#ifndef KNI_PROCESS_H #define KNI_PROCESS_H #include #include "stream.h" #include "MESA_prof_load.h" #include "MESA_handle_logger.h" #include "MESA_htable.h" #include "MESA_list_queue.h" #include "field_stat2.h" #include "Maat_rule.h" #include "kni_comm.h" #include "kni_intercept.h" #include "kni_ratelimit.h" #include "kni_utils.h" #ifndef TH_FIN #define TH_FIN 0x01 #endif #ifndef TH_SYN #define TH_SYN 0x02 #endif #ifndef TH_RST #define TH_RST 0x04 #endif #ifndef TH_PUSH #define TH_PUSH 0x08 #endif #ifndef TH_ACK #define TH_ACK 0x10 #endif #ifndef TH_URG #define TH_URG 0x20 #endif //#define KNI_DEBUG_TCPREPAIR 1 //#define KNI_DEBUG_KEEPALIVE 1 #define KNI_MAX_THREADNUM 64 #define KNI_ETHER_LEN 14 #define TCPHDR_DEFAULT_LEN 20 //only for get domain_len #define KNI_DEFAULT_MTU 1500 //for read config and packet #define KNI_MAX_BUFLEN 2000 //work module #define KNI_MODE_WORK 0 #define KNI_MODE_BYPASS 1 //runtime log #define KNI_MODULE_INIT "kni_init" #define KNI_MODULE_READTUN "pthread_process_tun" #define KNI_MODULE_SENDPKT "kni_sendpkt" #define KNI_MODULE_WRITETUN "kni_write_tun" #define KNI_MODULE_IPENTRY "kni_process" #define KNI_MODULE_INFO "kni_info" #define KNI_MODULE_DEBUG "kni_debug" #define KNI_MODULE_SENDFD "send_fds" #define KNI_ACTION_EXIT "exit..." //init profile info #define KNI_CONF_MAXLEN 1024 #define KNI_CONF_FILENAME "./kniconf/kni.conf" #define KNI_MAIN_MODE "main" #define KNI_FS_MODE "field_stat" #define KNI_DYNMAAT_MODE "dynmic_maat" #define KNI_STATIC_MAAT_MODE "static_maat" #define KNI_TUN_MODE "tun" #define KNI_CONF_MODE "Module" #define KNI_CONF_FILENAME_MAIN "./conf/main.conf" #define KNI_OFFSET_ROUTDIR 1 #define KNI_OFFSET_CARDNAME 3 #define KNI_CARD_NUM 2 #define PROTO_TYPE_TCP 6 #define PROTO_TYPE_UDP 17 //maat #define KNI_ACTION_NONE 0x00 #define KNI_ACTION_MONITOR 0x01 #define KNI_ACTION_RATELIMIT 0x40 #define KNI_ACTION_REPLACE 0x50 #define KNI_ACTION_WHITELIST 0x80 #define KNI_ACTION_HALFHIT -2 #define KNI_ACTION_NOTPROC -1 #define KNI_MAX_SAMENUM 10 #define KNI_TABLENAME_IP "WHITE_LIST_IP" #define KNI_TABLENAME_DOMAIN "WHITE_LIST_DOMAIN" #define KNI_TABLENAME_PKTBIN "PXY_INTERCEPT_PKT_BIN" #define KNI_TABLENAME_DNY_DOMAIN "IPD_RELATED_DOMAIN" #define KNI_READCONF_IRIS 0 #define KNI_READCONF_JSON 1 #define KNI_READCONF_REDIS 2 #define KNI_SCANDIR_INTERVAL 1000 #define KNI_EFFECT_INTERVAL 60000 #define KNI_MAATJSON_FILEPATH "./kniconf/maat_test.json" #define KNI_TABLEINFO_PATH "./kniconf/maat_table_info.conf" #define KNI_FULLCFG_FILEPATH "/home/config/full/index" #define KNI_INCCFG_FILEPATH "/home/config/inc/index" #define KNI_STAT_FILEPATH "./log/kni_maat_stat" #define KNI_DYN_STAT_FILEPATH "./log/kni_dyn_maat_stat" //lqueue info #define KNI_THREAD_SAFE 1 #define KNI_USLEEP_TIME 10 #define KNI_LQUEUE_MAXNUM 100000 //htable_info #define KNI_HTABLE_SIZE 1024*1024 #define KNI_HTABLE_MAXNUM 100000 #define KNI_HTABLE_EXPIRE_TIME 60*60*24 //ssl info #define KNI_SSL_PORT 443 #define KNI_SNI_MAXLEN 65535 #define SSL_HEADER_LEN 5 #define SSL_CONTENTTYPE_HANDSHAKE 0x16 #define SSL_VERSION_TLS1_0 0x0301 #define SSL_VERSION_TLS1_1 0x0302 #define SSL_VERSION_TLS1_2 0x0303 #define SSL_BODY_LEN 4 #define SSL_HANDSHAR_TYPE_CLIENTHELLO 0x01 #define SSL_EXTENSION_TYPE_SNI 0x0 #define KNI_MACADDR_LEN 6 //default tcp opt #define KNI_DEFAULT_WINSCLE 0 #define KNI_DEFAULT_MSS 1460 //tcp opt type #define KNI_TCPOPT_MSS 2 #define KNI_TCPOPT_WINSCALE 3 #define KNI_TCPOPT_SACKOK 4 #define KNI_TCPOPT_TIMESTAMP 8 #define KNI_DIR_DOUBLE 2 #define KNI_DIR_C2S 0 #define KNI_DIR_S2C 1 #define KNI_TCPREPAIR_OPT_NUM 4 #define KNI_PROJECT_NAME "protocol_tag" #define KNI_DEFAULT_MODE_INTERCEPT 0 #define KNI_DEFAULT_MODE_BYPASS 1 #define KNI_SERVICE_LEN 4096 //tlv info enum { KNI_TLV_MAGIC = 0x4d5a }; enum KNI_TLV_TYPE { KNI_TLV_TYPE_PROTOCOL = 0x0001, KNI_TLV_TYPE_KEYRING_ID = 0x0002 }; enum KNI_TLV_VALUE { KNI_TLV_VALUE_HTTP = 0x01, KNI_TLV_VALUE_SSL = 0x02, }; struct kni_tlv_header { uint16_t magic; uint16_t counts; }; struct kni_tlv_info { uint16_t type; uint16_t len; // uint8_t value[0]; }; struct kni_repaired_fds { int client_fd; int server_fd; int protocol; int keyring; }; //TODO struct kni_inject_pkt { int addr_type; int buflen; struct timespec start; char* buf; }; enum kni_flag { KNI_FLAG_UNKNOW=0, KNI_FLAG_HTTP, KNI_FLAG_SSL, KNI_FLAG_OUTUSER, KNI_FLAG_WHITELIST_IP, KNI_FLAG_WHITELIST_DOMAIN, KNI_FLAG_DROP, KNI_FLAG_NOTPROC, }; struct kni_switch_info { int maat_default_mode; //0:INTERCEPT 1:BYPASS int replay_win_update; //0:not replay;1:replay int ratelimit_switch; int replace_switch; int sendpkt_mode; //0:mesa_sendpkt_option;1:socket int write_listq_switch; //0:no listq;1:has listq int send_fds_mode; //0:has listq;1:no listq }; struct kni_http_project { int host_len; char host[KNI_DEFAULT_MTU]; }; //global variable //comm struct kni_var_comm { int project_id; int kni_mode_cur; //0:work 1:bypass int thread_num; int tun_threadnum; int fd_domain; int mark; char tun_name[KNI_CONF_MAXLEN]; char domain_path[KNI_CONF_MAXLEN]; char card_in[KNI_CONF_MAXLEN]; char card_out[KNI_CONF_MAXLEN]; int* fd_tun; void* logger; int* fd_sendpkt; }; //htable and lqueue struct kni_var_struct { MESA_htable_handle htable_to_tun_v4; MESA_htable_handle htable_to_tun_v6; MESA_lqueue_head lqueue_send_fds; MESA_lqueue_head lqueue_write_tun[KNI_MAX_THREADNUM]; }; //maat struct kni_var_maat { Maat_feather_t maat_feather; Maat_feather_t ipd_dyn_maat_feather; short tableid_ip; short tableid_area; short tableid_domain; short tableid_pktbin; short tableid_dynamic_domain; }; //for get tcp option struct kni_tcp_opt_format { char type; char len; char content[32]; }; struct common_tcp_opt { unsigned char sack_ok; unsigned char wnscale; unsigned short mss; //host order unsigned int timestamp; }; struct kni_wndpro_reply_info { unsigned int seq; //host order unsigned int ack; //host order unsigned int syn_flag; unsigned int len; //tcp payload len:host order unsigned short wndsize; //host order }; struct kni_tcpopt_info { unsigned short mss; //host order unsigned char wnscal; //host order unsigned char sack; unsigned char timestamps; }; //tcp retelimit config struct kni_ratelimit_info { int molecule; int denominator; }; //tcpall/udp_entry pmeinfo struct kni_pme_info { //test int tun_index; //end int action; int cfg_id; int keyring_id; int ipsscan_action; int protocol; int maat_result_num; int ser_def_len; int client_fd; //only for log,not real fd int server_fd; //only for log,not read fd scan_status_t mid; char service_defined[KNI_SERVICE_LEN]; //for replace and ratelimited struct kni_ratelimit_info ratelimit_info; struct kni_tcpopt_info tcpopt_info[KNI_DIR_DOUBLE]; //for monitor,tcp repair struct kni_wndpro_reply_info lastpkt_info[KNI_DIR_DOUBLE]; //for monitor,reply windows update }; //htable_data_info ipv4 struct kni_htable_datainfo { //for sendpkt int route_dir; //TODO:CHAR unsigned char smac[KNI_MACADDR_LEN]; unsigned char dmac[KNI_MACADDR_LEN]; //send wnd pro reply int wndprob_flag[KNI_DIR_DOUBLE]; struct kni_wndpro_reply_info lastpkt_info[KNI_DIR_DOUBLE]; }; //set tcp repair info struct kni_tcp_state { struct sockaddr* src_addr; struct sockaddr* dst_addr; unsigned int seq; unsigned int ack; unsigned short win; unsigned short mss_src; unsigned short mss_dst; unsigned char wscale_src; unsigned char wscale_dst; unsigned char sack_src; unsigned char sack_dst; unsigned char timestamps_src; unsigned char timestamps_dst; }; struct args_read_tun { int thread_seq; //in int iprevers; //in int iplen; //in int routdir; //out char* a_packet; //in unsigned char smac[KNI_MACADDR_LEN]; //out unsigned char dmac[KNI_MACADDR_LEN]; //ouit }; /* #ifndef TCP_REPAIR_WINDOW #define TCP_REPAIR_WINDOW 29 #endif struct tcp_repair_window { __u32 snd_wl1; __u32 snd_wnd; __u32 max_window; __u32 rcv_wnd; __u32 rcv_wup; }; */ //as same as sapp #define NEXTHDR_HOP 0 /* Hop-by-hop option header. */ #define NEXTHDR_IPIP 4 /* IPIP header. */ #define NEXTHDR_TCP 6 /* TCP segment. */ #define NEXTHDR_UDP 17 /* UDP message. */ #define NEXTHDR_IPV6 41 /* IPv6 in IPv6 */ #define NEXTHDR_ROUTING 43 /* Routing header. */ #define NEXTHDR_FRAGMENT 44 /* Fragmentation/reassembly header. */ #define NEXTHDR_ESP 50 /* Encapsulating security payload. */ #define NEXTHDR_AUTH 51 /* Authentication header. */ #define NEXTHDR_ICMP 58 /* ICMP for IPv6. */ #define NEXTHDR_NONE 59 /* No next header */ #define NEXTHDR_DEST 60 /* Destination options header. */ #define NEXTHDR_MOBILITY 135 /* Mobility header. */ struct kni_ipv6_hdr { unsigned char ip6_flags[4]; unsigned short ip6_payload_len; unsigned char ip6_nex_hdr; unsigned char ip6_hop; struct in6_addr ip6_src; struct in6_addr ip6_dst; }; struct kni_udp_hdr { unsigned short uh_sport; /* soure port */ unsigned short uh_dport; /* destination port */ unsigned short uh_ulen; /* length */ unsigned short uh_sum; /* checksum */ }; struct kni_tcp_hdr { unsigned short th_sport; unsigned short th_dport; unsigned int th_seq; unsigned int th_ack; # if __BYTE_ORDER == __LITTLE_ENDIAN unsigned char th_x2:4, th_off:4; # elif __BYTE_ORDER == __BIG_ENDIAN unsigned char th_off:4, th_x2:4; # else # error "Adjust your defines" # endif unsigned char th_flags; unsigned short th_win; unsigned short thsum; unsigned short th_urp; }; extern struct kni_var_comm g_kni_comminfo; extern struct kni_var_struct g_kni_structinfo; extern struct kni_var_maat g_kni_maatinfo; extern struct kni_fs2_info g_kni_fs2_info; extern struct kni_switch_info g_kni_switch_info; extern int g_iThreadNum; extern char g_kni_cardname[KNI_CARD_NUM][KNI_CONF_MAXLEN]; int kni_htable_del(const struct streaminfo* pstream,const void* a_packet); #endif