diff --git a/plugin/business/decrypt-mirroring/include/external/decrypt_mirror_plugin.h b/plugin/business/decrypt-mirroring/include/external/decrypt_mirror_plugin.h
new file mode 100644
index 0000000..73d9e21
--- /dev/null
+++ b/plugin/business/decrypt-mirroring/include/external/decrypt_mirror_plugin.h
@@ -0,0 +1,15 @@
+#pragma once
+#include <tfe_stream.h>
+
+int decrypt_mirror_init(void *proxy);
+
+enum tfe_stream_action decrypt_mirror_on_open_cb(const struct tfe_stream * stream, unsigned int thread_id,
+	enum tfe_conn_dir dir, const unsigned char * data, size_t len, void ** pme);
+
+enum tfe_stream_action decrypt_mirror_on_data_cb(const struct tfe_stream * stream, unsigned int thread_id,
+	enum tfe_conn_dir dir, const unsigned char * data, size_t len, void ** pme);
+
+void decrypt_mirror_on_close_cb(const struct tfe_stream * stream, unsigned int thread_id,
+	enum tfe_stream_close_reason reason, void ** pme);
+void decrypt_mirror_deinit(void);
+
diff --git a/plugin/business/decrypt-mirroring/include/external/decrypt-mirroring.h b/plugin/business/decrypt-mirroring/include/internal/mirror_stream.h
similarity index 80%
rename from plugin/business/decrypt-mirroring/include/external/decrypt-mirroring.h
rename to plugin/business/decrypt-mirroring/include/internal/mirror_stream.h
index 944eb08..cc72560 100644
--- a/plugin/business/decrypt-mirroring/include/external/decrypt-mirroring.h
+++ b/plugin/business/decrypt-mirroring/include/internal/mirror_stream.h
@@ -3,21 +3,17 @@
 
 #include <sys/socket.h>
 #include <netinet/in.h>
-
-
-#ifdef __cplusplus
-extern "C" {
-#endif
+#include <tfe_stream.h>
 
 
 #define DELIVER_DIR_C2S				0x01
 #define DELIVER_DIR_S2C				0x02
 
 
-struct deliver_addr_info
+struct origin_stream_addr
 {
-	struct sockaddr client;
-	struct sockaddr server;
+	struct sockaddr* client;
+	struct sockaddr* server;
 };
 
 
@@ -31,7 +27,7 @@ Return:
 	0:succes
 	<0:error
 ***************************************************************************/
-int deliver_init(int thread_num,char* filepath);
+int mirror_stream_init(int thread_num, const char* filepath);
 
 
 
@@ -45,7 +41,7 @@ Return:
 	0:succes
 	<0:error
 ***************************************************************************/
-int deliver_session_start(int thread_seq,struct deliver_addr_info* addr,void** pme);
+int mirror_stream_open(struct origin_stream_addr* addr,void** pme);
 
 
 
@@ -61,7 +57,7 @@ Return:
 	0:succes
 	<0:error
 ***************************************************************************/
-int deliver_session_data(int cur_dir,int thread_seq,int buflen,char*buf,void** pme);
+int mirror_stream_write(enum tfe_conn_dir cur_dir,const unsigned char * data, size_t len, void** pme,int thread_seq);
 
 
 
@@ -74,14 +70,7 @@ Return:
 	0:succes
 	<0:error
 ***************************************************************************/
-int deliver_session_end(int thread_seq,void** pme);
-
-
-
-#ifdef __cplusplus
-}
-#endif
-
+void mirror_stream_close(void** pme, int thread_id);
 
 
 #endif
diff --git a/plugin/business/decrypt-mirroring/include/internal/decrypt-mirroring-inl.h b/plugin/business/decrypt-mirroring/include/internal/mirror_stream_inl.h
similarity index 92%
rename from plugin/business/decrypt-mirroring/include/internal/decrypt-mirroring-inl.h
rename to plugin/business/decrypt-mirroring/include/internal/mirror_stream_inl.h
index dc5e8c2..1cd33b0 100644
--- a/plugin/business/decrypt-mirroring/include/internal/decrypt-mirroring-inl.h
+++ b/plugin/business/decrypt-mirroring/include/internal/mirror_stream_inl.h
@@ -1,7 +1,7 @@
 #ifndef DELIVER_PRIVATE_H
 #define DELIVER_PRIVATE_H
 
-#include <decrypt-mirroring.h>
+#include <mirror_stream.h>
 #include <MESA/field_stat2.h>
 
 #ifndef MAX_THREAD_NUM
@@ -12,8 +12,8 @@
 #define DELIVER_SENDPKT_BUFLEN				2048
 
 //runtime log
-#define DELIVER_MODULE_INIT					"deliver_init"
-#define DELIVER_MODULE_SENDPKT				"deliver_sendpkt"
+#define DELIVER_MODULE_INIT					"mirror_stream_init"
+#define DELIVER_MODULE_SENDPKT				"mirror_stream_sendpkt"
 #define DELIVER_SENDPKT_START				"sendpkt_start"
 #define DELIVER_SENDPKT_DEBUG				"sendpkt_debug"
 #define DELIVER_RECVPKT_DEBUG				"recvpkt_debug"
@@ -76,7 +76,7 @@ struct deliver_comm_info
 
 struct deliver_pkt_info
 {
-	int dir;
+	enum tfe_conn_dir dir;
 	unsigned int seq;				//host order
 	unsigned int ack;				//host order
 	unsigned int len;				//host order,tcp payload len
@@ -99,7 +99,7 @@ struct deliver_session_info
 struct deliver_pme_info
 {
 	unsigned char dst_macaddr[DELIVER_MACADDR_LEN];
-	struct deliver_addr_info addr_info;
+	struct origin_stream_addr addr_info;
 	struct deliver_pkt_info pkt_info;
 	struct deliver_session_info session_info;
 };
diff --git a/plugin/business/decrypt-mirroring/src/decrypt_mirror_plugin.cpp b/plugin/business/decrypt-mirroring/src/decrypt_mirror_plugin.cpp
new file mode 100644
index 0000000..bc02cc7
--- /dev/null
+++ b/plugin/business/decrypt-mirroring/src/decrypt_mirror_plugin.cpp
@@ -0,0 +1,41 @@
+#include "mirror_stream.h"
+#include <tfe_stream.h>
+
+int decrypt_mirror_init(void *proxy)
+{
+	const char* filepath="./conf/decrypt_mirror.conf";
+	int thread_num=2;//todo: aquire from proxy;
+	int mirro_stream_init(thread_num, filepath);
+	return 0;
+}
+
+enum tfe_stream_action decrypt_mirror_on_open_cb(const struct tfe_stream * stream, unsigned int thread_id,
+	enum tfe_conn_dir dir, const unsigned char * data, size_t len, void ** pme)
+{
+	struct layer_addr* addr=NULL; //=stream->addr;
+	int ret=0;
+	ret=mirror_stream_open(thread_id, addr, pme);
+	assert(ret==0);
+	return ACTION_FORWARD_DATA;
+}
+
+enum tfe_stream_action decrypt_mirror_on_data_cb(const struct tfe_stream * stream, unsigned int thread_id,
+	enum tfe_conn_dir dir, const unsigned char * data, size_t len, void ** pme)
+{
+	int ret=0;
+	ret=mirror_stream_write(thread_id, data,len, pme, thread_id);
+	return ACTION_FORWARD_DATA;
+}
+
+void decrypt_mirror_on_close_cb(const struct tfe_stream * stream, unsigned int thread_id,
+	enum tfe_stream_close_reason reason, void ** pme)
+{
+	int ret=0;
+	ret=mirror_stream_close(pme, thread_id);
+	return;
+}
+void decrypt_mirror_deinit(void)
+{
+	return;
+}
+
diff --git a/plugin/business/decrypt-mirroring/src/deliver.cpp b/plugin/business/decrypt-mirroring/src/mirror_stream.cpp
similarity index 95%
rename from plugin/business/decrypt-mirroring/src/deliver.cpp
rename to plugin/business/decrypt-mirroring/src/mirror_stream.cpp
index 6341450..a61f892 100644
--- a/plugin/business/decrypt-mirroring/src/deliver.cpp
+++ b/plugin/business/decrypt-mirroring/src/mirror_stream.cpp
@@ -19,8 +19,8 @@
 #include <MESA/MESA_handle_logger.h>
 #include <MESA/field_stat2.h>
 
-#include <decrypt-mirroring.h>
-#include <decrypt-mirroring-inl.h>
+#include <mirror_stream.h>
+#include <mirror_stream_inl.h>
 #include <sendpkt-inl.h>
 
 int g_deliver_version_VERSION_20180718;
@@ -240,14 +240,14 @@ int deliver_sendpkt_ether(int thread_seq,int buflen,unsigned char* buf,unsigned
 }
 
 
-int deliver_init_pmeinfo(struct deliver_addr_info* addr,void** pme)
+int deliver_init_pmeinfo(struct origin_stream_addr* addr,void** pme)
 {
 //TODO:choose dst mac
 	int i=deliver_rand()%(g_deliver_sendinfo.receiver_num);
 
 	struct deliver_pme_info* pmeinfo=(struct deliver_pme_info*)malloc(sizeof(struct deliver_pme_info));
 	memset(pmeinfo,0,sizeof(struct deliver_pme_info));
-	memcpy((void*)&pmeinfo->addr_info,(void*)addr,sizeof(struct deliver_addr_info));
+	memcpy((void*)&pmeinfo->addr_info,(void*)addr,sizeof(struct origin_stream_addr));
 	memcpy(pmeinfo->dst_macaddr,g_deliver_sendinfo.receiver_info[i].dst_macaddr,DELIVER_MACADDR_LEN);
 
 	*pme=pmeinfo;
@@ -443,7 +443,7 @@ int deliver_send_ack(int thread_seq,struct deliver_pme_info* pmeinfo)
 }
 
 
-int deliver_set_pktinfo(struct deliver_pme_info* pmeinfo,int flag,int cur_dir,int payload_len)
+int deliver_set_pktinfo(struct deliver_pme_info* pmeinfo,int flag,enum tfe_conn_dir cur_dir,int payload_len)
 {
 	struct deliver_pkt_info last_pkt_info;
 	memcpy((void*)&last_pkt_info,(void*)&(pmeinfo->pkt_info),sizeof(struct deliver_pkt_info));
@@ -498,7 +498,7 @@ int deliver_send_rst(int thread_seq,struct deliver_pme_info* pmeinfo)
 
 
 
-int deliver_session_start(int thread_seq,struct deliver_addr_info* addr,void** pme)
+int mirror_stream_open(int thread_seq,struct origin_stream_addr* addr,void** pme)
 {
 	struct deliver_pme_info* pmeinfo=NULL;
 
@@ -513,34 +513,34 @@ int deliver_session_start(int thread_seq,struct deliver_addr_info* addr,void** p
 
 }
 
-int deliver_session_data(int cur_dir,int thread_seq,int buflen,char*buf,void** pme)
+int mirror_stream_write(enum tfe_conn_dir cur_dir,const unsigned char * data, size_t len, void** pme,int thread_seq)
 {
 	int i=0;
-	char* payload=buf;
+	char* payload=data;
 	int payload_len=0;
-	int remain_len=buflen;
-	int pkt_num=(buflen/(g_deliver_sendinfo.mtu))+1;
+	int remain_len=len;
+	int pkt_num=(len/(g_deliver_sendinfo.mtu))+1;
 	struct deliver_pme_info* pmeinfo=(struct deliver_pme_info*)*pme;
 
 	
 	deliver_set_filestate2(thread_seq,FS2_COLUME_RECVPKT,1);
-	deliver_set_filestate2(thread_seq,FS2_COLUME_RECVBYTE,buflen);
+	deliver_set_filestate2(thread_seq,FS2_COLUME_RECVBYTE,len);
 
 	pmeinfo->session_info.recv_pkt++;
-	pmeinfo->session_info.recv_byte+=buflen;
+	pmeinfo->session_info.recv_byte+=len;
 	if(pmeinfo->addr_info.client.sa_family==AF_INET)
 	{
-		deliver_debug_log_v4(RLOG_LV_DEBUG,(char*)DELIVER_RECVPKT_DEBUG,pmeinfo,DELIVER_FLAG_RECVPKT,buflen);
+		deliver_debug_log_v4(RLOG_LV_DEBUG,(char*)DELIVER_RECVPKT_DEBUG,pmeinfo,DELIVER_FLAG_RECVPKT,len);
 	}
 	else
 	{
-		deliver_debug_log_v6(RLOG_LV_DEBUG,(char*)DELIVER_RECVPKT_DEBUG,pmeinfo,DELIVER_FLAG_RECVPKT,buflen);
+		deliver_debug_log_v6(RLOG_LV_DEBUG,(char*)DELIVER_RECVPKT_DEBUG,pmeinfo,DELIVER_FLAG_RECVPKT,len);
 	}
 	
 	for(i=0;i<pkt_num;i++)
 	{
 		payload_len=remain_len<(g_deliver_sendinfo.mtu)?remain_len:(g_deliver_sendinfo.mtu);
-		payload=buf+(buflen-remain_len);
+		payload=data+(len-remain_len);
 		remain_len-=g_deliver_sendinfo.mtu;
 	
 		deliver_set_pktinfo(pmeinfo,TH_ACK,cur_dir,payload_len);
@@ -558,11 +558,11 @@ int deliver_session_data(int cur_dir,int thread_seq,int buflen,char*buf,void** p
 }
 
 
-int deliver_session_end(int thread_seq,void** pme)
+void mirror_stream_close(void** pme, int thread_id)
 {
 	struct deliver_pme_info* pmeinfo=(struct deliver_pme_info*)*pme;
 	
-	deliver_send_rst(thread_seq,pmeinfo);
+	deliver_send_rst(thread_id,pmeinfo);
 
 
 	if(*pme!=NULL)
@@ -570,9 +570,7 @@ int deliver_session_end(int thread_seq,void** pme)
 		free(*pme);
 		*pme=NULL;
 	}
-
-	
-	return 0;
+	return;
 }
 
 
@@ -599,7 +597,7 @@ int deliver_device_init()
 
 }
 
-int deliver_profile_init(char* filepath,int* logger_level,char* logger_filepath)
+int deliver_profile_init(const char* filepath,int* logger_level,char* logger_filepath)
 {
 	int i=1;
 	char mac_addr_str[DELIVER_MACADDR_STR_LEN];
@@ -678,7 +676,7 @@ int deliver_init_log()
 
 }
 
-int deliver_init(int thread_num,char* filepath)
+int mirror_stream_init(int thread_num, const char* filepath)
 {
 	int i=0;
 	int logger_level;
diff --git a/plugin/business/decrypt-mirroring/test/test_deliver.c b/plugin/business/decrypt-mirroring/test/test_deliver.c
index e9aa546..0516b19 100644
--- a/plugin/business/decrypt-mirroring/test/test_deliver.c
+++ b/plugin/business/decrypt-mirroring/test/test_deliver.c
@@ -16,7 +16,7 @@ extern "C" char deliver_tcp_entry(const struct streaminfo* pstream,void** pme,in
 {
 	char ret=APP_STATE_DROPPKT;
 
-	struct deliver_addr_info addrinfo;
+	struct origin_stream_addr addrinfo;
 	struct sockaddr_in client_addr;
 	struct sockaddr_in server_addr;
 		
@@ -33,17 +33,17 @@ extern "C" char deliver_tcp_entry(const struct streaminfo* pstream,void** pme,in
 		memcpy(&addrinfo.client,&client_addr,sizeof(struct sockaddr));
 		memcpy(&addrinfo.server,&server_addr,sizeof(struct sockaddr));
 	
-		deliver_session_start(thread_seq,&addrinfo,pme);
+		mirror_stream_start(thread_seq,&addrinfo,pme);
 	}
 
 	if(ip_hdr!=NULL)
 	{
-		deliver_session_data(pstream->curdir,thread_seq,pstream->ptcpdetail->datalen,(char*)pstream->ptcpdetail->pdata,pme);
+		mirror_stream_append(pstream->curdir,thread_seq,pstream->ptcpdetail->datalen,(char*)pstream->ptcpdetail->pdata,pme);
 	}
 	
 	if(pstream->opstate==OP_STATE_CLOSE)
 	{
-		deliver_session_end(thread_seq,pme);
+		mirror_stream_end(thread_seq,pme);
 	}
 
 	return ret;
@@ -55,7 +55,7 @@ extern "C" char deliver_tcpall_entry(const struct streaminfo* pstream,void** pme
 {
 	char ret=APP_STATE_DROPPKT;
 
-	struct deliver_addr_info addrinfo;
+	struct origin_stream_addr addrinfo;
 	struct sockaddr_in client_addr;
 	struct sockaddr_in server_addr;
 		
@@ -69,17 +69,17 @@ extern "C" char deliver_tcpall_entry(const struct streaminfo* pstream,void** pme
 		memcpy(&addrinfo.client,&client_addr,sizeof(struct sockaddr));
 		memcpy(&addrinfo.server,&server_addr,sizeof(struct sockaddr));
 	
-		deliver_session_start(thread_seq,&addrinfo,pme);
+		mirror_stream_start(thread_seq,&addrinfo,pme);
 	}
 
 	if(ip_hdr!=NULL)
 	{
-		deliver_session_data(pstream->curdir,thread_seq,pstream->ptcpdetail->datalen,(char*)pstream->ptcpdetail->pdata,pme);
+		mirror_stream_append(pstream->curdir,thread_seq,pstream->ptcpdetail->datalen,(char*)pstream->ptcpdetail->pdata,pme);
 	}
 	
 	if(pstream->opstate==OP_STATE_CLOSE)
 	{
-		deliver_session_end(thread_seq,pme);
+		mirror_stream_end(thread_seq,pme);
 	}
 
 	return ret;
@@ -90,7 +90,7 @@ extern "C" char test_deliver_init()
 {
 	int ret=0;
 	
-	ret=deliver_init(g_iThreadNum,(char*)"./conf/deliver.conf");
+	ret=mirro_stream_init(g_iThreadNum,(char*)"./conf/deliver.conf");
 	if(ret<0)
 	{
 		printf("test deliver init error!\n");