TSG-17862 Proxy支持Internal IP address和Exteral IP Address的扫描, 支持以Topic方式上传HTTP请求体/应答体

2023-12-14 15:08:19 +08:00
parent b801ca9d3b
commit b3700966fd
15 changed files with 577 additions and 278 deletions
--- a/common/include/tfe_kafka_logger.h
+++ b/common/include/tfe_kafka_logger.h
@@ -9,26 +9,34 @@ extern "C"
 #include <tfe_utils.h>
 #include <librdkafka/rdkafka.h>

-    typedef struct tfe_kafka_logger_s
-    {
-        int enable;
-        int t_vsys_id;
+enum kafka_topic_type
+{   
+    TOPIC_LOGGER,
+    TOPIC_BUCKET,
+    TOPIC_MAX
+};

-        unsigned int local_ip_num;
-        char local_ip_str[TFE_SYMBOL_MAX];
+typedef struct tfe_kafka_logger_s
+{
+    int enable;
+    int t_vsys_id;

-        char topic_name[TFE_STRING_MAX];
-        char broker_list[TFE_STRING_MAX];
+    unsigned int local_ip_num;
+    char local_ip_str[TFE_SYMBOL_MAX];

-        rd_kafka_t *kafka_handle;
-        rd_kafka_topic_t *kafka_topic;
-    } tfe_kafka_logger_t;
+    char topic_name[TOPIC_MAX][TFE_STRING_MAX];
+    char broker_list[TFE_STRING_MAX];
+
+    rd_kafka_t *kafka_handle;
+    rd_kafka_topic_t *kafka_topic[TOPIC_MAX];
+} tfe_kafka_logger_t;

 tfe_kafka_logger_t *tfe_kafka_logger_create(int enable, const char *nic_name, const char *brokerlist, const char *topic_name,
                                       const char *sasl_username, const char *sasl_passwd, void *local_logger);

+int tfe_kafka_logger_topic_new(tfe_kafka_logger_t *logger, const char *topic_name, void *local_logger);
 void tfe_kafka_logger_destroy(tfe_kafka_logger_t *logger);
-int tfe_kafka_logger_send(tfe_kafka_logger_t *logger, const char *data, int len);
+int tfe_kafka_logger_send(tfe_kafka_logger_t *logger, int topic_id, const char *data, int len);

 #ifdef __cpluscplus
 }
--- a/common/include/tfe_resource.h
+++ b/common/include/tfe_resource.h
@@ -1,5 +1,16 @@
 #pragma once

+struct app_id_dict
+{
+	int ref_cnt;
+	int app_id;
+	long long int group_id;
+
+	pthread_mutex_t lock;
+};
+
+void app_id_dict_free(struct app_id_dict *app_dict);
+
 enum RESOURCE_TYPE
 {
    STATIC_MAAT,
@@ -16,6 +27,7 @@ enum TABLE_TYPE
    TABLE_SECURITY_SOURCE_LOCATION,
    TABLE_SECURITY_DESTINATION_LOCATION,
    TABLE_OBJ_SUBSCRIBER_ID,
+    TABLE_OBJ_APP_ID_DICT,
    TABLE_TYPE_MAX
 };

--- a/common/include/tfe_scan.h
+++ b/common/include/tfe_scan.h
@@ -11,3 +11,10 @@ int tfe_scan_ip_location(const struct tfe_stream *stream, long long *result, str
                         int hit_cnt, void *logger, char **location_server, char **location_client);
 int tfe_scan_fqdn_cat(const struct tfe_stream *stream, long long *result, struct maat_state *scan_mid,
                      int hit_cnt, void *logger, int table_id);
+int tfe_scan_app_id(long long *result, struct maat_state *scan_mid, int hit_cnt, int app_id, int table_id);
+int tfe_scan_ipv4_addr(long long *result, struct maat_state *scan_mid, int hit_cnt, struct ipaddr sapp_addr);
+int tfe_scan_ipv6_addr(long long *result, struct maat_state *scan_mid, int hit_cnt, struct ipaddr sapp_addr);
+int tfe_scan_ipv4_internal_addr(const struct tfe_stream *stream, long long *result, struct maat_state *scan_mid, 
+                                int hit_cnt, struct ipaddr sapp_addr);
+int tfe_scan_ipv6_internal_addr(const struct tfe_stream *stream, long long *result, struct maat_state *scan_mid, 
+                                int hit_cnt, struct ipaddr sapp_addr);