diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index 1149708..6f69be0 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -4,7 +4,7 @@ variables: BUILD_IMAGE_CENTOS8: "git.mesalab.cn:7443/mesa_platform/build-env:rockylinux" BUILD_PADDING_PREFIX: /tmp/padding_for_CPACK_RPM_BUILD_SOURCE_DIRS_PREFIX_PREFIX_PREFIX_PREFIX_PREFIX_PREFIX/ INSTALL_PREFIX: "/home/mesasoft/sapp_run/" - INSTALL_DEPENDENCY_LIBRARY: libMESA_handle_logger-devel libcjson-devel libMESA_field_stat2-devel sapp sapp-devel framework_env libMESA_prof_load-devel http-devel dns-devel ftp-devel mail-devel ssl-devel librdkafka-devel libmaatframe-devel quic-devel mesa_sip-devel gtp-devel libMESA_htable-devel libasan mrzcpd rapidjson-devel libMESA_jump_layer-devel stratum-devel rdp-devel dtls-devel + INSTALL_DEPENDENCY_LIBRARY: systemd-devel libbreakpad_mini numactl-devel zlib-devel vim-common libMESA_handle_logger-devel libcjson-devel libMESA_field_stat2-devel sapp sapp-devel framework_env libMESA_prof_load-devel http-devel dns-devel ftp-devel mail-devel ssl-devel librdkafka-devel libmaatframe-devel quic-devel mesa_sip-devel gtp-devel libMESA_htable-devel libasan mrzcpd rapidjson-devel libMESA_jump_layer-devel stratum-devel rdp-devel dtls-devel stages: - build @@ -38,6 +38,7 @@ stages: script: - dnf --enablerepo=powertools install -y libmnl-devel - dnf --enablerepo=powertools install -y libnfnetlink-devel + - dnf --enablerepo=powertools install -y libnsl - ./ci/travis.sh tags: - share diff --git a/CMakeLists.txt b/CMakeLists.txt index 92676fa..d39c8f4 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -36,6 +36,12 @@ set(CMAKE_INSTALL_PREFIX /home/mesasoft/sapp_run) add_subdirectory(support) add_subdirectory(src) +add_subdirectory(vendor) +add_subdirectory(test) + +enable_testing() +add_subdirectory(./ctest) + SET(CPACK_RPM_LIBRARIES_PRE_INSTALL_SCRIPT_FILE "${PROJECT_SOURCE_DIR}/cmake/PreInstall.sh") SET(CPACK_RPM_LIBRARIES_PRE_UNINSTALL_SCRIPT_FILE "${PROJECT_SOURCE_DIR}/cmake/PreUninstall.sh") diff --git a/bin/tsg_log_field.conf b/bin/tsg_log_field.conf index f7a3d69..574e7d9 100644 --- a/bin/tsg_log_field.conf +++ b/bin/tsg_log_field.conf @@ -119,4 +119,5 @@ LONG common_vsys_id 106 STRING dtls_sni 107 STRING common_tunnel_endpoint_a_desc 108 STRING common_tunnel_endpoint_b_desc 109 -LONG common_t_vsys_id 110 \ No newline at end of file +LONG common_t_vsys_id 110 +STRING common_app_full_path 111 \ No newline at end of file diff --git a/ctest/CMakeLists.txt b/ctest/CMakeLists.txt new file mode 100644 index 0000000..9b22c63 --- /dev/null +++ b/ctest/CMakeLists.txt @@ -0,0 +1,17 @@ +cmake_minimum_required (VERSION 2.8) + +project(sapp_ctest) + +add_test(NAME COPY_CREATE_DIR COMMAND sh -c "mkdir -p ${CMAKE_BINARY_DIR}/testing/ ${CMAKE_BINARY_DIR}/testing/plug") +add_test(NAME COPY_MASTER_GTEST_BIN COMMAND sh -c "cp ${CMAKE_BINARY_DIR}/test/master_gtest ${CMAKE_BINARY_DIR}/testing/") +add_test(NAME COPY_MASTER_GTEST_CONF COMMAND sh -c "cp -r ${CMAKE_SOURCE_DIR}/test/bin/etc/ ${CMAKE_BINARY_DIR}/testing/") +add_test(NAME COPY_MASTER_GTEST_CONFLIST COMMAND sh -c "cp -r ${CMAKE_SOURCE_DIR}/test/bin/conflist.inf ${CMAKE_BINARY_DIR}/testing/plug") + + +add_test(NAME COPY_MASTER_DIR COMMAND sh -c "mkdir -p ${CMAKE_BINARY_DIR}/testing/plug/platform/tsg_master/") +add_test(NAME COPY_MASTER_INF COMMAND sh -c "cp ${CMAKE_SOURCE_DIR}/bin/tsg_master.inf ${CMAKE_BINARY_DIR}/testing/plug/platform/tsg_master/tsg_master.inf") +add_test(NAME COPY_MASTER_SO COMMAND sh -c "cp ${CMAKE_BINARY_DIR}/test/tsg_master_gtest.so ${CMAKE_BINARY_DIR}/testing/plug/platform/tsg_master/tsg_master.so") +add_test(NAME COPY_MASTER_CONF COMMAND sh -c "cp -r ${CMAKE_SOURCE_DIR}/bin/ ${CMAKE_BINARY_DIR}/testing/tsgconf") + +add_test(NAME FAKE_TEST COMMAND sh -c "pwd") + diff --git a/src/tsg_entry.cpp b/src/tsg_entry.cpp index 4c1f464..131175d 100644 --- a/src/tsg_entry.cpp +++ b/src/tsg_entry.cpp @@ -1847,6 +1847,7 @@ static int app_identify_result_cb(const struct streaminfo *a_stream, int bridge_ FS_operate(g_tsg_para.fs2_handle, g_tsg_para.fs2_field_id[TSG_FS2_APP_BUILT_IN_RESULT], 0, FS_OP_ADD, 1); break; case ORIGIN_BASIC_PROTOCOL: + context->is_app_link=FLAG_TRUE; if(context->proto==PROTO_UNKONWN || context->proto==PROTO_APP) { set_l7_protocol_to_pme(context, identify_result->app_id[identify_result->app_id_num-1]); diff --git a/src/tsg_entry.h b/src/tsg_entry.h index 49965d6..42000a4 100644 --- a/src/tsg_entry.h +++ b/src/tsg_entry.h @@ -202,8 +202,7 @@ struct gather_app_result { int app_num; enum APP_IDENTIFY_ORIGIN origin; - struct app_attributes - attributes[MAX_APP_ID_NUM]; + struct app_attributes attributes[MAX_APP_ID_NUM]; }; struct l7_protocol diff --git a/src/tsg_send_log.cpp b/src/tsg_send_log.cpp index e1b7642..3e266e2 100644 --- a/src/tsg_send_log.cpp +++ b/src/tsg_send_log.cpp @@ -684,7 +684,7 @@ static int get_app_id_list(Value *app_id_object, struct TLD_handle_t *_handle, c } -static int set_userdefine_app(struct TLD_handle_t *_handle, char *field_name, struct gather_app_result *result, TLD_TYPE type) +static int set_userdefine_app(struct TLD_handle_t *_handle, char *field_name, struct gather_app_result *result) { if(result==NULL || result->app_num<=0) { @@ -795,8 +795,7 @@ static int get_app_name_list(struct gather_app_result *result, char *app_name, i if(i>0 && offset>0 && (app_name_len-offset)>0) { - app_name[offset]='.'; - offset++; + app_name[offset++]='.'; } offset+=tsg_app_id2name(result->attributes[i].app_id, app_name+offset, app_name_len-offset, is_joint_parent); @@ -805,6 +804,170 @@ static int get_app_name_list(struct gather_app_result *result, char *app_name, i return 1; } +/* + L7(openvpn), appSketch(psiphon), Thrid(openvpn.ssl.wechat) = openvpn.ssl.psiphon + L7(openvpn), appSketch(psiphon), Thrid(openvpn.qq_web.wechat) = openvpn.psiphon + L7(openvpn), appSketch(psiphon), Thrid(openvpn.wechat) = openvpn.psiphon + L7(openvpn.ssl), appSketch(psiphon), Thrid(openvpn.wechat) = openvpn.ssl.psiphon + L7(openvpn.ssl), appSketch(psiphon), Thrid(openvpn) = openvpn.ssl.psiphon + L7(openvpn.ssl), appSketch(psiphon), Thrid(openvpn.ssl.wechat) = openvpn.ssl.psiphon + L7(null), appSketch(psiphon), Thrid(openvpn.ssl.wechat) = openvpn.ssl.psiphon + L7(null), appSketch(psiphon), Thrid(wechat) = psiphon + L7(null), appSketch(null), Thrid(openvpn.ssl.wechat) = openvpn.ssl.wechat + L7(null), appSketch(null), Thrid(null) = unknown +*/ + +static int get_QM_app_idx(struct gather_app_result *qm_result) +{ + int i=0; + for(i=0; iapp_num; i++) + { + if(tsg_l7_protocol_id2name(qm_result->attributes[i].app_id)==NULL) + { + break; + } + } + + return i; +} + +/* +** Engine1 1.2 Engine2 1 -> 1.2 +** Engine1 1.2 Engine2 1.3 -> 1.2 +** Engine1 1 Engine2 1.2 -> 1.2 +** Engine1 2 Engine2 1.2 -> 1.2 +** Engine1 1 Engine2 2.3 -> 1 +** Engine1 1 Engine2 2 -> 1 +*/ + +static int copy_app_id(struct app_attributes *result, int result_num, unsigned int *combined_array, int combined_array_num) +{ + int i=0; + for(i=0; i 1.2 ** */ + if(intersection_flag==1 || engine1_result_num==0) + { + return copy_app_id(engine2_result, engine2_result_num, combined_array, combined_array_num); + } + +/* +** Engine1 1.2 Engine2 1 -> 1.2 +** Engine1 1.2 Engine2 1.3 -> 1.2 +*/ + if(engine1_result_num>=engine2_result_num || engine2_result_num==0) + { + return copy_app_id(engine1_result, engine1_result_num, combined_array, combined_array_num); + } + +/* +** Engine1 1 Engine2 1.2 -> 1.2 +*/ + if(engine2_result_num>engine1_result_num && engine1_result[0].app_id==engine2_result[0].app_id) + { + return copy_app_id(engine2_result, engine2_result_num, combined_array, combined_array_num); + } + +/* +** Engine1 1 Engine2 2 -> 1 +** Engine1 1 Engine2 2.3 -> 1 +*/ + return copy_app_id(engine1_result, engine1_result_num, combined_array, combined_array_num); +} + + +int set_app_full_path(struct TLD_handle_t *_handle, char *field_name, struct gather_app_result *result) +{ + int offset=0; + int qm_app_idx=0; + int combined_num=0; + char app_full_path[256]={0}; + unsigned int combined_array[MAX_APP_ID_NUM*2]={0}; + + qm_app_idx=get_QM_app_idx(&(result[ORIGIN_QM_ENGINE])); + combined_num+=engine_result_combine(result[ORIGIN_BASIC_PROTOCOL].attributes, + result[ORIGIN_BASIC_PROTOCOL].app_num, + result[ORIGIN_QM_ENGINE].attributes, + qm_app_idx, + combined_array+combined_num, + sizeof(combined_array)-combined_num + ); + + + + if(result[ORIGIN_USER_DEFINE].app_num==0) + { + combined_num+=engine_result_combine(result[ORIGIN_BUILT_IN].attributes, + result[ORIGIN_BUILT_IN].app_num, + (result[ORIGIN_QM_ENGINE].attributes)+qm_app_idx, + result[ORIGIN_QM_ENGINE].app_num-qm_app_idx, + combined_array+combined_num, + sizeof(combined_array)-combined_num + ); + } + else + { + combined_num+=engine_result_combine(result[ORIGIN_USER_DEFINE].attributes, + result[ORIGIN_USER_DEFINE].app_num, + NULL, + 0, + combined_array+combined_num, + sizeof(combined_array)-combined_num + ); + } + + if(combined_num==0) + { + offset=tsg_app_id2name(result[ORIGIN_UNKNOWN].attributes[0].app_id, app_full_path, sizeof(app_full_path), 0); + if(offset>0) + { + TLD_append(_handle, field_name, (void *)app_full_path, TLD_TYPE_STRING); + } + + return 1; + } + + for(int i=0; i0) + { + app_full_path[offset++]='.'; + } + } + + if(offset>0) + { + app_full_path[offset-1]='\0'; + TLD_append(_handle, field_name, (void *)app_full_path, TLD_TYPE_STRING); + } + + return 1; +} + + static int set_app_id(struct tsg_log_instance_t *_instance, struct TLD_handle_t *_handle, struct streaminfo *a_stream) { int app_id_flag=0; @@ -818,7 +981,12 @@ static int set_app_id(struct tsg_log_instance_t *_instance, struct TLD_handle_t gather_result=(struct gather_app_result *)project_req_get_struct(a_stream, g_tsg_para.gather_app_project_id); if(gather_result==NULL) - { + { + if(tsg_app_id2name(_instance->unknown_app_id, app_name, sizeof(app_name), 0)) + { + TLD_append(_handle, _instance->id2field[LOG_COMMON_APP_FULL_PATH].name, (void *)app_name, TLD_TYPE_STRING); + } + TLD_append(_handle, _instance->id2field[LOG_COMMON_L7_PROTOCOL].name, (void *)_instance->l7_unknown_name, TLD_TYPE_STRING); return 0; } @@ -847,8 +1015,10 @@ static int set_app_id(struct tsg_log_instance_t *_instance, struct TLD_handle_t } else //string { - set_userdefine_app(_handle, _instance->id2field[LOG_COMMON_USERDEFINE_APP].name, &(gather_result[ORIGIN_USER_DEFINE]), TLD_TYPE_LONG); + set_userdefine_app(_handle, _instance->id2field[LOG_COMMON_USERDEFINE_APP].name, &(gather_result[ORIGIN_USER_DEFINE])); + set_app_full_path(_handle, _instance->id2field[LOG_COMMON_APP_FULL_PATH].name, gather_result); + get_userdefine_name(&(gather_result[ORIGIN_USER_DEFINE]), app_name, sizeof(app_name), &app_id_flag, 0); if(app_id_flag!=1) @@ -893,7 +1063,7 @@ static int set_app_id(struct tsg_log_instance_t *_instance, struct TLD_handle_t return 1; } -static int set_vlan(struct tsg_log_instance_t *_instance, struct TLD_handle_t *_handle, struct single_layer_vlan_addr *vlan_addr, int layer_num, Value *tunnel_object, tsg_log_field_id_t id) +int set_vlan(struct tsg_log_instance_t *_instance, struct TLD_handle_t *_handle, struct single_layer_vlan_addr *vlan_addr, int layer_num, Value *tunnel_object, tsg_log_field_id_t id) { if(layer_num==0) { @@ -1861,6 +2031,7 @@ struct tsg_log_instance_t *tsg_sendlog_init(const char *conffile, screen_stat_ha MESA_load_profile_int_def(conffile, "TSG_LOG", "RAPIDJSON_CHUNK_CAPACITY", &(_instance->rapidjson_chunk_capacity), 8096); MESA_load_profile_int_def(conffile, "TSG_LOG", "VSYSTEM_ID", &(_instance->vsystem_id), 1); + MESA_load_profile_int_def(conffile, "SYSTEM","UNKNOWN_APP_ID", &_instance->unknown_app_id, 4); MESA_load_profile_int_def(conffile, "TSG_LOG", "APP_ID_TYPE", &(_instance->app_id_type), 1); //0: int, 1: string MESA_load_profile_string_def(conffile, "TSG_LOG", "L7_UNKNOWN_NAME", _instance->l7_unknown_name, sizeof(_instance->l7_unknown_name), "UNCATEGORIZED"); diff --git a/src/tsg_send_log_internal.h b/src/tsg_send_log_internal.h index ded9fa3..5bb5ab7 100644 --- a/src/tsg_send_log_internal.h +++ b/src/tsg_send_log_internal.h @@ -1,6 +1,8 @@ #ifndef __TSG_SEND_LOG_INTERNAL_H__ #define __TSG_SEND_LOG_INTERNAL_H__ +#include + #include #include #include @@ -130,6 +132,7 @@ typedef enum _tsg_log_field_id LOG_COMMON_TUNNELS_ENDPOINT_A_DESC, LOG_COMMON_TUNNELS_ENDPOINT_B_DESC, LOG_COMMON_TRAFFIC_VSYSTEM_ID, + LOG_COMMON_APP_FULL_PATH, LOG_COMMON_MAX }tsg_log_field_id_t; @@ -197,6 +200,7 @@ struct tsg_log_instance_t int max_service; int app_id_type; int vsystem_id; + int unknown_app_id; int send_user_region; int send_data_center; int recovery_interval; diff --git a/test/CMakeLists.txt b/test/CMakeLists.txt new file mode 100644 index 0000000..7554d2f --- /dev/null +++ b/test/CMakeLists.txt @@ -0,0 +1,25 @@ +cmake_minimum_required(VERSION 2.8) + + +include_directories(${CMAKE_SOURCE_DIR}/inc) +include_directories(/opt/MESA/include/MESA/) +include_directories(/opt/MESA/include) +include_directories(/usr/include/) + +set(CMAKE_INSTALL_PREFIX /home/mesasoft/sapp_run) + +add_library(tsg_master_gtest SHARED src/tsg_master_gtest_protocol.cpp src/tsg_master_gtest_entry.cpp) +set_target_properties(tsg_master_gtest PROPERTIES PREFIX "") + +add_definitions(-std=c++11) +LINK_DIRECTORIES(/opt/MESA/lib) + +add_executable(master_gtest "src/tsg_master_gtest_main.cpp") +target_compile_options(master_gtest PUBLIC ${MEM_POOL_DEFINITIONS}) +target_link_libraries(master_gtest pthread dl m pcap systemd cjson MESA_prof_load MESA_htable MESA_handle_logger MESA_jump_layer breakpad_mini MESA_field_stat2) +target_link_libraries(master_gtest /home/mesasoft/sapp_run/lib/libsapp_devel.so) +target_link_libraries(master_gtest gtest-static ctemplate-static) + +install(TARGETS master_gtest DESTINATION ${CMAKE_INSTALL_PREFIX}/ COMPONENT EXECUTABLE) + + diff --git a/test/bin/conflist.inf b/test/bin/conflist.inf new file mode 100644 index 0000000..a776f9f --- /dev/null +++ b/test/bin/conflist.inf @@ -0,0 +1,4 @@ +[platform] +./plug/platform/tsg_master/tsg_master.inf +[protocol] +[business] diff --git a/test/bin/etc/asymmetric_addr_layer.conf b/test/bin/etc/asymmetric_addr_layer.conf new file mode 100644 index 0000000..1799588 --- /dev/null +++ b/test/bin/etc/asymmetric_addr_layer.conf @@ -0,0 +1,6 @@ +vlan[*] +mpls[*] +gre[*] +gtp[*] + + diff --git a/test/bin/etc/asymmetric_presence_layer.conf b/test/bin/etc/asymmetric_presence_layer.conf new file mode 100644 index 0000000..8fa2136 --- /dev/null +++ b/test/bin/etc/asymmetric_presence_layer.conf @@ -0,0 +1,2 @@ +# + diff --git a/test/bin/etc/entrylist.conf b/test/bin/etc/entrylist.conf new file mode 100644 index 0000000..6ec4088 --- /dev/null +++ b/test/bin/etc/entrylist.conf @@ -0,0 +1,27 @@ +IP +IPV6 +IPV6_RAW +TCP_ALL +TCP +UDP +HTTP +SSL +MAIL +FTP +PHONY +POLLING +IPSEC +L2TP +PPTP +RTP +DNS +GTP +STRATUM +RADIUS +QUIC +RDP +SSH +SOCKS +BGP +DTLS +SIP diff --git a/test/bin/etc/gdev.conf b/test/bin/etc/gdev.conf new file mode 100644 index 0000000..2441e11 --- /dev/null +++ b/test/bin/etc/gdev.conf @@ -0,0 +1,5 @@ +[Module] +pcapdevice=ens1f0 +sendto_gdev_card=ens1f0 +sendto_gdev_ip=10.252.20.1 +gdev_status_switch=1 diff --git a/test/bin/etc/gdev_block.conf b/test/bin/etc/gdev_block.conf new file mode 100644 index 0000000..dc5c9e2 --- /dev/null +++ b/test/bin/etc/gdev_block.conf @@ -0,0 +1,14 @@ +[main] +nfs_proto_stat_path=./log +nfs_ddos_flow_detail_path=./log + +[gdev] +service_type=1 +rule_scope=1 +durable=0 +auth_data=B9840E2442951834 +#phony server +c3_list=10.0.6.201:22; + +c3_server_ip=10.0.6.201 +c3_server_port=22 diff --git a/test/bin/etc/necessary_plug_list.conf b/test/bin/etc/necessary_plug_list.conf new file mode 100644 index 0000000..5546eee --- /dev/null +++ b/test/bin/etc/necessary_plug_list.conf @@ -0,0 +1,4 @@ +#以下插件如果加载,初始化失败, sapp平台会退出; +#插件的路径来自配置文件 ./plug/conflist.inf, 不需要加段落标识[platform],[protocol],[business]等. +#If the following plugins fail to initialize, the sapp platform will exit. +#The name of the plugin comes from the configuration ./plug/conflist.inf, section identification is not required. \ No newline at end of file diff --git a/test/bin/etc/plugin.conf b/test/bin/etc/plugin.conf new file mode 100644 index 0000000..10ae034 --- /dev/null +++ b/test/bin/etc/plugin.conf @@ -0,0 +1,5 @@ +[PLUGIN] +platform_config = ./plug/platform/conflist_platform.inf +protocol_config = ./plug/protocol/conflist_protocol.inf +business_config = ./plug/business/conflist_business.inf +entrylist_config = ./etc/entrylist.conf diff --git a/test/bin/etc/project_list.conf b/test/bin/etc/project_list.conf new file mode 100644 index 0000000..22bfafb --- /dev/null +++ b/test/bin/etc/project_list.conf @@ -0,0 +1,18 @@ +tcp_flow_stat struct +udp_flow_stat struct +tcp_deduce_flow_stat struct +POLICY_PRIORITY struct +ESTABLISH_LATENCY long +MAIL_IDENTIFY int +TSG_MASTER_INTERNAL_LABEL struct +BASIC_PROTO_LABEL struct +SKETCH_TRANS_LAYER_CTX_LABEL struct +SKETCH_PROTO_CTX_LABEL struct +common_link_info_c2s struct +common_link_info_s2c struct +common_link_info struct +JA3_FINGERPRINT_LABEL struct +DKPT_PRO_V2 struct +DPKT_PROJECT_V2 struct +PPROJECT_PRO_V2 struct +DPKT_BHSTAT_PROJECT struct diff --git a/test/bin/etc/sapp.toml b/test/bin/etc/sapp.toml new file mode 100644 index 0000000..0dafbf6 --- /dev/null +++ b/test/bin/etc/sapp.toml @@ -0,0 +1,266 @@ +################################################################################################### +# NOTE: # +# The format of this file is toml (https://github.com/cktan/tomlc99) # +# to make vim editor display colorful and human readable, # +# you can create a symbolic links named sapp.ini to sapp.toml, ln -sf sapp.toml sapp.ini # +################################################################################################### + +[SYSTEM] + instance_name = "sapp_v4.2" + +[CPU] +worker_threads=1 + send_only_threads_max=0 +### note, bind_mask, if you do not want to bind thread to special CPU core, keep it empty as [] +### there are two different grammars: +### toml array format: bind_mask=[1,2,3,4,5,11,12,13,14,15] +### MESA_load_profile range format: bind_mask="1-5,11-15" + bind_mask=[] + +[MEM] + dictator_enable=1 + +[PACKET_IO] + [overlay_tunnel_definition] +### note, since 2020-10-01, L2-L3 tunnel(VLAN,MPLS,PPPOE,etc.) is process and offload by mrtunnat, +### after 2020-10-01, sapp support L2-L3 tunnel(VLAN,MPLS,PPPOE,etc.) without mrtunnat. +l2_l3_tunnel_support=0 + +### note, optional value is [none, vxlan] +overlay_mode=none + + [packet_io.feature] + destroy_all_plug_enabled=0 +### note, used to represent inbound or outbound direction value, +### because it comes from Third party device, so it needs to be specified manually, +### if inbound_route_dir=1, then outbound_route_dir=0, vice versa, +### in other words, outbound_route_dir = 1 ^ inbound_route_dir; + inbound_route_dir=1 + +### note, BSD_packet_filter, if you do not want to set any filter rule, keep it empty as "" + BSD_packet_filter="" + +### note, same as tcpdump -Q/-P arg, possible values are `in', `out' and `inout', default is "in" + pcap_capture_direction="in" + +### note, support two mode: "inner_tuple2", "outer_tuple2" + pcap_distmode="inner_tuple2" + +### note, depolyment.mode options: [sys_route, vxlan_by_inline_device, raw_ethernet_single_gateway, raw_ethernet_multi_gateway] +### sys_route: send ip(ipv6) packet by system route table, this is default mode in mirror mode; +### vxlan_by_inline_device: encapsulation inject packet with vxlan, and then send to inline device by udp socket. +### raw_ethernet_single_gateway: send layer2 ethernet packet to specific gateway in same broadcast domain. +### raw_ethernet_multi_gateway: send layer2 ethernet packet to multiple gateway in same broadcast domain. + inject_pkt_mode=sys_route + +### note, this config is valid if inject_pkt_mode==vxlan_by_inline_device, means udp socket src port. + inject_mode_inline_device_sport=54789 + +### note, this config is valid if inject_pkt_mode==raw_ethernet_single_gateway. + inject_mode_single_gateway_device="eth1" +### inject_mode_single_gateway_src_mac has lower priority than get smac from inject_mode_single_gateway_device + inject_mode_single_gateway_src_mac="00:11:22:77:88:99" + inject_mode_single_gateway_dst_mac="00:11:22:33:44:55" + +dumpfile_sleep_time_before_exit=0 + +### note, for example, dst mac is 01:12:34:56:78:90, src src is 02:AA:BB:CC:DD:EE:FF, +### ether[0] is 0x01, dst mac first octet, ether[1] is 0x12, dst mac second octet, +### ether[6] is 0x02, src mac first octet, ether[11] is 0xFF, src mac sixth octet. +### the bit field is from 0 to 7, the 0 is least significant bit, the 7 is most significant bit. + ##extract_linkdir_from_mac_in_mirror_mode="ether[4]:0" ## for Xj example + extract_linkdir_from_mac_in_mirror_mode="" + +### note, depolyment.mode options: [mirror, inline, transparent] + [packet_io.depolyment] + mode=mirror + +### note, interface.type options: [pag, pcap, marsio, tun] +### receive from internal interface, route dir is 0, +### receive from external interface, route dir is 1. + [packet_io.internal.interface] + type=pcap + name="lo" + + [packet_io.external.interface] + type=pcap + name=lo + + [packet_io.polling] + enabled=1 +### note, polling_priority = call sapp_recv_pkt every call polling_entry times, + polling_priority=1 + + [packet_io.under_ddos] +### note, to reduce impact of ddos attack,set some stream bypass, all plugins will not process these streams + stream_bypass_enabled=0 +### note, cpu usage value is percent, for example, config value is 85, means 85%, valid range: [1,100] +### sapp change to bypass state immediately when realtime cpu usage > bypass_trigger_cpu_usage + bypass_trigger_cpu_usage=85 +### note, unit of get_cpu_usage_interval is milliseconds(ms) + get_cpu_usage_interval=500 +### note, use the average of the last $smooth_avg_window times as current realtime value + smooth_avg_window=2 + + decrease_ratio="0.95" + increase_ratio="1.005" +### note, unit of bypass_observe_time is second(s) + recovery_observe_time=30 + + +[PROTOCOL_FEATURE] + ipv6_decapsulation_enabled=1 + ipv6_send_packet_enabled=1 + tcp_drop_pure_ack_pkt=0 + tcp_syn_option_parse_enabled=1 +skip_not_ip_layer_over_eth=0 + skip_gtp_S_PN_E_field_for_inject=0 + +[DUPLICATE_PKT] +[dup_pkt.traffic.original] + original_ipv4_tcp_enabled=1 + original_ipv4_udp_enabled=0 +### note, can't distinguish between duplicate traffic and application retransmit traffic for IPv6 packets, +### so not support IPv6 original duplicate traffic check. + +[dup_pkt.traffic.inject] + inject_all_enabled=1 + +[dup_pkt.parameters] + bloom_capacity=1000000 + bloom_error_rate=0.00001 + bloom_timeout=10 + + +[STREAM] +### note, stream_id_base_time format is "%Y-%m-%d %H:%M:%S" + stream_id_base_time="2021-01-01 00:00:00" + [stream.tcp] +max=1000 +timeout=0 + syn_mandatory=1 +reorder_pkt_max=5 + analyse_option_enabled=1 + tuple4_reuse_time_interval=30 + + meaningful_statistics_minimum_pkt=3 + meaningful_statistics_minimum_byte=5 + special_timeout_ratio=10 + + [stream.tcp.inject] + link_mss=1460 + + [stream.tcp.inject.rst] + auto_remedy=1 + number=1 + signature_enabled=1 + signature_seed1=65535 + signature_seed2=13 + remedy_kill_tcp_by_inline_device=0 + + [stream.udp] +max=1000 +timeout=0 + meaningful_statistics_minimum_pkt=3 + meaningful_statistics_minimum_byte=5 + special_timeout_ratio=20 + +[PROFILING] +[profiling.pkt_latency] + enabled=0 + accurate_enable=0 +### note, threshold unit is microseconds (us) + threshold=100000 + + [profiling.sanity_check] + raw_pkt_broken_enabled=0 + symbol_conflict_enabled=0 + + [profiling.log] + level=20 + interval=1 + + [profiling.log.local] + enabled=1 +### note, if "file_truncate_open_enabled=1", file will be truncated, otherwise open the file for appending. + file_truncate_enabled = 1 + + [profiling.log.remote] + enabled=0 + server_ip="127.0.0.1" + server_port=8126 + + [profiling.log.remote.field_stat2] +### note, is valid when "remote_send_out_type=field_stat2" +### note, metric_type option value: [default, json] + metric_type = default + app_name=sapp + + [profiling.log.prometheus] + prometheus_enabled=0 + prometheus_port=9273 + prometheus_url_path="/metrics" + +[TOOLS] + [tools.pkt_dump] + enabled=0 +### note, mode options value:[storage, udp_socket] + mode=udp_socket + BSD_packet_filter="" + + [tools.pkt_dump.threads] +### note, if you want enable pkt dump in all thread, set dump_thread_all_enabled=0 +### if dump_thread_all_enabled=0, then use dump_thread_id to specify separate specified thread index. + all_threads_enabled=1 + +### note, dump_thread_id start from 0, max is CPU.worker_threads-1 + dump_thread_id=[0,1,2,3,4] + + [tools.pkt_dump.udp] + command_port=12345 + pkt_dump_ratio=30 + + [tools.pkt_dump.storage] +### note, file path must be double quotation mark extension, for example, path="/dev/shm/pkt_dump" + path="/dev/shm/pkt_dump" +### note, file size unit: MB + file_size_max_per_thread=10000 + +[breakpad] + disable_coredump=0 + enable_breakpad=0 + breakpad_minidump_dir="/tmp/crashreport" + enable_breakpad_upload=0 + breakpad_upload_url="http://127.0.0.1/" + breakpad_upload_tools="/opt/MESA/bin/minidump_upload" + + +### note: +### These configurations format is complex and difficult to describe with toml grammar, +### so, create a independent secondary config file to description specific information. + +[SECONDARY_CONFIG_LINK] +cfg_file_sapp_log="etc/sapp_log.conf" +cfg_file_plug_list="plug/conflist.inf" + cfg_file_project_list="etc/project_list.conf" + cfg_file_entrylist="etc/entrylist.conf" + cfg_file_send_raw_pkt="etc/send_raw_pkt.conf" + cfg_file_vxlan_sport_map="etc/vxlan_sport_service_map.conf" + cfg_file_inline_device="etc/gdev.conf" + cfg_file_necessary_plug_list="etc/necessary_plug_list.conf" + cfg_file_stream_compare_layer="etc/stream_compare_layer.conf" + cfg_file_vlan_flipping="etc/vlan_flipping_map.conf" + cfg_file_asymmetric_addr_layer="etc/asymmetric_addr_layer.conf" + cfg_file_well_known_port="etc/well_known_port.conf" + +[SECONDARY_DATA_LINK] +data_file_sysinfo_log="sysinfo.log" + data_file_field_stat_log="fs2_sysinfo.log" + data_file_inline_keepalive_log="gdev_keeplive_status.log" + data_file_load_plugin_stat_log="load_plugin_stat.log" + data_file_under_ddos_stat_log="under_ddos_stat.log" + data_file_memory_stat_log="memory_used_stat.log" + +[LIBRARY_LINK] + marsio_library_path="/opt/mrzcpd/lib/libmarsio.so" + diff --git a/test/bin/etc/sapp_log.conf b/test/bin/etc/sapp_log.conf new file mode 100644 index 0000000..a0be07f --- /dev/null +++ b/test/bin/etc/sapp_log.conf @@ -0,0 +1,16 @@ +[global] +default format = "%d(%c), %V, %U, %m%n" +[levels] +DEBUG=10 +INFO=20 +FATAL=30 +STOP=40 +[formats] +other = "%d(%c), %V, %F, %U, %m%n" +plugin = "%d(%c), %m%n" +[rules] +__log_runtimelog.info "./log/runtimelog.%d(%F)" +__log_runtimelog_plugin.fatal >stdout; plugin +__log_runtimelog_plugin.fatal "./log/plugin.log"; plugin +__log_http_runtime.stop "./log/%c.%d(%F)"; other +!.* "./log/%c.%d(%F)"; other diff --git a/test/bin/etc/send_gdev.conf b/test/bin/etc/send_gdev.conf new file mode 100644 index 0000000..54b7a0f --- /dev/null +++ b/test/bin/etc/send_gdev.conf @@ -0,0 +1,2 @@ +3 10.3.127.1 + diff --git a/test/bin/etc/send_raw_pkt.conf b/test/bin/etc/send_raw_pkt.conf new file mode 100644 index 0000000..a2845b2 --- /dev/null +++ b/test/bin/etc/send_raw_pkt.conf @@ -0,0 +1,16 @@ +#ԭʼ, +#ƽ̨ڲͬ, ײҲͬ, +#ͨģʽʹ, DPDKģʽʹö˿ں, PFRINGģʽʹindex, ģʽ. +#target_idڱʾĸն˷, +#ڷ͵ݰײMACĿIP, ϲ, ƽֻ̨ԭʼ. +#target_id൱ݿ + +#(0:pag,1:pcap,2:dumpfile,3:pfring,4:DPDK,5:ppf,6:NPacket,7:qnf,8:N95,9:pcap-dumpfile-list,10:topsec, +##(11:ipfile, 12:marsio4, 13:agent_smith, 14:dpdk_vxlan, 15:marsio_vxlan, 16:pag_marsio + +#target_id +#0 pag p7p2 eth1 dna0 dpdk ppf npacket qnf n95 eth1 topsec eth1 vxlan_user smith dpdk dpdk pag +#1 pag eth1 eth1 dna0 dpdk ppf npacket qnf n95 eth1 topsec eth1 p7p1 smith dpdk dpdk pag +#2 pag eth1 eth1 dna0 dpdk ppf npacket qnf n95 eth1 topsec eth1 p7p1 smith dpdk dpdk pag +#3 pag eth1 eth1 dna0 dpdk ppf npacket qnf n95 eth1 topsec eth1 p7p2 smith dpdk dpdk pag +#4 pag eth1 eth1 dna0 dpdk ppf npacket qnf n95 eth1 topsec eth1 p7p2 smith dpdk dpdk pag diff --git a/test/bin/etc/send_route.conf b/test/bin/etc/send_route.conf new file mode 100644 index 0000000..f1186c7 --- /dev/null +++ b/test/bin/etc/send_route.conf @@ -0,0 +1,3 @@ +#dev_id link_id mac_addr +3 2 00:50:56:f3:59:5c + diff --git a/test/bin/etc/stream_compare_layer.conf b/test/bin/etc/stream_compare_layer.conf new file mode 100644 index 0000000..8fa2136 --- /dev/null +++ b/test/bin/etc/stream_compare_layer.conf @@ -0,0 +1,2 @@ +# + diff --git a/test/bin/etc/vlan_flipping_map.conf b/test/bin/etc/vlan_flipping_map.conf new file mode 100644 index 0000000..dc637a3 --- /dev/null +++ b/test/bin/etc/vlan_flipping_map.conf @@ -0,0 +1,12 @@ +#for inline a device vlan flipping +#数据包来自C路由器端, 即C2I(I2E)方向, +#数据包来自I路由器端, 即I2C(E2I)方向, +#平台会根据vlan_id,设置当前包route_dir的值, 以便上层业务插件做两个方向的流量统计, +#如果一对vlan_id写反了, 网络是通的, 但是I2E,E2I的流量统计就颠倒了. +#配置文件格式, pattern: +#来自C路由器vlan_id 来自I路由器vlan_id 是否开启mac地址翻转 +#C_router_vlan_id I_router_vlan_id mac_flipping_enable + +#1001 1002 1 +#1003 1004 1 +#4000 4001 0 diff --git a/test/bin/etc/vxlan_sport_service_map.conf b/test/bin/etc/vxlan_sport_service_map.conf new file mode 100644 index 0000000..8a48052 --- /dev/null +++ b/test/bin/etc/vxlan_sport_service_map.conf @@ -0,0 +1,86 @@ +#service-id vpn-id sport-dport +1 101 50000-50016 +2 102 50064-50080 +3 103 50128-50144 +4 104 50192-50208 +5 105 50256-50272 +6 106 50320-50336 +7 107 50384-50384 +8 108 50448-50464 +9 109 50512-50512 +10 110 50576-50592 +11 111 50640-50656 +12 112 50704-50720 +13 113 50768-50784 +14 114 50832-50848 +15 115 50896-50912 +16 116 50960-50960 +17 117 51024-51024 +18 118 51088-51088 +19 119 51152-51168 +20 120 51216-51232 +21 121 51280-51296 +22 122 51344-51360 +23 123 51408-51408 +24 124 51472-51472 +25 125 51536-51536 +26 126 51600-51600 +27 127 51664-51664 +28 128 51728-51728 +29 129 51792-51792 +30 130 51856-51856 +31 131 51920-51920 +32 132 51984-51984 +33 133 52048-52064 +34 134 52112-52128 +35 135 52176-52192 +36 136 52240-52256 +37 137 52304-52320 +38 138 52368-52384 +39 139 52432-52448 +40 140 52496-52512 +41 141 52560-52576 +42 142 52624-52640 +43 143 52688-52704 +44 144 52752-52768 +45 145 52816-52832 +46 146 52880-52896 +47 147 52944-52960 +48 148 53008-53024 +49 149 53072-53088 +50 150 53136-53152 +51 151 53200-53216 +52 152 53264-53280 +53 153 53328-53344 +54 154 53392-53408 +55 155 53456-53472 +56 156 53520-53536 +57 157 53584-53600 +58 158 53648-53664 +59 159 53712-53712 +60 160 53776-53776 +61 161 53840-53840 +62 162 53904-53904 +63 163 53968-53968 +64 164 54032-54032 +65 165 54096-54096 +66 166 54160-54176 +67 167 54224-54240 +68 168 54288-54304 +69 169 54352-54368 +70 170 54416-54432 +71 171 54480-54496 +72 172 54544-54560 +73 173 54608-54624 +74 174 54672-54688 +75 175 54736-54736 +76 176 54800-54800 +77 177 54864-54864 +78 178 54928-54928 +79 179 54992-54992 +80 180 55056-55056 +81 181 55120-55120 +82 182 55184-55184 +83 183 55248-55248 +84 184 55312-55312 +85 185 55376-55376 diff --git a/test/bin/etc/well_known_port.conf b/test/bin/etc/well_known_port.conf new file mode 100644 index 0000000..5021aef --- /dev/null +++ b/test/bin/etc/well_known_port.conf @@ -0,0 +1,2 @@ +[TCP] +[UDP] diff --git a/test/bin/gtest_maat.json b/test/bin/gtest_maat.json new file mode 100644 index 0000000..052db44 --- /dev/null +++ b/test/bin/gtest_maat.json @@ -0,0 +1,54 @@ +{ + "compile_table": "TSG_SECURITY_COMPILE", + "group2compile_table": "GROUP_COMPILE_RELATION", + "group2group_table": "GROUP_GROUP_RELATION", + "rules": [ + { + "compile_id": 2, + "service": 0, + "action": 1, + "do_blacklist": 0, + "do_log": 1, + "effective_rage": 0, + "user_region": "Virtual", + "is_valid": "yes", + "groups": [ + { + "group_name":"OBJ_DST_IP_ADDR", + "virtual_table":"TSG_SECURITY_SOURCE_ADDR", + "not_flag" : 0, + "regions": [ + { + "table_type": "ip_plus", + "table_name": "TSG_OBJ_IP_ADDR", + "table_content": { + "addr_type": "ipv4", + "saddr_format": "range", + "src_ip1": "0.0.0.0", + "src_ip2": "255.255.255.255", + "sport_format": "range", + "src_port1": "0", + "src_port2": "0", + "protocol": 0, + "direction": "double" + } + } + ] + } + ] + } + ], + "plugin_table": [ + { + "table_name": "APP_ID_DICT", + "table_content": [ + "4\tunknown\t0\tnull\tcategory\tsubcategory\ttechnology\trisk\tcharacteristics\tnull\tnull\t1\t0\t3600\t3600\t1800\t1800\t1", + "156\tqq\t0\tnull\tcategory\tsubcategory\ttechnology\trisk\tcharacteristics\tnull\tnull\t1\t0\t3600\t3600\t1800\t1800\t1", + "336\tOPENVPN\t0\tnull\tcategory\tsubcategory\ttechnology\trisk\tcharacteristics\tnull\tnull\t1\t0\t3600\t3600\t1800\t1800\t1", + "199\tSSL\t0\tnull\tcategory\tsubcategory\ttechnology\trisk\tcharacteristics\tnull\tnull\t1\t0\t3600\t3600\t1800\t1800\t1", + "1241\tqq_web\t0\tnull\tcategory\tsubcategory\ttechnology\trisk\tcharacteristics\tnull\tnull\t1\t0\t3600\t3600\t1800\t1800\t1", + "3145\tqq_r2\t0\tnull\tcategory\tsubcategory\ttechnology\trisk\tcharacteristics\tnull\tnull\t1\t0\t3600\t3600\t1800\t1800\t1" + ] + } + ] +} diff --git a/test/bin/tsg_master_gtest.inf b/test/bin/tsg_master_gtest.inf new file mode 100644 index 0000000..4337ca6 --- /dev/null +++ b/test/bin/tsg_master_gtest.inf @@ -0,0 +1,9 @@ +[PLUGINFO] +PLUGNAME=GTEST_MASTER +SO_PATH=./plug/platform/tsg_master_gtest/tsg_master_gtest.so +INIT_FUNC=GTEST_INIT +DESTROY_FUNC=GTEST_UNLOAD + +[TCP_ALL] +FUNC_FLAG=ALL +FUNC_NAME=GTEST_APP_FULL_PATH_1_ENTRY diff --git a/test/src/CMakeLists.txt b/test/src/CMakeLists.txt new file mode 100644 index 0000000..bbd1323 --- /dev/null +++ b/test/src/CMakeLists.txt @@ -0,0 +1,36 @@ +cmake_minimum_required(VERSION 2.8) + +set(SRC ../src/tsg_entry.cpp ../src/tsg_rule.cpp ../src/tsg_ssl_utils.cpp ../src/tsg_send_log.cpp ../src/tsg_statistic.cpp ../src/tsg_ssh_utils.cpp ../src/tsg_gtp_signaling.cpp ../src/tsg_action.cpp ../src/tsg_leaky_bucket.cpp ../src/tsg_dns.cpp ../src/tsg_icmp.cpp ../src/tsg_tamper.cpp tsg_master_gtest_protocol.cpp tsg_master_gtest_entry.cpp) + +include_directories(${CMAKE_SOURCE_DIR}/inc) +include_directories(/opt/MESA/include/MESA/) +include_directories(/opt/MESA/include) +include_directories(/usr/include/) + +set(TSG_MASTER_DEPEND_DYN_LIB MESA_handle_logger MESA_prof_load maatframe pthread MESA_field_stat2 rdkafka cjson MESA_jump_layer) + +set(CMAKE_INSTALL_PREFIX /home/mesasoft/sapp_run) + +add_library(tsg_master_gtest SHARED ${SRC}) +set_target_properties(tsg_master_gtest PROPERTIES LINK_FLAGS "-Wl,--version-script=${PROJECT_SOURCE_DIR}/src/version.map") +target_link_libraries(tsg_master_gtest ${TSG_MASTER_DEPEND_DYN_LIB} ctemplate-static) +set_target_properties(tsg_master_gtest PROPERTIES PREFIX "") + +install(TARGETS tsg_master_gtest LIBRARY DESTINATION ${CMAKE_INSTALL_PREFIX}/plug/platform/tsg_master_gtest COMPONENT LIBRARIES) +install(FILES ../bin/tsg_master.inf DESTINATION ${CMAKE_INSTALL_PREFIX}/plug/platform/tsg_master_gtest COMPONENT PROFILE) + + +add_definitions(-std=c++11) +LINK_DIRECTORIES(/opt/MESA/lib) + +file(GLOB TEST_CASE "tsg_master_gtest_main.cpp") + +add_executable(master_gtest ${TEST_CASE}) +target_compile_options(master_gtest PUBLIC ${MEM_POOL_DEFINITIONS}) +target_link_libraries(master_gtest nsl pthread dl m pcap systemd cjson MESA_prof_load MESA_htable MESA_handle_logger MESA_jump_layer breakpad_mini MESA_field_stat2 rdkafka) +target_link_libraries(master_gtest /home/mesasoft/sapp_run/lib/libsapp_devel.so) +target_link_libraries(master_gtest gtest-static ctemplate-static) + +install(TARGETS master_gtest DESTINATION ${CMAKE_INSTALL_PREFIX}/ COMPONENT EXECUTABLE) + + diff --git a/test/src/tsg_master_gtest_entry.cpp b/test/src/tsg_master_gtest_entry.cpp new file mode 100644 index 0000000..1c47b9d --- /dev/null +++ b/test/src/tsg_master_gtest_entry.cpp @@ -0,0 +1,207 @@ +#include +#include +#include +#include +#include +#include + +#include "app_label.h" + +#include +#include +#include +#include + +enum GTEST_BRIDGE +{ + GTEST_BRIDGE_TYPE_APP_IDENTIFY_RESULT=0, + GTEST_BRIDGE_TYPE_MAX +}; + +struct gtest_para +{ + int bridge_id[GTEST_BRIDGE_TYPE_MAX]; + char bridge_name[GTEST_BRIDGE_TYPE_MAX][64]; +}; + + +struct gtest_para g_gtest_para; + +extern "C" unsigned char GTEST_APP_FULL_PATH_1_ENTRY(const struct streaminfo *a_stream, void **pme, int thread_seq, const void *a_packet) +{ + struct app_identify_result lpi; + memset(&lpi, 0, sizeof(lpi)); + + lpi.app_id_num=2; + lpi.origin=ORIGIN_BASIC_PROTOCOL; + lpi.app_id[0]=336; //openvpn + lpi.app_id[1]=199; //ssl + stream_bridge_sync_data_put(a_stream, g_gtest_para.bridge_id[GTEST_BRIDGE_TYPE_APP_IDENTIFY_RESULT], (void *)&lpi); + + struct app_identify_result user_define; + memset(&user_define, 0, sizeof(user_define)); + + user_define.app_id_num=1; + user_define.origin=ORIGIN_USER_DEFINE; + user_define.app_id[0]=3145; //qq_web + stream_bridge_sync_data_put(a_stream, g_gtest_para.bridge_id[GTEST_BRIDGE_TYPE_APP_IDENTIFY_RESULT], (void *)&user_define); + + struct app_identify_result qm; + memset(&qm, 0, sizeof(qm)); + + qm.app_id_num=4; + qm.origin=ORIGIN_QM_ENGINE; + qm.app_id[0]=336; //openvpn + qm.app_id[1]=199; //ssl + qm.app_id[2]=1241; //qq_web + qm.app_id[3]=3145; //qq_r2 + stream_bridge_sync_data_put(a_stream, g_gtest_para.bridge_id[GTEST_BRIDGE_TYPE_APP_IDENTIFY_RESULT], (void *)&qm); + + return APP_STATE_DROPME; +} + +extern "C" unsigned char GTEST_APP_FULL_PATH_2_ENTRY(const struct streaminfo *a_stream, void **pme, int thread_seq, const void *a_packet) +{ + struct app_identify_result lpi; + memset(&lpi, 0, sizeof(lpi)); + + lpi.app_id_num=2; + lpi.origin=ORIGIN_BASIC_PROTOCOL; + lpi.app_id[0]=336; //openvpn + lpi.app_id[1]=199; //ssl + stream_bridge_sync_data_put(a_stream, g_gtest_para.bridge_id[GTEST_BRIDGE_TYPE_APP_IDENTIFY_RESULT], (void *)&lpi); + + struct app_identify_result built_in; + memset(&built_in, 0, sizeof(built_in)); + + built_in.app_id_num=1; + built_in.origin=ORIGIN_BUILT_IN; + built_in.app_id[0]=3145; //qq_web + stream_bridge_sync_data_put(a_stream, g_gtest_para.bridge_id[GTEST_BRIDGE_TYPE_APP_IDENTIFY_RESULT], (void *)&built_in); + + struct app_identify_result qm; + memset(&qm, 0, sizeof(qm)); + + qm.app_id_num=3; + qm.origin=ORIGIN_QM_ENGINE; + qm.app_id[0]=336; //openvpn + qm.app_id[1]=1241; //qq_web + qm.app_id[2]=3145; //qq_r2 + stream_bridge_sync_data_put(a_stream, g_gtest_para.bridge_id[GTEST_BRIDGE_TYPE_APP_IDENTIFY_RESULT], (void *)&qm); + + return APP_STATE_DROPME; +} + +extern "C" unsigned char GTEST_APP_FULL_PATH_3_ENTRY(const struct streaminfo *a_stream, void **pme, int thread_seq, const void *a_packet) +{ + struct app_identify_result lpi; + memset(&lpi, 0, sizeof(lpi)); + + lpi.app_id_num=2; + lpi.origin=ORIGIN_BASIC_PROTOCOL; + lpi.app_id[0]=336; //openvpn + lpi.app_id[1]=199; //ssl + stream_bridge_sync_data_put(a_stream, g_gtest_para.bridge_id[GTEST_BRIDGE_TYPE_APP_IDENTIFY_RESULT], (void *)&lpi); + + struct app_identify_result built_in; + memset(&built_in, 0, sizeof(built_in)); + + built_in.app_id_num=1; + built_in.origin=ORIGIN_BUILT_IN; + built_in.app_id[0]=3145; //qq_web + stream_bridge_sync_data_put(a_stream, g_gtest_para.bridge_id[GTEST_BRIDGE_TYPE_APP_IDENTIFY_RESULT], (void *)&built_in); + + return APP_STATE_DROPME; +} + +extern "C" unsigned char GTEST_APP_FULL_PATH_4_ENTRY(const struct streaminfo *a_stream, void **pme, int thread_seq, const void *a_packet) +{ + struct app_identify_result lpi; + memset(&lpi, 0, sizeof(lpi)); + + lpi.app_id_num=1; + lpi.origin=ORIGIN_BASIC_PROTOCOL; + lpi.app_id[0]=199; //ssl + stream_bridge_sync_data_put(a_stream, g_gtest_para.bridge_id[GTEST_BRIDGE_TYPE_APP_IDENTIFY_RESULT], (void *)&lpi); + + struct app_identify_result user_define; + memset(&user_define, 0, sizeof(user_define)); + + struct app_identify_result built_in; + memset(&built_in, 0, sizeof(built_in)); + + built_in.app_id_num=2; + built_in.origin=ORIGIN_BUILT_IN; + built_in.app_id[0]=3145; //qq_web + built_in.app_id[1]=156; //qq + stream_bridge_sync_data_put(a_stream, g_gtest_para.bridge_id[GTEST_BRIDGE_TYPE_APP_IDENTIFY_RESULT], (void *)&built_in); + + + struct app_identify_result qm; + memset(&qm, 0, sizeof(qm)); + + qm.app_id_num=4; + qm.origin=ORIGIN_QM_ENGINE; + qm.app_id[0]=336; //openvpn + qm.app_id[1]=199; //ssl + qm.app_id[2]=1241; //qq_web + qm.app_id[3]=3145; //qq_r2 + stream_bridge_sync_data_put(a_stream, g_gtest_para.bridge_id[GTEST_BRIDGE_TYPE_APP_IDENTIFY_RESULT], (void *)&qm); + + return APP_STATE_DROPME; +} + +extern "C" unsigned char GTEST_APP_FULL_PATH_5_ENTRY(const struct streaminfo *a_stream, void **pme, int thread_seq, const void *a_packet) +{ + struct app_identify_result built_in; + memset(&built_in, 0, sizeof(built_in)); + + built_in.app_id_num=2; + built_in.origin=ORIGIN_BUILT_IN; + built_in.app_id[0]=3145; //qq_web + built_in.app_id[1]=156; //qq + stream_bridge_sync_data_put(a_stream, g_gtest_para.bridge_id[GTEST_BRIDGE_TYPE_APP_IDENTIFY_RESULT], (void *)&built_in); + + struct app_identify_result qm; + memset(&qm, 0, sizeof(qm)); + + qm.app_id_num=4; + qm.origin=ORIGIN_QM_ENGINE; + qm.app_id[0]=336; //openvpn + qm.app_id[1]=199; //ssl + qm.app_id[2]=1241; //qq_web + qm.app_id[3]=3145; //qq_r2 + stream_bridge_sync_data_put(a_stream, g_gtest_para.bridge_id[GTEST_BRIDGE_TYPE_APP_IDENTIFY_RESULT], (void *)&qm); + + return APP_STATE_DROPME; +} + +extern "C" unsigned char GTEST_UNKNOWN_APP_ENTRY(const struct streaminfo *a_stream, void **pme, int thread_seq, const void *a_packet) +{ + return APP_STATE_DROPME; +} + +extern "C" int GTEST_INIT() +{ + memset(&g_gtest_para, 0, sizeof(g_gtest_para)); + + MESA_load_profile_string_def("tsgconf/main.conf", "SYSTEM", "APP_IDENTIFY_RESULT_BRIDGE", g_gtest_para.bridge_name[GTEST_BRIDGE_TYPE_APP_IDENTIFY_RESULT], 64, "APP_IDENTIFY_RESULT_BRIDGE"); + + for(int i=0; i +#include +#include +#include +#include +#include + +#include +#include +#include +#include + +#include "../inc/app_label.h" +#include "../inc/tsg_rule.h" +#include "../inc/tsg_send_log.h" +#include "../inc/tsg_statistic.h" +#include "../src/tsg_entry.h" +#include "../src/tsg_send_log_internal.h" +#include "../inc/tsg_ssl_utils.h" +#include "../src/tsg_ssh_utils.h" +#include "../src/tsg_protocol_common.h" + +#include "rapidjson/document.h" // rapidjson's DOM-style API +#include "rapidjson/prettywriter.h" // for stringify JSON +#include "rapidjson/stringbuffer.h" + +using namespace rapidjson; +using namespace std; + +extern "C" int TSG_MASTER_INIT(); +int set_vlan(struct tsg_log_instance_t *_instance, struct TLD_handle_t *_handle, struct single_layer_vlan_addr *vlan_addr, int layer_num, Value *tunnel_object, tsg_log_field_id_t id); +int set_app_full_path(struct TLD_handle_t *_handle, char *field_name, struct gather_app_result *result); + diff --git a/test/src/tsg_master_gtest_main.cpp b/test/src/tsg_master_gtest_main.cpp new file mode 100644 index 0000000..bc54833 --- /dev/null +++ b/test/src/tsg_master_gtest_main.cpp @@ -0,0 +1,50 @@ +#include +#include +#include +#include "../inc/app_label.h" +#include "../inc/tsg_rule.h" +#include "../inc/tsg_send_log.h" +#include "../inc/tsg_statistic.h" +//#include "../src/tsg_entry.h" +#include "../src/tsg_send_log_internal.h" +#include "../inc/tsg_ssl_utils.h" +#include "../src/tsg_ssh_utils.h" +#include "../src/tsg_protocol_common.h" + +#include "tsg_master_gtest_function.h" + +#include + +/* + L7(openvpn), appSketch(psiphon), Thrid(openvpn.ssl.wechat) = openvpn.ssl.psiphon + L7(openvpn), appSketch(psiphon), Thrid(openvpn.qq_web.wechat) = openvpn.psiphon + L7(openvpn), appSketch(psiphon), Thrid(openvpn.wechat) = openvpn.psiphon + L7(openvpn.ssl), appSketch(psiphon), Thrid(openvpn.wechat) = openvpn.ssl.psiphon + L7(openvpn.ssl), appSketch(psiphon), Thrid(openvpn) = openvpn.ssl.psiphon + L7(openvpn.ssl), appSketch(psiphon), Thrid(openvpn.ssl.wechat) = openvpn.ssl.psiphon + L7(null), appSketch(psiphon), Thrid(openvpn.ssl.wechat) = openvpn.ssl.psiphon + L7(null), appSketch(psiphon), Thrid(wechat) = psiphon + L7(null), appSketch(null), Thrid(openvpn.ssl.wechat) = openvpn.ssl.wechat + L7(null), appSketch(null), Thrid(null) = unknown +*/ + +TEST(MasterTest, AppFullPath) +{ + +} + + +TEST(MasterTest, SetVlan) +{ + //int ret=set_vlan(NULL, NULL, NULL, 0, NULL, LOG_COMMON_TUNNELS_VLAN_SRC_ID); + //EXPECT_EQ(1, ret); +} + + +int main(int argc, char *argv[]) +{ + libsapp_setup_env(argc,argv); + testing::InitGoogleTest(&argc, argv); + return RUN_ALL_TESTS(); +} + diff --git a/test/src/tsg_master_gtest_protocol.cpp b/test/src/tsg_master_gtest_protocol.cpp new file mode 100644 index 0000000..2103ba6 --- /dev/null +++ b/test/src/tsg_master_gtest_protocol.cpp @@ -0,0 +1,75 @@ +#include + +extern "C" void *http_field_parser(const char* buf, unsigned int buflen, int http_dir) +{ + return NULL; +} + +extern "C" int http_get_filed_result(void *result, long long field_flag, char **field_value) +{ + return 0; +} + +extern "C" void http_free_filed_result(void *result) +{ +} + +extern "C" int ftp_control_identify(struct streaminfo *a_tcp) +{ + return 0; +} + +extern "C" int ftp_data_identify(struct streaminfo *a_tcp) +{ + return 0; +} + +extern "C" int mail_protocol_identify_by_first_payload(struct streaminfo *a_tcp, char *payload, int payload_len, int thread_seq) +{ + return 0; +} + +extern "C" char stratum_identify(struct streaminfo* pstream,void** pme,int thread_seq,const void* a_packet) +{ + return 0; +} + +extern "C" int rdp_protocol_identify(const char *payload, unsigned int payload_len, int thread_seq) +{ + return 0; +} + +extern "C" int rdpudp_protocol_identify(const char *payload, unsigned int payload_len, int thread_seq) +{ + return 0; +} + +int quic_version_int2string(unsigned int version, char *buff, int buff_len) +{ + return 0; +} + +unsigned int quic_protocol_identify(struct streaminfo *a_stream, void *a_packet, char *out_sni, int *out_sni_len, char *out_ua, int *out_ua_len) +{ + return 0; +} + +extern "C" unsigned char sip_identify_from_to(char* buff,UINT32 buflen,char** from,UINT32* from_len,char** to,UINT32* to_len) +{ + return 0; +} + +extern "C" int dtls_parse_sni(const char *udp_payload, int udp_payload_len, char *servername, int servername_len) +{ + return 0; +} + +extern "C" bool dtls_identifyStream(struct streaminfo *a_udp) +{ + return 0; +} + +extern "C" struct _ssl_ja3_info_t *ssl_get_ja3_fingerprint(struct streaminfo *stream, unsigned char *payload, int payload_len, int thread_seq) +{ + return NULL; +} diff --git a/vendor/CMakeLists.txt b/vendor/CMakeLists.txt new file mode 100644 index 0000000..ec822a1 --- /dev/null +++ b/vendor/CMakeLists.txt @@ -0,0 +1,24 @@ +# CMakeFiles for 3rd vendor library + +include(ExternalProject) +# libgtest +ExternalProject_Add(libgtest PREFIX libgtest + URL ${CMAKE_SOURCE_DIR}/vendor/googletest-release-1.10.0.tar.gz + URL_MD5 ecd1fa65e7de707cd5c00bdac56022cd + CMAKE_ARGS -DCMAKE_INSTALL_PREFIX= -DCMAKE_BUILD_TYPE=${CMAKE_BUILD_TYPE}) +ExternalProject_Get_Property(libgtest INSTALL_DIR) +file(MAKE_DIRECTORY ${INSTALL_DIR}/include) +add_library(gtest-static STATIC IMPORTED GLOBAL) +add_dependencies(gtest-static libgtest) +if(CMAKE_BUILD_TYPE STREQUAL "Debug") + set_property(TARGET gtest-static PROPERTY IMPORTED_LOCATION ${INSTALL_DIR}/lib64/libgtestd.a) +else() + set_property(TARGET gtest-static PROPERTY IMPORTED_LOCATION ${INSTALL_DIR}/lib64/libgtest.a) +endif() +set_property(TARGET gtest-static PROPERTY INTERFACE_INCLUDE_DIRECTORIES ${INSTALL_DIR}/include) +set_property(TARGET gtest-static PROPERTY INTERFACE_LINK_LIBRARIES pthread) + + + + + diff --git a/vendor/googletest-release-1.10.0.tar.gz b/vendor/googletest-release-1.10.0.tar.gz new file mode 100644 index 0000000..ab10868 Binary files /dev/null and b/vendor/googletest-release-1.10.0.tar.gz differ