gfwleak/tango-kni
Archived
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

bugfix:1.TSG-15130:修改kni发送log类型2.TSG-15212:修复kni发送日志字段

Browse Source
This commit is contained in:
fumingwei
2023-05-26 14:17:46 +08:00
parent 7f9cd6fbaf
commit 2803dbc740
1 changed files with 22 additions and 22 deletions
Download Patch File Download Diff File Expand all files Collapse all files

44
entry/src/kni_entry.cpp
View File

@@ -199,36 +199,36 @@ static int log_generate(struct pme_info *pmeinfo){
if(pmeinfo->protocol == PROTO_SSL){
TLD_append(tld_handle, (char*)"ssl_sni", (void*)pmeinfo->domain.sni, TLD_TYPE_STRING);
//pinning state: from tfe
TLD_append(tld_handle, (char*)"ssl_pinningst", (void*)(long)pmeinfo->ssl_pinningst, TLD_TYPE_LONG);
TLD_append(tld_handle, (char*)"intercept_pinning_status", (void*)(long)pmeinfo->ssl_pinningst, TLD_TYPE_LONG);
//intercept state: from tfe
TLD_append(tld_handle, (char*)"ssl_intercept_state", (void*)(long)pmeinfo->ssl_intercept_state, TLD_TYPE_LONG);
TLD_append(tld_handle, (char*)"intercept_status", (void*)(long)pmeinfo->ssl_intercept_state, TLD_TYPE_LONG);
//ssl upstream latency: from tfe
TLD_append(tld_handle, (char*)"ssl_server_side_latency", (void*)pmeinfo->ssl_server_side_latency, TLD_TYPE_LONG);
TLD_append(tld_handle, (char*)"intercept_server_side_latency", (void*)pmeinfo->ssl_server_side_latency, TLD_TYPE_LONG);
//ssl downstream latency: from tfe
TLD_append(tld_handle, (char*)"ssl_client_side_latency", (void*)pmeinfo->ssl_client_side_latency, TLD_TYPE_LONG);
TLD_append(tld_handle, (char*)"intercept_client_side_latency", (void*)pmeinfo->ssl_client_side_latency, TLD_TYPE_LONG);
//ssl upstream version: from tfe
TLD_append(tld_handle, (char*)"ssl_server_side_version", (void*)pmeinfo->ssl_server_side_version, TLD_TYPE_STRING);
TLD_append(tld_handle, (char*)"intercept_server_side_version", (void*)pmeinfo->ssl_server_side_version, TLD_TYPE_STRING);
//ssl downstream version: from tfe
TLD_append(tld_handle, (char*)"ssl_client_side_version", (void*)pmeinfo->ssl_client_side_version, TLD_TYPE_STRING);
TLD_append(tld_handle, (char*)"intercept_client_side_version", (void*)pmeinfo->ssl_client_side_version, TLD_TYPE_STRING);
//ssl error: from tfe
if(strlen(pmeinfo->ssl_error) > 0)
TLD_append(tld_handle, (char*)"ssl_error", (void*)pmeinfo->ssl_error, TLD_TYPE_STRING);
TLD_append(tld_handle, (char*)"intercept_error", (void*)pmeinfo->ssl_error, TLD_TYPE_STRING);
//ssl cert verify
if(pmeinfo->ssl_cert_verify != -1){
TLD_append(tld_handle, (char*)"ssl_cert_verify", (void*)(long)pmeinfo->ssl_cert_verify, TLD_TYPE_LONG);
TLD_append(tld_handle, (char*)"intercept_cert_verify", (void*)(long)pmeinfo->ssl_cert_verify, TLD_TYPE_LONG);
}
if (pmeinfo->ssl_intercept_state == 0){
if (strlen(pmeinfo->ssl_passthrough_reason))
{
TLD_append(tld_handle, (char*)"ssl_passthrough_reason", (void*)pmeinfo->ssl_passthrough_reason, TLD_TYPE_STRING);
TLD_append(tld_handle, (char*)"intercept_passthrough_reason", (void*)pmeinfo->ssl_passthrough_reason, TLD_TYPE_STRING);
}
else if (pmeinfo->intcp_error < 0)
{
TLD_append(tld_handle, (char*)"ssl_passthrough_reason", (void*)"Underlying Stream Error", TLD_TYPE_STRING);
TLD_append(tld_handle, (char*)"intercept_passthrough_reason", (void*)"Underlying Stream Error", TLD_TYPE_STRING);
}
else
{
TLD_append(tld_handle, (char*)"ssl_passthrough_reason", (void*)"Unknown", TLD_TYPE_STRING);
TLD_append(tld_handle, (char*)"intercept_passthrough_reason", (void*)"Unknown", TLD_TYPE_STRING);
}
}
}
@@ -238,7 +238,7 @@ static int log_generate(struct pme_info *pmeinfo){
}
//int ret = tsg_send_log(g_tsg_log_instance, tld_handle, NULL, &pmeinfo->maat_rule, (size_t)pmeinfo->n_maat_rule, 0);
int ret = tsg_send_log(g_tsg_log_instance, tld_handle, NULL, LOG_TYPE_SECURITY_EVENT, &pmeinfo->maat_rule, 1, 0);
int ret = tsg_send_log(g_tsg_log_instance, tld_handle, NULL, LOG_TYPE_INTERCEPT_EVENT, &pmeinfo->maat_rule, 1, 0);
//int ret = tsg_send_log(g_tsg_log_instance, tld_handle, &log_msg, 0);
if(ret < 0){
FS_operate(g_kni_fs_handle->handle, g_kni_fs_handle->fields[KNI_FIELD_SENDLOG_FAIL], 0, FS_OP_ADD, 1);
@@ -1468,7 +1468,7 @@ static int first_data_intercept(struct streaminfo *stream, struct pme_info *pmei
{
KNI_LOG_DEBUG(g_kni_handle->local_logger, "Proxy-tcp-option: bypass Duplicated Packet first data, streamid = %d", pmeinfo->stream_traceid);
FS_operate(g_kni_fs_handle->handle, g_kni_fs_handle->fields[KNI_FIELD_INTCPERR_DUP_TRAFFIC], 0, FS_OP_ADD, 1);
return APP_STATE_FAWPKT | APP_STATE_KILL_FOLLOW | APP_STATE_DROPME;
return APP_STATE_FAWPKT | APP_STATE_DROPME;
}
}
@@ -1509,7 +1509,7 @@ static int first_data_intercept(struct streaminfo *stream, struct pme_info *pmei
}
}
}
return APP_STATE_FAWPKT | APP_STATE_KILL_FOLLOW | APP_STATE_GIVEME;
return APP_STATE_FAWPKT | APP_STATE_GIVEME;
}
}
@@ -1575,13 +1575,13 @@ static int first_data_intercept(struct streaminfo *stream, struct pme_info *pmei
KNI_LOG_DEBUG(logger, "stream has dup traffic, traceid = %s", pmeinfo->stream_traceid);
}
FREE(&buff);
return APP_STATE_DROPPKT | APP_STATE_KILL_FOLLOW | APP_STATE_GIVEME;
return APP_STATE_DROPPKT | APP_STATE_GIVEME;
error_out:
if(buff != NULL){
FREE(&buff);
}
return APP_STATE_FAWPKT | APP_STATE_KILL_FOLLOW | APP_STATE_DROPME;
return APP_STATE_FAWPKT | APP_STATE_DROPME;
}
static int dabloom_search(struct pkt_info *pktinfo, int thread_seq){
@@ -1639,7 +1639,7 @@ char next_data_intercept(struct pme_info *pmeinfo, const void *a_packet, struct
struct ip6_hdr* ipv6_hdr = NULL;
if(pktinfo->parse_failed == 1){
KNI_LOG_ERROR(logger, "next_data_intercept: invalid ip header, drop pkt and not send to tfe");
return APP_STATE_DROPPKT | APP_STATE_KILL_FOLLOW | APP_STATE_GIVEME;
return APP_STATE_DROPPKT | APP_STATE_GIVEME;
}
//search dabloom
if(g_kni_handle->dup_traffic_switch == 1){
@@ -1648,12 +1648,12 @@ char next_data_intercept(struct pme_info *pmeinfo, const void *a_packet, struct
if(g_kni_handle->pxy_tcp_option_enable == 1)
{
if(pmeinfo->pxy_tcp_option.bypass_duplicated_packet == 1){ //Bypass Duplicated Packet
return APP_STATE_FAWPKT | APP_STATE_KILL_FOLLOW | APP_STATE_GIVEME;
return APP_STATE_FAWPKT | APP_STATE_GIVEME;
}
}
ret = dabloom_search(pktinfo, thread_seq);
if(ret == 1){
return APP_STATE_FAWPKT | APP_STATE_KILL_FOLLOW | APP_STATE_GIVEME;
return APP_STATE_FAWPKT | APP_STATE_GIVEME;
}
}
}
@@ -1668,12 +1668,12 @@ char next_data_intercept(struct pme_info *pmeinfo, const void *a_packet, struct
if(pktinfo->ip_totlen > KNI_DEFAULT_MTU){
KNI_LOG_DEBUG(logger, "Next data packet exceed MTU(1500), stream traceid = %s, stream addr = %s",
pmeinfo->stream_traceid, pmeinfo->stream_addr);
return APP_STATE_DROPPKT | APP_STATE_KILL_FOLLOW | APP_STATE_GIVEME;
return APP_STATE_DROPPKT | APP_STATE_GIVEME;
}
if(g_kni_handle->ssl_dynamic_bypass_enable == 1){
if(pmeinfo->is_dynamic_bypass){
next_data_ssl_dynamic_bypass(pktinfo);
return APP_STATE_FAWPKT | APP_STATE_KILL_FOLLOW | APP_STATE_GIVEME;
return APP_STATE_FAWPKT | APP_STATE_GIVEME;
}
}
@@ -1686,7 +1686,7 @@ char next_data_intercept(struct pme_info *pmeinfo, const void *a_packet, struct
//else{
// FS_operate(g_kni_fs_handle->handle, g_kni_fs_handle->fields[KNI_FIELD_INTCP_BYTE], 0, FS_OP_ADD, pktinfo->ip_totlen);
//}
return APP_STATE_DROPPKT | APP_STATE_KILL_FOLLOW | APP_STATE_GIVEME;
return APP_STATE_DROPPKT | APP_STATE_GIVEME;
}
char first_data_process(struct streaminfo *stream, struct pme_info *pmeinfo, struct pkt_info *pktinfo, int thread_seq){