From 484feaed94006226f610ef68015c4a38ac150054 Mon Sep 17 00:00:00 2001 From: liuxueli Date: Tue, 19 Nov 2019 13:39:37 +0800 Subject: [PATCH] =?UTF-8?q?=E5=A2=9E=E5=8A=A0=E8=8E=B7=E5=8F=96deny?= =?UTF-8?q?=E7=BB=93=E6=9E=9C=E8=A7=84=E5=88=99=E7=9A=84=E6=8E=A5=E5=8F=A3?= =?UTF-8?q?=20=E4=BF=AE=E5=A4=8D=E8=87=AA=E6=B5=8B=E8=AF=95=E8=BF=87?= =?UTF-8?q?=E7=A8=8B=E4=B8=AD=E9=81=87=E5=88=B0=E7=9A=84BUG?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- inc/tsg_rule.h | 11 ++--- inc/tsg_send_log.h | 8 ---- src/CMakeLists.txt | 2 +- src/tsg_entry.cpp | 23 ++++----- src/tsg_entry.h | 13 +---- src/tsg_rule.cpp | 57 ++++++++++++++++++++-- src/tsg_send_log.cpp | 96 ++++++++++++++----------------------- src/tsg_send_log_internal.h | 27 ++++++----- src/version.map | 3 +- 9 files changed, 125 insertions(+), 115 deletions(-) diff --git a/inc/tsg_rule.h b/inc/tsg_rule.h index 4e0e198..7fd7a93 100644 --- a/inc/tsg_rule.h +++ b/inc/tsg_rule.h @@ -3,11 +3,6 @@ #include -#ifdef __cplusplus -extern "C" -{ -#endif - typedef enum _tsg_protocol { PROTO_UNKONWN=0, @@ -27,6 +22,7 @@ typedef enum _tsg_protocol }tsg_protocol_t; +#define MAX_RESULT_NUM 8 #define MAX_DOAMIN_LEN 2048 struct _identify_info @@ -59,8 +55,7 @@ int tsg_shared_table_init(const char *conffile, Maat_feather_t maat_feather, voi //return value: -1: failed, 0: not hit, >0: hit count int tsg_scan_shared_policy(Maat_feather_t maat_feather, void *pkt, int pkt_len, Maat_rule_t *result, int result_num, struct _identify_info *identify_info, scan_status_t *mid, void *logger, int thread_seq); -#ifdef __cplusplus -} -#endif +//return NULL if none exists, otherwise return one deny rule; +Maat_rule_t *tsg_fetch_deny_rule(Maat_rule_t *result, int result_num); #endif diff --git a/inc/tsg_send_log.h b/inc/tsg_send_log.h index cb0f5d7..0115f46 100644 --- a/inc/tsg_send_log.h +++ b/inc/tsg_send_log.h @@ -3,10 +3,6 @@ #include -#ifdef __cplusplus -extern "C" -{ -#endif typedef struct _tsg_log { @@ -37,8 +33,4 @@ int TLD_cancel(TLD_handle_t handle); int tsg_send_log(tsg_log_instance_t instance, TLD_handle_t handle, tsg_log_t *log_msg, int thread_id); -#ifdef __cplusplus -} -#endif - #endif diff --git a/src/CMakeLists.txt b/src/CMakeLists.txt index dd58965..b41393f 100644 --- a/src/CMakeLists.txt +++ b/src/CMakeLists.txt @@ -7,7 +7,7 @@ set(SRC tsg_entry.cpp tsg_rule.cpp tsg_ssl_utils.cpp tsg_send_log.cpp) include_directories(${CMAKE_SOURCE_DIR}/inc) include_directories(/opt/MESA/include/MESA/) -set(TSG_MASTER_DEPEND_DYN_LIB MESA_handle_logger MESA_prof_load maatframe pthread MESA_field_stat2) +set(TSG_MASTER_DEPEND_DYN_LIB MESA_handle_logger MESA_prof_load maatframe pthread MESA_field_stat2 rdkafka cjson) set(CMAKE_INSTALL_PREFIX /home/mesasoft/sapp_run) diff --git a/src/tsg_entry.cpp b/src/tsg_entry.cpp index d104cb6..439d246 100644 --- a/src/tsg_entry.cpp +++ b/src/tsg_entry.cpp @@ -14,7 +14,7 @@ -char TSG_MASTER_VERSION_20191115=0; +char TSG_MASTER_VERSION_20191119=0; const char *tsg_conffile="tsgconf/main.conf"; g_tsg_para_t g_tsg_para; @@ -85,7 +85,7 @@ static Maat_rule_t *tsg_policy_decision_criteria(Maat_rule_t *result, int result for(i=1; ip_result->action) + if((unsigned char)result[i].action>(unsigned char)p_result->action) { p_result=&result[i]; continue; @@ -105,7 +105,7 @@ static Maat_rule_t *tsg_policy_decision_criteria(Maat_rule_t *result, int result extern "C" char TSG_MASTER_TCPALL_ENTRY(struct streaminfo *a_tcp, void **pme, int thread_seq,void *a_packet) { - int send_log=0; + int send_log=0,identify_flag=0; int ret=0,hit_num=0,ip_policy=0; int state=APP_STATE_DROPME; scan_status_t mid=NULL; @@ -122,12 +122,13 @@ extern "C" char TSG_MASTER_TCPALL_ENTRY(struct streaminfo *a_tcp, void **pme, in switch(a_tcp->pktstate) { case OP_STATE_PENDING: + case OP_STATE_DATA: if((a_tcp->ptcpdetail->pdata==NULL) || (a_tcp->ptcpdetail->datalen<=0) || (a_tcp->dir==DIR_DOUBLE && a_tcp->curdir==DIR_S2C)) { return APP_STATE_GIVEME; } - ret=tsg_scan_nesting_addr(g_tsg_maat_feather, a_tcp, PROTO_MAX, &mid, all_result, MAX_RESULT_NUM-hit_num); + ret=tsg_scan_nesting_addr(g_tsg_maat_feather, a_tcp, PROTO_MAX, &mid, all_result+hit_num, MAX_RESULT_NUM-hit_num); if(ret>0) { hit_num+=ret; @@ -142,7 +143,7 @@ extern "C" char TSG_MASTER_TCPALL_ENTRY(struct streaminfo *a_tcp, void **pme, in ret=tsg_scan_shared_policy(g_tsg_maat_feather, a_tcp->ptcpdetail->pdata, a_tcp->ptcpdetail->datalen, - all_result, + all_result+hit_num, MAX_RESULT_NUM-hit_num, &identify_info, &mid, @@ -151,6 +152,7 @@ extern "C" char TSG_MASTER_TCPALL_ENTRY(struct streaminfo *a_tcp, void **pme, in if(ret>0) { hit_num+=ret; + identify_flag=1; } } @@ -164,7 +166,7 @@ extern "C" char TSG_MASTER_TCPALL_ENTRY(struct streaminfo *a_tcp, void **pme, in send_log=1; } - switch(p_result->action) + switch((unsigned char)p_result->action) { case TSG_ACTION_DENY: if(ip_policy==1) @@ -203,13 +205,13 @@ extern "C" char TSG_MASTER_TCPALL_ENTRY(struct streaminfo *a_tcp, void **pme, in if(send_log==1 && p_result->do_log>0) { TLD_handle=TLD_create(thread_seq); - if(priority_label->proto!=PROTO_UNKONWN) + if(identify_flag==1) { schema_field_name=log_field_id2name(g_tsg_log_instance, LOG_COMMON_SCHAME_TYPE); - TLD_append(TLD_handle, schema_field_name, (void *)((priority_label->proto==PROTO_HTTP) ? "HTTP" : "SSL"), TLD_TYPE_LONG); + TLD_append(TLD_handle, schema_field_name, (void *)((identify_info.proto==PROTO_HTTP) ? "HTTP" : "SSL"), TLD_TYPE_STRING); - domain_field_name=log_field_id2name(g_tsg_log_instance, ((priority_label->proto==PROTO_HTTP) ? LOG_HTTP_HOST : LOG_SSL_SNI)); - TLD_append(TLD_handle, domain_field_name, (void *)priority_label->domain, TLD_TYPE_STRING); + domain_field_name=log_field_id2name(g_tsg_log_instance, ((identify_info.proto==PROTO_HTTP) ? LOG_HTTP_HOST : LOG_SSL_SNI)); + TLD_append(TLD_handle, domain_field_name, (void *)identify_info.domain, TLD_TYPE_STRING); } log_msg.a_stream=a_tcp; @@ -219,7 +221,6 @@ extern "C" char TSG_MASTER_TCPALL_ENTRY(struct streaminfo *a_tcp, void **pme, in } } break; - case OP_STATE_DATA: case OP_STATE_CLOSE: default: break; diff --git a/src/tsg_entry.h b/src/tsg_entry.h index f3c9734..d4aa7b1 100644 --- a/src/tsg_entry.h +++ b/src/tsg_entry.h @@ -2,11 +2,7 @@ #define __TSG_ENTRY_H__ #include - -#define FW_ACTION_UNKNOWN 0x00 -#define FW_ACTION_DROP 0x01 -#define FW_ACTION_RESET 0x02 -#define FW_ACTION_BLOCK 0x04 +#include "tsg_rule.h" #define TSG_ACTION_NONE 0x00 #define TSG_ACTION_MONITOR 0x01 @@ -15,10 +11,6 @@ #define TSG_ACTION_MANIPULATE 0x30 #define TSG_ACTION_BYPASS 0x80 - -#define MAX_RESULT_NUM 8 -#define MAX_DOAMIN_LEN 2048 - typedef struct _policy_priority_label { tsg_protocol_t proto; //enum _tsg_protocol (tsg_types.h) @@ -38,8 +30,7 @@ typedef struct _tsg_para void *logger; }g_tsg_para_t; - - extern g_tsg_para_t g_tsg_para; + #endif \ No newline at end of file diff --git a/src/tsg_rule.cpp b/src/tsg_rule.cpp index 3d9642a..9685c4f 100644 --- a/src/tsg_rule.cpp +++ b/src/tsg_rule.cpp @@ -122,6 +122,29 @@ int tsg_rule_init(const char* conffile, void *logger) MESA_load_profile_string_def(conffile, module, "IP_ADDR_TABLE", ip_addr_table, sizeof(ip_addr_table), "TSG_OBJ_IP_ADDR"); MESA_load_profile_string_def(conffile, module, "SUBSCRIBER_ID_TABLE", subscriber_id_table, sizeof(subscriber_id_table), "TSG_OBJ_SUBSCRIBER_ID"); + + g_tsg_para.ip_addr_table_id=Maat_table_register(g_tsg_maat_feather, ip_addr_table); + if(g_tsg_para.ip_addr_table_id<0) + { + MESA_handle_runtime_log(logger, RLOG_LV_FATAL, "Maat_table_register %s failed", ip_addr_table); + return -1; + } + + g_tsg_para.subscribe_id_table_id=Maat_table_register(g_tsg_maat_feather, subscriber_id_table); + if(g_tsg_para.subscribe_id_table_id<0) + { + MESA_handle_runtime_log(logger, RLOG_LV_FATAL, "RULE_INIT", "Maat_table_register %s failed", subscriber_id_table); + return -1; + } + + ret=tsg_shared_table_init(conffile, g_tsg_maat_feather, logger); + if(ret<0) + { + MESA_handle_runtime_log(logger, RLOG_LV_FATAL, "RULE_INIT", "tsg_shared_table_init %s failed"); + return -1; + } + + return 0; } static void protocol_identify(char *buff, int buff_len, struct _identify_info *result){ @@ -195,7 +218,7 @@ int tsg_pull_policy_result(struct streaminfo *a_stream, PULL_RESULT_TYPE pull_re return 0; } -int tsg_scan_nesting_addr(Maat_feather_t maat_feather, struct streaminfo *a_stream, tsg_protocol_t proto, scan_status_t *mid, Maat_rule_t*result, int result_num) +int tsg_scan_nesting_addr(Maat_feather_t maat_feather, const struct streaminfo *a_stream, tsg_protocol_t proto, scan_status_t *mid, Maat_rule_t*result, int result_num) { struct ipaddr t_addr; struct ipaddr* p_addr = NULL; @@ -292,7 +315,8 @@ int tsg_scan_nesting_addr(Maat_feather_t maat_feather, struct streaminfo *a_stre //return value: -1: failed, 0: not hit, >0: hit count int tsg_scan_shared_policy(Maat_feather_t maat_feather, void *pkt, int pkt_len, Maat_rule_t *result, int result_num, - struct _identify_info *identify_info, scan_status_t *mid, void *logger, int thread_seq){ + struct _identify_info *identify_info, scan_status_t *mid, void *logger, int thread_seq) +{ memset(identify_info, 0, sizeof(*identify_info)); protocol_identify((char*)pkt, pkt_len, identify_info); if(identify_info->proto != PROTO_SSL && identify_info->proto != PROTO_HTTP){ @@ -307,4 +331,31 @@ int tsg_scan_shared_policy(Maat_feather_t maat_feather, void *pkt, int pkt_len, } return Maat_full_scan_string(g_tsg_maat_feather, tableid, CHARSET_UTF8, identify_info->domain, identify_info->domain_len, result, NULL, result_num, mid, thread_seq); -} \ No newline at end of file +} + + +Maat_rule_t *tsg_fetch_deny_rule(Maat_rule_t *result, int result_num) +{ + int i=0; + Maat_rule_t *p_result=NULL; + + for(i=0; i< result_num; i++) + { + if(result[i].action==TSG_ACTION_DENY) + { + if(p_result==NULL) + { + p_result=&result[i]; + continue; + } + + if(result[i].action > p_result->action) + { + p_result=&result[i]; + } + } + } + + return p_result; +} + diff --git a/src/tsg_send_log.cpp b/src/tsg_send_log.cpp index 803b0bb..08732f0 100644 --- a/src/tsg_send_log.cpp +++ b/src/tsg_send_log.cpp @@ -18,7 +18,7 @@ #include "tsg_send_log.h" #include "tsg_send_log_internal.h" -char TSG_SEND_LOG_VERSION_20191115=0; +char TSG_SEND_LOG_VERSION_20191119=0; tsg_log_instance_t g_tsg_log_instance; const id2field_t tld_type[TLD_TYPE_MAX]={{TLD_TYPE_UNKNOWN, TLD_TYPE_UNKNOWN, "UNKOWN"}, @@ -27,6 +27,8 @@ const id2field_t tld_type[TLD_TYPE_MAX]={{TLD_TYPE_UNKNOWN, TLD_TYPE_UNKNOWN, " {TLD_TYPE_FILE, TLD_TYPE_FILE, "FILE"} }; +extern "C" int MESA_get_dev_ipv4(const char *device, int *ip_add); + int TLD_cancel(TLD_handle_t handle) { int thread_id=0; @@ -60,7 +62,6 @@ int TLD_delete(TLD_handle_t handle, char *key) int TLD_append(TLD_handle_t handle, char *key, void *value, TLD_TYPE type) { - char buff[128]={0}; struct _tld_handle *_handle=(struct _tld_handle *)handle; if(_handle==NULL || key==NULL || value==NULL) @@ -71,8 +72,7 @@ int TLD_append(TLD_handle_t handle, char *key, void *value, TLD_TYPE type) switch(type) { case TLD_TYPE_LONG: - snprintf(buff, sizeof(buff), "%ld", *(long *)value); - cJSON_AddStringToObject(_handle->object, key, buff); + cJSON_AddNumberToObject(_handle->object, key, (long)value); break; case TLD_TYPE_FILE: break; @@ -115,6 +115,7 @@ int TLD_append_streaminfo(struct _tsg_log_instance *_instance, struct _tld_handl unsigned short tunnel_type=0; char nest_addr_buf[1024]; char *addr_proto=NULL; + unsigned short c_port=0, s_port=0; int tunnel_type_size=sizeof(tunnel_type); struct layer_addr_ipv4 *ipv4=NULL; struct layer_addr_ipv6 *ipv6=NULL; @@ -126,33 +127,35 @@ int TLD_append_streaminfo(struct _tsg_log_instance *_instance, struct _tld_handl case ADDR_TYPE_IPV4: case __ADDR_TYPE_IP_PAIR_V4: ipv4=a_stream->addr.ipv4; + addr_type=4; + c_port=ntohs(ipv4->source); + s_port=ntohs(ipv4->dest); + inet_ntop(AF_INET, (void *)&ipv4->saddr, client_ip, sizeof(client_ip)); inet_ntop(AF_INET, (void *)&ipv4->daddr, server_ip, sizeof(server_ip)); - - addr_type=4; - TLD_append((TLD_handle_t)_handle, _instance->id2field[LOG_COMMON_SERVER_IP].name, (void *)server_ip, TLD_TYPE_STRING); - TLD_append((TLD_handle_t)_handle, _instance->id2field[LOG_COMMON_CLIENT_IP].name, (void *)client_ip, TLD_TYPE_STRING); - TLD_append((TLD_handle_t)_handle, _instance->id2field[LOG_COMMON_SERVER_PORT].name, (void *)&ipv4->dest, TLD_TYPE_LONG); - TLD_append((TLD_handle_t)_handle, _instance->id2field[LOG_COMMON_CLIENT_PORT].name, (void *)&ipv4->source, TLD_TYPE_LONG); break; case ADDR_TYPE_IPV6: case __ADDR_TYPE_IP_PAIR_V6: ipv6=a_stream->addr.ipv6; + addr_type=6; + c_port=ntohs(ipv6->source); + s_port=ntohs(ipv6->dest); + inet_ntop(AF_INET6, (void *)ipv6->saddr, client_ip, sizeof(client_ip)); inet_ntop(AF_INET6, (void *)ipv6->daddr, server_ip, sizeof(server_ip)); - - addr_type=6; - TLD_append((TLD_handle_t)_handle, _instance->id2field[LOG_COMMON_SERVER_IP].name, (void *)server_ip, TLD_TYPE_STRING); - TLD_append((TLD_handle_t)_handle, _instance->id2field[LOG_COMMON_CLIENT_IP].name, (void *)client_ip, TLD_TYPE_STRING); - TLD_append((TLD_handle_t)_handle, _instance->id2field[LOG_COMMON_SERVER_PORT].name, (void *)&ipv6->dest, TLD_TYPE_LONG); - TLD_append((TLD_handle_t)_handle, _instance->id2field[LOG_COMMON_CLIENT_PORT].name, (void *)&ipv6->source, TLD_TYPE_LONG); break; default: break; } - TLD_append((TLD_handle_t)_handle, _instance->id2field[LOG_COMMON_STREAM_DIR].name, (void *)&a_stream->dir, TLD_TYPE_LONG); - TLD_append((TLD_handle_t)_handle, _instance->id2field[LOG_COMMON_ADDRESS_TYPE].name, (void *)&addr_type, TLD_TYPE_LONG); + + TLD_append((TLD_handle_t)_handle, _instance->id2field[LOG_COMMON_SERVER_IP].name, (void *)server_ip, TLD_TYPE_STRING); + TLD_append((TLD_handle_t)_handle, _instance->id2field[LOG_COMMON_CLIENT_IP].name, (void *)client_ip, TLD_TYPE_STRING); + TLD_append((TLD_handle_t)_handle, _instance->id2field[LOG_COMMON_SERVER_PORT].name, (void *)(long)s_port, TLD_TYPE_LONG); + TLD_append((TLD_handle_t)_handle, _instance->id2field[LOG_COMMON_CLIENT_PORT].name, (void *)(long)c_port, TLD_TYPE_LONG); + + TLD_append((TLD_handle_t)_handle, _instance->id2field[LOG_COMMON_STREAM_DIR].name, (void *)(long)a_stream->dir, TLD_TYPE_LONG); + TLD_append((TLD_handle_t)_handle, _instance->id2field[LOG_COMMON_ADDRESS_TYPE].name, (void *)(long)addr_type, TLD_TYPE_LONG); addr_proto=(char *)layer_addr_prefix_ntop(a_stream); @@ -174,31 +177,6 @@ int TLD_append_streaminfo(struct _tsg_log_instance *_instance, struct _tld_handl return 0; } -static unsigned int get_ip_by_eth_name(const char *ifname) -{ - int sockfd; - struct ifreq ifr; - unsigned int ip; - - sockfd = socket(AF_INET, SOCK_DGRAM, 0); - if (-1 == sockfd) { - goto error; - } - - strcpy(ifr.ifr_name,ifname); - if (ioctl(sockfd, SIOCGIFADDR, &ifr) < 0) { - goto error; - } - - ip = ((struct sockaddr_in*)&(ifr.ifr_addr))->sin_addr.s_addr; - close(sockfd); - return ip; - -error: - close(sockfd); - return INADDR_NONE; -} - static int load_log_common_field(const char *filename, id2field_t *id2field, id2field_t *service2topic) { int i=0; @@ -262,7 +240,7 @@ static int load_log_common_field(const char *filename, id2field_t *id2field, id2 tsg_log_instance_t tsg_sendlog_init(const char *conffile) { - int i=0,level=30; + int i=0,ret=0,level=30; char nic_name[32]={0}; char kafka_errstr[1024]={0}; unsigned int local_ip_nr=0; @@ -289,10 +267,10 @@ tsg_log_instance_t tsg_sendlog_init(const char *conffile) } MESA_load_profile_string_def(conffile, "TSG_LOG", "NIC_NAME", nic_name, sizeof(nic_name), "eth0"); - local_ip_nr=get_ip_by_eth_name(nic_name); - if(local_ip_nr==INADDR_NONE) + ret=MESA_get_dev_ipv4(nic_name, (int *)&local_ip_nr); + if(ret<0) { - MESA_handle_runtime_log(_instance->logger,RLOG_LV_FATAL, "GET_LOCAL_IP","get NIC_NAME: %s error.", nic_name); + MESA_handle_runtime_log(_instance->logger, RLOG_LV_FATAL, "GET_LOCAL_IP", "MESA_get_dev_ipv4 is error, nic_name: %s", nic_name); return NULL; } inet_ntop(AF_INET,&(local_ip_nr),_instance->local_ip_str,sizeof(_instance->local_ip_str)); @@ -375,14 +353,14 @@ int tsg_send_log(tsg_log_instance_t instance, TLD_handle_t handle, tsg_log_t *lo if(log_msg->a_stream!=NULL && log_msg->a_stream->ptcpdetail!=NULL) { - TLD_append((TLD_handle_t)_handle, _instance->id2field[LOG_COMMON_START_TIME].name, (void *)(&log_msg->a_stream->ptcpdetail->createtime), TLD_TYPE_LONG); - TLD_append((TLD_handle_t)_handle, _instance->id2field[LOG_COMMON_END_TIME].name, (void *)(&log_msg->a_stream->ptcpdetail->lastmtime), TLD_TYPE_LONG); + TLD_append((TLD_handle_t)_handle, _instance->id2field[LOG_COMMON_START_TIME].name, (void *)(log_msg->a_stream->ptcpdetail->createtime), TLD_TYPE_LONG); + TLD_append((TLD_handle_t)_handle, _instance->id2field[LOG_COMMON_END_TIME].name, (void *)(log_msg->a_stream->ptcpdetail->lastmtime), TLD_TYPE_LONG); } else { cur_time=time(NULL); - TLD_append((TLD_handle_t)_handle, _instance->id2field[LOG_COMMON_START_TIME].name, (void *)&cur_time, TLD_TYPE_LONG); - TLD_append((TLD_handle_t)_handle, _instance->id2field[LOG_COMMON_END_TIME].name, (void *)&cur_time, TLD_TYPE_LONG); + TLD_append((TLD_handle_t)_handle, _instance->id2field[LOG_COMMON_START_TIME].name, (void *)cur_time, TLD_TYPE_LONG); + TLD_append((TLD_handle_t)_handle, _instance->id2field[LOG_COMMON_END_TIME].name, (void *)cur_time, TLD_TYPE_LONG); } @@ -393,11 +371,11 @@ int tsg_send_log(tsg_log_instance_t instance, TLD_handle_t handle, tsg_log_t *lo } else { - TLD_append((TLD_handle_t)_handle, _instance->id2field[LOG_COMMON_LINK_ID].name, (void *)&vinfo.link_id, TLD_TYPE_LONG); - TLD_append((TLD_handle_t)_handle, _instance->id2field[LOG_COMMON_DIRECTION].name, (void *)&vinfo.link_dir, TLD_TYPE_LONG); - TLD_append((TLD_handle_t)_handle, _instance->id2field[LOG_COMMON_DEVICE_ID].name, (void *)&vinfo.dev_id, TLD_TYPE_LONG); - TLD_append((TLD_handle_t)_handle, _instance->id2field[LOG_COMMON_ENTRANCE_ID].name, (void *)&vinfo.entrance_id, TLD_TYPE_LONG); - TLD_append((TLD_handle_t)_handle, _instance->id2field[LOG_COMMON_ENCAPSULATION].name, (void *)&vinfo.encap_type, TLD_TYPE_LONG); + TLD_append((TLD_handle_t)_handle, _instance->id2field[LOG_COMMON_LINK_ID].name, (void *)(long)vinfo.link_id, TLD_TYPE_LONG); + TLD_append((TLD_handle_t)_handle, _instance->id2field[LOG_COMMON_DIRECTION].name, (void *)(long)vinfo.link_dir, TLD_TYPE_LONG); + TLD_append((TLD_handle_t)_handle, _instance->id2field[LOG_COMMON_DEVICE_ID].name, (void *)(long)vinfo.dev_id, TLD_TYPE_LONG); + TLD_append((TLD_handle_t)_handle, _instance->id2field[LOG_COMMON_ENTRANCE_ID].name, (void *)(long)vinfo.entrance_id, TLD_TYPE_LONG); + TLD_append((TLD_handle_t)_handle, _instance->id2field[LOG_COMMON_ENCAPSULATION].name, (void *)(long)vinfo.encap_type, TLD_TYPE_LONG); } for(i=0;iresult_num; i++) @@ -422,9 +400,9 @@ int tsg_send_log(tsg_log_instance_t instance, TLD_handle_t handle, tsg_log_t *lo break; } - TLD_append((TLD_handle_t)_handle, _instance->id2field[LOG_COMMON_POLICY_ID].name, (void *)(&log_msg->result[i].config_id), TLD_TYPE_LONG); - TLD_append((TLD_handle_t)_handle, _instance->id2field[LOG_COMMON_SERVICE].name, (void *)(&log_msg->result[i].service_id), TLD_TYPE_LONG); - TLD_append((TLD_handle_t)_handle, _instance->id2field[LOG_COMMON_ACTION].name, (void *)(&log_msg->result[i].action), TLD_TYPE_LONG); + TLD_append((TLD_handle_t)_handle, _instance->id2field[LOG_COMMON_POLICY_ID].name, (void *)(long)(log_msg->result[i].config_id), TLD_TYPE_LONG); + TLD_append((TLD_handle_t)_handle, _instance->id2field[LOG_COMMON_SERVICE].name, (void *)(long)(log_msg->result[i].service_id), TLD_TYPE_LONG); + TLD_append((TLD_handle_t)_handle, _instance->id2field[LOG_COMMON_ACTION].name, (void *)(long)((unsigned char)log_msg->result[i].action), TLD_TYPE_LONG); payload = cJSON_PrintUnformatted(_handle->object); diff --git a/src/tsg_send_log_internal.h b/src/tsg_send_log_internal.h index b041aa2..1c1d937 100644 --- a/src/tsg_send_log_internal.h +++ b/src/tsg_send_log_internal.h @@ -4,6 +4,7 @@ #include #include + #define MAX_IPV4_LEN 16 #define MAX_STRING_LEN 32 @@ -22,25 +23,28 @@ enum _DO_LOG typedef enum _tsg_log_field_id { + LOG_COMMON_POLICY_ID=1, LOG_COMMON_SERVICE, - LOG_COMMON_DIRECTION, + LOG_COMMON_ACTION, + LOG_COMMON_START_TIME, + LOG_COMMON_END_TIME, LOG_COMMON_L4_PROTOCOL, LOG_COMMON_ADDRESS_TYPE, - LOG_COMMON_SCHAME_TYPE, - LOG_COMMON_POLICY_ID, - LOG_COMMON_USER_TAG, - LOG_COMMON_ACTION, - LOG_COMMON_USER_REGION, + LOG_COMMON_SERVER_IP, LOG_COMMON_CLIENT_IP, + LOG_COMMON_SERVER_PORT, LOG_COMMON_CLIENT_PORT, + LOG_COMMON_STREAM_DIR, + LOG_COMMON_ADDRESS_LIST, LOG_COMMON_ENTRANCE_ID, LOG_COMMON_DEVICE_ID, LOG_COMMON_LINK_ID, LOG_COMMON_ISP, LOG_COMMON_ENCAPSULATION, - LOG_COMMON_SLED_IP, - LOG_COMMON_SERVER_IP, - LOG_COMMON_SERVER_PORT, + LOG_COMMON_DIRECTION, + LOG_COMMON_SLED_IP, + LOG_COMMON_USER_TAG, + LOG_COMMON_USER_REGION, LOG_COMMON_APP_LABEL, LOG_COMMON_APP_ID, LOG_COMMON_PROTOCOL_ID, @@ -48,14 +52,11 @@ typedef enum _tsg_log_field_id LOG_COMMON_S2C_PKT_NUM, LOG_COMMON_C2S_BYTE_NUM, LOG_COMMON_S2C_BYTE_NUM, - LOG_COMMON_START_TIME, - LOG_COMMON_END_TIME, LOG_COMMON_CON_DURATION_MS, - LOG_COMMON_STREAM_DIR, - LOG_COMMON_ADDRESS_LIST, LOG_COMMON_HAS_DUP_TRAFFIC, LOG_COMMON_STREAM_ERROR, LOG_COMMON_STREAM_TRACE_ID, + LOG_COMMON_SCHAME_TYPE, LOG_HTTP_HOST, LOG_SSL_SNI, LOG_COMMON_MAX diff --git a/src/version.map b/src/version.map index bbd4de5..3e1b353 100644 --- a/src/version.map +++ b/src/version.map @@ -3,11 +3,12 @@ global: extern "C++" { g_*; *TSG_MASTER_INIT*; - *TSG_BWLIST_TCP_ENTRY*; + *TSG_MASTER_TCPALL_ENTRY*; *TSG_MASTER_UNLOAD*; *tsg_send_log*; *tsg_scan_nesting_addr*; *tsg_pull_policy_result*; + *tsg_send_log*; }; local: *; };