLE_FIELD, FS_CALC_CURRENT, "errTup2stmAddF");
 	//others
 	fs_handle->fields[KNI_FIELD_NULL_PKT] = FS_register(handle, FS_STYLE_FIELD, FS_CALC_CURRENT, "null_pkt");
+	fs_handle->fields[KNI_FIELD_STATE_UNKNOWN] = FS_register(handle, FS_STYLE_FIELD, FS_CALC_CURRENT, "state_unknow");
+	fs_handle->fields[KNI_FIELD_DUP_TFC_STM] = FS_register(handle, FS_STYLE_FIELD, FS_CALC_CURRENT, "dup_stm");
 	fs_handle->fields[KNI_FIELD_IPV4_STM] = FS_register(handle, FS_STYLE_FIELD, FS_CALC_CURRENT, "ipv4_stm");
 	fs_handle->fields[KNI_FIELD_IPV6_STM] = FS_register(handle, FS_STYLE_FIELD, FS_CALC_CURRENT, "ipv6_stm");
 	fs_handle->fields[KNI_FIELD_SSL_STM] = FS_register(handle, FS_STYLE_FIELD, FS_CALC_CURRENT, "ssl_stm");
@@ -1864,8 +1871,10 @@ static struct kni_field_stat_handle * fs_init(const char *profile){
 	fs_handle->fields[KNI_FIELD_PME_NEW_SUCC] = FS_register(handle, FS_STYLE_FIELD, FS_CALC_CURRENT, "pme_new");
 	fs_handle->fields[KNI_FIELD_PME_FREE] = FS_register(handle, FS_STYLE_FIELD, FS_CALC_CURRENT, "pme_free");
 	//intercept traffic stat
-	fs_handle->fields[KNI_FIELD_KNI_INTCP_BYTES] = FS_register(handle, FS_STYLE_FIELD, FS_CALC_CURRENT, "kni_intcp_B");
+	fs_handle->fields[KNI_FIELD_INTCP_READY_STM] = FS_register(handle, FS_STYLE_FIELD, FS_CALC_CURRENT, "intcp_rdy_stm");
-	fs_handle->fields[KNI_FIELD_KNI_INTCP_STM] = FS_register(handle, FS_STYLE_FIELD, FS_CALC_CURRENT, "kni_intcp_stm");
+	fs_handle->fields[KNI_FIELD_INTCP_READY_BYTE] = FS_register(handle, FS_STYLE_FIELD, FS_CALC_CURRENT, "intcp_rdy_B");
+	fs_handle->fields[KNI_FIELD_TX_TFE_STM] = FS_register(handle, FS_STYLE_FIELD, FS_CALC_CURRENT, "tx_tfe_stm");
+	fs_handle->fields[KNI_FIELD_TX_TFE_BYTE] = FS_register(handle, FS_STYLE_FIELD, FS_CALC_CURRENT, "tx_tfe_B");
 	//htable
 	fs_handle->fields[KNI_FIELD_ID2PME_ADD_SUCC] = FS_register(handle, FS_STYLE_FIELD, FS_CALC_CURRENT, "id2pme_add_S");
 	fs_handle->fields[KNI_FIELD_ID2PME_ADD_FAIL] = FS_register(handle, FS_STYLE_FIELD, FS_CALC_CURRENT, "id2pme_add_F");