TSG-21855 使用fieldstat4序列化Intercept Policy的metric并输出到kafka
This commit is contained in:
wangmenglan
@@ -5,159 +5,6 @@
|
||||
#include "tfe_resource.h"
|
||||
#include "tfe_packet_io.h"
|
||||
|
||||
void tfe_set_intercept_metric(struct tfe_fieldstat_easy_t *fieldstat, struct session_ctx *s_ctx, int thread_id, int is_session_close)
|
||||
{
|
||||
int ret;
|
||||
int hit_count = 0;
|
||||
uint16_t out_size;
|
||||
struct tfe_cmsg *cmsg = s_ctx->cmsg;
|
||||
struct timespec current_time;
|
||||
|
||||
if (cmsg == NULL)
|
||||
{
|
||||
return;
|
||||
}
|
||||
|
||||
if (s_ctx->metric_hit == 0) {
|
||||
int flag = 0;
|
||||
flag = tfe_cmsg_get_flag(cmsg);
|
||||
if ((flag & TFE_CMSG_FLAG_USER0) == 0) {
|
||||
return;
|
||||
}
|
||||
s_ctx->metric_hit = 1;
|
||||
hit_count = 1;
|
||||
}
|
||||
|
||||
if (!is_session_close)
|
||||
{
|
||||
clock_gettime(CLOCK_MONOTONIC, ¤t_time);
|
||||
if (current_time.tv_sec - s_ctx->metrics_last_time.tv_sec < 1)
|
||||
{
|
||||
return;
|
||||
}
|
||||
}
|
||||
|
||||
s_ctx->metrics_last_time = current_time;
|
||||
int downstream_dir = s_ctx->c2s_info.is_e2i_dir;
|
||||
int downstream_rx_pkts = s_ctx->c2s_info.rx.n_pkts - s_ctx->c2s_info.rx_send_complete.n_pkts;
|
||||
int downstream_rx_bytes = s_ctx->c2s_info.rx.n_bytes - s_ctx->c2s_info.rx_send_complete.n_bytes;
|
||||
int upstream_dir = s_ctx->s2c_info.is_e2i_dir;
|
||||
int upstream_rx_pkts = s_ctx->s2c_info.rx.n_pkts - s_ctx->s2c_info.rx_send_complete.n_pkts;
|
||||
int upstream_rx_bytes = s_ctx->s2c_info.rx.n_bytes - s_ctx->s2c_info.rx_send_complete.n_bytes;
|
||||
s_ctx->c2s_info.rx_send_complete = s_ctx->c2s_info.rx;
|
||||
s_ctx->s2c_info.rx_send_complete = s_ctx->s2c_info.rx;
|
||||
|
||||
int vsys_id = 0;
|
||||
ret = tfe_cmsg_get_value(cmsg, TFE_CMSG_POLICY_VSYS_ID, (unsigned char *)&vsys_id, sizeof(vsys_id), &out_size);
|
||||
if (ret != 0)
|
||||
{
|
||||
TFE_LOG_ERROR(g_default_logger, "failed at fetch vsys_id from cmsg: %s", strerror(-ret));
|
||||
return;
|
||||
}
|
||||
|
||||
uint64_t rule_id = 0;
|
||||
ret = tfe_cmsg_get_value(cmsg, TFE_CMSG_POLICY_ID, (unsigned char *)&rule_id, sizeof(rule_id), &out_size);
|
||||
if (ret != 0)
|
||||
{
|
||||
TFE_LOG_ERROR(g_default_logger, "failed at fetch rule_id from cmsg: %s", strerror(-ret));
|
||||
return;
|
||||
}
|
||||
|
||||
uint8_t hit_no_intercept = 0;
|
||||
ret = tfe_cmsg_get_value(cmsg, TFE_CMSG_HIT_NO_INTERCEPT, (unsigned char *)&hit_no_intercept, sizeof(hit_no_intercept), &out_size);
|
||||
if (ret != 0)
|
||||
{
|
||||
TFE_LOG_ERROR(g_default_logger, "failed at fetch hit_no_intercept from cmsg: %s", strerror(-ret));
|
||||
return;
|
||||
}
|
||||
|
||||
int in_pkts = 0;
|
||||
int in_bytes = 0;
|
||||
int out_pkts = 0;
|
||||
int out_bytes = 0;
|
||||
|
||||
// incoming : E2I 的流量
|
||||
// outgoing : I2E 的流量
|
||||
// first_ctr_packet_dir <==> client hello packet dir
|
||||
// 1: E2I 0:I2E
|
||||
if (downstream_dir == 1)
|
||||
{
|
||||
in_pkts += downstream_rx_pkts;
|
||||
in_bytes += downstream_rx_bytes;
|
||||
}
|
||||
else
|
||||
{
|
||||
out_pkts += downstream_rx_pkts;
|
||||
out_bytes += downstream_rx_bytes;
|
||||
}
|
||||
|
||||
if (upstream_dir == 1)
|
||||
{
|
||||
in_pkts += upstream_rx_pkts;
|
||||
in_bytes += upstream_rx_bytes;
|
||||
}
|
||||
else
|
||||
{
|
||||
out_pkts += upstream_rx_pkts;
|
||||
out_bytes += upstream_rx_bytes;
|
||||
}
|
||||
|
||||
int nr_tags = 0;
|
||||
struct fieldstat_tag temp_tags[TAG_MAX] = {0};
|
||||
|
||||
temp_tags[nr_tags].key = "vsys_id";
|
||||
temp_tags[nr_tags].type = TAG_INTEGER;
|
||||
temp_tags[nr_tags].value_longlong = vsys_id;
|
||||
nr_tags++;
|
||||
|
||||
temp_tags[nr_tags].key = "rule_id";
|
||||
temp_tags[nr_tags].type = TAG_INTEGER;
|
||||
temp_tags[nr_tags].value_longlong = rule_id;
|
||||
nr_tags++;
|
||||
|
||||
uint8_t pinning_status = 0;
|
||||
if (tfe_cmsg_get_value(cmsg, TFE_CMSG_SSL_PINNING_STATE, (unsigned char *)&pinning_status, sizeof(pinning_status), &out_size) == 0)
|
||||
{
|
||||
temp_tags[nr_tags].key = "pinning_status";
|
||||
temp_tags[nr_tags].type = TAG_INTEGER;
|
||||
temp_tags[nr_tags].value_longlong = pinning_status;
|
||||
nr_tags++;
|
||||
}
|
||||
|
||||
// action : 2 Intercept; 3 No Intercept
|
||||
temp_tags[nr_tags].key = "action";
|
||||
temp_tags[nr_tags].type = TAG_INTEGER;
|
||||
temp_tags[nr_tags].value_longlong = (hit_no_intercept == 1 ? 3 : 2);
|
||||
nr_tags++;
|
||||
|
||||
// sub_action not need for intercept metrics
|
||||
|
||||
if (hit_count > 0)
|
||||
{
|
||||
fieldstat_easy_counter_incrby(fieldstat->fseasy, thread_id, fieldstat->counter_array[COLUMN_HIT_COUNT], temp_tags, (size_t)nr_tags, hit_count);
|
||||
}
|
||||
|
||||
if (in_pkts > 0)
|
||||
{
|
||||
fieldstat_easy_counter_incrby(fieldstat->fseasy, thread_id, fieldstat->counter_array[COLUMN_IN_PKTS], temp_tags, (size_t)nr_tags, in_pkts);
|
||||
}
|
||||
|
||||
if (in_bytes > 0)
|
||||
{
|
||||
fieldstat_easy_counter_incrby(fieldstat->fseasy, thread_id, fieldstat->counter_array[COLUMN_IN_BYTES], temp_tags, (size_t)nr_tags, in_bytes);
|
||||
}
|
||||
|
||||
if (out_pkts > 0)
|
||||
{
|
||||
fieldstat_easy_counter_incrby(fieldstat->fseasy, thread_id, fieldstat->counter_array[COLUMN_OUT_PKTS], temp_tags, (size_t)nr_tags, out_pkts);
|
||||
}
|
||||
|
||||
if (out_bytes > 0)
|
||||
{
|
||||
fieldstat_easy_counter_incrby(fieldstat->fseasy, thread_id, fieldstat->counter_array[COLUMN_OUT_BYTES], temp_tags, (size_t)nr_tags, out_bytes);
|
||||
}
|
||||
}
|
||||
|
||||
int tfe_fieldstat_easy_incrby(struct tfe_fieldstat_easy_t *fieldstat, unsigned int counter_id, long long value, const struct fieldstat_tag tags[], int n_tags, int thread_id)
|
||||
{
|
||||
return fieldstat_easy_counter_incrby(fieldstat->fseasy, thread_id, counter_id, tags, (size_t)n_tags, value);
|
||||
|
||||
Reference in New Issue
Block a user