Merge branch 'feature-kni2a-keepalive' into 'kni2a'

增加读取do_log字段, 修改fs2统计

See merge request tango/kni!9

common/include/kni_utils.h

@@ -63,37 +63,41 @@ struct kni_tcpopt_info{
 //field_stat
 #define KNI_FIELD_MAX  64
 enum kni_field{
-	KNI_FIELD_TOT_PKT = 0,
-	KNI_FIELD_BYP_PKT,
-	KNI_FIELD_INTCP_PKT,
-	KNI_FIELD_IPV6_PKT,
-	KNI_FIELD_NULL_PKT,
-	KNI_FIELD_NO_SYN_EXP,
-	KNI_FIELD_NO_SA_EXP,
-	KNI_FIELD_UNKNOWN_STATE_EXP,
-	KNI_FIELD_TOT_STM,
-	KNI_FIELD_BYP_STM,
 	KNI_FIELD_INTCP_STM,
+	KNI_FIELD_BYP_STM,
+	KNI_FIELD_POLICY_BYP,
+	KNI_FIELD_PME_NEW_FAIL,
+	KNI_FIELD_NO_TFE,
+	KNI_FIELD_STATE_UNKNOWN,
+	KNI_FIELD_STM_ERR,
+	KNI_FIELD_NO_SYN,
+	KNI_FIELD_SINGLE_DIR,
+	KNI_FIELD_PROTO_UNKNOWN,
+	KNI_FIELD_NO_SA,
+	KNI_FIELD_ACTION_INVALID,
+	KNI_FIELD_NO_DATA,
+	KNI_FIELD_IPV4HDR_PARSE_FAIL,
+	KNI_FIELD_IPV6HDR_PARSE_FAIL,
+	KNI_FIELD_KA_ADD_FAIL,
+	KNI_FIELD_EXCEED_MTU,
+	KNI_FIELD_SENDTO_TFE_FAIL,
+	//others
+	KNI_FIELD_NULL_PKT,
+	KNI_FIELD_IPV4_STM,
+	KNI_FIELD_IPV6_STM,
 	KNI_FIELD_SSL_STM,
 	KNI_FIELD_HTTP_STM,
 	KNI_FIELD_SENDLOG_SUCC,
 	KNI_FIELD_SENDLOG_FAIL,
-	KNI_FIELD_UNKNOWN_STM,
-	KNI_FIELD_STM_NO_DATA,
-	KNI_FIELD_PME_NEW,
+	KNI_FIELD_PME_NEW_SUCC,
 	KNI_FIELD_PME_FREE,
 	KNI_FIELD_ID2PME_ADD_SUCC,
 	KNI_FIELD_ID2PME_ADD_FAIL,
 	KNI_FIELD_ID2PME_DEL_SUCC,
 	KNI_FIELD_ID2PME_DEL_FAIL,
-	KNI_FIELD_IPV4HDR_PARSE_FAIL,
-	KNI_FIELD_IPV6HDR_PARSE_FAIL,
 	KNI_FIELD_KEEPALIVE_REPLAY_ADD_SUCC,
-	KNI_FIELD_KEEPALIVE_REPLAY_ADD_FAIL,
 	KNI_FIELD_KEEPALIVE_REPLAY_DEL_SUCC,
 	KNI_FIELD_KEEPALIVE_REPLAY_DEL_FAIL,
-	KNI_FIELD_EXCEED_MTU,
-	KNI_FIELD_SENDTO_TFE_FAIL,
 	//KNI_FIELD_TFE_STATUS_BASE must be last 
 	KNI_FIELD_TFE_STATUS_BASE,
 };

entry/include/kni_maat.h

@@ -27,5 +27,6 @@ enum kni_action{
 
 struct kni_maat_handle* kni_maat_init(const char* profile, void *logger);
 void kni_maat_destroy(struct kni_maat_handle *handle);
-enum kni_action intercept_policy_scan(struct kni_maat_handle* handle, struct ipaddr *addr, char *domain, int domain_len, int thread_seq, int *policy_id, int *is_hit_policy);
+enum kni_action intercept_policy_scan(struct kni_maat_handle* handle, struct ipaddr *addr, char *domain, int domain_len, 
+		int thread_seq, int *policy_id, int *do_log, int *is_hit_policy);
 char* kni_maat_action_trans(enum kni_action action);

entry/src/kni_entry.cpp

@@ -51,6 +51,7 @@ struct http_project{
 struct pme_info{
 	addr_type_t addr_type;
     int protocol;
+	int do_log;
 	int policy_id;
 	int maat_hit;
 	enum kni_action action;
@@ -250,7 +251,7 @@ error_out:
 	return NULL;
 }
 
-static int sendlog_to_kafka(struct pme_info *pmeinfo, void *local_logger){
+static int log_generate(struct pme_info *pmeinfo, void *local_logger){
 	//create cjson
 	cJSON *log_obj = cJSON_CreateObject();
 	//stream_traceid
@@ -355,13 +356,17 @@ static int sendlog_to_kafka(struct pme_info *pmeinfo, void *local_logger){
 		KNI_LOG_ERROR(local_logger, "Failed at cJSON_Print, stream_treaceid is %s", pmeinfo->stream_traceid);
 		goto error_out;
 	}
+	//local log
 	KNI_LOG_DEBUG(local_logger, "log_msg is %s\n", log_msg);
+	//sendto kafka
 	ret = kni_send_logger_sendlog(g_kni_handle->send_logger, log_msg, strlen(log_msg));
 	if(ret < 0){
+		FS_operate(g_kni_fs_handle->handle, g_kni_fs_handle->fields[KNI_FIELD_SENDLOG_FAIL], 0, FS_OP_ADD, 1);
 		KNI_LOG_ERROR(local_logger, "Failed at knisend_logger_sendlog, ret is %d, strem_traceid is %s", 
 				ret, pmeinfo->stream_traceid);
 		goto error_out;
 	}
+	FS_operate(g_kni_fs_handle->handle, g_kni_fs_handle->fields[KNI_FIELD_SENDLOG_SUCC], 0, FS_OP_ADD, 1);
 	cJSON_free(log_msg);
 	return 0;
 
@@ -435,6 +440,7 @@ static void keepalive_replay_htable_del(struct pme_info *pmeinfo){
 }
 static void judge_pme_destroy(struct pme_info *pmeinfo, int caller){
 	void *logger = g_kni_handle->local_logger;
+	int ret;
 	if(pmeinfo != NULL){
 		void *logger = g_kni_handle->local_logger;
 		pthread_mutex_lock(&(pmeinfo->lock));
@@ -450,14 +456,14 @@ static void judge_pme_destroy(struct pme_info *pmeinfo, int caller){
 		}
 		if(pmeinfo->sapp_release == 1 && pmeinfo->tfe_release == 1){
 			//sendlog
-			int ret = sendlog_to_kafka(pmeinfo, logger);
-			if(ret < 0){
-				KNI_LOG_ERROR(logger, "Failed at sendlog to kafka, stream traceid is %s", pmeinfo->stream_traceid);
-				FS_operate(g_kni_fs_handle->handle, g_kni_fs_handle->fields[KNI_FIELD_SENDLOG_FAIL], 0, FS_OP_ADD, 1);
-			}
-			else{
-				KNI_LOG_INFO(logger, "Succeed sendlog to kafka, stream traceid is %s", pmeinfo->stream_traceid);
-				FS_operate(g_kni_fs_handle->handle, g_kni_fs_handle->fields[KNI_FIELD_SENDLOG_SUCC], 0, FS_OP_ADD, 1);
+			if(pmeinfo->do_log == 1){
+				ret = log_generate(pmeinfo, logger);
+				if(ret < 0){
+					KNI_LOG_ERROR(logger, "Failed at log_generate, stream traceid is %s", pmeinfo->stream_traceid);
+				}
+				else{
+					KNI_LOG_INFO(logger, "Succeed at log_generate, stream traceid is %s", pmeinfo->stream_traceid);
+				}
 			}
 			//only intercetp stream need del htable
 			if(pmeinfo->action == KNI_ACTION_INTERCEPT){
@@ -752,7 +758,7 @@ static char pending_opstate(const struct streaminfo *stream, struct pme_info *pm
 	if(!pktinfo.tcphdr->syn){
 		//pending_opstate not syn, bypass and dropme
 		//KNI_LOG_DEBUG(logger, "pending opstate: not syn, stream traceid is %s", pmeinfo->stream_traceid);
-		FS_operate(g_kni_fs_handle->handle, g_kni_fs_handle->fields[KNI_FIELD_NO_SYN_EXP], 0, FS_OP_ADD, 1);
+		FS_operate(g_kni_fs_handle->handle, g_kni_fs_handle->fields[KNI_FIELD_NO_SYN], 0, FS_OP_ADD, 1);
 		pmeinfo->error = STREAM_ERROR_PENDING_NO_SYN;
 		return APP_STATE_FAWPKT | APP_STATE_DROPME;
 	}
@@ -784,7 +790,7 @@ int keepalive_replay_htable_add(const struct streaminfo *stream, struct pme_info
 			KNI_LOG_ERROR(logger, "MESA_htable: Failed at add, table is keepalive_replay_htable, "
 				"dir is c2s, key is %s, key_size is %d, ret is %d", stream_addr, key_size, ret);
 		}
-		FS_operate(g_kni_fs_handle->handle, g_kni_fs_handle->fields[KNI_FIELD_KEEPALIVE_REPLAY_ADD_FAIL], 0, FS_OP_ADD, 1);
+		FS_operate(g_kni_fs_handle->handle, g_kni_fs_handle->fields[KNI_FIELD_KA_ADD_FAIL], 0, FS_OP_ADD, 1);
 		pmeinfo->error = STREAM_ERROR_KA_REPLAY_ADD_FAIL;
 		*sapp_ret = APP_STATE_FAWPKT | APP_STATE_DROPME;
 		return -1;
@@ -819,7 +825,7 @@ int keepalive_replay_htable_add(const struct streaminfo *stream, struct pme_info
 	if(ret < 0){
 		KNI_LOG_ERROR(logger, "MESA_htable: Failed at add, table is keepalive_replay_htable, "
 				"dir is s2c, key is %s, key_size is %d, ret is %d", stream_addr, key_size, ret);
-		FS_operate(g_kni_fs_handle->handle, g_kni_fs_handle->fields[KNI_FIELD_KEEPALIVE_REPLAY_ADD_FAIL], 0, FS_OP_ADD, 1);
+		FS_operate(g_kni_fs_handle->handle, g_kni_fs_handle->fields[KNI_FIELD_KA_ADD_FAIL], 0, FS_OP_ADD, 1);
 	}
 	else{
 		//KNI_LOG_DEBUG(logger, "MESA_htable: Succeed at add, table is keepalive_replay_htable, "
@@ -868,7 +874,6 @@ static int first_data_intercept(const struct streaminfo *stream, struct pme_info
 		KNI_LOG_DEBUG(logger, "Succeed at send first packet to tfe%d, stream traceid is %s", pmeinfo->tfe_id, pmeinfo->stream_traceid);
 	}
 	FREE(&buff);
-	FS_operate(g_kni_fs_handle->handle, g_kni_fs_handle->fields[KNI_FIELD_INTCP_PKT], 0, FS_OP_ADD, 1);
 	FS_operate(g_kni_fs_handle->handle, g_kni_fs_handle->fields[KNI_FIELD_INTCP_STM], 0, FS_OP_ADD, 1);
 	return APP_STATE_DROPPKT | APP_STATE_GIVEME;
 }
@@ -907,10 +912,8 @@ static char data_opstate(const struct streaminfo *stream, struct pme_info *pmein
 				KNI_LOG_ERROR(logger, "Failed at send continue packet to tfe%d, stream traceid is %s", pmeinfo->tfe_id, pmeinfo->stream_traceid);
 				FS_operate(g_kni_fs_handle->handle, g_kni_fs_handle->fields[KNI_FIELD_SENDTO_TFE_FAIL], 0, FS_OP_ADD, 1);
 			}
-			FS_operate(g_kni_fs_handle->handle, g_kni_fs_handle->fields[KNI_FIELD_INTCP_PKT], 0, FS_OP_ADD, 1);
 			return APP_STATE_DROPPKT | APP_STATE_GIVEME;
 		case KNI_ACTION_BYPASS:
-			FS_operate(g_kni_fs_handle->handle, g_kni_fs_handle->fields[KNI_FIELD_BYP_PKT], 0, FS_OP_ADD, 1);
 			return APP_STATE_FAWPKT | APP_STATE_GIVEME;
 		default:
 			assert(0);
@@ -942,6 +945,7 @@ static char data_opstate(const struct streaminfo *stream, struct pme_info *pmein
 	//not double dir, bypass and dropme
 	if(stream->dir != DIR_DOUBLE){
 		//KNI_LOG_DEBUG(logger, "dir is %d, bypass, stream addr is %s", stream->dir, stream_addr);
+		FS_operate(g_kni_fs_handle->handle, g_kni_fs_handle->fields[KNI_FIELD_SINGLE_DIR], 0, FS_OP_ADD, 1);
 		pmeinfo->error = STREAM_ERROR_SINGLE_DIR;
 		return APP_STATE_FAWPKT | APP_STATE_DROPME;
 	}
@@ -954,7 +958,7 @@ static char data_opstate(const struct streaminfo *stream, struct pme_info *pmein
 		case KNI_PROTOCOL_UNKNOWN:
 			KNI_LOG_DEBUG(logger, "Failed at protocol_identify, bypass and dropme, stream addr is %s\n", 
 						pmeinfo->protocol, stream_addr);
-			FS_operate(g_kni_fs_handle->handle, g_kni_fs_handle->fields[KNI_FIELD_UNKNOWN_STM], 0, FS_OP_ADD, 1);
+			FS_operate(g_kni_fs_handle->handle, g_kni_fs_handle->fields[KNI_FIELD_PROTO_UNKNOWN], 0, FS_OP_ADD, 1);
 			pmeinfo->error = STREAM_ERROR_PROTOCOL_UNKNOWN;
 			return APP_STATE_FAWPKT | APP_STATE_DROPME;
 		case KNI_PROTOCOL_SSL:
@@ -970,7 +974,7 @@ static char data_opstate(const struct streaminfo *stream, struct pme_info *pmein
 	}
 	pmeinfo->action = intercept_policy_scan(g_kni_handle->maat_handle, (struct ipaddr*)(&stream->addr), 
 				protocol_identify_res.domain, protocol_identify_res.domain_len, 
-				thread_seq, &(pmeinfo->policy_id), &(pmeinfo->maat_hit));
+				thread_seq, &(pmeinfo->policy_id), &(pmeinfo->do_log), &(pmeinfo->maat_hit));
 	//policy scan log
 	char *action_str = kni_maat_action_trans(pmeinfo->action);
 	KNI_LOG_INFO(logger, "intercept_policy_scan: %s, %s, policy_id = %d, action = %d(%s), maat_hit = %d, stream traceid is %s", 
@@ -979,13 +983,13 @@ static char data_opstate(const struct streaminfo *stream, struct pme_info *pmein
 	if(pmeinfo->client_tcpopt == NULL || pmeinfo->server_tcpopt == NULL){
 		KNI_LOG_ERROR(logger, "Failed at intercept, %s, %s, stream traceid is %s", pmeinfo->client_tcpopt == NULL ? "no syn" : "have syn", 
 								pmeinfo->server_tcpopt == NULL ? "no syn/ack" : "have syn/ack", pmeinfo->stream_traceid);
-		FS_operate(g_kni_fs_handle->handle, g_kni_fs_handle->fields[KNI_FIELD_NO_SA_EXP], 0, FS_OP_ADD, 1);
+		FS_operate(g_kni_fs_handle->handle, g_kni_fs_handle->fields[KNI_FIELD_NO_SA], 0, FS_OP_ADD, 1);
 		pmeinfo->error = STREAM_ERROR_NO_SYN_ACK;
 		return APP_STATE_FAWPKT | APP_STATE_DROPME;
 	}
 	switch(pmeinfo->action){
 		case KNI_ACTION_BYPASS:
-			FS_operate(g_kni_fs_handle->handle, g_kni_fs_handle->fields[KNI_FIELD_BYP_PKT], 0, FS_OP_ADD, 1);
+			FS_operate(g_kni_fs_handle->handle, g_kni_fs_handle->fields[KNI_FIELD_POLICY_BYP], 0, FS_OP_ADD, 1);
 			FS_operate(g_kni_fs_handle->handle, g_kni_fs_handle->fields[KNI_FIELD_BYP_STM], 0, FS_OP_ADD, 1);
 			return APP_STATE_FAWPKT | APP_STATE_GIVEME;
 		case KNI_ACTION_INTERCEPT: 
@@ -994,6 +998,7 @@ static char data_opstate(const struct streaminfo *stream, struct pme_info *pmein
 			//action != intercept && action != bypass，bypass and dropme
 			KNI_LOG_ERROR(logger, "Action %d(%s) is invalid, bypass(dropme): policy_id is %d, stream addr is %s, domain is ",
 				  pmeinfo->action, action_str, pmeinfo->policy_id, stream_addr, protocol_identify_res.domain);
+			FS_operate(g_kni_fs_handle->handle, g_kni_fs_handle->fields[KNI_FIELD_ACTION_INVALID], 0, FS_OP_ADD, 1);
 			pmeinfo->error = STREAM_ERROR_INVALID_ACTION;
 			return APP_STATE_FAWPKT | APP_STATE_DROPME;
 	}
@@ -1022,7 +1027,7 @@ static char close_opstate(const struct streaminfo *stream, struct pme_info *pmei
 		default:
 			char *action_str = kni_maat_action_trans(pmeinfo->action);
 			pmeinfo->error = STREAM_ERROR_NO_DATA;
-			FS_operate(g_kni_fs_handle->handle, g_kni_fs_handle->fields[KNI_FIELD_STM_NO_DATA], 0, FS_OP_ADD, 1);
+			FS_operate(g_kni_fs_handle->handle, g_kni_fs_handle->fields[KNI_FIELD_NO_DATA], 0, FS_OP_ADD, 1);
 			KNI_LOG_DEBUG(logger, "close_opstate: action %d(%s) is abnormal, stream_traceid is %s", 
 					pmeinfo->action, action_str, pmeinfo->stream_traceid);
 			return APP_STATE_FAWPKT | APP_STATE_DROPME;
@@ -1035,11 +1040,12 @@ extern "C" char kni_tcpall_entry(const struct streaminfo *stream, void** pme, in
 	void *logger = g_kni_handle->local_logger;
 	int ret;
 	struct pme_info *pmeinfo = *(struct pme_info **)pme;
-	//TODO: ipv6
 	if(stream->addr.addrtype == ADDR_TYPE_IPV6){
-		FS_operate(g_kni_fs_handle->handle, g_kni_fs_handle->fields[KNI_FIELD_IPV6_PKT], 0, FS_OP_ADD, 1);
-		//return APP_STATE_FAWPKT | APP_STATE_DROPME;
+		FS_operate(g_kni_fs_handle->handle, g_kni_fs_handle->fields[KNI_FIELD_IPV6_STM], 0, FS_OP_ADD, 1);
 	}
+	else{
+		FS_operate(g_kni_fs_handle->handle, g_kni_fs_handle->fields[KNI_FIELD_IPV4_STM], 0, FS_OP_ADD, 1);
+	}	
 
 	/*  a_packet == NULL && not op_state_close, continue
 		close: a_packet may be null, if a_packet = null, do not send to tfe
@@ -1054,13 +1060,17 @@ extern "C" char kni_tcpall_entry(const struct streaminfo *stream, void** pme, in
 			*pme = pmeinfo = pme_info_new(stream, thread_seq);
 			if(pmeinfo == NULL){
 				KNI_LOG_ERROR(logger, "Failed at new pmeinfo, bypass and dropme");
+				FS_operate(g_kni_fs_handle->handle, g_kni_fs_handle->fields[KNI_FIELD_BYP_STM], 0, FS_OP_ADD, 1);
+				FS_operate(g_kni_fs_handle->handle, g_kni_fs_handle->fields[KNI_FIELD_PME_NEW_FAIL], 0, FS_OP_ADD, 1);
 				return APP_STATE_FAWPKT | APP_STATE_DROPME;
 			}
-			FS_operate(g_kni_fs_handle->handle, g_kni_fs_handle->fields[KNI_FIELD_PME_NEW], 0, FS_OP_ADD, 1);
+			FS_operate(g_kni_fs_handle->handle, g_kni_fs_handle->fields[KNI_FIELD_PME_NEW_SUCC], 0, FS_OP_ADD, 1);
 			pmeinfo->tfe_id = tfe_mgr_alive_node_get(g_kni_handle->_tfe_mgr, thread_seq);
-			printf("tfe_id is %d\n", pmeinfo->tfe_id);
+			//printf("tfe_id is %d\n", pmeinfo->tfe_id);
 			if(pmeinfo->tfe_id < 0){
 				KNI_LOG_ERROR(logger, "No alive tfe available, bypass and dropme");
+				FS_operate(g_kni_fs_handle->handle, g_kni_fs_handle->fields[KNI_FIELD_BYP_STM], 0, FS_OP_ADD, 1);
+				FS_operate(g_kni_fs_handle->handle, g_kni_fs_handle->fields[KNI_FIELD_NO_TFE], 0, FS_OP_ADD, 1);
 				pme_info_destroy(pmeinfo);
 				return APP_STATE_FAWPKT | APP_STATE_DROPME;
 			}
@@ -1085,7 +1095,7 @@ extern "C" char kni_tcpall_entry(const struct streaminfo *stream, void** pme, in
 			break;
 		default:
 			ret = APP_STATE_FAWPKT | APP_STATE_GIVEME;
-			FS_operate(g_kni_fs_handle->handle, g_kni_fs_handle->fields[KNI_FIELD_UNKNOWN_STATE_EXP], 0, FS_OP_ADD, 1);
+			FS_operate(g_kni_fs_handle->handle, g_kni_fs_handle->fields[KNI_FIELD_STATE_UNKNOWN], 0, FS_OP_ADD, 1);
 			KNI_LOG_ERROR(logger, "Unknown stream opstate %d, stream traceid is %s", stream->pktstate, pmeinfo->stream_traceid);
 			break;
 	}
@@ -1099,6 +1109,8 @@ extern "C" char kni_tcpall_entry(const struct streaminfo *stream, void** pme, in
 error_out:
 	char *stream_errmsg = stream_errmsg_get(pmeinfo->error);
 	KNI_LOG_DEBUG(logger, "stream error is %s, bypass and dropme, stream traceid is %s", stream_errmsg, pmeinfo->stream_traceid);
+	FS_operate(g_kni_fs_handle->handle, g_kni_fs_handle->fields[KNI_FIELD_STM_ERR], 0, FS_OP_ADD, 1);
+	FS_operate(g_kni_fs_handle->handle, g_kni_fs_handle->fields[KNI_FIELD_BYP_STM], 0, FS_OP_ADD, 1);
 	if(pmeinfo != NULL){
 		pme_info_destroy(pmeinfo);
 	}
@@ -1662,42 +1674,48 @@ static struct kni_field_stat_handle * fs_init(const char *profile){
 	FS_set_para(handle, MAX_STAT_FIELD_NUM, &value, sizeof(value));
 	fs_handle = ALLOC(struct kni_field_stat_handle, 1);
 	fs_handle->handle = handle;
-	//fs_handle->fields[KNI_FIELD_TOT_PKT] = FS_register(handle, FS_STYLE_FIELD, FS_CALC_CURRENT, "tot_pkt");
-	fs_handle->fields[KNI_FIELD_BYP_PKT] = FS_register(handle, FS_STYLE_FIELD, FS_CALC_CURRENT, "byp_pkt");
-	fs_handle->fields[KNI_FIELD_INTCP_PKT] = FS_register(handle, FS_STYLE_FIELD, FS_CALC_CURRENT, "intcp_pkt");
-	fs_handle->fields[KNI_FIELD_IPV6_PKT] = FS_register(handle, FS_STYLE_FIELD, FS_CALC_CURRENT, "ipv6_pkt");
-	fs_handle->fields[KNI_FIELD_NULL_PKT] = FS_register(handle, FS_STYLE_FIELD, FS_CALC_CURRENT, "null_pkt");
-	fs_handle->fields[KNI_FIELD_NO_SYN_EXP] = FS_register(handle, FS_STYLE_FIELD, FS_CALC_CURRENT, "no_syn_pkt");
-	fs_handle->fields[KNI_FIELD_UNKNOWN_STATE_EXP] = FS_register(handle, FS_STYLE_FIELD, FS_CALC_CURRENT, "unknown_state");
-	fs_handle->fields[KNI_FIELD_NO_SA_EXP] = FS_register(handle, FS_STYLE_FIELD, FS_CALC_CURRENT, "no_s/a_pkt");
-	//fs_handle->fields[KNI_FIELD_TOT_STM] = FS_register(handle, FS_STYLE_FIELD, FS_CALC_CURRENT, "tot_stm");
-	fs_handle->fields[KNI_FIELD_BYP_STM] = FS_register(handle, FS_STYLE_FIELD, FS_CALC_CURRENT, "byp_stm");
 	fs_handle->fields[KNI_FIELD_INTCP_STM] = FS_register(handle, FS_STYLE_FIELD, FS_CALC_CURRENT, "intcp_stm");
+	fs_handle->fields[KNI_FIELD_BYP_STM] = FS_register(handle, FS_STYLE_FIELD, FS_CALC_CURRENT, "byp_stm");
+	fs_handle->fields[KNI_FIELD_POLICY_BYP] = FS_register(handle, FS_STYLE_FIELD, FS_CALC_CURRENT, "policy_byp");
+	fs_handle->fields[KNI_FIELD_PME_NEW_FAIL] = FS_register(handle, FS_STYLE_FIELD, FS_CALC_CURRENT, "pme_new_fail");
+	fs_handle->fields[KNI_FIELD_NO_TFE] = FS_register(handle, FS_STYLE_FIELD, FS_CALC_CURRENT, "no_tfe");
+	fs_handle->fields[KNI_FIELD_STATE_UNKNOWN] = FS_register(handle, FS_STYLE_FIELD, FS_CALC_CURRENT, "state_unknown");
+	fs_handle->fields[KNI_FIELD_STM_ERR] = FS_register(handle, FS_STYLE_FIELD, FS_CALC_CURRENT, "stm_err");
+	//stream error
+	fs_handle->fields[KNI_FIELD_NO_SYN] = FS_register(handle, FS_STYLE_FIELD, FS_CALC_CURRENT, "no_syn");
+	fs_handle->fields[KNI_FIELD_SINGLE_DIR] = FS_register(handle, FS_STYLE_FIELD, FS_CALC_CURRENT, "single_dir");
+	fs_handle->fields[KNI_FIELD_PROTO_UNKNOWN] = FS_register(handle, FS_STYLE_FIELD, FS_CALC_CURRENT, "proto_unknow");
+	fs_handle->fields[KNI_FIELD_NO_SA] = FS_register(handle, FS_STYLE_FIELD, FS_CALC_CURRENT, "no_s/a");
+	fs_handle->fields[KNI_FIELD_ACTION_INVALID] = FS_register(handle, FS_STYLE_FIELD, FS_CALC_CURRENT, "action_invalid");
+	fs_handle->fields[KNI_FIELD_NO_DATA] = FS_register(handle, FS_STYLE_FIELD, FS_CALC_CURRENT, "no_data");
+	fs_handle->fields[KNI_FIELD_IPV4HDR_PARSE_FAIL] = FS_register(handle, FS_STYLE_FIELD, FS_CALC_CURRENT, "v4_parse_fail");
+	fs_handle->fields[KNI_FIELD_IPV6HDR_PARSE_FAIL] = FS_register(handle, FS_STYLE_FIELD, FS_CALC_CURRENT, "v6_parse_fail");
+	fs_handle->fields[KNI_FIELD_KA_ADD_FAIL] = FS_register(handle, FS_STYLE_FIELD, FS_CALC_CURRENT, "ka_add_fail");
+	fs_handle->fields[KNI_FIELD_EXCEED_MTU] = FS_register(handle, FS_STYLE_FIELD, FS_CALC_CURRENT, "exceed_mtu");
+	fs_handle->fields[KNI_FIELD_SENDTO_TFE_FAIL] = FS_register(handle, FS_STYLE_FIELD, FS_CALC_CURRENT, "sendtfe_fail");
+	//others
+	fs_handle->fields[KNI_FIELD_NULL_PKT] = FS_register(handle, FS_STYLE_FIELD, FS_CALC_CURRENT, "null_pkt");
+	fs_handle->fields[KNI_FIELD_IPV4_STM] = FS_register(handle, FS_STYLE_FIELD, FS_CALC_CURRENT, "ipv4_stm");
+	fs_handle->fields[KNI_FIELD_IPV6_STM] = FS_register(handle, FS_STYLE_FIELD, FS_CALC_CURRENT, "ipv6_stm");
 	fs_handle->fields[KNI_FIELD_SSL_STM] = FS_register(handle, FS_STYLE_FIELD, FS_CALC_CURRENT, "ssl_stm");
 	fs_handle->fields[KNI_FIELD_HTTP_STM] = FS_register(handle, FS_STYLE_FIELD, FS_CALC_CURRENT, "http_stm");
 	fs_handle->fields[KNI_FIELD_SENDLOG_SUCC] = FS_register(handle, FS_STYLE_FIELD, FS_CALC_CURRENT, "sendlog_succ");
 	fs_handle->fields[KNI_FIELD_SENDLOG_FAIL] = FS_register(handle, FS_STYLE_FIELD, FS_CALC_CURRENT, "sendlog_fail");
-	fs_handle->fields[KNI_FIELD_UNKNOWN_STM] = FS_register(handle, FS_STYLE_FIELD, FS_CALC_CURRENT, "unknown_stm");
-	fs_handle->fields[KNI_FIELD_STM_NO_DATA] = FS_register(handle, FS_STYLE_FIELD, FS_CALC_CURRENT, "stm_no_data");
-	fs_handle->fields[KNI_FIELD_PME_NEW] = FS_register(handle, FS_STYLE_FIELD, FS_CALC_CURRENT, "pme_new");
+	fs_handle->fields[KNI_FIELD_PME_NEW_SUCC] = FS_register(handle, FS_STYLE_FIELD, FS_CALC_CURRENT, "pme_new");
 	fs_handle->fields[KNI_FIELD_PME_FREE] = FS_register(handle, FS_STYLE_FIELD, FS_CALC_CURRENT, "pme_free");
+	//htable
 	fs_handle->fields[KNI_FIELD_ID2PME_ADD_SUCC] = FS_register(handle, FS_STYLE_FIELD, FS_CALC_CURRENT, "id2pme_add_succ");
 	fs_handle->fields[KNI_FIELD_ID2PME_ADD_FAIL] = FS_register(handle, FS_STYLE_FIELD, FS_CALC_CURRENT, "id2pme_add_fail");
 	fs_handle->fields[KNI_FIELD_ID2PME_DEL_SUCC] = FS_register(handle, FS_STYLE_FIELD, FS_CALC_CURRENT, "id2pme_del_succ");
 	fs_handle->fields[KNI_FIELD_ID2PME_DEL_FAIL] = FS_register(handle, FS_STYLE_FIELD, FS_CALC_CURRENT, "id2pme_del_fail");
-	fs_handle->fields[KNI_FIELD_IPV4HDR_PARSE_FAIL] = FS_register(handle, FS_STYLE_FIELD, FS_CALC_CURRENT, "v4_parse_fail");
-	fs_handle->fields[KNI_FIELD_IPV6HDR_PARSE_FAIL] = FS_register(handle, FS_STYLE_FIELD, FS_CALC_CURRENT, "v6_parse_fail");
-	fs_handle->fields[KNI_FIELD_KEEPALIVE_REPLAY_ADD_FAIL] = FS_register(handle, FS_STYLE_FIELD, FS_CALC_CURRENT, "ka_add_fail");
 	fs_handle->fields[KNI_FIELD_KEEPALIVE_REPLAY_ADD_SUCC] = FS_register(handle, FS_STYLE_FIELD, FS_CALC_CURRENT, "ka_add_succ");
 	fs_handle->fields[KNI_FIELD_KEEPALIVE_REPLAY_DEL_FAIL] = FS_register(handle, FS_STYLE_FIELD, FS_CALC_CURRENT, "ka_del_fail");
 	fs_handle->fields[KNI_FIELD_KEEPALIVE_REPLAY_DEL_SUCC] = FS_register(handle, FS_STYLE_FIELD, FS_CALC_CURRENT, "ka_del_succ");
-	fs_handle->fields[KNI_FIELD_EXCEED_MTU] = FS_register(handle, FS_STYLE_FIELD, FS_CALC_CURRENT, "exceed_mtu");
-	fs_handle->fields[KNI_FIELD_SENDTO_TFE_FAIL] = FS_register(handle, FS_STYLE_FIELD, FS_CALC_CURRENT, "sendto_tfe_fail");
 	for(int i = 0; i < g_kni_handle->marsio_handle->tfe_enabled_node_count; i++){
 		int tfe_id = g_kni_handle->marsio_handle->tfe_enabled_nodes[i].tfe_id;
 		char tfe_status[KNI_SYMBOL_MAX] = "";
 		snprintf(tfe_status, sizeof(tfe_status), "tfe%d", tfe_id);
-		fs_handle->fields[KNI_FIELD_TFE_STATUS_BASE + i] = FS_register(handle, FS_STYLE_FIELD, FS_CALC_CURRENT, tfe_status);
+		fs_handle->fields[KNI_FIELD_TFE_STATUS_BASE + i] = FS_register(handle, FS_STYLE_STATUS, FS_CALC_CURRENT, tfe_status);
 	}
 	fs_handle->handle = handle;
 	FS_start(handle);

entry/src/kni_maat.cpp

@@ -197,7 +197,8 @@ static int index_of_enforce_policy(struct Maat_rule_t* result, size_t size)
 	return ret_intercept_idx;
 }
 
-enum kni_action intercept_policy_scan(struct kni_maat_handle* handle, struct ipaddr *addr, char *domain, int domain_len, int thread_seq, int *policy_id, int *is_hit_policy){
+enum kni_action intercept_policy_scan(struct kni_maat_handle* handle, struct ipaddr *addr, char *domain, int domain_len, 
+		int thread_seq, int *policy_id, int *do_log, int *is_hit_policy){
 	//return KNI_ACTION_INTERCEPT;
 	Maat_feather_t maat_feather=handle->feather;
 	int table_intercept_ip=handle->tableid_intercept_ip;
@@ -225,7 +226,8 @@ enum kni_action intercept_policy_scan(struct kni_maat_handle* handle, struct ipa
 	if(hit_policy_cnt>0)
 	{
 		enforced_policy_idx=index_of_enforce_policy(result, hit_policy_cnt);
-		*policy_id=result[enforced_policy_idx].config_id;
+		*policy_id = result[enforced_policy_idx].config_id;
+		*do_log = result[enforced_policy_idx].do_log;
 		*is_hit_policy=1;
 		unsigned char action = (unsigned char)result[enforced_policy_idx].action;
 		return (enum kni_action)action;