bugfix: TSG-7285 在TSG-9140设备上,Proxy解密流量转发封装MAC地址时未使用策略中指定的MAC
This commit is contained in:
luwenpeng
@@ -51,6 +51,8 @@ struct profile_table_ex_data
|
||||
/* Target VLANS */
|
||||
unsigned int * vlans;
|
||||
struct ether_addr * ether_addrs;
|
||||
int rewrite_mac;
|
||||
int rewrite_vlan;
|
||||
};
|
||||
|
||||
struct traffic_mirror_ethdev_pcap
|
||||
@@ -100,6 +102,8 @@ struct traffic_mirror_rebuild_target
|
||||
{
|
||||
struct ether_addr ether_addr;
|
||||
unsigned int vlan_tci;
|
||||
int rewrite_as_target_mac;
|
||||
int rewrite_as_target_vlan;
|
||||
};
|
||||
|
||||
struct traffic_mirror_ethdev * traffic_mirror_ethdev_pcap_create(const char * str_ethdev, void * logger);
|
||||
|
||||
@@ -209,6 +209,8 @@ void profile_table_ex_data_new_cb(int table_id, const char * key, const char * t
|
||||
|
||||
ex_data = ALLOC(struct profile_table_ex_data, 1);
|
||||
ex_data->atomic_refcnt = 1;
|
||||
ex_data->rewrite_mac = 0;
|
||||
ex_data->rewrite_vlan = 0;
|
||||
|
||||
json_item = cJSON_GetObjectItem(json_root, "vlan");
|
||||
if (json_item)
|
||||
@@ -244,6 +246,7 @@ void profile_table_ex_data_new_cb(int table_id, const char * key, const char * t
|
||||
goto ignore;
|
||||
}
|
||||
|
||||
ex_data->rewrite_vlan = 1;
|
||||
ex_data->vlans[iter] = vlan_in_number;
|
||||
ex_data->ether_addrs[iter] = ether_addr_broadcast;
|
||||
iter++;
|
||||
@@ -288,6 +291,12 @@ void profile_table_ex_data_new_cb(int table_id, const char * key, const char * t
|
||||
ex_data->ether_addrs[iter] = ether_addr_aton;
|
||||
ex_data->vlans[iter] = instance->default_vlan_id_for_mac;
|
||||
iter++;
|
||||
|
||||
ex_data->rewrite_mac = 1;
|
||||
if (instance->default_vlan_id_for_mac)
|
||||
{
|
||||
ex_data->rewrite_vlan = 1;
|
||||
}
|
||||
}
|
||||
|
||||
assert(iter == ex_data->nr_targets);
|
||||
@@ -597,13 +606,7 @@ int traffic_mirror_on_open_cb(const struct tfe_stream * stream, unsigned int thr
|
||||
snprintf(str_policy_id, sizeof(str_policy_id), "%u", opt_val);
|
||||
policy_ex_data = (struct policy_table_ex_data *) Maat_plugin_get_EX_data(instance->maat_feather,
|
||||
instance->policy_table_id, str_policy_id);
|
||||
|
||||
if (!policy_ex_data)
|
||||
{
|
||||
goto detach;
|
||||
}
|
||||
|
||||
if (!policy_ex_data->enable)
|
||||
if (!policy_ex_data || !policy_ex_data->enable)
|
||||
{
|
||||
goto detach;
|
||||
}
|
||||
@@ -611,7 +614,6 @@ int traffic_mirror_on_open_cb(const struct tfe_stream * stream, unsigned int thr
|
||||
snprintf(str_profile_id, sizeof(str_policy_id), "%u", policy_ex_data->profile_id);
|
||||
profile_ex_data = (struct profile_table_ex_data *) Maat_plugin_get_EX_data(instance->maat_feather,
|
||||
instance->profile_table_id, str_profile_id);
|
||||
|
||||
if (!profile_ex_data)
|
||||
{
|
||||
TFE_LOG_ERROR(instance->logger, "failed at getting policy %s's profile, profile id = %s, "
|
||||
@@ -621,7 +623,6 @@ int traffic_mirror_on_open_cb(const struct tfe_stream * stream, unsigned int thr
|
||||
|
||||
ret = tfe_cmsg_get_value(cmsg, TFE_CMSG_SRC_MAC, (unsigned char *) &c_ether_addr,
|
||||
sizeof(c_ether_addr), &opt_out_size);
|
||||
|
||||
if (ret < 0 || memcmp(&c_ether_addr, &zero_mac, sizeof(c_ether_addr)) == 0)
|
||||
{
|
||||
TFE_LOG_ERROR(instance->logger, "failed at source mac address, user default src mac: {0x01, 0x02, 0x03, 0x04, 0x05, 0x06}");
|
||||
@@ -630,7 +631,6 @@ int traffic_mirror_on_open_cb(const struct tfe_stream * stream, unsigned int thr
|
||||
|
||||
ret = tfe_cmsg_get_value(cmsg, TFE_CMSG_DST_MAC, (unsigned char *) &s_ether_addr,
|
||||
sizeof(s_ether_addr), &opt_out_size);
|
||||
|
||||
if (ret < 0 || memcmp(&s_ether_addr, &zero_mac, sizeof(s_ether_addr)) == 0)
|
||||
{
|
||||
TFE_LOG_ERROR(instance->logger, "failed at dest mac address, user default dest mac: {0x06, 0x05, 0x04, 0x03, 0x02, 0x01}");
|
||||
@@ -641,6 +641,8 @@ int traffic_mirror_on_open_cb(const struct tfe_stream * stream, unsigned int thr
|
||||
rebuild_target = ALLOC(struct traffic_mirror_rebuild_target, 1);
|
||||
rebuild_target->vlan_tci = profile_ex_data->vlans[target_id];
|
||||
rebuild_target->ether_addr = profile_ex_data->ether_addrs[target_id];
|
||||
rebuild_target->rewrite_as_target_mac = profile_ex_data->rewrite_mac;
|
||||
rebuild_target->rewrite_as_target_vlan = profile_ex_data->rewrite_vlan;
|
||||
|
||||
me = ALLOC(struct traffic_mirror_me, 1);
|
||||
me->rebuild_ctx = traffic_mirror_rebuild_create(stream->addr, &c_ether_addr, &s_ether_addr,
|
||||
|
||||
@@ -319,16 +319,19 @@ static void tcp_segment_send_to_target_group(struct tfe_stream_addr * addr, stru
|
||||
unsigned int pkt_len = 0;
|
||||
|
||||
/* Ethernet and VLAN header */
|
||||
if (target->vlan_tci > 0)
|
||||
{
|
||||
pkt_len += ether_header_construct(ethdev, pkt_buffer, ether_addr_src,
|
||||
ether_addr_dst, target->vlan_tci, l3_protocol);
|
||||
}
|
||||
else
|
||||
{
|
||||
pkt_len += ether_header_construct(ethdev, pkt_buffer, ether_addr_src,
|
||||
if ((target->rewrite_as_target_mac && target->rewrite_as_target_vlan) ||
|
||||
(target->rewrite_as_target_mac && !target->rewrite_as_target_vlan))
|
||||
{
|
||||
pkt_len += ether_header_construct(ethdev, pkt_buffer, ether_addr_src,
|
||||
&target->ether_addr, target->vlan_tci, l3_protocol);
|
||||
}
|
||||
}
|
||||
// !target->rewrite_as_target_mac && target->rewrite_as_target_vlan
|
||||
// !target->rewrite_as_target_mac && !target->rewrite_as_target_vlan
|
||||
else
|
||||
{
|
||||
pkt_len += ether_header_construct(ethdev, pkt_buffer, ether_addr_src,
|
||||
ether_addr_dst, target->vlan_tci, l3_protocol);
|
||||
}
|
||||
|
||||
/* IPv4/IPv6 Header */
|
||||
pkt_len += ip_header_construct_by_stream_addr(addr,
|
||||
|
||||
Reference in New Issue
Block a user