gfwleak/tango-kni
Archived
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

调整kni.conf

Browse Source
This commit is contained in:
崔一鸣
2019-06-21 18:55:08 +08:00
parent 88678844a5
commit 4ca638521a
6 changed files with 62 additions and 66 deletions
Download Patch File Download Diff File Expand all files Collapse all files

81
conf/kni.conf
View File

@@ -1,15 +1,45 @@
[global]
log_path = ./log/kni/kni.log
log_level = 10
tfe_node_count = 1
local_eth = enp8s0
tfe_node_count = 3
tfe_data_recv_thread_num = 8
manage_eth = eth0
#keepalive_replay: window update replay
keepalive_replay_switch = 1
[tfe0]
enabled = 1
mac_addr = fe:65:b7:03:50:bd
dev_eth_symbol = eth7
ip_addr = 192.168.10.38
[tfe1]
enabled = 1
mac_addr = fe:65:b7:03:50:bd
dev_eth_symbol = eth8
ip_addr = 192.168.10.39
[tfe2]
enabled = 1
mac_addr = fe:65:b7:03:50:bd
dev_eth_symbol = eth9
ip_addr = 192.168.10.40
[tfe_cmsg_receiver]
listen_eth = eth0
listen_port = 2475
[watch_dog]
switch = 1
listen_eth = eth0
listen_port = 2476
keepalive_idle = 2
keepalive_intvl = 1
keepalive_cnt = 3
[maat]
#readconf_mode: 0 = iris, 1 = json, 2 = redis
readconf_mode = 2
readconf_mode = 1
tableinfo_path = ./conf/kni/maat_tableinfo.conf
maatjson_path = ./conf/kni/maat_test.json
redis_ip = 192.168.10.120
@@ -17,50 +47,24 @@ redis_port = 6390
redis_index = 4
tablename_intercept_ip = PXY_INTERCEPT_IP
tablename_intercept_domain = PXY_INTERCEPT_DOMAIN
compile_alias = COMPILE_ALIAS
#default_action: 0x80 = bypass, 0x02 = intercept
default_action = 128
[send_logger]
switch = 0
kafka_topic = SESSION-RECORD-LOG
kafka_brokerlist = 192.168.10.119:9092,192.168.10.122:9092,192.168.10.123:9092
[marsio]
appsym = knifw
dev_vxlan_symbol = vxlan_user
src_mac_addr = 00:0e:c6:d6:72:c1
[tfe0]
enabled = 1
mac_addr = fe:65:b7:03:50:bd
dev_eth_symbol = ens1f5
ip_addr =
[tfe1]
enabled = 1
mac_addr = fe:65:b7:03:50:bd
dev_eth_symbol = eth8
ip_addr =
[tfe2]
enabled = 1
mac_addr = fe:65:b7:03:50:bd
dev_eth_symbol = eth9
ip_addr =
[field_stat]
stat_path = ./fs2_kni.status
[send_logger]
switch = 1
kafka_topic = SESSION-RECORD-LOG
kafka_brokerlist = 192.168.10.119:9092,192.168.10.122:9092,192.168.10.123:9092
[kafka]
queue.buffering.max.messages = 1000000
topic.metadata.refresh.interval.ms = 600000
security.protocol = MG
[tfe_cmsg_receiver]
listen_eth = enp8s0
listen_port = 2475
[traceid2pme_htable]
mho_screen_print_ctrl = 0
mho_thread_safe = 1
@@ -80,10 +84,5 @@ mho_hash_max_element_num = 640000
mho_expire_time = 0
mho_eliminate_type = LRU
[tfe_mgr]
keepalive_switch = 1
keepalive_idle = 2
keepalive_intvl = 1
keepalive_cnt = 3
keepalive_listen_eth =
keepalive_listen_port = 2476
[field_stat]
stat_path = ./fs2_kni.status

3
conf/maat/maat_tableinfo.conf
View File

@@ -1,5 +1,4 @@
1 PXY_INTERCEPT_COMPILE compile escape --
2 PXY_INTERCEPT_GROUP group --
3 PXY_INTERCEPT_IP ip --
4 PXY_INTERCEPT_DOMAIN expr utf8 utf8 yes 0
5 COMPILE_ALIAS compile escape --
4 PXY_INTERCEPT_DOMAIN expr utf8 utf8 yes 0

3
conf/maat/maat_test.json
View File

@@ -5,8 +5,7 @@
{
"compile_id": 0,
"service": 1,
"action": 1,
"table_name": "COMPILE_ALIAS",
"action": 2,
"do_blacklist": 1,
"do_log": 1,
"effective_rage": 0,

18
entry/src/kni_entry.cpp
View File

@@ -362,7 +362,7 @@ static int log_generate(struct pme_info *pmeinfo, void *local_logger){
ret = kni_send_logger_sendlog(g_kni_handle->send_logger, log_msg, strlen(log_msg));
if(ret < 0){
FS_operate(g_kni_fs_handle->handle, g_kni_fs_handle->fields[KNI_FIELD_SENDLOG_FAIL], 0, FS_OP_ADD, 1);
KNI_LOG_ERROR(local_logger, "Failed at knisend_logger_sendlog, ret is %d, strem_traceid is %s",
KNI_LOG_ERROR(local_logger, "Failed at sendlog_to_kafka, ret is %d, strem_traceid is %s",
ret, pmeinfo->stream_traceid);
goto error_out;
}
@@ -1760,7 +1760,7 @@ extern "C" int kni_init(){
char log_path[KNI_PATH_MAX] = "";
int tfe_node_count = 0;
int tfe_data_recv_thread_num = -1;
char local_eth[KNI_SYMBOL_MAX] = "";
char manage_eth[KNI_SYMBOL_MAX] = "";
struct kni_send_logger *send_logger = NULL;
struct kni_field_stat_handle *fs_handle = NULL;
int id = -1;
@@ -1801,15 +1801,15 @@ extern "C" int kni_init(){
goto error_out;
}
ret = MESA_load_profile_int_def(profile, section, "tfe_data_recv_thread_num", &tfe_data_recv_thread_num, 1);
ret = MESA_load_profile_string_nodef(profile, section, "local_eth", local_eth, sizeof(local_eth));
ret = MESA_load_profile_string_nodef(profile, section, "manage_eth", manage_eth, sizeof(manage_eth));
if(ret < 0){
printf("MESA_prof_load: local_eth not set, profile is %s, section is %s", profile, section);
printf("MESA_prof_load: manage_eth not set, profile is %s, section is %s", profile, section);
goto error_out;
}
ret = MESA_load_profile_int_def(profile, section, "keepalive_replay_switch", &keepalive_replay_switch, 1);
KNI_LOG_ERROR(local_logger, "MESA_prof_load, [%s]:\n log_path: %s\n log_level: %d\n tfe_node_count: %d\n"
"tfe_data_recv_thread_num: %d\n local_eth: %s\n keepalive_replay_switch: %d",
section, log_path, log_level, tfe_node_count, tfe_data_recv_thread_num, local_eth, keepalive_replay_switch);
"tfe_data_recv_thread_num: %d\n manage_eth: %s\n keepalive_replay_switch: %d",
section, log_path, log_level, tfe_node_count, tfe_data_recv_thread_num, manage_eth, keepalive_replay_switch);
g_kni_handle = ALLOC(struct kni_handle, 1);
g_kni_handle->local_logger = local_logger;
g_kni_handle->tfe_data_recv_thread_num = tfe_data_recv_thread_num;
@@ -1846,16 +1846,16 @@ extern "C" int kni_init(){
g_kni_fs_handle = fs_handle;
//init local_ipv4
ret = kni_ipv4_addr_get_by_eth(local_eth, &(g_kni_handle->local_ipv4));
ret = kni_ipv4_addr_get_by_eth(manage_eth, &(g_kni_handle->local_ipv4));
if(ret < 0){
KNI_LOG_ERROR(local_logger, "Failed at get bind ipv4 addr, eth is %s", local_eth);
KNI_LOG_ERROR(local_logger, "Failed at get bind ipv4 addr, eth is %s", manage_eth);
goto error_out;
}
//init kni_send_logger
send_logger = kni_send_logger_init(profile, local_logger);
if(send_logger == NULL){
KNI_LOG_ERROR(local_logger, "Failed at init kni_send_logger", local_eth);
KNI_LOG_ERROR(local_logger, "Failed at init kni_send_logger", manage_eth);
goto error_out;
}
g_kni_handle->send_logger = send_logger;

5
entry/src/kni_maat.cpp
View File

@@ -68,7 +68,6 @@ struct kni_maat_handle* kni_maat_init(const char* profile, void *logger){
char tableinfo_path[KNI_PATH_MAX];
char tablename_intercept_ip[KNI_SYMBOL_MAX];
char tablename_intercept_domain[KNI_SYMBOL_MAX];
char compile_table[KNI_SYMBOL_MAX];
char maatjson_path[KNI_PATH_MAX];
char redis_ip[INET_ADDRSTRLEN];
int redis_port;
@@ -104,8 +103,8 @@ struct kni_maat_handle* kni_maat_init(const char* profile, void *logger){
goto error_out;
}
KNI_LOG_ERROR(logger, "MESA_prof_load, [%s]:\n readconf_mode: %d\n tableinfo_path: %s\n tablename_intercept_ip: %s\n tablename_intercept_domain: %s\n"
"compile_table: %s\n default_action: %d", section, readconf_mode, tableinfo_path, tablename_intercept_ip,
tablename_intercept_domain, compile_table, g_maat_default_action);
"default_action: %d", section, readconf_mode, tableinfo_path, tablename_intercept_ip,
tablename_intercept_domain, g_maat_default_action);
feather = Maat_feather(g_iThreadNum, tableinfo_path, logger);
handle = ALLOC(struct kni_maat_handle, 1);
handle->feather = feather;

18
entry/src/tfe_mgr.cpp
View File

@@ -18,7 +18,7 @@ struct tfe_mgr{
int tfe_enabled_node_count;
int tfe_alive_nodes[TFE_COUNT_MAX];
int tfe_alive_node_count;
int keepalive_switch;
int watch_dog_switch;
void *logger;
};
@@ -289,10 +289,10 @@ struct tfe_mgr* tfe_mgr_init(int tfe_node_count, const char* profile, void *logg
mgr->logger = logger;
int ret;
//load keepalive conf
char section[KNI_SYMBOL_MAX] = "tfe_mgr";
MESA_load_profile_int_def(profile, section, "keepalive_switch", &(mgr->keepalive_switch), 0);
KNI_LOG_ERROR(logger, "MESA_prof_load, [%s]:\n keepalive_switch: %d", section, mgr->keepalive_switch);
if(mgr->keepalive_switch == 0){
char section[KNI_SYMBOL_MAX] = "watch_dog";
MESA_load_profile_int_def(profile, section, "switch", &(mgr->watch_dog_switch), 0);
KNI_LOG_ERROR(logger, "MESA_prof_load, [%s]:\n switch: %d", section, mgr->watch_dog_switch);
if(mgr->watch_dog_switch == 0){
return mgr;
}
int keepalive_idle, keepalive_cnt, keepalive_intvl;
@@ -309,17 +309,17 @@ struct tfe_mgr* tfe_mgr_init(int tfe_node_count, const char* profile, void *logg
MESA_load_profile_int_def(profile, section, "keepalive_idle", &keepalive_idle, 2);
MESA_load_profile_int_def(profile, section, "keepalive_intvl", &keepalive_intvl, 1);
MESA_load_profile_int_def(profile, section, "keepalive_cnt", &keepalive_cnt, 3);
ret = MESA_load_profile_string_nodef(profile, section, "keepalive_listen_eth", keepalive_listen_eth, sizeof(keepalive_listen_eth));
ret = MESA_load_profile_string_nodef(profile, section, "listen_eth", keepalive_listen_eth, sizeof(keepalive_listen_eth));
if(ret < 0){
KNI_LOG_ERROR(logger, "MESA_prof_load: keepalive_listen_eth not set, profile is %s, section is %s", profile, section);
goto error_out;
}
ret = MESA_load_profile_int_nodef(profile, section, "keepalive_listen_port", &keepalive_listen_port);
ret = MESA_load_profile_int_nodef(profile, section, "listen_port", &keepalive_listen_port);
if(ret < 0){
KNI_LOG_ERROR(logger, "MESA_prof_load: keepalive_listen_port not set, profile is %s, section is %s", profile, section);
goto error_out;
}
KNI_LOG_ERROR(logger, "MESA_prof_load, [%s]:\n keepalive_idle: %d\n keepalive_intvl: %d\n keepalive_cnt: %d\n keepalive_listen_eth: %s\n keepalive_listen_port: %d",
KNI_LOG_ERROR(logger, "MESA_prof_load, [%s]:\n keepalive_idle: %d\n keepalive_intvl: %d\n keepalive_cnt: %d\n listen_eth: %s\n listen_port: %d",
section, keepalive_idle, keepalive_intvl, keepalive_cnt, keepalive_listen_eth, keepalive_listen_port);
ret = kni_ipv4_addr_get_by_eth(keepalive_listen_eth, &keepalive_listen_ip);
if(ret < 0){
@@ -386,7 +386,7 @@ error_out:
int tfe_mgr_alive_node_get(struct tfe_mgr *mgr, int thread_seq){
int tfe_id = -1;
if(mgr->keepalive_switch == 0){
if(mgr->watch_dog_switch == 0){
if(mgr->tfe_enabled_node_count > 0){
int i = thread_seq % mgr->tfe_enabled_node_count;
tfe_id = mgr->tfe_enabled_nodes[i].tfe_id;