diff --git a/common/include/tfe_cmsg.h b/common/include/tfe_cmsg.h index b8d7c3e..7386c6b 100644 --- a/common/include/tfe_cmsg.h +++ b/common/include/tfe_cmsg.h @@ -30,25 +30,25 @@ enum tfe_cmsg_tlv_type TFE_CMSG_TCP_RESTORE_PROTOCOL = 0xa, TFE_CMSG_TCP_RESTORE_WINDOW_CLIENT = 0xb, TFE_CMSG_TCP_RESTORE_WINDOW_SERVER = 0xc, - TFE_CMSG_TCP_RESTORE_INFO_PACKET_CUR_DIR = 0xd, + TFE_CMSG_TCP_RESTORE_INFO_PACKET_CUR_DIR = 0xd, TFE_CMSG_TCP_RESTORE_TS_CLIENT_VAL = 0xe, TFE_CMSG_TCP_RESTORE_TS_SERVER_VAL = 0xf, - TFE_CMSG_POLICY_ID = 0x10, // size uint64_t + TFE_CMSG_POLICY_ID = 0x10, // size uint64_t TFE_CMSG_STREAM_TRACE_ID = 0x11, - TFE_CMSG_TCP_OPTION_PROFILE_ID, // size int - TFE_CMSG_DECRYPTION_PROFILE_ID, // size int - TFE_CMSG_KEYRING_FOR_TRUSTED_ID, // size int - TFE_CMSG_KEYRING_FOR_UNTRUSTED, // size int + TFE_CMSG_TCP_OPTION_PROFILE_ID, // size int + TFE_CMSG_DECRYPTION_PROFILE_ID, // size int + TFE_CMSG_KEYRING_FOR_TRUSTED_ID, // size int + TFE_CMSG_KEYRING_FOR_UNTRUSTED, // size int - TFE_CMSG_SSL_INTERCEPT_STATE, //size uint8_t, 0-passthrough, 1-intercept, 2-shutdown, referer from enum ssl_stream_action - TFE_CMSG_SSL_SERVER_SIDE_LATENCY, //size uint64_t, milisecond - TFE_CMSG_SSL_CLIENT_SIDE_LATENCY, //size uint64_t, milisecond - TFE_CMSG_SSL_SERVER_SIDE_VERSION, //string, SSLv3 TLSv1 TLSv1.1 TLSv1.2 TLSv1.3 unknown + TFE_CMSG_SSL_INTERCEPT_STATE, // size uint8_t, 0-passthrough, 1-intercept, 2-shutdown, referer from enum ssl_stream_action + TFE_CMSG_SSL_SERVER_SIDE_LATENCY, // size uint64_t, milisecond + TFE_CMSG_SSL_CLIENT_SIDE_LATENCY, // size uint64_t, milisecond + TFE_CMSG_SSL_SERVER_SIDE_VERSION, // string, SSLv3 TLSv1 TLSv1.1 TLSv1.2 TLSv1.3 unknown TFE_CMSG_SSL_CLIENT_SIDE_VERSION, - TFE_CMSG_SSL_PINNING_STATE, // size uint8_t, 0-not pinning 1-pinning 2-maybe pinning - TFE_CMSG_SSL_CERT_VERIFY, // size uint8_t - TFE_CMSG_SSL_ERROR, //string + TFE_CMSG_SSL_PINNING_STATE, // size uint8_t, 0-not pinning 1-pinning 2-maybe pinning + TFE_CMSG_SSL_CERT_VERIFY, // size uint8_t + TFE_CMSG_SSL_ERROR, // string /* Original Traffic's src & dst MAC address */ TFE_CMSG_SRC_MAC, @@ -75,48 +75,35 @@ enum tfe_cmsg_tlv_type TFE_CMSG_UPSTREAM_TCP_KEEPINTVL, TFE_CMSG_UPSTREAM_TCP_USER_TIMEOUT, - TFE_CMSG_HIT_NO_INTERCEPT, // size uint8_t + TFE_CMSG_HIT_NO_INTERCEPT, // size uint8_t TFE_CMSG_TCP_PASSTHROUGH, TFE_CMSG_TCP_DECRYPTED_TRAFFIC_STEERING, - /* Share tsg scan result */ - TFE_CMSG_SRC_SUB_ID, // string max size 256 - TFE_CMSG_DST_SUB_ID, // string max size 256 - // ASN Value - TFE_CMSG_SRC_ASN_VAL, // uint64_t - TFE_CMSG_DST_ASN_VAL, // uint64_t - // ASN ID - TFE_CMSG_SRC_ASN_ID, // uint64_t - TFE_CMSG_DST_ASN_ID, // uint64_t - // Geo Location String - TFE_CMSG_SRC_REGION_STR, // string max size 256 - TFE_CMSG_DST_REGION_STR, // string max size 256 - TFE_CMSG_SRC_PROVINCE_STR, // string max size 256 - TFE_CMSG_DST_PROVINCE_STR, // string max size 256 - TFE_CMSG_SRC_CITY_STR, // string max size 256 - TFE_CMSG_DST_CITY_STR, // string max size 256 - TFE_CMSG_SRC_SUBDIVISION_STR, // string max size 256 - TFE_CMSG_DST_SUBDIVISION_STR, // string max size 256 - // Geo Location Object ID - TFE_CMSG_SRC_REGION_ID, // uint64_t - TFE_CMSG_DST_REGION_ID, // uint64_t - TFE_CMSG_SRC_PROVINCE_ID, // uint64_t - TFE_CMSG_DST_PROVINCE_ID, // uint64_t - TFE_CMSG_SRC_CITY_ID, // uint64_t - TFE_CMSG_DST_CITY_ID, // uint64_t - TFE_CMSG_SRC_SUBDIVISION_ID, // uint64_t - TFE_CMSG_DST_SUBDIVISION_ID, // uint64_t + TFE_CMSG_SRC_SUB_ID, // string max size 256 /* SSL ja3 fingerprint */ - TFE_CMSG_SSL_CLIENT_JA3_FINGERPRINT, // string max size 32 + TFE_CMSG_SSL_CLIENT_JA3_FINGERPRINT,// string max size 32 // according to KNI -> MESA_dir_link_to_human() // 'E' or 'e': 表示发包方向是从Internal to External. // 'I' or 'i': 表示发包方向是从External to Internal. - TFE_CMSG_COMMON_DIRECTION, // unsigned int - TFE_CMSG_SSL_PASSTHROUGH_REASON, // string max size 32 - TFE_CMSG_POLICY_VSYS_ID, // unsigned int - TFE_CMSG_POLICY_DO_LOG, // unsigned int + TFE_CMSG_COMMON_DIRECTION, // unsigned int + TFE_CMSG_SSL_PASSTHROUGH_REASON, // string max size 32 + TFE_CMSG_POLICY_VSYS_ID, // unsigned int + TFE_CMSG_POLICY_DO_LOG, // unsigned int + + TFE_CMSG_INCOMING_LINK_ID, // uint16_t + TFE_CMSG_OUTGOING_LINK_ID, // uint16_t + + TFE_CMSG_SRC_IMSI_STR, // string max size 256 + TFE_CMSG_SRC_IMEI_STR, // string max size 256 + TFE_CMSG_SRC_PHONE_NUM_STR, // string max size 256 + TFE_CMSG_SRC_APN_STR, // string max size 256 + + TFE_CMSG_SRC_IP_TAGS_IDS_STR, // string max size 21 * 128 = 2688, example: "1,2,3,4,5" + TFE_CMSG_DST_IP_TAGS_IDS_STR, // string max size 21 * 128 = 2688, example: "1,2,3,4,5" + TFE_CMSG_FQDN_TAGS_IDS_STR, // string max size 21 * 128 = 2688, example: "1,2,3,4,5" + /* Add new cmsg here */ /* Add new cmsg here */ /* Add new cmsg here */ diff --git a/common/src/tfe_ctrl_packet.cpp b/common/src/tfe_ctrl_packet.cpp index ccc05e3..d81e811 100644 --- a/common/src/tfe_ctrl_packet.cpp +++ b/common/src/tfe_ctrl_packet.cpp @@ -7,6 +7,8 @@ #include "tfe_utils.h" #include "tfe_ctrl_packet.h" +#define TAGS_IDS_STR_LEN 4096 + enum ctr_pkt_index { INDEX_TSYNC = 0, @@ -29,16 +31,15 @@ enum { }; enum { - MPACK_ARRAY_SRC_IP_LOCATION, - MPACK_ARRAY_DST_IP_LOCATION, - MPACK_ARRAY_SRC_IP_LOCATION_OBJ_ID, - MPACK_ARRAY_DST_IP_LOCATION_OBJ_ID, MPACK_ARRAY_SEQ_SIDS, MPACK_ARRAY_ACK_SIDS, MPACK_ARRAY_SEQ_ROUTE_CTX, MPACK_ARRAY_ACK_ROUTE_CTX, MPACK_ARRAY_SEQ_PKT_HEADER, MPACK_ARRAY_ACK_PKT_HEADER, + MPACK_ARRAY_SRC_IP_TAGS_IDS, + MPACK_ARRAY_DST_IP_TAGS_IDS, + MPACK_ARRAY_FQDN_TAGS_IDS, MPACK_ARRAY_MAX, }; @@ -52,27 +53,21 @@ enum { }; enum { - INDEX_SRC_IP_LOCATION, - INDEX_DST_IP_LOCATION, - INDEX_SRC_IP_LOCATION_OBJ_ID, - INDEX_DST_IP_LOCATION_OBJ_ID, + INDEX_SRC_IP_TAGS_IDS, + INDEX_DST_IP_TAGS_IDS, + INDEX_FQDN_TAGS_IDS, }; -int ip_location_cmsg_map[4][4] = { - {TFE_CMSG_SRC_REGION_STR, TFE_CMSG_SRC_PROVINCE_STR, TFE_CMSG_SRC_CITY_STR, TFE_CMSG_SRC_SUBDIVISION_STR}, - {TFE_CMSG_DST_REGION_STR, TFE_CMSG_DST_PROVINCE_STR, TFE_CMSG_DST_CITY_STR, TFE_CMSG_DST_SUBDIVISION_STR}, - {TFE_CMSG_SRC_REGION_ID, TFE_CMSG_SRC_PROVINCE_ID, TFE_CMSG_SRC_CITY_ID, TFE_CMSG_SRC_SUBDIVISION_ID}, - {TFE_CMSG_DST_REGION_ID, TFE_CMSG_DST_PROVINCE_ID, TFE_CMSG_DST_CITY_ID, TFE_CMSG_DST_SUBDIVISION_ID} +int tags_ids_cmsg_maps[] = { + [INDEX_SRC_IP_TAGS_IDS] = TFE_CMSG_SRC_IP_TAGS_IDS_STR, + [INDEX_DST_IP_TAGS_IDS] = TFE_CMSG_DST_IP_TAGS_IDS_STR, + [INDEX_FQDN_TAGS_IDS] = TFE_CMSG_FQDN_TAGS_IDS_STR, }; -struct ip_location_string_s { - const char *name[4]; -}; -struct ip_location_string_s ip_location_string_map[4] = { - {"TFE_CMSG_SRC_REGION_STR", "TFE_CMSG_SRC_PROVINCE_STR", "TFE_CMSG_SRC_CITY_STR", "TFE_CMSG_SRC_SUBDIVISION_STR"}, - {"TFE_CMSG_DST_REGION_STR", "TFE_CMSG_DST_PROVINCE_STR", "TFE_CMSG_DST_CITY_STR", "TFE_CMSG_DST_SUBDIVISION_STR"}, - {"TFE_CMSG_SRC_REGION_ID", "TFE_CMSG_SRC_PROVINCE_ID", "TFE_CMSG_SRC_CITY_ID", "TFE_CMSG_SRC_SUBDIVISION_ID"}, - {"TFE_CMSG_DST_REGION_ID", "TFE_CMSG_DST_PROVINCE_ID", "TFE_CMSG_DST_CITY_ID", "TFE_CMSG_DST_SUBDIVISION_ID"} +char *tags_ids_cmsg_name_maps[] = { + [INDEX_SRC_IP_TAGS_IDS] = "TFE_CMSG_SRC_IP_TAGS_IDS_STR", + [INDEX_DST_IP_TAGS_IDS] = "TFE_CMSG_DST_IP_TAGS_IDS_STR", + [INDEX_FQDN_TAGS_IDS] = "TFE_CMSG_FQDN_TAGS_IDS_STR", }; struct mpack_mmap_id2type @@ -100,17 +95,17 @@ struct mpack_mmap_id2type {.id = 14, .mode = CMSG_MODE, .type = TFE_CMSG_TCP_RESTORE_WINDOW_SERVER, .str_name = "TFE_CMSG_TCP_RESTORE_WINDOW_SERVER", .size = 2}, {.id = 15, .mode = CMSG_MODE, .type = TFE_CMSG_TCP_RESTORE_TS_CLIENT_VAL, .str_name = "TFE_CMSG_TCP_RESTORE_TS_CLIENT_VAL", .size = 4}, {.id = 16, .mode = CMSG_MODE, .type = TFE_CMSG_TCP_RESTORE_TS_SERVER_VAL, .str_name = "TFE_CMSG_TCP_RESTORE_TS_SERVER_VAL", .size = 4}, - {.id = 17, .mode = CMSG_MODE, .type = TFE_CMSG_TCP_RESTORE_INFO_PACKET_CUR_DIR, .str_name = "TFE_CMSG_TCP_RESTORE_INFO_PACKET_CUR_DIR", .size = 1}, - {.id = 18, .mode = CMSG_MODE, .type = TFE_CMSG_SRC_SUB_ID, .str_name = "TFE_CMSG_SRC_SUB_ID", .size = 256}, - {.id = 19, .mode = CMSG_MODE, .type = TFE_CMSG_DST_SUB_ID, .str_name = "TFE_CMSG_DST_SUB_ID", .size = 256}, - {.id = 20, .mode = CMSG_MODE, .type = TFE_CMSG_SRC_ASN_VAL, .str_name = "TFE_CMSG_SRC_ASN_VAL", .size = 8}, - {.id = 21, .mode = CMSG_MODE, .type = TFE_CMSG_DST_ASN_VAL, .str_name = "TFE_CMSG_DST_ASN_VAL", .size = 8}, - {.id = 22, .mode = CMSG_MODE, .type = TFE_CMSG_SRC_ASN_ID, .str_name = "TFE_CMSG_SRC_ASN_ID", .size = 8}, - {.id = 23, .mode = CMSG_MODE, .type = TFE_CMSG_DST_ASN_ID, .str_name = "TFE_CMSG_DST_ASN_ID", .size = 8}, - {.id = 24, .mode = ARRAY_MODE, .type = MPACK_ARRAY_SRC_IP_LOCATION, .str_name = "MPACK_ARRAY_SRC_IP_LOCATION", .size = 256}, - {.id = 25, .mode = ARRAY_MODE, .type = MPACK_ARRAY_DST_IP_LOCATION, .str_name = "MPACK_ARRAY_DST_IP_LOCATION", .size = 256}, - {.id = 26, .mode = ARRAY_MODE, .type = MPACK_ARRAY_SRC_IP_LOCATION_OBJ_ID, .str_name = "MPACK_ARRAY_SRC_IP_LOCATION_OBJ_ID", .size = 8}, - {.id = 27, .mode = ARRAY_MODE, .type = MPACK_ARRAY_DST_IP_LOCATION_OBJ_ID, .str_name = "MPACK_ARRAY_DST_IP_LOCATION_OBJ_ID", .size = 8}, + {.id = 17, .mode = CMSG_MODE, .type = TFE_CMSG_TCP_RESTORE_INFO_PACKET_CUR_DIR, .str_name = "TFE_CMSG_TCP_RESTORE_INFO_PACKET_CUR_DIR", .size = 1}, + {.id = 18, .mode = CMSG_MODE, .type = TFE_CMSG_INCOMING_LINK_ID, .str_name = "TFE_CMSG_INCOMING_LINK_ID", .size = 2}, + {.id = 19, .mode = CMSG_MODE, .type = TFE_CMSG_OUTGOING_LINK_ID, .str_name = "TFE_CMSG_OUTGOING_LINK_ID", .size = 2}, + {.id = 20, .mode = CMSG_MODE, .type = TFE_CMSG_SRC_SUB_ID, .str_name = "TFE_CMSG_SRC_SUB_ID", .size = 256}, + {.id = 21, .mode = CMSG_MODE, .type = TFE_CMSG_SRC_IMSI_STR, .str_name = "TFE_CMSG_SRC_IMSI_STR", .size = 256}, + {.id = 22, .mode = CMSG_MODE, .type = TFE_CMSG_SRC_IMEI_STR, .str_name = "TFE_CMSG_SRC_IMEI_STR", .size = 256}, + {.id = 23, .mode = CMSG_MODE, .type = TFE_CMSG_SRC_PHONE_NUM_STR, .str_name = "TFE_CMSG_SRC_PHONE_NUM_STR", .size = 256}, + {.id = 24, .mode = CMSG_MODE, .type = TFE_CMSG_SRC_APN_STR, .str_name = "TFE_CMSG_SRC_APN_STR", .size = 256}, + {.id = 25, .mode = ARRAY_MODE, .type = MPACK_ARRAY_SRC_IP_TAGS_IDS, .str_name = "TFE_SRC_IP_TAGS_IDS", .size = 8}, + {.id = 26, .mode = ARRAY_MODE, .type = MPACK_ARRAY_DST_IP_TAGS_IDS, .str_name = "TFE_DST_IP_TAGS_IDS", .size = 8}, + {.id = 27, .mode = ARRAY_MODE, .type = MPACK_ARRAY_FQDN_TAGS_IDS, .str_name = "TFE_FQDN_TAGS_IDS", .size = 8}, {.id = 28, .mode = CMSG_MODE, .type = TFE_CMSG_SSL_CLIENT_JA3_FINGERPRINT, .str_name = "TFE_CMSG_SSL_CLIENT_JA3_FINGERPRINT", .size = 32}, {.id = 29, .mode = ARRAY_MODE, .type = MPACK_ARRAY_SEQ_SIDS, .str_name = "TFE_SEQ_SIDS", .size = 2}, {.id = 30, .mode = ARRAY_MODE, .type = MPACK_ARRAY_ACK_SIDS, .str_name = "TFE_ACK_SIDS", .size = 2}, @@ -172,54 +167,23 @@ static int pkt_header_parse_mpack(struct ctrl_pkt_parser *handler, mpack_node_t return 0; } -static int ip_location_array_parse_mpack(struct ctrl_pkt_parser *handler, mpack_node_t node, int map_index) +static int tags_ids_array_parse_mpack(struct ctrl_pkt_parser *handler, mpack_node_t node, int map_index) { - char location_str[1024] = {0}; + uint64_t value = 0; + int tags_ids_len = 0; + char tags_ids_str[TAGS_IDS_STR_LEN] = {0}; uint32_t array_cnt = mpack_node_array_length(node); - if (array_cnt != 4) { - TFE_LOG_ERROR(g_packet_io_logger, "%s: session %lu unexpected control packet: (%s ip location array count[%u] != [4])", LOG_TAG_CTRLPKT, handler->session_id, map_index==INDEX_SRC_IP_LOCATION ? "src" : "dst", array_cnt); - return -1; + if (!array_cnt) + return 0; + + for (uint32_t i = 0; i < array_cnt; i++) + { + value = mpack_node_u64(mpack_node_array_at(node, i)); + tags_ids_len += snprintf(tags_ids_str+tags_ids_len, TAGS_IDS_STR_LEN-tags_ids_len, "%s%lu", i==0?"":",", value); } - for (uint32_t i = 0; i < array_cnt; i++) { - mpack_node_t ptr = mpack_node_array_at(node, i); - switch (mpack_node_type(ptr)) { - case mpack_type_str: - if (mpack_node_strlen(ptr) == 0) - break; - memset(location_str, 0, sizeof(location_str)); - mpack_node_copy_cstr(ptr, location_str, sizeof(location_str)); - tfe_cmsg_set(handler->cmsg, (enum tfe_cmsg_tlv_type)ip_location_cmsg_map[map_index][i], (const unsigned char*)location_str, mpack_node_strlen(ptr)); - break; - default: - break; - } - } - return 0; -} - -static int ip_location_obj_id_array_parse_mpack(struct ctrl_pkt_parser *handler, mpack_node_t node, int map_index) -{ - uint64_t object_id = 0; - - uint32_t array_cnt = mpack_node_array_length(node); - if (array_cnt != 4) { - TFE_LOG_ERROR(g_packet_io_logger, "%s: session %lu unexpected control packet: (%s ip location array count[%u] != [4])", LOG_TAG_CTRLPKT, handler->session_id, map_index==INDEX_SRC_IP_LOCATION_OBJ_ID ? "src" : "dst", array_cnt); - return -1; - } - - for (uint32_t i = 0; i < array_cnt; i++) { - mpack_node_t ptr = mpack_node_array_at(node, i); - switch (mpack_node_type(ptr)) { - case mpack_type_uint: - object_id = mpack_node_u64(ptr); - tfe_cmsg_set(handler->cmsg, (enum tfe_cmsg_tlv_type)ip_location_cmsg_map[map_index][i], (const unsigned char*)&object_id, 8); - break; - default: - break; - } - } + tfe_cmsg_set(handler->cmsg, (enum tfe_cmsg_tlv_type)tags_ids_cmsg_maps[map_index], (const unsigned char*)tags_ids_str, tags_ids_len); return 0; } @@ -316,6 +280,15 @@ static int mpack_parse_array(struct ctrl_pkt_parser *handler, mpack_node_t node, return -1; switch(mpack_table[table_index].type) { + case MPACK_ARRAY_SRC_IP_TAGS_IDS: + tags_ids_array_parse_mpack(handler, node, INDEX_SRC_IP_TAGS_IDS); + break; + case MPACK_ARRAY_DST_IP_TAGS_IDS: + tags_ids_array_parse_mpack(handler, node, INDEX_DST_IP_TAGS_IDS); + break; + case MPACK_ARRAY_FQDN_TAGS_IDS: + tags_ids_array_parse_mpack(handler, node, INDEX_FQDN_TAGS_IDS); + break; case MPACK_ARRAY_SEQ_ROUTE_CTX: ret = route_ctx_parse_mpack(handler, node, 1); if (ret != 0) @@ -346,26 +319,6 @@ static int mpack_parse_array(struct ctrl_pkt_parser *handler, mpack_node_t node, if (ret != 0) return -1; break; - case MPACK_ARRAY_SRC_IP_LOCATION: - ret = ip_location_array_parse_mpack(handler, node, INDEX_SRC_IP_LOCATION); - if (ret != 0) - return -1; - break; - case MPACK_ARRAY_DST_IP_LOCATION: - ret = ip_location_array_parse_mpack(handler, node, INDEX_DST_IP_LOCATION); - if (ret != 0) - return -1; - break; - case MPACK_ARRAY_SRC_IP_LOCATION_OBJ_ID: - ret = ip_location_obj_id_array_parse_mpack(handler, node, INDEX_SRC_IP_LOCATION_OBJ_ID); - if (ret != 0) - return -1; - break; - case MPACK_ARRAY_DST_IP_LOCATION_OBJ_ID: - ret = ip_location_obj_id_array_parse_mpack(handler, node, INDEX_DST_IP_LOCATION_OBJ_ID); - if (ret != 0) - return -1; - break; default: break; } @@ -580,6 +533,7 @@ void ctrl_packet_cmsg_destroy(struct ctrl_pkt_parser *handler) } } +#define LOG_STR_LEN 8192 void ctrl_packet_parser_dump(struct ctrl_pkt_parser *handler, void *logger) { int ret = 0; @@ -590,29 +544,30 @@ void ctrl_packet_parser_dump(struct ctrl_pkt_parser *handler, void *logger) int header_len = 0; struct sids *sid = NULL; int map_index = 0; + char *log_str = NULL; + char tags_ids_str[4096] = {0}; + int log_len = 0; + log_str = (char *)calloc(1, LOG_STR_LEN); if (handler) { - int log_len = 0; - char log_str[4096] = {0}; - - log_len += snprintf(log_str + log_len, sizeof(log_str) - log_len, "%s: tsync: %s, session_id: %lu, state: %s, method: %s", + log_len += snprintf(log_str + log_len, LOG_STR_LEN - log_len, "%s: tsync: %s, session_id: %lu, state: %s, method: %s", LOG_TAG_CTRLPKT, handler->tsync, handler->session_id, session_state_to_string(handler->state), handler->method ); - log_len += snprintf(log_str + log_len, sizeof(log_str) - log_len, ", tfe policy_id_num: %d, tfe policy_ids[", handler->tfe_policy_id_num); + log_len += snprintf(log_str + log_len, LOG_STR_LEN - log_len, ", tfe policy_id_num: %d, tfe policy_ids[", handler->tfe_policy_id_num); for (int i = 0; i < handler->tfe_policy_id_num; i++) { - log_len += snprintf(log_str + log_len, sizeof(log_str) - log_len, "%03lu ", handler->tfe_policy_ids[i]); + log_len += snprintf(log_str + log_len, LOG_STR_LEN - log_len, "%03lu ", handler->tfe_policy_ids[i]); } - log_len += snprintf(log_str + log_len, sizeof(log_str) - log_len, "], sce policy_id_num: %d, sce policy_ids[", handler->sce_policy_id_num); + log_len += snprintf(log_str + log_len, LOG_STR_LEN - log_len, "], sce policy_id_num: %d, sce policy_ids[", handler->sce_policy_id_num); for (int i = 0; i < handler->sce_policy_id_num; i++) { - log_len += snprintf(log_str + log_len, sizeof(log_str) - log_len, "%03lu ", handler->sce_policy_ids[i]); + log_len += snprintf(log_str + log_len, LOG_STR_LEN - log_len, "%03lu ", handler->sce_policy_ids[i]); } - log_len += snprintf(log_str + log_len, sizeof(log_str) - log_len, "]"); + log_len += snprintf(log_str + log_len, LOG_STR_LEN - log_len, "]"); int mpack_table_num = sizeof(mpack_table)/sizeof(struct mpack_mmap_id2type); for (int i = 0; i < mpack_table_num; i++) { @@ -620,70 +575,62 @@ void ctrl_packet_parser_dump(struct ctrl_pkt_parser *handler, void *logger) memset(cmsg_data, 0, sizeof(cmsg_data)); ret = tfe_cmsg_get_value(handler->cmsg, (enum tfe_cmsg_tlv_type)mpack_table[i].type, (unsigned char *)cmsg_data, mpack_table[i].size, &size); if (ret < 0) { - log_len += snprintf(log_str + log_len, sizeof(log_str) - log_len, ", %s:null", mpack_table[i].str_name); + log_len += snprintf(log_str + log_len, LOG_STR_LEN - log_len, ", %s:null", mpack_table[i].str_name); continue; } if (mpack_table[i].size <= 8) - log_len += snprintf(log_str + log_len, sizeof(log_str) - log_len, ", %s:%lu", mpack_table[i].str_name, *((uint64_t *)cmsg_data)); + log_len += snprintf(log_str + log_len, LOG_STR_LEN - log_len, ", %s:%lu", mpack_table[i].str_name, *((uint64_t *)cmsg_data)); else - log_len += snprintf(log_str + log_len, sizeof(log_str) - log_len, ", %s:%s", mpack_table[i].str_name, cmsg_data); + log_len += snprintf(log_str + log_len, LOG_STR_LEN - log_len, ", %s:%s", mpack_table[i].str_name, cmsg_data); } else if (mpack_table[i].mode == ARRAY_MODE) { switch(mpack_table[i].type) { + case MPACK_ARRAY_SRC_IP_TAGS_IDS: + case MPACK_ARRAY_DST_IP_TAGS_IDS: + case MPACK_ARRAY_FQDN_TAGS_IDS: + if (mpack_table[i].type == MPACK_ARRAY_SRC_IP_TAGS_IDS) + map_index = INDEX_SRC_IP_TAGS_IDS; + else if (mpack_table[i].type == MPACK_ARRAY_DST_IP_TAGS_IDS) + map_index = INDEX_DST_IP_TAGS_IDS; + else if (mpack_table[i].type == MPACK_ARRAY_FQDN_TAGS_IDS) + map_index = INDEX_FQDN_TAGS_IDS; + + memset(tags_ids_str, 0, sizeof(tags_ids_str)); + ret = tfe_cmsg_get_value(handler->cmsg, (enum tfe_cmsg_tlv_type)tags_ids_cmsg_maps[map_index], (unsigned char *)tags_ids_str, sizeof(tags_ids_str), &size); + if (ret < 0) { + log_len += snprintf(log_str + log_len, LOG_STR_LEN - log_len, ", %s:null", tags_ids_cmsg_name_maps[map_index]); + break; + } + log_len += snprintf(log_str + log_len, LOG_STR_LEN - log_len, ", %s:%s", tags_ids_cmsg_name_maps[map_index], tags_ids_str); + break; case MPACK_ARRAY_SEQ_ROUTE_CTX: case MPACK_ARRAY_ACK_ROUTE_CTX: route_ctx = mpack_table[i].type == MPACK_ARRAY_SEQ_ROUTE_CTX ? &handler->seq_route_ctx : &handler->ack_route_ctx; - log_len += snprintf(log_str + log_len, sizeof(log_str) - log_len, ", %s ROUTE CTX len:%d, data:[", mpack_table[i].type == MPACK_ARRAY_SEQ_ROUTE_CTX ? "SEQ" : "ACK", route_ctx->len); + log_len += snprintf(log_str + log_len, LOG_STR_LEN - log_len, ", %s ROUTE CTX len:%d, data:[", mpack_table[i].type == MPACK_ARRAY_SEQ_ROUTE_CTX ? "SEQ" : "ACK", route_ctx->len); for (int j = 0; j < route_ctx->len; j++) { - log_len += snprintf(log_str + log_len, sizeof(log_str) - log_len, "%02x ", route_ctx->data[j]&0xff); + log_len += snprintf(log_str + log_len, LOG_STR_LEN - log_len, "%02x ", route_ctx->data[j]&0xff); } - log_len += snprintf(log_str + log_len, sizeof(log_str) - log_len, "]"); + log_len += snprintf(log_str + log_len, LOG_STR_LEN - log_len, "]"); break; case MPACK_ARRAY_SEQ_PKT_HEADER: case MPACK_ARRAY_ACK_PKT_HEADER: header = mpack_table[i].type == MPACK_ARRAY_SEQ_PKT_HEADER ? handler->seq_header : handler->ack_header; header_len = mpack_table[i].type == MPACK_ARRAY_SEQ_PKT_HEADER ? handler->seq_len : handler->ack_len; - log_len += snprintf(log_str + log_len, sizeof(log_str) - log_len, ", %s HEADER len:%d, data:[", mpack_table[i].type == MPACK_ARRAY_SEQ_PKT_HEADER ? "SEQ" : "ACK", header_len); + log_len += snprintf(log_str + log_len, LOG_STR_LEN - log_len, ", %s HEADER len:%d, data:[", mpack_table[i].type == MPACK_ARRAY_SEQ_PKT_HEADER ? "SEQ" : "ACK", header_len); for (int j = 0; j < header_len; j++) { - log_len += snprintf(log_str + log_len, sizeof(log_str) - log_len, "%02x ", header[j]&0xff); + log_len += snprintf(log_str + log_len, LOG_STR_LEN - log_len, "%02x ", header[j]&0xff); } - log_len += snprintf(log_str + log_len, sizeof(log_str) - log_len, "]"); + log_len += snprintf(log_str + log_len, LOG_STR_LEN - log_len, "]"); break; case MPACK_ARRAY_SEQ_SIDS: case MPACK_ARRAY_ACK_SIDS: sid = mpack_table[i].type == MPACK_ARRAY_SEQ_SIDS ? &handler->seq_sids : &handler->ack_sids; - log_len += snprintf(log_str + log_len, sizeof(log_str) - log_len, ", %s SID count:%d, data:[", mpack_table[i].type == MPACK_ARRAY_SEQ_SIDS ? "SEQ" : "ACK", sid->num); + log_len += snprintf(log_str + log_len, LOG_STR_LEN - log_len, ", %s SID count:%d, data:[", mpack_table[i].type == MPACK_ARRAY_SEQ_SIDS ? "SEQ" : "ACK", sid->num); for (int j = 0; j < sid->num; j++) { - log_len += snprintf(log_str + log_len, sizeof(log_str) - log_len, "%hu ", sid->elems[j]); - } - log_len += snprintf(log_str + log_len, sizeof(log_str) - log_len, "]"); - break; - case MPACK_ARRAY_SRC_IP_LOCATION: - case MPACK_ARRAY_DST_IP_LOCATION: - map_index = mpack_table[i].type == MPACK_ARRAY_SRC_IP_LOCATION ? INDEX_SRC_IP_LOCATION : INDEX_DST_IP_LOCATION; - for (int j = 0; j < 4; j++) { - memset(cmsg_data, 0, sizeof(cmsg_data)); - ret = tfe_cmsg_get_value(handler->cmsg, (enum tfe_cmsg_tlv_type)ip_location_cmsg_map[map_index][j], (unsigned char *)cmsg_data, mpack_table[i].size, &size); - if (ret < 0) { - log_len += snprintf(log_str + log_len, sizeof(log_str) - log_len, ", %s:null", ip_location_string_map[map_index].name[j]); - continue; - } - log_len += snprintf(log_str + log_len, sizeof(log_str) - log_len, ", %s:%s", ip_location_string_map[map_index].name[j], cmsg_data); - } - break; - case MPACK_ARRAY_SRC_IP_LOCATION_OBJ_ID: - case MPACK_ARRAY_DST_IP_LOCATION_OBJ_ID: - map_index = mpack_table[i].type == MPACK_ARRAY_SRC_IP_LOCATION_OBJ_ID ? INDEX_SRC_IP_LOCATION_OBJ_ID : INDEX_DST_IP_LOCATION_OBJ_ID; - for (int j = 0; j < 4; j++) { - memset(cmsg_data, 0, sizeof(cmsg_data)); - ret = tfe_cmsg_get_value(handler->cmsg, (enum tfe_cmsg_tlv_type)ip_location_cmsg_map[map_index][j], (unsigned char *)cmsg_data, mpack_table[i].size, &size); - if (ret < 0) { - log_len += snprintf(log_str + log_len, sizeof(log_str) - log_len, ", %s:null", ip_location_string_map[map_index].name[j]); - continue; - } - log_len += snprintf(log_str + log_len, sizeof(log_str) - log_len, ", %s:%lu", ip_location_string_map[map_index].name[j], *((uint64_t *)cmsg_data)); + log_len += snprintf(log_str + log_len, LOG_STR_LEN - log_len, "%hu ", sid->elems[j]); } + log_len += snprintf(log_str + log_len, LOG_STR_LEN - log_len, "]"); break; default: break; @@ -692,13 +639,13 @@ void ctrl_packet_parser_dump(struct ctrl_pkt_parser *handler, void *logger) else if (mpack_table[i].mode == VARIABLE_MODE) { switch(mpack_table[i].type) { case MPACK_VAR_FLAG: - log_len += snprintf(log_str + log_len, sizeof(log_str) - log_len, ", %s:%hhu", mpack_table[i].str_name, handler->intercpet_data); + log_len += snprintf(log_str + log_len, LOG_STR_LEN - log_len, ", %s:%hhu", mpack_table[i].str_name, handler->intercpet_data); break; case MPACK_VAR_WSACLE_CLIENT_FLAG: - log_len += snprintf(log_str + log_len, sizeof(log_str) - log_len, ", %s:%hhu", mpack_table[i].str_name, handler->wsacle_client_flag); + log_len += snprintf(log_str + log_len, LOG_STR_LEN - log_len, ", %s:%hhu", mpack_table[i].str_name, handler->wsacle_client_flag); break; case MPACK_VAR_WSACLE_SERVER_FLAG: - log_len += snprintf(log_str + log_len, sizeof(log_str) - log_len, ", %s:%hhu", mpack_table[i].str_name, handler->wsacle_server_flag); + log_len += snprintf(log_str + log_len, LOG_STR_LEN - log_len, ", %s:%hhu", mpack_table[i].str_name, handler->wsacle_server_flag); break; default: break; @@ -706,5 +653,7 @@ void ctrl_packet_parser_dump(struct ctrl_pkt_parser *handler, void *logger) } } TFE_LOG_DEBUG(logger, "%s", log_str); + free(log_str); + log_str = NULL; } } diff --git a/common/src/tfe_scan.cpp b/common/src/tfe_scan.cpp index 7c2d08c..8bc8c97 100644 --- a/common/src/tfe_scan.cpp +++ b/common/src/tfe_scan.cpp @@ -115,9 +115,6 @@ int tfe_scan_internal_exteral_by_last_group(const struct tfe_stream *stream, lon } /**for Provisional compilation definitions**/ -#define TFE_CMSG_FQDN_TAGS_ID_STR 60 /*1,2,3,4,5*/ -#define TFE_CMSG_SRC_TAGS_ID_STR 61 /*11,12,13,14*/ -#define TFE_CMSG_DST_TAGS_ID_STR 62 /*6,7,8,9,10*/ #define TFE_CMSG_FQDN_TAGS_LOG_STR 63 /*"Category Name:Search Engines, Cloude Provider:aws, CDN Provider:aws, category_name: ab"*/ #define TFE_CMSG_SRC_TAGS_LOG_STR 64 /*"administrative_area:Singapore, country:Singapore", CDN Provider:Light CDN*/ #define TFE_CMSG_DST_TAGS_LOG_STR 65 /*"ASN:55967, CDN Provider:Light CDN, country:Hong Kong"*/ @@ -135,7 +132,7 @@ int tfe_scan_ip_tags(const struct tfe_stream *stream, long long *result, struct } char opt_val[128]={0}; uint16_t opt_out_size = 0; - int ret = tfe_cmsg_get_value(cmsg, (enum tfe_cmsg_tlv_type)TFE_CMSG_SRC_TAGS_ID_STR, (unsigned char *)opt_val, sizeof(opt_val), &opt_out_size); + int ret = tfe_cmsg_get_value(cmsg, (enum tfe_cmsg_tlv_type)TFE_CMSG_SRC_IP_TAGS_IDS_STR, (unsigned char *)opt_val, sizeof(opt_val), &opt_out_size); if(ret == 0) { n_tag_ids = tfe_get_tags_id_array(opt_val, tag_id_array); @@ -171,7 +168,7 @@ int tfe_scan_ip_tags(const struct tfe_stream *stream, long long *result, struct n_tag_ids=0; memset(tag_id_array, 0, sizeof(tag_id_array)); - ret = tfe_cmsg_get_value(cmsg, (enum tfe_cmsg_tlv_type)TFE_CMSG_DST_TAGS_ID_STR, (unsigned char *)opt_val, sizeof(opt_val), &opt_out_size); + ret = tfe_cmsg_get_value(cmsg, (enum tfe_cmsg_tlv_type)TFE_CMSG_DST_IP_TAGS_IDS_STR, (unsigned char *)opt_val, sizeof(opt_val), &opt_out_size); if(ret == 0) { n_tag_ids = tfe_get_tags_id_array(opt_val, tag_id_array); @@ -217,7 +214,7 @@ int tfe_scan_fqdn_tags(const struct tfe_stream *stream, long long *result, struc } char opt_val[128]={0}; uint16_t opt_out_size = 0; - int ret = tfe_cmsg_get_value(cmsg, (enum tfe_cmsg_tlv_type)TFE_CMSG_FQDN_TAGS_ID_STR, (unsigned char *)opt_val, sizeof(opt_val), &opt_out_size); + int ret = tfe_cmsg_get_value(cmsg, (enum tfe_cmsg_tlv_type)TFE_CMSG_FQDN_TAGS_IDS_STR, (unsigned char *)opt_val, sizeof(opt_val), &opt_out_size); if(ret == 0) { n_tag_ids = tfe_get_tags_id_array(opt_val, tag_id_array); @@ -460,11 +457,11 @@ int tfe_scan_subscribe_id(const struct tfe_stream *stream, long long *result, st { TFE_LOG_ERROR(logger, "fetch src sub id from cmsg failed, ret: %d addr: %s", scan_ret, stream->str_stream_info); } - scan_ret = tfe_cmsg_get_value(cmsg, TFE_CMSG_DST_SUB_ID, (unsigned char *)dest_subscribe_id, sizeof(dest_subscribe_id), &opt_out_size); - if (scan_ret != 0) - { - TFE_LOG_ERROR(logger, "fetch dst sub id from cmsg failed, ret: %d addr: %s", scan_ret, stream->str_stream_info); - } + // scan_ret = tfe_cmsg_get_value(cmsg, TFE_CMSG_DST_SUB_ID, (unsigned char *)dest_subscribe_id, sizeof(dest_subscribe_id), &opt_out_size); + // if (scan_ret != 0) + // { + // TFE_LOG_ERROR(logger, "fetch dst sub id from cmsg failed, ret: %d addr: %s", scan_ret, stream->str_stream_info); + // } } TFE_LOG_DEBUG(logger, "fetch src sub id:%s dst sub id:%s addr: %s", source_subscribe_id, dest_subscribe_id, stream->str_stream_info); diff --git a/common/test/test_mpack.cpp b/common/test/test_mpack.cpp index 268a23e..6a3aa83 100644 --- a/common/test/test_mpack.cpp +++ b/common/test/test_mpack.cpp @@ -31,31 +31,19 @@ void build_mpack_data(char **data, size_t *size) uint32_t ts_client_val = 4213358146; uint32_t ts_server_val = 1218524397; uint8_t packet_cur_dir = 1; + uint16_t incoming_link_id = 1; + uint16_t outgoing_link_id = 65535; uint8_t src_sub_id[256] = {0}; - uint8_t dst_sub_id[256] = {0}; - uint64_t src_asn_val = 7676; - uint64_t dst_asn_val = 7878; - uint64_t src_asn_id = 1234; - uint64_t dst_asn_id = 4321; - // ip location array - const char *src_ip_location[4] = { - "src_region", - "src_province", - "src_city", - "src_subdivision" - }; - const char *dst_ip_location[4] = { - "dst_region", - "dst_province", - "dst_city", - "dst_subdivision" - }; - - uint64_t src_ip_location_obj_id[4] = {1, 2, 3, 4}; - uint64_t dst_ip_location_obj_id[4] = {1, 2, 3, 4}; + char src_imsi[256] = "810035141486423"; + char src_imei[256] = "25762917001364"; + char src_phone_number[256] = "623335886431"; + char src_apn[256] = "www.lytest.com"; + uint64_t src_ip_tags_ids[] = {18446744073709551615ULL, 324137, 324129}; + uint64_t dst_ip_tags_ids[] = {324119, 18446744073709551615ULL, 324137, 324129}; + uint64_t fqdn_tags_ids[] = {324109, 324105, 18446744073709551615ULL, 324137, 324129}; uint8_t ja3_fingerprint[32] = {0}; - uint16_t seq_sid[4] = {1000, 1001, 1002, 1003}; - uint16_t ack_sid[4] = {1003, 1002, 1001, 1000}; + uint16_t seq_sid[] = {1000, 1001, 1002, 1003}; + uint16_t ack_sid[] = {1003, 1002, 1001, 1000}; uint8_t seq_route_ctx[] = {0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07}; uint8_t ack_route_ctx[] = {0x08, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F}; uint8_t seq_header[] = {0x00, 0x10, 0x20, 0x30, 0x40, 0x50, 0x60, 0x70}; @@ -116,39 +104,27 @@ void build_mpack_data(char **data, size_t *size) mpack_write_u32(&writer, ts_client_val); mpack_write_u32(&writer, ts_server_val); mpack_write_u8(&writer, packet_cur_dir); + mpack_write_u16(&writer, incoming_link_id); + mpack_write_u16(&writer, outgoing_link_id); mpack_write_str(&writer, (const char*)src_sub_id, 0); - mpack_write_str(&writer, (const char*)dst_sub_id, 0); - mpack_write_u64(&writer, src_asn_val); - mpack_write_u64(&writer, dst_asn_val); - mpack_write_u64(&writer, src_asn_id); - mpack_write_u64(&writer, dst_asn_id); + mpack_write_str(&writer, (const char*)src_imsi, strlen(src_imsi)); + mpack_write_str(&writer, (const char*)src_imei, strlen(src_imei)); + mpack_write_str(&writer, (const char*)src_phone_number, strlen(src_phone_number)); + mpack_write_str(&writer, (const char*)src_apn, strlen(src_apn)); mpack_build_array(&writer); - mpack_write_str(&writer, src_ip_location[0], strlen(src_ip_location[0])); - mpack_write_str(&writer, src_ip_location[1], strlen(src_ip_location[1])); - mpack_write_str(&writer, src_ip_location[2], strlen(src_ip_location[2])); - mpack_write_str(&writer, src_ip_location[3], strlen(src_ip_location[3])); mpack_complete_array(&writer); mpack_build_array(&writer); - mpack_write_str(&writer, dst_ip_location[0], strlen(dst_ip_location[0])); - mpack_write_str(&writer, dst_ip_location[1], strlen(dst_ip_location[1])); - mpack_write_str(&writer, dst_ip_location[2], strlen(dst_ip_location[2])); - mpack_write_str(&writer, dst_ip_location[3], strlen(dst_ip_location[3])); + for (size_t i = 0; i < sizeof(dst_ip_tags_ids)/sizeof(dst_ip_tags_ids[0]); i++) { + mpack_write_u64(&writer, dst_ip_tags_ids[i]); + } mpack_complete_array(&writer); mpack_build_array(&writer); - mpack_write_u64(&writer, src_ip_location_obj_id[0]); - mpack_write_u64(&writer, src_ip_location_obj_id[1]); - mpack_write_u64(&writer, src_ip_location_obj_id[2]); - mpack_write_u64(&writer, src_ip_location_obj_id[3]); - mpack_complete_array(&writer); - - mpack_build_array(&writer); - mpack_write_u64(&writer, dst_ip_location_obj_id[0]); - mpack_write_u64(&writer, dst_ip_location_obj_id[1]); - mpack_write_u64(&writer, dst_ip_location_obj_id[2]); - mpack_write_u64(&writer, dst_ip_location_obj_id[3]); + for (size_t i = 0; i < sizeof(fqdn_tags_ids)/sizeof(fqdn_tags_ids[0]); i++) { + mpack_write_u64(&writer, fqdn_tags_ids[i]); + } mpack_complete_array(&writer); mpack_write_str(&writer, (const char*)ja3_fingerprint, 0);