From 39cdb03b5601bfc20164cd4f85d0669fb40f6f20 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E5=88=98=E5=AD=A6=E5=88=A9?= Date: Mon, 3 Apr 2023 09:43:17 +0000 Subject: [PATCH] =?UTF-8?q?TSG-14177:=20=E5=91=BD=E4=B8=ADSecurity=20Polic?= =?UTF-8?q?y=E5=90=8E=E6=A0=B9=E6=8D=AE=E7=AD=96=E7=95=A5ID=E5=8F=91?= =?UTF-8?q?=E9=80=81=E7=9B=B8=E5=BA=94=E7=9A=84Metric?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .gitlab-ci.yml | 2 +- bin/main.conf | 12 +- ctest/CMakeLists.txt | 3 +- src/CMakeLists.txt | 2 +- src/tsg_entry.h | 28 +++ src/tsg_statistic.cpp | 461 ++++++++++++++++++++-------------- test/src/CMakeLists.txt | 5 +- test/src/gtest_common.cpp | 12 +- test/src/gtest_fieldstat3.cpp | 169 +++++++++++++ 9 files changed, 495 insertions(+), 199 deletions(-) create mode 100644 test/src/gtest_fieldstat3.cpp diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index 07d5f11..565470f 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -4,7 +4,7 @@ variables: BUILD_IMAGE_CENTOS8: "git.mesalab.cn:7443/mesa_platform/build-env:rockylinux" BUILD_PADDING_PREFIX: /tmp/padding_for_CPACK_RPM_BUILD_SOURCE_DIRS_PREFIX_PREFIX_PREFIX_PREFIX_PREFIX_PREFIX/ INSTALL_PREFIX: "/home/mesasoft/sapp_run/" - INSTALL_DEPENDENCY_LIBRARY: systemd-devel libbreakpad_mini numactl-devel zlib-devel vim-common libMESA_handle_logger-devel libcjson-devel libMESA_field_stat2-devel sapp sapp-devel framework_env libMESA_prof_load-devel http-devel dns-devel ftp-devel mail-devel ssl-devel librdkafka-devel libmaat4-devel quic-devel mesa_sip-devel gtp-devel libMESA_htable-devel libasan mrzcpd rapidjson-devel libMESA_jump_layer-devel stratum-devel rdp-devel dtls-devel + INSTALL_DEPENDENCY_LIBRARY: systemd-devel libbreakpad_mini numactl-devel zlib-devel vim-common libMESA_handle_logger-devel libcjson-devel libMESA_field_stat2-devel sapp sapp-devel framework_env libMESA_prof_load-devel http-devel dns-devel ftp-devel mail-devel ssl-devel librdkafka-devel libmaat4-devel quic-devel mesa_sip-devel gtp-devel libMESA_htable-devel libasan mrzcpd rapidjson-devel libMESA_jump_layer-devel stratum-devel rdp-devel dtls-devel libfieldstat3-devel stages: - analysis diff --git a/bin/main.conf b/bin/main.conf index 153b716..2f03a10 100644 --- a/bin/main.conf +++ b/bin/main.conf @@ -18,12 +18,18 @@ SEND_APP_ID_SWITCH=1 SEND_NAT_LINKINFO_SWITCH=0 RAPIDJSON_CHUNK_CAPACITY=8192 +[SECURITY_HITS] +CYCLE=1000 +TELEGRAF_PORT=8092 +TELEGRAF_IP="127.0.0.1" +APP_NAME="security_rule_hits" + [STATISTIC] -CYCLE=30 -TELEGRAF_PORT=8100 +CYCLE=1 +TELEGRAF_PORT=8092 TELEGRAF_IP="127.0.0.1" OUTPUT_PATH="./tsg_statistic.log" -APP_NAME="statistic" +APP_NAME="network_activity" [FIELD_STAT] CYCLE=30 diff --git a/ctest/CMakeLists.txt b/ctest/CMakeLists.txt index 8fbcced..9d703a4 100644 --- a/ctest/CMakeLists.txt +++ b/ctest/CMakeLists.txt @@ -17,6 +17,7 @@ add_test(NAME COPY_GTEST_ACTION_BIN COMMAND sh -c "cp ${CMAKE_BINARY_DIR}/test/s add_test(NAME COPY_GTEST_SENDLOG_BIN COMMAND sh -c "cp ${CMAKE_BINARY_DIR}/test/src/gtest_sendlog ${CMAKE_BINARY_DIR}/testing/") add_test(NAME COPY_GTEST_MASTER_BIN COMMAND sh -c "cp ${CMAKE_BINARY_DIR}/test/src/gtest_master ${CMAKE_BINARY_DIR}/testing/") add_test(NAME COPY_GTEST_SYNC_SESSION_STATE_BIN COMMAND sh -c "cp ${CMAKE_BINARY_DIR}/test/src/gtest_sync_session_state ${CMAKE_BINARY_DIR}/testing/") +add_test(NAME COPY_GTEST_FIELDSTAT3_BIN COMMAND sh -c "cp ${CMAKE_BINARY_DIR}/test/src/gtest_fieldstat3 ${CMAKE_BINARY_DIR}/testing/") set(GTEST_RUN_DIR ${CMAKE_BINARY_DIR}/testing) add_test(NAME GTEST_RULE COMMAND gtest_rule WORKING_DIRECTORY ${GTEST_RUN_DIR}) @@ -25,4 +26,4 @@ add_test(NAME GTEST_ACTION COMMAND gtest_action WORKING_DIRECTORY ${GTEST_RUN_DI add_test(NAME GTEST_SENDLOG COMMAND gtest_sendlog WORKING_DIRECTORY ${GTEST_RUN_DIR}) add_test(NAME GTEST_MASTER COMMAND gtest_master WORKING_DIRECTORY ${GTEST_RUN_DIR}) add_test(NAME GTEST_SYNC_SESSION_STATE COMMAND gtest_sync_session_state WORKING_DIRECTORY ${GTEST_RUN_DIR}) - +add_test(NAME GTEST_FIELDSTAT3 COMMAND gtest_fieldstat3 WORKING_DIRECTORY ${GTEST_RUN_DIR}) diff --git a/src/CMakeLists.txt b/src/CMakeLists.txt index 33f1a0b..ca8b729 100644 --- a/src/CMakeLists.txt +++ b/src/CMakeLists.txt @@ -8,7 +8,7 @@ include_directories(${CMAKE_SOURCE_DIR}/inc) include_directories(/opt/MESA/include/MESA/) include_directories(/usr/include/) -set(TSG_MASTER_DEPEND_DYN_LIB MESA_handle_logger MESA_prof_load maat4 pthread MESA_field_stat2 rdkafka cjson MESA_jump_layer) +set(TSG_MASTER_DEPEND_DYN_LIB MESA_handle_logger MESA_prof_load maat4 pthread MESA_field_stat2 rdkafka cjson MESA_jump_layer fieldstat3) set(CMAKE_INSTALL_PREFIX /home/mesasoft/sapp_run) diff --git a/src/tsg_entry.h b/src/tsg_entry.h index e5f1cea..4a19e99 100644 --- a/src/tsg_entry.h +++ b/src/tsg_entry.h @@ -156,6 +156,34 @@ typedef enum tsg_statis_field_id STATIS_MAX }tsg_statis_field_id_t; +enum TRAFFIC_INFO_IDX +{ + TRAFFIC_INFO_ALLOW=0, + TRAFFIC_INFO_DENY, + TRAFFIC_INFO_MONITOR, + TRAFFIC_INFO_INTERCEPT, + TRAFFIC_INFO_MAX +}; + +struct tsg_statistic +{ + int cycle; + int thread_alive; + pthread_t stat_thread_id; + long long statistic_opt[_OPT_TYPE_MAX]; + struct _traffic_info *traffic_info[TSG_ACTION_MAX+1]; + struct _traffic_info default_total_info; + + int static_table_id; + int static_column_id[STATIS_MAX]; + struct fieldstat_instance *statistic_handle; + + int metric_cycle; + int metric_table_id; + struct fieldstat_dynamic_instance *metric_handle; + struct fieldstat_tag **metric_tags; +}; + int tsg_statistic_init(const char *conffile, void *logger); void tsg_statistic_destroy(void); diff --git a/src/tsg_statistic.cpp b/src/tsg_statistic.cpp index 4839b69..2d68fb5 100644 --- a/src/tsg_statistic.cpp +++ b/src/tsg_statistic.cpp @@ -3,6 +3,7 @@ #include #include +#include #include #include @@ -11,30 +12,67 @@ #include "tsg_statistic.h" #include "tsg_send_log_internal.h" -enum TRAFFIC_INFO_IDX -{ - TRAFFIC_INFO_ALLOW=0, - TRAFFIC_INFO_DENY, - TRAFFIC_INFO_MONITOR, - TRAFFIC_INFO_INTERCEPT, - TRAFFIC_INFO_MAX -}; - -struct tsg_statistic -{ - int cycle; - int fs_line_id; - int thread_alive; - pthread_t stat_thread_id; - int fs_field_id[STATIS_MAX]; - long long statistic_opt[_OPT_TYPE_MAX]; - struct _traffic_info *traffic_info[TSG_ACTION_MAX+1]; - struct _traffic_info default_total_info; - screen_stat_handle_t fs2_handle; -}; - struct tsg_statistic g_tsg_statis_para; +enum metric_columns_index +{ + COLUMN_HIT_COUNT = 0, + COLUMN_IN_BYTES, + COLUMN_OUT_BYTES, + COLUMN_IN_PKTS, + COLUMN_OUT_PKTS, + COLUMN_MAX +}; + +enum metric_tags_index +{ + TAG_RULE_ID = 0, + TAG_ACTION, + TAG_MAX +}; + +enum field_type metric_column_type[COLUMN_MAX] = {FIELD_TYPE_COUNTER, FIELD_TYPE_COUNTER, FIELD_TYPE_COUNTER, FIELD_TYPE_COUNTER, FIELD_TYPE_COUNTER}; +const char *metric_column_field[COLUMN_MAX] = {"hit_count", "in_bytes", "out_bytes", "in_pkts", "out_pkts"}; +unsigned int metric_column_array[COLUMN_MAX] = {0}; +struct fieldstat_tag g_metric_tags[TAG_MAX] = {{"rule_id", 0, -1}, {"action", 0, -1}}; + +struct fieldstat_tag *tsg_set_metric_tags(struct maat_rule *p_result, int thread_seq) +{ + g_tsg_statis_para.metric_tags[thread_seq][TAG_RULE_ID].value_int = p_result->rule_id; + g_tsg_statis_para.metric_tags[thread_seq][TAG_ACTION].value_int = p_result->action; + + return g_tsg_statis_para.metric_tags[thread_seq]; +} + +int tsg_metric_tsgs_init(int thread_num) +{ + g_tsg_statis_para.metric_tags = (struct fieldstat_tag **)calloc(thread_num, sizeof(struct fieldstat_tag *)); + for (int i = 0; i < thread_num; i++) + { + g_tsg_statis_para.metric_tags[i] = (struct fieldstat_tag *)calloc((size_t)TAG_MAX, sizeof(struct fieldstat_tag)); + memcpy(g_tsg_statis_para.metric_tags[i], g_metric_tags, sizeof(struct fieldstat_tag) * (size_t)TAG_MAX); + } + + return 0; +} + +int tsg_metric_tsgs_free(int thread_num) +{ + for (int i = 0; i < thread_num; i++) + { + if (g_tsg_statis_para.metric_tags[i]) + { + free(g_tsg_statis_para.metric_tags[i]); + g_tsg_statis_para.metric_tags[i] = NULL; + } + } + + free(g_tsg_statis_para.metric_tags); + g_tsg_statis_para.metric_tags = NULL; + + return 0; +} + int tsg_set_statistic_opt(int value, enum _STATISTIC_OPT_TYPE type, int thread_seq) { switch(type) @@ -55,58 +93,77 @@ int tsg_set_statistic_opt(int value, enum _STATISTIC_OPT_TYPE type, int thread_s int tsg_set_intercept_flow(struct maat_rule *p_result, struct _traffic_info *traffic_info, int thread_seq) { - struct _traffic_info *_info=NULL; - - if(p_result!=NULL && traffic_info!=NULL && thread_seq>=0) + if (p_result == NULL || traffic_info == NULL || thread_seq < 0 || thread_seq >= get_thread_count() || p_result->action != TSG_ACTION_INTERCEPT) { - _info=&(g_tsg_statis_para.traffic_info[(unsigned char)p_result->action][thread_seq]); - - _info->con_num+=traffic_info->con_num; - _info->in_bytes+=traffic_info->in_bytes; - _info->in_packets+=traffic_info->in_packets; - _info->out_bytes+=traffic_info->out_bytes; - _info->out_packets+=traffic_info->out_packets; + return -1; } - + + struct _traffic_info *_info = NULL; + struct fieldstat_tag *metric_tags = tsg_set_metric_tags(p_result, thread_seq); + if (metric_tags == NULL) + { + return -1; + } + + _info = &(g_tsg_statis_para.traffic_info[(unsigned char)p_result->action][thread_seq]); + + _info->con_num += traffic_info->con_num; + _info->in_bytes += traffic_info->in_bytes; + _info->in_packets += traffic_info->in_packets; + _info->out_bytes += traffic_info->out_bytes; + _info->out_packets += traffic_info->out_packets; + + fieldstat_dynamic_table_metric_value_incrby(g_tsg_statis_para.metric_handle, g_tsg_statis_para.metric_table_id, metric_column_array[COLUMN_HIT_COUNT], "security_rule_hits", traffic_info->con_num, metric_tags, (size_t)TAG_MAX, thread_seq); + fieldstat_dynamic_table_metric_value_incrby(g_tsg_statis_para.metric_handle, g_tsg_statis_para.metric_table_id, metric_column_array[COLUMN_IN_BYTES], "security_rule_hits", traffic_info->in_bytes, metric_tags, (size_t)TAG_MAX, thread_seq); + fieldstat_dynamic_table_metric_value_incrby(g_tsg_statis_para.metric_handle, g_tsg_statis_para.metric_table_id, metric_column_array[COLUMN_OUT_BYTES], "security_rule_hits", traffic_info->out_bytes, metric_tags, (size_t)TAG_MAX, thread_seq); + fieldstat_dynamic_table_metric_value_incrby(g_tsg_statis_para.metric_handle, g_tsg_statis_para.metric_table_id, metric_column_array[COLUMN_IN_PKTS], "security_rule_hits", traffic_info->in_packets, metric_tags, (size_t)TAG_MAX, thread_seq); + fieldstat_dynamic_table_metric_value_incrby(g_tsg_statis_para.metric_handle, g_tsg_statis_para.metric_table_id, metric_column_array[COLUMN_OUT_PKTS], "security_rule_hits", traffic_info->out_packets, metric_tags, (size_t)TAG_MAX, thread_seq); + return 0; } int tsg_set_policy_flow(const struct streaminfo *a_stream, struct maat_rule *p_result, int thread_seq) { - unsigned long long value=0; - int value_len=sizeof(unsigned long long); - struct _traffic_info *traffic_info=NULL; - - if(g_tsg_statis_para.cycle<=0) - { - return 0; - } - - if(a_stream==NULL || p_result==NULL) + if (a_stream == NULL || p_result == NULL || thread_seq < 0 || thread_seq >= get_thread_count()) { return -1; } - + + unsigned long long value = 0; + int value_len = sizeof(unsigned long long); + struct _traffic_info *traffic_info = NULL; + traffic_info=&(g_tsg_statis_para.traffic_info[(unsigned char)p_result->action][thread_seq]); + struct fieldstat_tag *metric_tags = tsg_set_metric_tags(p_result, thread_seq); + if (metric_tags == NULL) + { + return -1; + } + traffic_info->con_num++; + fieldstat_dynamic_table_metric_value_incrby(g_tsg_statis_para.metric_handle, g_tsg_statis_para.metric_table_id, metric_column_array[COLUMN_HIT_COUNT], "security_rule_hits", 1, metric_tags, (size_t)TAG_MAX, thread_seq); value=0; MESA_get_stream_opt(a_stream, MSO_TOTAL_INBOUND_BYTE_RAW, (void *)&value, &value_len); traffic_info->in_bytes+=value; + fieldstat_dynamic_table_metric_value_incrby(g_tsg_statis_para.metric_handle, g_tsg_statis_para.metric_table_id, metric_column_array[COLUMN_IN_BYTES], "security_rule_hits", value, metric_tags, (size_t)TAG_MAX, thread_seq); value=0; MESA_get_stream_opt(a_stream, MSO_TOTAL_INBOUND_PKT, (void *)&value, &value_len); traffic_info->in_packets+=value; + fieldstat_dynamic_table_metric_value_incrby(g_tsg_statis_para.metric_handle, g_tsg_statis_para.metric_table_id, metric_column_array[COLUMN_IN_PKTS], "security_rule_hits", value, metric_tags, (size_t)TAG_MAX, thread_seq); value=0; MESA_get_stream_opt(a_stream, MSO_TOTAL_OUTBOUND_BYTE_RAW, (void *)&value, &value_len); traffic_info->out_bytes+=value; - + fieldstat_dynamic_table_metric_value_incrby(g_tsg_statis_para.metric_handle, g_tsg_statis_para.metric_table_id, metric_column_array[COLUMN_OUT_BYTES], "security_rule_hits", value, metric_tags, (size_t)TAG_MAX, thread_seq); + value=0; MESA_get_stream_opt(a_stream, MSO_TOTAL_OUTBOUND_PKT, (void *)&value, &value_len); traffic_info->out_packets+=value; - + fieldstat_dynamic_table_metric_value_incrby(g_tsg_statis_para.metric_handle, g_tsg_statis_para.metric_table_id, metric_column_array[COLUMN_OUT_PKTS], "security_rule_hits", value, metric_tags, (size_t)TAG_MAX, thread_seq); + return 0; } @@ -215,11 +272,11 @@ static int _set_traffic_info(struct _traffic_info *from, struct _traffic_info *t break; } - FS_operate(g_tsg_statis_para.fs2_handle, g_tsg_statis_para.fs_line_id, g_tsg_statis_para.fs_field_id[con_num_id], FS_OP_SET, con_num_sum); - FS_operate(g_tsg_statis_para.fs2_handle, g_tsg_statis_para.fs_line_id, g_tsg_statis_para.fs_field_id[in_bytes_id], FS_OP_SET, in_bytes_sum); - FS_operate(g_tsg_statis_para.fs2_handle, g_tsg_statis_para.fs_line_id, g_tsg_statis_para.fs_field_id[in_packets_id], FS_OP_SET, in_packets_sum); - FS_operate(g_tsg_statis_para.fs2_handle, g_tsg_statis_para.fs_line_id, g_tsg_statis_para.fs_field_id[out_bytes_id], FS_OP_SET, out_bytes_sum); - FS_operate(g_tsg_statis_para.fs2_handle, g_tsg_statis_para.fs_line_id, g_tsg_statis_para.fs_field_id[out_packets_id], FS_OP_SET, out_packets_sum); + fieldstat_value_set(g_tsg_statis_para.statistic_handle, g_tsg_statis_para.static_column_id[con_num_id], con_num_sum); + fieldstat_value_set(g_tsg_statis_para.statistic_handle, g_tsg_statis_para.static_column_id[in_bytes_id], in_bytes_sum); + fieldstat_value_set(g_tsg_statis_para.statistic_handle, g_tsg_statis_para.static_column_id[in_packets_id], in_packets_sum); + fieldstat_value_set(g_tsg_statis_para.statistic_handle, g_tsg_statis_para.static_column_id[out_bytes_id], out_bytes_sum); + fieldstat_value_set(g_tsg_statis_para.statistic_handle, g_tsg_statis_para.static_column_id[out_packets_id], out_packets_sum); return 0; } @@ -230,7 +287,7 @@ static void *tsg_statistic_thread(void *arg) struct _traffic_info total_traffic_info; struct _traffic_info default_traffic_info; - FS_start(g_tsg_statis_para.fs2_handle); + fieldstat_instance_start(g_tsg_statis_para.statistic_handle); while(g_tsg_statis_para.thread_alive) { @@ -254,8 +311,8 @@ static void *tsg_statistic_thread(void *arg) value=0; sapp_get_platform_opt(SPO_UDP_STREAM_CONCURRENT, (void *)&value, &value_len); total_value+=value; - FS_operate(g_tsg_statis_para.fs2_handle, g_tsg_statis_para.fs_line_id, g_tsg_statis_para.fs_field_id[STATIS_ESTABLISHED_CON_NUM], FS_OP_SET, total_value); - + fieldstat_value_set(g_tsg_statis_para.statistic_handle, g_tsg_statis_para.static_column_id[STATIS_ESTABLISHED_CON_NUM], total_value); + value=0; total_value=0; sapp_get_platform_opt(SPO_TCP_STREAM_CLOSE, (void *)&value, &value_len); @@ -263,48 +320,54 @@ static void *tsg_statistic_thread(void *arg) value=0; sapp_get_platform_opt(SPO_UDP_STREAM_CLOSE, (void *)&value, &value_len); total_value+=value; - FS_operate(g_tsg_statis_para.fs2_handle, g_tsg_statis_para.fs_line_id, g_tsg_statis_para.fs_field_id[STATIS_CLOSE_CON_NUM], FS_OP_SET, total_value); + fieldstat_value_set(g_tsg_statis_para.statistic_handle, g_tsg_statis_para.static_column_id[STATIS_CLOSE_CON_NUM], total_value); value=0; total_value=0; - sapp_get_platform_opt(SPO_TCP_STREAM_NEW, (void *)&value, &value_len); - FS_operate(g_tsg_statis_para.fs2_handle, g_tsg_statis_para.fs_line_id, g_tsg_statis_para.fs_field_id[STATIS_TCP_NEW_CON_NUM], FS_OP_SET, value); - + sapp_get_platform_opt(SPO_TCP_STREAM_NEW, (void *)&value, &value_len); + fieldstat_value_set(g_tsg_statis_para.statistic_handle, g_tsg_statis_para.static_column_id[STATIS_TCP_NEW_CON_NUM], total_value); + total_value+=value; value=0; sapp_get_platform_opt(SPO_TOTAL_RCV_INBOUND_TCP_PKT, (void *)&value, &value_len); - FS_operate(g_tsg_statis_para.fs2_handle, g_tsg_statis_para.fs_line_id, g_tsg_statis_para.fs_field_id[STATIS_TCP_IN_PACKETS], FS_OP_SET, value); - value=0; - sapp_get_platform_opt(SPO_TOTAL_RCV_INBOUND_TCP_BYTE, (void *)&value, &value_len); - FS_operate(g_tsg_statis_para.fs2_handle, g_tsg_statis_para.fs_line_id, g_tsg_statis_para.fs_field_id[STATIS_TCP_IN_BYTES], FS_OP_SET, value); - value=0; - sapp_get_platform_opt(SPO_TOTAL_RCV_OUTBOUND_TCP_PKT, (void *)&value, &value_len); - FS_operate(g_tsg_statis_para.fs2_handle, g_tsg_statis_para.fs_line_id, g_tsg_statis_para.fs_field_id[STATIS_TCP_OUT_PACKETS], FS_OP_SET, value); - value=0; - sapp_get_platform_opt(SPO_TOTAL_RCV_OUTBOUND_TCP_BYTE, (void *)&value, &value_len); - FS_operate(g_tsg_statis_para.fs2_handle, g_tsg_statis_para.fs_line_id, g_tsg_statis_para.fs_field_id[STATIS_TCP_OUT_BYTES], FS_OP_SET, value); + fieldstat_value_set(g_tsg_statis_para.statistic_handle, g_tsg_statis_para.static_column_id[STATIS_TCP_IN_PACKETS], value); value=0; - sapp_get_platform_opt(SPO_UDP_STREAM_NEW, (void *)&value, &value_len); - FS_operate(g_tsg_statis_para.fs2_handle, g_tsg_statis_para.fs_line_id, g_tsg_statis_para.fs_field_id[STATIS_UDP_NEW_CON_NUM], FS_OP_SET, value); + sapp_get_platform_opt(SPO_TOTAL_RCV_INBOUND_TCP_BYTE, (void *)&value, &value_len); + fieldstat_value_set(g_tsg_statis_para.statistic_handle, g_tsg_statis_para.static_column_id[STATIS_TCP_IN_BYTES], value); + + value=0; + sapp_get_platform_opt(SPO_TOTAL_RCV_OUTBOUND_TCP_PKT, (void *)&value, &value_len); + fieldstat_value_set(g_tsg_statis_para.statistic_handle, g_tsg_statis_para.static_column_id[STATIS_TCP_OUT_PACKETS], value); + + value=0; + sapp_get_platform_opt(SPO_TOTAL_RCV_OUTBOUND_TCP_BYTE, (void *)&value, &value_len); + fieldstat_value_set(g_tsg_statis_para.statistic_handle, g_tsg_statis_para.static_column_id[STATIS_TCP_OUT_BYTES], value); + + value=0; + sapp_get_platform_opt(SPO_UDP_STREAM_NEW, (void *)&value, &value_len); + fieldstat_value_set(g_tsg_statis_para.statistic_handle, g_tsg_statis_para.static_column_id[STATIS_UDP_NEW_CON_NUM], value); total_value+=value; - FS_operate(g_tsg_statis_para.fs2_handle, g_tsg_statis_para.fs_line_id, g_tsg_statis_para.fs_field_id[STATIS_NEW_CON_NUM], FS_OP_SET, total_value); + fieldstat_value_set(g_tsg_statis_para.statistic_handle, g_tsg_statis_para.static_column_id[STATIS_NEW_CON_NUM], total_value); total_traffic_info.con_num+=total_value; value=0; sapp_get_platform_opt(SPO_TOTAL_RCV_INBOUND_UDP_PKT, (void *)&value, &value_len); - FS_operate(g_tsg_statis_para.fs2_handle, g_tsg_statis_para.fs_line_id, g_tsg_statis_para.fs_field_id[STATIS_UDP_IN_PACKETS], FS_OP_SET, value); + fieldstat_value_set(g_tsg_statis_para.statistic_handle, g_tsg_statis_para.static_column_id[STATIS_UDP_IN_PACKETS], value); + value=0; - sapp_get_platform_opt(SPO_TOTAL_RCV_INBOUND_UDP_BYTE, (void *)&value, &value_len); - FS_operate(g_tsg_statis_para.fs2_handle, g_tsg_statis_para.fs_line_id, g_tsg_statis_para.fs_field_id[STATIS_UDP_IN_BYTES], FS_OP_SET, value); + sapp_get_platform_opt(SPO_TOTAL_RCV_INBOUND_UDP_BYTE, (void *)&value, &value_len); + fieldstat_value_set(g_tsg_statis_para.statistic_handle, g_tsg_statis_para.static_column_id[STATIS_UDP_IN_BYTES], value); + value=0; - sapp_get_platform_opt(SPO_TOTAL_RCV_OUTBOUND_UDP_PKT, (void *)&value, &value_len); - FS_operate(g_tsg_statis_para.fs2_handle, g_tsg_statis_para.fs_line_id, g_tsg_statis_para.fs_field_id[STATIS_UDP_OUT_PACKETS], FS_OP_SET, value); + sapp_get_platform_opt(SPO_TOTAL_RCV_OUTBOUND_UDP_PKT, (void *)&value, &value_len); + fieldstat_value_set(g_tsg_statis_para.statistic_handle, g_tsg_statis_para.static_column_id[STATIS_UDP_OUT_PACKETS], value); + value=0; - sapp_get_platform_opt(SPO_TOTAL_RCV_OUTBOUND_UDP_BYTE, (void *)&value, &value_len); - FS_operate(g_tsg_statis_para.fs2_handle, g_tsg_statis_para.fs_line_id, g_tsg_statis_para.fs_field_id[STATIS_UDP_OUT_BYTES], FS_OP_SET, value); + sapp_get_platform_opt(SPO_TOTAL_RCV_OUTBOUND_UDP_BYTE, (void *)&value, &value_len); + fieldstat_value_set(g_tsg_statis_para.statistic_handle, g_tsg_statis_para.static_column_id[STATIS_UDP_OUT_BYTES], value); value_len=sizeof(total_traffic_info.in_bytes); sapp_get_platform_opt(SPO_TOTAL_INBOUND_BYTE, (void *)&total_traffic_info.in_bytes, &value_len); @@ -321,52 +384,107 @@ static void *tsg_statistic_thread(void *arg) _get_traffic_info(&total_traffic_info, &policy_traffic_info, &default_traffic_info); _set_traffic_info(&default_traffic_info, NULL, TSG_ACTION_NONE, 1); - FS_operate(g_tsg_statis_para.fs2_handle, g_tsg_statis_para.fs_line_id, g_tsg_statis_para.fs_field_id[STATIS_ALERT_BYTES], FS_OP_SET, g_tsg_statis_para.statistic_opt[OPT_TYPE_ALERT_BYTES]); - FS_operate(g_tsg_statis_para.fs2_handle, g_tsg_statis_para.fs_line_id, g_tsg_statis_para.fs_field_id[STATIS_BLOCK_BYTES], FS_OP_SET, g_tsg_statis_para.statistic_opt[OPT_TYPE_BLOCK_BYTES]); - FS_operate(g_tsg_statis_para.fs2_handle, g_tsg_statis_para.fs_line_id, g_tsg_statis_para.fs_field_id[STATIS_PINNING_NUM], FS_OP_SET, g_tsg_statis_para.statistic_opt[OPT_TYPE_PINNING_YES]); - FS_operate(g_tsg_statis_para.fs2_handle, g_tsg_statis_para.fs_line_id, g_tsg_statis_para.fs_field_id[STATIS_MAYBE_PINNING_NUM], FS_OP_SET, g_tsg_statis_para.statistic_opt[OPT_TYPE_PINNING_MAYBE]); - FS_operate(g_tsg_statis_para.fs2_handle, g_tsg_statis_para.fs_line_id, g_tsg_statis_para.fs_field_id[STATIS_NOT_PINNING_NUM], FS_OP_SET, g_tsg_statis_para.statistic_opt[OPT_TYPE_PINNING_NOT]); + fieldstat_value_set(g_tsg_statis_para.statistic_handle, g_tsg_statis_para.static_column_id[STATIS_ALERT_BYTES], g_tsg_statis_para.statistic_opt[OPT_TYPE_ALERT_BYTES]); + fieldstat_value_set(g_tsg_statis_para.statistic_handle, g_tsg_statis_para.static_column_id[STATIS_BLOCK_BYTES], g_tsg_statis_para.statistic_opt[OPT_TYPE_BLOCK_BYTES]); + fieldstat_value_set(g_tsg_statis_para.statistic_handle, g_tsg_statis_para.static_column_id[STATIS_PINNING_NUM], g_tsg_statis_para.statistic_opt[OPT_TYPE_PINNING_YES]); + fieldstat_value_set(g_tsg_statis_para.statistic_handle, g_tsg_statis_para.static_column_id[STATIS_MAYBE_PINNING_NUM], g_tsg_statis_para.statistic_opt[OPT_TYPE_PINNING_MAYBE]); + fieldstat_value_set(g_tsg_statis_para.statistic_handle, g_tsg_statis_para.static_column_id[STATIS_NOT_PINNING_NUM], g_tsg_statis_para.statistic_opt[OPT_TYPE_PINNING_NOT]); value=0; sapp_get_platform_opt(SPO_TOTAL_RCV_INBOUND_IPV4_PKT, (void *)&value, &value_len); - FS_operate(g_tsg_statis_para.fs2_handle, g_tsg_statis_para.fs_line_id, g_tsg_statis_para.fs_field_id[STATIS_IPV4_IN_PACKETS], FS_OP_SET, value); + fieldstat_value_set(g_tsg_statis_para.statistic_handle, g_tsg_statis_para.static_column_id[STATIS_IPV4_IN_PACKETS], value); + value=0; - sapp_get_platform_opt(SPO_TOTAL_RCV_INBOUND_IPV4_BYTE, (void *)&value, &value_len); - FS_operate(g_tsg_statis_para.fs2_handle, g_tsg_statis_para.fs_line_id, g_tsg_statis_para.fs_field_id[STATIS_IPV4_IN_BYTES], FS_OP_SET, value); + sapp_get_platform_opt(SPO_TOTAL_RCV_INBOUND_IPV4_BYTE, (void *)&value, &value_len); + fieldstat_value_set(g_tsg_statis_para.statistic_handle, g_tsg_statis_para.static_column_id[STATIS_IPV4_IN_BYTES], value); + value=0; - sapp_get_platform_opt(SPO_TOTAL_RCV_OUTBOUND_IPV4_PKT, (void *)&value, &value_len); - FS_operate(g_tsg_statis_para.fs2_handle, g_tsg_statis_para.fs_line_id, g_tsg_statis_para.fs_field_id[STATIS_IPV4_OUT_PACKETS], FS_OP_SET, value); + sapp_get_platform_opt(SPO_TOTAL_RCV_OUTBOUND_IPV4_PKT, (void *)&value, &value_len); + fieldstat_value_set(g_tsg_statis_para.statistic_handle, g_tsg_statis_para.static_column_id[STATIS_IPV4_OUT_PACKETS], value); + value=0; - sapp_get_platform_opt(SPO_TOTAL_RCV_OUTBOUND_IPV4_BYTE, (void *)&value, &value_len); - FS_operate(g_tsg_statis_para.fs2_handle, g_tsg_statis_para.fs_line_id, g_tsg_statis_para.fs_field_id[STATIS_IPV4_OUT_BYTES], FS_OP_SET, value); + sapp_get_platform_opt(SPO_TOTAL_RCV_OUTBOUND_IPV4_BYTE, (void *)&value, &value_len); + fieldstat_value_set(g_tsg_statis_para.statistic_handle, g_tsg_statis_para.static_column_id[STATIS_IPV4_OUT_BYTES], value); value=0; sapp_get_platform_opt(SPO_TOTAL_RCV_INBOUND_IPV6_PKT, (void *)&value, &value_len); - FS_operate(g_tsg_statis_para.fs2_handle, g_tsg_statis_para.fs_line_id, g_tsg_statis_para.fs_field_id[STATIS_IPV6_IN_PACKETS], FS_OP_SET, value); - value=0; - sapp_get_platform_opt(SPO_TOTAL_RCV_INBOUND_IPV6_BYTE, (void *)&value, &value_len); - FS_operate(g_tsg_statis_para.fs2_handle, g_tsg_statis_para.fs_line_id, g_tsg_statis_para.fs_field_id[STATIS_IPV6_IN_BYTES], FS_OP_SET, value); - value=0; - sapp_get_platform_opt(SPO_TOTAL_RCV_OUTBOUND_IPV6_PKT, (void *)&value, &value_len); - FS_operate(g_tsg_statis_para.fs2_handle, g_tsg_statis_para.fs_line_id, g_tsg_statis_para.fs_field_id[STATIS_IPV6_OUT_PACKETS], FS_OP_SET, value); - value=0; - sapp_get_platform_opt(SPO_TOTAL_RCV_OUTBOUND_IPV6_BYTE, (void *)&value, &value_len); - FS_operate(g_tsg_statis_para.fs2_handle, g_tsg_statis_para.fs_line_id, g_tsg_statis_para.fs_field_id[STATIS_IPV6_OUT_BYTES], FS_OP_SET, value); + fieldstat_value_set(g_tsg_statis_para.statistic_handle, g_tsg_statis_para.static_column_id[STATIS_IPV6_IN_PACKETS], value); + + value=0; + sapp_get_platform_opt(SPO_TOTAL_RCV_INBOUND_IPV6_BYTE, (void *)&value, &value_len); + fieldstat_value_set(g_tsg_statis_para.statistic_handle, g_tsg_statis_para.static_column_id[STATIS_IPV6_IN_BYTES], value); + + value=0; + sapp_get_platform_opt(SPO_TOTAL_RCV_OUTBOUND_IPV6_PKT, (void *)&value, &value_len); + fieldstat_value_set(g_tsg_statis_para.statistic_handle, g_tsg_statis_para.static_column_id[STATIS_IPV6_OUT_PACKETS], value); + + value=0; + sapp_get_platform_opt(SPO_TOTAL_RCV_OUTBOUND_IPV6_BYTE, (void *)&value, &value_len); + fieldstat_value_set(g_tsg_statis_para.statistic_handle, g_tsg_statis_para.static_column_id[STATIS_IPV6_OUT_BYTES], value); + + fieldstat_passive_output(g_tsg_statis_para.statistic_handle); - FS_passive_output(g_tsg_statis_para.fs2_handle); - sleep(g_tsg_statis_para.cycle); } return NULL; } +int tsg_statistic_metric_init(const char *conffile, void *logger) +{ + if (conffile == NULL || logger == NULL) + { + return -1; + } + + unsigned short fs_server_port=0; + char fs_server_ip[MAX_IPV4_LEN]={0}; + char app_name[128]={0}; + int thread_num = get_thread_count(); + + MESA_load_profile_short_nodef(conffile, "SECURITY_HITS", "TELEGRAF_PORT", (short *)&(fs_server_port)); + MESA_load_profile_string_nodef(conffile,"SECURITY_HITS", "TELEGRAF_IP",fs_server_ip, sizeof(fs_server_ip)); + MESA_load_profile_string_def(conffile,"SECURITY_HITS", "APP_NAME", app_name, sizeof(app_name), "metric"); + MESA_load_profile_int_def(conffile, "SECURITY_HITS", "CYCLE", &g_tsg_statis_para.metric_cycle, 1000); + if(g_tsg_statis_para.metric_cycle<=0) + { + MESA_handle_runtime_log(logger, RLOG_LV_FATAL, "SECURITY_HITS", "g_tsg_statis_para.metric_cycle error"); + return -1; + } + + g_tsg_statis_para.metric_handle = fieldstat_dynamic_instance_new(app_name, thread_num); + if(g_tsg_statis_para.metric_handle==NULL) + { + MESA_handle_runtime_log(logger, RLOG_LV_FATAL, "SECURITY_HITS", "g_tsg_statis_para.metric_handle error"); + return -1; + } + + fieldstat_dynamic_set_output_interval(g_tsg_statis_para.metric_handle, g_tsg_statis_para.metric_cycle); + if (fs_server_port > 0 && strlen(fs_server_ip) > 0) + { + fieldstat_dynamic_set_line_protocol_server(g_tsg_statis_para.metric_handle, fs_server_ip, fs_server_port); + } + + g_tsg_statis_para.metric_table_id = fieldstat_register_dynamic_table(g_tsg_statis_para.metric_handle, "security_rule_hits", metric_column_field, metric_column_type, (size_t)COLUMN_MAX, metric_column_array); + if(g_tsg_statis_para.metric_table_id<0) + { + MESA_handle_runtime_log(logger, RLOG_LV_FATAL, "SECURITY_HITS", "g_tsg_statis_para.metric_table_id error"); + return -1; + } + + tsg_metric_tsgs_init(thread_num); + + fieldstat_dynamic_instance_start(g_tsg_statis_para.metric_handle); + + return 0; +} int tsg_statistic_init(const char *conffile, void *logger) { - int output_prometheus=0; - int i=0,value=0,thread_num=0; - unsigned short fs_server_port=0; + // int output_prometheus=0; + // unsigned short prometheus_port = 8093; + int i = 0, thread_num = 0; + unsigned short fs_server_port = 0; char app_name[128]={0}; char fs_server_ip[MAX_IPV4_LEN]={0}; char fs_output_path[128]={0}; @@ -378,8 +496,8 @@ int tsg_statistic_init(const char *conffile, void *logger) { g_tsg_statis_para.traffic_info[i]=(struct _traffic_info *)calloc(1, sizeof(struct _traffic_info)*thread_num); } - - MESA_load_profile_int_def(conffile, "STATISTIC", "CYCLE", &g_tsg_statis_para.cycle, 30); + + MESA_load_profile_int_def(conffile, "STATISTIC", "CYCLE", &g_tsg_statis_para.cycle, 1); if(g_tsg_statis_para.cycle<=0) { MESA_handle_runtime_log(logger, RLOG_LV_FATAL, "STATISTIC", "Disabale traffic statistic"); @@ -389,112 +507,73 @@ int tsg_statistic_init(const char *conffile, void *logger) MESA_load_profile_short_nodef(conffile, "STATISTIC", "TELEGRAF_PORT", (short *)&(fs_server_port)); MESA_load_profile_string_nodef(conffile,"STATISTIC", "TELEGRAF_IP",fs_server_ip, sizeof(fs_server_ip)); MESA_load_profile_string_def(conffile,"STATISTIC", "OUTPUT_PATH",fs_output_path, sizeof(fs_output_path), "statistic.log"); - MESA_load_profile_string_def(conffile,"STATISTIC", "APP_NAME", app_name, sizeof(app_name), "statistic"); - MESA_load_profile_int_def(conffile, "STATISTIC", "PROMETHEUS", &output_prometheus, 1); + MESA_load_profile_string_def(conffile, "STATISTIC", "APP_NAME", app_name, sizeof(app_name), "network_activity"); + // MESA_load_profile_int_def(conffile, "STATISTIC", "PROMETHEUS", &output_prometheus, 1); + // MESA_load_profile_short_nodef(conffile, "STATISTIC", "PROMETHEUS_PORT", (short *)&(prometheus_port)); - g_tsg_statis_para.fs2_handle=FS_create_handle(); + g_tsg_statis_para.statistic_handle = fieldstat_instance_new(app_name); g_tsg_statis_para.thread_alive=1; - value=1;//Rewrite - FS_set_para(g_tsg_statis_para.fs2_handle, PRINT_MODE, &value, sizeof(value)); - value=0;//Do not create stat thread - FS_set_para(g_tsg_statis_para.fs2_handle, CREATE_THREAD, &value, sizeof(value)); + fieldstat_disable_background_thread(g_tsg_statis_para.statistic_handle); - FS_set_para(g_tsg_statis_para.fs2_handle, STAT_CYCLE, &g_tsg_statis_para.cycle, sizeof(g_tsg_statis_para.cycle)); - FS_set_para(g_tsg_statis_para.fs2_handle, APP_NAME, app_name, strlen(app_name)+1); - FS_set_para(g_tsg_statis_para.fs2_handle, OUTPUT_DEVICE, fs_output_path, strlen(fs_output_path)+1); + fieldstat_set_output_interval(g_tsg_statis_para.statistic_handle, g_tsg_statis_para.cycle * 1000); + fieldstat_set_local_output(g_tsg_statis_para.statistic_handle, fs_output_path, "default"); - FS_set_para(g_tsg_statis_para.fs2_handle, OUTPUT_PROMETHEUS, &output_prometheus, sizeof(output_prometheus)); + // if (output_prometheus == 1) + // { + // fieldstat_enable_prometheus_output(g_tsg_statis_para.statistic_handle); + // fieldstat_global_enable_prometheus_endpoint(prometheus_port, "/metrics"); + // } - if(fs_server_port > 0 && strlen(fs_server_ip) > 0) - { - FS_set_para(g_tsg_statis_para.fs2_handle, STATS_SERVER_IP,fs_server_ip, strlen(fs_server_ip)+1); - FS_set_para(g_tsg_statis_para.fs2_handle, STATS_SERVER_PORT,&(fs_server_port), sizeof(fs_server_port)); - } + if (fs_server_port > 0 && strlen(fs_server_ip) > 0) + { + fieldstat_set_line_protocol_server(g_tsg_statis_para.statistic_handle, fs_server_ip, fs_server_port); + } - int output_influx_line=FS_OUTPUT_INFLUX_LINE; - FS_set_para(g_tsg_statis_para.fs2_handle, STATS_FORMAT, &output_influx_line, sizeof(output_influx_line)); + const char *static_column_name[STATIS_MAX] = {"", "", "", "new_conn_num", "established_conn_num", "close_conn_num", "total_in_bytes", "total_out_bytes", "total_in_packets", "total_out_packets", + "default_conn_num", "default_in_bytes", "default_out_bytes", "default_in_packets", "default_out_packets", + "allow_conn_num", "allow_in_bytes", "allow_out_bytes", "allow_in_packets", "allow_out_packets", + "deny_conn_num", "deny_in_bytes", "deny_out_bytes", "deny_in_packets", "deny_out_packets", + "monitor_conn_num", "monitor_in_bytes", "monitor_out_bytes", "monitor_in_packets", "monitor_out_packets", + "intercept_conn_num", "intercept_in_bytes", "intercept_out_bytes", "intercept_in_packets", "intercept_out_packets", + "ipv4_in_packets", "ipv4_in_bytes", "ipv4_out_packets", "ipv4_out_bytes", + "ipv6_in_packets", "ipv6_in_bytes", "ipv6_out_packets", "ipv6_out_bytes", + "tcp_conn_num", "tcp_in_packets", "tcp_in_bytes", "tcp_out_packets", "tcp_out_bytes", + "udp_conn_num", "udp_in_packets", "udp_in_bytes", "udp_out_packets", "udp_out_bytes", + "alert_bytes", "block_bytes", "pinning_num", "maybe_pinning_num", "not_pinning_num"}; - g_tsg_statis_para.fs_field_id[STATIS_NEW_CON_NUM]=FS_register(g_tsg_statis_para.fs2_handle, FS_STYLE_COLUMN, FS_CALC_SPEED, (char *)"new_conn_num"); - g_tsg_statis_para.fs_field_id[STATIS_ESTABLISHED_CON_NUM]=FS_register(g_tsg_statis_para.fs2_handle, FS_STYLE_COLUMN, FS_CALC_CURRENT, (char *)"established_conn_num"); - g_tsg_statis_para.fs_field_id[STATIS_CLOSE_CON_NUM]=FS_register(g_tsg_statis_para.fs2_handle, FS_STYLE_COLUMN, FS_CALC_SPEED, (char *)"close_conn_num"); - g_tsg_statis_para.fs_field_id[STATIS_TOTAL_IN_BYTES]=FS_register(g_tsg_statis_para.fs2_handle, FS_STYLE_COLUMN, FS_CALC_SPEED, (char *)"total_in_bytes"); - g_tsg_statis_para.fs_field_id[STATIS_TOTAL_OUT_BYTES]=FS_register(g_tsg_statis_para.fs2_handle, FS_STYLE_COLUMN, FS_CALC_SPEED, (char *)"total_out_bytes"); - g_tsg_statis_para.fs_field_id[STATIS_TOTAL_IN_PACKETS]=FS_register(g_tsg_statis_para.fs2_handle, FS_STYLE_COLUMN, FS_CALC_SPEED, (char *)"total_in_packets"); - g_tsg_statis_para.fs_field_id[STATIS_TOTAL_OUT_PACKETS]=FS_register(g_tsg_statis_para.fs2_handle, FS_STYLE_COLUMN, FS_CALC_SPEED, (char *)"total_out_packets"); + enum field_type static_column_type[STATIS_MAX] = {FIELD_TYPE_COUNTER}; + static_column_type[STATIS_ESTABLISHED_CON_NUM] = FIELD_TYPE_GAUGE; - g_tsg_statis_para.fs_field_id[STATIS_DEFAULT_CON_NUM]=FS_register(g_tsg_statis_para.fs2_handle, FS_STYLE_COLUMN, FS_CALC_SPEED, (char *)"default_conn_num"); - g_tsg_statis_para.fs_field_id[STATIS_DEFAULT_IN_BYTES]=FS_register(g_tsg_statis_para.fs2_handle, FS_STYLE_COLUMN, FS_CALC_SPEED, (char *)"default_in_bytes"); - g_tsg_statis_para.fs_field_id[STATIS_DEFAULT_OUT_BYTES]=FS_register(g_tsg_statis_para.fs2_handle, FS_STYLE_COLUMN, FS_CALC_SPEED, (char *)"default_out_bytes"); - g_tsg_statis_para.fs_field_id[STATIS_DEFAULT_IN_PACKETS]=FS_register(g_tsg_statis_para.fs2_handle, FS_STYLE_COLUMN, FS_CALC_SPEED, (char *)"default_in_packets"); - g_tsg_statis_para.fs_field_id[STATIS_DEFAULT_OUT_PACKETS]=FS_register(g_tsg_statis_para.fs2_handle, FS_STYLE_COLUMN, FS_CALC_SPEED, (char *)"default_out_packets"); + g_tsg_statis_para.static_table_id = fieldstat_register_table(g_tsg_statis_para.statistic_handle, app_name, static_column_name + STATIS_NEW_CON_NUM, static_column_type + STATIS_NEW_CON_NUM, (size_t)(STATIS_MAX - STATIS_NEW_CON_NUM)); + fieldstat_register_table_row(g_tsg_statis_para.statistic_handle, g_tsg_statis_para.static_table_id, (const char *)"TRAFFIC", NULL, 0, g_tsg_statis_para.static_column_id + STATIS_NEW_CON_NUM); - g_tsg_statis_para.fs_field_id[STATIS_ALLOW_CON_NUM]=FS_register(g_tsg_statis_para.fs2_handle, FS_STYLE_COLUMN, FS_CALC_SPEED, (char *)"allow_conn_num"); - g_tsg_statis_para.fs_field_id[STATIS_ALLOW_IN_BYTES]=FS_register(g_tsg_statis_para.fs2_handle, FS_STYLE_COLUMN, FS_CALC_SPEED, (char *)"allow_in_bytes"); - g_tsg_statis_para.fs_field_id[STATIS_ALLOW_OUT_BYTES]=FS_register(g_tsg_statis_para.fs2_handle, FS_STYLE_COLUMN, FS_CALC_SPEED, (char *)"allow_out_bytes"); - g_tsg_statis_para.fs_field_id[STATIS_ALLOW_IN_PACKETS]=FS_register(g_tsg_statis_para.fs2_handle, FS_STYLE_COLUMN, FS_CALC_SPEED, (char *)"allow_in_packets"); - g_tsg_statis_para.fs_field_id[STATIS_ALLOW_OUT_PACKETS]=FS_register(g_tsg_statis_para.fs2_handle, FS_STYLE_COLUMN, FS_CALC_SPEED, (char *)"allow_out_packets"); - - g_tsg_statis_para.fs_field_id[STATIS_DENY_CON_NUM]=FS_register(g_tsg_statis_para.fs2_handle, FS_STYLE_COLUMN, FS_CALC_SPEED, (char *)"deny_conn_num"); - g_tsg_statis_para.fs_field_id[STATIS_DENY_IN_BYTES]=FS_register(g_tsg_statis_para.fs2_handle, FS_STYLE_COLUMN, FS_CALC_SPEED, (char *)"deny_in_bytes"); - g_tsg_statis_para.fs_field_id[STATIS_DENY_OUT_BYTES]=FS_register(g_tsg_statis_para.fs2_handle, FS_STYLE_COLUMN, FS_CALC_SPEED, (char *)"deny_out_bytes"); - g_tsg_statis_para.fs_field_id[STATIS_DENY_IN_PACKETS]=FS_register(g_tsg_statis_para.fs2_handle, FS_STYLE_COLUMN, FS_CALC_SPEED, (char *)"deny_in_packets"); - g_tsg_statis_para.fs_field_id[STATIS_DENY_OUT_PACKETS]=FS_register(g_tsg_statis_para.fs2_handle, FS_STYLE_COLUMN, FS_CALC_SPEED, (char *)"deny_out_packets"); - - g_tsg_statis_para.fs_field_id[STATIS_MONITOR_CON_NUM]=FS_register(g_tsg_statis_para.fs2_handle, FS_STYLE_COLUMN, FS_CALC_SPEED, (char *)"monitor_conn_num"); - g_tsg_statis_para.fs_field_id[STATIS_MONITOR_IN_BYTES]=FS_register(g_tsg_statis_para.fs2_handle, FS_STYLE_COLUMN, FS_CALC_SPEED, (char *)"monitor_in_bytes"); - g_tsg_statis_para.fs_field_id[STATIS_MONITOR_OUT_BYTES]=FS_register(g_tsg_statis_para.fs2_handle, FS_STYLE_COLUMN, FS_CALC_SPEED, (char *)"monitor_out_bytes"); - g_tsg_statis_para.fs_field_id[STATIS_MONITOR_IN_PACKETS]=FS_register(g_tsg_statis_para.fs2_handle, FS_STYLE_COLUMN, FS_CALC_SPEED, (char *)"monitor_in_packets"); - g_tsg_statis_para.fs_field_id[STATIS_MONITOR_OUT_PACKETS]=FS_register(g_tsg_statis_para.fs2_handle, FS_STYLE_COLUMN, FS_CALC_SPEED, (char *)"monitor_out_packets"); - - g_tsg_statis_para.fs_field_id[STATIS_INTERCEPT_CON_NUM]=FS_register(g_tsg_statis_para.fs2_handle, FS_STYLE_COLUMN, FS_CALC_SPEED, (char *)"intercept_conn_num"); - g_tsg_statis_para.fs_field_id[STATIS_INTERCEPT_IN_BYTES]=FS_register(g_tsg_statis_para.fs2_handle, FS_STYLE_COLUMN, FS_CALC_SPEED, (char *)"intercept_in_bytes"); - g_tsg_statis_para.fs_field_id[STATIS_INTERCEPT_OUT_BYTES]=FS_register(g_tsg_statis_para.fs2_handle, FS_STYLE_COLUMN, FS_CALC_SPEED, (char *)"intercept_out_bytes"); - g_tsg_statis_para.fs_field_id[STATIS_INTERCEPT_IN_PACKETS]=FS_register(g_tsg_statis_para.fs2_handle, FS_STYLE_COLUMN, FS_CALC_SPEED, (char *)"intercept_in_packets"); - g_tsg_statis_para.fs_field_id[STATIS_INTERCEPT_OUT_PACKETS]=FS_register(g_tsg_statis_para.fs2_handle, FS_STYLE_COLUMN, FS_CALC_SPEED, (char *)"intercept_out_packets"); - - g_tsg_statis_para.fs_field_id[STATIS_IPV4_IN_PACKETS]=FS_register(g_tsg_statis_para.fs2_handle, FS_STYLE_COLUMN, FS_CALC_SPEED, (char *)"ipv4_in_packets"); - g_tsg_statis_para.fs_field_id[STATIS_IPV4_IN_BYTES]=FS_register(g_tsg_statis_para.fs2_handle, FS_STYLE_COLUMN, FS_CALC_SPEED, (char *)"ipv4_in_bytes"); - g_tsg_statis_para.fs_field_id[STATIS_IPV4_OUT_PACKETS]=FS_register(g_tsg_statis_para.fs2_handle, FS_STYLE_COLUMN, FS_CALC_SPEED, (char *)"ipv4_out_packets"); - g_tsg_statis_para.fs_field_id[STATIS_IPV4_OUT_BYTES]=FS_register(g_tsg_statis_para.fs2_handle, FS_STYLE_COLUMN, FS_CALC_SPEED, (char *)"ipv4_out_bytes"); - - g_tsg_statis_para.fs_field_id[STATIS_IPV6_IN_PACKETS]=FS_register(g_tsg_statis_para.fs2_handle, FS_STYLE_COLUMN, FS_CALC_SPEED, (char *)"ipv6_in_packets"); - g_tsg_statis_para.fs_field_id[STATIS_IPV6_IN_BYTES]=FS_register(g_tsg_statis_para.fs2_handle, FS_STYLE_COLUMN, FS_CALC_SPEED, (char *)"ipv6_in_bytes"); - g_tsg_statis_para.fs_field_id[STATIS_IPV6_OUT_PACKETS]=FS_register(g_tsg_statis_para.fs2_handle, FS_STYLE_COLUMN, FS_CALC_SPEED, (char *)"ipv6_out_packets"); - g_tsg_statis_para.fs_field_id[STATIS_IPV6_OUT_BYTES]=FS_register(g_tsg_statis_para.fs2_handle, FS_STYLE_COLUMN, FS_CALC_SPEED, (char *)"ipv6_out_bytes"); - - g_tsg_statis_para.fs_field_id[STATIS_TCP_NEW_CON_NUM]=FS_register(g_tsg_statis_para.fs2_handle, FS_STYLE_COLUMN, FS_CALC_SPEED, (char *)"tcp_conn_num"); - g_tsg_statis_para.fs_field_id[STATIS_TCP_IN_PACKETS]=FS_register(g_tsg_statis_para.fs2_handle, FS_STYLE_COLUMN, FS_CALC_SPEED, (char *)"tcp_in_packets"); - g_tsg_statis_para.fs_field_id[STATIS_TCP_IN_BYTES]=FS_register(g_tsg_statis_para.fs2_handle, FS_STYLE_COLUMN, FS_CALC_SPEED, (char *)"tcp_in_bytes"); - g_tsg_statis_para.fs_field_id[STATIS_TCP_OUT_PACKETS]=FS_register(g_tsg_statis_para.fs2_handle, FS_STYLE_COLUMN, FS_CALC_SPEED, (char *)"tcp_out_packets"); - g_tsg_statis_para.fs_field_id[STATIS_TCP_OUT_BYTES]=FS_register(g_tsg_statis_para.fs2_handle, FS_STYLE_COLUMN, FS_CALC_SPEED, (char *)"tcp_out_bytes"); - - g_tsg_statis_para.fs_field_id[STATIS_UDP_NEW_CON_NUM]=FS_register(g_tsg_statis_para.fs2_handle, FS_STYLE_COLUMN, FS_CALC_SPEED, (char *)"udp_conn_num"); - g_tsg_statis_para.fs_field_id[STATIS_UDP_IN_PACKETS]=FS_register(g_tsg_statis_para.fs2_handle, FS_STYLE_COLUMN, FS_CALC_SPEED, (char *)"udp_in_packets"); - g_tsg_statis_para.fs_field_id[STATIS_UDP_IN_BYTES]=FS_register(g_tsg_statis_para.fs2_handle, FS_STYLE_COLUMN, FS_CALC_SPEED, (char *)"udp_in_bytes"); - g_tsg_statis_para.fs_field_id[STATIS_UDP_OUT_PACKETS]=FS_register(g_tsg_statis_para.fs2_handle, FS_STYLE_COLUMN, FS_CALC_SPEED, (char *)"udp_out_packets"); - g_tsg_statis_para.fs_field_id[STATIS_UDP_OUT_BYTES]=FS_register(g_tsg_statis_para.fs2_handle, FS_STYLE_COLUMN, FS_CALC_SPEED, (char *)"udp_out_bytes"); - - g_tsg_statis_para.fs_field_id[STATIS_ALERT_BYTES]=FS_register(g_tsg_statis_para.fs2_handle, FS_STYLE_COLUMN, FS_CALC_SPEED, (char *)"alert_bytes"); - g_tsg_statis_para.fs_field_id[STATIS_BLOCK_BYTES]=FS_register(g_tsg_statis_para.fs2_handle, FS_STYLE_COLUMN, FS_CALC_SPEED, (char *)"block_bytes"); - g_tsg_statis_para.fs_field_id[STATIS_PINNING_NUM]=FS_register(g_tsg_statis_para.fs2_handle, FS_STYLE_COLUMN, FS_CALC_SPEED, (char *)"pinning_num"); - g_tsg_statis_para.fs_field_id[STATIS_MAYBE_PINNING_NUM]=FS_register(g_tsg_statis_para.fs2_handle, FS_STYLE_COLUMN, FS_CALC_SPEED, (char *)"maybe_pinning_num"); - g_tsg_statis_para.fs_field_id[STATIS_NOT_PINNING_NUM]=FS_register(g_tsg_statis_para.fs2_handle, FS_STYLE_COLUMN, FS_CALC_SPEED, (char *)"not_pinning_num"); - - g_tsg_statis_para.fs_line_id=FS_register(g_tsg_statis_para.fs2_handle, FS_STYLE_LINE, FS_CALC_CURRENT, (const char *)"TRAFFIC"); + int ret=tsg_statistic_metric_init(conffile, logger); + if(ret<0) + { + MESA_handle_runtime_log(logger, RLOG_LV_FATAL, "INIT_METRIC", "tsg_statistic_metric_init failed ..."); + return -1; + } pthread_create(&g_tsg_statis_para.stat_thread_id, NULL, tsg_statistic_thread, NULL); return 0; } +void tsg_statistic_metric_destroy(void) +{ + tsg_metric_tsgs_free(get_thread_count()); + return; +} + void tsg_statistic_destroy(void) { pthread_cancel(g_tsg_statis_para.stat_thread_id); g_tsg_statis_para.thread_alive=0; sleep(g_tsg_statis_para.cycle); - FS_stop(&(g_tsg_statis_para.fs2_handle)); + fieldstat_instance_free(g_tsg_statis_para.statistic_handle); + tsg_statistic_metric_destroy(); return ; } diff --git a/test/src/CMakeLists.txt b/test/src/CMakeLists.txt index bf70bff..d6e2a49 100644 --- a/test/src/CMakeLists.txt +++ b/test/src/CMakeLists.txt @@ -40,7 +40,10 @@ set(TSG_MASTER_SRC ${PROJECT_SOURCE_DIR}/src/tsg_entry.cpp ) add_executable(gtest_master ${TSG_MASTER_SRC} gtest_kafka.cpp gtest_common.cpp gtest_master.cpp) -target_link_libraries(gtest_master gtest-static ctemplate-static cjson MESA_prof_load MESA_handle_logger MESA_jump_layer MESA_field_stat2 maat4 MESA_htable) +target_link_libraries(gtest_master gtest-static ctemplate-static cjson MESA_prof_load MESA_handle_logger MESA_jump_layer MESA_field_stat2 maat4 MESA_htable fieldstat3) add_executable(gtest_sync_session_state ${PROJECT_SOURCE_DIR}/src/tsg_sync_state.cpp gtest_common.cpp gtest_session_state.cpp) target_link_libraries(gtest_sync_session_state gtest-static cjson ctemplate-static) + +add_executable(gtest_fieldstat3 ${PROJECT_SOURCE_DIR}/src/tsg_statistic.cpp gtest_common.cpp gtest_fieldstat3.cpp) +target_link_libraries(gtest_fieldstat3 gtest-static ctemplate-static MESA_field_stat2 fieldstat3 MESA_prof_load MESA_handle_logger) diff --git a/test/src/gtest_common.cpp b/test/src/gtest_common.cpp index e7dd59b..505e94c 100644 --- a/test/src/gtest_common.cpp +++ b/test/src/gtest_common.cpp @@ -27,7 +27,7 @@ const char *printaddr (const struct layer_addr *paddrinfo, int threadindex) int get_thread_count(void) { - return 1; + return 8; } int MESA_rst_tcp(struct streaminfo * stream, struct rst_tcp_para * paras, int para_len) @@ -100,6 +100,16 @@ int MESA_set_stream_opt(const struct streaminfo * pstream, enum MESA_stream_opt int MESA_get_stream_opt(const struct streaminfo * pstream, enum MESA_stream_opt opt, void * opt_val, int * opt_val_len) { + if (*opt_val_len == 2) + { + *(u_short *)opt_val = 2; + } + + if (*opt_val_len == 8) + { + *(long long *)opt_val = 5; + } + return 0; } diff --git a/test/src/gtest_fieldstat3.cpp b/test/src/gtest_fieldstat3.cpp new file mode 100644 index 0000000..0e9df5c --- /dev/null +++ b/test/src/gtest_fieldstat3.cpp @@ -0,0 +1,169 @@ +#include +#include +#include +#include + +#include "tsg_entry.h" +#include "gtest_common.h" +#include "tsg_variable.h" +#include +#include + +#include + +const char *tsg_gtest_conffile = "tsgconf/main.conf"; +extern struct tsg_statistic g_tsg_statis_para; +pthread_t g_pid[8]; + +TEST(FIELDSATA3, InterceptIllegalParameter) +{ + struct _traffic_info _info; + struct maat_rule p_result; + + int ret = tsg_set_intercept_flow(NULL, &_info, 0); + EXPECT_EQ(ret, -1); + + ret = tsg_set_intercept_flow(&p_result, NULL, 0); + EXPECT_EQ(ret, -1); + + ret = tsg_set_intercept_flow(&p_result, &_info, -1); + EXPECT_EQ(ret, -1); +} + +TEST(FIELDSATA3, PolicyIllegalParameter) +{ + struct maat_rule p_result; + struct streaminfo a_stream; + + int ret = tsg_set_policy_flow(NULL, &p_result, 0); + EXPECT_EQ(ret, -1); + + ret = tsg_set_policy_flow(&a_stream, NULL, 0); + EXPECT_EQ(ret, -1); + + ret = tsg_set_policy_flow(&a_stream, &p_result, -1); + EXPECT_EQ(ret, -1); +} + +TEST(FIELDSATA3, Intercept) +{ + struct _traffic_info _info; + struct maat_rule p_result; + + _info.con_num = 10; + _info.in_bytes = 1000; + _info.in_packets = 25; + _info.out_bytes = 1001; + _info.out_packets = 24; + + p_result.action = TSG_ACTION_INTERCEPT; + p_result.rule_id = 95536; + p_result.do_log = 1; + p_result.service_id = 10; + + for (int i = 0; i < 50000; i++) + { + // p_result.rule_id += i; + // _info.in_bytes += i; + int ret = tsg_set_intercept_flow(&p_result, &_info, 0); + EXPECT_EQ(ret, 0); + // usleep(500); + } +} + +TEST(FIELDSATA3, PolicyFlow) +{ + struct maat_rule p_result; + struct streaminfo a_stream; + + p_result.action = TSG_ACTION_MONITOR; + p_result.rule_id = 95500; + + for (int i = 0; i < 50000; i++) + { + // p_result.rule_id += i; + // _info.in_bytes += i; + int ret = tsg_set_policy_flow(&a_stream, &p_result, 0); + EXPECT_EQ(ret, 0); + // usleep(500); + } +} + +#if 0 +void *run_time_funtion(void *arg) +{ + uint8_t pid = *(uint8_t *)arg; + + struct maat_rule p_result; + struct streaminfo a_stream; + struct _traffic_info _info; + + while (1) + { + srand(time(NULL)); + p_result.action = TSG_ACTION_MONITOR; + p_result.rule_id = rand() % 95500; + + usleep(rand() % 500); + int ret = tsg_set_policy_flow(&a_stream, &p_result, pid); + EXPECT_EQ(ret, 0); + + srand(time(NULL)); + usleep(rand() % 500); + + p_result.action = TSG_ACTION_DENY; + p_result.rule_id = rand() % 95500; + ret = tsg_set_policy_flow(&a_stream, &p_result, pid); + EXPECT_EQ(ret, 0); + + srand(time(NULL)); + usleep(rand() % 500); + + p_result.action = TSG_ACTION_BYPASS; + p_result.rule_id = rand() % 95500; + ret = tsg_set_policy_flow(&a_stream, &p_result, pid); + EXPECT_EQ(ret, 0); + + _info.con_num = rand() % 10; + _info.in_bytes = rand() % 1000; + _info.in_packets = rand() % 25; + _info.out_bytes = rand() % 1001; + _info.out_packets = rand() % 24; + + p_result.action = TSG_ACTION_INTERCEPT; + p_result.rule_id = rand() % 95536; + + ret = tsg_set_intercept_flow(&p_result, &_info, pid); + EXPECT_EQ(ret, 0); + } + + return NULL; +} + +TEST(FIELDSATA3, MultiThreading) +{ + for (uint8_t i = 0; i < 8; i++) + { + uint8_t i_pid = i; + pthread_create(g_pid + i, NULL, run_time_funtion, (void *)&i_pid); + EXPECT_NE(g_pid[i], 0); + } +} +#endif + +int main(int argc, char *argv[]) +{ + void *logger = MESA_create_runtime_log_handle("log/gtest_fieldstat3.log", RLOG_LV_FATAL); + tsg_statistic_init(tsg_gtest_conffile, logger); + testing::InitGoogleTest(&argc, argv); + int ret = RUN_ALL_TESTS(); +// sleep(30); +// for (int i = 0; i < 8; i++) +// { +// pthread_cancel(g_pid[i]); +// } + + tsg_statistic_destroy(); + + return ret; +}