20180729：

增加filestate2统计信息
2018-07-20 14:04:15 +08:00
parent c4026e018c
commit 65db937450
2 changed files with 74 additions and 77 deletions
--- a/kni.c
+++ b/kni.c
@@ -41,7 +41,7 @@ struct kni_switch_info g_kni_switch_info;

 char g_kni_cardname[KNI_CARD_NUM][KNI_CONF_MAXLEN];
 int g_kni_threadseq[KNI_MAX_THREADNUM];
-const char *g_kni_fs2_name[FS2_COLUMN_NUM] ={"RECV_PKTS","FWD_PKTS","DROP_PKTS","WRITE_PKTS","READ_PKTS","SEND_PKTS"};
+const char *g_kni_fs2_name[FS2_COLUMN_NUM] ={"RECV_PKTS","WRITE_PKTS","READ_PKTS","SEND_PKTS","BMD_IP","BMD_DOMAIN","HTTP_PKTS","SSL_PKTS"};

 extern int g_iThreadNum;

@@ -55,6 +55,7 @@ name:
 function:
 return:
 *********************************************************************************************************************/
+
 int kni_debug_info_v4(char* module,int state_flag,struct ip* a_packet)
 {
 	int iplen=ntohs(a_packet->ip_len);
@@ -78,7 +79,16 @@ int kni_debug_info_v4(char* module,int state_flag,struct ip* a_packet)

 }

-/*
+
+int kni_set_filestate2(int thread_seq,int colum_index,int bytes,int pktnum)
+{
+	g_kni_fs2_info.column_value_pkt[thread_seq][colum_index]+=pktnum;
+	g_kni_fs2_info.column_value_bytes[thread_seq][colum_index]+=bytes;
+
+	return 0;
+
+}
+
 int kni_filestate2_init()
 {	
 	int i=0;
@@ -94,13 +104,13 @@ int kni_filestate2_init()

 	g_kni_fs2_info.handler=FS_create_handle();

-	FS_set_para(g_kni_comminfo.fs2_handler, OUTPUT_DEVICE,fs2_filename, strlen(fs2_filename)+1);
-	FS_set_para(g_kni_comminfo.fs2_handler, PRINT_MODE, &value, sizeof(value));
-	FS_set_para(g_kni_comminfo.fs2_handler, STAT_CYCLE, &value, sizeof(value));
-	FS_set_para(g_kni_comminfo.fs2_handler, CREATE_THREAD, &value, sizeof(value));
-	FS_set_para(g_kni_comminfo.fs2_handler, APP_NAME, STEWARD_FS2_APPNAME, strlen(STEWARD_FS2_APPNAME)+1);
-	FS_set_para(g_kni_comminfo.fs2_handler, STATS_SERVER_IP, fs2_sip, strlen(fs2_sip)+1);
-	FS_set_para(g_kni_comminfo.fs2_handler, STATS_SERVER_PORT,&fs2_sport,sizeof(int));
+	FS_set_para(g_kni_fs2_info.handler, OUTPUT_DEVICE,fs2_filename, strlen(fs2_filename)+1);
+	FS_set_para(g_kni_fs2_info.handler, PRINT_MODE, &value, sizeof(value));
+	FS_set_para(g_kni_fs2_info.handler, STAT_CYCLE, &value, sizeof(value));
+	FS_set_para(g_kni_fs2_info.handler, CREATE_THREAD, &value, sizeof(value));
+	FS_set_para(g_kni_fs2_info.handler, APP_NAME, FS2_APPNAME, strlen(FS2_APPNAME)+1);
+	FS_set_para(g_kni_fs2_info.handler, STATS_SERVER_IP, fs2_sip, strlen(fs2_sip)+1);
+	FS_set_para(g_kni_fs2_info.handler, STATS_SERVER_PORT,&fs2_sport,sizeof(int));

 	for(i=0;i<FS2_COLUMN_NUM;i++)
 	{
@@ -119,19 +129,19 @@ void* kni_filestat2(void* arg)
 	int i=0;
 	int j=0;

-	unsigned long long column_value[STEWARD_COLUMN_NUM];
+	unsigned long long column_value[FS2_COLUMN_NUM];

 	kni_filestate2_init();

 	while(1)
 	{
-		for(i=0;i<STEWARD_COLUMN_NUM;i++)
+		for(i=0;i<FS2_COLUMN_NUM;i++)
 		{
 			column_value[i]=0;
 		
 			for(j=0;j<g_iThreadNum;j++)
 			{
-				column_value[i]+=g_kni_fs2_info.column_value[j][i];
+				column_value[i]+=g_kni_fs2_info.column_value_pkt[j][i];
 			}
 		
 			FS_operate(g_kni_fs2_info.handler,g_kni_fs2_info.column_id[i], 0,FS_OP_SET,column_value[i]);
@@ -142,7 +152,8 @@ void* kni_filestat2(void* arg)

 	return NULL;
 }
-*/
+
+

 /****************************************************************************
 if(sport<dport)								server=s
@@ -362,39 +373,6 @@ int tun_alloc_mq(char *dev, int queues, int *fds)
 }


-int tun_alloc(char *dev, int flags)
-{
-
-  struct ifreq ifr;
-  int fd, err;
-  char *clonedev = (char*)"/dev/net/tun";
-
-   /* open the clone device */
-   if( (fd = open(clonedev, O_RDWR)) < 0 ) {
-     return fd;
-   }
-
-   /* preparation of the struct ifr, of type "struct ifreq" */
-   memset(&ifr, 0, sizeof(ifr));
-
-   ifr.ifr_flags = flags;   /* IFF_TUN or IFF_TAP, plus maybe IFF_NO_PI */
-
-   if (*dev) {
-     strncpy(ifr.ifr_name, dev, IFNAMSIZ);
-   }
-
-   /* try to create the device */
-   if( (err = ioctl(fd, TUNSETIFF, (void *) &ifr)) < 0 ) {
-     close(fd);
-     return err;
-   }
-
-  strcpy(dev, ifr.ifr_name);
-
-  return fd;
-}
-
-
 /********************************************************************************************************************
 name:
 function:
@@ -432,8 +410,10 @@ name:
 function:
 return:
 *********************************************************************************************************************/
-char tun_write_data(int fd,char* send_buf,int send_buflen,struct streaminfo* pstream)
+char tun_write_data(int fd,char* send_buf,int send_buflen,struct streaminfo* pstream,int thread_seq)
 {
+	kni_set_filestate2(thread_seq,FS2_COLUME_WRITE,0,1);
+
 	char ret=APP_STATE_DROPPKT|APP_STATE_GIVEME;	
 	int succ_sendlen=0;
 	
@@ -557,7 +537,9 @@ int kni_sendpkt_routdir(int thread_seq,int iplen,char* ip,struct stream_tuple4_v
 	{
 		kni_debug_info_v4((char*)KNI_MODULE_SENDPKT,KNI_FLAG_SSL,(struct ip*)ip);
 	}
-	
+
+
+	kni_set_filestate2(thread_seq,FS2_COLUME_SEND,0,1);

 	return ret;

@@ -571,25 +553,20 @@ int kni_sendpkt_eth(int thread_seq,int iplen,char* ip,struct stream_tuple4_v4* i
 	int buflen=iplen+KNI_ETHER_LEN;

 	unsigned char buf[2000]={0};
-//	char* card_in=(char*)"p7p1";
-//	char* card_out=(char*)"em2";
 	unsigned short eth_type=0x0800;

-//	struct ip* iphdr=(struct ip*)ip;
 	uchar* tmp_smac;
 	uchar* tmp_dmac;

 	char* if_name=NULL;
 	if(iprever_flag==0)
 	{
-//		if_name=card_out;	
 		if_name=g_kni_comminfo.card_out;
 		tmp_smac=smac;
 		tmp_dmac=dmac;
 	}
 	else
 	{
-//		if_name=card_in;		
 		if_name=g_kni_comminfo.card_in;
 		tmp_smac=dmac;
 		tmp_dmac=smac;
@@ -627,9 +604,6 @@ int kni_sendpkt_eth(int thread_seq,int iplen,char* ip,struct stream_tuple4_v4* i
 		return -1;
 	}

-//	unsigned char* mac=(unsigned char*)ifr.ifr_hwaddr.sa_data;
-//	printf("%02x:%02x:%02x:%02x:%02x:%02x\n",mac[0],mac[1],mac[2],mac[3],mac[4],mac[5]);
-
 	sendpacket_build_ethernet((unsigned char*)tmp_dmac,(unsigned char*)tmp_smac,eth_type,(const unsigned char*)ip,iplen,(unsigned char*)buf);	

 	ret=sendto(g_kni_comminfo.ipv4_fd[thread_seq],buf,buflen,0,(struct sockaddr*)&addr,sizeof(addr));
@@ -700,7 +674,7 @@ int kni_keepalive_replay(struct stream_tuple4_v4* ipv4_addr,int iprever_flag,str
 	sendpacket_do_checksum((unsigned char*)sendbuf,IPPROTO_TCP,(iplen-4*(iphdr->ip_hl)));
 	sendpacket_do_checksum((unsigned char*)sendbuf,IPPROTO_IP,sizeof(struct ip));

-	tun_write_data(g_kni_comminfo.fd_tun[thread_seq],sendbuf,iplen,NULL);
+	tun_write_data(g_kni_comminfo.fd_tun[thread_seq],sendbuf,iplen,NULL,thread_seq);
 	
 	kni_debug_info_v4((char*)"recv_keepalive_request",5,(struct ip*)a_packet);
 	kni_debug_info_v4((char*)"send_keepalive_replay",5,(struct ip*)sendbuf);
@@ -787,7 +761,6 @@ int init_domain_fd()
 	
 	int i_fd = 0;    
 	struct sockaddr_un addr;    
-//	char serverpath[32] = "/home/server_unixsocket_file";
 	int i_addr_len = sizeof( struct sockaddr_un );    

 	if ( ( i_fd = socket( AF_UNIX, SOCK_STREAM, 0 ) ) < 0 )  		
@@ -883,6 +856,7 @@ void* kni_read_tun(void* arg)
 		}
 		else if(recv_len>0)
 		{
+			kni_set_filestate2(thread_seq,FS2_COLUME_READ,0,1);
 			kni_process_readdata(thread_seq,recv_len,recv_buf);
 		}
 	}
@@ -902,7 +876,6 @@ int kni_sendfds_domain()
 		memset(fds,0,KNI_FDS_NUM*sizeof(int));
 		fds_len=KNI_FDS_NUM*sizeof(int);
 		
-//		ret=MESA_lqueue_try_get_tail(g_kni_structinfo.lqueue_for_domain,fds,&fds_len);
 		ret=MESA_lqueue_get_tail(g_kni_structinfo.lqueue_for_domain,fds,&fds_len);
        if(ret==MESA_QUEUE_RET_QEMPTY)
        {
@@ -1240,13 +1213,13 @@ int kni_scan_whitelist_domain(char* domain,int domain_len,int thread_seq,scan_st
 	struct Maat_rule_t maat_result[KNI_MAX_SAMENUM];

 	string_scan_num=Maat_full_scan_string(g_kni_maatinfo.maat_feather,g_kni_maatinfo.tableid_domain,CHARSET_GBK,domain,domain_len,maat_result,&found_pos,KNI_MAX_SAMENUM,&mid,thread_seq);
-
+/*
 	if((g_kni_switch_info.maat_default_mode==KNI_DEFAULT_MODE_BYPASS)&&(string_scan_num==0))
 	{
 		action=KNI_ACTION_WHITELIST;
 		return action;
 	}
-	
+*/	
 	for(i=0;i<string_scan_num;i++)
 	{
 		action=abs(maat_result[i].action);
@@ -1613,10 +1586,12 @@ int kni_protocol_identify(const struct streaminfo* pstream,char* tcp_data,int tc
 {
 	if(kni_judge_http(pstream,domain,domain_len)==1)
 	{
+		kni_set_filestate2(pstream->threadnum,FS2_COLUME_HTTP,0,1);
 		return KNI_FLAG_HTTP;
 	}
 	else if(kni_judge_ssl(tcp_data,tcp_datalen,domain,domain_len)==KNI_FLAG_SSL) 
 	{
+		kni_set_filestate2(pstream->threadnum,FS2_COLUME_SSL,0,1);
 		return KNI_FLAG_SSL;
 	}

@@ -1661,6 +1636,7 @@ char kni_first_tcpdata(const struct streaminfo* pstream,const struct ip* ip_hdr,
 		action=kni_scan_whitelist_domain(domain,domain_len,pstream->threadnum,pmeinfo->mid);
 		if(action==KNI_ACTION_WHITELIST)
 		{
+			kni_set_filestate2(pstream->threadnum,FS2_COLUME_WITELIST_DOMAIN,0,1);
 			MESA_handle_runtime_log(g_kni_comminfo.logger, RLOG_LV_DEBUG,(char*)"whitelist_domain","domain:%s,domain_len:%d",(char*)(domain+5),domain_len);
 			kni_debug_info_v4((char*)"DOMIN_WHITELIST",0,(struct ip*)ip_hdr);

@@ -1724,6 +1700,7 @@ char kni_pending_opstate(const struct streaminfo* pstream,struct kni_pme_info* p
 	if(ipscan_action==KNI_ACTION_WHITELIST)
 	{
 		kni_debug_info_v4((char*)"IP_WHITELIST",0,(struct ip*)ip_hdr);
+		kni_set_filestate2(thread_seq,FS2_COLUME_WITELIST_IP,0,1);
 		return ret;	
 	}

@@ -1745,7 +1722,7 @@ char kni_pending_opstate(const struct streaminfo* pstream,struct kni_pme_info* p
 		ret=kni_first_tcpdata(pstream,ip_hdr,pmeinfo,data,datalen);
 		if((pmeinfo->status_flag==KNI_FLAG_HTTP) ||(pmeinfo->status_flag==KNI_FLAG_SSL))
 		{
-			ret=tun_write_data(g_kni_comminfo.fd_tun[thread_seq],(char*)ip_hdr,iplen,(struct streaminfo*)pstream);
+			ret=tun_write_data(g_kni_comminfo.fd_tun[thread_seq],(char*)ip_hdr,iplen,(struct streaminfo*)pstream,thread_seq);
 		}
 	}
 #ifndef KNI_DEBUG_TCPREPAIR
@@ -1795,7 +1772,7 @@ char kni_data_opstate(const struct streaminfo* pstream,struct kni_pme_info* pmei

 	if((pmeinfo->status_flag==KNI_FLAG_HTTP)||(pmeinfo->status_flag==KNI_FLAG_SSL))
 	{
-		ret=tun_write_data(g_kni_comminfo.fd_tun[thread_seq],(char*)ip_hdr,iplen,(struct streaminfo*)pstream);
+		ret=tun_write_data(g_kni_comminfo.fd_tun[thread_seq],(char*)ip_hdr,iplen,(struct streaminfo*)pstream,thread_seq);
 	}

 	return ret;
@@ -1821,12 +1798,13 @@ char kni_close_opstate(const struct streaminfo* pstream,struct kni_pme_info* pme
 extern "C" char kni_tcpall_entry(const struct streaminfo* pstream,void** pme,int thread_seq,const void* ip_hdr)
 {

-//	return APP_STATE_FAWPKT|APP_STATE_GIVEME;
 	char ret=APP_STATE_FAWPKT|APP_STATE_DROPME;	
 	if((g_kni_comminfo.kni_mode_cur==KNI_MODE_BYPASS)||(pstream->addr.addrtype==ADDR_TYPE_IPV6))
 	{
 		return ret;
 	}
+	
+	kni_set_filestate2(thread_seq,FS2_COLUME_RECV,0,1);


 	switch(pstream->pktstate)
@@ -1853,7 +1831,16 @@ extern "C" char kni_tcpall_entry(const struct streaminfo* pstream,void** pme,int
 		kni_free_pmeinfo(pme);
 		*pme=NULL;
 	}
-
+/*
+	if(ret&APP_STATE_DROPPKT)
+	{
+		kni_set_filestate2(thread_seq,FS2_COLUME_DROP,0,1);
+	}
+	else
+	{
+		kni_set_filestate2(thread_seq,FS2_COLUME_FWD,0,1);
+	}
+*/

 	return ret;
 	
@@ -2026,7 +2013,7 @@ extern "C" char kni_init()

 	pthread_t pid_read_tun;
 	pthread_t pid_pro_domain;
-//	pthread_t pid_kni_filestat2;
+	pthread_t pid_kni_filestat2;


 	inet_aton((const char *)&LOCAL_IP_ADDR,(struct in_addr*)&g_kni_comminfo.local_ip);
@@ -2142,7 +2129,7 @@ extern "C" char kni_init()

 	
 	pthread_create(&pid_pro_domain,NULL,kni_process_domain,NULL);
-//	pthread_create(&pid_kni_filestat2,NULL,kni_filestat2,NULL);
+	pthread_create(&pid_kni_filestat2,NULL,kni_filestat2,NULL);
 #endif