gfwleak/tango-tsg-master
Archived
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

增加udp的链接数统计

Browse Source 
增加程序的健壮性
This commit is contained in:
刘学利
2020-10-14 15:18:16 +08:00
parent 4e7788bf4c
commit 347936e3be
21 changed files with 1380 additions and 626 deletions
Download Patch File Download Diff File Expand all files Collapse all files

30
.gitlab-ci.yml
View File

@@ -3,7 +3,7 @@ variables:
GIT_STRATEGY: "clone"
BUILD_PADDING_PREFIX: /tmp/padding_for_CPACK_RPM_BUILD_SOURCE_DIRS_PREFIX_PREFIX_PREFIX_PREFIX_PREFIX_PREFIX/
INSTALL_PREFIX: "/home/mesasoft/sapp_run/"
INSTALL_DEPENDENCY_LIBRARY: libMESA_handle_logger-devel libcjson-devel libMESA_field_stat2-devel sapp sapp-devel framework_env libMESA_prof_load-devel http-devel dns-devel ftp-devel mail-devel ssl-devel librdkafka-devel libmaatframe-devel quic-devel
INSTALL_DEPENDENCY_LIBRARY: libMESA_handle_logger-devel libcjson-devel libMESA_field_stat2-devel sapp sapp-devel framework_env libMESA_prof_load-devel http-devel dns-devel ftp-devel mail-devel ssl-devel librdkafka-devel libmaatframe-devel quic-devel libasan
stages:
- build
@@ -47,6 +47,11 @@ develop_build_debug:
variables:
BUILD_TYPE: Debug
PACKAGE: 1
UPLOAD_RPM: 1
ASAN_OPTION: ADDRESS
TESTING_VERSION_BUILD: 1
PULP3_REPO_NAME: tsg-testing-x86_64.el7
PULP3_DIST_NAME: tsg-testing-x86_64.el7
artifacts:
name: "tsg_master-$CI_COMMIT_REF_NAME-debug"
paths:
@@ -61,6 +66,11 @@ develop_build_release:
variables:
BUILD_TYPE: RelWithDebInfo
PACKAGE: 1
UPLOAD_RPM: 1
ASAN_OPTION: ADDRESS
TESTING_VERSION_BUILD: 1
PULP3_REPO_NAME: tsg-testing-x86_64.el7
PULP3_DIST_NAME: tsg-testing-x86_64.el7
artifacts:
name: "tsg_master-$CI_COMMIT_REF_NAME-release"
paths:
@@ -69,13 +79,29 @@ develop_build_release:
- /^develop.*$/i
- /^master.*$/i
release_build_debug:
stage: build
variables:
BUILD_TYPE: Debug
PACKAGE: 1
UPLOAD_RPM: 1
PULP3_REPO_NAME: tsg-stable-x86_64.el7
PULP3_DIST_NAME: tsg-stable-x86_64.el7
extends: .build_by_travis
artifacts:
name: "tsg_master-$CI_COMMIT_REF_NAME-release"
paths:
- build/*.rpm
only:
- tags
release_build_release:
stage: build
variables:
BUILD_TYPE: RelWithDebInfo
PACKAGE: 1
UPLOAD: 1
UPLOAD_RPM: 1
UPLOAD_SYMBOL_FILES: 1
SYMBOL_TARGET: tsg_master
PULP3_REPO_NAME: tsg-stable-x86_64.el7
PULP3_DIST_NAME: tsg-stable-x86_64.el7

35
CMakeLists.txt
View File

@@ -14,30 +14,32 @@ set(CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} -g")
include_directories(${PROJECT_SOURCE_DIR}/inc/)
include_directories(/opt/MESA/include/)
option(ENABLE_WARNING_ALL "Enable all optional warnings which are desirable for normal code" TRUE)
option(ENABLE_SANITIZE_ADDRESS "Enable AddressSanitizer" FALSE)
option(ENABLE_SANITIZE_THREAD "Enable ThreadSanitizer" FALSE)
#for ASAN
set(ASAN_OPTION "OFF" CACHE STRING " set asan type chosen by the user, using OFF as default")
set_property(CACHE ASAN_OPTION PROPERTY STRINGS OFF ADDRESS THREAD)
message(STATUS "ASAN_OPTION='${ASAN_OPTION}'")
if(ENABLE_SANITIZE_ADDRESS)
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -fsanitize=address -fno-omit-frame-pointer")
set(CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} -fsanitize=address -fno-omit-frame-pointer")
set(CMAKE_EXE_LINKER_FLAGS "${CMAKE_EXE_LINKER_FLAGS} -lasan")
set(CMAKE_SHARED_LINKER_FLAGS "${CMAKE_EXE_LINKER_FLAGS} -lasan")
elseif(ENABLE_SANITIZE_THREAD)
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -fsanitize=thread -fno-omit-frame-pointer")
set(CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} -fsanitize=thread -fno-omit-frame-pointer")
set(CMAKE_EXE_LINKER_FLAGS "${CMAKE_EXE_LINKER_FLAGS} -lasan")
set(CMAKE_SHARED_LINKER_FLAGS "${CMAKE_EXE_LINKER_FLAGS} -lasan")
if(ASAN_OPTION MATCHES "ADDRESS")
set(CMAKE_C_FLAGS "${CMAKADDRESS} -g -DCMAKE_BUILD_TYPE=Debug -fsanitize=address -fno-omit-frame-pointer")
set(CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} -g -DCMAKE_BUILD_TYPE=Debug -fsanitize=address -fno-omit-frame-pointer")
set(CMAKE_EXE_LINKER_FLAGS "${CMAKE_EXE_LINKER_FLAGS} -lasan")
set(CMAKE_SHARED_LINKER_FLAGS "${CMAKE_EXE_LINKER_FLAGS} -lasan")
elseif(ASAN_OPTION MATCHES "THREAD")
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -g -DCMAKE_BUILD_TYPE=Debug -fsanitize=thread -fno-omit-frame-pointer")
set(CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} -g -DCMAKE_BUILD_TYPE=Debug -fsanitize=thread -fno-omit-frame-pointer")
set(CMAKE_EXE_LINKER_FLAGS "${CMAKE_EXE_LINKER_FLAGS} -lasan")
set(CMAKE_SHARED_LINKER_FLAGS "${CMAKE_EXE_LINKER_FLAGS} -lasan")
endif()
# end of for ASAN
set(CMAKE_INSTALL_PREFIX /home/mesasoft/sapp_run)
add_subdirectory(src)
SET(CPACK_RPM_LIBRARY_PRE_INSTALL_SCRIPT_FILE "${PROJECT_SOURCE_DIR}/cmake/PreInstall.sh")
SET(CPACK_RPM_LIBRARY_PRE_UNINSTALL_SCRIPT_FILE "${PROJECT_SOURCE_DIR}/cmake/PreUninstall.sh")
SET(CPACK_RPM_LIBRARIES_PRE_INSTALL_SCRIPT_FILE "${PROJECT_SOURCE_DIR}/cmake/PreInstall.sh")
SET(CPACK_RPM_LIBRARIES_PRE_UNINSTALL_SCRIPT_FILE "${PROJECT_SOURCE_DIR}/cmake/PreUninstall.sh")
set(CPACK_RPM_LIBRARY_USER_FILELIST "%config(noreplace) ${CMAKE_INSTALL_PREFIX}/tsgconf/main.conf"
set(CPACK_RPM_LIBRARIES_USER_FILELIST "%config(noreplace) ${CMAKE_INSTALL_PREFIX}/tsgconf/main.conf"
"%config(noreplace) ${CMAKE_INSTALL_PREFIX}/tsgconf/maat.conf"
"%config(noreplace) ${CMAKE_INSTALL_PREFIX}/tsgconf/tsg_static_tableinfo.conf"
"%config(noreplace) ${CMAKE_INSTALL_PREFIX}/tsgconf/tsg_dynamic_tableinfo.conf"
@@ -54,5 +56,6 @@ install(FILES bin/tsg_maat.json DESTINATION ${CMAKE_INSTALL_PREFIX}/tsgconf COMP
install(FILES inc/tsg_send_log.h DESTINATION /opt/MESA/include/tsg COMPONENT HEADER)
install(FILES inc/tsg_rule.h DESTINATION /opt/MESA/include/tsg COMPONENT HEADER)
install(FILES inc/tsg_statistic.h DESTINATION /opt/MESA/include/tsg COMPONENT HEADER)
install(FILES inc/tsg_label.h DESTINATION /opt/MESA/include/tsg COMPONENT HEADER)
include(Package)

4
bin/tsg_log_field.conf
View File

@@ -47,4 +47,6 @@ STRING common_clinet_asn 39
STRING common_server_asn 40
STRING common_clinet_location 41
STRING common_server_location 42
STRING quic_sni 43
STRING quic_sni 43
STRING ssl_ja3_fingerprint 44
STRING common_data_center 45

41
bin/tsg_static_tableinfo.conf
View File

@@ -17,23 +17,22 @@
5 TSG_OBJ_ACCOUNT expr UTF8 UTF8 yes 0
6 TSG_OBJ_URL expr UTF8 UTF8/GBK yes 0
7 TSG_OBJ_FQDN expr UTF8 UTF8 yes 0
7 TSG_OBJ_FQDN_CAT expr UTF8 UTF8 yes 0
8 TSG_OBJ_KEYWORDS expr UTF8 UTF8/GBK/windows-1251 yes 0
9 TSG_OBJ_APP_ID expr UTF8 UTF8 yes 0
9 TSG_OBJ_APP_ID intval UTF8 UTF8 yes 0
10 TSG_OBJ_HTTP_SIGNATURE expr_plus UTF8 UTF8/GBK yes 0
11 TSG_OBJ_AS_NUMBER expr UTF8 UTF8/GBK yes 0
11 TSG_OBJ_FQDN_CAT intval UTF8 UTF8 yes 0
12 TSG_OBJ_GEO_LOCATION expr UTF8 UTF8/GBK yes 0
13 TSG_FIELD_HTTP_HOST virtual TSG_OBJ_FQDN --
13 TSG_FIELD_HTTP_HOST virtual ["TSG_OBJ_FQDN","TSG_OBJ_FQDN_CAT"] --
14 TSG_FIELD_HTTP_URL virtual TSG_OBJ_URL --
15 TSG_FIELD_HTTP_REQ_HDR virtual TSG_OBJ_HTTP_SIGNATURE --
16 TSG_FIELD_HTTP_RES_HDR virtual TSG_OBJ_HTTP_SIGNATURE --
17 TSG_FIELD_HTTP_REQ_CONTENT virtual TSG_OBJ_KEYWORDS --
18 TSG_FIELD_HTTP_RES_CONTENT virtual TSG_OBJ_KEYWORDS --
19 TSG_FIELD_SSL_SNI virtual TSG_OBJ_FQDN --
20 TSG_FIELD_SSL_CN virtual TSG_OBJ_FQDN --
21 TSG_FIELD_SSL_SAN virtual TSG_OBJ_FQDN --
22 TSG_FIELD_QUIC_SNI virtual TSG_OBJ_FQDN --
23 TSG_FIELD_DNS_QNAME virtual TSG_OBJ_FQDN --
19 TSG_FIELD_SSL_SNI virtual ["TSG_OBJ_FQDN","TSG_OBJ_FQDN_CAT"] --
20 TSG_FIELD_SSL_CN virtual ["TSG_OBJ_FQDN","TSG_OBJ_FQDN_CAT"] --
21 TSG_FIELD_SSL_SAN virtual ["TSG_OBJ_FQDN","TSG_OBJ_FQDN_CAT"] --
22 TSG_FIELD_QUIC_SNI virtual ["TSG_OBJ_FQDN","TSG_OBJ_FQDN_CAT"] --
23 TSG_FIELD_DNS_QNAME virtual ["TSG_OBJ_FQDN","TSG_OBJ_FQDN_CAT"] --
24 TSG_FIELD_MAIL_ACCOUNT virtual TSG_OBJ_ACCOUNT --
25 TSG_FIELD_MAIL_FROM virtual TSG_OBJ_ACCOUNT --
26 TSG_FIELD_MAIL_TO virtual TSG_OBJ_ACCOUNT --
@@ -48,19 +47,21 @@
35 TSG_SECURITY_SOURCE_ADDR virtual TSG_OBJ_IP_ADDR --
36 TSG_SECURITY_DESTINATION_ADDR virtual TSG_OBJ_IP_ADDR --
37 TSG_SECURITY_ADDR composition {"source":"TSG_SECURITY_SOURCE_ADDR","destination":"TSG_SECURITY_DESTINATION_ADDR"}
38 TSG_DECYPTION_EXCLUSION_SSL_SNI virtual TSG_OBJ_FQDN
38 TSG_DECYPTION_EXCLUSION_SSL_SNI virtual ["TSG_OBJ_FQDN","TSG_OBJ_FQDN_CAT"]
39 TSG_PROFILE_RESPONSE_PAGES plugin {"key":1,"foreign":"4","valid":5} --
40 TSG_IP_ASN_BUILT_IN ip_plugin {"row_id":1,"ip_type":2,"start_ip":3,"end_ip":4,"valid":7,"estimate_size":4194304}
41 TSG_IP_ASN_USER_DEFINED ip_plugin {"row_id":1,"ip_type":2,"start_ip":3,"end_ip":4,"valid":7,"estimate_size":4194304}
42 TSG_IP_LOCATION_BUILT_IN ip_plugin {"row_id":1,"ip_type":3,"start_ip":4,"end_ip":5,"valid":18,"estimate_size":4194304}
43 TSG_IP_LOCATION_USER_DEFINED ip_plugin {"row_id":1,"ip_type":3,"start_ip":4,"end_ip":5,"valid":18,"estimate_size":4194304}
44 TSG_SECURITY_SOURCE_ASN virtual TSG_OBJ_AS_NUMBER --
45 TSG_SECURITY_DESTINATION_ASN virtual TSG_OBJ_AS_NUMBER --
46 TSG_SECURITY_SOURCE_LOCATION virtual TSG_OBJ_GEO_LOCATION --
47 TSG_SECURITY_DESTINATION_LOCATION virtual TSG_OBJ_GEO_LOCATION --
48 PXY_TCP_OPTION_COMPILE compile escape --
49 PXY_TCP_OPTION_SOURCE_ADDR virtual TSG_OBJ_IP_ADDR --
50 PXY_TCP_OPTION_DESTINATION_ADDR virtual TSG_OBJ_IP_ADDR --
51 PXY_TCP_OPTION_SERVER_FQDN virtual TSG_OBJ_FQDN --
52 PXY_TCP_OPTION_ADDR composition {"source":"PXY_TCP_OPTION_SOURCE_ADDR","destination":"PXY_TCP_OPTION_DESTINATION_ADDR"}
44 TSG_OBJ_AS_NUMBER expr UTF8 UTF8/GBK yes 0
45 TSG_SECURITY_SOURCE_ASN virtual TSG_OBJ_AS_NUMBER --
46 TSG_SECURITY_DESTINATION_ASN virtual TSG_OBJ_AS_NUMBER --
47 TSG_SECURITY_SOURCE_LOCATION virtual TSG_OBJ_GEO_LOCATION --
48 TSG_SECURITY_DESTINATION_LOCATION virtual TSG_OBJ_GEO_LOCATION --
49 PXY_TCP_OPTION_COMPILE compile escape --
50 PXY_TCP_OPTION_SOURCE_ADDR virtual TSG_OBJ_IP_ADDR --
51 PXY_TCP_OPTION_DESTINATION_ADDR virtual TSG_OBJ_IP_ADDR --
52 PXY_TCP_OPTION_SERVER_FQDN virtual ["TSG_OBJ_FQDN","TSG_OBJ_FQDN_CAT"] --
53 PXY_TCP_OPTION_ADDR composition {"source":"PXY_TCP_OPTION_SOURCE_ADDR","destination":"PXY_TCP_OPTION_DESTINATION_ADDR"}
54 TSG_FQDN_CATEGORY_BUILT_IN fqdn_plugin {"row_id":1,"is_suffix_match":4,"fqdn":3,"valid":5} --
55 TSG_FQDN_CATEGORY_USER_DEFINED fqdn_plugin {"row_id":1,"is_suffix_match":4,"fqdn":3,"valid":5} --

9
ci/travis.sh
View File

@@ -43,7 +43,8 @@ cd build
cmake3 -DCMAKE_CXX_FLAGS=$CXX_FLAGS \
-DCMAKE_BUILD_TYPE=$BUILD_TYPE \
-DCMAKE_INSTALL_PREFIX=$INSTALL_PREFIX \
-DENABLE_DEVEL=$ENABLE_DEVEL_SWITCH \
-DASAN_OPTION=$ASAN_OPTION \
-DVERSION_DAILY_BUILD=$TESTING_VERSION_BUILD \
..
make
@@ -52,10 +53,12 @@ if [ -n "${PACKAGE}" ]; then
make package
fi
if [ -n "${UPLOAD}" ]; then
if [ -n "${UPLOAD_RPM}" ]; then
cp ~/rpm_upload_tools.py ./
python3 rpm_upload_tools.py ${PULP3_REPO_NAME} ${PULP3_DIST_NAME} *.rpm
fi
if [ -n "${UPLOAD_SYMBOL_FILES}" ]; then
rpm -i $SYMBOL_TARGET*debuginfo*.rpm
_symbol_file=`find /usr/lib/debug/ -name "$SYMBOL_TARGET*.so*.debug"`
cp $_symbol_file ${_symbol_file}info.${CI_COMMIT_SHORT_SHA}

20
cmake/Package.cmake
View File

@@ -14,8 +14,8 @@ set(CPACK_PACKAGING_INSTALL_PREFIX ${CMAKE_INSTALL_PREFIX})
set(CPACK_PACKAGE_VERSION "${VERSION_MAJOR}.${VERSION_MINOR}.${VERSION_PATCH}.${VERSION_BUILD}")
execute_process(COMMAND bash -c "echo -ne \"`uname -r | awk -F'.' '{print $5\".\"$6\".\"$7}'`\"" OUTPUT_VARIABLE SYSTEM_VERSION)
execute_process(COMMAND sh changelog.sh WORKING_DIRECTORY ${PROJECT_SOURCE_DIR}/cmake)
SET(CPACK_RPM_CHANGELOG_FILE ${PROJECT_SOURCE_DIR}/cmake/changelog.txt)
execute_process(COMMAND sh changelog.sh ${CMAKE_BINARY_DIR} WORKING_DIRECTORY ${PROJECT_SOURCE_DIR}/cmake)
SET(CPACK_RPM_CHANGELOG_FILE ${CMAKE_BINARY_DIR}/changelog.txt)
# RPM Build
set(CPACK_GENERATOR "RPM")
@@ -30,13 +30,13 @@ set(CPACK_COMPONENTS_IGNORE_GROUPS 1)
set(CPACK_COMPONENTS_GROUPING ONE_PER_GROUP)
set(CPACK_COMPONENT_HEADER_DISPLAY_NAME "develop")
set(CPACK_COMPONENT_LIBRARY_REQUIRED TRUE)
set(CPACK_RPM_LIBRARY_PACKAGE_NAME ${MY_RPM_NAME_PREFIX})
set(CPACK_RPM_LIBRARY_FILE_NAME "${CPACK_RPM_LIBRARY_PACKAGE_NAME}-${CPACK_PACKAGE_VERSION}-${SYSTEM_VERSION}.rpm")
set(CPACK_RPM_LIBRARY_DEBUGINFO_FILE_NAME "${CPACK_RPM_LIBRARY_PACKAGE_NAME}-debuginfo-${CPACK_PACKAGE_VERSION}-${SYSTEM_VERSION}.rpm")
set(CPACK_COMPONENT_LIBRARIES_REQUIRED TRUE)
set(CPACK_RPM_LIBRARIES_PACKAGE_NAME ${MY_RPM_NAME_PREFIX})
set(CPACK_RPM_LIBRARIES_FILE_NAME "${CPACK_RPM_LIBRARIES_PACKAGE_NAME}-${CPACK_PACKAGE_VERSION}-${SYSTEM_VERSION}.rpm")
set(CPACK_RPM_LIBRARIES_DEBUGINFO_FILE_NAME "${CPACK_RPM_LIBRARIES_PACKAGE_NAME}-debuginfo-${CPACK_PACKAGE_VERSION}-${SYSTEM_VERSION}.rpm")
set(CPACK_COMPONENT_LIBRARY_GROUP "library")
set(CPACK_COMPONENT_PROFILE_GROUP "library")
set(CPACK_COMPONENT_PROFILE_GROUP "libraries")
set(CPACK_COMPONENT_LIBRARIES_GROUP "libraries")
set(CPACK_COMPONENT_HEADER_REQUIRED TRUE)
set(CPACK_RPM_HEADER_PACKAGE_NAME "${MY_RPM_NAME_PREFIX}-devel")
@@ -44,10 +44,10 @@ set(CPACK_RPM_HEADER_FILE_NAME "${CPACK_RPM_HEADER_PACKAGE_NAME}-${CPACK_PACKAGE
set(CPACK_RPM_HEADER_DEBUGINFO_FILE_NAME "${CPACK_RPM_HEADER_PACKAGE_NAME}-debuginfo-${CPACK_PACKAGE_VERSION}-${SYSTEM_VERSION}.rpm")
set(CPACK_COMPONENT_HEADER_GROUP "header")
set(CPACK_RPM_HEADER_PACKAGE_REQUIRES_PRE ${CPACK_RPM_LIBRARY_PACKAGE_NAME})
set(CPACK_RPM_HEADER_PACKAGE_REQUIRES_PRE ${CPACK_RPM_LIBRARIES_PACKAGE_NAME})
set(CPACK_RPM_HEADER_PACKAGE_CONFLICTS ${CPACK_RPM_HEADER_PACKAGE_NAME})
set(CPACK_COMPONENTS_ALL LIBRARY HEADER PROFILE)
set(CPACK_COMPONENTS_ALL HEADER PROFILE LIBRARIES)
set(CPACK_BUILD_SOURCE_DIRS "${CMAKE_SOURCE_DIR}")

5
cmake/PreUninstall.sh
View File

@@ -2,6 +2,11 @@ if [ $1 == 0 ]; then
DST=${RPM_INSTALL_PREFIX}
mkdir -p ${DST}/plug/platform/
mkdir -p ${DST}/etc/
touch ${DST}/plug/conflist.inf
touch ${DST}/etc/project_list.conf
sed -i '/tsg_master.inf/d' ${DST}/plug/conflist.inf
sed -i '/POLICY_PRIORITY/d' ${DST}/etc/project_list.conf
sed -i '/TSG_MASTER_INTERNAL_LABEL/d' ${DST}/etc/project_list.conf

19
cmake/Version.cmake
View File

@@ -19,6 +19,11 @@ include(${__VERSION_CONFIG})
string(REGEX REPLACE "^v([0-9]+)\\..*" "\\1" VERSION_MAJOR "${VCS_TAG}")
string(REGEX REPLACE "^v[0-9]+\\.([0-9]+).*" "\\1" VERSION_MINOR "${VCS_TAG}")
string(REGEX REPLACE "^v[0-9]+\\.[0-9]+\\.([0-9]+).*" "\\1" VERSION_PATCH "${VCS_TAG}")
string(REGEX REPLACE "[T\\:\\+\\-]" "" VERSION_DATE "${VCS_DATE}")
if(VERSION_DAILY_BUILD)
set(VERSION_PATCH ${VERSION_PATCH}.${VERSION_DATE})
endif()
if(NOT VERSION_MAJOR)
set(VERSION_MAJOR 1)
@@ -38,16 +43,12 @@ set(VERSION_BUILD "${VCS_SHORT_HASH}")
# print information
message(STATUS "Version: ${VERSION}-${VERSION_BUILD}")
if(NOT DEFINE_GIT_VERSION)
option(DEFINE_GIT_VERSION "Set DEFINE_GIT_VERSION to OFF" OFF)
set(GIT_VERSION
"${VERSION}-${CMAKE_BUILD_TYPE}-${VERSION_BUILD}-${VCS_BRANCH}-${VCS_TAG}-${VCS_DATE}")
string(REGEX REPLACE "[-:+/\\.]" "_" GIT_VERSION ${GIT_VERSION})
option(DEFINE_GIT_VERSION "Set DEFINE_GIT_VERSION to TRUE or FALSE" TRUE)
if(DEFINE_GIT_VERSION)
add_definitions(-DGIT_VERSION=${GIT_VERSION})
option(DEFINE_GIT_VERSION "Set DEFINE_GIT_VERSION to OFF" ON)
endif()
set(GIT_VERSION
"${VERSION}-${CMAKE_BUILD_TYPE}-${VERSION_BUILD}-${VCS_BRANCH}-${VCS_TAG}-${VCS_DATE}")
string(REGEX REPLACE "[-:+/\\.]" "_" GIT_VERSION ${GIT_VERSION})
add_definitions(-DGIT_VERSION=${GIT_VERSION})
endif()

4
cmake/changelog.sh
View File

@@ -1,4 +1,4 @@
#!/bin/sh
work_path=$1
branch=`git status | grep branch | awk '{print $NF}'`
git log --branches=$branch --no-merges --date=local --show-signature --pretty="* %ad %an %ae %nhash: %H%ncommit:%n%B" | awk -F"-" '{print "- "$0}' | sed 's/- \*/\*/g' | sed 's/- $//g' | sed 's/-/ -/g' | sed 's/[0-9]\{2\}:[0-9]\{2\}:[0-9]\{2\}//g' > changelog.txt
git log --branches=$branch --no-merges --date=local --show-signature --pretty="* %ad %an %ae %nhash: %H%ncommit:%n%B" | awk -F"-" '{print "- "$0}' | sed 's/- \*/\*/g' | sed 's/- $//g' | sed 's/-/ -/g' | sed 's/[0-9]\{2\}:[0-9]\{2\}:[0-9]\{2\}//g' > $work_path/changelog.txt

86
inc/tsg_label.h Normal file
View File

@@ -0,0 +1,86 @@
#ifndef __TSG_LABEL_H__
#define __TSG_LABEL_H__
#define MAX_CATEGORY_ID_NUM 8
#define MAX_STR_FIELD_LEN 64
typedef enum _tsg_protocol
{
PROTO_UNKONWN=0,
PROTO_IPv4=1,
PROTO_IPv6,
PROTO_TCP,
PROTO_UDP,
PROTO_HTTP,
PROTO_MAIL,
PROTO_DNS,
PROTO_FTP,
PROTO_SSL,
PROTO_SIP,
PROTO_BGP,
PROTO_STREAMING_MEDIA,
PROTO_QUIC,
PROTO_SSH,
PROTO_SMTP,
PROTO_IMAP,
PROTO_POP3,
PROTO_MAX
}tsg_protocol_t;
struct _asn_info_t
{
int ref_cnt;
int addr_type;
int table_id;
char start_ip[MAX_STR_FIELD_LEN];
char end_ip[MAX_STR_FIELD_LEN];
char asn[MAX_STR_FIELD_LEN];
char organization[MAX_STR_FIELD_LEN*4];
};
struct _location_info_t
{
int geoname_id;
int table_id;
int ref_cnt;
int addr_type;
double latitude;
double longitude;
double coords;
char start_ip[MAX_STR_FIELD_LEN];
char end_ip[MAX_STR_FIELD_LEN];
char language[MAX_STR_FIELD_LEN];
char continent_abbr[MAX_STR_FIELD_LEN*4];
char continent_full[MAX_STR_FIELD_LEN*4];
char country_abbr[MAX_STR_FIELD_LEN*4];
char country_full[MAX_STR_FIELD_LEN*4];
char province_abbr[MAX_STR_FIELD_LEN*4];
char province_full[MAX_STR_FIELD_LEN*4];
char city_full[MAX_STR_FIELD_LEN*4];
char time_zone[MAX_STR_FIELD_LEN*4];
};
struct _subscribe_id_info_t
{
int ref_cnt;
int table_id;
char subscribe_id[MAX_STR_FIELD_LEN*4];
};
struct _session_attribute_label_t
{
int fqdn_category_id_num;
tsg_protocol_t proto;
long establish_latency_ms;
struct _asn_info_t *client_asn;
struct _asn_info_t *server_asn;
struct _location_info_t *client_location;
struct _location_info_t *server_location;
struct _subscribe_id_info_t *client_subscribe_id;
struct _subscribe_id_info_t *server_subscribe_id;
char *ja3_fingerprint;
unsigned int fqdn_category_id[MAX_CATEGORY_ID_NUM];
};
#endif

37
inc/tsg_rule.h
View File

@@ -3,6 +3,8 @@
#include <MESA/Maat_rule.h>
#include "tsg_label.h"
#define TSG_ACTION_NONE 0x00
#define TSG_ACTION_MONITOR 0x01
#define TSG_ACTION_INTERCEPT 0x02
@@ -22,27 +24,6 @@ enum TSG_ETHOD_TYPE
TSG_METHOD_TYPE_MAX
};
typedef enum _tsg_protocol
{
PROTO_UNKONWN=0,
PROTO_IPv4=1,
PROTO_IPv6,
PROTO_TCP,
PROTO_UDP,
PROTO_HTTP,
PROTO_MAIL,
PROTO_DNS,
PROTO_FTP,
PROTO_SSL,
PROTO_SIP,
PROTO_BGP,
PROTO_STREAMING_MEDIA,
PROTO_QUIC,
PROTO_MAX
}tsg_protocol_t;
#define MAX_RESULT_NUM 8
#define MAX_DOAMIN_LEN 2048
@@ -53,18 +34,6 @@ struct _identify_info
char domain[MAX_DOAMIN_LEN];
};
struct _internal_label
{
tsg_protocol_t proto;
long establish_latency_ms;
struct _asn_info *client_asn;
struct _asn_info *server_asn;
struct _location_info *client_location;
struct _location_info *server_location;
struct _subscribe_id_info *client_subscribe_id;
struct _subscribe_id_info *server_subscribe_id;
};
typedef enum _PULL_RESULT_TYPE
{
@@ -86,4 +55,6 @@ struct Maat_rule_t *tsg_fetch_deny_rule(Maat_rule_t *result, int result_num);
int tsg_get_method_id(char *method);
int tsg_get_fqdn_category_id(Maat_feather_t maat_feather, char *fqdn, unsigned int *category_id, int category_id_num, void *logger, int thread_seq);
#endif

4
src/CMakeLists.txt
View File

@@ -2,7 +2,7 @@ cmake_minimum_required(VERSION 2.8)
add_definitions(-fPIC)
set(SRC tsg_entry.cpp tsg_rule.cpp tsg_ssl_utils.cpp tsg_send_log.cpp tsg_statistic.cpp)
set(SRC tsg_entry.cpp tsg_rule.cpp tsg_ssl_utils.cpp tsg_send_log.cpp tsg_statistic.cpp tsg_ssh_utils.cpp)
include_directories(${CMAKE_SOURCE_DIR}/inc)
include_directories(/opt/MESA/include/MESA/)
@@ -16,5 +16,5 @@ set_target_properties(tsg_master PROPERTIES LINK_FLAGS "-Wl,--version-script=${P
target_link_libraries(tsg_master ${TSG_MASTER_DEPEND_DYN_LIB})
set_target_properties(tsg_master PROPERTIES PREFIX "")
install(TARGETS tsg_master LIBRARY DESTINATION ${CMAKE_INSTALL_PREFIX}/plug/platform/tsg_master COMPONENT LIBRARY)
install(TARGETS tsg_master LIBRARY DESTINATION ${CMAKE_INSTALL_PREFIX}/plug/platform/tsg_master COMPONENT LIBRARIES)
install(FILES ../bin/tsg_master.inf DESTINATION ${CMAKE_INSTALL_PREFIX}/plug/platform/tsg_master COMPONENT PROFILE)

674
src/tsg_entry.cpp
View File

@@ -7,6 +7,7 @@
#include <MESA/http.h>
#include <MESA/ftp.h>
#include <MESA/ssl.h>
#include <MESA/mail.h>
#include "MESA/gquic.h"
#include <MESA/stream.h>
@@ -19,6 +20,7 @@
#include "tsg_statistic.h"
#include "tsg_send_log_internal.h"
#include "tsg_ssl_utils.h"
#include "tsg_ssh_utils.h"
#ifdef __cplusplus
extern "C"
@@ -46,14 +48,33 @@ char TSG_MASTER_VERSION_20200805=0;
const char *tsg_conffile="tsgconf/main.conf";
g_tsg_para_t g_tsg_para;
id2field_t g_tsg_fs2_field[TSG_FS2_MAX]={{TLD_TYPE_UNKNOWN, TSG_FS2_LINKS, "links"},
id2field_t g_tsg_fs2_field[TSG_FS2_MAX]={{TLD_TYPE_UNKNOWN, TSG_FS2_TCP_LINKS, "tcp_links"},
{TLD_TYPE_UNKNOWN, TSG_FS2_UDP_LINKS, "udp_links"},
{TLD_TYPE_UNKNOWN, TSG_FS2_BYPASS, "bypass"},
{TLD_TYPE_UNKNOWN, TSG_FS2_HIT_ADDR, "hit_addr"},
{TLD_TYPE_UNKNOWN, TSG_FS2_HIT_SHARE, "hit_share"},
{TLD_TYPE_UNKNOWN, TSG_FS2_INTERCEPT, "intercept"},
{TLD_TYPE_UNKNOWN, TSG_FS2_LOG, "log"},
{TLD_TYPE_UNKNOWN, TSG_FS2_DENY, "deny"}
};
{TLD_TYPE_UNKNOWN, TSG_FS2_SUCCESS_LOG, "success_log"},
{TLD_TYPE_UNKNOWN, TSG_FS2_FAILED_LOG, "failed_log"},
{TLD_TYPE_UNKNOWN, TSG_FS2_DROP_LOG, "drop_log"}
};
id2field_t g_tsg_proto_name2id[PROTO_MAX]={{TLD_TYPE_UNKNOWN, PROTO_UNKONWN, "unknown"},
{TLD_TYPE_UNKNOWN, PROTO_IPv4, "IPV4"},
{TLD_TYPE_UNKNOWN, PROTO_IPv6, "IPV6"},
{TLD_TYPE_UNKNOWN, PROTO_TCP, "TCP"},
{TLD_TYPE_UNKNOWN, PROTO_UDP, "UDP"},
{TLD_TYPE_UNKNOWN, PROTO_HTTP, "HTTP"},
{TLD_TYPE_UNKNOWN, PROTO_MAIL, "MAIL"},
{TLD_TYPE_UNKNOWN, PROTO_DNS, "DNS"},
{TLD_TYPE_UNKNOWN, PROTO_FTP, "FTP"},
{TLD_TYPE_UNKNOWN, PROTO_SSL, "SSL"},
{TLD_TYPE_UNKNOWN, PROTO_SIP, "SIP"},
{TLD_TYPE_UNKNOWN, PROTO_BGP, "BGP"},
{TLD_TYPE_UNKNOWN, PROTO_STREAMING_MEDIA, "STREAMING_MEDIA"},
{TLD_TYPE_UNKNOWN, PROTO_QUIC, "QUIC"},
{TLD_TYPE_UNKNOWN, PROTO_SSH, "SSH"}
};
#define DECCRYPTION_EXCLUSION_ALLOW_POLICY_ID 1
@@ -90,25 +111,33 @@ static int tsg_get_sn(char *filename, char *device_sn, int device_sn_len)
return flags;
}
int tsg_set_device_id_to_telegraf(char *device_sn)
static int tsg_proto_name2flag(char *proto_list, int *flag)
{
char buff[128]={0};
FILE *fp=NULL;
int i=0;
char *s=NULL,*e=NULL;
if(device_sn)
s=proto_list;
while(s)
{
fp=fopen("/etc/default/telegraf", "wb");
if(fp)
e=index(s, ';');
if(!e)
{
snprintf(buff, sizeof(buff), "device_id=\"%s\"\n", device_sn);
fwrite(buff, strlen(buff), 1, fp);
fclose(fp);
fp=NULL;
return 0;
break;
}
for(i=0; i< PROTO_MAX; i++)
{
if((memcmp(s, g_tsg_proto_name2id[i].name, e-s))==0)
{
*flag|=(1<<g_tsg_proto_name2id[i].id);
break;
}
}
s=e+1;
}
return -1;
return 0;
}
static void free_policy_label(int thread_seq, void *project_req_value)
@@ -117,53 +146,6 @@ static void free_policy_label(int thread_seq, void *project_req_value)
project_req_value=NULL;
}
static void free_internal_label(int thread_seq, void *project_req_value)
{
struct _internal_label *label=(struct _internal_label *)project_req_value;
if(label!=NULL)
{
if(label->client_asn!=NULL)
{
ASN_free_data(label->client_asn->table_id, (MAAT_PLUGIN_EX_DATA *)&(label->client_asn), 0, g_tsg_para.logger);
label->client_asn=NULL;
}
if(label->server_asn!=NULL)
{
ASN_free_data(label->server_asn->table_id, (MAAT_PLUGIN_EX_DATA *)&(label->server_asn), 0, g_tsg_para.logger);
label->server_asn=NULL;
}
if(label->client_location!=NULL)
{
location_free_data(label->client_location->table_id, (MAAT_PLUGIN_EX_DATA *)&(label->client_location), 0, g_tsg_para.logger);
label->client_location=NULL;
}
if(label->server_location!=NULL)
{
location_free_data(label->server_location->table_id, (MAAT_PLUGIN_EX_DATA *)&(label->server_location), 0, g_tsg_para.logger);
label->server_location=NULL;
}
if(label->client_subscribe_id!=NULL)
{
subscribe_id_free_data(label->client_subscribe_id->table_id, (MAAT_PLUGIN_EX_DATA *)&label->client_subscribe_id, 0, g_tsg_para.logger);
label->client_subscribe_id=NULL;
}
if(label->server_subscribe_id!=NULL)
{
subscribe_id_free_data(label->server_subscribe_id->table_id, (MAAT_PLUGIN_EX_DATA *)&label->server_subscribe_id, 0, g_tsg_para.logger);
label->server_subscribe_id=NULL;
}
dictator_free(thread_seq, project_req_value);
project_req_value=NULL;
}
}
static void free_context(void **pme, int thread_seq)
{
struct _master_context *_context=(struct _master_context *)*pme;
@@ -229,6 +211,9 @@ static char *schema_index2string(tsg_protocol_t proto)
case PROTO_QUIC:
schema_field_value=(char *)"QUIC";
break;
case PROTO_SSH:
schema_field_value=(char *)"SSH";
break;
default:
break;
}
@@ -287,6 +272,80 @@ static int master_send_log(struct streaminfo *a_stream, struct Maat_rule_t *p_re
return 1;
}
int tsg_set_device_id_to_telegraf(char *device_sn)
{
char buff[128]={0};
FILE *fp=NULL;
if(device_sn)
{
fp=fopen("/etc/default/telegraf", "wb");
if(fp)
{
snprintf(buff, sizeof(buff), "device_id=\"%s\"\n", device_sn);
fwrite(buff, strlen(buff), 1, fp);
fclose(fp);
fp=NULL;
return 0;
}
}
return -1;
}
static void free_session_attribute_label(int thread_seq, void *project_req_value)
{
struct _session_attribute_label_t *label=(struct _session_attribute_label_t *)project_req_value;
if(label!=NULL)
{
if(label->client_asn!=NULL)
{
ASN_free_data(label->client_asn->table_id, (MAAT_PLUGIN_EX_DATA *)&(label->client_asn), 0, g_tsg_para.logger);
label->client_asn=NULL;
}
if(label->server_asn!=NULL)
{
ASN_free_data(label->server_asn->table_id, (MAAT_PLUGIN_EX_DATA *)&(label->server_asn), 0, g_tsg_para.logger);
label->server_asn=NULL;
}
if(label->client_location!=NULL)
{
location_free_data(label->client_location->table_id, (MAAT_PLUGIN_EX_DATA *)&(label->client_location), 0, g_tsg_para.logger);
label->client_location=NULL;
}
if(label->server_location!=NULL)
{
location_free_data(label->server_location->table_id, (MAAT_PLUGIN_EX_DATA *)&(label->server_location), 0, g_tsg_para.logger);
label->server_location=NULL;
}
if(label->client_subscribe_id!=NULL)
{
subscribe_id_free_data(label->client_subscribe_id->table_id, (MAAT_PLUGIN_EX_DATA *)&label->client_subscribe_id, 0, g_tsg_para.logger);
label->client_subscribe_id=NULL;
}
if(label->server_subscribe_id!=NULL)
{
subscribe_id_free_data(label->server_subscribe_id->table_id, (MAAT_PLUGIN_EX_DATA *)&label->server_subscribe_id, 0, g_tsg_para.logger);
label->server_subscribe_id=NULL;
}
if(label->ja3_fingerprint!=NULL)
{
dictator_free(thread_seq, (void *)label->ja3_fingerprint);
label->ja3_fingerprint=NULL;
}
dictator_free(thread_seq, project_req_value);
project_req_value=NULL;
}
}
static struct Maat_rule_t *tsg_policy_decision_criteria(struct streaminfo *a_stream, Maat_rule_t *result, int result_num, struct _identify_info *identify_info, int thread_seq)
{
int i=0,ret=0;
@@ -395,7 +454,7 @@ static struct Maat_rule_t *tsg_policy_decision_criteria(struct streaminfo *a_str
p_result->config_id,
p_result->service_id,
(unsigned char)p_result->action,
printaddr(&a_stream->addr, thread_seq)
(g_tsg_para.level<RLOG_LV_FATAL ? printaddr(&a_stream->addr, thread_seq) : "")
);
p_result=q_result;
@@ -409,7 +468,7 @@ static struct Maat_rule_t *tsg_policy_decision_criteria(struct streaminfo *a_str
"Not hit %s stream_dir: %d addr: %s scan ret: %d",
identify_info->domain,
a_stream->dir,
printaddr(&a_stream->addr, thread_seq),
(g_tsg_para.level<RLOG_LV_FATAL ? printaddr(&a_stream->addr, thread_seq) : ""),
ret
);
}
@@ -418,110 +477,181 @@ static struct Maat_rule_t *tsg_policy_decision_criteria(struct streaminfo *a_str
return p_result;
}
static int identify_application_protocol(struct streaminfo *a_stream, struct _identify_info *identify_info, void *a_packet)
static int identify_application_protocol(struct streaminfo *a_stream, struct _identify_info *identify_info, struct _session_attribute_label_t *attribute_label, void *a_packet)
{
int ret=0;
int ret=0;
identify_info->proto = PROTO_UNKONWN;
//http
char *host=NULL;
ret=http_host_parser((char *)a_stream->ptcpdetail->pdata, (unsigned int)a_stream->ptcpdetail->datalen, a_stream->curdir, &host);
if(ret>=0)
{
identify_info->proto=PROTO_HTTP;
if(ret>0 && host!=NULL)
{
identify_info->domain_len=MIN(ret, (int)sizeof(identify_info->domain) - 1);
strncpy(identify_info->domain, host, identify_info->domain_len);
}
else
{
identify_info->domain_len=0;
}
return 1;
}
//ssl
enum chello_parse_result chello_status = CHELLO_PARSE_INVALID_FORMAT;
struct ssl_chello *chello = NULL;
chello=ssl_chello_parse((unsigned char *)a_stream->ptcpdetail->pdata, (unsigned int)a_stream->ptcpdetail->datalen, &chello_status);
if(chello_status==CHELLO_PARSE_SUCCESS)
switch(a_stream->type)
{
identify_info->proto=PROTO_SSL;
if(chello->sni==NULL)
{
identify_info->domain_len = 0;
}
else
{
identify_info->domain_len = strnlen(chello->sni, sizeof(identify_info->domain) - 1);
strncpy(identify_info->domain, chello->sni, identify_info->domain_len);
}
ssl_chello_free(chello);
return 1;
}
ssl_chello_free(chello);
//dns
struct stream_tuple4_v4 *tpl4 = NULL;
struct stream_tuple4_v6 *tpl6 = NULL;
switch(a_stream->addr.addrtype)
{
case ADDR_TYPE_IPV4:
tpl4=a_stream->addr.tuple4_v4;
if((ntohs(tpl4->source)==53) || (ntohs(tpl4->dest)==53))
case STREAM_TYPE_TCP:
if(g_tsg_para.proto_flag&(1<<PROTO_HTTP)) //http
{
identify_info->proto=PROTO_DNS;
return 1;
char *host=NULL;
ret=http_host_parser((char *)a_stream->ptcpdetail->pdata, (unsigned int)a_stream->ptcpdetail->datalen, a_stream->curdir, &host);
if(ret>=0)
{
identify_info->proto=PROTO_HTTP;
if(ret>0 && host!=NULL)
{
identify_info->domain_len=MIN(ret, (int)sizeof(identify_info->domain) - 1);
strncpy(identify_info->domain, host, identify_info->domain_len);
}
else
{
identify_info->domain_len=0;
}
return 1;
}
}
break;
case ADDR_TYPE_IPV6:
tpl6=a_stream->addr.tuple4_v6;
if((ntohs(tpl6->source)==53) || (ntohs(tpl6->dest)==53))
if(g_tsg_para.proto_flag&(1<<PROTO_SSL)) //ssl
{
identify_info->proto=PROTO_DNS;
return 1;
enum chello_parse_result chello_status = CHELLO_PARSE_INVALID_FORMAT;
struct ssl_chello *chello = NULL;
chello=ssl_chello_parse((unsigned char *)a_stream->ptcpdetail->pdata, (unsigned int)a_stream->ptcpdetail->datalen, &chello_status);
if(chello_status==CHELLO_PARSE_SUCCESS)
{
identify_info->proto=PROTO_SSL;
if(chello->sni==NULL)
{
identify_info->domain_len = 0;
}
else
{
identify_info->domain_len = strnlen(chello->sni, sizeof(identify_info->domain) - 1);
strncpy(identify_info->domain, chello->sni, identify_info->domain_len);
}
ssl_chello_free(chello);
struct _ssl_ja3_info_t *ja3_info=NULL;
ja3_info=ssl_get_ja3_fingerprint(a_stream, (unsigned char *)a_stream->ptcpdetail->pdata, (unsigned int)a_stream->ptcpdetail->datalen, a_stream->threadnum);
if(ja3_info!=NULL)
{
if(ja3_info->sni==NULL || ja3_info->sni_len<=0)
{
identify_info->domain_len = 0;
}
else
{
identify_info->domain_len = strnlen(ja3_info->sni, sizeof(identify_info->domain) - 1);
strncpy(identify_info->domain, ja3_info->sni, identify_info->domain_len);
}
if(attribute_label!=NULL && ja3_info->fp!=NULL && ja3_info->fp_len>0)
{
attribute_label->ja3_fingerprint=(char *)dictator_malloc(a_stream->threadnum, ja3_info->fp_len+1);
memcpy(attribute_label->ja3_fingerprint, ja3_info->fp, ja3_info->fp_len);
attribute_label->ja3_fingerprint[ja3_info->fp_len]='\0';
}
return 1;
}
return 1;
}
ssl_chello_free(chello);
}
if(g_tsg_para.proto_flag&(1<<PROTO_FTP)) //ftp
{
ret=ftp_control_identify(a_stream);
if(ret>0)
{
identify_info->proto=PROTO_FTP;
return 1;
}
}
if(g_tsg_para.proto_flag&(1<<PROTO_MAIL)) //mail
{
ret=mail_protocol_identify_by_first_payload(a_stream,(char *)a_stream->ptcpdetail->pdata, a_stream->ptcpdetail->datalen, a_stream->threadnum);
if(ret>0)
{
switch(ret)
{
case SMTP_PROTOCOL:
identify_info->proto=PROTO_SMTP;
return 1;
break;
case POP3_PROTOCOL:
identify_info->proto=PROTO_POP3;
return 1;
break;
case IMAP_PROTOCOL:
identify_info->proto=PROTO_IMAP;
return 1;
break;
default:
break;
}
}
}
break;
case STREAM_TYPE_UDP:
if(g_tsg_para.proto_flag&(1<<PROTO_DNS)) //dns
{
struct stream_tuple4_v4 *tpl4 = NULL;
struct stream_tuple4_v6 *tpl6 = NULL;
switch(a_stream->addr.addrtype)
{
case ADDR_TYPE_IPV4:
tpl4=a_stream->addr.tuple4_v4;
if((ntohs(tpl4->source)==53) || (ntohs(tpl4->dest)==53))
{
identify_info->proto=PROTO_DNS;
return 1;
}
break;
case ADDR_TYPE_IPV6:
tpl6=a_stream->addr.tuple4_v6;
if((ntohs(tpl6->source)==53) || (ntohs(tpl6->dest)==53))
{
identify_info->proto=PROTO_DNS;
return 1;
}
break;
default:
break;
}
}
if(g_tsg_para.proto_flag&(1<<PROTO_SSH)) //ssh
{
ret = ssh_protocol_identify((unsigned char *)a_stream->ptcpdetail->pdata, (unsigned int)a_stream->ptcpdetail->datalen,g_tsg_para.logger);
if(ret > 0)
{
identify_info->proto=PROTO_SSH;
return 1;
}
}
if(g_tsg_para.proto_flag&(1<<PROTO_QUIC)) //quic
{
ret=quic_protocol_identify(a_stream, a_packet, identify_info->domain, sizeof(identify_info->domain));
if(ret>0)
{
identify_info->proto=PROTO_QUIC;
identify_info->domain_len=ret;
return 1;
}
}
break;
default:
break;
}
//ftp
ret=ftp_control_identify(a_stream);
if(ret>0)
{
identify_info->proto=PROTO_FTP;
return 1;
}
//mail
ret=mail_protocol_identify_by_first_payload(a_stream,(char *)a_stream->ptcpdetail->pdata, a_stream->ptcpdetail->datalen, a_stream->threadnum);
if(ret>=SMTP_PROTOCOL&& ret<=IMAP_PROTOCOL)
{
identify_info->proto=PROTO_MAIL;
return 1;
}
//quic
ret=quic_protocol_identify(a_stream, a_packet, identify_info->domain, sizeof(identify_info->domain));
if(ret>0)
{
identify_info->proto=PROTO_QUIC;
identify_info->domain_len=ret;
return 1;
}
return ret;
}
extern "C" char TSG_MASTER_TCP_ENTRY(struct streaminfo *a_tcp, void **pme, int thread_seq,void *a_packet)
{
int ret=0,hit_num=0;
int i=0,ret=0,hit_num=0;
struct timespec tv;
int state=APP_STATE_GIVEME;
scan_status_t mid=NULL;
@@ -531,17 +661,17 @@ extern "C" char TSG_MASTER_TCP_ENTRY(struct streaminfo *a_tcp, void **pme, int t
Maat_rule_t all_result[MAX_RESULT_NUM];
policy_priority_label_t *priority_label=NULL;
struct _master_context *_context=(struct _master_context *)*pme;
struct _internal_label *internal_label=NULL;
struct _session_attribute_label_t *internal_label=NULL;
switch(a_tcp->opstate)
{
case OP_STATE_PENDING:
FS_operate(g_tsg_para.fs2_handle, g_tsg_para.fs2_field_id[TSG_FS2_LINKS], 0, FS_OP_ADD, 1);
FS_operate(g_tsg_para.fs2_handle, g_tsg_para.fs2_field_id[TSG_FS2_TCP_LINKS], 0, FS_OP_ADD, 1);
internal_label=(struct _session_attribute_label_t *)dictator_malloc(1, sizeof(struct _session_attribute_label_t));
memset(internal_label, 0, sizeof(struct _session_attribute_label_t));
memset(&identify_info, 0, sizeof(identify_info));
identify_application_protocol(a_tcp, &identify_info, a_packet);
internal_label=(struct _internal_label *)dictator_malloc(1, sizeof(struct _internal_label));
memset(internal_label, 0, sizeof(struct _internal_label));
identify_application_protocol(a_tcp, &identify_info, internal_label, a_packet);
internal_label->proto=identify_info.proto;
if(identify_info.proto==PROTO_HTTP)
@@ -559,7 +689,7 @@ extern "C" char TSG_MASTER_TCP_ENTRY(struct streaminfo *a_tcp, void **pme, int t
"Add internal_label failed, establish latency ms: %llu proto: %d addr: %s",
internal_label->establish_latency_ms,
internal_label->proto,
printaddr(&a_tcp->addr, thread_seq)
(g_tsg_para.level<RLOG_LV_FATAL ? printaddr(&a_tcp->addr, thread_seq) : "")
);
}
else
@@ -570,7 +700,7 @@ extern "C" char TSG_MASTER_TCP_ENTRY(struct streaminfo *a_tcp, void **pme, int t
"Add internal_label successfully, establish latency ms: %llu proto: %d addr: %s",
internal_label->establish_latency_ms,
internal_label->proto,
printaddr(&a_tcp->addr, thread_seq)
(g_tsg_para.level<RLOG_LV_FATAL ? printaddr(&a_tcp->addr, thread_seq) : "")
);
}
@@ -578,39 +708,96 @@ extern "C" char TSG_MASTER_TCP_ENTRY(struct streaminfo *a_tcp, void **pme, int t
if(ret>0)
{
hit_num+=ret;
//q_result=tsg_policy_decision_criteria(a_tcp, all_result, hit_num, NULL, thread_seq);
FS_operate(g_tsg_para.fs2_handle, g_tsg_para.fs2_field_id[TSG_FS2_HIT_ADDR], 0, FS_OP_ADD, 1);
}
ret=tsg_scan_shared_policy(g_tsg_maat_feather, &identify_info, all_result+hit_num, MAX_RESULT_NUM-hit_num, &mid, thread_seq);
if(ret>0)
{
FS_operate(g_tsg_para.fs2_handle, g_tsg_para.fs2_field_id[TSG_FS2_HIT_SHARE], 0, FS_OP_ADD, 1);
MESA_handle_runtime_log(g_tsg_para.logger,
RLOG_LV_DEBUG,
"SCAN_FQDN",
"Hit %s: %s policy_id: %d service: %d action: %d addr: %s",
(identify_info.proto==PROTO_HTTP) ? "host" : "sni",
identify_info.domain,
all_result[hit_num].config_id,
all_result[hit_num].service_id,
(unsigned char)all_result[hit_num].action,
printaddr(&a_tcp->addr, thread_seq)
);
hit_num+=ret;
}
else
if(identify_info.proto==PROTO_HTTP || identify_info.proto==PROTO_SSL)
{
MESA_handle_runtime_log(g_tsg_para.logger,
RLOG_LV_DEBUG,
"SCAN_FQDN",
"Not hit %s: %s stream_dir: %d addr: %s",
(ret==-1) ? "NULL" : ((identify_info.proto==PROTO_HTTP) ? "host" : "sni"),
(ret==-1) ? "NULL" : identify_info.domain,
a_tcp->dir,
printaddr(&a_tcp->addr, thread_seq)
ret=tsg_scan_shared_policy(g_tsg_maat_feather, &identify_info, all_result+hit_num, MAX_RESULT_NUM-hit_num, &mid, thread_seq);
if(ret>0)
{
FS_operate(g_tsg_para.fs2_handle, g_tsg_para.fs2_field_id[TSG_FS2_HIT_SHARE], 0, FS_OP_ADD, 1);
MESA_handle_runtime_log(g_tsg_para.logger,
RLOG_LV_DEBUG,
"SCAN_FQDN",
"Hit %s: %s policy_id: %d service: %d action: %d addr: %s",
(identify_info.proto==PROTO_HTTP) ? "host" : "sni",
identify_info.domain,
all_result[hit_num].config_id,
all_result[hit_num].service_id,
(unsigned char)all_result[hit_num].action,
(g_tsg_para.level<RLOG_LV_FATAL ? printaddr(&a_tcp->addr, thread_seq) : "")
);
hit_num+=ret;
}
else
{
MESA_handle_runtime_log(g_tsg_para.logger,
RLOG_LV_DEBUG,
"SCAN_FQDN",
"Not hit %s: %s ret: %d stream_dir: %d addr: %s",
(ret==-1) ? "NULL" : ((identify_info.proto==PROTO_HTTP) ? "host" : "sni"),
(ret==-1) ? "NULL" : identify_info.domain,
ret,
a_tcp->dir,
(g_tsg_para.level<RLOG_LV_FATAL ? printaddr(&a_tcp->addr, thread_seq) : "")
);
}
if(strlen(identify_info.domain)>0 && identify_info.domain_len>0)
{
internal_label->fqdn_category_id_num=tsg_get_fqdn_category_id(g_tsg_maat_feather,
identify_info.domain,
internal_label->fqdn_category_id,
MAX_CATEGORY_ID_NUM,
g_tsg_para.logger,
thread_seq
);
}
for(i=0; i<internal_label->fqdn_category_id_num; i++)
{
int idx=identify_info.proto==PROTO_HTTP ? TABLE_HTTP_HOST : TABLE_SSL_SNI;
ret=Maat_scan_intval(g_tsg_maat_feather,
g_tsg_para.table_id[idx],
(unsigned int)internal_label->fqdn_category_id[i],
all_result+hit_num,
MAX_RESULT_NUM-hit_num,
&mid,
thread_seq
);
if(ret>0)
{
MESA_handle_runtime_log(g_tsg_para.logger,
RLOG_LV_DEBUG,
"SCAN_FQDN_CAT",
"Hit %s: %s category_id: %d policy_id: %d service: %d action: %d addr: %s",
(identify_info.proto==PROTO_HTTP) ? "host" : "sni",
identify_info.domain,
internal_label->fqdn_category_id[i],
all_result[hit_num].config_id,
all_result[hit_num].service_id,
(unsigned char)all_result[hit_num].action,
(g_tsg_para.level<RLOG_LV_FATAL ? printaddr(&a_tcp->addr, thread_seq) : "")
);
hit_num+=ret;
}
else
{
MESA_handle_runtime_log(g_tsg_para.logger,
RLOG_LV_DEBUG,
"SCAN_FQDN_CAT",
"Not hit %s: %s category_id: %d ret: %d stream_dir: %d addr: %s",
(ret==-1) ? "NULL" : ((identify_info.proto==PROTO_HTTP) ? "host" : "sni"),
(ret==-1) ? "NULL" : identify_info.domain,
internal_label->fqdn_category_id[i],
ret,
a_tcp->dir,
(g_tsg_para.level<RLOG_LV_FATAL ? printaddr(&a_tcp->addr, thread_seq) : "")
);
}
}
}
if(mid!=NULL)
@@ -646,7 +833,7 @@ extern "C" char TSG_MASTER_TCP_ENTRY(struct streaminfo *a_tcp, void **pme, int t
p_result[0].config_id,
p_result[0].service_id,
(unsigned char)p_result[0].action,
printaddr(&a_tcp->addr, thread_seq)
(g_tsg_para.level<RLOG_LV_FATAL ? printaddr(&a_tcp->addr, thread_seq) : "")
);
state=APP_STATE_GIVEME|APP_STATE_KILL_OTHER;
@@ -674,7 +861,7 @@ extern "C" char TSG_MASTER_TCP_ENTRY(struct streaminfo *a_tcp, void **pme, int t
"Add policy_priority_label failed, intercept policy, policy_id: %d action: %d addr: %s",
priority_label->result[0].config_id,
(unsigned char)priority_label->result[0].action,
printaddr(&a_tcp->addr, thread_seq)
(g_tsg_para.level<RLOG_LV_FATAL ? printaddr(&a_tcp->addr, thread_seq) : "")
);
}
@@ -684,7 +871,7 @@ extern "C" char TSG_MASTER_TCP_ENTRY(struct streaminfo *a_tcp, void **pme, int t
"Hit intercept policy, policy_id: %d action: %d addr: %s",
priority_label->result[0].config_id,
(unsigned char)priority_label->result[0].action,
printaddr(&a_tcp->addr, thread_seq)
(g_tsg_para.level<RLOG_LV_FATAL ? printaddr(&a_tcp->addr, thread_seq) : "")
);
return APP_STATE_DROPME|APP_STATE_KILL_OTHER;
break;
@@ -723,7 +910,7 @@ extern "C" char TSG_MASTER_TCP_ENTRY(struct streaminfo *a_tcp, void **pme, int t
extern "C" char TSG_MASTER_UDP_ENTRY(struct streaminfo *a_udp, void **pme, int thread_seq,void *a_packet)
{
int ret=0;
int i=0,ret=0;
int hit_num=0;
scan_status_t mid=NULL;
int state=APP_STATE_GIVEME;
@@ -731,16 +918,17 @@ extern "C" char TSG_MASTER_UDP_ENTRY(struct streaminfo *a_udp, void **pme, int t
Maat_rule_t result[MAX_RESULT_NUM]={0};
struct _identify_info identify_info;
struct _master_context *_context=(struct _master_context *)*pme;
struct _internal_label *internal_label=NULL;
struct _session_attribute_label_t *internal_label=NULL;
switch(a_udp->opstate)
{
case OP_STATE_PENDING:
case OP_STATE_PENDING:
FS_operate(g_tsg_para.fs2_handle, g_tsg_para.fs2_field_id[TSG_FS2_UDP_LINKS], 0, FS_OP_ADD, 1);
memset(&identify_info, 0, sizeof(identify_info));
identify_application_protocol(a_udp, &identify_info, a_packet);
identify_application_protocol(a_udp, &identify_info, NULL, a_packet);
internal_label=(struct _internal_label *)dictator_malloc(1, sizeof(struct _internal_label));
memset(internal_label, 0, sizeof(struct _internal_label));
internal_label=(struct _session_attribute_label_t *)dictator_malloc(1, sizeof(struct _session_attribute_label_t));
memset(internal_label, 0, sizeof(struct _session_attribute_label_t));
internal_label->proto=identify_info.proto;
ret=project_req_add_struct(a_udp, g_tsg_para.internal_project_id, (const void *)internal_label);
@@ -751,7 +939,7 @@ extern "C" char TSG_MASTER_UDP_ENTRY(struct streaminfo *a_udp, void **pme, int t
"PROJECT_ADD",
"Add internal_label failed, proto: %d addr: %s",
internal_label->proto,
printaddr(&a_udp->addr, thread_seq)
(g_tsg_para.level<RLOG_LV_FATAL ? printaddr(&a_udp->addr, thread_seq) : "")
);
}
else
@@ -761,7 +949,7 @@ extern "C" char TSG_MASTER_UDP_ENTRY(struct streaminfo *a_udp, void **pme, int t
"PROJECT_ADD",
"Add internal_label successfully, proto: %d addr: %s",
internal_label->proto,
printaddr(&a_udp->addr, thread_seq)
(g_tsg_para.level<RLOG_LV_FATAL ? printaddr(&a_udp->addr, thread_seq) : "")
);
}
@@ -787,7 +975,7 @@ extern "C" char TSG_MASTER_UDP_ENTRY(struct streaminfo *a_udp, void **pme, int t
result[hit_num].config_id,
result[hit_num].service_id,
(unsigned char)result[hit_num].action,
printaddr(&a_udp->addr, thread_seq)
(g_tsg_para.level<RLOG_LV_FATAL ? printaddr(&a_udp->addr, thread_seq) : "")
);
hit_num+=ret;
@@ -801,9 +989,62 @@ extern "C" char TSG_MASTER_UDP_ENTRY(struct streaminfo *a_udp, void **pme, int t
"QUIC SNI",
identify_info.domain,
a_udp->dir,
printaddr(&a_udp->addr, thread_seq)
(g_tsg_para.level<RLOG_LV_FATAL ? printaddr(&a_udp->addr, thread_seq) : "")
);
}
if(strlen(identify_info.domain)>0 && identify_info.domain_len>0)
{
internal_label->fqdn_category_id_num=tsg_get_fqdn_category_id(g_tsg_maat_feather,
identify_info.domain,
internal_label->fqdn_category_id,
MAX_CATEGORY_ID_NUM,
g_tsg_para.logger,
thread_seq
);
}
for(i=0; i<internal_label->fqdn_category_id_num; i++)
{
ret=Maat_scan_intval(g_tsg_maat_feather,
g_tsg_para.table_id[TABLE_QUIC_SNI],
(unsigned int)internal_label->fqdn_category_id[i],
result+hit_num,
MAX_RESULT_NUM-hit_num,
&mid,
thread_seq
);
if(ret>0)
{
MESA_handle_runtime_log(g_tsg_para.logger,
RLOG_LV_DEBUG,
"SCAN_FQDN_CAT",
"Hit %s: %s category_id: %d policy_id: %d service: %d action: %d addr: %s",
"QUIC SNI",
identify_info.domain,
internal_label->fqdn_category_id[i],
result[hit_num].config_id,
result[hit_num].service_id,
(unsigned char)result[hit_num].action,
(g_tsg_para.level<RLOG_LV_FATAL ? printaddr(&a_udp->addr, thread_seq) : "")
);
hit_num+=ret;
}
else
{
MESA_handle_runtime_log(g_tsg_para.logger,
RLOG_LV_DEBUG,
"SCAN_FQDN_CAT",
"Not hit %s: %s category_id: %d ret: %d stream_dir: %d addr: %s",
(ret==-1) ? "NULL" : ((identify_info.proto==PROTO_HTTP) ? "host" : "sni"),
(ret==-1) ? "NULL" : identify_info.domain,
internal_label->fqdn_category_id[i],
ret,
a_udp->dir,
(g_tsg_para.level<RLOG_LV_FATAL ? printaddr(&a_udp->addr, thread_seq) : "")
);
}
}
}
if(mid!=NULL)
@@ -837,7 +1078,7 @@ extern "C" char TSG_MASTER_UDP_ENTRY(struct streaminfo *a_udp, void **pme, int t
p_result[0].config_id,
p_result[0].service_id,
(unsigned char)p_result[0].action,
printaddr(&a_udp->addr, thread_seq)
(g_tsg_para.level<RLOG_LV_FATAL ? printaddr(&a_udp->addr, thread_seq) : "")
);
state=APP_STATE_GIVEME|APP_STATE_KILL_OTHER;
@@ -881,27 +1122,30 @@ extern "C" char TSG_MASTER_UDP_ENTRY(struct streaminfo *a_udp, void **pme, int t
extern "C" int TSG_MASTER_INIT()
{
int i=0,ret=0,cycle=0;
int value=0,level=30;
int i=0,ret=0;
int value=0,cycle=0;
unsigned short fs_server_port=0;
char app_name[MAX_STRING_LEN]={0};
char log_path[MAX_STRING_LEN*4]={0};
char label_buff[MAX_STRING_LEN*4]={0};
char fs_server_ip[MAX_IPV4_LEN]={0};
char fs_output_path[MAX_STRING_LEN*4]={0};
char device_sn_filename[MAX_STRING_LEN]={0};
char identify_proto_name[MAX_STRING_LEN*4]={0};
memset(&g_tsg_para, 0, sizeof(g_tsg_para));
MESA_load_profile_int_def(tsg_conffile, "SYSTEM","LOG_LEVEL", &level, 30);
MESA_load_profile_string_def(tsg_conffile, "SYSTEM","LOG_PATH", log_path, sizeof(log_path), "tsglog/tsg_master");
MESA_load_profile_int_def(tsg_conffile, "SYSTEM","LOG_LEVEL", &g_tsg_para.level, RLOG_LV_FATAL);
MESA_load_profile_string_def(tsg_conffile, "SYSTEM","LOG_PATH", g_tsg_para.log_path, sizeof(g_tsg_para.log_path), "tsglog/tsg_master");
g_tsg_para.logger=MESA_create_runtime_log_handle(log_path, level);
g_tsg_para.logger=MESA_create_runtime_log_handle(g_tsg_para.log_path, g_tsg_para.level);
if(g_tsg_para.logger==NULL)
{
printf("MESA_create_runtime_log_handle failed ...\n");
return -1;
}
MESA_load_profile_string_def(tsg_conffile, "SYSTEM", "IDENTIFY_PROTO_NAME", identify_proto_name, sizeof(identify_proto_name), "HTTP;SSL;DNS;FTP;BGP;SIP;MAIL;STREAMING_MEDIA;QUIC;");
tsg_proto_name2flag(identify_proto_name, &g_tsg_para.proto_flag);
MESA_load_profile_int_def(tsg_conffile, "SYSTEM", "DEVICE_ID", &g_tsg_para.device_id, 0);
MESA_load_profile_short_def(tsg_conffile, "SYSTEM", "TIMEOUT", (short *)&g_tsg_para.timeout, 300);
@@ -934,7 +1178,7 @@ extern "C" int TSG_MASTER_INIT()
}
MESA_load_profile_string_def(tsg_conffile, "SYSTEM", "TSG_MASTER_INTERNAL_LABEL", label_buff, sizeof(label_buff), "TSG_MASTER_INTERNAL_LABEL");
g_tsg_para.internal_project_id=project_producer_register(label_buff, PROJECT_VAL_TYPE_STRUCT, free_internal_label);
g_tsg_para.internal_project_id=project_producer_register(label_buff, PROJECT_VAL_TYPE_STRUCT, free_session_attribute_label);
if(g_tsg_para.internal_project_id<0)
{
MESA_handle_runtime_log(g_tsg_para.logger,
@@ -989,12 +1233,24 @@ extern "C" int TSG_MASTER_INIT()
for(i=0; i<TSG_FS2_MAX; i++)
{
g_tsg_para.fs2_field_id[g_tsg_fs2_field[i].id]=FS_register(g_tsg_para.fs2_handle, FS_STYLE_FIELD, FS_CALC_CURRENT, g_tsg_fs2_field[i].name);
g_tsg_para.fs2_field_id[i]=FS_register(g_tsg_para.fs2_handle, FS_STYLE_FIELD, FS_CALC_SPEED, g_tsg_fs2_field[i].name);
}
char buff[32]={0};
int thread_num=get_thread_count();
for(i=0; i<thread_num && g_tsg_log_instance!=NULL; i++)
{
snprintf(buff, sizeof(buff), "send_log_percent_%02d", i);
g_tsg_log_instance->fs_status_ids[i]=FS_register(g_tsg_para.fs2_handle, FS_STYLE_STATUS, FS_CALC_CURRENT, buff);
}
FS_start(g_tsg_para.fs2_handle);
for(i=0; i<thread_num; i++)
{
FS_operate(g_tsg_para.fs2_handle,g_tsg_log_instance ->fs_status_ids[i], 0, FS_OP_SET, g_tsg_log_instance->send_log_percent[i]);
}
ret=tsg_statistic_init(tsg_conffile, g_tsg_para.logger);
if(ret<0)
{

78
src/tsg_entry.h
View File

@@ -4,6 +4,7 @@
#include <MESA/Maat_rule.h>
#include <MESA/field_stat2.h>
#include "tsg_rule.h"
#include "tsg_label.h"
#include "tsg_statistic.h"
#if(__GNUC__ * 100 + __GNUC_MINOR__ * 10 + __GNUC_PATCHLEVEL__ >= 411)
@@ -39,18 +40,23 @@ enum MASTER_TABLE{
TABLE_LOCATION_USER_DEFINED,
TABLE_LOCATION_BUILT_IN,
TABLE_QUIC_SNI,
TABLE_FQDN_CAT_ID,
TABLE_FQDN_CAT_USER_DEFINED,
TABLE_FQDN_CAT_BUILT_IN,
TABLE_MAX
};
enum TSG_FS2_TYPE{
TSG_FS2_LINKS=0,
TSG_FS2_TCP_LINKS=0,
TSG_FS2_UDP_LINKS,
TSG_FS2_BYPASS,
TSG_FS2_HIT_ADDR,
TSG_FS2_HIT_SHARE,
TSG_FS2_INTERCEPT,
TSG_FS2_LOG,
TSG_FS2_DENY,
TSG_FS2_SUCCESS_LOG,
TSG_FS2_FAILED_LOG,
TSG_FS2_DROP_LOG,
TSG_FS2_MAX
};
@@ -61,45 +67,14 @@ struct _str2index
char *type;
};
struct _asn_info
struct _fqdn_category_t
{
int ref_cnt;
int addr_type;
char start_ip[40];
char end_ip[40];
char asn[40];
char organization[256];
int table_id;
int ref_cnt;
unsigned int category_id;
int match_method;
char fqdn[MAX_DOAMIN_LEN/8];
};
struct _location_info
{
int ref_cnt;
int addr_type;
char start_ip[40];
char end_ip[40];
double latitude;
double longitude;
double coords;
char language[40];
char continent_abbr[256];
char continent_full[256];
char country_abbr[256];
char country_full[256];
char province_abbr[256];
char province_full[256];
char city_full[256];
char time_zone[128];
int geoname_id;
int table_id;
};
struct _subscribe_id_info
{
int ref_cnt;
int table_id;
char subscribe_id[256];
};
typedef struct _policy_priority_label
{
@@ -123,14 +98,19 @@ struct _master_context
#define _MAX_TABLE_NAME_LEN 64
typedef struct _tsg_para
{
int level;
unsigned short timeout;
int app_id_table_type;
int device_id;
int table_id[TABLE_MAX];
int dyn_subscribe_ip_table_id; //TSG_DYN_SUBSCRIBER_IP
int priority_project_id;
int internal_project_id;
int proto_flag; //tsg_protocol_t
int fs2_field_id[TSG_FS2_MAX];
char device_sn[MAX_DOAMIN_LEN/8];
char log_path[MAX_DOAMIN_LEN/8];
char data_center[_MAX_TABLE_NAME_LEN];
char table_name[TABLE_MAX][_MAX_TABLE_NAME_LEN];
void *logger;
screen_stat_handle_t fs2_handle;
@@ -138,8 +118,6 @@ typedef struct _tsg_para
extern g_tsg_para_t g_tsg_para;
typedef enum _tsg_statis_field_id
{
STATIS_UNKNOWN=0,
@@ -177,6 +155,24 @@ typedef enum _tsg_statis_field_id
STATIS_INTERCEPT_OUT_BYTES,
STATIS_INTERCEPT_IN_PACKETS,
STATIS_INTERCEPT_OUT_PACKETS,
STATIS_IPV4_IN_BYTES,
STATIS_IPV4_OUT_BYTES,
STATIS_IPV4_IN_PACKETS,
STATIS_IPV4_OUT_PACKETS,
STATIS_IPV6_IN_BYTES,
STATIS_IPV6_OUT_BYTES,
STATIS_IPV6_IN_PACKETS,
STATIS_IPV6_OUT_PACKETS,
STATIS_TCP_NEW_CON_NUM,
STATIS_TCP_IN_BYTES,
STATIS_TCP_OUT_BYTES,
STATIS_TCP_IN_PACKETS,
STATIS_TCP_OUT_PACKETS,
STATIS_UDP_NEW_CON_NUM,
STATIS_UDP_IN_BYTES,
STATIS_UDP_OUT_BYTES,
STATIS_UDP_IN_PACKETS,
STATIS_UDP_OUT_PACKETS,
STATIS_ALERT_BYTES,
STATIS_BLOCK_BYTES,
STATIS_PINNING_NUM,

644
src/tsg_rule.cpp
View File

@@ -6,7 +6,7 @@
#include <arpa/inet.h>
#include <MESA/stream.h>
#include <MESA/MESA_prof_load.h>
#include "MESA/cJSON.h"
#include "MESA/MESA_handle_logger.h"
#include "Maat_rule.h"
#include "Maat_command.h"
@@ -52,6 +52,10 @@ const struct _str2index g_tsg_proto_string[PROTO_MAX+1]={{PROTO_UNKONWN, 0, (cha
{PROTO_BGP, 4, (char *)"BGP."},
{PROTO_STREAMING_MEDIA, 16, (char *)"STREAMING_MEDIA."},
{PROTO_QUIC, 5, (char *)"QUIC."},
{PROTO_SSH, 4, (char *)"SSH."},
{PROTO_SMTP, 5, (char *)"MAIL."},
{PROTO_IMAP, 5, (char *)"MAIL."},
{PROTO_POP3, 5, (char *)"MAIL."},
{PROTO_MAX, 0, (char *)""}
};
@@ -92,124 +96,140 @@ static char* str_unescape(char* s)
return s;
}
static int proto_str2id(tsg_protocol_t proto)
{
switch(proto)
{
case PROTO_TCP: return 100;
case PROTO_UDP: return 101;
case PROTO_HTTP: return 106;
case PROTO_MAIL: return 110;
case PROTO_IMAP: return 110;
case PROTO_POP3: return 110;//116
case PROTO_SMTP: return 110;//122
case PROTO_DNS: return 103;
case PROTO_FTP: return 104;
case PROTO_SSL: return 126;
case PROTO_SIP: return 120;
case PROTO_QUIC: return 119;
case PROTO_SSH: return 125;
case PROTO_IPv6:
case PROTO_IPv4:
case PROTO_STREAMING_MEDIA:
case PROTO_BGP:
default:
break;
}
return 0;
}
static int get_data_center(char *accept_tag, char *data_center, int data_center_len)
{
int i=0,len;
cJSON *object=cJSON_Parse(accept_tag);
if(object!=NULL)
{
cJSON *array=cJSON_GetObjectItem(object, "tags");
if(array!=NULL)
{
for(i=0; i<cJSON_GetArraySize(array); i++)
{
cJSON *item=cJSON_GetArrayItem(array, i);
if(item!=NULL)
{
cJSON *tag_item=cJSON_GetObjectItem(item, "tag");
if(tag_item!=NULL && tag_item->valuestring!=NULL && (memcmp("device_id", tag_item->valuestring, strlen("device_id")))==0)
{
cJSON *v_item=cJSON_GetObjectItem(item, "value");
if(v_item!=NULL && v_item->valuestring!=NULL)
{
len=strlen(v_item->valuestring);
memcpy(data_center, v_item->valuestring, (len>data_center_len-1 ? data_center_len-1 : len));
}
return 1;
}
}
}
}
}
return 0;
}
static void eliminate_default_value(char *value)
{
if(value!=NULL && (memcmp(value, "null", 4))==0)
{
value[0]='\0';
}
}
void ASN_dup_data(int table_id, MAAT_PLUGIN_EX_DATA *to, MAAT_PLUGIN_EX_DATA *from, long argl, void* argp)
{
void *logger=argp;
struct _asn_info *asn=(struct _asn_info *)(*from);
atomic_inc(&asn->ref_cnt);
*to=*from;
struct _asn_info_t *asn=(struct _asn_info_t *)(*from);
MESA_handle_runtime_log(logger,
RLOG_LV_DEBUG,
"IP_ASN",
"Dup(table_id: %d) ip ASN: start_ip: %s end_ip: %s asn: %s organization: %s ref_cnt: %d",
table_id,
asn->start_ip,
asn->end_ip,
asn->asn,
asn->organization,
asn->ref_cnt
);
if(asn!=NULL)
{
atomic_inc(&asn->ref_cnt);
*to=*from;
}
return;
}
void ASN_new_data(int table_id, const char* key, const char* table_line, MAAT_PLUGIN_EX_DATA* ad, long argl, void* argp)
{
void *logger=argp;
int ret=0,id=0,is_valid=0;
struct _asn_info *asn=NULL;
asn=(struct _asn_info *)calloc(1, sizeof(struct _asn_info));
struct _asn_info_t *asn=NULL;
asn=(struct _asn_info_t *)calloc(1, sizeof(struct _asn_info_t));
ret=sscanf(table_line, "%d\t%d\t%s\t%s\t%s\t%s\t%d", &id, &asn->addr_type, asn->start_ip, asn->end_ip, asn->asn, asn->organization, &is_valid);
if(ret!=7)
{
free(asn);
asn=NULL;
MESA_handle_runtime_log(logger,
RLOG_LV_FATAL,
"IP_ASN",
"Parse ip ASN failed, ret: %d table_id: %d table_line: %s",
ret,
table_id,
table_line
);
return;
}
str_unescape(asn->organization);
eliminate_default_value(asn->organization);
atomic_inc(&asn->ref_cnt);
asn->table_id=table_id;
*ad=(MAAT_PLUGIN_EX_DATA)asn;
MESA_handle_runtime_log(logger,
RLOG_LV_DEBUG,
"IP_ASN",
"Add(table_id: %d) ip ASN: start_ip: %s end_ip: %s asn: %s organization: %s ref_cnt: %d",
table_id,
asn->start_ip,
asn->end_ip,
asn->asn,
asn->organization,
asn->ref_cnt
);
return;
}
void ASN_free_data(int table_id, MAAT_PLUGIN_EX_DATA* ad, long argl, void* argp)
{
void *logger=argp;
struct _asn_info *asn=(struct _asn_info *)(*ad);
struct _asn_info_t *asn=(struct _asn_info_t *)(*ad);
MESA_handle_runtime_log(logger,
RLOG_LV_DEBUG,
"IP_ASN",
"Delate(table_id: %d) ip ASN: start_ip: %s end_ip: %s asn: %s organization: %s ref_cnt: %d",
table_id,
asn->start_ip,
asn->end_ip,
asn->asn,
asn->organization,
asn->ref_cnt
);
atomic_dec(&asn->ref_cnt);
if(asn->ref_cnt<=0)
if(asn!=NULL)
{
free(*ad);
*ad=NULL;
atomic_dec(&asn->ref_cnt);
if(asn->ref_cnt<=0)
{
free(*ad);
*ad=NULL;
}
}
return;
}
void location_dup_data(int table_id, MAAT_PLUGIN_EX_DATA *to, MAAT_PLUGIN_EX_DATA *from, long argl, void* argp)
{
void *logger=argp;
struct _location_info *location=(struct _location_info *)(*from);
struct _location_info_t *location=(struct _location_info_t *)(*from);
atomic_inc(&location->ref_cnt);
*to=*from;
if(location!=NULL)
{
atomic_inc(&location->ref_cnt);
*to=*from;
}
MESA_handle_runtime_log(logger,
RLOG_LV_DEBUG,
"IP_LOCATION",
"Dup(table_id: %d) location: geoname_id: %d start_ip: %s end_ip: %s continent: %s country: %s province: %s city: %s ref_cnt: %d",
table_id,
location->geoname_id,
location->start_ip,
location->end_ip,
location->continent_full,
location->country_full,
location->province_full,
location->city_full,
location->ref_cnt
);
return;
}
@@ -217,9 +237,9 @@ void location_new_data(int table_id, const char* key, const char* table_line, MA
{
void *logger=argp;
int ret=0,id=0,is_valid=0;
struct _location_info *location=NULL;
struct _location_info_t *location=NULL;
location=(struct _location_info *)calloc(1, sizeof(struct _location_info));
location=(struct _location_info_t *)calloc(1, sizeof(struct _location_info_t));
ret=sscanf(table_line,
"%d\t%d\t%d\t%s\t%s\t%lf\t%lf\t%lf\t%s\t%s\t%s\t%s\t%s\t%s\t%s\t%s\t%s\t%d",
@@ -261,68 +281,118 @@ void location_new_data(int table_id, const char* key, const char* table_line, MA
str_unescape(location->country_full);
str_unescape(location->province_full);
str_unescape(location->city_full);
eliminate_default_value(location->language);
eliminate_default_value(location->continent_abbr);
eliminate_default_value(location->continent_full);
eliminate_default_value(location->country_abbr);
eliminate_default_value(location->country_full);
eliminate_default_value(location->province_abbr);
eliminate_default_value(location->province_full);
eliminate_default_value(location->city_full);
eliminate_default_value(location->time_zone);
atomic_inc(&location->ref_cnt);
location->table_id=table_id;
*ad=(MAAT_PLUGIN_EX_DATA)location;
MESA_handle_runtime_log(logger,
RLOG_LV_DEBUG,
"IP_LOCATION",
"Add(table_id: %d) ip location: geoname_id: %d start_ip: %s end_ip: %s continent: %s country: %s province: %s city: %s ref_cnt: %d",
table_id,
location->geoname_id,
location->start_ip,
location->end_ip,
location->continent_full,
location->country_full,
location->province_full,
location->city_full,
location->ref_cnt
);
return;
}
void location_free_data(int table_id, MAAT_PLUGIN_EX_DATA* ad, long argl, void* argp)
{
void *logger=argp;
struct _location_info *location=(struct _location_info *)(*ad);
struct _location_info_t *location=(struct _location_info_t *)(*ad);
MESA_handle_runtime_log(logger,
RLOG_LV_DEBUG,
"IP_LOCATION",
"Delete(table_id: %d) location: geoname_id: %d start_ip: %s end_ip: %s continent: %s country: %s province: %s city: %s ref_cnt: %d",
table_id,
location->geoname_id,
location->start_ip,
location->end_ip,
location->continent_full,
location->country_full,
location->province_full,
location->city_full,
location->ref_cnt
);
atomic_dec(&location->ref_cnt);
if(location->ref_cnt<=0)
if(location!=NULL)
{
free(*ad);
*ad=NULL;
atomic_dec(&location->ref_cnt);
if(location->ref_cnt<=0)
{
free(*ad);
*ad=NULL;
}
}
return;
}
void fqdn_cat_dup_data(int table_id, MAAT_PLUGIN_EX_DATA *to, MAAT_PLUGIN_EX_DATA *from, long argl, void* argp)
{
struct _fqdn_category_t *fqdn_cat=(struct _fqdn_category_t *)(*from);
if(fqdn_cat!=NULL)
{
atomic_inc(&fqdn_cat->ref_cnt);
*to=*from;
}
return;
}
void fqdn_cat_new_data(int table_id, const char* key, const char* table_line, MAAT_PLUGIN_EX_DATA* ad, long argl, void* argp)
{
void *logger=argp;
int ret=0,id=0,is_valid=0;
struct _fqdn_category_t *fqdn_cat=NULL;
fqdn_cat=(struct _fqdn_category_t *)calloc(1, sizeof(struct _fqdn_category_t));
ret=sscanf(table_line,
"%d\t%u\t%s\t\t%d\t%d",
&id,
&fqdn_cat->category_id,
fqdn_cat->fqdn,
&fqdn_cat->match_method,
&is_valid
);
if(ret!=5)
{
free(fqdn_cat);
fqdn_cat=NULL;
MESA_handle_runtime_log(logger,
RLOG_LV_FATAL,
"FQDN_CAT",
"Parse fqdn category failed, ret: %d table_id: %d table_line: %s",
ret,
table_id,
table_line
);
return;
}
atomic_inc(&fqdn_cat->ref_cnt);
*ad=(MAAT_PLUGIN_EX_DATA)fqdn_cat;
return;
}
void fqdn_cat_free_data(int table_id, MAAT_PLUGIN_EX_DATA* ad, long argl, void* argp)
{
struct _fqdn_category_t *fqdn_cat=(struct _fqdn_category_t *)(*ad);
if(fqdn_cat!=NULL)
{
atomic_dec(&fqdn_cat->ref_cnt);
if(fqdn_cat->ref_cnt<=0)
{
free(*ad);
*ad=NULL;
}
}
return;
}
void subscribe_id_dup_data(int table_id, MAAT_PLUGIN_EX_DATA *to, MAAT_PLUGIN_EX_DATA *from, long argl, void* argp)
{
void *logger=argp;
struct _subscribe_id_info *subscribe_id=(struct _subscribe_id_info *)(*from);
struct _subscribe_id_info_t *subscribe_id=(struct _subscribe_id_info_t *)(*from);
atomic_inc(&subscribe_id->ref_cnt);
*to=*from;
MESA_handle_runtime_log(logger, RLOG_LV_DEBUG, "SUBSCRIBE_ID", "Dup(table_id: %d ) subscribe_id: %s ref_cnt: %d", table_id, subscribe_id->subscribe_id, subscribe_id->ref_cnt);
if(subscribe_id!=NULL)
{
atomic_inc(&subscribe_id->ref_cnt);
*to=*from;
}
return;
}
@@ -332,9 +402,9 @@ void subscribe_id_new_data(int table_id, const char* key, const char* table_line
void *logger=argp;
int ret=0,id=0,type=0,is_valid=0;
char ip_addr[MAX_IPV6_ADDR_LEN]={0};
struct _subscribe_id_info *subscribe_id=NULL;
struct _subscribe_id_info_t *subscribe_id=NULL;
subscribe_id=(struct _subscribe_id_info *)calloc(1, sizeof(struct _subscribe_id_info));
subscribe_id=(struct _subscribe_id_info_t *)calloc(1, sizeof(struct _subscribe_id_info_t));
ret=sscanf(table_line, "%d\t%d\t%s\t%s\t%d", &id, &type, ip_addr, subscribe_id->subscribe_id, &is_valid);
if(ret!=5)
@@ -359,29 +429,22 @@ void subscribe_id_new_data(int table_id, const char* key, const char* table_line
subscribe_id->table_id=table_id;
*ad=(MAAT_PLUGIN_EX_DATA)subscribe_id;
MESA_handle_runtime_log(logger,
RLOG_LV_DEBUG,
"SUBSCRIBE_ID",
"Add(table_id: %d ) subscribe_id: %s ref_cnt: %d",
table_id,
subscribe_id->subscribe_id,
subscribe_id->ref_cnt
);
return;
}
void subscribe_id_free_data(int table_id, MAAT_PLUGIN_EX_DATA* ad, long argl, void* argp)
{
void *logger=argp;
struct _subscribe_id_info *subscribe_id=(struct _subscribe_id_info *)(*ad);
struct _subscribe_id_info_t *subscribe_id=(struct _subscribe_id_info_t *)(*ad);
MESA_handle_runtime_log(logger, RLOG_LV_DEBUG, "SUBSCRIBE_ID", "Delete(table_id: %d ) subscribe_id: %s ref_cnt: %d", table_id, subscribe_id->subscribe_id, subscribe_id->ref_cnt);
atomic_dec(&subscribe_id->ref_cnt);
if(subscribe_id->ref_cnt<=0)
if(subscribe_id!=NULL)
{
free(*ad);
*ad=NULL;
atomic_dec(&subscribe_id->ref_cnt);
if(subscribe_id->ref_cnt<=0)
{
free(*ad);
*ad=NULL;
}
}
return;
@@ -401,8 +464,22 @@ static Maat_feather_t init_maat_feather(const char* conffile, char* instance_nam
memset(effective_flag, 0, sizeof(effective_flag));
MESA_load_profile_string_def(conffile, module, "EFFECTIVE_RANGE_FILE", effective_range_filename, sizeof(effective_range_filename),"./tsgconf/maat.conf");
MESA_load_profile_string_def(conffile, "MAAT", "ACCEPT_TAGS", effective_flag, sizeof(effective_flag),"");
if(strlen(effective_range_filename)>0)
{
MESA_load_profile_string_def(effective_range_filename, "MAAT", "ACCEPT_TAGS", effective_flag, sizeof(effective_flag),"");
}
if(strlen(effective_flag)==0)
{
MESA_load_profile_string_def(conffile, "MAAT", "ACCEPT_TAGS", effective_flag, sizeof(effective_flag),"");
}
if(strlen(g_tsg_para.data_center)==0 && strlen(effective_flag)>0)
{
get_data_center(effective_flag, g_tsg_para.data_center, sizeof(g_tsg_para.data_center));
}
MESA_load_profile_int_def(conffile, module,"MAAT_MODE", &(maat_mode),0);
MESA_load_profile_int_def(conffile, module,"STAT_SWITCH", &(maat_stat_on),1);
MESA_load_profile_int_def(conffile, module,"PERF_SWITCH", &(maat_perf_on),1);
@@ -495,7 +572,9 @@ int tsg_rule_init(const char* conffile, void *logger)
char maat_conffile[256]={0};
char cb_subscriber_ip_table[32]={0};
MESA_load_profile_string_def(conffile, "MAAT", "PROFILE", maat_conffile, sizeof(maat_conffile), "./tsgconf/maat_profile.conf");
MESA_load_profile_int_def(conffile, "MAAT","APP_ID_TABLE_TYPE", &g_tsg_para.app_id_table_type, 1);
MESA_load_profile_string_def(conffile, "MAAT", "PROFILE", maat_conffile, sizeof(maat_conffile), "./tsgconf/maat.conf");
MESA_load_profile_string_def(conffile, "MAAT", "IP_ADDR_TABLE", g_tsg_para.table_name[TABLE_IP_ADDR], _MAX_TABLE_NAME_LEN, "TSG_SECURITY_ADDR");
MESA_load_profile_string_def(conffile, "MAAT", "SUBSCRIBER_ID_TABLE", g_tsg_para.table_name[TABLE_SUBSCRIBER_ID], _MAX_TABLE_NAME_LEN, "TSG_OBJ_SUBSCRIBER_ID");
MESA_load_profile_string_def(conffile, "MAAT", "APP_ID_TABLE", g_tsg_para.table_name[TABLE_APP_ID], _MAX_TABLE_NAME_LEN, "TSG_OBJ_APP_ID");
@@ -515,6 +594,10 @@ int tsg_rule_init(const char* conffile, void *logger)
MESA_load_profile_string_def(conffile, "MAAT", "QUIC_SNI_TABLE", g_tsg_para.table_name[TABLE_QUIC_SNI], _MAX_TABLE_NAME_LEN, "TSG_FIELD_QUIC_SNI");
MESA_load_profile_string_def(conffile, "MAAT", "FQDN_CAT_ID_TABLE", g_tsg_para.table_name[TABLE_FQDN_CAT_ID], _MAX_TABLE_NAME_LEN, "TSG_OBJ_FQDN_CAT");
MESA_load_profile_string_def(conffile, "MAAT", "FQDN_CAT_BUILT_IN_TABLE", g_tsg_para.table_name[TABLE_FQDN_CAT_BUILT_IN], _MAX_TABLE_NAME_LEN, "TSG_FQDN_CATEGORY_BUILT_IN");
MESA_load_profile_string_def(conffile, "MAAT", "FQDN_CAT_USER_DEFINED_TABLE", g_tsg_para.table_name[TABLE_FQDN_CAT_USER_DEFINED], _MAX_TABLE_NAME_LEN, "TSG_FQDN_CATEGORY_USER_DEFINED");
//init static maat feather
g_tsg_maat_feather=init_maat_feather(maat_conffile, (char *)"TSG_STATIC", (char *)"STATIC", logger);
if(g_tsg_maat_feather==NULL)
@@ -580,6 +663,28 @@ int tsg_rule_init(const char* conffile, void *logger)
}
}
for(i=TABLE_FQDN_CAT_USER_DEFINED; i<=TABLE_FQDN_CAT_BUILT_IN; i++)
{
ret=Maat_fqdn_plugin_EX_register(g_tsg_maat_feather,
g_tsg_para.table_id[i],
fqdn_cat_new_data,
fqdn_cat_free_data,
fqdn_cat_dup_data,
0,
logger
);
if(ret<0)
{
MESA_handle_runtime_log(logger, RLOG_LV_FATAL,
"RULE_INIT",
"Maat_ip_plugin_EX_register failed, table_name: %s table_id: %d",
g_tsg_para.table_name[i],
g_tsg_para.table_id[i]
);
return -1;
}
}
//init dynamic maat feather
g_tsg_dynamic_maat_feather=init_maat_feather(maat_conffile, (char *)"TSG_DYNAMIC", (char *)"DYNAMIC", logger);
if(g_tsg_maat_feather==NULL)
@@ -640,23 +745,29 @@ int tsg_pull_policy_result(struct streaminfo *a_stream, PULL_RESULT_TYPE pull_re
}
else
{
MESA_handle_runtime_log(g_tsg_para.logger, RLOG_LV_DEBUG, "PULL_RESULT",
"pull policy failed, hit: %s %s: %s policy_id: %d service: %d action: %d addr: %s",
(label->result_type==PULL_KNI_RESULT) ? "KNI" : "FW",
label->proto==PROTO_HTTP ? "host" : "sni",
label->domain,
label->result->config_id,
label->result->service_id,
label->result->action,
printaddr(&a_stream->addr, a_stream->threadnum));
MESA_handle_runtime_log(g_tsg_para.logger,
RLOG_LV_DEBUG,
"PULL_RESULT",
"pull policy failed, hit: %s %s: %s policy_id: %d service: %d action: %d addr: %s",
(label->result_type==PULL_KNI_RESULT) ? "KNI" : "FW",
label->proto==PROTO_HTTP ? "host" : "sni",
label->domain,
label->result->config_id,
label->result->service_id,
label->result->action,
(g_tsg_para.level<RLOG_LV_FATAL ? printaddr(&a_stream->addr, a_stream->threadnum) : "")
);
}
}
else
{
MESA_handle_runtime_log(g_tsg_para.logger, RLOG_LV_DEBUG, "PULL_RESULT",
"pull policy failed, Not hit, label is %s addr: %s",
(label==NULL) ? "NULL" : label->domain,
printaddr(&a_stream->addr, a_stream->threadnum));
MESA_handle_runtime_log(g_tsg_para.logger,
RLOG_LV_DEBUG,
"PULL_RESULT",
"pull policy failed, Not hit, label is %s addr: %s",
(label==NULL) ? "NULL" : label->domain,
(g_tsg_para.level<RLOG_LV_FATAL ? printaddr(&a_stream->addr, a_stream->threadnum) : "")
);
}
return 0;
@@ -738,7 +849,7 @@ int tsg_get_ip_location(const struct streaminfo *a_stream, int table_id, MAAT_PL
return 0;
}
int tsg_get_subscribe_id(const struct streaminfo *a_stream, struct _subscribe_id_info **source_subscribe_id, struct _subscribe_id_info **dest_subscribe_id)
int tsg_get_subscribe_id(const struct streaminfo *a_stream, struct _subscribe_id_info_t **source_subscribe_id, struct _subscribe_id_info_t **dest_subscribe_id)
{
char source_ip[MAX_IPV6_ADDR_LEN]={0};
char dest_ip[MAX_IPV6_ADDR_LEN]={0};
@@ -763,18 +874,18 @@ int tsg_get_subscribe_id(const struct streaminfo *a_stream, struct _subscribe_id
if(strlen(dest_ip)>0 && *dest_subscribe_id==NULL)
{
*dest_subscribe_id = (struct _subscribe_id_info *)Maat_plugin_get_EX_data(g_tsg_dynamic_maat_feather, g_tsg_para.dyn_subscribe_ip_table_id, dest_ip);
*dest_subscribe_id = (struct _subscribe_id_info_t *)Maat_plugin_get_EX_data(g_tsg_dynamic_maat_feather, g_tsg_para.dyn_subscribe_ip_table_id, dest_ip);
}
if(strlen(source_ip)>0 && *source_subscribe_id==NULL)
{
*source_subscribe_id = (struct _subscribe_id_info *)Maat_plugin_get_EX_data(g_tsg_dynamic_maat_feather, g_tsg_para.dyn_subscribe_ip_table_id, source_ip);
*source_subscribe_id = (struct _subscribe_id_info_t *)Maat_plugin_get_EX_data(g_tsg_dynamic_maat_feather, g_tsg_para.dyn_subscribe_ip_table_id, source_ip);
}
return 0;
}
int tsg_scan_ip_asn(Maat_feather_t maat_feather, const struct streaminfo *a_stream, struct _asn_info *asn, enum MASTER_TABLE idx, scan_status_t *mid, Maat_rule_t*result, int result_num)
int tsg_scan_ip_asn(Maat_feather_t maat_feather, const struct streaminfo *a_stream, struct _asn_info_t *asn, enum MASTER_TABLE idx, scan_status_t *mid, Maat_rule_t*result, int result_num)
{
int ret=0;
@@ -793,28 +904,28 @@ int tsg_scan_ip_asn(Maat_feather_t maat_feather, const struct streaminfo *a_stre
if(ret > 0)
{
MESA_handle_runtime_log(g_tsg_para.logger,
RLOG_LV_DEBUG,
"SCAN_IP_ASN",
"Hit IP_ASN: %s scan ret: %d table_name: %s policy_id: %d service: %d action: %d addr: %s",
asn->asn,
ret,
g_tsg_para.table_name[idx],
result[0].config_id,
result[0].service_id,
(unsigned char)result[0].action,
printaddr(&a_stream->addr, a_stream->threadnum)
RLOG_LV_DEBUG,
"SCAN_IP_ASN",
"Hit IP_ASN: %s scan ret: %d table_name: %s policy_id: %d service: %d action: %d addr: %s",
asn->asn,
ret,
g_tsg_para.table_name[idx],
result[0].config_id,
result[0].service_id,
(unsigned char)result[0].action,
(g_tsg_para.level<RLOG_LV_FATAL ? printaddr(&a_stream->addr, a_stream->threadnum) : "")
);
}
else
{
MESA_handle_runtime_log(g_tsg_para.logger,
RLOG_LV_DEBUG,
"SCAN_IP_ASN",
"No hit IP_ASN: %s scan ret: %d table_name: %s addr: %s",
asn->asn,
ret,
g_tsg_para.table_name[idx],
printaddr(&a_stream->addr, a_stream->threadnum)
RLOG_LV_DEBUG,
"SCAN_IP_ASN",
"No hit IP_ASN: %s scan ret: %d table_name: %s addr: %s",
asn->asn,
ret,
g_tsg_para.table_name[idx],
(g_tsg_para.level<RLOG_LV_FATAL ? printaddr(&a_stream->addr, a_stream->threadnum) : "")
);
}
}
@@ -826,15 +937,15 @@ int tsg_scan_ip_asn(Maat_feather_t maat_feather, const struct streaminfo *a_stre
"IP_ASN is NULL scan ret: %d table_name: %s addr: %s",
ret,
g_tsg_para.table_name[idx],
printaddr(&a_stream->addr, a_stream->threadnum)
);
(g_tsg_para.level<RLOG_LV_FATAL ? printaddr(&a_stream->addr, a_stream->threadnum) : "")
);
}
return (ret>0 ? ret : 0);
}
int tsg_scan_ip_location(Maat_feather_t maat_feather, const struct streaminfo *a_stream, struct _location_info *location, enum MASTER_TABLE idx, scan_status_t *mid, Maat_rule_t*result, int result_num)
int tsg_scan_ip_location(Maat_feather_t maat_feather, const struct streaminfo *a_stream, struct _location_info_t *location, enum MASTER_TABLE idx, scan_status_t *mid, Maat_rule_t*result, int result_num)
{
int ret=0;
char buff[1024]={0};
@@ -855,28 +966,28 @@ int tsg_scan_ip_location(Maat_feather_t maat_feather, const struct streaminfo *a
if(ret > 0)
{
MESA_handle_runtime_log(g_tsg_para.logger,
RLOG_LV_DEBUG,
"SCAN_IP_LOCATION",
"Hit IP_LOCATION: %s scan ret: %d table_name: %s policy_id: %d service: %d action: %d addr: %s",
buff,
ret,
g_tsg_para.table_name[idx],
result[0].config_id,
result[0].service_id,
(unsigned char)result[0].action,
printaddr(&a_stream->addr, a_stream->threadnum)
RLOG_LV_DEBUG,
"SCAN_IP_LOCATION",
"Hit IP_LOCATION: %s scan ret: %d table_name: %s policy_id: %d service: %d action: %d addr: %s",
buff,
ret,
g_tsg_para.table_name[idx],
result[0].config_id,
result[0].service_id,
(unsigned char)result[0].action,
(g_tsg_para.level<RLOG_LV_FATAL ? printaddr(&a_stream->addr, a_stream->threadnum) : "")
);
}
else
{
MESA_handle_runtime_log(g_tsg_para.logger,
RLOG_LV_DEBUG,
"SCAN_IP_LOCATION",
"No hit IP_LOCATION: %s scan ret: %d table_name: %s addr: %s",
buff,
ret,
g_tsg_para.table_name[idx],
printaddr(&a_stream->addr, a_stream->threadnum)
RLOG_LV_DEBUG,
"SCAN_IP_LOCATION",
"No hit IP_LOCATION: %s scan ret: %d table_name: %s addr: %s",
buff,
ret,
g_tsg_para.table_name[idx],
(g_tsg_para.level<RLOG_LV_FATAL ? printaddr(&a_stream->addr, a_stream->threadnum) : "")
);
}
}
@@ -888,8 +999,8 @@ int tsg_scan_ip_location(Maat_feather_t maat_feather, const struct streaminfo *a
"IP_LOCATION is NULL scan ret: %d table_name: %s addr: %s",
ret,
g_tsg_para.table_name[idx],
printaddr(&a_stream->addr, a_stream->threadnum)
);
(g_tsg_para.level<RLOG_LV_FATAL ? printaddr(&a_stream->addr, a_stream->threadnum) : "")
);
}
return (ret>0 ? ret : 0);
@@ -903,15 +1014,15 @@ int tsg_scan_nesting_addr(Maat_feather_t maat_feather, const struct streaminfo *
int hit_num=0,tans_proto=0;
int is_scan_addr=1, maat_ret=0,found_pos=0;
const struct streaminfo *cur_stream = a_stream;
struct _internal_label *internal_label=NULL;
struct _session_attribute_label_t *internal_label=NULL;
if(result==NULL || result_num<=0 || a_stream==NULL || maat_feather==NULL)
{
MESA_handle_runtime_log(g_tsg_para.logger,
RLOG_LV_FATAL,
RLOG_LV_DEBUG,
"SCAN_NESTING_ADDR",
"result==NULL || result_num<=0 || maat_feather==NULL || a_stream==%s",
(a_stream!=NULL) ? printaddr(&a_stream->addr, a_stream->threadnum) : "NULL");
"result==NULL || result_num<=0 || maat_feather==NULL || a_stream==NULL"
);
return -1;
}
@@ -969,7 +1080,7 @@ int tsg_scan_nesting_addr(Maat_feather_t maat_feather, const struct streaminfo *
RLOG_LV_DEBUG,
"SCAN_IP",
"Hit addr: %s scan ret: %d policy_id: %d service: %d action: %d",
printaddr(&cur_stream->addr, cur_stream->threadnum),
(g_tsg_para.level<RLOG_LV_FATAL ? printaddr(&cur_stream->addr, cur_stream->threadnum) : ""),
maat_ret,
result[hit_num].config_id,
result[hit_num].service_id,
@@ -984,7 +1095,7 @@ int tsg_scan_nesting_addr(Maat_feather_t maat_feather, const struct streaminfo *
RLOG_LV_DEBUG,
"SCAN_IP",
"No hit addr: %s scan ret: %d",
printaddr(&cur_stream->addr, cur_stream->threadnum),
(g_tsg_para.level<RLOG_LV_FATAL ? printaddr(&cur_stream->addr, cur_stream->threadnum) : ""),
maat_ret
);
}
@@ -996,28 +1107,47 @@ int tsg_scan_nesting_addr(Maat_feather_t maat_feather, const struct streaminfo *
if(hit_num<result_num && proto>PROTO_UNKONWN && proto<PROTO_MAX)
{
maat_ret=Maat_full_scan_string(maat_feather,
g_tsg_para.table_id[TABLE_APP_ID],
CHARSET_GBK,
g_tsg_proto_string[proto].type,
strlen(g_tsg_proto_string[proto].type),
result+hit_num,
&found_pos,
result_num-hit_num,
mid,
a_stream->threadnum);
if(g_tsg_para.app_id_table_type==0)
{
maat_ret=Maat_full_scan_string(maat_feather,
g_tsg_para.table_id[TABLE_APP_ID],
CHARSET_GBK,
g_tsg_proto_string[proto].type,
strlen(g_tsg_proto_string[proto].type),
result+hit_num,
&found_pos,
result_num-hit_num,
mid,
a_stream->threadnum
);
}
else
{
unsigned int proto_id=proto_str2id(proto);
if(proto_id>0)
{
maat_ret=Maat_scan_intval(maat_feather,
g_tsg_para.table_id[TABLE_APP_ID],
proto_id,
result+hit_num,
result_num-hit_num,
mid,
a_stream->threadnum
);
}
}
if(maat_ret > 0)
{
MESA_handle_runtime_log(g_tsg_para.logger,
RLOG_LV_DEBUG,
"SCAN_PROTO",
"Hit PROTO: %s scan ret: %d policy_id: %d service: %d action: %d addr: %s",
g_tsg_proto_string[proto].type,
maat_ret,
result[hit_num].config_id,
result[hit_num].service_id,
(unsigned char)result[hit_num].action,
printaddr(&a_stream->addr, a_stream->threadnum)
RLOG_LV_DEBUG,
"SCAN_PROTO",
"Hit PROTO: %s scan ret: %d policy_id: %d service: %d action: %d addr: %s",
g_tsg_proto_string[proto].type,
maat_ret,
result[hit_num].config_id,
result[hit_num].service_id,
(unsigned char)result[hit_num].action,
(g_tsg_para.level<RLOG_LV_FATAL ? printaddr(&a_stream->addr, a_stream->threadnum) : "")
);
hit_num+=maat_ret;
@@ -1025,21 +1155,22 @@ int tsg_scan_nesting_addr(Maat_feather_t maat_feather, const struct streaminfo *
else
{
MESA_handle_runtime_log(g_tsg_para.logger,
RLOG_LV_DEBUG,
"SCAN_PROTO",
"No hit PROTO: %s scan ret: %d addr: %s",
g_tsg_proto_string[proto].type,
maat_ret,
printaddr(&a_stream->addr, a_stream->threadnum)
RLOG_LV_DEBUG,
"SCAN_PROTO",
"No hit PROTO: %s(%d) scan ret: %d addr: %s",
g_tsg_proto_string[proto].type,
proto_str2id(proto),
maat_ret,
(g_tsg_para.level<RLOG_LV_FATAL ? printaddr(&a_stream->addr, a_stream->threadnum) : "")
);
}
}
internal_label=(struct _internal_label *)project_req_get_struct(a_stream, g_tsg_para.internal_project_id);
internal_label=(struct _session_attribute_label_t *)project_req_get_struct(a_stream, g_tsg_para.internal_project_id);
if(internal_label==NULL)
{
internal_label=(struct _internal_label *)calloc(1, sizeof(struct _internal_label));
memset(internal_label, 0, sizeof(struct _internal_label));
internal_label=(struct _session_attribute_label_t *)calloc(1, sizeof(struct _session_attribute_label_t));
memset(internal_label, 0, sizeof(struct _session_attribute_label_t));
}
if(hit_num<result_num)
@@ -1088,7 +1219,7 @@ int tsg_scan_nesting_addr(Maat_feather_t maat_feather, const struct streaminfo *
result[hit_num].config_id,
result[hit_num].service_id,
(unsigned char)result[hit_num].action,
printaddr(&a_stream->addr, a_stream->threadnum)
(g_tsg_para.level<RLOG_LV_FATAL ? printaddr(&a_stream->addr, a_stream->threadnum) : "")
);
hit_num+=maat_ret;
@@ -1101,7 +1232,7 @@ int tsg_scan_nesting_addr(Maat_feather_t maat_feather, const struct streaminfo *
"No hit source subscribe id: %s scan ret: %d addr: %s",
internal_label->client_subscribe_id->subscribe_id,
maat_ret,
printaddr(&a_stream->addr, a_stream->threadnum)
(g_tsg_para.level<RLOG_LV_FATAL ? printaddr(&a_stream->addr, a_stream->threadnum) : "")
);
}
}
@@ -1129,7 +1260,7 @@ int tsg_scan_nesting_addr(Maat_feather_t maat_feather, const struct streaminfo *
result[hit_num].config_id,
result[hit_num].service_id,
(unsigned char)result[hit_num].action,
printaddr(&a_stream->addr, a_stream->threadnum)
(g_tsg_para.level<RLOG_LV_FATAL ? printaddr(&a_stream->addr, a_stream->threadnum) : "")
);
hit_num+=maat_ret;
@@ -1142,7 +1273,7 @@ int tsg_scan_nesting_addr(Maat_feather_t maat_feather, const struct streaminfo *
"No hit dest subscribe id: %s scan ret: %d addr: %s",
internal_label->server_subscribe_id->subscribe_id,
maat_ret,
printaddr(&a_stream->addr, a_stream->threadnum)
(g_tsg_para.level<RLOG_LV_FATAL ? printaddr(&a_stream->addr, a_stream->threadnum) : "")
);
}
}
@@ -1156,7 +1287,7 @@ int tsg_scan_nesting_addr(Maat_feather_t maat_feather, const struct streaminfo *
"ADD_INTERNAL_LABEL",
"Add internal label failed, ret: %d addr: %s",
ret,
printaddr(&a_stream->addr, a_stream->threadnum)
(g_tsg_para.level<RLOG_LV_FATAL ? printaddr(&a_stream->addr, a_stream->threadnum) : "")
);
}
@@ -1250,3 +1381,46 @@ int tsg_get_method_id(char *method)
return -1;
}
int tsg_get_fqdn_category_id(Maat_feather_t maat_feather, char *fqdn, unsigned int *category_id, int category_id_num, void *logger, int thread_seq)
{
int i=0,ret=0;
struct _fqdn_category_t *ex_data_array[8]={0};
if(category_id!=NULL && category_id_num>0)
{
ret=Maat_fqdn_plugin_get_EX_data(maat_feather, g_tsg_para.table_id[TABLE_FQDN_CAT_USER_DEFINED], fqdn, (MAAT_PLUGIN_EX_DATA *)ex_data_array, 8);
if(ret>0)
{
for(i=0; i<ret; i++)
{
if(i<category_id_num)
{
category_id[i]=ex_data_array[i]->category_id;
}
fqdn_cat_free_data(g_tsg_para.table_id[TABLE_FQDN_CAT_USER_DEFINED], (MAAT_PLUGIN_EX_DATA *)&(ex_data_array[i]), 0, logger);
}
return i<category_id_num ? i : category_id_num;
}
ret=Maat_fqdn_plugin_get_EX_data(maat_feather, g_tsg_para.table_id[TABLE_FQDN_CAT_BUILT_IN], fqdn, (MAAT_PLUGIN_EX_DATA *)ex_data_array, 8);
if(ret>0)
{
for(i=0; i<ret && i<category_id_num; i++)
{
if(i<category_id_num)
{
category_id[i]=ex_data_array[i]->category_id;
}
fqdn_cat_free_data(g_tsg_para.table_id[TABLE_FQDN_CAT_BUILT_IN], (MAAT_PLUGIN_EX_DATA *)&(ex_data_array[i]), 0, logger);
}
return i<category_id_num ? i : category_id_num;
}
}
return 0;
}

184
src/tsg_send_log.cpp
View File

@@ -10,6 +10,7 @@
#include <sys/types.h>
#include <sys/ioctl.h>
#include <unistd.h>
#include <pthread.h>
#include <MESA/stream.h>
#include <MESA/MESA_prof_load.h>
@@ -34,6 +35,7 @@ extern "C" int MESA_get_dev_ipv4(const char *device, int *ip_add);
int is_multi_hit_same_policy(struct Maat_rule_t *result, int *policy_id, int *policy_id_num)
{
return 0;
int j=0;
for(j=0;j<*policy_id_num;j++)
@@ -186,10 +188,10 @@ static int set_common_sub_action(struct TLD_handle_t *handle, char *field_name,
int set_common_field_from_label(struct tsg_log_instance_t *_instance, struct TLD_handle_t *_handle, struct streaminfo *a_stream)
{
char buff[512]={0};
struct _location_info *location=NULL;
struct _internal_label *internal_label=NULL;
struct _location_info_t *location=NULL;
struct _session_attribute_label_t *internal_label=NULL;
internal_label=(struct _internal_label *)project_req_get_struct(a_stream, _instance->internal_project_id);
internal_label=(struct _session_attribute_label_t *)project_req_get_struct(a_stream, _instance->internal_project_id);
if(internal_label!=NULL)
{
TLD_append(_handle, _instance->id2field[LOG_COMMON_ESTABLISH_LATENCY_MS].name, (void *)internal_label->establish_latency_ms, TLD_TYPE_LONG);
@@ -209,22 +211,21 @@ int set_common_field_from_label(struct tsg_log_instance_t *_instance, struct TLD
if(internal_label->client_location!=NULL)
{
location=internal_label->client_location;
snprintf(buff, sizeof(buff), "%s,%s,%s", (!(memcmp(location->city_full, "null", 4)) ? "" : location->city_full),
(!(memcmp(location->province_full, "null", 4)) ? "" : location->province_full),
(!(memcmp(location->country_full, "null", 4)) ? "" : location->country_full)
);
snprintf(buff, sizeof(buff), "%s,%s,%s", location->city_full, location->province_full, location->country_full);
TLD_append(_handle, _instance->id2field[LOG_COMMON_CLINET_LOCATION].name, (void *)buff, TLD_TYPE_STRING);
}
if(internal_label->server_location!=NULL)
{
location=internal_label->server_location;
snprintf(buff, sizeof(buff), "%s,%s,%s", (!(memcmp(location->city_full, "null", 4)) ? "" : location->city_full),
(!(memcmp(location->province_full, "null", 4)) ? "" : location->province_full),
(!(memcmp(location->country_full, "null", 4)) ? "" : location->country_full)
);
snprintf(buff, sizeof(buff), "%s,%s,%s", location->city_full, location->province_full, location->country_full);
TLD_append(_handle, _instance->id2field[LOG_COMMON_SERVER_LOCATION].name, (void *)buff, TLD_TYPE_STRING);
}
if(internal_label->ja3_fingerprint!=NULL)
{
TLD_append(_handle, _instance->id2field[LOG_SSL_JA3_FINGERPRINT].name, (void *)internal_label->ja3_fingerprint, TLD_TYPE_STRING);
}
}
return 0;
@@ -232,6 +233,7 @@ int set_common_field_from_label(struct tsg_log_instance_t *_instance, struct TLD
int TLD_append_streaminfo(struct tsg_log_instance_t *instance, struct TLD_handle_t *handle, struct streaminfo *a_stream)
{
int i_or_e=0,direction=0;
int ret=0,addr_type=0;
unsigned short tunnel_type=0;
char nest_addr_buf[1024];
@@ -254,10 +256,9 @@ int TLD_append_streaminfo(struct tsg_log_instance_t *instance, struct TLD_handle
if(_instance==NULL || _handle==NULL || a_stream==NULL)
{
MESA_handle_runtime_log(_instance->logger,
((a_stream==NULL) ? RLOG_LV_DEBUG: RLOG_LV_FATAL),
RLOG_LV_DEBUG,
"TLD_APPEND_STREAM",
"instance==NULL || TLD_handle==NULL || addr: %s",
((a_stream==NULL) ? "NULL": (printaddr(&a_stream->addr, a_stream->threadnum)))
"instance==NULL || TLD_handle==NULL || addr==NULL"
);
return -1;
}
@@ -360,6 +361,35 @@ int TLD_append_streaminfo(struct tsg_log_instance_t *instance, struct TLD_handle
TLD_append(_handle, _instance->id2field[LOG_COMMON_ADDRESS_LIST].name, (void *)nest_addr_buf, TLD_TYPE_STRING);
set_common_field_from_label(_instance, _handle, a_stream);
i_or_e=MESA_dir_link_to_human(a_stream->routedir);
switch(a_stream->curdir)
{
case DIR_C2S:
if(i_or_e=='E' || i_or_e=='e')
{
direction='E';
}
else
{
direction='I';
}
break;
case DIR_S2C:
if(i_or_e=='E' || i_or_e=='e')
{
direction='I';
}
else
{
direction='E';
}
break;
default:
break;
}
TLD_append(_handle, _instance->id2field[LOG_COMMON_DIRECTION].name, (void *)(long)direction, TLD_TYPE_LONG);
return 0;
}
@@ -455,25 +485,34 @@ int load_log_common_field(const char *filename, id2field_t *id2field, id2field_t
struct tsg_log_instance_t *tsg_sendlog_init(const char *conffile)
{
int i=0,ret=0,level=30;
int i=0,ret=0;
char nic_name[32]={0};
char kafka_errstr[1024]={0};
unsigned int local_ip_nr=0;
char log_path[MAX_STRING_LEN*4]={0};
rd_kafka_t *kafka_handle = NULL;
rd_kafka_conf_t *rdkafka_conf = NULL;
rd_kafka_topic_conf_t *topic_conf;
struct tsg_log_instance_t *_instance=NULL;
_instance=(struct tsg_log_instance_t *)calloc(1, sizeof(struct tsg_log_instance_t));
int thread_num=get_thread_count();
_instance->drop_start=(struct timespec *)calloc(1, sizeof(struct timespec)*thread_num);
_instance->fs_status_ids=(int *)calloc(1, sizeof(int)*thread_num);
_instance->send_log_percent=(int *)calloc(1, sizeof(int)*thread_num);
MESA_load_profile_int_def(conffile, "TSG_LOG", "LOG_LEVEL",&(level), 30);
MESA_load_profile_string_def(conffile, "TSG_LOG", "LOG_PATH", log_path, sizeof(log_path), "./tsglog/tsglog");
for(i=0;i<thread_num; i++)
{
_instance->send_log_percent[i]=100;
}
_instance->logger=MESA_create_runtime_log_handle(log_path, level);
MESA_load_profile_int_def(conffile, "TSG_LOG", "LOG_LEVEL",&(_instance->level), 30);
MESA_load_profile_string_def(conffile, "TSG_LOG", "LOG_PATH", _instance->log_path, sizeof(_instance->log_path), "./tsglog/tsglog");
_instance->logger=MESA_create_runtime_log_handle(_instance->log_path, _instance->level);
if(_instance->logger==NULL)
{
printf("MESA_create_runtime_log_handle failed ..., path: %s level: %d", log_path, level);
printf("MESA_create_runtime_log_handle failed ..., path: %s level: %d", _instance->log_path, _instance->level);
return NULL;
}
@@ -483,9 +522,16 @@ struct tsg_log_instance_t *tsg_sendlog_init(const char *conffile)
MESA_handle_runtime_log(_instance->logger, RLOG_LV_FATAL, "TSG_LOG", "Disable tsg_send_log");
return _instance;
}
MESA_load_profile_int_def(conffile, "TSG_LOG", "RECOVERY_INTERVEL_S", &(_instance->recovery_interval), 30);
MESA_load_profile_string_def(conffile, "TSG_LOG", "COMMON_FIELD_FILE", _instance->common_field_file, sizeof(_instance->common_field_file), NULL);
MESA_load_profile_string_def(conffile, "TSG_LOG", "BROKER_LIST", _instance->broker_list, sizeof(_instance->broker_list), NULL);
MESA_load_profile_string_def(conffile, "TSG_LOG", "SEND_QUEUE_MAX_MESSAGE", _instance->send_queue_max_msg, sizeof(_instance->send_queue_max_msg), "1000000");
MESA_load_profile_string_def(conffile, "TSG_LOG", "REFRESH_INTERVAL_MS", _instance->refresh_interval_ms, sizeof(_instance->refresh_interval_ms), "600000");
MESA_load_profile_string_def(conffile, "TSG_LOG", "REQUIRE_ACK", _instance->require_ack, sizeof(_instance->require_ack), "1");
MESA_load_profile_string_def(conffile, "TSG_LOG", "TCP_LABEL", _instance->tcp_label, sizeof(_instance->tcp_label), "tcp_flow_stat");
MESA_load_profile_string_def(conffile, "TSG_LOG", "UDP_LABEL", _instance->udp_label, sizeof(_instance->udp_label), "udp_flow_stat");
@@ -518,10 +564,10 @@ struct tsg_log_instance_t *tsg_sendlog_init(const char *conffile)
inet_ntop(AF_INET,&(local_ip_nr),_instance->local_ip_str,sizeof(_instance->local_ip_str));
rdkafka_conf = rd_kafka_conf_new();
rd_kafka_conf_set(rdkafka_conf, "queue.buffering.max.messages", "1000000", kafka_errstr, sizeof(kafka_errstr));
rd_kafka_conf_set(rdkafka_conf, "topic.metadata.refresh.interval.ms", "600000",kafka_errstr, sizeof(kafka_errstr));
rd_kafka_conf_set(rdkafka_conf, "request.required.acks", "1", kafka_errstr, sizeof(kafka_errstr));
rdkafka_conf = rd_kafka_conf_new();
rd_kafka_conf_set(rdkafka_conf, "queue.buffering.max.messages", _instance->send_queue_max_msg, kafka_errstr, sizeof(kafka_errstr));
rd_kafka_conf_set(rdkafka_conf, "topic.metadata.refresh.interval.ms", _instance->refresh_interval_ms, kafka_errstr, sizeof(kafka_errstr));
rd_kafka_conf_set(rdkafka_conf, "request.required.acks", _instance->require_ack, kafka_errstr, sizeof(kafka_errstr));
if(!(kafka_handle=rd_kafka_new(RD_KAFKA_PRODUCER, rdkafka_conf, kafka_errstr, sizeof(kafka_errstr))))
{
@@ -574,6 +620,7 @@ int tsg_send_log(struct tsg_log_instance_t *instance, struct TLD_handle_t *handl
int i=0,status=0;
char *payload=NULL;
int repeat_cnt=0;
struct timespec cur_time;
int policy_id[MAX_RESULT_NUM]={0};
struct TLD_handle_t *_handle=handle;
struct tsg_log_instance_t *_instance=instance;
@@ -587,19 +634,50 @@ int tsg_send_log(struct tsg_log_instance_t *instance, struct TLD_handle_t *handl
if(_instance->mode==CLOSE)
{
TLD_cancel(handle);
TLD_cancel(handle);
FS_operate(g_tsg_para.fs2_handle, g_tsg_para.fs2_field_id[TSG_FS2_DROP_LOG], 0, FS_OP_ADD, 1);
MESA_handle_runtime_log(_instance->logger, RLOG_LV_INFO, "TSG_SEND_LOG", "Disable tsg_send_log.");
return 0;
}
TLD_append_streaminfo(instance, handle, log_msg->a_stream);
TLD_append(_handle, _instance->id2field[LOG_COMMON_SLED_IP].name, (void *)(_instance->local_ip_str), TLD_TYPE_STRING);
TLD_append(_handle, _instance->id2field[LOG_COMMON_DEVICE_ID].name, (void *)(g_tsg_para.device_sn), TLD_TYPE_STRING);
if(strlen(g_tsg_para.device_sn)>0)
{
TLD_append(_handle, _instance->id2field[LOG_COMMON_DEVICE_ID].name, (void *)(g_tsg_para.device_sn), TLD_TYPE_STRING);
}
if(strlen(g_tsg_para.data_center)>0)
{
TLD_append(_handle, _instance->id2field[LOG_COMMON_DATA_CENTER].name, (void *)(g_tsg_para.data_center), TLD_TYPE_STRING);
}
for(i=0;i<log_msg->result_num; i++)
{
if(is_multi_hit_same_policy(&(log_msg->result[i]), policy_id, &repeat_cnt))
{
MESA_handle_runtime_log(_instance->logger, RLOG_LV_DEBUG,
"TSG_SEND_LOG",
"tsg same log:cfg_id=%d service=%d addr=%s",
log_msg->result[i].config_id,
log_msg->result[i].service_id,
(_instance->level<RLOG_LV_FATAL ? (log_msg->a_stream==NULL ? "" : printaddr(&(log_msg->a_stream->addr), thread_id)) : "")
);
continue;
}
clock_gettime(CLOCK_REALTIME, &cur_time);
if((cur_time.tv_nsec%100)>_instance->send_log_percent[thread_id])
{
FS_operate(g_tsg_para.fs2_handle, g_tsg_para.fs2_field_id[TSG_FS2_DROP_LOG], 0, FS_OP_ADD, 1);
MESA_handle_runtime_log(_instance->logger, RLOG_LV_INFO,
"TSG_SEND_LOG",
"tsg drop log:cfg_id=%d service=%d send_log_percent: %d addr=%s",
log_msg->result[i].config_id,
log_msg->result[i].service_id,
_instance->send_log_percent[thread_id],
(_instance->level<RLOG_LV_FATAL ? (log_msg->a_stream==NULL ? "" : printaddr(&(log_msg->a_stream->addr), thread_id)) : "")
);
continue;
}
@@ -607,11 +685,12 @@ int tsg_send_log(struct tsg_log_instance_t *instance, struct TLD_handle_t *handl
{
case LOG_ABORT:
MESA_handle_runtime_log(_instance->logger, RLOG_LV_INFO,
"TSG_SEND_LOG",
"tsg abort log:cfg_id=%d service=%d addr=%s",
log_msg->result[i].config_id,
log_msg->result[i].service_id,
printaddr(&(log_msg->a_stream->addr), thread_id));
"TSG_SEND_LOG",
"tsg abort log:cfg_id=%d service=%d addr=%s",
log_msg->result[i].config_id,
log_msg->result[i].service_id,
(_instance->level<RLOG_LV_FATAL ? (log_msg->a_stream==NULL ? "" : printaddr(&(log_msg->a_stream->addr), thread_id)) : "")
);
continue;
break;
@@ -638,14 +717,36 @@ int tsg_send_log(struct tsg_log_instance_t *instance, struct TLD_handle_t *handl
if(status < 0)
{
MESA_handle_runtime_log(_instance->logger, RLOG_LV_INFO, "TSG_SEND_LOG",
clock_gettime(CLOCK_REALTIME, &cur_time);
if(cur_time.tv_sec - _instance->drop_start[thread_id].tv_sec>=1)
{
_instance->send_log_percent[thread_id]/=2;
clock_gettime(CLOCK_REALTIME, &_instance->drop_start[thread_id]);
FS_operate(g_tsg_para.fs2_handle, _instance->fs_status_ids[thread_id], 0, FS_OP_SET, _instance->send_log_percent[thread_id]);
}
FS_operate(g_tsg_para.fs2_handle, g_tsg_para.fs2_field_id[TSG_FS2_FAILED_LOG], 0, FS_OP_ADD, 1);
MESA_handle_runtime_log(_instance->logger,
RLOG_LV_INFO,
"TSG_SEND_LOG",
"tsg_send_log to kafka is error, status: %d, topic: %s payload: %s",
status, _instance->service2topic[log_msg->result[i].service_id].name, payload);
status,
_instance->service2topic[log_msg->result[i].service_id].name,
payload
);
}
else
{
MESA_handle_runtime_log(_instance->logger,RLOG_LV_INFO, "TSG_SEND_LOG",
"log send successfully %s: %s", _instance->service2topic[log_msg->result[i].service_id].name, payload);
MESA_handle_runtime_log(_instance->logger,
RLOG_LV_DEBUG,
"TSG_SEND_LOG",
"log send successfully %s: %s",
_instance->service2topic[log_msg->result[i].service_id].name,
payload
);
FS_operate(g_tsg_para.fs2_handle, g_tsg_para.fs2_field_id[TSG_FS2_SUCCESS_LOG], 0, FS_OP_ADD, 1);
FS_operate(g_tsg_para.fs2_handle, _instance->fs_status_ids[thread_id], 0, FS_OP_SET, _instance->send_log_percent[thread_id]);
}
free(payload);
@@ -655,12 +756,21 @@ int tsg_send_log(struct tsg_log_instance_t *instance, struct TLD_handle_t *handl
TLD_delete(_handle, _instance->id2field[LOG_COMMON_SERVICE].name);
TLD_delete(_handle, _instance->id2field[LOG_COMMON_ACTION].name);
TLD_delete(_handle, _instance->id2field[LOG_COMMON_SUB_ACTION].name);
FS_operate(g_tsg_para.fs2_handle, g_tsg_para.fs2_field_id[TSG_FS2_LOG], 0, FS_OP_ADD, 1);
}
TLD_cancel(handle);
if(_instance->send_log_percent[thread_id]<100)
{
clock_gettime(CLOCK_REALTIME, &cur_time);
if(cur_time.tv_sec - _instance->drop_start[thread_id].tv_sec>=_instance->recovery_interval)
{
_instance->send_log_percent[thread_id]++;
_instance->drop_start[thread_id].tv_sec=cur_time.tv_sec;
FS_operate(g_tsg_para.fs2_handle, _instance->fs_status_ids[thread_id], 0, FS_OP_SET, _instance->send_log_percent[thread_id]);
}
}
return 0;
}

19
src/tsg_send_log_internal.h
View File

@@ -3,6 +3,8 @@
#include <librdkafka/rdkafka.h>
#include <MESA/cJSON.h>
#include <time.h>
#define MAX_IPV4_LEN 16
@@ -66,6 +68,8 @@ typedef enum _tsg_log_field_id
LOG_COMMON_CLINET_LOCATION,
LOG_COMMON_SERVER_LOCATION,
LOG_QUIC_SNI,
LOG_SSL_JA3_FINGERPRINT,
LOG_COMMON_DATA_CENTER,
LOG_COMMON_MAX
}tsg_log_field_id_t;
@@ -85,19 +89,28 @@ struct TLD_handle_t
struct tsg_log_instance_t
{
int mode;
int max_service;
int level;
int max_service;
int recovery_interval;
int internal_project_id;
int tcp_flow_project_id;
int udp_flow_project_id;
void *logger;
int *send_log_percent;
int *fs_status_ids;
struct timespec *drop_start;
char log_path[MAX_STRING_LEN*2];
char tcp_label[MAX_STRING_LEN];
char udp_label[MAX_STRING_LEN];
char common_field_file[MAX_STRING_LEN*4];
char broker_list[MAX_STRING_LEN*4];
char send_queue_max_msg[MAX_STRING_LEN];
char require_ack[MAX_STRING_LEN];
char refresh_interval_ms[MAX_STRING_LEN];
char local_ip_str[MAX_IPV4_LEN];
id2field_t id2field[LOG_COMMON_MAX];
rd_kafka_topic_t **topic_rkt;
id2field_t *service2topic;
id2field_t *service2topic;
void *logger;
};
char *log_field_id2name(struct tsg_log_instance_t *instance, tsg_log_field_id_t id);

21
src/tsg_ssh_utils.cpp Normal file
View File

@@ -0,0 +1,21 @@
#include <stdio.h>
#include <stdlib.h>
#include "tsg_ssh_utils.h"
#define SSH_PROTOCOL_FIELD "SSH"
#define SSH_PROTOCOL_FIELD_LEN 3
int ssh_protocol_identify(const unsigned char* buff, size_t buff_len, void* argp)
{
if(buff == NULL || buff_len < SSH_PROTOCOL_FIELD_LEN)
{
return -1;
}
if(memcmp((void *)buff,SSH_PROTOCOL_FIELD, SSH_PROTOCOL_FIELD_LEN) == 0)
return 1;
else
return 0;
}

7
src/tsg_ssh_utils.h Normal file
View File

@@ -0,0 +1,7 @@
#ifndef __TSG_SSH_UTILS_H__
#define __TSG_SSH_UTILS_H__
#include <string.h>
#include <MESA/MESA_handle_logger.h>
int ssh_protocol_identify(const unsigned char* buff, size_t buff_len, void* argp);
#endif

84
src/tsg_statistic.cpp
View File

@@ -245,15 +245,45 @@ static void *tsg_statistic_thread(void *arg)
value=0;
total_value=0;
sapp_get_platform_opt(SPO_TCP_STREAM_NEW, (void *)&value, &value_len);
sapp_get_platform_opt(SPO_TCP_STREAM_NEW, (void *)&value, &value_len);
FS_operate(g_tsg_statis_para.fs2_handle, g_tsg_statis_para.fs_line_id, g_tsg_statis_para.fs_field_id[STATIS_TCP_NEW_CON_NUM], FS_OP_SET, value);
total_value+=value;
value=0;
sapp_get_platform_opt(SPO_UDP_STREAM_NEW, (void *)&value, &value_len);
sapp_get_platform_opt(SPO_TOTAL_RCV_INBOUND_TCP_PKT, (void *)&value, &value_len);
FS_operate(g_tsg_statis_para.fs2_handle, g_tsg_statis_para.fs_line_id, g_tsg_statis_para.fs_field_id[STATIS_TCP_IN_PACKETS], FS_OP_SET, value);
value=0;
sapp_get_platform_opt(SPO_TOTAL_RCV_INBOUND_TCP_BYTE, (void *)&value, &value_len);
FS_operate(g_tsg_statis_para.fs2_handle, g_tsg_statis_para.fs_line_id, g_tsg_statis_para.fs_field_id[STATIS_TCP_IN_BYTES], FS_OP_SET, value);
value=0;
sapp_get_platform_opt(SPO_TOTAL_RCV_OUTBOUND_TCP_PKT, (void *)&value, &value_len);
FS_operate(g_tsg_statis_para.fs2_handle, g_tsg_statis_para.fs_line_id, g_tsg_statis_para.fs_field_id[STATIS_TCP_OUT_PACKETS], FS_OP_SET, value);
value=0;
sapp_get_platform_opt(SPO_TOTAL_RCV_OUTBOUND_TCP_BYTE, (void *)&value, &value_len);
FS_operate(g_tsg_statis_para.fs2_handle, g_tsg_statis_para.fs_line_id, g_tsg_statis_para.fs_field_id[STATIS_TCP_OUT_BYTES], FS_OP_SET, value);
value=0;
sapp_get_platform_opt(SPO_UDP_STREAM_NEW, (void *)&value, &value_len);
FS_operate(g_tsg_statis_para.fs2_handle, g_tsg_statis_para.fs_line_id, g_tsg_statis_para.fs_field_id[STATIS_UDP_NEW_CON_NUM], FS_OP_SET, value);
total_value+=value;
FS_operate(g_tsg_statis_para.fs2_handle, g_tsg_statis_para.fs_line_id, g_tsg_statis_para.fs_field_id[STATIS_NEW_CON_NUM], FS_OP_SET, total_value);
total_traffic_info.con_num+=total_value;
value=0;
sapp_get_platform_opt(SPO_TOTAL_RCV_INBOUND_UDP_PKT, (void *)&value, &value_len);
FS_operate(g_tsg_statis_para.fs2_handle, g_tsg_statis_para.fs_line_id, g_tsg_statis_para.fs_field_id[STATIS_UDP_IN_PACKETS], FS_OP_SET, value);
value=0;
sapp_get_platform_opt(SPO_TOTAL_RCV_INBOUND_UDP_BYTE, (void *)&value, &value_len);
FS_operate(g_tsg_statis_para.fs2_handle, g_tsg_statis_para.fs_line_id, g_tsg_statis_para.fs_field_id[STATIS_UDP_IN_BYTES], FS_OP_SET, value);
value=0;
sapp_get_platform_opt(SPO_TOTAL_RCV_OUTBOUND_UDP_PKT, (void *)&value, &value_len);
FS_operate(g_tsg_statis_para.fs2_handle, g_tsg_statis_para.fs_line_id, g_tsg_statis_para.fs_field_id[STATIS_UDP_OUT_PACKETS], FS_OP_SET, value);
value=0;
sapp_get_platform_opt(SPO_TOTAL_RCV_OUTBOUND_UDP_BYTE, (void *)&value, &value_len);
FS_operate(g_tsg_statis_para.fs2_handle, g_tsg_statis_para.fs_line_id, g_tsg_statis_para.fs_field_id[STATIS_UDP_OUT_BYTES], FS_OP_SET, value);
value_len=sizeof(total_traffic_info.in_bytes);
sapp_get_platform_opt(SPO_TOTAL_INBOUND_BYTE, (void *)&total_traffic_info.in_bytes, &value_len);
value_len=sizeof(total_traffic_info.in_packets);
@@ -275,6 +305,32 @@ static void *tsg_statistic_thread(void *arg)
FS_operate(g_tsg_statis_para.fs2_handle, g_tsg_statis_para.fs_line_id, g_tsg_statis_para.fs_field_id[STATIS_MAYBE_PINNING_NUM], FS_OP_SET, g_tsg_statis_para.statistic_opt[OPT_TYPE_PINNING_MAYBE]);
FS_operate(g_tsg_statis_para.fs2_handle, g_tsg_statis_para.fs_line_id, g_tsg_statis_para.fs_field_id[STATIS_NOT_PINNING_NUM], FS_OP_SET, g_tsg_statis_para.statistic_opt[OPT_TYPE_PINNING_NOT]);
value=0;
sapp_get_platform_opt(SPO_TOTAL_RCV_INBOUND_IPV4_PKT, (void *)&value, &value_len);
FS_operate(g_tsg_statis_para.fs2_handle, g_tsg_statis_para.fs_line_id, g_tsg_statis_para.fs_field_id[STATIS_IPV4_IN_PACKETS], FS_OP_SET, value);
value=0;
sapp_get_platform_opt(SPO_TOTAL_RCV_INBOUND_IPV4_BYTE, (void *)&value, &value_len);
FS_operate(g_tsg_statis_para.fs2_handle, g_tsg_statis_para.fs_line_id, g_tsg_statis_para.fs_field_id[STATIS_IPV4_IN_BYTES], FS_OP_SET, value);
value=0;
sapp_get_platform_opt(SPO_TOTAL_RCV_OUTBOUND_IPV4_PKT, (void *)&value, &value_len);
FS_operate(g_tsg_statis_para.fs2_handle, g_tsg_statis_para.fs_line_id, g_tsg_statis_para.fs_field_id[STATIS_IPV4_OUT_PACKETS], FS_OP_SET, value);
value=0;
sapp_get_platform_opt(SPO_TOTAL_RCV_OUTBOUND_IPV4_BYTE, (void *)&value, &value_len);
FS_operate(g_tsg_statis_para.fs2_handle, g_tsg_statis_para.fs_line_id, g_tsg_statis_para.fs_field_id[STATIS_IPV4_OUT_BYTES], FS_OP_SET, value);
value=0;
sapp_get_platform_opt(SPO_TOTAL_RCV_INBOUND_IPV6_PKT, (void *)&value, &value_len);
FS_operate(g_tsg_statis_para.fs2_handle, g_tsg_statis_para.fs_line_id, g_tsg_statis_para.fs_field_id[STATIS_IPV6_IN_PACKETS], FS_OP_SET, value);
value=0;
sapp_get_platform_opt(SPO_TOTAL_RCV_INBOUND_IPV6_BYTE, (void *)&value, &value_len);
FS_operate(g_tsg_statis_para.fs2_handle, g_tsg_statis_para.fs_line_id, g_tsg_statis_para.fs_field_id[STATIS_IPV6_IN_BYTES], FS_OP_SET, value);
value=0;
sapp_get_platform_opt(SPO_TOTAL_RCV_OUTBOUND_IPV6_PKT, (void *)&value, &value_len);
FS_operate(g_tsg_statis_para.fs2_handle, g_tsg_statis_para.fs_line_id, g_tsg_statis_para.fs_field_id[STATIS_IPV6_OUT_PACKETS], FS_OP_SET, value);
value=0;
sapp_get_platform_opt(SPO_TOTAL_RCV_OUTBOUND_IPV6_BYTE, (void *)&value, &value_len);
FS_operate(g_tsg_statis_para.fs2_handle, g_tsg_statis_para.fs_line_id, g_tsg_statis_para.fs_field_id[STATIS_IPV6_OUT_BYTES], FS_OP_SET, value);
FS_passive_output(g_tsg_statis_para.fs2_handle);
sleep(g_tsg_statis_para.cycle);
@@ -370,6 +426,28 @@ int tsg_statistic_init(const char *conffile, void *logger)
g_tsg_statis_para.fs_field_id[STATIS_INTERCEPT_IN_PACKETS]=FS_register(g_tsg_statis_para.fs2_handle, FS_STYLE_COLUMN, FS_CALC_SPEED, (char *)"intercept_in_packets");
g_tsg_statis_para.fs_field_id[STATIS_INTERCEPT_OUT_PACKETS]=FS_register(g_tsg_statis_para.fs2_handle, FS_STYLE_COLUMN, FS_CALC_SPEED, (char *)"intercept_out_packets");
g_tsg_statis_para.fs_field_id[STATIS_IPV4_IN_PACKETS]=FS_register(g_tsg_statis_para.fs2_handle, FS_STYLE_COLUMN, FS_CALC_SPEED, (char *)"ipv4_in_packets");
g_tsg_statis_para.fs_field_id[STATIS_IPV4_IN_BYTES]=FS_register(g_tsg_statis_para.fs2_handle, FS_STYLE_COLUMN, FS_CALC_SPEED, (char *)"ipv4_in_bytes");
g_tsg_statis_para.fs_field_id[STATIS_IPV4_OUT_PACKETS]=FS_register(g_tsg_statis_para.fs2_handle, FS_STYLE_COLUMN, FS_CALC_SPEED, (char *)"ipv4_out_packets");
g_tsg_statis_para.fs_field_id[STATIS_IPV4_OUT_BYTES]=FS_register(g_tsg_statis_para.fs2_handle, FS_STYLE_COLUMN, FS_CALC_SPEED, (char *)"ipv4_out_bytes");
g_tsg_statis_para.fs_field_id[STATIS_IPV6_IN_PACKETS]=FS_register(g_tsg_statis_para.fs2_handle, FS_STYLE_COLUMN, FS_CALC_SPEED, (char *)"ipv6_in_packets");
g_tsg_statis_para.fs_field_id[STATIS_IPV6_IN_BYTES]=FS_register(g_tsg_statis_para.fs2_handle, FS_STYLE_COLUMN, FS_CALC_SPEED, (char *)"ipv6_in_bytes");
g_tsg_statis_para.fs_field_id[STATIS_IPV6_OUT_PACKETS]=FS_register(g_tsg_statis_para.fs2_handle, FS_STYLE_COLUMN, FS_CALC_SPEED, (char *)"ipv6_out_packets");
g_tsg_statis_para.fs_field_id[STATIS_IPV6_OUT_BYTES]=FS_register(g_tsg_statis_para.fs2_handle, FS_STYLE_COLUMN, FS_CALC_SPEED, (char *)"ipv6_out_bytes");
g_tsg_statis_para.fs_field_id[STATIS_TCP_NEW_CON_NUM]=FS_register(g_tsg_statis_para.fs2_handle, FS_STYLE_COLUMN, FS_CALC_SPEED, (char *)"tcp_conn_num");
g_tsg_statis_para.fs_field_id[STATIS_TCP_IN_PACKETS]=FS_register(g_tsg_statis_para.fs2_handle, FS_STYLE_COLUMN, FS_CALC_SPEED, (char *)"tcp_in_packets");
g_tsg_statis_para.fs_field_id[STATIS_TCP_IN_BYTES]=FS_register(g_tsg_statis_para.fs2_handle, FS_STYLE_COLUMN, FS_CALC_SPEED, (char *)"tcp_in_bytes");
g_tsg_statis_para.fs_field_id[STATIS_TCP_OUT_PACKETS]=FS_register(g_tsg_statis_para.fs2_handle, FS_STYLE_COLUMN, FS_CALC_SPEED, (char *)"tcp_out_packets");
g_tsg_statis_para.fs_field_id[STATIS_TCP_OUT_BYTES]=FS_register(g_tsg_statis_para.fs2_handle, FS_STYLE_COLUMN, FS_CALC_SPEED, (char *)"tcp_out_bytes");
g_tsg_statis_para.fs_field_id[STATIS_UDP_NEW_CON_NUM]=FS_register(g_tsg_statis_para.fs2_handle, FS_STYLE_COLUMN, FS_CALC_SPEED, (char *)"udp_conn_num");
g_tsg_statis_para.fs_field_id[STATIS_UDP_IN_PACKETS]=FS_register(g_tsg_statis_para.fs2_handle, FS_STYLE_COLUMN, FS_CALC_SPEED, (char *)"udp_in_packets");
g_tsg_statis_para.fs_field_id[STATIS_UDP_IN_BYTES]=FS_register(g_tsg_statis_para.fs2_handle, FS_STYLE_COLUMN, FS_CALC_SPEED, (char *)"udp_in_bytes");
g_tsg_statis_para.fs_field_id[STATIS_UDP_OUT_PACKETS]=FS_register(g_tsg_statis_para.fs2_handle, FS_STYLE_COLUMN, FS_CALC_SPEED, (char *)"udp_out_packets");
g_tsg_statis_para.fs_field_id[STATIS_UDP_OUT_BYTES]=FS_register(g_tsg_statis_para.fs2_handle, FS_STYLE_COLUMN, FS_CALC_SPEED, (char *)"udp_out_bytes");
g_tsg_statis_para.fs_field_id[STATIS_ALERT_BYTES]=FS_register(g_tsg_statis_para.fs2_handle, FS_STYLE_COLUMN, FS_CALC_SPEED, (char *)"alert_bytes");
g_tsg_statis_para.fs_field_id[STATIS_BLOCK_BYTES]=FS_register(g_tsg_statis_para.fs2_handle, FS_STYLE_COLUMN, FS_CALC_SPEED, (char *)"block_bytes");
g_tsg_statis_para.fs_field_id[STATIS_PINNING_NUM]=FS_register(g_tsg_statis_para.fs2_handle, FS_STYLE_COLUMN, FS_CALC_SPEED, (char *)"pinning_num");

1
src/version.map
View File

@@ -7,6 +7,7 @@ global:
*tsg_pull_policy_result*;
*tsg_*;
*TLD_*;
*GIT*;
};
local: *;
};