diff --git a/common/include/tfe_packet_io_fs.h b/common/include/tfe_packet_io_fs.h index 8749517..829383f 100644 --- a/common/include/tfe_packet_io_fs.h +++ b/common/include/tfe_packet_io_fs.h @@ -48,6 +48,14 @@ struct packet_io_fs uint64_t ctrl_pkt_resetall_num; // 累计值 uint64_t ctrl_pkt_error_num; // 累计值 + uint64_t hit_intercept_num; // 累计值 + uint64_t hit_no_intercept_num; // 累计值 + uint64_t can_intercept_num; // 累计值 + + uint64_t asymmetric_num; // 累计值 + uint64_t tunnel_num; // 累计值 + uint64_t tcp_pcy_inval_num; // 累计值 + uint64_t session_num; // 瞬时值 uint64_t session_log; // 瞬时值 diff --git a/common/src/tfe_packet_io.cpp b/common/src/tfe_packet_io.cpp index 5b7dfd6..28463dd 100644 --- a/common/src/tfe_packet_io.cpp +++ b/common/src/tfe_packet_io.cpp @@ -1134,18 +1134,22 @@ static int handle_session_opening(struct metadata *meta, marsio_buff_t *rx_buff, DP_TRACE_INFO(packet_io->instance, rx_buff, "packet I/O", "passthrough:%s", reason_invalid_intercept_param); goto passthrough; } - if (parser->intercpet_data == 0) { - tfe_cmsg_get_value(parser->cmsg, TFE_CMSG_HIT_NO_INTERCEPT, (unsigned char *)&hit_no_intercept, sizeof(hit_no_intercept), &out_size); - if (hit_no_intercept == 1) { - is_passthrough = 1; - set_passthrough_reason(parser->cmsg, reason_no_intercept_param); - DP_TRACE_INFO(packet_io->instance, rx_buff, "packet I/O", "passthrough:%s", reason_no_intercept_param); - goto passthrough; - } + tfe_cmsg_get_value(parser->cmsg, TFE_CMSG_HIT_NO_INTERCEPT, (unsigned char *)&hit_no_intercept, sizeof(hit_no_intercept), &out_size); + if (hit_no_intercept == 1) { + is_passthrough = 1; + __atomic_fetch_add(&packet_io_fs->hit_no_intercept_num, 1, __ATOMIC_RELAXED); + set_passthrough_reason(parser->cmsg, reason_no_intercept_param); + DP_TRACE_INFO(packet_io->instance, rx_buff, "packet I/O", "passthrough:%s", reason_no_intercept_param); + goto passthrough; + } + __atomic_fetch_add(&packet_io_fs->hit_intercept_num, 1, __ATOMIC_RELAXED); + + if (parser->intercpet_data == 0) { ret = tcp_policy_enforce(thread->ref_proxy->tcp_ply_enforcer, parser->cmsg); if (ret != 0) { is_passthrough = 1; + __atomic_fetch_add(&packet_io_fs->tcp_pcy_inval_num, 1, __ATOMIC_RELAXED); set_passthrough_reason(parser->cmsg, reason_invalid_tcp_policy_param); DP_TRACE_INFO(packet_io->instance, rx_buff, "packet I/O", "passthrough:%s", reason_invalid_tcp_policy_param); goto passthrough; @@ -1160,6 +1164,7 @@ static int handle_session_opening(struct metadata *meta, marsio_buff_t *rx_buff, if (overwrite_tcp_mss(parser->cmsg, &restore_info, meta->session_id, logger)) { is_passthrough = 1; + __atomic_fetch_add(&packet_io_fs->tcp_pcy_inval_num, 1, __ATOMIC_RELAXED); set_passthrough_reason(parser->cmsg, reason_invalid_tcp_policy_param); DP_TRACE_INFO(packet_io->instance, rx_buff, "packet I/O", "passthrough:%s", reason_invalid_tcp_policy_param); goto passthrough; @@ -1171,6 +1176,7 @@ static int handle_session_opening(struct metadata *meta, marsio_buff_t *rx_buff, if (fd_upstream < 0) { TFE_LOG_ERROR(logger, "%s: session %lu Failed at tcp_restore_fd_create(UPSTREAM)", LOG_TAG_PKTIO, meta->session_id); is_passthrough = 1; + __atomic_fetch_add(&packet_io_fs->tcp_pcy_inval_num, 1, __ATOMIC_RELAXED); set_passthrough_reason(parser->cmsg, reason_invalid_tcp_policy_param); DP_TRACE_INFO(packet_io->instance, rx_buff, "packet I/O", "passthrough:%s", reason_invalid_tcp_policy_param); goto passthrough; @@ -1182,6 +1188,7 @@ static int handle_session_opening(struct metadata *meta, marsio_buff_t *rx_buff, { TFE_LOG_ERROR(logger, "%s: session %lu Failed at tcp_restore_fd_create(DOWNSTREAM)", LOG_TAG_PKTIO, meta->session_id); is_passthrough = 1; + __atomic_fetch_add(&packet_io_fs->tcp_pcy_inval_num, 1, __ATOMIC_RELAXED); set_passthrough_reason(parser->cmsg, reason_invalid_tcp_policy_param); DP_TRACE_INFO(packet_io->instance, rx_buff, "packet I/O", "passthrough:%s", reason_invalid_tcp_policy_param); goto passthrough; @@ -1199,6 +1206,7 @@ static int handle_session_opening(struct metadata *meta, marsio_buff_t *rx_buff, { TFE_LOG_ERROR(logger, "%s: session %lu Failed at tcp_restore_fd_create(fd_fake_c)", LOG_TAG_PKTIO, meta->session_id); is_passthrough = 1; + __atomic_fetch_add(&packet_io_fs->tcp_pcy_inval_num, 1, __ATOMIC_RELAXED); set_passthrough_reason(parser->cmsg, reason_invalid_tcp_policy_param); DP_TRACE_INFO(packet_io->instance, rx_buff, "packet I/O", "passthrough:%s", reason_invalid_tcp_policy_param); goto passthrough; @@ -1209,6 +1217,7 @@ static int handle_session_opening(struct metadata *meta, marsio_buff_t *rx_buff, { TFE_LOG_ERROR(logger, "%s: session %lu Failed at tcp_restore_fd_create(fd_fake_s)", LOG_TAG_PKTIO, meta->session_id); is_passthrough = 1; + __atomic_fetch_add(&packet_io_fs->tcp_pcy_inval_num, 1, __ATOMIC_RELAXED); set_passthrough_reason(parser->cmsg, reason_invalid_tcp_policy_param); DP_TRACE_INFO(packet_io->instance, rx_buff, "packet I/O", "passthrough:%s", reason_invalid_tcp_policy_param); goto passthrough; @@ -1226,18 +1235,22 @@ static int handle_session_opening(struct metadata *meta, marsio_buff_t *rx_buff, { TFE_LOG_ERROR(logger, "%s: session %lu Failed at tfe_proxy_fds_accept()", LOG_TAG_PKTIO, meta->session_id); is_passthrough = 1; + __atomic_fetch_add(&packet_io_fs->tcp_pcy_inval_num, 1, __ATOMIC_RELAXED); set_passthrough_reason(parser->cmsg, reason_invalid_tcp_policy_param); DP_TRACE_INFO(packet_io->instance, rx_buff, "packet I/O", "passthrough:%s", reason_invalid_tcp_policy_param); goto passthrough; } + __atomic_fetch_add(&packet_io_fs->can_intercept_num, 1, __ATOMIC_RELAXED); } else if (parser->intercpet_data & (IS_SINGLE | IS_TUNNEL)) { is_passthrough = 1; set_passthrough_reason(parser->cmsg, reason_underlying_stream_error); if (parser->intercpet_data & IS_SINGLE) { - DP_TRACE_INFO(packet_io->instance, rx_buff, "packet I/O", "passthrough:%s:single", reason_underlying_stream_error); + __atomic_fetch_add(&packet_io_fs->asymmetric_num, 1, __ATOMIC_RELAXED); + DP_TRACE_INFO(packet_io->instance, rx_buff, "packet I/O", "passthrough:%s:asymmetric", reason_underlying_stream_error); } else if (parser->intercpet_data & IS_TUNNEL) { + __atomic_fetch_add(&packet_io_fs->tunnel_num, 1, __ATOMIC_RELAXED); DP_TRACE_INFO(packet_io->instance, rx_buff, "packet I/O", "passthrough:%s:tunnel", reason_underlying_stream_error); } } @@ -1849,9 +1862,6 @@ int packet_io_polling_nf_interface(struct packet_io *handle, int thread_seq, voi if (is_downstream_keepalive_packet(rx_buff)) { - throughput_metrics_inc(&packet_io_fs->raw_pkt_rx, 1, raw_len); - throughput_metrics_inc(&packet_io_fs->raw_pkt_tx, 1, raw_len); - throughput_metrics_inc(&packet_io_fs->keepalived_pkt_rx, 1, raw_len); throughput_metrics_inc(&packet_io_fs->keepalived_pkt_tx, 1, raw_len); @@ -1879,9 +1889,6 @@ int packet_io_polling_nf_interface(struct packet_io *handle, int thread_seq, voi if (marsio_buff_is_ctrlbuf(rx_buff)) { - throughput_metrics_inc(&packet_io_fs->raw_pkt_rx, 1, raw_len); - throughput_metrics_inc(&packet_io_fs->raw_pkt_tx, 1, raw_len); - throughput_metrics_inc(&packet_io_fs->ctrl_pkt_rx, 1, raw_len); throughput_metrics_inc(&packet_io_fs->ctrl_pkt_tx, 1, raw_len); // all control packet need bypass @@ -1911,8 +1918,6 @@ void handle_decryption_packet_from_tap(const char *data, int len, void *args) packet_parse(&pkt, (const char *)data, len); packet_get_innermost_tuple4(&pkt, &inner_addr); - throughput_metrics_inc(&packet_io_fs->decrypt_rx, 1, len); - struct session_node *node = session_table_search_by_addr(thread->session_table, &inner_addr); if (node == NULL) { if (thread->ref_acceptor_ctx->debug) diff --git a/common/src/tfe_packet_io_fs.cpp b/common/src/tfe_packet_io_fs.cpp index 602fac7..e6c8628 100644 --- a/common/src/tfe_packet_io_fs.cpp +++ b/common/src/tfe_packet_io_fs.cpp @@ -8,6 +8,10 @@ enum PACKET_IO_STAT_FIELD { + STAT_HIT_INTERCEPT_POLICY, + STAT_HIT_NO_INTERCEPT_POLICY, + STAT_CAN_INTERCEPT, + // dev nf interface STAT_RAW_PKT_RX_PKT, STAT_RAW_PKT_RX_B, @@ -45,6 +49,10 @@ enum PACKET_IO_STAT_FIELD STAT_TAP_S_TX_PKT, STAT_TAP_S_TX_B, + STAT_ASYMMETRIC_NUM, + STAT_TUNNEL_NUM, + STAT_TCP_PCY_INVAL_NUM, + // keepalived packet STAT_KEEPALIVED_RX_PKT, STAT_KEEPALIVED_RX_B, @@ -72,6 +80,13 @@ enum PACKET_IO_STAT_FIELD static const char *stat_map[] = { + // hit policy intercept + [STAT_HIT_INTERCEPT_POLICY] = "hit_intercept", + // hit policy no intercept + [STAT_HIT_NO_INTERCEPT_POLICY] = "hit_no_intercept", + + [STAT_CAN_INTERCEPT] = "can_intercept", + // dev nf interface [STAT_RAW_PKT_RX_PKT] = "raw_rx_pkt", [STAT_RAW_PKT_RX_B] = "raw_rx_B", @@ -113,6 +128,10 @@ static const char *stat_map[] = [STAT_TAP_S_TX_PKT] = "tap_s_tx_pkt", [STAT_TAP_S_TX_B] = "tap_s_tx_B", + [STAT_ASYMMETRIC_NUM] = "asymmetric", + [STAT_TUNNEL_NUM] = "tunnel", + [STAT_TCP_PCY_INVAL_NUM] = "tcp_pcy_inval", + // keepalived packet [STAT_KEEPALIVED_RX_PKT] = "keep_rx_pkt", [STAT_KEEPALIVED_RX_B] = "keep_rx_B", @@ -181,6 +200,10 @@ void packet_io_fs_dump(struct packet_io_fs *handle) if (handle == NULL) return; + FS_operate(handle->fs_handle, handle->fs_id[STAT_HIT_INTERCEPT_POLICY], 0, FS_OP_SET, __atomic_fetch_add(&(handle->hit_intercept_num), 0, __ATOMIC_RELAXED)); + FS_operate(handle->fs_handle, handle->fs_id[STAT_HIT_NO_INTERCEPT_POLICY], 0, FS_OP_SET, __atomic_fetch_add(&(handle->hit_no_intercept_num), 0, __ATOMIC_RELAXED)); + FS_operate(handle->fs_handle, handle->fs_id[STAT_CAN_INTERCEPT], 0, FS_OP_SET, __atomic_fetch_add(&(handle->can_intercept_num), 0, __ATOMIC_RELAXED)); + FS_operate(handle->fs_handle, handle->fs_id[STAT_RAW_PKT_RX_PKT], 0, FS_OP_SET, __atomic_fetch_add(&(handle->raw_pkt_rx.n_pkts), 0, __ATOMIC_RELAXED)); FS_operate(handle->fs_handle, handle->fs_id[STAT_RAW_PKT_RX_B], 0, FS_OP_SET, __atomic_fetch_add(&(handle->raw_pkt_rx.n_bytes), 0, __ATOMIC_RELAXED)); FS_operate(handle->fs_handle, handle->fs_id[STAT_RAW_PKT_TX_PKT], 0, FS_OP_SET, __atomic_fetch_add(&(handle->raw_pkt_tx.n_pkts), 0, __ATOMIC_RELAXED)); @@ -217,6 +240,10 @@ void packet_io_fs_dump(struct packet_io_fs *handle) FS_operate(handle->fs_handle, handle->fs_id[STAT_TAP_S_TX_PKT], 0, FS_OP_SET, __atomic_fetch_add(&(handle->tap_s_pkt_tx.n_pkts), 0, __ATOMIC_RELAXED)); FS_operate(handle->fs_handle, handle->fs_id[STAT_TAP_S_TX_B], 0, FS_OP_SET, __atomic_fetch_add(&(handle->tap_s_pkt_tx.n_bytes), 0, __ATOMIC_RELAXED)); + FS_operate(handle->fs_handle, handle->fs_id[STAT_ASYMMETRIC_NUM], 0, FS_OP_SET, __atomic_fetch_add(&(handle->asymmetric_num), 0, __ATOMIC_RELAXED)); + FS_operate(handle->fs_handle, handle->fs_id[STAT_TUNNEL_NUM], 0, FS_OP_SET, __atomic_fetch_add(&(handle->tunnel_num), 0, __ATOMIC_RELAXED)); + FS_operate(handle->fs_handle, handle->fs_id[STAT_TCP_PCY_INVAL_NUM], 0, FS_OP_SET, __atomic_fetch_add(&(handle->tcp_pcy_inval_num), 0, __ATOMIC_RELAXED)); + // keepalived packet FS_operate(handle->fs_handle, handle->fs_id[STAT_KEEPALIVED_RX_PKT], 0, FS_OP_SET, __atomic_fetch_add(&(handle->keepalived_pkt_rx.n_pkts), 0, __ATOMIC_RELAXED)); FS_operate(handle->fs_handle, handle->fs_id[STAT_KEEPALIVED_RX_B], 0, FS_OP_SET, __atomic_fetch_add(&(handle->keepalived_pkt_rx.n_bytes), 0, __ATOMIC_RELAXED));