gfwleak/tango-kni
Archived
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

调整kni.conf

Browse Source
This commit is contained in:
崔一鸣
2019-06-21 18:55:08 +08:00
parent 88678844a5
commit 4ca638521a
6 changed files with 62 additions and 66 deletions
Download Patch File Download Diff File Expand all files Collapse all files

81
conf/kni.conf
View File

@@ -1,15 +1,45 @@
[global] [global]
log_path = ./log/kni/kni.log log_path = ./log/kni/kni.log
log_level = 10 log_level = 10
tfe_node_count = 1 tfe_node_count = 3
local_eth = enp8s0
tfe_data_recv_thread_num = 8 tfe_data_recv_thread_num = 8
manage_eth = eth0
#keepalive_replay: window update replay #keepalive_replay: window update replay
keepalive_replay_switch = 1 keepalive_replay_switch = 1
[tfe0]
enabled = 1
mac_addr = fe:65:b7:03:50:bd
dev_eth_symbol = eth7
ip_addr = 192.168.10.38
[tfe1]
enabled = 1
mac_addr = fe:65:b7:03:50:bd
dev_eth_symbol = eth8
ip_addr = 192.168.10.39
[tfe2]
enabled = 1
mac_addr = fe:65:b7:03:50:bd
dev_eth_symbol = eth9
ip_addr = 192.168.10.40
[tfe_cmsg_receiver]
listen_eth = eth0
listen_port = 2475
[watch_dog]
switch = 1
listen_eth = eth0
listen_port = 2476
keepalive_idle = 2
keepalive_intvl = 1
keepalive_cnt = 3
[maat] [maat]
#readconf_mode: 0 = iris, 1 = json, 2 = redis #readconf_mode: 0 = iris, 1 = json, 2 = redis
readconf_mode = 2 readconf_mode = 1
tableinfo_path = ./conf/kni/maat_tableinfo.conf tableinfo_path = ./conf/kni/maat_tableinfo.conf
maatjson_path = ./conf/kni/maat_test.json maatjson_path = ./conf/kni/maat_test.json
redis_ip = 192.168.10.120 redis_ip = 192.168.10.120
@@ -17,50 +47,24 @@ redis_port = 6390
redis_index = 4 redis_index = 4
tablename_intercept_ip = PXY_INTERCEPT_IP tablename_intercept_ip = PXY_INTERCEPT_IP
tablename_intercept_domain = PXY_INTERCEPT_DOMAIN tablename_intercept_domain = PXY_INTERCEPT_DOMAIN
compile_alias = COMPILE_ALIAS
#default_action: 0x80 = bypass, 0x02 = intercept #default_action: 0x80 = bypass, 0x02 = intercept
default_action = 128 default_action = 128
[send_logger]
switch = 0
kafka_topic = SESSION-RECORD-LOG
kafka_brokerlist = 192.168.10.119:9092,192.168.10.122:9092,192.168.10.123:9092
[marsio] [marsio]
appsym = knifw appsym = knifw
dev_vxlan_symbol = vxlan_user dev_vxlan_symbol = vxlan_user
src_mac_addr = 00:0e:c6:d6:72:c1 src_mac_addr = 00:0e:c6:d6:72:c1
[tfe0]
enabled = 1
mac_addr = fe:65:b7:03:50:bd
dev_eth_symbol = ens1f5
ip_addr =
[tfe1]
enabled = 1
mac_addr = fe:65:b7:03:50:bd
dev_eth_symbol = eth8
ip_addr =
[tfe2]
enabled = 1
mac_addr = fe:65:b7:03:50:bd
dev_eth_symbol = eth9
ip_addr =
[field_stat]
stat_path = ./fs2_kni.status
[send_logger]
switch = 1
kafka_topic = SESSION-RECORD-LOG
kafka_brokerlist = 192.168.10.119:9092,192.168.10.122:9092,192.168.10.123:9092
[kafka] [kafka]
queue.buffering.max.messages = 1000000 queue.buffering.max.messages = 1000000
topic.metadata.refresh.interval.ms = 600000 topic.metadata.refresh.interval.ms = 600000
security.protocol = MG security.protocol = MG
[tfe_cmsg_receiver]
listen_eth = enp8s0
listen_port = 2475
[traceid2pme_htable] [traceid2pme_htable]
mho_screen_print_ctrl = 0 mho_screen_print_ctrl = 0
mho_thread_safe = 1 mho_thread_safe = 1
@@ -80,10 +84,5 @@ mho_hash_max_element_num = 640000
mho_expire_time = 0 mho_expire_time = 0
mho_eliminate_type = LRU mho_eliminate_type = LRU
[tfe_mgr] [field_stat]
keepalive_switch = 1 stat_path = ./fs2_kni.status
keepalive_idle = 2
keepalive_intvl = 1
keepalive_cnt = 3
keepalive_listen_eth =
keepalive_listen_port = 2476

3
conf/maat/maat_tableinfo.conf
View File

@@ -1,5 +1,4 @@
1 PXY_INTERCEPT_COMPILE compile escape -- 1 PXY_INTERCEPT_COMPILE compile escape --
2 PXY_INTERCEPT_GROUP group -- 2 PXY_INTERCEPT_GROUP group --
3 PXY_INTERCEPT_IP ip -- 3 PXY_INTERCEPT_IP ip --
4 PXY_INTERCEPT_DOMAIN expr utf8 utf8 yes 0 4 PXY_INTERCEPT_DOMAIN expr utf8 utf8 yes 0
5 COMPILE_ALIAS compile escape --

3
conf/maat/maat_test.json
View File

@@ -5,8 +5,7 @@
{ {
"compile_id": 0, "compile_id": 0,
"service": 1, "service": 1,
"action": 1, "action": 2,
"table_name": "COMPILE_ALIAS",
"do_blacklist": 1, "do_blacklist": 1,
"do_log": 1, "do_log": 1,
"effective_rage": 0, "effective_rage": 0,

18
entry/src/kni_entry.cpp
View File

@@ -362,7 +362,7 @@ static int log_generate(struct pme_info *pmeinfo, void *local_logger){
ret = kni_send_logger_sendlog(g_kni_handle->send_logger, log_msg, strlen(log_msg)); ret = kni_send_logger_sendlog(g_kni_handle->send_logger, log_msg, strlen(log_msg));
if(ret < 0){ if(ret < 0){
FS_operate(g_kni_fs_handle->handle, g_kni_fs_handle->fields[KNI_FIELD_SENDLOG_FAIL], 0, FS_OP_ADD, 1); FS_operate(g_kni_fs_handle->handle, g_kni_fs_handle->fields[KNI_FIELD_SENDLOG_FAIL], 0, FS_OP_ADD, 1);
KNI_LOG_ERROR(local_logger, "Failed at knisend_logger_sendlog, ret is %d, strem_traceid is %s", KNI_LOG_ERROR(local_logger, "Failed at sendlog_to_kafka, ret is %d, strem_traceid is %s",
ret, pmeinfo->stream_traceid); ret, pmeinfo->stream_traceid);
goto error_out; goto error_out;
} }
@@ -1760,7 +1760,7 @@ extern "C" int kni_init(){
char log_path[KNI_PATH_MAX] = ""; char log_path[KNI_PATH_MAX] = "";
int tfe_node_count = 0; int tfe_node_count = 0;
int tfe_data_recv_thread_num = -1; int tfe_data_recv_thread_num = -1;
char local_eth[KNI_SYMBOL_MAX] = ""; char manage_eth[KNI_SYMBOL_MAX] = "";
struct kni_send_logger *send_logger = NULL; struct kni_send_logger *send_logger = NULL;
struct kni_field_stat_handle *fs_handle = NULL; struct kni_field_stat_handle *fs_handle = NULL;
int id = -1; int id = -1;
@@ -1801,15 +1801,15 @@ extern "C" int kni_init(){
goto error_out; goto error_out;
} }
ret = MESA_load_profile_int_def(profile, section, "tfe_data_recv_thread_num", &tfe_data_recv_thread_num, 1); ret = MESA_load_profile_int_def(profile, section, "tfe_data_recv_thread_num", &tfe_data_recv_thread_num, 1);
ret = MESA_load_profile_string_nodef(profile, section, "local_eth", local_eth, sizeof(local_eth)); ret = MESA_load_profile_string_nodef(profile, section, "manage_eth", manage_eth, sizeof(manage_eth));
if(ret < 0){ if(ret < 0){
printf("MESA_prof_load: local_eth not set, profile is %s, section is %s", profile, section); printf("MESA_prof_load: manage_eth not set, profile is %s, section is %s", profile, section);
goto error_out; goto error_out;
} }
ret = MESA_load_profile_int_def(profile, section, "keepalive_replay_switch", &keepalive_replay_switch, 1); ret = MESA_load_profile_int_def(profile, section, "keepalive_replay_switch", &keepalive_replay_switch, 1);
KNI_LOG_ERROR(local_logger, "MESA_prof_load, [%s]:\n log_path: %s\n log_level: %d\n tfe_node_count: %d\n" KNI_LOG_ERROR(local_logger, "MESA_prof_load, [%s]:\n log_path: %s\n log_level: %d\n tfe_node_count: %d\n"
"tfe_data_recv_thread_num: %d\n local_eth: %s\n keepalive_replay_switch: %d", "tfe_data_recv_thread_num: %d\n manage_eth: %s\n keepalive_replay_switch: %d",
section, log_path, log_level, tfe_node_count, tfe_data_recv_thread_num, local_eth, keepalive_replay_switch); section, log_path, log_level, tfe_node_count, tfe_data_recv_thread_num, manage_eth, keepalive_replay_switch);
g_kni_handle = ALLOC(struct kni_handle, 1); g_kni_handle = ALLOC(struct kni_handle, 1);
g_kni_handle->local_logger = local_logger; g_kni_handle->local_logger = local_logger;
g_kni_handle->tfe_data_recv_thread_num = tfe_data_recv_thread_num; g_kni_handle->tfe_data_recv_thread_num = tfe_data_recv_thread_num;
@@ -1846,16 +1846,16 @@ extern "C" int kni_init(){
g_kni_fs_handle = fs_handle; g_kni_fs_handle = fs_handle;
//init local_ipv4 //init local_ipv4
ret = kni_ipv4_addr_get_by_eth(local_eth, &(g_kni_handle->local_ipv4)); ret = kni_ipv4_addr_get_by_eth(manage_eth, &(g_kni_handle->local_ipv4));
if(ret < 0){ if(ret < 0){
KNI_LOG_ERROR(local_logger, "Failed at get bind ipv4 addr, eth is %s", local_eth); KNI_LOG_ERROR(local_logger, "Failed at get bind ipv4 addr, eth is %s", manage_eth);
goto error_out; goto error_out;
} }
//init kni_send_logger //init kni_send_logger
send_logger = kni_send_logger_init(profile, local_logger); send_logger = kni_send_logger_init(profile, local_logger);
if(send_logger == NULL){ if(send_logger == NULL){
KNI_LOG_ERROR(local_logger, "Failed at init kni_send_logger", local_eth); KNI_LOG_ERROR(local_logger, "Failed at init kni_send_logger", manage_eth);
goto error_out; goto error_out;
} }
g_kni_handle->send_logger = send_logger; g_kni_handle->send_logger = send_logger;

5
entry/src/kni_maat.cpp
View File

@@ -68,7 +68,6 @@ struct kni_maat_handle* kni_maat_init(const char* profile, void *logger){
char tableinfo_path[KNI_PATH_MAX]; char tableinfo_path[KNI_PATH_MAX];
char tablename_intercept_ip[KNI_SYMBOL_MAX]; char tablename_intercept_ip[KNI_SYMBOL_MAX];
char tablename_intercept_domain[KNI_SYMBOL_MAX]; char tablename_intercept_domain[KNI_SYMBOL_MAX];
char compile_table[KNI_SYMBOL_MAX];
char maatjson_path[KNI_PATH_MAX]; char maatjson_path[KNI_PATH_MAX];
char redis_ip[INET_ADDRSTRLEN]; char redis_ip[INET_ADDRSTRLEN];
int redis_port; int redis_port;
@@ -104,8 +103,8 @@ struct kni_maat_handle* kni_maat_init(const char* profile, void *logger){
goto error_out; goto error_out;
} }
KNI_LOG_ERROR(logger, "MESA_prof_load, [%s]:\n readconf_mode: %d\n tableinfo_path: %s\n tablename_intercept_ip: %s\n tablename_intercept_domain: %s\n" KNI_LOG_ERROR(logger, "MESA_prof_load, [%s]:\n readconf_mode: %d\n tableinfo_path: %s\n tablename_intercept_ip: %s\n tablename_intercept_domain: %s\n"
"compile_table: %s\n default_action: %d", section, readconf_mode, tableinfo_path, tablename_intercept_ip, "default_action: %d", section, readconf_mode, tableinfo_path, tablename_intercept_ip,
tablename_intercept_domain, compile_table, g_maat_default_action); tablename_intercept_domain, g_maat_default_action);
feather = Maat_feather(g_iThreadNum, tableinfo_path, logger); feather = Maat_feather(g_iThreadNum, tableinfo_path, logger);
handle = ALLOC(struct kni_maat_handle, 1); handle = ALLOC(struct kni_maat_handle, 1);
handle->feather = feather; handle->feather = feather;

18
entry/src/tfe_mgr.cpp
View File

@@ -18,7 +18,7 @@ struct tfe_mgr{
int tfe_enabled_node_count; int tfe_enabled_node_count;
int tfe_alive_nodes[TFE_COUNT_MAX]; int tfe_alive_nodes[TFE_COUNT_MAX];
int tfe_alive_node_count; int tfe_alive_node_count;
int keepalive_switch; int watch_dog_switch;
void *logger; void *logger;
}; };
@@ -289,10 +289,10 @@ struct tfe_mgr* tfe_mgr_init(int tfe_node_count, const char* profile, void *logg
mgr->logger = logger; mgr->logger = logger;
int ret; int ret;
//load keepalive conf //load keepalive conf
char section[KNI_SYMBOL_MAX] = "tfe_mgr"; char section[KNI_SYMBOL_MAX] = "watch_dog";
MESA_load_profile_int_def(profile, section, "keepalive_switch", &(mgr->keepalive_switch), 0); MESA_load_profile_int_def(profile, section, "switch", &(mgr->watch_dog_switch), 0);
KNI_LOG_ERROR(logger, "MESA_prof_load, [%s]:\n keepalive_switch: %d", section, mgr->keepalive_switch); KNI_LOG_ERROR(logger, "MESA_prof_load, [%s]:\n switch: %d", section, mgr->watch_dog_switch);
if(mgr->keepalive_switch == 0){ if(mgr->watch_dog_switch == 0){
return mgr; return mgr;
} }
int keepalive_idle, keepalive_cnt, keepalive_intvl; int keepalive_idle, keepalive_cnt, keepalive_intvl;
@@ -309,17 +309,17 @@ struct tfe_mgr* tfe_mgr_init(int tfe_node_count, const char* profile, void *logg
MESA_load_profile_int_def(profile, section, "keepalive_idle", &keepalive_idle, 2); MESA_load_profile_int_def(profile, section, "keepalive_idle", &keepalive_idle, 2);
MESA_load_profile_int_def(profile, section, "keepalive_intvl", &keepalive_intvl, 1); MESA_load_profile_int_def(profile, section, "keepalive_intvl", &keepalive_intvl, 1);
MESA_load_profile_int_def(profile, section, "keepalive_cnt", &keepalive_cnt, 3); MESA_load_profile_int_def(profile, section, "keepalive_cnt", &keepalive_cnt, 3);
ret = MESA_load_profile_string_nodef(profile, section, "keepalive_listen_eth", keepalive_listen_eth, sizeof(keepalive_listen_eth)); ret = MESA_load_profile_string_nodef(profile, section, "listen_eth", keepalive_listen_eth, sizeof(keepalive_listen_eth));
if(ret < 0){ if(ret < 0){
KNI_LOG_ERROR(logger, "MESA_prof_load: keepalive_listen_eth not set, profile is %s, section is %s", profile, section); KNI_LOG_ERROR(logger, "MESA_prof_load: keepalive_listen_eth not set, profile is %s, section is %s", profile, section);
goto error_out; goto error_out;
} }
ret = MESA_load_profile_int_nodef(profile, section, "keepalive_listen_port", &keepalive_listen_port); ret = MESA_load_profile_int_nodef(profile, section, "listen_port", &keepalive_listen_port);
if(ret < 0){ if(ret < 0){
KNI_LOG_ERROR(logger, "MESA_prof_load: keepalive_listen_port not set, profile is %s, section is %s", profile, section); KNI_LOG_ERROR(logger, "MESA_prof_load: keepalive_listen_port not set, profile is %s, section is %s", profile, section);
goto error_out; goto error_out;
} }
KNI_LOG_ERROR(logger, "MESA_prof_load, [%s]:\n keepalive_idle: %d\n keepalive_intvl: %d\n keepalive_cnt: %d\n keepalive_listen_eth: %s\n keepalive_listen_port: %d", KNI_LOG_ERROR(logger, "MESA_prof_load, [%s]:\n keepalive_idle: %d\n keepalive_intvl: %d\n keepalive_cnt: %d\n listen_eth: %s\n listen_port: %d",
section, keepalive_idle, keepalive_intvl, keepalive_cnt, keepalive_listen_eth, keepalive_listen_port); section, keepalive_idle, keepalive_intvl, keepalive_cnt, keepalive_listen_eth, keepalive_listen_port);
ret = kni_ipv4_addr_get_by_eth(keepalive_listen_eth, &keepalive_listen_ip); ret = kni_ipv4_addr_get_by_eth(keepalive_listen_eth, &keepalive_listen_ip);
if(ret < 0){ if(ret < 0){
@@ -386,7 +386,7 @@ error_out:
int tfe_mgr_alive_node_get(struct tfe_mgr *mgr, int thread_seq){ int tfe_mgr_alive_node_get(struct tfe_mgr *mgr, int thread_seq){
int tfe_id = -1; int tfe_id = -1;
if(mgr->keepalive_switch == 0){ if(mgr->watch_dog_switch == 0){
if(mgr->tfe_enabled_node_count > 0){ if(mgr->tfe_enabled_node_count > 0){
int i = thread_seq % mgr->tfe_enabled_node_count; int i = thread_seq % mgr->tfe_enabled_node_count;
tfe_id = mgr->tfe_enabled_nodes[i].tfe_id; tfe_id = mgr->tfe_enabled_nodes[i].tfe_id;