2023-05-06 02:23:12 +00:00
# include <MESA/stream.h>
# include <MESA/MESA_handle_logger.h>
# include "tsg_rule.h"
# include "tsg_variable.h"
# include "tsg_send_log.h"
# include "tsg_sync_state.h"
# include "tsg_proxy.h"
2023-05-09 11:26:57 +00:00
# include "tsg_bridge.h"
2023-05-06 02:23:12 +00:00
# define DEFAULT_WINSCLE 0
# define DEFAULT_MSS 1460
enum tsg_proxy_ipv4hdr_parse_error {
TSG_PROXY_IPV4HDR_NULL_PACKET = - 1 ,
} ;
enum tsg_proxy_ipv6hdr_parse_error {
TSG_PROXY_IPV6HDR_NULL_PACKET = - 1 ,
TSG_PROXY_IPV6HDR_NO_TCPHDR = - 2 ,
TSG_PROXY_IPV6HDR_INVALID_TYPE = - 3 ,
} ;
2023-05-10 07:35:03 +00:00
int update_segment_sids ( struct tcp_sids * d_sids_array , unsigned short * s_sids , unsigned int n_s_sids )
2023-05-09 11:26:57 +00:00
{
for ( unsigned int i = 0 ; i < n_s_sids ; i + + )
{
if ( d_sids_array - > num > = 8 )
{
break ;
}
d_sids_array - > value [ d_sids_array - > num + + ] = s_sids [ i ] ;
}
return 1 ;
}
2023-05-06 02:23:12 +00:00
int tsg_proxy_ipv6_header_parse ( const void * a_packet , struct pkt_info * pktinfo ) {
if ( a_packet = = NULL ) {
return TSG_PROXY_IPV6HDR_NULL_PACKET ;
}
pktinfo - > addr_type = ADDR_TYPE_IPV6 ;
pktinfo - > iphdr . v6 = ( struct ip6_hdr * ) a_packet ;
pktinfo - > ip_totlen = ntohs ( pktinfo - > iphdr . v6 - > ip6_ctlun . ip6_un1 . ip6_un1_plen ) + sizeof ( struct ip6_hdr ) ;
uint8_t next_hdr_type = pktinfo - > iphdr . v6 - > ip6_ctlun . ip6_un1 . ip6_un1_nxt ;
char * next_hdr_ptr = ( char * ) pktinfo - > iphdr . v6 + sizeof ( struct ip6_hdr ) ;
int skip_len = 0 ;
int ret = 0 ;
while ( true ) {
switch ( next_hdr_type )
{
case IPPROTO_TCP :
//parse tcphdr
pktinfo - > iphdr_len = next_hdr_ptr - ( char * ) a_packet ;
pktinfo - > tcphdr = ( struct tcphdr * ) next_hdr_ptr ;
pktinfo - > tcphdr_len = pktinfo - > tcphdr - > doff * 4 ;
pktinfo - > data = ( char * ) pktinfo - > tcphdr + pktinfo - > tcphdr_len ;
pktinfo - > data_len = pktinfo - > ip_totlen - pktinfo - > iphdr_len - pktinfo - > tcphdr_len ;
return 0 ;
case IPPROTO_HOPOPTS :
case IPPROTO_ROUTING :
case IPPROTO_AH :
case IPPROTO_DSTOPTS :
skip_len = ( * ( next_hdr_ptr + 1 ) ) * 8 + 8 ;
next_hdr_type = * next_hdr_ptr ;
next_hdr_ptr + = skip_len ;
break ;
case IPPROTO_NONE :
ret = TSG_PROXY_IPV6HDR_NO_TCPHDR ;
goto error_out ;
default :
ret = TSG_PROXY_IPV6HDR_INVALID_TYPE ;
goto error_out ;
}
}
error_out :
return ret ;
}
int tsg_proxy_ipv4_header_parse ( const void * a_packet , struct pkt_info * pktinfo ) {
if ( a_packet = = NULL ) {
return TSG_PROXY_IPV4HDR_NULL_PACKET ;
}
pktinfo - > addr_type = ADDR_TYPE_IPV4 ;
pktinfo - > iphdr . v4 = ( struct iphdr * ) a_packet ;
pktinfo - > iphdr_len = pktinfo - > iphdr . v4 - > ihl * 4 ;
pktinfo - > ip_totlen = ntohs ( pktinfo - > iphdr . v4 - > tot_len ) ;
pktinfo - > tcphdr = ( struct tcphdr * ) ( ( char * ) pktinfo - > iphdr . v4 + pktinfo - > iphdr_len ) ;
pktinfo - > tcphdr_len = pktinfo - > tcphdr - > doff * 4 ;
pktinfo - > data = ( char * ) pktinfo - > tcphdr + pktinfo - > tcphdr_len ;
pktinfo - > data_len = pktinfo - > ip_totlen - pktinfo - > iphdr_len - pktinfo - > tcphdr_len ;
return 0 ;
}
static char * tsg_proxy_ipv4_errmsg_get ( enum tsg_proxy_ipv4hdr_parse_error _errno ) {
switch ( _errno ) {
case TSG_PROXY_IPV4HDR_NULL_PACKET :
return ( char * ) " null packet " ;
default :
return ( char * ) " unknown error " ;
}
}
static char * tsg_proxy_ipv6_errmsg_get ( enum tsg_proxy_ipv6hdr_parse_error _errno ) {
switch ( _errno ) {
case TSG_PROXY_IPV6HDR_NULL_PACKET :
return ( char * ) " null packet " ;
case TSG_PROXY_IPV6HDR_NO_TCPHDR :
return ( char * ) " no tcp header " ;
case TSG_PROXY_IPV6HDR_INVALID_TYPE :
return ( char * ) " invalid header type " ;
default :
return ( char * ) " unknown error " ;
}
}
static void tsg_proxy_ip_header_parse ( const void * a_packet , enum addr_type_t addr_type , const struct streaminfo * stream , struct pkt_info * pktinfo ) {
if ( addr_type = = ADDR_TYPE_IPV6 ) {
int ret = tsg_proxy_ipv6_header_parse ( a_packet , pktinfo ) ;
if ( ret < 0 ) {
char * errmsg = tsg_proxy_ipv6_errmsg_get ( ( enum tsg_proxy_ipv6hdr_parse_error ) ret ) ;
MESA_handle_runtime_log ( g_tsg_para . logger , RLOG_LV_FATAL , " PROXY " , " Failed at parse ipv6 header, errmsg = %s, stream treaceid = %llu " , errmsg , tsg_get_stream_trace_id ( stream ) ) ;
pktinfo - > parse_failed = 1 ;
}
}
else {
int ret = tsg_proxy_ipv4_header_parse ( a_packet , pktinfo ) ;
if ( ret < 0 ) {
char * errmsg = tsg_proxy_ipv4_errmsg_get ( ( enum tsg_proxy_ipv4hdr_parse_error ) ret ) ;
MESA_handle_runtime_log ( g_tsg_para . logger , RLOG_LV_FATAL , " PROXY " , " Failed at parse ipv4 header, errmsg = %s, stream treaceid = %llu " , errmsg , tsg_get_stream_trace_id ( stream ) ) ;
pktinfo - > parse_failed = 1 ;
}
}
return ;
}
static void tsg_proxy_tcpopt_get ( struct tsg_proxy_tcp_option * tcp_opt , struct tcphdr * tcphdr , int tcphdr_len )
{
tcp_opt - > mss = DEFAULT_MSS ;
tcp_opt - > wscale = DEFAULT_WINSCLE ;
tcp_opt - > window = ntohs ( tcphdr - > window ) ;
const unsigned char * ptr = ( ( const unsigned char * ) tcphdr + 20 ) ;
int length = tcphdr_len - 20 ;
while ( length > 0 ) {
int opcode = * ptr + + ;
int opsize ;
switch ( opcode ) {
case TCPOPT_EOL :
return ;
case TCPOPT_NOP : /* Ref: RFC 793 section 3.1 */
length - - ;
continue ;
default :
opsize = * ptr + + ;
if ( opsize < 2 ) /* "silly options" */
return ;
if ( opsize > length )
return ; /* don't parse partial options */
switch ( opcode ) {
case TCPOPT_MAXSEG :
if ( opsize = = TCPOLEN_MAXSEG ) {
uint16_t in_mss = * ( uint16_t * ) ptr ;
if ( in_mss ) {
tcp_opt - > mss = ntohs ( in_mss ) ;
}
}
break ;
case TCPOPT_WINDOW :
if ( opsize = = TCPOLEN_WINDOW ) {
uint8_t snd_wscale = * ( uint8_t * ) ptr ;
// rfc7323 page9: Thus, the shift count MUST be limited to 14 (which allows windows of 2^30 = 1 GiB).
// If a Window Scale option is received with a shift.cnt value larger than 14,
// the TCP SHOULD log the error but MUST use 14 instead of the specified value. */
tcp_opt - > wscale = snd_wscale ;
if ( tcp_opt - > wscale > 14 ) {
tcp_opt - > wscale = 14 ;
}
tcp_opt - > wscale_set = 1 ;
//*wscale_perm=1;
}
break ;
case TCPOPT_TIMESTAMP :
if ( opsize = = TCPOLEN_TIMESTAMP ) {
tcp_opt - > ts_set = 1 ;
tcp_opt - > ts_val = * ( uint32_t * ) ptr ;
tcp_opt - > ts_ecr = * ( uint32_t * ) ( ptr + 4 ) ;
}
break ;
case TCPOPT_SACK_PERMITTED :
if ( opsize = = TCPOLEN_SACK_PERMITTED ) {
tcp_opt - > sack = 1 ;
}
break ;
}
ptr + = opsize - 2 ;
length - = opsize ;
}
}
return ;
}
static int tsg_proxy_rawpkt_info_get ( const void * raw_pkt , struct tsg_proxy_tcp_option * tcp_opt , const struct streaminfo * stream )
{
int ret ;
struct segment_id_list * sids = NULL ;
2023-05-10 07:35:03 +00:00
ret = get_rawpkt_opt_from_streaminfo ( stream , RAW_PKT_GET_SID_LIST , & sids ) ;
2023-05-06 02:23:12 +00:00
if ( ret ! = sizeof ( struct segment_id_list ) ) {
MESA_handle_runtime_log ( g_tsg_para . logger , RLOG_LV_FATAL , " PROXY " , " Failed to get sid list, stream treaceid = %llu, %s " , tsg_get_stream_trace_id ( stream ) , printaddr ( & stream - > addr , stream - > threadnum ) ) ;
return - 1 ;
}
memcpy ( & tcp_opt - > sid_list , sids , sizeof ( struct segment_id_list ) ) ;
void * route_ctx = NULL ;
ret = get_rawpkt_opt_from_streaminfo ( stream , RAW_PKT_GET_ROUTE_CTX , & route_ctx ) ;
if ( ret < 0 ) {
MESA_handle_runtime_log ( g_tsg_para . logger , RLOG_LV_FATAL , " PROXY " , " Failed to get route ctx, stream treaceid = %llu, %s " , tsg_get_stream_trace_id ( stream ) , printaddr ( & stream - > addr , stream - > threadnum ) ) ;
return - 1 ;
}
tcp_opt - > route_ctx_len = ret ;
memcpy ( tcp_opt - > route_ctx , route_ctx , ret ) ;
return 0 ;
}
void tsg_proxy_tcp_parse ( struct tsg_proxy_tcp_attribute * tcp_attr , struct pkt_info * pktinfo , const struct streaminfo * stream )
{
const void * raw_pkt = get_rawpkt_from_streaminfo ( stream ) ;
if ( ! raw_pkt ) {
return ;
}
if ( pktinfo - > tcphdr - > syn & & ! pktinfo - > tcphdr - > ack ) {
tsg_proxy_rawpkt_info_get ( raw_pkt , & tcp_attr - > tcp_opt_client , stream ) ;
tsg_proxy_tcpopt_get ( & tcp_attr - > tcp_opt_client , pktinfo - > tcphdr , pktinfo - > tcphdr_len ) ;
}
if ( pktinfo - > tcphdr - > syn & & pktinfo - > tcphdr - > ack ) {
tsg_proxy_rawpkt_info_get ( raw_pkt , & tcp_attr - > tcp_opt_server , stream ) ;
tsg_proxy_tcpopt_get ( & tcp_attr - > tcp_opt_server , pktinfo - > tcphdr , pktinfo - > tcphdr_len ) ;
}
}
static struct tsg_proxy_tcp_attribute * tsg_proxy_tcp_attribute_get ( const struct streaminfo * stream )
{
2023-05-09 11:26:57 +00:00
struct session_runtime_attribute * srt_attribute = ( struct session_runtime_attribute * ) session_runtime_attribute_new ( stream ) ;
2023-05-06 02:23:12 +00:00
if ( srt_attribute = = NULL ) {
MESA_handle_runtime_log ( g_tsg_para . logger , RLOG_LV_FATAL , " PROXY " , " Failed to get session runtime attribute, stream treaceid = %llu " , tsg_get_stream_trace_id ( stream ) ) ;
return NULL ;
}
if ( srt_attribute - > proxy_tcp_attr = = NULL ) {
srt_attribute - > proxy_tcp_attr = ( struct tsg_proxy_tcp_attribute * ) dictator_malloc ( stream - > threadnum , sizeof ( struct tsg_proxy_tcp_attribute ) ) ;
memset ( srt_attribute - > proxy_tcp_attr , 0 , sizeof ( struct tsg_proxy_tcp_attribute ) ) ;
}
return srt_attribute - > proxy_tcp_attr ;
}
void tsg_proxy_first_data_process ( const struct streaminfo * stream , struct tsg_proxy_tcp_attribute * tcp_attr , struct pkt_info * pktinfo )
{
struct tsg_proxy_tcp_option tcp_opt ;
enum TSG_PROTOCOL tcp_protocol ;
const struct session_runtime_process_context * session_context = session_runtime_process_context_get ( stream ) ;
memset ( & tcp_opt , 0 , sizeof ( struct tsg_proxy_tcp_option ) ) ;
tcp_protocol = srt_process_context_get_protocol ( session_context ) ;
switch ( tcp_protocol )
{
case PROTO_SSL :
tcp_attr - > tcp_protocol = 0x1 ;
break ;
case PROTO_SSH :
tcp_attr - > tcp_protocol = 0x2 ;
break ;
default :
tcp_attr - > tcp_protocol = 0x0 ;
}
if ( tcp_attr - > tcp_opt_client . ts_set & & tcp_attr - > tcp_opt_server . ts_set ) {
tsg_proxy_tcpopt_get ( & tcp_opt , pktinfo - > tcphdr , pktinfo - > tcphdr_len ) ;
if ( stream - > curdir = = DIR_C2S ) {
tcp_attr - > tcp_opt_client . ts_val = tcp_opt . ts_val ;
tcp_attr - > tcp_opt_server . ts_val = tcp_opt . ts_ecr ;
} else {
tcp_attr - > tcp_opt_client . ts_val = tcp_opt . ts_ecr ;
tcp_attr - > tcp_opt_server . ts_val = tcp_opt . ts_val ;
}
}
tcp_attr - > tcp_info_packet_cur_dir = stream - > curdir ;
if ( stream - > curdir = = DIR_C2S ) {
tcp_attr - > tcp_seq = pktinfo - > tcphdr - > seq ;
tcp_attr - > tcp_ack = pktinfo - > tcphdr - > ack_seq ;
} else {
tcp_attr - > tcp_seq = pktinfo - > tcphdr - > ack_seq ;
tcp_attr - > tcp_ack = pktinfo - > tcphdr - > seq ;
}
return ;
}
void tsg_proxy_tcp_options_parse ( const struct streaminfo * stream , const void * a_packet )
{
2023-05-27 09:37:46 +00:00
if ( a_packet = = NULL )
{
return ;
}
struct pkt_info pktinfo ;
struct tsg_proxy_tcp_attribute * tcp_attr = tsg_proxy_tcp_attribute_get ( stream ) ;
2023-05-06 02:23:12 +00:00
2023-05-27 09:37:46 +00:00
if ( tcp_attr = = NULL ) {
return ;
}
2023-05-06 02:23:12 +00:00
2023-05-16 08:04:43 +00:00
if ( tcp_attr - > first_data_pkt_processed ) {
2023-05-06 02:23:12 +00:00
return ;
}
2023-05-27 09:37:46 +00:00
memset ( & pktinfo , 0 , sizeof ( struct pkt_info ) ) ;
tsg_proxy_ip_header_parse ( a_packet , ( enum addr_type_t ) stream - > addr . addrtype , stream , & pktinfo ) ;
if ( pktinfo . parse_failed ) {
MESA_handle_runtime_log ( g_tsg_para . logger , RLOG_LV_FATAL , " PROXY " , " invalid ip header, bypass pkt " ) ;
return ;
}
2023-05-06 02:23:12 +00:00
if ( stream - > ptcpdetail - > datalen > 0 ) {
2023-05-16 08:04:43 +00:00
tsg_proxy_first_data_process ( stream , tcp_attr , & pktinfo ) ;
tcp_attr - > first_data_pkt_processed = 1 ;
2023-05-06 02:23:12 +00:00
return ;
}
tsg_proxy_tcp_parse ( tcp_attr , & pktinfo , stream ) ;
2023-05-27 09:37:46 +00:00
return ;
2023-05-06 02:23:12 +00:00
}
static void tsg_proxy_cmsg_subscriber_fill ( struct session_runtime_attribute * session_attr , struct proxy_cmsg * cmsg )
{
const char * client_subscribe_id = srt_attribute_get_client_subscriber_id ( session_attr ) ;
const char * server_subscribe_id = srt_attribute_get_server_subscriber_id ( session_attr ) ;
if ( client_subscribe_id ) {
cmsg - > src_sub_id = ( char * ) client_subscribe_id ;
}
if ( server_subscribe_id ) {
cmsg - > dst_sub_id = ( char * ) server_subscribe_id ;
}
return ;
}
static void tsg_proxy_cmsg_asn_fill ( struct session_runtime_attribute * session_attr , struct proxy_cmsg * cmsg )
{
const struct asn_info * client_asn = srt_attribute_get_client_ip_asn ( session_attr ) ;
const struct asn_info * server_asn = srt_attribute_get_server_ip_asn ( session_attr ) ;
if ( client_asn ) {
if ( client_asn - > asn_id ) {
cmsg - > src_asn = client_asn - > asn_id ;
}
if ( client_asn - > organization ) {
cmsg - > src_organization = client_asn - > organization ;
}
}
if ( server_asn ) {
if ( server_asn - > asn_id ) {
cmsg - > dst_asn = server_asn - > asn_id ;
}
if ( server_asn - > organization ) {
cmsg - > dst_organization = server_asn - > organization ;
}
}
return ;
}
static void tsg_proxy_cmsg_ip_location_fill ( struct session_runtime_attribute * session_attr , struct proxy_cmsg * cmsg )
{
const struct location_info * client_location = srt_attribute_get_client_ip_location ( session_attr ) ;
const struct location_info * server_location = srt_attribute_get_server_ip_location ( session_attr ) ;
if ( client_location ) {
if ( client_location - > country_full ) {
cmsg - > src_ip_location_country = client_location - > country_full ;
}
if ( client_location - > province_full ) {
cmsg - > src_ip_location_provine = client_location - > province_full ;
}
if ( client_location - > city_full ) {
cmsg - > src_ip_location_city = client_location - > city_full ;
}
if ( client_location - > subdivision_addr ) {
cmsg - > src_ip_location_subdivision = client_location - > subdivision_addr ;
}
}
if ( server_location ) {
if ( server_location - > country_full ) {
cmsg - > dst_ip_location_country = server_location - > country_full ;
}
if ( server_location - > province_full ) {
cmsg - > dst_ip_location_provine = server_location - > province_full ;
}
if ( server_location - > city_full ) {
cmsg - > dst_ip_location_city = server_location - > city_full ;
}
if ( server_location - > subdivision_addr ) {
cmsg - > dst_ip_location_subdivision = server_location - > subdivision_addr ;
}
}
return ;
}
static void tsg_proxy_cmsg_ja3_fingerprint_fill ( struct session_runtime_attribute * session_attr , struct proxy_cmsg * cmsg )
{
const char * ja3_fingerprint = srt_attribute_get_ja3_fingerprint ( session_attr ) ;
if ( ja3_fingerprint ) {
cmsg - > ssl_client_ja3_fingerprint = ( char * ) ja3_fingerprint ;
}
return ;
}
static void tsg_proxy_cmsg_fqdn_category_fill ( struct session_runtime_attribute * session_attr , struct proxy_cmsg * cmsg )
{
size_t n_category_ids = 0 ;
uint32_t category_ids [ 8 ] = { 0 } ;
2023-05-10 07:35:03 +00:00
struct fqdn_cat_id_val * fqdn_cat_ids = & cmsg - > fqdn_cat_ids ;
2023-05-06 02:23:12 +00:00
n_category_ids = srt_attribute_get_category_ids ( session_attr , category_ids , sizeof ( category_ids ) / sizeof ( category_ids [ 0 ] ) ) ;
if ( n_category_ids > 0 & & n_category_ids < = 8 ) {
fqdn_cat_ids - > num = n_category_ids ;
for ( unsigned int i = 0 ; i < n_category_ids ; i + + ) {
fqdn_cat_ids - > value [ i ] = category_ids [ i ] ;
}
}
return ;
}
static void tsg_proxy_tcp_attribute_dump ( tsg_proxy_tcp_attribute * tcp_attr , struct proxy_cmsg * cmsg , const struct streaminfo * stream )
{
struct tsg_proxy_tcp_option * client = & tcp_attr - > tcp_opt_client ;
struct tsg_proxy_tcp_option * server = & tcp_attr - > tcp_opt_server ;
char client_sids_str [ 128 ] = { 0 } ;
char server_sids_str [ 128 ] = { 0 } ;
char temp [ 10 ] = { 0 } ;
MESA_handle_runtime_log ( g_tsg_para . logger , RLOG_LV_DEBUG , " PROXY " , " dump tcp attribute for stream %s, session_id %llu " ,
printaddr ( & stream - > addr , stream - > threadnum ) , tsg_get_stream_trace_id ( stream ) ) ;
MESA_handle_runtime_log ( g_tsg_para . logger , RLOG_LV_DEBUG , " PROXY " , " tcp_seq %u, tcp_ack %u, tcp_protocol %u, tcp_info_packet_cur_dir %u \n " \
" client mss %u, client wscale_set %u, client wscale %u, client sack %u, client ts_set %u, client ts_val %u, client window %u " \
" server mss %u, server wscale_set %u, server wscale %u, server sack %u, server ts_set %u, server ts_val %u, server window %u " ,
tcp_attr - > tcp_seq , tcp_attr - > tcp_ack , tcp_attr - > tcp_protocol , tcp_attr - > tcp_info_packet_cur_dir ,
client - > mss , client - > wscale_set , client - > wscale , client - > sack , client - > ts_set , client - > ts_val , client - > window ,
server - > mss , server - > wscale_set , server - > wscale , server - > sack , server - > ts_set , server - > ts_val , server - > window ) ;
MESA_handle_runtime_log ( g_tsg_para . logger , RLOG_LV_DEBUG , " PROXY " , " tcp_seq_route_ctx len %u, tcp_ack_route_ctx len %u \n " , client - > route_ctx_len , server - > route_ctx_len ) ;
for ( unsigned int i = 0 ; i < client - > sid_list . sz_sidlist ; i + + ) {
snprintf ( temp , sizeof ( temp ) , " %u " , client - > sid_list . sid_list [ i ] ) ;
strcat ( client_sids_str , temp ) ;
strcat ( client_sids_str , " , " ) ;
}
for ( unsigned int i = 0 ; i < server - > sid_list . sz_sidlist ; i + + ) {
snprintf ( temp , sizeof ( temp ) , " %u " , server - > sid_list . sid_list [ i ] ) ;
strcat ( server_sids_str , temp ) ;
strcat ( server_sids_str , " , " ) ;
}
MESA_handle_runtime_log ( g_tsg_para . logger , RLOG_LV_DEBUG , " PROXY " , " tcp_seq_sids num %u, tcp_seq_sids value: %s, tcp_ack_sids num %u, tcp_seq_sids value: %s " ,
client - > sid_list . sz_sidlist , client_sids_str , server - > sid_list . sz_sidlist , server_sids_str ) ;
MESA_handle_runtime_log ( g_tsg_para . logger , RLOG_LV_DEBUG , " proxy " , " client subscribe id: %s \n " \
" server subscribe id: %s \n " \
" client asn: %s \n " \
" server asn: %s \n " \
" client orgnization: %s \n " \
" server orgnization: %s \n " \
" client ip country: %s \n " \
" server ip country: %s \n " \
" client ip province: %s \n " \
" server ip province: %s \n " \
" client ip city: %s \n " \
" server ip city: %s \n " \
" client ip subdevision: %s \n " \
" server ip subdevision: %s \n " \
" ssl ja3 fingerprint:%s \n " ,
cmsg - > src_sub_id ,
cmsg - > dst_sub_id ,
cmsg - > src_asn ,
cmsg - > dst_asn ,
cmsg - > src_organization ,
cmsg - > dst_organization ,
cmsg - > src_ip_location_country ,
cmsg - > dst_ip_location_country ,
cmsg - > src_ip_location_provine ,
cmsg - > dst_ip_location_provine ,
cmsg - > src_ip_location_city ,
cmsg - > dst_ip_location_city ,
cmsg - > src_ip_location_subdivision ,
cmsg - > dst_ip_location_subdivision ,
cmsg - > ssl_client_ja3_fingerprint ) ;
return ;
}
2023-05-09 11:26:57 +00:00
void tsg_proxy_update_policy_fill ( const struct streaminfo * stream , struct update_policy * policy , struct segment_id_list * segment_ids )
2023-05-06 02:23:12 +00:00
{
struct proxy_cmsg * cmsg = & policy - > cmsg ;
struct tsg_proxy_tcp_attribute * tcp_attr = tsg_proxy_tcp_attribute_get ( stream ) ;
struct session_runtime_attribute * session_attr = ( struct session_runtime_attribute * ) session_runtime_attribute_get ( stream ) ;
if ( session_attr = = NULL | | tcp_attr = = NULL ) {
return ;
}
struct tsg_proxy_tcp_option * client = & tcp_attr - > tcp_opt_client ;
struct tsg_proxy_tcp_option * server = & tcp_attr - > tcp_opt_server ;
cmsg - > tcp_seq = tcp_attr - > tcp_seq ;
cmsg - > tcp_ack = tcp_attr - > tcp_ack ;
cmsg - > tcp_protocol = tcp_attr - > tcp_protocol ;
cmsg - > tcp_info_packet_cur_dir = tcp_attr - > tcp_info_packet_cur_dir ;
cmsg - > tcp_mss_client = client - > mss ;
cmsg - > tcp_sack_client = client - > sack ;
cmsg - > tcp_ts_client = client - > ts_set ;
cmsg - > tcp_window_client = client - > window ;
cmsg - > tcp_ts_client_val = client - > ts_val ;
cmsg - > tcp_seq_route_ctx . num = client - > route_ctx_len ;
memcpy ( cmsg - > tcp_seq_route_ctx . value , client - > route_ctx , client - > route_ctx_len ) ;
2023-05-09 11:26:57 +00:00
update_segment_sids ( & cmsg - > tcp_seq_sids , segment_ids - > sid_list + 1 , segment_ids - > sz_sidlist - 1 ) ; // delete intercept sid
update_segment_sids ( & cmsg - > tcp_seq_sids , client - > sid_list . sid_list , client - > sid_list . sz_sidlist ) ;
2023-05-06 02:23:12 +00:00
cmsg - > tcp_mss_server = server - > mss ;
cmsg - > tcp_sack_server = server - > sack ;
cmsg - > tcp_ts_server = server - > ts_set ;
cmsg - > tcp_window_server = server - > window ;
cmsg - > tcp_ts_server_val = server - > ts_val ;
cmsg - > tcp_ack_route_ctx . num = server - > route_ctx_len ;
memcpy ( cmsg - > tcp_ack_route_ctx . value , server - > route_ctx , server - > route_ctx_len ) ;
2023-05-09 11:26:57 +00:00
update_segment_sids ( & cmsg - > tcp_seq_sids , segment_ids - > sid_list + 1 , segment_ids - > sz_sidlist - 1 ) ; // delete intercept sid
update_segment_sids ( & cmsg - > tcp_ack_sids , server - > sid_list . sid_list , server - > sid_list . sz_sidlist ) ;
2023-05-06 02:23:12 +00:00
if ( client - > wscale_set & & server - > wscale_set ) {
cmsg - > tcp_wsacle_exist = 1 ;
cmsg - > tcp_wsacle_client = client - > wscale ;
cmsg - > tcp_wsacle_server = server - > wscale ;
}
tsg_proxy_cmsg_subscriber_fill ( session_attr , cmsg ) ;
tsg_proxy_cmsg_asn_fill ( session_attr , cmsg ) ;
tsg_proxy_cmsg_ip_location_fill ( session_attr , cmsg ) ;
tsg_proxy_cmsg_ja3_fingerprint_fill ( session_attr , cmsg ) ;
tsg_proxy_cmsg_fqdn_category_fill ( session_attr , cmsg ) ;
tsg_proxy_tcp_attribute_dump ( tcp_attr , cmsg , stream ) ;
return ;
2023-05-09 11:26:57 +00:00
}
