TSG-22093 Manipulation支持Library Tag相关策略的扫描与日志发送
This commit is contained in:
fengweihao
@@ -3,6 +3,446 @@
|
||||
#include <tfe_scan.h>
|
||||
#include <MESA/stream.h>
|
||||
|
||||
static int scan_group(struct maat_hit_group hit_group, long long *result, struct maat_state *scan_mid, int hit_cnt, int table_id)
|
||||
{
|
||||
size_t n_hit_result=0;
|
||||
int scan_ret=0, hit_cnt_group=0;
|
||||
|
||||
scan_ret = maat_scan_group(tfe_get_maat_handle(), table_id, &hit_group, 1,
|
||||
result+hit_cnt+hit_cnt_group, MAX_SCAN_RESULT-hit_cnt-hit_cnt_group, &n_hit_result, scan_mid);
|
||||
if(scan_ret == MAAT_SCAN_HIT)
|
||||
{
|
||||
hit_cnt_group+=n_hit_result;
|
||||
}
|
||||
scan_ret = maat_scan_not_logic(tfe_get_maat_handle(), table_id, result+hit_cnt+hit_cnt_group,
|
||||
MAX_SCAN_RESULT-hit_cnt-hit_cnt_group, &n_hit_result, scan_mid);
|
||||
if (scan_ret == MAAT_SCAN_HIT)
|
||||
{
|
||||
hit_cnt_group+=n_hit_result;
|
||||
}
|
||||
return hit_cnt_group;
|
||||
}
|
||||
|
||||
int tfe_get_tags_id_array(char *tag_ids, long long *tag_id_array)
|
||||
{
|
||||
if(tag_ids==NULL)
|
||||
{
|
||||
return 0;
|
||||
}
|
||||
|
||||
int n_tag_ids=0;
|
||||
char *tag_ids_tmp = ALLOC(char, strlen(tag_ids)+1);
|
||||
strcpy(tag_ids_tmp, tag_ids);
|
||||
|
||||
char *tag_ids_str=strtok(tag_ids_tmp, ",");
|
||||
while(tag_ids_str!=NULL && n_tag_ids < 128)
|
||||
{
|
||||
tag_id_array[n_tag_ids++]=strtoll(tag_ids_str, NULL, 10);
|
||||
tag_ids_str=strtok(NULL, ",");
|
||||
}
|
||||
FREE(&tag_ids_tmp);
|
||||
return n_tag_ids;
|
||||
}
|
||||
|
||||
static int get_route_dir(const struct tfe_stream * stream)
|
||||
{
|
||||
uint16_t out_size;
|
||||
unsigned int route_dir; int ret=0;
|
||||
|
||||
struct tfe_cmsg *cmsg = tfe_stream_get0_cmsg(stream);
|
||||
if (cmsg != NULL)
|
||||
{
|
||||
ret = tfe_cmsg_get_value(cmsg, TFE_CMSG_COMMON_DIRECTION, (unsigned char *)&route_dir, sizeof(route_dir), &out_size);
|
||||
if (ret != 0)
|
||||
{
|
||||
return ret;
|
||||
}
|
||||
}
|
||||
return (route_dir==69) ? 1 : 0;
|
||||
}
|
||||
|
||||
int get_table_id(const struct tfe_stream *stream, enum scan_common_table table_type)
|
||||
{
|
||||
int table_id = 0, c2s = 0;
|
||||
int dir_is_e2i = get_route_dir(stream);
|
||||
|
||||
if (table_type == PXY_CTRL_SOURCE_IP || table_type == PXY_CTRL_DESTINATION_IP || table_type == PXY_CTRL_SOURCE_PORT || table_type == PXY_CTRL_DESTINATION_PORT)
|
||||
{
|
||||
c2s = (table_type == PXY_CTRL_SOURCE_IP || table_type == PXY_CTRL_SOURCE_PORT) ? 1 : 0;
|
||||
|
||||
if(table_type == PXY_CTRL_SOURCE_IP || table_type == PXY_CTRL_DESTINATION_IP)
|
||||
{
|
||||
table_id = (c2s == dir_is_e2i) ? tfe_bussiness_tableid_get(PXY_CTRL_INTERNAL_IP) : tfe_bussiness_tableid_get(PXY_CTRL_EXTERNAL_IP);
|
||||
}
|
||||
if(table_type == PXY_CTRL_SOURCE_PORT || table_type == PXY_CTRL_DESTINATION_PORT)
|
||||
{
|
||||
table_id = (c2s == dir_is_e2i) ? tfe_bussiness_tableid_get(PXY_CTRL_INTERNAL_PORT) : tfe_bussiness_tableid_get(PXY_CTRL_EXTERNAL_PORT);
|
||||
}
|
||||
}
|
||||
return table_id;
|
||||
}
|
||||
|
||||
int tfe_scan_internal_exteral_by_last_group(const struct tfe_stream *stream, long long *result, struct maat_state *scan_mid, int hit_cnt, enum scan_common_table table_type)
|
||||
{
|
||||
size_t array_size=256, n_hit_result = 0;
|
||||
int hit_cnt_group = 0, scan_ret = 0, table_id = 0;
|
||||
struct maat_hit_group last_hit_groups[256] = {0};
|
||||
|
||||
table_id = get_table_id(stream, table_type);
|
||||
if(table_id <= 0)
|
||||
{
|
||||
return hit_cnt_group;
|
||||
}
|
||||
|
||||
size_t n_last_hit_group = maat_state_get_last_hit_group_cnt(scan_mid);
|
||||
if(n_last_hit_group > 0)
|
||||
{
|
||||
maat_state_get_last_hit_groups(scan_mid, last_hit_groups, array_size);
|
||||
scan_ret = maat_scan_group(tfe_get_maat_handle(), table_id, last_hit_groups, array_size, result+hit_cnt+hit_cnt_group,
|
||||
MAX_SCAN_RESULT-hit_cnt-hit_cnt_group, &n_hit_result, scan_mid);
|
||||
if(scan_ret == MAAT_SCAN_HIT)
|
||||
{
|
||||
hit_cnt_group += n_hit_result;
|
||||
}
|
||||
scan_ret = maat_scan_not_logic(tfe_get_maat_handle(), table_id,
|
||||
result+hit_cnt+hit_cnt_group, MAX_SCAN_RESULT-hit_cnt-hit_cnt_group, &n_hit_result, scan_mid);
|
||||
if (scan_ret == MAAT_SCAN_HIT)
|
||||
{
|
||||
hit_cnt_group += n_hit_result;
|
||||
}
|
||||
}
|
||||
return hit_cnt_group;
|
||||
}
|
||||
|
||||
/**for Provisional compilation definitions**/
|
||||
#define TFE_CMSG_FQDN_TAGS_ID_STR 60 /*1,2,3,4,5*/
|
||||
#define TFE_CMSG_SRC_TAGS_ID_STR 61 /*11,12,13,14*/
|
||||
#define TFE_CMSG_DST_TAGS_ID_STR 62 /*6,7,8,9,10*/
|
||||
#define TFE_CMSG_FQDN_TAGS_LOG_STR 63 /*"Category Name:Search Engines, Cloude Provider:aws, CDN Provider:aws, category_name: ab"*/
|
||||
#define TFE_CMSG_SRC_TAGS_LOG_STR 64 /*"administrative_area:Singapore, country:Singapore", CDN Provider:Light CDN*/
|
||||
#define TFE_CMSG_DST_TAGS_LOG_STR 65 /*"ASN:55967, CDN Provider:Light CDN, country:Hong Kong"*/
|
||||
|
||||
int tfe_scan_ip_tags(const struct tfe_stream *stream, long long *result, struct maat_state *scan_mid, int hit_cnt, void *logger)
|
||||
{
|
||||
size_t n_hit_result = 0;
|
||||
long long tag_id_array[128]={0};
|
||||
int scan_ret = 0, hit_cnt_ip = 0, n_tag_ids = 0;
|
||||
|
||||
struct tfe_cmsg *cmsg = tfe_stream_get0_cmsg(stream);
|
||||
if(cmsg == NULL)
|
||||
{
|
||||
return hit_cnt_ip;
|
||||
}
|
||||
|
||||
char opt_val[128]={0}; uint16_t opt_out_size = 0;
|
||||
int ret = tfe_cmsg_get_value(cmsg, (enum tfe_cmsg_tlv_type)TFE_CMSG_SRC_TAGS_ID_STR, (unsigned char *)opt_val, sizeof(opt_val), &opt_out_size);
|
||||
if(ret == 0)
|
||||
{
|
||||
n_tag_ids = tfe_get_tags_id_array(opt_val, tag_id_array);
|
||||
if(n_tag_ids == 0)
|
||||
{
|
||||
return hit_cnt_ip;
|
||||
}
|
||||
}
|
||||
TFE_LOG_DEBUG(logger, "fetch src ip tags: %s", opt_val);
|
||||
struct maat_hit_group hit_group;
|
||||
for (int i = 0; i < n_tag_ids; i++)
|
||||
{
|
||||
memset(&hit_group, 0, sizeof(hit_group));
|
||||
hit_group.group_id=tag_id_array[i];
|
||||
|
||||
scan_ret = maat_scan_group(tfe_get_maat_handle(), tfe_bussiness_tableid_get(PXY_CTRL_SOURCE_IP), &hit_group, 1, result+hit_cnt+hit_cnt_ip,
|
||||
MAX_SCAN_RESULT-hit_cnt-hit_cnt_ip, &n_hit_result, scan_mid);
|
||||
if(scan_ret==MAAT_SCAN_HIT)
|
||||
{
|
||||
TFE_LOG_INFO(logger, "Scan Src TAGS, Hit scan ret: %d policy_id: %lld addr: %s", scan_ret, result[hit_cnt + hit_cnt_ip], stream->str_stream_info);
|
||||
hit_cnt_ip += scan_ret;
|
||||
}
|
||||
else
|
||||
{
|
||||
TFE_LOG_INFO(logger, "Scan Src TAGS, NO hit scan ret: %d addr: %s", scan_ret, stream->str_stream_info);
|
||||
}
|
||||
scan_ret = tfe_scan_internal_exteral_by_last_group(stream, result, scan_mid, hit_cnt, PXY_CTRL_SOURCE_IP);
|
||||
if(scan_ret > 0)
|
||||
{
|
||||
hit_cnt_ip += scan_ret;
|
||||
}
|
||||
}
|
||||
|
||||
n_tag_ids=0;
|
||||
memset(tag_id_array, 0, sizeof(tag_id_array));
|
||||
ret = tfe_cmsg_get_value(cmsg, (enum tfe_cmsg_tlv_type)TFE_CMSG_DST_TAGS_ID_STR, (unsigned char *)opt_val, sizeof(opt_val), &opt_out_size);
|
||||
if(ret == 0)
|
||||
{
|
||||
n_tag_ids = tfe_get_tags_id_array(opt_val, tag_id_array);
|
||||
if(n_tag_ids == 0)
|
||||
{
|
||||
return hit_cnt_ip;
|
||||
}
|
||||
}
|
||||
TFE_LOG_DEBUG(logger, "fetch dst ip tags: %s", opt_val);
|
||||
for (int i = 0; i < n_tag_ids; i++)
|
||||
{
|
||||
memset(&hit_group, 0, sizeof(hit_group));
|
||||
hit_group.group_id=tag_id_array[i];
|
||||
scan_ret = maat_scan_group(tfe_get_maat_handle(), tfe_bussiness_tableid_get(PXY_CTRL_DESTINATION_IP), &hit_group, 1, result+hit_cnt+hit_cnt_ip,
|
||||
MAX_SCAN_RESULT-hit_cnt-hit_cnt_ip, &n_hit_result, scan_mid);
|
||||
if(scan_ret==MAAT_SCAN_HIT)
|
||||
{
|
||||
TFE_LOG_INFO(logger, "Scan Dst TAGS, Hit scan ret: %d policy_id: %lld addr: %s", scan_ret, result[hit_cnt + hit_cnt_ip], stream->str_stream_info);
|
||||
hit_cnt_ip += scan_ret;
|
||||
}
|
||||
else
|
||||
{
|
||||
TFE_LOG_INFO(logger, "Scan Dst TAGS, NO hit scan ret: %d addr: %s", scan_ret, stream->str_stream_info);
|
||||
}
|
||||
scan_ret = tfe_scan_internal_exteral_by_last_group(stream, result, scan_mid, hit_cnt, PXY_CTRL_DESTINATION_IP);
|
||||
if(scan_ret > 0)
|
||||
{
|
||||
hit_cnt_ip += scan_ret;
|
||||
}
|
||||
}
|
||||
return hit_cnt_ip;
|
||||
}
|
||||
|
||||
int tfe_scan_fqdn_tags(const struct tfe_stream *stream, long long *result, struct maat_state *scan_mid, int hit_cnt, int table_id, void *logger)
|
||||
{
|
||||
long long tag_id_array[128]={0};
|
||||
int scan_ret = 0, hit_cnt_fqdn = 0, n_tag_ids = 0;
|
||||
|
||||
struct tfe_cmsg *cmsg = tfe_stream_get0_cmsg(stream);
|
||||
if(cmsg == NULL)
|
||||
{
|
||||
return hit_cnt_fqdn;
|
||||
}
|
||||
|
||||
char opt_val[128]={0}; uint16_t opt_out_size = 0;
|
||||
int ret = tfe_cmsg_get_value(cmsg, (enum tfe_cmsg_tlv_type)TFE_CMSG_FQDN_TAGS_ID_STR, (unsigned char *)opt_val, sizeof(opt_val), &opt_out_size);
|
||||
if(ret == 0)
|
||||
{
|
||||
n_tag_ids = tfe_get_tags_id_array(opt_val, tag_id_array);
|
||||
if(n_tag_ids == 0)
|
||||
{
|
||||
return hit_cnt_fqdn;
|
||||
}
|
||||
}
|
||||
|
||||
TFE_LOG_DEBUG(logger, "fetch fqdn tags: %s", opt_val);
|
||||
struct maat_hit_group hit_group;
|
||||
for (int i = 0; i < n_tag_ids; i++)
|
||||
{
|
||||
memset(&hit_group, 0, sizeof(hit_group));
|
||||
hit_group.group_id=tag_id_array[i];
|
||||
scan_ret = scan_group(hit_group, result, scan_mid, hit_cnt, table_id);
|
||||
if (scan_ret > 0)
|
||||
{
|
||||
TFE_LOG_INFO(logger, "Scan Fqdn TAGS, Hit scan ret: %d policy_id: %lld addr: %s", scan_ret, result[hit_cnt + hit_cnt_fqdn], stream->str_stream_info);
|
||||
hit_cnt_fqdn += scan_ret;
|
||||
}
|
||||
else
|
||||
{
|
||||
TFE_LOG_INFO(logger, "Scan Fqdn TAGS, NO hit scan ret: %d addr: %s", scan_ret, stream->str_stream_info);
|
||||
}
|
||||
}
|
||||
return hit_cnt_fqdn;
|
||||
}
|
||||
|
||||
int tfe_scan_app_id(long long *result, struct maat_state *scan_mid, int hit_cnt, long long app_id, int table_id)
|
||||
{
|
||||
int scan_ret = 0;
|
||||
int hit_app_id = 0;
|
||||
size_t n_hit_result = 0;
|
||||
struct maat_hit_group hit_group;
|
||||
|
||||
struct app_id_dict *app_dict = (struct app_id_dict*)maat_plugin_table_get_ex_data(tfe_get_maat_handle(), tfe_bussiness_tableid_get(PXY_CTRL_APP_ID_DICT),
|
||||
(const char *)&app_id, sizeof(long long));
|
||||
if(app_dict!=NULL)
|
||||
{
|
||||
memset(&hit_group, 0, sizeof(hit_group));
|
||||
hit_group.group_id=app_dict->group_id;
|
||||
scan_ret = maat_scan_group(tfe_get_maat_handle(), table_id, &hit_group, 1, result+hit_cnt+hit_app_id,
|
||||
MAX_SCAN_RESULT-hit_cnt-hit_app_id, &n_hit_result, scan_mid);
|
||||
if(scan_ret==MAAT_SCAN_HIT)
|
||||
{
|
||||
hit_app_id += n_hit_result;
|
||||
}
|
||||
scan_ret = maat_scan_not_logic(tfe_get_maat_handle(), table_id, result+hit_cnt+hit_app_id, MAX_SCAN_RESULT-hit_cnt-hit_app_id, &n_hit_result, scan_mid);
|
||||
if (scan_ret == MAAT_SCAN_HIT)
|
||||
{
|
||||
hit_app_id += n_hit_result;
|
||||
}
|
||||
app_id_dict_free(app_dict);
|
||||
}
|
||||
return hit_app_id;
|
||||
}
|
||||
|
||||
int tfe_scan_port(const struct tfe_stream *stream, long long *result, struct maat_state *scan_mid, int hit_cnt, uint16_t source, uint16_t dest)
|
||||
{
|
||||
int scan_ret = 0;
|
||||
int hit_cnt_port = 0;
|
||||
size_t n_hit_result = 0;
|
||||
|
||||
scan_ret=maat_scan_integer(tfe_get_maat_handle(), tfe_bussiness_tableid_get(PXY_CTRL_SOURCE_PORT), ntohs(source),
|
||||
result+hit_cnt+hit_cnt_port, MAX_SCAN_RESULT-hit_cnt-hit_cnt_port, &n_hit_result, scan_mid);
|
||||
if(scan_ret == MAAT_SCAN_HIT)
|
||||
{
|
||||
hit_cnt_port+=n_hit_result;
|
||||
}
|
||||
scan_ret = tfe_scan_internal_exteral_by_last_group(stream, result, scan_mid, hit_cnt, PXY_CTRL_SOURCE_PORT);
|
||||
if(scan_ret > 0)
|
||||
{
|
||||
hit_cnt_port+=scan_ret;
|
||||
}
|
||||
scan_ret = maat_scan_not_logic(tfe_get_maat_handle(), tfe_bussiness_tableid_get(PXY_CTRL_SOURCE_PORT),
|
||||
result+hit_cnt+hit_cnt_port, MAX_SCAN_RESULT-hit_cnt-hit_cnt_port, &n_hit_result, scan_mid);
|
||||
if (scan_ret == MAAT_SCAN_HIT)
|
||||
{
|
||||
hit_cnt_port+=n_hit_result;
|
||||
}
|
||||
|
||||
scan_ret=maat_scan_integer(tfe_get_maat_handle(), tfe_bussiness_tableid_get(PXY_CTRL_DESTINATION_PORT), ntohs(dest),
|
||||
result+hit_cnt+hit_cnt_port, MAX_SCAN_RESULT-hit_cnt-hit_cnt_port, &n_hit_result, scan_mid);
|
||||
if(scan_ret == MAAT_SCAN_HIT)
|
||||
{
|
||||
hit_cnt_port+=n_hit_result;
|
||||
}
|
||||
scan_ret = tfe_scan_internal_exteral_by_last_group(stream, result, scan_mid, hit_cnt, PXY_CTRL_DESTINATION_PORT);
|
||||
if(scan_ret > 0)
|
||||
{
|
||||
hit_cnt_port+=scan_ret;
|
||||
}
|
||||
scan_ret = maat_scan_not_logic(tfe_get_maat_handle(), tfe_bussiness_tableid_get(PXY_CTRL_DESTINATION_PORT),
|
||||
result+hit_cnt+hit_cnt_port, MAX_SCAN_RESULT-hit_cnt-hit_cnt_port, &n_hit_result, scan_mid);
|
||||
if (scan_ret == MAAT_SCAN_HIT)
|
||||
{
|
||||
hit_cnt_port+=n_hit_result;
|
||||
}
|
||||
|
||||
return hit_cnt_port;
|
||||
}
|
||||
|
||||
#define PROTOCOL_TCP_GROUP_ID 6
|
||||
int tfe_scan_ipv4_addr(const struct tfe_stream *stream, long long *result, struct maat_state *scan_mid, int hit_cnt, struct ipaddr sapp_addr)
|
||||
{
|
||||
int scan_ret = 0;
|
||||
int hit_cnt_ip = 0;
|
||||
size_t n_hit_result = 0;
|
||||
struct maat_hit_group hit_group;
|
||||
|
||||
memset(&hit_group, 0, sizeof(hit_group));
|
||||
hit_group.group_id=PROTOCOL_TCP_GROUP_ID;
|
||||
scan_ret = maat_scan_group(tfe_get_maat_handle(), tfe_bussiness_tableid_get(PXY_CTRL_IP_PROTOCOL), &hit_group, 1,
|
||||
result+hit_cnt+hit_cnt_ip, MAX_SCAN_RESULT-hit_cnt-hit_cnt_ip, &n_hit_result, scan_mid);
|
||||
if(scan_ret==MAAT_SCAN_HIT)
|
||||
{
|
||||
hit_cnt_ip += n_hit_result;
|
||||
}
|
||||
scan_ret = maat_scan_not_logic(tfe_get_maat_handle(), tfe_bussiness_tableid_get(PXY_CTRL_IP_PROTOCOL),
|
||||
result+hit_cnt+hit_cnt_ip, MAX_SCAN_RESULT-hit_cnt-hit_cnt_ip, &n_hit_result, scan_mid);
|
||||
if (scan_ret == MAAT_SCAN_HIT)
|
||||
{
|
||||
hit_cnt_ip += n_hit_result;
|
||||
}
|
||||
|
||||
scan_ret = maat_scan_ipv4_port(tfe_get_maat_handle(), tfe_bussiness_tableid_get(PXY_CTRL_SOURCE_IP), sapp_addr.v4->saddr, ntohs(sapp_addr.v4->source),
|
||||
result+hit_cnt+hit_cnt_ip, MAX_SCAN_RESULT-hit_cnt-hit_cnt_ip, &n_hit_result, scan_mid);
|
||||
if (scan_ret == MAAT_SCAN_HIT)
|
||||
{
|
||||
hit_cnt_ip += n_hit_result;
|
||||
}
|
||||
scan_ret = tfe_scan_internal_exteral_by_last_group(stream, result, scan_mid, hit_cnt, PXY_CTRL_SOURCE_IP);
|
||||
if(scan_ret > 0)
|
||||
{
|
||||
hit_cnt_ip += scan_ret;
|
||||
}
|
||||
scan_ret = maat_scan_not_logic(tfe_get_maat_handle(), tfe_bussiness_tableid_get(PXY_CTRL_SOURCE_IP),
|
||||
result+hit_cnt+hit_cnt_ip, MAX_SCAN_RESULT-hit_cnt-hit_cnt_ip, &n_hit_result, scan_mid);
|
||||
if (scan_ret == MAAT_SCAN_HIT)
|
||||
{
|
||||
hit_cnt_ip += n_hit_result;
|
||||
}
|
||||
|
||||
scan_ret = maat_scan_ipv4_port(tfe_get_maat_handle(), tfe_bussiness_tableid_get(PXY_CTRL_DESTINATION_IP), sapp_addr.v4->daddr, ntohs(sapp_addr.v4->dest),
|
||||
result+hit_cnt+hit_cnt_ip, MAX_SCAN_RESULT-hit_cnt-hit_cnt_ip, &n_hit_result, scan_mid);
|
||||
if(scan_ret == MAAT_SCAN_HIT)
|
||||
{
|
||||
hit_cnt_ip += n_hit_result;
|
||||
}
|
||||
scan_ret = tfe_scan_internal_exteral_by_last_group(stream, result, scan_mid, hit_cnt, PXY_CTRL_DESTINATION_IP);
|
||||
if(scan_ret > 0)
|
||||
{
|
||||
hit_cnt_ip += scan_ret;
|
||||
}
|
||||
scan_ret = maat_scan_not_logic(tfe_get_maat_handle(), tfe_bussiness_tableid_get(PXY_CTRL_DESTINATION_IP),
|
||||
result+hit_cnt+hit_cnt_ip, MAX_SCAN_RESULT-hit_cnt-hit_cnt_ip, &n_hit_result, scan_mid);
|
||||
if (scan_ret == MAAT_SCAN_HIT)
|
||||
{
|
||||
hit_cnt_ip += n_hit_result;
|
||||
}
|
||||
|
||||
return hit_cnt_ip;
|
||||
}
|
||||
|
||||
int tfe_scan_ipv6_addr(const struct tfe_stream *stream, long long *result, struct maat_state *scan_mid, int hit_cnt, struct ipaddr sapp_addr)
|
||||
{
|
||||
int scan_ret = 0;
|
||||
int hit_cnt_ip = 0;
|
||||
size_t n_hit_result = 0;
|
||||
struct maat_hit_group hit_group;
|
||||
|
||||
memset(&hit_group, 0, sizeof(hit_group));
|
||||
hit_group.group_id=PROTOCOL_TCP_GROUP_ID;
|
||||
scan_ret = maat_scan_group(tfe_get_maat_handle(), tfe_bussiness_tableid_get(PXY_CTRL_IP_PROTOCOL), &hit_group, 1,
|
||||
result+hit_cnt+hit_cnt_ip, MAX_SCAN_RESULT-hit_cnt-hit_cnt_ip, &n_hit_result, scan_mid);
|
||||
if(scan_ret==MAAT_SCAN_HIT)
|
||||
{
|
||||
hit_cnt_ip += n_hit_result;
|
||||
}
|
||||
scan_ret = maat_scan_not_logic(tfe_get_maat_handle(), tfe_bussiness_tableid_get(PXY_CTRL_IP_PROTOCOL),
|
||||
result+hit_cnt+hit_cnt_ip, MAX_SCAN_RESULT-hit_cnt-hit_cnt_ip, &n_hit_result, scan_mid);
|
||||
if (scan_ret == MAAT_SCAN_HIT)
|
||||
{
|
||||
hit_cnt_ip += n_hit_result;
|
||||
}
|
||||
scan_ret = maat_scan_ipv6_port(tfe_get_maat_handle(), tfe_bussiness_tableid_get(PXY_CTRL_SOURCE_IP), sapp_addr.v6->saddr, ntohs(sapp_addr.v6->source),
|
||||
result+hit_cnt+hit_cnt_ip, MAX_SCAN_RESULT-hit_cnt-hit_cnt_ip, &n_hit_result, scan_mid);
|
||||
if (scan_ret == MAAT_SCAN_HIT)
|
||||
{
|
||||
hit_cnt_ip += n_hit_result;
|
||||
}
|
||||
scan_ret = tfe_scan_internal_exteral_by_last_group(stream, result, scan_mid, hit_cnt, PXY_CTRL_SOURCE_IP);
|
||||
if(scan_ret > 0)
|
||||
{
|
||||
hit_cnt_ip += scan_ret;
|
||||
}
|
||||
scan_ret = maat_scan_not_logic(tfe_get_maat_handle(), tfe_bussiness_tableid_get(PXY_CTRL_SOURCE_IP),
|
||||
result+hit_cnt+hit_cnt_ip, MAX_SCAN_RESULT-hit_cnt-hit_cnt_ip, &n_hit_result, scan_mid);
|
||||
if (scan_ret == MAAT_SCAN_HIT)
|
||||
{
|
||||
hit_cnt_ip += n_hit_result;
|
||||
}
|
||||
|
||||
scan_ret = maat_scan_ipv6_port(tfe_get_maat_handle(), tfe_bussiness_tableid_get(PXY_CTRL_DESTINATION_IP), sapp_addr.v6->daddr, ntohs(sapp_addr.v6->dest),
|
||||
result+hit_cnt+hit_cnt_ip, MAX_SCAN_RESULT-hit_cnt-hit_cnt_ip, &n_hit_result, scan_mid);
|
||||
if (scan_ret == MAAT_SCAN_HIT)
|
||||
{
|
||||
hit_cnt_ip += n_hit_result;
|
||||
}
|
||||
scan_ret = tfe_scan_internal_exteral_by_last_group(stream, result, scan_mid, hit_cnt, PXY_CTRL_DESTINATION_IP);
|
||||
if(scan_ret > 0)
|
||||
{
|
||||
hit_cnt_ip += scan_ret;
|
||||
}
|
||||
scan_ret = maat_scan_not_logic(tfe_get_maat_handle(), tfe_bussiness_tableid_get(PXY_CTRL_DESTINATION_IP),
|
||||
result+hit_cnt+hit_cnt_ip, MAX_SCAN_RESULT-hit_cnt-hit_cnt_ip, &n_hit_result, scan_mid);
|
||||
if (scan_ret == MAAT_SCAN_HIT)
|
||||
{
|
||||
hit_cnt_ip += n_hit_result;
|
||||
}
|
||||
|
||||
return hit_cnt_ip;
|
||||
}
|
||||
|
||||
int tfe_scan_subscribe_id(const struct tfe_stream *stream, long long *result, struct maat_state *scan_mid,
|
||||
int hit_cnt, void *logger)
|
||||
{
|
||||
@@ -78,439 +518,3 @@ int tfe_scan_subscribe_id(const struct tfe_stream *stream, long long *result, st
|
||||
|
||||
return hit_cnt_ip;
|
||||
}
|
||||
|
||||
static int scan_group(struct maat_hit_group hit_group, long long *result, struct maat_state *scan_mid, int hit_cnt, int table_id)
|
||||
{
|
||||
size_t n_hit_result=0;
|
||||
int scan_ret=0, hit_cnt_group=0;
|
||||
|
||||
scan_ret = maat_scan_group(tfe_get_maat_handle(), table_id, &hit_group, 1,
|
||||
result+hit_cnt+hit_cnt_group, MAX_SCAN_RESULT-hit_cnt-hit_cnt_group, &n_hit_result, scan_mid);
|
||||
if(scan_ret == MAAT_SCAN_HIT)
|
||||
{
|
||||
hit_cnt_group+=n_hit_result;
|
||||
}
|
||||
scan_ret = maat_scan_not_logic(tfe_get_maat_handle(), table_id, result+hit_cnt+hit_cnt_group,
|
||||
MAX_SCAN_RESULT-hit_cnt-hit_cnt_group, &n_hit_result, scan_mid);
|
||||
if (scan_ret == MAAT_SCAN_HIT)
|
||||
{
|
||||
hit_cnt_group+=n_hit_result;
|
||||
}
|
||||
return hit_cnt_group;
|
||||
}
|
||||
|
||||
int tfe_scan_ip_location(const struct tfe_stream *stream, long long *result, struct maat_state *scan_mid, int hit_cnt, void *logger)
|
||||
{
|
||||
int scan_ret = 0;
|
||||
int hit_cnt_ip = 0;
|
||||
uint16_t opt_out_size;
|
||||
unsigned int i=0, group_id_num=0;
|
||||
uint64_t group_id=0;
|
||||
uint64_t group_id_val[TFE_SYMBOL_MAX] = {0};
|
||||
|
||||
struct tfe_cmsg *cmsg = tfe_stream_get0_cmsg(stream);
|
||||
if(cmsg == NULL)
|
||||
{
|
||||
return hit_cnt_ip;
|
||||
}
|
||||
|
||||
for(i=TFE_CMSG_SRC_REGION_ID; i <= TFE_CMSG_DST_SUBDIVISION_ID; i+=2)
|
||||
{
|
||||
scan_ret = tfe_cmsg_get_value(cmsg, (enum tfe_cmsg_tlv_type)i, (unsigned char *)&group_id, sizeof(group_id), &opt_out_size);
|
||||
if (scan_ret == 0)
|
||||
{
|
||||
group_id_val[group_id_num] = group_id;
|
||||
}
|
||||
group_id_num++;
|
||||
}
|
||||
TFE_LOG_DEBUG(logger, "fetch src ip location region_id:%lu, province_id:%lu, city_id:%lu, subdivision_id:%lu, addr: %s", group_id_val[0], group_id_val[1], group_id_val[2],group_id_val[3], stream->str_stream_info);
|
||||
struct maat_hit_group hit_group;
|
||||
for (i = 0; i < group_id_num; i++)
|
||||
{
|
||||
memset(&hit_group, 0, sizeof(hit_group));
|
||||
hit_group.group_id=group_id_val[i];
|
||||
scan_ret = scan_group(hit_group, result, scan_mid, hit_cnt, tfe_bussiness_tableid_get((enum scan_common_table)(PXY_CTRL_SOURCE_GEO_COUNTRY+i)));
|
||||
if (scan_ret > 0)
|
||||
{
|
||||
TFE_LOG_INFO(logger, "Scan SRC IP_LOCATION, Hit scan ret: %d policy_id: %lld addr: %s", scan_ret, result[hit_cnt + hit_cnt_ip], stream->str_stream_info);
|
||||
hit_cnt_ip += scan_ret;
|
||||
}
|
||||
else
|
||||
{
|
||||
TFE_LOG_INFO(logger, "Scan SRC IP_LOCATION, NO hit scan ret: %d addr: %s", scan_ret, stream->str_stream_info);
|
||||
}
|
||||
}
|
||||
|
||||
group_id_num=0;
|
||||
memset(group_id_val, 0, sizeof(group_id_val));
|
||||
for(i=TFE_CMSG_DST_REGION_ID; i <= TFE_CMSG_DST_SUBDIVISION_ID; i+=2)
|
||||
{
|
||||
scan_ret = tfe_cmsg_get_value(cmsg, (enum tfe_cmsg_tlv_type)i, (unsigned char *)&group_id, sizeof(group_id), &opt_out_size);
|
||||
if (scan_ret == 0)
|
||||
{
|
||||
group_id_val[group_id_num] = group_id;
|
||||
}
|
||||
group_id_num++;
|
||||
}
|
||||
TFE_LOG_DEBUG(logger, "fetch dst ip location region_id:%lu, province_id:%lu, city_id:%lu, subdivision_id:%lu, addr: %s", group_id_val[0], group_id_val[1], group_id_val[2],group_id_val[3], stream->str_stream_info);
|
||||
for (i = 0; i < group_id_num; i++)
|
||||
{
|
||||
memset(&hit_group, 0, sizeof(hit_group));
|
||||
hit_group.group_id=group_id_val[i];
|
||||
scan_ret = scan_group(hit_group, result, scan_mid, hit_cnt, tfe_bussiness_tableid_get((enum scan_common_table)(PXY_CTRL_DESTINATION_GEO_COUNTRY+i)));
|
||||
if (scan_ret > 0)
|
||||
{
|
||||
TFE_LOG_INFO(logger, "Scan IP_LOCATION, Hit scan ret: %d policy_id: %lld addr: %s", scan_ret, result[hit_cnt + hit_cnt_ip], stream->str_stream_info);
|
||||
hit_cnt_ip += scan_ret;
|
||||
}
|
||||
else
|
||||
{
|
||||
TFE_LOG_INFO(logger, "Scan IP_LOCATION, NO hit scan ret: %d addr: %s", scan_ret, stream->str_stream_info);
|
||||
}
|
||||
}
|
||||
return hit_cnt_ip;
|
||||
}
|
||||
|
||||
int tfe_scan_ip_asn(const struct tfe_stream *stream, long long *result, struct maat_state *scan_mid, int hit_cnt, void *logger)
|
||||
{
|
||||
int scan_ret = 0;
|
||||
int hit_cnt_ip = 0;
|
||||
size_t n_hit_result = 0;
|
||||
uint16_t opt_out_size;
|
||||
uint64_t src_asn_group_id=0, dst_asn_group_id=0;
|
||||
|
||||
struct tfe_cmsg *cmsg = tfe_stream_get0_cmsg(stream);
|
||||
if (cmsg != NULL)
|
||||
{
|
||||
scan_ret = tfe_cmsg_get_value(cmsg, TFE_CMSG_SRC_ASN_ID, (unsigned char *)&src_asn_group_id, sizeof(src_asn_group_id), &opt_out_size);
|
||||
if (scan_ret != 0)
|
||||
{
|
||||
TFE_LOG_ERROR(logger, "fetch src asn from cmsg failed, ret: %d addr: %s", scan_ret, stream->str_stream_info);
|
||||
}
|
||||
scan_ret = tfe_cmsg_get_value(cmsg, TFE_CMSG_DST_ASN_ID, (unsigned char *)&dst_asn_group_id, sizeof(dst_asn_group_id), &opt_out_size);
|
||||
if (scan_ret != 0)
|
||||
{
|
||||
TFE_LOG_ERROR(logger, "fetch dst asn from cmsg failed, ret: %d addr: %s", scan_ret, stream->str_stream_info);
|
||||
}
|
||||
}
|
||||
TFE_LOG_DEBUG(logger, "fetch src asn:%lu; dst asn:%lu addr: %s", src_asn_group_id, dst_asn_group_id, stream->str_stream_info);
|
||||
|
||||
struct maat_hit_group hit_group;
|
||||
if (dst_asn_group_id > 0)
|
||||
{
|
||||
memset(&hit_group, 0, sizeof(hit_group));
|
||||
hit_group.group_id=dst_asn_group_id;
|
||||
scan_ret = scan_group(hit_group, result, scan_mid, hit_cnt+hit_cnt_ip, tfe_bussiness_tableid_get(PXY_CTRL_DESTINATION_ASN));
|
||||
if (scan_ret > 0)
|
||||
{
|
||||
TFE_LOG_INFO(logger, "Scan ATTR_DESTINATION_ASN, Hit asn: %lu scan ret: %d policy_id: %lld addr: %s",
|
||||
dst_asn_group_id, scan_ret, result[hit_cnt + hit_cnt_ip], stream->str_stream_info);
|
||||
hit_cnt_ip += n_hit_result;
|
||||
}
|
||||
else
|
||||
{
|
||||
TFE_LOG_INFO(logger, "Scan ATTR_DESTINATION_ASN, NO hit asn: %lu scan ret: %d addr: %s",
|
||||
dst_asn_group_id, scan_ret, stream->str_stream_info);
|
||||
}
|
||||
}
|
||||
if(src_asn_group_id > 0)
|
||||
{
|
||||
memset(&hit_group, 0, sizeof(hit_group));
|
||||
hit_group.group_id=src_asn_group_id;
|
||||
scan_ret = scan_group(hit_group, result, scan_mid, hit_cnt+hit_cnt_ip, tfe_bussiness_tableid_get(PXY_CTRL_SOURCE_ASN));
|
||||
if(scan_ret > 0)
|
||||
{
|
||||
TFE_LOG_INFO(logger, "Scan ATTR_SOURCE_ASN, Hit asn: %lu scan ret: %d policy_id: %lld addr: %s",
|
||||
src_asn_group_id, scan_ret, result[hit_cnt + hit_cnt_ip], stream->str_stream_info);
|
||||
hit_cnt_ip += n_hit_result;
|
||||
|
||||
}
|
||||
else
|
||||
{
|
||||
TFE_LOG_INFO(logger, "Scan ATTR_SOURCE_ASN, NO hit asn: %lu scan ret: %d addr: %s",
|
||||
src_asn_group_id, scan_ret, stream->str_stream_info);
|
||||
}
|
||||
}
|
||||
|
||||
return hit_cnt_ip;
|
||||
}
|
||||
|
||||
int tfe_scan_app_id(long long *result, struct maat_state *scan_mid, int hit_cnt, long long app_id, int table_id)
|
||||
{
|
||||
int scan_ret = 0;
|
||||
int hit_app_id = 0;
|
||||
size_t n_hit_result = 0;
|
||||
struct maat_hit_group hit_group;
|
||||
|
||||
struct app_id_dict *app_dict = (struct app_id_dict*)maat_plugin_table_get_ex_data(tfe_get_maat_handle(), tfe_bussiness_tableid_get(PXY_CTRL_APP_ID_DICT),
|
||||
(const char *)&app_id, sizeof(long long));
|
||||
if(app_dict!=NULL)
|
||||
{
|
||||
memset(&hit_group, 0, sizeof(hit_group));
|
||||
hit_group.group_id=app_dict->group_id;
|
||||
scan_ret = maat_scan_group(tfe_get_maat_handle(), table_id, &hit_group, 1, result+hit_cnt+hit_app_id,
|
||||
MAX_SCAN_RESULT-hit_cnt-hit_app_id, &n_hit_result, scan_mid);
|
||||
if(scan_ret==MAAT_SCAN_HIT)
|
||||
{
|
||||
hit_app_id += n_hit_result;
|
||||
}
|
||||
scan_ret = maat_scan_not_logic(tfe_get_maat_handle(), table_id, result+hit_cnt+hit_app_id, MAX_SCAN_RESULT-hit_cnt-hit_app_id, &n_hit_result, scan_mid);
|
||||
if (scan_ret == MAAT_SCAN_HIT)
|
||||
{
|
||||
hit_app_id += n_hit_result;
|
||||
}
|
||||
app_id_dict_free(app_dict);
|
||||
}
|
||||
return hit_app_id;
|
||||
}
|
||||
|
||||
static int get_route_dir(const struct tfe_stream * stream)
|
||||
{
|
||||
uint16_t out_size;
|
||||
unsigned int route_dir; int ret=0;
|
||||
|
||||
struct tfe_cmsg *cmsg = tfe_stream_get0_cmsg(stream);
|
||||
if (cmsg != NULL)
|
||||
{
|
||||
ret = tfe_cmsg_get_value(cmsg, TFE_CMSG_COMMON_DIRECTION, (unsigned char *)&route_dir, sizeof(route_dir), &out_size);
|
||||
if (ret != 0)
|
||||
{
|
||||
return ret;
|
||||
}
|
||||
}
|
||||
return (route_dir==69) ? 1 : 0;
|
||||
}
|
||||
|
||||
int tfe_scan_internal_exteral_addr(const struct tfe_stream *stream, long long *result, struct maat_state *scan_mid, int hit_cnt, int c2s)
|
||||
{
|
||||
int scan_ret = 0;
|
||||
int table_id=0;
|
||||
int hit_cnt_ip = 0;
|
||||
size_t array_size=256;
|
||||
size_t n_hit_result = 0;
|
||||
struct maat_hit_group last_hit_groups[256] = {0};
|
||||
|
||||
int dir_is_e2i = get_route_dir(stream);
|
||||
if(c2s == 1) table_id = (dir_is_e2i == 1) ? tfe_bussiness_tableid_get(PXY_CTRL_INTERNAL_IP) : tfe_bussiness_tableid_get(PXY_CTRL_EXTERNAL_IP);
|
||||
if(c2s == 0) table_id = (dir_is_e2i == 0) ? tfe_bussiness_tableid_get(PXY_CTRL_INTERNAL_IP) : tfe_bussiness_tableid_get(PXY_CTRL_EXTERNAL_IP);
|
||||
|
||||
size_t n_last_hit_group = maat_state_get_last_hit_group_cnt(scan_mid);
|
||||
if(n_last_hit_group > 0)
|
||||
{
|
||||
maat_state_get_last_hit_groups(scan_mid, last_hit_groups, array_size);
|
||||
scan_ret = maat_scan_group(tfe_get_maat_handle(), table_id, last_hit_groups, array_size, result+hit_cnt+hit_cnt_ip,
|
||||
MAX_SCAN_RESULT-hit_cnt-hit_cnt_ip, &n_hit_result, scan_mid);
|
||||
if(scan_ret == MAAT_SCAN_HIT)
|
||||
{
|
||||
hit_cnt_ip += n_hit_result;
|
||||
}
|
||||
scan_ret = maat_scan_not_logic(tfe_get_maat_handle(), table_id,
|
||||
result+hit_cnt+hit_cnt_ip, MAX_SCAN_RESULT-hit_cnt-hit_cnt_ip, &n_hit_result, scan_mid);
|
||||
if (scan_ret == MAAT_SCAN_HIT)
|
||||
{
|
||||
hit_cnt_ip += n_hit_result;
|
||||
}
|
||||
}
|
||||
|
||||
return hit_cnt_ip;
|
||||
}
|
||||
|
||||
int tfe_scan_internal_exteral_port(const struct tfe_stream *stream, long long *result, struct maat_state *scan_mid, int hit_cnt, int c2s)
|
||||
{
|
||||
int scan_ret = 0;
|
||||
int table_id=0;
|
||||
int hit_cnt_port = 0;
|
||||
size_t array_size=256;
|
||||
size_t n_hit_result = 0;
|
||||
struct maat_hit_group last_hit_groups[256] = {0};
|
||||
|
||||
int dir_is_e2i = get_route_dir(stream);
|
||||
if(c2s == 1) table_id = (dir_is_e2i == 1) ? tfe_bussiness_tableid_get(PXY_CTRL_INTERNAL_PORT) : tfe_bussiness_tableid_get(PXY_CTRL_EXTERNAL_PORT);
|
||||
if(c2s == 0) table_id = (dir_is_e2i == 0) ? tfe_bussiness_tableid_get(PXY_CTRL_INTERNAL_PORT) : tfe_bussiness_tableid_get(PXY_CTRL_EXTERNAL_PORT);
|
||||
|
||||
size_t n_last_hit_group = maat_state_get_last_hit_group_cnt(scan_mid);
|
||||
if(n_last_hit_group > 0)
|
||||
{
|
||||
maat_state_get_last_hit_groups(scan_mid, last_hit_groups, array_size);
|
||||
scan_ret = maat_scan_group(tfe_get_maat_handle(), table_id, last_hit_groups, array_size, result+hit_cnt+hit_cnt_port,
|
||||
MAX_SCAN_RESULT-hit_cnt-hit_cnt_port, &n_hit_result, scan_mid);
|
||||
if(scan_ret == MAAT_SCAN_HIT)
|
||||
{
|
||||
hit_cnt_port += n_hit_result;
|
||||
}
|
||||
scan_ret = maat_scan_not_logic(tfe_get_maat_handle(), table_id,
|
||||
result+hit_cnt+hit_cnt_port, MAX_SCAN_RESULT-hit_cnt-hit_cnt_port, &n_hit_result, scan_mid);
|
||||
if (scan_ret == MAAT_SCAN_HIT)
|
||||
{
|
||||
hit_cnt_port += n_hit_result;
|
||||
}
|
||||
}
|
||||
return hit_cnt_port;
|
||||
}
|
||||
|
||||
int tfe_scan_port(const struct tfe_stream *stream, long long *result, struct maat_state *scan_mid, int hit_cnt, uint16_t source, uint16_t dest)
|
||||
{
|
||||
int scan_ret = 0;
|
||||
int hit_cnt_port = 0;
|
||||
size_t n_hit_result = 0;
|
||||
|
||||
scan_ret=maat_scan_integer(tfe_get_maat_handle(), tfe_bussiness_tableid_get(PXY_CTRL_SOURCE_PORT), ntohs(source),
|
||||
result+hit_cnt+hit_cnt_port, MAX_SCAN_RESULT-hit_cnt-hit_cnt_port, &n_hit_result, scan_mid);
|
||||
if(scan_ret == MAAT_SCAN_HIT)
|
||||
{
|
||||
hit_cnt_port+=n_hit_result;
|
||||
}
|
||||
scan_ret = tfe_scan_internal_exteral_port(stream, result, scan_mid, hit_cnt, 1);
|
||||
if(scan_ret > 0)
|
||||
{
|
||||
hit_cnt_port+=scan_ret;
|
||||
}
|
||||
scan_ret = maat_scan_not_logic(tfe_get_maat_handle(), tfe_bussiness_tableid_get(PXY_CTRL_SOURCE_PORT),
|
||||
result+hit_cnt+hit_cnt_port, MAX_SCAN_RESULT-hit_cnt-hit_cnt_port, &n_hit_result, scan_mid);
|
||||
if (scan_ret == MAAT_SCAN_HIT)
|
||||
{
|
||||
hit_cnt_port+=n_hit_result;
|
||||
}
|
||||
|
||||
scan_ret=maat_scan_integer(tfe_get_maat_handle(), tfe_bussiness_tableid_get(PXY_CTRL_DESTINATION_PORT), ntohs(dest),
|
||||
result+hit_cnt+hit_cnt_port, MAX_SCAN_RESULT-hit_cnt-hit_cnt_port, &n_hit_result, scan_mid);
|
||||
if(scan_ret == MAAT_SCAN_HIT)
|
||||
{
|
||||
hit_cnt_port+=n_hit_result;
|
||||
}
|
||||
scan_ret = tfe_scan_internal_exteral_port(stream, result, scan_mid, hit_cnt, 0);
|
||||
if(scan_ret > 0)
|
||||
{
|
||||
hit_cnt_port+=scan_ret;
|
||||
}
|
||||
scan_ret = maat_scan_not_logic(tfe_get_maat_handle(), tfe_bussiness_tableid_get(PXY_CTRL_DESTINATION_PORT),
|
||||
result+hit_cnt+hit_cnt_port, MAX_SCAN_RESULT-hit_cnt-hit_cnt_port, &n_hit_result, scan_mid);
|
||||
if (scan_ret == MAAT_SCAN_HIT)
|
||||
{
|
||||
hit_cnt_port+=n_hit_result;
|
||||
}
|
||||
|
||||
return hit_cnt_port;
|
||||
}
|
||||
|
||||
#define PROTOCOL_TCP_GROUP_ID 6
|
||||
int tfe_scan_ipv4_addr(const struct tfe_stream *stream, long long *result, struct maat_state *scan_mid, int hit_cnt, struct ipaddr sapp_addr)
|
||||
{
|
||||
int scan_ret = 0;
|
||||
int hit_cnt_ip = 0;
|
||||
size_t n_hit_result = 0;
|
||||
struct maat_hit_group hit_group;
|
||||
|
||||
memset(&hit_group, 0, sizeof(hit_group));
|
||||
hit_group.group_id=PROTOCOL_TCP_GROUP_ID;
|
||||
scan_ret = maat_scan_group(tfe_get_maat_handle(), tfe_bussiness_tableid_get(PXY_CTRL_IP_PROTOCOL), &hit_group, 1,
|
||||
result+hit_cnt+hit_cnt_ip, MAX_SCAN_RESULT-hit_cnt-hit_cnt_ip, &n_hit_result, scan_mid);
|
||||
if(scan_ret==MAAT_SCAN_HIT)
|
||||
{
|
||||
hit_cnt_ip += n_hit_result;
|
||||
}
|
||||
scan_ret = maat_scan_not_logic(tfe_get_maat_handle(), tfe_bussiness_tableid_get(PXY_CTRL_IP_PROTOCOL),
|
||||
result+hit_cnt+hit_cnt_ip, MAX_SCAN_RESULT-hit_cnt-hit_cnt_ip, &n_hit_result, scan_mid);
|
||||
if (scan_ret == MAAT_SCAN_HIT)
|
||||
{
|
||||
hit_cnt_ip += n_hit_result;
|
||||
}
|
||||
|
||||
scan_ret = maat_scan_ipv4_port(tfe_get_maat_handle(), tfe_bussiness_tableid_get(PXY_CTRL_SOURCE_IP), sapp_addr.v4->saddr, ntohs(sapp_addr.v4->source),
|
||||
result+hit_cnt+hit_cnt_ip, MAX_SCAN_RESULT-hit_cnt-hit_cnt_ip, &n_hit_result, scan_mid);
|
||||
if (scan_ret == MAAT_SCAN_HIT)
|
||||
{
|
||||
hit_cnt_ip += n_hit_result;
|
||||
}
|
||||
scan_ret = tfe_scan_internal_exteral_addr(stream, result, scan_mid, hit_cnt, 1);
|
||||
if(scan_ret > 0)
|
||||
{
|
||||
hit_cnt_ip += scan_ret;
|
||||
}
|
||||
scan_ret = maat_scan_not_logic(tfe_get_maat_handle(), tfe_bussiness_tableid_get(PXY_CTRL_SOURCE_IP),
|
||||
result+hit_cnt+hit_cnt_ip, MAX_SCAN_RESULT-hit_cnt-hit_cnt_ip, &n_hit_result, scan_mid);
|
||||
if (scan_ret == MAAT_SCAN_HIT)
|
||||
{
|
||||
hit_cnt_ip += n_hit_result;
|
||||
}
|
||||
|
||||
scan_ret = maat_scan_ipv4_port(tfe_get_maat_handle(), tfe_bussiness_tableid_get(PXY_CTRL_DESTINATION_IP), sapp_addr.v4->daddr, ntohs(sapp_addr.v4->dest),
|
||||
result+hit_cnt+hit_cnt_ip, MAX_SCAN_RESULT-hit_cnt-hit_cnt_ip, &n_hit_result, scan_mid);
|
||||
if(scan_ret == MAAT_SCAN_HIT)
|
||||
{
|
||||
hit_cnt_ip += n_hit_result;
|
||||
}
|
||||
scan_ret = tfe_scan_internal_exteral_addr(stream, result, scan_mid, hit_cnt, 0);
|
||||
if(scan_ret > 0)
|
||||
{
|
||||
hit_cnt_ip += scan_ret;
|
||||
}
|
||||
scan_ret = maat_scan_not_logic(tfe_get_maat_handle(), tfe_bussiness_tableid_get(PXY_CTRL_DESTINATION_IP),
|
||||
result+hit_cnt+hit_cnt_ip, MAX_SCAN_RESULT-hit_cnt-hit_cnt_ip, &n_hit_result, scan_mid);
|
||||
if (scan_ret == MAAT_SCAN_HIT)
|
||||
{
|
||||
hit_cnt_ip += n_hit_result;
|
||||
}
|
||||
|
||||
return hit_cnt_ip;
|
||||
}
|
||||
|
||||
int tfe_scan_ipv6_addr(const struct tfe_stream *stream, long long *result, struct maat_state *scan_mid, int hit_cnt, struct ipaddr sapp_addr)
|
||||
{
|
||||
int scan_ret = 0;
|
||||
int hit_cnt_ip = 0;
|
||||
size_t n_hit_result = 0;
|
||||
struct maat_hit_group hit_group;
|
||||
|
||||
memset(&hit_group, 0, sizeof(hit_group));
|
||||
hit_group.group_id=PROTOCOL_TCP_GROUP_ID;
|
||||
scan_ret = maat_scan_group(tfe_get_maat_handle(), tfe_bussiness_tableid_get(PXY_CTRL_IP_PROTOCOL), &hit_group, 1,
|
||||
result+hit_cnt+hit_cnt_ip, MAX_SCAN_RESULT-hit_cnt-hit_cnt_ip, &n_hit_result, scan_mid);
|
||||
if(scan_ret==MAAT_SCAN_HIT)
|
||||
{
|
||||
hit_cnt_ip += n_hit_result;
|
||||
}
|
||||
scan_ret = maat_scan_not_logic(tfe_get_maat_handle(), tfe_bussiness_tableid_get(PXY_CTRL_IP_PROTOCOL),
|
||||
result+hit_cnt+hit_cnt_ip, MAX_SCAN_RESULT-hit_cnt-hit_cnt_ip, &n_hit_result, scan_mid);
|
||||
if (scan_ret == MAAT_SCAN_HIT)
|
||||
{
|
||||
hit_cnt_ip += n_hit_result;
|
||||
}
|
||||
scan_ret = maat_scan_ipv6_port(tfe_get_maat_handle(), tfe_bussiness_tableid_get(PXY_CTRL_SOURCE_IP), sapp_addr.v6->saddr, ntohs(sapp_addr.v6->source),
|
||||
result+hit_cnt+hit_cnt_ip, MAX_SCAN_RESULT-hit_cnt-hit_cnt_ip, &n_hit_result, scan_mid);
|
||||
if (scan_ret == MAAT_SCAN_HIT)
|
||||
{
|
||||
hit_cnt_ip += n_hit_result;
|
||||
}
|
||||
scan_ret = tfe_scan_internal_exteral_addr(stream, result, scan_mid, hit_cnt, 1);
|
||||
if(scan_ret > 0)
|
||||
{
|
||||
hit_cnt_ip += scan_ret;
|
||||
}
|
||||
scan_ret = maat_scan_not_logic(tfe_get_maat_handle(), tfe_bussiness_tableid_get(PXY_CTRL_SOURCE_IP),
|
||||
result+hit_cnt+hit_cnt_ip, MAX_SCAN_RESULT-hit_cnt-hit_cnt_ip, &n_hit_result, scan_mid);
|
||||
if (scan_ret == MAAT_SCAN_HIT)
|
||||
{
|
||||
hit_cnt_ip += n_hit_result;
|
||||
}
|
||||
|
||||
scan_ret = maat_scan_ipv6_port(tfe_get_maat_handle(), tfe_bussiness_tableid_get(PXY_CTRL_DESTINATION_IP), sapp_addr.v6->daddr, ntohs(sapp_addr.v6->dest),
|
||||
result+hit_cnt+hit_cnt_ip, MAX_SCAN_RESULT-hit_cnt-hit_cnt_ip, &n_hit_result, scan_mid);
|
||||
if (scan_ret == MAAT_SCAN_HIT)
|
||||
{
|
||||
hit_cnt_ip += n_hit_result;
|
||||
}
|
||||
scan_ret = tfe_scan_internal_exteral_addr(stream, result, scan_mid, hit_cnt, 0);
|
||||
if(scan_ret > 0)
|
||||
{
|
||||
hit_cnt_ip += scan_ret;
|
||||
}
|
||||
scan_ret = maat_scan_not_logic(tfe_get_maat_handle(), tfe_bussiness_tableid_get(PXY_CTRL_DESTINATION_IP),
|
||||
result+hit_cnt+hit_cnt_ip, MAX_SCAN_RESULT-hit_cnt-hit_cnt_ip, &n_hit_result, scan_mid);
|
||||
if (scan_ret == MAAT_SCAN_HIT)
|
||||
{
|
||||
hit_cnt_ip += n_hit_result;
|
||||
}
|
||||
|
||||
return hit_cnt_ip;
|
||||
}
|
||||
Reference in New Issue
Block a user