gfwleak/tango-kni
Archived
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
This repository has been archived on 2025-09-14. You can view files and clone it, but cannot push or open issues or pull requests.
Files
a48d99ec262647a9a8765b9eb9603bed6ebd93aa
tango-kni/kni_entry.h

518 lines
11 KiB
C
Raw Blame History

#ifndef KNI_PROCESS_H
#define KNI_PROCESS_H
#include <time.h>
#include "stream.h"
#include "MESA_prof_load.h"
#include "MESA_handle_logger.h"
#include "MESA_htable.h"
#include "MESA_list_queue.h"
#include "field_stat2.h"
#include "Maat_rule.h"
#include "kni_comm.h"
#include "kni_intercept.h"
#include "kni_ratelimit.h"
#include "kni_utils.h"
#include "kni_redirect.h"
#ifndef TH_FIN
#define TH_FIN 0x01
#endif
#ifndef TH_SYN
#define TH_SYN 0x02
#endif
#ifndef TH_RST
#define TH_RST 0x04
#endif
#ifndef TH_PUSH
#define TH_PUSH 0x08
#endif
#ifndef TH_ACK
#define TH_ACK 0x10
#endif
#ifndef TH_URG
#define TH_URG 0x20
#endif
//#define KNI_DEBUG_TCPREPAIR 1
//#define KNI_DEBUG_KEEPALIVE 1
#define KNI_MAX_THREADNUM 64
#define KNI_ETHER_LEN 14
#define TCPHDR_DEFAULT_LEN 20
//only for get domain_len
#define KNI_DEFAULT_MTU 1500
//for read config and packet
#define KNI_MAX_BUFLEN 2000
//work module
#define KNI_MODE_WORK 0
#define KNI_MODE_BYPASS 1
//runtime log
#define KNI_MODULE_INIT "kni_init"
#define KNI_MODULE_READTUN "pthread_process_tun"
#define KNI_MODULE_SENDPKT "kni_sendpkt"
#define KNI_MODULE_WRITETUN "kni_write_tun"
#define KNI_MODULE_IPENTRY "kni_process"
#define KNI_MODULE_INFO "kni_info"
#define KNI_MODULE_DEBUG "kni_debug"
#define KNI_MODULE_SENDFD "send_fds"
#define KNI_MODULE_SENDLOG "kni_sendlog"
#define KNI_ACTION_EXIT "exit..."
//init profile info
#define KNI_CONF_MAXLEN 1024
#define KNI_CONF_FILENAME "./kniconf/kni.conf"
#define KNI_MAIN_MODE "main"
#define KNI_FS_MODE "field_stat"
#define KNI_DYNMAAT_MODE "dynmic_maat"
#define KNI_STATIC_MAAT_MODE "static_maat"
#define KNI_TUN_MODE "tun"
#define KNI_SENDLOG_MODE "send_log"
#define KNI_CONF_MODE "Module"
#define KNI_CONF_FILENAME_MAIN "./conf/main.conf"
#define KNI_OFFSET_ROUTDIR 1
#define KNI_OFFSET_CARDNAME 3
#define KNI_CARD_NUM 2
#define PROTO_TYPE_TCP 6
#define PROTO_TYPE_UDP 17
//maat
#define KNI_ACTION_NONE 0x00
#define KNI_ACTION_MONITOR 0x01
#define KNI_ACTION_REDIRECT 0X30
#define KNI_ACTION_RATELIMIT 0x40
#define KNI_ACTION_REPLACE 0x50
#define KNI_ACTION_WHITELIST 0x80
#define KNI_ACTION_HALFHIT -2
#define KNI_ACTION_NOTPROC -1
#define KNI_MAX_SAMENUM 10
#define KNI_TABLENAME_IP "WHITE_LIST_IP"
#define KNI_TABLENAME_DOMAIN "WHITE_LIST_DOMAIN"
#define KNI_TABLENAME_PKTBIN "PXY_INTERCEPT_PKT_BIN"
#define KNI_TABLENAME_SPOOFING_IP "PXY_OBJ_SPOOFING_IP_POOL"
#define KNI_TABLENAME_DNY_DOMAIN "IPD_RELATED_DOMAIN"
#define KNI_READCONF_IRIS 0
#define KNI_READCONF_JSON 1
#define KNI_READCONF_REDIS 2
#define KNI_SCANDIR_INTERVAL 1000
#define KNI_EFFECT_INTERVAL 60000
#define KNI_MAATJSON_FILEPATH "./kniconf/maat_test.json"
#define KNI_TABLEINFO_PATH "./kniconf/maat_table_info.conf"
#define KNI_FULLCFG_FILEPATH "/home/config/full/index"
#define KNI_INCCFG_FILEPATH "/home/config/inc/index"
#define KNI_STAT_FILEPATH "./log/kni_maat_stat"
#define KNI_DYN_STAT_FILEPATH "./log/kni_dyn_maat_stat"
//lqueue info
#define KNI_THREAD_SAFE 16
#define KNI_USLEEP_TIME 10
#define KNI_LQUEUE_MAXNUM 100000
//htable_info
#define KNI_HTABLE_SIZE 1024*1024
#define KNI_HTABLE_MAXNUM 100000
#define KNI_HTABLE_EXPIRE_TIME 60*60*24
//ssl info
#define KNI_SSL_PORT 443
#define KNI_SNI_MAXLEN 65535
#define SSL_HEADER_LEN 5
#define SSL_CONTENTTYPE_HANDSHAKE 0x16
#define SSL_VERSION_TLS1_0 0x0301
#define SSL_VERSION_TLS1_1 0x0302
#define SSL_VERSION_TLS1_2 0x0303
#define SSL_BODY_LEN 4
#define SSL_HANDSHAR_TYPE_CLIENTHELLO 0x01
#define SSL_EXTENSION_TYPE_SNI 0x0
#define KNI_MACADDR_LEN 6
//default tcp opt
#define KNI_DEFAULT_WINSCLE 0
#define KNI_DEFAULT_MSS 1460
//tcp opt type
#define KNI_TCPOPT_MSS 2
#define KNI_TCPOPT_WINSCALE 3
#define KNI_TCPOPT_SACKOK 4
#define KNI_TCPOPT_TIMESTAMP 8
#define KNI_DIR_DOUBLE 2
#define KNI_DIR_C2S 0
#define KNI_DIR_S2C 1
#define KNI_TCPREPAIR_OPT_NUM 4
#define KNI_PROJECT_NAME "protocol_tag"
#define KNI_DEFAULT_MODE_INTERCEPT 0
#define KNI_DEFAULT_MODE_BYPASS 1
#define KNI_SERVICE_LEN 4096
//tlv info
enum
{
KNI_TLV_MAGIC = 0x4d5a
};
enum KNI_TLV_TYPE
{
KNI_TLV_TYPE_PROTOCOL = 0x0001,
KNI_TLV_TYPE_KEYRING_ID = 0x0002
};
enum KNI_TLV_VALUE
{
KNI_TLV_VALUE_HTTP = 0x01,
KNI_TLV_VALUE_SSL = 0x02,
};
struct kni_tlv_header
{
uint16_t magic;
uint16_t counts;
};
struct kni_tlv_info
{
uint16_t type;
uint16_t len;
// uint8_t value[0];
};
struct kni_repaired_fds
{
int client_fd;
int server_fd;
int protocol;
int keyring;
};
struct kni_inject_pkt
{
int addr_type;
int buflen;
struct timespec start;
char* buf;
};
enum kni_flag
{
KNI_FLAG_UNKNOW=0,
KNI_FLAG_HTTP,
KNI_FLAG_SSL,
KNI_FLAG_OUTUSER,
KNI_FLAG_WHITELIST_IP,
KNI_FLAG_WHITELIST_DOMAIN,
KNI_FLAG_DROP,
KNI_FLAG_NOTPROC,
};
struct kni_switch_info
{
int maat_default_mode; //0:INTERCEPT 1:BYPASS
int replay_win_update; //0:not replay;1:replay
int ratelimit_switch;
int replace_switch;
int sendpkt_mode; //0:mesa_sendpkt_option;1:socket
int write_listq_switch; //0:no listq;1:has listq
int send_fds_mode; //0:has listq;1:no listq
int send_log_switch; //0:not send log;1:send log
};
struct kni_http_project
{
int host_len;
char host[KNI_DEFAULT_MTU];
};
//global variable
//comm
struct kni_var_comm
{
int project_id;
int kni_mode_cur; //0:work 1:bypass
int thread_num;
int tun_threadnum;
int fd_domain;
int mark;
int logger_level;
char tun_name[KNI_CONF_MAXLEN];
char domain_path[KNI_CONF_MAXLEN];
char card_in[KNI_CONF_MAXLEN];
char card_out[KNI_CONF_MAXLEN];
int* fd_tun;
void* logger;
int* fd_sendpkt;
};
//htable and lqueue
struct kni_var_struct
{
MESA_htable_handle htable_to_tun_v4;
MESA_htable_handle htable_to_tun_v6;
MESA_htable_handle htable_redirect;
MESA_lqueue_head lqueue_send_fds;
MESA_lqueue_head lqueue_write_tun[KNI_MAX_THREADNUM];
};
//maat
struct kni_var_maat
{
Maat_feather_t maat_feather;
Maat_feather_t ipd_dyn_maat_feather;
short tableid_ip;
short tableid_area;
short tableid_domain;
short tableid_pktbin;
short tableid_spoofing_ip;
short tableid_dynamic_domain;
};
//for get tcp option
struct kni_tcp_opt_format
{
char type;
char len;
char content[32];
};
struct common_tcp_opt
{
unsigned char sack_ok;
unsigned char wnscale;
unsigned short mss; //host order
unsigned int timestamp;
};
struct kni_wndpro_reply_info
{
unsigned int seq; //host order
unsigned int ack; //host order
unsigned int syn_flag;
unsigned int len; //tcp payload len:host order
unsigned short wndsize; //host order
};
struct kni_tcpopt_info
{
unsigned short mss; //host order
unsigned char wscale_perm;
unsigned char wscale; //host order
unsigned char sack_perm;
unsigned char timestamps;
};
//tcp retelimit config
struct kni_ratelimit_info
{
int molecule;
int denominator;
};
//tcpall/udp_entry pmeinfo
struct kni_pme_info
{
//test
int tun_index;
//end
int is_tcp_repaired;
int action;
int cfg_id;
int keyring_id;
int ipsscan_action;
int protocol;
int ser_def_len;
int client_fd; //only for log,not real fd
int server_fd; //only for log,not read fd
int maat_result_num;
scan_status_t mid;
char service_defined[KNI_SERVICE_LEN]; //for replace and ratelimited
struct stream_tuple4_v4 ipv4_addr;
struct stream_tuple4_v6 ipv6_addr;
struct Maat_rule_t maat_result[KNI_MAX_SAMENUM];
struct kni_ratelimit_info ratelimit_info;
struct redirect_htable_data redirect_info;
struct kni_tcpopt_info tcpopt_info[KNI_DIR_DOUBLE]; //for monitor,tcp repair
struct kni_wndpro_reply_info lastpkt_info[KNI_DIR_DOUBLE]; //for monitor,reply windows update
void* redirect_htable_key;
int redirect_key_len;
};
//htable_data_info ipv4
struct kni_htable_datainfo
{
//for sendpkt
int route_dir; //TODO:CHAR
unsigned char smac[KNI_MACADDR_LEN];
unsigned char dmac[KNI_MACADDR_LEN];
//send wnd pro reply
int wndprob_flag[KNI_DIR_DOUBLE];
struct kni_wndpro_reply_info lastpkt_info[KNI_DIR_DOUBLE];
};
//set tcp repair info
struct kni_tcp_state
{
struct sockaddr* src_addr;
struct sockaddr* dst_addr;
unsigned int seq;
unsigned int ack;
unsigned short win;
unsigned short mss_src;
unsigned short mss_dst;
unsigned char wscale_perm;
unsigned char wscale_src;
unsigned char wscale_dst;
unsigned char sack_src;
unsigned char sack_dst;
unsigned char timestamps_src;
unsigned char timestamps_dst;
};
struct args_read_tun
{
int thread_seq; //in
int iprevers; //in
int iplen; //in
int routdir; //out
char* a_packet; //in
unsigned char smac[KNI_MACADDR_LEN]; //out
unsigned char dmac[KNI_MACADDR_LEN]; //ouit
};
/*
#ifndef TCP_REPAIR_WINDOW
#define TCP_REPAIR_WINDOW 29
#endif
struct tcp_repair_window {
__u32 snd_wl1;
__u32 snd_wnd;
__u32 max_window;
__u32 rcv_wnd;
__u32 rcv_wup;
};
*/
//as same as sapp
#define NEXTHDR_HOP 0 /* Hop-by-hop option header. */
#define NEXTHDR_IPIP 4 /* IPIP header. */
#define NEXTHDR_TCP 6 /* TCP segment. */
#define NEXTHDR_UDP 17 /* UDP message. */
#define NEXTHDR_IPV6 41 /* IPv6 in IPv6 */
#define NEXTHDR_ROUTING 43 /* Routing header. */
#define NEXTHDR_FRAGMENT 44 /* Fragmentation/reassembly header. */
#define NEXTHDR_ESP 50 /* Encapsulating security payload. */
#define NEXTHDR_AUTH 51 /* Authentication header. */
#define NEXTHDR_ICMP 58 /* ICMP for IPv6. */
#define NEXTHDR_NONE 59 /* No next header */
#define NEXTHDR_DEST 60 /* Destination options header. */
#define NEXTHDR_MOBILITY 135 /* Mobility header. */
struct kni_ipv6_hdr
{
unsigned char ip6_flags[4];
unsigned short ip6_payload_len;
unsigned char ip6_nex_hdr;
unsigned char ip6_hop;
struct in6_addr ip6_src;
struct in6_addr ip6_dst;
};
struct kni_udp_hdr
{
unsigned short uh_sport; /* soure port */
unsigned short uh_dport; /* destination port */
unsigned short uh_ulen; /* length */
unsigned short uh_sum; /* checksum */
};
struct kni_tcp_hdr
{
unsigned short th_sport;
unsigned short th_dport;
unsigned int th_seq;
unsigned int th_ack;
# if __BYTE_ORDER == __LITTLE_ENDIAN
unsigned char th_x2:4,
th_off:4;
# elif __BYTE_ORDER == __BIG_ENDIAN
unsigned char th_off:4,
th_x2:4;
# else
# error "Adjust your <bits/endian.h> defines"
# endif
unsigned char th_flags;
unsigned short th_win;
unsigned short thsum;
unsigned short th_urp;
};
extern struct kni_var_comm g_kni_comminfo;
extern struct kni_var_struct g_kni_structinfo;
extern struct kni_var_maat g_kni_maatinfo;
extern struct kni_fs2_info g_kni_fs2_info;
extern struct kni_switch_info g_kni_switch_info;
extern int g_iThreadNum;
extern char g_kni_cardname[KNI_CARD_NUM][KNI_CONF_MAXLEN];
int kni_htable_del(const struct streaminfo* pstream,struct kni_pme_info* pmeinfo,const void* a_packet);
#endif
Reference in New Issue View Git Blame Copy Permalink