diff --git a/CMakeLists.txt b/CMakeLists.txt index f6a2582..9120e26 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -96,5 +96,6 @@ install(FILES inc/tsg_statistic.h DESTINATION /opt/MESA/include/tsg COMPONENT HE install(FILES inc/tsg_label.h DESTINATION /opt/MESA/include/tsg COMPONENT HEADER) install(FILES inc/app_label.h DESTINATION /opt/MESA/include/tsg COMPONENT HEADER) install(FILES inc/tsg_gtp_signaling.h DESTINATION /opt/MESA/include/tsg COMPONENT HEADER) +install(FILES inc/statistics_metrics.h DESTINATION /opt/MESA/include/tsg COMPONENT HEADER) include(Package) diff --git a/bin/tsg_static_tableinfo.json b/bin/tsg_static_tableinfo.json index 60bb9ec..3e9147e 100644 --- a/bin/tsg_static_tableinfo.json +++ b/bin/tsg_static_tableinfo.json @@ -2,7 +2,7 @@ { "table_id": 0, "table_name": "TSG_COMPILE", - "db_tables":["TSG_SECURITY_COMPILE", "PXY_INTERCEPT_COMPILE", "TRAFFIC_SHAPING_COMPILE", "SERVICE_CHAINING_COMPILE", "APP_SIG_COMPILE", "APP_PRE_SIG_COMPILE", "APP_SELECTOR_COMPILE"], + "db_tables":["TSG_SECURITY_COMPILE", "PXY_INTERCEPT_COMPILE", "TRAFFIC_SHAPING_COMPILE", "SERVICE_CHAINING_COMPILE", "APP_SIG_COMPILE", "APP_PRE_SIG_COMPILE", "APP_SELECTOR_COMPILE", "STATISTICS_COMPILE"], "table_type": "compile", "user_region_encoded": "escape", "valid_column": 8, @@ -22,7 +22,7 @@ { "table_id": 1, "table_name": "TSG_GROUP_COMPILE_RELATION", - "db_tables":["GROUP_SECURITY_COMPILE_RELATION", "GROUP_PXY_INTERCEPT_COMPILE_RELATION", "GROUP_SHAPING_COMPILE_RELATION", "GROUP_SERVICE_CHAINING_COMPILE_RELATION", "APP_SIG_GROUP_COMPILE_RELATION", "APP_PRE_SIG_GROUP_COMPILE_RELATION", "APP_SELECTOR_GROUP_COMPILE_RELATION"], + "db_tables":["GROUP_SECURITY_COMPILE_RELATION", "GROUP_PXY_INTERCEPT_COMPILE_RELATION", "GROUP_SHAPING_COMPILE_RELATION", "GROUP_SERVICE_CHAINING_COMPILE_RELATION", "APP_SIG_GROUP_COMPILE_RELATION", "APP_PRE_SIG_GROUP_COMPILE_RELATION", "APP_SELECTOR_GROUP_COMPILE_RELATION", "GROUP_STATISTICS_COMPILE_RELATION"], "table_type": "group2compile", "associated_compile_table_id": 0, "valid_column": 3, @@ -1013,5 +1013,29 @@ "low_bound": 3, "up_bound": 4 } + }, + { + "table_id": 111, + "table_name": "STATISTICS_TEMPLATE", + "table_type": "plugin", + "valid_column": 3, + "custom": { + "key": 1, + "key_type": "integer", + "key_len": 8, + "gc_timeout_s":10 + } + }, + { + "table_id": 112, + "table_name": "STATISTICS_CHART", + "table_type": "plugin", + "valid_column": 7, + "custom": { + "key": 1, + "key_type": "integer", + "key_len": 8, + "gc_timeout_s":10 + } } ] diff --git a/inc/statistics_metrics.h b/inc/statistics_metrics.h new file mode 100644 index 0000000..290e67c --- /dev/null +++ b/inc/statistics_metrics.h @@ -0,0 +1,39 @@ +#pragma once + +enum STATISTICS_DIMENSION +{ + DIMENSION_MAAT_RULE=0, + DIMENSION_MAAT_STATE, + DIMENSION_FQDN, + DIMENSION_CATEGORY_ID, + DIMENSION_APPLICATION, + DIMENSION_MAX +}; + +#ifndef MAX_CATEGORY_ID_NUM +#define MAX_CATEGORY_ID_NUM 8 +#endif +struct server_fqdn_category +{ + int n_ids; + unsigned int ids[MAX_CATEGORY_ID_NUM]; +}; + +struct statistics_dimensions +{ + enum STATISTICS_DIMENSION type; + union + { + char *server_fqdn; + char *application; + struct maat_state *maat_state; + struct matched_policy_rules *policy; + struct server_fqdn_category *category; + }; +}; + +int session_dimension_server_fqdn_sync(const struct streaminfo *a_stream, char *server_fqdn); +int session_dimension_application_sync(const struct streaminfo *a_stream, char *application); +int session_dimension_maat_state_sync(const struct streaminfo *a_stream, struct maat_state *state); +int session_dimension_maat_rule_sync(const struct streaminfo *a_stream, struct matched_policy_rules *policy); +int session_dimension_category_id_sync(const struct streaminfo *a_stream, unsigned int *category_id, int n_category_id); diff --git a/inc/tsg_label.h b/inc/tsg_label.h index 47fc406..8e371e8 100644 --- a/inc/tsg_label.h +++ b/inc/tsg_label.h @@ -2,7 +2,6 @@ #include -#define MAX_CATEGORY_ID_NUM 8 #define MAX_STR_FIELD_LEN 64 #define MAX_VLAN_ID_NUM 32 diff --git a/inc/tsg_rule.h b/inc/tsg_rule.h index 9a0b632..927b38c 100644 --- a/inc/tsg_rule.h +++ b/inc/tsg_rule.h @@ -12,7 +12,8 @@ #define TSG_ACTION_S_CHAINING 0x40 #define TSG_ACTION_BYPASS 0x60 #define TSG_ACTION_SHUNT 0x80 -#define TSG_ACTION_MAX 0x80 +#define TSG_ACTION_STATISTICS 0x81 +#define TSG_ACTION_MAX 0x81 enum TSG_SERVICE { @@ -22,6 +23,7 @@ enum TSG_SERVICE TSG_SERVICE_SHAPING=6, TSG_SERVICE_PRE_SIGNATURE=7, TSG_SERVICE_SIGNATURE=8, + TSG_SERVICE_STATISTICS=10, TSG_SERVICE_MAX }; diff --git a/inc/tsg_send_log.h b/inc/tsg_send_log.h index 5951be8..5de883f 100644 --- a/inc/tsg_send_log.h +++ b/inc/tsg_send_log.h @@ -47,7 +47,7 @@ int TLD_append_streaminfo(struct tsg_log_instance_t *instance, struct TLD_handle int TLD_cancel(struct TLD_handle_t *handle); //return topic_id; return >=0 if success,otherwise return -1; -int tsg_register_topic(struct tsg_log_instance_t *instance, const char *topic_name); +int tsg_register_topic(struct tsg_log_instance_t *instance, char *topic_name); int tsg_send_payload(struct tsg_log_instance_t *instance, int topic_id, char *payload, int payload_len, int thread_id); int tsg_send_log(struct tsg_log_instance_t *instance, struct TLD_handle_t *handle, const struct streaminfo *a_stream, enum LOG_TYPE log_type, struct maat_rule *rules, size_t n_rules, int thread_id); diff --git a/inc/tsg_statistic.h b/inc/tsg_statistic.h index 976f7ce..42d6272 100644 --- a/inc/tsg_statistic.h +++ b/inc/tsg_statistic.h @@ -28,7 +28,7 @@ struct traffic_packet_info uint64_t c2s_pkts; uint64_t s2c_pkts; uint64_t c2s_fragments; - uint64_t s2c_fragments; + uint64_t s2c_fragments; uint64_t c2s_tcp_ooorder_pkts; uint64_t s2c_tcp_ooorder_pkts; uint64_t c2s_tcp_retransmitted_pkts; @@ -49,4 +49,17 @@ int tsg_set_statistic_opt(int value, enum _STATISTIC_OPT_TYPE type, int thread_s int tsg_set_application_metrics(const struct streaminfo *a_stream, const char *l4_protocol, const char *app_full_path, struct traffic_packet_info *app_statis, int thread_seq); +//statistics policy +int tsg_set_statistics_policy(const struct streaminfo *a_stream, struct maat_rule *p_result, int thread_seq); + +int tsg_set_statistics_fqdn(const struct streaminfo *a_stream, struct maat_rule *p_result, int thread_seq); +int tsg_set_statistics_fqdn_category(const struct streaminfo *a_stream, struct maat_rule *p_result, int thread_seq); +int tsg_set_statistics_client_object(const struct streaminfo *a_stream, struct maat_rule *p_result, int thread_seq); +int tsg_set_statistics_server_object(const struct streaminfo *a_stream, struct maat_rule *p_result, int thread_seq); +int tsg_set_statistics_application(const struct streaminfo *a_stream, struct maat_rule *p_result, int thread_seq); + +// statistics object +int tsg_set_statistics_object(const struct streaminfo *a_stream, struct maat_hit_group *group, long long *item_id, int n_item_id, int thread_seq); + + #endif diff --git a/src/tsg_bridge.cpp b/src/tsg_bridge.cpp index 42610f2..70ab915 100644 --- a/src/tsg_bridge.cpp +++ b/src/tsg_bridge.cpp @@ -10,6 +10,7 @@ #include "tsg_variable.h" #include "tsg_sync_state.h" #include "tsg_rule_internal.h" +#include "statistics_metrics.h" extern int session_app_identify_result_cb(const struct streaminfo *a_stream, int bridge_id, void *data); extern int session_flags_identify_result_cb(const struct streaminfo *a_stream, int bridge_id, void *data); @@ -1002,6 +1003,75 @@ void session_matched_rules_notify(const struct streaminfo *a_stream, TSG_SERVICE return ; } +int session_dimension_server_fqdn_sync(const struct streaminfo *a_stream, char *server_fqdn) +{ + if(server_fqdn==NULL) + { + return 0; + } + + struct statistics_dimensions dimension; + dimension.type=DIMENSION_FQDN; + dimension.server_fqdn=server_fqdn; + return stream_bridge_sync_data_put(a_stream, g_tsg_bridge_para[BRIDGE_TYPE_STATISTICS_DIMENSION].id, (void *)&(dimension)); +} + +int session_dimension_application_sync(const struct streaminfo *a_stream, char *application) +{ + if(application==NULL) + { + return 0; + } + + struct statistics_dimensions dimension; + dimension.type=DIMENSION_APPLICATION; + dimension.application=application; + return stream_bridge_sync_data_put(a_stream, g_tsg_bridge_para[BRIDGE_TYPE_STATISTICS_DIMENSION].id, (void *)&(dimension)); +} + +int session_dimension_maat_state_sync(const struct streaminfo *a_stream, struct maat_state *state) +{ + if(state==NULL) + { + return 0; + } + + struct statistics_dimensions dimension; + dimension.type=DIMENSION_MAAT_STATE; + dimension.maat_state=state; + return stream_bridge_sync_data_put(a_stream, g_tsg_bridge_para[BRIDGE_TYPE_STATISTICS_DIMENSION].id, (void *)&(dimension)); +} + +int session_dimension_maat_rule_sync(const struct streaminfo *a_stream, struct matched_policy_rules *policy) +{ + if(policy==NULL) + { + return 0; + } + + struct statistics_dimensions dimension; + dimension.type=DIMENSION_MAAT_RULE; + dimension.policy=policy; + return stream_bridge_sync_data_put(a_stream, g_tsg_bridge_para[BRIDGE_TYPE_STATISTICS_DIMENSION].id, (void *)&(dimension)); +} + +int session_dimension_category_id_sync(const struct streaminfo *a_stream, unsigned int *category_id, int n_category_id) +{ + if(category_id==NULL || n_category_id==0) + { + return 0; + } + + struct server_fqdn_category category; + category.n_ids=MIN(n_category_id, MAX_CATEGORY_ID_NUM); + memcpy(category.ids, category_id, category.n_ids*sizeof(unsigned int)); + + struct statistics_dimensions dimension; + dimension.type=DIMENSION_CATEGORY_ID; + dimension.category=&category; + return stream_bridge_sync_data_put(a_stream, g_tsg_bridge_para[BRIDGE_TYPE_STATISTICS_DIMENSION].id, (void *)&(dimension)); +} + void *session_mac_linkinfo_get(const struct streaminfo *a_stream) { return session_async_bridge_get_data(a_stream, g_tsg_bridge_para[BRIDGE_TYPE_MAC_LINKINFO].id); @@ -1161,6 +1231,9 @@ int tsg_bridge_init(const char *conffile) MESA_load_profile_string_def(conffile, "BRIDGE", "PROXY_LOG_UPDATE_BRIDGE_NAME", g_tsg_bridge_para[BRIDGE_TYPE_LOG_UPDATE_PROXY].name, MAX_BRIDGE_NAME_LEN, "PROXY_LOG_UPDATE"); g_tsg_bridge_para[BRIDGE_TYPE_LOG_UPDATE_PROXY].free_cb = session_proxy_log_update_free; + // statistics dimensions + MESA_load_profile_string_def(conffile, "BRIDGE", "STATISTICS_DIMENSIONS", g_tsg_bridge_para[BRIDGE_TYPE_STATISTICS_DIMENSION].name, MAX_BRIDGE_NAME_LEN, "STATISTICS_DIMENSIONS"); + for(int i=0; i=0) - { - srt_attribute->n_fqdn_category_ids=tsg_get_fqdn_category_ids(g_tsg_maat_feather, domain, srt_attribute->fqdn_category_ids, MAX_CATEGORY_ID_NUM); - return tsg_scan_fqdn_category_id(a_stream, g_tsg_maat_feather, srt_attribute->fqdn_category_ids, srt_attribute->n_fqdn_category_ids, table_idx, s_mid, matched_rules, n_matched_rules); - } - - return 0; -} - size_t session_app_id_and_properties_scan(const struct streaminfo *a_stream, struct maat_rule *matched_rules, size_t n_matched_rules, struct session_runtime_process_context *srt_process_context, struct app_attributes *app_attribute, char app_attribute_num, APP_IDENTIFY_ORIGIN origin, int thread_seq) { size_t matched_cnt=0; @@ -1832,6 +1820,18 @@ static unsigned char matched_security_rules_deal(const struct streaminfo *a_stre return state; } +int matched_statistics_rules_deal(const struct streaminfo *a_stream, struct maat_rule *statistics_rules, size_t n_statistics_rules, int thread_seq) +{ + struct matched_policy_rules policy; + policy.n_rules=MIN(MAX_RESULT_NUM, n_statistics_rules); + memcpy(policy.rules, statistics_rules, (policy.n_rules)*sizeof(struct maat_rule)); + session_dimension_maat_rule_sync(a_stream, &policy); + + srt_action_context_set_rule_method(a_stream, TSG_METHOD_TYPE_UNKNOWN, thread_seq); + + return 0; +} + int matched_shaping_rules_deal(const struct streaminfo *a_stream, struct maat_rule *shaping_rules, size_t n_shaping_rules, int thread_seq) { session_state_sync_in_activing(a_stream, TSG_SERVICE_SHAPING, shaping_rules, n_shaping_rules, thread_seq); @@ -1860,13 +1860,14 @@ int matched_service_chaining_rules_deal(const struct streaminfo *a_stream, struc unsigned char session_matched_rules_deal(const struct streaminfo *a_stream, struct session_runtime_process_context *srt_process_context, struct maat_rule *matched_rules, size_t n_matched_rules, const void *a_packet) { + int thread_seq=a_stream->threadnum; unsigned char state=APP_STATE_GIVEME; struct maat_rule security_rules[MAX_RESULT_NUM]={0}; size_t n_security_rules=tsg_select_rules_by_service_id(matched_rules, n_matched_rules, security_rules, MAX_RESULT_NUM, TSG_SERVICE_SECURITY); if(n_security_rules>0) { - state=matched_security_rules_deal(a_stream, srt_process_context, security_rules, n_security_rules, a_packet, a_stream->threadnum); + state=matched_security_rules_deal(a_stream, srt_process_context, security_rules, n_security_rules, a_packet,thread_seq); if(state&APP_STATE_KILL_OTHER) { return state; @@ -1877,21 +1878,28 @@ unsigned char session_matched_rules_deal(const struct streaminfo *a_stream, stru size_t n_s_chaining_rules=tsg_select_rules_by_service_id(matched_rules, n_matched_rules, s_chaining_rules, MAX_RESULT_NUM, TSG_SERVICE_CHAINING); if(n_s_chaining_rules>0) { - matched_service_chaining_rules_deal(a_stream, s_chaining_rules, n_s_chaining_rules, a_stream->threadnum); + matched_service_chaining_rules_deal(a_stream, s_chaining_rules, n_s_chaining_rules, thread_seq); } struct maat_rule shaping_rules[MAX_RESULT_NUM]={0}; size_t n_shaping_rules=tsg_select_rules_by_service_id(matched_rules, n_matched_rules, shaping_rules, MAX_RESULT_NUM, TSG_SERVICE_SHAPING); if(n_shaping_rules>0) { - matched_shaping_rules_deal(a_stream, shaping_rules, n_shaping_rules, a_stream->threadnum); + matched_shaping_rules_deal(a_stream, shaping_rules, n_shaping_rules, thread_seq); } struct maat_rule intercept_rules[MAX_RESULT_NUM]={0}; size_t n_intercept_rules=tsg_select_rules_by_service_id(matched_rules, n_matched_rules, intercept_rules, MAX_RESULT_NUM, TSG_SERVICE_INTERCEPT); if(n_intercept_rules>0) { - matched_intercept_rules_deal(a_stream, intercept_rules, n_intercept_rules, a_stream->threadnum); + matched_intercept_rules_deal(a_stream, intercept_rules, n_intercept_rules, thread_seq); + } + + struct maat_rule statistics_rules[MAX_RESULT_NUM]; + size_t n_statistics_rules=tsg_select_rules_by_service_id(matched_rules, n_matched_rules, statistics_rules, MAX_RESULT_NUM, TSG_SERVICE_STATISTICS); + if(n_shaping_rules>0) + { + matched_statistics_rules_deal(a_stream, statistics_rules, n_statistics_rules, thread_seq); } return state; @@ -2019,6 +2027,13 @@ int session_app_identify_result_cb(const struct streaminfo *a_stream, int bridge return 0; } + char app_full_path[256]={0}; + session_application_full_path_update(a_stream, app_full_path, sizeof(app_full_path)); + if(strlen(app_full_path)>0) + { + session_dimension_application_sync(a_stream, app_full_path); + } + if(srt_process_context->mid==NULL) { return 0; @@ -2094,11 +2109,32 @@ size_t session_pending_state_deal(const struct streaminfo *a_stream, struct sess session_ssl_ja3_fingerprint_generate(a_stream); } - int table_idx=tsg_domain_table_idx_get(srt_process_context->proto); - matched_cnt+=tsg_scan_shared_policy(a_stream, g_tsg_maat_feather, srt_process_context->domain, table_idx, (srt_process_context->mid), matched_rules+matched_cnt, n_matched_rules-matched_cnt); - - table_idx=tsg_fqdn_category_table_idx_get(srt_process_context->proto); - matched_cnt+=tsg_scan_fqdn_category_id(a_stream, g_tsg_maat_feather, srt_process_context->domain, table_idx, (srt_process_context->mid), matched_rules+matched_cnt, n_matched_rules-matched_cnt); + if(srt_process_context->domain!=NULL) + { + int table_idx=tsg_domain_table_idx_get(srt_process_context->proto); + matched_cnt+=tsg_scan_shared_policy(a_stream, g_tsg_maat_feather, srt_process_context->domain, table_idx, (srt_process_context->mid), matched_rules+matched_cnt, n_matched_rules-matched_cnt); + + struct session_runtime_attribute *srt_attribute=(struct session_runtime_attribute *)session_runtime_attribute_new(a_stream); + srt_attribute->n_fqdn_category_ids=tsg_get_fqdn_category_ids(g_tsg_maat_feather, srt_process_context->domain, srt_attribute->fqdn_category_ids, MAX_CATEGORY_ID_NUM); + + session_dimension_server_fqdn_sync(a_stream, srt_process_context->domain); + session_dimension_category_id_sync(a_stream, srt_attribute->fqdn_category_ids, srt_attribute->n_fqdn_category_ids); + + table_idx=tsg_fqdn_category_table_idx_get(srt_process_context->proto); + if(srt_attribute!=NULL && table_idx>=0) + { + matched_cnt+=tsg_scan_fqdn_category_id(a_stream, + g_tsg_maat_feather, + srt_attribute->fqdn_category_ids, + srt_attribute->n_fqdn_category_ids, + table_idx, + srt_process_context->mid, + matched_rules+matched_cnt, + n_matched_rules-matched_cnt + ); + } + } + if(srt_process_context->is_esni) { protocol_id=tsg_l7_protocol_name2id("ESNI", 4); @@ -2121,7 +2157,7 @@ size_t session_pending_state_deal(const struct streaminfo *a_stream, struct sess if(srt_process_context->proto==PROTO_HTTP && srt_process_context->http_url!=NULL) { - table_idx=tsg_http_url_table_idx_get(); + int table_idx=tsg_http_url_table_idx_get(); matched_cnt+=tsg_scan_shared_policy(a_stream, g_tsg_maat_feather, srt_process_context->http_url, table_idx, (srt_process_context->mid), matched_rules+matched_cnt, n_matched_rules-matched_cnt); } @@ -2243,6 +2279,8 @@ static unsigned char tsg_master_data_entry(const struct streaminfo *a_stream, vo state=session_matched_rules_deal(a_stream, srt_process_context, matched_rules, matched_cnt, a_packet); break; } + + session_dimension_maat_state_sync(a_stream, srt_process_context->mid); if((a_stream->opstate==OP_STATE_CLOSE) || (state&APP_STATE_DROPME)==APP_STATE_DROPME) { @@ -2303,8 +2341,16 @@ static unsigned char tsg_master_all_entry(const struct streaminfo *a_stream, uns { matched_shaping_rules_deal(a_stream, shaping_rules, n_shaping_rules, thread_seq); } + + struct maat_rule statistics_rules[MAX_RESULT_NUM]; + size_t n_statistics_rules=tsg_select_rules_by_service_id(matched_rules, matched_cnt, statistics_rules, MAX_RESULT_NUM, TSG_SERVICE_SHAPING); + if(state==APP_STATE_GIVEME && n_statistics_rules>0) + { + matched_statistics_rules_deal(a_stream, statistics_rules, n_statistics_rules, thread_seq); + } } + session_dimension_maat_state_sync(a_stream, scan_mid); maat_state_free(scan_mid); scan_mid=NULL; } diff --git a/src/tsg_stat.cpp b/src/tsg_stat.cpp index 65bfa89..cdbe848 100644 --- a/src/tsg_stat.cpp +++ b/src/tsg_stat.cpp @@ -290,6 +290,8 @@ int tsg_stat_init(void) fieldstat_register_table_row(g_rt_stat_para.fs_instance, g_rt_stat_para.exdata.table_id, "tunnel_catalog", NULL, 0, g_rt_stat_para.exdata.column_id[SYNC_EXDATA_ROW_TUNNEL_CATALOG]); fieldstat_register_table_row(g_rt_stat_para.fs_instance, g_rt_stat_para.exdata.table_id, "tunnel_endpoint", NULL, 0, g_rt_stat_para.exdata.column_id[SYNC_EXDATA_ROW_TUNNEL_ENDPOINT]); fieldstat_register_table_row(g_rt_stat_para.fs_instance, g_rt_stat_para.exdata.table_id, "tunnel_label", NULL, 0, g_rt_stat_para.exdata.column_id[SYNC_EXDATA_ROW_TUNNEL_LABEL]); + fieldstat_register_table_row(g_rt_stat_para.fs_instance, g_rt_stat_para.exdata.table_id, "statistics_template", NULL, 0, g_rt_stat_para.exdata.column_id[SYNC_EXDATA_ROW_STATISTICS_TEMPLATE]); + fieldstat_register_table_row(g_rt_stat_para.fs_instance, g_rt_stat_para.exdata.table_id, "statistics_chart", NULL, 0, g_rt_stat_para.exdata.column_id[SYNC_EXDATA_ROW_STATISTICS_CHART]); enum field_type flow_column_type[FLOW_STAT_MAX]={FIELD_TYPE_GAUGE, FIELD_TYPE_GAUGE, FIELD_TYPE_GAUGE, FIELD_TYPE_GAUGE, FIELD_TYPE_GAUGE}; const char *flow_column_name[FLOW_STAT_MAX]={"inject", "mirror_pkts", "mirror_bytes", "set_timeout", "tamper"}; diff --git a/src/tsg_stat.h b/src/tsg_stat.h index 29f798a..72a98f4 100644 --- a/src/tsg_stat.h +++ b/src/tsg_stat.h @@ -45,6 +45,8 @@ enum SYNC_EXDATA_ROW SYNC_EXDATA_ROW_TUNNEL_CATALOG, SYNC_EXDATA_ROW_TUNNEL_ENDPOINT, SYNC_EXDATA_ROW_TUNNEL_LABEL, + SYNC_EXDATA_ROW_STATISTICS_TEMPLATE, + SYNC_EXDATA_ROW_STATISTICS_CHART, SYNC_EXDATA_ROW_MAX }; diff --git a/src/version.map b/src/version.map index 03fb92e..bfd9ce7 100644 --- a/src/version.map +++ b/src/version.map @@ -16,6 +16,7 @@ global: *session_matched_rules_notify*; *session_matched_rules_copy*; *session_packet_capture_by_rules_notify*; + *session_dimension_*; *GIT*; }; local: *; diff --git a/test/bin/gtest_maat.json b/test/bin/gtest_maat.json index 71ec6e4..83add24 100644 --- a/test/bin/gtest_maat.json +++ b/test/bin/gtest_maat.json @@ -2452,6 +2452,23 @@ "123\ttesttesttesttesttesttesttesttesttesttesttesttesttesttesttesttesttesttesttesttesttesttesttesttesttesttesttesttesttesttesttesttest\t[66]\t1" ] }, + { + "table_name": "STATISTICS_TEMPLATE", + "table_content": [ + "100\t[1000,1001,1002,1003]\t1", + "101\t[1000,1001,1002,1003\t1", + "102\t[]\t1" + ] + }, + { + "table_name": "STATISTICS_CHART", + "table_content": [ + "1000\t[\"server_ip\",\"client_ip\"]\t[{\"metric\":\"bytes\",\"type\":\"counter\"},{\"metric\":\"sessions\",\"type\":\"counter\"}]\t{\"type\":\"Top-K\",\"order_by\":\"bytes\",\"max_values\":1024}\t{\"incoming_bytes\":1000,\"outgoing_bytes\":2000}\t10\t1", + "1001\t[\"server_ip\",\"client_ip\"]\t[{\"metric\":\"bytes\",\"type\":\"counter\"},{\"metric\":\"sessions\",\"type\":\"counter\"}]\t{\"type\":\"Top-K\",\"order_by\":\"bytes\",\"max_values\":1024}\t{\"incoming_bytes\":1000,\"outgoing_bytes\":2000}\t10\t1", + "1002\t[\"server_ip\",\"client_ip\"]\t[{\"metric\":\"bytes\",\"type\":\"counter\"},{\"metric\":\"sessions\",\"type\":\"counter\"}]\t{\"type\":\"Top-K\",\"order_by\":\"bytes\",\"max_values\":1024}\t{\"incoming_bytes\":1000,\"outgoing_bytes\":2000}\t10\t1", + "1003\t[\"server_ip\",\"client_ip\"]\t[{\"metric\":\"bytes\",\"type\":\"counter\"},{\"metric\":\"sessions\",\"type\":\"counter\"}]\t{\"type\":\"Top-K\",\"order_by\":\"bytes\",\"max_values\":1024}\t{\"incoming_bytes\":1000,\"outgoing_bytes\":2000}\t10\t1" + ] + }, { "table_name": "T_VSYS_INFO", "table_content": [ diff --git a/test/src/gtest_rule.cpp b/test/src/gtest_rule.cpp index 751da0f..7f8498f 100644 --- a/test/src/gtest_rule.cpp +++ b/test/src/gtest_rule.cpp @@ -40,7 +40,7 @@ int session_capture_packets_sync(const struct streaminfo * a_stream, struct maat return 0; } -TEST(TM, ExDataGTPC) +TEST(TSG_RULE, ExDataGTPC) { /****************************************************************************************************** table name: TSG_DYN_MOBILE_IDENTITY_APN_TEID @@ -66,7 +66,7 @@ TEST(TM, ExDataGTPC) EXPECT_STREQ("8626070583008402", user_info->imei); } -TEST(TM, ExDataAPPIDDictUnknown) +TEST(TSG_RULE, ExDataAPPIDDictUnknown) { /************************************************************************************************************************* table name: APP_ID_DICT @@ -99,7 +99,7 @@ TEST(TM, ExDataAPPIDDictUnknown) dict=(struct app_id_dict *)matched_rule_cites_app_id_dict(g_tsg_maat_feather, ll_app_id); } -TEST(TM, ExDataAPPIDDictDenyActionDrop) +TEST(TSG_RULE, ExDataAPPIDDictDenyActionDrop) { /************************************************************************************************************************* table name: APP_ID_DICT @@ -137,7 +137,7 @@ TEST(TM, ExDataAPPIDDictDenyActionDrop) dict=(struct app_id_dict *)matched_rule_cites_app_id_dict(g_tsg_maat_feather, ll_app_id); } -TEST(TM, ExDataAPPIDDictDenyActionRatelimit) +TEST(TSG_RULE, ExDataAPPIDDictDenyActionRatelimit) { /************************************************************************************************************************* table name: APP_ID_DICT @@ -173,7 +173,7 @@ TEST(TM, ExDataAPPIDDictDenyActionRatelimit) dict=(struct app_id_dict *)matched_rule_cites_app_id_dict(g_tsg_maat_feather, ll_app_id); } -TEST(TM, ExDataASNBuiltIn) +TEST(TSG_RULE, ExDataASNBuiltIn) { /************************************************************************************************************************* table name: TSG_IP_ASN_BUILT_IN @@ -181,7 +181,7 @@ TEST(TM, ExDataASNBuiltIn) EXPECT_EQ(1, 1); } -TEST(TM, ExDataASNUserDefine) +TEST(TSG_RULE, ExDataASNUserDefine) { /************************************************************************************************************************* table name: TSG_IP_ASN_USER_DEFINED @@ -189,7 +189,7 @@ TEST(TM, ExDataASNUserDefine) EXPECT_EQ(1, 1); } -TEST(TM, ExDataLocationBuiltIn) +TEST(TSG_RULE, ExDataLocationBuiltIn) { /************************************************************************************************************************* table name: TSG_IP_LOCATION_BUILT_IN @@ -218,7 +218,7 @@ TEST(TM, ExDataLocationBuiltIn) EXPECT_EQ(NULL, location); } -TEST(TM, ExDataLocationUserDefine) +TEST(TSG_RULE, ExDataLocationUserDefine) { /************************************************************************************************************************* table name: TSG_IP_LOCATION_USER_DEFINED @@ -240,7 +240,7 @@ TEST(TM, ExDataLocationUserDefine) EXPECT_EQ(NULL, location); } -TEST(TM, ExDataFQDNCategoryBuiltIn) +TEST(TSG_RULE, ExDataFQDNCategoryBuiltIn) { /************************************************************************************************************************* table name: TSG_FQDN_CATEGORY_BUILT_IN @@ -264,7 +264,7 @@ TEST(TM, ExDataFQDNCategoryBuiltIn) category_ids[0] = NULL; } -TEST(TM, ExDataFQDNCategoryUserDefine) +TEST(TSG_RULE, ExDataFQDNCategoryUserDefine) { /************************************************************************************************************************* table name: TSG_FQDN_CATEGORY_USER_DEFINED @@ -288,7 +288,7 @@ TEST(TM, ExDataFQDNCategoryUserDefine) category_ids[0] = NULL; } -TEST(TM, ExDataTunnelCatalog) +TEST(TSG_RULE, ExDataTunnelCatalog) { /************************************************************************************************************************* table name: TSG_TUNNEL_CATALOG @@ -317,7 +317,7 @@ TEST(TM, ExDataTunnelCatalog) t_catalog[1] = NULL; } -TEST(TM, ExDataTunnelEndpoint) +TEST(TSG_RULE, ExDataTunnelEndpoint) { /************************************************************************************************************************* table name: TSG_TUNNEL_ENDPOINT @@ -353,7 +353,7 @@ TEST(TM, ExDataTunnelEndpoint) all_endpoint[1] = NULL; } -TEST(TM, ExDataTunnelLabel) +TEST(TSG_RULE, ExDataTunnelLabel) { /************************************************************************************************************************* table name: TSG_TUNNEL_LABEL @@ -365,7 +365,7 @@ TEST(TM, ExDataTunnelLabel) EXPECT_EQ(0, (long long)label_id); } -TEST(TM, ExDataSubscriberID) +TEST(TSG_RULE, ExDataSubscriberID) { /************************************************************************************************************************* table name: TSG_DYN_SUBSCRIBER_IP @@ -399,7 +399,7 @@ TEST(TM, ExDataSubscriberID) EXPECT_STREQ("test5629", source_subscribe_id->subscribe_id); } -TEST(TM, ExDataDNSRecordsProfileA) +TEST(TSG_RULE, ExDataDNSRecordsProfileA) { /************************************************************************************************************************* table name: TSG_PROFILE_DNS_RECORDS @@ -434,7 +434,7 @@ TEST(TM, ExDataDNSRecordsProfileA) EXPECT_EQ(NULL, profile_records); } -TEST(TM, ExDataDNSRecordsProfileAAAA) +TEST(TSG_RULE, ExDataDNSRecordsProfileAAAA) { /************************************************************************************************************************* table name: TSG_PROFILE_DNS_RECORDS @@ -467,7 +467,7 @@ TEST(TM, ExDataDNSRecordsProfileAAAA) EXPECT_EQ(NULL, profile_records); } -TEST(TM, ExDataDNSRecordsProfileCNAME) +TEST(TSG_RULE, ExDataDNSRecordsProfileCNAME) { /************************************************************************************************************************* table name: TSG_PROFILE_DNS_RECORDS @@ -497,13 +497,13 @@ TEST(TM, ExDataDNSRecordsProfileCNAME) EXPECT_EQ(NULL, profile_records); } -TEST(TM, ExDataResponsePagesProfile) +TEST(TSG_RULE, ExDataResponsePagesProfile) { /************************************************************************************************************************* table name: TSG_PROFILE_RESPONSE_PAGES profile_id profile_name format path is_valid - "957\ttest-html-1\thtml\tforeign_files/TSG_PROFILE_RESPONSE_PAGES.1\t1", - "958\ttest-html-2\thtml\tforeign_files/TSG_PROFILE_RESPONSE_PAGES.2\t1" + "957\ttest-hTSG_RULEl-1\thTSG_RULEl\tforeign_files/TSG_PROFILE_RESPONSE_PAGES.1\t1", + "958\ttest-hTSG_RULEl-2\thTSG_RULEl\tforeign_files/TSG_PROFILE_RESPONSE_PAGES.2\t1" **************************************************************************************************************************/ long long profile_id = 957; struct http_response_pages *response_pages = (struct http_response_pages *)maat_plugin_table_get_ex_data(g_tsg_maat_feather, g_tsg_maat_rt_para.plugin_tb[MAAT_PLUGIN_RESPONSE_PAGES].id, (const char *)&profile_id, sizeof(long long)); @@ -524,7 +524,7 @@ TEST(TM, ExDataResponsePagesProfile) EXPECT_EQ(NULL, response_pages); } -TEST(TM, ExDataTrafficMirrorProfile) +TEST(TSG_RULE, ExDataTrafficMirrorProfile) { /************************************************************************************************************************* table name: TSG_PROFILE_TRAFFIC_MIRROR @@ -552,7 +552,7 @@ TEST(TM, ExDataTrafficMirrorProfile) EXPECT_EQ(NULL, mirror_profile); } -TEST(TM, ExDataSessionRecordEnable) +TEST(TSG_RULE, ExDataSessionRecordEnable) { /************************************************************************************************************************* table name: T_VSYS_INFO @@ -562,7 +562,7 @@ TEST(TM, ExDataSessionRecordEnable) EXPECT_EQ(g_tsg_maat_rt_para.session_record_switch, 1); } -TEST(TMAPI, GetUmtsUserInfoFromRedis) +TEST(TSG_RULE_API, GetUmtsUserInfoFromRedis) { /****************************************************************************************************** table name: TSG_DYN_MOBILE_IDENTITY_APN_TEID @@ -585,7 +585,7 @@ TEST(TMAPI, GetUmtsUserInfoFromRedis) user_info_right = NULL; } -TEST(TMAPI, GetAppIdDictUnknown) +TEST(TSG_RULE_API, GetAppIdDictUnknown) { /************************************************************************************************************************* table name: APP_ID_DICT @@ -601,7 +601,7 @@ TEST(TMAPI, GetAppIdDictUnknown) dict = NULL; } -TEST(TMAPI, GetAppIdDictDenyActionDrop) +TEST(TSG_RULE_API, GetAppIdDictDenyActionDrop) { /************************************************************************************************************************* table name: APP_ID_DICT @@ -617,7 +617,7 @@ TEST(TMAPI, GetAppIdDictDenyActionDrop) dict = NULL; } -TEST(TMAPI, GetAppIdDictDenyActionRatelimit) +TEST(TSG_RULE_API, GetAppIdDictDenyActionRatelimit) { /************************************************************************************************************************* table name: APP_ID_DICT @@ -633,7 +633,7 @@ TEST(TMAPI, GetAppIdDictDenyActionRatelimit) dict = NULL; } -TEST(TMAPI, GetAppNameByIdIllegalPara) +TEST(TSG_RULE_API, GetAppNameByIdIllegalPara) { // int tsg_get_app_name_by_id(int app_id, char *app_name, int app_name_len, int is_joint_parent) char app_name[128] = {0}; @@ -642,7 +642,7 @@ TEST(TMAPI, GetAppNameByIdIllegalPara) EXPECT_EQ(0, tsg_get_app_name_by_id(g_tsg_maat_feather, 68, app_name, 0, 1)); } -TEST(TMAPI, GetAppNameByIdParentAppId0) +TEST(TSG_RULE_API, GetAppNameByIdParentAppId0) { /************************************************************************************************************************* table name: APP_ID_DICT @@ -655,7 +655,7 @@ TEST(TMAPI, GetAppNameByIdParentAppId0) EXPECT_EQ(strlen("https"), tsg_get_app_name_by_id(g_tsg_maat_feather, app_id, app_name, 128, 1)); } -TEST(TMAPI, GetAppNameByIdParentAppId1) +TEST(TSG_RULE_API, GetAppNameByIdParentAppId1) { /************************************************************************************************************************* table name: APP_ID_DICT @@ -668,7 +668,7 @@ TEST(TMAPI, GetAppNameByIdParentAppId1) EXPECT_EQ(strlen("ssl.https"), tsg_get_app_name_by_id(g_tsg_maat_feather, app_id, app_name, 128, 1)); } -TEST(TMAPI, GetLocationInfoLocationBuiltIn) +TEST(TSG_RULE_API, GetLocationInfoLocationBuiltIn) { /************************************************************************************************************************* table name: TSG_IP_LOCATION_BUILT_IN @@ -707,7 +707,7 @@ TEST(TMAPI, GetLocationInfoLocationBuiltIn) EXPECT_EQ(NULL, client_location); } -TEST(TMAPI, GetLocationInfoLocationUserDefine) +TEST(TSG_RULE_API, GetLocationInfoLocationUserDefine) { /************************************************************************************************************************* table name: TSG_IP_LOCATION_USER_DEFINED @@ -732,7 +732,7 @@ TEST(TMAPI, GetLocationInfoLocationUserDefine) EXPECT_EQ(server_location, location); } -TEST(TMAPI, GetLocationInfoBoth) +TEST(TSG_RULE_API, GetLocationInfoBoth) { /************************************************************************************************************************* table name: TSG_IP_LOCATION_USER_DEFINED @@ -764,7 +764,7 @@ TEST(TMAPI, GetLocationInfoBoth) EXPECT_NE(server_location, location); } -TEST(TMAPI, GetFQDNCategoryIdUserDefine) +TEST(TSG_RULE_API, GetFQDNCategoryIdUserDefine) { /************************************************************************************************************************* table name: TSG_FQDN_CATEGORY_USER_DEFINED @@ -786,7 +786,7 @@ TEST(TMAPI, GetFQDNCategoryIdUserDefine) EXPECT_EQ(0, category_ids[1]); } -TEST(TMAPI, GetFQDNCategoryIdBuiltIn) +TEST(TSG_RULE_API, GetFQDNCategoryIdBuiltIn) { /************************************************************************************************************************* table name: TSG_FQDN_CATEGORY_BUILT_IN @@ -809,7 +809,7 @@ TEST(TMAPI, GetFQDNCategoryIdBuiltIn) EXPECT_EQ(0, category_ids[1]); } -TEST(TMAPI, GetFQDNCategoryIdBoth) +TEST(TSG_RULE_API, GetFQDNCategoryIdBoth) { /************************************************************************************************************************* table name: TSG_FQDN_CATEGORY_BUILT_IN @@ -827,7 +827,7 @@ TEST(TMAPI, GetFQDNCategoryIdBoth) EXPECT_EQ(0, category_ids[1]); } -TEST(TMAPI, ScanTunnelId) +TEST(TSG_RULE_API, ScanTunnelId) { /************************************************************************************************************************* table name: TSG_TUNNEL_CATALOG @@ -859,7 +859,7 @@ TEST(TMAPI, ScanTunnelId) } extern int tsg_get_endpoint_id(const struct streaminfo *a_stream, struct maat *feather, struct tunnel_endpoint **client_endpoint, struct tunnel_endpoint **server_endpoint, long long *endpoint_id_array, int endpoint_id_array_num); -TEST(TMAPI, GetEndPointId) +TEST(TSG_RULE_API, GetEndPointId) { /************************************************************************************************************************* table name: TSG_TUNNEL_ENDPOINT @@ -907,7 +907,7 @@ TEST(TMAPI, GetEndPointId) all_endpoint[1] = NULL; } -TEST(TMAPI, GetEndPointIdMultipleTunnelEndpoint) +TEST(TSG_RULE_API, GetEndPointIdMultipleTunnelEndpoint) { /************************************************************************************************************************* table name: TSG_TUNNEL_ENDPOINT @@ -938,7 +938,7 @@ TEST(TMAPI, GetEndPointIdMultipleTunnelEndpoint) EXPECT_EQ(990, server_endpoint->id); } -TEST(TMAPI, GetEndPointIdSourceIpEqualToDestIp) // 也可能在一个网段,是否可以两个不同的endpoint_id拥有相同的网段;是否有可能源ip和目的ip同时可以处于一个endpoint的网段;endpoint_id_array是否可能重复 +TEST(TSG_RULE_API, GetEndPointIdSourceIpEqualToDestIp) // 也可能在一个网段,是否可以两个不同的endpoint_id拥有相同的网段;是否有可能源ip和目的ip同时可以处于一个endpoint的网段;endpoint_id_array是否可能重复 { /************************************************************************************************************************* table name: TSG_TUNNEL_ENDPOINT @@ -970,7 +970,7 @@ TEST(TMAPI, GetEndPointIdSourceIpEqualToDestIp) // 也可能在一个网段, } extern int tsg_get_vlan_label_id(struct maat *feather, struct single_layer_vlan_addr *vlan_array, int vlan_array_num, long long *label_id_array, int label_id_array_num); -TEST(TMAPI, GetVlanLabelIdIllegalPara) +TEST(TSG_RULE_API, GetVlanLabelIdIllegalPara) { // int tsg_get_vlan_label_id(struct maat *feather, struct single_layer_vlan_addr *vlan_array, int vlan_array_num, long long *label_id_array, int label_id_array_num) struct single_layer_vlan_addr vlan_array[2] = {0}; @@ -981,7 +981,7 @@ TEST(TMAPI, GetVlanLabelIdIllegalPara) EXPECT_EQ(0, tsg_get_vlan_label_id(g_tsg_maat_feather, NULL, 2, label_id_array, 2)); } -TEST(TMAPI, GetVlanLabelIdFunction) +TEST(TSG_RULE_API, GetVlanLabelIdFunction) { /************************************************************************************************************************* table name: TSG_TUNNEL_LABEL @@ -993,7 +993,7 @@ TEST(TMAPI, GetVlanLabelIdFunction) EXPECT_EQ(1, 1); } -TEST(TMAPI, GetDNSProfileRecord) +TEST(TSG_RULE_API, GetDNSProfileRecord) { /************************************************************************************************************************* table name: TSG_PROFILE_DNS_RECORDS @@ -1027,13 +1027,13 @@ TEST(TMAPI, GetDNSProfileRecord) EXPECT_EQ(profile_records_right, profile_records); } -TEST(TMAPI, GetHttpResponsePagesProfile) +TEST(TSG_RULE_API, GetHttpResponsePagesProfile) { /************************************************************************************************************************* table name: TSG_PROFILE_RESPONSE_PAGES profile_id profile_name format path is_valid - "957\ttest-html-1\thtml\tforeign_files/TSG_PROFILE_RESPONSE_PAGES.1\t1", - "958\ttest-html-2\thtml\tforeign_files/TSG_PROFILE_RESPONSE_PAGES.2\t1" + "957\ttest-hTSG_RULEl-1\thTSG_RULEl\tforeign_files/TSG_PROFILE_RESPONSE_PAGES.1\t1", + "958\ttest-hTSG_RULEl-2\thTSG_RULEl\tforeign_files/TSG_PROFILE_RESPONSE_PAGES.2\t1" **************************************************************************************************************************/ // void *matched_rule_cites_http_response_pages(struct maat *feather, long long profile_id) @@ -1050,7 +1050,7 @@ TEST(TMAPI, GetHttpResponsePagesProfile) EXPECT_EQ(response_pages_right, response_pages); } -TEST(TMAPI, GetSessionRecordSwitch) +TEST(TSG_RULE_API, GetSessionRecordSwitch) { /************************************************************************************************************************* table name: T_VSYS_INFO @@ -1060,7 +1060,7 @@ TEST(TMAPI, GetSessionRecordSwitch) EXPECT_EQ(1, tsg_session_record_switch_get()); } -TEST(TMAPI, NotifyPacketCaptureByPolicy) +TEST(TSG_RULE_API, NotifyPacketCaptureByPolicy) { /************************************************************************************************************************* table name: TSG_PROFILE_TRAFFIC_MIRROR @@ -1071,12 +1071,12 @@ TEST(TMAPI, NotifyPacketCaptureByPolicy) // int session_packet_capture_by_rules_notify(const struct streaminfo *a_stream, struct maat_rule *rules, int n_rules, int thread_seq) } -TEST(TMAPI, ScanNestingAddr) +TEST(TSG_RULE_API, ScanNestingAddr) { // int tsg_scan_nesting_addr(const struct streaminfo *a_stream, enum TSG_PROTOCOL proto, struct maat_state **s_mid, struct maat_rule *results, size_t n_results) } -TEST(TMAPI, ScanAppPropertiesPolicy) +TEST(TSG_RULE_API, ScanAppPropertiesPolicy) { // int tsg_scan_app_properties_policy(const struct streaminfo *a_stream, char *property, char *district, struct maat_state *s_mid, struct maat_rule *results, int n_results) }