gfwleak/tango-tsg-master
Archived
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

调整debug日志

Browse Source 
修复内存泄漏
This commit is contained in:
liuxueli
2020-01-16 16:20:35 +08:00
parent cba2dbfab0
commit 4ba746a4b5
4 changed files with 129 additions and 28 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
inc/tsg_rule.h
View File

@@ -64,6 +64,7 @@ extern Maat_feather_t g_tsg_maat_feather;
int tsg_rule_init(const char *conffile, void *logger); int tsg_rule_init(const char *conffile, void *logger);
int tsg_scan_nesting_addr(Maat_feather_t maat_feather, const struct streaminfo *a_stream, tsg_protocol_t proto, scan_status_t *mid, Maat_rule_t*result, int result_num); int tsg_scan_nesting_addr(Maat_feather_t maat_feather, const struct streaminfo *a_stream, tsg_protocol_t proto, scan_status_t *mid, Maat_rule_t*result, int result_num);
int tsg_pull_policy_result(struct streaminfo *a_stream, PULL_RESULT_TYPE pull_result_type, Maat_rule_t*result, int result_num, struct _identify_info *identify_info);
//return NULL if none exists, otherwise return one deny rule; //return NULL if none exists, otherwise return one deny rule;
struct Maat_rule_t *tsg_fetch_deny_rule(Maat_rule_t *result, int result_num); struct Maat_rule_t *tsg_fetch_deny_rule(Maat_rule_t *result, int result_num);

44
src/tsg_entry.cpp
View File

@@ -4,6 +4,7 @@
#include <assert.h> #include <assert.h>
#include <MESA/http.h> #include <MESA/http.h>
#include <MESA/ftp.h>
#include <MESA/stream.h> #include <MESA/stream.h>
#include <MESA/MESA_prof_load.h> #include <MESA/MESA_prof_load.h>
#include <MESA/MESA_handle_logger.h> #include <MESA/MESA_handle_logger.h>
@@ -37,7 +38,7 @@ static __attribute__((__used__)) const char * GIT_VERSION_UNKNOWN = NULL;
#endif #endif
char TSG_MASTER_VERSION_20200110=0; char TSG_MASTER_VERSION_20200113=0;
const char *tsg_conffile="tsgconf/main.conf"; const char *tsg_conffile="tsgconf/main.conf";
g_tsg_para_t g_tsg_para; g_tsg_para_t g_tsg_para;
@@ -200,8 +201,10 @@ static int identify_application_protocol(struct streaminfo *a_stream, struct _id
strncpy(identify_info->domain, chello->sni, identify_info->domain_len); strncpy(identify_info->domain, chello->sni, identify_info->domain_len);
} }
ret=1; ssl_chello_free(chello);
return 1;
} }
ssl_chello_free(chello); ssl_chello_free(chello);
//dns //dns
@@ -215,6 +218,7 @@ static int identify_application_protocol(struct streaminfo *a_stream, struct _id
if((ntohs(tpl4->source)==53) || (ntohs(tpl4->dest)==53)) if((ntohs(tpl4->source)==53) || (ntohs(tpl4->dest)==53))
{ {
identify_info->proto=PROTO_DNS; identify_info->proto=PROTO_DNS;
return 1;
} }
break; break;
case ADDR_TYPE_IPV6: case ADDR_TYPE_IPV6:
@@ -222,11 +226,22 @@ static int identify_application_protocol(struct streaminfo *a_stream, struct _id
if((ntohs(tpl6->source)==53) || (ntohs(tpl6->dest)==53)) if((ntohs(tpl6->source)==53) || (ntohs(tpl6->dest)==53))
{ {
identify_info->proto=PROTO_DNS; identify_info->proto=PROTO_DNS;
return 1;
} }
break; break;
default: default:
break; break;
} }
//ftp
ret=ftp_control_identify(a_stream);
if(ret>0)
{
identify_info->proto=PROTO_FTP;
return 1;
}
//mail
return ret; return ret;
} }
@@ -256,24 +271,7 @@ extern "C" char TSG_MASTER_TCP_ENTRY(struct streaminfo *a_tcp, void **pme, int t
{ {
hit_num+=ret; hit_num+=ret;
q_result=tsg_policy_decision_criteria(all_result, hit_num); q_result=tsg_policy_decision_criteria(all_result, hit_num);
FS_operate(g_tsg_para.fs2_handle, g_tsg_para.fs2_field_id[TSG_FS2_HIT_ADDR], 0, FS_OP_ADD, 1); FS_operate(g_tsg_para.fs2_handle, g_tsg_para.fs2_field_id[TSG_FS2_HIT_ADDR], 0, FS_OP_ADD, 1);
MESA_handle_runtime_log(g_tsg_para.logger,
RLOG_LV_DEBUG,
"SCAN_IP",
"Hit addr: %s scan ret: %d policy_id: %d service: %d action: %d",
printaddr(&a_tcp->addr, thread_seq),
ret,
q_result->config_id,
q_result->service_id,
q_result->action);
}
else
{
MESA_handle_runtime_log(g_tsg_para.logger,
RLOG_LV_DEBUG,
"SCAN_IP",
"Not hit %s scan ret: %d",
printaddr(&a_tcp->addr, thread_seq), ret);
} }
ret=tsg_scan_shared_policy(g_tsg_maat_feather, &identify_info, all_result+hit_num, MAX_RESULT_NUM-hit_num, &mid, thread_seq); ret=tsg_scan_shared_policy(g_tsg_maat_feather, &identify_info, all_result+hit_num, MAX_RESULT_NUM-hit_num, &mid, thread_seq);
@@ -385,6 +383,12 @@ extern "C" char TSG_MASTER_TCP_ENTRY(struct streaminfo *a_tcp, void **pme, int t
break; break;
} }
} }
if(mid!=NULL)
{
Maat_clean_status(&mid);
mid=NULL;
}
break; break;
case OP_STATE_DATA: case OP_STATE_DATA:
case OP_STATE_CLOSE: case OP_STATE_CLOSE:

108
src/tsg_rule.cpp
View File

@@ -60,7 +60,7 @@ void subscribe_id_dup_data(int table_id, MAAT_PLUGIN_EX_DATA *to, MAAT_PLUGIN_EX
*to=calloc(1, strlen((char *)*from)+1); *to=calloc(1, strlen((char *)*from)+1);
memcpy(*to, *from, strlen((char *)*from)); memcpy(*to, *from, strlen((char *)*from));
MESA_handle_runtime_log(logger, RLOG_LV_INFO, "SUBSCRIBE_ID", "Dup subscribe_id: %s table_id: %d", (char *)*to, table_id); MESA_handle_runtime_log(logger, RLOG_LV_DEBUG, "SUBSCRIBE_ID", "Dup subscribe_id: %s table_id: %d", (char *)*to, table_id);
return; return;
} }
@@ -90,7 +90,7 @@ void subscribe_id_new_data(int table_id, const char* key, const char* table_line
memcpy(*ad, subscribe_id, strlen(subscribe_id)); memcpy(*ad, subscribe_id, strlen(subscribe_id));
MESA_handle_runtime_log(logger, MESA_handle_runtime_log(logger,
RLOG_LV_INFO, RLOG_LV_DEBUG,
"SUBSCRIBE_ID", "SUBSCRIBE_ID",
"Add subscribe_id: %s table_id: %d key: %s table_line: %s", "Add subscribe_id: %s table_id: %d key: %s table_line: %s",
*ad, *ad,
@@ -104,7 +104,7 @@ void subscribe_id_new_data(int table_id, const char* key, const char* table_line
void subscribe_id_free_data(int table_id, MAAT_PLUGIN_EX_DATA* ad, long argl, void* argp) void subscribe_id_free_data(int table_id, MAAT_PLUGIN_EX_DATA* ad, long argl, void* argp)
{ {
void *logger=argp; void *logger=argp;
MESA_handle_runtime_log(logger, RLOG_LV_INFO, "SUBSCRIBE_ID", "Delete subscribe_id: %s table_id: %d", (char *)*ad, table_id); MESA_handle_runtime_log(logger, RLOG_LV_DEBUG, "SUBSCRIBE_ID", "Delete subscribe_id: %s table_id: %d", (char *)*ad, table_id);
free(*ad); free(*ad);
*ad=NULL; *ad=NULL;
@@ -364,8 +364,13 @@ int tsg_scan_nesting_addr(Maat_feather_t maat_feather, const struct streaminfo *
const struct streaminfo *cur_stream = a_stream; const struct streaminfo *cur_stream = a_stream;
if(result == NULL || result_num <= 0 || a_stream == NULL || maat_feather == NULL) if(result==NULL || result_num<=0 || a_stream==NULL || maat_feather==NULL)
{ {
MESA_handle_runtime_log(g_tsg_para.logger,
RLOG_LV_FATAL,
"SCAN_NESTING_ADDR",
"result==NULL || result_num<=0 || maat_feather==NULL || a_stream==%s",
(a_stream!=NULL) ? printaddr(&a_stream->addr, a_stream->threadnum) : "NULL");
return -1; return -1;
} }
@@ -417,16 +422,38 @@ int tsg_scan_nesting_addr(Maat_feather_t maat_feather, const struct streaminfo *
result_num-hit_num, result_num-hit_num,
mid, mid,
cur_stream->threadnum); cur_stream->threadnum);
if(maat_ret > 0) if(maat_ret>0)
{ {
MESA_handle_runtime_log(g_tsg_para.logger,
RLOG_LV_DEBUG,
"SCAN_IP",
"Hit addr: %s scan ret: %d policy_id: %d service: %d action: %d",
printaddr(&cur_stream->addr, cur_stream->threadnum),
maat_ret,
result[hit_num].config_id,
result[hit_num].service_id,
result[hit_num].action
);
hit_num+=maat_ret; hit_num+=maat_ret;
} }
else
{
MESA_handle_runtime_log(g_tsg_para.logger,
RLOG_LV_DEBUG,
"SCAN_IP",
"No hit addr: %s scan ret: %d",
printaddr(&cur_stream->addr, cur_stream->threadnum),
maat_ret
);
}
} }
cur_stream = cur_stream->pfather; cur_stream = cur_stream->pfather;
}while(cur_stream != NULL && hit_num < result_num); }while(cur_stream != NULL && hit_num < result_num);
if(hit_num<result_num && proto>PROTO_UNKONWN && proto<PROTO_MAX) if(hit_num<result_num && proto>PROTO_UNKONWN && proto<PROTO_MAX)
{ {
maat_ret=Maat_full_scan_string(maat_feather, maat_ret=Maat_full_scan_string(maat_feather,
@@ -441,8 +468,31 @@ int tsg_scan_nesting_addr(Maat_feather_t maat_feather, const struct streaminfo *
a_stream->threadnum); a_stream->threadnum);
if(maat_ret > 0) if(maat_ret > 0)
{ {
MESA_handle_runtime_log(g_tsg_para.logger,
RLOG_LV_DEBUG,
"SCAN_PROTO",
"Hit PROTO: %s scan ret: %d policy_id: %d service: %d action: %d addr: %s",
g_tsg_proto_string[proto].type,
maat_ret,
result[hit_num].config_id,
result[hit_num].service_id,
result[hit_num].action,
printaddr(&a_stream->addr, a_stream->threadnum)
);
hit_num+=maat_ret; hit_num+=maat_ret;
} }
else
{
MESA_handle_runtime_log(g_tsg_para.logger,
RLOG_LV_DEBUG,
"SCAN_PROTO",
"No hit PROTO: %s scan ret: %d addr: %s",
g_tsg_proto_string[proto].type,
maat_ret,
printaddr(&a_stream->addr, a_stream->threadnum)
);
}
} }
@@ -463,9 +513,32 @@ int tsg_scan_nesting_addr(Maat_feather_t maat_feather, const struct streaminfo *
mid, mid,
a_stream->threadnum); a_stream->threadnum);
if(maat_ret > 0) if(maat_ret > 0)
{ {
MESA_handle_runtime_log(g_tsg_para.logger,
RLOG_LV_DEBUG,
"SCAN_SUBSCRIBER",
"Hit source subscribe id: %s scan ret: %d policy_id: %d service: %d action: %d addr: %s",
source_subscribe_id,
maat_ret,
result[hit_num].config_id,
result[hit_num].service_id,
result[hit_num].action,
printaddr(&a_stream->addr, a_stream->threadnum)
);
hit_num+=maat_ret; hit_num+=maat_ret;
} }
else
{
MESA_handle_runtime_log(g_tsg_para.logger,
RLOG_LV_DEBUG,
"SCAN_SUBSCRIBER",
"No hit source subscribe id: %s scan ret: %d addr: %s",
source_subscribe_id,
maat_ret,
printaddr(&a_stream->addr, a_stream->threadnum)
);
}
subscribe_id_free_data(g_tsg_para.dyn_subscribe_ip_table_id,(MAAT_PLUGIN_EX_DATA *)&source_subscribe_id, 0, g_tsg_para.logger); subscribe_id_free_data(g_tsg_para.dyn_subscribe_ip_table_id,(MAAT_PLUGIN_EX_DATA *)&source_subscribe_id, 0, g_tsg_para.logger);
} }
@@ -484,8 +557,31 @@ int tsg_scan_nesting_addr(Maat_feather_t maat_feather, const struct streaminfo *
a_stream->threadnum); a_stream->threadnum);
if(maat_ret > 0) if(maat_ret > 0)
{ {
MESA_handle_runtime_log(g_tsg_para.logger,
RLOG_LV_DEBUG,
"SCAN_SUBSCRIBER",
"Hit dest subscribe id: %s scan ret: %d policy_id: %d service: %d action: %d addr: %s",
dest_subscribe_id,
maat_ret,
result[hit_num].config_id,
result[hit_num].service_id,
result[hit_num].action,
printaddr(&a_stream->addr, a_stream->threadnum)
);
hit_num+=maat_ret; hit_num+=maat_ret;
} }
else
{
MESA_handle_runtime_log(g_tsg_para.logger,
RLOG_LV_DEBUG,
"SCAN_SUBSCRIBER",
"No hit dest subscribe id: %s scan ret: %d addr: %s",
dest_subscribe_id,
maat_ret,
printaddr(&a_stream->addr, a_stream->threadnum)
);
}
subscribe_id_free_data(g_tsg_para.dyn_subscribe_ip_table_id,(MAAT_PLUGIN_EX_DATA *)&dest_subscribe_id, 0, g_tsg_para.logger); subscribe_id_free_data(g_tsg_para.dyn_subscribe_ip_table_id,(MAAT_PLUGIN_EX_DATA *)&dest_subscribe_id, 0, g_tsg_para.logger);
} }

4
src/tsg_send_log.cpp
View File

@@ -360,8 +360,8 @@ struct tsg_log_instance_t *tsg_sendlog_init(const char *conffile)
} }
MESA_load_profile_int_def(conffile, "TSG_LOG", "MAX_SERVICE",&(_instance->max_service), 0); MESA_load_profile_int_def(conffile, "TSG_LOG", "MAX_SERVICE",&(_instance->max_service), 0);
(_instance->topic_rkt)=(rd_kafka_topic_t **)calloc(1, sizeof(rd_kafka_topic_t*)); //(_instance->topic_rkt)=(rd_kafka_topic_t **)calloc(1, sizeof(void *));
*(_instance->topic_rkt)=(rd_kafka_topic_t *)calloc(1, (1+_instance->max_service)*sizeof(rd_kafka_topic_t*)); (_instance->topic_rkt)=(rd_kafka_topic_t **)calloc(1, (1+_instance->max_service)*sizeof(rd_kafka_topic_t*));
_instance->service2topic=(id2field_t *)calloc(1, (1+_instance->max_service)*sizeof(id2field_t)); _instance->service2topic=(id2field_t *)calloc(1, (1+_instance->max_service)*sizeof(id2field_t));