#pragma once #include #include #include #include #include #include struct ssl_mgr; struct key_keeper; struct acceptor_kni_v2; struct watchdog_kni; struct breakpad_instance; enum TFE_STAT_FIELD { STAT_SIGPIPE, /* FDs */ STAT_FD_OPEN_BY_KNI_ACCEPT, STAT_FD_CLOSE_BY_KNI_ACCEPT_FAIL, STAT_FD_CLOSE, /* Stream */ STAT_STREAM_OPEN, STAT_STREAM_CLS, STAT_STREAM_CLS_DOWN_EOF, STAT_STREAM_CLS_UP_EOF, STAT_STREAM_CLS_DOWN_ERR, STAT_STREAM_CLS_UP_ERR, STAT_STREAM_CLS_KILL, /* Action */ STAT_STREAM_INTERCEPT, STAT_STREAM_BYPASS, STAT_STREAM_INCPT_BYTES, STAT_STREAM_INCPT_DOWN_BYTES, STAT_STREAM_INCPT_UP_BYTES, /* Protocol */ STAT_STREAM_TCP_PLAIN, STAT_STREAM_TCP_SSL, /* Decrypted Traffic Steering */ STAT_STEERING_SSL_CONN, STAT_STEERING_HTTP_CONN, STAT_STEERING_CLIENT_TX_B, STAT_STEERING_SERVER_RX_B, STAT_STEERING_SERVER_TX_B, STAT_STEERING_CLIENT_RX_B, STAT_STEERING_CLIENT_ERR, STAT_STEERING_SERVER_ERR, STAT_STEERING_CLIENT_EOF, STAT_STEERING_SERVER_EOF, TFE_STAT_MAX }; struct tfe_proxy_tcp_options { /* TCP OPTIONS */ int sz_rcv_buffer; int sz_snd_buffer; /* TRACE FOR DEBUG */ int enable_overwrite; int tcp_nodelay; int so_keepalive; int tcp_keepidle; int tcp_keepintvl; int tcp_keepcnt; int tcp_user_timeout; int tcp_ttl_upstream; int tcp_ttl_downstream; }; struct tfe_traffic_steering_options { int enable_steering_http; int enable_steering_ssl; int so_mask_client; int so_mask_server; char device_client[IFNAMSIZ]; char device_server[IFNAMSIZ]; }; struct tfe_proxy_rate_limit_options { unsigned int read_rate; unsigned int read_burst; unsigned int write_rate; unsigned int write_burst; }; struct tfe_proxy_accept_para { /* Both upstream and downstream FDs */ evutil_socket_t upstream_fd; evutil_socket_t downstream_fd; /* Session Type */ bool is_set_session_type; enum tfe_stream_proto session_type; bool passthrough; /* addition info */ unsigned int keyring_id; }; enum tfe_load_balance_algo { LEAST_CONN = 0, ROUND_ROBIN = 1, }; struct tfe_proxy { char name[TFE_SYMBOL_MAX]; struct event_base * evbase; struct event * sev[8]; struct event * gcev; void * logger; struct fieldstat_easy *fs_handle; unsigned int nr_work_threads; struct tfe_thread_ctx * work_threads[TFE_THREAD_MAX]; int make_work_thread_sleep; unsigned int nr_modules; struct tfe_plugin * modules; struct ssl_mgr * ssl_mgr_handler; struct intercept_policy_enforcer *int_ply_enforcer; struct tcp_policy_enforcer *tcp_ply_enforcer; struct ssl_policy_enforcer *ssl_ply_enforcer; struct chaining_policy_enforcer *chain_ply_enforcer; struct key_keeper * key_keeper_handler; //unsigned int en_kni_v1_acceptor; //unsigned int en_kni_v2_acceptor; //unsigned int en_kni_v3_acceptor; //unsigned int en_kni_v4_acceptor; //struct acceptor_kni_v1 * kni_v1_acceptor; //struct acceptor_kni_v2 * kni_v2_acceptor; //struct acceptor_kni_v3 * kni_v3_acceptor; struct acceptor_kni_v4 * kni_v4_acceptor; struct sender_scm * scm_sender; struct watchdog_kni * watchdog_kni; struct watchdog_tfe * watchdog_tfe; struct watchdog_3rd_device * watchdog_3rd_device; /* DEBUG OPTIONS */ unsigned int tcp_all_passthrough; struct tfe_proxy_tcp_options tcp_options; /* GLOBAL RATELIMIT */ unsigned int en_rate_limit; struct tfe_proxy_rate_limit_options rate_limit_options; /* PERFOMANCE MONIOTR VARIABLES*/ long long stat_val[TFE_STAT_MAX]; int fs_id[TFE_STAT_MAX]; /* Crash Report */ struct breakpad_instance * breakpad; /* cpu affinity */ unsigned int enable_cpu_affinity; unsigned int cpu_affinity_mask[TFE_THREAD_MAX]; /* load balancing */ enum tfe_load_balance_algo load_balance; struct tfe_traffic_steering_options traffic_steering_options; }; extern struct tfe_proxy * g_default_proxy; extern int worker_thread_ready; #define TFE_PROXY_STAT_INCREASE(field, val) \ do { __atomic_fetch_add(&g_default_proxy->stat_val[field], val, __ATOMIC_RELAXED); } while(0) struct tfe_thread_ctx * tfe_proxy_thread_ctx_acquire(struct tfe_proxy * ctx); void tfe_proxy_thread_ctx_release(struct tfe_thread_ctx * thread_ctx); struct tfe_proxy * tfe_proxy_new(const char * profile); int tfe_proxy_fds_accept(struct tfe_proxy * ctx, int fd_downstream, int fd_upstream, int fd_fake_c, int fd_fake_s, struct tfe_cmsg * cmsg); void tfe_proxy_run(struct tfe_proxy * proxy); int tfe_thread_set_affinity(int core_id);