diff --git a/CMakeLists.txt b/CMakeLists.txt new file mode 100644 index 0000000..6d2c459 --- /dev/null +++ b/CMakeLists.txt @@ -0,0 +1,22 @@ +cmake_minimum_required(VERSION 3.5) +project(kni) + +set(CMAKE_MODULE_PATH ${PROJECT_SOURCE_DIR}/cmake) +#include(Version) + +set(CMAKE_CXX_STANDARD 11) +set(CMAKE_C_STANDARD 11) +set(CMAKE_POSITION_INDEPENDENT_CODE ON) +set (CMAKE_CXX_FLAGS "-Wall") + +add_definitions(-D_GNU_SOURCE) + +if (CMAKE_BUILD_TYPE STREQUAL Debug) + add_definitions(-DDEBUG) +endif() + +add_subdirectory(vendor) +add_subdirectory(common) +add_subdirectory(entry) + +# cmake -DCMAKE_BUILD_TYPE=Debug \ No newline at end of file diff --git a/common/CMakeLists.txt b/common/CMakeLists.txt new file mode 100644 index 0000000..83e9bbe --- /dev/null +++ b/common/CMakeLists.txt @@ -0,0 +1,3 @@ +add_library(common STATIC src/kni_utils.cpp src/ssl_utils.cpp) +target_include_directories(common PUBLIC ${CMAKE_CURRENT_LIST_DIR}/include) +target_link_libraries(common MESA_handle_logger) \ No newline at end of file diff --git a/common/include/kni_utils.h b/common/include/kni_utils.h index d30d425..b422b08 100644 --- a/common/include/kni_utils.h +++ b/common/include/kni_utils.h @@ -1,13 +1,13 @@ //TODO: 日志打印出文件名 + 行号 - - #pragma once #include #include +#include #include #include #include #include +#include #include #include "MESA/MESA_handle_logger.h" #include "MESA/MESA_htable.h" @@ -19,6 +19,11 @@ #define KNI_STRING_MAX 2048 #define KNI_PATH_MAX 256 #define KNI_SYMBOL_MAX 64 +#define KNI_DOMAIN_MAX 256 +#ifndef MIN +#define MIN(a, b) (((a) < (b)) ? (a) : (b)) +#endif + #define likely(expr) __builtin_expect((expr), 1) #define unlikely(expr) __builtin_expect((expr), 0) @@ -35,7 +40,7 @@ do { \ do { \ char location[KNI_PATH_MAX]; \ snprintf(location, KNI_PATH_MAX, "%s: line %d", __FILE__, __LINE__); \ - MESA_handle_runtime_log(handler, RLOG_LV_INFO, location, fmt, ##__VA_ARGS__); } while(0) + MESA_handle_runtime_log(handler, RLOG_LV_INFO, location, fmt, ##__VA_ARGS__); } while(0) #define KNI_LOG_DEBUG(handler, fmt, ...) \ do { \ @@ -43,5 +48,22 @@ do { \ snprintf(location, KNI_PATH_MAX, "%s: line %d", __FILE__, __LINE__); \ MESA_handle_runtime_log(handler, RLOG_LV_DEBUG, location, fmt, ##__VA_ARGS__); } while(0) -//fprintf(stderr, fmt "\n", ##__VA_ARGS__); -MESA_htable_handle KNI_utils_create_htable(const char *profile, const char *section, void *free_data_cb, void *expire_notify_cb, void *logger); \ No newline at end of file +//default tcp opt +#define KNI_DEFAULT_WINSCLE 0 +#define KNI_DEFAULT_MSS 1460 +#define KNI_DEFAULT_MTU 1500 +#define KNI_MTU 3000 +//TODO: 网络序 +struct kni_tcpopt_info{ + uint16_t mss; + uint8_t wscale; + uint8_t ts; + uint8_t sack; +}; + +uint16_t kni_ip_checksum(const void *buf, size_t hdr_len); +uint16_t kni_tcp_checksum(const void *_buf, size_t len, in_addr_t src_addr, in_addr_t dest_addr); +uint16_t kni_udp_checksum(const void *_buf, size_t len, in_addr_t src_addr, in_addr_t dest_addr); +struct kni_tcpopt_info* kni_get_tcpopt(struct tcphdr* tcphdr,int tcphdr_len); + +MESA_htable_handle kni_create_htable(const char *profile, const char *section, void *free_data_cb, void *expire_notify_cb, void *logger); \ No newline at end of file diff --git a/common/include/ssl_utils.h b/common/include/ssl_utils.h index f71d600..8f55d01 100644 --- a/common/include/ssl_utils.h +++ b/common/include/ssl_utils.h @@ -1,3 +1,4 @@ +#pragma once struct cipher_suite { int value; diff --git a/common/src/kni_utils.cpp b/common/src/kni_utils.cpp index e69de29..e3ce0fd 100644 --- a/common/src/kni_utils.cpp +++ b/common/src/kni_utils.cpp @@ -0,0 +1,151 @@ +#include "kni_utils.h" + +uint16_t kni_ip_checksum(const void *buf, size_t hdr_len){ + unsigned long sum = 0; + const uint16_t *ip1; + ip1 = (const uint16_t *)buf; + while(hdr_len > 1){ + sum += *ip1++; + if(sum & 0x80000000){ + sum = (sum & 0xFFFF) + (sum >> 16); + } + hdr_len -= 2; + } + while(sum >> 16){ + sum = (sum & 0xFFFF) + (sum >> 16); + } + return (~sum); +} + +uint16_t kni_tcp_checksum(const void *_buf, size_t len, in_addr_t src_addr, in_addr_t dest_addr){ + const uint16_t *buf = (u_int16_t *)_buf; + uint16_t *ip_src=(uint16_t *)&src_addr, *ip_dst=(uint16_t *)&dest_addr; + uint32_t sum; + size_t length=len; + // Calculate the sum + sum = 0; + while(len > 1){ + sum += *buf++; + if (sum & 0x80000000){ + sum = (sum & 0xFFFF) + (sum >> 16); + } + len -= 2; + } + if(len & 1){ + // Add the padding if the packet lenght is odd + sum += *((uint8_t *)buf); + } + // Add the pseudo-header + sum += *(ip_src++); + sum += *ip_src; + sum += *(ip_dst++); + sum += *ip_dst; + sum += htons(IPPROTO_TCP); + sum += htons(length); + // Add the carries + while(sum >> 16){ + sum = (sum & 0xFFFF) + (sum >> 16); + } + // Return the one's complement of sum + return ((uint16_t)(~sum)); +} + +uint16_t kni_udp_checksum(const void *_buf, size_t len, in_addr_t src_addr, in_addr_t dest_addr){ + const uint16_t *buf = (u_int16_t *)_buf; + uint16_t *ip_src=(u_int16_t *)&src_addr, *ip_dst=(u_int16_t *)&dest_addr; + uint32_t sum; + size_t length=len; + // Calculate the sum + sum = 0; + while(len > 1){ + sum += *buf++; + if (sum & 0x80000000){ + sum = (sum & 0xFFFF) + (sum >> 16); + } + len -= 2; + } + if(len & 1){ + // Add the padding if the packet lenght is odd + sum += *((uint8_t *)buf); + } + + // Add the pseudo-header + sum += *(ip_src++); + sum += *ip_src; + sum += *(ip_dst++); + sum += *ip_dst; + sum += htons(IPPROTO_UDP); + sum += htons(length); + + // Add the carries + while(sum >> 16){ + sum = (sum & 0xFFFF) + (sum >> 16); + } + // Return the one's complement of sum + return ( (uint16_t)(~sum) ); + } + + +struct kni_tcpopt_info* kni_get_tcpopt(struct tcphdr* tcphdr,int tcphdr_len){ + struct kni_tcpopt_info* tcpopt = (struct kni_tcpopt_info*)ALLOC(struct kni_tcpopt_info, 1); + tcpopt->mss = KNI_DEFAULT_MSS; + tcpopt->wscale = KNI_DEFAULT_WINSCLE; + + const unsigned char *ptr = ((const unsigned char*)tcphdr + 20); + int length = tcphdr_len - 20; + + while (length > 0){ + int opcode = *ptr++; + int opsize; + switch (opcode){ + case TCPOPT_EOL: + return tcpopt; + case TCPOPT_NOP: /* Ref: RFC 793 section 3.1 */ + length--; + continue; + default: + opsize = *ptr++; + if (opsize < 2) /* "silly options" */ + return tcpopt; + if (opsize > length) + return tcpopt; /* don't parse partial options */ + switch (opcode){ + case TCPOPT_MAXSEG: + if (opsize == TCPOLEN_MAXSEG){ + uint16_t in_mss = *(uint16_t *)ptr; + if(in_mss){ + tcpopt->mss = ntohs(in_mss); + } + } + break; + + case TCPOPT_WINDOW: + if (opsize == TCPOLEN_WINDOW){ + uint8_t snd_wscale = *(uint8_t *)ptr; + // rfc7323 page9: Thus, the shift count MUST be limited to 14 (which allows windows of 2^30 = 1 GiB). + // If a Window Scale option is received with a shift.cnt value larger than 14, + // the TCP SHOULD log the error but MUST use 14 instead of the specified value. */ + tcpopt->wscale = snd_wscale; + if(tcpopt->wscale > 14){ + tcpopt->wscale = 14; + } + //*wscale_perm=1; + } + break; + case TCPOPT_TIMESTAMP: + if ((opsize == TCPOLEN_TIMESTAMP)){ + tcpopt->ts = 1; + } + break; + case TCPOPT_SACK_PERMITTED: + if (opsize == TCPOLEN_SACK_PERMITTED){ + tcpopt->sack = 1; + } + break; + } + ptr += opsize-2; + length -= opsize; + } + } + return tcpopt; +} \ No newline at end of file diff --git a/common/src/ssl_utils.cpp b/common/src/ssl_utils.cpp index 72c6151..b742b27 100644 --- a/common/src/ssl_utils.cpp +++ b/common/src/ssl_utils.cpp @@ -1,6 +1,5 @@ -#include -#include -#include +#include "kni_utils.h" +#include "ssl_utils.h" struct cipher_suite cipher_suite_list[] = { @@ -243,7 +242,7 @@ static enum chello_parse_result parse_extensions(const unsigned char* buff, size static char* parse_cipher_suites(struct cipher_suite* _cipher_suite_list, int n, const unsigned char* buff, size_t buff_len, enum chello_parse_result* result) { - char* cipher_suites_str = (char* )malloc(TFE_STRING_MAX); + char* cipher_suites_str = (char* )malloc(KNI_STRING_MAX); cipher_suites_str[0] = '\0'; size_t pos = 0; int flag = 0; @@ -255,13 +254,13 @@ static char* parse_cipher_suites(struct cipher_suite* _cipher_suite_list, int n, int val = (buff[pos] << 8) + buff[pos + 1]; if(_cipher_suite_list[i].value == val) { - if(strnlen(_cipher_suite_list[i].name, TFE_STRING_MAX) + strnlen(cipher_suites_str, TFE_STRING_MAX) + 1 > TFE_STRING_MAX) + if(strnlen(_cipher_suite_list[i].name, KNI_STRING_MAX) + strnlen(cipher_suites_str, KNI_STRING_MAX) + 1 > KNI_STRING_MAX) { flag = 1; break; } - strncat(cipher_suites_str, _cipher_suite_list[i].name, TFE_STRING_MAX); - strncat(cipher_suites_str, ":", TFE_STRING_MAX); + strncat(cipher_suites_str, _cipher_suite_list[i].name, KNI_STRING_MAX); + strncat(cipher_suites_str, ":", KNI_STRING_MAX); } } pos += 2; @@ -270,7 +269,7 @@ static char* parse_cipher_suites(struct cipher_suite* _cipher_suite_list, int n, break; } } - int len = strnlen(cipher_suites_str, TFE_STRING_MAX); + int len = strnlen(cipher_suites_str, KNI_STRING_MAX); if(len > 0) { cipher_suites_str[len-1] = '\0'; diff --git a/conf/kni.conf b/conf/kni.conf new file mode 100644 index 0000000..287222e --- /dev/null +++ b/conf/kni.conf @@ -0,0 +1,14 @@ +[global] +log_path = ./log/kni/kni.log +log_level = 10 + +[maat] +readconf_mode = 1 +tableinfo_path = ./conf/kni/maat_tableinfo.conf +maatjson_path = ./conf/kni/maat_test.json +tablename_intercept_compile = PXY_INTERCEPT_COMPILE + +[marsio] +appsym = knifw +dev_symbol = eth4 + diff --git a/conf/maat/maat_tableinfo.conf b/conf/maat/maat_tableinfo.conf new file mode 100644 index 0000000..8931b5a --- /dev/null +++ b/conf/maat/maat_tableinfo.conf @@ -0,0 +1,4 @@ +1 PXY_INTERCEPT_COMPILE compile escape -- +2 PXY_INTERCEPT_GROUP group -- +3 PXY_INTERCEPT_IP ip -- +4 PXY_INTERCEPT_DOMAIN expr utf8 utf8 yes 0 \ No newline at end of file diff --git a/run/wyconf/hid_maat_test.json.bak b/conf/maat/maat_test.json similarity index 71% rename from run/wyconf/hid_maat_test.json.bak rename to conf/maat/maat_test.json index 5a1d1ea..72a3b69 100644 --- a/run/wyconf/hid_maat_test.json.bak +++ b/conf/maat/maat_test.json @@ -1,26 +1,26 @@ { - "compile_table": "MATT_CONFIG_COMPILE", - "group_table": "MATT_CONFIG_GROUP", + "compile_table": "PXY_INTERCEPT_COMPILE", + "group_table": "PXY_INTERCEPT_GROUP", "rules": [ { "compile_id": 1, "service": 1, - "action": 2, + "action":120, "do_blacklist": 1, "do_log": 1, "effective_rage": 0, - "user_region": "192.168.100.100", + "user_region": "zone=pkt_payload;substitute=/AAAA/BBBB", "is_valid": "yes", "groups": [ { - "group_name": "group_1", + "group_name": "Untitled", "regions": [ { - "table_name": "HID_IP", + "table_name": "PXY_INTERCEPT_IP", "table_type": "ip", "table_content": { "addr_type": "ipv4", - "src_ip": "114.114.114.114", + "src_ip": "192.168.192.135", "mask_src_ip": "255.255.255.255", "src_port": "0", "mask_src_port": "65535", @@ -36,27 +36,27 @@ } ] }, - { + { "compile_id": 2, - "service": 48, - "action": 2, + "service": 1, + "action":120, "do_blacklist": 1, "do_log": 1, "effective_rage": 0, - "user_region": "192.168.10.100", + "user_region": "zone=pkt_payload;substitute=/AAAA/BBBB", "is_valid": "yes", "groups": [ { "group_name": "Untitled", "regions": [ { - "table_name": "HID_CONTENT", + "table_name": "PXY_INTERCEPT_DOMAIN", "table_type": "string", "table_content": { - "keywords": "3d87a97d", + "keywords": "www.google.com", "expr_type": "none", "match_method": "sub", - "format":"hexbin" + "format": "uncase plain" } } ] diff --git a/conf/sapp/conflist_business.inf b/conf/sapp/conflist_business.inf new file mode 100644 index 0000000..d2df915 --- /dev/null +++ b/conf/sapp/conflist_business.inf @@ -0,0 +1 @@ +./plug/business/kni/kni.inf \ No newline at end of file diff --git a/conf/sapp/kni/kni.inf b/conf/sapp/kni/kni.inf new file mode 100644 index 0000000..bbbc20d --- /dev/null +++ b/conf/sapp/kni/kni.inf @@ -0,0 +1,13 @@ +[PLUGINFO] +PLUGNAME = KNI +SO_PATH = ./plug/business/kni/libkni.so +INIT_FUNC = kni_init +DESTROY_FUNC = + +[TCP_ALL] +FUNC_FLAG = all +FUNC_NAME = kni_tcpall_entry + +[HTTP] +FUNC_FLAG = HTTP_HOST +FUNC_NAME = kni_http_entry diff --git a/entry/CMakeLists.txt b/entry/CMakeLists.txt new file mode 100644 index 0000000..5db1562 --- /dev/null +++ b/entry/CMakeLists.txt @@ -0,0 +1,3 @@ +add_library(kni SHARED src/kni_entry.cpp src/kni_maat.cpp) +target_include_directories(kni PUBLIC ${CMAKE_CURRENT_LIST_DIR}/include) +target_link_libraries(kni common MESA_prof_load MESA_field_stat maatframe marsio) \ No newline at end of file diff --git a/entry/include/kni_entry.h b/entry/include/kni_entry.h new file mode 100644 index 0000000..e2c5709 --- /dev/null +++ b/entry/include/kni_entry.h @@ -0,0 +1,99 @@ + +#define HTTP_PROJECT_NAME "kni_http_tag" +#define BURST_MAX 1 + +enum kni_protocol{ + KNI_PROTOCOL_UNKNOWN = 0, + KNI_PROTOCOL_SSL, + KNI_PROTOCOL_HTTP, +}; + +struct http_project{ + int host_len; + char host[KNI_DOMAIN_MAX]; +}; + +struct pme_info{ + int protocol; + int action; + struct kni_tcpopt_info *client_tcpopt; + struct kni_tcpopt_info *server_tcpopt; +}; + +struct wrapped_packet{ + char data[KNI_MTU]; +}; + +struct tcp_option_restore{ + uint8_t kind; + uint8_t len; + uint16_t offset; +}; + +struct kni_marsio_handle{ + struct mr_instance *instance; + struct mr_vdev *dev_handler; + struct mr_sendpath *dev_sendpath; +}; + +struct protocol_identify_result{ + int protocol; + char domain[KNI_DOMAIN_MAX]; + int domain_len; +}; + +//TODO: 有些字段可以不要 +struct pkt_info{ + struct iphdr *iphdr; + int iphdr_len; + int ip_totlen; + struct tcphdr *tcphdr; + int tcphdr_len; + char *data; + int data_len; +}; + +enum tcp_restore_info_tlv_type +{ + TCP_RESTORE_INFO_TLV_SEQ, + TCP_RESTORE_INFO_TLV_ACK, + TCP_RESTORE_INFO_TLV_MSS_CLIENT, + TCP_RESTORE_INFO_TLV_MSS_SERVER, + TCP_RESTORE_INFO_TLV_WSACLE_CLIENT, + TCP_RESTORE_INFO_TLV_WSACLE_SERVER, + TCP_RESTORE_INFO_TLV_SACK_CLIENT, + TCP_RESTORE_INFO_TLV_SACK_SERVER, + TCP_RESTORE_INFO_TLV_TS_CLIENT, + TCP_RESTORE_INFO_TLV_TS_SERVER, + TCP_RESTORE_INFO_TLV_USER_DEFINED +}; + +struct tcp_restore_info_tlv +{ + uint16_t type; + uint16_t length; + + union + { + uint8_t value_as_uint8[0]; + uint16_t value_as_uint16[0]; + uint32_t value_as_uint32[0]; + unsigned char value_as_string[0]; + }; +} __attribute__((packed)); + +struct tcp_restore_info_header +{ + uint8_t __magic__[2]; /* Must be 0x4d, 0x5a */ + uint16_t nr_tlvs; + struct tcp_restore_info_tlv tlvs[0]; +} __attribute__((packed)); + +struct kni_handle{ + int http_project_id; + struct kni_marsio_handle *marsio_handle; + struct kni_maat_handle *maat_handle; + void *logger; +}; + +#define TCP_RESTORE_HEADER_MAX 128 \ No newline at end of file diff --git a/entry/include/kni_maat.h b/entry/include/kni_maat.h new file mode 100644 index 0000000..63bcc99 --- /dev/null +++ b/entry/include/kni_maat.h @@ -0,0 +1,21 @@ + +#define KNI_MAAT_READCONF_IRIS 0 +#define KNI_MAAT_READCONF_JSON 1 +#define KNI_MAAT_READCONF_REDIS 2 +#define KNI_MAAT_RULE_NUM_MAX 8 +struct kni_maat_handle{ + Maat_feather_t feather; + int default_action; + int tableid_intercept_compile; + void *logger; +}; + +enum kni_action{ + KNI_ACTION_UNKNOWN = 0, + KNI_ACTION_INTERCEPT, + KNI_ACTION_BYPASS, +}; +struct kni_maat_handle* kni_maat_init(const char* profile, void *logger); +void kni_maat_destroy(struct kni_maat_handle *handle); +int kni_maat_scan_ip(struct kni_maat_handle* handle, struct ipaddr *addr, int thread_seq, void *logger); +int kni_maat_scan_domain(struct kni_maat_handle* handle, char *domain, int domain_len, int thread_seq, void *logger); \ No newline at end of file diff --git a/entry/main.cpp b/entry/main.cpp deleted file mode 100644 index 6c8a26b..0000000 --- a/entry/main.cpp +++ /dev/null @@ -1,68 +0,0 @@ - - - - - - -//syn包开始回调 -extern "C" char kni_tcpall_entry(const struct streaminfo* pstream, void** pme, int thread_seq, const void* a_packet){ - //当前包bypass, 剩下包bypass - char ret = APP_STATE_FAWPKT|APP_STATE_DROPME; - struct kni_ipv6_hdr* ipv6_hdr = NULL; - struct kni_pme_info *pmeinfo = *(struct kni_pme_info **)pme; - if(pstream->addr.addrtype==ADDR_TYPE_IPV6){ - ipv6_hdr = (struct kni_ipv6_hdr*)a_packet; - if((a_packet != NULL) && (ipv6_hdr->ip6_nex_hdr != NEXTHDR_TCP)){ - kni_filestate2_set(thread_seq,FS_DROP_IPV6OPT,0,1); - return ret; - } - } - switch(pstream->pktstate){ - case OP_STATE_PENDING: - kni_filestate2_set(thread_seq,FS_PENDING,0,1); - kni_filestate2_set(thread_seq,FS_PMENUM,0,1); - *pme=pmeinfo=kni_pmeinfo_new(); - ret=kni_pending_opstate(pstream, pmeinfo, thread_seq, a_packet, PROTO_TYPE_TCP); - break; - - case OP_STATE_DATA: - ret=kni_data_opstate(pstream, pmeinfo, thread_seq,a_packet, PROTO_TYPE_TCP); - break; - - case OP_STATE_CLOSE: - if(a_packet == NULL) - { - kni_filestate2_set(thread_seq,FS_CLOSE_TIMEOUT,0,1); - } - else - { - kni_filestate2_set(thread_seq,FS_CLOSE_FIN,0,1); - } - - ret=kni_close_opstate(pstream,(struct kni_pme_info*)*pme,thread_seq,a_packet,PROTO_TYPE_TCP); - break; - - default: - break; - } - - if((ret&APP_STATE_DROPME)&& pmeinfo!=NULL) - { - kni_filestate2_set(thread_seq,FS_PMENUM,0,-1); - kni_free_pmeinfo(pmeinfo); - *pme=NULL; - - if(pstream->pktstate != OP_STATE_CLOSE) - { - kni_filestate2_set(thread_seq,FS_CLOSE_DROPME,0,1); - } - } - - clock_gettime(CLOCK_MONOTONIC, &end); - - elapse=(end.tv_sec-start.tv_sec)*1000000+(end.tv_nsec-start.tv_nsec)/1000; - FS_operate(g_kni_fs2_info.handler, g_kni_fs2_info.metric_sapp_proc, 0, FS_OP_SET, elapse); - - return ret; - -} \ No newline at end of file diff --git a/entry/src/kni_entry.cpp b/entry/src/kni_entry.cpp new file mode 100644 index 0000000..56ffeec --- /dev/null +++ b/entry/src/kni_entry.cpp @@ -0,0 +1,430 @@ +#include "kni_utils.h" +#include "ssl_utils.h" +#include "kni_entry.h" +#include "marsio.h" +#include "kni_maat.h" +#include "MESA/http.h" + +extern int g_iThreadNum; + +//APP_STATE_DROPME/GIVEME: 当前tcp会话的剩下包是否回调 +//APP_STATE_FAWPKT/DROPPKT: 当前包是否丢弃or转发,如果是丢弃,当前包不会给后面的插件 +//PROT_STATE_GIVEME/DROPME: 当前http会话的剩下包是否回调 + + +//TODO: seq, ack 是当拿到client hello时传给秋秋,取client hello的 seq, ack, 时间戳和sack没有解, 不用解,只需要知道enable/disable即可 +//TODO: 注意内存泄漏,ALLOC对应的FREE, 还有calloc +//TOOD: 函数加static +//TODO: 统计syn/syn/ack个数,流个数, pending not syn个数, not syn/ack个数, 单向流数量, 发往tfe的包数,流数,收到的包数,流数 + +//多个tcpall插件,APP_STATE_DROPPKT, APP_STATE_FAWPKT? 有一个droppkt,就不给后面的插件了 +//一个tcp流中有多个http,ssl会话的情况,只扫描第一个 + + +struct kni_handle *g_kni_handle; +//int g_http_project_id; +//struct kni_marsio_handle *g_kni_marsio_handle; +//g_iThreadNum 为sapp线程数 + +static struct pme_info* pme_info_new(){ + struct pme_info* pmeinfo = ALLOC(struct pme_info, 1); + return pmeinfo; +} + +static void pme_info_destroy(struct pme_info *pmeinfo){ + if(pmeinfo != NULL){ + if(pmeinfo->client_tcpopt != NULL){ + FREE(&(pmeinfo->client_tcpopt)); + } + if(pmeinfo->server_tcpopt != NULL){ + FREE(&(pmeinfo->server_tcpopt)); + } + FREE(&pmeinfo); + } +} + +static int protocol_identify(const struct streaminfo* stream, char *buf, int len, struct protocol_identify_result *result){ + //判断是http + struct http_project* project = (struct http_project*)project_req_get_struct(stream, g_kni_handle->http_project_id); + if(project != NULL){ + result->protocol = KNI_PROTOCOL_HTTP; + result->domain_len = project->host_len; + memcpy(result->domain, project->host, result->domain_len); + return 0; + } + + //判断是ssl + enum chello_parse_result chello_status = CHELLO_PARSE_INVALID_FORMAT; + struct ssl_chello *chello = NULL; + chello = ssl_chello_parse((const unsigned char*)buf, len, &chello_status); + if(chello_status == CHELLO_PARSE_SUCCESS){ + result->protocol = KNI_PROTOCOL_SSL; + result->domain_len = strnlen(chello->sni, KNI_DOMAIN_MAX); + memcpy(result->domain, chello->sni, result->domain_len); + ssl_chello_free(chello); + return 0; + } + + ssl_chello_free(chello); + result->protocol = KNI_PROTOCOL_UNKNOWN; + return 0; +} + +static int tcp_restore_info_tlv_add(uint16_t type, uint16_t value_len, uint32_t value, char *header, int *offset, int *nr_tlvs){ + int tlv_len = sizeof(tcp_restore_info_tlv) + value_len; + struct tcp_restore_info_tlv *tlv_info = (struct tcp_restore_info_tlv*)calloc(tlv_len, 1); + tlv_info->type= htons(type); + tlv_info->length = htons(tlv_len); + if(value_len == 1){ + tlv_info->value_as_uint8[0] = value; + } + if(value_len == 2){ + tlv_info->value_as_uint16[0] = value; + } + if(value_len == 4){ + tlv_info->value_as_uint32[0] = value; + } + memcpy(header + *offset, tlv_info, tlv_len); + *offset += tlv_len; + (*nr_tlvs)++; + free(tlv_info); + return 0; +} + +static struct tcp_restore_info_header* tcp_restore_info_header_new(struct pme_info *pmeinfo, struct pkt_info *pktinfo, int *len){ + struct tcp_restore_info_header *header = (struct tcp_restore_info_header*)calloc(TCP_RESTORE_HEADER_MAX, 1); + int offset = sizeof(struct tcp_restore_info_header); + int nr_tlvs = 0; + tcp_restore_info_tlv_add(TCP_RESTORE_INFO_TLV_SEQ, 4, pktinfo->tcphdr->seq, (char*)header, &offset, &nr_tlvs); + tcp_restore_info_tlv_add(TCP_RESTORE_INFO_TLV_ACK, 4, pktinfo->tcphdr->ack_seq, (char*)header, &offset, &nr_tlvs); + tcp_restore_info_tlv_add(TCP_RESTORE_INFO_TLV_MSS_CLIENT, 2, htons(pmeinfo->client_tcpopt->mss), (char*)header, &offset, &nr_tlvs); + tcp_restore_info_tlv_add(TCP_RESTORE_INFO_TLV_MSS_SERVER, 2, htons(pmeinfo->server_tcpopt->mss), (char*)header, &offset, &nr_tlvs); + tcp_restore_info_tlv_add(TCP_RESTORE_INFO_TLV_WSACLE_CLIENT, 1, pmeinfo->client_tcpopt->wscale, (char*)header, &offset, &nr_tlvs); + tcp_restore_info_tlv_add(TCP_RESTORE_INFO_TLV_WSACLE_SERVER, 1, pmeinfo->server_tcpopt->wscale, (char*)header, &offset, &nr_tlvs); + tcp_restore_info_tlv_add(TCP_RESTORE_INFO_TLV_SACK_CLIENT, 1, pmeinfo->client_tcpopt->sack, (char*)header, &offset, &nr_tlvs); + tcp_restore_info_tlv_add(TCP_RESTORE_INFO_TLV_SACK_SERVER, 1, pmeinfo->server_tcpopt->sack, (char*)header, &offset, &nr_tlvs); + tcp_restore_info_tlv_add(TCP_RESTORE_INFO_TLV_TS_CLIENT, 1, pmeinfo->client_tcpopt->ts, (char*)header, &offset, &nr_tlvs); + tcp_restore_info_tlv_add(TCP_RESTORE_INFO_TLV_TS_SERVER, 1, pmeinfo->server_tcpopt->ts, (char*)header, &offset, &nr_tlvs); + header->__magic__[0] = 0x4d; + header->__magic__[1] = 0x5a; + header->nr_tlvs = htons(nr_tlvs); + *len = offset; + return header; +} + +static char* tcp_restore_info_header_add(struct pme_info *pmeinfo, struct pkt_info *pktinfo, int *len){ + //tcp option: kind 88, len 4, control_info_len + char *new_pkt = (char*)ALLOC(struct wrapped_packet, 1); + struct iphdr *iphdr = (struct iphdr*)new_pkt; + int offset = 0; + //iphdr + memcpy(new_pkt, (void*)pktinfo->iphdr, pktinfo->iphdr_len); + offset += pktinfo->iphdr_len; + //tcphdr + struct tcphdr *tcphdr = (struct tcphdr*)(new_pkt + offset); + memcpy(new_pkt + offset, (void*)pktinfo->tcphdr, 20); + offset += 20; + tcphdr->doff = pktinfo->tcphdr->doff + 1; + struct tcp_option_restore *opt = ALLOC(struct tcp_option_restore, 1); + opt->kind = 88; + opt->len = 4; + opt->offset = htons(pktinfo->data_len); + memcpy(new_pkt + offset, (void*)opt, 4); + offset += 4; + memcpy(new_pkt + offset, (void*)((char*)pktinfo->tcphdr + 20), pktinfo->tcphdr_len - 20); + offset += pktinfo->tcphdr_len - 20; + //data + memcpy(new_pkt + offset, (void*)pktinfo->data, pktinfo->data_len); + offset += pktinfo->data_len; + //tcp_restore_info_header + int header_len = 0; + struct tcp_restore_info_header* header = tcp_restore_info_header_new(pmeinfo, pktinfo, &header_len); + memcpy(new_pkt + offset, (void*)header, header_len); + offset += header_len; + free(header); + //iphdr: tot_len + iphdr->tot_len = htons(offset); + //iphdr: checksum + //计算校验和之前一定要先置0 + iphdr->check = 0; + iphdr->check = kni_ip_checksum((void*)iphdr, pktinfo->iphdr_len); + //tcphdr: checkdum + tcphdr->check = 0; + tcphdr->check = kni_tcp_checksum((void*)tcphdr, offset - pktinfo->iphdr_len, iphdr->saddr, iphdr->daddr); + *len = offset; + return new_pkt; +} + +static int send_to_tfe(struct kni_marsio_handle *handle, char *raw_data, int raw_len, int thread_seq){ + void *logger = g_kni_handle->logger; + KNI_LOG_DEBUG(logger, "send packet to tfe"); + marsio_buff_t *tx_buffs[BURST_MAX]; + unsigned int ret = 1; + //TODO: marsio配置文件: 2500 + int alloc_ret = marsio_buff_malloc_device(handle->dev_handler, tx_buffs, ret, 0, thread_seq); + if (alloc_ret < 0){ + KNI_LOG_ERROR(logger, "Failed at alloc marsio buffer, ret is %d, thread_seq is %d", ret, thread_seq); + return -1; + } + void * dst_data = marsio_buff_append(tx_buffs[0], raw_len + 14); + unsigned char ethernet_header[14] = {0xfe, 0x65, 0xb7, 0x03, 0x50, 0xbd, 0xe8, 0x61, 0x1f, 0x13, 0x70, 0x7a, 0x08, 0x00}; + memcpy(dst_data, ethernet_header, 14); + memcpy((char*)dst_data + 14, raw_data, raw_len); + marsio_send_burst(handle->dev_sendpath, thread_seq, tx_buffs, ret); + return 0; +} + +static char pending_opstate(const struct streaminfo *stream, struct pme_info *pmeinfo, struct pkt_info *pktinfo){ + void *logger = g_kni_handle->logger; + if(!pktinfo->tcphdr->syn){ + //TODO: pending_opstate 不是syn, bypass这个流 + KNI_LOG_ERROR(logger, "pending opstate: not syn"); + return APP_STATE_FAWPKT | APP_STATE_DROPME; + } + pmeinfo->client_tcpopt = kni_get_tcpopt(pktinfo->tcphdr, pktinfo->tcphdr_len); + return APP_STATE_FAWPKT | APP_STATE_GIVEME; +} + +static int get_action(struct ipaddr *addr, char *domain, int domain_len, int thread_seq){ + //return KNI_ACTION_INTERCEPT; + int action = kni_maat_scan_ip(g_kni_handle->maat_handle, addr, thread_seq, g_kni_handle->logger); + if(action == KNI_ACTION_BYPASS){ + return action; + } + action = kni_maat_scan_domain(g_kni_handle->maat_handle, domain, domain_len, thread_seq, g_kni_handle->logger); + return action; +} + +//TODO: 这一块逻辑需要和洋姐和秋秋讨论一下 +static char data_opstate(const struct streaminfo *stream, struct pme_info *pmeinfo, struct pkt_info *pktinfo, int thread_seq){ + void *logger = g_kni_handle->logger; + char *buf = (char*)pktinfo->iphdr; + int len = pktinfo->ip_totlen; + //action取值只能为 KNI_ACTION_INTERCEPT, KNI_ACTION_UNKNOWN, 因为判断是KNI_ACTION_BYPASS之后直接返回 APP_STATE_DROPME了 + if(pmeinfo->action == KNI_ACTION_INTERCEPT){ + send_to_tfe(g_kni_handle->marsio_handle, buf, len, thread_seq); + return APP_STATE_DROPPKT | APP_STATE_GIVEME; + } + //TODO: client hello如果跨包怎么办?client hello后面一个包先到,这个包该丢掉还是bypass + //此时 action = KNI_ACTION_UNKNOWN, 说明还没收到第一个数据包 + // syn/ack包 + if(pktinfo->tcphdr->syn && pktinfo->tcphdr->ack){ + pmeinfo->server_tcpopt = kni_get_tcpopt(pktinfo->tcphdr, pktinfo->tcphdr_len); + return APP_STATE_FAWPKT | APP_STATE_GIVEME; + } + if(pktinfo->data_len <= 0){ + return APP_STATE_FAWPKT | APP_STATE_GIVEME; + } + //第一个数据包: 如果从第一个数据包判断不出协议,直接返回,后续包也不要了 + //单向流, 直接bypass + if(stream->dir != DIR_DOUBLE){ + KNI_LOG_INFO(logger, "stream dir is %d, bypass", stream->dir); + return APP_STATE_FAWPKT | APP_STATE_DROPME; + } + struct protocol_identify_result *result = ALLOC(struct protocol_identify_result, 1); + protocol_identify(stream, pktinfo->data, pktinfo->data_len, result); + pmeinfo->protocol = result->protocol; + if(pmeinfo->protocol == KNI_PROTOCOL_UNKNOWN){ + KNI_LOG_INFO(logger, "Failed at protocol_identify, protocol is %d\n", pmeinfo->protocol); + FREE(&result); + return APP_STATE_FAWPKT | APP_STATE_DROPME; + } + //protocol = KNI_PROTOCOL_SSL/KNI_PROTOCOL_HTTP, 判断action, action返回值: KNI_ACTION_INTERCEPT/KNI_ACTION_BYPASS + pmeinfo->action = get_action((struct ipaddr*)(&stream->addr), result->domain, result->domain_len, thread_seq); + FREE(&result); + if(pmeinfo->action == KNI_ACTION_BYPASS){ + return APP_STATE_FAWPKT | APP_STATE_DROPME; + } + //TODO: 这块比较奇怪, 收到client hello, 但是没有syn/ack包, 直接bypass了 + if(pmeinfo->client_tcpopt == NULL || pmeinfo->server_tcpopt == NULL){ + KNI_LOG_ERROR(logger, "Failed at intercept, %s, %s", pmeinfo->client_tcpopt == NULL ? "no syn" : "", + pmeinfo->server_tcpopt == NULL ? "no syn/ack" : ""); + return APP_STATE_FAWPKT | APP_STATE_DROPME; + } + //action = KNI_ACTION_INTERCEPT, 带上控制信息发送给qq, 要修改ip, tcp的校验和 + buf = tcp_restore_info_header_add(pmeinfo, pktinfo, &len); + send_to_tfe(g_kni_handle->marsio_handle, buf, len, thread_seq); + FREE(&buf); + return APP_STATE_DROPPKT | APP_STATE_GIVEME; +} + +static char close_opstate(){ + return APP_STATE_FAWPKT | APP_STATE_DROPME; +} + +//从syn包开始回调 +extern "C" char kni_tcpall_entry(const struct streaminfo* stream, void** pme, int thread_seq, const void* a_packet){ + void *logger = g_kni_handle->logger; + KNI_LOG_DEBUG(logger, "call kni_tcpall_entry"); + //当前包bypass, 剩下包bypass + //TODO: ipv6暂时不处理, ipv6: 通过nexthdr链式寻找tcp头(IPPROTO_TCP) + if(stream->addr.addrtype == ADDR_TYPE_IPV6){ + return APP_STATE_FAWPKT | APP_STATE_DROPME; + } + //a_packet == NULL, 不处理这个包 + if(a_packet == NULL){ + return APP_STATE_FAWPKT | APP_STATE_GIVEME; + } + struct pme_info *pmeinfo = *(struct pme_info **)pme; + //pktinfo + struct pkt_info *pktinfo = (struct pkt_info*)ALLOC(struct pkt_info, 1); + pktinfo->iphdr = (struct iphdr*)a_packet; + pktinfo->iphdr_len = pktinfo->iphdr->ihl * 4; + pktinfo->ip_totlen = ntohs(pktinfo->iphdr->tot_len); + pktinfo->tcphdr = (struct tcphdr*)((char*)pktinfo->iphdr + pktinfo->iphdr_len); + pktinfo->tcphdr_len = pktinfo->tcphdr->doff * 4; + pktinfo->data = (char*)pktinfo->tcphdr + pktinfo->tcphdr_len; + pktinfo->data_len = pktinfo->ip_totlen - pktinfo->iphdr_len - pktinfo->tcphdr_len; + int ret = APP_STATE_FAWPKT | APP_STATE_DROPME; + switch(stream->pktstate){ + case OP_STATE_PENDING: + *pme = pmeinfo = pme_info_new(); + ret = pending_opstate(stream, pmeinfo, pktinfo); + break; + case OP_STATE_DATA: + ret = data_opstate(stream, pmeinfo, pktinfo, thread_seq); + break; + case OP_STATE_CLOSE: + ret = close_opstate(); + break; + default: + break; + } + FREE(&pktinfo); + if((ret & APP_STATE_DROPME)){ + pme_info_destroy(pmeinfo); + *pme = NULL; + } + return ret; +} + +void http_project_free(int thread_seq, void *project_req_value){ + FREE(&project_req_value); +} + +static int http_project_init(){ + void *logger = g_kni_handle->logger; + int id = project_producer_register(HTTP_PROJECT_NAME, PROJECT_VAL_TYPE_STRUCT, http_project_free); + if(id < 0){ + KNI_LOG_ERROR(logger, "Failed at project_producer_register, project name is %s, ret is %d", HTTP_PROJECT_NAME, id); + return -1; + } + id = project_customer_register(HTTP_PROJECT_NAME, PROJECT_VAL_TYPE_STRUCT); + if(id < 0){ + KNI_LOG_ERROR(logger, "Failed at project_customer_register, project name is %s, ret is %d", HTTP_PROJECT_NAME, id); + return -1; + } + return id; +} + +extern "C" char kni_http_entry(stSessionInfo* session_info, void **pme, int thread_seq, struct streaminfo *a_stream, const void *a_packet){ + http_infor* http_info = (http_infor*)(session_info->app_info); + //http_session_seq = 1表示只处理tcp链接中的第一个http会话 + if(http_info->http_session_seq != 1){ + return PROT_STATE_DROPME; + } + if(session_info->prot_flag != HTTP_HOST){ + return PROT_STATE_GIVEME; + } + int host_len = MIN(session_info->buflen, KNI_DEFAULT_MTU); + struct http_project* host_info = ALLOC(struct http_project, 1); + host_info->host_len = host_len; + memcpy(host_info->host, session_info->buf, host_len); + if(project_req_add_struct(a_stream, g_kni_handle->http_project_id, host_info) < 0){ + FREE(&host_info); + host_info = NULL; + } + return PROT_STATE_DROPME; +} + +static void kni_marsio_destroy(struct kni_marsio_handle *handle){ + //TODO: dev_handler, dev_sendpath不需要free吗 + if(handle != NULL){ + if(handle->instance != NULL){ + marsio_destory(handle->instance); + } + } + FREE(&handle); +} + +static struct kni_marsio_handle* kni_marsio_init(const char* profile){ + void *logger = g_kni_handle->logger; + const char* section = "marsio"; + char appsym[KNI_SYMBOL_MAX]; + char dev_symbol[KNI_SYMBOL_MAX]; + MESA_load_profile_string_def(profile, section, "appsym", appsym, sizeof(appsym), "unknown"); + MESA_load_profile_string_def(profile, section, "dev_symbol", dev_symbol, sizeof(dev_symbol), "unknown"); + KNI_LOG_INFO(logger, "MESA_prof_load, [%s]:\n appsym: %s\n dev_symbol: %s", section, appsym, dev_symbol); + struct mr_instance *instance = marsio_create(); + if(instance == NULL){ + KNI_LOG_ERROR(logger, "Failed at marsio_create"); + return NULL; + } + unsigned int opt_value = 1; + marsio_option_set(instance, MARSIO_OPT_EXIT_WHEN_ERR, &opt_value, sizeof(opt_value)); + //uint64_t cpu_mask = 0x3c; //?? + //marsio_option_set(handle->instance, MARSIO_OPT_THREAD_MASK, &cpu_mask, sizeof(cpu_mask)); + marsio_init(instance, appsym); + //设为sapp线程数 + int nr_thread = g_iThreadNum; + struct mr_vdev * dev_handler = marsio_open_device(instance, dev_symbol, nr_thread, nr_thread); + if(dev_handler == NULL){ + KNI_LOG_ERROR(logger, "Failed at marsio_open_device, dev_symbol is %s, nr_thread is %d", dev_symbol, nr_thread); + return NULL; + } + struct mr_sendpath * dev_sendpath = marsio_sendpath_create_by_vdev(dev_handler); + if(dev_sendpath == NULL){ + KNI_LOG_ERROR(logger, "Failed at marsio_sendpath_create_by_vdev"); + return NULL; + } + struct kni_marsio_handle *handle = ALLOC(struct kni_marsio_handle, 1); + handle->instance = instance; + handle->dev_handler = dev_handler; + handle->dev_sendpath = dev_sendpath; + //暂时不用调 + //marsio_thread_init(mr_instance); + return handle; +} + +extern "C" int kni_init(){ + g_kni_handle = ALLOC(struct kni_handle, 1); + const char *profile = "./conf/kni/kni.conf"; + const char *section = "global"; + + //init logger + char log_path[KNI_PATH_MAX]; + MESA_load_profile_string_def(profile, section, "log_path", log_path, sizeof(log_path), "unknown"); + int log_level; + MESA_load_profile_int_def(profile, section, "log_level", &log_level, 10); + void *logger = MESA_create_runtime_log_handle(log_path, log_level); + if (unlikely(logger == NULL)) + { + printf("Failed at create logger: %s, exit", log_path); + exit(EXIT_FAILURE); + } + KNI_LOG_INFO(logger, "MESA_prof_load, [%s]:\n log_path: %s\n log_level: %d", section, log_path, log_level); + g_kni_handle->logger = logger; + + //init http_project + int id = http_project_init(); + if(id < 0){ + KNI_LOG_ERROR(logger, "Failed at http_project_init, exit. ret is %d", id); + exit(EXIT_FAILURE); + } + g_kni_handle->http_project_id = id; + + //init marsio + g_kni_handle->marsio_handle = kni_marsio_init(profile); + if(g_kni_handle->marsio_handle == NULL){ + KNI_LOG_ERROR(logger, "Failed at kni_marsio_init, exit"); + exit(EXIT_FAILURE); + } + + //init maat + g_kni_handle->maat_handle = kni_maat_init(profile, logger); + if(g_kni_handle->maat_handle == NULL){ + KNI_LOG_ERROR(logger, "Failed at kni_maat_init, exit"); + exit(EXIT_FAILURE); + } + return 0; +} \ No newline at end of file diff --git a/entry/src/kni_maat.cpp b/entry/src/kni_maat.cpp new file mode 100644 index 0000000..e10eec5 --- /dev/null +++ b/entry/src/kni_maat.cpp @@ -0,0 +1,110 @@ +#include "kni_utils.h" +#include "kni_maat.h" + +extern int g_iThreadNum; + +void kni_maat_destroy(struct kni_maat_handle *handle){ + if(handle != NULL){ + if(handle->feather != NULL){ + Maat_burn_feather(handle->feather); + } + } + FREE(&handle); +} + +struct kni_maat_handle* kni_maat_init(const char* profile, void *logger){ + const char *section = "maat"; + int readconf_mode; + char tableinfo_path[KNI_PATH_MAX]; + char tablename_intercept_compile[KNI_SYMBOL_MAX]; + MESA_load_profile_int_def(profile, section, "readconf_mode", &readconf_mode, KNI_MAAT_READCONF_IRIS); + MESA_load_profile_string_def(profile, section, "tableinfo_path", tableinfo_path, sizeof(tableinfo_path), "unknown"); + MESA_load_profile_string_def(profile, section, "tablename_intercept_compile", tablename_intercept_compile, sizeof(tablename_intercept_compile), "unknown"); + KNI_LOG_INFO(logger, "MESA_prof_load, [%s]:\n readconf_mode: %d\n tableinfo_path: %s\n tablename_intercept_compile: %s\n", + section, readconf_mode, tableinfo_path, tablename_intercept_compile); + Maat_feather_t feather = Maat_feather(g_iThreadNum, tableinfo_path, logger); + if(feather == NULL){ + KNI_LOG_ERROR(logger, "Failed at Maat_feather, max_thread_num is %d, tableinfo_path is %s", g_iThreadNum, tableinfo_path); + return NULL; + } + if(readconf_mode == KNI_MAAT_READCONF_JSON){ + char maatjson_path[KNI_PATH_MAX]; + MESA_load_profile_string_def(profile, section, "maatjson_path", maatjson_path, sizeof(maatjson_path), "unknown"); + KNI_LOG_INFO(logger, "MESA_prof_load, [%s]:\n maatjson_path: %s", section, maatjson_path); + Maat_set_feather_opt(feather, MAAT_OPT_JSON_FILE_PATH, maatjson_path, strlen(maatjson_path)); + } + if(readconf_mode == KNI_MAAT_READCONF_IRIS){ + //TODO + } + if(readconf_mode == KNI_MAAT_READCONF_REDIS){ + char redis_ip[KNI_SYMBOL_MAX]; + int redis_port; + int redis_index; + MESA_load_profile_string_def(profile, section, "redis_ip", redis_ip, sizeof(redis_ip), "unknown"); + MESA_load_profile_int_def(profile, section, "redis_port", &redis_port, -1); + MESA_load_profile_int_def(profile, section, "redis_index", &redis_index, -1); + KNI_LOG_INFO(logger, "MESA_prof_load, [%s]:\n redis_ip: %s\n redis_port: %s\n redis_index: %d", + section, redis_ip, redis_port, redis_index); + Maat_set_feather_opt(feather, MAAT_OPT_REDIS_IP, (void*)redis_ip, strlen(redis_ip) + 1); + Maat_set_feather_opt(feather, MAAT_OPT_REDIS_PORT, (void*)&redis_port, sizeof(redis_port)); + Maat_set_feather_opt(feather, MAAT_OPT_REDIS_INDEX, (void*)&redis_index, sizeof(redis_index)); + } + int ret = Maat_initiate_feather(feather); + if(ret < 0){ + KNI_LOG_ERROR(logger, "Failed at Maat_initiate_feather"); + return NULL; + } + int tableid_intercept_compile = Maat_table_register(feather, tablename_intercept_compile); + if(tableid_intercept_compile < 0){ + KNI_LOG_ERROR(logger, "Failed at Maat_table_register, tablename is %d, ret is %d", + tablename_intercept_compile, tableid_intercept_compile); + return NULL; + } + struct kni_maat_handle *handle = ALLOC(struct kni_maat_handle, 1); + handle->feather = feather; + handle->tableid_intercept_compile = tableid_intercept_compile; + handle->default_action = KNI_ACTION_INTERCEPT; + handle->logger = logger; + return handle; +} + +static int maat_process_scan_result(struct kni_maat_handle *handle, int num, struct Maat_rule_t *result){ + //void *logger = handle->logger; + int action = handle->default_action; + for(int i = 0; i < num; i++){ + action = result[i].action; + if(action == KNI_ACTION_BYPASS){ + return action; + } + } + return action; +} + + +//TODO: Maat_rule_get_ex_new_index compile_ex_param_new: config_id = 0, 取action即为全局变量, 一旦配置更新就回调, tableinfo怎么写,回调表, 编译配置表 +int kni_maat_scan_ip(struct kni_maat_handle *handle, struct ipaddr *addr, int thread_seq){ + void *logger = handle->logger; + struct Maat_rule_t result[KNI_MAAT_RULE_NUM_MAX]; + int ret = Maat_scan_proto_addr(handle->feather, handle->tableid_intercept_compile, addr, 0, result, + KNI_MAAT_RULE_NUM_MAX, NULL, thread_seq); + if(ret < 0){ + KNI_LOG_ERROR(logger, "Failed at Maat_scan_proto_addr, ret is %d", ret); + return handle->default_action; + } + return maat_process_scan_result(handle, ret, result); +} + +int kni_maat_scan_domain(struct kni_maat_handle* handle, char *domain, int domain_len, int thread_seq){ + void *logger = handle->logger; + struct Maat_rule_t result[KNI_MAAT_RULE_NUM_MAX]; + //TODO: GBK + int ret = Maat_full_scan_string(handle->feather, handle->tableid_intercept_compile, CHARSET_GBK, + domain, domain_len, result, NULL, KNI_MAAT_RULE_NUM_MAX, NULL, thread_seq); + if(ret < 0){ + KNI_LOG_ERROR(logger, "Failed at Maat_full_scan_string, ret is %d", ret); + return handle->default_action; + } + return maat_process_scan_result(handle, ret, result); +} + + diff --git a/run/benchmark.sh b/run/benchmark.sh deleted file mode 100644 index b7ce23a..0000000 --- a/run/benchmark.sh +++ /dev/null @@ -1,9 +0,0 @@ -#!/bin/sh -for i in {1..223} -do - echo "-------- process $i files --------" >> bench.log - #tcpdump -r /tmp/fraglist.leak.pcap net $i.0.0.0/8 -s0 -w /tmp/fraglist.leak.pcap.net.$i - ln -sf /tmp/fraglist.leak.pcap.net.$i dumpfile - ./memchk.sh.full - cat valgrind.log | grep definitely >> bench.log -done diff --git a/run/cmp.sh b/run/cmp.sh deleted file mode 100644 index 06c54f9..0000000 --- a/run/cmp.sh +++ /dev/null @@ -1,15 +0,0 @@ -#!/bin/sh -filename=$1 -cat $filename |sort >$filename.sort -cat $filename.sort |grep tcpstream >$filename.tcp -cat $filename.sort |grep tcpallstream >$filename.tcpall -cat $filename.sort |grep udpstream >$filename.udp -echo $filename tcpallstreamnum=`cat $filename.tcpall|wc -l` -echo $filename tcpstreamnum=`cat $filename.tcp|wc -l` -echo $filename udpstreamnum=`cat $filename.udp|wc -l` - -#./start -#echo program crashed, reboot at `date +"%w %Y/%m/%d, %H:%M:%S"` >> REBOOT.log -#reboot - - diff --git a/run/cmp3.sh b/run/cmp3.sh deleted file mode 100644 index 3982332..0000000 --- a/run/cmp3.sh +++ /dev/null @@ -1,15 +0,0 @@ -#!/bin/sh -filename=$1 -cat $filename |sort >$filename.sort -cat $filename.sort |grep tcpstream >$filename.tcp -cat $filename.sort |grep tcpallstream >$filename.tcpall -cat $filename.sort |grep udpallstream >$filename.udp -echo $filename tcpallstreamnum=`cat $filename.tcpall|wc -l` -echo $filename tcpstreamnum=`cat $filename.tcp|wc -l` -echo $filename udpstreamnum=`cat $filename.udp|wc -l` -cat $filename.tcpall |awk {'print $10'}|awk -F',' '{sum+=$1 } END {print "tcppktnum=" sum }' -cat $filename.udp |awk {'print $10'}|awk -F',' '{sum+=$1 } END {print "udppktnum=" sum }' -cat $filename.tcpall |awk {'print $10'}|awk -F'=' '{sum+=$2 } END {print "tcppayload=" sum }' -cat $filename.udp |awk {'print $10'}|awk -F'=' '{sum+=$2 } END {print "udppayload=" sum }' - - diff --git a/run/cmp_sapp.sh b/run/cmp_sapp.sh deleted file mode 100644 index a3f2409..0000000 --- a/run/cmp_sapp.sh +++ /dev/null @@ -1,17 +0,0 @@ -#!/bin/sh -filename=$1 -cat $filename |sort >$filename.sort -cat $filename.sort |grep tcpstream >$filename.tcp -cat $filename.sort |grep tcpallstream >$filename.tcpall -cat $filename.sort |grep udpallstream >$filename.udp -echo $filename tcpallstreamnum=`cat $filename.tcpall|wc -l` -echo $filename tcpstreamnum=`cat $filename.tcp|wc -l` -echo $filename udpstreamnum=`cat $filename.udp|wc -l` -#cat $filename.tcpall |awk {'print $10'}|awk -F '=' '{sum+=$2 } END {print "tcppktnum=" sum }' -cat $filename.tcpall |awk {'print $10'} | awk -F ',' '{print $1}'|awk -F '=' '{sum+=$2 } END {print "tcppktnum=" sum }' -cat $filename.udp |awk {'print $8'}|awk -F'=' '{sum+=$2 } END {print "udppktnum=" sum }' -cat $filename.tcpall |awk {'print $11'} | awk -F '=' ' {sum +=$2} END {print "tcppayload=" sum }' -#cat $filename.tcpall |awk {'print $10'}|awk -F'=' '{sum+=$2 } END {print "tcppayload=" sum }' -cat $filename.udp |awk {'print $9'}|awk -F'=' '{sum+=$2 } END {print "udppayload=" sum }' - - diff --git a/run/conf/gdev.conf b/run/conf/gdev.conf deleted file mode 100644 index 62d381c..0000000 --- a/run/conf/gdev.conf +++ /dev/null @@ -1,6 +0,0 @@ -[Module] -pcapdevice=p6p2 -sendto_gdev_card=p6p2 -sendto_gdev_ip=192.168.15.15 -gdev_status_switch=1 -default_keepalive_action=1 diff --git a/run/conf/gip b/run/conf/gip deleted file mode 100644 index d13dd4a..0000000 --- a/run/conf/gip +++ /dev/null @@ -1 +0,0 @@ -10.0.6.229 diff --git a/run/conf/http/http.conf b/run/conf/http/http.conf deleted file mode 100644 index e604abc..0000000 --- a/run/conf/http/http.conf +++ /dev/null @@ -1,42 +0,0 @@ -#http_special -#all regions -1 HTTP_ALL -2 HTTP_OTHER_REGIONS -#http state -3 HTTP_STATE -4 HTTP_REQ_LINE -5 HTTP_RES_LINE -6 HTTP_CONTENT -7 HTTP_UNGZIP_CONTENT -8 HTTP_MESSAGE_URL -9 HTTP_URI -#http_request -10 HTTP_HOST -11 HTTP_REFERER -12 HTTP_USER_AGENT -13 HTTP_COOKIE -14 HTTP_PROXY_AUTHORIZATION -15 HTTP_AUTHORIZATION -#http_response -16 HTTP_LOCATION -17 HTTP_SERVER -18 HTTP_ETAG -#http_general -19 HTTP_DATE -20 HTTP_TRAILER -21 HTTP_TRANSFER_ENCODING -22 HTTP_VIA -23 HTTP_PRAGMA -24 HTTP_CONNECTION -#http_content -25 HTTP_CONT_ENCODING -26 HTTP_CONT_LANGUAGE -27 HTTP_CONT_LOCATION -28 HTTP_CONT_DISPOSITION -29 HTTP_CONT_RANGE -30 HTTP_CONT_LENGTH -31 HTTP_CONT_TYPE -32 HTTP_CHARSET -33 HTTP_EXPIRES -34 HTTP_X_FLASH_VERSION -35 HTTP_TRANSFER_LENGTH diff --git a/run/conf/http/http_main.conf b/run/conf/http/http_main.conf deleted file mode 100644 index 3476c09..0000000 --- a/run/conf/http/http_main.conf +++ /dev/null @@ -1,30 +0,0 @@ -[FUNCTION] -switch_no_biz=1 - -#0 means close stat -stat_cycle=0 -#stat output screen 0: screen 1: file -stat_screen_print=0 -stat_file=./log/http/http_stat.log - -#ungzip -ungzip_switch=1 - -#support proxy -proxy_switch=1 - -#single-way traffic need http session num, 0 means no this function -singleway_maxseq=2 - -#0: field callback mode(default) 1:batch callback mode -callback_mode=0 - -#batch field maxnum when http_all or http_other -batch_field_maxnum=32 - -[LOG] -#FATAL:wrong info -#INFO: lostlen; special proc ;proxy info -#DEBUG: pending and close info; all url; -log_level=30 -log_path=./log/http/runtime diff --git a/run/conf/main.conf b/run/conf/main.conf deleted file mode 100644 index fe24404..0000000 --- a/run/conf/main.conf +++ /dev/null @@ -1,90 +0,0 @@ -[Module] - -threadnum=10 -#cpu_bind_core_mask=1,2,3,4,5 -cpu_bind_core_mask=0x7fe -app_instance_name=sapp -MaxTcpStreams=1000000 -MaxUdpStreams=1000000 -LinkTimeout=180 -UdpResetTime=0 -CreatLinkMode=1 -MaxUnorderNum=5 -TcpAllEnable=1 -IPv6_module_enable=1 -IPv6_raw_socket=1 -ipentry_priority_over_ipfrag=0 -dictator_switch=1 -load_plug_switch=1 -discard_ack=0 -kill_tcp_remedy=0 - -signal_take_over_switch=0 - -timestamp_record=0 -#timedelay_threshold unit: CPU CYCLE -timedelay_threshold=99900000 - -analyse_tcp_option=1 - -#in linux kernel 2.6.20 and subsequent version, should enable this -use_MESAsleep=0 - -#skip ethernet, if you don't care MAC address -skip_ethernet_layer=0 - -#for dual-stack send rst -skip_not_ip_layer=0 - -#packet use DDP protocol -encapsulate_with_ddp=0 - -maxrandval=65535 -randkeyval=13 - -#(0:pag,1:pcap,2:dumpfile,3:pfring,4:DPDK,5:ppf,6:NPacket,7:qnf,8:N95,9:pcap-dumpfile-list,10:topsec, -#(11:ipfile, 12:marsio4, 13:agent_smith, 14:dpdk_vxlan, 15:marsio_vxlan, 16:pag_marsio -capdatamodlel=12 -forwardpkt=0 -pcapdevice=vxlan_user -#pcapdevice=p7p1 -pcapdevice2=em2 -pcapfilter= -pcap_dumpfile_list=dumpfile.list -senddevice=em2 -gateway_mac=00:90:0b:1b:a1:2b - - -#max pending packet num between capture-thread and handle-thread -queue_max_num=2000 - -#-----network connection mode definition----- -# 0: don't send packet, only capture; -# 1: parallel mode with single card; -# 2: serial mode with two card; -# 3: logic serial mode with G device. -net_connection_mode=3 - - -[ShowStatInfo] -showinterval=3 -iknow_listen_port=65500 -platform_log_level=10 - -[pkt_dump] -pkt_dump_switch=0 -#1:local file; 2:udp socket -pkt_dump_mode=2 -pkt_dump_cmd_port=12345 -pkt_dump_bpf_filter= -pkt_dump_file_root_dir=/dev/shm/pkt_dump234 - -#config 'pkt_dump_total_size' means summation of all files size in 'root_dir', unit:MB. -pkt_dump_total_size=29900 - -#config 'pkt_dump_file_max_size' means MB per thread. -pkt_dump_file_max_size=10000 - -#config 'pkt_dump_thread_seq' means which thread enable this module, 'all' is total running thread. -pkt_dump_thread_seq=all -#pkt_dump_thread_seq=0,1,2,3 diff --git a/run/conf/main.conf.31 b/run/conf/main.conf.31 deleted file mode 100644 index 049cde1..0000000 --- a/run/conf/main.conf.31 +++ /dev/null @@ -1,90 +0,0 @@ -[Module] - -threadnum=2 -#cpu_bind_core_mask=1,2,3,4,5 -cpu_bind_core_mask=0xF -app_instance_name=sapp_master -MaxTcpStreams=1000 -MaxUdpStreams=1000 -LinkTimeout=0 -UdpResetTime=0 -CreatLinkMode=3 -MaxUnorderNum=5 -TcpAllEnable=1 -IPv6_module_enable=1 -IPv6_raw_socket=1 -ipentry_priority_over_ipfrag=0 -dictator_switch=0 -load_plug_switch=1 -discard_ack=0 -kill_tcp_remedy=0 - -signal_take_over_switch=0 - -timestamp_record=0 -#timedelay_threshold unit: CPU CYCLE -timedelay_threshold=99900000 - -analyse_tcp_option=1 - -#in linux kernel 2.6.20 and subsequent version, should enable this -use_MESAsleep=0 - -#skip ethernet, if you don't care MAC address -skip_ethernet_layer=0 - -#for dual-stack send rst -skip_not_ip_layer=0 - -#packet use DDP protocol -encapsulate_with_ddp=0 - -maxrandval=65535 -randkeyval=13 - -#(0:pag,1:pcap,2:dumpfile,3:pfring,4:DPDK,5:ppf,6:NPacket,7:qnf,8:N95,9:pcap-dumpfile-list,10:topsec, -#(11:ipfile, 12:marsio4, 13:agent_smith, 14:dpdk_vxlan, 15:marsio_vxlan, 16:pag_marsio -capdatamodlel=1 -forwardpkt=0 -pcapdevice=enp2s0 -pcapdevice2=enp3s0 -pcapfilter=host 192.168.11.31 -#pcapfilter= -pcap_dumpfile_list=dumpfile.list -senddevice=enp3s0 -gateway_mac=00:90:0b:1b:a1:2b - - -#max pending packet num between capture-thread and handle-thread -queue_max_num=2000 - -#-----network connection mode definition----- -# 0: don't send packet, only capture; -# 1: parallel mode with single card; -# 2: serial mode with two card; -# 3: logic serial mode with G device. -net_connection_mode=2 - - -[ShowStatInfo] -showinterval=3 -iknow_listen_port=65500 -platform_log_level=20 - -[pkt_dump] -pkt_dump_switch=0 -#1:local file; 2:udp socket -pkt_dump_mode=2 -pkt_dump_cmd_port=12345 -pkt_dump_bpf_filter= -pkt_dump_file_root_dir=/dev/shm/pkt_dump234 - -#config 'pkt_dump_total_size' means summation of all files size in 'root_dir', unit:MB. -pkt_dump_total_size=29900 - -#config 'pkt_dump_file_max_size' means MB per thread. -pkt_dump_file_max_size=10000 - -#config 'pkt_dump_thread_seq' means which thread enable this module, 'all' is total running thread. -pkt_dump_thread_seq=all -#pkt_dump_thread_seq=0,1,2,3 diff --git a/run/conf/main.conf.dumpfile b/run/conf/main.conf.dumpfile deleted file mode 100644 index f8bd6e4..0000000 --- a/run/conf/main.conf.dumpfile +++ /dev/null @@ -1,90 +0,0 @@ -[Module] - -threadnum=1 -#cpu_bind_core_mask=1,2,3,4,5 -cpu_bind_core_mask=0xF -app_instance_name=sapp_master -MaxTcpStreams=10000 -MaxUdpStreams=10000 -LinkTimeout=0 -UdpResetTime=0 -CreatLinkMode=3 -MaxUnorderNum=5 -TcpAllEnable=1 -IPv6_module_enable=1 -IPv6_raw_socket=1 -ipentry_priority_over_ipfrag=0 -dictator_switch=0 -load_plug_switch=1 -discard_ack=0 -kill_tcp_remedy=0 - -signal_take_over_switch=0 - -timestamp_record=0 -#timedelay_threshold unit: CPU CYCLE -timedelay_threshold=99900000 - -analyse_tcp_option=1 - -#in linux kernel 2.6.20 and subsequent version, should enable this -use_MESAsleep=0 - -#skip ethernet, if you don't care MAC address -skip_ethernet_layer=0 - -#for dual-stack send rst -skip_not_ip_layer=0 - -#packet use DDP protocol -encapsulate_with_ddp=0 - -maxrandval=65535 -randkeyval=13 - -#(0:pag,1:pcap,2:dumpfile,3:pfring,4:DPDK,5:ppf,6:NPacket,7:qnf,8:N95,9:pcap-dumpfile-list,10:topsec, -#(11:ipfile, 12:marsio4, 13:agent_smith, 14:dpdk_vxlan, 15:marsio_vxlan, 16:pag_marsio -capdatamodlel=2 -forwardpkt=0 -pcapdevice=lo -#pcapdevice=eno33554992 -#pcapdevice2=eno50332216 -pcapfilter= -pcap_dumpfile_list=dumpfile.list -senddevice=enp2s0 -gateway_mac=00:90:0b:1b:a1:2b - - -#max pending packet num between capture-thread and handle-thread -queue_max_num=2000 - -#-----network connection mode definition----- -# 0: don't send packet, only capture; -# 1: parallel mode with single card; -# 2: serial mode with two card; -# 3: logic serial mode with G device. -net_connection_mode=1 - - -[ShowStatInfo] -showinterval=3 -iknow_listen_port=65500 -platform_log_level=20 - -[pkt_dump] -pkt_dump_switch=0 -#1:local file; 2:udp socket -pkt_dump_mode=2 -pkt_dump_cmd_port=12345 -pkt_dump_bpf_filter= -pkt_dump_file_root_dir=/dev/shm/pkt_dump234 - -#config 'pkt_dump_total_size' means summation of all files size in 'root_dir', unit:MB. -pkt_dump_total_size=29900 - -#config 'pkt_dump_file_max_size' means MB per thread. -pkt_dump_file_max_size=10000 - -#config 'pkt_dump_thread_seq' means which thread enable this module, 'all' is total running thread. -pkt_dump_thread_seq=all -#pkt_dump_thread_seq=0,1,2,3 diff --git a/run/conf/main.conf.noplug b/run/conf/main.conf.noplug deleted file mode 100644 index 219eb36..0000000 --- a/run/conf/main.conf.noplug +++ /dev/null @@ -1,90 +0,0 @@ -[Module] - -threadnum=2 -#cpu_bind_core_mask=1,2,3,4,5 -cpu_bind_core_mask=0xF -app_instance_name=sapp_master -MaxTcpStreams=1000 -MaxUdpStreams=1000 -LinkTimeout=0 -UdpResetTime=0 -CreatLinkMode=3 -MaxUnorderNum=5 -TcpAllEnable=1 -IPv6_module_enable=1 -IPv6_raw_socket=1 -ipentry_priority_over_ipfrag=0 -dictator_switch=0 -load_plug_switch=1 -discard_ack=0 -kill_tcp_remedy=0 - -signal_take_over_switch=0 - -timestamp_record=0 -#timedelay_threshold unit: CPU CYCLE -timedelay_threshold=99900000 - -analyse_tcp_option=1 - -#in linux kernel 2.6.20 and subsequent version, should enable this -use_MESAsleep=0 - -#skip ethernet, if you don't care MAC address -skip_ethernet_layer=0 - -#for dual-stack send rst -skip_not_ip_layer=0 - -#packet use DDP protocol -encapsulate_with_ddp=0 - -maxrandval=65535 -randkeyval=13 - -#(0:pag,1:pcap,2:dumpfile,3:pfring,4:DPDK,5:ppf,6:NPacket,7:qnf,8:N95,9:pcap-dumpfile-list,10:topsec, -#(11:ipfile, 12:marsio4, 13:agent_smith, 14:dpdk_vxlan, 15:marsio_vxlan, 16:pag_marsio -capdatamodlel=1 -forwardpkt=0 -pcapdevice=enp2s0 -pcapdevice2=enp3s0 -#pcapfilter=host 192.168.11.31 -pcapfilter= -pcap_dumpfile_list=dumpfile.list -senddevice=enp3s0 -gateway_mac=00:90:0b:1b:a1:2b - - -#max pending packet num between capture-thread and handle-thread -queue_max_num=2000 - -#-----network connection mode definition----- -# 0: don't send packet, only capture; -# 1: parallel mode with single card; -# 2: serial mode with two card; -# 3: logic serial mode with G device. -net_connection_mode=2 - - -[ShowStatInfo] -showinterval=3 -iknow_listen_port=65500 -platform_log_level=20 - -[pkt_dump] -pkt_dump_switch=0 -#1:local file; 2:udp socket -pkt_dump_mode=2 -pkt_dump_cmd_port=12345 -pkt_dump_bpf_filter= -pkt_dump_file_root_dir=/dev/shm/pkt_dump234 - -#config 'pkt_dump_total_size' means summation of all files size in 'root_dir', unit:MB. -pkt_dump_total_size=29900 - -#config 'pkt_dump_file_max_size' means MB per thread. -pkt_dump_file_max_size=10000 - -#config 'pkt_dump_thread_seq' means which thread enable this module, 'all' is total running thread. -pkt_dump_thread_seq=all -#pkt_dump_thread_seq=0,1,2,3 diff --git a/run/conf/main.conf.pcap b/run/conf/main.conf.pcap deleted file mode 100644 index 2c09966..0000000 --- a/run/conf/main.conf.pcap +++ /dev/null @@ -1,89 +0,0 @@ -[Module] - -threadnum=2 -#cpu_bind_core_mask=1,2,3,4,5 -cpu_bind_core_mask=0xF -app_instance_name=sapp_master -MaxTcpStreams=1000 -MaxUdpStreams=1000 -LinkTimeout=0 -UdpResetTime=0 -CreatLinkMode=3 -MaxUnorderNum=5 -TcpAllEnable=1 -IPv6_module_enable=1 -IPv6_raw_socket=1 -ipentry_priority_over_ipfrag=0 -dictator_switch=0 -load_plug_switch=1 -discard_ack=0 -kill_tcp_remedy=0 - -signal_take_over_switch=0 - -timestamp_record=0 -#timedelay_threshold unit: CPU CYCLE -timedelay_threshold=99900000 - -analyse_tcp_option=1 - -#in linux kernel 2.6.20 and subsequent version, should enable this -use_MESAsleep=0 - -#skip ethernet, if you don't care MAC address -skip_ethernet_layer=0 - -#for dual-stack send rst -skip_not_ip_layer=0 - -#packet use DDP protocol -encapsulate_with_ddp=0 - -maxrandval=65535 -randkeyval=13 - -#(0:pag,1:pcap,2:dumpfile,3:pfring,4:DPDK,5:ppf,6:NPacket,7:qnf,8:N95,9:pcap-dumpfile-list,10:topsec, -#(11:ipfile, 12:marsio4, 13:agent_smith, 14:dpdk_vxlan, 15:marsio_vxlan, 16:pag_marsio -capdatamodlel=1 -forwardpkt=0 -pcapdevice=enp2s0 -pcapdevice2=enp3s0 -pcapfilter= -pcap_dumpfile_list=dumpfile.list -senddevice=enp3s0 -gateway_mac=00:90:0b:1b:a1:2b - - -#max pending packet num between capture-thread and handle-thread -queue_max_num=2000 - -#-----network connection mode definition----- -# 0: don't send packet, only capture; -# 1: parallel mode with single card; -# 2: serial mode with two card; -# 3: logic serial mode with G device. -net_connection_mode=2 - - -[ShowStatInfo] -showinterval=3 -iknow_listen_port=65500 -platform_log_level=20 - -[pkt_dump] -pkt_dump_switch=0 -#1:local file; 2:udp socket -pkt_dump_mode=2 -pkt_dump_cmd_port=12345 -pkt_dump_bpf_filter= -pkt_dump_file_root_dir=/dev/shm/pkt_dump234 - -#config 'pkt_dump_total_size' means summation of all files size in 'root_dir', unit:MB. -pkt_dump_total_size=29900 - -#config 'pkt_dump_file_max_size' means MB per thread. -pkt_dump_file_max_size=10000 - -#config 'pkt_dump_thread_seq' means which thread enable this module, 'all' is total running thread. -pkt_dump_thread_seq=all -#pkt_dump_thread_seq=0,1,2,3 diff --git a/run/conf/plugin/entrylist.conf b/run/conf/plugin/entrylist.conf deleted file mode 100644 index b8f766f..0000000 --- a/run/conf/plugin/entrylist.conf +++ /dev/null @@ -1,16 +0,0 @@ -IP -IP_FRAG -IPV6 -IPV6_RAW -TCP_ALL -TCP -UDP -HTTP -SSL -MAIL -FTP -PHONY -POLLING -IPSEC -L2TP -PPTP diff --git a/run/conf/plugin/plugin.conf b/run/conf/plugin/plugin.conf deleted file mode 100644 index 7061245..0000000 --- a/run/conf/plugin/plugin.conf +++ /dev/null @@ -1,10 +0,0 @@ -[PLUGIN] -platform_config = ./plug/platform/conflist_platform.inf -protocol_config = ./plug/protocol/conflist_protocol.inf -business_config = ./plug/business/conflist_business.inf -entrylist_config = ./conf/plugin/entrylist.conf - -logger_level=30 - -runtime_switch=1 -max_interval_num=60 diff --git a/run/conf/project_list.conf b/run/conf/project_list.conf deleted file mode 100644 index c7aa782..0000000 --- a/run/conf/project_list.conf +++ /dev/null @@ -1,21 +0,0 @@ -#project_requirement_name value_type -#current requirement definitions: -# terminal_tag, -# ipv4_frag_list, -# ipv6_frag_list, -# stream_id, -# value type definitions -# char, -# short, -# int, -# long, -# struct - -#terminal_tag struct -#ipv4_frag_list struct -#ipv6_frag_list struct -#stream_id struct -#test_project struct -tcp_flow_stat struct -udp_flow_stat struct -protocol_tag struct diff --git a/run/conf/route_table.conf b/run/conf/route_table.conf deleted file mode 100644 index da86aca..0000000 --- a/run/conf/route_table.conf +++ /dev/null @@ -1 +0,0 @@ -34.34.3.152 diff --git a/run/conf/send_raw_pkt.conf b/run/conf/send_raw_pkt.conf deleted file mode 100644 index 89208ff..0000000 --- a/run/conf/send_raw_pkt.conf +++ /dev/null @@ -1,13 +0,0 @@ -#ԭʼ, -#ƽ̨ڲͬ, ײҲͬ, -#ͨģʽʹ, DPDKģʽʹö˿ں, PFRINGģʽʹindex, ģʽ. -#target_idڱʾĸն˷, -#ڷ͵ݰײMACĿIP, ϲ, ƽֻ̨ԭʼ. -#target_id൱ݿ - -#(0:pag,1:pcap,2:dumpfile,3:pfring,4:DPDK,5:ppf,6:NPacket,7:qnf,8:N95,9:pcap-dumpfile-list,10:topsec, -##(11:ipfile, 12:marsio4, 13:agent_smith, 14:dpdk_vxlan, 15:marsio_vxlan, 16:pag_marsio - -#target_id -0 pag p7p1 eth1 dna0 dpdk ppf npacket qnf n95 eth1 topsec eth1 vxlan_user smith dpdk dpdk pag -1 pag em2 eth1 dna0 dpdk ppf npacket qnf n95 eth1 topsec eth1 loop1 smith dpdk dpdk pag diff --git a/run/conf/send_raw_pkt.conf.bak b/run/conf/send_raw_pkt.conf.bak deleted file mode 100644 index 89208ff..0000000 --- a/run/conf/send_raw_pkt.conf.bak +++ /dev/null @@ -1,13 +0,0 @@ -#ԭʼ, -#ƽ̨ڲͬ, ײҲͬ, -#ͨģʽʹ, DPDKģʽʹö˿ں, PFRINGģʽʹindex, ģʽ. -#target_idڱʾĸն˷, -#ڷ͵ݰײMACĿIP, ϲ, ƽֻ̨ԭʼ. -#target_id൱ݿ - -#(0:pag,1:pcap,2:dumpfile,3:pfring,4:DPDK,5:ppf,6:NPacket,7:qnf,8:N95,9:pcap-dumpfile-list,10:topsec, -##(11:ipfile, 12:marsio4, 13:agent_smith, 14:dpdk_vxlan, 15:marsio_vxlan, 16:pag_marsio - -#target_id -0 pag p7p1 eth1 dna0 dpdk ppf npacket qnf n95 eth1 topsec eth1 vxlan_user smith dpdk dpdk pag -1 pag em2 eth1 dna0 dpdk ppf npacket qnf n95 eth1 topsec eth1 loop1 smith dpdk dpdk pag diff --git a/run/conf/streamid.txt b/run/conf/streamid.txt deleted file mode 100644 index e416b83..0000000 --- a/run/conf/streamid.txt +++ /dev/null @@ -1 +0,0 @@ -76999 diff --git a/run/conf/wangyan_keepalive.conf b/run/conf/wangyan_keepalive.conf deleted file mode 100644 index 9a67be2..0000000 --- a/run/conf/wangyan_keepalive.conf +++ /dev/null @@ -1,10 +0,0 @@ -[main] -mode=master -#ʼ˿Ϊ60000, ذԴ˿Ϊ60000, Ϊʼ˿+ID, 2Ų, 󶨶˿Ϊ60002. -begin_listen_port=60000 -#ĴӦòIDб, ŷָ -[master] -slave_plug_id_list=1,2,3 - -[slave] -local_plug_id=1 diff --git a/run/dpdk_cmd.txt b/run/dpdk_cmd.txt deleted file mode 100644 index f8ea7b0..0000000 --- a/run/dpdk_cmd.txt +++ /dev/null @@ -1,2 +0,0 @@ -mrtools-pdump -- --pdump "port=0,queue=*,rx-dev=lo,tx-dev=lo" & -tcpdump -i lo -n -nn diff --git a/run/kni_set_cmd_by_policy_route b/run/kni_set_cmd_by_policy_route deleted file mode 100644 index ec00691..0000000 --- a/run/kni_set_cmd_by_policy_route +++ /dev/null @@ -1,34 +0,0 @@ -#!/bin/sh - -tun_iface=tun0 -rtable_id_ingress=100 -rtable_id_egress=101 - -echo 1 > /proc/sys/net/ipv4/ip_forward -echo 0 > /proc/sys/net/ipv4/tcp_window_scaling -echo 0 > /proc/sys/net/ipv4/conf/all/rp_filter -sysctl -w net.ipv4.conf.default.rp_filter=0 - -#ethtool -K p7p1 lro off -#ethtool -K p7p1 tso off -#ethtool -K p7p1 gro off - -#ethtool -K em2 lro off -#ethtool -K em2 tso off -#ethtool -K em2 gro off - -# Create TUN devices -ip tuntap add dev ${tun_iface} mode tun multi_queue -#ip tuntap add dev ${tun_iface} mode tun -ifconfig ${tun_iface} up - -# Ingress -ip rule add iif ${tun_iface} tab ${rtable_id_ingress} -ip route add local 0.0.0.0/0 dev lo table ${rtable_id_ingress} - -# Egress -ip rule add fwmark 0x65 lookup ${rtable_id_egress} -ip route add default dev ${tun_iface} table ${rtable_id_egress} - -# Flush cache -ip route flush cache diff --git a/run/kni_set_cmd_by_policy_route_v6 b/run/kni_set_cmd_by_policy_route_v6 deleted file mode 100644 index 67d0125..0000000 --- a/run/kni_set_cmd_by_policy_route_v6 +++ /dev/null @@ -1,41 +0,0 @@ -#!/bin/sh - -tun_iface=tun0 -rtable_id_ingress=100 -rtable_id_egress=101 -rtable_id_ingress6=102 -rtable_id_egress6=103 - -echo 1 > /proc/sys/net/ipv4/ip_forward -echo 1 > /proc/sys/net/ipv6/conf/all/forwarding -echo 0 > /proc/sys/net/ipv4/tcp_window_scaling -echo 0 > /proc/sys/net/ipv4/conf/all/rp_filter - -sysctl -w net.ipv4.conf.default.rp_filter=0 - -ip6tables -F -ip6tables -F -t mangle -ip6tables -F -t nat -ip6tables -F -t raw - -# Create TUN devices -ip tuntap add dev ${tun_iface} mode tun multi_queue -ifconfig ${tun_iface} up - -# IPv6 Default GW -ip -6 route add default dev ${tun_iface} - -# Ingress -ip rule add iif ${tun_iface} tab ${rtable_id_ingress} -ip route add local default dev lo table ${rtable_id_ingress} -ip -6 rule add iif ${tun_iface} tab ${rtable_id_ingress6} -ip -6 route add local default dev lo table ${rtable_id_ingress6} - -# Egress -ip rule add fwmark 0x65 lookup ${rtable_id_egress} -ip route add default dev ${tun_iface} table ${rtable_id_egress} -#ip -6 rule add fwmark 0x66 lookup ${rtable_id_egress6} -#ip -6 route add default dev ${tun_iface} table ${rtable_id_egress6} - -# Flush cache -ip route flush cache diff --git a/run/kniconf/kni.conf b/run/kniconf/kni.conf deleted file mode 100644 index 969b392..0000000 --- a/run/kniconf/kni.conf +++ /dev/null @@ -1,92 +0,0 @@ -[main] -htable_elem_num=10000000 -######0:intercept;1:bypass -default_work_mode=0 -######0:not replay;1:replay -replay_win_update=1 -######0:G 1:two network card -sendpkt_mode=0 -#####0:not join pkts in listq;1:join pkts in listq -write_listqueue_switch=0 -#####0:join fds in listq;1:not join fds in listq -send_fds_mode=0 -ratelimit_switch=1 -replace_switch=1 - -domain_path=/home/server_unixsocket_file -socketopt_mark=101 - -logger_level=10 -logger_filepath=./log/kni.log - -[tun] -tun_path=/dev/net/tun -tun_name=tun0 - -[field_stat] -filestat2_filename=./log/kni_fs2.log -filestat2_sip=0.0.0.0 -filestat2_sport=0 - - -[dynmic_maat] -#0:iris;1:json;2:redis -dyn_maat_readconf_mode=1 -dyn_redis_server=10.3.34.1 -dyn_redis_port=6379 -dyn_redis_db_index=5 -dyn_scandir_interval=1000 -dyn_effect_interval=60000 -dyn_stat_file_path=./log/kni_dyn_maat_stat -dyn_table_info_path=./kniconf/maat_table_info.conf - - -[static_maat] -#0:iris;1:json;2:redis -maat_readconf_mode=1 -redis_server=10.3.34.1 -redis_port=6379 -redis_db_index=4 -scandir_interval=1000 -effect_interval=1000 -stat_file_path=./log/kni_static_maat_stat -table_info_path=./kniconf/maat_table_info.conf -full_cfg_dir=/home/mesasoft/tango_rules/full/index -inc_cfg_dir=/home/mesasoft/tango_rules/inc/index - -[send_log] -send_log_switch=0 -NIC_NAME=eth0 -ENTRANCE_ID=0 -KAFKA_BROKERLIST=192.168.10.73:9092 - - - -[Module] -table_info_path=./kniconf/maat_table_info.conf -full_cfg_dir=/home/mesasoft/tango_rules/full/index -inc_cfg_dir=/home/mesasoft/tango_rules/inc/index -logger_filepath=./log/kni.log -logger_level=10 - -#0:intercept;1:bypass -default_work_mode=1 -#0:not replay;1:replay -replay_win_update=1 - -#0:iris;1:json;2:redis -maat_readconf_mode=2 -redis_server=10.3.34.1 -redis_port=6379 -redis_db_index=4 -scandir_interval=1000 -effect_interval=1000 - -//dyn_domain -dyn_maat_readconf_mode=1 -dyn_redis_server=192.168.11.243 -dyn_redis_port=6379 -dyn_redis_db_index=5 - -write_listqueue_switch=0 -send_fds_mode=1 diff --git a/run/kniconf/maat_table_info.conf b/run/kniconf/maat_table_info.conf deleted file mode 100644 index c8cd9d0..0000000 --- a/run/kniconf/maat_table_info.conf +++ /dev/null @@ -1,13 +0,0 @@ -1 WHITE_LIST_COMPILE compile escape -- -1 PXY_INTERCEPT_COMPILE compile escape -- -2 WHITE_LIST_GROUP group -- -2 PXY_INTERCEPT_GROUP group -- -3 WHITE_LIST_IP ip -- -3 PXY_INTERCEPT_IP ip -- -4 WHITE_LIST_DOMAIN expr GBK GBK yes 0 -4 PXY_INTERCEPT_DOMAIN expr GBK GBK yes 0 -5 PXY_INTERCEPT_PKT_BIN expr GBK GBK yes 0 -6 IPD_DYN_COMPILE compile GBK GBK no 0 -7 IPD_DYN_GROUP group GBK GBK no 0 -8 IPD_RELATED_DOMAIN expr GBK GBK yes 0 -9 PXY_OBJ_SPOOFING_IP_POOL plugin {"key":11,"valid":9} -- diff --git a/run/kniconf/maat_test.json b/run/kniconf/maat_test.json deleted file mode 100644 index 5c018e0..0000000 --- a/run/kniconf/maat_test.json +++ /dev/null @@ -1,59 +0,0 @@ -{ - "compile_table": "PXY_INTERCEPT_COMPILE", - "group_table": "PXY_INTERCEPT_GROUP", - "rules": [ - { - "compile_id": 1, - "service": 1, - "action":120, - "do_blacklist": 1, - "do_log": 1, - "effective_rage": 0, - "user_region": "zone=pkt_payload;substitute=/AAAA/BBBB", - "is_valid": "yes", - "groups": [ - { - "group_name": "Untitled", - "regions": [ - { - "table_name": "PXY_INTERCEPT_IP", - "table_type": "ip", - "table_content": { - "addr_type": "ipv4", - "src_ip": "192.168.192.135", - "mask_src_ip": "255.255.255.255", - "src_port": "0", - "mask_src_port": "65535", - "dst_ip": "0.0.0.0", - "mask_dst_ip": "255.255.255.255", - "dst_port": "0", - "mask_dst_port": "65535", - "protocol": 0, - "direction": "double" - } - }, - { - "table_name": "PXY_INTERCEPT_PKT_BIN", - "table_type": "string", - "table_content": { - "keywords": "AAAA", - "expr_type": "regex", - "match_method": "sub", - "format":"uncase plain" - - } - } - ] - } - ] - } - ], - "plugin_table": [ - { - "table_name": "PXY_OBJ_SPOOFING_IP_POOL", - "table_content": [ - "1\t4\t0\t192.168.11.127\t0\t0\t\t0\t0\t1\t123\t10\t{}\t20181217-0:22" - ] - } - ] - } diff --git a/run/kniconf/maat_test.json.dnat b/run/kniconf/maat_test.json.dnat deleted file mode 100644 index a95531b..0000000 --- a/run/kniconf/maat_test.json.dnat +++ /dev/null @@ -1,48 +0,0 @@ -{ - "compile_table": "PXY_INTERCEPT_COMPILE", - "group_table": "PXY_INTERCEPT_GROUP", - "rules": [ - { - "compile_id": 1, - "service": 1, - "action":48, - "do_blacklist": 1, - "do_log": 1, - "effective_rage": 0, - "user_region": "spoofing_ip_pool=10;nat_type=dnat;", - "is_valid": "yes", - "groups": [ - { - "group_name": "Untitled", - "regions": [ - { - "table_name": "PXY_INTERCEPT_IP", - "table_type": "ip", - "table_content": { - "addr_type": "ipv4", - "src_ip": "192.168.11.80", - "mask_src_ip": "255.255.255.255", - "src_port": "0", - "mask_src_port": "65535", - "dst_ip": "61.135.169.125", - "mask_dst_ip": "255.255.255.255", - "dst_port": "0", - "mask_dst_port": "65535", - "protocol": 0, - "direction": "double" - } - } - ] - } - ] - } - ], - "plugin_table": [ - { - "table_name": "PXY_OBJ_SPOOFING_IP_POOL", - "table_content": [ - "1\t4\t0\t123.57.35.217\t0\t0\t\t0\t0\t1\t123\t10\t{}\t20181217-0:22" - ] - } - ] - } diff --git a/run/kniconf/maat_test.json.right b/run/kniconf/maat_test.json.right deleted file mode 100644 index 5609163..0000000 --- a/run/kniconf/maat_test.json.right +++ /dev/null @@ -1,40 +0,0 @@ -{ - "compile_table": "PXY_INTERCEPT_COMPILE", - "group_table": "PXY_INTERCEPT_GROUP", - "rules": [ - { - "compile_id": 1, - "service": 1, - "action":48, - "do_blacklist": 1, - "do_log": 1, - "effective_rage": 0, - "user_region": "spoofing_ip_pool=10;nat_type=snat;", - "is_valid": "yes", - "groups": [ - { - "group_name": "Untitled", - "regions": [ - { - "table_name": "PXY_INTERCEPT_IP", - "table_type": "ip", - "table_content": { - "addr_type": "ipv4", - "src_ip": "192.168.11.80", - "mask_src_ip": "255.255.255.255", - "src_port": "0", - "mask_src_port": "65535", - "dst_ip": "0.0.0.0", - "mask_dst_ip": "255.255.255.255", - "dst_port": "0", - "mask_dst_port": "65535", - "protocol": 0, - "direction": "double" - } - } - ] - } - ] - } - ] -} diff --git a/run/kniconf/maat_test.json.snat b/run/kniconf/maat_test.json.snat deleted file mode 100644 index e144d6a..0000000 --- a/run/kniconf/maat_test.json.snat +++ /dev/null @@ -1,48 +0,0 @@ -{ - "compile_table": "PXY_INTERCEPT_COMPILE", - "group_table": "PXY_INTERCEPT_GROUP", - "rules": [ - { - "compile_id": 1, - "service": 1, - "action":48, - "do_blacklist": 1, - "do_log": 1, - "effective_rage": 0, - "user_region": "spoofing_ip_pool=10;nat_type=snat;", - "is_valid": "yes", - "groups": [ - { - "group_name": "Untitled", - "regions": [ - { - "table_name": "PXY_INTERCEPT_IP", - "table_type": "ip", - "table_content": { - "addr_type": "ipv4", - "src_ip": "192.168.11.80", - "mask_src_ip": "255.255.255.255", - "src_port": "0", - "mask_src_port": "65535", - "dst_ip": "0.0.0.0", - "mask_dst_ip": "255.255.255.255", - "dst_port": "0", - "mask_dst_port": "65535", - "protocol": 0, - "direction": "double" - } - } - ] - } - ] - } - ], - "plugin_table": [ - { - "table_name": "PXY_OBJ_SPOOFING_IP_POOL", - "table_content": [ - "1\t4\t0\t192.168.11.127\t0\t0\t\t0\t0\t1\t123\t10\t{}\t20181217-0:22" - ] - } - ] - } diff --git a/run/memchk.sh b/run/memchk.sh deleted file mode 100644 index 1d07532..0000000 --- a/run/memchk.sh +++ /dev/null @@ -1,2 +0,0 @@ -#!/bin/sh -valgrind --tool=memcheck --leak-check=full --leak-resolution=high --error-limit=no --undef-value-errors=yes --log-file=valgrind.log ./sapp diff --git a/run/memchk.sh.full b/run/memchk.sh.full deleted file mode 100644 index e7cd327..0000000 --- a/run/memchk.sh.full +++ /dev/null @@ -1,2 +0,0 @@ -#!/bin/sh -valgrind --tool=memcheck --leak-check=full --show-leak-kinds=all --leak-resolution=high --error-limit=no --undef-value-errors=yes --track-origins=yes --show-reachable=yes --log-file=valgrind.log --max-stackframe=7418264 --valgrind-stacksize=1048576 --malloc-fill=AA --free-fill=FE ./sapp diff --git a/run/memchk.sh.quick b/run/memchk.sh.quick deleted file mode 100644 index 1d07532..0000000 --- a/run/memchk.sh.quick +++ /dev/null @@ -1,2 +0,0 @@ -#!/bin/sh -valgrind --tool=memcheck --leak-check=full --leak-resolution=high --error-limit=no --undef-value-errors=yes --log-file=valgrind.log ./sapp diff --git a/run/pag.conf b/run/pag.conf deleted file mode 100644 index 23a69bd..0000000 --- a/run/pag.conf +++ /dev/null @@ -1,6 +0,0 @@ -[pag] -dev_name=vxlan_user -app_name=sapp_master -burst_rx=32 -burst_tx=32 -cpu_id=1-8 diff --git a/run/platform_lib/packet_io_ipfile.so b/run/platform_lib/packet_io_ipfile.so deleted file mode 100644 index 9bffdda..0000000 Binary files a/run/platform_lib/packet_io_ipfile.so and /dev/null differ diff --git a/run/platform_lib/packet_io_marsio.so b/run/platform_lib/packet_io_marsio.so deleted file mode 100644 index 0a28a2c..0000000 Binary files a/run/platform_lib/packet_io_marsio.so and /dev/null differ diff --git a/run/platform_lib/packet_io_marsio.so.no_forward b/run/platform_lib/packet_io_marsio.so.no_forward deleted file mode 100644 index 0669bed..0000000 Binary files a/run/platform_lib/packet_io_marsio.so.no_forward and /dev/null differ diff --git a/run/platform_lib/packet_io_marsio.so.normal b/run/platform_lib/packet_io_marsio.so.normal deleted file mode 100644 index 76a5e52..0000000 Binary files a/run/platform_lib/packet_io_marsio.so.normal and /dev/null differ diff --git a/run/platform_lib/packet_io_pag_marsio.so b/run/platform_lib/packet_io_pag_marsio.so deleted file mode 100644 index c302ff8..0000000 Binary files a/run/platform_lib/packet_io_pag_marsio.so and /dev/null differ diff --git a/run/platform_lib/packet_io_pcap.so b/run/platform_lib/packet_io_pcap.so deleted file mode 100644 index 2c291eb..0000000 Binary files a/run/platform_lib/packet_io_pcap.so and /dev/null differ diff --git a/run/plug/business/conflist_business.inf b/run/plug/business/conflist_business.inf deleted file mode 100644 index 56c2d52..0000000 --- a/run/plug/business/conflist_business.inf +++ /dev/null @@ -1,4 +0,0 @@ -./plug/business/kni/kni.inf -#./plug/business/deliver/deliver.inf -#./plug/business/hid/hid.inf - diff --git a/run/plug/business/kni/kni.inf b/run/plug/business/kni/kni.inf deleted file mode 100644 index 028e921..0000000 --- a/run/plug/business/kni/kni.inf +++ /dev/null @@ -1,25 +0,0 @@ -[PLUGINFO] -PLUGNAME=KNI -SO_PATH=./plug/business/kni/kni.so -INIT_FUNC=kni_init -DESTROY_FUNC= - -#[IP] -#FUNC_FLAG=all -#FUNC_NAME=kni_ipv4_entry - - -[UDP] -FUNC_FLAG=all -FUNC_NAME=kni_udp_entry - - -[TCP_ALL] -FUNC_FLAG=all -FUNC_NAME=kni_tcpall_entry - -[HTTP] -FUNC_FLAG=HTTP_HOST -FUNC_NAME=kni_http_entry - - diff --git a/run/plug/business/kni/kni.so b/run/plug/business/kni/kni.so deleted file mode 100644 index a63d701..0000000 Binary files a/run/plug/business/kni/kni.so and /dev/null differ diff --git a/run/plug/platform/conflist_platform.inf b/run/plug/platform/conflist_platform.inf deleted file mode 100644 index 5e0b0c6..0000000 --- a/run/plug/platform/conflist_platform.inf +++ /dev/null @@ -1 +0,0 @@ -./plug/platform/g_device_plug/g_device_plug.inf diff --git a/run/plug/platform/g_device_plug/g_device_plug.inf b/run/plug/platform/g_device_plug/g_device_plug.inf deleted file mode 100644 index 1387c6a..0000000 --- a/run/plug/platform/g_device_plug/g_device_plug.inf +++ /dev/null @@ -1,9 +0,0 @@ -[PLUGINFO] -PLUGNAME=g_device_udp_plug -SO_PATH=./plug/platform/g_device_plug/g_device_plug.so -INIT_FUNC=gdev_keepalive_plug_init - -[UDP] -FUNC_FLAG=ALL -FUNC_NAME=gdev_keepalive_udp_entry - diff --git a/run/plug/platform/g_device_plug/g_device_plug.so b/run/plug/platform/g_device_plug/g_device_plug.so deleted file mode 100644 index 4fee6ba..0000000 Binary files a/run/plug/platform/g_device_plug/g_device_plug.so and /dev/null differ diff --git a/run/plug/protocol/conflist_protocol.inf b/run/plug/protocol/conflist_protocol.inf deleted file mode 100644 index 71d2531..0000000 --- a/run/plug/protocol/conflist_protocol.inf +++ /dev/null @@ -1 +0,0 @@ -./plug/protocol/http/http.inf diff --git a/run/plug/protocol/http/http.inf b/run/plug/protocol/http/http.inf deleted file mode 100644 index 538c962..0000000 --- a/run/plug/protocol/http/http.inf +++ /dev/null @@ -1,15 +0,0 @@ -[PLUGINFO] -PLUGNAME=HTTP -SO_PATH=./plug/protocol/http/http.so -INIT_FUNC=HTTP_INIT -DESTROY_FUNC=HTTP_DESTROY -GETPLUGID_FUNC=HTTP_GETPLUGID -FLAGCHANGE_FUNC=HTTP_FLAG_CHANGE -FLAGSTATE_FUNC=HTTP_PROT_FUNSTAT - -[TCP] -FUNC_FLAG=ALL -FUNC_NAME=HTTP_ENTRY - - - diff --git a/run/plug/protocol/http/http.so b/run/plug/protocol/http/http.so deleted file mode 100644 index d9e374a..0000000 Binary files a/run/plug/protocol/http/http.so and /dev/null differ diff --git a/run/r2 b/run/r2 deleted file mode 100644 index e147b19..0000000 --- a/run/r2 +++ /dev/null @@ -1,3 +0,0 @@ -killall r3 sapp -./r3 &> /dev/null & -#./kill_sapp_by_mem.sh &> /dev/null & diff --git a/run/r3 b/run/r3 deleted file mode 100644 index f67113d..0000000 --- a/run/r3 +++ /dev/null @@ -1,17 +0,0 @@ -#!/bin/sh - -while [ 1 ]; do - count=`ls -l core.* |wc -l` - echo $count - if [ $count -lt 5 ] - then - echo "set unlimited" - ulimit -c unlimited - else - ulimit -c 0 - fi - - ./sapp > /dev/null - echo program crashed, restart at `date +"%w %Y/%m/%d, %H:%M:%S"` >> RESTART.log - sleep 10 -done diff --git a/run/sapp b/run/sapp deleted file mode 100644 index ed09803..0000000 Binary files a/run/sapp and /dev/null differ diff --git a/run/update.conf b/run/update.conf deleted file mode 100644 index 2c88b24..0000000 --- a/run/update.conf +++ /dev/null @@ -1,40 +0,0 @@ -"isakmp_protocol_plug={ IS_VALID=YES - MAKE_DIR=./sapp/ - DST_LOG_DIR=./log/ - #CONF_DIR=./ - #DST_CONF_DIR=./ - INF_DIR=./sapp/run/plug/protocol/isakmp_protocol_plug/isakmp_protocol_plug.inf - DST_INF_DIR=./plug/protocol/isakmp_protocol_plug/isakmp_protocol_plug.inf - SO_DIR=./sapp/run/plug/protocol/isakmp_protocol_plug/isakmp_protocol_plug.so - DST_SO_DIR=./plug/protocol/isakmp_protocol_plug/isakmp_protocol_plug.so - #HEADER_DIR=./ - #DST_HEADER_DIR=/opt/MESA/soq/ - }" - - -"l2tp_protocol_plug={ IS_VALID=YES - MAKE_DIR=./sapp/ - DST_LOG_DIR=./log/ - #CONF_DIR=./ - #DST_CONF_DIR=./ - INF_DIR=./sapp/run/plug/protocol/l2tp_protocol_plug/l2tp_protocol_plug.inf - DST_INF_DIR=./plug/protocol/l2tp_protocol_plug/l2tp_protocol_plug.inf - SO_DIR=./sapp/run/plug/protocol/l2tp_protocol_plug/l2tp_protocol_plug.so - DST_SO_DIR=./plug/protocol/l2tp_protocol_plug/l2tp_protocol_plug.so - #HEADER_DIR=./ - #DST_HEADER_DIR=/opt/MESA/soq/ - }" - -"pptp_protocol_plug={ IS_VALID=YES - MAKE_DIR=./sapp/ - DST_LOG_DIR=./log/ - #CONF_DIR=./soq_master/t1_bin/t1conf/ - #DST_CONF_DIR=./ - INF_DIR=./sapp/run/plug/protocol/pptp_protocol_plug/pptp_protocol_plug.inf - DST_INF_DIR=./plug/protocol/pptp_protocol_plug/pptp_protocol_plug.inf - SO_DIR=./sapp/run/plug/protocol/pptp_protocol_plug/pptp_protocol_plug.so - DST_SO_DIR=./plug/protocol/pptp_protocol_plug/pptp_protocol_plug.so - #HEADER_DIR=./soq_master/inc/ - #DST_HEADER_DIR=/opt/MESA/soq/ - }" - diff --git a/run/version.conf b/run/version.conf deleted file mode 100644 index e69de29..0000000 diff --git a/run/vv.py b/run/vv.py deleted file mode 100644 index 06508bc..0000000 --- a/run/vv.py +++ /dev/null @@ -1,124 +0,0 @@ -import os -import sys -import subprocess -from optparse import OptionParser -from ftplib import FTP -from pprint import pprint #del later - -dic={} -contact={} -date={} -filename_default="version.conf" -ftpserver='10.0.6.235' -directory='./MESA/' - -def getconf(confname): - with open(confname) as f: - for line in f.readlines(): - if line.startswith('#'): - continue - parts=line.split() - if len(parts)>=3: - name=parts[0].strip().replace('version','') - name=name.replace('VERSION','') - name=name.replace('_','') - dic[name]=parts[1] - contact[name]=parts[2] - date[name]=parts[3] - -def getfile(path): - for root,dirs,files in os.walk(path): - for f in files: - if f.endswith('.so'): - #print(f) - fname=os.path.join(root,f) - yield fname - -def getversion(f): - vers=subprocess.Popen('nm '+f+'|grep VERSION',shell=True,stdout=subprocess.PIPE) - for line in vers.stdout.readlines(): - i=line.split() - #print(i[-1]) - yield(i[-1]) - -def checkversion(v): - name=v.strip().replace('version','') - name=name.replace('VERSION','') - name=name.replace('_','') - name=filter(lambda ch:ch not in '0123456789',name) - #newv=dic[name] - newv=dic.get(name,None) - if newv==None: - print('\033[1;33m %s \033[1;m' % ('\t+++'+name+' is not found in your config file.')) - return None - if newv==v: - print('\t\033[1;32m%-120s\033[1;32m%s \033[1;m' % (v,'[LASTEST]')) - else: - vnow=v.strip().split() - vnew=newv.strip().split() - if vnow[-1]vnew[-1]: - print('\t\033[1;33m%-120s\033[1;33m%s \033[1;m' % (v,'[WARNING]')) - print('\t[+]Newer than your latest config version!') - else: - print('\033[1;33m %s \033[1;m' % ('#####cannot check '+v)) - -def ftp_down(fname=filename_default): - try: - ftp=FTP(ftpserver) - ftp.login() - ftp.cwd(directory) - #version.conf->version.conf.bak - if os.path.exists(filename_default): - #os.name(filename_default,filename_default+'.bak') - if os.system('mv '+filename_default+' '+filename_default+'.bak')==0: - print(filename_default+' has been renamed as '+filename_default+'.bak') - file_handler=open(filename_default,'wb').write - ftp.retrbinary("RETR %s" % os.path.basename(filename_default),file_handler,1024) - ftp.close() - print("get "+filename_default+" from "+ftpserver+" successfully.") - except: - print("get "+filename_default+" from "+ftpserver+" failed.") - -'''def main(argv): - getconf() - if len(argv)==1: - print("arg error") - print("please input the dir path!") - exit() - for f in getfile(argv[1]): - print(f) - for i in getversion(f): - #print('\t'+i) - checkversion(i) - #print('------') - #pprint(dic)''' - -def main(): - useage="usage:%prog [options arg]" - parser=OptionParser(useage) - parser.add_option("-f","--file",dest="filename",default=filename_default,help="FILENAME of your config. Default file is "+filename_default) - parser.add_option("-p","--path",dest="path",default="./",help="lib PATH that you want to verifiy. Default path is ./") - parser.add_option("-u","--update",dest="update",action="store_true",default=False,help="update config from ftp.") - (options,args)=parser.parse_args() - #print(options.filename) - #print(options.path) - if options.update: - ftp_down() - else: - if not os.path.exists(options.filename): - print(options.filename+" not exists") - exit() - getconf(options.filename) - for f in getfile(options.path): - print(f) - for i in getversion(f): - #print('\t'+i) - checkversion(i) - -if __name__=="__main__": - #main(sys.argv) - main() - diff --git a/run/wyconf/hid.conf b/run/wyconf/hid.conf deleted file mode 100644 index 5ef01f2..0000000 --- a/run/wyconf/hid.conf +++ /dev/null @@ -1,9 +0,0 @@ -[MOUDLE] -table_info_path=./wyconf/maat_table_info.conf -ful_cfg_dir=/home/liuyang/run/sapp_run/config/index -inc_cfg_dir=/home/liuyang/run/sapp_run/config/inc/index -logger_filepath=./log/hid.log -logger_level=10 - -maat_json_switch=1 - diff --git a/run/wyconf/hid_maat_test.json b/run/wyconf/hid_maat_test.json deleted file mode 100644 index 611ce9c..0000000 --- a/run/wyconf/hid_maat_test.json +++ /dev/null @@ -1,94 +0,0 @@ -{ - "compile_table": "MATT_CONFIG_COMPILE", - "group_table": "MATT_CONFIG_GROUP", - "rules": [ - { - "compile_id": 123, - "service": 1, - "action": 2, - "do_blacklist": 1, - "do_log": 1, - "effective_rage": 0, - "user_region": "anything", - "is_valid": "yes", - "groups": [ - { - "group_name": "IP_group", - "regions": [ - { - "table_name": "HID_IP", - "table_type": "ip", - "table_content": { - "addr_type": "ipv4", - "src_ip": "114.114.114.114", - "mask_src_ip": "255.255.255.255", - "src_port": "0", - "mask_src_port": "65535", - "dst_ip": "0.0.0.0", - "mask_dst_ip": "255.255.255.255", - "dst_port": "0", - "mask_dst_port": "65535", - "protocol": 0, - "direction": "double" - } - } - ] - } - ] - }, - { - "compile_id": 125, - "service": 1, - "action": 1, - "do_blacklist": 1, - "do_log": 1, - "effective_range": 0, - "user_region": "123.56.104.218", - "is_valid": "yes", - "groups": [ - { - "group_name": "group1", - "regions": [ - { - "table_name": "HID_CONTENT", - "table_type": "string", - "table_content": { - "keywords": "3d87a97d", - "expr_type": "none", - "match_method": "sub", - "format":"hexbin" - } - } - ] - } - ] - }, - { - "compile_id": 127, - "service": 1, - "action": 1, - "do_blacklist": 1, - "do_log": 1, - "effective_range": 0, - "user_region": "123.56.104.218", - "is_valid": "yes", - "groups": [ - { - "group_name": "group2", - "regions": [ - { - "table_name": "HID_CONTENT", - "table_type": "string", - "table_content": { - "keywords": "3d87a979", - "expr_type": "none", - "match_method": "sub", - "format":"hexbin" - } - } - ] - } - ] - } - ] -} diff --git a/run/wyconf/hid_maat_test.json_iris_tmp/.local b/run/wyconf/hid_maat_test.json_iris_tmp/.local deleted file mode 100644 index 9258830..0000000 --- a/run/wyconf/hid_maat_test.json_iris_tmp/.local +++ /dev/null @@ -1,4 +0,0 @@ -0000000003 -0 123 1 -1 125 1 -2 127 1 diff --git a/run/wyconf/hid_maat_test.json_iris_tmp/HID_CONTENT.local b/run/wyconf/hid_maat_test.json_iris_tmp/HID_CONTENT.local deleted file mode 100644 index 8b6e0b9..0000000 --- a/run/wyconf/hid_maat_test.json_iris_tmp/HID_CONTENT.local +++ /dev/null @@ -1,3 +0,0 @@ -0000000002 -1 1 3d87a97d 0 0 1 1 -2 2 3d87a979 0 0 1 1 diff --git a/run/wyconf/hid_maat_test.json_iris_tmp/HID_IP.local b/run/wyconf/hid_maat_test.json_iris_tmp/HID_IP.local deleted file mode 100644 index 0c47225..0000000 --- a/run/wyconf/hid_maat_test.json_iris_tmp/HID_IP.local +++ /dev/null @@ -1,2 +0,0 @@ -0000000001 -0 0 4 114.114.114.114 255.255.255.255 0 65535 0.0.0.0 255.255.255.255 0 65535 0 0 1 diff --git a/run/wyconf/hid_maat_test.json_iris_tmp/MATT_CONFIG_COMPILE.local b/run/wyconf/hid_maat_test.json_iris_tmp/MATT_CONFIG_COMPILE.local deleted file mode 100644 index 26ae73d..0000000 --- a/run/wyconf/hid_maat_test.json_iris_tmp/MATT_CONFIG_COMPILE.local +++ /dev/null @@ -1,4 +0,0 @@ -0000000003 -123 1 2 1 1 0 anything 1 -125 1 1 1 1 0 123.56.104.218 1 -127 1 1 1 1 0 123.56.104.218 1 diff --git a/run/wyconf/hid_maat_test.json_iris_tmp/MATT_CONFIG_GROUP.local b/run/wyconf/hid_maat_test.json_iris_tmp/MATT_CONFIG_GROUP.local deleted file mode 100644 index 9258830..0000000 --- a/run/wyconf/hid_maat_test.json_iris_tmp/MATT_CONFIG_GROUP.local +++ /dev/null @@ -1,4 +0,0 @@ -0000000003 -0 123 1 -1 125 1 -2 127 1 diff --git a/run/wyconf/hid_maat_test.json_iris_tmp/index/full_config_index.0000000001 b/run/wyconf/hid_maat_test.json_iris_tmp/index/full_config_index.0000000001 deleted file mode 100644 index bdd6e53..0000000 --- a/run/wyconf/hid_maat_test.json_iris_tmp/index/full_config_index.0000000001 +++ /dev/null @@ -1,4 +0,0 @@ -MATT_CONFIG_COMPILE 3 ./wyconf/hid_maat_test.json_iris_tmp/MATT_CONFIG_COMPILE.local -MATT_CONFIG_GROUP 3 ./wyconf/hid_maat_test.json_iris_tmp/MATT_CONFIG_GROUP.local -HID_IP 1 ./wyconf/hid_maat_test.json_iris_tmp/HID_IP.local -HID_CONTENT 2 ./wyconf/hid_maat_test.json_iris_tmp/HID_CONTENT.local diff --git a/run/wyconf/maat_table_info.conf b/run/wyconf/maat_table_info.conf deleted file mode 100644 index a7fd9a4..0000000 --- a/run/wyconf/maat_table_info.conf +++ /dev/null @@ -1,4 +0,0 @@ -1 MATT_CONFIG_COMPILE compile GBK GBK no 0 -2 MATT_CONFIG_GROUP group GBK GBK no 0 -3 HID_IP ip GBK GBK no 0 -4 HID_CONTENT expr GBK GBK yes 0 diff --git a/run/wyconf/p7p1.pcap b/run/wyconf/p7p1.pcap deleted file mode 100644 index 4500603..0000000 Binary files a/run/wyconf/p7p1.pcap and /dev/null differ diff --git a/script/run.sh b/script/run.sh new file mode 100755 index 0000000..5ffb826 --- /dev/null +++ b/script/run.sh @@ -0,0 +1,11 @@ +SAPP_RUN="/home/tsg/kni" +/bin/cp -f ../conf/sapp/conflist_business.inf $SAPP_RUN/plug/business/conflist_business.inf +/bin/cp -rf ../conf/sapp/kni/ $SAPP_RUN/plug/business +/bin/cp -f ../build/entry/libkni.so $SAPP_RUN/plug/business/kni/libkni.so + +mkdir -p $SAPP_RUN/conf/kni +/bin/cp -f ../conf/kni.conf $SAPP_RUN/conf/kni/kni.conf +/bin/cp -f ../conf/maat/maat_test.json $SAPP_RUN/conf/kni/maat_test.json +/bin/cp -f ../conf/maat/maat_tableinfo.conf $SAPP_RUN/conf/kni/maat_tableinfo.conf +cat $SAPP_RUN/conf/project_list.conf | grep "kni_http_tag" >/dev/null 2>&1 && exit +echo "kni_http_tag struct" >> $SAPP_RUN/conf/project_list.conf \ No newline at end of file diff --git a/vendor/CMakeLists.txt b/vendor/CMakeLists.txt index 87ec93a..bc8ca1f 100644 --- a/vendor/CMakeLists.txt +++ b/vendor/CMakeLists.txt @@ -2,22 +2,22 @@ include(ExternalProject) -### IPLocator -ExternalProject_Add(IPLocator - PREFIX IPLocator - URL ${CMAKE_CURRENT_SOURCE_DIR}/IPLocator-master.tar.gz - URL_MD5 685979caaa2b309221a21d5aab5e9cd5 - CONFIGURE_COMMAND ./configure --prefix= --disable-shared - BUILD_IN_SOURCE 1) -ExternalProject_Get_Property(IPLocator INSTALL_DIR) +### cJSON +ExternalProject_Add(cJSON PREFIX cJSON + URL ${CMAKE_CURRENT_SOURCE_DIR}/cJSON-1.7.7.tar.gz + URL_MD5 715009c99728bf81d6c97352718650ff + CMAKE_ARGS -DCMAKE_INSTALL_PREFIX= + -DCMAKE_BUILD_TYPE=${CMAKE_BUILD_TYPE} + -DBUILD_SHARED_AND_STATIC_LIBS=1) + +ExternalProject_Get_Property(cJSON INSTALL_DIR) file(MAKE_DIRECTORY ${INSTALL_DIR}/include) -add_library(IPLocator-static STATIC IMPORTED GLOBAL) -set_property(TARGET IPLocator-static PROPERTY IMPORTED_LOCATION ${INSTALL_DIR}/lib/libmaxminddb.a) -set_property(TARGET IPLocator-static PROPERTY INTERFACE_INCLUDE_DIRECTORIES ${INSTALL_DIR}/include) - - +add_library(cjson SHARED IMPORTED GLOBAL) +add_dependencies(cjson cJSON) +set_property(TARGET cjson PROPERTY IMPORTED_LOCATION ${INSTALL_DIR}/lib64/libcjson.a) +set_property(TARGET cjson PROPERTY INTERFACE_INCLUDE_DIRECTORIES ${INSTALL_DIR}/include) ### MESA Framework