2019-11-12 13:35:19 +08:00
|
|
|
#include <stdio.h>
|
|
|
|
|
#include <string.h>
|
|
|
|
|
#include <stdlib.h>
|
|
|
|
|
#include <assert.h>
|
2019-12-09 18:58:05 +08:00
|
|
|
#include <time.h>
|
2019-11-12 13:35:19 +08:00
|
|
|
#include <sys/socket.h>
|
|
|
|
|
#include <netinet/in.h>
|
|
|
|
|
#include <arpa/inet.h>
|
|
|
|
|
#include <net/if.h>
|
|
|
|
|
#include <sys/types.h>
|
|
|
|
|
#include <sys/ioctl.h>
|
|
|
|
|
#include <unistd.h>
|
2020-09-01 11:35:49 +08:00
|
|
|
#include <pthread.h>
|
2021-04-07 02:36:51 +00:00
|
|
|
#include <arpa/inet.h>
|
2019-11-12 13:35:19 +08:00
|
|
|
|
|
|
|
|
#include <MESA/stream.h>
|
|
|
|
|
#include <MESA/MESA_prof_load.h>
|
|
|
|
|
#include <MESA/MESA_handle_logger.h>
|
|
|
|
|
|
2023-06-18 13:35:09 +08:00
|
|
|
#include "tsg_log.h"
|
2023-06-13 11:27:49 +08:00
|
|
|
#include "tsg_stat.h"
|
2020-11-14 15:50:44 +06:00
|
|
|
#include "app_label.h"
|
2019-12-09 18:58:05 +08:00
|
|
|
#include "tsg_entry.h"
|
2023-04-03 08:30:49 +00:00
|
|
|
#include "tsg_bridge.h"
|
2019-11-12 13:35:19 +08:00
|
|
|
#include "tsg_send_log.h"
|
2023-05-10 07:35:03 +00:00
|
|
|
#include "tsg_sync_state.h"
|
2023-04-03 08:30:49 +00:00
|
|
|
#include "tsg_rule_internal.h"
|
2019-11-12 13:35:19 +08:00
|
|
|
#include "tsg_send_log_internal.h"
|
|
|
|
|
|
2021-08-13 19:45:18 +08:00
|
|
|
#include "rapidjson/document.h" // rapidjson's DOM-style API
|
|
|
|
|
#include "rapidjson/prettywriter.h" // for stringify JSON
|
|
|
|
|
#include "rapidjson/stringbuffer.h"
|
|
|
|
|
|
2022-09-09 15:07:37 +08:00
|
|
|
#ifndef MIN
|
|
|
|
|
#define MIN(a, b) (((a) < (b)) ? (a) : (b))
|
|
|
|
|
#endif
|
2021-08-13 19:45:18 +08:00
|
|
|
|
|
|
|
|
using namespace rapidjson;
|
|
|
|
|
using namespace std;
|
|
|
|
|
|
2019-12-09 18:58:05 +08:00
|
|
|
struct tsg_log_instance_t *g_tsg_log_instance;
|
2019-11-12 13:35:19 +08:00
|
|
|
|
2021-08-13 19:45:18 +08:00
|
|
|
struct TLD_handle_t
|
|
|
|
|
{
|
|
|
|
|
int thread_id;
|
2021-11-13 13:27:59 +03:00
|
|
|
MemoryPoolAllocator<> *valueAllocator;
|
2021-08-13 19:45:18 +08:00
|
|
|
Document *document;
|
|
|
|
|
};
|
|
|
|
|
|
2019-12-09 18:58:05 +08:00
|
|
|
const id2field_t tld_type[TLD_TYPE_MAX]={{TLD_TYPE_UNKNOWN, TLD_TYPE_UNKNOWN, "UNKOWN"},
|
|
|
|
|
{TLD_TYPE_LONG, TLD_TYPE_LONG, "LONG"},
|
|
|
|
|
{TLD_TYPE_STRING, TLD_TYPE_STRING, "STRING"},
|
2020-05-18 19:04:26 +08:00
|
|
|
{TLD_TYPE_FILE, TLD_TYPE_FILE, "FILE"},
|
|
|
|
|
{TLD_TYPE_TOPIC, TLD_TYPE_TOPIC, "TOPIC"}
|
2019-12-09 18:58:05 +08:00
|
|
|
};
|
|
|
|
|
|
|
|
|
|
extern "C" int MESA_get_dev_ipv4(const char *device, int *ip_add);
|
|
|
|
|
|
2021-08-07 17:27:55 +08:00
|
|
|
static int string_cat(char *dst, int dst_len, char *src)
|
|
|
|
|
{
|
|
|
|
|
if(dst==NULL || dst_len<=0 || src==NULL)
|
|
|
|
|
{
|
|
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return snprintf(dst, dst_len, "%s", src);
|
|
|
|
|
}
|
|
|
|
|
|
2021-08-13 10:23:05 +00:00
|
|
|
#define add_number_member add_member
|
|
|
|
|
#define add_object_member add_member
|
|
|
|
|
|
|
|
|
|
#define add_member(handle, object, key, val) \
|
|
|
|
|
{ \
|
|
|
|
|
Value temp_key; \
|
|
|
|
|
temp_key.SetString((key), (handle)->document->GetAllocator()); \
|
|
|
|
|
(object)->AddMember(temp_key, (val), (handle)->document->GetAllocator()); \
|
|
|
|
|
}
|
|
|
|
|
|
2021-08-14 10:41:25 +08:00
|
|
|
static int copy_rapidjson(struct TLD_handle_t *_handle, char *field_name, const char *json_string)
|
2021-08-13 10:23:05 +00:00
|
|
|
{
|
|
|
|
|
Document nest_document;
|
|
|
|
|
nest_document.Parse(json_string);
|
|
|
|
|
|
|
|
|
|
Value p_object(kObjectType);
|
|
|
|
|
p_object.CopyFrom(nest_document, _handle->document->GetAllocator());
|
|
|
|
|
|
|
|
|
|
TLD_append(_handle, field_name, (void *)&p_object, TLD_TYPE_OBJECT);
|
|
|
|
|
|
|
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
static void add_str_member(struct TLD_handle_t *_handle, Value *object, const char *key, const char *val)
|
|
|
|
|
{
|
|
|
|
|
Value temp_key;
|
|
|
|
|
Value temp_val;
|
|
|
|
|
temp_key.SetString(key, _handle->document->GetAllocator());
|
|
|
|
|
temp_val.SetString(val, _handle->document->GetAllocator());
|
|
|
|
|
object->AddMember(temp_key, temp_val, _handle->document->GetAllocator());
|
|
|
|
|
}
|
|
|
|
|
|
2022-05-17 10:05:40 +00:00
|
|
|
|
|
|
|
|
static int register_topic(struct tsg_log_instance_t *instance, struct topic_stat *topic)
|
|
|
|
|
{
|
|
|
|
|
rd_kafka_topic_conf_t *topic_conf;
|
|
|
|
|
struct tsg_log_instance_t *_instance=(struct tsg_log_instance_t *)instance;
|
|
|
|
|
|
|
|
|
|
topic_conf=rd_kafka_topic_conf_new();
|
|
|
|
|
topic->status=1;
|
2023-02-09 07:14:55 +00:00
|
|
|
//topic->topic_rkt=(rd_kafka_topic_t *)calloc(1, sizeof(rd_kafka_topic_t*));
|
2022-05-17 10:05:40 +00:00
|
|
|
topic->topic_rkt=rd_kafka_topic_new(_instance->kafka_handle, topic->name, topic_conf);
|
|
|
|
|
|
|
|
|
|
int thread_num=get_thread_count();
|
2022-07-20 17:21:17 +08:00
|
|
|
topic->drop_start=(long long *)calloc(thread_num, sizeof(long long));
|
2022-05-17 10:05:40 +00:00
|
|
|
topic->send_log_percent=(int *)calloc(thread_num, sizeof(int));
|
|
|
|
|
|
|
|
|
|
for(int i=0; i<thread_num; i++)
|
|
|
|
|
{
|
|
|
|
|
topic->send_log_percent[i]=100;
|
2023-04-03 08:30:49 +00:00
|
|
|
topic->drop_start[i]=tsg_get_current_time_ms();
|
2022-05-17 10:05:40 +00:00
|
|
|
}
|
2023-06-13 11:27:49 +08:00
|
|
|
|
|
|
|
|
topic->row_idx=tsg_stat_sendlog_row_init((const char *)(topic->name));
|
2022-05-17 10:05:40 +00:00
|
|
|
|
|
|
|
|
return 1;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
2023-06-13 11:27:49 +08:00
|
|
|
static int update_percent(struct tsg_log_instance_t *_instance, int service_id, enum LOG_STATUS column, int thread_id)
|
2022-05-17 10:05:40 +00:00
|
|
|
{
|
2023-04-03 08:30:49 +00:00
|
|
|
long long current_time_ms=tsg_get_current_time_ms();
|
2022-05-17 10:05:40 +00:00
|
|
|
struct topic_stat *topic=(struct topic_stat *)&(_instance->service2topic[service_id]);
|
|
|
|
|
|
|
|
|
|
switch(column)
|
|
|
|
|
{
|
2023-06-13 11:27:49 +08:00
|
|
|
case LOG_STATUS_SUCCESS:
|
|
|
|
|
tsg_stat_sendlog_update(topic->row_idx, column, 1);
|
|
|
|
|
//tsg_stat_sendlog_update(topic->row_idx, column+1, 1);
|
2022-05-17 10:05:40 +00:00
|
|
|
|
2023-06-13 11:27:49 +08:00
|
|
|
tsg_stat_sendlog_update(_instance->sum_stat_row_id, column, 1);
|
|
|
|
|
//tsg_stat_sendlog_update(_instance->sum_stat_row_id, column+1, 1);
|
2022-05-17 10:05:40 +00:00
|
|
|
break;
|
2023-06-13 11:27:49 +08:00
|
|
|
case LOG_STATUS_FAIL:
|
|
|
|
|
tsg_stat_sendlog_update(topic->row_idx, column, 1);
|
|
|
|
|
//tsg_stat_sendlog_update(topic->row_idx, column+1, 1);
|
|
|
|
|
|
|
|
|
|
tsg_stat_sendlog_update(_instance->sum_stat_row_id, column, 1);
|
|
|
|
|
//tsg_stat_sendlog_update(_instance->sum_stat_row_id, column+1, 1);
|
2022-05-17 10:05:40 +00:00
|
|
|
|
2022-07-20 17:21:17 +08:00
|
|
|
if(current_time_ms - topic->drop_start[thread_id]>=1000)
|
2022-05-17 10:05:40 +00:00
|
|
|
{
|
|
|
|
|
topic->send_log_percent[thread_id]/=2;
|
2022-07-20 17:21:17 +08:00
|
|
|
topic->drop_start[thread_id]=current_time_ms;
|
2022-05-17 10:05:40 +00:00
|
|
|
}
|
|
|
|
|
break;
|
2023-06-13 11:27:49 +08:00
|
|
|
case LOG_STATUS_DROP:
|
2022-07-20 17:21:17 +08:00
|
|
|
if((current_time_ms%100) > topic->send_log_percent[thread_id])
|
2023-06-13 11:27:49 +08:00
|
|
|
{
|
|
|
|
|
tsg_stat_sendlog_update(topic->row_idx, column, 1);
|
|
|
|
|
//tsg_stat_sendlog_update(topic->row_idx, column+1, 1);
|
|
|
|
|
|
|
|
|
|
tsg_stat_sendlog_update(_instance->sum_stat_row_id, column, 1);
|
|
|
|
|
//tsg_stat_sendlog_update(_instance->sum_stat_row_id, column+1, 1);
|
2022-05-17 10:05:40 +00:00
|
|
|
|
|
|
|
|
return 1;
|
|
|
|
|
}
|
|
|
|
|
break;
|
2023-06-13 11:27:49 +08:00
|
|
|
case LOG_STATUS_MAX:
|
2022-05-17 10:05:40 +00:00
|
|
|
if(topic->send_log_percent[thread_id]>=100)
|
|
|
|
|
{
|
|
|
|
|
break;
|
|
|
|
|
}
|
|
|
|
|
|
2022-07-20 17:21:17 +08:00
|
|
|
if((current_time_ms - topic->drop_start[thread_id]) >= _instance->recovery_interval*1000)
|
2022-05-17 10:05:40 +00:00
|
|
|
{
|
|
|
|
|
topic->send_log_percent[thread_id]++;
|
2023-06-13 11:27:49 +08:00
|
|
|
topic->drop_start[thread_id]=current_time_ms;
|
2022-05-17 10:05:40 +00:00
|
|
|
}
|
|
|
|
|
break;
|
|
|
|
|
default:
|
|
|
|
|
break;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
|
2023-04-03 08:30:49 +00:00
|
|
|
static int is_tunnels(const struct streaminfo *a_stream)
|
2021-04-07 02:36:51 +00:00
|
|
|
{
|
2021-04-20 14:37:00 +08:00
|
|
|
const struct streaminfo *ptmp = a_stream;
|
|
|
|
|
const struct streaminfo *pfather=NULL;
|
|
|
|
|
int is_tunnel=0;
|
|
|
|
|
|
|
|
|
|
while(ptmp)
|
2021-04-07 02:36:51 +00:00
|
|
|
{
|
2021-04-20 14:37:00 +08:00
|
|
|
pfather = ptmp->pfather;
|
|
|
|
|
switch(ptmp->addr.addrtype)
|
|
|
|
|
{
|
|
|
|
|
case ADDR_TYPE_GRE:
|
|
|
|
|
case ADDR_TYPE_VLAN:
|
|
|
|
|
case ADDR_TYPE_L2TP:
|
|
|
|
|
case ADDR_TYPE_PPTP:
|
|
|
|
|
case ADDR_TYPE_VXLAN:
|
|
|
|
|
case ADDR_TYPE_GPRS_TUNNEL:
|
|
|
|
|
case __ADDR_TYPE_IP_PAIR_V4:
|
|
|
|
|
case __ADDR_TYPE_IP_PAIR_V6:
|
|
|
|
|
is_tunnel=1;
|
|
|
|
|
break;
|
|
|
|
|
case ADDR_TYPE_MPLS:
|
|
|
|
|
if(ptmp->addr.mpls->s2c_layer_num==0 && ptmp->addr.mpls->c2s_layer_num==0)
|
|
|
|
|
{
|
|
|
|
|
break;
|
|
|
|
|
}
|
|
|
|
|
is_tunnel=1;
|
|
|
|
|
break;
|
|
|
|
|
default:
|
|
|
|
|
break;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
ptmp = pfather;
|
2021-04-07 02:36:51 +00:00
|
|
|
}
|
|
|
|
|
|
2021-04-20 14:37:00 +08:00
|
|
|
return is_tunnel;
|
2021-04-07 02:36:51 +00:00
|
|
|
}
|
|
|
|
|
|
2023-04-03 08:30:49 +00:00
|
|
|
static int set_isn(const struct streaminfo *a_stream, struct TLD_handle_t *_handle, char *field_name, enum MESA_stream_opt type)
|
2021-04-07 02:36:51 +00:00
|
|
|
{
|
2021-04-27 09:49:15 +00:00
|
|
|
unsigned int isn=0;
|
2023-02-09 07:14:55 +00:00
|
|
|
int size=sizeof(isn);
|
|
|
|
|
int ret=MESA_get_stream_opt(a_stream, type, &isn, &size);
|
2021-04-27 09:49:15 +00:00
|
|
|
if(ret==0)
|
|
|
|
|
{
|
|
|
|
|
TLD_append(_handle, field_name, (void *)(long)isn, TLD_TYPE_LONG);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return 1;
|
|
|
|
|
}
|
|
|
|
|
|
2023-04-03 08:30:49 +00:00
|
|
|
static int set_tcp_isn(struct tsg_log_instance_t *_instance, struct TLD_handle_t *_handle, const struct streaminfo *a_stream)
|
2021-04-27 09:49:15 +00:00
|
|
|
{
|
|
|
|
|
if(a_stream->type==STREAM_TYPE_TCP)
|
|
|
|
|
{
|
|
|
|
|
switch(a_stream->dir)
|
|
|
|
|
{
|
2023-04-03 08:30:49 +00:00
|
|
|
case DIR_C2S:
|
|
|
|
|
set_isn(a_stream, _handle, _instance->id2field[LOG_COMMON_TCP_CLIENT_ISN].name, MSO_TCP_ISN_C2S);
|
2021-04-27 09:49:15 +00:00
|
|
|
break;
|
2023-04-03 08:30:49 +00:00
|
|
|
case DIR_S2C:
|
|
|
|
|
set_isn(a_stream, _handle, _instance->id2field[LOG_COMMON_TCP_SERVER_ISN].name, MSO_TCP_ISN_S2C);
|
2021-04-27 09:49:15 +00:00
|
|
|
break;
|
|
|
|
|
case DIR_DOUBLE:
|
2023-04-03 08:30:49 +00:00
|
|
|
set_isn(a_stream, _handle, _instance->id2field[LOG_COMMON_TCP_CLIENT_ISN].name, MSO_TCP_ISN_C2S);
|
|
|
|
|
set_isn(a_stream, _handle, _instance->id2field[LOG_COMMON_TCP_SERVER_ISN].name, MSO_TCP_ISN_S2C);
|
2021-04-27 09:49:15 +00:00
|
|
|
break;
|
|
|
|
|
default:
|
|
|
|
|
break;
|
|
|
|
|
}
|
|
|
|
|
}
|
2021-04-20 14:37:00 +08:00
|
|
|
|
2021-04-27 09:49:15 +00:00
|
|
|
return 1;
|
|
|
|
|
}
|
2021-04-28 09:23:05 +00:00
|
|
|
|
2023-04-03 08:30:49 +00:00
|
|
|
static int set_linkinfo(struct tsg_log_instance_t *_instance, struct TLD_handle_t *_handle, const struct streaminfo *a_stream)
|
2021-07-05 14:22:24 +08:00
|
|
|
{
|
2023-04-03 08:30:49 +00:00
|
|
|
const char *linkinfo=(const char *)session_mac_linkinfo_get(a_stream);
|
2021-07-05 14:22:24 +08:00
|
|
|
if(linkinfo==NULL)
|
|
|
|
|
{
|
|
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
cJSON *item=NULL;
|
|
|
|
|
cJSON *object=cJSON_Parse(linkinfo);
|
|
|
|
|
if(object)
|
|
|
|
|
{
|
|
|
|
|
item=cJSON_GetObjectItem(object, "common_direction");
|
|
|
|
|
if(item!=NULL)
|
|
|
|
|
{
|
|
|
|
|
TLD_append(_handle, (char *)"common_direction", (void *)(long)(item->valueint), TLD_TYPE_LONG);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
item=cJSON_GetObjectItem(object, "common_egress_link_id");
|
|
|
|
|
if(item!=NULL)
|
|
|
|
|
{
|
|
|
|
|
TLD_append(_handle, (char *)"common_egress_link_id", (void *)(long)(item->valueint), TLD_TYPE_LONG);
|
|
|
|
|
}
|
|
|
|
|
|
2023-04-03 08:30:49 +00:00
|
|
|
item=cJSON_GetObjectItem(object, "common_ingress_link_id");
|
2021-07-05 14:22:24 +08:00
|
|
|
if(item!=NULL)
|
|
|
|
|
{
|
|
|
|
|
TLD_append(_handle, (char *)"common_ingress_link_id", (void *)(long)(item->valueint), TLD_TYPE_LONG);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
cJSON_Delete(object);
|
|
|
|
|
object=NULL;
|
|
|
|
|
|
|
|
|
|
return 1;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
|
2023-04-03 08:30:49 +00:00
|
|
|
static int set_asn(struct TLD_handle_t *_handle, const struct streaminfo *a_stream, char *field_name, struct asn_info *asn_info)
|
2023-02-09 07:14:55 +00:00
|
|
|
{
|
2021-04-28 09:23:05 +00:00
|
|
|
if(asn_info!=NULL)
|
|
|
|
|
{
|
2023-02-09 07:14:55 +00:00
|
|
|
int len=0;
|
|
|
|
|
char buff[1024]={0};
|
|
|
|
|
int buff_len=sizeof(buff);
|
|
|
|
|
|
2021-09-02 19:30:15 +08:00
|
|
|
len+=string_cat(buff+len, buff_len-len, asn_info->asn_id);
|
2021-08-07 17:27:55 +08:00
|
|
|
buff[len++]='(';
|
2021-09-02 19:30:15 +08:00
|
|
|
len+=string_cat(buff+len, buff_len-len, asn_info->organization);
|
2021-08-07 17:27:55 +08:00
|
|
|
buff[len++]=')';
|
2021-04-28 09:23:05 +00:00
|
|
|
TLD_append(_handle, field_name, (void *)buff, TLD_TYPE_STRING);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return 1;
|
|
|
|
|
}
|
|
|
|
|
|
2023-04-03 08:30:49 +00:00
|
|
|
static int set_location(struct TLD_handle_t *_handle, const struct streaminfo *a_stream, char *field_name, struct location_info *location_info)
|
2021-04-28 09:23:05 +00:00
|
|
|
{
|
2023-06-18 15:57:17 +08:00
|
|
|
if(location_info==NULL || location_info->full_location==NULL || location_info->full_location_len<=0)
|
2021-04-28 09:23:05 +00:00
|
|
|
{
|
2022-02-10 02:46:49 +00:00
|
|
|
return 0;
|
|
|
|
|
}
|
2023-02-09 07:14:55 +00:00
|
|
|
|
2023-06-18 15:57:17 +08:00
|
|
|
char location[1024]={0};
|
|
|
|
|
|
|
|
|
|
memcpy(location, location_info->full_location, MIN((int)sizeof(location), location_info->full_location_len-1));
|
|
|
|
|
TLD_append(_handle, field_name, (void *)location, TLD_TYPE_STRING);
|
|
|
|
|
|
2021-04-28 09:23:05 +00:00
|
|
|
return 1;
|
|
|
|
|
}
|
|
|
|
|
|
2023-04-03 08:30:49 +00:00
|
|
|
static int set_direction(struct tsg_log_instance_t *_instance, struct TLD_handle_t *_handle, const struct streaminfo *a_stream)
|
2021-04-27 09:49:15 +00:00
|
|
|
{
|
2023-05-30 16:56:15 +08:00
|
|
|
const struct session_runtime_action_context *srt_action_context=session_runtime_action_context_get(a_stream);
|
|
|
|
|
if(srt_action_context==NULL)
|
|
|
|
|
{
|
|
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
char direction=srt_action_context_get_direction(srt_action_context);
|
2023-01-11 14:52:48 +08:00
|
|
|
if(direction>0)
|
2021-04-07 02:36:51 +00:00
|
|
|
{
|
2023-01-11 14:52:48 +08:00
|
|
|
TLD_append(_handle, _instance->id2field[LOG_COMMON_DIRECTION].name, (void *)(long)direction, TLD_TYPE_LONG);
|
|
|
|
|
return 1;
|
2021-04-07 02:36:51 +00:00
|
|
|
}
|
2021-04-27 09:49:15 +00:00
|
|
|
|
2023-01-11 14:52:48 +08:00
|
|
|
return 0;
|
2021-04-07 02:36:51 +00:00
|
|
|
}
|
|
|
|
|
|
2023-04-03 08:30:49 +00:00
|
|
|
static int set_address_list(struct tsg_log_instance_t *_instance, struct TLD_handle_t *_handle, const struct streaminfo *a_stream)
|
2020-11-16 12:30:44 +06:00
|
|
|
{
|
2021-04-27 09:49:15 +00:00
|
|
|
unsigned short tunnel_type=0;
|
2023-05-10 07:35:03 +00:00
|
|
|
char nest_addr_buf[1024]={0};
|
2021-04-27 09:49:15 +00:00
|
|
|
int tunnel_type_size=sizeof(tunnel_type);
|
|
|
|
|
|
2022-07-20 17:21:17 +08:00
|
|
|
MESA_get_stream_opt(a_stream, MSO_STREAM_TUNNEL_TYPE, &tunnel_type, &tunnel_type_size);
|
2021-04-27 09:49:15 +00:00
|
|
|
if(tunnel_type==STREAM_TUNNLE_NON)
|
|
|
|
|
{
|
|
|
|
|
layer_addr_ntop_r(a_stream,nest_addr_buf, sizeof(nest_addr_buf));
|
|
|
|
|
}
|
|
|
|
|
else
|
|
|
|
|
{
|
|
|
|
|
stream_addr_list_ntop(a_stream,nest_addr_buf, sizeof(nest_addr_buf));
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
TLD_append(_handle, _instance->id2field[LOG_COMMON_ADDRESS_LIST].name, (void *)nest_addr_buf, TLD_TYPE_STRING);
|
|
|
|
|
|
|
|
|
|
return 1;
|
|
|
|
|
}
|
|
|
|
|
|
2023-04-03 08:30:49 +00:00
|
|
|
static int set_tuple4(struct tsg_log_instance_t *_instance, struct TLD_handle_t *_handle, const struct streaminfo *a_stream)
|
2021-04-27 09:49:15 +00:00
|
|
|
{
|
|
|
|
|
int addr_type=0;
|
|
|
|
|
unsigned short c_port=0, s_port=0;
|
|
|
|
|
struct layer_addr_ipv4 *ipv4=NULL;
|
|
|
|
|
struct layer_addr_ipv6 *ipv6=NULL;
|
|
|
|
|
char server_ip[MAX_IPV4_LEN*8]={0};
|
|
|
|
|
char client_ip[MAX_IPV4_LEN*8]={0};
|
|
|
|
|
|
|
|
|
|
switch(a_stream->addr.addrtype)
|
2020-11-16 12:30:44 +06:00
|
|
|
{
|
2021-04-27 09:49:15 +00:00
|
|
|
case ADDR_TYPE_IPV4:
|
|
|
|
|
case __ADDR_TYPE_IP_PAIR_V4:
|
|
|
|
|
ipv4=a_stream->addr.ipv4;
|
|
|
|
|
addr_type=4;
|
|
|
|
|
c_port=ntohs(ipv4->source);
|
|
|
|
|
s_port=ntohs(ipv4->dest);
|
|
|
|
|
|
|
|
|
|
inet_ntop(AF_INET, (void *)&ipv4->saddr, client_ip, sizeof(client_ip));
|
|
|
|
|
inet_ntop(AF_INET, (void *)&ipv4->daddr, server_ip, sizeof(server_ip));
|
2020-11-16 12:30:44 +06:00
|
|
|
break;
|
2021-04-27 09:49:15 +00:00
|
|
|
case ADDR_TYPE_IPV6:
|
|
|
|
|
case __ADDR_TYPE_IP_PAIR_V6:
|
|
|
|
|
ipv6=a_stream->addr.ipv6;
|
|
|
|
|
addr_type=6;
|
|
|
|
|
c_port=ntohs(ipv6->source);
|
|
|
|
|
s_port=ntohs(ipv6->dest);
|
|
|
|
|
|
|
|
|
|
inet_ntop(AF_INET6, (void *)ipv6->saddr, client_ip, sizeof(client_ip));
|
|
|
|
|
inet_ntop(AF_INET6, (void *)ipv6->daddr, server_ip, sizeof(server_ip));
|
2020-11-16 12:30:44 +06:00
|
|
|
break;
|
|
|
|
|
default:
|
|
|
|
|
break;
|
|
|
|
|
}
|
|
|
|
|
|
2021-04-27 09:49:15 +00:00
|
|
|
|
|
|
|
|
TLD_append(_handle, _instance->id2field[LOG_COMMON_SERVER_IP].name, (void *)server_ip, TLD_TYPE_STRING);
|
|
|
|
|
TLD_append(_handle, _instance->id2field[LOG_COMMON_CLIENT_IP].name, (void *)client_ip, TLD_TYPE_STRING);
|
|
|
|
|
TLD_append(_handle, _instance->id2field[LOG_COMMON_SERVER_PORT].name, (void *)(long)s_port, TLD_TYPE_LONG);
|
|
|
|
|
TLD_append(_handle, _instance->id2field[LOG_COMMON_CLIENT_PORT].name, (void *)(long)c_port, TLD_TYPE_LONG);
|
|
|
|
|
|
|
|
|
|
TLD_append(_handle, _instance->id2field[LOG_COMMON_STREAM_DIR].name, (void *)(long)a_stream->dir, TLD_TYPE_LONG);
|
|
|
|
|
TLD_append(_handle, _instance->id2field[LOG_COMMON_ADDRESS_TYPE].name, (void *)(long)addr_type, TLD_TYPE_LONG);
|
|
|
|
|
|
|
|
|
|
return 1;
|
2020-11-16 12:30:44 +06:00
|
|
|
}
|
|
|
|
|
|
2023-04-03 08:30:49 +00:00
|
|
|
static int set_duraction(struct tsg_log_instance_t *_instance, struct TLD_handle_t *_handle, const struct streaminfo *a_stream)
|
2020-07-20 15:59:15 +08:00
|
|
|
{
|
2021-04-27 09:49:15 +00:00
|
|
|
int size=sizeof(unsigned long long);
|
2023-10-13 12:58:08 +08:00
|
|
|
unsigned long long create_time_ms=0,last_time_ms=0;
|
2021-04-27 09:49:15 +00:00
|
|
|
|
|
|
|
|
if(a_stream->ptcpdetail!=NULL)
|
2020-07-20 15:59:15 +08:00
|
|
|
{
|
2021-04-27 09:49:15 +00:00
|
|
|
TLD_append(_handle, _instance->id2field[LOG_COMMON_START_TIME].name, (void *)(a_stream->ptcpdetail->createtime), TLD_TYPE_LONG);
|
|
|
|
|
TLD_append(_handle, _instance->id2field[LOG_COMMON_END_TIME].name, (void *)(a_stream->ptcpdetail->lastmtime), TLD_TYPE_LONG);
|
|
|
|
|
}
|
|
|
|
|
else
|
|
|
|
|
{
|
|
|
|
|
time_t cur_time=time(NULL);
|
|
|
|
|
TLD_append(_handle, _instance->id2field[LOG_COMMON_START_TIME].name, (void *)cur_time, TLD_TYPE_LONG);
|
2023-10-13 12:58:08 +08:00
|
|
|
TLD_append(_handle, _instance->id2field[LOG_COMMON_END_TIME].name, (void *)cur_time, TLD_TYPE_LONG);
|
2020-07-20 15:59:15 +08:00
|
|
|
}
|
2021-04-27 09:49:15 +00:00
|
|
|
|
2023-10-13 12:58:08 +08:00
|
|
|
int ret=MESA_get_stream_opt(a_stream, MSO_STREAM_CREATE_TIMESTAMP_MS, (void *)&create_time_ms, &size);
|
|
|
|
|
if(ret<0)
|
|
|
|
|
{
|
|
|
|
|
TLD_append(_handle, _instance->id2field[LOG_COMMON_CON_DURATION_MS].name, (void *)(0), TLD_TYPE_LONG);
|
|
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
TLD_append(_handle, _instance->id2field[LOG_COMMON_START_TIME_MS].name, (void *)(create_time_ms), TLD_TYPE_LONG);
|
|
|
|
|
|
|
|
|
|
ret=MESA_get_stream_opt(a_stream, MSO_STREAM_LASTUPDATE_TIMESTAMP_MS, (void *)&last_time_ms, &size);
|
|
|
|
|
if(ret<0)
|
|
|
|
|
{
|
|
|
|
|
TLD_append(_handle, _instance->id2field[LOG_COMMON_CON_DURATION_MS].name, (void *)(0), TLD_TYPE_LONG);
|
|
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
TLD_append(_handle, _instance->id2field[LOG_COMMON_END_TIME_MS].name, (void *)(last_time_ms), TLD_TYPE_LONG);
|
|
|
|
|
|
|
|
|
|
if(last_time_ms>=create_time_ms)
|
|
|
|
|
{
|
|
|
|
|
unsigned long long common_con_duration_ms=last_time_ms-create_time_ms;
|
|
|
|
|
TLD_append(_handle, _instance->id2field[LOG_COMMON_CON_DURATION_MS].name, (void *)(common_con_duration_ms), TLD_TYPE_LONG);
|
|
|
|
|
}
|
|
|
|
|
else
|
|
|
|
|
{
|
|
|
|
|
TLD_append(_handle, _instance->id2field[LOG_COMMON_CON_DURATION_MS].name, (void *)(0), TLD_TYPE_LONG);
|
|
|
|
|
}
|
|
|
|
|
|
2021-04-27 09:49:15 +00:00
|
|
|
return 1;
|
|
|
|
|
}
|
2020-07-20 15:59:15 +08:00
|
|
|
|
2021-08-07 17:27:55 +08:00
|
|
|
static int set_subscriber_id(struct TLD_handle_t *_handle, char *field_name, struct subscribe_id_info *subscriber)
|
|
|
|
|
{
|
|
|
|
|
if(subscriber!=NULL && subscriber->subscribe_id!=NULL)
|
|
|
|
|
{
|
|
|
|
|
TLD_append(_handle, field_name, (void *)subscriber->subscribe_id, TLD_TYPE_STRING);
|
|
|
|
|
return 1;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
|
2023-04-03 08:30:49 +00:00
|
|
|
static int set_fqdn_category(struct tsg_log_instance_t *_instance, struct TLD_handle_t *_handle, const struct streaminfo *a_stream, unsigned int *category_id, int category_id_num)
|
2021-04-28 09:23:05 +00:00
|
|
|
{
|
2021-06-03 13:49:12 +08:00
|
|
|
int i=0;
|
|
|
|
|
if(category_id_num<=0 || category_id==NULL)
|
2021-04-28 09:23:05 +00:00
|
|
|
{
|
2021-06-03 13:49:12 +08:00
|
|
|
return 0;
|
2021-04-28 09:23:05 +00:00
|
|
|
}
|
2021-06-03 13:49:12 +08:00
|
|
|
|
2021-08-13 10:23:05 +00:00
|
|
|
Value array(kArrayType);
|
2021-06-03 13:49:12 +08:00
|
|
|
for(i=0; i<category_id_num; i++)
|
2021-04-28 09:23:05 +00:00
|
|
|
{
|
2021-08-13 10:23:05 +00:00
|
|
|
array.PushBack(category_id[i], _handle->document->GetAllocator());
|
2021-04-28 09:23:05 +00:00
|
|
|
}
|
|
|
|
|
|
2021-08-13 10:23:05 +00:00
|
|
|
TLD_append(_handle, _instance->id2field[LOG_COMMON_FQDN_CATEGORY].name, &array, TLD_TYPE_OBJECT);
|
2021-06-03 13:49:12 +08:00
|
|
|
|
2021-04-28 09:23:05 +00:00
|
|
|
return 1;
|
|
|
|
|
}
|
|
|
|
|
|
2023-04-03 08:30:49 +00:00
|
|
|
static int set_umts_user_info(struct tsg_log_instance_t *_instance, struct TLD_handle_t *_handle, const struct streaminfo *a_stream, struct umts_user_info *user_info)
|
2021-05-19 07:10:25 +00:00
|
|
|
{
|
|
|
|
|
if(user_info==NULL)
|
|
|
|
|
{
|
|
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if(user_info->apn!=NULL)
|
|
|
|
|
{
|
|
|
|
|
TLD_append(_handle, _instance->id2field[LOG_COMMON_GTP_APN].name, (void *)user_info->apn, TLD_TYPE_STRING);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if(user_info->imsi!=NULL)
|
|
|
|
|
{
|
|
|
|
|
TLD_append(_handle, _instance->id2field[LOG_COMMON_GTP_IMSI].name, (void *)user_info->imsi, TLD_TYPE_STRING);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if(user_info->imei!=NULL)
|
|
|
|
|
{
|
|
|
|
|
TLD_append(_handle, _instance->id2field[LOG_COMMON_GTP_IMEI].name, (void *)user_info->imei, TLD_TYPE_STRING);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if(user_info->msisdn!=NULL)
|
|
|
|
|
{
|
|
|
|
|
TLD_append(_handle, _instance->id2field[LOG_COMMON_GTP_MSISDN].name, (void *)user_info->msisdn, TLD_TYPE_STRING); //phone number
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return 1;
|
|
|
|
|
}
|
2019-12-09 18:58:05 +08:00
|
|
|
|
2023-04-03 08:30:49 +00:00
|
|
|
static int set_packet_bytes(struct tsg_log_instance_t *_instance, struct TLD_handle_t *_handle, const struct streaminfo *a_stream)
|
2019-11-12 13:35:19 +08:00
|
|
|
{
|
2021-04-27 09:49:15 +00:00
|
|
|
struct tcp_flow_stat *tflow_project=NULL;
|
|
|
|
|
struct udp_flow_stat *uflow_project=NULL;
|
|
|
|
|
|
|
|
|
|
switch(a_stream->type)
|
2019-12-09 18:58:05 +08:00
|
|
|
{
|
2021-04-27 09:49:15 +00:00
|
|
|
case STREAM_TYPE_TCP:
|
|
|
|
|
tflow_project=(struct tcp_flow_stat *)project_req_get_struct(a_stream, _instance->tcp_flow_project_id);
|
|
|
|
|
if(tflow_project!=NULL)
|
|
|
|
|
{
|
|
|
|
|
TLD_append(_handle, _instance->id2field[LOG_COMMON_S2C_PKT_NUM].name, (void *)(long)tflow_project->S2C_all_pkt, TLD_TYPE_LONG);
|
|
|
|
|
TLD_append(_handle, _instance->id2field[LOG_COMMON_S2C_BYTE_NUM].name, (void *)(long)tflow_project->S2C_all_byte_raw, TLD_TYPE_LONG);
|
|
|
|
|
TLD_append(_handle, _instance->id2field[LOG_COMMON_C2S_PKT_NUM].name, (void *)(long)tflow_project->C2S_all_pkt, TLD_TYPE_LONG);
|
|
|
|
|
TLD_append(_handle, _instance->id2field[LOG_COMMON_C2S_BYTE_NUM].name, (void *)(long)tflow_project->C2S_all_byte_raw, TLD_TYPE_LONG);
|
|
|
|
|
}
|
|
|
|
|
break;
|
|
|
|
|
case STREAM_TYPE_UDP:
|
|
|
|
|
uflow_project=(struct udp_flow_stat *)project_req_get_struct(a_stream, _instance->udp_flow_project_id);
|
|
|
|
|
if(uflow_project!=NULL)
|
|
|
|
|
{
|
|
|
|
|
TLD_append(_handle, _instance->id2field[LOG_COMMON_S2C_PKT_NUM].name, (void *)(long)uflow_project->S2C_pkt, TLD_TYPE_LONG);
|
|
|
|
|
TLD_append(_handle, _instance->id2field[LOG_COMMON_S2C_BYTE_NUM].name, (void *)(long)uflow_project->S2C_all_byte_raw, TLD_TYPE_LONG);
|
|
|
|
|
TLD_append(_handle, _instance->id2field[LOG_COMMON_C2S_PKT_NUM].name, (void *)(long)uflow_project->C2S_pkt, TLD_TYPE_LONG);
|
|
|
|
|
TLD_append(_handle, _instance->id2field[LOG_COMMON_C2S_BYTE_NUM].name, (void *)(long)uflow_project->C2S_all_byte_raw, TLD_TYPE_LONG);
|
|
|
|
|
}
|
|
|
|
|
break;
|
|
|
|
|
default:
|
|
|
|
|
break;
|
2019-12-09 18:58:05 +08:00
|
|
|
}
|
|
|
|
|
|
2021-04-27 09:49:15 +00:00
|
|
|
return 1;
|
2019-11-12 13:35:19 +08:00
|
|
|
}
|
|
|
|
|
|
2023-06-12 15:42:46 +08:00
|
|
|
int set_app_identify_info_array(Value *array, struct TLD_handle_t *_handle, struct app_attributes *result, char result_num)
|
|
|
|
|
{
|
|
|
|
|
for(int i=0; i<result_num; i++)
|
2022-06-02 16:57:11 +08:00
|
|
|
{
|
2023-06-12 15:42:46 +08:00
|
|
|
char app_name[512]={0};
|
|
|
|
|
Value object(kObjectType);
|
|
|
|
|
int ret=tsg_get_app_name_by_id(g_tsg_maat_feather, result[i].app_id, app_name, sizeof(app_name), 0);
|
|
|
|
|
if(ret>0)
|
2022-06-02 16:57:11 +08:00
|
|
|
{
|
2023-06-12 15:42:46 +08:00
|
|
|
add_str_member(_handle, &object, "app_name", app_name);
|
2022-06-02 16:57:11 +08:00
|
|
|
}
|
2023-06-12 15:42:46 +08:00
|
|
|
else
|
2022-12-12 11:34:44 +08:00
|
|
|
{
|
2023-06-12 15:42:46 +08:00
|
|
|
object.AddMember("app_name", result[i].app_id, _handle->document->GetAllocator());
|
2022-06-02 16:57:11 +08:00
|
|
|
}
|
2023-06-12 15:42:46 +08:00
|
|
|
object.AddMember("packet_sequence",result[i].packet_sequence, _handle->document->GetAllocator());
|
|
|
|
|
array->PushBack(object, _handle->document->GetAllocator());
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return result_num;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
static int set_app_identify_info(struct TLD_handle_t *_handle, char *field_name, struct gather_app_result * gather_result)
|
|
|
|
|
{
|
|
|
|
|
if(gather_result->user_define_num<=0 && gather_result->built_in_num<=0 && gather_result->unknown_flag==0)
|
|
|
|
|
{
|
|
|
|
|
return 0;
|
2022-06-02 16:57:11 +08:00
|
|
|
}
|
2023-06-12 15:42:46 +08:00
|
|
|
|
|
|
|
|
Value array(kArrayType);
|
|
|
|
|
set_app_identify_info_array(&array, _handle, gather_result->user_define, gather_result->user_define_num);
|
|
|
|
|
set_app_identify_info_array(&array, _handle, gather_result->built_in, gather_result->built_in_num);
|
2022-06-02 16:57:11 +08:00
|
|
|
|
2023-06-12 15:42:46 +08:00
|
|
|
if(gather_result->unknown_flag==1)
|
2022-12-12 11:34:44 +08:00
|
|
|
{
|
2023-06-12 15:42:46 +08:00
|
|
|
set_app_identify_info_array(&array, _handle, &gather_result->unknown, 1);
|
2022-12-12 11:34:44 +08:00
|
|
|
}
|
|
|
|
|
|
2023-06-12 15:42:46 +08:00
|
|
|
TLD_append(_handle, field_name, &array, TLD_TYPE_OBJECT);
|
|
|
|
|
|
2022-06-02 16:57:11 +08:00
|
|
|
return 1;
|
|
|
|
|
}
|
|
|
|
|
|
2023-06-12 15:42:46 +08:00
|
|
|
static int get_app_id_list(Value *app_id_object, struct TLD_handle_t *_handle, const char *field_name, struct app_attributes *result, char result_num)
|
2021-07-05 14:22:24 +08:00
|
|
|
{
|
2023-06-12 15:42:46 +08:00
|
|
|
if(result_num==0)
|
2022-06-02 16:57:11 +08:00
|
|
|
{
|
|
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
Value array(kArrayType);
|
2023-06-12 15:42:46 +08:00
|
|
|
for(int i=0; i<result_num; i++)
|
2023-02-09 07:14:55 +00:00
|
|
|
{
|
|
|
|
|
char app_name[512]={0};
|
|
|
|
|
Value object(kObjectType);
|
2023-06-12 15:42:46 +08:00
|
|
|
int ret=tsg_get_app_name_by_id(g_tsg_maat_feather, result[i].app_id, app_name, sizeof(app_name), 1);
|
2022-06-02 16:57:11 +08:00
|
|
|
if(ret>0)
|
|
|
|
|
{
|
|
|
|
|
add_str_member(_handle, &object, "app_name", app_name);
|
|
|
|
|
}
|
2023-06-12 15:42:46 +08:00
|
|
|
object.AddMember("app_id", result[i].app_id, _handle->document->GetAllocator());
|
|
|
|
|
object.AddMember("surrogate_id", result[i].surrogate_id, _handle->document->GetAllocator());
|
|
|
|
|
object.AddMember("packet_sequence",result[i].packet_sequence, _handle->document->GetAllocator());
|
2022-06-02 16:57:11 +08:00
|
|
|
array.PushBack(object, _handle->document->GetAllocator());
|
|
|
|
|
}
|
|
|
|
|
add_object_member(_handle, app_id_object, field_name, array);
|
|
|
|
|
|
|
|
|
|
return 1;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
2023-06-12 15:42:46 +08:00
|
|
|
static int set_userdefine_app(struct TLD_handle_t *_handle, char *field_name, struct app_attributes *result, char result_num)
|
2022-06-02 16:57:11 +08:00
|
|
|
{
|
2023-06-12 15:42:46 +08:00
|
|
|
if(result==NULL || result_num<=0)
|
2021-07-05 14:22:24 +08:00
|
|
|
{
|
|
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
int i=0;
|
|
|
|
|
char app_name[256]={0};
|
|
|
|
|
|
2021-08-13 10:23:05 +00:00
|
|
|
Value array(kArrayType);
|
2023-06-12 15:42:46 +08:00
|
|
|
for(i=0; i<result_num; i++)
|
2021-07-05 14:22:24 +08:00
|
|
|
{
|
|
|
|
|
memset(app_name, 0, sizeof(app_name));
|
2023-06-12 15:42:46 +08:00
|
|
|
tsg_get_app_name_by_id(g_tsg_maat_feather, result[i].app_id, app_name, sizeof(app_name), 1);
|
2021-07-05 14:22:24 +08:00
|
|
|
if(strnlen(app_name, sizeof(app_name)) > 0)
|
|
|
|
|
{
|
2021-08-13 10:23:05 +00:00
|
|
|
Value app_name_str;
|
2023-04-03 08:30:49 +00:00
|
|
|
app_name_str.SetString(app_name, _handle->document->GetAllocator());
|
2021-08-13 10:23:05 +00:00
|
|
|
array.PushBack(app_name_str, _handle->document->GetAllocator());
|
2021-07-05 14:22:24 +08:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2021-08-13 10:23:05 +00:00
|
|
|
TLD_append(_handle, field_name, &array, TLD_TYPE_OBJECT);
|
2021-07-05 14:22:24 +08:00
|
|
|
|
|
|
|
|
return 1;
|
|
|
|
|
}
|
|
|
|
|
|
2023-04-03 08:30:49 +00:00
|
|
|
int set_app_id(struct tsg_log_instance_t *_instance, struct TLD_handle_t *_handle, const struct streaminfo *a_stream)
|
2019-12-09 18:58:05 +08:00
|
|
|
{
|
2023-04-03 08:30:49 +00:00
|
|
|
struct gather_app_result *gather_result=(struct gather_app_result *)session_gather_app_results_get(a_stream);
|
2022-06-02 16:57:11 +08:00
|
|
|
if(gather_result==NULL)
|
2023-02-09 07:14:55 +00:00
|
|
|
{
|
|
|
|
|
char app_name[512]={0};
|
2023-04-03 08:30:49 +00:00
|
|
|
if(tsg_get_app_name_by_id(g_tsg_maat_feather, _instance->unknown_app_id, app_name, sizeof(app_name), 0))
|
2022-12-29 06:03:04 +00:00
|
|
|
{
|
|
|
|
|
TLD_append(_handle, _instance->id2field[LOG_COMMON_APP_FULL_PATH].name, (void *)app_name, TLD_TYPE_STRING);
|
2023-01-11 17:38:04 +08:00
|
|
|
TLD_append(_handle, _instance->id2field[LOG_COMMON_APP_LABEL].name, (void *)app_name, TLD_TYPE_STRING);
|
2022-12-29 06:03:04 +00:00
|
|
|
}
|
|
|
|
|
|
2021-05-11 17:19:41 +08:00
|
|
|
return 0;
|
|
|
|
|
}
|
2022-12-30 17:30:53 +08:00
|
|
|
|
2023-06-12 15:42:46 +08:00
|
|
|
set_userdefine_app(_handle, _instance->id2field[LOG_COMMON_USERDEFINE_APP].name, gather_result->user_define, gather_result->user_define_num);
|
2022-12-30 17:30:53 +08:00
|
|
|
|
2023-06-02 08:19:50 +00:00
|
|
|
char app_full_path[256]={0};
|
|
|
|
|
session_application_full_path_update(a_stream, app_full_path, sizeof(app_full_path));
|
|
|
|
|
|
|
|
|
|
TLD_append(_handle, _instance->id2field[LOG_COMMON_APP_FULL_PATH].name, (void *)app_full_path, TLD_TYPE_STRING);
|
|
|
|
|
char *app_label=rindex(app_full_path, '.');
|
|
|
|
|
if(app_label!=NULL)
|
|
|
|
|
{
|
|
|
|
|
TLD_append(_handle, _instance->id2field[LOG_COMMON_APP_LABEL].name, (void *)(app_label+1), TLD_TYPE_STRING);
|
|
|
|
|
}
|
|
|
|
|
else
|
|
|
|
|
{
|
|
|
|
|
TLD_append(_handle, _instance->id2field[LOG_COMMON_APP_LABEL].name, (void *)app_full_path, TLD_TYPE_STRING);
|
|
|
|
|
}
|
2023-01-11 01:37:14 +00:00
|
|
|
|
|
|
|
|
set_app_identify_info(_handle, _instance->id2field[LOG_COMMON_APP_IDENTIFY_INFO].name, gather_result);
|
2021-05-11 17:19:41 +08:00
|
|
|
|
2022-12-30 17:30:53 +08:00
|
|
|
if(_instance->send_app_id)
|
|
|
|
|
{
|
|
|
|
|
Value app_id_object(kObjectType);
|
2023-06-12 15:42:46 +08:00
|
|
|
get_app_id_list(&app_id_object, _handle, "LPI_L7", gather_result->l7_protocol, gather_result->l7_protocol_num);
|
|
|
|
|
get_app_id_list(&app_id_object, _handle, "USER_DEFINE", gather_result->user_define, gather_result->user_define_num);
|
|
|
|
|
get_app_id_list(&app_id_object, _handle, "BUILT_IN", gather_result->built_in, gather_result->built_in_num);
|
|
|
|
|
|
|
|
|
|
get_app_id_list(&app_id_object, _handle, "QM_L7", gather_result->qm_engine, gather_result->l7_qm_engine_num);
|
|
|
|
|
get_app_id_list(&app_id_object, _handle, "THIRD", gather_result->qm_engine+gather_result->l7_qm_engine_num, gather_result->qm_engine_num-gather_result->l7_qm_engine_num);
|
|
|
|
|
|
|
|
|
|
if(gather_result->matched_app_flag==1)
|
|
|
|
|
{
|
|
|
|
|
get_app_id_list(&app_id_object, _handle, "HITED_APP", &(gather_result->matched_app), 1);
|
|
|
|
|
}
|
|
|
|
|
if(gather_result->unknown_flag==1)
|
|
|
|
|
{
|
|
|
|
|
get_app_id_list(&app_id_object, _handle, "UNKNOWN", &(gather_result->unknown), 1);
|
|
|
|
|
}
|
|
|
|
|
|
2022-12-30 17:30:53 +08:00
|
|
|
TLD_append(_handle, _instance->id2field[LOG_COMMON_APP_ID].name, &app_id_object, TLD_TYPE_OBJECT);
|
2021-05-11 17:19:41 +08:00
|
|
|
}
|
2022-12-30 17:30:53 +08:00
|
|
|
|
2021-04-27 09:49:15 +00:00
|
|
|
return 1;
|
|
|
|
|
}
|
|
|
|
|
|
2023-04-03 08:30:49 +00:00
|
|
|
int set_vlan(struct tsg_log_instance_t *_instance, struct TLD_handle_t *_handle, struct single_layer_vlan_addr *vlan_addr, int layer_num, Value *tunnel_object, enum LOG_FIELD_ID id)
|
2021-04-27 09:49:15 +00:00
|
|
|
{
|
|
|
|
|
if(layer_num==0)
|
2019-11-12 13:35:19 +08:00
|
|
|
{
|
2021-04-27 09:49:15 +00:00
|
|
|
return 0;
|
2019-11-12 13:35:19 +08:00
|
|
|
}
|
|
|
|
|
|
2021-04-27 09:49:15 +00:00
|
|
|
int i=0;
|
2021-08-13 10:23:05 +00:00
|
|
|
Value vlan_array(kArrayType);
|
2021-04-27 09:49:15 +00:00
|
|
|
for(i=0; i<layer_num; i++)
|
2019-12-09 18:58:05 +08:00
|
|
|
{
|
2021-08-13 10:23:05 +00:00
|
|
|
vlan_array.PushBack(ntohs(vlan_addr[i].VID), _handle->document->GetAllocator());
|
2019-12-09 18:58:05 +08:00
|
|
|
}
|
2021-08-13 10:23:05 +00:00
|
|
|
add_object_member(_handle, tunnel_object, _instance->id2field[id].name, vlan_array);
|
2021-04-27 09:49:15 +00:00
|
|
|
|
|
|
|
|
return 1;
|
2019-12-09 18:58:05 +08:00
|
|
|
}
|
2019-11-12 13:35:19 +08:00
|
|
|
|
2023-04-03 08:30:49 +00:00
|
|
|
static int set_mpls(struct tsg_log_instance_t *_instance, struct TLD_handle_t *_handle, struct single_layer_mpls_addr *mpls_addr, int layer_num, Value *tunnel_object, enum LOG_FIELD_ID id)
|
2019-12-09 18:58:05 +08:00
|
|
|
{
|
2021-04-27 09:49:15 +00:00
|
|
|
if(layer_num==0)
|
|
|
|
|
{
|
|
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
int i=0;
|
2021-08-13 10:23:05 +00:00
|
|
|
Value mpls_array(kArrayType);
|
2021-04-27 09:49:15 +00:00
|
|
|
for(i=0; i<layer_num; i++)
|
|
|
|
|
{
|
2021-08-13 10:23:05 +00:00
|
|
|
mpls_array.PushBack(ntohl(mpls_addr[i].label), _handle->document->GetAllocator());
|
2021-04-27 09:49:15 +00:00
|
|
|
}
|
2021-08-13 10:23:05 +00:00
|
|
|
add_object_member(_handle, tunnel_object, _instance->id2field[id].name, mpls_array);
|
2021-04-27 09:49:15 +00:00
|
|
|
|
|
|
|
|
return 1;
|
2019-12-09 18:58:05 +08:00
|
|
|
}
|
|
|
|
|
|
2021-11-20 11:49:18 +03:00
|
|
|
static int set_l2tp(struct tsg_log_instance_t *_instance, struct TLD_handle_t *_handle, struct layer_addr_l2tp *l2tp_addr, Value *object)
|
|
|
|
|
{
|
|
|
|
|
if(l2tp_addr==NULL || object==NULL)
|
|
|
|
|
{
|
|
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
struct layer_addr_l2tp_v2_t *l2tp_v2=NULL;
|
|
|
|
|
|
|
|
|
|
switch(l2tp_addr->version)
|
|
|
|
|
{
|
|
|
|
|
case 2:
|
|
|
|
|
l2tp_v2=&(l2tp_addr->l2tpun.l2tp_addr_v2);
|
|
|
|
|
add_str_member(_handle, object, _instance->id2field[LOG_COMMON_L2TP_VERSION].name, "v2");
|
|
|
|
|
add_number_member(_handle, object, _instance->id2field[LOG_COMMON_L2TP_LAC2LNS_TUNNEL_ID].name, ntohs(l2tp_v2->tunnelid_C2S));
|
|
|
|
|
add_number_member(_handle, object, _instance->id2field[LOG_COMMON_L2TP_LNS2LAC_TUNNEL_ID].name, ntohs(l2tp_v2->tunnelid_S2C));
|
|
|
|
|
add_number_member(_handle, object, _instance->id2field[LOG_COMMON_L2TP_LAC2LNS_SESSION_ID].name, ntohs(l2tp_v2->sessionid_C2S));
|
|
|
|
|
add_number_member(_handle, object, _instance->id2field[LOG_COMMON_L2TP_LNS2LAC_SESSION_ID].name, ntohs(l2tp_v2->sessionid_S2C));
|
|
|
|
|
break;
|
|
|
|
|
case 3:
|
|
|
|
|
add_str_member(_handle, object, _instance->id2field[LOG_COMMON_L2TP_VERSION].name, "v3");
|
|
|
|
|
break;
|
|
|
|
|
default:
|
|
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return 1;
|
|
|
|
|
}
|
|
|
|
|
|
2021-04-27 09:49:15 +00:00
|
|
|
static int mac_to_string(unsigned char *mac, char *buff)
|
|
|
|
|
{
|
|
|
|
|
int i=0,len=0;
|
2020-11-15 11:18:28 +06:00
|
|
|
|
2021-04-27 09:49:15 +00:00
|
|
|
for(i=0; i<6; i++)
|
2020-11-15 11:18:28 +06:00
|
|
|
{
|
2021-04-27 09:49:15 +00:00
|
|
|
len+=sprintf(buff+len, "%02x:", mac[i]);
|
2020-11-15 11:18:28 +06:00
|
|
|
}
|
|
|
|
|
|
2021-04-27 09:49:15 +00:00
|
|
|
buff[len-1]='\0';
|
|
|
|
|
|
2020-11-15 11:18:28 +06:00
|
|
|
return 0;
|
|
|
|
|
}
|
2019-12-09 18:58:05 +08:00
|
|
|
|
2023-06-25 10:54:16 +00:00
|
|
|
//I2E: outcoming
|
|
|
|
|
int direction_I2E(struct tsg_log_instance_t *_instance, struct TLD_handle_t *_handle, struct layer_addr *mac_addr, unsigned char dir)
|
|
|
|
|
{
|
|
|
|
|
if(mac_addr==NULL)
|
|
|
|
|
{
|
|
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
char src_mac_string[32]={0};
|
|
|
|
|
char dst_mac_string[32]={0};
|
|
|
|
|
char default_mac[6]={0,0,0,0,0,0};
|
|
|
|
|
|
|
|
|
|
switch(dir)
|
|
|
|
|
{
|
|
|
|
|
case DIR_C2S: // C2S and I2E = outcoming
|
|
|
|
|
mac_to_string(mac_addr->mac->src_addr.h_source, src_mac_string);
|
|
|
|
|
TLD_append(_handle, _instance->id2field[LOG_COMMON_OUTCOMING_SRC_MAC].name, (void *)src_mac_string, TLD_TYPE_STRING);
|
|
|
|
|
mac_to_string(mac_addr->mac->src_addr.h_dest, dst_mac_string);
|
|
|
|
|
TLD_append(_handle, _instance->id2field[LOG_COMMON_OUTCOMING_DST_MAC].name, (void *)dst_mac_string, TLD_TYPE_STRING);
|
|
|
|
|
break;
|
|
|
|
|
case DIR_S2C: // S2C and I2E = incoming
|
|
|
|
|
mac_to_string(mac_addr->mac->dst_addr.h_source, src_mac_string);
|
|
|
|
|
TLD_append(_handle, _instance->id2field[LOG_COMMON_INCOMING_SRC_MAC].name, (void *)src_mac_string, TLD_TYPE_STRING);
|
|
|
|
|
mac_to_string(mac_addr->mac->dst_addr.h_dest, dst_mac_string);
|
|
|
|
|
TLD_append(_handle, _instance->id2field[LOG_COMMON_INCOMING_DST_MAC].name, (void *)dst_mac_string, TLD_TYPE_STRING);
|
|
|
|
|
break;
|
|
|
|
|
case DIR_DOUBLE: // first pkt
|
|
|
|
|
mac_to_string(mac_addr->mac->src_addr.h_source, src_mac_string);
|
|
|
|
|
TLD_append(_handle, _instance->id2field[LOG_COMMON_OUTCOMING_SRC_MAC].name, (void *)src_mac_string, TLD_TYPE_STRING);
|
|
|
|
|
mac_to_string(mac_addr->mac->src_addr.h_dest, dst_mac_string);
|
|
|
|
|
TLD_append(_handle, _instance->id2field[LOG_COMMON_OUTCOMING_DST_MAC].name, (void *)dst_mac_string, TLD_TYPE_STRING);
|
|
|
|
|
|
|
|
|
|
if((memcmp(mac_addr->mac->dst_addr.h_source, default_mac, 6))==0)
|
|
|
|
|
{
|
2023-07-04 10:35:36 +08:00
|
|
|
TLD_append(_handle, _instance->id2field[LOG_COMMON_INCOMING_SRC_MAC].name, (void *)dst_mac_string, TLD_TYPE_STRING);
|
|
|
|
|
TLD_append(_handle, _instance->id2field[LOG_COMMON_INCOMING_DST_MAC].name, (void *)src_mac_string, TLD_TYPE_STRING);
|
2023-06-25 10:54:16 +00:00
|
|
|
}
|
|
|
|
|
else
|
|
|
|
|
{
|
|
|
|
|
mac_to_string(mac_addr->mac->dst_addr.h_source, src_mac_string);
|
|
|
|
|
TLD_append(_handle, _instance->id2field[LOG_COMMON_INCOMING_SRC_MAC].name, (void *)src_mac_string, TLD_TYPE_STRING);
|
|
|
|
|
mac_to_string(mac_addr->mac->dst_addr.h_dest, dst_mac_string);
|
|
|
|
|
TLD_append(_handle, _instance->id2field[LOG_COMMON_INCOMING_DST_MAC].name, (void *)dst_mac_string, TLD_TYPE_STRING);
|
|
|
|
|
}
|
|
|
|
|
break;
|
|
|
|
|
default:
|
|
|
|
|
break;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
//E2I: outcoming
|
|
|
|
|
int direction_E2I(struct tsg_log_instance_t *_instance, struct TLD_handle_t *_handle, struct layer_addr *mac_addr, unsigned char dir)
|
|
|
|
|
{
|
|
|
|
|
if(mac_addr==NULL)
|
|
|
|
|
{
|
|
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
char src_mac_string[32]={0};
|
|
|
|
|
char dst_mac_string[32]={0};
|
|
|
|
|
char default_mac[6]={0,0,0,0,0,0};
|
|
|
|
|
switch(dir)
|
|
|
|
|
{
|
|
|
|
|
case DIR_C2S: // C2S and E2I = incoming
|
|
|
|
|
mac_to_string(mac_addr->mac->src_addr.h_source, src_mac_string);
|
|
|
|
|
TLD_append(_handle, _instance->id2field[LOG_COMMON_INCOMING_SRC_MAC].name, (void *)src_mac_string, TLD_TYPE_STRING);
|
|
|
|
|
mac_to_string(mac_addr->mac->src_addr.h_dest, dst_mac_string);
|
|
|
|
|
TLD_append(_handle, _instance->id2field[LOG_COMMON_INCOMING_DST_MAC].name, (void *)dst_mac_string, TLD_TYPE_STRING);
|
|
|
|
|
break;
|
|
|
|
|
case DIR_S2C: // S2C and E2I = outcoming
|
|
|
|
|
mac_to_string(mac_addr->mac->dst_addr.h_source, src_mac_string);
|
|
|
|
|
TLD_append(_handle, _instance->id2field[LOG_COMMON_OUTCOMING_SRC_MAC].name, (void *)src_mac_string, TLD_TYPE_STRING);
|
|
|
|
|
mac_to_string(mac_addr->mac->dst_addr.h_dest, dst_mac_string);
|
|
|
|
|
TLD_append(_handle, _instance->id2field[LOG_COMMON_OUTCOMING_DST_MAC].name, (void *)dst_mac_string, TLD_TYPE_STRING);
|
|
|
|
|
break;
|
|
|
|
|
case DIR_DOUBLE: // first pkt
|
|
|
|
|
mac_to_string(mac_addr->mac->src_addr.h_source, src_mac_string);
|
|
|
|
|
TLD_append(_handle, _instance->id2field[LOG_COMMON_INCOMING_SRC_MAC].name, (void *)src_mac_string, TLD_TYPE_STRING);
|
|
|
|
|
mac_to_string(mac_addr->mac->src_addr.h_dest, dst_mac_string);
|
|
|
|
|
TLD_append(_handle, _instance->id2field[LOG_COMMON_INCOMING_DST_MAC].name, (void *)dst_mac_string, TLD_TYPE_STRING);
|
|
|
|
|
|
|
|
|
|
if((memcmp(mac_addr->mac->dst_addr.h_source, default_mac, 6))==0)
|
|
|
|
|
{
|
|
|
|
|
TLD_append(_handle, _instance->id2field[LOG_COMMON_OUTCOMING_SRC_MAC].name, (void *)dst_mac_string, TLD_TYPE_STRING);
|
|
|
|
|
TLD_append(_handle, _instance->id2field[LOG_COMMON_OUTCOMING_DST_MAC].name, (void *)src_mac_string, TLD_TYPE_STRING);
|
|
|
|
|
}
|
|
|
|
|
else
|
|
|
|
|
{
|
|
|
|
|
mac_to_string(mac_addr->mac->dst_addr.h_source, src_mac_string);
|
|
|
|
|
TLD_append(_handle, _instance->id2field[LOG_COMMON_OUTCOMING_SRC_MAC].name, (void *)src_mac_string, TLD_TYPE_STRING);
|
|
|
|
|
mac_to_string(mac_addr->mac->dst_addr.h_dest, dst_mac_string);
|
|
|
|
|
TLD_append(_handle, _instance->id2field[LOG_COMMON_OUTCOMING_DST_MAC].name, (void *)dst_mac_string, TLD_TYPE_STRING);
|
|
|
|
|
}
|
|
|
|
|
break;
|
|
|
|
|
default:
|
|
|
|
|
break;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
static int set_mac(struct tsg_log_instance_t *_instance, struct TLD_handle_t *_handle, const struct streaminfo *a_stream)
|
|
|
|
|
{
|
|
|
|
|
struct layer_addr *mac_addr=NULL;
|
|
|
|
|
struct streaminfo *ptmp = (struct streaminfo *)a_stream;
|
|
|
|
|
|
|
|
|
|
while(ptmp)
|
|
|
|
|
{
|
|
|
|
|
switch(ptmp->addr.addrtype)
|
|
|
|
|
{
|
|
|
|
|
case ADDR_TYPE_MAC:
|
|
|
|
|
mac_addr=&(ptmp->addr);
|
|
|
|
|
break;
|
|
|
|
|
default:
|
|
|
|
|
break;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
ptmp=ptmp->pfather;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
const struct session_runtime_action_context *srt_action_context=session_runtime_action_context_get(a_stream);
|
|
|
|
|
if(srt_action_context==NULL)
|
|
|
|
|
{
|
|
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
char direction=srt_action_context_get_direction(srt_action_context);
|
|
|
|
|
if(direction>0)
|
|
|
|
|
{
|
|
|
|
|
switch(direction)
|
|
|
|
|
{
|
|
|
|
|
case 'E':
|
|
|
|
|
direction_I2E(_instance, _handle, mac_addr, a_stream->dir);
|
|
|
|
|
break;
|
|
|
|
|
case 'I':
|
|
|
|
|
direction_E2I(_instance, _handle, mac_addr, a_stream->dir);
|
|
|
|
|
break;
|
|
|
|
|
default:
|
|
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return 1;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
2021-08-13 10:23:05 +00:00
|
|
|
static int set_link_mac(struct tsg_log_instance_t *_instance, struct TLD_handle_t *_handle, struct layer_addr_mac *mac, Value *tunnel_object)
|
2021-04-07 02:36:51 +00:00
|
|
|
{
|
2021-05-08 15:32:39 +08:00
|
|
|
int flag=0;
|
2021-04-20 14:37:00 +08:00
|
|
|
char default_mac[6]={0,0,0,0,0,0};
|
2021-05-08 15:32:39 +08:00
|
|
|
char c2s_source_mac[128]={0};
|
|
|
|
|
char c2s_dest_mac[128]={0};
|
|
|
|
|
char s2c_source_mac[128]={0};
|
|
|
|
|
char s2c_dest_mac[128]={0};
|
2021-04-20 14:37:00 +08:00
|
|
|
|
|
|
|
|
if((memcmp(mac->src_addr.h_source, default_mac, 6)))
|
|
|
|
|
{
|
2021-05-08 15:32:39 +08:00
|
|
|
flag|=1;
|
|
|
|
|
mac_to_string(mac->src_addr.h_source, c2s_source_mac);
|
|
|
|
|
mac_to_string(mac->src_addr.h_dest, c2s_dest_mac);
|
2021-04-20 14:37:00 +08:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if((memcmp(mac->dst_addr.h_source, default_mac, 6)))
|
|
|
|
|
{
|
2021-05-08 15:32:39 +08:00
|
|
|
flag|=2;
|
|
|
|
|
mac_to_string(mac->dst_addr.h_source, s2c_source_mac);
|
|
|
|
|
mac_to_string(mac->dst_addr.h_dest, s2c_dest_mac);
|
2021-04-20 14:37:00 +08:00
|
|
|
}
|
|
|
|
|
|
2021-05-08 15:32:39 +08:00
|
|
|
switch(flag)
|
|
|
|
|
{
|
2021-08-13 10:23:05 +00:00
|
|
|
case 1:
|
|
|
|
|
add_str_member(_handle, tunnel_object, _instance->id2field[LOG_COMMON_TUNNELS_SCHEMA_TYPE].name, "ETHERNET");
|
|
|
|
|
add_str_member(_handle, tunnel_object, _instance->id2field[LOG_COMMON_TUNNELS_MAC_SOURCE].name, c2s_source_mac);
|
|
|
|
|
add_str_member(_handle, tunnel_object, _instance->id2field[LOG_COMMON_TUNNELS_MAC_DEST].name, c2s_dest_mac);
|
2021-05-08 15:32:39 +08:00
|
|
|
break;
|
2021-08-13 10:23:05 +00:00
|
|
|
case 2:
|
|
|
|
|
add_str_member(_handle, tunnel_object, _instance->id2field[LOG_COMMON_TUNNELS_SCHEMA_TYPE].name, "ETHERNET");
|
|
|
|
|
add_str_member(_handle, tunnel_object, _instance->id2field[LOG_COMMON_TUNNELS_MAC_SOURCE].name, s2c_source_mac);
|
|
|
|
|
add_str_member(_handle, tunnel_object, _instance->id2field[LOG_COMMON_TUNNELS_MAC_DEST].name, s2c_dest_mac);
|
2021-05-08 15:32:39 +08:00
|
|
|
break;
|
2021-08-13 10:23:05 +00:00
|
|
|
case 3:
|
|
|
|
|
add_str_member(_handle, tunnel_object, _instance->id2field[LOG_COMMON_TUNNELS_SCHEMA_TYPE].name, "MULTIPATH_ETHERNET");
|
|
|
|
|
add_str_member(_handle, tunnel_object, _instance->id2field[LOG_COMMON_TUNNELS_C2S_MAC_SOURCE].name, c2s_source_mac);
|
|
|
|
|
add_str_member(_handle, tunnel_object, _instance->id2field[LOG_COMMON_TUNNELS_C2S_MAC_DEST].name, c2s_dest_mac);
|
|
|
|
|
add_str_member(_handle, tunnel_object, _instance->id2field[LOG_COMMON_TUNNELS_S2C_MAC_SOURCE].name, s2c_source_mac);
|
|
|
|
|
add_str_member(_handle, tunnel_object, _instance->id2field[LOG_COMMON_TUNNELS_S2C_MAC_DEST].name, s2c_dest_mac);
|
2021-05-08 15:32:39 +08:00
|
|
|
break;
|
|
|
|
|
default:
|
|
|
|
|
break;
|
|
|
|
|
}
|
|
|
|
|
|
2021-04-20 14:37:00 +08:00
|
|
|
return 1;
|
|
|
|
|
}
|
|
|
|
|
|
2023-06-13 11:27:49 +08:00
|
|
|
enum RULE_STAT
|
2021-04-27 09:49:15 +00:00
|
|
|
{
|
2023-06-13 11:27:49 +08:00
|
|
|
RULE_STAT_ABORT=0,
|
|
|
|
|
RULE_STAT_SEND
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
static void fs3_rule_stat_update(enum RULE_STAT stat_type, int action, long long increase)
|
|
|
|
|
{
|
|
|
|
|
enum RULE_TYPE rule_type=RULE_TYPE_UNKNOW;
|
|
|
|
|
|
2021-04-27 09:49:15 +00:00
|
|
|
switch(action)
|
|
|
|
|
{
|
|
|
|
|
case TSG_ACTION_DENY:
|
2023-06-13 11:27:49 +08:00
|
|
|
rule_type=RULE_TYPE_DENY; break;
|
2021-04-27 09:49:15 +00:00
|
|
|
case TSG_ACTION_BYPASS:
|
2023-06-13 11:27:49 +08:00
|
|
|
rule_type=RULE_TYPE_ALLOW; break;
|
2021-04-27 09:49:15 +00:00
|
|
|
case TSG_ACTION_MONITOR:
|
2023-06-13 11:27:49 +08:00
|
|
|
rule_type=RULE_TYPE_MONITOR; break;
|
2021-04-27 09:49:15 +00:00
|
|
|
case TSG_ACTION_INTERCEPT:
|
2023-06-13 11:27:49 +08:00
|
|
|
rule_type=RULE_TYPE_INTERCEPT; break;
|
|
|
|
|
case TSG_ACTION_NO_INTERCEPT:
|
|
|
|
|
rule_type=RULE_TYPE_NO_INTERCEPT; break;
|
|
|
|
|
case TSG_ACTION_S_CHAINING:
|
|
|
|
|
rule_type=RULE_TYPE_SERVICE_CHAINING; break;
|
|
|
|
|
case TSG_ACTION_SHAPING:
|
|
|
|
|
rule_type=RULE_TYPE_SHAPING; break;
|
|
|
|
|
case TSG_ACTION_SHUNT:
|
|
|
|
|
rule_type=RULE_TYPE_SHUNT; break;
|
|
|
|
|
default:
|
|
|
|
|
rule_type=RULE_TYPE_UNKNOW; break;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
switch(stat_type)
|
|
|
|
|
{
|
|
|
|
|
case RULE_STAT_ABORT:
|
|
|
|
|
tsg_stat_abort_rule_update(rule_type, increase);
|
|
|
|
|
break;
|
|
|
|
|
case RULE_STAT_SEND:
|
|
|
|
|
tsg_stat_send_rule_update(rule_type, increase);
|
2021-04-27 09:49:15 +00:00
|
|
|
break;
|
|
|
|
|
default:
|
|
|
|
|
break;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
int TLD_cancel(struct TLD_handle_t *handle)
|
2021-04-20 14:37:00 +08:00
|
|
|
{
|
2021-08-13 10:23:05 +00:00
|
|
|
if (handle != NULL)
|
2021-04-20 14:37:00 +08:00
|
|
|
{
|
2021-08-13 10:23:05 +00:00
|
|
|
if (handle->document != NULL)
|
2022-05-17 10:05:40 +00:00
|
|
|
{
|
|
|
|
|
long long length=0;
|
|
|
|
|
|
2023-06-13 11:27:49 +08:00
|
|
|
length=handle->document->GetAllocator().Size();
|
|
|
|
|
tsg_stat_log_handle_update(LOG_HANDLE_FREE_SIZE, length);
|
2021-11-13 13:27:59 +03:00
|
|
|
|
|
|
|
|
length=handle->document->GetAllocator().Capacity();
|
2023-06-13 11:27:49 +08:00
|
|
|
tsg_stat_log_handle_update(LOG_HANDLE_FREE_CAPACITY, length);
|
2021-11-13 13:27:59 +03:00
|
|
|
|
2021-08-13 10:23:05 +00:00
|
|
|
delete handle->document;
|
|
|
|
|
handle->document = NULL;
|
2021-11-13 13:27:59 +03:00
|
|
|
|
|
|
|
|
delete handle->valueAllocator;
|
|
|
|
|
handle->valueAllocator=NULL;
|
2023-06-13 11:27:49 +08:00
|
|
|
|
|
|
|
|
tsg_stat_log_handle_update(LOG_HANDLE_FREE_CNT, 1);
|
2021-04-27 09:49:15 +00:00
|
|
|
}
|
2023-09-01 08:50:24 +00:00
|
|
|
|
2021-04-27 09:49:15 +00:00
|
|
|
free(handle);
|
2023-06-13 11:27:49 +08:00
|
|
|
handle = NULL;
|
2021-04-20 14:37:00 +08:00
|
|
|
}
|
2021-04-07 02:36:51 +00:00
|
|
|
|
2021-04-27 09:49:15 +00:00
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
|
2022-01-06 23:33:37 +03:00
|
|
|
int TLD_search(struct TLD_handle_t *handle, char *key)
|
|
|
|
|
{
|
|
|
|
|
if (handle != NULL && handle->document != NULL && key != NULL)
|
|
|
|
|
{
|
|
|
|
|
Value::ConstMemberIterator itr = handle->document->FindMember(key);
|
|
|
|
|
if (itr!=handle->document->MemberEnd())
|
|
|
|
|
{
|
|
|
|
|
return 1;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
|
2021-08-13 10:23:05 +00:00
|
|
|
static void TLD_delete(struct TLD_handle_t *handle, char *key)
|
2021-04-27 09:49:15 +00:00
|
|
|
{
|
2021-08-13 10:23:05 +00:00
|
|
|
if (handle != NULL && handle->document != NULL && key != NULL)
|
2021-04-20 14:37:00 +08:00
|
|
|
{
|
2021-08-13 10:23:05 +00:00
|
|
|
handle->document->RemoveMember(key);
|
2021-04-20 14:37:00 +08:00
|
|
|
}
|
2021-04-07 02:36:51 +00:00
|
|
|
}
|
|
|
|
|
|
2021-04-27 09:49:15 +00:00
|
|
|
int TLD_append(struct TLD_handle_t *handle, char *key, void *value, TLD_TYPE type)
|
2021-04-20 14:37:00 +08:00
|
|
|
{
|
2021-04-27 09:49:15 +00:00
|
|
|
struct TLD_handle_t *_handle=handle;
|
|
|
|
|
|
|
|
|
|
if(_handle==NULL || key==NULL || (value==NULL && type!=TLD_TYPE_LONG))
|
2021-04-20 14:37:00 +08:00
|
|
|
{
|
2021-04-27 09:49:15 +00:00
|
|
|
return -1;
|
2021-04-20 14:37:00 +08:00
|
|
|
}
|
2021-04-27 09:49:15 +00:00
|
|
|
|
|
|
|
|
switch(type)
|
2021-04-20 14:37:00 +08:00
|
|
|
{
|
2021-04-27 09:49:15 +00:00
|
|
|
case TLD_TYPE_LONG:
|
2021-08-13 10:23:05 +00:00
|
|
|
add_number_member(_handle, _handle->document, key, (long)value);
|
2021-04-27 09:49:15 +00:00
|
|
|
break;
|
|
|
|
|
case TLD_TYPE_FILE:
|
|
|
|
|
break;
|
|
|
|
|
case TLD_TYPE_STRING:
|
2021-05-12 13:51:51 +08:00
|
|
|
if(strlen((char *)value)==0)
|
|
|
|
|
{
|
|
|
|
|
break;
|
|
|
|
|
}
|
2021-08-13 10:23:05 +00:00
|
|
|
add_str_member(_handle, _handle->document, key, (const char *)value);
|
2021-04-27 09:49:15 +00:00
|
|
|
break;
|
2021-08-13 10:23:05 +00:00
|
|
|
case TLD_TYPE_OBJECT:
|
|
|
|
|
add_object_member(handle, handle->document, key, ((Value &)(*(Value *)value)));
|
2021-04-27 09:49:15 +00:00
|
|
|
break;
|
2021-08-13 10:23:05 +00:00
|
|
|
case TLD_TYPE_CJSON:
|
|
|
|
|
printf("TLD_TYPE_CJSON is obsolete, please use TLD_TYPE_OBJECT !!!\n");
|
|
|
|
|
abort();
|
2021-04-27 09:49:15 +00:00
|
|
|
default:
|
|
|
|
|
return -1;
|
2021-04-20 14:37:00 +08:00
|
|
|
}
|
2021-11-13 13:27:59 +03:00
|
|
|
|
2023-06-13 11:27:49 +08:00
|
|
|
tsg_stat_log_handle_update(LOG_HANDLE_APPEND_CNT, 1);
|
2022-05-17 10:05:40 +00:00
|
|
|
|
2023-06-13 11:27:49 +08:00
|
|
|
return 0;
|
2021-04-20 14:37:00 +08:00
|
|
|
}
|
|
|
|
|
|
2022-05-16 08:54:36 +00:00
|
|
|
int TLD_array_append(struct TLD_handle_t *handle, char *key, void **array, int array_num, TLD_TYPE type)
|
|
|
|
|
{
|
2023-02-09 07:14:55 +00:00
|
|
|
if(handle==NULL || key==NULL || array_num<=0 || array==NULL || (type!=TLD_TYPE_LONG && type!=TLD_TYPE_STRING))
|
|
|
|
|
{
|
|
|
|
|
return -1;
|
|
|
|
|
}
|
2022-06-09 10:01:33 +08:00
|
|
|
|
2023-02-09 07:14:55 +00:00
|
|
|
int i=0;
|
|
|
|
|
Value obj_array(kArrayType);
|
|
|
|
|
|
|
|
|
|
switch(type)
|
|
|
|
|
{
|
|
|
|
|
case TLD_TYPE_LONG:
|
|
|
|
|
for(i=0; i<array_num; i++)
|
|
|
|
|
{
|
|
|
|
|
obj_array.PushBack((long)(array[i]), handle->document->GetAllocator());
|
|
|
|
|
}
|
|
|
|
|
break;
|
|
|
|
|
case TLD_TYPE_STRING:
|
|
|
|
|
for(i=0; i<array_num; i++)
|
|
|
|
|
{
|
2023-02-15 12:13:26 +08:00
|
|
|
Value str_value((const char *)(array[i]), handle->document->GetAllocator());
|
2023-02-09 07:14:55 +00:00
|
|
|
obj_array.PushBack(str_value, handle->document->GetAllocator());
|
|
|
|
|
}
|
|
|
|
|
break;
|
|
|
|
|
default:
|
|
|
|
|
return -1;
|
|
|
|
|
}
|
2022-06-09 10:01:33 +08:00
|
|
|
|
2023-02-09 07:14:55 +00:00
|
|
|
add_object_member(handle, handle->document, key, obj_array);
|
2022-06-09 10:01:33 +08:00
|
|
|
|
2023-02-09 07:14:55 +00:00
|
|
|
return 1;
|
2022-05-16 08:54:36 +00:00
|
|
|
}
|
|
|
|
|
|
2021-11-01 11:18:38 +08:00
|
|
|
struct TLD_handle_t *TLD_duplicate(struct TLD_handle_t *handle)
|
|
|
|
|
{
|
|
|
|
|
if (handle == NULL)
|
|
|
|
|
{
|
|
|
|
|
return NULL;
|
|
|
|
|
}
|
|
|
|
|
struct TLD_handle_t *_handle=(struct TLD_handle_t *)calloc(1, sizeof(struct TLD_handle_t));
|
|
|
|
|
_handle->thread_id = handle->thread_id;
|
|
|
|
|
_handle->document = new Document();
|
|
|
|
|
//_handle->document->SetObject();
|
|
|
|
|
|
|
|
|
|
_handle->document->CopyFrom(*handle->document, _handle->document->GetAllocator());
|
2022-05-17 10:05:40 +00:00
|
|
|
|
2023-06-13 11:27:49 +08:00
|
|
|
tsg_stat_log_handle_update(LOG_HANDLE_DUP_CNT, 1);
|
2021-11-13 13:27:59 +03:00
|
|
|
|
2021-11-01 11:18:38 +08:00
|
|
|
return _handle;
|
|
|
|
|
}
|
|
|
|
|
|
2021-04-27 09:49:15 +00:00
|
|
|
struct TLD_handle_t *TLD_create(int thread_id)
|
|
|
|
|
{
|
2023-09-01 08:50:24 +00:00
|
|
|
if(g_tsg_log_instance->mode==CLOSE_SEND_MODE)
|
2022-06-09 10:01:33 +08:00
|
|
|
{
|
|
|
|
|
return NULL;
|
|
|
|
|
}
|
2021-04-27 09:49:15 +00:00
|
|
|
|
|
|
|
|
struct TLD_handle_t *_handle=(struct TLD_handle_t *)calloc(1, sizeof(struct TLD_handle_t));
|
|
|
|
|
_handle->thread_id = thread_id;
|
2021-11-13 13:27:59 +03:00
|
|
|
|
2023-06-13 11:27:49 +08:00
|
|
|
_handle->valueAllocator =new MemoryPoolAllocator<>(g_tsg_log_instance->rapidjson_chunk_capacity);
|
2021-11-13 13:27:59 +03:00
|
|
|
_handle->document = new Document(_handle->valueAllocator);
|
2021-08-13 10:23:05 +00:00
|
|
|
_handle->document->SetObject();
|
2023-06-27 15:09:32 +08:00
|
|
|
tsg_stat_log_handle_update(LOG_HANDLE_CREATE_CNT, 1);
|
2023-09-01 08:50:24 +00:00
|
|
|
|
2021-04-27 09:49:15 +00:00
|
|
|
return _handle;
|
|
|
|
|
}
|
2021-04-20 14:37:00 +08:00
|
|
|
|
2023-02-07 02:51:03 +00:00
|
|
|
int TLD_convert_json(struct TLD_handle_t *_handle, char *buff, unsigned int buff_len)
|
|
|
|
|
{
|
|
|
|
|
StringBuffer sb(0, 2048);
|
|
|
|
|
Writer<StringBuffer> writer(sb);
|
|
|
|
|
_handle->document->Accept(writer);
|
|
|
|
|
|
|
|
|
|
memcpy(buff, sb.GetString(), MIN(sb.GetSize(), buff_len));
|
|
|
|
|
|
|
|
|
|
return 1;
|
|
|
|
|
}
|
|
|
|
|
|
2023-04-03 08:30:49 +00:00
|
|
|
static int set_mail_eml(struct tsg_log_instance_t *_instance, struct TLD_handle_t *_handle, const struct streaminfo *a_stream)
|
2022-07-01 17:08:16 +08:00
|
|
|
{
|
2023-04-03 08:30:49 +00:00
|
|
|
struct tsg_conn_sketch_notify_data *notify_mail=(struct tsg_conn_sketch_notify_data *)session_conn_sketch_notify_data_get(a_stream);
|
2022-07-01 18:03:06 +08:00
|
|
|
if(notify_mail!=NULL && notify_mail->pdata.mail_eml_filename!=NULL && notify_mail->protocol==PROTO_MAIL)
|
2022-07-01 17:08:16 +08:00
|
|
|
{
|
|
|
|
|
TLD_delete(_handle, _instance->id2field[LOG_COMMON_MAIL_EML_FILE].name);
|
|
|
|
|
TLD_append(_handle, _instance->id2field[LOG_COMMON_MAIL_EML_FILE].name, (void *)notify_mail->pdata.mail_eml_filename, TLD_TYPE_STRING);
|
|
|
|
|
return 1;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
|
2023-04-03 08:30:49 +00:00
|
|
|
static int set_s3_filename(struct tsg_log_instance_t *_instance, struct TLD_handle_t *_handle, const struct streaminfo *a_stream)
|
2022-07-01 17:08:16 +08:00
|
|
|
{
|
2023-04-03 08:30:49 +00:00
|
|
|
struct business_notify_data *bnd_label=(struct business_notify_data *)session_business_data_get(a_stream);
|
2022-07-01 17:08:16 +08:00
|
|
|
if(bnd_label==NULL || bnd_label->pdata==NULL)
|
|
|
|
|
{
|
|
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
switch(bnd_label->proto)
|
|
|
|
|
{
|
|
|
|
|
case PROTO_HTTP:
|
2023-04-03 08:30:49 +00:00
|
|
|
TLD_delete(_handle, _instance->id2field[LOG_COMMON_HTTP_REQUEST_S3_FILE].name);
|
2022-07-01 17:08:16 +08:00
|
|
|
TLD_delete(_handle, _instance->id2field[LOG_COMMON_HTTP_RESPONSE_S3_FILE].name);
|
|
|
|
|
|
|
|
|
|
if(bnd_label->s3_http==NULL)
|
|
|
|
|
{
|
|
|
|
|
break;
|
|
|
|
|
}
|
|
|
|
|
|
2023-04-03 08:30:49 +00:00
|
|
|
TLD_append(_handle, _instance->id2field[LOG_COMMON_HTTP_REQUEST_S3_FILE].name, bnd_label->s3_http->request_filename, TLD_TYPE_STRING);
|
2022-07-01 17:08:16 +08:00
|
|
|
TLD_append(_handle, _instance->id2field[LOG_COMMON_HTTP_RESPONSE_S3_FILE].name, bnd_label->s3_http->response_filename, TLD_TYPE_STRING);
|
|
|
|
|
break;
|
|
|
|
|
default:
|
|
|
|
|
break;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return 1;
|
|
|
|
|
}
|
|
|
|
|
|
2023-04-03 08:30:49 +00:00
|
|
|
int set_nat_linkinfo(struct tsg_log_instance_t *_instance, struct TLD_handle_t *_handle, const struct streaminfo *a_stream)
|
2021-08-13 10:23:05 +00:00
|
|
|
{
|
2023-04-03 08:30:49 +00:00
|
|
|
if(_instance->send_nat_linkinfo==0 || a_stream==NULL)
|
2021-08-13 10:23:05 +00:00
|
|
|
{
|
|
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
|
2023-04-03 08:30:49 +00:00
|
|
|
char *c2s_linkinfo=(char *)session_nat_c2s_linkinfo_get(a_stream);
|
|
|
|
|
if(c2s_linkinfo!=NULL)
|
|
|
|
|
{
|
|
|
|
|
copy_rapidjson(_handle, _instance->id2field[LOG_COMMON_LINK_INFO_C2S].name, c2s_linkinfo);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
char *s2c_linkinfo=(char *)session_nat_s2c_linkinfo_get(a_stream);
|
|
|
|
|
if(s2c_linkinfo!=NULL)
|
|
|
|
|
{
|
|
|
|
|
copy_rapidjson(_handle, _instance->id2field[LOG_COMMON_LINK_INFO_S2C].name, s2c_linkinfo);
|
|
|
|
|
}
|
2021-08-07 17:27:55 +08:00
|
|
|
|
2023-04-03 08:30:49 +00:00
|
|
|
return 1;
|
2021-08-07 17:27:55 +08:00
|
|
|
}
|
|
|
|
|
|
2023-04-03 08:30:49 +00:00
|
|
|
static int set_tunnel_ipv4v6_port(struct tsg_log_instance_t *_instance, struct TLD_handle_t *_handle, const struct streaminfo *a_stream, Value *object, enum addr_type_t up_layer_type)
|
2021-04-07 02:36:51 +00:00
|
|
|
{
|
|
|
|
|
char ip_buff[64]={0};
|
2021-11-20 11:49:18 +03:00
|
|
|
if(a_stream==NULL)
|
|
|
|
|
{
|
|
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
|
2023-04-03 08:30:49 +00:00
|
|
|
enum LOG_FIELD_ID s_ip_idx, d_ip_idx, s_port_idx, d_port_idx;
|
2021-11-20 11:49:18 +03:00
|
|
|
|
|
|
|
|
switch(up_layer_type)
|
2021-04-07 02:36:51 +00:00
|
|
|
{
|
2021-11-20 11:49:18 +03:00
|
|
|
case ADDR_TYPE_L2TP:
|
|
|
|
|
s_ip_idx=LOG_COMMON_L2TP_ACCESS_CONCENTRATOR_IP;
|
|
|
|
|
d_ip_idx=LOG_COMMON_L2TP_NETWORK_SERVER_IP;
|
|
|
|
|
s_port_idx=LOG_COMMON_L2TP_ACCESS_CONCENTRATOR_PORT;
|
|
|
|
|
d_port_idx=LOG_COMMON_L2TP_NETWORK_SERVER_PORT;
|
|
|
|
|
break;
|
|
|
|
|
case ADDR_TYPE_GPRS_TUNNEL:
|
|
|
|
|
s_ip_idx=LOG_COMMON_TUNNELS_GTP_SGW_IP;
|
|
|
|
|
d_ip_idx=LOG_COMMON_TUNNELS_GTP_PGW_IP;
|
|
|
|
|
s_port_idx=LOG_COMMON_TUNNELS_GTP_SGW_PORT;
|
|
|
|
|
d_port_idx=LOG_COMMON_TUNNELS_GTP_PGW_PORT;
|
|
|
|
|
break;
|
|
|
|
|
default:
|
|
|
|
|
return 0;
|
|
|
|
|
break;
|
2021-04-07 02:36:51 +00:00
|
|
|
}
|
2021-11-20 11:49:18 +03:00
|
|
|
|
|
|
|
|
switch(a_stream->addr.addrtype)
|
|
|
|
|
{
|
|
|
|
|
case ADDR_TYPE_IPV4:
|
|
|
|
|
inet_ntop(AF_INET, (const void *)&(a_stream->addr.ipv4->saddr), ip_buff, sizeof(ip_buff));
|
|
|
|
|
add_str_member(_handle, object, _instance->id2field[s_ip_idx].name, ip_buff);
|
2021-04-07 02:36:51 +00:00
|
|
|
|
2021-11-20 11:49:18 +03:00
|
|
|
inet_ntop(AF_INET, (const void *)&(a_stream->addr.ipv4->daddr), ip_buff, sizeof(ip_buff));
|
|
|
|
|
add_str_member(_handle, object, _instance->id2field[d_ip_idx].name, ip_buff);
|
|
|
|
|
|
|
|
|
|
add_number_member(_handle, object, _instance->id2field[s_port_idx].name, ntohs(a_stream->addr.ipv4->source));
|
|
|
|
|
add_number_member(_handle, object, _instance->id2field[d_port_idx].name, ntohs(a_stream->addr.ipv4->dest));
|
|
|
|
|
return 1;
|
|
|
|
|
break;
|
|
|
|
|
case ADDR_TYPE_IPV6:
|
|
|
|
|
inet_ntop(AF_INET6, (const void *)(a_stream->addr.ipv6->saddr), ip_buff, sizeof(ip_buff));
|
|
|
|
|
add_str_member(_handle, object, _instance->id2field[s_ip_idx].name, ip_buff);
|
|
|
|
|
|
|
|
|
|
inet_ntop(AF_INET6, (const void *)(a_stream->addr.ipv6->daddr), ip_buff, sizeof(ip_buff));
|
|
|
|
|
add_str_member(_handle, object, _instance->id2field[d_ip_idx].name, ip_buff);
|
|
|
|
|
|
|
|
|
|
add_number_member(_handle, object, _instance->id2field[s_port_idx].name, ntohs(a_stream->addr.ipv6->source));
|
|
|
|
|
add_number_member(_handle, object, _instance->id2field[d_port_idx].name, ntohs(a_stream->addr.ipv6->dest));
|
|
|
|
|
return 1;
|
|
|
|
|
break;
|
|
|
|
|
default:
|
|
|
|
|
break;
|
|
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
2021-04-07 02:36:51 +00:00
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
|
2023-02-28 19:20:25 +08:00
|
|
|
struct session_marker_notify_ctx
|
|
|
|
|
{
|
|
|
|
|
uint64_t flags;
|
|
|
|
|
char *identify_str;
|
|
|
|
|
};
|
|
|
|
|
|
2023-04-03 08:30:49 +00:00
|
|
|
int set_session_flags(struct tsg_log_instance_t *_instance, struct TLD_handle_t *_handle, const struct streaminfo *a_stream)
|
2023-02-28 19:20:25 +08:00
|
|
|
{
|
2023-04-03 08:30:49 +00:00
|
|
|
struct session_marker_notify_ctx *sm_notify=(struct session_marker_notify_ctx *)session_session_flags_get(a_stream);
|
2023-06-25 14:50:42 +08:00
|
|
|
if(sm_notify!=NULL)
|
2023-02-28 19:20:25 +08:00
|
|
|
{
|
2023-06-25 14:50:42 +08:00
|
|
|
TLD_append(_handle, _instance->id2field[LOG_COMMON_FLAGS].name, (void *)(long)(sm_notify->flags), TLD_TYPE_LONG);
|
|
|
|
|
TLD_append(_handle, _instance->id2field[LOG_COMMON_FLAGS_IDENTIFY_INFO].name, (void *)(long)(sm_notify->identify_str), TLD_TYPE_STRING);
|
|
|
|
|
|
|
|
|
|
return 1;
|
2023-02-28 19:20:25 +08:00
|
|
|
}
|
|
|
|
|
|
2023-06-25 14:50:42 +08:00
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
int set_l4_protocol(struct tsg_log_instance_t *_instance, struct TLD_handle_t *_handle, const struct streaminfo *a_stream)
|
|
|
|
|
{
|
2023-06-27 15:09:32 +08:00
|
|
|
struct session_runtime_action_context *srt_action_context=(struct session_runtime_action_context *)session_runtime_action_context_get(a_stream);
|
2023-06-25 14:50:42 +08:00
|
|
|
if(srt_action_context==NULL)
|
2023-02-28 19:20:25 +08:00
|
|
|
{
|
2023-06-25 14:50:42 +08:00
|
|
|
return 0;
|
2023-02-28 19:20:25 +08:00
|
|
|
}
|
2023-06-27 15:09:32 +08:00
|
|
|
|
|
|
|
|
if(srt_action_context->l4_protocol==NULL)
|
2023-02-28 19:20:25 +08:00
|
|
|
{
|
2023-06-27 15:09:32 +08:00
|
|
|
srt_action_context->l4_protocol=session_l4_protocol_label_update(a_stream);
|
2023-02-28 19:20:25 +08:00
|
|
|
}
|
2023-06-25 14:50:42 +08:00
|
|
|
|
2023-06-27 15:09:32 +08:00
|
|
|
TLD_append(_handle, _instance->id2field[LOG_COMMON_L4_PROTOCOL_LABEL].name, (void *)srt_action_context->l4_protocol, TLD_TYPE_STRING);
|
2023-02-28 19:20:25 +08:00
|
|
|
|
2023-06-25 14:50:42 +08:00
|
|
|
return 1;
|
2023-02-28 19:20:25 +08:00
|
|
|
}
|
|
|
|
|
|
2023-05-10 07:35:03 +00:00
|
|
|
int set_sce_profile_ids(struct tsg_log_instance_t *_instance, struct TLD_handle_t *_handle, const struct streaminfo *a_stream)
|
|
|
|
|
{
|
|
|
|
|
struct sce_log_update *sce = (struct sce_log_update *)session_log_update_data_get(a_stream, TSG_SERVICE_CHAINING);
|
|
|
|
|
if(sce==NULL)
|
|
|
|
|
{
|
|
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
Value sce_profile_ids_array(kArrayType);
|
|
|
|
|
for(size_t i=0; i<sce->n_profile_ids; i++)
|
|
|
|
|
{
|
|
|
|
|
sce_profile_ids_array.PushBack((unsigned int)(sce->profile_ids[i]), _handle->document->GetAllocator());
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
TLD_append(_handle, _instance->id2field[LOG_COMMON_SCE_PROFILE_IDS].name, (void *) &sce_profile_ids_array, TLD_TYPE_OBJECT);
|
|
|
|
|
|
2023-06-13 11:27:49 +08:00
|
|
|
fs3_rule_stat_update(RULE_STAT_SEND, TSG_ACTION_S_CHAINING, sce->n_profile_ids);
|
|
|
|
|
|
2023-05-10 07:35:03 +00:00
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
int set_shaping_profile_ids(struct tsg_log_instance_t *_instance, struct TLD_handle_t *_handle, const struct streaminfo *a_stream)
|
|
|
|
|
{
|
|
|
|
|
struct shaper_log_update *shaping = (struct shaper_log_update *)session_log_update_data_get(a_stream, TSG_SERVICE_SHAPING);
|
|
|
|
|
if(shaping==NULL)
|
|
|
|
|
{
|
|
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
Value shaping_object(kObjectType);
|
|
|
|
|
|
|
|
|
|
Value shaping_array(kArrayType);
|
|
|
|
|
for(size_t i=0; i<shaping->n_shaper_rule; i++)
|
|
|
|
|
{
|
|
|
|
|
Value object(kObjectType);
|
|
|
|
|
object.AddMember("rule_id", (unsigned int)shaping->shaper_rules[i].rule_id, _handle->document->GetAllocator());
|
|
|
|
|
|
|
|
|
|
Value shaping_profile_ids_array(kArrayType);
|
|
|
|
|
for(size_t j=0; j<shaping->shaper_rules[i].n_profile_ids; j++)
|
|
|
|
|
{
|
|
|
|
|
shaping_profile_ids_array.PushBack((unsigned long)(shaping->shaper_rules[i].profile_ids[j]), _handle->document->GetAllocator());
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
add_object_member(_handle, &object, "profile_ids", shaping_profile_ids_array)
|
|
|
|
|
shaping_array.PushBack(object, _handle->document->GetAllocator());
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
TLD_append(_handle, _instance->id2field[LOG_COMMON_SHAPING_PROFILE_IDS].name, &shaping_array, TLD_TYPE_OBJECT);
|
|
|
|
|
|
2023-06-13 11:27:49 +08:00
|
|
|
fs3_rule_stat_update(RULE_STAT_SEND, TSG_ACTION_SHAPING, shaping->n_shaper_rule);
|
2023-05-10 07:35:03 +00:00
|
|
|
|
|
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
|
2023-04-03 08:30:49 +00:00
|
|
|
int set_shaping_rule_ids(struct tsg_log_instance_t *_instance, struct TLD_handle_t *_handle, const struct streaminfo *a_stream)
|
2023-02-07 02:51:03 +00:00
|
|
|
{
|
2023-04-03 08:30:49 +00:00
|
|
|
if(a_stream==NULL)
|
|
|
|
|
{
|
|
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
struct matched_policy_rules *hited_shaping=(struct matched_policy_rules *)session_matched_rules_get(a_stream, TSG_SERVICE_SHAPING);
|
|
|
|
|
if(hited_shaping==NULL)
|
2023-02-07 02:51:03 +00:00
|
|
|
{
|
|
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
|
2023-02-15 14:35:25 +08:00
|
|
|
Value shaping_rule_ids_array(kArrayType);
|
2023-04-03 08:30:49 +00:00
|
|
|
for(size_t i=0; i<hited_shaping->n_rules; i++)
|
2023-02-07 02:51:03 +00:00
|
|
|
{
|
2023-05-10 07:35:03 +00:00
|
|
|
shaping_rule_ids_array.PushBack((unsigned long)(hited_shaping->rules[i].rule_id), _handle->document->GetAllocator());
|
2023-02-07 02:51:03 +00:00
|
|
|
}
|
|
|
|
|
|
2023-02-15 14:35:25 +08:00
|
|
|
TLD_append(_handle, _instance->id2field[LOG_COMMON_SHAPING_RULE_IDS].name, (void *) &shaping_rule_ids_array, TLD_TYPE_OBJECT);
|
2023-02-09 07:14:55 +00:00
|
|
|
|
|
|
|
|
return 0;
|
2023-02-07 02:51:03 +00:00
|
|
|
}
|
|
|
|
|
|
2023-04-03 08:30:49 +00:00
|
|
|
static int set_common_tunnels(struct tsg_log_instance_t *_instance, struct TLD_handle_t *_handle, const struct streaminfo *a_stream)
|
2021-04-07 02:36:51 +00:00
|
|
|
{
|
2021-04-20 14:37:00 +08:00
|
|
|
int ret=0;
|
2021-04-07 02:36:51 +00:00
|
|
|
char ip_buff[64]={0};
|
|
|
|
|
const struct streaminfo *ptmp = a_stream;
|
|
|
|
|
const struct streaminfo *pfather=NULL;
|
2021-08-13 10:23:05 +00:00
|
|
|
Value tunnel_array(kArrayType);
|
2021-04-20 14:37:00 +08:00
|
|
|
|
2021-04-07 02:36:51 +00:00
|
|
|
while(ptmp)
|
|
|
|
|
{
|
2021-08-13 10:23:05 +00:00
|
|
|
Value tunnel_object(kObjectType);
|
2021-04-07 02:36:51 +00:00
|
|
|
pfather = ptmp->pfather;
|
|
|
|
|
switch(ptmp->addr.addrtype)
|
|
|
|
|
{
|
|
|
|
|
case ADDR_TYPE_MAC:
|
2021-08-13 10:23:05 +00:00
|
|
|
set_link_mac(_instance, _handle, (ptmp->addr.mac), &tunnel_object);
|
2021-04-07 02:36:51 +00:00
|
|
|
break;
|
|
|
|
|
case ADDR_TYPE_VLAN:
|
2021-08-13 10:23:05 +00:00
|
|
|
add_str_member(_handle, &tunnel_object, _instance->id2field[LOG_COMMON_TUNNELS_SCHEMA_TYPE].name, "VLAN");
|
|
|
|
|
set_vlan(_instance, _handle, ptmp->addr.vlan->c2s_addr_array, ptmp->addr.vlan->c2s_layer_num, &tunnel_object, LOG_COMMON_TUNNELS_VLAN_SRC_ID);
|
|
|
|
|
set_vlan(_instance, _handle, ptmp->addr.vlan->s2c_addr_array, ptmp->addr.vlan->s2c_layer_num, &tunnel_object, LOG_COMMON_TUNNELS_VLAN_DST_ID);
|
2021-04-07 02:36:51 +00:00
|
|
|
break;
|
|
|
|
|
case ADDR_TYPE_GRE:
|
2021-08-13 10:23:05 +00:00
|
|
|
add_str_member(_handle, &tunnel_object, _instance->id2field[LOG_COMMON_TUNNELS_SCHEMA_TYPE].name, "GRE");
|
2021-04-07 02:36:51 +00:00
|
|
|
break;
|
|
|
|
|
case ADDR_TYPE_MPLS:
|
2021-04-20 14:37:00 +08:00
|
|
|
if(ptmp->addr.mpls->s2c_layer_num==0 && ptmp->addr.mpls->c2s_layer_num==0)
|
2021-04-07 02:36:51 +00:00
|
|
|
{
|
2021-04-20 14:37:00 +08:00
|
|
|
ptmp = pfather;
|
|
|
|
|
continue;
|
2021-04-07 02:36:51 +00:00
|
|
|
}
|
2021-08-13 10:23:05 +00:00
|
|
|
add_str_member(_handle, &tunnel_object, _instance->id2field[LOG_COMMON_TUNNELS_SCHEMA_TYPE].name, "MPLS");
|
|
|
|
|
set_mpls(_instance, _handle, ptmp->addr.mpls->c2s_addr_array, ptmp->addr.mpls->c2s_layer_num, &tunnel_object, LOG_COMMON_TUNNELS_MPLS_SRC_LABEL);
|
|
|
|
|
set_mpls(_instance, _handle, ptmp->addr.mpls->s2c_addr_array, ptmp->addr.mpls->s2c_layer_num, &tunnel_object, LOG_COMMON_TUNNELS_MPLS_DST_LABEL);
|
2021-04-07 02:36:51 +00:00
|
|
|
break;
|
|
|
|
|
case ADDR_TYPE_L2TP:
|
2021-08-13 10:23:05 +00:00
|
|
|
add_str_member(_handle, &tunnel_object, _instance->id2field[LOG_COMMON_TUNNELS_SCHEMA_TYPE].name, "L2TP");
|
2021-11-20 11:49:18 +03:00
|
|
|
set_l2tp(_instance, _handle, ptmp->addr.l2tp, &tunnel_object);
|
|
|
|
|
|
|
|
|
|
ret=set_tunnel_ipv4v6_port(_instance, _handle, ptmp->pfather, &tunnel_object, ADDR_TYPE_L2TP);
|
|
|
|
|
if(ret==1)
|
|
|
|
|
{
|
|
|
|
|
ptmp=pfather->pfather;
|
|
|
|
|
}
|
2021-04-07 02:36:51 +00:00
|
|
|
break;
|
|
|
|
|
case __ADDR_TYPE_IP_PAIR_V4:
|
2021-08-13 10:23:05 +00:00
|
|
|
add_str_member(_handle, &tunnel_object, _instance->id2field[LOG_COMMON_TUNNELS_SCHEMA_TYPE].name, "IPv4");
|
|
|
|
|
|
2021-04-07 02:36:51 +00:00
|
|
|
inet_ntop(AF_INET, (const void *)&(ptmp->addr.ipv4->saddr), ip_buff, sizeof(ip_buff));
|
2021-08-13 10:23:05 +00:00
|
|
|
add_str_member(_handle, &tunnel_object, _instance->id2field[LOG_COMMON_TUNNELS_CLIENT_IP].name, ip_buff);
|
|
|
|
|
|
|
|
|
|
inet_ntop(AF_INET, (const void *)&(ptmp->addr.ipv4->daddr), ip_buff, sizeof(ip_buff));
|
|
|
|
|
add_str_member(_handle, &tunnel_object, _instance->id2field[LOG_COMMON_TUNNELS_SERVER_IP].name, ip_buff);
|
2021-04-07 02:36:51 +00:00
|
|
|
break;
|
2021-08-13 10:23:05 +00:00
|
|
|
case __ADDR_TYPE_IP_PAIR_V6:
|
|
|
|
|
add_str_member(_handle, &tunnel_object, _instance->id2field[LOG_COMMON_TUNNELS_SCHEMA_TYPE].name, "IPv6");
|
|
|
|
|
|
2021-04-07 02:36:51 +00:00
|
|
|
inet_ntop(AF_INET6, (const void *)(ptmp->addr.ipv6->saddr), ip_buff, sizeof(ip_buff));
|
2021-08-13 10:23:05 +00:00
|
|
|
add_str_member(_handle, &tunnel_object, _instance->id2field[LOG_COMMON_TUNNELS_CLIENT_IP].name, ip_buff);
|
|
|
|
|
|
|
|
|
|
inet_ntop(AF_INET6, (const void *)(ptmp->addr.ipv6->daddr), ip_buff, sizeof(ip_buff));
|
|
|
|
|
add_str_member(_handle, &tunnel_object, _instance->id2field[LOG_COMMON_TUNNELS_SERVER_IP].name, ip_buff);
|
2021-04-07 02:36:51 +00:00
|
|
|
break;
|
|
|
|
|
case ADDR_TYPE_PPTP:
|
2021-08-13 10:23:05 +00:00
|
|
|
add_str_member(_handle, &tunnel_object, _instance->id2field[LOG_COMMON_TUNNELS_SCHEMA_TYPE].name, "PPTP");
|
|
|
|
|
add_number_member(_handle, &tunnel_object, _instance->id2field[LOG_COMMON_TUNNELS_PPTP_C2S_ID].name, ntohs(ptmp->addr.pptp->C2S_call_id));
|
|
|
|
|
add_number_member(_handle, &tunnel_object, _instance->id2field[LOG_COMMON_TUNNELS_PPTP_S2C_ID].name, ntohs(ptmp->addr.pptp->S2C_call_id));
|
2021-04-07 02:36:51 +00:00
|
|
|
break;
|
|
|
|
|
case ADDR_TYPE_GPRS_TUNNEL:
|
2021-08-13 10:23:05 +00:00
|
|
|
add_str_member(_handle, &tunnel_object, _instance->id2field[LOG_COMMON_TUNNELS_SCHEMA_TYPE].name, "GTP");
|
|
|
|
|
add_number_member(_handle, &tunnel_object, _instance->id2field[LOG_COMMON_TUNNELS_GTP_UPLINK_TEID].name, ntohl(ptmp->addr.gtp->teid_c2s));
|
|
|
|
|
add_number_member(_handle, &tunnel_object, _instance->id2field[LOG_COMMON_TUNNELS_GTP_DOWNLINK_TEID].name, ntohl(ptmp->addr.gtp->teid_s2c));
|
2021-04-07 02:36:51 +00:00
|
|
|
|
2021-11-20 11:49:18 +03:00
|
|
|
ret=set_tunnel_ipv4v6_port(_instance, _handle, ptmp->pfather, &tunnel_object, ADDR_TYPE_GPRS_TUNNEL);
|
2021-04-07 02:36:51 +00:00
|
|
|
if(ret==1)
|
|
|
|
|
{
|
|
|
|
|
ptmp=pfather->pfather;
|
|
|
|
|
}
|
|
|
|
|
break;
|
|
|
|
|
case ADDR_TYPE_VXLAN:
|
2021-08-13 10:23:05 +00:00
|
|
|
add_str_member(_handle, &tunnel_object, _instance->id2field[LOG_COMMON_TUNNELS_SCHEMA_TYPE].name, "VXLAN");
|
2021-04-07 02:36:51 +00:00
|
|
|
break;
|
|
|
|
|
default:
|
|
|
|
|
ptmp = pfather;
|
|
|
|
|
continue;
|
|
|
|
|
break;
|
|
|
|
|
}
|
|
|
|
|
|
2023-02-09 07:14:55 +00:00
|
|
|
ptmp=pfather;
|
2021-08-13 10:23:05 +00:00
|
|
|
tunnel_array.PushBack(tunnel_object, _handle->document->GetAllocator());
|
2021-04-07 02:36:51 +00:00
|
|
|
}
|
|
|
|
|
|
2021-08-13 10:23:05 +00:00
|
|
|
TLD_append(_handle, _instance->id2field[LOG_COMMON_TUNNELS].name, &tunnel_array, TLD_TYPE_OBJECT);
|
|
|
|
|
|
2021-04-07 02:36:51 +00:00
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
|
2023-04-03 08:30:49 +00:00
|
|
|
char *log_field_id2name(struct tsg_log_instance_t *instance, enum LOG_FIELD_ID id)
|
2019-12-09 18:58:05 +08:00
|
|
|
{
|
|
|
|
|
struct tsg_log_instance_t *_instance=instance;
|
|
|
|
|
if(_instance!=NULL)
|
2019-11-12 13:35:19 +08:00
|
|
|
{
|
2019-12-09 18:58:05 +08:00
|
|
|
return _instance->id2field[id].name;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return NULL;
|
|
|
|
|
}
|
|
|
|
|
|
2023-04-03 08:30:49 +00:00
|
|
|
int is_multi_hit_same_policy(struct maat_rule *result, int *policy_id, int *policy_id_num)
|
2021-04-27 09:49:15 +00:00
|
|
|
{
|
|
|
|
|
int j=0;
|
2020-11-14 15:50:44 +06:00
|
|
|
|
2021-04-27 09:49:15 +00:00
|
|
|
for(j=0;j<*policy_id_num;j++)
|
2020-11-14 15:50:44 +06:00
|
|
|
{
|
2023-04-03 08:30:49 +00:00
|
|
|
if(policy_id[j]==result->rule_id)
|
2021-04-27 09:49:15 +00:00
|
|
|
{
|
|
|
|
|
return 1;
|
|
|
|
|
}
|
2020-11-14 15:50:44 +06:00
|
|
|
}
|
|
|
|
|
|
2023-04-03 08:30:49 +00:00
|
|
|
policy_id[(*policy_id_num)++]=result->rule_id;
|
2021-04-27 09:49:15 +00:00
|
|
|
|
|
|
|
|
return 0;
|
2020-11-14 15:50:44 +06:00
|
|
|
}
|
|
|
|
|
|
2023-05-30 16:56:15 +08:00
|
|
|
static int is_hitted_shunt(const struct streaminfo *a_stream)
|
|
|
|
|
{
|
|
|
|
|
if(a_stream==NULL)
|
|
|
|
|
{
|
|
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
const struct session_runtime_action_context *srt_action_context=session_runtime_action_context_get(a_stream);
|
|
|
|
|
enum TSG_METHOD_TYPE method_type=srt_action_context_get_method_type(srt_action_context);
|
|
|
|
|
if(method_type==TSG_METHOD_TYPE_SHUNT)
|
|
|
|
|
{
|
|
|
|
|
return 1;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
|
2023-04-03 08:30:49 +00:00
|
|
|
static int set_xxxx_from_user_region(struct TLD_handle_t *_handle, struct tsg_log_instance_t *_instance, struct maat_rule *p_result, int thread_seq)
|
2020-04-16 13:03:56 +08:00
|
|
|
{
|
|
|
|
|
cJSON *item=NULL;
|
|
|
|
|
cJSON *object=NULL;
|
2022-07-29 10:09:15 +08:00
|
|
|
|
2022-10-24 14:48:16 +08:00
|
|
|
TLD_delete(_handle, _instance->id2field[LOG_COMMON_USER_REGION].name);
|
|
|
|
|
TLD_delete(_handle, _instance->id2field[LOG_COMMON_SUB_ACTION].name);
|
|
|
|
|
|
2023-04-03 08:30:49 +00:00
|
|
|
if(p_result->action!=TSG_ACTION_NONE)
|
2020-04-16 13:03:56 +08:00
|
|
|
{
|
2023-04-03 08:30:49 +00:00
|
|
|
struct maat_compile *compile=(struct maat_compile *)matched_rule_cites_security_compile(g_tsg_maat_feather, p_result->rule_id);
|
|
|
|
|
if(compile!=NULL && compile->p_user_region!=NULL)
|
2022-07-29 10:09:15 +08:00
|
|
|
{
|
2023-04-03 08:30:49 +00:00
|
|
|
object=cJSON_Parse(compile->p_user_region);
|
2022-07-29 10:09:15 +08:00
|
|
|
if(_instance->send_user_region==1)
|
|
|
|
|
{
|
2023-04-03 08:30:49 +00:00
|
|
|
TLD_append(_handle, _instance->id2field[LOG_COMMON_USER_REGION].name, (void *)(compile->p_user_region), TLD_TYPE_STRING);
|
|
|
|
|
}
|
|
|
|
|
}
|
2020-04-16 13:03:56 +08:00
|
|
|
}
|
|
|
|
|
|
2022-07-29 10:09:15 +08:00
|
|
|
if(object==NULL)
|
2023-04-28 06:03:16 +00:00
|
|
|
{
|
2022-07-29 10:09:15 +08:00
|
|
|
return 0;
|
|
|
|
|
}
|
2023-04-28 06:03:16 +00:00
|
|
|
|
2022-07-29 10:09:15 +08:00
|
|
|
if(p_result->action==TSG_ACTION_DENY)
|
2020-04-16 13:03:56 +08:00
|
|
|
{
|
|
|
|
|
item=cJSON_GetObjectItem(object, "method");
|
2020-04-27 17:49:59 +08:00
|
|
|
if(item!=NULL && item->valuestring!=NULL)
|
|
|
|
|
{
|
2022-07-29 10:09:15 +08:00
|
|
|
TLD_append(_handle, _instance->id2field[LOG_COMMON_SUB_ACTION].name, (void *)item->valuestring, TLD_TYPE_STRING);
|
2020-04-27 17:49:59 +08:00
|
|
|
}
|
2020-04-16 13:03:56 +08:00
|
|
|
}
|
2022-07-29 10:09:15 +08:00
|
|
|
|
|
|
|
|
cJSON_Delete(object);
|
|
|
|
|
object=NULL;
|
2020-04-16 13:03:56 +08:00
|
|
|
|
|
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
|
2023-04-03 08:30:49 +00:00
|
|
|
int set_application_behavior(struct tsg_log_instance_t *_instance, struct TLD_handle_t *_handle, const struct streaminfo *a_stream)
|
2021-12-29 21:59:35 +03:00
|
|
|
{
|
2023-04-03 08:30:49 +00:00
|
|
|
struct application_behavior *behavior_result=(struct application_behavior *)session_application_behavior_get(a_stream);
|
|
|
|
|
if(behavior_result!=NULL)
|
2022-01-04 17:07:02 +03:00
|
|
|
{
|
2023-04-03 08:30:49 +00:00
|
|
|
TLD_append(_handle, _instance->id2field[LOG_COMMON_APPLICATION_BEHAVIOR].name, (void *)(behavior_result->stream_behavior), TLD_TYPE_STRING);
|
2022-01-04 17:07:02 +03:00
|
|
|
}
|
2021-12-29 21:59:35 +03:00
|
|
|
|
|
|
|
|
return 1;
|
|
|
|
|
}
|
|
|
|
|
|
2023-04-03 08:30:49 +00:00
|
|
|
int set_policy_action_para_exec_result(struct tsg_log_instance_t *_instance, struct TLD_handle_t *_handle, const struct streaminfo *a_stream, struct maat_rule *p_result)
|
2021-08-07 17:27:55 +08:00
|
|
|
{
|
2023-04-03 08:30:49 +00:00
|
|
|
struct tsg_notify_execution_result *execution_result=(struct tsg_notify_execution_result *)session_mirrored_and_capture_packets_exec_result_get(a_stream);
|
2021-12-28 20:27:37 +03:00
|
|
|
if(execution_result==NULL)
|
2021-08-07 17:27:55 +08:00
|
|
|
{
|
2021-12-28 20:27:37 +03:00
|
|
|
return 0;
|
2021-08-07 17:27:55 +08:00
|
|
|
}
|
2022-06-06 14:45:32 +08:00
|
|
|
|
|
|
|
|
TLD_delete(_handle, _instance->id2field[LOG_COMMON_MIRRORED_PKTS].name);
|
|
|
|
|
TLD_delete(_handle, _instance->id2field[LOG_COMMON_MIRRORED_BYTES].name);
|
|
|
|
|
TLD_delete(_handle, _instance->id2field[LOG_COMMON_PACKET_CAPTURE_FILE].name);
|
2021-12-28 20:27:37 +03:00
|
|
|
|
2023-04-03 08:30:49 +00:00
|
|
|
for(int i=0; i<execution_result->stat_mirrored_cnt; i++)
|
2021-08-07 17:27:55 +08:00
|
|
|
{
|
2023-04-03 08:30:49 +00:00
|
|
|
if(execution_result->stat_mirrored[i].compile_id==p_result->rule_id)
|
2021-08-07 17:27:55 +08:00
|
|
|
{
|
2023-04-03 08:30:49 +00:00
|
|
|
TLD_append(_handle, _instance->id2field[LOG_COMMON_MIRRORED_PKTS].name, (void *)(execution_result->stat_mirrored[i].packets), TLD_TYPE_LONG);
|
2021-12-28 20:27:37 +03:00
|
|
|
TLD_append(_handle, _instance->id2field[LOG_COMMON_MIRRORED_BYTES].name, (void *)(execution_result->stat_mirrored[i].bytes), TLD_TYPE_LONG);
|
|
|
|
|
break;
|
2021-08-07 17:27:55 +08:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2023-04-03 08:30:49 +00:00
|
|
|
for(int i=0; i<execution_result->capture_result_cnt; i++)
|
2022-01-06 17:41:03 +03:00
|
|
|
{
|
2023-04-03 08:30:49 +00:00
|
|
|
if(execution_result->capture_result[i].compile_id==p_result->rule_id)
|
2022-06-06 14:45:32 +08:00
|
|
|
{
|
|
|
|
|
TLD_append(_handle, _instance->id2field[LOG_COMMON_PACKET_CAPTURE_FILE].name, (void *)(execution_result->capture_result[i].packet_path), TLD_TYPE_STRING);
|
|
|
|
|
break;
|
|
|
|
|
}
|
2021-12-28 20:27:37 +03:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return 1;
|
2021-08-07 17:27:55 +08:00
|
|
|
}
|
|
|
|
|
|
2023-04-03 08:30:49 +00:00
|
|
|
int set_session_attributes(struct tsg_log_instance_t *_instance, struct TLD_handle_t *_handle, const struct streaminfo *a_stream)
|
2020-05-14 15:52:54 +08:00
|
|
|
{
|
2023-04-03 08:30:49 +00:00
|
|
|
struct session_runtime_attribute *srt_attribute=(struct session_runtime_attribute *)session_runtime_attribute_get(a_stream);
|
|
|
|
|
if(srt_attribute==NULL)
|
2022-06-10 13:20:33 +08:00
|
|
|
{
|
|
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
|
2023-04-03 08:30:49 +00:00
|
|
|
if(srt_attribute->establish_latency_ms>0)
|
2021-04-27 09:49:15 +00:00
|
|
|
{
|
2023-04-03 08:30:49 +00:00
|
|
|
TLD_append(_handle, _instance->id2field[LOG_COMMON_ESTABLISH_LATENCY_MS].name, (void *)srt_attribute->establish_latency_ms, TLD_TYPE_LONG);
|
2022-06-10 13:20:33 +08:00
|
|
|
}
|
|
|
|
|
|
2023-04-03 08:30:49 +00:00
|
|
|
if(srt_attribute->http_action_file_size>0)
|
2022-06-10 13:20:33 +08:00
|
|
|
{
|
2023-04-03 08:30:49 +00:00
|
|
|
TLD_append(_handle, _instance->id2field[LOG_COMMON_HTTP_ACTION_FILESIZE].name, (void *)(long)srt_attribute->http_action_file_size, TLD_TYPE_LONG);
|
2022-06-10 13:20:33 +08:00
|
|
|
}
|
|
|
|
|
|
2023-04-03 08:30:49 +00:00
|
|
|
set_asn(_handle, a_stream, _instance->id2field[LOG_COMMON_CLINET_ASN].name, srt_attribute->client_asn);
|
|
|
|
|
set_asn(_handle, a_stream, _instance->id2field[LOG_COMMON_SERVER_ASN].name, srt_attribute->server_asn);
|
2022-06-10 13:20:33 +08:00
|
|
|
|
2023-04-03 08:30:49 +00:00
|
|
|
set_location(_handle, a_stream, _instance->id2field[LOG_COMMON_CLINET_LOCATION].name, srt_attribute->client_location);
|
|
|
|
|
set_location(_handle, a_stream, _instance->id2field[LOG_COMMON_SERVER_LOCATION].name, srt_attribute->server_location);
|
2020-05-14 15:52:54 +08:00
|
|
|
|
2023-04-03 08:30:49 +00:00
|
|
|
int ret=set_subscriber_id(_handle, _instance->id2field[LOG_COMMON_SUBSCRIBER_ID].name, srt_attribute->client_subscribe_id);
|
2022-06-10 13:20:33 +08:00
|
|
|
if(ret==0)
|
|
|
|
|
{
|
2023-04-03 08:30:49 +00:00
|
|
|
set_subscriber_id(_handle, _instance->id2field[LOG_COMMON_SUBSCRIBER_ID].name, srt_attribute->server_subscribe_id);
|
2022-06-10 13:20:33 +08:00
|
|
|
}
|
|
|
|
|
|
2023-04-03 08:30:49 +00:00
|
|
|
set_fqdn_category(_instance, _handle, a_stream, srt_attribute->fqdn_category_ids, srt_attribute->n_fqdn_category_ids);
|
2021-08-07 17:27:55 +08:00
|
|
|
|
2023-04-03 08:30:49 +00:00
|
|
|
if(srt_attribute->ja3_fingerprint!=NULL)
|
2022-06-10 13:20:33 +08:00
|
|
|
{
|
2023-04-03 08:30:49 +00:00
|
|
|
TLD_append(_handle, _instance->id2field[LOG_SSL_JA3_FINGERPRINT].name, (void *)srt_attribute->ja3_fingerprint, TLD_TYPE_STRING);
|
2022-06-10 13:20:33 +08:00
|
|
|
}
|
2020-09-11 18:06:09 +08:00
|
|
|
|
2023-04-03 08:30:49 +00:00
|
|
|
set_umts_user_info(_instance, _handle, a_stream, srt_attribute->user_info);
|
2021-05-19 07:10:25 +00:00
|
|
|
|
2023-04-03 08:30:49 +00:00
|
|
|
if(srt_attribute->client_endpoint!=NULL)
|
2022-09-09 14:52:05 +08:00
|
|
|
{
|
2023-04-03 08:30:49 +00:00
|
|
|
TLD_append(_handle, _instance->id2field[LOG_COMMON_TUNNELS_ENDPOINT_A_DESC].name, (void *)srt_attribute->client_endpoint->description, TLD_TYPE_STRING);
|
2022-09-09 14:52:05 +08:00
|
|
|
}
|
|
|
|
|
|
2023-04-03 08:30:49 +00:00
|
|
|
if(srt_attribute->server_endpoint!=NULL)
|
2022-09-09 14:52:05 +08:00
|
|
|
{
|
2023-04-03 08:30:49 +00:00
|
|
|
TLD_append(_handle, _instance->id2field[LOG_COMMON_TUNNELS_ENDPOINT_B_DESC].name, (void *)srt_attribute->server_endpoint->description, TLD_TYPE_STRING);
|
2022-09-09 14:52:05 +08:00
|
|
|
}
|
|
|
|
|
|
2023-10-13 07:43:27 +00:00
|
|
|
if(srt_attribute->client_os!=NULL)
|
|
|
|
|
{
|
|
|
|
|
TLD_append(_handle, _instance->id2field[LOG_COMMON_CLIENT_OS_NAME].name, (void *)srt_attribute->client_os, TLD_TYPE_STRING);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if(srt_attribute->server_os!=NULL)
|
|
|
|
|
{
|
|
|
|
|
TLD_append(_handle, _instance->id2field[LOG_COMMON_SERVER_OS_NAME].name, (void *)srt_attribute->server_os, TLD_TYPE_STRING);
|
|
|
|
|
}
|
|
|
|
|
|
2022-06-10 13:20:33 +08:00
|
|
|
return 1;
|
2020-05-14 15:52:54 +08:00
|
|
|
}
|
2020-04-16 13:03:56 +08:00
|
|
|
|
2023-04-03 08:30:49 +00:00
|
|
|
int set_lua_scripts_result(struct tsg_log_instance_t *_instance, struct TLD_handle_t *_handle, const struct streaminfo *a_stream)
|
2022-06-28 15:01:14 +08:00
|
|
|
{
|
2023-04-03 08:30:49 +00:00
|
|
|
struct user_defined_attribute *uda_label=(struct user_defined_attribute *)session_lua_user_defined_attribute_get(a_stream);
|
2022-06-28 15:01:14 +08:00
|
|
|
if(uda_label!=NULL)
|
|
|
|
|
{
|
|
|
|
|
Value array(kArrayType);
|
|
|
|
|
|
2023-04-03 08:30:49 +00:00
|
|
|
for(int i=0; i<uda_label->n_akv; i++)
|
2022-06-28 15:01:14 +08:00
|
|
|
{
|
2023-04-03 08:30:49 +00:00
|
|
|
Value object(kObjectType);
|
|
|
|
|
switch(uda_label->akv[i].type)
|
2022-06-28 15:01:14 +08:00
|
|
|
{
|
2023-04-03 08:30:49 +00:00
|
|
|
case LUA_ATTRIBUTE_TYPE_BOOL:
|
|
|
|
|
case LUA_ATTRIBUTE_TYPE_NUMERIC:
|
|
|
|
|
add_number_member(_handle, &object, uda_label->akv[i].name, uda_label->akv[i].number);
|
2022-06-28 15:01:14 +08:00
|
|
|
break;
|
2023-04-03 08:30:49 +00:00
|
|
|
case LUA_ATTRIBUTE_TYPE_IP:
|
|
|
|
|
case LUA_ATTRIBUTE_TYPE_STRING:
|
|
|
|
|
add_str_member(_handle, &object, uda_label->akv[i].name, uda_label->akv[i].string);
|
2022-06-28 15:01:14 +08:00
|
|
|
break;
|
|
|
|
|
default:
|
|
|
|
|
continue;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
array.PushBack(object, _handle->document->GetAllocator());
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
TLD_append(_handle, _instance->id2field[LOG_COMMON_APP_EXTRACT_INFO].name, &array, TLD_TYPE_OBJECT);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
|
2023-05-10 07:35:03 +00:00
|
|
|
int set_intercept_info(struct tsg_log_instance_t *_instance, struct TLD_handle_t *_handle, const struct streaminfo *a_stream)
|
|
|
|
|
{
|
|
|
|
|
struct proxy_log_update *proxy = (struct proxy_log_update *)session_log_update_data_get(a_stream, TSG_SERVICE_INTERCEPT);
|
|
|
|
|
if(proxy!=NULL)
|
|
|
|
|
{
|
|
|
|
|
TLD_append(_handle, _instance->id2field[LOG_COMMON_SSL_PINNING_STATE].name, (void *)(long)proxy->ssl_pinning_state, TLD_TYPE_LONG);
|
|
|
|
|
TLD_append(_handle, _instance->id2field[LOG_COMMON_SSL_CERT_VERIFY].name, (void *)(long)proxy->ssl_cert_verify, TLD_TYPE_LONG);
|
|
|
|
|
TLD_append(_handle, _instance->id2field[LOG_COMMON_SSL_INTERCEPT_STATE].name, (void *)(long)proxy->ssl_intercept_state, TLD_TYPE_LONG);
|
|
|
|
|
TLD_append(_handle, _instance->id2field[LOG_COMMON_SSL_UPSTREAM_LATENCY].name, (void *)(long)proxy->ssl_upstream_latency, TLD_TYPE_LONG);
|
|
|
|
|
TLD_append(_handle, _instance->id2field[LOG_COMMON_SSL_DOWNSTREAM_LATENCY].name, (void *)(long)proxy->ssl_downstream_latency, TLD_TYPE_LONG);
|
|
|
|
|
TLD_append(_handle, _instance->id2field[LOG_COMMON_SSL_UPSTREAM_VERSION].name, proxy->ssl_upstream_version, TLD_TYPE_STRING);
|
|
|
|
|
TLD_append(_handle, _instance->id2field[LOG_COMMON_SSL_DOWNSTREAM_VERSION].name, proxy->ssl_downstream_version, TLD_TYPE_STRING);
|
|
|
|
|
TLD_append(_handle, _instance->id2field[LOG_COMMON_SSL_ERROR].name, proxy->ssl_error, TLD_TYPE_STRING);
|
|
|
|
|
TLD_append(_handle, _instance->id2field[LOG_COMMON_SSL_PASSTHROUGHT_REASON].name, proxy->ssl_passthrough_reason, TLD_TYPE_STRING);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
|
2023-04-03 08:30:49 +00:00
|
|
|
int TLD_append_streaminfo(struct tsg_log_instance_t *instance, struct TLD_handle_t *handle, const struct streaminfo *a_stream)
|
2019-12-09 18:58:05 +08:00
|
|
|
{
|
2023-06-18 13:35:09 +08:00
|
|
|
struct TLD_handle_t *_handle=handle;
|
|
|
|
|
struct tsg_log_instance_t *_instance=instance;
|
|
|
|
|
|
|
|
|
|
if(_instance==NULL || _handle==NULL || a_stream==NULL)
|
2023-02-09 07:14:55 +00:00
|
|
|
{
|
2023-06-18 13:35:09 +08:00
|
|
|
if(_instance)
|
2023-02-09 07:14:55 +00:00
|
|
|
{
|
2023-06-18 13:35:09 +08:00
|
|
|
MASTER_LOG(_instance->logger, RLOG_LV_DEBUG, LOG_MODULE_SENDLOG, "TLD_APPEND_STREAM TLD_handle==NULL || addr==NULL");
|
2023-02-09 07:14:55 +00:00
|
|
|
}
|
2019-12-09 18:58:05 +08:00
|
|
|
return -1;
|
2019-11-12 13:35:19 +08:00
|
|
|
}
|
|
|
|
|
|
2023-02-09 07:14:55 +00:00
|
|
|
int ret=set_linkinfo(_instance, _handle, a_stream);
|
2021-07-05 14:22:24 +08:00
|
|
|
if(ret==0)
|
|
|
|
|
{
|
|
|
|
|
set_direction(_instance, _handle, a_stream);
|
|
|
|
|
}
|
|
|
|
|
|
2021-04-27 09:49:15 +00:00
|
|
|
set_app_id(_instance, _handle, a_stream);
|
|
|
|
|
set_tcp_isn(_instance, _handle, a_stream);
|
|
|
|
|
set_tuple4(_instance, _handle, a_stream);
|
|
|
|
|
set_address_list(_instance, _handle, a_stream);
|
|
|
|
|
set_duraction(_instance, _handle, a_stream);
|
|
|
|
|
set_packet_bytes(_instance, _handle, a_stream);
|
|
|
|
|
set_session_attributes(_instance, _handle, a_stream);
|
2022-06-28 15:01:14 +08:00
|
|
|
set_lua_scripts_result(_instance, _handle, a_stream);
|
2023-06-25 10:54:16 +00:00
|
|
|
|
|
|
|
|
set_mac(_instance, _handle, a_stream);
|
2023-02-28 19:20:25 +08:00
|
|
|
set_session_flags(_instance, _handle, a_stream);
|
2023-06-25 14:50:42 +08:00
|
|
|
set_l4_protocol(_instance, _handle, a_stream);
|
2023-02-28 19:20:25 +08:00
|
|
|
|
2021-04-27 09:49:15 +00:00
|
|
|
if(is_tunnels(a_stream))
|
2019-12-09 18:58:05 +08:00
|
|
|
{
|
2021-04-27 09:49:15 +00:00
|
|
|
set_common_tunnels(_instance, _handle, a_stream);
|
2019-12-09 18:58:05 +08:00
|
|
|
}
|
2021-04-27 09:49:15 +00:00
|
|
|
|
2023-04-03 08:30:49 +00:00
|
|
|
unsigned long long stream_id=tsg_get_stream_trace_id(a_stream);
|
2023-02-09 07:14:55 +00:00
|
|
|
char stream_id_buff[128]={0};
|
2020-10-27 17:15:09 +08:00
|
|
|
snprintf(stream_id_buff, sizeof(stream_id_buff), "%llu", stream_id);
|
|
|
|
|
TLD_append(_handle, _instance->id2field[LOG_COMMON_STREAM_TRACE_ID].name, (void *)stream_id_buff, TLD_TYPE_STRING);
|
2019-12-09 18:58:05 +08:00
|
|
|
|
2023-02-09 07:14:55 +00:00
|
|
|
char *addr_proto=(char *)layer_addr_prefix_ntop(a_stream);
|
2019-12-09 18:58:05 +08:00
|
|
|
TLD_append(_handle, _instance->id2field[LOG_COMMON_L4_PROTOCOL].name, (void *)addr_proto, TLD_TYPE_STRING);
|
2021-01-28 17:20:44 +08:00
|
|
|
|
2019-12-09 18:58:05 +08:00
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
|
2023-05-29 18:20:36 +08:00
|
|
|
static int session_record_limit(struct tsg_log_instance_t *_instance, const struct streaminfo *a_stream, enum LOG_TYPE log_type)
|
|
|
|
|
{
|
|
|
|
|
if(tsg_session_record_switch_get()==0)
|
|
|
|
|
{
|
|
|
|
|
return 1;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if(log_type==LOG_TYPE_SESSION_RECORD)
|
|
|
|
|
{
|
|
|
|
|
if(a_stream==NULL || a_stream->pdetail==NULL)
|
|
|
|
|
{
|
|
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
switch(a_stream->type)
|
|
|
|
|
{
|
|
|
|
|
case STREAM_TYPE_TCP:
|
|
|
|
|
if((a_stream->ptcpdetail->clientbytes + a_stream->ptcpdetail->serverbytes < (unsigned int)_instance->tcp_min_log_bytes) ||
|
|
|
|
|
(a_stream->ptcpdetail->clientpktnum + a_stream->ptcpdetail->serverpktnum < (unsigned int)_instance->tcp_min_log_pkts))
|
|
|
|
|
{
|
|
|
|
|
return 1;
|
|
|
|
|
}
|
|
|
|
|
break;
|
|
|
|
|
case STREAM_TYPE_UDP:
|
|
|
|
|
if((a_stream->pudpdetail->clientbytes + a_stream->pudpdetail->serverbytes < (unsigned int)_instance->udp_min_log_bytes) ||
|
|
|
|
|
(a_stream->pudpdetail->clientpktnum + a_stream->pudpdetail->serverpktnum < (unsigned int)_instance->udp_min_log_pkts))
|
|
|
|
|
{
|
|
|
|
|
return 1;
|
|
|
|
|
}
|
|
|
|
|
break;
|
|
|
|
|
default:
|
|
|
|
|
break;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if(log_type==LOG_TYPE_INTERIM_SESSION_RECORD && _instance->send_interim_log==0)
|
|
|
|
|
{
|
|
|
|
|
return 1;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if(log_type==LOG_TYPE_TRANSACTION_RECORD && _instance->send_transcation_log==0)
|
|
|
|
|
{
|
|
|
|
|
return 1;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
|
2023-06-16 19:56:56 +08:00
|
|
|
int append_common_field(struct tsg_log_instance_t *_instance, struct TLD_handle_t *_handle, const struct streaminfo *a_stream)
|
|
|
|
|
{
|
|
|
|
|
TLD_append_streaminfo(_instance, _handle, a_stream);
|
|
|
|
|
TLD_append(_handle, _instance->id2field[LOG_COMMON_SLED_IP].name, (void *)(_instance->local_ip_str), TLD_TYPE_STRING);
|
|
|
|
|
if(strlen(g_tsg_para.device_sn)>0)
|
|
|
|
|
{
|
|
|
|
|
TLD_append(_handle, _instance->id2field[LOG_COMMON_DEVICE_ID].name, (void *)(g_tsg_para.device_sn), TLD_TYPE_STRING);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
TLD_append(_handle, _instance->id2field[LOG_COMMON_DATA_CENTER].name, (void *)tsg_data_center_get(), TLD_TYPE_STRING);
|
|
|
|
|
TLD_append(_handle, _instance->id2field[LOG_COMMON_DEVICE_TAG].name, (void *)tsg_device_tag_get(), TLD_TYPE_STRING);
|
|
|
|
|
TLD_append(_handle, _instance->id2field[LOG_COMMON_TRAFFIC_VSYSTEM_ID].name, (void *)(long)_instance->vsystem_id, TLD_TYPE_LONG);
|
|
|
|
|
|
|
|
|
|
set_application_behavior(_instance, _handle, a_stream);
|
|
|
|
|
|
|
|
|
|
return 1;
|
|
|
|
|
}
|
|
|
|
|
|
2023-04-03 08:30:49 +00:00
|
|
|
int log_common_fields_new(const char *filename, id2field_t *id2field, struct topic_stat **service2topic, int *max_service)
|
2019-12-09 18:58:05 +08:00
|
|
|
{
|
2022-05-17 10:05:40 +00:00
|
|
|
int i=0,flag=0;
|
2019-12-09 18:58:05 +08:00
|
|
|
FILE *fp=NULL;
|
|
|
|
|
char line[1024]={0};
|
|
|
|
|
char field_name[64]={0};
|
|
|
|
|
char type_name[32]={0};
|
2022-05-17 10:05:40 +00:00
|
|
|
struct topic_stat *_service2topic=NULL;
|
2020-01-19 15:53:02 +08:00
|
|
|
|
2019-12-09 18:58:05 +08:00
|
|
|
fp=fopen(filename, "r");
|
|
|
|
|
if(fp==NULL)
|
|
|
|
|
{
|
|
|
|
|
printf("Open %s failed ...", filename);
|
|
|
|
|
return -1;
|
|
|
|
|
}
|
2019-11-12 13:35:19 +08:00
|
|
|
|
2019-12-09 18:58:05 +08:00
|
|
|
memset(line, 0, sizeof(line));
|
|
|
|
|
|
|
|
|
|
while((fgets(line, sizeof(line), fp))!=NULL)
|
|
|
|
|
{
|
|
|
|
|
if(line[0]=='#' || line[0]=='\n' || line[0]=='\r' ||line[0]=='\0')
|
|
|
|
|
{
|
|
|
|
|
continue;
|
|
|
|
|
}
|
2023-06-02 08:19:50 +00:00
|
|
|
int id=0;
|
2019-12-09 18:58:05 +08:00
|
|
|
memset(type_name, 0, sizeof(type_name));
|
2023-06-02 08:19:50 +00:00
|
|
|
sscanf(line, "%31s %63s %d", type_name, field_name, &id);
|
2019-12-09 18:58:05 +08:00
|
|
|
|
2020-05-18 19:04:26 +08:00
|
|
|
for(i=0; i<TLD_TYPE_MAX; i++)
|
2019-12-09 18:58:05 +08:00
|
|
|
{
|
|
|
|
|
if((strncasecmp(tld_type[i].name, type_name, strlen(tld_type[i].name)))==0)
|
|
|
|
|
{
|
|
|
|
|
switch(tld_type[i].type)
|
|
|
|
|
{
|
|
|
|
|
case TLD_TYPE_FILE:
|
|
|
|
|
case TLD_TYPE_LONG:
|
|
|
|
|
case TLD_TYPE_STRING:
|
2022-12-23 11:54:29 +08:00
|
|
|
if(id<LOG_COMMON_MAX)
|
|
|
|
|
{
|
|
|
|
|
id2field[id].type = tld_type[i].type;
|
|
|
|
|
id2field[id].id = id;
|
|
|
|
|
memcpy(id2field[id].name, field_name, strlen(field_name));
|
|
|
|
|
}
|
2022-05-17 10:05:40 +00:00
|
|
|
flag=1;
|
2019-12-09 18:58:05 +08:00
|
|
|
break;
|
2020-05-18 19:04:26 +08:00
|
|
|
case TLD_TYPE_TOPIC:
|
|
|
|
|
if(_service2topic==NULL)
|
2019-12-09 18:58:05 +08:00
|
|
|
{
|
2022-05-17 10:05:40 +00:00
|
|
|
_service2topic=(struct topic_stat *)calloc(1, sizeof(struct topic_stat)*(id+1));
|
2020-05-18 19:04:26 +08:00
|
|
|
_service2topic[id].type = TLD_TYPE_MAX;
|
2022-05-17 10:05:40 +00:00
|
|
|
//_service2topic[id].id = id;
|
2020-05-18 19:04:26 +08:00
|
|
|
memcpy(_service2topic[id].name, field_name, strlen(field_name));
|
|
|
|
|
|
|
|
|
|
*max_service=id+1;
|
|
|
|
|
}
|
|
|
|
|
else
|
|
|
|
|
{
|
|
|
|
|
if(*max_service<=id)
|
2020-01-19 15:53:02 +08:00
|
|
|
{
|
2022-05-17 10:05:40 +00:00
|
|
|
_service2topic=(struct topic_stat *)realloc(_service2topic, sizeof(struct topic_stat)*(id+1));
|
|
|
|
|
memset(&_service2topic[id], 0, sizeof(struct topic_stat));
|
2020-01-19 15:53:02 +08:00
|
|
|
_service2topic[id].type = TLD_TYPE_MAX;
|
2022-05-17 10:05:40 +00:00
|
|
|
//_service2topic[id].id = id;
|
2020-01-19 15:53:02 +08:00
|
|
|
memcpy(_service2topic[id].name, field_name, strlen(field_name));
|
|
|
|
|
|
|
|
|
|
*max_service=id+1;
|
|
|
|
|
}
|
|
|
|
|
else
|
|
|
|
|
{
|
2022-05-17 10:05:40 +00:00
|
|
|
memset(&_service2topic[id], 0, sizeof(struct topic_stat));
|
2020-05-18 19:04:26 +08:00
|
|
|
_service2topic[id].type = TLD_TYPE_MAX;
|
2022-05-17 10:05:40 +00:00
|
|
|
//_service2topic[id].id = id;
|
2020-05-18 19:04:26 +08:00
|
|
|
memcpy(_service2topic[id].name, field_name, strlen(field_name));
|
2020-01-19 15:53:02 +08:00
|
|
|
}
|
2019-12-09 18:58:05 +08:00
|
|
|
}
|
2022-05-17 10:05:40 +00:00
|
|
|
flag=1;
|
2019-12-09 18:58:05 +08:00
|
|
|
break;
|
2020-05-18 19:04:26 +08:00
|
|
|
default:
|
|
|
|
|
break;
|
2019-12-09 18:58:05 +08:00
|
|
|
}
|
2022-05-17 10:05:40 +00:00
|
|
|
|
|
|
|
|
if(flag==1)
|
|
|
|
|
{
|
|
|
|
|
flag=0;
|
|
|
|
|
break;
|
|
|
|
|
}
|
2019-12-09 18:58:05 +08:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
memset(line, 0, sizeof(line));
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
fclose(fp);
|
|
|
|
|
fp=NULL;
|
|
|
|
|
|
2020-11-14 15:50:44 +06:00
|
|
|
if(service2topic!=NULL)
|
|
|
|
|
{
|
2022-05-17 10:05:40 +00:00
|
|
|
(*service2topic)=_service2topic;
|
2020-11-14 15:50:44 +06:00
|
|
|
}
|
2020-01-19 15:53:02 +08:00
|
|
|
|
2019-11-12 13:35:19 +08:00
|
|
|
return 0;
|
|
|
|
|
}
|
2019-12-09 18:58:05 +08:00
|
|
|
|
2023-09-01 08:50:24 +00:00
|
|
|
static unsigned char tsg_send_mode_get(char *mode_str)
|
|
|
|
|
{
|
|
|
|
|
if (mode_str == NULL)
|
|
|
|
|
{
|
|
|
|
|
return KAFKA_SEND_MODE; // kafka is defualt
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
unsigned char mode = CLOSE_SEND_MODE;
|
|
|
|
|
if (strstr(mode_str, "close") != NULL)
|
|
|
|
|
{
|
|
|
|
|
return CLOSE_SEND_MODE;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (strstr(mode_str, "kafka") != NULL)
|
|
|
|
|
{
|
|
|
|
|
mode |= KAFKA_SEND_MODE;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (strstr(mode_str, "ipfix") != NULL)
|
|
|
|
|
{
|
|
|
|
|
mode |= IPFIX_SEND_MODE;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (mode == CLOSE_SEND_MODE)
|
|
|
|
|
{
|
|
|
|
|
return KAFKA_SEND_MODE; // kafka is defualt
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return mode;
|
|
|
|
|
}
|
|
|
|
|
|
2023-06-13 11:27:49 +08:00
|
|
|
struct tsg_log_instance_t *tsg_sendlog_init(const char *conffile)
|
2019-11-12 13:35:19 +08:00
|
|
|
{
|
2022-09-09 15:07:37 +08:00
|
|
|
char override_sled_ip[32]={0};
|
2019-12-09 18:58:05 +08:00
|
|
|
char kafka_errstr[1024]={0};
|
|
|
|
|
unsigned int local_ip_nr=0;
|
2023-04-03 08:30:49 +00:00
|
|
|
rd_kafka_conf_t *rdkafka_conf = NULL;
|
2023-02-09 07:14:55 +00:00
|
|
|
char broker_list[1024]={0};
|
2019-12-09 18:58:05 +08:00
|
|
|
struct tsg_log_instance_t *_instance=NULL;
|
2023-06-13 11:27:49 +08:00
|
|
|
char common_field_file[128]={0};
|
2023-02-09 07:14:55 +00:00
|
|
|
char log_path[128]={0};
|
2023-09-01 08:50:24 +00:00
|
|
|
char send_mode[128] = {0};
|
2022-05-17 10:05:40 +00:00
|
|
|
|
2023-06-13 11:27:49 +08:00
|
|
|
_instance=(struct tsg_log_instance_t *)calloc(1, sizeof(struct tsg_log_instance_t));
|
2019-12-09 18:58:05 +08:00
|
|
|
|
2023-05-29 18:20:36 +08:00
|
|
|
MESA_load_profile_int_def(conffile, "TSG_LOG", "LOG_LEVEL",&(_instance->level), 30);
|
2023-02-09 07:14:55 +00:00
|
|
|
MESA_load_profile_string_def(conffile, "TSG_LOG", "LOG_PATH", log_path, sizeof(log_path), "./log/tsglog");
|
2023-05-29 18:20:36 +08:00
|
|
|
MESA_load_profile_int_def(conffile, "TSG_LOG", "SEND_USER_REGION", &(_instance->send_user_region), 0);
|
2022-12-30 13:41:12 +08:00
|
|
|
MESA_load_profile_int_def(conffile, "TSG_LOG", "SEND_DATA_CENTER_SWITCH", &(_instance->send_data_center), 0);
|
|
|
|
|
MESA_load_profile_int_def(conffile, "TSG_LOG", "SEND_APP_ID_SWITCH", &(_instance->send_app_id), 0);
|
2023-05-26 05:37:16 +00:00
|
|
|
MESA_load_profile_int_def(conffile, "TSG_LOG", "SEND_INTERCEPT_LOG", &(_instance->send_intercept_log), 0);
|
2022-12-30 13:41:12 +08:00
|
|
|
MESA_load_profile_int_def(conffile, "TSG_LOG", "SEND_NAT_LINKINFO_SWITCH", &(_instance->send_nat_linkinfo), 0);
|
2023-07-18 23:24:24 +08:00
|
|
|
MESA_load_profile_int_def(conffile, "TSG_LOG", "RAPIDJSON_CHUNK_CAPACITY", &(_instance->rapidjson_chunk_capacity), 2048);
|
2019-12-09 18:58:05 +08:00
|
|
|
|
2022-07-29 10:09:15 +08:00
|
|
|
MESA_load_profile_int_def(conffile, "TSG_LOG", "VSYSTEM_ID", &(_instance->vsystem_id), 1);
|
2022-12-29 06:03:04 +00:00
|
|
|
MESA_load_profile_int_def(conffile, "SYSTEM","UNKNOWN_APP_ID", &_instance->unknown_app_id, 4);
|
2022-07-29 10:09:15 +08:00
|
|
|
|
2023-05-29 18:20:36 +08:00
|
|
|
MESA_load_profile_int_def(conffile, "TSG_LOG", "SEND_INTERIM_RECORD", &(_instance->send_interim_log), 1);
|
|
|
|
|
MESA_load_profile_int_def(conffile, "TSG_LOG", "SEND_TRANSCATION_RECORD", &(_instance->send_transcation_log), 1);
|
|
|
|
|
MESA_load_profile_int_def(conffile, "TSG_LOG","TCP_MIN_PKTS", &_instance->tcp_min_log_pkts, 3);
|
|
|
|
|
MESA_load_profile_int_def(conffile, "TSG_LOG","TCP_MIN_BYTES", &_instance->tcp_min_log_bytes, 5);
|
|
|
|
|
MESA_load_profile_int_def(conffile, "TSG_LOG","UDP_MIN_PKTS", &_instance->udp_min_log_pkts, 3);
|
|
|
|
|
MESA_load_profile_int_def(conffile, "TSG_LOG","UDP_MIN_BYTES", &_instance->udp_min_log_bytes, 5);
|
2023-06-13 11:27:49 +08:00
|
|
|
|
2023-02-09 07:14:55 +00:00
|
|
|
_instance->logger=MESA_create_runtime_log_handle(log_path, _instance->level);
|
2019-12-09 18:58:05 +08:00
|
|
|
if(_instance->logger==NULL)
|
|
|
|
|
{
|
2023-02-09 07:14:55 +00:00
|
|
|
printf("MESA_create_runtime_log_handle failed ..., path: %s level: %d", log_path, _instance->level);
|
2023-06-13 11:27:49 +08:00
|
|
|
free(_instance);
|
|
|
|
|
_instance=NULL;
|
2019-12-09 18:58:05 +08:00
|
|
|
return NULL;
|
|
|
|
|
}
|
2019-12-20 11:15:29 +08:00
|
|
|
|
2023-09-01 08:50:24 +00:00
|
|
|
MESA_load_profile_string_def(conffile, "TSG_LOG", "MODE", send_mode, sizeof(send_mode), "kafka");
|
|
|
|
|
_instance->mode = tsg_send_mode_get(send_mode);
|
|
|
|
|
|
|
|
|
|
if(_instance->mode==CLOSE_SEND_MODE)
|
2019-12-20 11:15:29 +08:00
|
|
|
{
|
2023-06-18 13:35:09 +08:00
|
|
|
MASTER_LOG(_instance->logger, RLOG_LV_FATAL, LOG_MODULE_SENDLOG, "Disable tsg_send_log");
|
2019-12-20 11:15:29 +08:00
|
|
|
return _instance;
|
|
|
|
|
}
|
2020-09-01 11:35:49 +08:00
|
|
|
|
2023-09-01 08:50:24 +00:00
|
|
|
if (_instance->mode&IPFIX_SEND_MODE)
|
|
|
|
|
{
|
|
|
|
|
char ipfix_conf_path[128] = {0};
|
|
|
|
|
MESA_load_profile_string_def(conffile, "TSG_LOG", "IPFIX_EXPORTER_CONF", ipfix_conf_path, sizeof(ipfix_conf_path), "./tsgconf/ipfix_conf.json");
|
|
|
|
|
_instance->ipfix_instance = ipfix_exporter_instance_init(ipfix_conf_path, _instance->logger, get_thread_count());
|
|
|
|
|
if (_instance->ipfix_instance == NULL)
|
|
|
|
|
{
|
|
|
|
|
free(_instance);
|
|
|
|
|
_instance=NULL;
|
|
|
|
|
return NULL;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
MESA_load_profile_int_def(conffile, "TSG_LOG", "IPFIX_TEMPLATE_INTERVAL_PKTS", &(_instance->ipfix_template_interval_pkts), 1000);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
MESA_load_profile_int_def(conffile, "TSG_LOG", "RECOVERY_INTERVEL_S", &(_instance->recovery_interval), 30);
|
2020-09-01 11:35:49 +08:00
|
|
|
|
2023-02-09 07:14:55 +00:00
|
|
|
MESA_load_profile_string_def(conffile, "TSG_LOG", "COMMON_FIELD_FILE", common_field_file, sizeof(common_field_file), NULL);
|
|
|
|
|
MESA_load_profile_string_def(conffile, "TSG_LOG", "BROKER_LIST", broker_list, sizeof(broker_list), NULL);
|
2021-08-19 06:20:32 +00:00
|
|
|
MESA_load_profile_string_def(conffile, "TSG_LOG", "SASL_USERNAME", _instance->sasl_username, sizeof(_instance->sasl_username), ""); //admin
|
|
|
|
|
MESA_load_profile_string_def(conffile, "TSG_LOG", "SASL_PASSWD", _instance->sasl_passwd, sizeof(_instance->sasl_passwd), "");
|
2023-07-16 16:58:06 +08:00
|
|
|
MESA_load_profile_string_def(conffile, "TSG_LOG", "COMPRESSION_TYPE", _instance->compression, sizeof(_instance->compression), ""); //snappy
|
2019-12-09 18:58:05 +08:00
|
|
|
|
2020-09-01 11:35:49 +08:00
|
|
|
MESA_load_profile_string_def(conffile, "TSG_LOG", "SEND_QUEUE_MAX_MESSAGE", _instance->send_queue_max_msg, sizeof(_instance->send_queue_max_msg), "1000000");
|
|
|
|
|
MESA_load_profile_string_def(conffile, "TSG_LOG", "REFRESH_INTERVAL_MS", _instance->refresh_interval_ms, sizeof(_instance->refresh_interval_ms), "600000");
|
|
|
|
|
MESA_load_profile_string_def(conffile, "TSG_LOG", "REQUIRE_ACK", _instance->require_ack, sizeof(_instance->require_ack), "1");
|
|
|
|
|
|
2021-06-22 07:01:46 +00:00
|
|
|
MESA_load_profile_string_def(conffile, "SYSTEM", "TCP_LABEL", _instance->tcp_label, sizeof(_instance->tcp_label), "tcp_flow_stat");
|
|
|
|
|
MESA_load_profile_string_def(conffile, "SYSTEM", "UDP_LABEL", _instance->udp_label, sizeof(_instance->udp_label), "udp_flow_stat");
|
2020-07-24 17:04:09 +08:00
|
|
|
|
|
|
|
|
_instance->tcp_flow_project_id=project_customer_register(_instance->tcp_label, "struct");
|
|
|
|
|
_instance->udp_flow_project_id=project_customer_register(_instance->udp_label, "struct");
|
|
|
|
|
if(_instance->tcp_flow_project_id<0 || _instance->udp_flow_project_id<0)
|
|
|
|
|
{
|
2023-06-18 13:35:09 +08:00
|
|
|
MASTER_LOG(_instance->logger, RLOG_LV_FATAL, LOG_MODULE_SENDLOG,
|
2020-07-24 17:04:09 +08:00
|
|
|
"project_customer_register is error, tcp_label: %s udp_label: %s, please check etc/project.conf",
|
|
|
|
|
_instance->tcp_label,
|
|
|
|
|
_instance->udp_label
|
|
|
|
|
);
|
|
|
|
|
}
|
2022-09-09 15:07:37 +08:00
|
|
|
|
|
|
|
|
MESA_load_profile_string_def(conffile, "SYSTEM", "OVERRIDE_SLED_IP", override_sled_ip, sizeof(override_sled_ip), "OVERRIDE_SLED_IP");
|
|
|
|
|
char *sled_ip=getenv(override_sled_ip);
|
|
|
|
|
if(sled_ip==NULL)
|
2019-12-09 18:58:05 +08:00
|
|
|
{
|
2023-02-09 07:14:55 +00:00
|
|
|
char nic_name[32]={0};
|
2022-09-09 15:07:37 +08:00
|
|
|
MESA_load_profile_string_def(conffile, "SYSTEM", "NIC_NAME", nic_name, sizeof(nic_name), "lo");
|
2023-02-09 07:14:55 +00:00
|
|
|
int ret=MESA_get_dev_ipv4(nic_name, (int *)&local_ip_nr);
|
2022-09-09 15:07:37 +08:00
|
|
|
if(ret<0)
|
|
|
|
|
{
|
2023-06-18 13:35:09 +08:00
|
|
|
MASTER_LOG(_instance->logger, RLOG_LV_FATAL, LOG_MODULE_SENDLOG,
|
|
|
|
|
"GET_LOCAL_IP MESA_get_dev_ipv4 is error, nic_name: %s, please check tsgconf/main.conf",
|
2022-09-09 15:07:37 +08:00
|
|
|
nic_name
|
|
|
|
|
);
|
|
|
|
|
return NULL;
|
|
|
|
|
}
|
|
|
|
|
inet_ntop(AF_INET,&(local_ip_nr),_instance->local_ip_str,sizeof(_instance->local_ip_str));
|
|
|
|
|
}
|
|
|
|
|
else
|
|
|
|
|
{
|
|
|
|
|
memcpy(_instance->local_ip_str, sled_ip, MIN(sizeof(_instance->local_ip_str)-1, strlen(sled_ip)));
|
2019-12-09 18:58:05 +08:00
|
|
|
}
|
2020-11-14 15:50:44 +06:00
|
|
|
|
2020-09-01 11:35:49 +08:00
|
|
|
rdkafka_conf = rd_kafka_conf_new();
|
|
|
|
|
rd_kafka_conf_set(rdkafka_conf, "queue.buffering.max.messages", _instance->send_queue_max_msg, kafka_errstr, sizeof(kafka_errstr));
|
|
|
|
|
rd_kafka_conf_set(rdkafka_conf, "topic.metadata.refresh.interval.ms", _instance->refresh_interval_ms, kafka_errstr, sizeof(kafka_errstr));
|
2021-04-29 14:43:44 +08:00
|
|
|
rd_kafka_conf_set(rdkafka_conf, "request.required.acks", _instance->require_ack, kafka_errstr, sizeof(kafka_errstr));
|
2021-07-10 03:40:39 +00:00
|
|
|
rd_kafka_conf_set(rdkafka_conf, "socket.keepalive.enable", "true", kafka_errstr, sizeof(kafka_errstr));
|
2023-02-09 07:14:55 +00:00
|
|
|
rd_kafka_conf_set(rdkafka_conf, "bootstrap.servers", broker_list, kafka_errstr, sizeof(kafka_errstr));
|
2021-08-19 06:20:32 +00:00
|
|
|
|
2023-07-16 16:58:06 +08:00
|
|
|
if(strlen(_instance->compression)>0)
|
|
|
|
|
{
|
|
|
|
|
rd_kafka_conf_set(rdkafka_conf, "compression.codec", _instance->compression, kafka_errstr, sizeof(kafka_errstr));
|
|
|
|
|
}
|
|
|
|
|
|
2021-09-02 15:15:15 +08:00
|
|
|
if(strlen(_instance->sasl_username)> 0 && strlen(_instance->sasl_passwd)>0)
|
2019-12-09 18:58:05 +08:00
|
|
|
{
|
2021-08-19 06:20:32 +00:00
|
|
|
rd_kafka_conf_set(rdkafka_conf, "security.protocol", "sasl_plaintext", kafka_errstr, sizeof(kafka_errstr));
|
|
|
|
|
rd_kafka_conf_set(rdkafka_conf, "sasl.mechanisms", "PLAIN", kafka_errstr, sizeof(kafka_errstr));
|
|
|
|
|
rd_kafka_conf_set(rdkafka_conf, "sasl.username", _instance->sasl_username, kafka_errstr, sizeof(kafka_errstr));
|
|
|
|
|
rd_kafka_conf_set(rdkafka_conf, "sasl.password", _instance->sasl_passwd, kafka_errstr, sizeof(kafka_errstr));
|
2019-12-09 18:58:05 +08:00
|
|
|
}
|
2021-08-19 06:20:32 +00:00
|
|
|
|
2021-08-24 05:28:08 +00:00
|
|
|
if(!(_instance->kafka_handle=rd_kafka_new(RD_KAFKA_PRODUCER, rdkafka_conf, kafka_errstr, sizeof(kafka_errstr))))
|
2019-12-09 18:58:05 +08:00
|
|
|
{
|
2023-06-18 13:35:09 +08:00
|
|
|
MASTER_LOG(_instance->logger, RLOG_LV_FATAL, LOG_MODULE_SENDLOG, "KAFKA_INIT rd_kafka_new is error");
|
2019-12-09 18:58:05 +08:00
|
|
|
return NULL;
|
|
|
|
|
}
|
2021-08-19 06:20:32 +00:00
|
|
|
|
2023-04-03 08:30:49 +00:00
|
|
|
log_common_fields_new(common_field_file, _instance->id2field, &(_instance->service2topic), &(_instance->max_service));
|
2019-12-09 18:58:05 +08:00
|
|
|
|
2020-01-19 15:53:02 +08:00
|
|
|
if(_instance->service2topic!=NULL)
|
2019-12-09 18:58:05 +08:00
|
|
|
{
|
2023-06-13 11:27:49 +08:00
|
|
|
_instance->sum_stat_row_id=tsg_stat_sendlog_row_init("sum");
|
2023-02-09 07:14:55 +00:00
|
|
|
for(int i=0; i<_instance->max_service; i++)
|
2019-12-09 18:58:05 +08:00
|
|
|
{
|
2022-05-17 10:05:40 +00:00
|
|
|
if(_instance->service2topic[i].type==TLD_TYPE_MAX && strlen(_instance->service2topic[i].name)>0)
|
|
|
|
|
{
|
|
|
|
|
register_topic(_instance, &( _instance->service2topic[i]));
|
|
|
|
|
}
|
2019-12-09 18:58:05 +08:00
|
|
|
}
|
|
|
|
|
}
|
2020-01-19 15:53:02 +08:00
|
|
|
else
|
|
|
|
|
{
|
2023-06-18 13:35:09 +08:00
|
|
|
MASTER_LOG(_instance->logger, RLOG_LV_FATAL, LOG_MODULE_SENDLOG, "KAFKA_INIT log_common_fields_new is error, please check %s", common_field_file);
|
2020-01-19 15:53:02 +08:00
|
|
|
}
|
2019-12-09 18:58:05 +08:00
|
|
|
|
|
|
|
|
return _instance;
|
|
|
|
|
}
|
2022-02-23 18:43:00 +08:00
|
|
|
void tsg_sendlog_destroy(struct tsg_log_instance_t * instance)
|
|
|
|
|
{
|
2022-02-24 11:50:11 +08:00
|
|
|
if(instance==NULL)
|
2022-02-23 18:43:00 +08:00
|
|
|
{
|
2022-02-24 11:50:11 +08:00
|
|
|
return ;
|
|
|
|
|
}
|
|
|
|
|
|
2023-09-01 08:50:24 +00:00
|
|
|
if(instance->mode!=CLOSE_SEND_MODE)
|
2022-02-24 11:50:11 +08:00
|
|
|
{
|
|
|
|
|
for(int i=0; i<instance->max_service; i++)
|
2022-02-23 18:43:00 +08:00
|
|
|
{
|
2022-05-17 10:05:40 +00:00
|
|
|
if(instance->service2topic[i].type!=TLD_TYPE_MAX || i==1) //i=1 equal i=0, service id of security event is 0 and 1
|
|
|
|
|
{
|
2022-02-24 11:50:11 +08:00
|
|
|
continue;
|
|
|
|
|
}
|
2022-05-17 10:05:40 +00:00
|
|
|
|
|
|
|
|
if(instance->service2topic[i].topic_rkt!=NULL)
|
|
|
|
|
{
|
|
|
|
|
rd_kafka_topic_destroy(instance->service2topic[i].topic_rkt);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if(instance->service2topic[i].drop_start!=NULL)
|
|
|
|
|
{
|
|
|
|
|
free(instance->service2topic[i].drop_start);
|
|
|
|
|
instance->service2topic[i].drop_start=NULL;
|
|
|
|
|
}
|
2022-02-24 11:50:11 +08:00
|
|
|
|
2022-05-17 10:05:40 +00:00
|
|
|
if(instance->service2topic[i].send_log_percent!=NULL)
|
|
|
|
|
{
|
|
|
|
|
free(instance->service2topic[i].send_log_percent);
|
|
|
|
|
instance->service2topic[i].send_log_percent=NULL;
|
|
|
|
|
}
|
2022-02-23 18:43:00 +08:00
|
|
|
}
|
2022-02-24 11:50:11 +08:00
|
|
|
|
2022-03-10 17:19:39 +08:00
|
|
|
//rd_kafka_destroy_flags(instance->kafka_handle, 4);
|
2022-02-25 18:08:50 +08:00
|
|
|
rd_kafka_destroy(instance->kafka_handle);
|
2022-02-24 11:50:11 +08:00
|
|
|
|
|
|
|
|
free(instance->service2topic);
|
|
|
|
|
instance->service2topic=NULL;
|
2022-02-23 18:43:00 +08:00
|
|
|
}
|
|
|
|
|
|
2023-09-01 08:50:24 +00:00
|
|
|
if (instance->mode&IPFIX_SEND_MODE)
|
|
|
|
|
{
|
|
|
|
|
ipfix_exporter_destroy(instance->ipfix_instance);
|
|
|
|
|
}
|
2022-02-24 11:50:11 +08:00
|
|
|
|
2022-02-23 18:43:00 +08:00
|
|
|
MESA_destroy_runtime_log_handle(instance->logger);
|
|
|
|
|
instance->logger=NULL;
|
|
|
|
|
|
|
|
|
|
free(instance);
|
|
|
|
|
instance=NULL;
|
2023-04-03 08:30:49 +00:00
|
|
|
return ;
|
|
|
|
|
}
|
|
|
|
|
|
2023-09-01 08:50:24 +00:00
|
|
|
static int tsg_send_ipfix_message(struct TLD_handle_t *_handle, int thread_id)
|
|
|
|
|
{
|
|
|
|
|
if (_handle == NULL)
|
|
|
|
|
{
|
|
|
|
|
return -1;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (ipfix_message_get_current_sequence() % g_tsg_log_instance->ipfix_template_interval_pkts == 0)
|
|
|
|
|
{
|
|
|
|
|
ipfix_message_template_send(g_tsg_log_instance->ipfix_instance, thread_id);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
Value::ConstMemberIterator schema_type = _handle->document->FindMember("common_schema_type");
|
|
|
|
|
if (schema_type == _handle->document->MemberEnd())
|
|
|
|
|
{
|
|
|
|
|
return -1;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
struct ipfix_message* message = ipfix_message_new(g_tsg_log_instance->ipfix_instance, schema_type->value.GetString());
|
|
|
|
|
if (message == NULL)
|
|
|
|
|
{
|
|
|
|
|
return -1;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
for (rapidjson::Value::ConstMemberIterator iter = _handle->document->MemberBegin(); iter != _handle->document->MemberEnd(); ++iter)
|
|
|
|
|
{
|
|
|
|
|
if (iter->value.GetType() == rapidjson::kStringType)
|
|
|
|
|
{
|
|
|
|
|
ipfix_message_append(message, iter->name.GetString(), iter->name.GetStringLength(), (char *)iter->value.GetString(), iter->value.GetStringLength());
|
|
|
|
|
}
|
|
|
|
|
else if (iter->value.GetType() == rapidjson::kNumberType)
|
|
|
|
|
{
|
|
|
|
|
int64_t value = iter->value.GetInt64();
|
|
|
|
|
ipfix_message_append(message, iter->name.GetString(), iter->name.GetStringLength(), (char *)&(value), sizeof(int64_t));
|
|
|
|
|
}
|
2023-09-13 10:59:50 +00:00
|
|
|
else if (iter->value.GetType() == rapidjson::kObjectType || iter->value.GetType() == rapidjson::kArrayType)
|
|
|
|
|
{
|
|
|
|
|
StringBuffer sb(0, 128);
|
|
|
|
|
Writer<StringBuffer> writer(sb);
|
|
|
|
|
iter->value.Accept(writer);
|
|
|
|
|
|
|
|
|
|
ipfix_message_append(message, iter->name.GetString(), iter->name.GetStringLength(), (char *)sb.GetString(), sb.GetSize());
|
|
|
|
|
}
|
2023-09-01 08:50:24 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
ipfix_message_send(g_tsg_log_instance->ipfix_instance, message, (uint16_t)thread_id);
|
|
|
|
|
ipfix_message_free(message);
|
|
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
|
2023-04-03 08:30:49 +00:00
|
|
|
int send_log_by_type(struct tsg_log_instance_t *_instance, struct TLD_handle_t *_handle, const struct streaminfo *a_stream, LOG_TYPE log_type, int thread_id)
|
|
|
|
|
{
|
2023-06-13 11:27:49 +08:00
|
|
|
int ret=update_percent(_instance, log_type, LOG_STATUS_DROP, thread_id);
|
2023-04-03 08:30:49 +00:00
|
|
|
if(ret==1)
|
2022-02-23 18:43:00 +08:00
|
|
|
{
|
2023-06-18 13:35:09 +08:00
|
|
|
MASTER_LOG(_instance->logger, RLOG_LV_DEBUG, LOG_MODULE_SENDLOG,
|
2023-04-03 08:30:49 +00:00
|
|
|
"drop log: log_type=%d send_log_percent: %d addr=%s",
|
|
|
|
|
log_type,
|
|
|
|
|
_instance->service2topic[log_type].send_log_percent[thread_id],
|
2023-06-18 13:35:09 +08:00
|
|
|
(a_stream==NULL ? "" : printaddr(&(a_stream->addr), thread_id))
|
2023-04-03 08:30:49 +00:00
|
|
|
);
|
2022-02-23 18:43:00 +08:00
|
|
|
}
|
2023-09-01 08:50:24 +00:00
|
|
|
|
|
|
|
|
if (_instance->mode&KAFKA_SEND_MODE)
|
|
|
|
|
{
|
|
|
|
|
StringBuffer sb(0, 2048);
|
|
|
|
|
Writer<StringBuffer> writer(sb);
|
|
|
|
|
_handle->document->Accept(writer);
|
2022-02-23 18:43:00 +08:00
|
|
|
|
2023-09-01 08:50:24 +00:00
|
|
|
tsg_send_payload(_instance, log_type, (char *)sb.GetString(), sb.GetSize(), thread_id);
|
|
|
|
|
}
|
2023-04-03 08:30:49 +00:00
|
|
|
|
2023-09-01 08:50:24 +00:00
|
|
|
if (_instance->mode&IPFIX_SEND_MODE && log_type == LOG_TYPE_SESSION_RECORD)
|
|
|
|
|
{
|
|
|
|
|
tsg_send_ipfix_message(_handle, thread_id);
|
|
|
|
|
}
|
|
|
|
|
|
2023-04-03 08:30:49 +00:00
|
|
|
return 0;
|
2022-02-23 18:43:00 +08:00
|
|
|
}
|
2019-12-09 18:58:05 +08:00
|
|
|
|
2023-05-10 07:35:03 +00:00
|
|
|
int send_event_log(struct tsg_log_instance_t *_instance, struct TLD_handle_t *_handle, const struct streaminfo *a_stream, LOG_TYPE log_type, struct maat_rule *rules, size_t n_rules, int thread_id)
|
2019-12-09 18:58:05 +08:00
|
|
|
{
|
2023-06-13 11:27:49 +08:00
|
|
|
int repeat_cnt=0;
|
2020-07-20 15:59:15 +08:00
|
|
|
int policy_id[MAX_RESULT_NUM]={0};
|
2019-12-09 18:58:05 +08:00
|
|
|
|
2023-04-03 08:30:49 +00:00
|
|
|
for(size_t i=0;i<n_rules; i++)
|
2023-02-28 11:17:45 +08:00
|
|
|
{
|
2023-04-03 08:30:49 +00:00
|
|
|
if(is_multi_hit_same_policy(&(rules[i]), policy_id, &repeat_cnt))
|
2020-07-20 15:59:15 +08:00
|
|
|
{
|
2023-06-18 13:35:09 +08:00
|
|
|
MASTER_LOG(_instance->logger, RLOG_LV_DEBUG, LOG_MODULE_SENDLOG,
|
2020-09-16 10:09:05 +08:00
|
|
|
"tsg same log:cfg_id=%d service=%d addr=%s",
|
2023-04-03 08:30:49 +00:00
|
|
|
rules[i].rule_id,
|
|
|
|
|
rules[i].service_id,
|
2023-06-18 13:35:09 +08:00
|
|
|
(a_stream==NULL ? "" : printaddr(&(a_stream->addr), thread_id))
|
2020-09-16 11:09:44 +08:00
|
|
|
);
|
2020-07-20 15:59:15 +08:00
|
|
|
continue;
|
|
|
|
|
}
|
2020-09-01 11:35:49 +08:00
|
|
|
|
2023-05-30 11:06:13 +08:00
|
|
|
if(a_stream!=NULL && rules[i].service_id!=TSG_SERVICE_INTERCEPT)
|
2023-05-27 03:13:50 +00:00
|
|
|
{
|
|
|
|
|
tsg_set_policy_flow(a_stream, &(rules[i]), thread_id);
|
|
|
|
|
}
|
|
|
|
|
|
2023-04-03 08:30:49 +00:00
|
|
|
switch(rules[i].do_log)
|
2019-12-09 18:58:05 +08:00
|
|
|
{
|
|
|
|
|
case LOG_ABORT:
|
2023-06-18 13:35:09 +08:00
|
|
|
MASTER_LOG(_instance->logger, RLOG_LV_DEBUG, LOG_MODULE_SENDLOG,
|
2020-09-16 11:09:44 +08:00
|
|
|
"tsg abort log:cfg_id=%d service=%d addr=%s",
|
2023-04-03 08:30:49 +00:00
|
|
|
rules[i].rule_id,
|
|
|
|
|
rules[i].service_id,
|
2023-06-18 13:35:09 +08:00
|
|
|
(a_stream==NULL ? "" : printaddr(&(a_stream->addr), thread_id))
|
2020-09-16 11:09:44 +08:00
|
|
|
);
|
2020-11-16 12:30:44 +06:00
|
|
|
|
2023-06-13 11:27:49 +08:00
|
|
|
fs3_rule_stat_update(RULE_STAT_ABORT, (int)rules[i].action, 1);
|
2019-12-09 18:58:05 +08:00
|
|
|
continue;
|
|
|
|
|
break;
|
|
|
|
|
case LOG_ALL:
|
2023-04-03 08:30:49 +00:00
|
|
|
if(rules[i].action==TSG_ACTION_MONITOR)
|
2022-07-01 17:08:16 +08:00
|
|
|
{
|
2023-02-09 07:14:55 +00:00
|
|
|
set_s3_filename(_instance, _handle, a_stream);
|
|
|
|
|
set_mail_eml(_instance, _handle, a_stream);
|
2022-07-01 17:08:16 +08:00
|
|
|
}
|
2019-12-09 18:58:05 +08:00
|
|
|
break;
|
|
|
|
|
case LOG_NOFILE:
|
2023-04-03 08:30:49 +00:00
|
|
|
if(rules[i].action==TSG_ACTION_MONITOR)
|
|
|
|
|
{
|
2022-07-01 17:08:16 +08:00
|
|
|
TLD_delete(_handle, _instance->id2field[LOG_COMMON_MAIL_EML_FILE].name);
|
2023-02-09 07:14:55 +00:00
|
|
|
TLD_delete(_handle, _instance->id2field[LOG_COMMON_HTTP_REQUEST_S3_FILE].name);
|
2022-07-01 17:08:16 +08:00
|
|
|
TLD_delete(_handle, _instance->id2field[LOG_COMMON_HTTP_RESPONSE_S3_FILE].name);
|
|
|
|
|
}
|
2019-12-09 18:58:05 +08:00
|
|
|
break;
|
|
|
|
|
default:
|
|
|
|
|
break;
|
|
|
|
|
}
|
2023-02-07 02:51:03 +00:00
|
|
|
|
2023-04-03 08:30:49 +00:00
|
|
|
TLD_append(_handle, _instance->id2field[LOG_COMMON_POLICY_ID].name, (void *)(long)(rules[i].rule_id), TLD_TYPE_LONG);
|
|
|
|
|
TLD_append(_handle, _instance->id2field[LOG_COMMON_SERVICE].name, (void *)(long)(rules[i].service_id), TLD_TYPE_LONG);
|
2023-04-28 06:03:16 +00:00
|
|
|
TLD_append(_handle, _instance->id2field[LOG_COMMON_VSYSTEM_ID].name, (void *)(long)rules[i].vsys_id, TLD_TYPE_LONG);
|
2023-05-06 02:23:12 +00:00
|
|
|
TLD_append(_handle, _instance->id2field[LOG_COMMON_ACTION].name, (void *)(long)(rules[i].action), TLD_TYPE_LONG);
|
2020-12-17 14:44:01 +06:00
|
|
|
|
2023-04-03 08:30:49 +00:00
|
|
|
set_policy_action_para_exec_result(_instance, _handle, a_stream, &(rules[i]));
|
2020-04-16 13:03:56 +08:00
|
|
|
|
2023-04-03 08:30:49 +00:00
|
|
|
set_xxxx_from_user_region(_handle, _instance, &(rules[i]), thread_id);
|
2019-12-09 18:58:05 +08:00
|
|
|
|
2023-05-10 07:35:03 +00:00
|
|
|
send_log_by_type(_instance, _handle, a_stream, log_type, thread_id);
|
2019-12-09 18:58:05 +08:00
|
|
|
|
|
|
|
|
TLD_delete(_handle, _instance->id2field[LOG_COMMON_POLICY_ID].name);
|
|
|
|
|
TLD_delete(_handle, _instance->id2field[LOG_COMMON_SERVICE].name);
|
|
|
|
|
TLD_delete(_handle, _instance->id2field[LOG_COMMON_ACTION].name);
|
2020-12-17 14:44:01 +06:00
|
|
|
TLD_delete(_handle, _instance->id2field[LOG_COMMON_USER_REGION].name);
|
2023-04-28 06:03:16 +00:00
|
|
|
TLD_delete(_handle, _instance->id2field[LOG_COMMON_VSYSTEM_ID].name);
|
2023-06-13 11:27:49 +08:00
|
|
|
|
|
|
|
|
fs3_rule_stat_update(RULE_STAT_SEND, (int)rules[i].action, 1);
|
2019-12-09 18:58:05 +08:00
|
|
|
}
|
|
|
|
|
|
2023-02-09 07:14:55 +00:00
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
|
2023-06-16 19:56:56 +08:00
|
|
|
int deal_event_rules(struct tsg_log_instance_t *_instance, struct TLD_handle_t *_handle, const struct streaminfo *a_stream, LOG_TYPE log_type, TSG_SERVICE service, int *is_append_common_field, int thread_id)
|
2023-05-26 05:37:16 +00:00
|
|
|
{
|
|
|
|
|
struct matched_policy_rules *matched_rules=(struct matched_policy_rules *)session_matched_rules_get(a_stream, service);
|
|
|
|
|
if(matched_rules==NULL || matched_rules->n_rules==0)
|
|
|
|
|
{
|
|
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
|
2023-06-16 19:56:56 +08:00
|
|
|
if((*is_append_common_field)==0)
|
|
|
|
|
{
|
|
|
|
|
(*is_append_common_field)=1;
|
|
|
|
|
append_common_field(_instance, _handle, a_stream);
|
|
|
|
|
}
|
|
|
|
|
|
2023-05-26 05:37:16 +00:00
|
|
|
if(service==TSG_SERVICE_INTERCEPT)
|
|
|
|
|
{
|
|
|
|
|
set_intercept_info(_instance, _handle, a_stream);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
send_event_log(_instance, _handle, a_stream, log_type, matched_rules->rules, matched_rules->n_rules, thread_id);
|
|
|
|
|
session_matched_rules_free(a_stream, service, (void *)matched_rules);
|
|
|
|
|
session_matched_rules_async(a_stream, service, NULL);
|
|
|
|
|
|
|
|
|
|
return 1;
|
|
|
|
|
}
|
|
|
|
|
|
2023-04-03 08:30:49 +00:00
|
|
|
int tsg_send_log(struct tsg_log_instance_t *instance, struct TLD_handle_t *handle, const struct streaminfo *a_stream, enum LOG_TYPE log_type, struct maat_rule *rules, size_t n_rules, int thread_id)
|
2023-02-09 07:14:55 +00:00
|
|
|
{
|
2023-06-18 13:35:09 +08:00
|
|
|
struct TLD_handle_t *_handle=handle;
|
|
|
|
|
struct tsg_log_instance_t *_instance=instance;
|
|
|
|
|
|
|
|
|
|
if(_instance==NULL || _handle==NULL || rules==NULL || n_rules==0)
|
2023-02-09 07:14:55 +00:00
|
|
|
{
|
2023-06-18 13:35:09 +08:00
|
|
|
TLD_cancel(_handle);
|
|
|
|
|
if(_instance!=NULL)
|
2023-02-09 07:14:55 +00:00
|
|
|
{
|
2023-06-18 13:35:09 +08:00
|
|
|
MASTER_LOG(_instance->logger, RLOG_LV_DEBUG, LOG_MODULE_SENDLOG, " instance==NULL || TLD_handle==NULL || log_msg==NULL ");
|
2023-02-09 07:14:55 +00:00
|
|
|
}
|
|
|
|
|
return -1;
|
|
|
|
|
}
|
|
|
|
|
|
2023-09-01 08:50:24 +00:00
|
|
|
if(_instance->mode==CLOSE_SEND_MODE)
|
2023-02-09 07:14:55 +00:00
|
|
|
{
|
2023-06-18 13:35:09 +08:00
|
|
|
TLD_cancel(_handle);
|
2023-06-13 11:27:49 +08:00
|
|
|
tsg_stat_sendlog_update(_instance->sum_stat_row_id, LOG_STATUS_DROP, 1);
|
|
|
|
|
tsg_stat_sendlog_update(_instance->sum_stat_row_id, LOG_STATUS_DROP_S, 1);
|
2023-06-18 13:35:09 +08:00
|
|
|
MASTER_LOG(_instance->logger, RLOG_LV_INFO, LOG_MODULE_SENDLOG, "Disable tsg_send_log.");
|
2023-02-09 07:14:55 +00:00
|
|
|
return 0;
|
|
|
|
|
}
|
2023-05-30 16:56:15 +08:00
|
|
|
|
|
|
|
|
if(is_hitted_shunt(a_stream))
|
|
|
|
|
{
|
2023-06-18 13:35:09 +08:00
|
|
|
TLD_cancel(_handle);
|
2023-06-13 11:27:49 +08:00
|
|
|
fs3_rule_stat_update(RULE_STAT_ABORT, TSG_ACTION_SHUNT, 1);
|
2023-05-30 16:56:15 +08:00
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
|
2023-06-16 19:56:56 +08:00
|
|
|
int is_append_common_field=0;
|
2023-02-09 07:14:55 +00:00
|
|
|
|
2023-04-03 08:30:49 +00:00
|
|
|
switch(log_type)
|
2023-02-09 07:14:55 +00:00
|
|
|
{
|
2023-04-03 08:30:49 +00:00
|
|
|
case LOG_TYPE_SECURITY_EVENT:
|
2023-06-16 19:56:56 +08:00
|
|
|
append_common_field(instance, handle, a_stream);
|
2023-05-10 07:35:03 +00:00
|
|
|
send_event_log(_instance, _handle, a_stream, LOG_TYPE_SECURITY_EVENT, rules, n_rules, thread_id);
|
2023-04-03 08:30:49 +00:00
|
|
|
break;
|
2023-05-26 05:37:16 +00:00
|
|
|
case LOG_TYPE_INTERCEPT_EVENT:
|
2023-06-16 19:56:56 +08:00
|
|
|
append_common_field(instance, handle, a_stream);
|
2023-05-26 05:37:16 +00:00
|
|
|
send_event_log(_instance, _handle, a_stream, LOG_TYPE_INTERCEPT_EVENT, rules, n_rules, thread_id);
|
|
|
|
|
break;
|
2023-04-03 08:30:49 +00:00
|
|
|
case LOG_TYPE_SESSION_RECORD:
|
2023-05-26 05:37:16 +00:00
|
|
|
if(_instance->send_intercept_log==1)
|
2023-05-10 07:35:03 +00:00
|
|
|
{
|
2023-06-16 19:56:56 +08:00
|
|
|
deal_event_rules(_instance, _handle, a_stream, LOG_TYPE_INTERCEPT_EVENT, TSG_SERVICE_INTERCEPT, &is_append_common_field, thread_id);
|
2023-02-23 10:59:04 +08:00
|
|
|
}
|
2023-04-03 08:30:49 +00:00
|
|
|
// no break;
|
2023-09-05 11:15:46 +08:00
|
|
|
case LOG_TYPE_TRANSACTION_RECORD:
|
|
|
|
|
deal_event_rules(_instance, _handle, a_stream, LOG_TYPE_SECURITY_EVENT, TSG_SERVICE_SECURITY, &is_append_common_field, thread_id);
|
|
|
|
|
// no break;
|
2023-04-03 08:30:49 +00:00
|
|
|
case LOG_TYPE_INTERIM_SESSION_RECORD:
|
2023-05-29 18:20:36 +08:00
|
|
|
if(session_record_limit(_instance, a_stream, log_type))
|
2023-04-03 08:30:49 +00:00
|
|
|
{
|
|
|
|
|
break;
|
|
|
|
|
}
|
2023-05-15 03:00:50 +00:00
|
|
|
|
2023-06-16 19:56:56 +08:00
|
|
|
if(is_append_common_field==0)
|
|
|
|
|
{
|
|
|
|
|
append_common_field(_instance, _handle, a_stream);
|
|
|
|
|
}
|
|
|
|
|
|
2023-05-15 03:00:50 +00:00
|
|
|
TLD_append(_handle, _instance->id2field[LOG_COMMON_VSYSTEM_ID].name, (void *)(long)_instance->vsystem_id, TLD_TYPE_LONG);
|
|
|
|
|
|
2023-05-10 07:35:03 +00:00
|
|
|
set_sce_profile_ids(_instance, _handle, a_stream);
|
|
|
|
|
set_shaping_profile_ids(_instance, _handle, a_stream);
|
2023-04-03 08:30:49 +00:00
|
|
|
set_shaping_rule_ids(_instance, _handle, a_stream);
|
|
|
|
|
set_nat_linkinfo(_instance, _handle, a_stream);
|
|
|
|
|
send_log_by_type(_instance, _handle, a_stream, log_type, thread_id);
|
|
|
|
|
break;
|
|
|
|
|
case LOG_TYPE_BGP_RECORD:
|
|
|
|
|
case LOG_TYPE_VOIP_RECORD:
|
|
|
|
|
case LOG_TYPE_GTPC_RECORD:
|
|
|
|
|
case LOG_TYPE_INTERNAL_RTP_RECORD:
|
2023-06-16 19:56:56 +08:00
|
|
|
append_common_field(_instance, _handle, a_stream);
|
2023-05-30 17:56:37 +08:00
|
|
|
TLD_append(_handle, _instance->id2field[LOG_COMMON_VSYSTEM_ID].name, (void *)(long)_instance->vsystem_id, TLD_TYPE_LONG);
|
2023-04-03 08:30:49 +00:00
|
|
|
send_log_by_type(_instance, _handle, a_stream, log_type, thread_id);
|
|
|
|
|
break;
|
|
|
|
|
default:
|
|
|
|
|
return 0;
|
2023-02-09 07:14:55 +00:00
|
|
|
}
|
|
|
|
|
|
2019-12-09 18:58:05 +08:00
|
|
|
TLD_cancel(handle);
|
|
|
|
|
|
|
|
|
|
return 0;
|
2019-11-12 13:35:19 +08:00
|
|
|
}
|
|
|
|
|
|
2021-08-24 05:28:08 +00:00
|
|
|
int tsg_register_topic(struct tsg_log_instance_t *instance, char *topic_name)
|
|
|
|
|
{
|
|
|
|
|
struct tsg_log_instance_t *_instance=(struct tsg_log_instance_t *)instance;
|
2023-09-01 08:50:24 +00:00
|
|
|
if(_instance==NULL || _instance->mode==CLOSE_SEND_MODE || topic_name==NULL || _instance->kafka_handle==NULL)
|
2021-08-24 05:28:08 +00:00
|
|
|
{
|
2022-05-17 10:05:40 +00:00
|
|
|
return -1;
|
2021-08-24 05:28:08 +00:00
|
|
|
}
|
|
|
|
|
|
2022-05-17 10:05:40 +00:00
|
|
|
_instance->service2topic=(struct topic_stat *)realloc(_instance->service2topic, (_instance->max_service+1)*sizeof(struct topic_stat));
|
|
|
|
|
_instance->service2topic[_instance->max_service].type=TLD_TYPE_MAX;
|
2023-02-09 07:14:55 +00:00
|
|
|
memset(_instance->service2topic[_instance->max_service].name, 0, MAX_STRING_LEN32);
|
|
|
|
|
memcpy(_instance->service2topic[_instance->max_service].name, topic_name, MIN(MAX_STRING_LEN32-1, strlen(topic_name)));
|
2021-08-24 05:28:08 +00:00
|
|
|
|
2022-05-17 10:05:40 +00:00
|
|
|
register_topic(_instance, &(_instance->service2topic[_instance->max_service]));
|
|
|
|
|
_instance->max_service++;
|
2021-08-24 05:28:08 +00:00
|
|
|
|
|
|
|
|
return (_instance->max_service-1);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
int tsg_send_payload(struct tsg_log_instance_t *instance, int topic_id, char *payload, int payload_len, int thread_id)
|
|
|
|
|
{
|
|
|
|
|
int status=0;
|
|
|
|
|
struct tsg_log_instance_t *_instance=instance;
|
|
|
|
|
|
2023-09-01 08:50:24 +00:00
|
|
|
if(_instance==NULL || _instance->mode==CLOSE_SEND_MODE)
|
2021-08-24 05:28:08 +00:00
|
|
|
{
|
|
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
|
2022-05-17 10:05:40 +00:00
|
|
|
if(payload==NULL || payload_len<=0 || topic_id<0 || _instance->service2topic[topic_id].topic_rkt==NULL)
|
2021-08-24 05:28:08 +00:00
|
|
|
{
|
2023-06-18 13:35:09 +08:00
|
|
|
MASTER_LOG(_instance->logger, RLOG_LV_INFO, LOG_MODULE_SENDLOG,
|
2022-05-17 10:05:40 +00:00
|
|
|
"tsg_send_log to kafka is error (payload==NULL || payload_len<=0 || topic_id<0 || _instance->service2topic[topic_id].topic_rkt==NULL), topic: %s",
|
|
|
|
|
_instance->service2topic[topic_id].name
|
|
|
|
|
);
|
2021-08-24 05:28:08 +00:00
|
|
|
return -1;
|
|
|
|
|
}
|
|
|
|
|
|
2022-05-17 10:05:40 +00:00
|
|
|
status=rd_kafka_produce(_instance->service2topic[topic_id].topic_rkt, RD_KAFKA_PARTITION_UA, RD_KAFKA_MSG_F_COPY, payload, payload_len, NULL, 0, NULL);
|
2021-08-24 05:28:08 +00:00
|
|
|
if(status<0)
|
|
|
|
|
{
|
2023-06-13 11:27:49 +08:00
|
|
|
update_percent(_instance, topic_id, LOG_STATUS_FAIL, thread_id);
|
2021-08-24 05:28:08 +00:00
|
|
|
|
2023-06-18 13:35:09 +08:00
|
|
|
MASTER_LOG(_instance->logger, RLOG_LV_INFO, LOG_MODULE_SENDLOG,
|
2022-05-17 10:05:40 +00:00
|
|
|
"tsg_send_log to kafka is error of code: %d %s(%s), status: %d, topic: %s %s",
|
|
|
|
|
rd_kafka_last_error(),
|
2021-08-24 05:28:08 +00:00
|
|
|
rd_kafka_err2name(rd_kafka_last_error()),
|
|
|
|
|
rd_kafka_err2str(rd_kafka_last_error()),
|
|
|
|
|
status,
|
2022-05-17 10:05:40 +00:00
|
|
|
_instance->service2topic[topic_id].name,
|
|
|
|
|
payload
|
2021-08-24 05:28:08 +00:00
|
|
|
);
|
2022-05-17 10:05:40 +00:00
|
|
|
return -1;
|
2021-08-24 05:28:08 +00:00
|
|
|
}
|
2022-05-18 11:41:41 +08:00
|
|
|
else
|
|
|
|
|
{
|
2023-06-13 11:27:49 +08:00
|
|
|
update_percent(_instance, topic_id, LOG_STATUS_SUCCESS, thread_id);
|
2023-06-18 13:35:09 +08:00
|
|
|
MASTER_LOG(_instance->logger, RLOG_LV_INFO, LOG_MODULE_SENDLOG, "log send successfully %s: %s", _instance->service2topic[topic_id].name, payload);
|
2022-05-18 11:41:41 +08:00
|
|
|
}
|
|
|
|
|
|
2023-06-13 11:27:49 +08:00
|
|
|
update_percent(_instance, topic_id, LOG_STATUS_MAX, thread_id);
|
2021-08-24 05:28:08 +00:00
|
|
|
|
|
|
|
|
return 0;
|
|
|
|
|
}
|
2023-06-02 08:19:50 +00:00
|
|
|
|
|
|
|
|
int tsg_unknown_app_id_get(struct tsg_log_instance_t *instance)
|
|
|
|
|
{
|
|
|
|
|
if(instance!=NULL)
|
|
|
|
|
{
|
|
|
|
|
return instance->unknown_app_id;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
|
