tango-tsg-master/src/tsg_entry.h

#ifndef	__TSG_ENTRY_H__
#define	__TSG_ENTRY_H__

#include <MESA/Maat_rule.h>
#include <MESA/field_stat2.h>
#include "tsg_rule.h"
#include "tsg_label.h"
#include "tsg_statistic.h"

#if(__GNUC__ * 100 + __GNUC_MINOR__ * 10 + __GNUC_PATCHLEVEL__ >= 411)
#define atomic_inc(x) __sync_add_and_fetch((x),1)
#define atomic_dec(x) __sync_sub_and_fetch((x),1)
#define atomic_add(x,y) __sync_add_and_fetch((x),(y))
#define atomic_sub(x,y) __sync_sub_and_fetch((x),(y))
typedef int atomic_t;
#define ATOMIC_INIT(i)  { (i) }
#define atomic_read(x) __sync_add_and_fetch((x),0)
#define atomic_set(x,y) __sync_lock_test_and_set((x),y)
#else 
#include <alsa/iatomic.h>
#endif 

#ifndef MIN
#define MIN(a, b)  	(((a) < (b)) ? (a) : (b))
#endif

#ifndef	PRINTADDR
#define	PRINTADDR(a, b)	((b)<RLOG_LV_FATAL ? printaddr(&(a->addr), a->threadnum) : "")
#endif

#define	DNS_PROTO_ID	103
#define	FTP_PROTO_ID	104
#define	HTTP_PROTO_ID	106
#define	MAIL_PROTO_ID	110
#define	QUIC_PROTO_ID	119
#define	SIP_PROTO_ID	120
#define	SSL_PROTO_ID	126
#define	RTP_PROTO_ID	142

#define	APP_SCAN_FLAG_STOP	0
#define	APP_SCAN_FLAG_CONTINUE	1

enum MASTER_TABLE{
	TABLE_SECURITY_COMPILE=0,
	TABLE_IP_ADDR,
	TABLE_SUBSCRIBER_ID,
	TABLE_APP_ID,
	TABLE_HTTP_HOST,
	TABLE_SSL_SNI,
	TABLE_EXCLUSION_SSL_SNI,
	TABLE_SRC_ASN,
	TABLE_DST_ASN,
	TABLE_SRC_LOCATION,
	TABLE_DST_LOCATION,
	TABLE_ASN_USER_DEFINED,
	TABLE_ASN_BUILT_IN,
	TABLE_LOCATION_USER_DEFINED,
	TABLE_LOCATION_BUILT_IN,
	TABLE_QUIC_SNI,
	TABLE_FQDN_CAT_ID,
	TABLE_FQDN_CAT_USER_DEFINED,
	TABLE_FQDN_CAT_BUILT_IN,
	TABLE_APP_ID_DICT,
	TABLE_SELECTOR_ID,
	TABLE_SELECTOR_PROPERTIES,
	TABLE_MAX
};


enum TSG_FS2_TYPE{
	TSG_FS2_TCP_LINKS=0,
	TSG_FS2_UDP_LINKS,
	TSG_FS2_BYPASS,
	TSG_FS2_HIT_ADDR,
	TSG_FS2_HIT_SHARE,
	TSG_FS2_INTERCEPT,
	TSG_FS2_EXCLUSION,
	TSG_FS2_SUCCESS_LOG,
	TSG_FS2_FAILED_LOG,
	TSG_FS2_DROP_LOG,
	TSG_FS2_ABORT_ALLOW,
	TSG_FS2_ABORT_DENY,
	TSG_FS2_ABORT_MONITOR,
	TSG_FS2_ABORT_INTERCEPT,
	TSG_FS2_ABORT_UNKNOWN,
	TSG_FS2_MAX
};

enum TSG_ATTRIBUTE_TYPE
{
	TSG_ATTRIBUTE_TYPE_ESTABLISH_LATECY=0,
	TSG_ATTRIBUTE_TYPE_PROTOCOL,
	TSG_ATTRIBUTE_TYPE_JA3_HASH,
	_MAX_TSG_ATTRIBUTE_TYPE
};

struct _str2index
{
	int index;
	int len;
	char *type;
};

struct _fqdn_category_t
{
	int ref_cnt;	
	unsigned int category_id;
	int match_method;
	char fqdn[MAX_DOAMIN_LEN/8];
};

struct master_context
{
	tsg_protocol_t proto;
	int hit_cnt;
	int app_id;
	int is_default_policy;
	char continue_scan_app_id;
	char continue_scan_proto_id;
	unsigned short basic_proto_id;
	int domain_len;
	char domain[MAX_DOAMIN_LEN];
	struct Maat_rule_t *result;
	scan_status_t mid;
};

#define	_MAX_TABLE_NAME_LEN	64
typedef	struct _tsg_para
{
	int level;	
	int mail_proto_id;
	unsigned short timeout;
	unsigned short depolyment_mode;
	int app_id_table_type;
	int device_id;
	int entrance_id;
	int default_compile_switch;
	int default_compile_id;
	int table_id[TABLE_MAX];
	int dyn_subscribe_ip_table_id; //TSG_DYN_SUBSCRIBER_IP
	int priority_project_id;
	int internal_project_id;
	int l7_proto_project_id;
	int app_id_project_id;
	int proto_flag; //tsg_protocol_t
	int fs2_field_id[TSG_FS2_MAX];
	char device_sn[MAX_DOAMIN_LEN/8];
	char log_path[MAX_DOAMIN_LEN/8];
	char device_id_command[MAX_DOAMIN_LEN/8];
	char data_center[_MAX_TABLE_NAME_LEN];
	char table_name[TABLE_MAX][_MAX_TABLE_NAME_LEN];
	void *logger;
	screen_stat_handle_t fs2_handle;
}g_tsg_para_t;

extern g_tsg_para_t g_tsg_para;

typedef enum _tsg_statis_field_id
{
	STATIS_UNKNOWN=0,
	STATIS_ENTRANCE_ID=1,
	STATIS_TOTAL_CON_NUM,
	STATIS_NEW_CON_NUM,
	STATIS_ESTABLISHED_CON_NUM,
	STATIS_CLOSE_CON_NUM,
	STATIS_TOTAL_IN_BYTES,
	STATIS_TOTAL_OUT_BYTES,
	STATIS_TOTAL_IN_PACKETS,
	STATIS_TOTAL_OUT_PACKETS,
	STATIS_DEFAULT_CON_NUM,
	STATIS_DEFAULT_IN_BYTES,
	STATIS_DEFAULT_OUT_BYTES,
	STATIS_DEFAULT_IN_PACKETS,
	STATIS_DEFAULT_OUT_PACKETS,
	STATIS_ALLOW_CON_NUM,
	STATIS_ALLOW_IN_BYTES,
	STATIS_ALLOW_OUT_BYTES,
	STATIS_ALLOW_IN_PACKETS,
	STATIS_ALLOW_OUT_PACKETS,
	STATIS_DENY_CON_NUM,
	STATIS_DENY_IN_BYTES,
	STATIS_DENY_OUT_BYTES,
	STATIS_DENY_IN_PACKETS,
	STATIS_DENY_OUT_PACKETS,
	STATIS_MONITOR_CON_NUM,
	STATIS_MONITOR_IN_BYTES,
	STATIS_MONITOR_OUT_BYTES,
	STATIS_MONITOR_IN_PACKETS,
	STATIS_MONITOR_OUT_PACKETS,
	STATIS_INTERCEPT_CON_NUM,
	STATIS_INTERCEPT_IN_BYTES,
	STATIS_INTERCEPT_OUT_BYTES,
	STATIS_INTERCEPT_IN_PACKETS,
	STATIS_INTERCEPT_OUT_PACKETS,
	STATIS_IPV4_IN_BYTES,
	STATIS_IPV4_OUT_BYTES,
	STATIS_IPV4_IN_PACKETS,
	STATIS_IPV4_OUT_PACKETS,
	STATIS_IPV6_IN_BYTES,
	STATIS_IPV6_OUT_BYTES,
	STATIS_IPV6_IN_PACKETS,
	STATIS_IPV6_OUT_PACKETS,
	STATIS_TCP_NEW_CON_NUM,
	STATIS_TCP_IN_BYTES,
	STATIS_TCP_OUT_BYTES,
	STATIS_TCP_IN_PACKETS,
	STATIS_TCP_OUT_PACKETS,
	STATIS_UDP_NEW_CON_NUM,
	STATIS_UDP_IN_BYTES,
	STATIS_UDP_OUT_BYTES,
	STATIS_UDP_IN_PACKETS,
	STATIS_UDP_OUT_PACKETS,
	STATIS_ALERT_BYTES,
	STATIS_BLOCK_BYTES,
	STATIS_PINNING_NUM,
	STATIS_MAYBE_PINNING_NUM,
	STATIS_NOT_PINNING_NUM,
	STATIS_MAX
}tsg_statis_field_id_t;

enum TRAFFIC_INFO_IDX
{
	TRAFFIC_INFO_ALLOW=0,
	TRAFFIC_INFO_DENY,
	TRAFFIC_INFO_MONITOR,
	TRAFFIC_INFO_INTERCEPT,
	TRAFFIC_INFO_MAX
};

typedef	struct _tsg_statistic
{
	int cycle;
	int fs_line_id;
	int fs_field_id[STATIS_MAX];
	long long statistic_opt[_OPT_TYPE_MAX];
	struct _traffic_info *traffic_info[TSG_ACTION_MAX+1];
	struct _traffic_info default_total_info;
	screen_stat_handle_t fs2_handle;
}tsg_statis_para_t;

int tsg_statistic_init(const char *conffile, void *logger);

void location_free_data(int table_id, MAAT_PLUGIN_EX_DATA* ad, long argl, void* argp);
void ASN_free_data(int table_id, MAAT_PLUGIN_EX_DATA* ad, long argl, void* argp);
void subscribe_id_free_data(int table_id, MAAT_PLUGIN_EX_DATA* ad, long argl, void* argp);
void security_compile_free(int idx, const struct Maat_rule_t* rule, const char* srv_def_large, MAAT_RULE_EX_DATA* ad, long argl, void *argp);
char *tsg_schema_index2string(tsg_protocol_t proto);
struct Maat_rule_t *tsg_policy_decision_criteria(struct streaminfo *a_stream, Maat_rule_t *result, int result_num, struct _identify_info *identify_info, int thread_seq);
int tsg_scan_shared_policy(Maat_feather_t maat_feather, struct streaminfo *a_stream, struct identify_info *identify_info, Maat_rule_t *result, int result_num, scan_status_t *mid, int thread_seq);
int tsg_scan_app_id_policy(Maat_feather_t maat_feather, const struct streaminfo *a_stream, struct Maat_rule_t *result, int result_num, scan_status_t *mid, char *name, unsigned int id, int thread_seq);
int tsg_scan_app_properties_policy(Maat_feather_t maat_feather, struct streaminfo *a_stream, struct Maat_rule_t *result, int result_num, scan_status_t *mid, char *property, char *district, int thread_seq);
int tsg_scan_subscribe_id_policy(Maat_feather_t maat_feather, const struct streaminfo *a_stream, struct Maat_rule_t *result, int result_num, scan_status_t *mid, struct _subscribe_id_info_t *user_info, int thread_seq);

#endif