gfwleak/tango-tfe
Archived
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

TSG-22333 修改控制报文

Browse Source
This commit is contained in:
wangmenglan
2024-08-23 17:16:24 +08:00
parent c2c20d3310
commit 9e2b08ab53
4 changed files with 158 additions and 249 deletions
Download Patch File Download Diff File Expand all files Collapse all files

39
common/include/tfe_cmsg.h
View File

@@ -79,33 +79,7 @@ enum tfe_cmsg_tlv_type
TFE_CMSG_TCP_PASSTHROUGH,
TFE_CMSG_TCP_DECRYPTED_TRAFFIC_STEERING,
/* Share tsg scan result */
TFE_CMSG_SRC_SUB_ID, // string max size 256
TFE_CMSG_DST_SUB_ID, // string max size 256
// ASN Value
TFE_CMSG_SRC_ASN_VAL, // uint64_t
TFE_CMSG_DST_ASN_VAL, // uint64_t
// ASN ID
TFE_CMSG_SRC_ASN_ID, // uint64_t
TFE_CMSG_DST_ASN_ID, // uint64_t
// Geo Location String
TFE_CMSG_SRC_REGION_STR, // string max size 256
TFE_CMSG_DST_REGION_STR, // string max size 256
TFE_CMSG_SRC_PROVINCE_STR, // string max size 256
TFE_CMSG_DST_PROVINCE_STR, // string max size 256
TFE_CMSG_SRC_CITY_STR, // string max size 256
TFE_CMSG_DST_CITY_STR, // string max size 256
TFE_CMSG_SRC_SUBDIVISION_STR, // string max size 256
TFE_CMSG_DST_SUBDIVISION_STR, // string max size 256
// Geo Location Object ID
TFE_CMSG_SRC_REGION_ID, // uint64_t
TFE_CMSG_DST_REGION_ID, // uint64_t
TFE_CMSG_SRC_PROVINCE_ID, // uint64_t
TFE_CMSG_DST_PROVINCE_ID, // uint64_t
TFE_CMSG_SRC_CITY_ID, // uint64_t
TFE_CMSG_DST_CITY_ID, // uint64_t
TFE_CMSG_SRC_SUBDIVISION_ID, // uint64_t
TFE_CMSG_DST_SUBDIVISION_ID, // uint64_t
/* SSL ja3 fingerprint */
TFE_CMSG_SSL_CLIENT_JA3_FINGERPRINT,// string max size 32
@@ -117,6 +91,19 @@ enum tfe_cmsg_tlv_type
TFE_CMSG_SSL_PASSTHROUGH_REASON, // string max size 32
TFE_CMSG_POLICY_VSYS_ID, // unsigned int
TFE_CMSG_POLICY_DO_LOG, // unsigned int
TFE_CMSG_INCOMING_LINK_ID, // uint16_t
TFE_CMSG_OUTGOING_LINK_ID, // uint16_t
TFE_CMSG_SRC_IMSI_STR, // string max size 256
TFE_CMSG_SRC_IMEI_STR, // string max size 256
TFE_CMSG_SRC_PHONE_NUM_STR, // string max size 256
TFE_CMSG_SRC_APN_STR, // string max size 256
TFE_CMSG_SRC_IP_TAGS_IDS_STR, // string max size 21 * 128 = 2688, example: "1,2,3,4,5"
TFE_CMSG_DST_IP_TAGS_IDS_STR, // string max size 21 * 128 = 2688, example: "1,2,3,4,5"
TFE_CMSG_FQDN_TAGS_IDS_STR, // string max size 21 * 128 = 2688, example: "1,2,3,4,5"
/* Add new cmsg here */
/* Add new cmsg here */
/* Add new cmsg here */

231
common/src/tfe_ctrl_packet.cpp
View File

@@ -7,6 +7,8 @@
#include "tfe_utils.h"
#include "tfe_ctrl_packet.h"
#define TAGS_IDS_STR_LEN 4096
enum ctr_pkt_index
{
INDEX_TSYNC = 0,
@@ -29,16 +31,15 @@ enum {
};
enum {
MPACK_ARRAY_SRC_IP_LOCATION,
MPACK_ARRAY_DST_IP_LOCATION,
MPACK_ARRAY_SRC_IP_LOCATION_OBJ_ID,
MPACK_ARRAY_DST_IP_LOCATION_OBJ_ID,
MPACK_ARRAY_SEQ_SIDS,
MPACK_ARRAY_ACK_SIDS,
MPACK_ARRAY_SEQ_ROUTE_CTX,
MPACK_ARRAY_ACK_ROUTE_CTX,
MPACK_ARRAY_SEQ_PKT_HEADER,
MPACK_ARRAY_ACK_PKT_HEADER,
MPACK_ARRAY_SRC_IP_TAGS_IDS,
MPACK_ARRAY_DST_IP_TAGS_IDS,
MPACK_ARRAY_FQDN_TAGS_IDS,
MPACK_ARRAY_MAX,
};
@@ -52,27 +53,21 @@ enum {
};
enum {
INDEX_SRC_IP_LOCATION,
INDEX_DST_IP_LOCATION,
INDEX_SRC_IP_LOCATION_OBJ_ID,
INDEX_DST_IP_LOCATION_OBJ_ID,
INDEX_SRC_IP_TAGS_IDS,
INDEX_DST_IP_TAGS_IDS,
INDEX_FQDN_TAGS_IDS,
};
int ip_location_cmsg_map[4][4] = {
{TFE_CMSG_SRC_REGION_STR, TFE_CMSG_SRC_PROVINCE_STR, TFE_CMSG_SRC_CITY_STR, TFE_CMSG_SRC_SUBDIVISION_STR},
{TFE_CMSG_DST_REGION_STR, TFE_CMSG_DST_PROVINCE_STR, TFE_CMSG_DST_CITY_STR, TFE_CMSG_DST_SUBDIVISION_STR},
{TFE_CMSG_SRC_REGION_ID, TFE_CMSG_SRC_PROVINCE_ID, TFE_CMSG_SRC_CITY_ID, TFE_CMSG_SRC_SUBDIVISION_ID},
{TFE_CMSG_DST_REGION_ID, TFE_CMSG_DST_PROVINCE_ID, TFE_CMSG_DST_CITY_ID, TFE_CMSG_DST_SUBDIVISION_ID}
int tags_ids_cmsg_maps[] = {
[INDEX_SRC_IP_TAGS_IDS] = TFE_CMSG_SRC_IP_TAGS_IDS_STR,
[INDEX_DST_IP_TAGS_IDS] = TFE_CMSG_DST_IP_TAGS_IDS_STR,
[INDEX_FQDN_TAGS_IDS] = TFE_CMSG_FQDN_TAGS_IDS_STR,
};
struct ip_location_string_s {
const char *name[4];
};
struct ip_location_string_s ip_location_string_map[4] = {
{"TFE_CMSG_SRC_REGION_STR", "TFE_CMSG_SRC_PROVINCE_STR", "TFE_CMSG_SRC_CITY_STR", "TFE_CMSG_SRC_SUBDIVISION_STR"},
{"TFE_CMSG_DST_REGION_STR", "TFE_CMSG_DST_PROVINCE_STR", "TFE_CMSG_DST_CITY_STR", "TFE_CMSG_DST_SUBDIVISION_STR"},
{"TFE_CMSG_SRC_REGION_ID", "TFE_CMSG_SRC_PROVINCE_ID", "TFE_CMSG_SRC_CITY_ID", "TFE_CMSG_SRC_SUBDIVISION_ID"},
{"TFE_CMSG_DST_REGION_ID", "TFE_CMSG_DST_PROVINCE_ID", "TFE_CMSG_DST_CITY_ID", "TFE_CMSG_DST_SUBDIVISION_ID"}
char *tags_ids_cmsg_name_maps[] = {
[INDEX_SRC_IP_TAGS_IDS] = "TFE_CMSG_SRC_IP_TAGS_IDS_STR",
[INDEX_DST_IP_TAGS_IDS] = "TFE_CMSG_DST_IP_TAGS_IDS_STR",
[INDEX_FQDN_TAGS_IDS] = "TFE_CMSG_FQDN_TAGS_IDS_STR",
};
struct mpack_mmap_id2type
@@ -101,16 +96,16 @@ struct mpack_mmap_id2type
{.id = 15, .mode = CMSG_MODE, .type = TFE_CMSG_TCP_RESTORE_TS_CLIENT_VAL, .str_name = "TFE_CMSG_TCP_RESTORE_TS_CLIENT_VAL", .size = 4},
{.id = 16, .mode = CMSG_MODE, .type = TFE_CMSG_TCP_RESTORE_TS_SERVER_VAL, .str_name = "TFE_CMSG_TCP_RESTORE_TS_SERVER_VAL", .size = 4},
{.id = 17, .mode = CMSG_MODE, .type = TFE_CMSG_TCP_RESTORE_INFO_PACKET_CUR_DIR, .str_name = "TFE_CMSG_TCP_RESTORE_INFO_PACKET_CUR_DIR", .size = 1},
{.id = 18, .mode = CMSG_MODE, .type = TFE_CMSG_SRC_SUB_ID, .str_name = "TFE_CMSG_SRC_SUB_ID", .size = 256},
{.id = 19, .mode = CMSG_MODE, .type = TFE_CMSG_DST_SUB_ID, .str_name = "TFE_CMSG_DST_SUB_ID", .size = 256},
{.id = 20, .mode = CMSG_MODE, .type = TFE_CMSG_SRC_ASN_VAL, .str_name = "TFE_CMSG_SRC_ASN_VAL", .size = 8},
{.id = 21, .mode = CMSG_MODE, .type = TFE_CMSG_DST_ASN_VAL, .str_name = "TFE_CMSG_DST_ASN_VAL", .size = 8},
{.id = 22, .mode = CMSG_MODE, .type = TFE_CMSG_SRC_ASN_ID, .str_name = "TFE_CMSG_SRC_ASN_ID", .size = 8},
{.id = 23, .mode = CMSG_MODE, .type = TFE_CMSG_DST_ASN_ID, .str_name = "TFE_CMSG_DST_ASN_ID", .size = 8},
{.id = 24, .mode = ARRAY_MODE, .type = MPACK_ARRAY_SRC_IP_LOCATION, .str_name = "MPACK_ARRAY_SRC_IP_LOCATION", .size = 256},
{.id = 25, .mode = ARRAY_MODE, .type = MPACK_ARRAY_DST_IP_LOCATION, .str_name = "MPACK_ARRAY_DST_IP_LOCATION", .size = 256},
{.id = 26, .mode = ARRAY_MODE, .type = MPACK_ARRAY_SRC_IP_LOCATION_OBJ_ID, .str_name = "MPACK_ARRAY_SRC_IP_LOCATION_OBJ_ID", .size = 8},
{.id = 27, .mode = ARRAY_MODE, .type = MPACK_ARRAY_DST_IP_LOCATION_OBJ_ID, .str_name = "MPACK_ARRAY_DST_IP_LOCATION_OBJ_ID", .size = 8},
{.id = 18, .mode = CMSG_MODE, .type = TFE_CMSG_INCOMING_LINK_ID, .str_name = "TFE_CMSG_INCOMING_LINK_ID", .size = 2},
{.id = 19, .mode = CMSG_MODE, .type = TFE_CMSG_OUTGOING_LINK_ID, .str_name = "TFE_CMSG_OUTGOING_LINK_ID", .size = 2},
{.id = 20, .mode = CMSG_MODE, .type = TFE_CMSG_SRC_SUB_ID, .str_name = "TFE_CMSG_SRC_SUB_ID", .size = 256},
{.id = 21, .mode = CMSG_MODE, .type = TFE_CMSG_SRC_IMSI_STR, .str_name = "TFE_CMSG_SRC_IMSI_STR", .size = 256},
{.id = 22, .mode = CMSG_MODE, .type = TFE_CMSG_SRC_IMEI_STR, .str_name = "TFE_CMSG_SRC_IMEI_STR", .size = 256},
{.id = 23, .mode = CMSG_MODE, .type = TFE_CMSG_SRC_PHONE_NUM_STR, .str_name = "TFE_CMSG_SRC_PHONE_NUM_STR", .size = 256},
{.id = 24, .mode = CMSG_MODE, .type = TFE_CMSG_SRC_APN_STR, .str_name = "TFE_CMSG_SRC_APN_STR", .size = 256},
{.id = 25, .mode = ARRAY_MODE, .type = MPACK_ARRAY_SRC_IP_TAGS_IDS, .str_name = "TFE_SRC_IP_TAGS_IDS", .size = 8},
{.id = 26, .mode = ARRAY_MODE, .type = MPACK_ARRAY_DST_IP_TAGS_IDS, .str_name = "TFE_DST_IP_TAGS_IDS", .size = 8},
{.id = 27, .mode = ARRAY_MODE, .type = MPACK_ARRAY_FQDN_TAGS_IDS, .str_name = "TFE_FQDN_TAGS_IDS", .size = 8},
{.id = 28, .mode = CMSG_MODE, .type = TFE_CMSG_SSL_CLIENT_JA3_FINGERPRINT, .str_name = "TFE_CMSG_SSL_CLIENT_JA3_FINGERPRINT", .size = 32},
{.id = 29, .mode = ARRAY_MODE, .type = MPACK_ARRAY_SEQ_SIDS, .str_name = "TFE_SEQ_SIDS", .size = 2},
{.id = 30, .mode = ARRAY_MODE, .type = MPACK_ARRAY_ACK_SIDS, .str_name = "TFE_ACK_SIDS", .size = 2},
@@ -172,54 +167,23 @@ static int pkt_header_parse_mpack(struct ctrl_pkt_parser *handler, mpack_node_t
return 0;
}
static int ip_location_array_parse_mpack(struct ctrl_pkt_parser *handler, mpack_node_t node, int map_index)
static int tags_ids_array_parse_mpack(struct ctrl_pkt_parser *handler, mpack_node_t node, int map_index)
{
char location_str[1024] = {0};
uint64_t value = 0;
int tags_ids_len = 0;
char tags_ids_str[TAGS_IDS_STR_LEN] = {0};
uint32_t array_cnt = mpack_node_array_length(node);
if (array_cnt != 4) {
TFE_LOG_ERROR(g_packet_io_logger, "%s: session %lu unexpected control packet: (%s ip location array count[%u] != [4])", LOG_TAG_CTRLPKT, handler->session_id, map_index==INDEX_SRC_IP_LOCATION ? "src" : "dst", array_cnt);
return -1;
}
for (uint32_t i = 0; i < array_cnt; i++) {
mpack_node_t ptr = mpack_node_array_at(node, i);
switch (mpack_node_type(ptr)) {
case mpack_type_str:
if (mpack_node_strlen(ptr) == 0)
break;
memset(location_str, 0, sizeof(location_str));
mpack_node_copy_cstr(ptr, location_str, sizeof(location_str));
tfe_cmsg_set(handler->cmsg, (enum tfe_cmsg_tlv_type)ip_location_cmsg_map[map_index][i], (const unsigned char*)location_str, mpack_node_strlen(ptr));
break;
default:
break;
}
}
if (!array_cnt)
return 0;
}
static int ip_location_obj_id_array_parse_mpack(struct ctrl_pkt_parser *handler, mpack_node_t node, int map_index)
for (uint32_t i = 0; i < array_cnt; i++)
{
uint64_t object_id = 0;
uint32_t array_cnt = mpack_node_array_length(node);
if (array_cnt != 4) {
TFE_LOG_ERROR(g_packet_io_logger, "%s: session %lu unexpected control packet: (%s ip location array count[%u] != [4])", LOG_TAG_CTRLPKT, handler->session_id, map_index==INDEX_SRC_IP_LOCATION_OBJ_ID ? "src" : "dst", array_cnt);
return -1;
value = mpack_node_u64(mpack_node_array_at(node, i));
tags_ids_len += snprintf(tags_ids_str+tags_ids_len, TAGS_IDS_STR_LEN-tags_ids_len, "%s%lu", i==0?"":",", value);
}
for (uint32_t i = 0; i < array_cnt; i++) {
mpack_node_t ptr = mpack_node_array_at(node, i);
switch (mpack_node_type(ptr)) {
case mpack_type_uint:
object_id = mpack_node_u64(ptr);
tfe_cmsg_set(handler->cmsg, (enum tfe_cmsg_tlv_type)ip_location_cmsg_map[map_index][i], (const unsigned char*)&object_id, 8);
break;
default:
break;
}
}
tfe_cmsg_set(handler->cmsg, (enum tfe_cmsg_tlv_type)tags_ids_cmsg_maps[map_index], (const unsigned char*)tags_ids_str, tags_ids_len);
return 0;
}
@@ -316,6 +280,15 @@ static int mpack_parse_array(struct ctrl_pkt_parser *handler, mpack_node_t node,
return -1;
switch(mpack_table[table_index].type) {
case MPACK_ARRAY_SRC_IP_TAGS_IDS:
tags_ids_array_parse_mpack(handler, node, INDEX_SRC_IP_TAGS_IDS);
break;
case MPACK_ARRAY_DST_IP_TAGS_IDS:
tags_ids_array_parse_mpack(handler, node, INDEX_DST_IP_TAGS_IDS);
break;
case MPACK_ARRAY_FQDN_TAGS_IDS:
tags_ids_array_parse_mpack(handler, node, INDEX_FQDN_TAGS_IDS);
break;
case MPACK_ARRAY_SEQ_ROUTE_CTX:
ret = route_ctx_parse_mpack(handler, node, 1);
if (ret != 0)
@@ -346,26 +319,6 @@ static int mpack_parse_array(struct ctrl_pkt_parser *handler, mpack_node_t node,
if (ret != 0)
return -1;
break;
case MPACK_ARRAY_SRC_IP_LOCATION:
ret = ip_location_array_parse_mpack(handler, node, INDEX_SRC_IP_LOCATION);
if (ret != 0)
return -1;
break;
case MPACK_ARRAY_DST_IP_LOCATION:
ret = ip_location_array_parse_mpack(handler, node, INDEX_DST_IP_LOCATION);
if (ret != 0)
return -1;
break;
case MPACK_ARRAY_SRC_IP_LOCATION_OBJ_ID:
ret = ip_location_obj_id_array_parse_mpack(handler, node, INDEX_SRC_IP_LOCATION_OBJ_ID);
if (ret != 0)
return -1;
break;
case MPACK_ARRAY_DST_IP_LOCATION_OBJ_ID:
ret = ip_location_obj_id_array_parse_mpack(handler, node, INDEX_DST_IP_LOCATION_OBJ_ID);
if (ret != 0)
return -1;
break;
default:
break;
}
@@ -580,6 +533,7 @@ void ctrl_packet_cmsg_destroy(struct ctrl_pkt_parser *handler)
}
}
#define LOG_STR_LEN 8192
void ctrl_packet_parser_dump(struct ctrl_pkt_parser *handler, void *logger)
{
int ret = 0;
@@ -590,29 +544,30 @@ void ctrl_packet_parser_dump(struct ctrl_pkt_parser *handler, void *logger)
int header_len = 0;
struct sids *sid = NULL;
int map_index = 0;
char *log_str = NULL;
char tags_ids_str[4096] = {0};
int log_len = 0;
log_str = (char *)calloc(1, LOG_STR_LEN);
if (handler) {
int log_len = 0;
char log_str[4096] = {0};
log_len += snprintf(log_str + log_len, sizeof(log_str) - log_len, "%s: tsync: %s, session_id: %lu, state: %s, method: %s",
log_len += snprintf(log_str + log_len, LOG_STR_LEN - log_len, "%s: tsync: %s, session_id: %lu, state: %s, method: %s",
LOG_TAG_CTRLPKT,
handler->tsync,
handler->session_id,
session_state_to_string(handler->state),
handler->method
);
log_len += snprintf(log_str + log_len, sizeof(log_str) - log_len, ", tfe policy_id_num: %d, tfe policy_ids[", handler->tfe_policy_id_num);
log_len += snprintf(log_str + log_len, LOG_STR_LEN - log_len, ", tfe policy_id_num: %d, tfe policy_ids[", handler->tfe_policy_id_num);
for (int i = 0; i < handler->tfe_policy_id_num; i++) {
log_len += snprintf(log_str + log_len, sizeof(log_str) - log_len, "%03lu ", handler->tfe_policy_ids[i]);
log_len += snprintf(log_str + log_len, LOG_STR_LEN - log_len, "%03lu ", handler->tfe_policy_ids[i]);
}
log_len += snprintf(log_str + log_len, sizeof(log_str) - log_len, "], sce policy_id_num: %d, sce policy_ids[", handler->sce_policy_id_num);
log_len += snprintf(log_str + log_len, LOG_STR_LEN - log_len, "], sce policy_id_num: %d, sce policy_ids[", handler->sce_policy_id_num);
for (int i = 0; i < handler->sce_policy_id_num; i++) {
log_len += snprintf(log_str + log_len, sizeof(log_str) - log_len, "%03lu ", handler->sce_policy_ids[i]);
log_len += snprintf(log_str + log_len, LOG_STR_LEN - log_len, "%03lu ", handler->sce_policy_ids[i]);
}
log_len += snprintf(log_str + log_len, sizeof(log_str) - log_len, "]");
log_len += snprintf(log_str + log_len, LOG_STR_LEN - log_len, "]");
int mpack_table_num = sizeof(mpack_table)/sizeof(struct mpack_mmap_id2type);
for (int i = 0; i < mpack_table_num; i++) {
@@ -620,70 +575,62 @@ void ctrl_packet_parser_dump(struct ctrl_pkt_parser *handler, void *logger)
memset(cmsg_data, 0, sizeof(cmsg_data));
ret = tfe_cmsg_get_value(handler->cmsg, (enum tfe_cmsg_tlv_type)mpack_table[i].type, (unsigned char *)cmsg_data, mpack_table[i].size, &size);
if (ret < 0) {
log_len += snprintf(log_str + log_len, sizeof(log_str) - log_len, ", %s:null", mpack_table[i].str_name);
log_len += snprintf(log_str + log_len, LOG_STR_LEN - log_len, ", %s:null", mpack_table[i].str_name);
continue;
}
if (mpack_table[i].size <= 8)
log_len += snprintf(log_str + log_len, sizeof(log_str) - log_len, ", %s:%lu", mpack_table[i].str_name, *((uint64_t *)cmsg_data));
log_len += snprintf(log_str + log_len, LOG_STR_LEN - log_len, ", %s:%lu", mpack_table[i].str_name, *((uint64_t *)cmsg_data));
else
log_len += snprintf(log_str + log_len, sizeof(log_str) - log_len, ", %s:%s", mpack_table[i].str_name, cmsg_data);
log_len += snprintf(log_str + log_len, LOG_STR_LEN - log_len, ", %s:%s", mpack_table[i].str_name, cmsg_data);
}
else if (mpack_table[i].mode == ARRAY_MODE) {
switch(mpack_table[i].type) {
case MPACK_ARRAY_SRC_IP_TAGS_IDS:
case MPACK_ARRAY_DST_IP_TAGS_IDS:
case MPACK_ARRAY_FQDN_TAGS_IDS:
if (mpack_table[i].type == MPACK_ARRAY_SRC_IP_TAGS_IDS)
map_index = INDEX_SRC_IP_TAGS_IDS;
else if (mpack_table[i].type == MPACK_ARRAY_DST_IP_TAGS_IDS)
map_index = INDEX_DST_IP_TAGS_IDS;
else if (mpack_table[i].type == MPACK_ARRAY_FQDN_TAGS_IDS)
map_index = INDEX_FQDN_TAGS_IDS;
memset(tags_ids_str, 0, sizeof(tags_ids_str));
ret = tfe_cmsg_get_value(handler->cmsg, (enum tfe_cmsg_tlv_type)tags_ids_cmsg_maps[map_index], (unsigned char *)tags_ids_str, sizeof(tags_ids_str), &size);
if (ret < 0) {
log_len += snprintf(log_str + log_len, LOG_STR_LEN - log_len, ", %s:null", tags_ids_cmsg_name_maps[map_index]);
break;
}
log_len += snprintf(log_str + log_len, LOG_STR_LEN - log_len, ", %s:%s", tags_ids_cmsg_name_maps[map_index], tags_ids_str);
break;
case MPACK_ARRAY_SEQ_ROUTE_CTX:
case MPACK_ARRAY_ACK_ROUTE_CTX:
route_ctx = mpack_table[i].type == MPACK_ARRAY_SEQ_ROUTE_CTX ? &handler->seq_route_ctx : &handler->ack_route_ctx;
log_len += snprintf(log_str + log_len, sizeof(log_str) - log_len, ", %s ROUTE CTX len:%d, data:[", mpack_table[i].type == MPACK_ARRAY_SEQ_ROUTE_CTX ? "SEQ" : "ACK", route_ctx->len);
log_len += snprintf(log_str + log_len, LOG_STR_LEN - log_len, ", %s ROUTE CTX len:%d, data:[", mpack_table[i].type == MPACK_ARRAY_SEQ_ROUTE_CTX ? "SEQ" : "ACK", route_ctx->len);
for (int j = 0; j < route_ctx->len; j++) {
log_len += snprintf(log_str + log_len, sizeof(log_str) - log_len, "%02x ", route_ctx->data[j]&0xff);
log_len += snprintf(log_str + log_len, LOG_STR_LEN - log_len, "%02x ", route_ctx->data[j]&0xff);
}
log_len += snprintf(log_str + log_len, sizeof(log_str) - log_len, "]");
log_len += snprintf(log_str + log_len, LOG_STR_LEN - log_len, "]");
break;
case MPACK_ARRAY_SEQ_PKT_HEADER:
case MPACK_ARRAY_ACK_PKT_HEADER:
header = mpack_table[i].type == MPACK_ARRAY_SEQ_PKT_HEADER ? handler->seq_header : handler->ack_header;
header_len = mpack_table[i].type == MPACK_ARRAY_SEQ_PKT_HEADER ? handler->seq_len : handler->ack_len;
log_len += snprintf(log_str + log_len, sizeof(log_str) - log_len, ", %s HEADER len:%d, data:[", mpack_table[i].type == MPACK_ARRAY_SEQ_PKT_HEADER ? "SEQ" : "ACK", header_len);
log_len += snprintf(log_str + log_len, LOG_STR_LEN - log_len, ", %s HEADER len:%d, data:[", mpack_table[i].type == MPACK_ARRAY_SEQ_PKT_HEADER ? "SEQ" : "ACK", header_len);
for (int j = 0; j < header_len; j++) {
log_len += snprintf(log_str + log_len, sizeof(log_str) - log_len, "%02x ", header[j]&0xff);
log_len += snprintf(log_str + log_len, LOG_STR_LEN - log_len, "%02x ", header[j]&0xff);
}
log_len += snprintf(log_str + log_len, sizeof(log_str) - log_len, "]");
log_len += snprintf(log_str + log_len, LOG_STR_LEN - log_len, "]");
break;
case MPACK_ARRAY_SEQ_SIDS:
case MPACK_ARRAY_ACK_SIDS:
sid = mpack_table[i].type == MPACK_ARRAY_SEQ_SIDS ? &handler->seq_sids : &handler->ack_sids;
log_len += snprintf(log_str + log_len, sizeof(log_str) - log_len, ", %s SID count:%d, data:[", mpack_table[i].type == MPACK_ARRAY_SEQ_SIDS ? "SEQ" : "ACK", sid->num);
log_len += snprintf(log_str + log_len, LOG_STR_LEN - log_len, ", %s SID count:%d, data:[", mpack_table[i].type == MPACK_ARRAY_SEQ_SIDS ? "SEQ" : "ACK", sid->num);
for (int j = 0; j < sid->num; j++) {
log_len += snprintf(log_str + log_len, sizeof(log_str) - log_len, "%hu ", sid->elems[j]);
}
log_len += snprintf(log_str + log_len, sizeof(log_str) - log_len, "]");
break;
case MPACK_ARRAY_SRC_IP_LOCATION:
case MPACK_ARRAY_DST_IP_LOCATION:
map_index = mpack_table[i].type == MPACK_ARRAY_SRC_IP_LOCATION ? INDEX_SRC_IP_LOCATION : INDEX_DST_IP_LOCATION;
for (int j = 0; j < 4; j++) {
memset(cmsg_data, 0, sizeof(cmsg_data));
ret = tfe_cmsg_get_value(handler->cmsg, (enum tfe_cmsg_tlv_type)ip_location_cmsg_map[map_index][j], (unsigned char *)cmsg_data, mpack_table[i].size, &size);
if (ret < 0) {
log_len += snprintf(log_str + log_len, sizeof(log_str) - log_len, ", %s:null", ip_location_string_map[map_index].name[j]);
continue;
}
log_len += snprintf(log_str + log_len, sizeof(log_str) - log_len, ", %s:%s", ip_location_string_map[map_index].name[j], cmsg_data);
}
break;
case MPACK_ARRAY_SRC_IP_LOCATION_OBJ_ID:
case MPACK_ARRAY_DST_IP_LOCATION_OBJ_ID:
map_index = mpack_table[i].type == MPACK_ARRAY_SRC_IP_LOCATION_OBJ_ID ? INDEX_SRC_IP_LOCATION_OBJ_ID : INDEX_DST_IP_LOCATION_OBJ_ID;
for (int j = 0; j < 4; j++) {
memset(cmsg_data, 0, sizeof(cmsg_data));
ret = tfe_cmsg_get_value(handler->cmsg, (enum tfe_cmsg_tlv_type)ip_location_cmsg_map[map_index][j], (unsigned char *)cmsg_data, mpack_table[i].size, &size);
if (ret < 0) {
log_len += snprintf(log_str + log_len, sizeof(log_str) - log_len, ", %s:null", ip_location_string_map[map_index].name[j]);
continue;
}
log_len += snprintf(log_str + log_len, sizeof(log_str) - log_len, ", %s:%lu", ip_location_string_map[map_index].name[j], *((uint64_t *)cmsg_data));
log_len += snprintf(log_str + log_len, LOG_STR_LEN - log_len, "%hu ", sid->elems[j]);
}
log_len += snprintf(log_str + log_len, LOG_STR_LEN - log_len, "]");
break;
default:
break;
@@ -692,13 +639,13 @@ void ctrl_packet_parser_dump(struct ctrl_pkt_parser *handler, void *logger)
else if (mpack_table[i].mode == VARIABLE_MODE) {
switch(mpack_table[i].type) {
case MPACK_VAR_FLAG:
log_len += snprintf(log_str + log_len, sizeof(log_str) - log_len, ", %s:%hhu", mpack_table[i].str_name, handler->intercpet_data);
log_len += snprintf(log_str + log_len, LOG_STR_LEN - log_len, ", %s:%hhu", mpack_table[i].str_name, handler->intercpet_data);
break;
case MPACK_VAR_WSACLE_CLIENT_FLAG:
log_len += snprintf(log_str + log_len, sizeof(log_str) - log_len, ", %s:%hhu", mpack_table[i].str_name, handler->wsacle_client_flag);
log_len += snprintf(log_str + log_len, LOG_STR_LEN - log_len, ", %s:%hhu", mpack_table[i].str_name, handler->wsacle_client_flag);
break;
case MPACK_VAR_WSACLE_SERVER_FLAG:
log_len += snprintf(log_str + log_len, sizeof(log_str) - log_len, ", %s:%hhu", mpack_table[i].str_name, handler->wsacle_server_flag);
log_len += snprintf(log_str + log_len, LOG_STR_LEN - log_len, ", %s:%hhu", mpack_table[i].str_name, handler->wsacle_server_flag);
break;
default:
break;
@@ -706,5 +653,7 @@ void ctrl_packet_parser_dump(struct ctrl_pkt_parser *handler, void *logger)
}
}
TFE_LOG_DEBUG(logger, "%s", log_str);
free(log_str);
log_str = NULL;
}
}

19
common/src/tfe_scan.cpp
View File

@@ -115,9 +115,6 @@ int tfe_scan_internal_exteral_by_last_group(const struct tfe_stream *stream, lon
}
/**for Provisional compilation definitions**/
#define TFE_CMSG_FQDN_TAGS_ID_STR 60 /*1,2,3,4,5*/
#define TFE_CMSG_SRC_TAGS_ID_STR 61 /*11,12,13,14*/
#define TFE_CMSG_DST_TAGS_ID_STR 62 /*6,7,8,9,10*/
#define TFE_CMSG_FQDN_TAGS_LOG_STR 63 /*"Category Name:Search Engines, Cloude Provider:aws, CDN Provider:aws, category_name: ab"*/
#define TFE_CMSG_SRC_TAGS_LOG_STR 64 /*"administrative_area:Singapore, country:Singapore", CDN Provider:Light CDN*/
#define TFE_CMSG_DST_TAGS_LOG_STR 65 /*"ASN:55967, CDN Provider:Light CDN, country:Hong Kong"*/
@@ -135,7 +132,7 @@ int tfe_scan_ip_tags(const struct tfe_stream *stream, long long *result, struct
}
char opt_val[128]={0}; uint16_t opt_out_size = 0;
int ret = tfe_cmsg_get_value(cmsg, (enum tfe_cmsg_tlv_type)TFE_CMSG_SRC_TAGS_ID_STR, (unsigned char *)opt_val, sizeof(opt_val), &opt_out_size);
int ret = tfe_cmsg_get_value(cmsg, (enum tfe_cmsg_tlv_type)TFE_CMSG_SRC_IP_TAGS_IDS_STR, (unsigned char *)opt_val, sizeof(opt_val), &opt_out_size);
if(ret == 0)
{
n_tag_ids = tfe_get_tags_id_array(opt_val, tag_id_array);
@@ -171,7 +168,7 @@ int tfe_scan_ip_tags(const struct tfe_stream *stream, long long *result, struct
n_tag_ids=0;
memset(tag_id_array, 0, sizeof(tag_id_array));
ret = tfe_cmsg_get_value(cmsg, (enum tfe_cmsg_tlv_type)TFE_CMSG_DST_TAGS_ID_STR, (unsigned char *)opt_val, sizeof(opt_val), &opt_out_size);
ret = tfe_cmsg_get_value(cmsg, (enum tfe_cmsg_tlv_type)TFE_CMSG_DST_IP_TAGS_IDS_STR, (unsigned char *)opt_val, sizeof(opt_val), &opt_out_size);
if(ret == 0)
{
n_tag_ids = tfe_get_tags_id_array(opt_val, tag_id_array);
@@ -217,7 +214,7 @@ int tfe_scan_fqdn_tags(const struct tfe_stream *stream, long long *result, struc
}
char opt_val[128]={0}; uint16_t opt_out_size = 0;
int ret = tfe_cmsg_get_value(cmsg, (enum tfe_cmsg_tlv_type)TFE_CMSG_FQDN_TAGS_ID_STR, (unsigned char *)opt_val, sizeof(opt_val), &opt_out_size);
int ret = tfe_cmsg_get_value(cmsg, (enum tfe_cmsg_tlv_type)TFE_CMSG_FQDN_TAGS_IDS_STR, (unsigned char *)opt_val, sizeof(opt_val), &opt_out_size);
if(ret == 0)
{
n_tag_ids = tfe_get_tags_id_array(opt_val, tag_id_array);
@@ -460,11 +457,11 @@ int tfe_scan_subscribe_id(const struct tfe_stream *stream, long long *result, st
{
TFE_LOG_ERROR(logger, "fetch src sub id from cmsg failed, ret: %d addr: %s", scan_ret, stream->str_stream_info);
}
scan_ret = tfe_cmsg_get_value(cmsg, TFE_CMSG_DST_SUB_ID, (unsigned char *)dest_subscribe_id, sizeof(dest_subscribe_id), &opt_out_size);
if (scan_ret != 0)
{
TFE_LOG_ERROR(logger, "fetch dst sub id from cmsg failed, ret: %d addr: %s", scan_ret, stream->str_stream_info);
}
// scan_ret = tfe_cmsg_get_value(cmsg, TFE_CMSG_DST_SUB_ID, (unsigned char *)dest_subscribe_id, sizeof(dest_subscribe_id), &opt_out_size);
// if (scan_ret != 0)
// {
// TFE_LOG_ERROR(logger, "fetch dst sub id from cmsg failed, ret: %d addr: %s", scan_ret, stream->str_stream_info);
// }
}
TFE_LOG_DEBUG(logger, "fetch src sub id:%s dst sub id:%s addr: %s", source_subscribe_id, dest_subscribe_id, stream->str_stream_info);

70
common/test/test_mpack.cpp
View File

@@ -31,31 +31,19 @@ void build_mpack_data(char **data, size_t *size)
uint32_t ts_client_val = 4213358146;
uint32_t ts_server_val = 1218524397;
uint8_t packet_cur_dir = 1;
uint16_t incoming_link_id = 1;
uint16_t outgoing_link_id = 65535;
uint8_t src_sub_id[256] = {0};
uint8_t dst_sub_id[256] = {0};
uint64_t src_asn_val = 7676;
uint64_t dst_asn_val = 7878;
uint64_t src_asn_id = 1234;
uint64_t dst_asn_id = 4321;
// ip location array
const char *src_ip_location[4] = {
"src_region",
"src_province",
"src_city",
"src_subdivision"
};
const char *dst_ip_location[4] = {
"dst_region",
"dst_province",
"dst_city",
"dst_subdivision"
};
uint64_t src_ip_location_obj_id[4] = {1, 2, 3, 4};
uint64_t dst_ip_location_obj_id[4] = {1, 2, 3, 4};
char src_imsi[256] = "810035141486423";
char src_imei[256] = "25762917001364";
char src_phone_number[256] = "623335886431";
char src_apn[256] = "www.lytest.com";
uint64_t src_ip_tags_ids[] = {18446744073709551615ULL, 324137, 324129};
uint64_t dst_ip_tags_ids[] = {324119, 18446744073709551615ULL, 324137, 324129};
uint64_t fqdn_tags_ids[] = {324109, 324105, 18446744073709551615ULL, 324137, 324129};
uint8_t ja3_fingerprint[32] = {0};
uint16_t seq_sid[4] = {1000, 1001, 1002, 1003};
uint16_t ack_sid[4] = {1003, 1002, 1001, 1000};
uint16_t seq_sid[] = {1000, 1001, 1002, 1003};
uint16_t ack_sid[] = {1003, 1002, 1001, 1000};
uint8_t seq_route_ctx[] = {0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07};
uint8_t ack_route_ctx[] = {0x08, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F};
uint8_t seq_header[] = {0x00, 0x10, 0x20, 0x30, 0x40, 0x50, 0x60, 0x70};
@@ -116,39 +104,27 @@ void build_mpack_data(char **data, size_t *size)
mpack_write_u32(&writer, ts_client_val);
mpack_write_u32(&writer, ts_server_val);
mpack_write_u8(&writer, packet_cur_dir);
mpack_write_u16(&writer, incoming_link_id);
mpack_write_u16(&writer, outgoing_link_id);
mpack_write_str(&writer, (const char*)src_sub_id, 0);
mpack_write_str(&writer, (const char*)dst_sub_id, 0);
mpack_write_u64(&writer, src_asn_val);
mpack_write_u64(&writer, dst_asn_val);
mpack_write_u64(&writer, src_asn_id);
mpack_write_u64(&writer, dst_asn_id);
mpack_write_str(&writer, (const char*)src_imsi, strlen(src_imsi));
mpack_write_str(&writer, (const char*)src_imei, strlen(src_imei));
mpack_write_str(&writer, (const char*)src_phone_number, strlen(src_phone_number));
mpack_write_str(&writer, (const char*)src_apn, strlen(src_apn));
mpack_build_array(&writer);
mpack_write_str(&writer, src_ip_location[0], strlen(src_ip_location[0]));
mpack_write_str(&writer, src_ip_location[1], strlen(src_ip_location[1]));
mpack_write_str(&writer, src_ip_location[2], strlen(src_ip_location[2]));
mpack_write_str(&writer, src_ip_location[3], strlen(src_ip_location[3]));
mpack_complete_array(&writer);
mpack_build_array(&writer);
mpack_write_str(&writer, dst_ip_location[0], strlen(dst_ip_location[0]));
mpack_write_str(&writer, dst_ip_location[1], strlen(dst_ip_location[1]));
mpack_write_str(&writer, dst_ip_location[2], strlen(dst_ip_location[2]));
mpack_write_str(&writer, dst_ip_location[3], strlen(dst_ip_location[3]));
for (size_t i = 0; i < sizeof(dst_ip_tags_ids)/sizeof(dst_ip_tags_ids[0]); i++) {
mpack_write_u64(&writer, dst_ip_tags_ids[i]);
}
mpack_complete_array(&writer);
mpack_build_array(&writer);
mpack_write_u64(&writer, src_ip_location_obj_id[0]);
mpack_write_u64(&writer, src_ip_location_obj_id[1]);
mpack_write_u64(&writer, src_ip_location_obj_id[2]);
mpack_write_u64(&writer, src_ip_location_obj_id[3]);
mpack_complete_array(&writer);
mpack_build_array(&writer);
mpack_write_u64(&writer, dst_ip_location_obj_id[0]);
mpack_write_u64(&writer, dst_ip_location_obj_id[1]);
mpack_write_u64(&writer, dst_ip_location_obj_id[2]);
mpack_write_u64(&writer, dst_ip_location_obj_id[3]);
for (size_t i = 0; i < sizeof(fqdn_tags_ids)/sizeof(fqdn_tags_ids[0]); i++) {
mpack_write_u64(&writer, fqdn_tags_ids[i]);
}
mpack_complete_array(&writer);
mpack_write_str(&writer, (const char*)ja3_fingerprint, 0);