TFE增加Policy Hit Intercept的监控指标
This commit is contained in:
wangmenglan
@@ -1134,18 +1134,22 @@ static int handle_session_opening(struct metadata *meta, marsio_buff_t *rx_buff,
|
||||
DP_TRACE_INFO(packet_io->instance, rx_buff, "packet I/O", "passthrough:%s", reason_invalid_intercept_param);
|
||||
goto passthrough;
|
||||
}
|
||||
if (parser->intercpet_data == 0) {
|
||||
tfe_cmsg_get_value(parser->cmsg, TFE_CMSG_HIT_NO_INTERCEPT, (unsigned char *)&hit_no_intercept, sizeof(hit_no_intercept), &out_size);
|
||||
if (hit_no_intercept == 1) {
|
||||
is_passthrough = 1;
|
||||
set_passthrough_reason(parser->cmsg, reason_no_intercept_param);
|
||||
DP_TRACE_INFO(packet_io->instance, rx_buff, "packet I/O", "passthrough:%s", reason_no_intercept_param);
|
||||
goto passthrough;
|
||||
}
|
||||
|
||||
tfe_cmsg_get_value(parser->cmsg, TFE_CMSG_HIT_NO_INTERCEPT, (unsigned char *)&hit_no_intercept, sizeof(hit_no_intercept), &out_size);
|
||||
if (hit_no_intercept == 1) {
|
||||
is_passthrough = 1;
|
||||
__atomic_fetch_add(&packet_io_fs->hit_no_intercept_num, 1, __ATOMIC_RELAXED);
|
||||
set_passthrough_reason(parser->cmsg, reason_no_intercept_param);
|
||||
DP_TRACE_INFO(packet_io->instance, rx_buff, "packet I/O", "passthrough:%s", reason_no_intercept_param);
|
||||
goto passthrough;
|
||||
}
|
||||
__atomic_fetch_add(&packet_io_fs->hit_intercept_num, 1, __ATOMIC_RELAXED);
|
||||
|
||||
if (parser->intercpet_data == 0) {
|
||||
ret = tcp_policy_enforce(thread->ref_proxy->tcp_ply_enforcer, parser->cmsg);
|
||||
if (ret != 0) {
|
||||
is_passthrough = 1;
|
||||
__atomic_fetch_add(&packet_io_fs->tcp_pcy_inval_num, 1, __ATOMIC_RELAXED);
|
||||
set_passthrough_reason(parser->cmsg, reason_invalid_tcp_policy_param);
|
||||
DP_TRACE_INFO(packet_io->instance, rx_buff, "packet I/O", "passthrough:%s", reason_invalid_tcp_policy_param);
|
||||
goto passthrough;
|
||||
@@ -1160,6 +1164,7 @@ static int handle_session_opening(struct metadata *meta, marsio_buff_t *rx_buff,
|
||||
|
||||
if (overwrite_tcp_mss(parser->cmsg, &restore_info, meta->session_id, logger)) {
|
||||
is_passthrough = 1;
|
||||
__atomic_fetch_add(&packet_io_fs->tcp_pcy_inval_num, 1, __ATOMIC_RELAXED);
|
||||
set_passthrough_reason(parser->cmsg, reason_invalid_tcp_policy_param);
|
||||
DP_TRACE_INFO(packet_io->instance, rx_buff, "packet I/O", "passthrough:%s", reason_invalid_tcp_policy_param);
|
||||
goto passthrough;
|
||||
@@ -1171,6 +1176,7 @@ static int handle_session_opening(struct metadata *meta, marsio_buff_t *rx_buff,
|
||||
if (fd_upstream < 0) {
|
||||
TFE_LOG_ERROR(logger, "%s: session %lu Failed at tcp_restore_fd_create(UPSTREAM)", LOG_TAG_PKTIO, meta->session_id);
|
||||
is_passthrough = 1;
|
||||
__atomic_fetch_add(&packet_io_fs->tcp_pcy_inval_num, 1, __ATOMIC_RELAXED);
|
||||
set_passthrough_reason(parser->cmsg, reason_invalid_tcp_policy_param);
|
||||
DP_TRACE_INFO(packet_io->instance, rx_buff, "packet I/O", "passthrough:%s", reason_invalid_tcp_policy_param);
|
||||
goto passthrough;
|
||||
@@ -1182,6 +1188,7 @@ static int handle_session_opening(struct metadata *meta, marsio_buff_t *rx_buff,
|
||||
{
|
||||
TFE_LOG_ERROR(logger, "%s: session %lu Failed at tcp_restore_fd_create(DOWNSTREAM)", LOG_TAG_PKTIO, meta->session_id);
|
||||
is_passthrough = 1;
|
||||
__atomic_fetch_add(&packet_io_fs->tcp_pcy_inval_num, 1, __ATOMIC_RELAXED);
|
||||
set_passthrough_reason(parser->cmsg, reason_invalid_tcp_policy_param);
|
||||
DP_TRACE_INFO(packet_io->instance, rx_buff, "packet I/O", "passthrough:%s", reason_invalid_tcp_policy_param);
|
||||
goto passthrough;
|
||||
@@ -1199,6 +1206,7 @@ static int handle_session_opening(struct metadata *meta, marsio_buff_t *rx_buff,
|
||||
{
|
||||
TFE_LOG_ERROR(logger, "%s: session %lu Failed at tcp_restore_fd_create(fd_fake_c)", LOG_TAG_PKTIO, meta->session_id);
|
||||
is_passthrough = 1;
|
||||
__atomic_fetch_add(&packet_io_fs->tcp_pcy_inval_num, 1, __ATOMIC_RELAXED);
|
||||
set_passthrough_reason(parser->cmsg, reason_invalid_tcp_policy_param);
|
||||
DP_TRACE_INFO(packet_io->instance, rx_buff, "packet I/O", "passthrough:%s", reason_invalid_tcp_policy_param);
|
||||
goto passthrough;
|
||||
@@ -1209,6 +1217,7 @@ static int handle_session_opening(struct metadata *meta, marsio_buff_t *rx_buff,
|
||||
{
|
||||
TFE_LOG_ERROR(logger, "%s: session %lu Failed at tcp_restore_fd_create(fd_fake_s)", LOG_TAG_PKTIO, meta->session_id);
|
||||
is_passthrough = 1;
|
||||
__atomic_fetch_add(&packet_io_fs->tcp_pcy_inval_num, 1, __ATOMIC_RELAXED);
|
||||
set_passthrough_reason(parser->cmsg, reason_invalid_tcp_policy_param);
|
||||
DP_TRACE_INFO(packet_io->instance, rx_buff, "packet I/O", "passthrough:%s", reason_invalid_tcp_policy_param);
|
||||
goto passthrough;
|
||||
@@ -1226,18 +1235,22 @@ static int handle_session_opening(struct metadata *meta, marsio_buff_t *rx_buff,
|
||||
{
|
||||
TFE_LOG_ERROR(logger, "%s: session %lu Failed at tfe_proxy_fds_accept()", LOG_TAG_PKTIO, meta->session_id);
|
||||
is_passthrough = 1;
|
||||
__atomic_fetch_add(&packet_io_fs->tcp_pcy_inval_num, 1, __ATOMIC_RELAXED);
|
||||
set_passthrough_reason(parser->cmsg, reason_invalid_tcp_policy_param);
|
||||
DP_TRACE_INFO(packet_io->instance, rx_buff, "packet I/O", "passthrough:%s", reason_invalid_tcp_policy_param);
|
||||
goto passthrough;
|
||||
}
|
||||
__atomic_fetch_add(&packet_io_fs->can_intercept_num, 1, __ATOMIC_RELAXED);
|
||||
}
|
||||
else if (parser->intercpet_data & (IS_SINGLE | IS_TUNNEL)) {
|
||||
is_passthrough = 1;
|
||||
set_passthrough_reason(parser->cmsg, reason_underlying_stream_error);
|
||||
if (parser->intercpet_data & IS_SINGLE) {
|
||||
DP_TRACE_INFO(packet_io->instance, rx_buff, "packet I/O", "passthrough:%s:single", reason_underlying_stream_error);
|
||||
__atomic_fetch_add(&packet_io_fs->asymmetric_num, 1, __ATOMIC_RELAXED);
|
||||
DP_TRACE_INFO(packet_io->instance, rx_buff, "packet I/O", "passthrough:%s:asymmetric", reason_underlying_stream_error);
|
||||
}
|
||||
else if (parser->intercpet_data & IS_TUNNEL) {
|
||||
__atomic_fetch_add(&packet_io_fs->tunnel_num, 1, __ATOMIC_RELAXED);
|
||||
DP_TRACE_INFO(packet_io->instance, rx_buff, "packet I/O", "passthrough:%s:tunnel", reason_underlying_stream_error);
|
||||
}
|
||||
}
|
||||
@@ -1849,9 +1862,6 @@ int packet_io_polling_nf_interface(struct packet_io *handle, int thread_seq, voi
|
||||
|
||||
if (is_downstream_keepalive_packet(rx_buff))
|
||||
{
|
||||
throughput_metrics_inc(&packet_io_fs->raw_pkt_rx, 1, raw_len);
|
||||
throughput_metrics_inc(&packet_io_fs->raw_pkt_tx, 1, raw_len);
|
||||
|
||||
throughput_metrics_inc(&packet_io_fs->keepalived_pkt_rx, 1, raw_len);
|
||||
throughput_metrics_inc(&packet_io_fs->keepalived_pkt_tx, 1, raw_len);
|
||||
|
||||
@@ -1879,9 +1889,6 @@ int packet_io_polling_nf_interface(struct packet_io *handle, int thread_seq, voi
|
||||
|
||||
if (marsio_buff_is_ctrlbuf(rx_buff))
|
||||
{
|
||||
throughput_metrics_inc(&packet_io_fs->raw_pkt_rx, 1, raw_len);
|
||||
throughput_metrics_inc(&packet_io_fs->raw_pkt_tx, 1, raw_len);
|
||||
|
||||
throughput_metrics_inc(&packet_io_fs->ctrl_pkt_rx, 1, raw_len);
|
||||
throughput_metrics_inc(&packet_io_fs->ctrl_pkt_tx, 1, raw_len);
|
||||
// all control packet need bypass
|
||||
@@ -1911,8 +1918,6 @@ void handle_decryption_packet_from_tap(const char *data, int len, void *args)
|
||||
packet_parse(&pkt, (const char *)data, len);
|
||||
packet_get_innermost_tuple4(&pkt, &inner_addr);
|
||||
|
||||
throughput_metrics_inc(&packet_io_fs->decrypt_rx, 1, len);
|
||||
|
||||
struct session_node *node = session_table_search_by_addr(thread->session_table, &inner_addr);
|
||||
if (node == NULL) {
|
||||
if (thread->ref_acceptor_ctx->debug)
|
||||
|
||||
Reference in New Issue
Block a user