调整debug日志

修复内存泄漏

inc/tsg_rule.h

@@ -64,6 +64,7 @@ extern Maat_feather_t g_tsg_maat_feather;
 int tsg_rule_init(const char *conffile, void *logger);
 
 int tsg_scan_nesting_addr(Maat_feather_t maat_feather, const struct streaminfo *a_stream, tsg_protocol_t proto, scan_status_t *mid, Maat_rule_t*result, int result_num);
+int tsg_pull_policy_result(struct streaminfo *a_stream, PULL_RESULT_TYPE pull_result_type, Maat_rule_t*result, int result_num, struct _identify_info *identify_info);
 
 //return NULL if none exists, otherwise return one deny rule;
 struct Maat_rule_t *tsg_fetch_deny_rule(Maat_rule_t *result, int result_num);

src/tsg_entry.cpp

@@ -4,6 +4,7 @@
 #include <assert.h>
 
 #include <MESA/http.h>
+#include <MESA/ftp.h>
 #include <MESA/stream.h>
 #include <MESA/MESA_prof_load.h>
 #include <MESA/MESA_handle_logger.h>
@@ -37,7 +38,7 @@ static __attribute__((__used__)) const char * GIT_VERSION_UNKNOWN = NULL;
 #endif
 
 
-char TSG_MASTER_VERSION_20200110=0;
+char TSG_MASTER_VERSION_20200113=0;
 const char *tsg_conffile="tsgconf/main.conf";
 g_tsg_para_t g_tsg_para;
 
@@ -200,8 +201,10 @@ static int identify_application_protocol(struct streaminfo *a_stream, struct _id
 			strncpy(identify_info->domain, chello->sni, identify_info->domain_len);
 		}
 		
-		ret=1;
+		ssl_chello_free(chello);
+		return 1;
 	}
+	
     ssl_chello_free(chello);
 
 	//dns
@@ -215,6 +218,7 @@ static int identify_application_protocol(struct streaminfo *a_stream, struct _id
 			if((ntohs(tpl4->source)==53) || (ntohs(tpl4->dest)==53))
 			{
 				identify_info->proto=PROTO_DNS;
+				return 1;
 			}
 			break;
 		case ADDR_TYPE_IPV6:
@@ -222,12 +226,23 @@ static int identify_application_protocol(struct streaminfo *a_stream, struct _id
 			if((ntohs(tpl6->source)==53) || (ntohs(tpl6->dest)==53))
 			{
 				identify_info->proto=PROTO_DNS;
+				return 1;
 			}
 			break;
 		default:
 			break;
 	}
 
+	//ftp
+	ret=ftp_control_identify(a_stream);
+	if(ret>0)
+	{
+		identify_info->proto=PROTO_FTP;
+		return 1;
+	}
+
+	//mail
+	
 	return ret;
 }
 
@@ -257,23 +272,6 @@ extern "C" char TSG_MASTER_TCP_ENTRY(struct streaminfo *a_tcp, void **pme, int t
 				hit_num+=ret;
 				q_result=tsg_policy_decision_criteria(all_result, hit_num);
 				FS_operate(g_tsg_para.fs2_handle, g_tsg_para.fs2_field_id[TSG_FS2_HIT_ADDR], 0, FS_OP_ADD, 1);		
-				MESA_handle_runtime_log(g_tsg_para.logger,
-										RLOG_LV_DEBUG,
-										"SCAN_IP",
-										"Hit addr: %s scan ret: %d policy_id: %d service: %d action: %d",
-										printaddr(&a_tcp->addr, thread_seq),
-										ret,
-										q_result->config_id,
-										q_result->service_id,
-										q_result->action);			
-			}
-			else
-			{
-				MESA_handle_runtime_log(g_tsg_para.logger,
-										RLOG_LV_DEBUG,
-										"SCAN_IP",
-										"Not hit %s scan ret: %d",
-										printaddr(&a_tcp->addr, thread_seq), ret);			
 			}
 			
 			ret=tsg_scan_shared_policy(g_tsg_maat_feather, &identify_info, all_result+hit_num, MAX_RESULT_NUM-hit_num, &mid, thread_seq);
@@ -385,6 +383,12 @@ extern "C" char TSG_MASTER_TCP_ENTRY(struct streaminfo *a_tcp, void **pme, int t
 						break;
 				}
 			}
+
+			if(mid!=NULL)
+			{
+				Maat_clean_status(&mid);
+				mid=NULL;
+			}
 		break;
 		case	OP_STATE_DATA:
 		case	OP_STATE_CLOSE:

src/tsg_rule.cpp

@@ -60,7 +60,7 @@ void subscribe_id_dup_data(int table_id, MAAT_PLUGIN_EX_DATA *to, MAAT_PLUGIN_EX
 	*to=calloc(1, strlen((char *)*from)+1);
 	memcpy(*to, *from, strlen((char *)*from));
 	
-	MESA_handle_runtime_log(logger, RLOG_LV_INFO, "SUBSCRIBE_ID", "Dup subscribe_id: %s table_id: %d", (char *)*to, table_id);
+	MESA_handle_runtime_log(logger, RLOG_LV_DEBUG, "SUBSCRIBE_ID", "Dup subscribe_id: %s table_id: %d", (char *)*to, table_id);
 	return;
 }
 
@@ -90,7 +90,7 @@ void subscribe_id_new_data(int table_id, const char* key, const char* table_line
 	
 	memcpy(*ad, subscribe_id, strlen(subscribe_id));
 	MESA_handle_runtime_log(logger, 
-								RLOG_LV_INFO,
+								RLOG_LV_DEBUG,
 								"SUBSCRIBE_ID",
 								"Add subscribe_id: %s table_id: %d key: %s table_line: %s",
 								*ad,
@@ -104,7 +104,7 @@ void subscribe_id_new_data(int table_id, const char* key, const char* table_line
 void subscribe_id_free_data(int table_id, MAAT_PLUGIN_EX_DATA* ad, long argl, void* argp)
 {
 	void *logger=argp;
-	MESA_handle_runtime_log(logger, RLOG_LV_INFO, "SUBSCRIBE_ID", "Delete subscribe_id: %s table_id: %d", (char *)*ad, table_id);
+	MESA_handle_runtime_log(logger, RLOG_LV_DEBUG, "SUBSCRIBE_ID", "Delete subscribe_id: %s table_id: %d", (char *)*ad, table_id);
 	free(*ad);
 	*ad=NULL;
 
@@ -364,8 +364,13 @@ int tsg_scan_nesting_addr(Maat_feather_t maat_feather, const struct streaminfo *
 	const struct streaminfo *cur_stream = a_stream;
 
 
-	if(result == NULL || result_num <= 0 || a_stream == NULL || maat_feather == NULL)
+	if(result==NULL || result_num<=0 || a_stream==NULL || maat_feather==NULL)
 	{
+		MESA_handle_runtime_log(g_tsg_para.logger,
+								RLOG_LV_FATAL,
+								"SCAN_NESTING_ADDR",
+								"result==NULL || result_num<=0 || maat_feather==NULL || a_stream==%s",
+								(a_stream!=NULL) ? printaddr(&a_stream->addr, a_stream->threadnum) : "NULL");
 		return -1;
 	}
 	
@@ -417,16 +422,38 @@ int tsg_scan_nesting_addr(Maat_feather_t maat_feather, const struct streaminfo *
  											result_num-hit_num,
  											mid,
  											cur_stream->threadnum);
-			if(maat_ret > 0)
+			if(maat_ret>0)
 			{
+				MESA_handle_runtime_log(g_tsg_para.logger,
+											RLOG_LV_DEBUG,
+											"SCAN_IP",
+											"Hit addr: %s scan ret: %d policy_id: %d service: %d action: %d",
+											printaddr(&cur_stream->addr, cur_stream->threadnum),
+											maat_ret,
+											result[hit_num].config_id,
+											result[hit_num].service_id,
+											result[hit_num].action
+										);
+
 				hit_num+=maat_ret;
 			}
+			else
+			{
+				MESA_handle_runtime_log(g_tsg_para.logger,
+											RLOG_LV_DEBUG,
+											"SCAN_IP",
+											"No hit addr: %s scan ret: %d",
+											printaddr(&cur_stream->addr, cur_stream->threadnum),
+											maat_ret
+										);	
+			}
 		}
 		
 		cur_stream = cur_stream->pfather;
 		
 	}while(cur_stream != NULL && hit_num < result_num);
 
+
 	if(hit_num<result_num && proto>PROTO_UNKONWN && proto<PROTO_MAX)
 	{
 		maat_ret=Maat_full_scan_string(maat_feather,
@@ -441,8 +468,31 @@ int tsg_scan_nesting_addr(Maat_feather_t maat_feather, const struct streaminfo *
 									a_stream->threadnum);
 		if(maat_ret > 0)
 		{
+			MESA_handle_runtime_log(g_tsg_para.logger,
+									RLOG_LV_DEBUG,
+									"SCAN_PROTO",
+									"Hit PROTO: %s scan ret: %d policy_id: %d service: %d action: %d addr: %s",
+									g_tsg_proto_string[proto].type,
+									maat_ret,
+									result[hit_num].config_id,
+									result[hit_num].service_id,
+									result[hit_num].action,
+									printaddr(&a_stream->addr, a_stream->threadnum)
+									);
+
 			hit_num+=maat_ret;
 		}
+		else
+		{
+			MESA_handle_runtime_log(g_tsg_para.logger,
+									RLOG_LV_DEBUG,
+									"SCAN_PROTO",
+									"No hit PROTO: %s scan ret: %d addr: %s",
+									g_tsg_proto_string[proto].type,
+									maat_ret,
+									printaddr(&a_stream->addr, a_stream->threadnum)
+									);
+		}
 	}
 
 
@@ -464,8 +514,31 @@ int tsg_scan_nesting_addr(Maat_feather_t maat_feather, const struct streaminfo *
 										a_stream->threadnum);
 			if(maat_ret > 0)
 			{				
+				MESA_handle_runtime_log(g_tsg_para.logger,
+											RLOG_LV_DEBUG,
+											"SCAN_SUBSCRIBER",
+											"Hit source subscribe id: %s scan ret: %d policy_id: %d service: %d action: %d addr: %s",
+											source_subscribe_id,
+											maat_ret,
+											result[hit_num].config_id,
+											result[hit_num].service_id,
+											result[hit_num].action,
+											printaddr(&a_stream->addr, a_stream->threadnum)
+										);
+
 				hit_num+=maat_ret;
 			}
+			else
+			{
+				MESA_handle_runtime_log(g_tsg_para.logger,
+											RLOG_LV_DEBUG,
+											"SCAN_SUBSCRIBER",
+											"No hit source subscribe id: %s scan ret: %d addr: %s",
+											source_subscribe_id,
+											maat_ret,
+											printaddr(&a_stream->addr, a_stream->threadnum)
+										);
+			}
 			
 			subscribe_id_free_data(g_tsg_para.dyn_subscribe_ip_table_id,(MAAT_PLUGIN_EX_DATA *)&source_subscribe_id, 0, g_tsg_para.logger);
 		}
@@ -484,8 +557,31 @@ int tsg_scan_nesting_addr(Maat_feather_t maat_feather, const struct streaminfo *
 										a_stream->threadnum);
 			if(maat_ret > 0)
 			{
+				MESA_handle_runtime_log(g_tsg_para.logger,
+											RLOG_LV_DEBUG,
+											"SCAN_SUBSCRIBER",
+											"Hit dest subscribe id: %s scan ret: %d policy_id: %d service: %d action: %d addr: %s",
+											dest_subscribe_id,
+											maat_ret,
+											result[hit_num].config_id,
+											result[hit_num].service_id,
+											result[hit_num].action,
+											printaddr(&a_stream->addr, a_stream->threadnum)
+										);
+
 				hit_num+=maat_ret;
 			}
+			else
+			{
+				MESA_handle_runtime_log(g_tsg_para.logger,
+											RLOG_LV_DEBUG,
+											"SCAN_SUBSCRIBER",
+											"No hit dest subscribe id: %s scan ret: %d addr: %s",
+											dest_subscribe_id,
+											maat_ret,
+											printaddr(&a_stream->addr, a_stream->threadnum)
+										);
+			}
 			
 			subscribe_id_free_data(g_tsg_para.dyn_subscribe_ip_table_id,(MAAT_PLUGIN_EX_DATA *)&dest_subscribe_id, 0, g_tsg_para.logger);
 		}

src/tsg_send_log.cpp

@@ -360,8 +360,8 @@ struct tsg_log_instance_t *tsg_sendlog_init(const char *conffile)
 	}
 
 	MESA_load_profile_int_def(conffile, "TSG_LOG", "MAX_SERVICE",&(_instance->max_service), 0);
-	(_instance->topic_rkt)=(rd_kafka_topic_t **)calloc(1, sizeof(rd_kafka_topic_t*));
-	*(_instance->topic_rkt)=(rd_kafka_topic_t *)calloc(1, (1+_instance->max_service)*sizeof(rd_kafka_topic_t*));
+	//(_instance->topic_rkt)=(rd_kafka_topic_t **)calloc(1, sizeof(void *));
+	(_instance->topic_rkt)=(rd_kafka_topic_t **)calloc(1, (1+_instance->max_service)*sizeof(rd_kafka_topic_t*));
 	
 	_instance->service2topic=(id2field_t *)calloc(1, (1+_instance->max_service)*sizeof(id2field_t));