支持从原始流量中获取MAC地址并用于解密流量转发以太网头部的构建。
This commit is contained in:
luqiuwen
@@ -541,99 +541,122 @@ errout:
|
||||
int traffic_mirror_on_open_cb(const struct tfe_stream * stream, unsigned int thread_id,
|
||||
enum tfe_conn_dir dir, void ** pme)
|
||||
{
|
||||
/* Firstly, fetch destination address of traffic mirror */
|
||||
struct traffic_mirror_me * me = NULL;
|
||||
struct traffic_mirror_instance * instance = g_traffic_mirror_instance;
|
||||
struct tfe_cmsg * cmsg = tfe_stream_get0_cmsg(stream);
|
||||
/* Firstly, fetch destination address of traffic mirror */
|
||||
struct traffic_mirror_me * me = NULL;
|
||||
struct traffic_mirror_instance * instance = g_traffic_mirror_instance;
|
||||
struct tfe_cmsg * cmsg = tfe_stream_get0_cmsg(stream);
|
||||
|
||||
unsigned int target_id;
|
||||
struct traffic_mirror_rebuild_target * rebuild_target = NULL;
|
||||
unsigned int target_id;
|
||||
struct traffic_mirror_rebuild_target * rebuild_target = NULL;
|
||||
|
||||
assert(instance != NULL);
|
||||
assert(cmsg != NULL);
|
||||
assert(instance != NULL);
|
||||
assert(cmsg != NULL);
|
||||
|
||||
char str_policy_id[TFE_SYMBOL_MAX] = {0};
|
||||
char str_profile_id[TFE_SYMBOL_MAX] = {0};
|
||||
char str_policy_id[TFE_SYMBOL_MAX] = {0};
|
||||
char str_profile_id[TFE_SYMBOL_MAX] = {0};
|
||||
|
||||
unsigned int opt_val;
|
||||
uint16_t opt_out_size;
|
||||
unsigned int opt_val;
|
||||
uint16_t opt_out_size;
|
||||
|
||||
struct policy_table_ex_data * policy_ex_data = NULL;
|
||||
struct profile_table_ex_data * profile_ex_data = NULL;
|
||||
struct policy_table_ex_data * policy_ex_data = NULL;
|
||||
struct profile_table_ex_data * profile_ex_data = NULL;
|
||||
|
||||
int ret = tfe_cmsg_get_value(cmsg, TFE_CMSG_POLICY_ID, (unsigned char *) &opt_val, sizeof(opt_val), &opt_out_size);
|
||||
if (ret < 0)
|
||||
{
|
||||
TFE_LOG_ERROR(instance->logger, "failed at getting policy id from cmsg, detach the stream.");
|
||||
goto detach;
|
||||
}
|
||||
struct ether_addr c_ether_addr = {};
|
||||
struct ether_addr s_ether_addr = {};
|
||||
|
||||
snprintf(str_policy_id, sizeof(str_policy_id), "%u", opt_val);
|
||||
policy_ex_data = (struct policy_table_ex_data *) Maat_plugin_get_EX_data(instance->maat_feather,
|
||||
instance->policy_table_id, str_policy_id);
|
||||
int ret = tfe_cmsg_get_value(cmsg, TFE_CMSG_POLICY_ID, (unsigned char *) &opt_val, sizeof(opt_val), &opt_out_size);
|
||||
if (ret < 0)
|
||||
{
|
||||
TFE_LOG_ERROR(instance->logger, "failed at getting policy id from cmsg, detach the stream.");
|
||||
goto detach;
|
||||
}
|
||||
|
||||
if (!policy_ex_data)
|
||||
{
|
||||
TFE_LOG_ERROR(instance->logger, "failed at getting policy %s's EXDATA, detach the stream", str_policy_id);
|
||||
goto detach;
|
||||
}
|
||||
snprintf(str_policy_id, sizeof(str_policy_id), "%u", opt_val);
|
||||
policy_ex_data = (struct policy_table_ex_data *) Maat_plugin_get_EX_data(instance->maat_feather,
|
||||
instance->policy_table_id, str_policy_id);
|
||||
|
||||
if (!policy_ex_data->enable)
|
||||
{
|
||||
goto detach;
|
||||
}
|
||||
if (!policy_ex_data)
|
||||
{
|
||||
TFE_LOG_ERROR(instance->logger, "failed at getting policy %s's EXDATA, detach the stream", str_policy_id);
|
||||
goto detach;
|
||||
}
|
||||
|
||||
snprintf(str_profile_id, sizeof(str_policy_id), "%u", policy_ex_data->profile_id);
|
||||
profile_ex_data = (struct profile_table_ex_data *) Maat_plugin_get_EX_data(instance->maat_feather,
|
||||
instance->profile_table_id, str_profile_id);
|
||||
if (!policy_ex_data->enable)
|
||||
{
|
||||
goto detach;
|
||||
}
|
||||
|
||||
if (!profile_ex_data)
|
||||
{
|
||||
TFE_LOG_ERROR(instance->logger, "failed at getting policy %s's profile, profile id = %s, "
|
||||
"detach the stream", str_policy_id, str_profile_id);
|
||||
goto detach;
|
||||
}
|
||||
snprintf(str_profile_id, sizeof(str_policy_id), "%u", policy_ex_data->profile_id);
|
||||
profile_ex_data = (struct profile_table_ex_data *) Maat_plugin_get_EX_data(instance->maat_feather,
|
||||
instance->profile_table_id, str_profile_id);
|
||||
|
||||
target_id = random() % profile_ex_data->nr_targets;
|
||||
rebuild_target = ALLOC(struct traffic_mirror_rebuild_target, 1);
|
||||
rebuild_target->vlan_tci = profile_ex_data->vlans[target_id];
|
||||
rebuild_target->ether_addr = profile_ex_data->ether_addrs[target_id];
|
||||
if (!profile_ex_data)
|
||||
{
|
||||
TFE_LOG_ERROR(instance->logger, "failed at getting policy %s's profile, profile id = %s, "
|
||||
"detach the stream", str_policy_id, str_profile_id);
|
||||
goto detach;
|
||||
}
|
||||
|
||||
me = ALLOC(struct traffic_mirror_me, 1);
|
||||
me->rebuild_ctx = traffic_mirror_rebuild_create(stream->addr, rebuild_target, instance->ethdev);
|
||||
me->profile_ex_data = profile_ex_data;
|
||||
*pme = (void *) me;
|
||||
ret = tfe_cmsg_get_value(cmsg, TFE_CMSG_SRC_MAC, (unsigned char *) &c_ether_addr,
|
||||
sizeof(c_ether_addr), &opt_out_size);
|
||||
|
||||
/* the ownership is transfer to struct me and rebuild_target */
|
||||
profile_ex_data = NULL;
|
||||
rebuild_target = NULL;
|
||||
if (ret < 0)
|
||||
{
|
||||
TFE_LOG_ERROR(instance->logger, "failed at source mac address, detach the stream.");
|
||||
goto detach;
|
||||
}
|
||||
|
||||
traffic_mirror_rebuild_handshake(me->rebuild_ctx, thread_id);
|
||||
return ACTION_FORWARD_DATA;
|
||||
ret = tfe_cmsg_get_value(cmsg, TFE_CMSG_DST_MAC, (unsigned char *) &s_ether_addr,
|
||||
sizeof(s_ether_addr), &opt_out_size);
|
||||
|
||||
if (ret < 0)
|
||||
{
|
||||
TFE_LOG_ERROR(instance->logger, "failed at dest mac address, detach the stream.");
|
||||
goto detach;
|
||||
}
|
||||
|
||||
target_id = random() % profile_ex_data->nr_targets;
|
||||
rebuild_target = ALLOC(struct traffic_mirror_rebuild_target, 1);
|
||||
rebuild_target->vlan_tci = profile_ex_data->vlans[target_id];
|
||||
rebuild_target->ether_addr = profile_ex_data->ether_addrs[target_id];
|
||||
|
||||
me = ALLOC(struct traffic_mirror_me, 1);
|
||||
me->rebuild_ctx = traffic_mirror_rebuild_create(stream->addr, &c_ether_addr, &s_ether_addr,
|
||||
rebuild_target, instance->ethdev);
|
||||
|
||||
me->profile_ex_data = profile_ex_data;
|
||||
*pme = (void *) me;
|
||||
|
||||
/* the ownership is transfer to struct me and rebuild_target */
|
||||
profile_ex_data = NULL;
|
||||
rebuild_target = NULL;
|
||||
|
||||
traffic_mirror_rebuild_handshake(me->rebuild_ctx, thread_id);
|
||||
return ACTION_FORWARD_DATA;
|
||||
|
||||
detach:
|
||||
if (me)
|
||||
{
|
||||
free(me);
|
||||
}
|
||||
if (me)
|
||||
{
|
||||
free(me);
|
||||
}
|
||||
|
||||
if (policy_ex_data)
|
||||
{
|
||||
policy_table_ex_data_free(policy_ex_data);
|
||||
}
|
||||
if (policy_ex_data)
|
||||
{
|
||||
policy_table_ex_data_free(policy_ex_data);
|
||||
}
|
||||
|
||||
if (profile_ex_data)
|
||||
{
|
||||
profile_table_ex_data_free(profile_ex_data);
|
||||
}
|
||||
if (profile_ex_data)
|
||||
{
|
||||
profile_table_ex_data_free(profile_ex_data);
|
||||
}
|
||||
|
||||
if (rebuild_target)
|
||||
{
|
||||
free(rebuild_target);
|
||||
}
|
||||
if (rebuild_target)
|
||||
{
|
||||
free(rebuild_target);
|
||||
}
|
||||
|
||||
tfe_stream_detach(stream);
|
||||
return ACTION_FORWARD_DATA;
|
||||
tfe_stream_detach(stream);
|
||||
return ACTION_FORWARD_DATA;
|
||||
}
|
||||
|
||||
enum tfe_stream_action traffic_mirror_on_data_cb(const struct tfe_stream * stream, unsigned int thread_id,
|
||||
|
||||
Reference in New Issue
Block a user