gfwleak/tango-maat
Archived
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

rename terminology "compile" to "rule"

Browse Source
This commit is contained in:
root
2024-08-22 03:11:15 +00:00
parent a4ca92ea41
commit 678ddd718a
44 changed files with 2586 additions and 2586 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
src/CMakeLists.txt
View File

@@ -13,7 +13,7 @@ add_definitions(-D_GNU_SOURCE)
add_definitions(-fPIC)
set(MAAT_SRC alignment.c json2iris.c maat_api.c rcu_hash.c maat_garbage_collection.c maat_config_monitor.c
maat_core.c maat_kv.c maat_ex_data.c maat_utils.c maat_command.c maat_redis_monitor.c maat_table.c
maat_compile.c maat_group.c maat_ip.c maat_flag.c maat_interval.c maat_expr.c maat_plugin.c
maat_rule.c maat_group.c maat_ip.c maat_flag.c maat_interval.c maat_expr.c maat_plugin.c
maat_ip_plugin.c maat_ipport_plugin.c maat_bool_plugin.c maat_fqdn_plugin.c maat_virtual.c maat_stat.c)
set(LIB_SOURCE_FILES

137
src/inc_internal/maat_compile.h
View File

@@ -1,137 +0,0 @@
/*
**********************************************************************************************
* File: maat_compile.h
* Description:
* Authors: Liu wentan <liuwentan@geedgenetworks.com>
* Date: 2022-10-31
* Copyright: (c) Since 2022 Geedge Networks, Ltd. All rights reserved.
***********************************************************************************************
*/
#ifndef _MAAT_COMPILE_H_
#define _MAAT_COMPILE_H_
#ifdef __cplusplus
extern "C"
{
#endif
#include "cJSON/cJSON.h"
#include "rcu_hash.h"
#include "maat.h"
#include "maat_kv.h"
#include "maat_core.h"
struct compile_schema;
struct compile_runtime;
struct compile_state;
struct group2group_runtime;
/* compile schema API */
void *compile_schema_new(cJSON *json, struct table_manager *tbl_mgr,
const char *table_name, struct log_handle *logger);
void compile_schema_free(void *compile_schema);
void *group2compile_schema_new(cJSON *json, struct table_manager *tbl_mgr,
const char *table_name, struct log_handle *logger);
void group2compile_schema_free(void *g2c_schema);
int group2compile_associated_compile_table_id(void *g2c_schema);
/* compile runtime API */
void *compile_runtime_new(void *compile_schema, size_t max_thread_num,
struct maat_garbage_bin *garbage_bin,
struct log_handle *logger);
void compile_runtime_free(void *compile_runtime);
void compile_runtime_init(void *compile_runtime, struct maat_runtime *maat_rt);
int compile_runtime_update(void *compile_runtime, void *compile_schema,
const char *table_name, const char *line,
int valid_column);
int compile_runtime_commit(void *compile_runtime, const char *table_name,
long long maat_rt_version);
long long compile_runtime_rule_count(void *compile_runtime);
long long compile_runtime_update_err_count(void *compile_runtime);
int compile_runtime_match(struct compile_runtime *compile_rt, long long *compile_ids,
size_t compile_ids_size, struct maat_state *state);
size_t compile_runtime_get_hit_paths(struct compile_runtime *compile_rt, int thread_id,
struct compile_state *compile_state,
struct maat_hit_path *hit_path_array,
size_t array_size, size_t n_hit_path);
/* group2compile runtime API */
void *group2compile_runtime_new(void *g2c_schema, size_t max_thread_num,
struct maat_garbage_bin *garbage_bin,
struct log_handle *logger);
void group2compile_runtime_init(void *g2c_runtime, void *compile_runtime);
void group2compile_runtime_free(void *g2c_runtime);
int group2compile_runtime_update(void *g2c_runtime, void *g2c_schema,
const char *table_name, const char *line,
int valid_column);
long long group2compile_runtime_not_clause_count(void *g2c_runtime);
long long group2compile_runtime_rule_count(void *g2c_runtime);
long long group2compile_runtime_update_err_count(void *g2c_runtime);
/* maat compile state API */
struct compile_state;
struct compile_state *compile_state_new(void);
void compile_state_reset(struct compile_state *compile_state);
void compile_state_free(struct compile_state *compile_state,
struct maat *maat_instance, int thread_id);
int compile_state_update(struct compile_state *compile_state, struct maat *maat_inst,
int vtable_id, int custom_compile_tbl_id, int Nth_scan,
struct maat_item *hit_items, size_t n_hit_item);
void compile_state_clear_last_hit_group(struct compile_state *compile_state);
void compile_state_not_logic_update(struct compile_state *compile_state,
struct compile_runtime *compile_rt,
struct maat *maat_inst, int vtable_id,
int Nth_scan);
size_t compile_state_get_internal_hit_paths(struct compile_state *compile_state,
struct compile_runtime *compile_rt,
struct group2group_runtime *g2g_rt,
struct maat_hit_path *hit_path_array,
size_t array_size);
size_t compile_state_get_direct_hit_groups(struct compile_state *compile_state,
struct maat_hit_group *group_array,
size_t array_size);
size_t compile_state_get_direct_hit_group_cnt(struct compile_state *compile_state);
size_t compile_state_get_indirect_hit_groups(struct compile_state *compile_state,
struct maat_hit_group *group_array,
size_t array_size);
size_t compile_state_get_indirect_hit_group_cnt(struct compile_state *compile_state);
size_t compile_state_get_last_hit_groups(struct compile_state *compile_state,
struct maat_hit_group *group_arary,
size_t array_size);
size_t compile_state_get_last_hit_group_cnt(struct compile_state *compile_state);
int compile_state_get_compile_table_id(struct compile_state *compile_state,
long long compile_id);
#ifdef __cplusplus
}
#endif
#endif

12
src/inc_internal/maat_core.h
View File

@@ -8,8 +8,8 @@
***********************************************************************************************
*/
#ifndef _MAAT_RULE_H_
#define _MAAT_RULE_H_
#ifndef _MAAT_CORE_H_
#define _MAAT_CORE_H_
#ifdef __cplusplus
extern "C"
@@ -153,9 +153,9 @@ struct maat_stat {
long long *thread_call_cnt;
long long *stream_cnt;
long long *hit_compile_cnt;
long long *hit_rule_cnt;
long long *maat_state_cnt;
long long *compile_state_cnt;
long long *rule_state_cnt;
long long *maat_state_free_cnt;
long long *maat_state_free_bytes;
@@ -189,11 +189,11 @@ struct maat {
struct maat_state {
struct maat *maat_inst;
struct compile_state *compile_state;
struct rule_state *rule_state;
int Nth_scan;
int district_id; //-1: Any District; -2: Unkonwn District;
uint16_t thread_id;
int16_t compile_table_id;
int16_t rule_table_id;
uint8_t district_flag;
uint8_t logic_not_flag;
};

137
src/inc_internal/maat_rule.h Normal file
View File

@@ -0,0 +1,137 @@
/*
**********************************************************************************************
* File: maat_rule.h
* Description:
* Authors: Liu wentan <liuwentan@geedgenetworks.com>
* Date: 2022-10-31
* Copyright: (c) Since 2022 Geedge Networks, Ltd. All rights reserved.
***********************************************************************************************
*/
#ifndef _MAAT_RULE_H_
#define _MAAT_RULE_H_
#ifdef __cplusplus
extern "C"
{
#endif
#include "cJSON/cJSON.h"
#include "rcu_hash.h"
#include "maat.h"
#include "maat_kv.h"
#include "maat_core.h"
struct rule_schema;
struct rule_runtime;
struct rule_state;
struct group2group_runtime;
/* rule schema API */
void *rule_schema_new(cJSON *json, struct table_manager *tbl_mgr,
const char *table_name, struct log_handle *logger);
void rule_schema_free(void *rule_schema);
void *group2rule_schema_new(cJSON *json, struct table_manager *tbl_mgr,
const char *table_name, struct log_handle *logger);
void group2rule_schema_free(void *g2c_schema);
int group2rule_associated_rule_table_id(void *g2c_schema);
/* rule runtime API */
void *rule_runtime_new(void *rule_schema, size_t max_thread_num,
struct maat_garbage_bin *garbage_bin,
struct log_handle *logger);
void rule_runtime_free(void *rule_runtime);
void rule_runtime_init(void *rule_runtime, struct maat_runtime *maat_rt);
int rule_runtime_update(void *rule_runtime, void *rule_schema,
const char *table_name, const char *line,
int valid_column);
int rule_runtime_commit(void *rule_runtime, const char *table_name,
long long maat_rt_version);
long long rule_runtime_rule_count(void *rule_runtime);
long long rule_runtime_update_err_count(void *rule_runtime);
int rule_runtime_match(struct rule_runtime *rule_rt, long long *rule_ids,
size_t rule_ids_size, struct maat_state *state);
size_t rule_runtime_get_hit_paths(struct rule_runtime *rule_rt, int thread_id,
struct rule_state *rule_state,
struct maat_hit_path *hit_path_array,
size_t array_size, size_t n_hit_path);
/* group2rule runtime API */
void *group2rule_runtime_new(void *g2c_schema, size_t max_thread_num,
struct maat_garbage_bin *garbage_bin,
struct log_handle *logger);
void group2rule_runtime_init(void *g2c_runtime, void *rule_runtime);
void group2rule_runtime_free(void *g2c_runtime);
int group2rule_runtime_update(void *g2c_runtime, void *g2c_schema,
const char *table_name, const char *line,
int valid_column);
long long group2rule_runtime_not_clause_count(void *g2c_runtime);
long long group2rule_runtime_rule_count(void *g2c_runtime);
long long group2rule_runtime_update_err_count(void *g2c_runtime);
/* maat rule state API */
struct rule_state;
struct rule_state *rule_state_new(void);
void rule_state_reset(struct rule_state *rule_state);
void rule_state_free(struct rule_state *rule_state,
struct maat *maat_instance, int thread_id);
int rule_state_update(struct rule_state *rule_state, struct maat *maat_inst,
int vtable_id, int custom_rule_tbl_id, int Nth_scan,
struct maat_item *hit_items, size_t n_hit_item);
void rule_state_clear_last_hit_group(struct rule_state *rule_state);
void rule_state_not_logic_update(struct rule_state *rule_state,
struct rule_runtime *rule_rt,
struct maat *maat_inst, int vtable_id,
int Nth_scan);
size_t rule_state_get_internal_hit_paths(struct rule_state *rule_state,
struct rule_runtime *rule_rt,
struct group2group_runtime *g2g_rt,
struct maat_hit_path *hit_path_array,
size_t array_size);
size_t rule_state_get_direct_hit_groups(struct rule_state *rule_state,
struct maat_hit_group *group_array,
size_t array_size);
size_t rule_state_get_direct_hit_group_cnt(struct rule_state *rule_state);
size_t rule_state_get_indirect_hit_groups(struct rule_state *rule_state,
struct maat_hit_group *group_array,
size_t array_size);
size_t rule_state_get_indirect_hit_group_cnt(struct rule_state *rule_state);
size_t rule_state_get_last_hit_groups(struct rule_state *rule_state,
struct maat_hit_group *group_arary,
size_t array_size);
size_t rule_state_get_last_hit_group_cnt(struct rule_state *rule_state);
int rule_state_get_rule_table_id(struct rule_state *rule_state,
long long rule_id);
#ifdef __cplusplus
}
#endif
#endif

16
src/inc_internal/maat_table.h
View File

@@ -39,9 +39,9 @@ enum table_type {
TABLE_TYPE_BOOL_PLUGIN,
//above are physical table
TABLE_TYPE_VIRTUAL,
TABLE_TYPE_COMPILE,
TABLE_TYPE_RULE,
TABLE_TYPE_GROUP2GROUP,
TABLE_TYPE_GROUP2COMPILE,
TABLE_TYPE_GROUP2RULE,
TABLE_TYPE_MAX
};
@@ -65,14 +65,14 @@ int table_manager_get_table_id(struct table_manager *tbl_mgr, const char *table_
* @brief get table_name's all conjunction parents' table_id
*
* for example: "table_id": 1,
* "table_name":"COMPILE_CONJ"
* "db_tables":["COMPILE_DEFAULT", "COMPILE_ALIAS"]
* "table_name":"RULE_CONJ"
* "db_tables":["RULE_DEFAULT", "RULE_ALIAS"]
*
* "table_id": 2,
* "table_name": "COMPILE_PLUGIN",
* "db_tables": ["COMPILE_DEFAULT"]
* "table_name": "RULE_PLUGIN",
* "db_tables": ["RULE_DEFAULT"]
*
* so COMPILE_DEFAULT has two conjunction parents whose table_id is 1 and 2.
* so RULE_DEFAULT has two conjunction parents whose table_id is 1 and 2.
*/
int table_manager_get_conj_parent_table_ids(struct table_manager *tbl_mgr, const char *table_name,
long long *table_ids_array, size_t n_table_ids_array);
@@ -84,7 +84,7 @@ const char *table_manager_get_table_schema_tag(struct table_manager *tbl_mgr, in
enum table_type table_manager_get_table_type(struct table_manager *tbl_mgr, int table_id);
int table_manager_get_default_compile_table_id(struct table_manager *tbl_mgr);
int table_manager_get_default_rule_table_id(struct table_manager *tbl_mgr);
int table_manager_get_group2group_table_id(struct table_manager *tbl_mgr);
int table_manager_get_valid_column(struct table_manager *tbl_mgr, int table_id);

2
src/inc_internal/maat_utils.h
View File

@@ -55,7 +55,7 @@ extern "C"
#endif
#define MAX_HIT_PATH_NUM 4096
#define MAX_HIT_COMPILE_NUM 4096
#define MAX_HIT_RULE_NUM 4096
#define MAX_HIT_GROUP_NUM 4096
#define MAX_HIT_ITEM_NUM 4096

206
src/json2iris.c
View File

@@ -35,7 +35,7 @@ const char *untitled_group_name = "Untitled";
long long untitled_group_id = 123456789;
enum maat_group_relation {
PARENT_TYPE_COMPILE = 0,
PARENT_TYPE_RULE = 0,
PARENT_TYPE_GROUP
};
@@ -68,8 +68,8 @@ struct iris_description {
struct iris_table *group_table;
struct iris_table *group2group_table;
struct iris_table *group2compile_table;
struct iris_table *compile_table;
struct iris_table *group2rule_table;
struct iris_table *rule_table;
struct group_info *group_name_map;
struct iris_table *iris_table_map;
@@ -130,7 +130,7 @@ static void free_iris_table_info(void *p)
static int
set_iris_descriptor(const char *json_file, cJSON *json,
const char *encrypt_key, const char *encrypt_algo,
const char *compile_tn, const char *group2compile_tn,
const char *rule_tn, const char *group2rule_tn,
const char* group2group_tn, redisContext *redis_write_ctx,
struct iris_description *iris_cfg)
{
@@ -181,10 +181,10 @@ set_iris_descriptor(const char *json_file, cJSON *json,
maat_kv_register(iris_cfg->str2int_map, "hexbin", 1);
maat_kv_register(iris_cfg->str2int_map, "case plain", 2);
iris_cfg->compile_table = query_table_info(iris_cfg, compile_tn,
TABLE_TYPE_COMPILE);
iris_cfg->group2compile_table = query_table_info(iris_cfg, group2compile_tn,
TABLE_TYPE_GROUP2COMPILE);
iris_cfg->rule_table = query_table_info(iris_cfg, rule_tn,
TABLE_TYPE_RULE);
iris_cfg->group2rule_table = query_table_info(iris_cfg, group2rule_tn,
TABLE_TYPE_GROUP2RULE);
iris_cfg->group2group_table = query_table_info(iris_cfg, group2group_tn,
TABLE_TYPE_GROUP2GROUP);
@@ -571,14 +571,14 @@ write_interval_line(cJSON *region_json, struct iris_description *p_iris,
}
static int
write_region_rule(cJSON *region_json, int compile_id, int group_id,
write_region_rule(cJSON *region_json, int rule_id, int group_id,
struct iris_description *p_iris, struct log_handle *logger)
{
cJSON *item = cJSON_GetObjectItem(region_json, "table_name");
if (NULL == item || item->type != cJSON_String) {
log_fatal(logger, MODULE_JSON2IRIS,
"[%s:%d] compile rule %d's table_name not defined "
"or format error", __FUNCTION__, __LINE__, compile_id);
"[%s:%d] rule rule %d's table_name not defined "
"or format error", __FUNCTION__, __LINE__, rule_id);
return -1;
}
const char *table_name = item->valuestring;
@@ -586,9 +586,9 @@ write_region_rule(cJSON *region_json, int compile_id, int group_id,
item = cJSON_GetObjectItem(region_json, "table_type");
if (NULL == item || item->type != cJSON_String) {
log_fatal(logger, MODULE_JSON2IRIS,
"[%s:%d] compile rule %d's table name %s's table_type "
"[%s:%d] rule rule %d's table name %s's table_type "
"not defined or format error", __FUNCTION__, __LINE__,
compile_id, table_name);
rule_id, table_name);
return -1;
}
@@ -597,17 +597,17 @@ write_region_rule(cJSON *region_json, int compile_id, int group_id,
int ret = maat_kv_read(p_iris->str2int_map, table_type_str, &table_type_int, 1);
if (ret != 1) {
log_fatal(logger, MODULE_JSON2IRIS,
"[%s:%d] compile rule %d table name %s's table_type %s invalid",
__FUNCTION__, __LINE__, compile_id, table_name, table_type_str);
"[%s:%d] rule rule %d table name %s's table_type %s invalid",
__FUNCTION__, __LINE__, rule_id, table_name, table_type_str);
return -1;
}
cJSON *table_content = cJSON_GetObjectItem(region_json, "table_content");
if (NULL == table_content || table_content->type != cJSON_Object) {
log_fatal(logger, MODULE_JSON2IRIS,
"[%s:%d] compile rule %d table name %s's table_content "
"[%s:%d] rule rule %d table name %s's table_content "
"not defined or format error", __FUNCTION__, __LINE__,
compile_id, table_name);
rule_id, table_name);
return -1;
}
@@ -642,8 +642,8 @@ write_region_rule(cJSON *region_json, int compile_id, int group_id,
}
static int
write_group2compile_line(int *group_ids, size_t n_group_id,
int compile_id, int group_not_flag,
write_group2rule_line(int *group_ids, size_t n_group_id,
int rule_id, int group_not_flag,
int clause_index, const char *vtable,
struct iris_description *p_iris,
struct iris_table *g2c_table)
@@ -654,10 +654,10 @@ write_group2compile_line(int *group_ids, size_t n_group_id,
if (g2c_table != NULL) {
table = g2c_table;
} else {
if (NULL == p_iris->group2compile_table) {
if (NULL == p_iris->group2rule_table) {
return -1;
}
table = p_iris->group2compile_table;
table = p_iris->group2rule_table;
}
if (n_group_id > 1) {
@@ -670,10 +670,10 @@ write_group2compile_line(int *group_ids, size_t n_group_id,
}
group_id_str[strlen(group_id_str) - 1] = '\0';
snprintf(buff, sizeof(buff), "%s\t%d\t%d\t%s\t%d\t1\n", group_id_str,
compile_id, group_not_flag, vtable, clause_index);
rule_id, group_not_flag, vtable, clause_index);
} else {
snprintf(buff, sizeof(buff), "%d\t%d\t%d\t%s\t%d\t1\n", group_ids[0],
compile_id, group_not_flag, vtable, clause_index);
rule_id, group_not_flag, vtable, clause_index);
}
table->write_pos += memcat(&(table->buff), table->write_pos,
@@ -748,7 +748,7 @@ write_group2group_line(int group_id, UT_array *incl_sub_group_ids,
static int
write_group_rule(cJSON *group_json, int parent_id,
int parent_type, int tracking_compile_id,
int parent_type, int tracking_rule_id,
int Nth_group, struct iris_description *p_iris,
struct log_handle *logger)
{
@@ -774,7 +774,7 @@ write_group_rule(cJSON *group_json, int parent_id,
cJSON *tmp_json = cJSON_GetArrayItem(item, i);
if (NULL == tmp_json || tmp_json->type != cJSON_String) {
log_fatal(logger, MODULE_JSON2IRIS,
"[%s:%d] group_name of compile:%d format error",
"[%s:%d] group_name of rule:%d format error",
__FUNCTION__, __LINE__, parent_id);
return -1;
}
@@ -789,7 +789,7 @@ write_group_rule(cJSON *group_json, int parent_id,
group_id = item->valueint;
}
if (parent_type == PARENT_TYPE_COMPILE) {
if (parent_type == PARENT_TYPE_RULE) {
item = cJSON_GetObjectItem(group_json, "virtual_table");
if (NULL == item || item->type != cJSON_String) {
virtual_table = "null";
@@ -814,7 +814,7 @@ write_group_rule(cJSON *group_json, int parent_id,
item = cJSON_GetObjectItem(group_json, "g2c_table_name");
if (item != NULL && item->type == cJSON_String) {
g2c_table = query_table_info(p_iris, item->valuestring,
TABLE_TYPE_GROUP2COMPILE);
TABLE_TYPE_GROUP2RULE);
}
}
@@ -831,8 +831,8 @@ write_group_rule(cJSON *group_json, int parent_id,
}
group_ids[i] = group_info->group_id;
}
assert(parent_type == PARENT_TYPE_COMPILE);
ret = write_group2compile_line(group_ids, group_name_cnt, parent_id,
assert(parent_type == PARENT_TYPE_RULE);
ret = write_group2rule_line(group_ids, group_name_cnt, parent_id,
group_not_flag, clause_index,
virtual_table, p_iris, g2c_table);
@@ -858,12 +858,12 @@ write_group_rule(cJSON *group_json, int parent_id,
if (region_json != NULL) {
cJSON *region_rule = NULL;
cJSON_ArrayForEach(region_rule, region_json) {
ret = write_region_rule(region_rule, tracking_compile_id,
ret = write_region_rule(region_rule, tracking_rule_id,
group_info->group_id, p_iris, logger);
if (ret < 0) {
log_fatal(logger, MODULE_JSON2IRIS,
"[%s:%d] compile rule %d write region error",
__FUNCTION__, __LINE__, tracking_compile_id);
"[%s:%d] rule rule %d write region error",
__FUNCTION__, __LINE__, tracking_rule_id);
return -1;
}
}
@@ -876,7 +876,7 @@ write_group_rule(cJSON *group_json, int parent_id,
cJSON_ArrayForEach(item, sub_groups) {
i++;
ret = write_group_rule(item, group_info->group_id,
PARENT_TYPE_GROUP, tracking_compile_id,
PARENT_TYPE_GROUP, tracking_rule_id,
i, p_iris, logger);
if (ret < 0) {
return -1;
@@ -886,19 +886,19 @@ write_group_rule(cJSON *group_json, int parent_id,
if (NULL == region_json && NULL == sub_groups) {
log_info(logger, MODULE_JSON2IRIS,
"[%s:%d] A group of compile rule %d has neither regions, "
"[%s:%d] A group of rule rule %d has neither regions, "
"sub groups, nor refered another existed group",
__FUNCTION__, __LINE__, tracking_compile_id);
__FUNCTION__, __LINE__, tracking_rule_id);
}
}
if (parent_type == PARENT_TYPE_COMPILE) {
ret = write_group2compile_line(&(group_info->group_id), 1, parent_id,
if (parent_type == PARENT_TYPE_RULE) {
ret = write_group2rule_line(&(group_info->group_id), 1, parent_id,
group_not_flag, clause_index,
virtual_table, p_iris, g2c_table);
if (ret < 0) {
log_fatal(logger, MODULE_JSON2IRIS,
"[%s:%d] compile:%d write group error",
"[%s:%d] rule:%d write group error",
__FUNCTION__, __LINE__, parent_id);
return -1;
}
@@ -909,19 +909,19 @@ write_group_rule(cJSON *group_json, int parent_id,
}
static int
write_compile_line(cJSON *compile, struct iris_description *p_iris,
write_rule_line(cJSON *rule, struct iris_description *p_iris,
struct log_handle *logger)
{
cJSON *item=cJSON_GetObjectItem(compile, "compile_id");
cJSON *item=cJSON_GetObjectItem(rule, "rule_id");
if (item->type != cJSON_Number) {
log_fatal(logger, MODULE_JSON2IRIS,
"[%s:%d] compile_id format not number",
"[%s:%d] rule_id format not number",
__FUNCTION__, __LINE__);
return -1;
}
int compile_id = item->valueint;
int rule_id = item->valueint;
cJSON *group_array = cJSON_GetObjectItem(compile, "groups");
cJSON *group_array = cJSON_GetObjectItem(rule, "groups");
int group_num = cJSON_GetArraySize(group_array);
int *clause_ids = ALLOC(int, group_num);
int clause_num = 0;
@@ -950,80 +950,80 @@ write_compile_line(cJSON *compile, struct iris_description *p_iris,
clause_num = group_num;
}
cJSON_AddNumberToObject(compile, "clause_num", clause_num);
cJSON_AddNumberToObject(rule, "clause_num", clause_num);
struct translate_command compile_cmd[MAX_COLUMN_NUM];
memset(compile_cmd, 0, sizeof(compile_cmd));
struct translate_command rule_cmd[MAX_COLUMN_NUM];
memset(rule_cmd, 0, sizeof(rule_cmd));
int cmd_cnt = 0;
compile_cmd[cmd_cnt].json_string = "compile_id";
compile_cmd[cmd_cnt].json_type = cJSON_Number;
rule_cmd[cmd_cnt].json_string = "rule_id";
rule_cmd[cmd_cnt].json_type = cJSON_Number;
cmd_cnt++;
compile_cmd[cmd_cnt].json_string = "service";
compile_cmd[cmd_cnt].json_type = cJSON_Number;
rule_cmd[cmd_cnt].json_string = "service";
rule_cmd[cmd_cnt].json_type = cJSON_Number;
cmd_cnt++;
compile_cmd[cmd_cnt].json_string = "action";
compile_cmd[cmd_cnt].json_type = cJSON_Number;
rule_cmd[cmd_cnt].json_string = "action";
rule_cmd[cmd_cnt].json_type = cJSON_Number;
cmd_cnt++;
compile_cmd[cmd_cnt].json_string = "do_blacklist";
compile_cmd[cmd_cnt].json_type = cJSON_Number;
rule_cmd[cmd_cnt].json_string = "do_blacklist";
rule_cmd[cmd_cnt].json_type = cJSON_Number;
cmd_cnt++;
compile_cmd[cmd_cnt].json_string = "do_log";
compile_cmd[cmd_cnt].json_type = cJSON_Number;
rule_cmd[cmd_cnt].json_string = "do_log";
rule_cmd[cmd_cnt].json_type = cJSON_Number;
cmd_cnt++;
compile_cmd[cmd_cnt].json_string = "tags";
compile_cmd[cmd_cnt].json_type = cJSON_String;
compile_cmd[cmd_cnt].empty_allowed = 1;
compile_cmd[cmd_cnt].default_string = "{}";
rule_cmd[cmd_cnt].json_string = "tags";
rule_cmd[cmd_cnt].json_type = cJSON_String;
rule_cmd[cmd_cnt].empty_allowed = 1;
rule_cmd[cmd_cnt].default_string = "{}";
cmd_cnt++;
compile_cmd[cmd_cnt].json_string = "user_region";
compile_cmd[cmd_cnt].json_type = cJSON_String;
rule_cmd[cmd_cnt].json_string = "user_region";
rule_cmd[cmd_cnt].json_type = cJSON_String;
cmd_cnt++;
compile_cmd[cmd_cnt].json_string = "clause_num";
compile_cmd[cmd_cnt].json_type = cJSON_Number;
rule_cmd[cmd_cnt].json_string = "clause_num";
rule_cmd[cmd_cnt].json_type = cJSON_Number;
cmd_cnt++;
compile_cmd[cmd_cnt].json_string = "is_valid";
compile_cmd[cmd_cnt].json_type = cJSON_String;
compile_cmd[cmd_cnt].str2int_flag = 1;
rule_cmd[cmd_cnt].json_string = "is_valid";
rule_cmd[cmd_cnt].json_type = cJSON_String;
rule_cmd[cmd_cnt].str2int_flag = 1;
cmd_cnt++;
compile_cmd[cmd_cnt].json_string = "modified_time";
compile_cmd[cmd_cnt].json_type = cJSON_String;
compile_cmd[cmd_cnt].empty_allowed = 1;
rule_cmd[cmd_cnt].json_string = "modified_time";
rule_cmd[cmd_cnt].json_type = cJSON_String;
rule_cmd[cmd_cnt].empty_allowed = 1;
time_t curr_time;
time(&curr_time);
static char temp[21];
snprintf(temp, 21, "%ld", curr_time);
compile_cmd[cmd_cnt].default_string = temp;
rule_cmd[cmd_cnt].default_string = temp;
cmd_cnt++;
struct iris_table *table_info = NULL;
item = cJSON_GetObjectItem(compile,"compile_table_name");
item = cJSON_GetObjectItem(rule,"rule_table_name");
if (NULL == item || item->type != cJSON_String) {
if (NULL == p_iris->compile_table) {
if (NULL == p_iris->rule_table) {
return -1;
}
table_info = p_iris->compile_table;
table_info = p_iris->rule_table;
} else {
table_info = query_table_info(p_iris, item->valuestring, TABLE_TYPE_COMPILE);
table_info = query_table_info(p_iris, item->valuestring, TABLE_TYPE_RULE);
}
int ret = direct_write_rule(compile, p_iris->str2int_map, compile_cmd,
int ret = direct_write_rule(rule, p_iris->str2int_map, rule_cmd,
cmd_cnt, table_info, logger);
if (ret < 0) {
return -1;
}
return compile_id;
return rule_id;
}
static void write_table_idx(struct iris_description *p_iris,
@@ -1228,44 +1228,44 @@ static int write_iris(cJSON *json, struct iris_description *p_iris,
}
}
int compile_cnt = 0;
cJSON *compile_array = cJSON_GetObjectItem(json, "rules");
if (compile_array != NULL) {
compile_cnt = cJSON_GetArraySize(compile_array);
int rule_cnt = 0;
cJSON *rule_array = cJSON_GetObjectItem(json, "rules");
if (rule_array != NULL) {
rule_cnt = cJSON_GetArraySize(rule_array);
}
if (compile_cnt > 0) {
cJSON *compile_obj = NULL;
cJSON_ArrayForEach(compile_obj, compile_array) {
int compile_id = write_compile_line(compile_obj, p_iris, logger);
if (compile_id < 0) {
if (rule_cnt > 0) {
cJSON *rule_obj = NULL;
cJSON_ArrayForEach(rule_obj, rule_array) {
int rule_id = write_rule_line(rule_obj, p_iris, logger);
if (rule_id < 0) {
log_fatal(logger, MODULE_JSON2IRIS,
"[%s:%d] In %d compile rule",
"[%s:%d] In %d rule rule",
__FUNCTION__, __LINE__, i);
return -1;
}
group_array = cJSON_GetObjectItem(compile_obj, "groups");
group_array = cJSON_GetObjectItem(rule_obj, "groups");
if (NULL == group_array) {
log_fatal(logger, MODULE_JSON2IRIS,
"[%s:%d] compile rule %d have no group",
__FUNCTION__, __LINE__, compile_id);
"[%s:%d] rule rule %d have no group",
__FUNCTION__, __LINE__, rule_id);
return -1;
}
int group_cnt = cJSON_GetArraySize(group_array);
if (group_cnt <= 0) {
log_fatal(logger, MODULE_JSON2IRIS,
"[%s:%d] compile rule %d have no groups",
__FUNCTION__, __LINE__, compile_id);
"[%s:%d] rule rule %d have no groups",
__FUNCTION__, __LINE__, rule_id);
return -1;
}
i = 0;
cJSON *group_obj = NULL;
cJSON_ArrayForEach(group_obj, group_array) {
ret = write_group_rule(group_obj, compile_id, PARENT_TYPE_COMPILE,
compile_id, i, p_iris, logger);
ret = write_group_rule(group_obj, rule_id, PARENT_TYPE_RULE,
rule_id, i, p_iris, logger);
if (ret < 0) {
return -1;
}
@@ -1273,8 +1273,8 @@ static int write_iris(cJSON *json, struct iris_description *p_iris,
}
}
cJSON_ArrayForEach(compile_obj, compile_array) {
cJSON *group_array = cJSON_GetObjectItem(compile_obj, "groups");
cJSON_ArrayForEach(rule_obj, rule_array) {
cJSON *group_array = cJSON_GetObjectItem(rule_obj, "groups");
cJSON *group_obj = NULL;
cJSON_ArrayForEach(group_obj, group_array) {
@@ -1306,8 +1306,8 @@ int json2iris(const char *json_buff, const char *json_filename,
{
int ret = -1;
cJSON *tmp_obj = NULL;
const char *compile_tbl_name = NULL;
const char *group2compile_tbl_name = NULL;
const char *rule_tbl_name = NULL;
const char *group2rule_tbl_name = NULL;
const char *group2group_tbl_name = NULL;
struct iris_description iris_cfg;
@@ -1321,14 +1321,14 @@ int json2iris(const char *json_buff, const char *json_filename,
goto error_out;
}
tmp_obj = cJSON_GetObjectItem(json, "compile_table");
tmp_obj = cJSON_GetObjectItem(json, "rule_table");
if (tmp_obj) {
compile_tbl_name = tmp_obj->valuestring;
rule_tbl_name = tmp_obj->valuestring;
}
tmp_obj = cJSON_GetObjectItem(json, "group2compile_table");
tmp_obj = cJSON_GetObjectItem(json, "group2rule_table");
if (tmp_obj) {
group2compile_tbl_name = tmp_obj->valuestring;
group2rule_tbl_name = tmp_obj->valuestring;
}
tmp_obj = cJSON_GetObjectItem(json, "group2group_table");
@@ -1337,7 +1337,7 @@ int json2iris(const char *json_buff, const char *json_filename,
}
ret = set_iris_descriptor(json_filename, json, encrypt_key, encrypt_algo,
compile_tbl_name, group2compile_tbl_name,
rule_tbl_name, group2rule_tbl_name,
group2group_tbl_name, redis_write_ctx, &iris_cfg);
if (ret < 0) {
goto error_out;

252
src/maat_api.c
View File

@@ -24,7 +24,7 @@
#include "maat_table.h"
#include "maat_config_monitor.h"
#include "maat_redis_monitor.h"
#include "maat_compile.h"
#include "maat_rule.h"
#include "alignment.h"
#include "ip_matcher.h"
#include "adapter_hs.h"
@@ -1300,23 +1300,23 @@ string_scan(struct table_manager *tbl_mgr, int thread_id,
}
static size_t
group_to_compile(struct maat *maat_inst, long long *results, size_t n_result,
group_to_rule(struct maat *maat_inst, long long *results, size_t n_result,
struct maat_state *state)
{
int compile_table_id =
table_manager_get_default_compile_table_id(maat_inst->tbl_mgr);
int rule_table_id =
table_manager_get_default_rule_table_id(maat_inst->tbl_mgr);
if (state->compile_table_id > 0) {
compile_table_id = state->compile_table_id;
if (state->rule_table_id > 0) {
rule_table_id = state->rule_table_id;
}
void *compile_rt = table_manager_get_runtime(maat_inst->tbl_mgr,
compile_table_id);
if (NULL == compile_rt) {
void *rule_rt = table_manager_get_runtime(maat_inst->tbl_mgr,
rule_table_id);
if (NULL == rule_rt) {
return 0;
}
return compile_runtime_match((struct compile_runtime *)compile_rt,
return rule_runtime_match((struct rule_runtime *)rule_rt,
results, n_result, state);
}
@@ -1372,15 +1372,15 @@ int maat_scan_flag(struct maat *maat_inst, int table_id,
maat_runtime_ref_inc(maat_rt, state->thread_id);
size_t sum_hit_compile_cnt = 0;
size_t sum_hit_rule_cnt = 0;
if (hit_group_cnt > 0) {
sum_hit_compile_cnt = group_to_compile(maat_inst, results, n_result, state);
*n_hit_result = sum_hit_compile_cnt;
sum_hit_rule_cnt = group_to_rule(maat_inst, results, n_result, state);
*n_hit_result = sum_hit_rule_cnt;
}
if (sum_hit_compile_cnt > 0) {
alignment_int64_array_add(maat_inst->stat->hit_compile_cnt, state->thread_id,
sum_hit_compile_cnt);
if (sum_hit_rule_cnt > 0) {
alignment_int64_array_add(maat_inst->stat->hit_rule_cnt, state->thread_id,
sum_hit_rule_cnt);
}
void *flag_rt = table_manager_get_runtime(maat_inst->tbl_mgr, phy_table_id);
@@ -1395,7 +1395,7 @@ int maat_scan_flag(struct maat *maat_inst, int table_id,
maat_runtime_ref_dec(maat_rt, state->thread_id);
if (sum_hit_compile_cnt > 0) {
if (sum_hit_rule_cnt > 0) {
return MAAT_SCAN_HIT;
} else if (hit_group_cnt > 0) {
return MAAT_SCAN_HALF_HIT;
@@ -1457,15 +1457,15 @@ int maat_scan_integer(struct maat *maat_inst, int table_id,
maat_runtime_ref_inc(maat_rt, state->thread_id);
size_t sum_hit_compile_cnt = 0;
size_t sum_hit_rule_cnt = 0;
if (hit_group_cnt > 0) {
sum_hit_compile_cnt = group_to_compile(maat_inst, results, n_result, state);
*n_hit_result = sum_hit_compile_cnt;
sum_hit_rule_cnt = group_to_rule(maat_inst, results, n_result, state);
*n_hit_result = sum_hit_rule_cnt;
}
if (sum_hit_compile_cnt > 0) {
alignment_int64_array_add(maat_inst->stat->hit_compile_cnt, state->thread_id,
sum_hit_compile_cnt);
if (sum_hit_rule_cnt > 0) {
alignment_int64_array_add(maat_inst->stat->hit_rule_cnt, state->thread_id,
sum_hit_rule_cnt);
}
void *interval_rt = table_manager_get_runtime(maat_inst->tbl_mgr, phy_table_id);
@@ -1480,7 +1480,7 @@ int maat_scan_integer(struct maat *maat_inst, int table_id,
maat_runtime_ref_dec(maat_rt, state->thread_id);
if (sum_hit_compile_cnt > 0) {
if (sum_hit_rule_cnt > 0) {
return MAAT_SCAN_HIT;
} else if (hit_group_cnt > 0) {
return MAAT_SCAN_HALF_HIT;
@@ -1541,15 +1541,15 @@ int maat_scan_ipv4_port(struct maat *maat_inst, int table_id, uint32_t ip_addr,
maat_runtime_ref_inc(maat_rt, state->thread_id);
size_t sum_hit_compile_cnt = 0;
size_t sum_hit_rule_cnt = 0;
if (hit_group_cnt > 0) {
sum_hit_compile_cnt = group_to_compile(maat_inst, results, n_result, state);
*n_hit_result = sum_hit_compile_cnt;
sum_hit_rule_cnt = group_to_rule(maat_inst, results, n_result, state);
*n_hit_result = sum_hit_rule_cnt;
}
if (sum_hit_compile_cnt > 0) {
alignment_int64_array_add(maat_inst->stat->hit_compile_cnt, state->thread_id,
sum_hit_compile_cnt);
if (sum_hit_rule_cnt > 0) {
alignment_int64_array_add(maat_inst->stat->hit_rule_cnt, state->thread_id,
sum_hit_rule_cnt);
}
void *ip_rt = table_manager_get_runtime(maat_inst->tbl_mgr, phy_table_id);
@@ -1564,7 +1564,7 @@ int maat_scan_ipv4_port(struct maat *maat_inst, int table_id, uint32_t ip_addr,
maat_runtime_ref_dec(maat_rt, state->thread_id);
if (sum_hit_compile_cnt > 0) {
if (sum_hit_rule_cnt > 0) {
return MAAT_SCAN_HIT;
} else if (hit_group_cnt > 0) {
return MAAT_SCAN_HALF_HIT;
@@ -1625,15 +1625,15 @@ int maat_scan_ipv6_port(struct maat *maat_inst, int table_id, uint8_t *ip_addr,
maat_runtime_ref_inc(maat_rt, state->thread_id);
size_t sum_hit_compile_cnt = 0;
size_t sum_hit_rule_cnt = 0;
if (hit_group_cnt > 0) {
sum_hit_compile_cnt = group_to_compile(maat_inst, results, n_result, state);
*n_hit_result = sum_hit_compile_cnt;
sum_hit_rule_cnt = group_to_rule(maat_inst, results, n_result, state);
*n_hit_result = sum_hit_rule_cnt;
}
if (sum_hit_compile_cnt > 0) {
alignment_int64_array_add(maat_inst->stat->hit_compile_cnt, state->thread_id,
sum_hit_compile_cnt);
if (sum_hit_rule_cnt > 0) {
alignment_int64_array_add(maat_inst->stat->hit_rule_cnt, state->thread_id,
sum_hit_rule_cnt);
}
void *ip_rt = table_manager_get_runtime(maat_inst->tbl_mgr, phy_table_id);
@@ -1648,7 +1648,7 @@ int maat_scan_ipv6_port(struct maat *maat_inst, int table_id, uint8_t *ip_addr,
maat_runtime_ref_dec(maat_rt, state->thread_id);
if (sum_hit_compile_cnt > 0) {
if (sum_hit_rule_cnt > 0) {
return MAAT_SCAN_HIT;
} else if (hit_group_cnt > 0) {
return MAAT_SCAN_HALF_HIT;
@@ -1728,15 +1728,15 @@ int maat_scan_string(struct maat *maat_inst, int table_id,
maat_runtime_ref_inc(maat_rt, state->thread_id);
size_t sum_hit_compile_cnt = 0;
size_t sum_hit_rule_cnt = 0;
if (hit_group_cnt > 0) {
sum_hit_compile_cnt = group_to_compile(maat_inst, results, n_result, state);
*n_hit_result = sum_hit_compile_cnt;
sum_hit_rule_cnt = group_to_rule(maat_inst, results, n_result, state);
*n_hit_result = sum_hit_rule_cnt;
}
if (sum_hit_compile_cnt > 0) {
alignment_int64_array_add(maat_inst->stat->hit_compile_cnt, state->thread_id,
sum_hit_compile_cnt);
if (sum_hit_rule_cnt > 0) {
alignment_int64_array_add(maat_inst->stat->hit_rule_cnt, state->thread_id,
sum_hit_rule_cnt);
}
void *expr_rt = table_manager_get_runtime(maat_inst->tbl_mgr, phy_table_id);
@@ -1751,7 +1751,7 @@ int maat_scan_string(struct maat *maat_inst, int table_id,
maat_runtime_ref_dec(maat_rt, state->thread_id);
if (sum_hit_compile_cnt > 0) {
if (sum_hit_rule_cnt > 0) {
return MAAT_SCAN_HIT;
} else if (hit_group_cnt > 0) {
return MAAT_SCAN_HALF_HIT;
@@ -1765,14 +1765,14 @@ static void maat_state_add_hit_group(struct maat_state *state, int table_id,
{
struct maat *maat_inst = state->maat_inst;
//clear compile_state->last_hit_group
if (state != NULL && state->compile_state != NULL) {
compile_state_clear_last_hit_group(state->compile_state);
//clear rule_state->last_hit_group
if (state != NULL && state->rule_state != NULL) {
rule_state_clear_last_hit_group(state->rule_state);
}
if (NULL == state->compile_state) {
state->compile_state = compile_state_new();
alignment_int64_array_add(maat_inst->stat->compile_state_cnt,
if (NULL == state->rule_state) {
state->rule_state = rule_state_new();
alignment_int64_array_add(maat_inst->stat->rule_state_cnt,
state->thread_id, 1);
}
@@ -1787,8 +1787,8 @@ static void maat_state_add_hit_group(struct maat_state *state, int table_id,
hit_items[i].group_id = groups[i].group_id;
}
compile_state_update(state->compile_state, maat_inst, table_id,
state->compile_table_id, state->Nth_scan,
rule_state_update(state->rule_state, maat_inst, table_id,
state->rule_table_id, state->Nth_scan,
hit_items, n_hit_item);
}
@@ -1800,24 +1800,24 @@ maat_state_activate_hit_not_group(struct maat_state *state, int table_id)
}
struct maat *maat_inst = state->maat_inst;
int compile_table_id =
table_manager_get_default_compile_table_id(maat_inst->tbl_mgr);
if (state->compile_table_id > 0) {
compile_table_id = state->compile_table_id;
int rule_table_id =
table_manager_get_default_rule_table_id(maat_inst->tbl_mgr);
if (state->rule_table_id > 0) {
rule_table_id = state->rule_table_id;
}
struct compile_runtime *compile_rt =
table_manager_get_runtime(maat_inst->tbl_mgr, compile_table_id);
if (NULL == compile_rt) {
struct rule_runtime *rule_rt =
table_manager_get_runtime(maat_inst->tbl_mgr, rule_table_id);
if (NULL == rule_rt) {
return;
}
//clear compile_state->last_hit_group
if (state != NULL && state->compile_state != NULL) {
compile_state_clear_last_hit_group(state->compile_state);
//clear rule_state->last_hit_group
if (state != NULL && state->rule_state != NULL) {
rule_state_clear_last_hit_group(state->rule_state);
}
compile_state_not_logic_update(state->compile_state, compile_rt, maat_inst,
rule_state_not_logic_update(state->rule_state, rule_rt, maat_inst,
table_id, state->Nth_scan);
}
@@ -1860,13 +1860,13 @@ int maat_scan_group(struct maat *maat_inst, int table_id,
alignment_int64_array_add(maat_inst->stat->thread_call_cnt, state->thread_id, 1);
maat_state_add_hit_group(state, table_id, groups, n_group);
size_t hit_compile_cnt = group_to_compile(maat_inst, results, n_result, state);
*n_hit_result = hit_compile_cnt;
size_t hit_rule_cnt = group_to_rule(maat_inst, results, n_result, state);
*n_hit_result = hit_rule_cnt;
maat_runtime_ref_dec(maat_rt, state->thread_id);
if (hit_compile_cnt > 0) {
alignment_int64_array_add(maat_inst->stat->hit_compile_cnt, state->thread_id,
hit_compile_cnt);
if (hit_rule_cnt > 0) {
alignment_int64_array_add(maat_inst->stat->hit_rule_cnt, state->thread_id,
hit_rule_cnt);
return MAAT_SCAN_HIT;
}
@@ -1883,7 +1883,7 @@ int maat_scan_not_logic(struct maat *maat_inst, int table_id,
return -1;
}
if (NULL == state->compile_state) {
if (NULL == state->rule_state) {
return 0;
}
@@ -1896,13 +1896,13 @@ int maat_scan_not_logic(struct maat *maat_inst, int table_id,
alignment_int64_array_add(maat_inst->stat->thread_call_cnt, state->thread_id, 1);
maat_state_activate_hit_not_group(state, table_id);
size_t hit_compile_cnt = group_to_compile(maat_inst, results, n_result, state);
*n_hit_result = hit_compile_cnt;
size_t hit_rule_cnt = group_to_rule(maat_inst, results, n_result, state);
*n_hit_result = hit_rule_cnt;
maat_runtime_ref_dec(maat_rt, state->thread_id);
if (hit_compile_cnt > 0) {
alignment_int64_array_add(maat_inst->stat->hit_compile_cnt, state->thread_id,
hit_compile_cnt);
if (hit_rule_cnt > 0) {
alignment_int64_array_add(maat_inst->stat->hit_rule_cnt, state->thread_id,
hit_rule_cnt);
return MAAT_SCAN_HIT;
}
@@ -2061,15 +2061,15 @@ int maat_stream_scan(struct maat_stream *maat_stream, const char *data, int data
return MAAT_SCAN_ERR;
}
size_t sum_hit_compile_cnt = 0;
size_t sum_hit_rule_cnt = 0;
if (hit_group_cnt > 0) {
sum_hit_compile_cnt = group_to_compile(maat_inst, results, n_result, state);
*n_hit_result = sum_hit_compile_cnt;
sum_hit_rule_cnt = group_to_rule(maat_inst, results, n_result, state);
*n_hit_result = sum_hit_rule_cnt;
}
if (sum_hit_compile_cnt > 0) {
alignment_int64_array_add(maat_inst->stat->hit_compile_cnt, maat_stream->thread_id,
sum_hit_compile_cnt);
if (sum_hit_rule_cnt > 0) {
alignment_int64_array_add(maat_inst->stat->hit_rule_cnt, maat_stream->thread_id,
sum_hit_rule_cnt);
}
if (1 == maat_inst->opts.perf_on) {
@@ -2079,7 +2079,7 @@ int maat_stream_scan(struct maat_stream *maat_stream, const char *data, int data
expr_runtime_perf_stat(expr_rt, data_len, NULL, NULL, state->thread_id);
}
if (sum_hit_compile_cnt > 0) {
if (sum_hit_rule_cnt > 0) {
return MAAT_SCAN_HIT;
} else if (hit_group_cnt > 0) {
return MAAT_SCAN_HALF_HIT;
@@ -2130,7 +2130,7 @@ struct maat_state *maat_state_new(struct maat *maat_inst, int thread_id)
state->district_id = DISTRICT_ANY;
state->thread_id = thread_id;
/* state->compile_state no need to alloc memory at this point,
/* state->rule_state no need to alloc memory at this point,
but alloc it after hitting items
*/
alignment_int64_array_add(maat_inst->stat->maat_state_cnt, thread_id, 1);
@@ -2144,13 +2144,13 @@ void maat_state_reset(struct maat_state *state)
return;
}
state->compile_table_id = 0;
state->rule_table_id = 0;
state->district_flag = DISTRICT_FLAG_UNSET;
state->district_id = DISTRICT_ANY;
state->Nth_scan = 0;
if (state->compile_state != NULL) {
compile_state_reset(state->compile_state);
if (state->rule_state != NULL) {
rule_state_reset(state->rule_state);
}
}
@@ -2165,10 +2165,10 @@ void maat_state_free(struct maat_state *state)
struct maat *maat_inst = state->maat_inst;
long long thread_id = state->thread_id;
if (state->compile_state != NULL) {
compile_state_free(state->compile_state, maat_inst, thread_id);
state->compile_state = NULL;
alignment_int64_array_add(maat_inst->stat->compile_state_cnt,
if (state->rule_state != NULL) {
rule_state_free(state->rule_state, maat_inst, thread_id);
state->rule_state = NULL;
alignment_int64_array_add(maat_inst->stat->rule_state_cnt,
thread_id, -1);
}
@@ -2244,10 +2244,10 @@ int maat_state_set_scan_district(struct maat_state *state, int table_id,
return 0;
}
int maat_state_set_scan_compile_table(struct maat_state *state,
int compile_table_id)
int maat_state_set_scan_rule_table(struct maat_state *state,
int rule_table_id)
{
if (NULL == state || compile_table_id < 0) {
if (NULL == state || rule_table_id < 0) {
return -1;
}
@@ -2258,25 +2258,25 @@ int maat_state_set_scan_compile_table(struct maat_state *state,
return -1;
}
state->compile_table_id = compile_table_id;
state->rule_table_id = rule_table_id;
return 0;
}
int maat_state_get_compile_table_ids(struct maat_state *state, long long *compile_ids,
size_t n_compile_ids, int *compile_table_ids)
int maat_state_get_rule_table_ids(struct maat_state *state, long long *rule_ids,
size_t n_rule_ids, int *rule_table_ids)
{
if (NULL == state || NULL == compile_ids || 0 == n_compile_ids ||
NULL == compile_table_ids) {
if (NULL == state || NULL == rule_ids || 0 == n_rule_ids ||
NULL == rule_table_ids) {
return -1;
}
for (size_t i = 0; i < n_compile_ids; i++) {
compile_table_ids[i] = compile_state_get_compile_table_id(state->compile_state,
compile_ids[i]);
for (size_t i = 0; i < n_rule_ids; i++) {
rule_table_ids[i] = rule_state_get_rule_table_id(state->rule_state,
rule_ids[i]);
}
return n_compile_ids;
return n_rule_ids;
}
int maat_state_get_hit_paths(struct maat_state *state, struct maat_hit_path *path_array,
@@ -2293,19 +2293,19 @@ int maat_state_get_hit_paths(struct maat_state *state, struct maat_hit_path *pat
return -1;
}
if (NULL == state->compile_state) {
if (NULL == state->rule_state) {
return 0;
}
int compile_table_id =
table_manager_get_default_compile_table_id(maat_inst->tbl_mgr);
if (state->compile_table_id > 0) {
compile_table_id = state->compile_table_id;
int rule_table_id =
table_manager_get_default_rule_table_id(maat_inst->tbl_mgr);
if (state->rule_table_id > 0) {
rule_table_id = state->rule_table_id;
}
void *compile_rt = table_manager_get_runtime(maat_inst->tbl_mgr,
compile_table_id);
if (NULL == compile_rt) {
void *rule_rt = table_manager_get_runtime(maat_inst->tbl_mgr,
rule_table_id);
if (NULL == rule_rt) {
return -1;
}
@@ -2313,13 +2313,13 @@ int maat_state_get_hit_paths(struct maat_state *state, struct maat_hit_path *pat
void *g2g_runtime = table_manager_get_runtime(maat_inst->tbl_mgr, g2g_table_id);
size_t hit_path_cnt =
compile_state_get_internal_hit_paths(state->compile_state,
(struct compile_runtime *)compile_rt,
rule_state_get_internal_hit_paths(state->rule_state,
(struct rule_runtime *)rule_rt,
(struct group2group_runtime *)g2g_runtime,
path_array, array_size);
return compile_runtime_get_hit_paths((struct compile_runtime *)compile_rt,
state->thread_id, state->compile_state,
return rule_runtime_get_hit_paths((struct rule_runtime *)rule_rt,
state->thread_id, state->rule_state,
path_array, array_size, hit_path_cnt);
}
@@ -2340,21 +2340,21 @@ int maat_state_get_direct_hit_groups(struct maat_state *state,
return -1;
}
if (NULL == state->compile_state) {
if (NULL == state->rule_state) {
return 0;
}
return compile_state_get_direct_hit_groups(state->compile_state,
return rule_state_get_direct_hit_groups(state->rule_state,
group_array, array_size);
}
size_t maat_state_get_direct_hit_group_cnt(struct maat_state *state)
{
if (NULL == state || NULL == state->compile_state) {
if (NULL == state || NULL == state->rule_state) {
return 0;
}
return compile_state_get_direct_hit_group_cnt(state->compile_state);
return rule_state_get_direct_hit_group_cnt(state->rule_state);
}
int maat_state_get_indirect_hit_groups(struct maat_state *state,
@@ -2365,40 +2365,40 @@ int maat_state_get_indirect_hit_groups(struct maat_state *state,
return -1;
}
if (NULL == state->compile_state) {
if (NULL == state->rule_state) {
return 0;
}
return compile_state_get_indirect_hit_groups(state->compile_state,
return rule_state_get_indirect_hit_groups(state->rule_state,
group_array, array_size);
}
size_t maat_state_get_indirect_hit_group_cnt(struct maat_state *state)
{
if (NULL == state || NULL == state->compile_state) {
if (NULL == state || NULL == state->rule_state) {
return 0;
}
return compile_state_get_indirect_hit_group_cnt(state->compile_state);
return rule_state_get_indirect_hit_group_cnt(state->rule_state);
}
int maat_state_get_last_hit_groups(struct maat_state *state,
struct maat_hit_group *group_array,
size_t array_size)
{
if (NULL == state || NULL == state->compile_state) {
if (NULL == state || NULL == state->rule_state) {
return 0;
}
return compile_state_get_last_hit_groups(state->compile_state,
return rule_state_get_last_hit_groups(state->rule_state,
group_array, array_size);
}
size_t maat_state_get_last_hit_group_cnt(struct maat_state *state)
{
if (NULL == state || NULL == state->compile_state) {
if (NULL == state || NULL == state->rule_state) {
return 0;
}
return compile_state_get_last_hit_group_cnt(state->compile_state);
return rule_state_get_last_hit_group_cnt(state->rule_state);
}

10
src/maat_core.c
View File

@@ -23,7 +23,7 @@
#include "maat_config_monitor.h"
#include "maat_redis_monitor.h"
#include "maat_table.h"
#include "maat_compile.h"
#include "maat_rule.h"
#include "maat_plugin.h"
#include "maat_ip_plugin.h"
#include "maat_ipport_plugin.h"
@@ -108,12 +108,12 @@ maat_start_cb(long long new_version, int update_type, void *u_param)
for (i = 0; i < max_table_cnt; i++) {
table_type = table_manager_get_table_type(maat_inst->tbl_mgr, i);
if (table_type == TABLE_TYPE_COMPILE) {
// compile runtime need a reference to maat runtime
void *compile_rt =
if (table_type == TABLE_TYPE_RULE) {
// rule runtime need a reference to maat runtime
void *rule_rt =
table_manager_get_updating_runtime(maat_inst->tbl_mgr, i);
compile_runtime_init(compile_rt, maat_inst->creating_maat_rt);
rule_runtime_init(rule_rt, maat_inst->creating_maat_rt);
}
}
} else {

34
src/maat_expr.c
View File

@@ -20,7 +20,7 @@
#include "rcu_hash.h"
#include "maat.h"
#include "maat_core.h"
#include "maat_compile.h"
#include "maat_rule.h"
#include "maat_group.h"
#include "alignment.h"
#include "maat_garbage_collection.h"
@@ -953,9 +953,9 @@ int expr_runtime_scan(struct expr_runtime *expr_rt, int thread_id,
const char *data, size_t data_len,
int vtable_id, struct maat_state *state)
{
//clear compile_state->last_hit_group
if (state != NULL && state->compile_state != NULL) {
compile_state_clear_last_hit_group(state->compile_state);
//clear rule_state->last_hit_group
if (state != NULL && state->rule_state != NULL) {
rule_state_clear_last_hit_group(state->rule_state);
}
if (0 == expr_rt->rule_num) {
@@ -1013,14 +1013,14 @@ int expr_runtime_scan(struct expr_runtime *expr_rt, int thread_id,
}
next:
if (NULL == state->compile_state) {
state->compile_state = compile_state_new();
alignment_int64_array_add(state->maat_inst->stat->compile_state_cnt,
if (NULL == state->rule_state) {
state->rule_state = rule_state_new();
alignment_int64_array_add(state->maat_inst->stat->rule_state_cnt,
state->thread_id, 1);
}
return compile_state_update(state->compile_state, state->maat_inst, vtable_id,
state->compile_table_id, state->Nth_scan,
return rule_state_update(state->rule_state, state->maat_inst, vtable_id,
state->rule_table_id, state->Nth_scan,
hit_maat_items, real_hit_item_num);
}
@@ -1049,9 +1049,9 @@ int expr_runtime_stream_scan(struct expr_runtime_stream *expr_rt_stream,
{
struct expr_runtime *expr_rt = expr_rt_stream->ref_expr_rt;
//clear compile_state->last_hit_group
if (state != NULL && state->compile_state != NULL) {
compile_state_clear_last_hit_group(state->compile_state);
//clear rule_state->last_hit_group
if (state != NULL && state->rule_state != NULL) {
rule_state_clear_last_hit_group(state->rule_state);
}
if (0 == expr_rt->rule_num) {
@@ -1107,14 +1107,14 @@ int expr_runtime_stream_scan(struct expr_runtime_stream *expr_rt_stream,
}
next:
if (NULL == state->compile_state) {
state->compile_state = compile_state_new();
alignment_int64_array_add(state->maat_inst->stat->compile_state_cnt,
if (NULL == state->rule_state) {
state->rule_state = rule_state_new();
alignment_int64_array_add(state->maat_inst->stat->rule_state_cnt,
state->thread_id, 1);
}
return compile_state_update(state->compile_state, state->maat_inst, vtable_id,
state->compile_table_id, state->Nth_scan,
return rule_state_update(state->rule_state, state->maat_inst, vtable_id,
state->rule_table_id, state->Nth_scan,
hit_maat_items, real_hit_item_cnt);
}

18
src/maat_flag.c
View File

@@ -19,7 +19,7 @@
#include "rcu_hash.h"
#include "maat_table.h"
#include "alignment.h"
#include "maat_compile.h"
#include "maat_rule.h"
#include "maat_garbage_collection.h"
#define MODULE_FLAG module_name_str("maat.flag")
@@ -555,9 +555,9 @@ long long flag_runtime_rule_count(void *flag_runtime)
int flag_runtime_scan(struct flag_runtime *flag_rt, int thread_id,
long long flag, int vtable_id, struct maat_state *state)
{
//clear compile_state->last_hit_group
if (state != NULL && state->compile_state != NULL) {
compile_state_clear_last_hit_group(state->compile_state);
//clear rule_state->last_hit_group
if (state != NULL && state->rule_state != NULL) {
rule_state_clear_last_hit_group(state->rule_state);
}
if (0 == flag_rt->rule_num) {
@@ -609,14 +609,14 @@ int flag_runtime_scan(struct flag_runtime *flag_rt, int thread_id,
}
next:
if (NULL == state->compile_state) {
state->compile_state = compile_state_new();
alignment_int64_array_add(state->maat_inst->stat->compile_state_cnt,
if (NULL == state->rule_state) {
state->rule_state = rule_state_new();
alignment_int64_array_add(state->maat_inst->stat->rule_state_cnt,
state->thread_id, 1);
}
return compile_state_update(state->compile_state, state->maat_inst, vtable_id,
state->compile_table_id, state->Nth_scan,
return rule_state_update(state->rule_state, state->maat_inst, vtable_id,
state->rule_table_id, state->Nth_scan,
hit_maat_items, real_hit_item_cnt);
}

18
src/maat_interval.c
View File

@@ -15,7 +15,7 @@
#include "rcu_hash.h"
#include "alignment.h"
#include "maat_garbage_collection.h"
#include "maat_compile.h"
#include "maat_rule.h"
#include "interval_matcher.h"
#include "maat_interval.h"
@@ -544,9 +544,9 @@ long long interval_runtime_rule_count(void *interval_runtime)
int interval_runtime_scan(struct interval_runtime *interval_rt, int thread_id,
long long integer, int vtable_id, struct maat_state *state)
{
//clear compile_state->last_hit_group
if (state != NULL && state->compile_state != NULL) {
compile_state_clear_last_hit_group(state->compile_state);
//clear rule_state->last_hit_group
if (state != NULL && state->rule_state != NULL) {
rule_state_clear_last_hit_group(state->rule_state);
}
if (0 == interval_rt->rule_num) {
@@ -598,14 +598,14 @@ int interval_runtime_scan(struct interval_runtime *interval_rt, int thread_id,
}
next:
if (NULL == state->compile_state) {
state->compile_state = compile_state_new();
alignment_int64_array_add(state->maat_inst->stat->compile_state_cnt,
if (NULL == state->rule_state) {
state->rule_state = rule_state_new();
alignment_int64_array_add(state->maat_inst->stat->rule_state_cnt,
state->thread_id, 1);
}
return compile_state_update(state->compile_state, state->maat_inst, vtable_id,
state->compile_table_id, state->Nth_scan,
return rule_state_update(state->rule_state, state->maat_inst, vtable_id,
state->rule_table_id, state->Nth_scan,
hit_maat_items, real_hit_item_cnt);
}

18
src/maat_ip.c
View File

@@ -17,7 +17,7 @@
#include "ip_matcher.h"
#include "maat_ip.h"
#include "maat_core.h"
#include "maat_compile.h"
#include "maat_rule.h"
#include "alignment.h"
#include "maat_garbage_collection.h"
@@ -522,9 +522,9 @@ long long ip_runtime_ipv6_rule_count(void *ip_runtime)
int ip_runtime_scan(struct ip_runtime *ip_rt, int thread_id, int ip_type,
uint8_t *ip_addr, int port, int vtable_id, struct maat_state *state)
{
//clear compile_state->last_hit_group
if (state != NULL && state->compile_state != NULL) {
compile_state_clear_last_hit_group(state->compile_state);
//clear rule_state->last_hit_group
if (state != NULL && state->rule_state != NULL) {
rule_state_clear_last_hit_group(state->rule_state);
}
if (0 == ip_rt->rule_num) {
@@ -593,14 +593,14 @@ int ip_runtime_scan(struct ip_runtime *ip_rt, int thread_id, int ip_type,
real_hit_item_cnt);
}
next:
if (NULL == state->compile_state) {
state->compile_state = compile_state_new();
alignment_int64_array_add(state->maat_inst->stat->compile_state_cnt,
if (NULL == state->rule_state) {
state->rule_state = rule_state_new();
alignment_int64_array_add(state->maat_inst->stat->rule_state_cnt,
state->thread_id, 1);
}
return compile_state_update(state->compile_state, state->maat_inst, vtable_id,
state->compile_table_id, state->Nth_scan,
return rule_state_update(state->rule_state, state->maat_inst, vtable_id,
state->rule_table_id, state->Nth_scan,
hit_maat_items, real_hit_item_cnt);
}

1532
src/maat_compile.c → src/maat_rule.c
View File

File diff suppressed because it is too large Load Diff

50
src/maat_stat.c
View File

@@ -16,7 +16,7 @@
#include "fieldstat/fieldstat_easy.h"
#include "alignment.h"
#include "maat_ip.h"
#include "maat_compile.h"
#include "maat_rule.h"
#include "maat_group.h"
#include "maat_plugin.h"
#include "maat_expr.h"
@@ -31,10 +31,10 @@ enum MAAT_FS_STATUS {
STATUS_PLUGIN_ACC_NUM,
STATUS_CLAUSE_REF_NOT_NUM,
STATUS_GROUP_REF_EXCL_NUM, //group reference exclude group num
STATUS_HIT_COMPILE_NUM,
STATUS_HIT_RULE_NUM,
STATUS_MAAT_STATE_NUM,
STATUS_MAAT_PER_STATE_MEM,
STATUS_COMPILE_STATE_NUM,
STATUS_RULE_STATE_NUM,
STATUS_GARBAGE_QUEUE_LEN,
STATUS_UPDATE_ERR_CNT,
STATUS_SCAN_ERR_CNT,
@@ -84,8 +84,8 @@ static void fs_global_metric_register(struct maat_stat *stat)
stat->g_metric_id[STATUS_GARBAGE_QUEUE_LEN] =
fieldstat_easy_register_counter(stat->fs_handle, "garbage_queue_len");
stat->g_metric_id[STATUS_HIT_COMPILE_NUM] =
fieldstat_easy_register_counter(stat->fs_handle, "hit_compile_num");
stat->g_metric_id[STATUS_HIT_RULE_NUM] =
fieldstat_easy_register_counter(stat->fs_handle, "hit_rule_num");
stat->g_metric_id[STATUS_MAAT_STATE_NUM] =
fieldstat_easy_register_counter(stat->fs_handle, "state_num");
@@ -93,8 +93,8 @@ static void fs_global_metric_register(struct maat_stat *stat)
stat->g_metric_id[STATUS_MAAT_PER_STATE_MEM] =
fieldstat_easy_register_counter(stat->fs_handle, "per_state_mem(B)");
stat->g_metric_id[STATUS_COMPILE_STATE_NUM] =
fieldstat_easy_register_counter(stat->fs_handle, "compile_state_num");
stat->g_metric_id[STATUS_RULE_STATE_NUM] =
fieldstat_easy_register_counter(stat->fs_handle, "rule_state_num");
stat->g_metric_id[STATUS_STREAM_NUM] =
fieldstat_easy_register_counter(stat->fs_handle, "stream_num");
@@ -153,9 +153,9 @@ struct maat_stat *maat_stat_new(const char *stat_file, size_t max_thread_num,
stat->logger = logger;
stat->stream_cnt = alignment_int64_array_alloc(max_thread_num);
stat->thread_call_cnt = alignment_int64_array_alloc(max_thread_num);
stat->hit_compile_cnt = alignment_int64_array_alloc(max_thread_num);
stat->hit_rule_cnt = alignment_int64_array_alloc(max_thread_num);
stat->maat_state_cnt = alignment_int64_array_alloc(max_thread_num);
stat->compile_state_cnt = alignment_int64_array_alloc(max_thread_num);
stat->rule_state_cnt = alignment_int64_array_alloc(max_thread_num);
stat->maat_state_free_cnt = alignment_int64_array_alloc(max_thread_num);
stat->maat_state_free_bytes = alignment_int64_array_alloc(max_thread_num);
@@ -178,9 +178,9 @@ void maat_stat_free(struct maat_stat *stat)
stat->thread_call_cnt = NULL;
}
if (stat->hit_compile_cnt != NULL) {
alignment_int64_array_free(stat->hit_compile_cnt);
stat->hit_compile_cnt = NULL;
if (stat->hit_rule_cnt != NULL) {
alignment_int64_array_free(stat->hit_rule_cnt);
stat->hit_rule_cnt = NULL;
}
if (stat->maat_state_cnt != NULL) {
@@ -188,9 +188,9 @@ void maat_stat_free(struct maat_stat *stat)
stat->maat_state_cnt = NULL;
}
if (stat->compile_state_cnt != NULL) {
alignment_int64_array_free(stat->compile_state_cnt);
stat->compile_state_cnt = NULL;
if (stat->rule_state_cnt != NULL) {
alignment_int64_array_free(stat->rule_state_cnt);
stat->rule_state_cnt = NULL;
}
if (stat->maat_state_free_cnt != NULL) {
@@ -272,8 +272,8 @@ static void fs_table_row_refresh(struct maat_stat *stat, int perf_on)
plugin_cache_num += plugin_runtime_cached_row_count(runtime);
plugin_rule_num += plugin_runtime_rule_count(runtime);
break;
case TABLE_TYPE_GROUP2COMPILE:
g2c_not_clause_num += group2compile_runtime_not_clause_count(runtime);
case TABLE_TYPE_GROUP2RULE:
g2c_not_clause_num += group2rule_runtime_not_clause_count(runtime);
break;
case TABLE_TYPE_GROUP2GROUP:
g2g_excl_rule_num += group2group_runtime_exclude_rule_count(runtime);
@@ -437,14 +437,14 @@ void maat_stat_refresh(struct maat_stat *stat, struct table_manager *tbl_mgr,
long long stream_num =
alignment_int64_array_sum(stat->stream_cnt, stat->nr_worker_thread);
long long hit_compile_num =
alignment_int64_array_sum(stat->hit_compile_cnt, stat->nr_worker_thread);
long long hit_rule_num =
alignment_int64_array_sum(stat->hit_rule_cnt, stat->nr_worker_thread);
long long maat_state_num =
alignment_int64_array_sum(stat->maat_state_cnt, stat->nr_worker_thread);
long long compile_state_num =
alignment_int64_array_sum(stat->compile_state_cnt, stat->nr_worker_thread);
long long rule_state_num =
alignment_int64_array_sum(stat->rule_state_cnt, stat->nr_worker_thread);
long long maat_state_free_num =
alignment_int64_array_sum(stat->maat_state_free_cnt, stat->nr_worker_thread);
@@ -470,8 +470,8 @@ void maat_stat_refresh(struct maat_stat *stat, struct table_manager *tbl_mgr,
stat->g_metric_id[STATUS_TABLE_NUM],
NULL, 0, table_num);
fieldstat_easy_counter_set(stat->fs_handle, 0,
stat->g_metric_id[STATUS_HIT_COMPILE_NUM],
NULL, 0, hit_compile_num);
stat->g_metric_id[STATUS_HIT_RULE_NUM],
NULL, 0, hit_rule_num);
fieldstat_easy_counter_set(stat->fs_handle, 0,
stat->g_metric_id[STATUS_MAAT_STATE_NUM],
NULL, 0, maat_state_num);
@@ -479,8 +479,8 @@ void maat_stat_refresh(struct maat_stat *stat, struct table_manager *tbl_mgr,
stat->g_metric_id[STATUS_MAAT_PER_STATE_MEM],
NULL, 0, per_state_mem);
fieldstat_easy_counter_set(stat->fs_handle, 0,
stat->g_metric_id[STATUS_COMPILE_STATE_NUM],
NULL, 0, compile_state_num);
stat->g_metric_id[STATUS_RULE_STATE_NUM],
NULL, 0, rule_state_num);
fieldstat_easy_counter_set(stat->fs_handle, 0,
stat->g_metric_id[STATUS_CMD_LINE_NUM],
NULL, 0, stat->line_cmd_acc_num);

76
src/maat_table.c
View File

@@ -18,7 +18,7 @@
#include "maat_kv.h"
#include "maat_expr.h"
#include "maat_ip.h"
#include "maat_compile.h"
#include "maat_rule.h"
#include "maat_group.h"
#include "maat_flag.h"
#include "maat_plugin.h"
@@ -52,7 +52,7 @@ struct table_manager {
size_t n_accept_tag;
enum expr_engine_type engine_type;
int default_compile_table_id;
int default_rule_table_id;
int g2g_table_id;
struct maat_kv_store *tbl_name2id_map;
struct maat_kv_store *conj_tbl_name2id_map;
@@ -278,15 +278,15 @@ struct table_operations table_ops[TABLE_TYPE_MAX] = {
.hit_item_num = virtual_runtime_hit_item_num
},
{
.type = TABLE_TYPE_COMPILE,
.new_schema = compile_schema_new,
.free_schema = compile_schema_free,
.new_runtime = compile_runtime_new,
.free_runtime = compile_runtime_free,
.update_runtime = compile_runtime_update,
.commit_runtime = compile_runtime_commit,
.rule_count = compile_runtime_rule_count,
.update_err_count = compile_runtime_update_err_count
.type = TABLE_TYPE_RULE,
.new_schema = rule_schema_new,
.free_schema = rule_schema_free,
.new_runtime = rule_runtime_new,
.free_runtime = rule_runtime_free,
.update_runtime = rule_runtime_update,
.commit_runtime = rule_runtime_commit,
.rule_count = rule_runtime_rule_count,
.update_err_count = rule_runtime_update_err_count
},
{
.type = TABLE_TYPE_GROUP2GROUP,
@@ -300,15 +300,15 @@ struct table_operations table_ops[TABLE_TYPE_MAX] = {
.update_err_count = group2group_runtime_update_err_count
},
{
.type = TABLE_TYPE_GROUP2COMPILE,
.new_schema = group2compile_schema_new,
.free_schema = group2compile_schema_free,
.new_runtime = group2compile_runtime_new,
.free_runtime = group2compile_runtime_free,
.update_runtime = group2compile_runtime_update,
.type = TABLE_TYPE_GROUP2RULE,
.new_schema = group2rule_schema_new,
.free_schema = group2rule_schema_free,
.new_runtime = group2rule_runtime_new,
.free_runtime = group2rule_runtime_free,
.update_runtime = group2rule_runtime_update,
.commit_runtime = NULL,
.rule_count = group2compile_runtime_rule_count,
.update_err_count = group2compile_runtime_update_err_count
.rule_count = group2rule_runtime_rule_count,
.update_err_count = group2rule_runtime_update_err_count
}
};
@@ -499,8 +499,8 @@ static void maat_table_schema_free(void *schema, enum table_type table_type)
static void register_reserved_word(struct maat_kv_store *reserved_word_map)
{
maat_kv_register(reserved_word_map, "compile", TABLE_TYPE_COMPILE);
maat_kv_register(reserved_word_map, "group2compile", TABLE_TYPE_GROUP2COMPILE);
maat_kv_register(reserved_word_map, "rule", TABLE_TYPE_RULE);
maat_kv_register(reserved_word_map, "group2rule", TABLE_TYPE_GROUP2RULE);
maat_kv_register(reserved_word_map, "group2group", TABLE_TYPE_GROUP2GROUP);
maat_kv_register(reserved_word_map, "flag", TABLE_TYPE_FLAG);
maat_kv_register(reserved_word_map, "flag_plus", TABLE_TYPE_FLAG_PLUS);
@@ -787,9 +787,9 @@ static int register_tbl_name2id(struct maat_kv_store *tbl_name2id_map, cJSON *ro
return 0;
}
int maat_default_compile_table_id(cJSON *json, struct log_handle *logger)
int maat_default_rule_table_id(cJSON *json, struct log_handle *logger)
{
cJSON *item = cJSON_GetObjectItem(json, "default_compile_table");
cJSON *item = cJSON_GetObjectItem(json, "default_rule_table");
if (NULL == item || item->type != cJSON_Number) {
return -1;
}
@@ -867,7 +867,7 @@ table_manager_create(const char *table_info_path, const char *accept_tags,
return NULL;
}
int default_compile_table_id = -1;
int default_rule_table_id = -1;
int g2g_table_id = -1;
struct maat_kv_store *reserved_word_map = maat_kv_store_new();
register_reserved_word(reserved_word_map);
@@ -899,9 +899,9 @@ table_manager_create(const char *table_info_path, const char *accept_tags,
}
}
if (maat_tbl->table_type == TABLE_TYPE_COMPILE) {
if (default_compile_table_id < 0) {
default_compile_table_id = maat_default_compile_table_id(json, logger);
if (maat_tbl->table_type == TABLE_TYPE_RULE) {
if (default_rule_table_id < 0) {
default_rule_table_id = maat_default_rule_table_id(json, logger);
}
}
@@ -926,10 +926,10 @@ table_manager_create(const char *table_info_path, const char *accept_tags,
}
}
tbl_mgr->default_compile_table_id = default_compile_table_id;
tbl_mgr->default_rule_table_id = default_rule_table_id;
tbl_mgr->g2g_table_id = g2g_table_id;
log_info(logger, MODULE_TABLE, "default compile table id: %d", default_compile_table_id);
log_info(logger, MODULE_TABLE, "default rule table id: %d", default_rule_table_id);
log_info(logger, MODULE_TABLE, "group2group table id: %d", g2g_table_id);
next:
FREE(json_buff);
@@ -990,18 +990,18 @@ int table_manager_runtime_create(struct table_manager *tbl_mgr, size_t max_threa
garbage_bin, tbl_mgr->logger);
}
/* group2compile runtime depends on associated compile runtime,
must make sure associated compile runtime already exist */
/* group2rule runtime depends on associated rule runtime,
must make sure associated rule runtime already exist */
for (i = 0; i < MAX_TABLE_NUM; i++) {
table_type = table_manager_get_table_type(tbl_mgr, i);
if (table_type != TABLE_TYPE_GROUP2COMPILE) {
if (table_type != TABLE_TYPE_GROUP2RULE) {
continue;
}
void *schema = table_manager_get_schema(tbl_mgr, i);
if (NULL == schema) {
log_fatal(tbl_mgr->logger, MODULE_TABLE,
"[%s:%d] group2compile table(table_id:%d) schema is null",
"[%s:%d] group2rule table(table_id:%d) schema is null",
__FUNCTION__, __LINE__, i);
continue;
}
@@ -1011,9 +1011,9 @@ int table_manager_runtime_create(struct table_manager *tbl_mgr, size_t max_threa
continue;
}
int asso_compile_table_id = group2compile_associated_compile_table_id(schema);
void *compile_updating_rt = table_manager_get_updating_runtime(tbl_mgr, asso_compile_table_id);
group2compile_runtime_init(g2c_updating_rt, compile_updating_rt);
int asso_rule_table_id = group2rule_associated_rule_table_id(schema);
void *rule_updating_rt = table_manager_get_updating_runtime(tbl_mgr, asso_rule_table_id);
group2rule_runtime_init(g2c_updating_rt, rule_updating_rt);
}
return 0;
@@ -1154,13 +1154,13 @@ enum table_type table_manager_get_table_type(struct table_manager *tbl_mgr, int
return tbl_mgr->tbl[table_id]->table_type;
}
int table_manager_get_default_compile_table_id(struct table_manager *tbl_mgr)
int table_manager_get_default_rule_table_id(struct table_manager *tbl_mgr)
{
if (NULL == tbl_mgr) {
return -1;
}
return tbl_mgr->default_compile_table_id;
return tbl_mgr->default_rule_table_id;
}
int table_manager_get_group2group_table_id(struct table_manager *tbl_mgr)

2
src/version.map
View File

@@ -9,7 +9,7 @@ global:
maat_get_table_schema_tag;
maat_reload_log_level;
maat_table*;
maat_compile_table*;
maat_rule_table*;
maat_plugin_table*;
maat_ip_plugin_table*;
maat_ipport_plugin_table*;