TSG-9215: 修复tamper命中tcp后相同的数据包可能发送两次的问题

src/tsg_action.cpp

@@ -724,42 +724,37 @@ static unsigned char do_action_redirect_xxx(const struct streaminfo *a_stream, M
 
 static unsigned char do_action_tamper(const struct streaminfo *a_stream, Maat_rule_t *p_result, struct compile_user_region *user_region, tsg_protocol_t protocol, const void *user_data)
 {
-	if(user_region==NULL)
-	{
+	if(user_region==NULL){
         return do_action_drop(a_stream, p_result, user_region, protocol, user_data);
     }
 
     struct tcpall_context * _context=(struct tcpall_context *)get_struct_project(a_stream, g_tsg_para.tcpall_project_id);
-    if(_context==NULL)
-    {
+    if(_context==NULL){
         _context=(struct tcpall_context *)dictator_malloc(a_stream->threadnum, sizeof(struct tcpall_context));
         memset(_context, 0, sizeof(struct tcpall_context));
         set_struct_project(a_stream, g_tsg_para.tcpall_project_id, (void *)_context);
         _context->method_type=TSG_METHOD_TYPE_TAMPER;
-        _context->tamper_count = 1;
+        _context->tamper_count = -1;
     }else{
-        if(_context->method_type != TSG_METHOD_TYPE_TAMPER)
-        {
+        if(_context->method_type == TSG_METHOD_TYPE_UNKNOWN){
             _context->method_type=TSG_METHOD_TYPE_TAMPER;
-            _context->tamper_count = 1;
-        }
-        else
-        {
-            //to do error log 
-            //_context->method_type                                                                                            
+            _context->tamper_count = -1;
+        }else if (_context->method_type == TSG_METHOD_TYPE_TAMPER){
 			MESA_handle_runtime_log(g_tsg_para.logger,
                                     RLOG_LV_DEBUG,
                                     __FUNCTION__,
-                                    "_context->method_type : %d",
+                                    "Tamper is been processed, _context->method_type : %d",
                                     _context->method_type);
-	
             return STATE_GIVEME;
         }
     }
-
-    if(0 == send_tamper_xxx(a_stream, user_data)){
-        return STATE_DROPPKT;
+   
+    if(a_stream->type != STREAM_TYPE_TCP){
+        if(0 == send_tamper_xxx(a_stream, &_context->tamper_count, user_data)){
+            return STATE_DROPPKT;
+        }
     }
+
     return STATE_GIVEME;
 }
 

src/tsg_entry.cpp

@@ -1806,18 +1806,11 @@ static unsigned char tsg_master_all_entry(const struct streaminfo *a_stream, uns
 				}
 				break;
             case    TSG_METHOD_TYPE_TAMPER:
-                if(0 == send_tamper_xxx(a_stream, a_packet)){
-                    state|=APP_STATE_GIVEME|APP_STATE_DROPPKT;
-                }else{
-                    state=APP_STATE_GIVEME;
+                if(a_stream->opstate != OP_STATE_PENDING){
+                    if(0 == send_tamper_xxx(a_stream, &context->tamper_count, a_packet)){
+					    state|=APP_STATE_GIVEME|APP_STATE_DROPPKT;
+                    }
                 }
-                context->tamper_count += 1;
-                MESA_handle_runtime_log(g_tsg_para.logger,
-                                        RLOG_LV_DEBUG,
-                                        __FUNCTION__,
-                                        "Addr: %s, send_tamper_xxx num %ld",
-                                        PRINTADDR(a_stream, g_tsg_para.level),
-                                        context->tamper_count);
                 break;
 			default:
 				break;

src/tsg_entry.h

@@ -212,7 +212,7 @@ struct tcpall_context
 	{
 		struct mirrored_vlan *vlan;
 		struct leaky_bucket *bucket;
-        long tamper_count;
+        long   tamper_count;
 		void *para;
 	};
 };

src/tsg_protocol_common.h

@@ -12,7 +12,6 @@
 #define	STATE_DROPPKT		4
 #define	STATE_KILL_OTHER	8
 
-
 enum TSG_DENY_TYPE
 {
 	TSG_DENY_TYPE_MESSAGE=0,
@@ -117,7 +116,6 @@ int tsg_send_inject_packet(const struct streaminfo *a_stream, enum sapp_inject_o
 unsigned char do_action_redirect_dns(const struct streaminfo *a_stream, Maat_rule_t *p_result, struct compile_user_region *user_region, const void *user_data);
 
 unsigned char send_icmp_unreachable(const struct streaminfo *a_stream, const void *raw_pkt);
-int send_tamper_xxx(const struct streaminfo *a_stream, const void *raw_pkt);
-
+int send_tamper_xxx(const struct streaminfo *a_stream, long *tamper_count, const void *raw_pkt);
 
 #endif

src/tsg_tamper.cpp

@@ -55,7 +55,7 @@ int tamper_calc(char *str, int endlen)
     return 0;
 }
 
-int send_tamper_xxx(const struct streaminfo *a_stream, const void *raw_pkt)
+int send_tamper_xxx(const struct streaminfo *a_stream, long *tamper_count, const void *raw_pkt)
 {
     const char *p_trans_payload = NULL;
     int trans_layload_len = 0;
@@ -63,18 +63,29 @@ int send_tamper_xxx(const struct streaminfo *a_stream, const void *raw_pkt)
     int  tamper_index = 0;
     int  ret = -1;
     
-    if(a_stream==NULL){
+    if(a_stream==NULL || raw_pkt==NULL){
         return -1;
     }
 
+    if(*tamper_count == -1){
+        *tamper_count = 1; 
+    }else{
+        *tamper_count = *tamper_count + 1;
+    }
+
     p_trans_payload = (char *)a_stream->ptcpdetail->pdata;
     trans_layload_len = a_stream->ptcpdetail->datalen;
+
     if((p_trans_payload==NULL)||(trans_layload_len<=4)){
         MESA_handle_runtime_log(g_tsg_para.logger,
                 RLOG_LV_DEBUG,
                 __FUNCTION__,
-                "Addr: %s  Packet is not tamper because the payload is too short or there is no payload",
-                PRINTADDR(a_stream, g_tsg_para.level));
+                "Addr: %s, try send num %ld ptcpdetail->pdata %p, ptcpdetail->datalen %d  rawpkt %p , but packet is not tamper because the payload is too short or there is no payload",
+                PRINTADDR(a_stream, g_tsg_para.level),
+                *tamper_count,
+                p_trans_payload,
+                trans_layload_len,
+                raw_pkt);
         return -1;
     }
 
@@ -84,8 +95,12 @@ int send_tamper_xxx(const struct streaminfo *a_stream, const void *raw_pkt)
         MESA_handle_runtime_log(g_tsg_para.logger,
                 RLOG_LV_DEBUG,
                 __FUNCTION__,
-                "Addr: %s,modify the index(%d) position of the payload:(old: %02x %02x %02x %02x, new: %02x %02x %02x %02x)",
+                "Addr: %s, try send num %ld ptcpdetail->pdata %p, ptcpdetail->datalen %d rawpkt %p, modify the index(%d) position of the payload:(old: %02x %02x %02x %02x, new: %02x %02x %02x %02x)",
                 PRINTADDR(a_stream, g_tsg_para.level),
+                *tamper_count,
+                p_trans_payload,
+                trans_layload_len,
+                raw_pkt,
                 tamper_index,
                 (uint8_t)p_trans_payload[tamper_index-1], (uint8_t)p_trans_payload[tamper_index], (uint8_t)p_trans_payload[tamper_index+1], (uint8_t)p_trans_payload[tamper_index+2],
                 (uint8_t)tamper_buf[tamper_index-1], (uint8_t)tamper_buf[tamper_index], (uint8_t)tamper_buf[tamper_index+1], (uint8_t)tamper_buf[tamper_index+2]);
@@ -97,8 +112,12 @@ int send_tamper_xxx(const struct streaminfo *a_stream, const void *raw_pkt)
         MESA_handle_runtime_log(g_tsg_para.logger,
                 RLOG_LV_DEBUG,
                 __FUNCTION__,
-                "Addr: %s num , payload tamper failed because payload data same",
-                PRINTADDR(a_stream, g_tsg_para.level));
+                "Addr: %s, try send num %ld ptcpdetail->pdata %p, ptcpdetail->datalen %d rawpkt %p, payload tamper failed because payload data same",
+                PRINTADDR(a_stream, g_tsg_para.level),
+                *tamper_count,
+                p_trans_payload,
+                trans_layload_len,
+                raw_pkt);
     }
 
     return ret;