diff --git a/common/CMakeLists.txt b/common/CMakeLists.txt index 661ad87..35a8c40 100644 --- a/common/CMakeLists.txt +++ b/common/CMakeLists.txt @@ -3,14 +3,14 @@ src/tfe_rpc.cpp src/tfe_cmsg.cpp src/tfe_kafka_logger.cpp src/tfe_resource.cpp src/tfe_scan.cpp src/tfe_pkt_util.cpp src/tfe_tcp_restore.cpp src/packet_construct.cpp src/tap.cpp src/io_uring.cpp src/intercept_policy.cpp src/tfe_fieldstat.cpp - src/tfe_addr_tuple4.cpp src/tfe_packet_io.cpp src/tfe_session_table.cpp - src/tfe_ctrl_packet.cpp src/tfe_raw_packet.cpp src/tfe_packet_io_fs.cpp - src/mpack.cpp) + src/tuple.cpp src/tfe_packet_io.cpp src/tfe_session_table.cpp + src/tfe_ctrl_packet.cpp src/packet.cpp src/tfe_packet_io_fs.cpp + src/mpack.cpp src/dablooms.cpp src/murmur.cpp src/timestamp.cpp) target_include_directories(common PUBLIC ${CMAKE_CURRENT_LIST_DIR}/include) target_include_directories(common PUBLIC ${CMAKE_CURRENT_LIST_DIR}/../bpf/) target_include_directories(common PRIVATE ${CMAKE_CURRENT_LIST_DIR}/../platform/include/internal) target_link_libraries(common PUBLIC libevent-static libevent-static-openssl libevent-static-pthreads rdkafka) -target_link_libraries(common PUBLIC MESA_handle_logger cjson bpf_obj mrzcpd) +target_link_libraries(common PUBLIC MESA_handle_logger cjson bpf_obj mrzcpd MESA_prof_load maatframe fieldstat3) target_link_libraries(common PUBLIC pthread) if (SUPPORT_LIBURING) diff --git a/common/include/crc32_hash.h b/common/include/crc32_hash.h new file mode 100644 index 0000000..2d95c02 --- /dev/null +++ b/common/include/crc32_hash.h @@ -0,0 +1,359 @@ +#ifndef _CRC32_HASH_H_ +#define _CRC32_HASH_H_ + +#ifdef __cpluscplus +extern "C" +{ +#endif + +#include + +#define CRC32_UPD(crc, n) \ + (crc32c_tables[(n)][(crc) & 0xFF] ^ \ + crc32c_tables[(n)-1][((crc) >> 8) & 0xFF]) + +static const uint32_t crc32c_tables[8][256] = { + {0x00000000, 0xF26B8303, 0xE13B70F7, 0x1350F3F4, 0xC79A971F, 0x35F1141C, 0x26A1E7E8, 0xD4CA64EB, + 0x8AD958CF, 0x78B2DBCC, 0x6BE22838, 0x9989AB3B, 0x4D43CFD0, 0xBF284CD3, 0xAC78BF27, 0x5E133C24, + 0x105EC76F, 0xE235446C, 0xF165B798, 0x030E349B, 0xD7C45070, 0x25AFD373, 0x36FF2087, 0xC494A384, + 0x9A879FA0, 0x68EC1CA3, 0x7BBCEF57, 0x89D76C54, 0x5D1D08BF, 0xAF768BBC, 0xBC267848, 0x4E4DFB4B, + 0x20BD8EDE, 0xD2D60DDD, 0xC186FE29, 0x33ED7D2A, 0xE72719C1, 0x154C9AC2, 0x061C6936, 0xF477EA35, + 0xAA64D611, 0x580F5512, 0x4B5FA6E6, 0xB93425E5, 0x6DFE410E, 0x9F95C20D, 0x8CC531F9, 0x7EAEB2FA, + 0x30E349B1, 0xC288CAB2, 0xD1D83946, 0x23B3BA45, 0xF779DEAE, 0x05125DAD, 0x1642AE59, 0xE4292D5A, + 0xBA3A117E, 0x4851927D, 0x5B016189, 0xA96AE28A, 0x7DA08661, 0x8FCB0562, 0x9C9BF696, 0x6EF07595, + 0x417B1DBC, 0xB3109EBF, 0xA0406D4B, 0x522BEE48, 0x86E18AA3, 0x748A09A0, 0x67DAFA54, 0x95B17957, + 0xCBA24573, 0x39C9C670, 0x2A993584, 0xD8F2B687, 0x0C38D26C, 0xFE53516F, 0xED03A29B, 0x1F682198, + 0x5125DAD3, 0xA34E59D0, 0xB01EAA24, 0x42752927, 0x96BF4DCC, 0x64D4CECF, 0x77843D3B, 0x85EFBE38, + 0xDBFC821C, 0x2997011F, 0x3AC7F2EB, 0xC8AC71E8, 0x1C661503, 0xEE0D9600, 0xFD5D65F4, 0x0F36E6F7, + 0x61C69362, 0x93AD1061, 0x80FDE395, 0x72966096, 0xA65C047D, 0x5437877E, 0x4767748A, 0xB50CF789, + 0xEB1FCBAD, 0x197448AE, 0x0A24BB5A, 0xF84F3859, 0x2C855CB2, 0xDEEEDFB1, 0xCDBE2C45, 0x3FD5AF46, + 0x7198540D, 0x83F3D70E, 0x90A324FA, 0x62C8A7F9, 0xB602C312, 0x44694011, 0x5739B3E5, 0xA55230E6, + 0xFB410CC2, 0x092A8FC1, 0x1A7A7C35, 0xE811FF36, 0x3CDB9BDD, 0xCEB018DE, 0xDDE0EB2A, 0x2F8B6829, + 0x82F63B78, 0x709DB87B, 0x63CD4B8F, 0x91A6C88C, 0x456CAC67, 0xB7072F64, 0xA457DC90, 0x563C5F93, + 0x082F63B7, 0xFA44E0B4, 0xE9141340, 0x1B7F9043, 0xCFB5F4A8, 0x3DDE77AB, 0x2E8E845F, 0xDCE5075C, + 0x92A8FC17, 0x60C37F14, 0x73938CE0, 0x81F80FE3, 0x55326B08, 0xA759E80B, 0xB4091BFF, 0x466298FC, + 0x1871A4D8, 0xEA1A27DB, 0xF94AD42F, 0x0B21572C, 0xDFEB33C7, 0x2D80B0C4, 0x3ED04330, 0xCCBBC033, + 0xA24BB5A6, 0x502036A5, 0x4370C551, 0xB11B4652, 0x65D122B9, 0x97BAA1BA, 0x84EA524E, 0x7681D14D, + 0x2892ED69, 0xDAF96E6A, 0xC9A99D9E, 0x3BC21E9D, 0xEF087A76, 0x1D63F975, 0x0E330A81, 0xFC588982, + 0xB21572C9, 0x407EF1CA, 0x532E023E, 0xA145813D, 0x758FE5D6, 0x87E466D5, 0x94B49521, 0x66DF1622, + 0x38CC2A06, 0xCAA7A905, 0xD9F75AF1, 0x2B9CD9F2, 0xFF56BD19, 0x0D3D3E1A, 0x1E6DCDEE, 0xEC064EED, + 0xC38D26C4, 0x31E6A5C7, 0x22B65633, 0xD0DDD530, 0x0417B1DB, 0xF67C32D8, 0xE52CC12C, 0x1747422F, + 0x49547E0B, 0xBB3FFD08, 0xA86F0EFC, 0x5A048DFF, 0x8ECEE914, 0x7CA56A17, 0x6FF599E3, 0x9D9E1AE0, + 0xD3D3E1AB, 0x21B862A8, 0x32E8915C, 0xC083125F, 0x144976B4, 0xE622F5B7, 0xF5720643, 0x07198540, + 0x590AB964, 0xAB613A67, 0xB831C993, 0x4A5A4A90, 0x9E902E7B, 0x6CFBAD78, 0x7FAB5E8C, 0x8DC0DD8F, + 0xE330A81A, 0x115B2B19, 0x020BD8ED, 0xF0605BEE, 0x24AA3F05, 0xD6C1BC06, 0xC5914FF2, 0x37FACCF1, + 0x69E9F0D5, 0x9B8273D6, 0x88D28022, 0x7AB90321, 0xAE7367CA, 0x5C18E4C9, 0x4F48173D, 0xBD23943E, + 0xF36E6F75, 0x0105EC76, 0x12551F82, 0xE03E9C81, 0x34F4F86A, 0xC69F7B69, 0xD5CF889D, 0x27A40B9E, + 0x79B737BA, 0x8BDCB4B9, 0x988C474D, 0x6AE7C44E, 0xBE2DA0A5, 0x4C4623A6, 0x5F16D052, 0xAD7D5351}, + {0x00000000, 0x13A29877, 0x274530EE, 0x34E7A899, 0x4E8A61DC, 0x5D28F9AB, 0x69CF5132, 0x7A6DC945, + 0x9D14C3B8, 0x8EB65BCF, 0xBA51F356, 0xA9F36B21, 0xD39EA264, 0xC03C3A13, 0xF4DB928A, 0xE7790AFD, + 0x3FC5F181, 0x2C6769F6, 0x1880C16F, 0x0B225918, 0x714F905D, 0x62ED082A, 0x560AA0B3, 0x45A838C4, + 0xA2D13239, 0xB173AA4E, 0x859402D7, 0x96369AA0, 0xEC5B53E5, 0xFFF9CB92, 0xCB1E630B, 0xD8BCFB7C, + 0x7F8BE302, 0x6C297B75, 0x58CED3EC, 0x4B6C4B9B, 0x310182DE, 0x22A31AA9, 0x1644B230, 0x05E62A47, + 0xE29F20BA, 0xF13DB8CD, 0xC5DA1054, 0xD6788823, 0xAC154166, 0xBFB7D911, 0x8B507188, 0x98F2E9FF, + 0x404E1283, 0x53EC8AF4, 0x670B226D, 0x74A9BA1A, 0x0EC4735F, 0x1D66EB28, 0x298143B1, 0x3A23DBC6, + 0xDD5AD13B, 0xCEF8494C, 0xFA1FE1D5, 0xE9BD79A2, 0x93D0B0E7, 0x80722890, 0xB4958009, 0xA737187E, + 0xFF17C604, 0xECB55E73, 0xD852F6EA, 0xCBF06E9D, 0xB19DA7D8, 0xA23F3FAF, 0x96D89736, 0x857A0F41, + 0x620305BC, 0x71A19DCB, 0x45463552, 0x56E4AD25, 0x2C896460, 0x3F2BFC17, 0x0BCC548E, 0x186ECCF9, + 0xC0D23785, 0xD370AFF2, 0xE797076B, 0xF4359F1C, 0x8E585659, 0x9DFACE2E, 0xA91D66B7, 0xBABFFEC0, + 0x5DC6F43D, 0x4E646C4A, 0x7A83C4D3, 0x69215CA4, 0x134C95E1, 0x00EE0D96, 0x3409A50F, 0x27AB3D78, + 0x809C2506, 0x933EBD71, 0xA7D915E8, 0xB47B8D9F, 0xCE1644DA, 0xDDB4DCAD, 0xE9537434, 0xFAF1EC43, + 0x1D88E6BE, 0x0E2A7EC9, 0x3ACDD650, 0x296F4E27, 0x53028762, 0x40A01F15, 0x7447B78C, 0x67E52FFB, + 0xBF59D487, 0xACFB4CF0, 0x981CE469, 0x8BBE7C1E, 0xF1D3B55B, 0xE2712D2C, 0xD69685B5, 0xC5341DC2, + 0x224D173F, 0x31EF8F48, 0x050827D1, 0x16AABFA6, 0x6CC776E3, 0x7F65EE94, 0x4B82460D, 0x5820DE7A, + 0xFBC3FAF9, 0xE861628E, 0xDC86CA17, 0xCF245260, 0xB5499B25, 0xA6EB0352, 0x920CABCB, 0x81AE33BC, + 0x66D73941, 0x7575A136, 0x419209AF, 0x523091D8, 0x285D589D, 0x3BFFC0EA, 0x0F186873, 0x1CBAF004, + 0xC4060B78, 0xD7A4930F, 0xE3433B96, 0xF0E1A3E1, 0x8A8C6AA4, 0x992EF2D3, 0xADC95A4A, 0xBE6BC23D, + 0x5912C8C0, 0x4AB050B7, 0x7E57F82E, 0x6DF56059, 0x1798A91C, 0x043A316B, 0x30DD99F2, 0x237F0185, + 0x844819FB, 0x97EA818C, 0xA30D2915, 0xB0AFB162, 0xCAC27827, 0xD960E050, 0xED8748C9, 0xFE25D0BE, + 0x195CDA43, 0x0AFE4234, 0x3E19EAAD, 0x2DBB72DA, 0x57D6BB9F, 0x447423E8, 0x70938B71, 0x63311306, + 0xBB8DE87A, 0xA82F700D, 0x9CC8D894, 0x8F6A40E3, 0xF50789A6, 0xE6A511D1, 0xD242B948, 0xC1E0213F, + 0x26992BC2, 0x353BB3B5, 0x01DC1B2C, 0x127E835B, 0x68134A1E, 0x7BB1D269, 0x4F567AF0, 0x5CF4E287, + 0x04D43CFD, 0x1776A48A, 0x23910C13, 0x30339464, 0x4A5E5D21, 0x59FCC556, 0x6D1B6DCF, 0x7EB9F5B8, + 0x99C0FF45, 0x8A626732, 0xBE85CFAB, 0xAD2757DC, 0xD74A9E99, 0xC4E806EE, 0xF00FAE77, 0xE3AD3600, + 0x3B11CD7C, 0x28B3550B, 0x1C54FD92, 0x0FF665E5, 0x759BACA0, 0x663934D7, 0x52DE9C4E, 0x417C0439, + 0xA6050EC4, 0xB5A796B3, 0x81403E2A, 0x92E2A65D, 0xE88F6F18, 0xFB2DF76F, 0xCFCA5FF6, 0xDC68C781, + 0x7B5FDFFF, 0x68FD4788, 0x5C1AEF11, 0x4FB87766, 0x35D5BE23, 0x26772654, 0x12908ECD, 0x013216BA, + 0xE64B1C47, 0xF5E98430, 0xC10E2CA9, 0xD2ACB4DE, 0xA8C17D9B, 0xBB63E5EC, 0x8F844D75, 0x9C26D502, + 0x449A2E7E, 0x5738B609, 0x63DF1E90, 0x707D86E7, 0x0A104FA2, 0x19B2D7D5, 0x2D557F4C, 0x3EF7E73B, + 0xD98EEDC6, 0xCA2C75B1, 0xFECBDD28, 0xED69455F, 0x97048C1A, 0x84A6146D, 0xB041BCF4, 0xA3E32483}, + {0x00000000, 0xA541927E, 0x4F6F520D, 0xEA2EC073, 0x9EDEA41A, 0x3B9F3664, 0xD1B1F617, 0x74F06469, + 0x38513EC5, 0x9D10ACBB, 0x773E6CC8, 0xD27FFEB6, 0xA68F9ADF, 0x03CE08A1, 0xE9E0C8D2, 0x4CA15AAC, + 0x70A27D8A, 0xD5E3EFF4, 0x3FCD2F87, 0x9A8CBDF9, 0xEE7CD990, 0x4B3D4BEE, 0xA1138B9D, 0x045219E3, + 0x48F3434F, 0xEDB2D131, 0x079C1142, 0xA2DD833C, 0xD62DE755, 0x736C752B, 0x9942B558, 0x3C032726, + 0xE144FB14, 0x4405696A, 0xAE2BA919, 0x0B6A3B67, 0x7F9A5F0E, 0xDADBCD70, 0x30F50D03, 0x95B49F7D, + 0xD915C5D1, 0x7C5457AF, 0x967A97DC, 0x333B05A2, 0x47CB61CB, 0xE28AF3B5, 0x08A433C6, 0xADE5A1B8, + 0x91E6869E, 0x34A714E0, 0xDE89D493, 0x7BC846ED, 0x0F382284, 0xAA79B0FA, 0x40577089, 0xE516E2F7, + 0xA9B7B85B, 0x0CF62A25, 0xE6D8EA56, 0x43997828, 0x37691C41, 0x92288E3F, 0x78064E4C, 0xDD47DC32, + 0xC76580D9, 0x622412A7, 0x880AD2D4, 0x2D4B40AA, 0x59BB24C3, 0xFCFAB6BD, 0x16D476CE, 0xB395E4B0, + 0xFF34BE1C, 0x5A752C62, 0xB05BEC11, 0x151A7E6F, 0x61EA1A06, 0xC4AB8878, 0x2E85480B, 0x8BC4DA75, + 0xB7C7FD53, 0x12866F2D, 0xF8A8AF5E, 0x5DE93D20, 0x29195949, 0x8C58CB37, 0x66760B44, 0xC337993A, + 0x8F96C396, 0x2AD751E8, 0xC0F9919B, 0x65B803E5, 0x1148678C, 0xB409F5F2, 0x5E273581, 0xFB66A7FF, + 0x26217BCD, 0x8360E9B3, 0x694E29C0, 0xCC0FBBBE, 0xB8FFDFD7, 0x1DBE4DA9, 0xF7908DDA, 0x52D11FA4, + 0x1E704508, 0xBB31D776, 0x511F1705, 0xF45E857B, 0x80AEE112, 0x25EF736C, 0xCFC1B31F, 0x6A802161, + 0x56830647, 0xF3C29439, 0x19EC544A, 0xBCADC634, 0xC85DA25D, 0x6D1C3023, 0x8732F050, 0x2273622E, + 0x6ED23882, 0xCB93AAFC, 0x21BD6A8F, 0x84FCF8F1, 0xF00C9C98, 0x554D0EE6, 0xBF63CE95, 0x1A225CEB, + 0x8B277743, 0x2E66E53D, 0xC448254E, 0x6109B730, 0x15F9D359, 0xB0B84127, 0x5A968154, 0xFFD7132A, + 0xB3764986, 0x1637DBF8, 0xFC191B8B, 0x595889F5, 0x2DA8ED9C, 0x88E97FE2, 0x62C7BF91, 0xC7862DEF, + 0xFB850AC9, 0x5EC498B7, 0xB4EA58C4, 0x11ABCABA, 0x655BAED3, 0xC01A3CAD, 0x2A34FCDE, 0x8F756EA0, + 0xC3D4340C, 0x6695A672, 0x8CBB6601, 0x29FAF47F, 0x5D0A9016, 0xF84B0268, 0x1265C21B, 0xB7245065, + 0x6A638C57, 0xCF221E29, 0x250CDE5A, 0x804D4C24, 0xF4BD284D, 0x51FCBA33, 0xBBD27A40, 0x1E93E83E, + 0x5232B292, 0xF77320EC, 0x1D5DE09F, 0xB81C72E1, 0xCCEC1688, 0x69AD84F6, 0x83834485, 0x26C2D6FB, + 0x1AC1F1DD, 0xBF8063A3, 0x55AEA3D0, 0xF0EF31AE, 0x841F55C7, 0x215EC7B9, 0xCB7007CA, 0x6E3195B4, + 0x2290CF18, 0x87D15D66, 0x6DFF9D15, 0xC8BE0F6B, 0xBC4E6B02, 0x190FF97C, 0xF321390F, 0x5660AB71, + 0x4C42F79A, 0xE90365E4, 0x032DA597, 0xA66C37E9, 0xD29C5380, 0x77DDC1FE, 0x9DF3018D, 0x38B293F3, + 0x7413C95F, 0xD1525B21, 0x3B7C9B52, 0x9E3D092C, 0xEACD6D45, 0x4F8CFF3B, 0xA5A23F48, 0x00E3AD36, + 0x3CE08A10, 0x99A1186E, 0x738FD81D, 0xD6CE4A63, 0xA23E2E0A, 0x077FBC74, 0xED517C07, 0x4810EE79, + 0x04B1B4D5, 0xA1F026AB, 0x4BDEE6D8, 0xEE9F74A6, 0x9A6F10CF, 0x3F2E82B1, 0xD50042C2, 0x7041D0BC, + 0xAD060C8E, 0x08479EF0, 0xE2695E83, 0x4728CCFD, 0x33D8A894, 0x96993AEA, 0x7CB7FA99, 0xD9F668E7, + 0x9557324B, 0x3016A035, 0xDA386046, 0x7F79F238, 0x0B899651, 0xAEC8042F, 0x44E6C45C, 0xE1A75622, + 0xDDA47104, 0x78E5E37A, 0x92CB2309, 0x378AB177, 0x437AD51E, 0xE63B4760, 0x0C158713, 0xA954156D, + 0xE5F54FC1, 0x40B4DDBF, 0xAA9A1DCC, 0x0FDB8FB2, 0x7B2BEBDB, 0xDE6A79A5, 0x3444B9D6, 0x91052BA8}, + {0x00000000, 0xDD45AAB8, 0xBF672381, 0x62228939, 0x7B2231F3, 0xA6679B4B, 0xC4451272, 0x1900B8CA, + 0xF64463E6, 0x2B01C95E, 0x49234067, 0x9466EADF, 0x8D665215, 0x5023F8AD, 0x32017194, 0xEF44DB2C, + 0xE964B13D, 0x34211B85, 0x560392BC, 0x8B463804, 0x924680CE, 0x4F032A76, 0x2D21A34F, 0xF06409F7, + 0x1F20D2DB, 0xC2657863, 0xA047F15A, 0x7D025BE2, 0x6402E328, 0xB9474990, 0xDB65C0A9, 0x06206A11, + 0xD725148B, 0x0A60BE33, 0x6842370A, 0xB5079DB2, 0xAC072578, 0x71428FC0, 0x136006F9, 0xCE25AC41, + 0x2161776D, 0xFC24DDD5, 0x9E0654EC, 0x4343FE54, 0x5A43469E, 0x8706EC26, 0xE524651F, 0x3861CFA7, + 0x3E41A5B6, 0xE3040F0E, 0x81268637, 0x5C632C8F, 0x45639445, 0x98263EFD, 0xFA04B7C4, 0x27411D7C, + 0xC805C650, 0x15406CE8, 0x7762E5D1, 0xAA274F69, 0xB327F7A3, 0x6E625D1B, 0x0C40D422, 0xD1057E9A, + 0xABA65FE7, 0x76E3F55F, 0x14C17C66, 0xC984D6DE, 0xD0846E14, 0x0DC1C4AC, 0x6FE34D95, 0xB2A6E72D, + 0x5DE23C01, 0x80A796B9, 0xE2851F80, 0x3FC0B538, 0x26C00DF2, 0xFB85A74A, 0x99A72E73, 0x44E284CB, + 0x42C2EEDA, 0x9F874462, 0xFDA5CD5B, 0x20E067E3, 0x39E0DF29, 0xE4A57591, 0x8687FCA8, 0x5BC25610, + 0xB4868D3C, 0x69C32784, 0x0BE1AEBD, 0xD6A40405, 0xCFA4BCCF, 0x12E11677, 0x70C39F4E, 0xAD8635F6, + 0x7C834B6C, 0xA1C6E1D4, 0xC3E468ED, 0x1EA1C255, 0x07A17A9F, 0xDAE4D027, 0xB8C6591E, 0x6583F3A6, + 0x8AC7288A, 0x57828232, 0x35A00B0B, 0xE8E5A1B3, 0xF1E51979, 0x2CA0B3C1, 0x4E823AF8, 0x93C79040, + 0x95E7FA51, 0x48A250E9, 0x2A80D9D0, 0xF7C57368, 0xEEC5CBA2, 0x3380611A, 0x51A2E823, 0x8CE7429B, + 0x63A399B7, 0xBEE6330F, 0xDCC4BA36, 0x0181108E, 0x1881A844, 0xC5C402FC, 0xA7E68BC5, 0x7AA3217D, + 0x52A0C93F, 0x8FE56387, 0xEDC7EABE, 0x30824006, 0x2982F8CC, 0xF4C75274, 0x96E5DB4D, 0x4BA071F5, + 0xA4E4AAD9, 0x79A10061, 0x1B838958, 0xC6C623E0, 0xDFC69B2A, 0x02833192, 0x60A1B8AB, 0xBDE41213, + 0xBBC47802, 0x6681D2BA, 0x04A35B83, 0xD9E6F13B, 0xC0E649F1, 0x1DA3E349, 0x7F816A70, 0xA2C4C0C8, + 0x4D801BE4, 0x90C5B15C, 0xF2E73865, 0x2FA292DD, 0x36A22A17, 0xEBE780AF, 0x89C50996, 0x5480A32E, + 0x8585DDB4, 0x58C0770C, 0x3AE2FE35, 0xE7A7548D, 0xFEA7EC47, 0x23E246FF, 0x41C0CFC6, 0x9C85657E, + 0x73C1BE52, 0xAE8414EA, 0xCCA69DD3, 0x11E3376B, 0x08E38FA1, 0xD5A62519, 0xB784AC20, 0x6AC10698, + 0x6CE16C89, 0xB1A4C631, 0xD3864F08, 0x0EC3E5B0, 0x17C35D7A, 0xCA86F7C2, 0xA8A47EFB, 0x75E1D443, + 0x9AA50F6F, 0x47E0A5D7, 0x25C22CEE, 0xF8878656, 0xE1873E9C, 0x3CC29424, 0x5EE01D1D, 0x83A5B7A5, + 0xF90696D8, 0x24433C60, 0x4661B559, 0x9B241FE1, 0x8224A72B, 0x5F610D93, 0x3D4384AA, 0xE0062E12, + 0x0F42F53E, 0xD2075F86, 0xB025D6BF, 0x6D607C07, 0x7460C4CD, 0xA9256E75, 0xCB07E74C, 0x16424DF4, + 0x106227E5, 0xCD278D5D, 0xAF050464, 0x7240AEDC, 0x6B401616, 0xB605BCAE, 0xD4273597, 0x09629F2F, + 0xE6264403, 0x3B63EEBB, 0x59416782, 0x8404CD3A, 0x9D0475F0, 0x4041DF48, 0x22635671, 0xFF26FCC9, + 0x2E238253, 0xF36628EB, 0x9144A1D2, 0x4C010B6A, 0x5501B3A0, 0x88441918, 0xEA669021, 0x37233A99, + 0xD867E1B5, 0x05224B0D, 0x6700C234, 0xBA45688C, 0xA345D046, 0x7E007AFE, 0x1C22F3C7, 0xC167597F, + 0xC747336E, 0x1A0299D6, 0x782010EF, 0xA565BA57, 0xBC65029D, 0x6120A825, 0x0302211C, 0xDE478BA4, + 0x31035088, 0xEC46FA30, 0x8E647309, 0x5321D9B1, 0x4A21617B, 0x9764CBC3, 0xF54642FA, 0x2803E842}, + {0x00000000, 0x38116FAC, 0x7022DF58, 0x4833B0F4, 0xE045BEB0, 0xD854D11C, 0x906761E8, 0xA8760E44, + 0xC5670B91, 0xFD76643D, 0xB545D4C9, 0x8D54BB65, 0x2522B521, 0x1D33DA8D, 0x55006A79, 0x6D1105D5, + 0x8F2261D3, 0xB7330E7F, 0xFF00BE8B, 0xC711D127, 0x6F67DF63, 0x5776B0CF, 0x1F45003B, 0x27546F97, + 0x4A456A42, 0x725405EE, 0x3A67B51A, 0x0276DAB6, 0xAA00D4F2, 0x9211BB5E, 0xDA220BAA, 0xE2336406, + 0x1BA8B557, 0x23B9DAFB, 0x6B8A6A0F, 0x539B05A3, 0xFBED0BE7, 0xC3FC644B, 0x8BCFD4BF, 0xB3DEBB13, + 0xDECFBEC6, 0xE6DED16A, 0xAEED619E, 0x96FC0E32, 0x3E8A0076, 0x069B6FDA, 0x4EA8DF2E, 0x76B9B082, + 0x948AD484, 0xAC9BBB28, 0xE4A80BDC, 0xDCB96470, 0x74CF6A34, 0x4CDE0598, 0x04EDB56C, 0x3CFCDAC0, + 0x51EDDF15, 0x69FCB0B9, 0x21CF004D, 0x19DE6FE1, 0xB1A861A5, 0x89B90E09, 0xC18ABEFD, 0xF99BD151, + 0x37516AAE, 0x0F400502, 0x4773B5F6, 0x7F62DA5A, 0xD714D41E, 0xEF05BBB2, 0xA7360B46, 0x9F2764EA, + 0xF236613F, 0xCA270E93, 0x8214BE67, 0xBA05D1CB, 0x1273DF8F, 0x2A62B023, 0x625100D7, 0x5A406F7B, + 0xB8730B7D, 0x806264D1, 0xC851D425, 0xF040BB89, 0x5836B5CD, 0x6027DA61, 0x28146A95, 0x10050539, + 0x7D1400EC, 0x45056F40, 0x0D36DFB4, 0x3527B018, 0x9D51BE5C, 0xA540D1F0, 0xED736104, 0xD5620EA8, + 0x2CF9DFF9, 0x14E8B055, 0x5CDB00A1, 0x64CA6F0D, 0xCCBC6149, 0xF4AD0EE5, 0xBC9EBE11, 0x848FD1BD, + 0xE99ED468, 0xD18FBBC4, 0x99BC0B30, 0xA1AD649C, 0x09DB6AD8, 0x31CA0574, 0x79F9B580, 0x41E8DA2C, + 0xA3DBBE2A, 0x9BCAD186, 0xD3F96172, 0xEBE80EDE, 0x439E009A, 0x7B8F6F36, 0x33BCDFC2, 0x0BADB06E, + 0x66BCB5BB, 0x5EADDA17, 0x169E6AE3, 0x2E8F054F, 0x86F90B0B, 0xBEE864A7, 0xF6DBD453, 0xCECABBFF, + 0x6EA2D55C, 0x56B3BAF0, 0x1E800A04, 0x269165A8, 0x8EE76BEC, 0xB6F60440, 0xFEC5B4B4, 0xC6D4DB18, + 0xABC5DECD, 0x93D4B161, 0xDBE70195, 0xE3F66E39, 0x4B80607D, 0x73910FD1, 0x3BA2BF25, 0x03B3D089, + 0xE180B48F, 0xD991DB23, 0x91A26BD7, 0xA9B3047B, 0x01C50A3F, 0x39D46593, 0x71E7D567, 0x49F6BACB, + 0x24E7BF1E, 0x1CF6D0B2, 0x54C56046, 0x6CD40FEA, 0xC4A201AE, 0xFCB36E02, 0xB480DEF6, 0x8C91B15A, + 0x750A600B, 0x4D1B0FA7, 0x0528BF53, 0x3D39D0FF, 0x954FDEBB, 0xAD5EB117, 0xE56D01E3, 0xDD7C6E4F, + 0xB06D6B9A, 0x887C0436, 0xC04FB4C2, 0xF85EDB6E, 0x5028D52A, 0x6839BA86, 0x200A0A72, 0x181B65DE, + 0xFA2801D8, 0xC2396E74, 0x8A0ADE80, 0xB21BB12C, 0x1A6DBF68, 0x227CD0C4, 0x6A4F6030, 0x525E0F9C, + 0x3F4F0A49, 0x075E65E5, 0x4F6DD511, 0x777CBABD, 0xDF0AB4F9, 0xE71BDB55, 0xAF286BA1, 0x9739040D, + 0x59F3BFF2, 0x61E2D05E, 0x29D160AA, 0x11C00F06, 0xB9B60142, 0x81A76EEE, 0xC994DE1A, 0xF185B1B6, + 0x9C94B463, 0xA485DBCF, 0xECB66B3B, 0xD4A70497, 0x7CD10AD3, 0x44C0657F, 0x0CF3D58B, 0x34E2BA27, + 0xD6D1DE21, 0xEEC0B18D, 0xA6F30179, 0x9EE26ED5, 0x36946091, 0x0E850F3D, 0x46B6BFC9, 0x7EA7D065, + 0x13B6D5B0, 0x2BA7BA1C, 0x63940AE8, 0x5B856544, 0xF3F36B00, 0xCBE204AC, 0x83D1B458, 0xBBC0DBF4, + 0x425B0AA5, 0x7A4A6509, 0x3279D5FD, 0x0A68BA51, 0xA21EB415, 0x9A0FDBB9, 0xD23C6B4D, 0xEA2D04E1, + 0x873C0134, 0xBF2D6E98, 0xF71EDE6C, 0xCF0FB1C0, 0x6779BF84, 0x5F68D028, 0x175B60DC, 0x2F4A0F70, + 0xCD796B76, 0xF56804DA, 0xBD5BB42E, 0x854ADB82, 0x2D3CD5C6, 0x152DBA6A, 0x5D1E0A9E, 0x650F6532, + 0x081E60E7, 0x300F0F4B, 0x783CBFBF, 0x402DD013, 0xE85BDE57, 0xD04AB1FB, 0x9879010F, 0xA0686EA3}, + {0x00000000, 0xEF306B19, 0xDB8CA0C3, 0x34BCCBDA, 0xB2F53777, 0x5DC55C6E, 0x697997B4, 0x8649FCAD, + 0x6006181F, 0x8F367306, 0xBB8AB8DC, 0x54BAD3C5, 0xD2F32F68, 0x3DC34471, 0x097F8FAB, 0xE64FE4B2, + 0xC00C303E, 0x2F3C5B27, 0x1B8090FD, 0xF4B0FBE4, 0x72F90749, 0x9DC96C50, 0xA975A78A, 0x4645CC93, + 0xA00A2821, 0x4F3A4338, 0x7B8688E2, 0x94B6E3FB, 0x12FF1F56, 0xFDCF744F, 0xC973BF95, 0x2643D48C, + 0x85F4168D, 0x6AC47D94, 0x5E78B64E, 0xB148DD57, 0x370121FA, 0xD8314AE3, 0xEC8D8139, 0x03BDEA20, + 0xE5F20E92, 0x0AC2658B, 0x3E7EAE51, 0xD14EC548, 0x570739E5, 0xB83752FC, 0x8C8B9926, 0x63BBF23F, + 0x45F826B3, 0xAAC84DAA, 0x9E748670, 0x7144ED69, 0xF70D11C4, 0x183D7ADD, 0x2C81B107, 0xC3B1DA1E, + 0x25FE3EAC, 0xCACE55B5, 0xFE729E6F, 0x1142F576, 0x970B09DB, 0x783B62C2, 0x4C87A918, 0xA3B7C201, + 0x0E045BEB, 0xE13430F2, 0xD588FB28, 0x3AB89031, 0xBCF16C9C, 0x53C10785, 0x677DCC5F, 0x884DA746, + 0x6E0243F4, 0x813228ED, 0xB58EE337, 0x5ABE882E, 0xDCF77483, 0x33C71F9A, 0x077BD440, 0xE84BBF59, + 0xCE086BD5, 0x213800CC, 0x1584CB16, 0xFAB4A00F, 0x7CFD5CA2, 0x93CD37BB, 0xA771FC61, 0x48419778, + 0xAE0E73CA, 0x413E18D3, 0x7582D309, 0x9AB2B810, 0x1CFB44BD, 0xF3CB2FA4, 0xC777E47E, 0x28478F67, + 0x8BF04D66, 0x64C0267F, 0x507CEDA5, 0xBF4C86BC, 0x39057A11, 0xD6351108, 0xE289DAD2, 0x0DB9B1CB, + 0xEBF65579, 0x04C63E60, 0x307AF5BA, 0xDF4A9EA3, 0x5903620E, 0xB6330917, 0x828FC2CD, 0x6DBFA9D4, + 0x4BFC7D58, 0xA4CC1641, 0x9070DD9B, 0x7F40B682, 0xF9094A2F, 0x16392136, 0x2285EAEC, 0xCDB581F5, + 0x2BFA6547, 0xC4CA0E5E, 0xF076C584, 0x1F46AE9D, 0x990F5230, 0x763F3929, 0x4283F2F3, 0xADB399EA, + 0x1C08B7D6, 0xF338DCCF, 0xC7841715, 0x28B47C0C, 0xAEFD80A1, 0x41CDEBB8, 0x75712062, 0x9A414B7B, + 0x7C0EAFC9, 0x933EC4D0, 0xA7820F0A, 0x48B26413, 0xCEFB98BE, 0x21CBF3A7, 0x1577387D, 0xFA475364, + 0xDC0487E8, 0x3334ECF1, 0x0788272B, 0xE8B84C32, 0x6EF1B09F, 0x81C1DB86, 0xB57D105C, 0x5A4D7B45, + 0xBC029FF7, 0x5332F4EE, 0x678E3F34, 0x88BE542D, 0x0EF7A880, 0xE1C7C399, 0xD57B0843, 0x3A4B635A, + 0x99FCA15B, 0x76CCCA42, 0x42700198, 0xAD406A81, 0x2B09962C, 0xC439FD35, 0xF08536EF, 0x1FB55DF6, + 0xF9FAB944, 0x16CAD25D, 0x22761987, 0xCD46729E, 0x4B0F8E33, 0xA43FE52A, 0x90832EF0, 0x7FB345E9, + 0x59F09165, 0xB6C0FA7C, 0x827C31A6, 0x6D4C5ABF, 0xEB05A612, 0x0435CD0B, 0x308906D1, 0xDFB96DC8, + 0x39F6897A, 0xD6C6E263, 0xE27A29B9, 0x0D4A42A0, 0x8B03BE0D, 0x6433D514, 0x508F1ECE, 0xBFBF75D7, + 0x120CEC3D, 0xFD3C8724, 0xC9804CFE, 0x26B027E7, 0xA0F9DB4A, 0x4FC9B053, 0x7B757B89, 0x94451090, + 0x720AF422, 0x9D3A9F3B, 0xA98654E1, 0x46B63FF8, 0xC0FFC355, 0x2FCFA84C, 0x1B736396, 0xF443088F, + 0xD200DC03, 0x3D30B71A, 0x098C7CC0, 0xE6BC17D9, 0x60F5EB74, 0x8FC5806D, 0xBB794BB7, 0x544920AE, + 0xB206C41C, 0x5D36AF05, 0x698A64DF, 0x86BA0FC6, 0x00F3F36B, 0xEFC39872, 0xDB7F53A8, 0x344F38B1, + 0x97F8FAB0, 0x78C891A9, 0x4C745A73, 0xA344316A, 0x250DCDC7, 0xCA3DA6DE, 0xFE816D04, 0x11B1061D, + 0xF7FEE2AF, 0x18CE89B6, 0x2C72426C, 0xC3422975, 0x450BD5D8, 0xAA3BBEC1, 0x9E87751B, 0x71B71E02, + 0x57F4CA8E, 0xB8C4A197, 0x8C786A4D, 0x63480154, 0xE501FDF9, 0x0A3196E0, 0x3E8D5D3A, 0xD1BD3623, + 0x37F2D291, 0xD8C2B988, 0xEC7E7252, 0x034E194B, 0x8507E5E6, 0x6A378EFF, 0x5E8B4525, 0xB1BB2E3C}, + {0x00000000, 0x68032CC8, 0xD0065990, 0xB8057558, 0xA5E0C5D1, 0xCDE3E919, 0x75E69C41, 0x1DE5B089, + 0x4E2DFD53, 0x262ED19B, 0x9E2BA4C3, 0xF628880B, 0xEBCD3882, 0x83CE144A, 0x3BCB6112, 0x53C84DDA, + 0x9C5BFAA6, 0xF458D66E, 0x4C5DA336, 0x245E8FFE, 0x39BB3F77, 0x51B813BF, 0xE9BD66E7, 0x81BE4A2F, + 0xD27607F5, 0xBA752B3D, 0x02705E65, 0x6A7372AD, 0x7796C224, 0x1F95EEEC, 0xA7909BB4, 0xCF93B77C, + 0x3D5B83BD, 0x5558AF75, 0xED5DDA2D, 0x855EF6E5, 0x98BB466C, 0xF0B86AA4, 0x48BD1FFC, 0x20BE3334, + 0x73767EEE, 0x1B755226, 0xA370277E, 0xCB730BB6, 0xD696BB3F, 0xBE9597F7, 0x0690E2AF, 0x6E93CE67, + 0xA100791B, 0xC90355D3, 0x7106208B, 0x19050C43, 0x04E0BCCA, 0x6CE39002, 0xD4E6E55A, 0xBCE5C992, + 0xEF2D8448, 0x872EA880, 0x3F2BDDD8, 0x5728F110, 0x4ACD4199, 0x22CE6D51, 0x9ACB1809, 0xF2C834C1, + 0x7AB7077A, 0x12B42BB2, 0xAAB15EEA, 0xC2B27222, 0xDF57C2AB, 0xB754EE63, 0x0F519B3B, 0x6752B7F3, + 0x349AFA29, 0x5C99D6E1, 0xE49CA3B9, 0x8C9F8F71, 0x917A3FF8, 0xF9791330, 0x417C6668, 0x297F4AA0, + 0xE6ECFDDC, 0x8EEFD114, 0x36EAA44C, 0x5EE98884, 0x430C380D, 0x2B0F14C5, 0x930A619D, 0xFB094D55, + 0xA8C1008F, 0xC0C22C47, 0x78C7591F, 0x10C475D7, 0x0D21C55E, 0x6522E996, 0xDD279CCE, 0xB524B006, + 0x47EC84C7, 0x2FEFA80F, 0x97EADD57, 0xFFE9F19F, 0xE20C4116, 0x8A0F6DDE, 0x320A1886, 0x5A09344E, + 0x09C17994, 0x61C2555C, 0xD9C72004, 0xB1C40CCC, 0xAC21BC45, 0xC422908D, 0x7C27E5D5, 0x1424C91D, + 0xDBB77E61, 0xB3B452A9, 0x0BB127F1, 0x63B20B39, 0x7E57BBB0, 0x16549778, 0xAE51E220, 0xC652CEE8, + 0x959A8332, 0xFD99AFFA, 0x459CDAA2, 0x2D9FF66A, 0x307A46E3, 0x58796A2B, 0xE07C1F73, 0x887F33BB, + 0xF56E0EF4, 0x9D6D223C, 0x25685764, 0x4D6B7BAC, 0x508ECB25, 0x388DE7ED, 0x808892B5, 0xE88BBE7D, + 0xBB43F3A7, 0xD340DF6F, 0x6B45AA37, 0x034686FF, 0x1EA33676, 0x76A01ABE, 0xCEA56FE6, 0xA6A6432E, + 0x6935F452, 0x0136D89A, 0xB933ADC2, 0xD130810A, 0xCCD53183, 0xA4D61D4B, 0x1CD36813, 0x74D044DB, + 0x27180901, 0x4F1B25C9, 0xF71E5091, 0x9F1D7C59, 0x82F8CCD0, 0xEAFBE018, 0x52FE9540, 0x3AFDB988, + 0xC8358D49, 0xA036A181, 0x1833D4D9, 0x7030F811, 0x6DD54898, 0x05D66450, 0xBDD31108, 0xD5D03DC0, + 0x8618701A, 0xEE1B5CD2, 0x561E298A, 0x3E1D0542, 0x23F8B5CB, 0x4BFB9903, 0xF3FEEC5B, 0x9BFDC093, + 0x546E77EF, 0x3C6D5B27, 0x84682E7F, 0xEC6B02B7, 0xF18EB23E, 0x998D9EF6, 0x2188EBAE, 0x498BC766, + 0x1A438ABC, 0x7240A674, 0xCA45D32C, 0xA246FFE4, 0xBFA34F6D, 0xD7A063A5, 0x6FA516FD, 0x07A63A35, + 0x8FD9098E, 0xE7DA2546, 0x5FDF501E, 0x37DC7CD6, 0x2A39CC5F, 0x423AE097, 0xFA3F95CF, 0x923CB907, + 0xC1F4F4DD, 0xA9F7D815, 0x11F2AD4D, 0x79F18185, 0x6414310C, 0x0C171DC4, 0xB412689C, 0xDC114454, + 0x1382F328, 0x7B81DFE0, 0xC384AAB8, 0xAB878670, 0xB66236F9, 0xDE611A31, 0x66646F69, 0x0E6743A1, + 0x5DAF0E7B, 0x35AC22B3, 0x8DA957EB, 0xE5AA7B23, 0xF84FCBAA, 0x904CE762, 0x2849923A, 0x404ABEF2, + 0xB2828A33, 0xDA81A6FB, 0x6284D3A3, 0x0A87FF6B, 0x17624FE2, 0x7F61632A, 0xC7641672, 0xAF673ABA, + 0xFCAF7760, 0x94AC5BA8, 0x2CA92EF0, 0x44AA0238, 0x594FB2B1, 0x314C9E79, 0x8949EB21, 0xE14AC7E9, + 0x2ED97095, 0x46DA5C5D, 0xFEDF2905, 0x96DC05CD, 0x8B39B544, 0xE33A998C, 0x5B3FECD4, 0x333CC01C, + 0x60F48DC6, 0x08F7A10E, 0xB0F2D456, 0xD8F1F89E, 0xC5144817, 0xAD1764DF, 0x15121187, 0x7D113D4F}, + {0x00000000, 0x493C7D27, 0x9278FA4E, 0xDB448769, 0x211D826D, 0x6821FF4A, 0xB3657823, 0xFA590504, + 0x423B04DA, 0x0B0779FD, 0xD043FE94, 0x997F83B3, 0x632686B7, 0x2A1AFB90, 0xF15E7CF9, 0xB86201DE, + 0x847609B4, 0xCD4A7493, 0x160EF3FA, 0x5F328EDD, 0xA56B8BD9, 0xEC57F6FE, 0x37137197, 0x7E2F0CB0, + 0xC64D0D6E, 0x8F717049, 0x5435F720, 0x1D098A07, 0xE7508F03, 0xAE6CF224, 0x7528754D, 0x3C14086A, + 0x0D006599, 0x443C18BE, 0x9F789FD7, 0xD644E2F0, 0x2C1DE7F4, 0x65219AD3, 0xBE651DBA, 0xF759609D, + 0x4F3B6143, 0x06071C64, 0xDD439B0D, 0x947FE62A, 0x6E26E32E, 0x271A9E09, 0xFC5E1960, 0xB5626447, + 0x89766C2D, 0xC04A110A, 0x1B0E9663, 0x5232EB44, 0xA86BEE40, 0xE1579367, 0x3A13140E, 0x732F6929, + 0xCB4D68F7, 0x827115D0, 0x593592B9, 0x1009EF9E, 0xEA50EA9A, 0xA36C97BD, 0x782810D4, 0x31146DF3, + 0x1A00CB32, 0x533CB615, 0x8878317C, 0xC1444C5B, 0x3B1D495F, 0x72213478, 0xA965B311, 0xE059CE36, + 0x583BCFE8, 0x1107B2CF, 0xCA4335A6, 0x837F4881, 0x79264D85, 0x301A30A2, 0xEB5EB7CB, 0xA262CAEC, + 0x9E76C286, 0xD74ABFA1, 0x0C0E38C8, 0x453245EF, 0xBF6B40EB, 0xF6573DCC, 0x2D13BAA5, 0x642FC782, + 0xDC4DC65C, 0x9571BB7B, 0x4E353C12, 0x07094135, 0xFD504431, 0xB46C3916, 0x6F28BE7F, 0x2614C358, + 0x1700AEAB, 0x5E3CD38C, 0x857854E5, 0xCC4429C2, 0x361D2CC6, 0x7F2151E1, 0xA465D688, 0xED59ABAF, + 0x553BAA71, 0x1C07D756, 0xC743503F, 0x8E7F2D18, 0x7426281C, 0x3D1A553B, 0xE65ED252, 0xAF62AF75, + 0x9376A71F, 0xDA4ADA38, 0x010E5D51, 0x48322076, 0xB26B2572, 0xFB575855, 0x2013DF3C, 0x692FA21B, + 0xD14DA3C5, 0x9871DEE2, 0x4335598B, 0x0A0924AC, 0xF05021A8, 0xB96C5C8F, 0x6228DBE6, 0x2B14A6C1, + 0x34019664, 0x7D3DEB43, 0xA6796C2A, 0xEF45110D, 0x151C1409, 0x5C20692E, 0x8764EE47, 0xCE589360, + 0x763A92BE, 0x3F06EF99, 0xE44268F0, 0xAD7E15D7, 0x572710D3, 0x1E1B6DF4, 0xC55FEA9D, 0x8C6397BA, + 0xB0779FD0, 0xF94BE2F7, 0x220F659E, 0x6B3318B9, 0x916A1DBD, 0xD856609A, 0x0312E7F3, 0x4A2E9AD4, + 0xF24C9B0A, 0xBB70E62D, 0x60346144, 0x29081C63, 0xD3511967, 0x9A6D6440, 0x4129E329, 0x08159E0E, + 0x3901F3FD, 0x703D8EDA, 0xAB7909B3, 0xE2457494, 0x181C7190, 0x51200CB7, 0x8A648BDE, 0xC358F6F9, + 0x7B3AF727, 0x32068A00, 0xE9420D69, 0xA07E704E, 0x5A27754A, 0x131B086D, 0xC85F8F04, 0x8163F223, + 0xBD77FA49, 0xF44B876E, 0x2F0F0007, 0x66337D20, 0x9C6A7824, 0xD5560503, 0x0E12826A, 0x472EFF4D, + 0xFF4CFE93, 0xB67083B4, 0x6D3404DD, 0x240879FA, 0xDE517CFE, 0x976D01D9, 0x4C2986B0, 0x0515FB97, + 0x2E015D56, 0x673D2071, 0xBC79A718, 0xF545DA3F, 0x0F1CDF3B, 0x4620A21C, 0x9D642575, 0xD4585852, + 0x6C3A598C, 0x250624AB, 0xFE42A3C2, 0xB77EDEE5, 0x4D27DBE1, 0x041BA6C6, 0xDF5F21AF, 0x96635C88, + 0xAA7754E2, 0xE34B29C5, 0x380FAEAC, 0x7133D38B, 0x8B6AD68F, 0xC256ABA8, 0x19122CC1, 0x502E51E6, + 0xE84C5038, 0xA1702D1F, 0x7A34AA76, 0x3308D751, 0xC951D255, 0x806DAF72, 0x5B29281B, 0x1215553C, + 0x230138CF, 0x6A3D45E8, 0xB179C281, 0xF845BFA6, 0x021CBAA2, 0x4B20C785, 0x906440EC, 0xD9583DCB, + 0x613A3C15, 0x28064132, 0xF342C65B, 0xBA7EBB7C, 0x4027BE78, 0x091BC35F, 0xD25F4436, 0x9B633911, + 0xA777317B, 0xEE4B4C5C, 0x350FCB35, 0x7C33B612, 0x866AB316, 0xCF56CE31, 0x14124958, 0x5D2E347F, + 0xE54C35A1, 0xAC704886, 0x7734CFEF, 0x3E08B2C8, 0xC451B7CC, 0x8D6DCAEB, 0x56294D82, 0x1F1530A5}}; + +static inline uint32_t crc32_hash_1byte(uint8_t data, uint32_t init_val) +{ + uint32_t crc; + crc = init_val; + crc ^= data; + + return crc32c_tables[0][crc & 0xff] ^ (crc >> 8); +} + +static inline uint32_t crc32_hash_2byte(uint16_t data, uint32_t init_val) +{ + uint32_t crc; + crc = init_val; + crc ^= data; + + crc = CRC32_UPD(crc, 1) ^ (crc >> 16); + + return crc; +} + +static inline uint32_t crc32_hash_4byte(uint32_t data, uint32_t init_val) +{ + uint32_t crc, term1, term2; + crc = init_val; + crc ^= data; + + term1 = CRC32_UPD(crc, 3); + term2 = crc >> 16; + crc = term1 ^ CRC32_UPD(term2, 1); + + return crc; +} + +static inline uint32_t crc32_hash_8byte(void *data, uint32_t init_val) +{ + uint32_t crc, term1, term2; + uint32_t *__u32_ptr = (uint32_t *)data; + + crc = init_val; + crc ^= __u32_ptr[0]; + + term1 = CRC32_UPD(crc, 7); + term2 = crc >> 16; + crc = term1 ^ CRC32_UPD(term2, 5); + term1 = CRC32_UPD(__u32_ptr[1], 3); + term2 = __u32_ptr[1] >> 16; + crc ^= term1 ^ CRC32_UPD(term2, 1); + + return crc; +} + +static inline uint32_t crc32_hash(const void *data, uint32_t data_len, uint32_t init_val) +{ + unsigned i; + char *pd = (char *)data; + + for (i = 0; i < data_len / 8; i++) + { + init_val = crc32_hash_8byte(pd, init_val); + pd += 8; + } + + if (data_len & 0x4) + { + init_val = crc32_hash_4byte(*(const uint32_t *)pd, init_val); + pd += 4; + } + + if (data_len & 0x2) + { + init_val = crc32_hash_2byte(*(const uint16_t *)pd, init_val); + pd += 2; + } + + if (data_len & 0x1) + { + init_val = crc32_hash_1byte(*(const uint8_t *)pd, init_val); + } + + return init_val; +} + +#ifdef __cpluscplus +} +#endif + +#endif diff --git a/common/include/dablooms.h b/common/include/dablooms.h new file mode 100644 index 0000000..dfd5117 --- /dev/null +++ b/common/include/dablooms.h @@ -0,0 +1,93 @@ +/* Copyright @2012 by Justin Hines at Bitly under a very liberal license. See LICENSE in the source distribution. */ + +#ifndef __BLOOM_H__ +#define __BLOOM_H__ +#include +#include + +const char *dablooms_version(void); + +typedef struct +{ + size_t bytes; + char *array; +} bitmap_t; + +bitmap_t *bitmap_resize(bitmap_t *bitmap, size_t old_size, size_t new_size); +bitmap_t *new_bitmap(size_t bytes); + +int bitmap_increment(bitmap_t *bitmap, unsigned int index, long offset); +int bitmap_decrement(bitmap_t *bitmap, unsigned int index, long offset); +int bitmap_check(bitmap_t *bitmap, unsigned int index, long offset); +int bitmap_flush(bitmap_t *bitmap); + +void free_bitmap(bitmap_t *bitmap); + +typedef struct +{ + uint64_t id; + uint32_t count; + uint32_t _pad; +} counting_bloom_header_t; + +typedef struct +{ + counting_bloom_header_t *header; + unsigned int capacity; + long offset; + unsigned int counts_per_func; + uint32_t *hashes; + size_t nfuncs; + size_t size; + size_t num_bytes; + double error_rate; + bitmap_t *bitmap; +} counting_bloom_t; + +int free_counting_bloom(counting_bloom_t *bloom); +counting_bloom_t *new_counting_bloom(unsigned int capacity, double error_rate); +int counting_bloom_add(counting_bloom_t *bloom, const char *s, size_t len); +int counting_bloom_remove(counting_bloom_t *bloom, const char *s, size_t len); +int counting_bloom_check(counting_bloom_t *bloom, const char *s, size_t len); + +typedef struct +{ + uint64_t max_id; + uint64_t mem_seqnum; + uint64_t disk_seqnum; +} scaling_bloom_header_t; + +typedef struct +{ + scaling_bloom_header_t *header; + unsigned int capacity; + unsigned int num_blooms; + size_t num_bytes; + double error_rate; + counting_bloom_t **blooms; + bitmap_t *bitmap; +} scaling_bloom_t; + +scaling_bloom_t *new_scaling_bloom(unsigned int capacity, double error_rate); +int free_scaling_bloom(scaling_bloom_t *bloom); +int scaling_bloom_add(scaling_bloom_t *bloom, const char *s, size_t len, uint64_t id); +int scaling_bloom_remove(scaling_bloom_t *bloom, const char *s, size_t len, uint64_t id); +int scaling_bloom_check(scaling_bloom_t *bloom, const char *s, size_t len); +int scaling_bloom_flush(scaling_bloom_t *bloom); +uint64_t scaling_bloom_mem_seqnum(scaling_bloom_t *bloom); +uint64_t scaling_bloom_disk_seqnum(scaling_bloom_t *bloom); + +struct expiry_dablooms_handle; +enum expiry_dablooms_errno +{ + EXPIRY_DABLOOMS_ERRNO_BLOOM_NULL = -1, + EXPIRY_DABLOOMS_ERRNO_NEW_BLOOM_FAIL = -2, +}; +char *expiry_dablooms_errno_trans(enum expiry_dablooms_errno _errno); +void expiry_dablooms_destroy(struct expiry_dablooms_handle *handle); +struct expiry_dablooms_handle *expiry_dablooms_init(unsigned int capacity, double error_rate, time_t cur_time, int expiry_time); +int expiry_dablooms_element_count_get(struct expiry_dablooms_handle *handle, uint64_t *count); +int expiry_dablooms_add(struct expiry_dablooms_handle *handle, const char *key, size_t len, time_t cur_time); +int expiry_dablooms_search(struct expiry_dablooms_handle *handle, const char *key, size_t len, time_t cur_time); + +#endif diff --git a/common/include/ipv4_helpers.h b/common/include/ipv4_helpers.h new file mode 100644 index 0000000..db42bea --- /dev/null +++ b/common/include/ipv4_helpers.h @@ -0,0 +1,71 @@ +#ifndef _IPV4_HELPERS_H +#define _IPV4_HELPERS_H + +#ifdef __cpluscplus +extern "C" +{ +#endif + +#include +#include + +static inline uint16_t ipv4_hdr_get_ipid(const struct ip *hdr) +{ + return ntohs(hdr->ip_id); +} + +static inline uint8_t ipv4_hdr_get_flags(const struct ip *hdr) +{ + return (ntohs(hdr->ip_off) & IP_OFFMASK) >> 13; +} + +static inline uint16_t ipv4_hdr_get_frag_offset(const struct ip *hdr) +{ + return ntohs(hdr->ip_off) & IP_OFFMASK; +} + +static inline uint8_t ipv4_hdr_get_ttl(const struct ip *hdr) +{ + return hdr->ip_ttl; +} + +static inline uint8_t ipv4_hdr_get_protocol(const struct ip *hdr) +{ + return hdr->ip_p; +} + +static inline uint16_t ipv4_hdr_get_checksum(const struct ip *hdr) +{ + return ntohs(hdr->ip_sum); +} + +static inline uint32_t ipv4_hdr_get_src(const struct ip *hdr) +{ + return ntohl(hdr->ip_src.s_addr); +} + +static inline uint32_t ipv4_hdr_get_dst(const struct ip *hdr) +{ + return ntohl(hdr->ip_dst.s_addr); +} + +static inline bool ipv4_hdr_has_flag_rf(const struct ip *hdr) +{ + return (ntohs(hdr->ip_off) & IP_RF) != 0; +} + +static inline bool ipv4_hdr_has_flag_df(const struct ip *hdr) +{ + return (ntohs(hdr->ip_off) & IP_DF) != 0; +} + +static inline bool ipv4_hdr_has_flag_mf(const struct ip *hdr) +{ + return (ntohs(hdr->ip_off) & IP_MF) != 0; +} + +#ifdef __cpluscplus +} +#endif + +#endif diff --git a/common/include/murmur.h b/common/include/murmur.h new file mode 100644 index 0000000..6e3c133 --- /dev/null +++ b/common/include/murmur.h @@ -0,0 +1,12 @@ +//----------------------------------------------------------------------------- +// MurmurHash3 was written by Austin Appleby, and is placed in the public +// domain. The author hereby disclaims copyright to this source code. + +#ifndef _MURMURHASH3_H_ +#define _MURMURHASH3_H_ + +#include + +void MurmurHash3_x64_128(const void *key, int len, uint32_t seed, void *out); + +#endif // _MURMURHASH3_H_ diff --git a/common/include/packet.h b/common/include/packet.h new file mode 100644 index 0000000..9269beb --- /dev/null +++ b/common/include/packet.h @@ -0,0 +1,123 @@ +#ifndef _PACKET_H +#define _PACKET_H + +#ifdef __cpluscplus +extern "C" +{ +#endif + +#include +#include +#include "tuple.h" + +#define PACKET_MAX_LAYERS 16 +// #define PACKET_LOG_ERROR(format, ...) void(0) +#ifndef PACKET_LOG_ERROR +#define PACKET_LOG_ERROR(format, ...) \ + fprintf(stderr, "ERROR (packet), " format "\n", ##__VA_ARGS__); +#endif +// #define PACKET_LOG_DEBUG(format, ...) void(0) +#ifndef PACKET_LOG_DEBUG +#define PACKET_LOG_DEBUG(format, ...) \ + fprintf(stderr, "DEBUG (packet), " format "\n", ##__VA_ARGS__); +#endif + +enum layer_type +{ + // 数据链路层 + LAYER_TYPE_ETHER = 1 << 0, + LAYER_TYPE_PPP = 1 << 1, + LAYER_TYPE_HDLC = 1 << 2, + LAYER_TYPE_L2 = (LAYER_TYPE_ETHER | LAYER_TYPE_PPP | LAYER_TYPE_HDLC), + + // 数据链路层 -- 隧道 + LAYER_TYPE_VLAN = 1 << 3, + LAYER_TYPE_PPPOE = 1 << 4, + LAYER_TYPE_MPLS = 1 << 5, + LAYER_TYPE_L2_TUN = (LAYER_TYPE_VLAN | LAYER_TYPE_PPPOE | LAYER_TYPE_MPLS), + + // 网络层 + LAYER_TYPE_IPV4 = 1 << 6, + LAYER_TYPE_IPV6 = 1 << 7, + LAYER_TYPE_L3 = (LAYER_TYPE_IPV4 | LAYER_TYPE_IPV6), + + // 网络层 -- 隧道 + LAYER_TYPE_GRE = 1 << 8, + LAYER_TYPE_L3_TUN = (LAYER_TYPE_GRE), + + // 传输层 + LAYER_TYPE_UDP = 1 << 9, + LAYER_TYPE_TCP = 1 << 10, + LAYER_TYPE_L4 = (LAYER_TYPE_UDP | LAYER_TYPE_TCP), + + // 传输层 -- 隧道 + LAYER_TYPE_VXLAN = 1 << 11, + LAYER_TYPE_GTPV1_U = 1 << 12, + + // ALL + LAYER_TYPE_ALL = (LAYER_TYPE_L2 | LAYER_TYPE_L2_TUN | LAYER_TYPE_L3 | LAYER_TYPE_L3_TUN | LAYER_TYPE_L4 | LAYER_TYPE_VXLAN | LAYER_TYPE_GTPV1_U), +}; + +enum ldbc_method +{ + LDBC_METHOD_HASH_INT_IP = 1, + LDBC_METHOD_HASH_EXT_IP = 2, + LDBC_METHOD_HASH_INT_IP_AND_EXT_IP = 3, + LDBC_METHOD_HASH_INNERMOST_INT_IP = 4, + LDBC_METHOD_HASH_INNERMOST_EXT_IP = 5, +}; + +struct layer_record +{ + enum layer_type type; + const char *hdr_ptr; // header pointer + const char *pld_ptr; // payload pointer + uint16_t hdr_offset; // header offset from data_ptr + uint16_t hdr_len; // header length + uint16_t pld_len; // payload length +}; + +struct packet +{ + struct layer_record layers[PACKET_MAX_LAYERS]; + int8_t layers_used; + int8_t layers_size; + + const char *data_ptr; + uint16_t data_len; + uint64_t zone_id; + + const void *user_data; +}; + +// return innermost payload +const char *packet_parse(struct packet *handler, const char *data, uint16_t len); +void packet_print(const struct packet *handler); + +// return 0 : found +// return -1 : not found +int packet_get_innermost_tuple2(const struct packet *handler, struct tuple2 *tuple); +int packet_get_outermost_tuple2(const struct packet *handler, struct tuple2 *tuple); + +// return 0 : found +// return -1 : not found +int packet_get_innermost_tuple4(const struct packet *handler, struct tuple4 *tuple); +int packet_get_outermost_tuple4(const struct packet *handler, struct tuple4 *tuple); + +// return 0 : found +// return -1 : not found +int packet_get_innermost_tuple6(const struct packet *handler, struct tuple6 *tuple); +int packet_get_outermost_tuple6(const struct packet *handler, struct tuple6 *tuple); + +const struct layer_record *packet_get_innermost_layer(const struct packet *handler, enum layer_type type); +const struct layer_record *packet_get_outermost_layer(const struct packet *handler, enum layer_type type); + +// direction 1: E2I +// direction 0: I2E +uint64_t packet_get_hash(const struct packet *handler, enum ldbc_method method, int direction); + +#ifdef __cpluscplus +} +#endif + +#endif diff --git a/common/include/tcp_helpers.h b/common/include/tcp_helpers.h new file mode 100644 index 0000000..5d30451 --- /dev/null +++ b/common/include/tcp_helpers.h @@ -0,0 +1,77 @@ +#ifndef _TCP_HELPERS_H +#define _TCP_HELPERS_H + +#ifdef __cpluscplus +extern "C" +{ +#endif + +#include +#define __FAVOR_BSD 1 +#include + +static inline uint16_t tcp_hdr_get_sport(const struct tcphdr *hdr) +{ + return ntohs(hdr->th_sport); +} + +static inline uint16_t tcp_hdr_get_dport(const struct tcphdr *hdr) +{ + return ntohs(hdr->th_dport); +} + +static inline uint32_t tcp_hdr_get_seq(const struct tcphdr *hdr) +{ + return ntohl(hdr->th_seq); +} + +static inline uint32_t tcp_hdr_get_ack(const struct tcphdr *hdr) +{ + return ntohl(hdr->th_ack); +} + +static inline uint8_t tcp_hdr_get_flags(const struct tcphdr *hdr) +{ + return hdr->th_flags; +} + +static inline uint16_t tcp_hdr_get_checksum(const struct tcphdr *hdr) +{ + return hdr->th_sum; +} + +static inline bool tcp_hdr_has_flag_urg(const struct tcphdr *hdr) +{ + return hdr->th_flags & TH_URG; +} + +static inline bool tcp_hdr_has_flag_ack(const struct tcphdr *hdr) +{ + return hdr->th_flags & TH_ACK; +} + +static inline bool tcp_hdr_has_flag_psh(const struct tcphdr *hdr) +{ + return hdr->th_flags & TH_PUSH; +} + +static inline bool tcp_hdr_has_flag_rst(const struct tcphdr *hdr) +{ + return hdr->th_flags & TH_RST; +} + +static inline bool tcp_hdr_has_flag_syn(const struct tcphdr *hdr) +{ + return hdr->th_flags & TH_SYN; +} + +static inline bool tcp_hdr_has_flag_fin(const struct tcphdr *hdr) +{ + return hdr->th_flags & TH_FIN; +} + +#ifdef __cpluscplus +} +#endif + +#endif diff --git a/common/include/tfe_addr_tuple4.h b/common/include/tfe_addr_tuple4.h deleted file mode 100644 index 81aab88..0000000 --- a/common/include/tfe_addr_tuple4.h +++ /dev/null @@ -1,66 +0,0 @@ -#ifndef _TFE_ADDR_TUPLE4_H -#define _TFE_ADDR_TUPLE4_H - -#ifdef __cpluscplus -extern "C" -{ -#endif - -#include - - enum addr_tuple4_type - { - ADDR_TUPLE4_TYPE_V4, - ADDR_TUPLE4_TYPE_V6, - }; - - struct addr_v4 - { - struct in_addr src_addr; /* network order */ - struct in_addr dst_addr; /* network order */ - }; - - struct addr_v6 - { - struct in6_addr src_addr; /* network order */ - struct in6_addr dst_addr; /* network order */ - }; - - struct addr_tuple4 - { - enum addr_tuple4_type addr_type; - in_port_t src_port; /* network order */ - in_port_t dst_port; /* network order */ - union - { - struct addr_v4 addr_v4; - struct addr_v6 addr_v6; - }; - }; - -#define INIT_ADDR_V4(name, src_addr_str, src_port_num, dst_addr_str, dst_port_num) \ - struct addr_tuple4 name; \ - memset(&name, 0, sizeof(name)); \ - (name).addr_type = ADDR_TUPLE4_TYPE_V4; \ - (name).src_port = htons((src_port_num)); \ - (name).dst_port = htons((dst_port_num)); \ - inet_pton(AF_INET, (src_addr_str), &(name).addr_v4.src_addr); \ - inet_pton(AF_INET, (dst_addr_str), &(name).addr_v4.dst_addr); - -#define INIT_ADDR_V6(name, src_addr_str, src_port_num, dst_addr_str, dst_port_num) \ - struct addr_tuple4 name; \ - memset(&name, 0, sizeof(name)); \ - (name).addr_type = ADDR_TUPLE4_TYPE_V6; \ - (name).src_port = htons((src_port_num)); \ - (name).dst_port = htons((dst_port_num)); \ - inet_pton(AF_INET6, (src_addr_str), &(name).addr_v6.src_addr); \ - inet_pton(AF_INET6, (dst_addr_str), &(name).addr_v6.dst_addr); - - char *addr_tuple4_to_str(const struct addr_tuple4 *addr); - void addr_tuple4_reverse(const struct addr_tuple4 *orin, struct addr_tuple4 *out); - -#ifdef __cpluscplus -} -#endif - -#endif diff --git a/common/include/tfe_packet_io.h b/common/include/tfe_packet_io.h index c77d0de..f2bfd3d 100644 --- a/common/include/tfe_packet_io.h +++ b/common/include/tfe_packet_io.h @@ -6,7 +6,7 @@ extern "C" { #endif -#include "tfe_addr_tuple4.h" +#include "tuple.h" #include "tfe_packet_io_fs.h" struct tap_ctx @@ -36,6 +36,7 @@ struct packet_io_thread_ctx struct tfe_proxy *ref_proxy; struct packet_io_fs *ret_fs_state; struct acceptor_kni_v4 *ref_acceptor_ctx; + struct expiry_dablooms_handle *dup_packet_filter; void *logger; int session_table_need_reset; @@ -44,7 +45,7 @@ struct packet_io_thread_ctx struct packet_info { int is_e2i_dir; - struct addr_tuple4 tuple4; + struct tuple4 tuple4; char *header_data; int header_len; @@ -59,7 +60,7 @@ struct session_ctx uint64_t session_id; uint8_t is_passthrough; uint8_t protocol; - char *session_addr; + char session_addr[128]; char client_mac[6]; char server_mac[6]; @@ -78,6 +79,11 @@ struct session_ctx struct acceptor_kni_v4 { + int dup_packet_filter_enable; + int dup_packet_filter_capacity; + int dup_packet_filter_timeout; + double dup_packet_filter_error_rate; + int debug; int firewall_sids; int proxy_sids; @@ -108,6 +114,9 @@ int packet_io_polling_nf_interface(struct packet_io *handle, int thread_seq, voi void handle_decryption_packet_from_tap(const char *data, int len, void *args); void handle_raw_packet_from_tap(const char *data, int len, void *args); +// only for test +int raw_traffic_decapsulate(struct packet *handler, const char *raw_data, int raw_len, char **header, int *header_len, int *is_ipv4); + #ifdef __cpluscplus } #endif diff --git a/common/include/tfe_packet_io_fs.h b/common/include/tfe_packet_io_fs.h index 6bea391..8749517 100644 --- a/common/include/tfe_packet_io_fs.h +++ b/common/include/tfe_packet_io_fs.h @@ -24,6 +24,7 @@ struct packet_io_fs struct throughput_metrics decrypt_tx; // 累计值 struct throughput_metrics decrypt_rx; // 累计值 + struct throughput_metrics dup_bypass; // 累计值 struct throughput_metrics raw_bypass; // 累计值 struct throughput_metrics decrypt_rxdrop; // 累计值 diff --git a/common/include/tfe_raw_packet.h b/common/include/tfe_raw_packet.h deleted file mode 100644 index 69818b8..0000000 --- a/common/include/tfe_raw_packet.h +++ /dev/null @@ -1,104 +0,0 @@ -#ifndef _TFE_RAW_PACKET_H -#define _TFE_RAW_PACKET_H - -#ifdef __cpluscplus -extern "C" -{ -#endif - -#include - -enum layer_type -{ - // 数据链路层 - LAYER_TYPE_ETHER = 1 << 0, - LAYER_TYPE_PPP = 1 << 1, - LAYER_TYPE_HDLC = 1 << 2, - LAYER_TYPE_L2 = (LAYER_TYPE_ETHER | LAYER_TYPE_PPP | LAYER_TYPE_HDLC), - - // 数据链路层 -- 隧道 - LAYER_TYPE_VLAN = 1 << 3, - LAYER_TYPE_PPPOE = 1 << 4, - LAYER_TYPE_MPLS = 1 << 5, - LAYER_TYPE_L2_TUN = (LAYER_TYPE_VLAN | LAYER_TYPE_PPPOE | LAYER_TYPE_MPLS), - - // 网络层 - LAYER_TYPE_IPV4 = 1 << 6, - LAYER_TYPE_IPV6 = 1 << 7, - LAYER_TYPE_L3 = (LAYER_TYPE_IPV4 | LAYER_TYPE_IPV6), - - // 网络层 -- 隧道 - - // 传输层 - LAYER_TYPE_UDP = 1 << 8, - LAYER_TYPE_TCP = 1 << 9, - LAYER_TYPE_L4 = (LAYER_TYPE_UDP | LAYER_TYPE_TCP), - - // 传输层 -- 隧道 - LAYER_TYPE_G_VXLAN = 1 << 10, - LAYER_TYPE_GTPV1_U = 1 << 11, - - // ALL - LAYER_TYPE_ALL = (LAYER_TYPE_L2 | LAYER_TYPE_L2_TUN | LAYER_TYPE_L3 | LAYER_TYPE_L4 | LAYER_TYPE_G_VXLAN | LAYER_TYPE_GTPV1_U), - - // UNKNOWN - LAYER_TYPE_UNKNOWN, -}; - -enum ldbc_method -{ - LDBC_METHOD_HASH_INT_IP = 1, - LDBC_METHOD_HASH_EXT_IP = 2, - LDBC_METHOD_HASH_INT_IP_AND_EXT_IP = 3, - LDBC_METHOD_HASH_INNERMOST_INT_IP = 4, - LDBC_METHOD_HASH_INNERMOST_EXT_IP = 5, -}; - -struct layer_result -{ - uint16_t offset; - enum layer_type type; -}; - -struct layer_results -{ - struct layer_result layers[16]; - uint16_t layers_used; - uint16_t layers_size; -}; - -struct raw_pkt_parser -{ - enum layer_type expect_type; - struct layer_results results; - - const void *ptr_pkt_start; - uint64_t pkt_trace_id; -}; - -void raw_packet_parser_init(struct raw_pkt_parser *handler, uint64_t pkt_trace_id, enum layer_type expect_type, uint16_t expect_results_num); -// return most inner payload -const void *raw_packet_parser_parse(struct raw_pkt_parser *handler, const void *data, size_t length, void *logger); - -// return 0 : success -// return -1 : error -int raw_packet_parser_get_most_inner_tuple4(struct raw_pkt_parser *handler, struct addr_tuple4 *addr, void *logger); -int raw_packet_parser_get_most_outer_tuple4(struct raw_pkt_parser *handler, struct addr_tuple4 *addr, void *logger); - -// return 0 : success -// return -1 : error -int raw_packet_parser_get_most_inner_address(struct raw_pkt_parser *handler, struct addr_tuple4 *addr, void *logger); -int raw_packet_parser_get_most_outer_address(struct raw_pkt_parser *handler, struct addr_tuple4 *addr, void *logger); - -uint16_t raw_packet_parser_get_most_inner_ipid(struct raw_pkt_parser *handler); -uint16_t raw_packet_parser_get_most_outer_ipid(struct raw_pkt_parser *handler); - -uint64_t raw_packet_parser_get_hash_value(struct raw_pkt_parser *handler, enum ldbc_method method, int dir_is_internal, void *logger); - -int raw_traffic_decapsulate(struct raw_pkt_parser *handler, char *raw_data, int raw_len, char **output, int *out_len, int *is_ipv4); - -#ifdef __cpluscplus -} -#endif - -#endif diff --git a/common/include/tfe_session_table.h b/common/include/tfe_session_table.h index 9478915..5fa3b78 100644 --- a/common/include/tfe_session_table.h +++ b/common/include/tfe_session_table.h @@ -10,7 +10,7 @@ extern "C" #include #include "uthash.h" -#include "tfe_addr_tuple4.h" +#include "tuple.h" // Note: session_addr must be initialized by memset(0) before use !!! @@ -19,7 +19,7 @@ typedef void fn_free_cb(void *args); struct session_node { uint64_t session_id; /* first key */ - struct addr_tuple4 session_addr; /* second key */ + struct tuple4 session_addr; /* second key */ void *val_data; fn_free_cb *val_freecb; @@ -39,17 +39,17 @@ uint64_t session_table_count(struct session_table *table); // val_data : shallow copy (malloc by user, free by val_freecb) // return 0 : suceess // return -1 : key exists -int session_table_insert(struct session_table *table, uint64_t session_id, const struct addr_tuple4 *session_addr, void *val_data, const fn_free_cb *val_freecb); +int session_table_insert(struct session_table *table, uint64_t session_id, const struct tuple4 *session_addr, void *val_data, const fn_free_cb *val_freecb); // return 0 : success // return -1 : key not exists int session_table_delete_by_id(struct session_table *table, uint64_t session_id); -int session_table_delete_by_addr(struct session_table *table, const struct addr_tuple4 *session_addr); +int session_table_delete_by_addr(struct session_table *table, const struct tuple4 *session_addr); // return NULL : key not exists // return UnNULL : success struct session_node *session_table_search_by_id(struct session_table *table, uint64_t session_id); -struct session_node *session_table_search_by_addr(struct session_table *table, const struct addr_tuple4 *session_addr); +struct session_node *session_table_search_by_addr(struct session_table *table, const struct tuple4 *session_addr); #ifdef __cpluscplus } diff --git a/common/include/timestamp.h b/common/include/timestamp.h new file mode 100644 index 0000000..d854ac1 --- /dev/null +++ b/common/include/timestamp.h @@ -0,0 +1,19 @@ +#ifndef _TIMESTAMP_H +#define _TIMESTAMP_H + +#ifdef __cpluscplus +extern "C" +{ +#endif + +#include + +void timestamp_update(); +uint64_t timestamp_get_sec(); +uint64_t timestamp_get_msec(); + +#ifdef __cpluscplus +} +#endif + +#endif diff --git a/common/include/tuple.h b/common/include/tuple.h new file mode 100644 index 0000000..3638070 --- /dev/null +++ b/common/include/tuple.h @@ -0,0 +1,89 @@ +#ifndef _TUPLE_H +#define _TUPLE_H + +#ifdef __cpluscplus +extern "C" +{ +#endif + +#include + +enum ip_type +{ + IP_TYPE_V4, + IP_TYPE_V6, +}; + +union ip_address +{ + struct in_addr v4; /* network order */ + struct in6_addr v6; /* network order */ +}; + +struct tuple2 +{ + enum ip_type ip_type; + union ip_address src_addr; /* network order */ + union ip_address dst_addr; /* network order */ +}; + +struct tuple4 +{ + enum ip_type ip_type; + union ip_address src_addr; /* network order */ + union ip_address dst_addr; /* network order */ + + in_port_t src_port; /* network order */ + in_port_t dst_port; /* network order */ +}; + +struct tuple5 +{ + enum ip_type ip_type; + union ip_address src_addr; /* network order */ + union ip_address dst_addr; /* network order */ + + in_port_t src_port; /* network order */ + in_port_t dst_port; /* network order */ + + uint16_t ip_proto; /* network order */ +}; + +struct tuple6 +{ + enum ip_type ip_type; + union ip_address src_addr; /* network order */ + union ip_address dst_addr; /* network order */ + + uint16_t src_port; /* network order */ + uint16_t dst_port; /* network order */ + + uint16_t ip_proto; /* network order */ + uint64_t security_zone; +}; + +uint32_t tuple2_hash(const struct tuple2 *tuple); +uint32_t tuple4_hash(const struct tuple4 *tuple); +uint32_t tuple5_hash(const struct tuple5 *tuple); +uint32_t tuple6_hash(const struct tuple6 *tuple); + +int tuple2_cmp(const struct tuple2 *tuple_a, const struct tuple2 *tuple_b); +int tuple4_cmp(const struct tuple4 *tuple_a, const struct tuple4 *tuple_b); +int tuple5_cmp(const struct tuple5 *tuple_a, const struct tuple5 *tuple_b); +int tuple6_cmp(const struct tuple6 *tuple_a, const struct tuple6 *tuple_b); + +void tuple2_reverse(const struct tuple2 *in, struct tuple2 *out); +void tuple4_reverse(const struct tuple4 *in, struct tuple4 *out); +void tuple5_reverse(const struct tuple5 *in, struct tuple5 *out); +void tuple6_reverse(const struct tuple6 *in, struct tuple6 *out); + +void tuple2_tostring(const struct tuple2 *tuple, char *buf, uint32_t size); +void tuple4_tostring(const struct tuple4 *tuple, char *buf, uint32_t size); +void tuple5_tostring(const struct tuple5 *tuple, char *buf, uint32_t size); +void tuple6_tostring(const struct tuple6 *tuple, char *buf, uint32_t size); + +#ifdef __cpluscplus +} +#endif + +#endif diff --git a/common/src/dablooms.cpp b/common/src/dablooms.cpp new file mode 100644 index 0000000..f09c1ed --- /dev/null +++ b/common/src/dablooms.cpp @@ -0,0 +1,712 @@ +/* Copyright @2012 by Justin Hines at Bitly under a very liberal license. See LICENSE in the source distribution. */ + +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include "murmur.h" +#include "dablooms.h" + +#define DABLOOMS_VERSION "0.9.1" + +#define ERROR_TIGHTENING_RATIO 0.5 +#define SALT_CONSTANT 0x97c29b3a + +#define ALLOC(type, number) ((type *)calloc(sizeof(type), number)) +#define FREE(p) \ + { \ + free(*p); \ + *p = NULL; \ + } + +const char *dablooms_version(void) +{ + return DABLOOMS_VERSION; +} + +void free_bitmap(bitmap_t *bitmap) +{ +#if 0 + if ((munmap(bitmap->array, bitmap->bytes)) < 0) { + perror("Error, unmapping memory"); + } +#else + free(bitmap->array); +#endif + free(bitmap); +} + +bitmap_t *bitmap_resize(bitmap_t *bitmap, size_t old_size, size_t new_size) +{ + +#if 0 + /* resize if mmap exists and possible on this os, else new mmap */ + if (bitmap->array != NULL) { +#if __linux + bitmap->array = mremap(bitmap->array, old_size, new_size, MREMAP_MAYMOVE); + if (bitmap->array == MAP_FAILED) { + perror("Error resizing mmap"); + free_bitmap(bitmap); + return NULL; + } +#else + if (munmap(bitmap->array, bitmap->bytes) < 0) { + perror("Error unmapping memory"); + free_bitmap(bitmap); + return NULL; + } + bitmap->array = NULL; +#endif + } + if (bitmap->array == NULL) { + bitmap->array = mmap(NULL, new_size, PROT_READ | PROT_WRITE, MAP_PRIVATE | MAP_ANON, -1, 0); + if (bitmap->array == MAP_FAILED) { + perror("Error init mmap"); + free_bitmap(bitmap); + return NULL; + } + } +#else + if (bitmap->array != NULL) + { + bitmap->array = (char *)realloc(bitmap->array, new_size); + if (bitmap->array == NULL) + { + perror("Error resizing memory"); + free_bitmap(bitmap); + return NULL; + } + memset(bitmap->array + old_size, 0, new_size - old_size); + } + else + { + bitmap->array = (char *)malloc(new_size); + if (bitmap->array == NULL) + { + perror("Error init memory"); + free_bitmap(bitmap); + return NULL; + } + memset(bitmap->array, 0, new_size); + } +#endif + bitmap->bytes = new_size; + return bitmap; +} + +/* Create a new bitmap, not full featured, simple to give + * us a means of interacting with the 4 bit counters */ +bitmap_t *new_bitmap(size_t bytes) +{ + bitmap_t *bitmap; + + if ((bitmap = (bitmap_t *)malloc(sizeof(bitmap_t))) == NULL) + { + return NULL; + } + + bitmap->bytes = bytes; + bitmap->array = NULL; + + if ((bitmap = bitmap_resize(bitmap, 0, bytes)) == NULL) + { + return NULL; + } + + return bitmap; +} + +int bitmap_increment(bitmap_t *bitmap, unsigned int index, long offset) +{ + long access = index / 2 + offset; + uint8_t temp; + __builtin_prefetch(&(bitmap->array[access]), 0, 1); + uint8_t n = bitmap->array[access]; + if (index % 2 != 0) + { + temp = (n & 0x0f); + n = (n & 0xf0) + ((n & 0x0f) + 0x01); + } + else + { + temp = (n & 0xf0) >> 4; + n = (n & 0x0f) + ((n & 0xf0) + 0x10); + } + + if (temp == 0x0f) + { + // fprintf(stderr, "Error, 4 bit int Overflow\n"); + return -1; + } + + __builtin_prefetch(&(bitmap->array[access]), 1, 1); + bitmap->array[access] = n; + return 0; +} + +/* increments the four bit counter */ +int bitmap_decrement(bitmap_t *bitmap, unsigned int index, long offset) +{ + long access = index / 2 + offset; + uint8_t temp; + uint8_t n = bitmap->array[access]; + + if (index % 2 != 0) + { + temp = (n & 0x0f); + n = (n & 0xf0) + ((n & 0x0f) - 0x01); + } + else + { + temp = (n & 0xf0) >> 4; + n = (n & 0x0f) + ((n & 0xf0) - 0x10); + } + + if (temp == 0x00) + { + // fprintf(stderr, "Error, Decrementing zero\n"); + return -1; + } + + bitmap->array[access] = n; + return 0; +} + +/* decrements the four bit counter */ +int bitmap_check(bitmap_t *bitmap, unsigned int index, long offset) +{ + long access = index / 2 + offset; + if (index % 2 != 0) + { + return bitmap->array[access] & 0x0f; + } + else + { + return bitmap->array[access] & 0xf0; + } +} + +int bitmap_flush(bitmap_t *bitmap) +{ +#if 0 + if ((msync(bitmap->array, bitmap->bytes, MS_SYNC) < 0)) { + perror("Error, flushing bitmap to disk"); + return -1; + } else { + return 0; + } +#else + return 0; +#endif +} + +/* + * Perform the actual hashing for `key` + * + * Only call the hash once to get a pair of initial values (h1 and + * h2). Use these values to generate all hashes in a quick loop. + * + * See paper by Kirsch, Mitzenmacher [2006] + * http://www.eecs.harvard.edu/~michaelm/postscripts/rsa2008.pdf + */ +void hash_func(counting_bloom_t *bloom, const char *key, size_t key_len, uint32_t *hashes) +{ + uint32_t checksum[4]; + + MurmurHash3_x64_128(key, key_len, SALT_CONSTANT, checksum); + uint32_t h1 = checksum[0]; + uint32_t h2 = checksum[1]; + + for (size_t i = 0; i < bloom->nfuncs; i++) + { + hashes[i] = (h1 + i * h2) % bloom->counts_per_func; + } +} + +int free_counting_bloom(counting_bloom_t *bloom) +{ + if (bloom != NULL) + { + free(bloom->hashes); + bloom->hashes = NULL; + free_bitmap(bloom->bitmap); + free(bloom); + bloom = NULL; + } + return 0; +} + +counting_bloom_t *counting_bloom_init(unsigned int capacity, double error_rate, long offset) +{ + counting_bloom_t *bloom; + + if ((bloom = (counting_bloom_t *)malloc(sizeof(counting_bloom_t))) == NULL) + { + fprintf(stderr, "Error, could not realloc a new bloom filter\n"); + return NULL; + } + bloom->bitmap = NULL; + bloom->capacity = capacity; + bloom->error_rate = error_rate; + bloom->offset = offset + sizeof(counting_bloom_header_t); + bloom->nfuncs = (int)ceil(log(1 / error_rate) / log(2)); + bloom->counts_per_func = (int)ceil(capacity * fabs(log(error_rate)) / (bloom->nfuncs * pow(log(2), 2))); + bloom->size = bloom->nfuncs * bloom->counts_per_func; + /* rounding-up integer divide by 2 of bloom->size */ + bloom->num_bytes = ((bloom->size + 1) / 2) + sizeof(counting_bloom_header_t); + bloom->hashes = (uint32_t *)calloc(bloom->nfuncs, sizeof(uint32_t)); + + return bloom; +} + +counting_bloom_t *new_counting_bloom(unsigned int capacity, double error_rate) +{ + counting_bloom_t *cur_bloom; + + cur_bloom = counting_bloom_init(capacity, error_rate, 0); + cur_bloom->bitmap = new_bitmap(cur_bloom->num_bytes); + cur_bloom->header = (counting_bloom_header_t *)(cur_bloom->bitmap->array); + return cur_bloom; +} + +int counting_bloom_add(counting_bloom_t *bloom, const char *s, size_t len) +{ + unsigned int index, offset; + unsigned int *hashes = bloom->hashes; + + hash_func(bloom, s, len, hashes); + + for (size_t i = 0; i < bloom->nfuncs; i++) + { + offset = i * bloom->counts_per_func; + index = hashes[i] + offset; + bitmap_increment(bloom->bitmap, index, bloom->offset); + } + bloom->header->count++; + + return 0; +} + +int counting_bloom_remove(counting_bloom_t *bloom, const char *s, size_t len) +{ + unsigned int index, offset; + unsigned int *hashes = bloom->hashes; + + hash_func(bloom, s, len, hashes); + + for (size_t i = 0; i < bloom->nfuncs; i++) + { + offset = i * bloom->counts_per_func; + index = hashes[i] + offset; + bitmap_decrement(bloom->bitmap, index, bloom->offset); + } + bloom->header->count--; + + return 0; +} + +int counting_bloom_check(counting_bloom_t *bloom, const char *s, size_t len) +{ + unsigned int index, offset; + unsigned int *hashes = bloom->hashes; + + hash_func(bloom, s, len, hashes); + + for (size_t i = 0; i < bloom->nfuncs; i++) + { + offset = i * bloom->counts_per_func; + index = hashes[i] + offset; + if (!(bitmap_check(bloom->bitmap, index, bloom->offset))) + { + return 0; + } + } + return 1; +} + +int free_scaling_bloom(scaling_bloom_t *bloom) +{ + int i; + for (i = bloom->num_blooms - 1; i >= 0; i--) + { + free(bloom->blooms[i]->hashes); + bloom->blooms[i]->hashes = NULL; + free(bloom->blooms[i]); + bloom->blooms[i] = NULL; + } + free(bloom->blooms); + free_bitmap(bloom->bitmap); + free(bloom); + return 0; +} + +/* creates a new counting bloom filter from a given scaling bloom filter, with count and id */ +counting_bloom_t *new_counting_bloom_from_scale(scaling_bloom_t *bloom) +{ + long offset; + double error_rate; + counting_bloom_t *cur_bloom; + + error_rate = bloom->error_rate * (pow(ERROR_TIGHTENING_RATIO, bloom->num_blooms + 1)); + + if ((bloom->blooms = (counting_bloom_t **)realloc(bloom->blooms, (bloom->num_blooms + 1) * sizeof(counting_bloom_t *))) == NULL) + { + fprintf(stderr, "Error, could not realloc a new bloom filter\n"); + return NULL; + } + + cur_bloom = counting_bloom_init(bloom->capacity, error_rate, bloom->num_bytes); + bloom->blooms[bloom->num_blooms] = cur_bloom; + + bloom->bitmap = bitmap_resize(bloom->bitmap, bloom->num_bytes, bloom->num_bytes + cur_bloom->num_bytes); + + /* reset header pointer, as mmap may have moved */ + bloom->header = (scaling_bloom_header_t *)bloom->bitmap->array; + + /* Set the pointers for these header structs to the right location since mmap may have moved */ + bloom->num_blooms++; + for (unsigned int i = 0; i < bloom->num_blooms; i++) + { + offset = bloom->blooms[i]->offset - sizeof(counting_bloom_header_t); + bloom->blooms[i]->header = (counting_bloom_header_t *)(bloom->bitmap->array + offset); + } + + bloom->num_bytes += cur_bloom->num_bytes; + cur_bloom->bitmap = bloom->bitmap; + + return cur_bloom; +} + +uint64_t scaling_bloom_clear_seqnums(scaling_bloom_t *bloom) +{ + uint64_t seqnum; + + if (bloom->header->disk_seqnum != 0) + { + // disk_seqnum cleared on disk before any other changes + bloom->header->disk_seqnum = 0; + bitmap_flush(bloom->bitmap); + } + seqnum = bloom->header->mem_seqnum; + bloom->header->mem_seqnum = 0; + return seqnum; +} + +int scaling_bloom_add(scaling_bloom_t *bloom, const char *s, size_t len, uint64_t id) +{ + int i; + uint64_t seqnum; + + counting_bloom_t *cur_bloom = NULL; + for (i = bloom->num_blooms - 1; i >= 0; i--) + { + cur_bloom = bloom->blooms[i]; + if (id >= cur_bloom->header->id) + { + break; + } + } + + seqnum = scaling_bloom_clear_seqnums(bloom); + + if ((id > bloom->header->max_id) && (cur_bloom->header->count >= cur_bloom->capacity - 1)) + { + cur_bloom = new_counting_bloom_from_scale(bloom); + cur_bloom->header->count = 0; + cur_bloom->header->id = bloom->header->max_id + 1; + } + if (bloom->header->max_id < id) + { + bloom->header->max_id = id; + } + counting_bloom_add(cur_bloom, s, len); + + bloom->header->mem_seqnum = seqnum + 1; + + return 1; +} + +int scaling_bloom_remove(scaling_bloom_t *bloom, const char *s, size_t len, uint64_t id) +{ + counting_bloom_t *cur_bloom; + int i; + uint64_t seqnum; + + for (i = bloom->num_blooms - 1; i >= 0; i--) + { + cur_bloom = bloom->blooms[i]; + if (id >= cur_bloom->header->id) + { + seqnum = scaling_bloom_clear_seqnums(bloom); + + counting_bloom_remove(cur_bloom, s, len); + + bloom->header->mem_seqnum = seqnum + 1; + return 1; + } + } + return 0; +} + +int scaling_bloom_check(scaling_bloom_t *bloom, const char *s, size_t len) +{ + int i; + counting_bloom_t *cur_bloom; + for (i = bloom->num_blooms - 1; i >= 0; i--) + { + cur_bloom = bloom->blooms[i]; + if (counting_bloom_check(cur_bloom, s, len)) + { + return 1; + } + } + return 0; +} + +int scaling_bloom_flush(scaling_bloom_t *bloom) +{ + if (bitmap_flush(bloom->bitmap) != 0) + { + return -1; + } + // all changes written to disk before disk_seqnum set + if (bloom->header->disk_seqnum == 0) + { + bloom->header->disk_seqnum = bloom->header->mem_seqnum; + return bitmap_flush(bloom->bitmap); + } + return 0; +} + +uint64_t scaling_bloom_mem_seqnum(scaling_bloom_t *bloom) +{ + return bloom->header->mem_seqnum; +} + +uint64_t scaling_bloom_disk_seqnum(scaling_bloom_t *bloom) +{ + return bloom->header->disk_seqnum; +} + +scaling_bloom_t *scaling_bloom_init(unsigned int capacity, double error_rate) +{ + scaling_bloom_t *bloom; + + if ((bloom = (scaling_bloom_t *)malloc(sizeof(scaling_bloom_t))) == NULL) + { + return NULL; + } + if ((bloom->bitmap = new_bitmap(sizeof(scaling_bloom_header_t))) == NULL) + { + fprintf(stderr, "Error, Could not create bitmap with file\n"); + free_scaling_bloom(bloom); + return NULL; + } + + bloom->header = (scaling_bloom_header_t *)bloom->bitmap->array; + bloom->capacity = capacity; + bloom->error_rate = error_rate; + bloom->num_blooms = 0; + bloom->num_bytes = sizeof(scaling_bloom_header_t); + bloom->blooms = NULL; + + return bloom; +} + +scaling_bloom_t *new_scaling_bloom(unsigned int capacity, double error_rate) +{ + + scaling_bloom_t *bloom; + counting_bloom_t *cur_bloom; + + bloom = scaling_bloom_init(capacity, error_rate); + + if (!(cur_bloom = new_counting_bloom_from_scale(bloom))) + { + fprintf(stderr, "Error, Could not create counting bloom\n"); + free_scaling_bloom(bloom); + return NULL; + } + cur_bloom->header->count = 0; + cur_bloom->header->id = 0; + + bloom->header->mem_seqnum = 1; + return bloom; +} + +struct expiry_dablooms_handle +{ + scaling_bloom_t *cur_bloom; + scaling_bloom_t *next_bloom; + time_t cur_bloom_start; + time_t next_bloom_start; + time_t last_bloom_check; + uint64_t cur_bloom_inc_id; + uint64_t next_bloom_inc_id; + unsigned int capacity; + int expiry_time; + time_t cur_time; + double error_rate; +}; + +char *expiry_dablooms_errno_trans(enum expiry_dablooms_errno _errno) +{ + switch (_errno) + { + case EXPIRY_DABLOOMS_ERRNO_BLOOM_NULL: + return (char *)"scaling_bloom_null"; + case EXPIRY_DABLOOMS_ERRNO_NEW_BLOOM_FAIL: + return (char *)"new_scaling_bloom_fail"; + default: + return (char *)"unknown"; + } +} + +void expiry_dablooms_destroy(struct expiry_dablooms_handle *handle) +{ + if (handle != NULL) + { + if (handle->cur_bloom != NULL) + { + free_scaling_bloom(handle->cur_bloom); + } + if (handle->next_bloom != NULL) + { + free_scaling_bloom(handle->next_bloom); + } + FREE(&handle); + } +} + +struct expiry_dablooms_handle *expiry_dablooms_init(unsigned int capacity, double error_rate, time_t cur_time, int expiry_time) +{ + struct expiry_dablooms_handle *handle = ALLOC(struct expiry_dablooms_handle, 1); + scaling_bloom_t *cur_bloom = new_scaling_bloom(capacity, error_rate); + if (cur_bloom == NULL) + { + goto error_out; + } + handle->cur_bloom = cur_bloom; + handle->cur_bloom_inc_id = 0; + handle->cur_bloom_start = cur_time; + handle->capacity = capacity; + handle->error_rate = error_rate; + handle->expiry_time = expiry_time; + handle->cur_time = cur_time; + return handle; + +error_out: + expiry_dablooms_destroy(handle); + return NULL; +} + +int expiry_dablooms_element_count_get(struct expiry_dablooms_handle *handle, uint64_t *count) +{ + if (handle == NULL || handle->cur_bloom == NULL) + { + return EXPIRY_DABLOOMS_ERRNO_BLOOM_NULL; + } + *count = handle->cur_bloom_inc_id; + return 0; +} + +static int bloom_expired_check(struct expiry_dablooms_handle *handle, time_t cur_time) +{ + if (handle == NULL || handle->cur_bloom == NULL) + { + return EXPIRY_DABLOOMS_ERRNO_BLOOM_NULL; + } + if (cur_time <= handle->last_bloom_check) + { + return 0; + } + time_t delta_time = cur_time - handle->cur_bloom_start; + handle->cur_time = cur_time; + if (delta_time >= handle->expiry_time) + { + free_scaling_bloom(handle->cur_bloom); + if (handle->next_bloom != NULL) + { + handle->cur_bloom = handle->next_bloom; + handle->cur_bloom_start = handle->next_bloom_start; + handle->cur_bloom_inc_id = handle->next_bloom_inc_id; + handle->next_bloom = NULL; + handle->last_bloom_check = 0; + } + else + { + scaling_bloom_t *cur_bloom = new_scaling_bloom(handle->capacity, handle->error_rate); + if (cur_bloom == NULL) + { + return EXPIRY_DABLOOMS_ERRNO_NEW_BLOOM_FAIL; + } + handle->cur_bloom = cur_bloom; + handle->cur_bloom_inc_id = 0; + handle->cur_bloom_start = cur_time; + handle->last_bloom_check = 0; + } + } + else + { + handle->last_bloom_check = cur_time; + } + return 0; +} + +int expiry_dablooms_add(struct expiry_dablooms_handle *handle, const char *key, size_t len, time_t cur_time) +{ + if (key == NULL || len == 0 || handle == NULL) + { + return -1; + } + int ret = bloom_expired_check(handle, cur_time); + if (ret < 0) + { + return ret; + } + + scaling_bloom_add(handle->cur_bloom, key, len, handle->cur_bloom_inc_id); + handle->cur_bloom_inc_id++; + time_t delta_time = cur_time - handle->cur_bloom_start; + handle->cur_time = cur_time; + if (delta_time >= handle->expiry_time) + { + if (handle->next_bloom == NULL) + { + scaling_bloom_t *next_bloom = new_scaling_bloom(handle->capacity, handle->error_rate); + if (next_bloom == NULL) + { + return EXPIRY_DABLOOMS_ERRNO_NEW_BLOOM_FAIL; + } + handle->next_bloom = next_bloom; + handle->next_bloom_inc_id = 0; + handle->next_bloom_start = cur_time; + } + scaling_bloom_add(handle->next_bloom, key, len, handle->next_bloom_inc_id); + handle->next_bloom_inc_id++; + } + return 0; +} + +int expiry_dablooms_search(struct expiry_dablooms_handle *handle, const char *key, size_t len, time_t cur_time) +{ + if (key == NULL || len == 0 || handle == NULL) + { + return -1; + } + int ret = bloom_expired_check(handle, cur_time); + if (ret < 0) + { + return ret; + } + int bloom_hit = scaling_bloom_check(handle->cur_bloom, key, len); + return bloom_hit; +} diff --git a/common/src/murmur.cpp b/common/src/murmur.cpp new file mode 100644 index 0000000..a36c5fa --- /dev/null +++ b/common/src/murmur.cpp @@ -0,0 +1,153 @@ +//----------------------------------------------------------------------------- +// MurmurHash3 was written by Austin Appleby, and is placed in the public +// domain. The author hereby disclaims copyright to this source code. + +// Note - The x86 and x64 versions do _not_ produce the same results, as the +// algorithms are optimized for their respective platforms. You can still +// compile and run any of them on any platform, but your performance with the +// non-native version will be less than optimal. + +#include "murmur.h" + +#define FORCE_INLINE inline static + +FORCE_INLINE uint64_t rotl64(uint64_t x, int8_t r) +{ + return (x << r) | (x >> (64 - r)); +} + +#define ROTL64(x, y) rotl64(x, y) + +#define BIG_CONSTANT(x) (x##LLU) + +#define getblock(x, i) (x[i]) + +//----------------------------------------------------------------------------- +// Finalization mix - force all bits of a hash block to avalanche + +FORCE_INLINE uint64_t fmix64(uint64_t k) +{ + k ^= k >> 33; + k *= BIG_CONSTANT(0xff51afd7ed558ccd); + k ^= k >> 33; + k *= BIG_CONSTANT(0xc4ceb9fe1a85ec53); + k ^= k >> 33; + + return k; +} + +//----------------------------------------------------------------------------- + +void MurmurHash3_x64_128(const void *key, const int len, const uint32_t seed, void *out) +{ + const uint8_t *data = (const uint8_t *)key; + const int nblocks = len / 16; + + uint64_t h1 = seed; + uint64_t h2 = seed; + + uint64_t c1 = BIG_CONSTANT(0x87c37b91114253d5); + uint64_t c2 = BIG_CONSTANT(0x4cf5ad432745937f); + + int i; + + //---------- + // body + + const uint64_t *blocks = (const uint64_t *)(data); + + for (i = 0; i < nblocks; i++) + { + uint64_t k1 = getblock(blocks, i * 2 + 0); + uint64_t k2 = getblock(blocks, i * 2 + 1); + + k1 *= c1; + k1 = ROTL64(k1, 31); + k1 *= c2; + h1 ^= k1; + + h1 = ROTL64(h1, 27); + h1 += h2; + h1 = h1 * 5 + 0x52dce729; + + k2 *= c2; + k2 = ROTL64(k2, 33); + k2 *= c1; + h2 ^= k2; + + h2 = ROTL64(h2, 31); + h2 += h1; + h2 = h2 * 5 + 0x38495ab5; + } + + //---------- + // tail + + const uint8_t *tail = (const uint8_t *)(data + nblocks * 16); + + uint64_t k1 = 0; + uint64_t k2 = 0; + + switch (len & 15) + { + case 15: + k2 ^= ((uint64_t)tail[14]) << 48; + case 14: + k2 ^= ((uint64_t)tail[13]) << 40; + case 13: + k2 ^= ((uint64_t)tail[12]) << 32; + case 12: + k2 ^= ((uint64_t)tail[11]) << 24; + case 11: + k2 ^= ((uint64_t)tail[10]) << 16; + case 10: + k2 ^= ((uint64_t)tail[9]) << 8; + case 9: + k2 ^= ((uint64_t)tail[8]) << 0; + k2 *= c2; + k2 = ROTL64(k2, 33); + k2 *= c1; + h2 ^= k2; + + case 8: + k1 ^= ((uint64_t)tail[7]) << 56; + case 7: + k1 ^= ((uint64_t)tail[6]) << 48; + case 6: + k1 ^= ((uint64_t)tail[5]) << 40; + case 5: + k1 ^= ((uint64_t)tail[4]) << 32; + case 4: + k1 ^= ((uint64_t)tail[3]) << 24; + case 3: + k1 ^= ((uint64_t)tail[2]) << 16; + case 2: + k1 ^= ((uint64_t)tail[1]) << 8; + case 1: + k1 ^= ((uint64_t)tail[0]) << 0; + k1 *= c1; + k1 = ROTL64(k1, 31); + k1 *= c2; + h1 ^= k1; + } + + //---------- + // finalization + + h1 ^= len; + h2 ^= len; + + h1 += h2; + h2 += h1; + + h1 = fmix64(h1); + h2 = fmix64(h2); + + h1 += h2; + h2 += h1; + + ((uint64_t *)out)[0] = h1; + ((uint64_t *)out)[1] = h2; +} + +//----------------------------------------------------------------------------- diff --git a/common/src/packet.cpp b/common/src/packet.cpp new file mode 100644 index 0000000..b96edcc --- /dev/null +++ b/common/src/packet.cpp @@ -0,0 +1,1475 @@ +#include +#include +#include +#include +#define __FAVOR_BSD 1 +#include +#include +#include +#include + +#include "uthash.h" +#include "packet.h" + +#define likely(expr) __builtin_expect((expr), 1) +#define unlikely(expr) __builtin_expect((expr), 0) + +#define PACKET_LOG_DATA_INSUFFICIENCY(type) \ + { \ + PACKET_LOG_ERROR("layer: %s, data insufficiency", \ + layer_type_tostring((type))); \ + } + +#define PACKET_LOG_UNSUPPORT_PROTO(tag, next_proto) \ + { \ + PACKET_LOG_ERROR("%s: unsupport next proto %d", \ + (tag), (next_proto)); \ + } + +#define PACKET_LOG_UNSUPPORT_ETHPROTO(tag, next_proto) \ + { \ + PACKET_LOG_ERROR("%s: unsupport next proto %d: %s", \ + (tag), (next_proto), ethproto_tostring(next_proto)); \ + } + +#define PACKET_LOG_UNSUPPORT_IPPROTO(tag, next_proto) \ + { \ + PACKET_LOG_ERROR("%s: unsupport next proto %d: %s", \ + (tag), (next_proto), ipproto_tostring(next_proto)); \ + } + +/****************************************************************************** + * Static API + ******************************************************************************/ + +static const char *ethproto_tostring(uint16_t proto); +static const char *ipproto_tostring(uint16_t proto); +static inline const char *ldbc_method_tostring(enum ldbc_method method); +static inline const char *layer_type_tostring(enum layer_type type); + +static inline void set_tuple2(const char *data, enum layer_type type, struct tuple2 *tuple); +static inline void set_tuple4(const char *data, enum layer_type type, struct tuple4 *tuple); +static inline void set_tuple6(const char *data, enum layer_type type, struct tuple6 *tuple, uint64_t zone_id); + +static inline struct layer_record *get_free_layer(struct packet *handler); + +static inline uint16_t get_gtp_hdr_len(const char *data, uint16_t len); +static inline uint16_t get_gre_hdr_len(const char *data, uint16_t len); + +// 数据链路层 +static inline const char *parse_ether(struct packet *handler, const char *data, uint16_t len); +static inline const char *parse_ppp(struct packet *handler, const char *data, uint16_t len); +// 数据链路层 -- 隧道 +static inline const char *parse_vlan(struct packet *handler, const char *data, uint16_t len); +static inline const char *parse_pppoe_ses(struct packet *handler, const char *data, uint16_t len); +static inline const char *parse_mpls(struct packet *handler, const char *data, uint16_t len); +// 网络层 +static inline const char *parse_ipv4(struct packet *handler, const char *data, uint16_t len); +static inline const char *parse_ipv6(struct packet *handler, const char *data, uint16_t len); +// 网络层 -- 隧道 +static inline const char *parse_gre(struct packet *handler, const char *data, uint16_t len); +// 传输层 +static inline const char *parse_udp(struct packet *handler, const char *data, uint16_t len); +static inline const char *parse_tcp(struct packet *handler, const char *data, uint16_t len); +// 传输层 -- 隧道 +static inline const char *parse_vxlan(struct packet *handler, const char *data, uint16_t len); +static inline const char *parse_gtpv1_u(struct packet *handler, const char *data, uint16_t len); +// L3/L4 +static inline const char *parse_l3(struct packet *handler, uint16_t next_proto, const char *data, uint16_t len); +static inline const char *parse_l4(struct packet *handler, uint8_t next_proto, const char *data, uint16_t len); + +/****************************************************************************** + * Private API -- Utils + ******************************************************************************/ + +static const char *ethproto_tostring(uint16_t proto) +{ + switch (proto) + { + case ETH_P_LOOP: + return "LOOP"; + case ETH_P_PUP: + return "PUP"; + case ETH_P_PUPAT: + return "PUPAT"; + case ETH_P_IP: + return "IP"; + case ETH_P_X25: + return "X25"; + case ETH_P_ARP: + return "ARP"; + case ETH_P_BPQ: + return "BPQ"; + case ETH_P_IEEEPUP: + return "IEEEPUP"; + case ETH_P_IEEEPUPAT: + return "IEEEPUPAT"; + case ETH_P_DEC: + return "DEC"; + case ETH_P_DNA_DL: + return "DNA_DL"; + case ETH_P_DNA_RC: + return "DNA_RC"; + case ETH_P_DNA_RT: + return "DNA_RT"; + case ETH_P_LAT: + return "LAT"; + case ETH_P_DIAG: + return "DIAG"; + case ETH_P_CUST: + return "CUST"; + case ETH_P_SCA: + return "SCA"; + case ETH_P_TEB: + return "TEB"; + case ETH_P_RARP: + return "RARP"; + case ETH_P_ATALK: + return "ATALK"; + case ETH_P_AARP: + return "AARP"; + case ETH_P_8021Q: + return "8021Q"; + case ETH_P_IPX: + return "IPX"; + case ETH_P_IPV6: + return "IPV6"; + case ETH_P_PAUSE: + return "PAUSE"; + case ETH_P_SLOW: + return "SLOW"; + case ETH_P_WCCP: + return "WCCP"; + case ETH_P_PPP_DISC: + return "PPP_DISC"; + case ETH_P_PPP_SES: + return "PPP_SES"; + case ETH_P_MPLS_UC: + return "MPLS_UC"; + case ETH_P_MPLS_MC: + return "MPLS_MC"; + case ETH_P_ATMMPOA: + return "ATMMPOA"; + case ETH_P_LINK_CTL: + return "LINK_CTL"; + case ETH_P_ATMFATE: + return "ATMFATE"; + case ETH_P_PAE: + return "PAE"; + case ETH_P_AOE: + return "AOE"; + case ETH_P_8021AD: + return "8021AD"; + case ETH_P_802_EX1: + return "802_EX1"; + case ETH_P_TIPC: + return "TIPC"; + case ETH_P_8021AH: + return "8021AH"; + case ETH_P_1588: + return "1588"; + case ETH_P_FCOE: + return "FCOE"; + case ETH_P_TDLS: + return "TDLS"; + case ETH_P_FIP: + return "FIP"; + case ETH_P_QINQ1: + return "QINQ1"; + case ETH_P_QINQ2: + return "QINQ2"; + case ETH_P_QINQ3: + return "QINQ3"; + case ETH_P_EDSA: + return "EDSA"; + case ETH_P_AF_IUCV: + return "AF_IUCV"; + default: + return "UNKNOWN"; + } +} + +static const char *ipproto_tostring(uint16_t proto) +{ + switch (proto) + { + case IPPROTO_IP: + return "IP"; + case IPPROTO_ICMP: + return "ICMP"; + case IPPROTO_IGMP: + return "IGMP"; + case IPPROTO_IPIP: + return "IPIP"; + case IPPROTO_TCP: + return "TCP"; + case IPPROTO_EGP: + return "EGP"; + case IPPROTO_PUP: + return "PUP"; + case IPPROTO_UDP: + return "UDP"; + case IPPROTO_IDP: + return "IDP"; + case IPPROTO_TP: + return "TP"; + case IPPROTO_DCCP: + return "DCCP"; + case IPPROTO_IPV6: + return "IPV6"; + case IPPROTO_ROUTING: + return "ROUTING"; + case IPPROTO_FRAGMENT: + return "FRAGMENT"; + case IPPROTO_RSVP: + return "RSVP"; + case IPPROTO_GRE: + return "GRE"; + case IPPROTO_ESP: + return "ESP"; + case IPPROTO_AH: + return "AH"; + case IPPROTO_ICMPV6: + return "ICMPV6"; + case IPPROTO_NONE: + return "NONE"; + case IPPROTO_DSTOPTS: + return "DSTOPTS"; + case IPPROTO_MTP: + return "MTP"; + case IPPROTO_ENCAP: + return "ENCAP"; + case IPPROTO_PIM: + return "PIM"; + case IPPROTO_COMP: + return "COMP"; + case IPPROTO_SCTP: + return "SCTP"; + case IPPROTO_UDPLITE: + return "UDPLITE"; + case IPPROTO_RAW: + return "RAW"; + default: + return "UNKNOWN"; + } +} + +static inline const char *ldbc_method_tostring(enum ldbc_method method) +{ + switch (method) + { + case LDBC_METHOD_HASH_INT_IP: + return "outter_internal_ip"; + case LDBC_METHOD_HASH_EXT_IP: + return "outter_external_ip"; + case LDBC_METHOD_HASH_INT_IP_AND_EXT_IP: + return "outter_internal_ip_and_external_ip"; + case LDBC_METHOD_HASH_INNERMOST_INT_IP: + return "inner_internal_ip"; + case LDBC_METHOD_HASH_INNERMOST_EXT_IP: + return "inner_external_ip"; + default: + return "unknown"; + } +} + +static inline const char *layer_type_tostring(enum layer_type type) +{ + switch (type) + { + case LAYER_TYPE_ETHER: + return "ETH"; + case LAYER_TYPE_PPP: + return "PPP"; + case LAYER_TYPE_HDLC: + return "HDLC"; + case LAYER_TYPE_VLAN: + return "VLAN"; + case LAYER_TYPE_PPPOE: + return "PPPOE"; + case LAYER_TYPE_MPLS: + return "MPLS"; + case LAYER_TYPE_IPV4: + return "IPV4"; + case LAYER_TYPE_IPV6: + return "IPV6"; + case LAYER_TYPE_GRE: + return "GRE"; + case LAYER_TYPE_UDP: + return "UDP"; + case LAYER_TYPE_TCP: + return "TCP"; + case LAYER_TYPE_VXLAN: + return "VXLAN"; + case LAYER_TYPE_GTPV1_U: + return "GTPV1"; + default: + return "UNKNOWN"; + } +} + +static inline void set_tuple2(const char *data, enum layer_type type, struct tuple2 *tuple) +{ + const struct ip *ipv4 = NULL; + const struct ip6_hdr *ipv6 = NULL; + + switch (type) + { + case LAYER_TYPE_IPV4: + ipv4 = (const struct ip *)data; + tuple->ip_type = IP_TYPE_V4; + tuple->src_addr.v4.s_addr = ipv4->ip_src.s_addr; + tuple->dst_addr.v4.s_addr = ipv4->ip_dst.s_addr; + break; + case LAYER_TYPE_IPV6: + ipv6 = (const struct ip6_hdr *)data; + tuple->ip_type = IP_TYPE_V6; + tuple->src_addr.v6 = ipv6->ip6_src; + tuple->dst_addr.v6 = ipv6->ip6_dst; + break; + default: + break; + } +} + +static inline void set_tuple4(const char *data, enum layer_type type, struct tuple4 *tuple) +{ + const struct ip *ipv4 = NULL; + const struct ip6_hdr *ipv6 = NULL; + const struct tcphdr *tcp = NULL; + const struct udphdr *udp = NULL; + + switch (type) + { + case LAYER_TYPE_TCP: + tcp = (const struct tcphdr *)data; + tuple->src_port = tcp->th_sport; + tuple->dst_port = tcp->th_dport; + break; + case LAYER_TYPE_UDP: + udp = (const struct udphdr *)data; + tuple->src_port = udp->uh_sport; + tuple->dst_port = udp->uh_dport; + break; + case LAYER_TYPE_IPV4: + ipv4 = (const struct ip *)data; + tuple->ip_type = IP_TYPE_V4; + tuple->src_addr.v4.s_addr = ipv4->ip_src.s_addr; + tuple->dst_addr.v4.s_addr = ipv4->ip_dst.s_addr; + break; + case LAYER_TYPE_IPV6: + ipv6 = (const struct ip6_hdr *)data; + tuple->ip_type = IP_TYPE_V6; + tuple->src_addr.v6 = ipv6->ip6_src; + tuple->dst_addr.v6 = ipv6->ip6_dst; + break; + default: + break; + } +} + +static inline void set_tuple6(const char *data, enum layer_type type, struct tuple6 *tuple, uint64_t zone_id) +{ + const struct ip *ipv4 = NULL; + const struct ip6_hdr *ipv6 = NULL; + const struct tcphdr *tcp = NULL; + const struct udphdr *udp = NULL; + + tuple->security_zone = zone_id; + + switch (type) + { + case LAYER_TYPE_TCP: + tcp = (const struct tcphdr *)data; + tuple->ip_proto = IPPROTO_TCP; + tuple->src_port = tcp->th_sport; + tuple->dst_port = tcp->th_dport; + break; + case LAYER_TYPE_UDP: + udp = (const struct udphdr *)data; + tuple->ip_proto = IPPROTO_UDP; + tuple->src_port = udp->uh_sport; + tuple->dst_port = udp->uh_dport; + break; + case LAYER_TYPE_IPV4: + ipv4 = (const struct ip *)data; + tuple->ip_type = IP_TYPE_V4; + tuple->src_addr.v4.s_addr = ipv4->ip_src.s_addr; + tuple->dst_addr.v4.s_addr = ipv4->ip_dst.s_addr; + break; + case LAYER_TYPE_IPV6: + ipv6 = (const struct ip6_hdr *)data; + tuple->ip_type = IP_TYPE_V6; + tuple->src_addr.v6 = ipv6->ip6_src; + tuple->dst_addr.v6 = ipv6->ip6_dst; + break; + default: + break; + } +} + +static inline struct layer_record *get_free_layer(struct packet *handler) +{ + if (handler->layers_used >= handler->layers_size) + { + return NULL; + } + + return &handler->layers[handler->layers_used]; +} + +#define SET_LAYER(_handler, _layer, _type, _hdr_len, _data, _len) \ + { \ + (_layer)->type = (_type); \ + (_layer)->hdr_offset = (_handler)->data_len - (_len); \ + (_layer)->hdr_ptr = (_data); \ + (_layer)->hdr_len = (_hdr_len); \ + (_layer)->pld_ptr = (_data) + (_hdr_len); \ + (_layer)->pld_len = (_len) - (_hdr_len); \ + (_handler)->layers_used++; \ + PACKET_LOG_DEBUG("layer[%d/%d]: %s, hdr_offset: %d, hdr_ptr: %p, hdr_len: %d, pld_ptr: %p, pld_len: %d", \ + (_handler)->layers_used - 1, (_handler)->layers_size, layer_type_tostring((_type)), \ + (_layer)->hdr_offset, (_layer)->hdr_ptr, (_layer)->hdr_len, (_layer)->pld_ptr, (_layer)->pld_len); \ + } + +/****************************************************************************** + * Private API -- Parses + ******************************************************************************/ + +static inline uint16_t get_gtp_hdr_len(const char *data, uint16_t len) +{ +#define GTP_HDR_VER (0xE0) +#define GTP_HDR_FLAG_N_PDU (0x01) +#define GTP_HDR_FLAG_SEQ_NUM (0x02) +#define GTP_HDR_FLAG_EXT_HDR (0x04) + + struct gtp_hdr + { + uint8_t flags; + uint8_t msg_type; + uint16_t msg_len; + uint32_t teid; + } __attribute__((__packed__)); + + struct gtp_opt + { + uint16_t seq_num; + uint8_t npdu; + uint8_t next_ext_hdr; + } __attribute__((__packed__)); + + uint16_t hdr_offset = 0; + if (len < sizeof(struct gtp_hdr)) + { + return 0; + } + const struct gtp_hdr *gtp = (const struct gtp_hdr *)data; + hdr_offset += sizeof(struct gtp_hdr); // skip gre hdr + + // GTPv0 Not Supported + if (((gtp->flags & GTP_HDR_VER) >> 5) != 1) + { + return 0; + } + + if (gtp->flags & (GTP_HDR_FLAG_SEQ_NUM | GTP_HDR_FLAG_N_PDU | GTP_HDR_FLAG_EXT_HDR)) + { + if (hdr_offset + sizeof(struct gtp_opt) > len) + { + return 0; + } + struct gtp_opt *opt_hdr = (struct gtp_opt *)((char *)data + hdr_offset); + uint8_t next_ext_hdr = opt_hdr->next_ext_hdr; + hdr_offset += sizeof(struct gtp_opt); // skip gre opt + + while (next_ext_hdr) + { + if (hdr_offset + 1 > len) + { + return 0; + } + uint8_t length = *((char *)data + hdr_offset) * 4 - 2; + hdr_offset += 1; // skip length field + + if (hdr_offset + length + 1 > len) + { + return 0; + } + hdr_offset += length; // skip data field + next_ext_hdr = *((char *)data + hdr_offset); + hdr_offset += 1; // skip next ext hdr field + } + } + + return hdr_offset; +} + +static inline uint16_t get_gre_hdr_len(const char *data, uint16_t len) +{ + /* + * GRE Header Format (Version 0) + * + * 0 1 2 3 + * 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 + * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ + * |C|R|K|S|s|Recur| Flags | Ver | Protocol Type | + * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ + * | Checksum (optional) | Offset (optional) | + * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ + * | Key (optional) | + * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ + * | Sequence Number (optional) | + * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ + * | Routing (optional) + * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ + * + * 0 1 2 3 + * 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 + * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ + * | Address Family | SRE Offset | SRE Length | + * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ + * | Routing Information ... + * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ + * + * https://datatracker.ietf.org/doc/html/rfc1701 + * https://datatracker.ietf.org/doc/html/rfc2890 + */ + + /* + * Enhanced GRE header (Version 1) + * + * 0 1 2 3 + * 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 + * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ + * |C|R|K|S|s|Recur|A| Flags | Ver | Protocol Type | + * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ + * | Key (HW) Payload Length | Key (LW) Call ID | + * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ + * | Sequence Number (Optional) | + * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ + * | Acknowledgment Number (Optional) | + * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ + * + * https://datatracker.ietf.org/doc/html/rfc2637 + */ + +/* bit positions for flags in header */ +#define GRE_CHECKSUM 0x8000 +#define GRE_ROUTING 0x4000 +#define GRE_KEY 0x2000 +#define GRE_SEQUENCE 0x1000 +#define GRE_STRICTSOURCE 0x0800 +#define GRE_RECURSION 0x0700 +#define GRE_ACK 0x0080 /* only in special PPTPized GRE header */ +#define GRE_RESERVED_PPP 0x0078 /* only in special PPTPized GRE header */ +#define GRE_RESERVED 0x00F8 +#define GRE_VERSION 0x0007 + + if (len < 4) + { + return 0; + } + + struct SRE + { + uint16_t address_family; + uint8_t sre_offset; + uint8_t sre_length; + } __attribute__((__packed__)); + + uint16_t sre_size = sizeof(struct SRE); + const uint16_t *gre = (const uint16_t *)data; + uint16_t flags = ntohs(gre[0]); + uint16_t version = flags & GRE_VERSION; + uint16_t hdr_offset = 0; + + if (version == 0) + { + hdr_offset = 4; + + if ((flags & GRE_CHECKSUM) || (flags & GRE_ROUTING)) + { + hdr_offset += 4; + } + if (flags & GRE_KEY) + { + hdr_offset += 4; + } + if (flags & GRE_SEQUENCE) + { + hdr_offset += 4; + } + if (flags & GRE_ROUTING) + { + while (hdr_offset + sre_size <= len) + { + struct SRE *sre = (struct SRE *)((char *)data + hdr_offset); + if (sre->sre_length == 0) + { + hdr_offset += sre_size; + break; + } + else + { + hdr_offset += sre_size + sre->sre_length; + } + } + } + } + + if (version == 1) + { + hdr_offset = 8; + if (flags & GRE_SEQUENCE) + { + hdr_offset += 4; + } + if (flags & GRE_ACK) + { + hdr_offset += 4; + } + } + + if (hdr_offset > len) + { + return 0; + } + + return hdr_offset; +} + +static inline const char *parse_ether(struct packet *handler, const char *data, uint16_t len) +{ + if (unlikely(len < sizeof(struct ethhdr))) + { + PACKET_LOG_DATA_INSUFFICIENCY(LAYER_TYPE_ETHER); + return data; + } + + struct layer_record *layer = get_free_layer(handler); + if (unlikely(layer == NULL)) + { + return data; + } + uint16_t next_proto = ntohs(((struct ethhdr *)data)->h_proto); + SET_LAYER(handler, layer, LAYER_TYPE_ETHER, sizeof(struct ethhdr), data, len); + + // TESTED + return parse_l3(handler, next_proto, layer->pld_ptr, layer->pld_len); +} + +static inline const char *parse_ppp(struct packet *handler, const char *data, uint16_t len) +{ + if (unlikely(len < 4)) + { + PACKET_LOG_DATA_INSUFFICIENCY(LAYER_TYPE_PPP); + return data; + } + + struct layer_record *layer = get_free_layer(handler); + if (unlikely(layer == NULL)) + { + return data; + } + uint16_t next_proto = ntohs(*((uint16_t *)data + 1)); + SET_LAYER(handler, layer, LAYER_TYPE_PPP, 4, data, len); + + switch (next_proto) + { + // TESTED + case PPP_IP: + return parse_ipv4(handler, layer->pld_ptr, layer->pld_len); + case PPP_IPV6: + return parse_ipv6(handler, layer->pld_ptr, layer->pld_len); + default: + PACKET_LOG_UNSUPPORT_PROTO("ppp", next_proto); + return layer->pld_ptr; + } +} + +static inline const char *parse_vlan(struct packet *handler, const char *data, uint16_t len) +{ + struct vlan_hdr + { + uint16_t vlan_cfi; + uint16_t protocol; + } __attribute__((__packed__)); + + if (unlikely(len < sizeof(struct vlan_hdr))) + { + PACKET_LOG_DATA_INSUFFICIENCY(LAYER_TYPE_VLAN); + return data; + } + + struct layer_record *layer = get_free_layer(handler); + if (unlikely(layer == NULL)) + { + return data; + } + uint16_t next_proto = ntohs(((struct vlan_hdr *)data)->protocol); + SET_LAYER(handler, layer, LAYER_TYPE_VLAN, sizeof(struct vlan_hdr), data, len); + + // TESTED + return parse_l3(handler, next_proto, layer->pld_ptr, layer->pld_len); +} + +static inline const char *parse_pppoe_ses(struct packet *handler, const char *data, uint16_t len) +{ +#define PPPOE_TYPE_IPV4 0x2100 +#define PPPOE_TYPE_IPV6 0x5700 + + if (unlikely(len < 8)) + { + PACKET_LOG_DATA_INSUFFICIENCY(LAYER_TYPE_PPPOE); + return data; + } + + struct layer_record *layer = get_free_layer(handler); + if (unlikely(layer == NULL)) + { + return data; + } + uint16_t next_proto = *((uint16_t *)data + 3); + SET_LAYER(handler, layer, LAYER_TYPE_PPPOE, 8, data, len); + + switch (next_proto) + { + // TESTED + case PPPOE_TYPE_IPV4: + return parse_ipv4(handler, layer->pld_ptr, layer->pld_len); + case PPPOE_TYPE_IPV6: + return parse_ipv6(handler, layer->pld_ptr, layer->pld_len); + default: + PACKET_LOG_UNSUPPORT_PROTO("pppoe", next_proto); + return layer->pld_ptr; + } +} + +static inline const char *parse_mpls(struct packet *handler, const char *data, uint16_t len) +{ + /* + * MPLS Format + * 0 1 2 3 + * 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 + * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ + * | Label | Exp |S| TTL | + * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ + * Label : Label Value 20 bits + * Exp : Experimental Use 3 bits + * S : Bottom of Stack 1 bit + * TTL : Time to Live 8 bits + */ + +#define MPLS_LABEL_MASK (0xFFFFF000) +#define MPLS_EXP_MASK (0x00000E00) +#define MPLS_BLS_MASK (0x00000100) +#define MPLS_TTL_MASK (0x000000FF) + + enum mpls_next_proto + { + MPLS_NEXT_PROTO_ETHER = 0x0, + MPLS_NEXT_PROTO_MPLS = 0x1, + MPLS_NEXT_PROTO_IPV4 = 0x4, + MPLS_NEXT_PROTO_IPV6 = 0x6, + }; + + // 4 + 1 + if (unlikely(len < 5)) + { + PACKET_LOG_DATA_INSUFFICIENCY(LAYER_TYPE_MPLS); + return data; + } + + struct layer_record *layer = get_free_layer(handler); + if (unlikely(layer == NULL)) + { + return data; + } + + uint16_t hdr_len = 4; + uint32_t *hdr = (uint32_t *)data; + unsigned int mpls_bls = (ntohl(*hdr) & MPLS_BLS_MASK) >> 8; + enum mpls_next_proto next_proto; + if (mpls_bls == 1) + { + switch ((((uint8_t *)(data + 4))[0]) >> 4) + { + case 0: + /* + * PW Ethernet Control Word + * 0 1 2 3 + * 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 + * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ + * |0 0 0 0| Reserved | Sequence Number | + * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ + * Reference: https://tools.ietf.org/html/rfc4448 + */ + hdr_len += 4; // skip PW Ethernet Control Word + next_proto = MPLS_NEXT_PROTO_ETHER; + break; + case 4: + next_proto = MPLS_NEXT_PROTO_IPV4; + break; + case 6: + next_proto = MPLS_NEXT_PROTO_IPV6; + break; + default: + next_proto = MPLS_NEXT_PROTO_ETHER; + break; + } + } + else + { + next_proto = MPLS_NEXT_PROTO_MPLS; + } + SET_LAYER(handler, layer, LAYER_TYPE_MPLS, hdr_len, data, len); + + switch (next_proto) + { + // TESTED + case MPLS_NEXT_PROTO_IPV4: + return parse_ipv4(handler, layer->pld_ptr, layer->pld_len); + case MPLS_NEXT_PROTO_IPV6: + return parse_ipv6(handler, layer->pld_ptr, layer->pld_len); + // TESTED + case MPLS_NEXT_PROTO_ETHER: + return parse_ether(handler, layer->pld_ptr, layer->pld_len); + // TESTED + case MPLS_NEXT_PROTO_MPLS: + return parse_mpls(handler, layer->pld_ptr, layer->pld_len); + default: + // unreachable + return layer->pld_ptr; + } +} + +static inline const char *parse_ipv4(struct packet *handler, const char *data, uint16_t len) +{ + if (unlikely(len < sizeof(struct ip))) + { + PACKET_LOG_DATA_INSUFFICIENCY(LAYER_TYPE_IPV4); + return data; + } + + struct layer_record *layer = get_free_layer(handler); + if (unlikely(layer == NULL)) + { + return data; + } + struct ip *hdr = (struct ip *)data; + uint8_t next_proto = hdr->ip_p; + uint16_t hdr_len = (hdr->ip_hl & 0xf) * 4u; + SET_LAYER(handler, layer, LAYER_TYPE_IPV4, hdr_len, data, len); + + // ip fragmented + if ((ntohs(hdr->ip_off) & IP_MF) || (ntohs(hdr->ip_off) & IP_OFFMASK)) + { + PACKET_LOG_DEBUG("ip is fragmented"); + return layer->pld_ptr; + } + + // TESTED + return parse_l4(handler, next_proto, layer->pld_ptr, layer->pld_len); +} + +static inline const char *parse_ipv6(struct packet *handler, const char *data, uint16_t len) +{ + if (unlikely(len < sizeof(struct ip6_hdr))) + { + PACKET_LOG_DATA_INSUFFICIENCY(LAYER_TYPE_IPV6); + return data; + } + + struct layer_record *layer = get_free_layer(handler); + if (unlikely(layer == NULL)) + { + return data; + } + uint8_t next_proto = ((struct ip6_hdr *)data)->ip6_nxt; + SET_LAYER(handler, layer, LAYER_TYPE_IPV6, sizeof(struct ip6_hdr), data, len); + + // TESTED + return parse_l4(handler, next_proto, layer->pld_ptr, layer->pld_len); +} + +static inline const char *parse_gre(struct packet *handler, const char *data, uint16_t len) +{ +#define GRE_PRO_IPV4 (0x0800) +#define GRE_PRO_IPV6 (0x86DD) +#define GRE_PRO_ARP (0x0806) +#define GRE_PRO_PPP (0x880B) + + uint16_t hdr_len = get_gre_hdr_len(data, len); + if (unlikely(hdr_len == 0)) + { + PACKET_LOG_DATA_INSUFFICIENCY(LAYER_TYPE_GRE); + return data; + } + + struct layer_record *layer = get_free_layer(handler); + if (unlikely(layer == NULL)) + { + return data; + } + uint16_t next_proto = ntohs(*((uint16_t *)data + 1)); + SET_LAYER(handler, layer, LAYER_TYPE_GRE, hdr_len, data, len); + + switch (next_proto) + { + case GRE_PRO_IPV4: + return parse_ipv4(handler, layer->pld_ptr, layer->pld_len); + case GRE_PRO_IPV6: + return parse_ipv6(handler, layer->pld_ptr, layer->pld_len); + // TESTED + case GRE_PRO_PPP: + return parse_ppp(handler, layer->pld_ptr, layer->pld_len); + default: + PACKET_LOG_UNSUPPORT_PROTO("gre", next_proto); + return layer->pld_ptr; + } +} + +static inline const char *parse_udp(struct packet *handler, const char *data, uint16_t len) +{ + if (unlikely(len < sizeof(struct udphdr))) + { + PACKET_LOG_DATA_INSUFFICIENCY(LAYER_TYPE_UDP); + return data; + } + + struct layer_record *layer = get_free_layer(handler); + if (unlikely(layer == NULL)) + { + return data; + } + struct udphdr *hdr = (struct udphdr *)data; + SET_LAYER(handler, layer, LAYER_TYPE_UDP, sizeof(struct udphdr), data, len); + + switch (ntohs(hdr->uh_dport)) + { + // TESTED + // VXLAN_DPORT + case 4789: + return parse_vxlan(handler, layer->pld_ptr, layer->pld_len); + // TESTED + // GTP1U_PORT + case 2152: + return parse_gtpv1_u(handler, layer->pld_ptr, layer->pld_len); + default: + return layer->pld_ptr; + } +} + +static inline const char *parse_tcp(struct packet *handler, const char *data, uint16_t len) +{ + if (unlikely(len < sizeof(struct tcphdr))) + { + PACKET_LOG_DATA_INSUFFICIENCY(LAYER_TYPE_TCP); + return data; + } + + struct layer_record *layer = get_free_layer(handler); + if (unlikely(layer == NULL)) + { + return data; + } + uint16_t hdr_len = ((struct tcphdr *)data)->th_off << 2; + SET_LAYER(handler, layer, LAYER_TYPE_TCP, hdr_len, data, len); + + return layer->pld_ptr; +} + +static inline const char *parse_vxlan(struct packet *handler, const char *data, uint16_t len) +{ + struct vxlan_hdr + { + uint8_t flags[2]; + uint16_t gdp; + uint8_t vni[3]; + uint8_t reserved; + } __attribute__((__packed__)); + + if (unlikely(len < sizeof(struct vxlan_hdr))) + { + PACKET_LOG_DATA_INSUFFICIENCY(LAYER_TYPE_VXLAN); + return data; + } + + struct layer_record *layer = get_free_layer(handler); + if (unlikely(layer == NULL)) + { + return data; + } + SET_LAYER(handler, layer, LAYER_TYPE_VXLAN, sizeof(struct vxlan_hdr), data, len); + + // TESTED + return parse_ether(handler, layer->pld_ptr, layer->pld_len); +} + +static inline const char *parse_gtpv1_u(struct packet *handler, const char *data, uint16_t len) +{ + uint16_t hdr_len = get_gtp_hdr_len(data, len); + if (unlikely(hdr_len == 0)) + { + PACKET_LOG_DATA_INSUFFICIENCY(LAYER_TYPE_GTPV1_U); + return data; + } + + struct layer_record *layer = get_free_layer(handler); + if (unlikely(layer == NULL)) + { + return data; + } + uint8_t next_proto = (((const uint8_t *)(data + hdr_len))[0]) >> 4; + SET_LAYER(handler, layer, LAYER_TYPE_GTPV1_U, hdr_len, data, len); + + switch (next_proto) + { + // TESTED + case 4: + return parse_ipv4(handler, layer->pld_ptr, layer->pld_len); + // TESTED + case 6: + return parse_ipv6(handler, layer->pld_ptr, layer->pld_len); + default: + PACKET_LOG_UNSUPPORT_PROTO("gtp", next_proto); + return layer->pld_ptr; + } +} + +static inline const char *parse_l3(struct packet *handler, uint16_t next_proto, const char *data, uint16_t len) +{ + switch (next_proto) + { + // TESTED + case ETH_P_8021Q: + case ETH_P_8021AD: + return parse_vlan(handler, data, len); + // TESTED + case ETH_P_IP: + return parse_ipv4(handler, data, len); + // TESTED + case ETH_P_IPV6: + return parse_ipv6(handler, data, len); + // TESTED + case ETH_P_PPP_SES: + return parse_pppoe_ses(handler, data, len); + // TESTED + case ETH_P_MPLS_UC: + return parse_mpls(handler, data, len); + default: + // TESTED ARP + PACKET_LOG_UNSUPPORT_ETHPROTO("l3", next_proto); + return data; + } +} + +static inline const char *parse_l4(struct packet *handler, uint8_t next_proto, const char *data, uint16_t len) +{ + switch (next_proto) + { + // TESTED + case IPPROTO_TCP: + return parse_tcp(handler, data, len); + // TESTED + case IPPROTO_UDP: + return parse_udp(handler, data, len); + // TESTED + case IPPROTO_IPIP: + return parse_ipv4(handler, data, len); + // TESTED + case IPPROTO_IPV6: + return parse_ipv6(handler, data, len); + // TESTED + case IPPROTO_GRE: + return parse_gre(handler, data, len); + default: + PACKET_LOG_UNSUPPORT_IPPROTO("l4", next_proto); + return data; + } +} + +/****************************************************************************** + * Public API + ******************************************************************************/ + +// return innermost payload +const char *packet_parse(struct packet *handler, const char *data, uint16_t len) +{ + handler->layers_used = 0; + handler->layers_size = PACKET_MAX_LAYERS; + handler->data_ptr = data; + handler->data_len = len; + handler->zone_id = 0; + handler->user_data = NULL; + + // TESTED + return parse_ether(handler, data, len); +} + +void packet_print(const struct packet *handler) +{ + if (handler == NULL) + { + return; + } + + printf("packet: %p, data_ptr: %p, data_len: %u, layers_used: %u, layers_size: %u\n", + handler, handler->data_ptr, handler->data_len, + handler->layers_used, handler->layers_size); + for (uint8_t i = 0; i < handler->layers_used; i++) + { + const struct layer_record *layer = &handler->layers[i]; + printf(" layer[%u]: %p, type: %s, hdr_offset: %u, hdr_ptr: %p, hdr_len: %u, pld_ptr: %p, pld_len: %u\n", + i, layer, layer_type_tostring(layer->type), layer->hdr_offset, + layer->hdr_ptr, layer->hdr_len, layer->pld_ptr, layer->pld_len); + } +} + +// return 0 : found +// return -1 : not found +int packet_get_innermost_tuple2(const struct packet *handler, struct tuple2 *tuple) +{ + const struct layer_record *layer = NULL; + + for (int8_t i = handler->layers_used - 1; i >= 0; i--) + { + layer = &handler->layers[i]; + + if (layer->type & LAYER_TYPE_L3) + { + set_tuple2((const char *)handler->data_ptr + layer->hdr_offset, layer->type, tuple); + return 0; + } + } + + return -1; +} + +// return 0 : found +// return -1 : not found +int packet_get_outermost_tuple2(const struct packet *handler, struct tuple2 *tuple) +{ + const struct layer_record *layer = NULL; + + for (int8_t i = 0; i < handler->layers_used; i++) + { + layer = &handler->layers[i]; + + if (layer->type & LAYER_TYPE_L3) + { + set_tuple2((const char *)handler->data_ptr + layer->hdr_offset, layer->type, tuple); + return 0; + } + } + + return -1; +} + +// return 0 : found +// return -1 : not found +int packet_get_innermost_tuple4(const struct packet *handler, struct tuple4 *tuple) +{ + const struct layer_record *layer_l3 = NULL; + const struct layer_record *layer_l4 = NULL; + const struct layer_record *layer = NULL; + + for (int8_t i = handler->layers_used - 1; i >= 0; i--) + { + layer = &handler->layers[i]; + + // first get L4 layer + if (layer->type & LAYER_TYPE_L4) + { + layer_l4 = layer; + continue; + } + + // second get L3 layer + if (layer->type & LAYER_TYPE_L3) + { + layer_l3 = layer; + break; + } + } + + if (layer_l3 && layer_l4) + { + set_tuple4((const char *)handler->data_ptr + layer_l3->hdr_offset, layer_l3->type, tuple); + set_tuple4((const char *)handler->data_ptr + layer_l4->hdr_offset, layer_l4->type, tuple); + return 0; + } + else + { + return -1; + } +} + +// return 0 : found +// return -1 : not found +int packet_get_outermost_tuple4(const struct packet *handler, struct tuple4 *tuple) +{ + const struct layer_record *layer_l3 = NULL; + const struct layer_record *layer_l4 = NULL; + const struct layer_record *layer = NULL; + + for (int8_t i = 0; i < handler->layers_used; i++) + { + layer = &handler->layers[i]; + + // first get L3 layer + if (layer->type & LAYER_TYPE_L3) + { + layer_l3 = layer; + continue; + } + + // second get L4 layer + if (layer->type & LAYER_TYPE_L4) + { + layer_l4 = layer; + break; + } + } + + if (layer_l3 && layer_l4) + { + set_tuple4((const char *)handler->data_ptr + layer_l3->hdr_offset, layer_l3->type, tuple); + set_tuple4((const char *)handler->data_ptr + layer_l4->hdr_offset, layer_l4->type, tuple); + return 0; + } + else + { + return -1; + } +} + +// return 0 : found +// return -1 : not found +int packet_get_innermost_tuple6(const struct packet *handler, struct tuple6 *tuple) +{ + const struct layer_record *layer_l3 = NULL; + const struct layer_record *layer_l4 = NULL; + const struct layer_record *layer = NULL; + + for (int8_t i = handler->layers_used - 1; i >= 0; i--) + { + layer = &handler->layers[i]; + + // first get L4 layer + if (layer->type & LAYER_TYPE_L4) + { + layer_l4 = layer; + continue; + } + + // second get L3 layer + if (layer->type & LAYER_TYPE_L3) + { + layer_l3 = layer; + break; + } + } + + if (layer_l3 && layer_l4) + { + set_tuple6((const char *)handler->data_ptr + layer_l3->hdr_offset, layer_l3->type, tuple, handler->zone_id); + set_tuple6((const char *)handler->data_ptr + layer_l4->hdr_offset, layer_l4->type, tuple, handler->zone_id); + return 0; + } + else + { + return -1; + } +} + +// return 0 : found +// return -1 : not found +int packet_get_outermost_tuple6(const struct packet *handler, struct tuple6 *tuple) +{ + const struct layer_record *layer_l3 = NULL; + const struct layer_record *layer_l4 = NULL; + const struct layer_record *layer = NULL; + + for (int8_t i = 0; i < handler->layers_used; i++) + { + layer = &handler->layers[i]; + + // first get L3 layer + if (layer->type & LAYER_TYPE_L3) + { + layer_l3 = layer; + continue; + } + + // second get L4 layer + if (layer->type & LAYER_TYPE_L4) + { + layer_l4 = layer; + break; + } + } + + if (layer_l3 && layer_l4) + { + set_tuple6((const char *)handler->data_ptr + layer_l3->hdr_offset, layer_l3->type, tuple, handler->zone_id); + set_tuple6((const char *)handler->data_ptr + layer_l4->hdr_offset, layer_l4->type, tuple, handler->zone_id); + return 0; + } + else + { + return -1; + } +} + +const struct layer_record *packet_get_innermost_layer(const struct packet *handler, enum layer_type type) +{ + const struct layer_record *layer = NULL; + + for (int8_t i = handler->layers_used - 1; i >= 0; i--) + { + layer = &handler->layers[i]; + if (layer->type & type) + { + return layer; + } + } + + return NULL; +} + +const struct layer_record *packet_get_outermost_layer(const struct packet *handler, enum layer_type type) +{ + const struct layer_record *layer = NULL; + + for (int8_t i = 0; i < handler->layers_used; i++) + { + layer = &handler->layers[i]; + if (layer->type & type) + { + return layer; + } + } + + return NULL; +} + +// direction 1: E2I +// direction 0: I2E +uint64_t packet_get_hash(const struct packet *handler, enum ldbc_method method, int direction) +{ + uint64_t temp = 0; + uint64_t hash_value = 1; + + int inner_addr_len = 0; + int outer_addr_len = 0; + const char *inner_src_addr = NULL; + const char *inner_dst_addr = NULL; + const char *outer_src_addr = NULL; + const char *outer_dst_addr = NULL; + + struct tuple2 inner_addr; + struct tuple2 outer_addr; + + if (handler == NULL) + { + return hash_value; + } + + if (packet_get_innermost_tuple2(handler, &inner_addr) == -1) + { + return hash_value; + } + + if (packet_get_outermost_tuple2(handler, &outer_addr) == -1) + { + return hash_value; + } + + if (inner_addr.ip_type == IP_TYPE_V4) + { + inner_src_addr = (const char *)&inner_addr.src_addr.v4; + inner_dst_addr = (const char *)&inner_addr.dst_addr.v4; + inner_addr_len = sizeof(struct in_addr); + } + else + { + inner_src_addr = (const char *)&inner_addr.src_addr.v6; + inner_dst_addr = (const char *)&inner_addr.dst_addr.v6; + inner_addr_len = sizeof(struct in6_addr); + } + + if (outer_addr.ip_type == IP_TYPE_V4) + { + outer_src_addr = (const char *)&outer_addr.src_addr.v4; + outer_dst_addr = (const char *)&outer_addr.dst_addr.v4; + outer_addr_len = sizeof(struct in_addr); + } + else + { + outer_src_addr = (const char *)&outer_addr.src_addr.v6; + outer_dst_addr = (const char *)&outer_addr.dst_addr.v6; + outer_addr_len = sizeof(struct in6_addr); + } + + switch (method) + { + case LDBC_METHOD_HASH_INT_IP: + if (direction) + { + // direction 1: E2I + HASH_VALUE(outer_dst_addr, outer_addr_len, hash_value); + } + else + { + // direction 0: I2E + HASH_VALUE(outer_src_addr, outer_addr_len, hash_value); + } + break; + case LDBC_METHOD_HASH_EXT_IP: + if (direction) + { + // direction 1: E2I + HASH_VALUE(outer_src_addr, outer_addr_len, hash_value); + } + else + { + // direction 0: I2E + HASH_VALUE(outer_dst_addr, outer_addr_len, hash_value); + } + break; + case LDBC_METHOD_HASH_INT_IP_AND_EXT_IP: + HASH_VALUE(outer_src_addr, outer_addr_len, hash_value); + HASH_VALUE(outer_dst_addr, outer_addr_len, temp); + hash_value = hash_value ^ temp; + break; + case LDBC_METHOD_HASH_INNERMOST_INT_IP: + if (direction) + { + // direction 1: E2I + HASH_VALUE(inner_dst_addr, inner_addr_len, hash_value); + } + else + { + // direction 0: I2E + HASH_VALUE(inner_src_addr, inner_addr_len, hash_value); + } + break; + case LDBC_METHOD_HASH_INNERMOST_EXT_IP: + if (direction) + { + // direction 1: E2I + HASH_VALUE(inner_src_addr, inner_addr_len, hash_value); + } + else + { + // direction 0: I2E + HASH_VALUE(inner_dst_addr, inner_addr_len, hash_value); + } + break; + default: + return hash_value; + } + + return hash_value; +} diff --git a/common/src/tfe_addr_tuple4.cpp b/common/src/tfe_addr_tuple4.cpp deleted file mode 100644 index 24653a6..0000000 --- a/common/src/tfe_addr_tuple4.cpp +++ /dev/null @@ -1,57 +0,0 @@ -#include -#include -#include - -#include "tfe_addr_tuple4.h" - -char *addr_tuple4_to_str(const struct addr_tuple4 *addr) -{ - char *str_ret = NULL; - - if (addr->addr_type == ADDR_TUPLE4_TYPE_V4) - { - char src_addr[INET_ADDRSTRLEN] = {0}; - char dst_addr[INET_ADDRSTRLEN] = {0}; - uint16_t src_port = ntohs((uint16_t)addr->src_port); - uint16_t dst_port = ntohs((uint16_t)addr->dst_port); - inet_ntop(AF_INET, &addr->addr_v4.src_addr, src_addr, sizeof(src_addr)); - inet_ntop(AF_INET, &addr->addr_v4.dst_addr, dst_addr, sizeof(dst_addr)); - asprintf(&str_ret, "%s %u %s %u", src_addr, src_port, dst_addr, dst_port); - } - - if (addr->addr_type == ADDR_TUPLE4_TYPE_V6) - { - char src_addr[INET6_ADDRSTRLEN] = {0}; - char dst_addr[INET6_ADDRSTRLEN] = {0}; - uint16_t src_port = ntohs((uint16_t)addr->src_port); - uint16_t dst_port = ntohs((uint16_t)addr->dst_port); - inet_ntop(AF_INET6, &addr->addr_v6.src_addr, src_addr, sizeof(src_addr)); - inet_ntop(AF_INET6, &addr->addr_v6.dst_addr, dst_addr, sizeof(dst_addr)); - asprintf(&str_ret, "%s %u %s %u", src_addr, src_port, dst_addr, dst_port); - } - - return str_ret; -} - -void addr_tuple4_reverse(const struct addr_tuple4 *orin, struct addr_tuple4 *out) -{ - memset(out, 0, sizeof(struct addr_tuple4)); - - if (orin->addr_type == ADDR_TUPLE4_TYPE_V4) - { - out->addr_type = ADDR_TUPLE4_TYPE_V4; - out->addr_v4.src_addr = orin->addr_v4.dst_addr; - out->addr_v4.dst_addr = orin->addr_v4.src_addr; - out->src_port = orin->dst_port; - out->dst_port = orin->src_port; - } - - if (orin->addr_type == ADDR_TUPLE4_TYPE_V6) - { - out->addr_type = ADDR_TUPLE4_TYPE_V6; - out->addr_v6.src_addr = orin->addr_v6.dst_addr; - out->addr_v6.dst_addr = orin->addr_v6.src_addr; - out->src_port = orin->dst_port; - out->dst_port = orin->src_port; - } -} \ No newline at end of file diff --git a/common/src/tfe_packet_io.cpp b/common/src/tfe_packet_io.cpp index 7c34912..00918b0 100644 --- a/common/src/tfe_packet_io.cpp +++ b/common/src/tfe_packet_io.cpp @@ -1,7 +1,6 @@ #include #include #include -#include #include #include #include @@ -18,7 +17,9 @@ #include #include "tfe_ctrl_packet.h" -#include "tfe_raw_packet.h" +#include "packet.h" +#include "ipv4_helpers.h" +#include "tcp_helpers.h" #include "io_uring.h" #include "tfe_packet_io_fs.h" #include "tfe_cmsg.h" @@ -31,7 +32,8 @@ #include "tfe_session_table.h" #include "tfe_packet_io.h" #include "tfe_fieldstat.h" - +#include "dablooms.h" +#include "timestamp.h" /****************************************************************************** * Struct @@ -134,10 +136,87 @@ struct metadata struct route_ctx route_ctx; }; +struct packet_identify +{ + // TCP + uint32_t tcp_seq; + uint32_t tcp_ack; + uint16_t sport; + uint16_t dport; + uint16_t tcp_checksum; + + // IPv4 + uint16_t ip_id; + uint32_t ip_src; + uint32_t ip_dst; +} __attribute__((__packed__)); + extern int tcp_policy_enforce(struct tcp_policy_enforcer *tcp_enforcer, struct tfe_cmsg *cmsg); extern int tfe_proxy_fds_accept(struct tfe_proxy * ctx, int fd_downstream, int fd_upstream, int fd_fake_c, int fd_fake_s, struct tfe_cmsg * cmsg); extern void chaining_policy_enforce(struct chaining_policy_enforcer *enforcer, struct tfe_cmsg *cmsg, uint64_t rule_id); +/****************************************************************************** + * dup packet filter + ******************************************************************************/ + +// return 0: success +// reutrn -1: error +static int get_packet_identify(struct packet *packet, struct packet_identify *key) +{ + const struct layer_record *l3_layer_record = packet_get_innermost_layer(packet, LAYER_TYPE_IPV4); + if (l3_layer_record == NULL) + { + return -1; + } + const struct layer_record *l4_layer_record = packet_get_innermost_layer(packet, LAYER_TYPE_TCP); + if (l4_layer_record == NULL) + { + return -1; + } + + const struct ip *iphdr = (const struct ip *)l3_layer_record->hdr_ptr; + const struct tcphdr *tcphdr = (const struct tcphdr *)l4_layer_record->hdr_ptr; + memset(key, 0, sizeof(struct packet_identify)); + key->tcp_seq = tcp_hdr_get_seq(tcphdr); + key->tcp_ack = tcp_hdr_get_ack(tcphdr); + key->sport = tcp_hdr_get_sport(tcphdr); + key->dport = tcp_hdr_get_dport(tcphdr); + key->tcp_checksum = tcp_hdr_get_checksum(tcphdr); + key->ip_id = ipv4_hdr_get_ipid(iphdr); + key->ip_src = ipv4_hdr_get_src(iphdr); + key->ip_dst = ipv4_hdr_get_dst(iphdr); + return 0; +} + +static void add_packet_to_dablooms(struct packet *packet, struct expiry_dablooms_handle *handle) +{ + struct packet_identify identify; + if (get_packet_identify(packet, &identify) == -1) + { + return; + } + + expiry_dablooms_add(handle, (const char *)&identify, sizeof(struct packet_identify), timestamp_get_sec()); +} + +// return 1: hit +// reutrn 0: no hit +static int search_packet_from_dablooms(struct packet *packet, struct expiry_dablooms_handle *handle) +{ + struct packet_identify identify; + if (get_packet_identify(packet, &identify) == -1) + { + return 0; + } + + if (expiry_dablooms_search(handle, (const char *)&identify, sizeof(struct packet_identify), timestamp_get_sec()) == 1) + { + return 1; + } + + return 0; +} + /****************************************************************************** * STATIC ******************************************************************************/ @@ -224,12 +303,6 @@ static void session_ctx_free(struct session_ctx *ctx) { if (ctx) { - if (ctx->session_addr) - { - free(ctx->session_addr); - ctx->session_addr = NULL; - } - if (ctx->cmsg) { tfe_cmsg_destroy(&ctx->cmsg); @@ -449,9 +522,9 @@ static int tcp_restore_set_from_cmsg(struct tfe_cmsg *cmsg, struct tcp_restore_i return 0; } -static int tcp_restore_set_from_pkg(struct addr_tuple4 *tuple4, struct tcp_restore_info *restore_info) +static int tcp_restore_set_from_pkg(struct tuple4 *tuple4, struct tcp_restore_info *restore_info) { - if (tuple4->addr_type == ADDR_TUPLE4_TYPE_V4) + if (tuple4->ip_type == IP_TYPE_V4) { struct sockaddr_in *in_addr_client; struct sockaddr_in *in_addr_server; @@ -468,15 +541,15 @@ static int tcp_restore_set_from_pkg(struct addr_tuple4 *tuple4, struct tcp_resto } in_addr_client->sin_family = AF_INET; - in_addr_client->sin_addr = tuple4->addr_v4.src_addr; + in_addr_client->sin_addr = tuple4->src_addr.v4; in_addr_client->sin_port = tuple4->src_port; in_addr_server->sin_family = AF_INET; - in_addr_server->sin_addr = tuple4->addr_v4.dst_addr; + in_addr_server->sin_addr = tuple4->dst_addr.v4; in_addr_server->sin_port = tuple4->dst_port; } - if (tuple4->addr_type == ADDR_TUPLE4_TYPE_V6) + if (tuple4->ip_type == IP_TYPE_V6) { struct sockaddr_in6 *in6_addr_client; struct sockaddr_in6 *in6_addr_server; @@ -493,11 +566,11 @@ static int tcp_restore_set_from_pkg(struct addr_tuple4 *tuple4, struct tcp_resto } in6_addr_client->sin6_family = AF_INET6; - in6_addr_client->sin6_addr = tuple4->addr_v6.src_addr; + in6_addr_client->sin6_addr = tuple4->src_addr.v6; in6_addr_client->sin6_port = tuple4->src_port; in6_addr_server->sin6_family = AF_INET6; - in6_addr_server->sin6_addr = tuple4->addr_v6.dst_addr; + in6_addr_server->sin6_addr = tuple4->dst_addr.v6; in6_addr_server->sin6_port = tuple4->dst_port; } @@ -997,6 +1070,34 @@ static void packet_io_send_fake_pkt(struct packet_io_thread_ctx *thread, struct marsio_send_burst_with_options(packet_io->dev_nf_interface.mr_path, thread->thread_index, tx_buffs, 3, MARSIO_SEND_OPT_REHASH); } +int raw_traffic_decapsulate(struct packet *handler, const char *raw_data, int raw_len, char **header, int *header_len, int *is_ipv4) +{ + const struct layer_record *l2_tun_layer_record = NULL; + const struct layer_record *l3_layer_record = NULL; + const struct layer_record *l4_layer_record = NULL; + + l4_layer_record = packet_get_innermost_layer(handler, LAYER_TYPE_L4); + if (l4_layer_record == NULL) + return -1; + + if (l4_layer_record->type != LAYER_TYPE_TCP) + return -1; + + l3_layer_record = packet_get_innermost_layer(handler, LAYER_TYPE_L3); + if (l3_layer_record == NULL) + return -1; + + *is_ipv4 = l3_layer_record->type == LAYER_TYPE_IPV4 ? 1 : 0; + l2_tun_layer_record = packet_get_innermost_layer(handler, LAYER_TYPE_L2_TUN); + if (l2_tun_layer_record == NULL) + return -1; + + *header_len = l3_layer_record->hdr_offset; + *header = (char *)calloc(*header_len, sizeof(char)); + memcpy(*header, raw_data, *header_len); + return 0; +} + // return 0 : success // return -1 : error static int handle_session_opening(struct metadata *meta, struct ctrl_pkt_parser *parser, int thread_seq, void *ctx) @@ -1021,7 +1122,7 @@ static int handle_session_opening(struct metadata *meta, struct ctrl_pkt_parser uint8_t enable_decrypted_traffic_steering = 0; struct ethhdr *ether_hdr = NULL; struct session_ctx *s_ctx = NULL; - struct addr_tuple4 inner_tuple4; + struct tuple4 inner_tuple4; struct tcp_restore_info restore_info; memset(&inner_tuple4, 0, sizeof(inner_tuple4)); memset(&restore_info, 0, sizeof(restore_info)); @@ -1031,15 +1132,14 @@ static int handle_session_opening(struct metadata *meta, struct ctrl_pkt_parser struct packet_io_fs *packet_io_fs = thread->ret_fs_state; void * logger = thread->logger; - struct raw_pkt_parser raw_parser; - raw_packet_parser_init(&raw_parser, meta->session_id, LAYER_TYPE_ALL, 8); - const void *payload = raw_packet_parser_parse(&raw_parser, (const void *)meta->raw_data, meta->raw_len, logger); + struct packet pkt; + const void *payload = packet_parse(&pkt, (const char *)meta->raw_data, meta->raw_len); if ((char *)payload - meta->raw_data != meta->l7offset) { uint16_t offset = (char *)payload - meta->raw_data; TFE_LOG_ERROR(logger, "%s: incorrect dataoffset in the control zone of session %lu, offset:%u, l7offset:%u, payload:%p, raw_data:%p", LOG_TAG_PKTIO, meta->session_id, offset, meta->l7offset, payload, meta->raw_data); } - raw_packet_parser_get_most_inner_tuple4(&raw_parser, &inner_tuple4, logger); + packet_get_innermost_tuple4(&pkt, &inner_tuple4); tfe_cmsg_get_value(parser->cmsg, TFE_CMSG_TCP_RESTORE_PROTOCOL, (unsigned char *)&stream_protocol_in_char, sizeof(stream_protocol_in_char), &size); uint64_t rule_id = 0; @@ -1161,7 +1261,7 @@ passthrough: s_ctx->protocol = stream_protocol_in_char; s_ctx->ref_thread_ctx = thread; s_ctx->session_id = meta->session_id; - s_ctx->session_addr = addr_tuple4_to_str(&inner_tuple4); + tuple4_tostring(&inner_tuple4, s_ctx->session_addr, sizeof(s_ctx->session_addr)); s_ctx->cmsg = parser->cmsg; s_ctx->is_passthrough = is_passthrough; metadata_deep_copy(s_ctx->ctrl_meta, meta); @@ -1176,7 +1276,7 @@ passthrough: // s2c s_ctx->s2c_info.is_e2i_dir = !meta->is_e2i_dir; - addr_tuple4_reverse(&inner_tuple4, &s_ctx->s2c_info.tuple4); + tuple4_reverse(&inner_tuple4, &s_ctx->s2c_info.tuple4); s_ctx->policy_ids = parser->tfe_policy_ids[0]; @@ -1184,9 +1284,9 @@ passthrough: route_ctx_copy(&s_ctx->ctrl_meta->route_ctx, &meta->route_ctx); if (parser->seq_len > 0) - raw_traffic_decapsulate(&raw_parser, parser->seq_header, parser->seq_len, &s_ctx->c2s_info.header_data, &s_ctx->c2s_info.header_len, &s_ctx->c2s_info.is_ipv4); + raw_traffic_decapsulate(&pkt, parser->seq_header, parser->seq_len, &s_ctx->c2s_info.header_data, &s_ctx->c2s_info.header_len, &s_ctx->c2s_info.is_ipv4); if (parser->ack_len > 0) - raw_traffic_decapsulate(&raw_parser, parser->ack_header, parser->ack_len, &s_ctx->s2c_info.header_data, &s_ctx->s2c_info.header_len, &s_ctx->s2c_info.is_ipv4); + raw_traffic_decapsulate(&pkt, parser->ack_header, parser->ack_len, &s_ctx->s2c_info.header_data, &s_ctx->s2c_info.header_len, &s_ctx->s2c_info.is_ipv4); if (s_ctx->c2s_info.is_e2i_dir) { sids_copy(&s_ctx->raw_meta_e2i->sids, &parser->seq_sids); @@ -1350,6 +1450,20 @@ static int handle_raw_packet_from_nf(struct packet_io *handle, marsio_buff_t *rx return -1; } + if (thread->ref_acceptor_ctx->dup_packet_filter_enable == 1) + { + struct packet packet; + packet_parse(&packet, (const char *)raw_data, raw_len); + if (search_packet_from_dablooms(&packet, thread->dup_packet_filter) == 1) + { + throughput_metrics_inc(&packet_io_fs->raw_pkt_rx, 1, raw_len); + throughput_metrics_inc(&packet_io_fs->raw_bypass, 1, raw_len); + throughput_metrics_inc(&packet_io_fs->dup_bypass, 1, raw_len); + marsio_send_burst(handle->dev_nf_interface.mr_path, thread_seq, &rx_buff, 1); + return -1; + } + } + struct session_node *node = session_table_search_by_id(thread->session_table, meta.session_id); if (node == NULL) { throughput_metrics_inc(&packet_io_fs->raw_pkt_rx, 1, raw_len); @@ -1357,17 +1471,20 @@ static int handle_raw_packet_from_nf(struct packet_io *handle, marsio_buff_t *rx if (thread->ref_acceptor_ctx->debug) { - struct addr_tuple4 inner_addr; - struct raw_pkt_parser raw_parser; - memset(&inner_addr, 0, sizeof(struct addr_tuple4)); - raw_packet_parser_init(&raw_parser, 0, LAYER_TYPE_ALL, 8); - raw_packet_parser_parse(&raw_parser, (const void *)raw_data, raw_len, logger); - raw_packet_parser_get_most_inner_tuple4(&raw_parser, &inner_addr, logger); - uint16_t ipid = raw_packet_parser_get_most_inner_ipid(&raw_parser); - - char *str = addr_tuple4_to_str(&inner_addr); - TFE_LOG_ERROR(logger, "packet from nf %lu: %s (ipid: %u) miss session table", meta.session_id, str, ipid); - free(str); + struct tuple4 inner_addr; + struct packet pkt; + memset(&inner_addr, 0, sizeof(struct tuple4)); + packet_parse(&pkt, (const char *)raw_data, raw_len); + packet_get_innermost_tuple4(&pkt, &inner_addr); + uint16_t ipid = 0; + const struct layer_record *ipv4_layer = packet_get_innermost_layer(&pkt, LAYER_TYPE_IPV4); + if (ipv4_layer) + { + ipid = ipv4_hdr_get_ipid((const struct ip *)ipv4_layer->hdr_ptr); + } + char buffer[128] = {0}; + tuple4_tostring(&inner_addr, buffer, sizeof(buffer)); + TFE_LOG_ERROR(logger, "packet from nf %lu: %s (ipid: %u) miss session table", meta.session_id, buffer, ipid); } marsio_send_burst(handle->dev_nf_interface.mr_path, thread_seq, &rx_buff, 1); @@ -1759,17 +1876,20 @@ int packet_io_polling_nf_interface(struct packet_io *handle, int thread_seq, voi if (thread->ref_acceptor_ctx->debug) { - struct addr_tuple4 inner_addr; - struct raw_pkt_parser raw_parser; - memset(&inner_addr, 0, sizeof(struct addr_tuple4)); - raw_packet_parser_init(&raw_parser, 0, LAYER_TYPE_ALL, 8); - raw_packet_parser_parse(&raw_parser, (const void *)raw_data, raw_len, thread->logger); - raw_packet_parser_get_most_inner_tuple4(&raw_parser, &inner_addr, thread->logger); - uint16_t ipid = raw_packet_parser_get_most_inner_ipid(&raw_parser); - - char *str = addr_tuple4_to_str(&inner_addr); - TFE_LOG_DEBUG(thread->logger, "recv packet %s (ipid: %u)", str, ipid); - free(str); + struct tuple4 inner_addr; + struct packet pkt; + memset(&inner_addr, 0, sizeof(struct tuple4)); + packet_parse(&pkt, (const char *)raw_data, raw_len); + packet_get_innermost_tuple4(&pkt, &inner_addr); + uint16_t ipid = 0; + const struct layer_record *ipv4_layer = packet_get_innermost_layer(&pkt, LAYER_TYPE_IPV4); + if (ipv4_layer) + { + ipid = ipv4_hdr_get_ipid((const struct ip *)ipv4_layer->hdr_ptr); + } + char buffer[128] = {0}; + tuple4_tostring(&inner_addr, buffer, sizeof(buffer)); + TFE_LOG_DEBUG(thread->logger, "recv packet %s (ipid: %u)", buffer, ipid); } if (marsio_buff_is_ctrlbuf(rx_buff)) @@ -1798,14 +1918,13 @@ void handle_decryption_packet_from_tap(const char *data, int len, void *args) struct acceptor_kni_v4 *acceptor_ctx = thread->ref_acceptor_ctx; struct packet_io *packet_io = thread->ref_io; struct packet_io_fs *packet_io_fs = thread->ret_fs_state; - struct addr_tuple4 inner_addr; - struct raw_pkt_parser raw_parser; + struct tuple4 inner_addr; + struct packet pkt; void * logger = thread->logger; - memset(&inner_addr, 0, sizeof(struct addr_tuple4)); - raw_packet_parser_init(&raw_parser, 0, LAYER_TYPE_ALL, 8); - raw_packet_parser_parse(&raw_parser, (const void *)data, len, logger); - raw_packet_parser_get_most_inner_tuple4(&raw_parser, &inner_addr, logger); + memset(&inner_addr, 0, sizeof(struct tuple4)); + packet_parse(&pkt, (const char *)data, len); + packet_get_innermost_tuple4(&pkt, &inner_addr); throughput_metrics_inc(&packet_io_fs->decrypt_rx, 1, len); @@ -1813,10 +1932,15 @@ void handle_decryption_packet_from_tap(const char *data, int len, void *args) if (node == NULL) { if (thread->ref_acceptor_ctx->debug) { - char *str = addr_tuple4_to_str(&inner_addr); - uint16_t ipid = raw_packet_parser_get_most_inner_ipid(&raw_parser); - TFE_LOG_ERROR(logger, "decypted packet from tap %s (ipid: %u) miss session table", str, ipid); - free(str); + char buffer[128] = {0}; + tuple4_tostring(&inner_addr, buffer, sizeof(buffer)); + int16_t ipid = 0; + const struct layer_record *ipv4_layer = packet_get_innermost_layer(&pkt, LAYER_TYPE_IPV4); + if (ipv4_layer) + { + ipid = ipv4_hdr_get_ipid((const struct ip *)ipv4_layer->hdr_ptr); + } + TFE_LOG_ERROR(logger, "decypted packet from tap %s (ipid: %u) miss session table", buffer, ipid); } throughput_metrics_inc(&packet_io_fs->decrypt_rxdrop, 1, len); @@ -1847,7 +1971,7 @@ void handle_decryption_packet_from_tap(const char *data, int len, void *args) meta.sids.elems[0] = acceptor_ctx->sce_sids; meta.sids.elems[1] = acceptor_ctx->proxy_sids; - if (memcmp(&inner_addr, &s_ctx->c2s_info.tuple4, sizeof(struct addr_tuple4)) == 0) { + if (memcmp(&inner_addr, &s_ctx->c2s_info.tuple4, sizeof(struct tuple4)) == 0) { meta.is_e2i_dir = s_ctx->c2s_info.is_e2i_dir; throughput_metrics_inc(&packet_io_fs->tap_c_pkt_rx, 1, len); } @@ -1876,8 +2000,8 @@ void handle_raw_packet_from_tap(const char *data, int len, void *args) struct packet_io_thread_ctx *thread = (struct packet_io_thread_ctx *)args; struct packet_io *packet_io = thread->ref_io; struct packet_io_fs *packet_io_fs = thread->ret_fs_state; - struct addr_tuple4 inner_addr; - struct raw_pkt_parser raw_parser; + struct tuple4 inner_addr; + struct packet pkt; struct metadata meta = {0}; void * logger = thread->logger; char *dst = NULL; @@ -1885,10 +2009,9 @@ void handle_raw_packet_from_tap(const char *data, int len, void *args) int header_len = 0; int packet_len = 0; - memset(&inner_addr, 0, sizeof(struct addr_tuple4)); - raw_packet_parser_init(&raw_parser, 0, LAYER_TYPE_ALL, 8); - raw_packet_parser_parse(&raw_parser, (const void *)data, len, logger); - raw_packet_parser_get_most_inner_tuple4(&raw_parser, &inner_addr, logger); + memset(&inner_addr, 0, sizeof(struct tuple4)); + packet_parse(&pkt, (const char *)data, len); + packet_get_innermost_tuple4(&pkt, &inner_addr); throughput_metrics_inc(&packet_io_fs->tap_pkt_rx, 1, len); @@ -1898,10 +2021,15 @@ void handle_raw_packet_from_tap(const char *data, int len, void *args) if (thread->ref_acceptor_ctx->debug) { - char *str = addr_tuple4_to_str(&inner_addr); - uint16_t ipid = raw_packet_parser_get_most_inner_ipid(&raw_parser); - TFE_LOG_ERROR(logger, "raw packet from tap %s (ipid: %u) miss session table", str, ipid); - free(str); + char buffer[128] = {0}; + tuple4_tostring(&inner_addr, buffer, sizeof(buffer)); + uint16_t ipid = 0; + const struct layer_record *ipv4_layer = packet_get_innermost_layer(&pkt, LAYER_TYPE_IPV4); + if (ipv4_layer) + { + ipid = ipv4_hdr_get_ipid((const struct ip *)ipv4_layer->hdr_ptr); + } + TFE_LOG_ERROR(logger, "raw packet from tap %s (ipid: %u) miss session table", buffer, ipid); } return; @@ -1917,7 +2045,7 @@ void handle_raw_packet_from_tap(const char *data, int len, void *args) return; } - if (memcmp(&inner_addr, &s_ctx->c2s_info.tuple4, sizeof(struct addr_tuple4)) == 0) + if (memcmp(&inner_addr, &s_ctx->c2s_info.tuple4, sizeof(struct tuple4)) == 0) { meta.is_e2i_dir = s_ctx->c2s_info.is_e2i_dir; src_mac = s_ctx->client_mac; @@ -1967,5 +2095,11 @@ void handle_raw_packet_from_tap(const char *data, int len, void *args) packet_io_set_metadata(tx_buffs[0], &meta, logger); add_ether_header(dst, src_mac, dst_mac); throughput_metrics_inc(&packet_io_fs->raw_pkt_tx, 1, packet_len); + + if (thread->ref_acceptor_ctx->dup_packet_filter_enable == 1) + { + add_packet_to_dablooms(&pkt, thread->dup_packet_filter); + } + marsio_send_burst_with_options(packet_io->dev_nf_interface.mr_path, thread->thread_index, tx_buffs, 1, MARSIO_SEND_OPT_REHASH); } \ No newline at end of file diff --git a/common/src/tfe_packet_io_fs.cpp b/common/src/tfe_packet_io_fs.cpp index 42427e5..e1aa514 100644 --- a/common/src/tfe_packet_io_fs.cpp +++ b/common/src/tfe_packet_io_fs.cpp @@ -19,6 +19,9 @@ enum PACKET_IO_STAT_FIELD STAT_DECRYPTED_RX_PKT, STAT_DECRYPTED_RX_B, + STAT_DUP_PKT_BYPASS_PKT, + STAT_DUP_PKT_BYPASS_B, + STAT_RAW_PKT_BYPASS_PKT, STAT_RAW_PKT_BYPASS_B, @@ -81,6 +84,9 @@ static const char *stat_map[] = [STAT_DECRYPTED_RX_PKT] = "decrypt_rx_pkt", [STAT_DECRYPTED_RX_B] = "decrypt_rx_B", + [STAT_DUP_PKT_BYPASS_PKT] = "dup_bypass_pkt", + [STAT_DUP_PKT_BYPASS_B] = "dup_bypass_B", + [STAT_RAW_PKT_BYPASS_PKT] = "raw_bypass_pkt", [STAT_RAW_PKT_BYPASS_B] = "raw_bypass_B", @@ -185,6 +191,9 @@ void packet_io_fs_dump(struct packet_io_fs *handle) FS_operate(handle->fs_handle, handle->fs_id[STAT_DECRYPTED_RX_PKT], 0, FS_OP_SET, __atomic_fetch_add(&(handle->decrypt_rx.n_pkts), 0, __ATOMIC_RELAXED)); FS_operate(handle->fs_handle, handle->fs_id[STAT_DECRYPTED_RX_B], 0, FS_OP_SET, __atomic_fetch_add(&(handle->decrypt_rx.n_bytes), 0, __ATOMIC_RELAXED)); + FS_operate(handle->fs_handle, handle->fs_id[STAT_DUP_PKT_BYPASS_PKT], 0, FS_OP_SET, __atomic_fetch_add(&(handle->dup_bypass.n_pkts), 0, __ATOMIC_RELAXED)); + FS_operate(handle->fs_handle, handle->fs_id[STAT_DUP_PKT_BYPASS_B], 0, FS_OP_SET, __atomic_fetch_add(&(handle->dup_bypass.n_pkts), 0, __ATOMIC_RELAXED)); + FS_operate(handle->fs_handle, handle->fs_id[STAT_RAW_PKT_BYPASS_PKT], 0, FS_OP_SET, __atomic_fetch_add(&(handle->raw_bypass.n_pkts), 0, __ATOMIC_RELAXED)); FS_operate(handle->fs_handle, handle->fs_id[STAT_RAW_PKT_BYPASS_B], 0, FS_OP_SET, __atomic_fetch_add(&(handle->raw_bypass.n_bytes), 0, __ATOMIC_RELAXED)); diff --git a/common/src/tfe_raw_packet.cpp b/common/src/tfe_raw_packet.cpp deleted file mode 100644 index 04cbc93..0000000 --- a/common/src/tfe_raw_packet.cpp +++ /dev/null @@ -1,1126 +0,0 @@ -#include -#include -#include -#include - -#include -#include -#define __FAVOR_BSD 1 -#include -#include -#include - -#include "tfe_utils.h" -#include "uthash.h" -#include "tfe_addr_tuple4.h" -#include "tfe_raw_packet.h" - -/****************************************************************************** - * Struct - ******************************************************************************/ - -enum parse_status -{ - PARSE_STATUS_CONTINUE, - PARSE_STATUS_STOP -}; - -struct vlan_hdr -{ - uint16_t vlan_cfi; - uint16_t protocol; -} __attribute__((__packed__)); - -struct vxlan_hdr -{ - uint8_t flags[2]; - uint16_t gdp; // group policy id - uint8_t vni[3]; - uint8_t reserved; -} __attribute__((__packed__)); - -struct gtp_hdr -{ -#if __BYTE_ORDER == __LITTLE_ENDIAN - unsigned char flags; - unsigned char msg_type; - unsigned short len; - unsigned int teid; -#elif __BYTE_ORDER == __BIG_ENDIAN - unsigned int teid; - unsigned short len; - unsigned char msg_type; - unsigned char flags; -#else -#error "Please check " -#endif -} __attribute__((__packed__)); - -#define GTP_HDR_VER_MASK (0xE0) -#define GTP_HDR_FLAG_N_PDU (0x01) -#define GTP_HDR_FLAG_SEQ_NUM (0x02) -#define GTP_HDR_FLAG_NEXT_EXT_HDR (0x04) - -/****************************************************************************** - * Static API - ******************************************************************************/ - -static inline int raw_packet_parser_push(struct raw_pkt_parser *handler, enum layer_type type, uint16_t offset); -static inline enum parse_status raw_packet_parser_status(struct raw_pkt_parser *handler, const void *data, enum layer_type this_type); - -static const char *ldbc_method_to_string(enum ldbc_method ldbc_method); - -// parser utils -static void set_addr_tuple4(const void *data, enum layer_type layer_type, struct addr_tuple4 *addr); -static const char *layer_type2str(enum layer_type this_type); -static uint16_t parse_gtphdr_len(const struct gtp_hdr *gtph); - -// parser protocol -static inline const void *parse_ether(struct raw_pkt_parser *handler, const void *data, size_t length, enum layer_type this_type, void *logger); -static inline const void *parse_ipv4(struct raw_pkt_parser *handler, const void *data, size_t length, enum layer_type this_type, void *logger); -static inline const void *parse_ipv6(struct raw_pkt_parser *handler, const void *data, size_t length, enum layer_type this_type, void *logger); -static inline const void *parse_tcp(struct raw_pkt_parser *handler, const void *data, size_t length, enum layer_type this_type, void *logger); -static inline const void *parse_udp(struct raw_pkt_parser *handler, const void *data, size_t length, enum layer_type this_type, void *logger); -static inline const void *parse_pppoe_ses(struct raw_pkt_parser *handler, const void *data, size_t length, enum layer_type this_type, void *logger); -static inline const void *parse_vxlan(struct raw_pkt_parser *handler, const void *data, size_t length, enum layer_type this_type, void *logger); -static inline const void *parse_vlan8021q(struct raw_pkt_parser *handler, const void *data, size_t length, enum layer_type this_type, void *logger); -static inline const void *parse_gtpv1_u(struct raw_pkt_parser *handler, const void *data, size_t length, enum layer_type this_type, void *logger); -static inline const void *parse_mpls(struct raw_pkt_parser *handler, const void *data, size_t length, enum layer_type this_type, void *logger); - -/****************************************************************************** - * Public API - ******************************************************************************/ - -void raw_packet_parser_init(struct raw_pkt_parser *handler, uint64_t pkt_trace_id, enum layer_type expect_type, uint16_t expect_results_num) -{ - memset(handler, 0, sizeof(struct raw_pkt_parser)); - - handler->expect_type = expect_type; - handler->results.layers_used = 0; - handler->results.layers_size = MIN(expect_results_num, (sizeof(handler->results.layers) / sizeof(handler->results.layers[0]))); - handler->ptr_pkt_start = NULL; - handler->pkt_trace_id = pkt_trace_id; -} - -// return most inner payload -const void *raw_packet_parser_parse(struct raw_pkt_parser *handler, const void *data, size_t length, void *logger) -{ - handler->ptr_pkt_start = data; - - // TESTED - return parse_ether(handler, data, length, LAYER_TYPE_ETHER, logger); -} - -// return 0 : success -// return -1 : error -int raw_packet_parser_get_most_inner_tuple4(struct raw_pkt_parser *handler, struct addr_tuple4 *addr, void *logger) -{ - const char *l3_layer_data = NULL; - const char *l4_layer_data = NULL; - const struct layer_result *l3_layer_result = NULL; - const struct layer_result *l4_layer_result = NULL; - struct layer_results *results = &handler->results; - - // search L4 layer and L3 layer in reverse order - for (int8_t i = results->layers_used - 1; i >= 0; i--) - { - const struct layer_result *layer = &results->layers[i]; - enum layer_type type = layer->type; - - TFE_LOG_DEBUG(logger, "%s: find most inner tuple4, pkt_trace_id: %lu, layer[%d/%d]: %s", LOG_TAG_RAWPKT, handler->pkt_trace_id, i, results->layers_size, layer_type2str(type)); - - // first get L4 layer - if (type & LAYER_TYPE_L4) - { - l4_layer_result = layer; - continue; - } - - // second get L3 layer - if (type & LAYER_TYPE_L3) - { - l3_layer_result = layer; - break; - } - } - - if (l3_layer_result) - { - l3_layer_data = (const char *)handler->ptr_pkt_start + l3_layer_result->offset; - set_addr_tuple4(l3_layer_data, l3_layer_result->type, addr); - } - - if (l4_layer_result) - { - l4_layer_data = (const char *)handler->ptr_pkt_start + l4_layer_result->offset; - set_addr_tuple4(l4_layer_data, l4_layer_result->type, addr); - } - - if (l3_layer_result && l4_layer_result) - { - return 0; - } - else - { - return -1; - } -} - -// return 0 : success -// return -1 : error -int raw_packet_parser_get_most_outer_tuple4(struct raw_pkt_parser *handler, struct addr_tuple4 *addr, void *logger) -{ - const char *l3_layer_data = NULL; - const char *l4_layer_data = NULL; - const struct layer_result *l3_layer_result = NULL; - const struct layer_result *l4_layer_result = NULL; - struct layer_results *results = &handler->results; - - // search L3 layer and L4 layer in order - for (int8_t i = 0; i <= results->layers_used - 1; i++) - { - const struct layer_result *layer = &results->layers[i]; - enum layer_type type = layer->type; - - TFE_LOG_DEBUG(logger, "%s: find most outer tuple4, pkt_trace_id: %lu, layer[%d/%d]: %s", LOG_TAG_RAWPKT, handler->pkt_trace_id, i, results->layers_size, layer_type2str(type)); - - // first get L3 layer - if (type & LAYER_TYPE_L3) - { - l3_layer_result = layer; - continue; - } - - // second get L4 layer - if (type & LAYER_TYPE_L4) - { - l4_layer_result = layer; - break; - } - } - - if (l3_layer_result) - { - l3_layer_data = (const char *)handler->ptr_pkt_start + l3_layer_result->offset; - set_addr_tuple4(l3_layer_data, l3_layer_result->type, addr); - } - - if (l4_layer_result) - { - l4_layer_data = (const char *)handler->ptr_pkt_start + l4_layer_result->offset; - set_addr_tuple4(l4_layer_data, l4_layer_result->type, addr); - } - - if (l3_layer_result && l4_layer_result) - { - return 0; - } - else - { - return -1; - } -} - -// return 0 : success -// return -1 : error -int raw_packet_parser_get_most_inner_address(struct raw_pkt_parser *handler, struct addr_tuple4 *addr, void *logger) -{ - const char *l3_layer_data = NULL; - struct layer_results *results = &handler->results; - - // search L3 layer in reverse order - for (int8_t i = results->layers_used - 1; i >= 0; i--) - { - const struct layer_result *layer = &results->layers[i]; - enum layer_type type = layer->type; - - TFE_LOG_DEBUG(logger, "%s: find most inner address, pkt_trace_id: %lu, layer[%d/%d]: %s", LOG_TAG_RAWPKT, handler->pkt_trace_id, i, results->layers_size, layer_type2str(type)); - if (type & LAYER_TYPE_L3) - { - l3_layer_data = (const char *)handler->ptr_pkt_start + layer->offset; - set_addr_tuple4(l3_layer_data, type, addr); - return 0; - } - } - - return -1; -} - -// return 0 : success -// return -1 : error -int raw_packet_parser_get_most_outer_address(struct raw_pkt_parser *handler, struct addr_tuple4 *addr, void *logger) -{ - const char *l3_layer_data = NULL; - struct layer_results *results = &handler->results; - - // search L3 layer in order - for (int8_t i = 0; i <= results->layers_used - 1; i++) - { - const struct layer_result *layer = &results->layers[i]; - enum layer_type type = layer->type; - - TFE_LOG_DEBUG(logger, "%s: find most outer address, pkt_trace_id: %lu, layer[%d/%d]: %s", LOG_TAG_RAWPKT, handler->pkt_trace_id, i, results->layers_size, layer_type2str(type)); - if (type & LAYER_TYPE_L3) - { - l3_layer_data = (const char *)handler->ptr_pkt_start + layer->offset; - set_addr_tuple4(l3_layer_data, type, addr); - return 0; - } - } - - return -1; -} - -uint16_t raw_packet_parser_get_most_inner_ipid(struct raw_pkt_parser *handler) -{ - const char *l3_layer_data = NULL; - struct layer_results *results = &handler->results; - - // search L3 layer in reverse order - for (int8_t i = results->layers_used - 1; i >= 0; i--) - { - const struct layer_result *layer = &results->layers[i]; - enum layer_type type = layer->type; - - if (type & LAYER_TYPE_L3) - { - l3_layer_data = (const char *)handler->ptr_pkt_start + layer->offset; - if (type == LAYER_TYPE_IPV4) - { - const struct ip *ipv4_hdr = (const struct ip *)l3_layer_data; - return ntohs(ipv4_hdr->ip_id); - } - else - { - return 0; - } - } - } - - return 0; -} - -uint16_t raw_packet_parser_get_most_outer_ipid(struct raw_pkt_parser *handler) -{ - const char *l3_layer_data = NULL; - struct layer_results *results = &handler->results; - - // search L3 layer in order - for (int8_t i = 0; i <= results->layers_used - 1; i++) - { - const struct layer_result *layer = &results->layers[i]; - enum layer_type type = layer->type; - - if (type & LAYER_TYPE_L3) - { - l3_layer_data = (const char *)handler->ptr_pkt_start + layer->offset; - if (type == LAYER_TYPE_IPV4) - { - const struct ip *ipv4_hdr = (const struct ip *)l3_layer_data; - return ntohs(ipv4_hdr->ip_id); - } - else - { - return 0; - } - } - } - - return -1; -} - -uint64_t raw_packet_parser_get_hash_value(struct raw_pkt_parser *handler, enum ldbc_method method, int dir_is_internal, void *logger) -{ - uint64_t temp = 0; - uint64_t hash_value = 1; - - int inner_addr_len = 0; - int outer_addr_len = 0; - const char *inner_src_addr = NULL; - const char *inner_dst_addr = NULL; - const char *outer_src_addr = NULL; - const char *outer_dst_addr = NULL; - - struct addr_tuple4 inner_addr; - struct addr_tuple4 outer_addr; - memset(&inner_addr, 0, sizeof(inner_addr)); - memset(&outer_addr, 0, sizeof(outer_addr)); - - if (handler == NULL) - { - return hash_value; - } - - if (raw_packet_parser_get_most_inner_address(handler, &inner_addr, logger) == -1) - { - return hash_value; - } - - if (raw_packet_parser_get_most_outer_address(handler, &outer_addr, logger) == -1) - { - return hash_value; - } - - if (inner_addr.addr_type == ADDR_TUPLE4_TYPE_V4) - { - inner_src_addr = (const char *)&(inner_addr.addr_v4.src_addr); - inner_dst_addr = (const char *)&(inner_addr.addr_v4.dst_addr); - inner_addr_len = sizeof(inner_addr.addr_v4.dst_addr); - } - else - { - inner_src_addr = (const char *)&(inner_addr.addr_v6.src_addr); - inner_dst_addr = (const char *)&(inner_addr.addr_v6.dst_addr); - inner_addr_len = sizeof(inner_addr.addr_v6.dst_addr); - } - - if (outer_addr.addr_type == ADDR_TUPLE4_TYPE_V4) - { - outer_src_addr = (const char *)&(outer_addr.addr_v4.src_addr); - outer_dst_addr = (const char *)&(outer_addr.addr_v4.dst_addr); - outer_addr_len = sizeof(outer_addr.addr_v4.dst_addr); - } - else - { - outer_src_addr = (const char *)&(outer_addr.addr_v6.src_addr); - outer_dst_addr = (const char *)&(outer_addr.addr_v6.dst_addr); - outer_addr_len = sizeof(outer_addr.addr_v6.dst_addr); - } - - switch (method) - { - case LDBC_METHOD_HASH_INT_IP: - if (dir_is_internal) - { - // outer src ip - HASH_VALUE(outer_src_addr, outer_addr_len, hash_value); - } - else - { - // outer dst ip - HASH_VALUE(outer_dst_addr, outer_addr_len, hash_value); - } - break; - case LDBC_METHOD_HASH_EXT_IP: - if (dir_is_internal) - { - // outer dst ip - HASH_VALUE(outer_dst_addr, outer_addr_len, hash_value); - } - else - { - // outer src ip - HASH_VALUE(outer_src_addr, outer_addr_len, hash_value); - } - break; - case LDBC_METHOD_HASH_INT_IP_AND_EXT_IP: - // outer dst ip ^ outer src ip - HASH_VALUE(outer_src_addr, outer_addr_len, hash_value); - HASH_VALUE(outer_dst_addr, outer_addr_len, temp); - hash_value = hash_value ^ temp; - break; - case LDBC_METHOD_HASH_INNERMOST_INT_IP: - if (dir_is_internal) - { - // innner src ip - HASH_VALUE(inner_src_addr, inner_addr_len, hash_value); - } - else - { - // innner dst ip - HASH_VALUE(inner_dst_addr, inner_addr_len, hash_value); - } - break; - case LDBC_METHOD_HASH_INNERMOST_EXT_IP: - if (dir_is_internal) - { - // innner dst ip - HASH_VALUE(inner_dst_addr, inner_addr_len, hash_value); - } - else - { - // innner src ip - HASH_VALUE(inner_src_addr, inner_addr_len, hash_value); - } - break; - default: - return hash_value; - } - - char *inner_addr_str = addr_tuple4_to_str(&inner_addr); - char *outer_addr_str = addr_tuple4_to_str(&outer_addr); - TFE_LOG_DEBUG(logger, "%s: pkt_trace_id: %lu, outer_addr: %s, inner_addr: %s, is_internal: %d, hash_method: %s, hash_value: %lu", - LOG_TAG_RAWPKT, handler->pkt_trace_id, outer_addr_str, inner_addr_str, dir_is_internal, ldbc_method_to_string(method), hash_value); - free(inner_addr_str); - free(outer_addr_str); - - return hash_value; -} - -static const struct layer_result *raw_packet_parser_get_most_inner_layer(struct raw_pkt_parser *handler, enum layer_type layer_type) -{ - const struct layer_result *layer_result = NULL; - struct layer_results *results = &handler->results; - - for (int8_t i = results->layers_used - 1; i >= 0; i--) - { - const struct layer_result *layer = &results->layers[i]; - enum layer_type type = layer->type; - - // first get L4 layer - if (type & layer_type) - { - layer_result = layer; - break; - } - } - - if (layer_result == NULL) - return NULL; - - return layer_result; -} - -static const struct layer_result *raw_packet_parser_get_most_outer_layer(struct raw_pkt_parser *handler, enum layer_type layer_type) -{ - const struct layer_result *layer_result = NULL; - struct layer_results *results = &handler->results; - - for (int8_t i = 0; i <= results->layers_used - 1; i++) - { - const struct layer_result *layer = &results->layers[i]; - enum layer_type type = layer->type; - - // first get L4 layer - if (type & layer_type) - { - layer_result = layer; - break; - } - } - - if (layer_result == NULL) - return NULL; - - return layer_result; -} - -int raw_traffic_decapsulate(struct raw_pkt_parser *handler, char *raw_data, int raw_len, char **header, int *header_len, int *is_ipv4) -{ - const struct layer_result *l2_tun_layer_result = NULL; - const struct layer_result *l3_layer_result = NULL; - const struct layer_result *l4_layer_result = NULL; - - l4_layer_result = raw_packet_parser_get_most_inner_layer(handler, LAYER_TYPE_L4); - if (l4_layer_result == NULL) - return -1; - - if (l4_layer_result->type != LAYER_TYPE_TCP) - return -1; - - l3_layer_result = raw_packet_parser_get_most_inner_layer(handler, LAYER_TYPE_L3); - if (l3_layer_result == NULL) - return -1; - - *is_ipv4 = l3_layer_result->type == LAYER_TYPE_IPV4 ? 1 : 0; - l2_tun_layer_result = raw_packet_parser_get_most_outer_layer(handler, LAYER_TYPE_L2_TUN); - if (l2_tun_layer_result == NULL) - return -1; - - *header_len = l3_layer_result->offset; - *header = (char *)calloc(*header_len, sizeof(char)); - memcpy(*header, raw_data, *header_len); - return 0; -} - -/****************************************************************************** - * Private API - ******************************************************************************/ - -// return 0 : success -// return -ENOMEM : error -static inline int raw_packet_parser_push(struct raw_pkt_parser *handler, enum layer_type type, uint16_t offset) -{ - struct layer_results *result = &handler->results; - - if (result->layers_used >= result->layers_size) - { - return -ENOMEM; - } - - result->layers[result->layers_used].offset = offset; - result->layers[result->layers_used].type = type; - result->layers_used++; - - return 0; -} - -// return PARSE_STATUS_CONTINUE -// return PARSE_STATUS_STOP -static inline enum parse_status raw_packet_parser_status(struct raw_pkt_parser *handler, const void *data, enum layer_type this_type) -{ - /* - * only when this_type & handler->expect_type is true, - * the information of the current layer will be recorded in results. - */ - if (!(this_type & handler->expect_type)) - { - return PARSE_STATUS_CONTINUE; - } - - uint16_t offset = (uintptr_t)data - (uintptr_t)(handler->ptr_pkt_start); - if (raw_packet_parser_push(handler, this_type, offset) < 0) - { - return PARSE_STATUS_STOP; - } - else - { - return PARSE_STATUS_CONTINUE; - } -} - -static const char *ldbc_method_to_string(enum ldbc_method ldbc_method) -{ - switch (ldbc_method) - { - case LDBC_METHOD_HASH_INT_IP: - return "outter_internal_ip"; - case LDBC_METHOD_HASH_EXT_IP: - return "outter_external_ip"; - case LDBC_METHOD_HASH_INT_IP_AND_EXT_IP: - return "outter_internal_ip_and_external_ip"; - case LDBC_METHOD_HASH_INNERMOST_INT_IP: - return "inner_internal_ip"; - case LDBC_METHOD_HASH_INNERMOST_EXT_IP: - return "inner_external_ip"; - default: - return "unknown"; - } -} - -static void set_addr_tuple4(const void *data, enum layer_type layer_type, struct addr_tuple4 *addr) -{ - const struct tcphdr *tcp_hdr = NULL; - const struct udp_hdr *udp_hdr = NULL; - const struct ip *ipv4_hdr = NULL; - const struct ip6_hdr *ipv6_hdr = NULL; - - switch (layer_type) - { - case LAYER_TYPE_TCP: - tcp_hdr = (const struct tcphdr *)data; - addr->src_port = tcp_hdr->th_sport; - addr->dst_port = tcp_hdr->th_dport; - break; - case LAYER_TYPE_UDP: - udp_hdr = (const struct udp_hdr *)data; - addr->src_port = udp_hdr->uh_sport; - addr->dst_port = udp_hdr->uh_dport; - break; - case LAYER_TYPE_IPV4: - ipv4_hdr = (const struct ip *)data; - addr->addr_type = ADDR_TUPLE4_TYPE_V4; - addr->addr_v4.src_addr = ipv4_hdr->ip_src; - addr->addr_v4.dst_addr = ipv4_hdr->ip_dst; - break; - case LAYER_TYPE_IPV6: - ipv6_hdr = (const struct ip6_hdr *)data; - addr->addr_type = ADDR_TUPLE4_TYPE_V6; - memcpy(&addr->addr_v6.src_addr, &ipv6_hdr->ip6_src, sizeof(addr->addr_v6.src_addr)); - memcpy(&addr->addr_v6.dst_addr, &ipv6_hdr->ip6_dst, sizeof(addr->addr_v6.dst_addr)); - break; - default: - break; - } -} - -static const char *layer_type2str(enum layer_type this_type) -{ - switch (this_type) - { - case LAYER_TYPE_ETHER: - return "ETHER"; - case LAYER_TYPE_PPP: - return "PPP"; - case LAYER_TYPE_HDLC: - return "HDLC"; - case LAYER_TYPE_VLAN: - return "VLAN"; - case LAYER_TYPE_PPPOE: - return "PPPOE"; - case LAYER_TYPE_MPLS: - return "MPLS"; - case LAYER_TYPE_IPV4: - return "IPV4"; - case LAYER_TYPE_IPV6: - return "IPV6"; - case LAYER_TYPE_UDP: - return "UDP"; - case LAYER_TYPE_TCP: - return "TCP"; - case LAYER_TYPE_G_VXLAN: - return "G_VXLAN"; - case LAYER_TYPE_GTPV1_U: - return "GTPV1_U"; - default: - return "UNKNOWN"; - } -} - -// FROM SAPP -static uint16_t parse_gtphdr_len(const struct gtp_hdr *gtph) -{ - const unsigned char *p_ext_hdr = (unsigned char *)gtph + sizeof(struct gtp_hdr); - unsigned char next_hdr_type; - unsigned char this_ext_field_cont_len; - - // v0 太古老已废弃,目前仅支持 GTPv1 版本 - if (((gtph->flags & GTP_HDR_VER_MASK) >> 5) != 1) - { - return -1; - } - - if (gtph->flags & (GTP_HDR_FLAG_SEQ_NUM | GTP_HDR_FLAG_N_PDU | GTP_HDR_FLAG_NEXT_EXT_HDR)) - { - // skip seq field (2 bytes) - p_ext_hdr += 2; - - // skip N-PDU field (1 byte) - p_ext_hdr++; - - // 解析 GTP 扩展头部字段,参考 wireshark 源码 packet-gtp.c->dissect_gtp_common() - next_hdr_type = *p_ext_hdr; - if (gtph->flags & GTP_HDR_FLAG_NEXT_EXT_HDR) - { - while (next_hdr_type != 0) - { - // 指向长度字段, 以4个字节为单位 - p_ext_hdr++; - this_ext_field_cont_len = *p_ext_hdr * 4 - 2; - - // 指向数据部分第一个字节 - p_ext_hdr++; - p_ext_hdr += this_ext_field_cont_len; - - // 指向下一个头部字段 - next_hdr_type = *p_ext_hdr; - p_ext_hdr++; - } - } - else - { - p_ext_hdr++; - } - } - - return (char *)p_ext_hdr - (char *)gtph; -} - -static inline const void *parse_ether(struct raw_pkt_parser *handler, const void *data, size_t length, enum layer_type this_type, void *logger) -{ - if (length < sizeof(struct ethhdr)) - { - TFE_LOG_ERROR(logger, "%s: pkt_trace_id: %lu, this_layer: %s, err: data not enough", LOG_TAG_RAWPKT, handler->pkt_trace_id, layer_type2str(this_type)); - return data; - } - - if (raw_packet_parser_status(handler, data, this_type) == PARSE_STATUS_STOP) - { - return data; - } - - struct ethhdr *hdr = (struct ethhdr *)data; - uint16_t next_proto = ntohs(hdr->h_proto); - uint16_t hdr_len = sizeof(struct ethhdr); - const void *data_next_layer = (const char *)data + hdr_len; - size_t data_next_length = length - hdr_len; - - TFE_LOG_DEBUG(logger, "%s: pkt_trace_id: %lu, this_layer: %s, payload_len: [%lu/%lu]", LOG_TAG_RAWPKT, handler->pkt_trace_id, layer_type2str(this_type), data_next_length, length); - switch (next_proto) - { - case ETH_P_8021Q: - case ETH_P_8021AD: - // TESTED - return parse_vlan8021q(handler, data_next_layer, data_next_length, LAYER_TYPE_VLAN, logger); - case ETH_P_IP: - // TESTED - return parse_ipv4(handler, data_next_layer, data_next_length, LAYER_TYPE_IPV4, logger); - case ETH_P_IPV6: - // TESTED - return parse_ipv6(handler, data_next_layer, data_next_length, LAYER_TYPE_IPV6, logger); - case ETH_P_PPP_SES: - // TODO - return parse_pppoe_ses(handler, data_next_layer, data_next_length, LAYER_TYPE_PPPOE, logger); - case ETH_P_MPLS_UC: - // TESTED - return parse_mpls(handler, data_next_layer, data_next_length, LAYER_TYPE_MPLS, logger); - default: - TFE_LOG_ERROR(logger, "%s: pkt_trace_id: %lu, this_layer: %s, stop parse next protocol %d", LOG_TAG_RAWPKT, handler->pkt_trace_id, layer_type2str(this_type), next_proto); - return data_next_layer; - } -} - -static inline const void *parse_ipv4(struct raw_pkt_parser *handler, const void *data, size_t length, enum layer_type this_type, void *logger) -{ - if (length < sizeof(struct ip)) - { - TFE_LOG_ERROR(logger, "%s: pkt_trace_id: %lu, this_layer: %s, err: data not enough", LOG_TAG_RAWPKT, handler->pkt_trace_id, layer_type2str(this_type)); - return data; - } - - if (raw_packet_parser_status(handler, data, this_type) == PARSE_STATUS_STOP) - { - return data; - } - - struct ip *hdr = (struct ip *)data; - uint16_t next_proto = hdr->ip_p; - uint16_t hdr_len = (hdr->ip_hl & 0xf) * 4u; - const void *data_next_layer = (const char *)data + hdr_len; - size_t data_next_length = length - hdr_len; - - TFE_LOG_DEBUG(logger, "%s: pkt_trace_id: %lu, this_layer: %s, payload_len: [%lu/%lu]", LOG_TAG_RAWPKT, handler->pkt_trace_id, layer_type2str(this_type), data_next_length, length); - switch (next_proto) - { - case IPPROTO_TCP: - // TESTED - return parse_tcp(handler, data_next_layer, data_next_length, LAYER_TYPE_TCP, logger); - case IPPROTO_UDP: - // TESTED - return parse_udp(handler, data_next_layer, data_next_length, LAYER_TYPE_UDP, logger); - case IPPROTO_IPIP: - // TESTED - return parse_ipv4(handler, data_next_layer, data_next_length, LAYER_TYPE_IPV4, logger); - case IPPROTO_IPV6: - // TESTED - return parse_ipv6(handler, data_next_layer, data_next_length, LAYER_TYPE_IPV6, logger); - default: - TFE_LOG_ERROR(logger, "%s: pkt_trace_id: %lu, this_layer: %s, stop parse next protocol %d", LOG_TAG_RAWPKT, handler->pkt_trace_id, layer_type2str(this_type), next_proto); - return data_next_layer; - } -} - -static inline const void *parse_ipv6(struct raw_pkt_parser *handler, const void *data, size_t length, enum layer_type this_type, void *logger) -{ - if (length < sizeof(struct ip6_hdr)) - { - TFE_LOG_ERROR(logger, "%s: pkt_trace_id: %lu, this_layer: %s, err: data not enough", LOG_TAG_RAWPKT, handler->pkt_trace_id, layer_type2str(this_type)); - return data; - } - - if (raw_packet_parser_status(handler, data, this_type) == PARSE_STATUS_STOP) - { - return data; - } - - struct ip6_hdr *hdr = (struct ip6_hdr *)data; - uint16_t next_proto = hdr->ip6_nxt; - uint16_t hdr_len = sizeof(struct ip6_hdr); - const void *data_next_layer = (const char *)data + hdr_len; - size_t data_next_length = length - hdr_len; - - TFE_LOG_DEBUG(logger, "%s: pkt_trace_id: %lu, this_layer: %s, payload_len: [%lu/%lu]", LOG_TAG_RAWPKT, handler->pkt_trace_id, layer_type2str(this_type), data_next_length, length); - switch (next_proto) - { - case IPPROTO_TCP: - // TESTED - return parse_tcp(handler, data_next_layer, data_next_length, LAYER_TYPE_TCP, logger); - case IPPROTO_UDP: - // TESTED - return parse_udp(handler, data_next_layer, data_next_length, LAYER_TYPE_UDP, logger); - case IPPROTO_IPIP: - // TESTED - return parse_ipv4(handler, data_next_layer, data_next_length, LAYER_TYPE_IPV4, logger); - case IPPROTO_IPV6: - // TESTED - return parse_ipv6(handler, data_next_layer, data_next_length, LAYER_TYPE_IPV6, logger); - default: - TFE_LOG_ERROR(logger, "%s: pkt_trace_id: %lu, this_layer: %s, stop parse next protocol %d", LOG_TAG_RAWPKT, handler->pkt_trace_id, layer_type2str(this_type), next_proto); - return data_next_layer; - } -} - -static inline const void *parse_tcp(struct raw_pkt_parser *handler, const void *data, size_t length, enum layer_type this_type, void *logger) -{ - if (length < sizeof(struct tcphdr)) - { - TFE_LOG_ERROR(logger, "%s: pkt_trace_id: %lu, this_layer: %s, err: data not enough", LOG_TAG_RAWPKT, handler->pkt_trace_id, layer_type2str(this_type)); - return data; - } - - if (raw_packet_parser_status(handler, data, this_type) == PARSE_STATUS_STOP) - { - return data; - } - - struct tcphdr *hdr = (struct tcphdr *)data; - uint16_t hdr_len = hdr->th_off << 2; - const void *data_next_layer = (const char *)data + hdr_len; - size_t data_next_length = length - hdr_len; - - TFE_LOG_DEBUG(logger, "%s: pkt_trace_id: %lu, this_layer: %s, payload_len: [%lu/%lu]", LOG_TAG_RAWPKT, handler->pkt_trace_id, layer_type2str(this_type), data_next_length, length); - - return data_next_layer; -} - -static inline const void *parse_udp(struct raw_pkt_parser *handler, const void *data, size_t length, enum layer_type this_type, void *logger) -{ - if (length < sizeof(struct udp_hdr)) - { - TFE_LOG_ERROR(logger, "%s: pkt_trace_id: %lu, this_layer: %s, err: data not enough", LOG_TAG_RAWPKT, handler->pkt_trace_id, layer_type2str(this_type)); - return data; - } - - if (raw_packet_parser_status(handler, data, this_type) == PARSE_STATUS_STOP) - { - return data; - } - - struct udp_hdr *hdr = (struct udp_hdr *)data; - uint16_t hdr_len = sizeof(struct udp_hdr); - const void *data_next_layer = (const char *)data + hdr_len; - size_t data_next_length = length - hdr_len; - - TFE_LOG_DEBUG(logger, "%s: pkt_trace_id: %lu, this_layer: %s, payload_len: [%lu/%lu]", LOG_TAG_RAWPKT, handler->pkt_trace_id, layer_type2str(this_type), data_next_length, length); - switch (ntohs(hdr->uh_dport)) - { - // VXLAN_DPORT - case 4789: - // TESTED - return parse_vxlan(handler, data_next_layer, data_next_length, LAYER_TYPE_G_VXLAN, logger); - // GTP1U_PORT - case 2152: - // TESTED - return parse_gtpv1_u(handler, data_next_layer, data_next_length, LAYER_TYPE_GTPV1_U, logger); - default: - return data_next_layer; - } -} - -static inline const void *parse_pppoe_ses(struct raw_pkt_parser *handler, const void *data, size_t length, enum layer_type this_type, void *logger) -{ - if (length < 8) - { - TFE_LOG_ERROR(logger, "%s: pkt_trace_id: %lu, this_layer: %s, err: data not enough", LOG_TAG_RAWPKT, handler->pkt_trace_id, layer_type2str(this_type)); - return data; - } - - if (raw_packet_parser_status(handler, data, this_type) == PARSE_STATUS_STOP) - { - return data; - } - - uint16_t next_proto = *((uint16_t *)data + 3); - uint16_t hdr_len = 8; - const void *data_next_layer = (const char *)data + hdr_len; - size_t data_next_length = length - hdr_len; - - TFE_LOG_DEBUG(logger, "%s: pkt_trace_id: %lu, this_layer: %s, payload_len: [%lu/%lu]", LOG_TAG_RAWPKT, handler->pkt_trace_id, layer_type2str(this_type), data_next_length, length); - switch (next_proto) - { - // PPPOE_TYPE_IPV4 - case 0x2100: - // TESTED - return parse_ipv4(handler, data_next_layer, data_next_length, LAYER_TYPE_IPV4, logger); - // PPPOE_TYPE_IPV6 - case 0x5700: - // TODO - return parse_ipv6(handler, data_next_layer, data_next_length, LAYER_TYPE_IPV6, logger); - default: - TFE_LOG_ERROR(logger, "%s: pkt_trace_id: %lu, this_layer: %s, stop parse next protocol %d", LOG_TAG_RAWPKT, handler->pkt_trace_id, layer_type2str(this_type), next_proto); - return data_next_layer; - } -} - -static inline const void *parse_vxlan(struct raw_pkt_parser *handler, const void *data, size_t length, enum layer_type this_type, void *logger) -{ - if (length < sizeof(struct vxlan_hdr)) - { - TFE_LOG_ERROR(logger, "%s: pkt_trace_id: %lu, this_layer: %s, err: data not enough", LOG_TAG_RAWPKT, handler->pkt_trace_id, layer_type2str(this_type)); - return NULL; - } - - if (raw_packet_parser_status(handler, data, this_type) == PARSE_STATUS_STOP) - { - return data; - } - - // struct vxlan_hdr *vxlan_hdr = (struct vxlan_hdr *)data; - uint16_t hdr_len = sizeof(struct vxlan_hdr); - const void *data_next_layer = (const char *)data + hdr_len; - size_t data_next_length = length - hdr_len; - - TFE_LOG_DEBUG(logger, "%s: pkt_trace_id: %lu, this_layer: %s, payload_len: [%lu/%lu]", LOG_TAG_RAWPKT, handler->pkt_trace_id, layer_type2str(this_type), data_next_length, length); - // TESTED - return parse_ether(handler, data_next_layer, data_next_length, LAYER_TYPE_ETHER, logger); -} - -static inline const void *parse_vlan8021q(struct raw_pkt_parser *handler, const void *data, size_t length, enum layer_type this_type, void *logger) -{ - if (length < sizeof(struct vlan_hdr)) - { - TFE_LOG_ERROR(logger, "%s: pkt_trace_id: %lu, this_layer: %s, err: data not enough", LOG_TAG_RAWPKT, handler->pkt_trace_id, layer_type2str(this_type)); - return NULL; - } - - if (raw_packet_parser_status(handler, data, this_type) == PARSE_STATUS_STOP) - { - return data; - } - - struct vlan_hdr *hdr = (struct vlan_hdr *)data; - uint16_t next_proto = ntohs(hdr->protocol); - uint16_t hdr_len = sizeof(struct vlan_hdr); - const void *data_next_layer = (const char *)data + hdr_len; - size_t data_next_length = length - hdr_len; - - TFE_LOG_DEBUG(logger, "%s: pkt_trace_id: %lu, this_layer: %s, payload_len: [%lu/%lu]", LOG_TAG_RAWPKT, handler->pkt_trace_id, layer_type2str(this_type), data_next_length, length); - switch (next_proto) - { - case ETH_P_8021Q: - // TESTED - return parse_vlan8021q(handler, data_next_layer, data_next_length, LAYER_TYPE_VLAN, logger); - case ETH_P_IP: - // TESTED - return parse_ipv4(handler, data_next_layer, data_next_length, LAYER_TYPE_IPV4, logger); - case ETH_P_IPV6: - // TODO - return parse_ipv6(handler, data_next_layer, data_next_length, LAYER_TYPE_IPV6, logger); - case ETH_P_PPP_SES: - // TESTED - return parse_pppoe_ses(handler, data_next_layer, data_next_length, LAYER_TYPE_PPPOE, logger); - case ETH_P_MPLS_UC: - // TODO - return parse_mpls(handler, data_next_layer, data_next_length, LAYER_TYPE_MPLS, logger); - default: - TFE_LOG_ERROR(logger, "%s: pkt_trace_id: %lu, this_layer: %s, stop parse next protocol %d", LOG_TAG_RAWPKT, handler->pkt_trace_id, layer_type2str(this_type), next_proto); - return data_next_layer; - } -} - -static inline const void *parse_gtpv1_u(struct raw_pkt_parser *handler, const void *data, size_t length, enum layer_type this_type, void *logger) -{ - if (length < sizeof(struct gtp_hdr)) - { - TFE_LOG_ERROR(logger, "%s: pkt_trace_id: %lu, this_layer: %s, err: data not enough", LOG_TAG_RAWPKT, handler->pkt_trace_id, layer_type2str(this_type)); - return NULL; - } - - uint16_t hdr_len = parse_gtphdr_len((const struct gtp_hdr *)data); - if (hdr_len < 0) - { - return data; - } - - if (raw_packet_parser_status(handler, data, this_type) == PARSE_STATUS_STOP) - { - return data; - } - - uint8_t next_proto = (((const uint8_t *)((const char *)data + hdr_len))[0]) >> 4; - const void *data_next_layer = (const char *)data + hdr_len; - size_t data_next_length = length - hdr_len; - - TFE_LOG_DEBUG(logger, "%s: pkt_trace_id: %lu, this_layer: %s, payload_len: [%lu/%lu]", LOG_TAG_RAWPKT, handler->pkt_trace_id, layer_type2str(this_type), data_next_length, length); - switch (next_proto) - { - case 4: - // TESTED - return parse_ipv4(handler, data_next_layer, data_next_length, LAYER_TYPE_IPV4, logger); - case 6: - // TESTED - return parse_ipv6(handler, data_next_layer, data_next_length, LAYER_TYPE_IPV6, logger); - default: - TFE_LOG_ERROR(logger, "%s: pkt_trace_id: %lu, this_layer: %s, stop parse next protocol %d", LOG_TAG_RAWPKT, handler->pkt_trace_id, layer_type2str(this_type), next_proto); - return data_next_layer; - } -} - -static inline const void *parse_mpls(struct raw_pkt_parser *handler, const void *data, size_t length, enum layer_type this_type, void *logger) -{ - if (length < 4) - { - TFE_LOG_ERROR(logger, "%s: pkt_trace_id: %lu, this_layer: %s, err: data not enough", LOG_TAG_RAWPKT, handler->pkt_trace_id, layer_type2str(this_type)); - return data; - } - - if (raw_packet_parser_status(handler, data, this_type) == PARSE_STATUS_STOP) - { - return data; - } - -#define MPLS_LABEL_MASK (0xFFFFF000) -#define MPLS_EXP_MASK (0x00000E00) -#define MPLS_BLS_MASK (0x00000100) -#define MPLS_TTL_MASK (0x000000FF) - - /* - * MPLS Format - * 0 1 2 3 - * 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 - * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ - * | Label | Exp |S| TTL | - * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ - * Label : Label Value 20 bits - * Exp : Experimental Use 3 bits - * S : Bottom of Stack 1 bit - * TTL : Time to Live 8 bits - */ - - uint32_t *hdr = (uint32_t *)data; - // unsigned int mpls_label = (ntohl(*hdr) & MPLS_LABEL_MASK) >> 12; - // unsigned int mpls_exp = (ntohl(*hdr) & MPLS_EXP_MASK) >> 9; - unsigned int mpls_bls = (ntohl(*hdr) & MPLS_BLS_MASK) >> 8; - // unsigned int mpls_ttl = (ntohl(*hdr) & MPLS_TTL_MASK); - - uint16_t hdr_len = 4; - const void *data_next_layer = (const char *)data + hdr_len; - size_t data_next_length = length - hdr_len; - - if (mpls_bls == 1) - { - uint8_t ip_version = (((uint8_t *)data_next_layer)[0]) >> 4; - if (ip_version == 0) - { - /* - * PW Ethernet Control Word - * 0 1 2 3 - * 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 - * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ - * |0 0 0 0| Reserved | Sequence Number | - * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ - * Reference: https://tools.ietf.org/html/rfc4448 - */ - data_next_layer = (const char *)data_next_layer + 4; - data_next_length = data_next_length - 4; - - TFE_LOG_DEBUG(logger, "%s: pkt_trace_id: %lu, this_layer: %s, payload_len: [%lu/%lu]", LOG_TAG_RAWPKT, handler->pkt_trace_id, layer_type2str(this_type), data_next_length, length); - // TESTED - return parse_ether(handler, data_next_layer, data_next_length, LAYER_TYPE_ETHER, logger); - } - else if (ip_version == 4) - { - TFE_LOG_DEBUG(logger, "%s: pkt_trace_id: %lu, this_layer: %s, payload_len: [%lu/%lu]", LOG_TAG_RAWPKT, handler->pkt_trace_id, layer_type2str(this_type), data_next_length, length); - // TESTED - return parse_ipv4(handler, data_next_layer, data_next_length, LAYER_TYPE_IPV4, logger); - } - else if (ip_version == 6) - { - TFE_LOG_DEBUG(logger, "%s: pkt_trace_id: %lu, this_layer: %s, payload_len: [%lu/%lu]", LOG_TAG_RAWPKT, handler->pkt_trace_id, layer_type2str(this_type), data_next_length, length); - // TODO - return parse_ipv6(handler, data_next_layer, data_next_length, LAYER_TYPE_IPV6, logger); - } - else - { - TFE_LOG_DEBUG(logger, "%s: pkt_trace_id: %lu, this_layer: %s, payload_len: [%lu/%lu]", LOG_TAG_RAWPKT, handler->pkt_trace_id, layer_type2str(this_type), data_next_length, length); - // TODO - return parse_ether(handler, data_next_layer, data_next_length, LAYER_TYPE_ETHER, logger); - } - } - else - { - TFE_LOG_DEBUG(logger, "%s: pkt_trace_id: %lu, this_layer: %s, payload_len: [%lu/%lu]", LOG_TAG_RAWPKT, handler->pkt_trace_id, layer_type2str(this_type), data_next_length, length); - // TESTED - return parse_mpls(handler, data_next_layer, data_next_length, LAYER_TYPE_MPLS, logger); - } -} \ No newline at end of file diff --git a/common/src/tfe_session_table.cpp b/common/src/tfe_session_table.cpp index 654e292..46df666 100644 --- a/common/src/tfe_session_table.cpp +++ b/common/src/tfe_session_table.cpp @@ -86,7 +86,7 @@ uint64_t session_table_count(struct session_table *table) // session_addr : deep copy // val_data : shallow copy (malloc by user, free by val_freecb) -int session_table_insert(struct session_table *table, uint64_t session_id, const struct addr_tuple4 *session_addr, void *val_data, const fn_free_cb *val_freecb) +int session_table_insert(struct session_table *table, uint64_t session_id, const struct tuple4 *session_addr, void *val_data, const fn_free_cb *val_freecb) { struct session_node *temp = NULL; HASH_FIND(hh1, table->root_by_id, &session_id, sizeof(session_id), temp); @@ -100,7 +100,7 @@ int session_table_insert(struct session_table *table, uint64_t session_id, const assert(temp); temp->session_id = session_id; - memcpy(&temp->session_addr, session_addr, sizeof(struct addr_tuple4)); + memcpy(&temp->session_addr, session_addr, sizeof(struct tuple4)); temp->val_data = val_data; temp->val_freecb = val_freecb; @@ -141,20 +141,21 @@ int session_table_delete_by_id(struct session_table *table, uint64_t session_id) return 0; } -int session_table_delete_by_addr(struct session_table *table, const struct addr_tuple4 *session_addr) +int session_table_delete_by_addr(struct session_table *table, const struct tuple4 *session_addr) { struct session_node *temp = NULL; - char *addr_str = addr_tuple4_to_str(session_addr); - HASH_FIND(hh2, table->root_by_addr, session_addr, sizeof(struct addr_tuple4), temp); + char buffer[128] = {0}; + tuple4_tostring(session_addr, buffer, sizeof(buffer)); + HASH_FIND(hh2, table->root_by_addr, session_addr, sizeof(struct tuple4), temp); if (!temp) { - struct addr_tuple4 reverse_addr; - addr_tuple4_reverse(session_addr, &reverse_addr); - HASH_FIND(hh2, table->root_by_addr, &reverse_addr, sizeof(struct addr_tuple4), temp); + struct tuple4 reverse_addr; + memset(&reverse_addr, 0, sizeof(struct tuple4)); + tuple4_reverse(session_addr, &reverse_addr); + HASH_FIND(hh2, table->root_by_addr, &reverse_addr, sizeof(struct tuple4), temp); if (!temp) { - TFE_LOG_DEBUG(g_packet_io_logger, "%s: delete: key %s not exists", LOG_TAG_STABLE, addr_str); - free(addr_str); + TFE_LOG_DEBUG(g_packet_io_logger, "%s: delete: key %s not exists", LOG_TAG_STABLE, buffer); return -1; } } @@ -171,9 +172,7 @@ int session_table_delete_by_addr(struct session_table *table, const struct addr_ free(temp); temp = NULL; - TFE_LOG_DEBUG(g_packet_io_logger, "%s: delete: key %s success", LOG_TAG_STABLE, addr_str); - free(addr_str); - addr_str = NULL; + TFE_LOG_DEBUG(g_packet_io_logger, "%s: delete: key %s success", LOG_TAG_STABLE, buffer); table->session_node_count--; return 0; @@ -194,15 +193,16 @@ struct session_node *session_table_search_by_id(struct session_table *table, uin return temp; } -struct session_node *session_table_search_by_addr(struct session_table *table, const struct addr_tuple4 *session_addr) +struct session_node *session_table_search_by_addr(struct session_table *table, const struct tuple4 *session_addr) { struct session_node *temp = NULL; - HASH_FIND(hh2, table->root_by_addr, session_addr, sizeof(struct addr_tuple4), temp); + HASH_FIND(hh2, table->root_by_addr, session_addr, sizeof(struct tuple4), temp); if (!temp) { - struct addr_tuple4 reverse_addr; - addr_tuple4_reverse(session_addr, &reverse_addr); - HASH_FIND(hh2, table->root_by_addr, &reverse_addr, sizeof(struct addr_tuple4), temp); + struct tuple4 reverse_addr; + memset(&reverse_addr, 0, sizeof(struct tuple4)); + tuple4_reverse(session_addr, &reverse_addr); + HASH_FIND(hh2, table->root_by_addr, &reverse_addr, sizeof(struct tuple4), temp); if (!temp) { return NULL; diff --git a/common/src/timestamp.cpp b/common/src/timestamp.cpp new file mode 100644 index 0000000..0748c05 --- /dev/null +++ b/common/src/timestamp.cpp @@ -0,0 +1,38 @@ +#include + +#include "timestamp.h" + +// 1 s = 1000 ms +// 1 ms = 1000 us +// 1 us = 1000 ns + +struct timestamp +{ + struct timespec ts; + uint64_t ts_in_msec; + uint64_t ts_in_sec; +} g_timestamp; + +#define ATOMIC_SET(x, y) __atomic_store_n(x, y, __ATOMIC_RELAXED) +#define ATOMIC_READ(x) __atomic_load_n(x, __ATOMIC_RELAXED) + +void timestamp_update() +{ + clock_gettime(CLOCK_MONOTONIC, &g_timestamp.ts); + + uint64_t current_timestamp_ms = g_timestamp.ts.tv_sec * 1000 + g_timestamp.ts.tv_nsec / 1000000; + uint64_t current_timestamp_sec = g_timestamp.ts.tv_sec + g_timestamp.ts.tv_nsec / 1000000000; + + ATOMIC_SET(&g_timestamp.ts_in_msec, current_timestamp_ms); + ATOMIC_SET(&g_timestamp.ts_in_sec, current_timestamp_sec); +} + +uint64_t timestamp_get_sec() +{ + return ATOMIC_READ(&g_timestamp.ts_in_sec); +} + +uint64_t timestamp_get_msec() +{ + return ATOMIC_READ(&g_timestamp.ts_in_msec); +} \ No newline at end of file diff --git a/common/src/tuple.cpp b/common/src/tuple.cpp new file mode 100644 index 0000000..9b4fed2 --- /dev/null +++ b/common/src/tuple.cpp @@ -0,0 +1,452 @@ +#include +#include + +#include "tuple.h" +#include "crc32_hash.h" + +uint32_t tuple2_hash(const struct tuple2 *tuple) +{ + uint32_t src_addr_hash = 0; + uint32_t dst_addr_hash = 0; + uint32_t hash = crc32_hash(&tuple->ip_type, sizeof(tuple->ip_type), 0); + + if (tuple->ip_type == IP_TYPE_V4) + { + src_addr_hash = crc32_hash(&tuple->src_addr.v4, sizeof(tuple->src_addr.v4), hash); + dst_addr_hash = crc32_hash(&tuple->dst_addr.v4, sizeof(tuple->dst_addr.v4), hash); + } + else + { + src_addr_hash = crc32_hash(&tuple->src_addr.v6, sizeof(tuple->src_addr.v6), hash); + dst_addr_hash = crc32_hash(&tuple->dst_addr.v6, sizeof(tuple->dst_addr.v6), hash); + } + hash = src_addr_hash + dst_addr_hash; + + return hash; +} + +uint32_t tuple4_hash(const struct tuple4 *tuple) +{ + uint32_t src_addr_hash = 0; + uint32_t dst_addr_hash = 0; + uint32_t src_port_hash = 0; + uint32_t dst_port_hash = 0; + uint32_t hash = crc32_hash(&tuple->ip_type, sizeof(tuple->ip_type), 0); + + if (tuple->ip_type == IP_TYPE_V4) + { + src_addr_hash = crc32_hash(&tuple->src_addr.v4, sizeof(tuple->src_addr.v4), hash); + dst_addr_hash = crc32_hash(&tuple->dst_addr.v4, sizeof(tuple->dst_addr.v4), hash); + } + else + { + src_addr_hash = crc32_hash(&tuple->src_addr.v6, sizeof(tuple->src_addr.v6), hash); + dst_addr_hash = crc32_hash(&tuple->dst_addr.v6, sizeof(tuple->dst_addr.v6), hash); + } + hash = src_addr_hash + dst_addr_hash; + + src_port_hash = crc32_hash(&tuple->src_port, sizeof(tuple->src_port), hash); + dst_port_hash = crc32_hash(&tuple->dst_port, sizeof(tuple->dst_port), hash); + hash = src_port_hash + dst_port_hash; + + return hash; +} + +uint32_t tuple5_hash(const struct tuple5 *tuple) +{ + uint32_t src_addr_hash = 0; + uint32_t dst_addr_hash = 0; + uint32_t src_port_hash = 0; + uint32_t dst_port_hash = 0; + uint32_t hash = crc32_hash(&tuple->ip_type, sizeof(tuple->ip_type), 0); + hash = crc32_hash(&tuple->ip_proto, sizeof(tuple->ip_proto), hash); + + if (tuple->ip_type == IP_TYPE_V4) + { + src_addr_hash = crc32_hash(&tuple->src_addr.v4, sizeof(tuple->src_addr.v4), hash); + dst_addr_hash = crc32_hash(&tuple->dst_addr.v4, sizeof(tuple->dst_addr.v4), hash); + } + else + { + src_addr_hash = crc32_hash(&tuple->src_addr.v6, sizeof(tuple->src_addr.v6), hash); + dst_addr_hash = crc32_hash(&tuple->dst_addr.v6, sizeof(tuple->dst_addr.v6), hash); + } + hash = src_addr_hash + dst_addr_hash; + + src_port_hash = crc32_hash(&tuple->src_port, sizeof(tuple->src_port), hash); + dst_port_hash = crc32_hash(&tuple->dst_port, sizeof(tuple->dst_port), hash); + hash = src_port_hash + dst_port_hash; + + return hash; +} + +uint32_t tuple6_hash(const struct tuple6 *tuple) +{ + uint32_t src_addr_hash = 0; + uint32_t dst_addr_hash = 0; + uint32_t src_port_hash = 0; + uint32_t dst_port_hash = 0; + uint32_t hash = crc32_hash(&tuple->ip_type, sizeof(tuple->ip_type), 0); + hash = crc32_hash(&tuple->ip_proto, sizeof(tuple->ip_proto), hash); + hash = crc32_hash(&tuple->security_zone, sizeof(tuple->security_zone), hash); + + if (tuple->ip_type == IP_TYPE_V4) + { + src_addr_hash = crc32_hash(&tuple->src_addr.v4, sizeof(tuple->src_addr.v4), hash); + dst_addr_hash = crc32_hash(&tuple->dst_addr.v4, sizeof(tuple->dst_addr.v4), hash); + } + else + { + src_addr_hash = crc32_hash(&tuple->src_addr.v6, sizeof(tuple->src_addr.v6), hash); + dst_addr_hash = crc32_hash(&tuple->dst_addr.v6, sizeof(tuple->dst_addr.v6), hash); + } + hash = src_addr_hash + dst_addr_hash; + + src_port_hash = crc32_hash(&tuple->src_port, sizeof(tuple->src_port), hash); + dst_port_hash = crc32_hash(&tuple->dst_port, sizeof(tuple->dst_port), hash); + hash = src_port_hash + dst_port_hash; + + return hash; +} + +int tuple2_cmp(const struct tuple2 *tuple_a, const struct tuple2 *tuple_b) +{ + if (tuple_a->ip_type != tuple_b->ip_type) + { + return -1; + } + + if (tuple_a->ip_type == IP_TYPE_V4) + { + if (tuple_a->src_addr.v4.s_addr != tuple_b->src_addr.v4.s_addr) + { + return -1; + } + + if (tuple_a->dst_addr.v4.s_addr != tuple_b->dst_addr.v4.s_addr) + { + return -1; + } + } + else + { + if (memcmp(&tuple_a->src_addr.v6, &tuple_b->src_addr.v6, sizeof(tuple_a->src_addr.v6)) != 0) + { + return -1; + } + + if (memcmp(&tuple_a->dst_addr.v6, &tuple_b->dst_addr.v6, sizeof(tuple_a->dst_addr.v6)) != 0) + { + return -1; + } + } + + return 0; +} + +int tuple4_cmp(const struct tuple4 *tuple_a, const struct tuple4 *tuple_b) +{ + if (tuple_a->src_port != tuple_b->src_port) + { + return -1; + } + + if (tuple_a->dst_port != tuple_b->dst_port) + { + return -1; + } + + if (tuple_a->ip_type != tuple_b->ip_type) + { + return -1; + } + + if (tuple_a->ip_type == IP_TYPE_V4) + { + if (tuple_a->src_addr.v4.s_addr != tuple_b->src_addr.v4.s_addr) + { + return -1; + } + + if (tuple_a->dst_addr.v4.s_addr != tuple_b->dst_addr.v4.s_addr) + { + return -1; + } + } + else + { + if (memcmp(&tuple_a->src_addr.v6, &tuple_b->src_addr.v6, sizeof(tuple_a->src_addr.v6)) != 0) + { + return -1; + } + + if (memcmp(&tuple_a->dst_addr.v6, &tuple_b->dst_addr.v6, sizeof(tuple_a->dst_addr.v6)) != 0) + { + return -1; + } + } + + return 0; +} + +int tuple5_cmp(const struct tuple5 *tuple_a, const struct tuple5 *tuple_b) +{ + if (tuple_a->ip_proto != tuple_b->ip_proto) + { + return -1; + } + + if (tuple_a->src_port != tuple_b->src_port) + { + return -1; + } + + if (tuple_a->dst_port != tuple_b->dst_port) + { + return -1; + } + + if (tuple_a->ip_type != tuple_b->ip_type) + { + return -1; + } + + if (tuple_a->ip_type == IP_TYPE_V4) + { + if (tuple_a->src_addr.v4.s_addr != tuple_b->src_addr.v4.s_addr) + { + return -1; + } + + if (tuple_a->dst_addr.v4.s_addr != tuple_b->dst_addr.v4.s_addr) + { + return -1; + } + } + else + { + if (memcmp(&tuple_a->src_addr.v6, &tuple_b->src_addr.v6, sizeof(tuple_a->src_addr.v6)) != 0) + { + return -1; + } + + if (memcmp(&tuple_a->dst_addr.v6, &tuple_b->dst_addr.v6, sizeof(tuple_a->dst_addr.v6)) != 0) + { + return -1; + } + } + + return 0; +} + +int tuple6_cmp(const struct tuple6 *tuple_a, const struct tuple6 *tuple_b) +{ + if (tuple_a->security_zone != tuple_b->security_zone) + { + return -1; + } + + if (tuple_a->ip_proto != tuple_b->ip_proto) + { + return -1; + } + + if (tuple_a->src_port != tuple_b->src_port) + { + return -1; + } + + if (tuple_a->dst_port != tuple_b->dst_port) + { + return -1; + } + + if (tuple_a->ip_type != tuple_b->ip_type) + { + return -1; + } + + if (tuple_a->ip_type == IP_TYPE_V4) + { + if (tuple_a->src_addr.v4.s_addr != tuple_b->src_addr.v4.s_addr) + { + return -1; + } + + if (tuple_a->dst_addr.v4.s_addr != tuple_b->dst_addr.v4.s_addr) + { + return -1; + } + } + else + { + if (memcmp(&tuple_a->src_addr.v6, &tuple_b->src_addr.v6, sizeof(tuple_a->src_addr.v6)) != 0) + { + return -1; + } + + if (memcmp(&tuple_a->dst_addr.v6, &tuple_b->dst_addr.v6, sizeof(tuple_a->dst_addr.v6)) != 0) + { + return -1; + } + } + + return 0; +} + +void tuple2_reverse(const struct tuple2 *in, struct tuple2 *out) +{ + out->ip_type = in->ip_type; + + if (in->ip_type == IP_TYPE_V4) + { + out->src_addr.v4.s_addr = in->dst_addr.v4.s_addr; + out->dst_addr.v4.s_addr = in->src_addr.v4.s_addr; + } + else + { + memcpy(&out->src_addr.v6, &in->dst_addr.v6, sizeof(in->dst_addr.v6)); + memcpy(&out->dst_addr.v6, &in->src_addr.v6, sizeof(in->src_addr.v6)); + } +} + +void tuple4_reverse(const struct tuple4 *in, struct tuple4 *out) +{ + out->ip_type = in->ip_type; + out->src_port = in->dst_port; + out->dst_port = in->src_port; + + if (in->ip_type == IP_TYPE_V4) + { + out->src_addr.v4.s_addr = in->dst_addr.v4.s_addr; + out->dst_addr.v4.s_addr = in->src_addr.v4.s_addr; + } + else + { + memcpy(&out->src_addr.v6, &in->dst_addr.v6, sizeof(in->dst_addr.v6)); + memcpy(&out->dst_addr.v6, &in->src_addr.v6, sizeof(in->src_addr.v6)); + } +} + +void tuple5_reverse(const struct tuple5 *in, struct tuple5 *out) +{ + out->ip_type = in->ip_type; + out->ip_proto = in->ip_proto; + out->src_port = in->dst_port; + out->dst_port = in->src_port; + + if (in->ip_type == IP_TYPE_V4) + { + out->src_addr.v4.s_addr = in->dst_addr.v4.s_addr; + out->dst_addr.v4.s_addr = in->src_addr.v4.s_addr; + } + else + { + memcpy(&out->src_addr.v6, &in->dst_addr.v6, sizeof(in->dst_addr.v6)); + memcpy(&out->dst_addr.v6, &in->src_addr.v6, sizeof(in->src_addr.v6)); + } +} + +void tuple6_reverse(const struct tuple6 *in, struct tuple6 *out) +{ + out->ip_type = in->ip_type; + out->ip_proto = in->ip_proto; + out->security_zone = in->security_zone; + out->src_port = in->dst_port; + out->dst_port = in->src_port; + + if (in->ip_type == IP_TYPE_V4) + { + out->src_addr.v4.s_addr = in->dst_addr.v4.s_addr; + out->dst_addr.v4.s_addr = in->src_addr.v4.s_addr; + } + else + { + memcpy(&out->src_addr.v6, &in->dst_addr.v6, sizeof(in->dst_addr.v6)); + memcpy(&out->dst_addr.v6, &in->src_addr.v6, sizeof(in->src_addr.v6)); + } +} + +void tuple2_tostring(const struct tuple2 *tuple, char *buf, uint32_t size) +{ + char src_addr[INET6_ADDRSTRLEN] = {0}; + char dst_addr[INET6_ADDRSTRLEN] = {0}; + + if (tuple->ip_type == IP_TYPE_V4) + { + inet_ntop(AF_INET, &tuple->src_addr.v4, src_addr, INET6_ADDRSTRLEN); + inet_ntop(AF_INET, &tuple->dst_addr.v4, dst_addr, INET6_ADDRSTRLEN); + } + else + { + inet_ntop(AF_INET6, &tuple->src_addr.v6, src_addr, INET6_ADDRSTRLEN); + inet_ntop(AF_INET6, &tuple->dst_addr.v6, dst_addr, INET6_ADDRSTRLEN); + } + + snprintf(buf, size, "%s -> %s", src_addr, dst_addr); +} + +void tuple4_tostring(const struct tuple4 *tuple, char *buf, uint32_t size) +{ + char src_addr[INET6_ADDRSTRLEN] = {0}; + char dst_addr[INET6_ADDRSTRLEN] = {0}; + + if (tuple->ip_type == IP_TYPE_V4) + { + inet_ntop(AF_INET, &tuple->src_addr.v4, src_addr, INET6_ADDRSTRLEN); + inet_ntop(AF_INET, &tuple->dst_addr.v4, dst_addr, INET6_ADDRSTRLEN); + } + else + { + inet_ntop(AF_INET6, &tuple->src_addr.v6, src_addr, INET6_ADDRSTRLEN); + inet_ntop(AF_INET6, &tuple->dst_addr.v6, dst_addr, INET6_ADDRSTRLEN); + } + + snprintf(buf, size, "%s:%u -> %s:%u", + src_addr, ntohs(tuple->src_port), + dst_addr, ntohs(tuple->dst_port)); +} + +void tuple5_tostring(const struct tuple5 *tuple, char *buf, uint32_t size) +{ + char src_addr[INET6_ADDRSTRLEN] = {0}; + char dst_addr[INET6_ADDRSTRLEN] = {0}; + + if (tuple->ip_type == IP_TYPE_V4) + { + inet_ntop(AF_INET, &tuple->src_addr.v4, src_addr, INET6_ADDRSTRLEN); + inet_ntop(AF_INET, &tuple->dst_addr.v4, dst_addr, INET6_ADDRSTRLEN); + } + else + { + inet_ntop(AF_INET6, &tuple->src_addr.v6, src_addr, INET6_ADDRSTRLEN); + inet_ntop(AF_INET6, &tuple->dst_addr.v6, dst_addr, INET6_ADDRSTRLEN); + } + + snprintf(buf, size, "%s:%u -> %s:%u, proto: %u", + src_addr, ntohs(tuple->src_port), + dst_addr, ntohs(tuple->dst_port), + tuple->ip_proto); +} + +void tuple6_tostring(const struct tuple6 *tuple, char *buf, uint32_t size) +{ + char src_addr[INET6_ADDRSTRLEN] = {0}; + char dst_addr[INET6_ADDRSTRLEN] = {0}; + + if (tuple->ip_type == IP_TYPE_V4) + { + inet_ntop(AF_INET, &tuple->src_addr.v4, src_addr, INET6_ADDRSTRLEN); + inet_ntop(AF_INET, &tuple->dst_addr.v4, dst_addr, INET6_ADDRSTRLEN); + } + else + { + inet_ntop(AF_INET6, &tuple->src_addr.v6, src_addr, INET6_ADDRSTRLEN); + inet_ntop(AF_INET6, &tuple->dst_addr.v6, dst_addr, INET6_ADDRSTRLEN); + } + + snprintf(buf, size, "%s:%u -> %s:%u, proto: %u, zone: %lu", + src_addr, ntohs(tuple->src_port), + dst_addr, ntohs(tuple->dst_port), + tuple->ip_proto, tuple->security_zone); +} \ No newline at end of file diff --git a/common/test/CMakeLists.txt b/common/test/CMakeLists.txt index 3150504..f90cf32 100644 --- a/common/test/CMakeLists.txt +++ b/common/test/CMakeLists.txt @@ -26,16 +26,9 @@ target_link_libraries(gtest_session_table common gtest) # gtest_raw_packet ############################################################################### -add_executable(gtest_raw_packet test_raw_packet.cpp) -target_include_directories(gtest_raw_packet PUBLIC ${CMAKE_SOURCE_DIR}/common/include) -target_link_libraries(gtest_raw_packet common gtest) - -############################################################################### -# test_fixed_buffer -############################################################################### - -#add_executable(test_fixed_buffer test_fixed_buffer.cpp ${CMAKE_SOURCE_DIR}/common/src/fixed_buffer.cpp) -#target_include_directories(test_fixed_buffer PUBLIC ${CMAKE_SOURCE_DIR}/common/include) +#add_executable(gtest_raw_packet test_raw_packet.cpp) +#target_include_directories(gtest_raw_packet PUBLIC ${CMAKE_SOURCE_DIR}/common/include) +#target_link_libraries(gtest_raw_packet common gtest) ############################################################################### # gtest_discover_tests @@ -45,5 +38,4 @@ include(GoogleTest) gtest_discover_tests(gtest_addr) gtest_discover_tests(gtest_cmsg) gtest_discover_tests(gtest_session_table) -gtest_discover_tests(gtest_raw_packet) -#gtest_discover_tests(test_fixed_buffer) \ No newline at end of file +#gtest_discover_tests(gtest_raw_packet) diff --git a/common/test/test_raw_packet.cpp b/common/test/test_raw_packet.cpp index be57a76..112843f 100644 --- a/common/test/test_raw_packet.cpp +++ b/common/test/test_raw_packet.cpp @@ -1,10 +1,13 @@ #include #include -#include "tfe_raw_packet.h" +#include "packet.h" +#include "tfe_packet_io.h" bool g_print_to_stderr = true; -void * g_packet_io_logger = NULL; +void *g_packet_io_logger = NULL; +void *g_default_logger = NULL; +extern int raw_traffic_decapsulate(struct packet *handler, const char *raw_data, int raw_len, char **header, int *header_len, int *is_ipv4); /****************************************************************************** * Pcap file: 1-ETH_VLAN_VLAN_IP4_IP4_UDP.pcap @@ -79,17 +82,15 @@ unsigned char data1[] = { TEST(RAW_PACKET, ETH_VLAN_VLAN_IP4_IP4_UDP) { - char *header = NULL; - int header_len = 0; + char *header = NULL; + int header_len = 0; int is_ipv4 = 0; - struct raw_pkt_parser raw_parser; - - raw_packet_parser_init(&raw_parser,0, LAYER_TYPE_ALL, 8); - raw_packet_parser_parse(&raw_parser, (const void *)data1, sizeof(data1), g_packet_io_logger); - raw_traffic_decapsulate(&raw_parser, (char *)data1, sizeof(data1), &header, &header_len, &is_ipv4); - EXPECT_TRUE(header == nullptr); - EXPECT_TRUE(header_len == 0); + struct packet pkt; + packet_parse(&pkt, (const char *)data1, sizeof(data1)); + raw_traffic_decapsulate(&pkt, (const char *)data1, sizeof(data1), &header, &header_len, &is_ipv4); + EXPECT_TRUE(header == nullptr); + EXPECT_TRUE(header_len == 0); } /****************************************************************************** @@ -188,17 +189,15 @@ unsigned char data2[] = { TEST(RAW_PACKET, ETH_IP6_IP4_TCP_SSH) { - char *header = NULL; - int header_len = 0; + char *header = NULL; + int header_len = 0; int is_ipv4 = 0; - struct raw_pkt_parser raw_parser; - - raw_packet_parser_init(&raw_parser, 0, LAYER_TYPE_ALL, 8); - raw_packet_parser_parse(&raw_parser, (const void *)data2, sizeof(data2), g_packet_io_logger); - raw_traffic_decapsulate(&raw_parser, (char *)data2, sizeof(data2), &header, &header_len, &is_ipv4); - EXPECT_TRUE(header == nullptr); - EXPECT_TRUE(header_len == 0); + struct packet pkt; + packet_parse(&pkt, (const char *)data2, sizeof(data2)); + raw_traffic_decapsulate(&pkt, (const char *)data2, sizeof(data2), &header, &header_len, &is_ipv4); + EXPECT_TRUE(header == nullptr); + EXPECT_TRUE(header_len == 0); } /****************************************************************************** @@ -292,15 +291,14 @@ unsigned char data3[] = { TEST(RAW_PACKET, ETH_VLAN_IP6_IP4_GRE_PPP_IP4_UDP_DNS) { char *header = NULL; - int header_len = 0; + int header_len = 0; int is_ipv4 = 0; - struct raw_pkt_parser raw_parser; + struct packet pkt; - raw_packet_parser_init(&raw_parser,0, LAYER_TYPE_ALL, 8); - raw_packet_parser_parse(&raw_parser, (const void *)data3, sizeof(data3), g_packet_io_logger); - raw_traffic_decapsulate(&raw_parser, (char *)data3, sizeof(data3), &header, &header_len, &is_ipv4); - EXPECT_TRUE(header == nullptr); - EXPECT_TRUE(header_len == 0); + packet_parse(&pkt, (const char *)data3, sizeof(data3)); + raw_traffic_decapsulate(&pkt, (const char *)data3, sizeof(data3), &header, &header_len, &is_ipv4); + EXPECT_TRUE(header == nullptr); + EXPECT_TRUE(header_len == 0); } /****************************************************************************** @@ -369,15 +367,14 @@ unsigned char data4[] = { TEST(RAW_PACKET, ETH_IP4_IP6_TCP) { char *header = NULL; - int header_len = 0; + int header_len = 0; int is_ipv4 = 0; - struct raw_pkt_parser raw_parser; + struct packet pkt; - raw_packet_parser_init(&raw_parser,0, LAYER_TYPE_ALL, 8); - raw_packet_parser_parse(&raw_parser, (const void *)data4, sizeof(data4), g_packet_io_logger); - raw_traffic_decapsulate(&raw_parser, (char *)data4, sizeof(data4), &header, &header_len, &is_ipv4); - EXPECT_TRUE(header == nullptr); - EXPECT_TRUE(header_len == 0); + packet_parse(&pkt, (const char *)data4, sizeof(data4)); + raw_traffic_decapsulate(&pkt, (const char *)data4, sizeof(data4), &header, &header_len, &is_ipv4); + EXPECT_TRUE(header == nullptr); + EXPECT_TRUE(header_len == 0); } /****************************************************************************** @@ -432,15 +429,14 @@ unsigned char data5[] = { TEST(RAW_PACKET, ETH_IP6_IP6_UDP) { char *header = NULL; - int header_len = 0; + int header_len = 0; int is_ipv4 = 0; - struct raw_pkt_parser raw_parser; + struct packet pkt; - raw_packet_parser_init(&raw_parser,0, LAYER_TYPE_ALL, 8); - raw_packet_parser_parse(&raw_parser, (const void *)data5, sizeof(data5), g_packet_io_logger); - raw_traffic_decapsulate(&raw_parser, (char *)data5, sizeof(data5), &header, &header_len, &is_ipv4); - EXPECT_TRUE(header == nullptr); - EXPECT_TRUE(header_len == 0); + packet_parse(&pkt, (const char *)data5, sizeof(data5)); + raw_traffic_decapsulate(&pkt, (const char *)data5, sizeof(data5), &header, &header_len, &is_ipv4); + EXPECT_TRUE(header == nullptr); + EXPECT_TRUE(header_len == 0); } /****************************************************************************** @@ -502,15 +498,14 @@ unsigned char data6[] = { TEST(RAW_PACKET, ETH_MPLS_IP4_TCP) { char *header = NULL; - int header_len = 0; + int header_len = 0; int is_ipv4 = 0; - struct raw_pkt_parser raw_parser; + struct packet pkt; - raw_packet_parser_init(&raw_parser,0, LAYER_TYPE_ALL, 8); - raw_packet_parser_parse(&raw_parser, (const void *)data6, sizeof(data6), g_packet_io_logger); - raw_traffic_decapsulate(&raw_parser, (char *)data6, sizeof(data6), &header, &header_len, &is_ipv4); - EXPECT_TRUE(header != nullptr); - EXPECT_TRUE(header_len == 18); + packet_parse(&pkt, (const char *)data6, sizeof(data6)); + raw_traffic_decapsulate(&pkt, (const char *)data6, sizeof(data6), &header, &header_len, &is_ipv4); + EXPECT_TRUE(header != nullptr); + EXPECT_TRUE(header_len == 18); } /****************************************************************************** @@ -577,15 +572,14 @@ unsigned char data7[] = { TEST(RAW_PACKET, ETH_MPLS_MPLS_IP4_TCP) { char *header = NULL; - int header_len = 0; + int header_len = 0; int is_ipv4 = 0; - struct raw_pkt_parser raw_parser; + struct packet pkt; - raw_packet_parser_init(&raw_parser,0, LAYER_TYPE_ALL, 8); - raw_packet_parser_parse(&raw_parser, (const void *)data7, sizeof(data7), g_packet_io_logger); - raw_traffic_decapsulate(&raw_parser, (char *)data7, sizeof(data7), &header, &header_len, &is_ipv4); - EXPECT_TRUE(header != nullptr); - EXPECT_TRUE(header_len == 22); + packet_parse(&pkt, (const char *)data7, sizeof(data7)); + raw_traffic_decapsulate(&pkt, (const char *)data7, sizeof(data7), &header, &header_len, &is_ipv4); + EXPECT_TRUE(header != nullptr); + EXPECT_TRUE(header_len == 22); } /****************************************************************************** @@ -657,15 +651,14 @@ unsigned char data8[] = { TEST(RAW_PACKET, ETH_VLAN_PPPOE_IP4_TCP) { char *header = NULL; - int header_len = 0; + int header_len = 0; int is_ipv4 = 0; - struct raw_pkt_parser raw_parser; + struct packet pkt; - raw_packet_parser_init(&raw_parser,0, LAYER_TYPE_ALL, 8); - raw_packet_parser_parse(&raw_parser, (const void *)data8, sizeof(data8), g_packet_io_logger); - raw_traffic_decapsulate(&raw_parser, (char *)data8, sizeof(data8), &header, &header_len, &is_ipv4); - EXPECT_TRUE(header != nullptr); - EXPECT_TRUE(header_len == 26); + packet_parse(&pkt, (const char *)data8, sizeof(data8)); + raw_traffic_decapsulate(&pkt, (const char *)data8, sizeof(data8), &header, &header_len, &is_ipv4); + EXPECT_TRUE(header != nullptr); + EXPECT_TRUE(header_len == 26); } /****************************************************************************** @@ -796,15 +789,14 @@ unsigned char data9[] = { TEST(RAW_PACKET, ETH_IP6_UDP_GTP_IP6_TCP_TLS) { char *header = NULL; - int header_len = 0; + int header_len = 0; int is_ipv4 = 0; - struct raw_pkt_parser raw_parser; + struct packet pkt; - raw_packet_parser_init(&raw_parser,0, LAYER_TYPE_ALL, 8); - raw_packet_parser_parse(&raw_parser, (const void *)data9, sizeof(data9), g_packet_io_logger); - raw_traffic_decapsulate(&raw_parser, (char *)data9, sizeof(data9), &header, &header_len, &is_ipv4); - EXPECT_TRUE(header == nullptr); - EXPECT_TRUE(header_len == 0); + packet_parse(&pkt, (const char *)data9, sizeof(data9)); + raw_traffic_decapsulate(&pkt, (const char *)data9, sizeof(data9), &header, &header_len, &is_ipv4); + EXPECT_TRUE(header == nullptr); + EXPECT_TRUE(header_len == 0); } /****************************************************************************** @@ -942,15 +934,14 @@ unsigned char data10[] = { TEST(RAW_PACKET, ETH_IP6_UDP_GTP_IP4_TCP_TLS) { char *header = NULL; - int header_len = 0; + int header_len = 0; int is_ipv4 = 0; - struct raw_pkt_parser raw_parser; + struct packet pkt; - raw_packet_parser_init(&raw_parser,0, LAYER_TYPE_ALL, 8); - raw_packet_parser_parse(&raw_parser, (const void *)data10, sizeof(data10), g_packet_io_logger); - raw_traffic_decapsulate(&raw_parser, (char *)data10, sizeof(data10), &header, &header_len, &is_ipv4); - EXPECT_TRUE(header == nullptr); - EXPECT_TRUE(header_len == 0); + packet_parse(&pkt, (const char *)data10, sizeof(data10)); + raw_traffic_decapsulate(&pkt, (const char *)data10, sizeof(data10), &header, &header_len, &is_ipv4); + EXPECT_TRUE(header == nullptr); + EXPECT_TRUE(header_len == 0); } /****************************************************************************** @@ -1030,15 +1021,14 @@ unsigned char data11[] = { TEST(RAW_PACKET, ETH_IP4_UDP_VXLAN_ETH_IP4_UDP_DNS) { char *header = NULL; - int header_len = 0; + int header_len = 0; int is_ipv4 = 0; - struct raw_pkt_parser raw_parser; + struct packet pkt; - raw_packet_parser_init(&raw_parser,0, LAYER_TYPE_ALL, 8); - raw_packet_parser_parse(&raw_parser, (const void *)data11, sizeof(data11), g_packet_io_logger); - raw_traffic_decapsulate(&raw_parser, (char *)data11, sizeof(data11), &header, &header_len, &is_ipv4); - EXPECT_TRUE(header == nullptr); - EXPECT_TRUE(header_len == 0); + packet_parse(&pkt, (const char *)data11, sizeof(data11)); + raw_traffic_decapsulate(&pkt, (const char *)data11, sizeof(data11), &header, &header_len, &is_ipv4); + EXPECT_TRUE(header == nullptr); + EXPECT_TRUE(header_len == 0); } /****************************************************************************** @@ -1080,15 +1070,14 @@ unsigned char data12[] = { TEST(RAW_PACKET, ETH_MPLS_MPLS_PWETHCW_ETH_ARP) { char *header = NULL; - int header_len = 0; + int header_len = 0; int is_ipv4 = 0; - struct raw_pkt_parser raw_parser; + struct packet pkt; - raw_packet_parser_init(&raw_parser,0, LAYER_TYPE_ALL, 8); - raw_packet_parser_parse(&raw_parser, (const void *)data12, sizeof(data12), g_packet_io_logger); - raw_traffic_decapsulate(&raw_parser, (char *)data12, sizeof(data12), &header, &header_len, &is_ipv4); - EXPECT_TRUE(header == nullptr); - EXPECT_TRUE(header_len == 0); + packet_parse(&pkt, (const char *)data12, sizeof(data12)); + raw_traffic_decapsulate(&pkt, (const char *)data12, sizeof(data12), &header, &header_len, &is_ipv4); + EXPECT_TRUE(header == nullptr); + EXPECT_TRUE(header_len == 0); } int main(int argc, char **argv) diff --git a/common/test/test_session_table.cpp b/common/test/test_session_table.cpp index 16849b8..2ef913a 100644 --- a/common/test/test_session_table.cpp +++ b/common/test/test_session_table.cpp @@ -3,8 +3,26 @@ #include "tfe_session_table.h" +#define INIT_ADDR_V4(addr, src_ip_str, src_port_num, dst_ip_str, dst_port_num) \ + struct tuple4 addr; \ + memset(&addr, 0, sizeof(addr)); \ + addr.ip_type = IP_TYPE_V4; \ + addr.src_addr.v4.s_addr = inet_addr(src_ip_str); \ + addr.dst_addr.v4.s_addr = inet_addr(dst_ip_str); \ + addr.src_port = htons(src_port_num); \ + addr.dst_port = htons(dst_port_num); + +#define INIT_ADDR_V6(addr, src_ip_str, src_port_num, dst_ip_str, dst_port_num) \ + struct tuple4 addr; \ + memset(&addr, 0, sizeof(addr)); \ + addr.ip_type = IP_TYPE_V6; \ + inet_pton(AF_INET6, src_ip_str, &addr.src_addr.v6); \ + inet_pton(AF_INET6, dst_ip_str, &addr.dst_addr.v6); \ + addr.src_port = htons(src_port_num); \ + addr.dst_port = htons(dst_port_num); + bool g_print_to_stderr = true; -void * g_packet_io_logger = NULL; +void *g_packet_io_logger = NULL; TEST(STREAM_TABLE, INSERT) { @@ -104,10 +122,10 @@ TEST(STREAM_TABLE, SEARCH_BY_REVERSE_ADDR) char *val_world = strdup("WORLD"); INIT_ADDR_V4(addr1, "1.2.3.4", 1234, "4.3.2.1", 4321); INIT_ADDR_V6(addr2, "2:3:4::5", 2345, "5:4:3::2", 5342); - struct addr_tuple4 addr1_reverse; - struct addr_tuple4 addr2_reverse; - addr_tuple4_reverse(&addr1, &addr1_reverse); - addr_tuple4_reverse(&addr2, &addr2_reverse); + struct tuple4 addr1_reverse; + struct tuple4 addr2_reverse; + tuple4_reverse(&addr1, &addr1_reverse); + tuple4_reverse(&addr2, &addr2_reverse); // TEST Insert EXPECT_TRUE(session_table_insert(table, 1, &addr1, val_hello, free) == 0); @@ -137,10 +155,10 @@ TEST(STREAM_TABLE, DELETE_BY_ID) char *val_world = strdup("WORLD"); INIT_ADDR_V4(addr1, "1.2.3.4", 1234, "4.3.2.1", 4321); INIT_ADDR_V6(addr2, "2:3:4::5", 2345, "5:4:3::2", 5342); - struct addr_tuple4 addr1_reverse; - struct addr_tuple4 addr2_reverse; - addr_tuple4_reverse(&addr1, &addr1_reverse); - addr_tuple4_reverse(&addr2, &addr2_reverse); + struct tuple4 addr1_reverse; + struct tuple4 addr2_reverse; + tuple4_reverse(&addr1, &addr1_reverse); + tuple4_reverse(&addr2, &addr2_reverse); // TEST Insert EXPECT_TRUE(session_table_insert(table, 1, &addr1, val_hello, free) == 0); @@ -174,10 +192,10 @@ TEST(STREAM_TABLE, DELETE_BY_ADDR) char *val_world = strdup("WORLD"); INIT_ADDR_V4(addr1, "1.2.3.4", 1234, "4.3.2.1", 4321); INIT_ADDR_V6(addr2, "2:3:4::5", 2345, "5:4:3::2", 5342); - struct addr_tuple4 addr1_reverse; - struct addr_tuple4 addr2_reverse; - addr_tuple4_reverse(&addr1, &addr1_reverse); - addr_tuple4_reverse(&addr2, &addr2_reverse); + struct tuple4 addr1_reverse; + struct tuple4 addr2_reverse; + tuple4_reverse(&addr1, &addr1_reverse); + tuple4_reverse(&addr2, &addr2_reverse); // TEST Insert EXPECT_TRUE(session_table_insert(table, 1, &addr1, val_hello, free) == 0); @@ -211,10 +229,10 @@ TEST(STREAM_TABLE, DELETE_BY_REVERSE_ADDR) char *val_world = strdup("WORLD"); INIT_ADDR_V4(addr1, "1.2.3.4", 1234, "4.3.2.1", 4321); INIT_ADDR_V6(addr2, "2:3:4::5", 2345, "5:4:3::2", 5342); - struct addr_tuple4 addr1_reverse; - struct addr_tuple4 addr2_reverse; - addr_tuple4_reverse(&addr1, &addr1_reverse); - addr_tuple4_reverse(&addr2, &addr2_reverse); + struct tuple4 addr1_reverse; + struct tuple4 addr2_reverse; + tuple4_reverse(&addr1, &addr1_reverse); + tuple4_reverse(&addr2, &addr2_reverse); // TEST Insert EXPECT_TRUE(session_table_insert(table, 1, &addr1, val_hello, free) == 0); diff --git a/conf/tfe/tfe.conf b/conf/tfe/tfe.conf index b9e50b2..4d56b0b 100644 --- a/conf/tfe/tfe.conf +++ b/conf/tfe/tfe.conf @@ -228,6 +228,11 @@ app_name="proxy_rule_hits" # for enable kni v4 [packet_io] +dup_packet_filter_enable=1 +dup_packet_filter_capacity=1000000 +dup_packet_filter_timeout=10 +# MESA_load_profile not support double +#dup_packet_filter_error_rate=0.00001 packet_io_debug=0 packet_io_threads=8 packet_io_cpu_affinity_mask=1-9 diff --git a/platform/src/acceptor_kni_v4.cpp b/platform/src/acceptor_kni_v4.cpp index 941a084..49ad2ba 100644 --- a/platform/src/acceptor_kni_v4.cpp +++ b/platform/src/acceptor_kni_v4.cpp @@ -20,7 +20,8 @@ #include "tfe_packet_io.h" #include "tfe_session_table.h" #include "tfe_fieldstat.h" - +#include "dablooms.h" +#include "timestamp.h" void * g_packet_io_logger = NULL; @@ -82,6 +83,12 @@ struct acceptor_kni_v4 *acceptor_ctx_create(const char *profile, void *logger) { struct acceptor_kni_v4 *ctx = ALLOC(struct acceptor_kni_v4, 1); + MESA_load_profile_int_def(profile, "PACKET_IO", "dup_packet_filter_enable", (int *)&(ctx->dup_packet_filter_enable), 1); + MESA_load_profile_int_def(profile, "PACKET_IO", "dup_packet_filter_capacity", (int *)&(ctx->dup_packet_filter_capacity), 1000000); + MESA_load_profile_int_def(profile, "PACKET_IO", "dup_packet_filter_timeout", (int *)&(ctx->dup_packet_filter_timeout), 10); + // MESA_load_profile not support double + ctx->dup_packet_filter_error_rate = 0.00001; + MESA_load_profile_int_def(profile, "PACKET_IO", "firewall_sids", (int *)&(ctx->firewall_sids), 1000); MESA_load_profile_int_def(profile, "PACKET_IO", "proxy_sids", (int *)&(ctx->proxy_sids), 1001); MESA_load_profile_int_def(profile, "PACKET_IO", "service_chaining_sids", (int *)&(ctx->sce_sids), 1002); @@ -240,6 +247,10 @@ struct acceptor_kni_v4 *acceptor_kni_v4_create(struct tfe_proxy *proxy, const ch acceptor_ctx->work_threads[i].ret_fs_state = acceptor_ctx->packet_io_fs; acceptor_ctx->work_threads[i].logger = packet_io_logger; acceptor_ctx->work_threads[i].session_table_need_reset = 0; + if (acceptor_ctx->dup_packet_filter_enable) + { + acceptor_ctx->work_threads[i].dup_packet_filter = expiry_dablooms_init(acceptor_ctx->dup_packet_filter_capacity, acceptor_ctx->dup_packet_filter_error_rate, timestamp_get_sec(), acceptor_ctx->dup_packet_filter_timeout); + } } for (int i = 0; i < acceptor_ctx->nr_worker_threads; i++) { diff --git a/platform/src/proxy.cpp b/platform/src/proxy.cpp index 11d5cb4..fbb889c 100644 --- a/platform/src/proxy.cpp +++ b/platform/src/proxy.cpp @@ -53,6 +53,7 @@ #include #include #include +#include /* Breakpad */ #include @@ -296,6 +297,7 @@ static void __gc_handler_cb(evutil_socket_t fd, short what, void * arg) packet_io_fs_dump(ctx->kni_v4_acceptor->packet_io_fs); FS_passive_output(ctx->fs_handle); + timestamp_update(); return; } @@ -691,6 +693,8 @@ int main(int argc, char * argv[]) struct timeval gc_delay = {statsd_cycle, 0}; evtimer_add(g_default_proxy->gcev, &gc_delay); + timestamp_update(); + /* WORKER THREAD CTX Create */ tfe_proxy_work_thread_create_ctx(g_default_proxy); tfe_proxy_acceptor_init(g_default_proxy, main_profile);