gfwleak/tango-tsg-master
Archived
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

TSG-13778 TSG master支持MAAT4

Browse Source
This commit is contained in:
刘学利
2023-04-03 08:30:49 +00:00
parent 8819217948
commit b696e82879
48 changed files with 7416 additions and 4501 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
.gitlab-ci.yml
View File

@@ -4,7 +4,7 @@ variables:
BUILD_IMAGE_CENTOS8: "git.mesalab.cn:7443/mesa_platform/build-env:rockylinux" BUILD_IMAGE_CENTOS8: "git.mesalab.cn:7443/mesa_platform/build-env:rockylinux"
BUILD_PADDING_PREFIX: /tmp/padding_for_CPACK_RPM_BUILD_SOURCE_DIRS_PREFIX_PREFIX_PREFIX_PREFIX_PREFIX_PREFIX/ BUILD_PADDING_PREFIX: /tmp/padding_for_CPACK_RPM_BUILD_SOURCE_DIRS_PREFIX_PREFIX_PREFIX_PREFIX_PREFIX_PREFIX/
INSTALL_PREFIX: "/home/mesasoft/sapp_run/" INSTALL_PREFIX: "/home/mesasoft/sapp_run/"
INSTALL_DEPENDENCY_LIBRARY: systemd-devel libbreakpad_mini numactl-devel zlib-devel vim-common libMESA_handle_logger-devel libcjson-devel libMESA_field_stat2-devel sapp sapp-devel framework_env libMESA_prof_load-devel http-devel dns-devel ftp-devel mail-devel ssl-devel librdkafka-devel libmaatframe-devel quic-devel mesa_sip-devel gtp-devel libMESA_htable-devel libasan mrzcpd rapidjson-devel libMESA_jump_layer-devel stratum-devel rdp-devel dtls-devel INSTALL_DEPENDENCY_LIBRARY: systemd-devel libbreakpad_mini numactl-devel zlib-devel vim-common libMESA_handle_logger-devel libcjson-devel libMESA_field_stat2-devel sapp sapp-devel framework_env libMESA_prof_load-devel http-devel dns-devel ftp-devel mail-devel ssl-devel librdkafka-devel libmaat4-devel quic-devel mesa_sip-devel gtp-devel libMESA_htable-devel libasan mrzcpd rapidjson-devel libMESA_jump_layer-devel stratum-devel rdp-devel dtls-devel
stages: stages:
- analysis - analysis
@@ -101,7 +101,6 @@ run_test_for_centos7:
- yum makecache - yum makecache
- ./ci/travis.sh - ./ci/travis.sh
- cd build - cd build
- make test
- ctest --verbose - ctest --verbose
run_test_for_centos8: run_test_for_centos8:
@@ -111,7 +110,6 @@ run_test_for_centos8:
- yum makecache - yum makecache
- ./ci/travis.sh - ./ci/travis.sh
- cd build - cd build
- make test
- ctest --verbose - ctest --verbose
branch_build_debug_for_centos7: branch_build_debug_for_centos7:

21
bin/maat.conf
View File

@@ -1,8 +1,8 @@
[STATIC] [STATIC]
MAAT_MODE=1 MAAT_MODE=json
STAT_SWITCH=1 STAT_SWITCH=1
PERF_SWITCH=1 PERF_SWITCH=1
TABLE_INFO=tsgconf/tsg_static_tableinfo.conf TABLE_INFO=tsgconf/tsg_static_tableinfo.json
STAT_FILE=tsg_static_maat.status STAT_FILE=tsg_static_maat.status
EFFECT_INTERVAL_S=1 EFFECT_INTERVAL_S=1
REDIS_IP=127.0.0.1 REDIS_IP=127.0.0.1
@@ -13,22 +13,7 @@ JSON_CFG_FILE=tsgconf/tsg_maat.json
INC_CFG_DIR=tsgrule/inc/index/ INC_CFG_DIR=tsgrule/inc/index/
FULL_CFG_DIR=tsgrule/full/index/ FULL_CFG_DIR=tsgrule/full/index/
EFFECTIVE_RANGE_FILE=/opt/tsg/etc/tsg_device_tag.json EFFECTIVE_RANGE_FILE=/opt/tsg/etc/tsg_device_tag.json
LOG_LEVEL=0
[DYNAMIC]
MAAT_MODE=1
STAT_SWITCH=1
PERF_SWITCH=1
TABLE_INFO=tsgconf/tsg_dynamic_tableinfo.conf
STAT_FILE=tsg_dynamic_maat.status
EFFECT_INTERVAL_S=1
REDIS_IP=127.0.0.1
REDIS_PORT_NUM=1
REDIS_PORT=7002
REDIS_INDEX=1
JSON_CFG_FILE=tsgconf/tsg_maat.json
INC_CFG_DIR=tsgrule/inc/index/
FULL_CFG_DIR=tsgrule/full/index/
EFFECTIVE_RANGE_FILE=/opt/tsg/etc/tsg_device_tag.json
[APP_SIGNATURE_MAAT] [APP_SIGNATURE_MAAT]
MAAT_MODE=1 MAAT_MODE=1

12
bin/main.conf
View File

@@ -1,10 +1,7 @@
[MAAT] [MAAT]
PROFILE="./tsgconf/maat.conf"
IP_ADDR_TABLE="TSG_SECURITY_ADDR"
SUBSCRIBER_ID_TABLE="TSG_OBJ_SUBSCRIBER_ID"
CB_SUBSCRIBER_IP_TABLE="TSG_DYN_SUBSCRIBER_IP"
LOG_LEVEL=10 LOG_LEVEL=10
LOG_PATH="./tsglog/maat/maat.log" LOG_PATH="./tsglog/maat/maat.log"
PROFILE="./tsgconf/maat.conf"
[TSG_LOG] [TSG_LOG]
MODE=1 MODE=1
@@ -15,6 +12,11 @@ SASL_USERNAME="admin"
SASL_PASSWD="galaxy2019" SASL_PASSWD="galaxy2019"
BROKER_LIST="127.0.0.1:9092" BROKER_LIST="127.0.0.1:9092"
COMMON_FIELD_FILE="tsgconf/tsg_log_field.conf" COMMON_FIELD_FILE="tsgconf/tsg_log_field.conf"
SEND_USER_REGION=0
SEND_DATA_CENTER_SWITCH=0
SEND_APP_ID_SWITCH=1
SEND_NAT_LINKINFO_SWITCH=0
RAPIDJSON_CHUNK_CAPACITY=8192
[STATISTIC] [STATISTIC]
CYCLE=30 CYCLE=30
@@ -42,6 +44,8 @@ POLICY_PRIORITY_LABEL="POLICY_PRIORITY"
L7_RPTOCOL_FILE="./tsgconf/tsg_l7_protocol.conf" L7_RPTOCOL_FILE="./tsgconf/tsg_l7_protocol.conf"
DEVICE_SN_FILENAME="/opt/tsg/etc/tsg_sn.json" DEVICE_SN_FILENAME="/opt/tsg/etc/tsg_sn.json"
DEVICE_ID_COMMAND="hostname | awk -F'-' '{print $3}'| awk -F'ADC' '{print $2}'" DEVICE_ID_COMMAND="hostname | awk -F'-' '{print $3}'| awk -F'ADC' '{print $2}'"
SERVICE_CHAINING_SID=1004
SHAPING_SID=1005
[TRAFFIC_MIRROR] [TRAFFIC_MIRROR]
TRAFFIC_MIRROR_ENABLE=1 TRAFFIC_MIRROR_ENABLE=1

632
bin/table_info_security.json Normal file
View File

@@ -0,0 +1,632 @@
[
{
"table_id":0,
"table_name":"TSG_SECURITY_COMPILE",
"table_type":"compile",
"user_region_encoded":"escape",
"valid_column":8,
"custom": {
"compile_id":1,
"service_id":2,
"action":3,
"do_blacklist":4,
"do_log":5,
"tags":6,
"user_region":7,
"clause_num":9,
"evaluation_order":10
}
},
{
"table_id":1,
"table_name":"TRAFFIC_SHAPING_COMPILE",
"table_type":"compile",
"user_region_encoded":"escape",
"valid_column":8,
"custom": {
"compile_id":1,
"service_id":2,
"action":3,
"do_blacklist":4,
"do_log":5,
"tags":6,
"user_region":7,
"clause_num":9,
"evaluation_order":10
}
},
{
"table_id":2,
"table_name":"GROUP_COMPILE_RELATION",
"table_type":"group2compile",
"associated_compile_table_id":0,
"valid_column":3,
"custom": {
"group_id":1,
"compile_id":2,
"not_flag":4,
"virtual_table_name":5,
"clause_index":6
}
},
{
"table_id":3,
"table_name":"GROUP_GROUP_RELATION",
"table_type":"group2group",
"valid_column":3,
"custom": {
"group_id":1,
"super_group_id":2
}
},
{
"table_id":4,
"table_name":"TSG_OBJ_IP_ADDR",
"table_type":"ip_plus",
"valid_column":18,
"custom": {
"item_id":1,
"group_id":2,
"addr_type":3,
"saddr_format":4,
"sip1":5,
"sip2":6
}
},
{
"table_id":64,
"table_name":"TSG_OBJ_IP_LEARNING_ADDR",
"table_type":"ip_plus",
"valid_column":18,
"custom": {
"item_id":1,
"group_id":2,
"addr_type":3,
"saddr_format":4,
"sip1":5,
"sip2":6
}
},
{
"table_id":5,
"table_name":"TSG_OBJ_SUBSCRIBER_ID",
"table_type":"expr",
"valid_column":7,
"custom": {
"scan_mode":"block",
"pattern_type":"literal",
"item_id":1,
"group_id":2,
"keywords":3,
"expr_type":4,
"match_method":5,
"is_hexbin":6
}
},
{
"table_id":6,
"table_name":"TSG_OBJ_ACCOUNT",
"table_type":"expr",
"valid_column":7,
"custom": {
"scan_mode":"block",
"pattern_type":"literal",
"item_id":1,
"group_id":2,
"keywords":3,
"expr_type":4,
"match_method":5,
"is_hexbin":6
}
},
{
"table_id":7,
"table_name":"TSG_OBJ_URL",
"table_type":"expr",
"valid_column":7,
"custom": {
"scan_mode":"block",
"pattern_type":"literal",
"item_id":1,
"group_id":2,
"keywords":3,
"expr_type":4,
"match_method":5,
"is_hexbin":6
}
},
{
"table_id":8,
"table_name":"TSG_OBJ_FQDN",
"table_type":"expr",
"valid_column":7,
"custom": {
"scan_mode":"block",
"pattern_type":"literal",
"item_id":1,
"group_id":2,
"keywords":3,
"expr_type":4,
"match_method":5,
"is_hexbin":6
}
},
{
"table_id":9,
"table_name":"TSG_OBJ_FQDN_CAT",
"table_type":"intval",
"valid_column":5,
"custom": {
"item_id":1,
"group_id":2,
"low_bound":3,
"up_bound":4
}
},
{
"table_id":10,
"table_name":"TSG_OBJ_KEYWORDS",
"table_type":"expr",
"valid_column":7,
"custom": {
"scan_mode":"block",
"pattern_type":"literal",
"item_id":1,
"group_id":2,
"keywords":3,
"expr_type":4,
"match_method":5,
"is_hexbin":6
}
},
{
"table_id":11,
"table_name":"TSG_OBJ_APP_ID",
"table_type":"intval",
"valid_column":5,
"custom": {
"item_id":1,
"group_id":2,
"low_bound":3,
"up_bound":4
}
},
{
"table_id":12,
"table_name":"TSG_OBJ_HTTP_SIGNATURE",
"table_type":"expr_plus",
"valid_column":8,
"custom": {
"scan_mode":"block",
"pattern_type":"literal",
"item_id":1,
"group_id":2,
"district":3,
"keywords":4,
"expr_type":5,
"match_method":6,
"is_hexbin":7
}
},
{
"table_id":13,
"table_name":"TSG_FIELD_HTTP_HOST",
"table_type":"virtual",
"physical_table": ["TSG_OBJ_FQDN","TSG_OBJ_FQDN_CAT"]
},
{
"table_id":14,
"table_name":"TSG_FIELD_HTTP_URL",
"table_type":"virtual",
"physical_table": ["TSG_OBJ_URL"]
},
{
"table_id":15,
"table_name":"TSG_FIELD_HTTP_REQ_HDR",
"table_type":"virtual",
"physical_table": ["TSG_OBJ_HTTP_SIGNATURE"]
},
{
"table_id":16,
"table_name":"TSG_FIELD_HTTP_RES_HDR",
"table_type":"virtual",
"physical_table": ["TSG_OBJ_HTTP_SIGNATURE"]
},
{
"table_id":17,
"table_name":"TSG_FIELD_HTTP_REQ_BODY",
"table_type":"virtual",
"physical_table": ["TSG_OBJ_KEYWORDS"]
},
{
"table_id":18,
"table_name":"TSG_FIELD_HTTP_RES_BODY",
"table_type":"virtual",
"physical_table": ["TSG_OBJ_KEYWORDS"]
},
{
"table_id":19,
"table_name":"TSG_FIELD_SSL_SNI",
"table_type":"virtual",
"physical_table": ["TSG_OBJ_FQDN","TSG_OBJ_FQDN_CAT"]
},
{
"table_id":20,
"table_name":"TSG_FIELD_SSL_CN",
"table_type":"virtual",
"physical_table": ["TSG_OBJ_FQDN","TSG_OBJ_FQDN_CAT"]
},
{
"table_id":21,
"table_name":"TSG_FIELD_SSL_SAN",
"table_type":"virtual",
"physical_table": ["TSG_OBJ_FQDN","TSG_OBJ_FQDN_CAT"]
},
{
"table_id":22,
"table_name":"TSG_FIELD_DNS_QNAME",
"table_type":"virtual",
"physical_table": ["TSG_OBJ_FQDN","TSG_OBJ_FQDN_CAT"]
},
{
"table_id":23,
"table_name":"TSG_FIELD_QUIC_SNI",
"table_type":"virtual",
"physical_table": ["TSG_OBJ_FQDN","TSG_OBJ_FQDN_CAT"]
},
{
"table_id":24,
"table_name":"TSG_FIELD_MAIL_ACCOUNT",
"table_type":"virtual",
"physical_table": ["TSG_OBJ_ACCOUNT"]
},
{
"table_id":25,
"table_name":"TSG_FIELD_MAIL_FROM",
"table_type":"virtual",
"physical_table": ["TSG_OBJ_ACCOUNT"]
},
{
"table_id":26,
"table_name":"TSG_FIELD_MAIL_TO",
"table_type":"virtual",
"physical_table": ["TSG_OBJ_ACCOUNT"]
},
{
"table_id":27,
"table_name":"TSG_FIELD_MAIL_SUBJECT",
"table_type":"virtual",
"physical_table": ["TSG_OBJ_KEYWORDS"]
},
{
"table_id":28,
"table_name":"TSG_FIELD_MAIL_CONTENT",
"table_type":"virtual",
"physical_table": ["TSG_OBJ_KEYWORDS"]
},
{
"table_id":29,
"table_name":"TSG_FIELD_MAIL_ATT_NAME",
"table_type":"virtual",
"physical_table": ["TSG_OBJ_KEYWORDS"]
},
{
"table_id":30,
"table_name":"TSG_FIELD_MAIL_ATT_CONTENT",
"table_type":"virtual",
"physical_table": ["TSG_OBJ_KEYWORDS"]
},
{
"table_id":31,
"table_name":"TSG_FIELD_FTP_URI",
"table_type":"virtual",
"physical_table": ["TSG_OBJ_URL"]
},
{
"table_id":32,
"table_name":"TSG_FIELD_FTP_CONTENT",
"table_type":"virtual",
"physical_table": ["TSG_OBJ_KEYWORDS"]
},
{
"table_id":33,
"table_name":"TSG_FIELD_FTP_ACCOUNT",
"table_type":"virtual",
"physical_table": ["TSG_OBJ_ACCOUNT"]
},
{
"table_id":34,
"table_name":"TSG_SECURITY_SOURCE_ADDR",
"table_type":"virtual",
"physical_table": ["TSG_OBJ_IP_ADDR"]
},
{
"table_id":35,
"table_name":"TSG_SECURITY_DESTINATION_ADDR",
"table_type":"virtual",
"physical_table": ["TSG_OBJ_IP_ADDR"]
},
{
"table_id":36,
"table_name":"TSG_IP_ASN_BUILT_IN",
"table_type":"ip_plugin",
"valid_column":19,
"custom": {
"item_id":1,
"ip_type":3,
"start_ip":4,
"end_ip":5,
"addr_format":7
}
},
{
"table_id":37,
"table_name":"TSG_IP_ASN_USER_DEFINED",
"table_type":"ip_plugin",
"valid_column":19,
"custom": {
"item_id":1,
"ip_type":3,
"start_ip":4,
"end_ip":5,
"addr_format":7
}
},
{
"table_id":38,
"table_name":"TSG_IP_LOCATION_BUILT_IN",
"table_type":"ip_plugin",
"valid_column":19,
"custom": {
"item_id":1,
"ip_type":3,
"start_ip":4,
"end_ip":5,
"addr_format":7
}
},
{
"table_id":39,
"table_name":"TSG_IP_LOCATION_USER_DEFINED",
"table_type":"ip_plugin",
"valid_column":19,
"custom": {
"item_id":1,
"ip_type":3,
"start_ip":4,
"end_ip":5,
"addr_format":7
}
},
{
"table_id":40,
"table_name":"TSG_OBJ_AS_NUMBER",
"table_type":"expr",
"valid_column":7,
"custom": {
"scan_mode":"block",
"pattern_type":"literal",
"item_id":1,
"group_id":2,
"keywords":3,
"expr_type":4,
"match_method":5,
"is_hexbin":6
}
},
{
"table_id":41,
"table_name":"TSG_SECURITY_SOURCE_ASN",
"table_type":"virtual",
"physical_table": ["TSG_OBJ_AS_NUMBER"]
},
{
"table_id":42,
"table_name":"TSG_SECURITY_DESTINATION_ASN",
"table_type":"virtual",
"physical_table": ["TSG_OBJ_AS_NUMBER"]
},
{
"table_id":43,
"table_name":"TSG_OBJ_GEO_LOCATION",
"table_type":"expr",
"valid_column":7,
"custom": {
"scan_mode":"block",
"pattern_type":"literal",
"item_id":1,
"group_id":2,
"keywords":3,
"expr_type":4,
"match_method":5,
"is_hexbin":6
}
},
{
"table_id":44,
"table_name":"TSG_SECURITY_SOURCE_LOCATION",
"table_type":"virtual",
"physical_table": ["TSG_OBJ_GEO_LOCATION"]
},
{
"table_id":45,
"table_name":"TSG_SECURITY_DESTINATION_LOCATION",
"table_type":"virtual",
"physical_table": ["TSG_OBJ_GEO_LOCATION"]
},
{
"table_id":46,
"table_name":"TSG_FQDN_CATEGORY_BUILT_IN",
"table_type":"fqdn_plugin",
"valid_column":5,
"custom": {
"item_id":1,
"suffix_match_method":4,
"fqdn":3
}
},
{
"table_id":47,
"table_name":"TSG_FQDN_CATEGORY_USER_DEFINED",
"table_type":"fqdn_plugin",
"valid_column":5,
"custom": {
"item_id":1,
"suffix_match_method":4,
"fqdn":3
}
},
{
"table_id":48,
"table_name":"TSG_FIELD_SIP_ORIGINATOR_DESCRIPTION",
"table_type":"virtual",
"physical_table": ["TSG_OBJ_ACCOUNT"]
},
{
"table_id":49,
"table_name":"TSG_FIELD_SIP_RESPONDER_DESCRIPTION",
"table_type":"virtual",
"physical_table": ["TSG_OBJ_ACCOUNT"]
},
{
"table_id":50,
"table_name":"TSG_OBJ_IMSI",
"table_type":"expr",
"valid_column":7,
"custom": {
"scan_mode":"block",
"pattern_type":"literal",
"item_id":1,
"group_id":2,
"keywords":3,
"expr_type":4,
"match_method":5,
"is_hexbin":6
}
},
{
"table_id":51,
"table_name":"TSG_OBJ_PHONE_NUMBER",
"table_type":"expr",
"valid_column":7,
"custom": {
"scan_mode":"block",
"pattern_type":"literal",
"item_id":1,
"group_id":2,
"keywords":3,
"expr_type":4,
"match_method":5,
"is_hexbin":6
}
},
{
"table_id":52,
"table_name":"TSG_OBJ_APN",
"table_type":"expr",
"valid_column":7,
"custom": {
"scan_mode":"block",
"pattern_type":"literal",
"item_id":1,
"group_id":2,
"keywords":3,
"expr_type":4,
"match_method":5,
"is_hexbin":6
}
},
{
"table_id":53,
"table_name":"TSG_FILED_GTP_IMSI",
"table_type":"virtual",
"physical_table": ["TSG_OBJ_IMSI"]
},
{
"table_id":54,
"table_name":"TSG_FILED_GTP_PHONE_NUMBER",
"table_type":"virtual",
"physical_table": ["TSG_OBJ_PHONE_NUMBER"]
},
{
"table_id":55,
"table_name":"TSG_FILED_GTP_APN",
"table_type":"virtual",
"physical_table": ["TSG_OBJ_APN"]
},
{
"table_id":56,
"table_name":"TSG_DECYPTION_EXCLUSION_SSL_SNI",
"table_type":"virtual",
"physical_table": ["TSG_OBJ_FQDN","TSG_OBJ_FQDN_CAT"]
},
{
"table_id":57,
"table_name":"TSG_OBJ_TUNNEL_ID",
"table_type":"intval",
"valid_column":5,
"custom": {
"item_id":1,
"group_id":2,
"low_bound":3,
"up_bound":4
}
},
{
"table_id":58,
"table_name":"TSG_TUNNEL_CATALOG",
"table_type":"bool_plugin",
"valid_column":5,
"custom": {
"item_id":1,
"bool_expr":4
}
},
{
"table_id":59,
"table_name":"TSG_TUNNEL_ENDPOINT",
"table_type":"ip_plugin",
"valid_column":6,
"custom": {
"item_id":1,
"ip_type":2,
"start_ip":3,
"end_ip":4,
"addr_format":7
}
},
{
"table_id":60,
"table_name":"TSG_TUNNEL_LABEL",
"table_type":"plugin",
"valid_column":4,
"custom": {
"key":1,
"tag":3
}
},
{
"table_id":61,
"table_name":"TSG_SECURITY_TUNNEL",
"table_type":"virtual",
"physical_table": ["TSG_OBJ_TUNNEL_ID"]
},
{
"table_id":62,
"table_name":"TSG_OBJ_FLAG",
"table_type":"flag",
"valid_column":5,
"custom": {
"item_id":1,
"group_id":2,
"flag":3,
"flag_mask":4
}
},
{
"table_id":63,
"table_name":"TSG_SECURITY_FLAG",
"table_type":"virtual",
"physical_table": ["TSG_OBJ_FLAG"]
}
]

14
bin/tsg_log_field.conf
View File

@@ -1,13 +1,13 @@
#TYPE1:UCHAR,2:USHORT,3:ULONG,4:ULOG,5:USTRING,6:FILE,7:UBASE64,8:PACKET #TYPE1:UCHAR,2:USHORT,3:ULONG,4:ULOG,5:USTRING,6:FILE,7:UBASE64,8:PACKET
#TYPE TOPIC SERVICE #TYPE TOPIC SERVICE
TOPIC SECURITY-EVENT 0 TOPIC SECURITY-EVENT 0
TOPIC SESSION-RECORD 2 TOPIC SESSION-RECORD 1
TOPIC INTERNAL-RTP-RECORD 4 TOPIC INTERNAL-RTP-RECORD 2
TOPIC VOIP-RECORD 5 TOPIC VOIP-RECORD 3
TOPIC INTERIM-SESSION-RECORD 6 TOPIC INTERIM-SESSION-RECORD 4
TOPIC TRANSACTION-RECORD 7 TOPIC TRANSACTION-RECORD 5
TOPIC GTPC-RECORD 8 TOPIC GTPC-RECORD 6
TOPIC BGP-RECORD 9 TOPIC BGP-RECORD 7
#TYPE FIELD VALUE #TYPE FIELD VALUE
LONG common_policy_id 1 LONG common_policy_id 1

17
bin/tsg_maat.json
View File

@@ -9,7 +9,7 @@
"action": 1, "action": 1,
"do_blacklist": 0, "do_blacklist": 0,
"do_log": 1, "do_log": 1,
"effective_rage": 0, "tags": "{}",
"user_region": "Virtual", "user_region": "Virtual",
"is_valid": "yes", "is_valid": "yes",
"groups": [ "groups": [
@@ -23,14 +23,13 @@
"table_name": "TSG_OBJ_IP_ADDR", "table_name": "TSG_OBJ_IP_ADDR",
"table_content": { "table_content": {
"addr_type": "ipv4", "addr_type": "ipv4",
"saddr_format": "range", "addr_format": "range",
"src_ip1": "192.168.41.228", "ip1": "192.168.41.228",
"src_ip2": "192.168.41.228", "ip2": "192.168.41.228",
"sport_format": "range", "port_format": "range",
"src_port1": "0", "port1": "0",
"src_port2": "0", "port2": "0",
"protocol": 6, "protocol": -1
"direction": "double"
} }
} }
] ]

826
bin/tsg_static_tableinfo.json Normal file
View File

@@ -0,0 +1,826 @@
[
{
"table_id": 0,
"table_name": "TSG_COMPILE",
"db_tables":["TSG_SECURITY_COMPILE", "TRAFFIC_SHAPING_COMPILE", "SERVICE_CHAINING_COMPILE", "PXY_TCP_OPTION_COMPILE", "APP_SELECTOR_COMPILE"],
"table_type": "compile",
"user_region_encoded": "escape",
"valid_column": 8,
"custom": {
"compile_id": 1,
"service_id": 2,
"action": 3,
"do_blacklist": 4,
"do_log": 5,
"tags": 6,
"user_region": 7,
"clause_num": 9,
"evaluation_order":10
}
},
{
"table_id": 1,
"table_name": "TSG_GROUP_COMPILE_RELATION",
"db_tables":["GROUP_SECURITY_COMPILE_RELATION", "GROUP_SHAPING_COMPILE_RELATION", "GROUP_SERVICE_CHAINING_COMPILE_RELATION", "GROUP_PXY_TCP_OPTION_COMPILE_RELATION", "APP_SELECTOR_GROUP_COMPILE_RELATION"],
"table_type": "group2compile",
"associated_compile_table_id": 0,
"valid_column": 3,
"custom": {
"group_id": 1,
"compile_id": 2,
"not_flag": 4,
"virtual_table_name": 5,
"clause_index": 6
}
},
{
"table_id": 2,
"table_name": "TSG_GROUP_GROUP_RELATION",
"db_tables": ["GROUP_GROUP_RELATION", "APP_SELECTOR_GROUP_GROUP_RELATION"],
"table_type": "group2group",
"valid_column": 3,
"custom": {
"group_id": 1,
"super_group_id": 2
}
},
{
"table_id": 3,
"table_name": "TSG_IP_ADDR",
"db_tables": ["TSG_OBJ_IP_ADDR", "TSG_OBJ_IP_LEARNING_ADDR"],
"table_type": "ip_plus",
"valid_column": 11,
"custom": {
"item_id":1,
"group_id":2,
"addr_type":3,
"addr_format":4,
"ip1":5,
"ip2":6,
"port_format":7,
"port1":8,
"port2":9,
"protocol":10
}
},
{
"table_id": 4,
"table_name": "TSG_OBJ_SUBSCRIBER_ID",
"table_type": "expr",
"valid_column": 7,
"custom": {
"scan_mode": "block",
"pattern_type": "literal",
"item_id": 1,
"group_id": 2,
"keywords": 3,
"expr_type": 4,
"match_method": 5,
"is_hexbin": 6
}
},
{
"table_id": 5,
"table_name": "TSG_OBJ_ACCOUNT",
"table_type": "expr",
"valid_column": 7,
"custom": {
"scan_mode": "block",
"pattern_type": "literal",
"item_id": 1,
"group_id": 2,
"keywords": 3,
"expr_type": 4,
"match_method": 5,
"is_hexbin": 6
}
},
{
"table_id": 5,
"table_name": "TSG_OBJ_URL",
"table_type": "expr",
"valid_column": 7,
"custom": {
"scan_mode": "block",
"pattern_type": "literal",
"item_id": 1,
"group_id": 2,
"keywords": 3,
"expr_type": 4,
"match_method": 5,
"is_hexbin": 6
}
},
{
"table_id": 7,
"table_name": "TSG_OBJ_FQDN",
"table_type": "expr",
"valid_column": 7,
"custom": {
"scan_mode": "block",
"pattern_type": "literal",
"item_id": 1,
"group_id": 2,
"keywords": 3,
"expr_type": 4,
"match_method": 5,
"is_hexbin": 6
}
},
{
"table_id": 8,
"table_name": "TSG_OBJ_FQDN_CAT",
"table_type": "intval",
"valid_column": 5,
"custom": {
"item_id": 1,
"group_id": 2,
"low_bound": 3,
"up_bound": 4
}
},
{
"table_id": 9,
"table_name": "TSG_OBJ_KEYWORDS",
"table_type": "expr",
"valid_column": 7,
"custom": {
"scan_mode": "block",
"pattern_type": "literal",
"item_id": 1,
"group_id": 2,
"keywords": 3,
"expr_type": 4,
"match_method": 5,
"is_hexbin": 6
}
},
{
"table_id": 10,
"table_name": "TSG_OBJ_APP_ID",
"table_type": "intval",
"valid_column": 5,
"custom": {
"item_id": 1,
"group_id": 2,
"low_bound": 3,
"up_bound": 4
}
},
{
"table_id": 11,
"table_name": "TSG_OBJ_HTTP_SIGNATURE",
"table_type": "expr_plus",
"valid_column": 8,
"custom": {
"scan_mode": "block",
"pattern_type": "literal",
"item_id": 1,
"group_id": 2,
"district": 3,
"keywords": 4,
"expr_type": 5,
"match_method": 6,
"is_hexbin": 7
}
},
{
"table_id": 12,
"table_name": "TSG_OBJ_FQDN_CAT",
"table_type": "intval",
"valid_column": 5,
"custom": {
"item_id": 1,
"group_id": 2,
"low_bound": 3,
"up_bound": 4
}
},
{
"table_id": 13,
"table_name": "TSG_FIELD_HTTP_HOST",
"table_type": "virtual",
"physical_table": "TSG_OBJ_FQDN"
},
{
"table_id": 14,
"table_name": "TSG_FIELD_HTTP_HOST_CAT",
"table_type": "virtual",
"physical_table": "TSG_OBJ_FQDN_CAT"
},
{
"table_id": 15,
"table_name": "TSG_FIELD_HTTP_URL",
"table_type": "virtual",
"physical_table": "TSG_OBJ_URL"
},
{
"table_id": 16,
"table_name": "TSG_FIELD_HTTP_REQ_HDR",
"table_type": "virtual",
"physical_table": "TSG_OBJ_HTTP_SIGNATURE"
},
{
"table_id": 17,
"table_name": "TSG_FIELD_HTTP_RES_HDR",
"table_type": "virtual",
"physical_table": "TSG_OBJ_HTTP_SIGNATURE"
},
{
"table_id": 18,
"table_name": "TSG_FIELD_HTTP_REQ_BODY",
"table_type": "virtual",
"physical_table": "TSG_OBJ_KEYWORDS"
},
{
"table_id": 19,
"table_name": "TSG_FIELD_HTTP_RES_BODY",
"table_type": "virtual",
"physical_table": "TSG_OBJ_KEYWORDS"
},
{
"table_id": 20,
"table_name": "TSG_FIELD_SSL_SNI",
"table_type": "virtual",
"physical_table": "TSG_OBJ_FQDN"
},
{
"table_id": 21,
"table_name": "TSG_FIELD_SSL_SNI_CAT",
"table_type": "virtual",
"physical_table": "TSG_OBJ_FQDN_CAT"
},
{
"table_id": 22,
"table_name": "TSG_FIELD_SSL_CN",
"table_type": "virtual",
"physical_table": "TSG_OBJ_FQDN"
},
{
"table_id": 23,
"table_name": "TSG_FIELD_SSL_CN_CAT",
"table_type": "virtual",
"physical_table": "TSG_OBJ_FQDN_CAT"
},
{
"table_id": 24,
"table_name": "TSG_FIELD_SSL_SAN",
"table_type": "virtual",
"physical_table": "TSG_OBJ_FQDN"
},
{
"table_id": 25,
"table_name": "TSG_FIELD_SSL_SAN_CAT",
"table_type": "virtual",
"physical_table": "TSG_OBJ_FQDN_CAT"
},
{
"table_id": 26,
"table_name": "TSG_FIELD_DNS_QNAME",
"table_type": "virtual",
"physical_table": "TSG_OBJ_FQDN"
},
{
"table_id": 27,
"table_name": "TSG_FIELD_DNS_QNAME_CAT",
"table_type": "virtual",
"physical_table": "TSG_OBJ_FQDN_CAT"
},
{
"table_id": 28,
"table_name": "TSG_FIELD_QUIC_SNI",
"table_type": "virtual",
"physical_table": "TSG_OBJ_FQDN"
},
{
"table_id": 29,
"table_name": "TSG_FIELD_QUIC_SNI_CAT",
"table_type": "virtual",
"physical_table": "TSG_OBJ_FQDN_CAT"
},
{
"table_id": 30,
"table_name": "TSG_FIELD_MAIL_ACCOUNT",
"table_type": "virtual",
"physical_table": "TSG_OBJ_ACCOUNT"
},
{
"table_id": 31,
"table_name": "TSG_FIELD_MAIL_FROM",
"table_type": "virtual",
"physical_table": "TSG_OBJ_ACCOUNT"
},
{
"table_id": 32,
"table_name": "TSG_FIELD_MAIL_TO",
"table_type": "virtual",
"physical_table": "TSG_OBJ_ACCOUNT"
},
{
"table_id": 33,
"table_name": "TSG_FIELD_MAIL_SUBJECT",
"table_type": "virtual",
"physical_table": "TSG_OBJ_KEYWORDS"
},
{
"table_id": 34,
"table_name": "TSG_FIELD_MAIL_CONTENT",
"table_type": "virtual",
"physical_table": "TSG_OBJ_KEYWORDS"
},
{
"table_id": 35,
"table_name": "TSG_FIELD_MAIL_ATT_NAME",
"table_type": "virtual",
"physical_table": "TSG_OBJ_KEYWORDS"
},
{
"table_id": 36,
"table_name": "TSG_FIELD_MAIL_ATT_CONTENT",
"table_type": "virtual",
"physical_table": "TSG_OBJ_KEYWORDS"
},
{
"table_id": 37,
"table_name": "TSG_FIELD_FTP_URI",
"table_type": "virtual",
"physical_table": "TSG_OBJ_URL"
},
{
"table_id": 38,
"table_name": "TSG_FIELD_FTP_CONTENT",
"table_type": "virtual",
"physical_table": "TSG_OBJ_KEYWORDS"
},
{
"table_id": 39,
"table_name": "TSG_FIELD_FTP_ACCOUNT",
"table_type": "virtual",
"physical_table": "TSG_OBJ_ACCOUNT"
},
{
"table_id": 40,
"table_name": "TSG_SECURITY_SOURCE_ADDR",
"table_type": "virtual",
"physical_table": "TSG_OBJ_IP_ADDR"
},
{
"table_id": 41,
"table_name": "TSG_SECURITY_DESTINATION_ADDR",
"table_type": "virtual",
"physical_table": "TSG_OBJ_IP_ADDR"
},
{
"table_id": 42,
"table_name": "TSG_IP_ASN_BUILT_IN",
"table_type": "ip_plugin",
"valid_column": 19,
"custom": {
"item_id": 1,
"key_type": "pointer",
"ip_type": 3,
"start_ip": 4,
"end_ip": 5,
"addr_format": 7
}
},
{
"table_id": 43,
"table_name": "TSG_IP_ASN_USER_DEFINED",
"table_type": "ip_plugin",
"valid_column": 19,
"custom": {
"item_id": 1,
"key_type": "pointer",
"ip_type": 3,
"start_ip": 4,
"end_ip": 5,
"addr_format": 7
}
},
{
"table_id": 44,
"table_name": "TSG_IP_LOCATION_BUILT_IN",
"table_type": "ip_plugin",
"valid_column": 19,
"custom": {
"item_id": 1,
"key_type": "pointer",
"ip_type": 3,
"start_ip": 4,
"end_ip": 5,
"addr_format": 7
}
},
{
"table_id": 45,
"table_name": "TSG_IP_LOCATION_USER_DEFINED",
"table_type": "ip_plugin",
"valid_column": 19,
"custom": {
"item_id": 1,
"key_type": "pointer",
"ip_type": 3,
"start_ip": 4,
"end_ip": 5,
"addr_format": 7
}
},
{
"table_id": 46,
"table_name": "TSG_OBJ_AS_NUMBER",
"table_type": "expr",
"valid_column": 7,
"custom": {
"scan_mode": "block",
"pattern_type": "literal",
"item_id": 1,
"group_id": 2,
"keywords": 3,
"expr_type": 4,
"match_method": 5,
"is_hexbin": 6
}
},
{
"table_id": 47,
"table_name": "TSG_SECURITY_SOURCE_ASN",
"table_type": "virtual",
"physical_table": "TSG_OBJ_AS_NUMBER"
},
{
"table_id": 48,
"table_name": "TSG_SECURITY_DESTINATION_ASN",
"table_type": "virtual",
"physical_table": "TSG_OBJ_AS_NUMBER"
},
{
"table_id": 49,
"table_name": "TSG_OBJ_GEO_LOCATION",
"table_type": "expr",
"valid_column": 7,
"custom": {
"scan_mode": "block",
"pattern_type": "literal",
"item_id": 1,
"group_id": 2,
"keywords": 3,
"expr_type": 4,
"match_method": 5,
"is_hexbin": 6
}
},
{
"table_id": 50,
"table_name": "TSG_SECURITY_SOURCE_LOCATION",
"table_type": "virtual",
"physical_table": "TSG_OBJ_GEO_LOCATION"
},
{
"table_id": 51,
"table_name": "TSG_SECURITY_DESTINATION_LOCATION",
"table_type": "virtual",
"physical_table": "TSG_OBJ_GEO_LOCATION"
},
{
"table_id": 52,
"table_name": "TSG_FQDN_CATEGORY_BUILT_IN",
"table_type": "fqdn_plugin",
"valid_column": 5,
"custom": {
"item_id": 1,
"key_type": "pointer",
"suffix_match_method": 4,
"fqdn": 3
}
},
{
"table_id": 53,
"table_name": "TSG_FQDN_CATEGORY_USER_DEFINED",
"table_type": "fqdn_plugin",
"valid_column": 5,
"custom": {
"item_id": 1,
"key_type": "pointer",
"suffix_match_method": 4,
"fqdn": 3
}
},
{
"table_id": 54,
"table_name": "TSG_FIELD_SIP_ORIGINATOR_DESCRIPTION",
"table_type": "virtual",
"physical_table": "TSG_OBJ_ACCOUNT"
},
{
"table_id": 55,
"table_name": "TSG_FIELD_SIP_RESPONDER_DESCRIPTION",
"table_type": "virtual",
"physical_table": "TSG_OBJ_ACCOUNT"
},
{
"table_id": 56,
"table_name": "TSG_OBJ_IMSI",
"table_type": "expr",
"valid_column": 7,
"custom": {
"scan_mode": "block",
"pattern_type": "literal",
"item_id": 1,
"group_id": 2,
"keywords": 3,
"expr_type": 4,
"match_method": 5,
"is_hexbin": 6
}
},
{
"table_id": 57,
"table_name": "TSG_OBJ_PHONE_NUMBER",
"table_type": "expr",
"valid_column": 7,
"custom": {
"scan_mode": "block",
"pattern_type": "literal",
"item_id": 1,
"group_id": 2,
"keywords": 3,
"expr_type": 4,
"match_method": 5,
"is_hexbin": 6
}
},
{
"table_id": 58,
"table_name": "TSG_OBJ_APN",
"table_type": "expr",
"valid_column": 7,
"custom": {
"scan_mode": "block",
"pattern_type": "literal",
"item_id": 1,
"group_id": 2,
"keywords": 3,
"expr_type": 4,
"match_method": 5,
"is_hexbin": 6
}
},
{
"table_id": 59,
"table_name": "TSG_FILED_GTP_IMSI",
"table_type": "virtual",
"physical_table": "TSG_OBJ_IMSI"
},
{
"table_id": 60,
"table_name": "TSG_FILED_GTP_PHONE_NUMBER",
"table_type": "virtual",
"physical_table": "TSG_OBJ_PHONE_NUMBER"
},
{
"table_id": 61,
"table_name": "TSG_FILED_GTP_APN",
"table_type": "virtual",
"physical_table": "TSG_OBJ_APN"
},
{
"table_id": 62,
"table_name": "TSG_DECYPTION_EXCLUSION_SSL_SNI",
"table_type": "virtual",
"physical_table": "TSG_OBJ_FQDN"
},
{
"table_id": 63,
"table_name": "TSG_OBJ_TUNNEL_ID",
"table_type": "intval",
"valid_column": 5,
"custom": {
"item_id": 1,
"group_id": 2,
"low_bound": 3,
"up_bound": 4
}
},
{
"table_id": 64,
"table_name": "TSG_TUNNEL_CATALOG",
"table_type": "bool_plugin",
"valid_column": 5,
"custom": {
"item_id": 1,
"key_type": "integer",
"bool_expr": 4
}
},
{
"table_id": 65,
"table_name": "TSG_TUNNEL_ENDPOINT",
"table_type": "ip_plugin",
"valid_column": 6,
"custom": {
"item_id": 1,
"key_type": "pointer",
"ip_type": 2,
"start_ip": 3,
"end_ip": 4,
"addr_format": 7
}
},
{
"table_id": 66,
"table_name": "TSG_TUNNEL_LABEL",
"table_type": "plugin",
"valid_column": 4,
"custom": {
"key": 1,
"key_type": "integer"
}
},
{
"table_id": 67,
"table_name": "TSG_SECURITY_TUNNEL",
"table_type": "virtual",
"physical_table": "TSG_OBJ_TUNNEL_ID"
},
{
"table_id": 68,
"table_name": "TSG_OBJ_FLAG",
"table_type": "flag",
"valid_column": 5,
"custom": {
"item_id": 1,
"group_id": 2,
"flag": 3,
"flag_mask": 4
}
},
{
"table_id": 69,
"table_name": "TSG_SECURITY_FLAG",
"table_type": "virtual",
"physical_table": "TSG_OBJ_FLAG"
},
{
"table_id": 70,
"table_name": "APP_SELECTOR_ID",
"table_type": "intval",
"valid_column": 5,
"custom": {
"item_id": 1,
"group_id": 2,
"low_bound": 3,
"up_bound": 4
}
},
{
"table_id": 71,
"table_name": "APP_SELECTOR_PROPERTIES",
"table_type": "expr_plus",
"valid_column": 8,
"custom": {
"scan_mode": "block",
"pattern_type": "literal",
"item_id": 1,
"group_id": 2,
"district": 3,
"keywords": 4,
"expr_type": 5,
"match_method": 6,
"is_hexbin": 7
}
},
{
"table_id": 72,
"table_name": "APP_ID_DICT",
"table_type": "plugin",
"valid_column": 18,
"custom": {
"key": 1,
"key_type": "integer"
}
},
{
"table_id": 73,
"table_name": "APP_SIGNATURE_UPDATE_PROFILE",
"table_type": "plugin",
"valid_column": 5,
"custom": {
"key": 1,
"key_type": "integer",
"foreign": [
2,
3
]
}
},
{
"table_id": 74,
"table_name": "PXY_TCP_OPTION_SOURCE_ADDR",
"table_type": "virtual",
"physical_table": "TSG_OBJ_IP_ADDR"
},
{
"table_id": 75,
"table_name": "PXY_TCP_OPTION_DESTINATION_ADDR",
"table_type": "virtual",
"physical_table": "TSG_OBJ_IP_ADDR"
},
{
"table_id": 76,
"table_name": "PXY_TCP_OPTION_SERVER_FQDN",
"table_type": "virtual",
"physical_table": "TSG_OBJ_FQDN"
},
{
"table_id": 77,
"table_name": "PXY_TCP_OPTION_SERVER_FQDN",
"table_type": "virtual",
"physical_table": "TSG_OBJ_FQDN_CAT"
},
{
"table_id": 78,
"table_name": "TRAFFIC_SHAPING_PROFILE",
"table_type": "plugin",
"valid_column": 7,
"custom": {
"key": 1,
"key_type": "integer"
}
},
{
"table_id": 79,
"table_name": "TSG_DYN_MOBILE_IDENTITY_APN_TEID",
"table_type": "plugin",
"valid_column": 7,
"custom": {
"key": 2,
"key_type": "integer"
}
},
{
"table_id": 80,
"table_name": "TSG_DYN_SUBSCRIBER_IP",
"table_type": "plugin",
"valid_column": 5,
"custom": {
"key": 3,
"key_type": "pointer"
}
},
{
"table_id": 81,
"table_name": "TSG_PROFILE_DNS_RECORDS",
"table_type": "plugin",
"valid_column": 5,
"custom": {
"key": 1,
"key_type": "integer"
}
},
{
"table_id": 82,
"table_name": "TSG_PROFILE_RESPONSE_PAGES",
"table_type": "plugin",
"valid_column": 5,
"custom": {
"key": 1,
"key_type": "integer",
"foreign": [
4
]
}
},
{
"table_id": 83,
"table_name": "TSG_PROFILE_TRAFFIC_MIRROR",
"table_type": "plugin",
"valid_column": 4,
"custom": {
"key": 1,
"key_type": "integer"
}
},
{
"table_id": 84,
"table_name": "T_VSYS_INFO",
"table_type": "plugin",
"valid_column": 3,
"custom": {
"key": 1,
"key_type": "integer"
}
},
{
"table_id": 85,
"table_name": "TSG_FIELD_DTLS_SNI",
"table_type": "virtual",
"physical_table": "TSG_OBJ_FQDN"
},
{
"table_id": 86,
"table_name": "TSG_FIELD_DTLS_SNI_CAT",
"table_type": "virtual",
"physical_table": "TSG_OBJ_FQDN_CAT"
}
]

13
ctest/CMakeLists.txt
View File

@@ -7,15 +7,22 @@ add_test(NAME COPY_GTEST_MAIN_CONF COMMAND sh -c "cp -r ${CMAKE_SOURCE_DIR}/bin/
add_test(NAME COPY_GTEST_MAAT_CONF COMMAND sh -c "cp -r ${CMAKE_SOURCE_DIR}/bin/maat.conf ${CMAKE_BINARY_DIR}/testing/tsgconf/") add_test(NAME COPY_GTEST_MAAT_CONF COMMAND sh -c "cp -r ${CMAKE_SOURCE_DIR}/bin/maat.conf ${CMAKE_BINARY_DIR}/testing/tsgconf/")
add_test(NAME COPY_GTEST_LOG_CONF COMMAND sh -c "cp -r ${CMAKE_SOURCE_DIR}/bin/tsg_log_field.conf ${CMAKE_BINARY_DIR}/testing/tsgconf/") add_test(NAME COPY_GTEST_LOG_CONF COMMAND sh -c "cp -r ${CMAKE_SOURCE_DIR}/bin/tsg_log_field.conf ${CMAKE_BINARY_DIR}/testing/tsgconf/")
add_test(NAME COPY_GTEST_PROTO_CONF COMMAND sh -c "cp -r ${CMAKE_SOURCE_DIR}/bin/tsg_l7_protocol.conf ${CMAKE_BINARY_DIR}/testing/tsgconf/") add_test(NAME COPY_GTEST_PROTO_CONF COMMAND sh -c "cp -r ${CMAKE_SOURCE_DIR}/bin/tsg_l7_protocol.conf ${CMAKE_BINARY_DIR}/testing/tsgconf/")
add_test(NAME COPY_GTEST_TABLEINFO COMMAND sh -c "cp -r ${CMAKE_SOURCE_DIR}/bin/tsg_static_tableinfo.conf ${CMAKE_BINARY_DIR}/testing/tsgconf/") add_test(NAME COPY_GTEST_TABLEINFO COMMAND sh -c "cp -r ${CMAKE_SOURCE_DIR}/bin/tsg_static_tableinfo.json ${CMAKE_BINARY_DIR}/testing/tsgconf/")
add_test(NAME COPY_GTEST_MAAT_RULE COMMAND sh -c "cp -r ${CMAKE_SOURCE_DIR}/test/bin/gtest_maat.json ${CMAKE_BINARY_DIR}/testing/tsgconf/tsg_maat.json") add_test(NAME COPY_GTEST_MAAT_RULE COMMAND sh -c "cp -r ${CMAKE_SOURCE_DIR}/test/bin/gtest_maat.json ${CMAKE_BINARY_DIR}/testing/tsgconf/tsg_maat.json")
add_test(NAME COPY_GTEST_PROFILE_RESPONSE_PAGES COMMAND sh -c "cp -r ${CMAKE_SOURCE_DIR}/test/bin/foreign_files ${CMAKE_BINARY_DIR}/testing/")
#add_test(NAME COPY_GTEST_RULE_BIN COMMAND sh -c "cp ${CMAKE_BINARY_DIR}/test/src/gtest_rule ${CMAKE_BINARY_DIR}/testing/") add_test(NAME COPY_GTEST_RULE_BIN COMMAND sh -c "cp ${CMAKE_BINARY_DIR}/test/src/gtest_rule ${CMAKE_BINARY_DIR}/testing/")
add_test(NAME COPY_GTEST_BRIDGE_BIN COMMAND sh -c "cp ${CMAKE_BINARY_DIR}/test/src/gtest_bridge ${CMAKE_BINARY_DIR}/testing/")
add_test(NAME COPY_GTEST_ACTION_BIN COMMAND sh -c "cp ${CMAKE_BINARY_DIR}/test/src/gtest_action ${CMAKE_BINARY_DIR}/testing/")
add_test(NAME COPY_GTEST_SENDLOG_BIN COMMAND sh -c "cp ${CMAKE_BINARY_DIR}/test/src/gtest_sendlog ${CMAKE_BINARY_DIR}/testing/")
add_test(NAME COPY_GTEST_MASTER_BIN COMMAND sh -c "cp ${CMAKE_BINARY_DIR}/test/src/gtest_master ${CMAKE_BINARY_DIR}/testing/") add_test(NAME COPY_GTEST_MASTER_BIN COMMAND sh -c "cp ${CMAKE_BINARY_DIR}/test/src/gtest_master ${CMAKE_BINARY_DIR}/testing/")
add_test(NAME COPY_GTEST_SYNC_SESSION_STATE_BIN COMMAND sh -c "cp ${CMAKE_BINARY_DIR}/test/src/gtest_sync_session_state ${CMAKE_BINARY_DIR}/testing/") add_test(NAME COPY_GTEST_SYNC_SESSION_STATE_BIN COMMAND sh -c "cp ${CMAKE_BINARY_DIR}/test/src/gtest_sync_session_state ${CMAKE_BINARY_DIR}/testing/")
set(GTEST_RUN_DIR ${CMAKE_BINARY_DIR}/testing) set(GTEST_RUN_DIR ${CMAKE_BINARY_DIR}/testing)
#add_test(NAME GTEST_RULE COMMAND gtest_rule WORKING_DIRECTORY ${GTEST_RUN_DIR}) add_test(NAME GTEST_RULE COMMAND gtest_rule WORKING_DIRECTORY ${GTEST_RUN_DIR})
add_test(NAME GTEST_BRIDGE COMMAND gtest_bridge WORKING_DIRECTORY ${GTEST_RUN_DIR})
add_test(NAME GTEST_ACTION COMMAND gtest_action WORKING_DIRECTORY ${GTEST_RUN_DIR})
add_test(NAME GTEST_SENDLOG COMMAND gtest_sendlog WORKING_DIRECTORY ${GTEST_RUN_DIR})
add_test(NAME GTEST_MASTER COMMAND gtest_master WORKING_DIRECTORY ${GTEST_RUN_DIR}) add_test(NAME GTEST_MASTER COMMAND gtest_master WORKING_DIRECTORY ${GTEST_RUN_DIR})
add_test(NAME GTEST_SYNC_SESSION_STATE COMMAND gtest_sync_session_state WORKING_DIRECTORY ${GTEST_RUN_DIR}) add_test(NAME GTEST_SYNC_SESSION_STATE COMMAND gtest_sync_session_state WORKING_DIRECTORY ${GTEST_RUN_DIR})

26
inc/app_label.h
View File

@@ -1,5 +1,4 @@
#ifndef __APP_LABEL_H__ #pragma once
#define __APP_LABEL_H__
#define MAX_APP_ID_NUM 8 #define MAX_APP_ID_NUM 8
@@ -40,19 +39,19 @@ struct app_identify_result
unsigned int surrogate_id[MAX_APP_ID_NUM]; unsigned int surrogate_id[MAX_APP_ID_NUM];
}; };
enum _ATTRIBUTE_TYPE enum LUA_ATTRIBUTE_TYPE
{ {
ATTRIBUTE_TYPE_UNKNOWN, LUA_ATTRIBUTE_TYPE_UNKNOWN,
ATTRIBUTE_TYPE_IP, LUA_ATTRIBUTE_TYPE_IP,
ATTRIBUTE_TYPE_STRING, LUA_ATTRIBUTE_TYPE_STRING,
ATTRIBUTE_TYPE_NUMERIC, LUA_ATTRIBUTE_TYPE_NUMERIC,
ATTRIBUTE_TYPE_BOOL, LUA_ATTRIBUTE_TYPE_BOOL,
_ATTRIBUTE_TYPE_MAX LUA_ATTRIBUTE_TYPE_MAX
}; };
struct attribute_kv struct attribute_kv
{ {
enum _ATTRIBUTE_TYPE type; enum LUA_ATTRIBUTE_TYPE type;
char *name; char *name;
union union
{ {
@@ -63,10 +62,9 @@ struct attribute_kv
}; };
}; };
struct user_defined_attribute_label struct user_defined_attribute
{ {
int attribute_num; int n_akv;
struct attribute_kv *attribute; struct attribute_kv *akv;
}; };
#endif

69
inc/tsg_label.h
View File

@@ -1,5 +1,6 @@
#ifndef __TSG_LABEL_H__ #pragma once
#define __TSG_LABEL_H__
#include <stddef.h>
#define MAX_CATEGORY_ID_NUM 8 #define MAX_CATEGORY_ID_NUM 8
#define MAX_STR_FIELD_LEN 64 #define MAX_STR_FIELD_LEN 64
@@ -8,7 +9,7 @@
#define MAX_RESULT_NUM 8 #define MAX_RESULT_NUM 8
typedef enum _tsg_protocol enum TSG_PROTOCOL
{ {
PROTO_UNKONWN=0, PROTO_UNKONWN=0,
PROTO_IPv4=1, PROTO_IPv4=1,
@@ -36,8 +37,7 @@ typedef enum _tsg_protocol
PROTO_RDP, PROTO_RDP,
PROTO_DTLS, PROTO_DTLS,
PROTO_MAX PROTO_MAX
}tsg_protocol_t; };
struct asn_info struct asn_info
{ {
@@ -86,29 +86,9 @@ struct tunnel_endpoint
char *description; char *description;
}; };
struct session_attribute_label
{
int http_action_file_size;
int fqdn_category_id_num;
tsg_protocol_t proto;
long establish_latency_ms;
struct asn_info *client_asn;
struct asn_info *server_asn;
struct location_info *client_location;
struct location_info *server_location;
struct subscribe_id_info *client_subscribe_id;
struct subscribe_id_info *server_subscribe_id;
char *ja3_fingerprint;
unsigned int fqdn_category_id[MAX_CATEGORY_ID_NUM];
struct umts_user_info *user_info;
struct tunnel_endpoint *client_endpoint;
struct tunnel_endpoint *server_endpoint;
unsigned long session_flags;
};
struct tsg_conn_sketch_notify_data struct tsg_conn_sketch_notify_data
{ {
tsg_protocol_t protocol; enum TSG_PROTOCOL protocol;
union union
{ {
char *mail_eml_filename; char *mail_eml_filename;
@@ -117,12 +97,6 @@ struct tsg_conn_sketch_notify_data
}pdata; }pdata;
}; };
struct notify_shaping_policy
{
int shaping_result_num;
struct Maat_rule_t shaping_result[MAX_RESULT_NUM];
};
enum NOTIFY_TYPE enum NOTIFY_TYPE
{ {
NOTIFY_TYPE_MIRRORED=0, NOTIFY_TYPE_MIRRORED=0,
@@ -140,18 +114,18 @@ struct mirrored_stat
{ {
long bytes; long bytes;
long packets; long packets;
int compile_id; long long compile_id;
}; };
struct policy_capture_result struct policy_capture_result
{ {
int compile_id; long long compile_id;
char *packet_path; char *packet_path;
}; };
struct tsg_notify_data struct tsg_notify_data
{ {
int compile_id; long long compile_id;
enum NOTIFY_TYPE type; enum NOTIFY_TYPE type;
union union
{ {
@@ -181,7 +155,7 @@ struct http_s3_file
struct business_notify_data struct business_notify_data
{ {
tsg_protocol_t proto; //enum _tsg_protocol (tsg_types.h) enum TSG_PROTOCOL proto; //enum _tsg_protocol (tsg_types.h)
union union
{ {
struct http_s3_file *s3_http; struct http_s3_file *s3_http;
@@ -189,4 +163,25 @@ struct business_notify_data
}; };
}; };
#endif struct session_runtime_attribute;
const struct session_runtime_attribute *session_runtime_attribute_get(const struct streaminfo *a_stream);
const char *srt_attribute_get_ja3_fingerprint(const struct session_runtime_attribute *srt_attribute);
const char *srt_attribute_get_client_subscriber_id(const struct session_runtime_attribute *srt_attribute);
const char *srt_attribute_get_server_subscriber_id(const struct session_runtime_attribute *srt_attribute);
const struct asn_info *srt_attribute_get_client_ip_asn(const struct session_runtime_attribute *srt_attribute);
const struct asn_info *srt_attribute_get_server_ip_asn(const struct session_runtime_attribute *srt_attribute);
const struct location_info *srt_attribute_get_client_ip_location(const struct session_runtime_attribute *srt_attribute);
const struct location_info *srt_attribute_get_server_ip_location(const struct session_runtime_attribute *srt_attribute);
size_t srt_attribute_get_category_ids(const struct session_runtime_attribute *srt_attribute, unsigned int *category_ids, size_t n_category_ids);
int srt_attribute_set_category_ids(const struct streaminfo *a_stream, unsigned int *category_ids, int n_category_ids);
struct session_runtime_process_context;
int session_runtime_process_context_async(const struct streaminfo *a_stream, void *data);
const struct session_runtime_process_context *session_runtime_process_context_get(const struct streaminfo *a_stream);
// return NULL; http host or ssl sni or quic sni or dtls sni
const char *srt_process_context_get_domain(const struct session_runtime_process_context *srt_process_context);
const char *srt_process_context_get_http_url(const struct session_runtime_process_context *srt_process_context);
const char *srt_process_context_get_quic_ua(const struct session_runtime_process_context *srt_process_context);
enum TSG_PROTOCOL srt_process_context_get_protocol(const struct session_runtime_process_context *srt_process_context);

93
inc/tsg_rule.h
View File

@@ -1,17 +1,7 @@
#ifndef __TSG_RULE_H__ #pragma once
#define __TSG_RULE_H__
#include <MESA/Maat_rule.h>
#include "tsg_label.h" #include "tsg_label.h"
#define TSG_DOMAIN_MAX 256
#define MAX_APP_ID_PROPERTY_LEN 128
#ifndef MAX_DOMAIN_LEN
#define MAX_DOMAIN_LEN 2048
#endif
#define TSG_ACTION_NONE 0x00 #define TSG_ACTION_NONE 0x00
#define TSG_ACTION_MONITOR 0x01 #define TSG_ACTION_MONITOR 0x01
#define TSG_ACTION_INTERCEPT 0x02 #define TSG_ACTION_INTERCEPT 0x02
@@ -19,9 +9,21 @@
#define TSG_ACTION_SHAPING 0x20 #define TSG_ACTION_SHAPING 0x20
#define TSG_ACTION_MANIPULATE 0x30 #define TSG_ACTION_MANIPULATE 0x30
#define TSG_ACTION_S_CHAINING 0x40 #define TSG_ACTION_S_CHAINING 0x40
#define TSG_ACTION_BYPASS 0x80 #define TSG_ACTION_BYPASS 0x60
#define TSG_ACTION_SHUNT 0x80
#define TSG_ACTION_MAX 0x80 #define TSG_ACTION_MAX 0x80
enum TSG_SERVICE
{
TSG_SERVICE_SECURITY=2,
TSG_SERVICE_INTERCEPT=3,
TSG_SERVICE_CHAINING=5,
TSG_SERVICE_SHAPING=6,
TSG_SERVICE_PRE_SIGNATURE=7,
TSG_SERVICE_SIGNATURE=8,
TSG_SERVICE_MAX
};
enum TSG_METHOD_TYPE enum TSG_METHOD_TYPE
{ {
TSG_METHOD_TYPE_UNKNOWN=0, TSG_METHOD_TYPE_UNKNOWN=0,
@@ -37,65 +39,40 @@ enum TSG_METHOD_TYPE
TSG_METHOD_TYPE_DEFAULT, TSG_METHOD_TYPE_DEFAULT,
TSG_METHOD_TYPE_APP_DROP, TSG_METHOD_TYPE_APP_DROP,
TSG_METHOD_TYPE_ALLOW, TSG_METHOD_TYPE_ALLOW,
TSG_METHOD_TYPE_SHUNT,
TSG_METHOD_TYPE_MAX TSG_METHOD_TYPE_MAX
}; };
struct identify_info
{
tsg_protocol_t proto; //enum _tsg_protocol (tsg_types.h)
int domain_len;
char domain[MAX_DOMAIN_LEN];
};
typedef enum _PULL_RESULT_TYPE
{
PULL_KNI_RESULT,
PULL_FW_RESULT,
PULL_ALL_RESULT
}PULL_RESULT_TYPE;
extern Maat_feather_t g_tsg_maat_feather;
int tsg_rule_init(const char *conffile, void *logger);
int tsg_scan_nesting_addr(Maat_feather_t maat_feather, const struct streaminfo *a_stream, tsg_protocol_t proto, scan_status_t *mid, Maat_rule_t*result, int result_num);
int tsg_pull_policy_result(struct streaminfo *a_stream, PULL_RESULT_TYPE pull_result_type, Maat_rule_t*result, int result_num, struct identify_info *identify_info);
int tsg_pull_shaping_result(struct streaminfo *a_stream, Maat_rule_t*result, int result_num);
char *tsg_pull_quic_ua(struct streaminfo *a_stream);
char *tsg_pull_http_url(struct streaminfo *a_stream);
//return NULL if none exists, otherwise return one deny rule;
struct Maat_rule_t *tsg_fetch_deny_rule(Maat_rule_t *result, int result_num);
enum ACTION_RETURN_TYPE enum ACTION_RETURN_TYPE
{ {
ACTION_RETURN_TYPE_PROT=0, ACTION_RETURN_TYPE_PROT=0,
ACTION_RETURN_TYPE_APP, ACTION_RETURN_TYPE_APP,
ACTION_RETURN_TYPE_TCPALL ACTION_RETURN_TYPE_TCPALL
}; };
unsigned char tsg_deal_deny_action(const struct streaminfo *a_stream, Maat_rule_t *p_result, tsg_protocol_t protocol, enum ACTION_RETURN_TYPE type, const void *user_data);
int tsg_get_method_id(char *method); extern struct maat *g_tsg_maat_feather;
int tsg_free_compile_user_region(const struct Maat_rule_t *rule, struct compile_user_region *user_region); struct maat_rule
struct compile_user_region *tsg_get_compile_user_region(const Maat_feather_t maat_feather, struct Maat_rule_t *result); {
long long rule_id;
unsigned char action;
unsigned char service_id;
unsigned char do_log;
unsigned char padding[5];
};
struct matched_policy_rules
{
size_t n_rules;
struct maat_rule rules[MAX_RESULT_NUM];
};
////return -1 if none exists otherwise return >=0 void session_matched_rules_notify(const struct streaminfo *a_stream, TSG_SERVICE service, struct maat_rule *rules, size_t n_rules, int thread_seq);
int tsg_get_column_integer_value(const char* line, int column_seq); size_t tsg_matched_rules_select(struct maat *feather, TSG_SERVICE service, long long *matched_rules, size_t n_matched_rules, struct maat_rule *rules, size_t n_rules);
size_t tsg_scan_nesting_addr(const struct streaminfo *a_stream, struct maat *feather, enum TSG_PROTOCOL proto, struct maat_state *s_mid, struct maat_rule *rules, size_t n_rules);
size_t session_matched_rules_copy(const struct streaminfo *a_stream, enum TSG_SERVICE service, struct maat_rule *rules, size_t n_rules);
//return NULL if none exists, otherwise return value; int tsg_get_fqdn_category_ids(struct maat *feather, char *fqdn, unsigned int *category_ids, int n_category_ids);
char *tsg_get_column_string_value(const char* line, int column_seq);
int tsg_set_fqdn_category_id(const struct streaminfo *a_stream, unsigned int *category_id, int category_id_num, int thread_seq); unsigned char tsg_enforing_deny(const struct streaminfo *a_stream, struct maat_rule *p_result, enum TSG_PROTOCOL protocol, enum ACTION_RETURN_TYPE type, const void *user_data);
int tsg_get_fqdn_category_id(Maat_feather_t maat_feather, char *fqdn, unsigned int *category_id, int category_id_num, void *logger, int thread_seq);
int tsg_scan_app_id_policy(Maat_feather_t maat_feather, const struct streaminfo *a_stream, struct Maat_rule_t *result, int result_num, scan_status_t *mid, char *name, unsigned int id, int thread_seq);
int tsg_scan_fqdn_category_id(Maat_feather_t maat_feather, const struct streaminfo *a_stream, struct Maat_rule_t *result, int result_num, scan_status_t *mid, int table_id, unsigned int *category_id, int category_id_num, int thread_seq);
int tsg_notify_hited_monitor_result(const struct streaminfo *a_stream, struct Maat_rule_t *result, int result_num, int thread_seq);
int tsg_notify_hited_shaping_result(const struct streaminfo *a_stream, struct Maat_rule_t *result, int result_num, int thread_seq);
int tsg_notify_hited_security_result(const struct streaminfo *a_stream, struct Maat_rule_t *result, int result_num, int thread_seq);
int tsg_notify_hited_s_chaining_result(const struct streaminfo *a_stream, struct Maat_rule_t *result, int result_num, int thread_seq);
#endif

53
inc/tsg_send_log.h
View File

@@ -1,11 +1,4 @@
#ifndef __TSG_SEND_LOG_H__ #pragma once
#define __TSG_SEND_LOG_H__
#include <MESA/Maat_rule.h>
#ifndef PRINTADDR
#define PRINTADDR(a, b) ((b)<RLOG_LV_FATAL ? printaddr(&(a->addr), a->threadnum) : "")
#endif
enum DO_LOG enum DO_LOG
{ {
@@ -14,15 +7,7 @@ enum DO_LOG
LOG_NOFILE=2, LOG_NOFILE=2,
}; };
enum TLD_TYPE
typedef struct _tsg_log
{
int result_num;
Maat_rule_t *result;
struct streaminfo *a_stream;
}tsg_log_t;
typedef enum _tld_type
{ {
TLD_TYPE_UNKNOWN=0, TLD_TYPE_UNKNOWN=0,
TLD_TYPE_LONG=1, TLD_TYPE_LONG=1,
@@ -32,7 +17,19 @@ typedef enum _tld_type
TLD_TYPE_CJSON, // TLD_TYPE_CJSON is obsolete, please use TLD_TYPE_OBJECT TLD_TYPE_CJSON, // TLD_TYPE_CJSON is obsolete, please use TLD_TYPE_OBJECT
TLD_TYPE_OBJECT, TLD_TYPE_OBJECT,
TLD_TYPE_MAX TLD_TYPE_MAX
}TLD_TYPE; };
enum LOG_TYPE
{
LOG_TYPE_SECURITY_EVENT=0,
LOG_TYPE_SESSION_RECORD,
LOG_TYPE_INTERNAL_RTP_RECORD,
LOG_TYPE_VOIP_RECORD,
LOG_TYPE_INTERIM_SESSION_RECORD,
LOG_TYPE_TRANSACTION_RECORD,
LOG_TYPE_GTPC_RECORD,
LOG_TYPE_BGP_RECORD
};
struct TLD_handle_t; struct TLD_handle_t;
struct tsg_log_instance_t; struct tsg_log_instance_t;
@@ -40,24 +37,20 @@ struct tsg_log_instance_t;
extern struct tsg_log_instance_t *g_tsg_log_instance; extern struct tsg_log_instance_t *g_tsg_log_instance;
struct TLD_handle_t *TLD_create(int thread_id); struct TLD_handle_t *TLD_create(int thread_id);
int TLD_search(struct TLD_handle_t *handle, char *key); int TLD_search(struct TLD_handle_t *handle, char *key);
int TLD_append(struct TLD_handle_t *handle, char *key, void *value, TLD_TYPE type); int TLD_append(struct TLD_handle_t *handle, char *key, void *value, enum TLD_TYPE type);
int TLD_append_streaminfo(struct tsg_log_instance_t *instance, struct TLD_handle_t *handle, struct streaminfo *a_stream);
int TLD_cancel(struct TLD_handle_t *handle);
struct TLD_handle_t *TLD_duplicate(struct TLD_handle_t *handle); struct TLD_handle_t *TLD_duplicate(struct TLD_handle_t *handle);
//type only TLD_TYPE_LONG/TLD_TYPE_STRING //type only TLD_TYPE_LONG/TLD_TYPE_STRING
int TLD_array_append(struct TLD_handle_t *handle, char *key, void **array, int array_num, TLD_TYPE type); int TLD_array_append(struct TLD_handle_t *handle, char *key, void **array, int array_num, enum TLD_TYPE type);
int TLD_append_streaminfo(struct tsg_log_instance_t *instance, struct TLD_handle_t *handle, const struct streaminfo *a_stream);
int TLD_cancel(struct TLD_handle_t *handle);
int tsg_send_log(struct tsg_log_instance_t *instance, struct TLD_handle_t *handle, tsg_log_t *log_msg, int thread_id);
//return topic_id; return >=0 if success,otherwise return -1; //return topic_id; return >=0 if success,otherwise return -1;
int tsg_register_topic(struct tsg_log_instance_t *instance, char *topic_name); int tsg_register_topic(struct tsg_log_instance_t *instance, const char *topic_name);
int tsg_send_payload(struct tsg_log_instance_t *instance, int topic_id, char *payload, int payload_len, int thread_id); int tsg_send_payload(struct tsg_log_instance_t *instance, int topic_id, char *payload, int payload_len, int thread_id);
int tsg_send_log(struct tsg_log_instance_t *instance, struct TLD_handle_t *handle, const struct streaminfo *a_stream, enum LOG_TYPE log_type, struct maat_rule *rules, size_t n_rules, int thread_id);
unsigned long long tsg_get_stream_id(struct streaminfo *a_stream); unsigned long long tsg_get_stream_trace_id(const struct streaminfo *a_stream);
char *tsg_l7_protocol_id2name(unsigned int l7_protocol_id); const char *tsg_l7_protocol_id2name(unsigned int l7_protocol_id);
unsigned int tsg_l7_protocol_name2id(const char *l7_protocol_name); unsigned int tsg_l7_protocol_name2id(const char *l7_protocol_name);
#endif

4
inc/tsg_statistic.h
View File

@@ -20,8 +20,8 @@ struct _traffic_info
long long out_packets; long long out_packets;
}; };
int tsg_set_policy_flow(struct streaminfo *a_stream, Maat_rule_t *p_result, int thread_seq); int tsg_set_policy_flow(const struct streaminfo *a_stream, struct maat_rule *p_result, int thread_seq);
int tsg_set_intercept_flow(Maat_rule_t *p_result, struct _traffic_info *traffic_info, int thread_seq); int tsg_set_intercept_flow(struct maat_rule *p_result, struct _traffic_info *traffic_info, int thread_seq);
int tsg_set_statistic_opt(int value, enum _STATISTIC_OPT_TYPE type, int thread_seq); int tsg_set_statistic_opt(int value, enum _STATISTIC_OPT_TYPE type, int thread_seq);
#endif #endif

5
src/CMakeLists.txt
View File

@@ -2,14 +2,13 @@ cmake_minimum_required(VERSION 2.8)
add_definitions(-fPIC) add_definitions(-fPIC)
set(SRC tsg_entry.cpp tsg_rule.cpp tsg_ssl_utils.cpp tsg_send_log.cpp tsg_statistic.cpp tsg_ssh_utils.cpp tsg_gtp_signaling.cpp tsg_action.cpp tsg_leaky_bucket.cpp tsg_dns.cpp tsg_icmp.cpp tsg_tamper.cpp tsg_bridge.cpp set(SRC tsg_entry.cpp tsg_rule.cpp tsg_ssl_utils.cpp tsg_send_log.cpp tsg_statistic.cpp tsg_ssh_utils.cpp tsg_gtp_signaling.cpp tsg_action.cpp tsg_leaky_bucket.cpp tsg_dns.cpp tsg_icmp.cpp tsg_tamper.cpp tsg_bridge.cpp tsg_protocol.cpp tsg_sync_state.cpp tsg_variable.cpp)
tsg_sync_state.cpp)
include_directories(${CMAKE_SOURCE_DIR}/inc) include_directories(${CMAKE_SOURCE_DIR}/inc)
include_directories(/opt/MESA/include/MESA/) include_directories(/opt/MESA/include/MESA/)
include_directories(/usr/include/) include_directories(/usr/include/)
set(TSG_MASTER_DEPEND_DYN_LIB MESA_handle_logger MESA_prof_load maatframe pthread MESA_field_stat2 rdkafka cjson MESA_jump_layer) set(TSG_MASTER_DEPEND_DYN_LIB MESA_handle_logger MESA_prof_load maat4 pthread MESA_field_stat2 rdkafka cjson MESA_jump_layer)
set(CMAKE_INSTALL_PREFIX /home/mesasoft/sapp_run) set(CMAKE_INSTALL_PREFIX /home/mesasoft/sapp_run)

145
src/tsg_action.cpp
View File

@@ -17,26 +17,27 @@
#include <MESA/stream.h> #include <MESA/stream.h>
#include <MESA/MESA_handle_logger.h> #include <MESA/MESA_handle_logger.h>
#include "app_label.h"
#include "tsg_rule.h" #include "tsg_rule.h"
#include "app_label.h"
#include "tsg_entry.h" #include "tsg_entry.h"
#include "tsg_bridge.h"
#include "tsg_statistic.h" #include "tsg_statistic.h"
#include "tsg_send_log.h" #include "tsg_send_log.h"
#include "tsg_protocol_common.h" #include "tsg_protocol_common.h"
#include "tsg_rule_internal.h"
extern "C" int sendpacket_do_checksum(unsigned char *buf, int protocol, int len); extern "C" int sendpacket_do_checksum(unsigned char *buf, int protocol, int len);
static int replace_policy_variable(const struct streaminfo *a_stream, ctemplate::TemplateDictionary *tpl_dict, int policy_id) static int replace_policy_variable(const struct streaminfo *a_stream, ctemplate::TemplateDictionary *tpl_dict, long long policy_id)
{ {
char ip_str[128]={0}; char ip_str[128]={0};
struct session_attribute_label *attr_label=NULL;
tpl_dict->SetIntValue("tsg_policy_id", policy_id); tpl_dict->SetIntValue("tsg_policy_id", policy_id); //TODO
attr_label=(struct session_attribute_label *)project_req_get_struct(a_stream, g_tsg_para.session_attribute_project_id); const struct session_runtime_attribute *srt_attribute=(const struct session_runtime_attribute *)session_runtime_attribute_get(a_stream);
if(attr_label!=NULL && attr_label->client_subscribe_id!=NULL) if(srt_attribute!=NULL && srt_attribute->client_subscribe_id!=NULL)
{ {
tpl_dict->SetFormattedValue("tsg_subscriber_id", "%s", attr_label->client_subscribe_id->subscribe_id); tpl_dict->SetFormattedValue("tsg_subscriber_id", "%s", srt_attribute->client_subscribe_id->subscribe_id);
} }
else else
{ {
@@ -62,7 +63,7 @@ static int replace_policy_variable(const struct streaminfo *a_stream, ctemplate:
return 0; return 0;
} }
static int set_drop_stream(const struct streaminfo *a_stream, tsg_protocol_t protocol) static int set_drop_stream(const struct streaminfo *a_stream, enum TSG_PROTOCOL protocol)
{ {
int ret=0, opt_value=1; int ret=0, opt_value=1;
MESA_set_stream_opt(a_stream, MSO_DROP_STREAM, (void *)&opt_value, sizeof(opt_value)); MESA_set_stream_opt(a_stream, MSO_DROP_STREAM, (void *)&opt_value, sizeof(opt_value));
@@ -153,7 +154,7 @@ static int get_tcp_mss_option(const struct streaminfo *a_stream, int type, void
return 0; return 0;
} }
static void template_generate(const struct streaminfo *a_stream, int status_code, int policy_id, const char* message, char **page_buff, size_t *page_size, int thread_seq) static void template_generate(const struct streaminfo *a_stream, int status_code, long long policy_id, const char* message, char **page_buff, size_t *page_size, int thread_seq)
{ {
std::string page_output, msg_output; std::string page_output, msg_output;
ctemplate::Template *tpl=NULL; ctemplate::Template *tpl=NULL;
@@ -223,16 +224,14 @@ static void template_generate(const struct streaminfo *a_stream, int status_code
return ; return ;
} }
static int get_response_pages(const struct streaminfo *a_stream, struct Maat_rule_t *p_result, struct compile_user_region *user_region, char **payload, int thread_seq) static int get_response_pages(const struct streaminfo *a_stream, struct maat_rule *p_result, struct compile_user_region *user_region, char **payload, int thread_seq)
{ {
char key[16]={0};
int payload_len=0; int payload_len=0;
struct http_response_pages *res_pages=NULL;
switch(user_region->deny->type) switch(user_region->deny->type)
{ {
case TSG_DENY_TYPE_MESSAGE: case TSG_DENY_TYPE_MESSAGE:
template_generate(a_stream, user_region->deny->code, p_result->config_id, user_region->deny->message, payload, (size_t *)&payload_len, thread_seq); template_generate(a_stream, user_region->deny->code, p_result->rule_id, user_region->deny->message, payload, (size_t *)&payload_len, thread_seq);
return payload_len; return payload_len;
break; break;
case TSG_DENY_TYPE_PROFILE: case TSG_DENY_TYPE_PROFILE:
@@ -241,25 +240,24 @@ static int get_response_pages(const struct streaminfo *a_stream, struct Maat_rul
break; break;
} }
snprintf(key, sizeof(key), "%d", user_region->deny->profile_id); struct http_response_pages *response_pages=(struct http_response_pages *)matched_rule_cites_http_response_pages(g_tsg_maat_feather, (long long)user_region->deny->profile_id);
res_pages=(struct http_response_pages *)Maat_plugin_get_EX_data(g_tsg_maat_feather,g_tsg_para.table_id[TABLE_RESPONSE_PAGES], key); if(response_pages!=NULL)
if(res_pages!=NULL)
{ {
switch(res_pages->format) switch(response_pages->format)
{ {
case HTTP_RESPONSE_FORMAT_HTML: case HTTP_RESPONSE_FORMAT_HTML:
*payload=(char *)dictator_malloc(thread_seq, res_pages->content_len); *payload=(char *)dictator_malloc(thread_seq, response_pages->content_len);
memcpy(*payload, res_pages->content, res_pages->content_len); memcpy(*payload, response_pages->content, response_pages->content_len);
payload_len=res_pages->content_len; payload_len=response_pages->content_len;
break; break;
case HTTP_RESPONSE_FORMAT_TEMPLATE: case HTTP_RESPONSE_FORMAT_TEMPLATE:
template_generate(a_stream, user_region->deny->code, p_result->config_id, res_pages->content, payload, (size_t *)&payload_len, thread_seq); template_generate(a_stream, user_region->deny->code, p_result->rule_id, response_pages->content, payload, (size_t *)&payload_len, thread_seq);
break; break;
default: default:
break; break;
} }
http_response_pages_free(g_tsg_para.table_id[TABLE_RESPONSE_PAGES], (MAAT_PLUGIN_EX_DATA *)&res_pages, 0, NULL); plugin_ex_data_http_response_pages_free(response_pages);
} }
return payload_len; return payload_len;
@@ -439,7 +437,7 @@ static int http_send_reponse_packet(const struct streaminfo *a_stream, char *pac
return ip_tcp_hdr_len+http_hdr_len+payload_len; return ip_tcp_hdr_len+http_hdr_len+payload_len;
} }
static int http_build_response_packet(const struct streaminfo *a_stream, struct Maat_rule_t *p_result, struct compile_user_region *user_region, const void *a_packet) static int http_build_response_packet(const struct streaminfo *a_stream, struct maat_rule *p_result, struct compile_user_region *user_region, const void *a_packet)
{ {
char *payload=NULL; char *payload=NULL;
char message[1024*64]={0}; char message[1024*64]={0};
@@ -465,7 +463,7 @@ static int http_build_response_packet(const struct streaminfo *a_stream, struct
http_hdr_len=get_http_header(message+ip_tcp_hdr_len, sizeof(message)-ip_tcp_hdr_len, user_region->deny->code, NULL); http_hdr_len=get_http_header(message+ip_tcp_hdr_len, sizeof(message)-ip_tcp_hdr_len, user_region->deny->code, NULL);
payload_len=get_response_pages(a_stream, p_result, user_region, &payload, a_stream->threadnum); payload_len=get_response_pages(a_stream, p_result, user_region, &payload, a_stream->threadnum);
set_session_attribute_label(a_stream, TSG_ATTRIBUTE_TYPE_HTTP_ACTION_FILESIZE, (void *)&payload_len, sizeof(int), a_stream->threadnum); srt_attribute_set_reponse_size(a_stream, payload_len);
get_tcp_mss_option(a_stream, TCP_OPT_MSS, (void *)&max_segment_size); get_tcp_mss_option(a_stream, TCP_OPT_MSS, (void *)&max_segment_size);
@@ -499,7 +497,7 @@ static int http_build_response_packet(const struct streaminfo *a_stream, struct
return send_pkt_len; return send_pkt_len;
} }
static int http_get_redirect_url(const struct streaminfo *a_stream, struct Maat_rule_t *p_result, char *url, int code, char *http_hdr, int http_hdr_len) static int http_get_redirect_url(const struct streaminfo *a_stream, struct maat_rule *p_result, char *url, int code, char *http_hdr, int http_hdr_len)
{ {
int used_len=0; int used_len=0;
char *tmp_buff=NULL; char *tmp_buff=NULL;
@@ -510,7 +508,7 @@ static int http_get_redirect_url(const struct streaminfo *a_stream, struct Maat_
{ {
ctemplate::TemplateDictionary dict_303("url_dict"); //dict is automatically finalized after function returned. ctemplate::TemplateDictionary dict_303("url_dict"); //dict is automatically finalized after function returned.
replace_policy_variable(a_stream, &dict_303, p_result->config_id); replace_policy_variable(a_stream, &dict_303, p_result->rule_id);
tpl_303->Expand(&output, &dict_303); tpl_303->Expand(&output, &dict_303);
@@ -532,7 +530,7 @@ static int http_get_redirect_url(const struct streaminfo *a_stream, struct Maat_
return used_len; return used_len;
} }
static unsigned char do_action_reset(const struct streaminfo *a_stream, Maat_rule_t *p_result, tsg_protocol_t protocol) static unsigned char do_action_reset(const struct streaminfo *a_stream, struct maat_rule *p_result, enum TSG_PROTOCOL protocol)
{ {
if(a_stream->type==STREAM_TYPE_TCP) if(a_stream->type==STREAM_TYPE_TCP)
{ {
@@ -550,7 +548,7 @@ static unsigned char do_action_reset(const struct streaminfo *a_stream, Maat_rul
RLOG_LV_FATAL, RLOG_LV_FATAL,
"RST_TCP", "RST_TCP",
"Send RST failed policy_id: %d service: %d action: %d addr: %s", "Send RST failed policy_id: %d service: %d action: %d addr: %s",
p_result->config_id, p_result->rule_id,
p_result->service_id, p_result->service_id,
(unsigned char)p_result->action, (unsigned char)p_result->action,
PRINTADDR(a_stream, g_tsg_para.level) PRINTADDR(a_stream, g_tsg_para.level)
@@ -569,8 +567,7 @@ static unsigned char do_action_reset(const struct streaminfo *a_stream, Maat_rul
return STATE_DROPPKT|STATE_DROPME; return STATE_DROPPKT|STATE_DROPME;
} }
static unsigned char do_action_drop(const struct streaminfo *a_stream, struct maat_rule *p_result, struct compile_user_region *user_region, enum TSG_PROTOCOL protocol, const void *a_packet)
static unsigned char do_action_drop(const struct streaminfo *a_stream, Maat_rule_t *p_result, struct compile_user_region *user_region, tsg_protocol_t protocol, const void *a_packet)
{ {
switch(protocol) switch(protocol)
{ {
@@ -584,7 +581,7 @@ static unsigned char do_action_drop(const struct streaminfo *a_stream, Maat_rule
return STATE_DROPME|STATE_DROPPKT; return STATE_DROPME|STATE_DROPPKT;
} }
static unsigned char do_action_tamper(const struct streaminfo *a_stream, Maat_rule_t *p_result, struct compile_user_region *user_region, tsg_protocol_t protocol, const void *user_data, enum ACTION_RETURN_TYPE type) static unsigned char do_action_tamper(const struct streaminfo *a_stream, struct maat_rule *p_result, struct compile_user_region *user_region, enum TSG_PROTOCOL protocol, const void *user_data, enum ACTION_RETURN_TYPE type)
{ {
if(g_tsg_para.feature_tamper==0) if(g_tsg_para.feature_tamper==0)
{ {
@@ -592,12 +589,12 @@ static unsigned char do_action_tamper(const struct streaminfo *a_stream, Maat_ru
return STATE_DROPME|STATE_DROPPKT; return STATE_DROPME|STATE_DROPPKT;
} }
struct tcpall_context * _context=(struct tcpall_context *)tsg_get_xxx_from_bridge(a_stream, g_tsg_para.bridge[BRIDGE_TYPE_ALL_CONTEXT].id); struct session_runtime_action_context * _context=(struct session_runtime_action_context *)session_runtime_action_context_get(a_stream);
if(_context==NULL) if(_context==NULL)
{ {
_context=(struct tcpall_context *)dictator_malloc(a_stream->threadnum, sizeof(struct tcpall_context)); _context=(struct session_runtime_action_context *)dictator_malloc(a_stream->threadnum, sizeof(struct session_runtime_action_context));
memset(_context, 0, sizeof(struct tcpall_context)); memset(_context, 0, sizeof(struct session_runtime_action_context));
tsg_set_xxx_to_bridge(a_stream, g_tsg_para.bridge[BRIDGE_TYPE_ALL_CONTEXT].id, (void *)_context); session_runtime_action_context_async(a_stream, (void *)_context);
_context->method_type=TSG_METHOD_TYPE_TAMPER; _context->method_type=TSG_METHOD_TYPE_TAMPER;
_context->tamper_count = 0; _context->tamper_count = 0;
} }
@@ -607,21 +604,20 @@ static unsigned char do_action_tamper(const struct streaminfo *a_stream, Maat_ru
_context->tamper_count = 0; _context->tamper_count = 0;
} }
//当前为tsg_master_plug暂时不处理在tsg_master_all_entry处理,防止命中发两次
if(ACTION_RETURN_TYPE_APP == type) if(ACTION_RETURN_TYPE_APP == type)
{ {
return STATE_GIVEME|STATE_DROPPKT|STATE_KILL_OTHER; return STATE_GIVEME|STATE_DROPPKT|STATE_KILL_OTHER;
} }
//TCP这里发送的话tsg_master_all_entry仍会处理发送,UDP没有这个情况,所以加该判断
if(a_stream->type == STREAM_TYPE_UDP) if(a_stream->type == STREAM_TYPE_UDP)
{ {
send_tamper_xxx(a_stream, &_context->tamper_count, user_data); send_tamper_xxx(a_stream, &_context->tamper_count, user_data);
} }
return STATE_DROPME|STATE_DROPPKT; return STATE_DROPME|STATE_DROPPKT;
} }
static unsigned char do_action_default_xxx(const struct streaminfo *a_stream, Maat_rule_t *p_result, struct compile_user_region *user_region, tsg_protocol_t protocol, const void *user_data) static unsigned char do_action_default_xxx(const struct streaminfo *a_stream, struct maat_rule *p_result, struct compile_user_region *user_region, enum TSG_PROTOCOL protocol, const void *user_data)
{ {
struct deny_user_region *deny_region=NULL; struct deny_user_region *deny_region=NULL;
@@ -663,11 +659,11 @@ static unsigned char do_action_default_xxx(const struct streaminfo *a_stream, Ma
return STATE_DROPME|STATE_DROPPKT; return STATE_DROPME|STATE_DROPPKT;
} }
static unsigned char do_action_ratelimit(const struct streaminfo *a_stream, Maat_rule_t *p_result, struct compile_user_region *user_region, enum ACTION_RETURN_TYPE type) static unsigned char do_action_ratelimit(const struct streaminfo *a_stream, struct maat_rule *p_result, struct compile_user_region *user_region, enum ACTION_RETURN_TYPE type)
{ {
struct leaky_bucket *bucket=create_bucket(user_region->deny->bps, a_stream->threadnum); struct leaky_bucket *bucket=create_bucket(user_region->deny->bps, a_stream->threadnum);
int ret=set_bucket_to_tcpall(a_stream, bucket, a_stream->threadnum); int ret=srt_action_context_set_leaky_bucket(a_stream, bucket, a_stream->threadnum);
if(ret==0) if(ret==0)
{ {
destroy_bucket(&bucket, a_stream->threadnum); destroy_bucket(&bucket, a_stream->threadnum);
@@ -687,7 +683,7 @@ static unsigned char do_action_ratelimit(const struct streaminfo *a_stream, Maat
return STATE_GIVEME|STATE_KILL_OTHER; return STATE_GIVEME|STATE_KILL_OTHER;
} }
static unsigned char do_action_block_sip(const struct streaminfo *a_stream, Maat_rule_t *p_result, struct compile_user_region *user_region, const void *user_data) static unsigned char do_action_block_sip(const struct streaminfo *a_stream, struct maat_rule *p_result, struct compile_user_region *user_region, const void *user_data)
{ {
int offset=0; int offset=0;
char payload[1024]={0}; char payload[1024]={0};
@@ -714,7 +710,7 @@ static unsigned char do_action_block_sip(const struct streaminfo *a_stream, Maat
return STATE_DROPME|STATE_DROPPKT; return STATE_DROPME|STATE_DROPPKT;
} }
static unsigned char do_action_block_mail(const struct streaminfo *a_stream, Maat_rule_t *p_result, struct compile_user_region *user_region) static unsigned char do_action_block_mail(const struct streaminfo *a_stream, struct maat_rule *p_result, struct compile_user_region *user_region)
{ {
char *payload=NULL; char *payload=NULL;
@@ -739,7 +735,7 @@ static unsigned char do_action_block_mail(const struct streaminfo *a_stream, Maa
return STATE_DROPME|STATE_DROPPKT; return STATE_DROPME|STATE_DROPPKT;
} }
static unsigned char do_action_block_http(const struct streaminfo *a_stream, Maat_rule_t *p_result, struct compile_user_region *user_region, const void *a_packet) static unsigned char do_action_block_http(const struct streaminfo *a_stream, struct maat_rule *p_result, struct compile_user_region *user_region, const void *a_packet)
{ {
int opt_value=0; int opt_value=0;
int send_pkt_len=0; int send_pkt_len=0;
@@ -766,7 +762,7 @@ static unsigned char do_action_block_http(const struct streaminfo *a_stream, Maa
return STATE_DROPME|STATE_DROPPKT; return STATE_DROPME|STATE_DROPPKT;
} }
static unsigned char do_action_block_xxx(const struct streaminfo *a_stream, Maat_rule_t *p_result, struct compile_user_region *user_region, tsg_protocol_t protocol, const void *user_data) static unsigned char do_action_block_xxx(const struct streaminfo *a_stream, struct maat_rule *p_result, struct compile_user_region *user_region, enum TSG_PROTOCOL protocol, const void *user_data)
{ {
if(user_region==NULL || user_region->deny==NULL) if(user_region==NULL || user_region->deny==NULL)
{ {
@@ -796,7 +792,7 @@ static unsigned char do_action_block_xxx(const struct streaminfo *a_stream, Maat
return STATE_DROPME|STATE_DROPPKT; return STATE_DROPME|STATE_DROPPKT;
} }
static unsigned char do_action_redirect_http(const struct streaminfo *a_stream, Maat_rule_t *p_result, struct compile_user_region *user_region) static unsigned char do_action_redirect_http(const struct streaminfo *a_stream, struct maat_rule *p_result, struct compile_user_region *user_region)
{ {
int used_http_hdr_len=0; int used_http_hdr_len=0;
char http_hdr[1024]={0}; char http_hdr[1024]={0};
@@ -819,7 +815,7 @@ static unsigned char do_action_redirect_http(const struct streaminfo *a_stream,
return STATE_DROPME|STATE_DROPPKT; return STATE_DROPME|STATE_DROPPKT;
} }
static unsigned char do_action_redirect_xxx(const struct streaminfo *a_stream, Maat_rule_t *p_result, struct compile_user_region *user_region, tsg_protocol_t protocol, const void *user_data) static unsigned char do_action_redirect_xxx(const struct streaminfo *a_stream, struct maat_rule *p_result, struct compile_user_region *user_region, enum TSG_PROTOCOL protocol, const void *user_data)
{ {
if(user_region==NULL || user_region->deny==NULL) if(user_region==NULL || user_region->deny==NULL)
{ {
@@ -842,7 +838,7 @@ static unsigned char do_action_redirect_xxx(const struct streaminfo *a_stream, M
return STATE_DROPME|STATE_DROPPKT; return STATE_DROPME|STATE_DROPPKT;
} }
static unsigned char tsg_do_deny_action(const struct streaminfo *a_stream, struct compile_user_region *user_region, Maat_rule_t *p_result, tsg_protocol_t protocol, enum ACTION_RETURN_TYPE type, const void *user_data) static unsigned char tsg_do_deny_action(const struct streaminfo *a_stream, struct compile_user_region *user_region, struct maat_rule *p_result, enum TSG_PROTOCOL protocol, enum ACTION_RETURN_TYPE type, const void *user_data)
{ {
unsigned char local_state=STATE_GIVEME; unsigned char local_state=STATE_GIVEME;
unsigned char state=0; unsigned char state=0;
@@ -883,19 +879,18 @@ static unsigned char tsg_do_deny_action(const struct streaminfo *a_stream, struc
if(type!=ACTION_RETURN_TYPE_TCPALL && user_region->deny->after_n_packets>0) if(type!=ACTION_RETURN_TYPE_TCPALL && user_region->deny->after_n_packets>0)
{ {
set_protocol_to_tcpall(a_stream, protocol, a_stream->threadnum); srt_action_context_set_l7_protocol(a_stream, protocol, a_stream->threadnum);
set_method_to_tcpall(a_stream, user_region->method_type, a_stream->threadnum); srt_action_context_set_rule_method(a_stream, user_region->method_type, a_stream->threadnum);
if(a_stream->type==STREAM_TYPE_UDP && type!=ACTION_RETURN_TYPE_PROT) if(a_stream->type==STREAM_TYPE_UDP && type!=ACTION_RETURN_TYPE_PROT)
{ {
set_after_n_packet_to_tcpall(a_stream, user_region->deny->after_n_packets+1, a_stream->threadnum); srt_action_context_set_after_n_packet(a_stream, user_region->deny->after_n_packets+1, a_stream->threadnum);
} }
else else
{ {
set_after_n_packet_to_tcpall(a_stream, user_region->deny->after_n_packets, a_stream->threadnum); srt_action_context_set_after_n_packet(a_stream, user_region->deny->after_n_packets, a_stream->threadnum);
} }
//tsg_set_policy_result(a_stream, PULL_FW_RESULT, p_result, protocol, a_stream->threadnum);
local_state=((type==ACTION_RETURN_TYPE_PROT) ? (STATE_DROPME) : (STATE_DROPME|STATE_KILL_OTHER)); local_state=((type==ACTION_RETURN_TYPE_PROT) ? (STATE_DROPME) : (STATE_DROPME|STATE_KILL_OTHER));
break; break;
} }
@@ -920,11 +915,11 @@ static unsigned char tsg_do_deny_action(const struct streaminfo *a_stream, struc
break; break;
} }
tsg_notify_hited_monitor_result(a_stream, p_result, 1, a_stream->threadnum); session_packet_capture_notify(a_stream, p_result, 1, a_stream->threadnum);
if(method_type!=TSG_METHOD_TYPE_DEFAULT && method_type!=TSG_METHOD_TYPE_APP_DROP) if(method_type!=TSG_METHOD_TYPE_DEFAULT && method_type!=TSG_METHOD_TYPE_APP_DROP)
{ {
set_method_to_tcpall(a_stream, (enum TSG_METHOD_TYPE)method_type, a_stream->threadnum); srt_action_context_set_rule_method(a_stream, (enum TSG_METHOD_TYPE)method_type, a_stream->threadnum);
} }
state=((type==ACTION_RETURN_TYPE_PROT) ? PROT_STATE_GIVEME : APP_STATE_GIVEME); state=((type==ACTION_RETURN_TYPE_PROT) ? PROT_STATE_GIVEME : APP_STATE_GIVEME);
@@ -937,26 +932,23 @@ static unsigned char tsg_do_deny_action(const struct streaminfo *a_stream, struc
return state; return state;
} }
unsigned char tsg_deny_application(const struct streaminfo *a_stream, Maat_rule_t *p_result, tsg_protocol_t protocol, int app_id, enum ACTION_RETURN_TYPE type, const void *user_data) unsigned char tsg_enforing_deny_application(const struct streaminfo *a_stream, struct maat_rule *p_result, enum TSG_PROTOCOL protocol, int app_id, enum ACTION_RETURN_TYPE type, const void *user_data)
{ {
unsigned char state=0; struct app_id_dict *dict=(struct app_id_dict *)matched_rule_cites_app_id_dict(g_tsg_maat_feather, (long long)app_id);
char app_id_buff[32]={0};
struct app_id_dict *dict=NULL;
struct compile_user_region app_user_region={0}, *user_region=NULL;
snprintf(app_id_buff, sizeof(app_id_buff), "%d", app_id);
dict=(struct app_id_dict *)Maat_plugin_get_EX_data(g_tsg_maat_feather, g_tsg_para.table_id[TABLE_APP_ID_DICT], (const char *)app_id_buff);
if(dict==NULL) if(dict==NULL)
{ {
set_drop_stream(a_stream, protocol); set_drop_stream(a_stream, protocol);
return ((type==ACTION_RETURN_TYPE_PROT) ? PROT_STATE_DROPPKT|PROT_STATE_DROPME: APP_STATE_DROPME|APP_STATE_DROPPKT); return ((type==ACTION_RETURN_TYPE_PROT) ? PROT_STATE_DROPPKT|PROT_STATE_DROPME: APP_STATE_DROPME|APP_STATE_DROPPKT);
} }
user_region=(struct compile_user_region *)Maat_rule_get_ex_data(g_tsg_maat_feather, p_result, g_tsg_para.table_id[TABLE_SECURITY_COMPILE]); unsigned char state=0;
if(user_region!=NULL) struct compile_user_region app_user_region;
struct maat_compile *maat_compile=(struct maat_compile *)matched_rule_cites_security_compile(g_tsg_maat_feather, p_result->rule_id);
if(maat_compile!=NULL && maat_compile->user_region!=NULL)
{ {
app_user_region.capture=user_region->capture; app_user_region.capture=maat_compile->user_region->capture;
security_compile_free(g_tsg_para.table_id[TABLE_SECURITY_COMPILE], p_result, NULL, (MAAT_RULE_EX_DATA *)&user_region, 0, NULL); plugin_ex_data_security_compile_free(maat_compile);
} }
switch(dict->deny_app_para.type) switch(dict->deny_app_para.type)
@@ -974,29 +966,28 @@ unsigned char tsg_deny_application(const struct streaminfo *a_stream, Maat_rule_
} }
state=tsg_do_deny_action(a_stream, &app_user_region, p_result, protocol, type, user_data); state=tsg_do_deny_action(a_stream, &app_user_region, p_result, protocol, type, user_data);
app_id_dict_free(g_tsg_para.table_id[TABLE_APP_ID_DICT], (MAAT_PLUGIN_EX_DATA *)&dict, 0, NULL); plugin_ex_data_app_id_dict_free(dict);
return state; return state;
} }
unsigned char tsg_deal_deny_action(const struct streaminfo *a_stream, Maat_rule_t *p_result, tsg_protocol_t protocol, enum ACTION_RETURN_TYPE type, const void *user_data) unsigned char tsg_enforing_deny(const struct streaminfo *a_stream, struct maat_rule *p_result, enum TSG_PROTOCOL protocol, enum ACTION_RETURN_TYPE type, const void *user_data)
{ {
unsigned char state=0;
struct compile_user_region *user_region=NULL;
if(p_result->action==TSG_ACTION_BYPASS) if(p_result->action==TSG_ACTION_BYPASS)
{ {
return ((type==ACTION_RETURN_TYPE_PROT) ? PROT_STATE_DROPME : APP_STATE_GIVEME); return ((type==ACTION_RETURN_TYPE_PROT) ? PROT_STATE_DROPME : APP_STATE_GIVEME);
} }
user_region=(struct compile_user_region *)Maat_rule_get_ex_data(g_tsg_maat_feather, p_result, g_tsg_para.table_id[TABLE_SECURITY_COMPILE]); struct maat_compile *maat_compile=(struct maat_compile *)matched_rule_cites_security_compile(g_tsg_maat_feather, p_result->rule_id);
if(user_region==NULL) if(maat_compile==NULL || maat_compile->user_region==NULL)
{ {
set_drop_stream(a_stream, protocol); set_drop_stream(a_stream, protocol);
return ((type==ACTION_RETURN_TYPE_PROT) ? PROT_STATE_DROPPKT|PROT_STATE_DROPME: APP_STATE_DROPME|APP_STATE_DROPPKT); return ((type==ACTION_RETURN_TYPE_PROT) ? PROT_STATE_DROPPKT|PROT_STATE_DROPME: APP_STATE_DROPME|APP_STATE_DROPPKT);
} }
if(user_region->method_type==TSG_METHOD_TYPE_APP_DROP) unsigned char state=0;
if(maat_compile->user_region->method_type==TSG_METHOD_TYPE_APP_DROP)
{ {
unsigned int app_id=0; unsigned int app_id=0;
@@ -1008,14 +999,14 @@ unsigned char tsg_deal_deny_action(const struct streaminfo *a_stream, Maat_rule_
{ {
app_id=tsg_l7_protocol_name2id(g_tsg_proto_name2id[protocol].name); app_id=tsg_l7_protocol_name2id(g_tsg_proto_name2id[protocol].name);
} }
state=tsg_deny_application(a_stream, p_result, protocol, app_id, ACTION_RETURN_TYPE_APP, user_data); state=tsg_enforing_deny_application(a_stream, p_result, protocol, app_id, ACTION_RETURN_TYPE_APP, user_data);
} }
else else
{ {
state=tsg_do_deny_action(a_stream, user_region, p_result, protocol, type, user_data); state=tsg_do_deny_action(a_stream, maat_compile->user_region, p_result, protocol, type, user_data);
} }
security_compile_free(g_tsg_para.table_id[TABLE_SECURITY_COMPILE], p_result, NULL, (MAAT_RULE_EX_DATA *)&user_region, 0, NULL); plugin_ex_data_security_compile_free(maat_compile);
return state; return state;
} }

943
src/tsg_bridge.cpp
View File

File diff suppressed because it is too large Load Diff

154
src/tsg_bridge.h
View File

@@ -1,10 +1,10 @@
#pragma once #pragma once
#include <MESA/stream.h> #include <MESA/stream.h>
#include <MESA/Maat_rule.h>
#include "tsg_rule.h"
#include "app_label.h" #include "app_label.h"
#include "tsg_label.h"
#include "tsg_rule.h"
#include "tsg_leaky_bucket.h" #include "tsg_leaky_bucket.h"
#ifndef MAX_BRIDGE_NAME_LEN #ifndef MAX_BRIDGE_NAME_LEN
@@ -15,24 +15,29 @@ enum BRIDGE_TYPE
{ {
BRIDGE_TYPE_SEND_CONN_SKETCH_DATA=0, BRIDGE_TYPE_SEND_CONN_SKETCH_DATA=0,
BRIDGE_TYPE_RECV_CONN_SKETCH_DATA, BRIDGE_TYPE_RECV_CONN_SKETCH_DATA,
BRIDGE_TYPE_APP_IDENTIFY_RESULT, BRIDGE_TYPE_SYNC_APP_IDENTIFY_RESULT,
BRIDGE_TYPE_NOTIFY_FLAGS, BRIDGE_TYPE_SYNC_SESSION_FLAGS,
BRIDGE_TYPE_NOTIFY_SHAPING_RESULT, //sync and async BRIDGE_TYPE_SHAPING_RESULT, //sync and async
BRIDGE_TYPE_DATA_CONTEXT, //async BRIDGE_TYPE_SESSION_PROCESS_CONTEXT, //async
BRIDGE_TYPE_ALL_CONTEXT, //async BRIDGE_TYPE_SESSION_ACTION_CONTEXT, //async
BRIDGE_TYPE_GATHER_APP_RESULT, //async BRIDGE_TYPE_GATHER_APP_RESULT, //async
BRIDGE_TYPE_POLICY_PRIORITY, //async BRIDGE_TYPE_SERVICE_CHAINING_RESULT, //async
BRIDGE_TYPE_SERVICE_CHAINING, //async BRIDGE_TYPE_SECURITY_RESULT, //async
BRIDGE_TYPE_SESSION_ATTRIBUTE, //async
BRIDGE_TYPE_MAC_LINKINFO, //async
BRIDGE_TYPE_NAT_C2S_LINKINFO,
BRIDGE_TYPE_NAT_S2C_LINKINFO,
BRIDGE_TYPE_APP_LUA_RESULT,
BRIDGE_TYPE_BUSINESS_S3_FILENAME,
BRIDGE_TYPE_APP_BEHAVIOR_RESULT,
BRIDGE_TYPE_POLICY_ACTION_PARA_EXEC_RESULT,
BRIDGE_TYPE_ASYNC_SESSION_FLAGS,
BRIDGE_TYPE_APP_SIGNATURE_RESULT,
BRIDGE_TYPE_INTERCEPT_RESULT, //sync and async
BRIDGE_TYPE_SEGMENT_IDS, //async service_chaining or shping SID
BRIDGE_TYPE_MAX BRIDGE_TYPE_MAX
}; };
struct tm_hited_result
{
int sid;
int result_num;
struct Maat_rule_t result[MAX_RESULT_NUM];
};
struct app_attributes struct app_attributes
{ {
unsigned int app_id; unsigned int app_id;
@@ -47,29 +52,13 @@ struct gather_app_result
struct app_attributes attributes[MAX_APP_ID_NUM]; struct app_attributes attributes[MAX_APP_ID_NUM];
}; };
struct policy_priority_label
{
tsg_protocol_t proto; //enum _tsg_protocol (tsg_types.h)
int domain_len;
int result_type; //enum _PULL_RESULT_TYPE (tsg_rule.h)
int security_result_num;
union
{
char *http_url;
char *quic_ua;
void *para;
};
char domain[MAX_DOMAIN_LEN];
struct Maat_rule_t security_result[MAX_RESULT_NUM];
};
struct hited_app_para struct hited_app_para
{ {
int hited_app_id; int hited_app_id;
int after_n_packets; int after_n_packets;
}; };
struct master_context struct session_runtime_process_context
{ {
unsigned char is_esni; unsigned char is_esni;
unsigned char is_hited_allow; unsigned char is_hited_allow;
@@ -77,31 +66,38 @@ struct master_context
unsigned char is_app_link; unsigned char is_app_link;
unsigned char sync_cb_state; unsigned char sync_cb_state;
unsigned short timeout; unsigned short timeout;
tsg_protocol_t proto; enum TSG_PROTOCOL proto;
int hited_app_id; // only app int hited_app_id; // only app
unsigned int quic_version; unsigned int quic_version;
unsigned long session_flag; unsigned long session_flag;
union
{
char *ssl_sni;
char *quic_sni;
char *dtls_sni;
char *http_host;
char *domain; char *domain;
};
union union
{ {
char *http_url; char *http_url;
char *quic_ua; char *quic_ua;
void *para; void *para;
}; };
scan_status_t mid; struct maat_state *mid;
struct hited_app_para hited_para; // l7 protocol and app struct hited_app_para hited_para; // l7 protocol and app
long long last_scan_time; long long last_scan_time;
struct Maat_rule_t *hited_result; struct maat_rule *hited_result;
}; };
struct tcpall_context struct session_runtime_action_context
{ {
char udp_data_dropme; char udp_data_dropme;
char set_latency_flag; char set_latency_flag;
char direction; char direction;
char padding[5]; char padding[5];
enum TSG_METHOD_TYPE method_type; enum TSG_METHOD_TYPE method_type;
tsg_protocol_t protocol; enum TSG_PROTOCOL protocol;
union union
{ {
struct leaky_bucket *bucket; struct leaky_bucket *bucket;
@@ -112,28 +108,78 @@ struct tcpall_context
}; };
}; };
struct udp_context struct udp_session_runtime_context
{ {
struct master_context *data_entry; struct session_runtime_process_context *srt_process_context;
struct tcpall_context *all_entry; struct session_runtime_action_context *srt_action_context;
}; };
struct bridge_info struct session_runtime_attribute
{ {
int id; int http_action_file_size;
char name[MAX_BRIDGE_NAME_LEN]; size_t n_fqdn_category_ids;
stream_bridge_free_cb_t *free_cb; enum TSG_PROTOCOL proto;
stream_bridge_sync_cb_t *sync_cb; long establish_latency_ms;
struct asn_info *client_asn;
struct asn_info *server_asn;
struct location_info *client_location;
struct location_info *server_location;
struct subscribe_id_info *client_subscribe_id;
struct subscribe_id_info *server_subscribe_id;
const char *ja3_fingerprint;
unsigned int fqdn_category_ids[MAX_CATEGORY_ID_NUM];
struct umts_user_info *user_info;
struct tunnel_endpoint *client_endpoint;
struct tunnel_endpoint *server_endpoint;
unsigned long session_flags;
}; };
int tsg_init_bridge(const char *conffile);
void free_context_label(const struct streaminfo *stream, int bridge_id, void *data); // init
void free_tcpall_label(const struct streaminfo *stream, int bridge_id, void *data); int tsg_bridge_init(const char *conffile);
void free_policy_label(const struct streaminfo *stream, int bridge_id, void *data);
void free_shaping_result(const struct streaminfo *stream, int bridge_id, void *data);
void free_gather_app_result(const struct streaminfo *stream, int bridge_id, void *data);
void *tsg_get_xxx_from_bridge(const struct streaminfo *a_stream, int bridge_id); //send log
int tsg_set_xxx_to_bridge(const struct streaminfo *a_stream, int bridge_id, void *data); void *session_mac_linkinfo_get(const struct streaminfo * a_stream);
void *session_conn_sketch_notify_data_get(const struct streaminfo * a_stream);
void *session_business_data_get(const struct streaminfo * a_stream);
void *session_session_flags_get(const struct streaminfo * a_stream);
void *session_application_behavior_get(const struct streaminfo * a_stream);
void *session_mirrored_and_capture_packets_exec_result_get(const struct streaminfo * a_stream);
void *session_lua_user_defined_attribute_get(const struct streaminfo * a_stream);
void *session_nat_c2s_linkinfo_get(const struct streaminfo * a_stream);
void *session_nat_s2c_linkinfo_get(const struct streaminfo * a_stream);
void *session_control_segment_ids_get(const struct streaminfo *a_stream);
int session_control_segment_ids_async(const struct streaminfo *a_stream, void *data);
void session_matched_rules_free(const struct streaminfo * a_stream, TSG_SERVICE service, void * data);
int session_matched_rules_async(const struct streaminfo * a_stream, TSG_SERVICE service, void * data);
const struct matched_policy_rules *session_matched_rules_get(const struct streaminfo *a_stream, enum TSG_SERVICE service);
int session_capture_packets_sync(const struct streaminfo *a_stream, struct maat_rule *results, int depth);
int session_mirror_packets_sync(const struct streaminfo *a_stream, struct maat_rule *results, struct mirrored_vlan *vlan);
// security
void session_matched_rules_notify(const struct streaminfo * a_stream, TSG_SERVICE service, struct maat_rule *results, size_t n_results, int thread_seq);
// session runtime attribute
int srt_attribute_set_protocol(const struct streaminfo * a_stream, TSG_PROTOCOL protocol);
int srt_attribute_set_flags(const struct streaminfo * a_stream, unsigned long s_flags);
int srt_attribute_set_establish_latecy(const struct streaminfo * a_stream);
int srt_attribute_set_ja3_fingprint(const struct streaminfo *a_stream, const char *ja3_fingerprint);
int srt_attribute_set_reponse_size(const struct streaminfo *a_stream, int http_action_file_size);
//gather app identify result
int session_gather_app_results_async(const struct streaminfo * a_stream, void * data);
void *session_gather_app_results_get(const struct streaminfo * a_stream);
// session runtime do action context
int session_runtime_action_context_async(const struct streaminfo *a_stream, void *data);
const struct session_runtime_action_context *session_runtime_action_context_get(const struct streaminfo *a_stream);
int srt_action_context_set_leaky_bucket(const struct streaminfo * a_stream, struct leaky_bucket * bucket, int thread_seq);
int srt_action_context_set_l7_protocol(const struct streaminfo * a_stream, TSG_PROTOCOL protocol, int thread_seq);
int srt_action_context_set_rule_method(const struct streaminfo * a_stream, enum TSG_METHOD_TYPE method_type, int thread_seq);
int srt_action_context_set_after_n_packet(const struct streaminfo * a_stream, int after_n_packets, int thread_seq);
int srt_action_context_set_hitted_app_id(const struct streaminfo * a_stream, int hited_app_id, int thread_seq);
char srt_action_context_get_direction(const struct streaminfo * a_stream);

11
src/tsg_dns.cpp
View File

@@ -4,6 +4,7 @@
#include <MESA/dns.h> #include <MESA/dns.h>
#include "tsg_entry.h" #include "tsg_entry.h"
#include "tsg_rule_internal.h"
#include "tsg_protocol_common.h" #include "tsg_protocol_common.h"
static int random_integer(int max, int min) static int random_integer(int max, int min)
@@ -192,12 +193,9 @@ static int dns_set_answer_records(char *payload, int payload_len, struct dns_ans
} }
int used_len=0; int used_len=0;
if(answer_records->record_val.selected_flag==1) if(answer_records->record_val.selected_flag==1)
{ {
char profile_id[128]={0}; struct dns_profile_records *profile_records=(struct dns_profile_records *)matched_rule_cites_dns_profile_record(g_tsg_maat_feather, answer_records->record_val.selected.profile_id);
snprintf(profile_id, sizeof(profile_id), "%d", answer_records->record_val.selected.profile_id);
struct dns_profile_records *profile_records=(struct dns_profile_records *)Maat_plugin_get_EX_data(g_tsg_maat_feather, g_tsg_para.table_id[TABLE_DNS_PROFILE_RECORD], profile_id);
if(profile_records==NULL) if(profile_records==NULL)
{ {
return 0; return 0;
@@ -208,7 +206,7 @@ static int dns_set_answer_records(char *payload, int payload_len, struct dns_ans
used_len+=dns_set_response_records(payload+used_len, payload_len-used_len, profile_records->record_val+idx, record_num, answer_records->max_ttl, answer_records->min_ttl); used_len+=dns_set_response_records(payload+used_len, payload_len-used_len, profile_records->record_val+idx, record_num, answer_records->max_ttl, answer_records->min_ttl);
(*answer_record_num)+=record_num; (*answer_record_num)+=record_num;
dns_profile_records_free(0, (MAAT_PLUGIN_EX_DATA *)&profile_records, 0, NULL); plugin_ex_data_dns_profile_record_free(profile_records);
} }
else else
{ {
@@ -216,11 +214,10 @@ static int dns_set_answer_records(char *payload, int payload_len, struct dns_ans
used_len+=dns_set_response_records(payload+used_len, payload_len-used_len, &(answer_records->record_val), 1, answer_records->max_ttl, answer_records->min_ttl); used_len+=dns_set_response_records(payload+used_len, payload_len-used_len, &(answer_records->record_val), 1, answer_records->max_ttl, answer_records->min_ttl);
} }
return used_len; return used_len;
} }
unsigned char do_action_redirect_dns(const struct streaminfo *a_stream, Maat_rule_t *p_result, struct compile_user_region *user_region, const void *user_data) unsigned char do_action_redirect_dns(const struct streaminfo *a_stream, struct maat_rule *p_result, struct compile_user_region *user_region, const void *user_data)
{ {
int ret=0,used_len=0,record_num=0; int ret=0,used_len=0,record_num=0;
unsigned char raw_route_dir=0; unsigned char raw_route_dir=0;

1919
src/tsg_entry.cpp
View File

File diff suppressed because it is too large Load Diff

101
src/tsg_entry.h
View File

@@ -1,5 +1,4 @@
#ifndef __TSG_ENTRY_H__ #pragma once
#define __TSG_ENTRY_H__
#include <sys/socket.h> #include <sys/socket.h>
#include <netinet/in.h> #include <netinet/in.h>
@@ -7,7 +6,6 @@
#include <MESA/dns.h> #include <MESA/dns.h>
#include <MESA/Maat_rule.h>
#include <MESA/field_stat2.h> #include <MESA/field_stat2.h>
#include "uthash.h" #include "uthash.h"
@@ -54,35 +52,12 @@ typedef int atomic_t;
#define APP_SCAN_FLAG_STOP 0 #define APP_SCAN_FLAG_STOP 0
#define APP_SCAN_FLAG_CONTINUE 1 #define APP_SCAN_FLAG_CONTINUE 1
enum TSG_ATTRIBUTE_TYPE
{
TSG_ATTRIBUTE_TYPE_ESTABLISH_LATECY=0,
TSG_ATTRIBUTE_TYPE_PROTOCOL,
TSG_ATTRIBUTE_TYPE_JA3_HASH,
TSG_ATTRIBUTE_TYPE_MLTS_USER_INFO,
TSG_ATTRIBUTE_TYPE_LOCATION,
TSG_ATTRIBUTE_TYPE_ASN,
TSG_ATTRIBUTE_TYPE_SUBSCRIBER_ID,
TSG_ATTRIBUTE_TYPE_HTTP_ACTION_FILESIZE,
TSG_ATTRIBUTE_TYPE_CATEGORY_ID,
TSG_ATTRIBUTE_TYPE_SESSION_FLAGS,
_MAX_TSG_ATTRIBUTE_TYPE
};
enum HTTP_RESPONSE_FORMAT enum HTTP_RESPONSE_FORMAT
{ {
HTTP_RESPONSE_FORMAT_TEMPLATE=0, HTTP_RESPONSE_FORMAT_TEMPLATE=0,
HTTP_RESPONSE_FORMAT_HTML HTTP_RESPONSE_FORMAT_HTML
}; };
struct l7_protocol
{
int id; /* first key */
char name[32]; /* second key */
UT_hash_handle hh1; /* handle for first hash table */
UT_hash_handle hh2; /* handle for second hash table */
};
struct fqdn_category struct fqdn_category
{ {
int ref_cnt; int ref_cnt;
@@ -112,7 +87,7 @@ struct app_id_dict
char *app_name; char *app_name;
char *parent_app_name; char *parent_app_name;
char *category; char *category;
char *subcategroy; char *subcategory;
char *technology; char *technology;
char *characteristics; char *characteristics;
struct deny_user_region deny_app_para; struct deny_user_region deny_app_para;
@@ -181,80 +156,8 @@ typedef enum tsg_statis_field_id
STATIS_MAX STATIS_MAX
}tsg_statis_field_id_t; }tsg_statis_field_id_t;
enum TRAFFIC_INFO_IDX
{
TRAFFIC_INFO_ALLOW=0,
TRAFFIC_INFO_DENY,
TRAFFIC_INFO_MONITOR,
TRAFFIC_INFO_INTERCEPT,
TRAFFIC_INFO_MAX
};
typedef struct tsg_statistic
{
int cycle;
int fs_line_id;
int thread_alive;
pthread_t stat_thread_id;
int fs_field_id[STATIS_MAX];
long long statistic_opt[_OPT_TYPE_MAX];
struct _traffic_info *traffic_info[TSG_ACTION_MAX+1];
struct _traffic_info default_total_info;
screen_stat_handle_t fs2_handle;
}tsg_statis_para_t;
int tsg_statistic_init(const char *conffile, void *logger); int tsg_statistic_init(const char *conffile, void *logger);
void tsg_statistic_destroy(void); void tsg_statistic_destroy(void);
int tsg_gtp_signaling_hash_init(const char* conffile, void *logger); int tsg_gtp_signaling_hash_init(const char* conffile, void *logger);
long long get_current_time_ms(void);
//parent_app_name.app_name
int tsg_app_id2name(int app_id, char *app_name, int app_name_len, int is_joint_parent);
//return 18 or 19: subdivision_addr
int tsg_get_location_type(void);
void location_free_data(int table_id, MAAT_PLUGIN_EX_DATA* ad, long argl, void* argp);
void ASN_number_free(int table_id, MAAT_PLUGIN_EX_DATA* ad, long argl, void* argp);
void subscriber_id_free(int table_id, MAAT_PLUGIN_EX_DATA* ad, long argl, void* argp);
void app_id_dict_free(int table_id, MAAT_PLUGIN_EX_DATA* ad, long argl, void* argp);
void gtp_c_free_data(int table_id, MAAT_PLUGIN_EX_DATA* ad, long argl, void* argp);
void tunnel_endpoint_free(int table_id, MAAT_PLUGIN_EX_DATA* ad, long argl, void *argp);
void http_response_pages_free(int table_id, MAAT_PLUGIN_EX_DATA* ad, long argl, void* argp);
void dns_profile_records_free(int table_id, MAAT_PLUGIN_EX_DATA* ad, long argl, void *argp);
void set_session_attribute_label(const struct streaminfo *a_stream, enum TSG_ATTRIBUTE_TYPE type, void *value, int value_len, int thread_seq);
int set_method_to_tcpall(const struct streaminfo *a_stream, enum TSG_METHOD_TYPE method_type, int thread_seq);
int set_protocol_to_tcpall(const struct streaminfo *a_stream, tsg_protocol_t protocol, int thread_seq);
int set_bucket_to_tcpall(const struct streaminfo *a_stream, struct leaky_bucket *bucket, int thread_seq);
int set_after_n_packet_to_tcpall(const struct streaminfo *a_stream, int after_n_packets, int thread_seq);
char get_direction_from_tcpall(const struct streaminfo *a_stream);
void security_compile_free(int idx, const struct Maat_rule_t* rule, const char* srv_def_large, MAAT_RULE_EX_DATA* ad, long argl, void *argp);
struct Maat_rule_t *tsg_policy_decision_criteria(struct streaminfo *a_stream, Maat_rule_t *result, int result_num, int thread_seq);
int tsg_scan_addr(Maat_feather_t maat_feather, const struct streaminfo *a_stream, tsg_protocol_t proto, scan_status_t *mid, Maat_rule_t*result, int result_num);
int tsg_scan_shared_policy(Maat_feather_t maat_feather, const struct streaminfo *a_stream, char *domain, Maat_rule_t *result, int result_num, scan_status_t *mid, int table_id, int thread_seq);
int tsg_scan_app_properties_policy(Maat_feather_t maat_feather, const struct streaminfo *a_stream, struct Maat_rule_t *result, int result_num, scan_status_t *mid, char *property, char *district, int thread_seq);
int tsg_scan_subscribe_id_policy(Maat_feather_t maat_feather, const struct streaminfo *a_stream, struct Maat_rule_t *result, int result_num, scan_status_t *mid, struct subscribe_id_info *user_info, int thread_seq);
int tsg_get_umts_user_info(const struct streaminfo *a_stream, struct umts_user_info **user_info);
struct umts_user_info *tsg_get_umts_user_info_form_redis(unsigned int teid);
int tsg_set_policy_result(const struct streaminfo *a_stream, PULL_RESULT_TYPE result_type, struct Maat_rule_t *p_result, tsg_protocol_t proto, int thread_seq);
int tsg_scan_gtp_apn_policy(Maat_feather_t maat_feather, const struct streaminfo *a_stream, struct Maat_rule_t *result, int result_num, scan_status_t *mid, char *apn, int thread_seq);
int tsg_scan_gtp_imsi_policy(Maat_feather_t maat_feather, const struct streaminfo *a_stream, struct Maat_rule_t *result, int result_num, scan_status_t *mid, char *imsi, int thread_seq);
int tsg_scan_gtp_phone_number_policy(Maat_feather_t maat_feather, const struct streaminfo *a_stream, struct Maat_rule_t *result, int result_num, scan_status_t *mid, char *phone_number, int thread_seq);
int tsg_get_ip_location(const struct streaminfo *a_stream, int table_id, MAAT_PLUGIN_EX_DATA *client_location, MAAT_PLUGIN_EX_DATA *server_location);
int tsg_get_ip_asn(const struct streaminfo *a_stream, int table_id, MAAT_PLUGIN_EX_DATA* client_asn, MAAT_PLUGIN_EX_DATA* server_asn);
int tsg_get_subscribe_id(const struct streaminfo *a_stream, struct subscribe_id_info **source_subscribe_id, struct subscribe_id_info **dest_subscribe_id);
int tsg_send_raw_packet(const struct streaminfo *a_stream, struct mirrored_vlan *vlan, int vlan_num, int thread_seq);
int tsg_scan_session_flags(Maat_feather_t maat_feather, const struct streaminfo *a_stream, Maat_rule_t *result, int result_num, scan_status_t *mid, int table_id, unsigned long flag, int thread_seq);
int tsg_fetch_hited_security_result(struct Maat_rule_t *hited_result, int hited_result_num, struct Maat_rule_t *security_result, int security_result_num);
int tsg_fetch_hited_shaping_result(struct Maat_rule_t *hited_result, int hited_result_num, struct Maat_rule_t *security_result, int security_result_num);
int tsg_fetch_hited_s_chaining_result(struct Maat_rule_t *hited_result, int hited_result_num, struct Maat_rule_t *s_chaining_result, int s_chaining_result_num);
#endif

7
src/tsg_gtp_signaling.cpp
View File

@@ -5,7 +5,7 @@
#include <MESA/MESA_prof_load.h> #include <MESA/MESA_prof_load.h>
#include <MESA/MESA_handle_logger.h> #include <MESA/MESA_handle_logger.h>
#include "tsg_entry.h" #include "tsg_rule_internal.h"
#include "tsg_gtp_signaling.h" #include "tsg_gtp_signaling.h"
MESA_htable_handle g_gtp_signaling_hash_handle=NULL; MESA_htable_handle g_gtp_signaling_hash_handle=NULL;
@@ -150,7 +150,7 @@ static int get_umts_user_info_form_hash(struct umts_user_info **user_info, unsig
static int get_umts_user_info_form_redis(struct umts_user_info **user_info, unsigned int teid, int thread_seq) static int get_umts_user_info_form_redis(struct umts_user_info **user_info, unsigned int teid, int thread_seq)
{ {
(*user_info)=tsg_get_umts_user_info_form_redis(teid); (*user_info) = tsg_get_umts_user_info_form_redis(g_tsg_maat_feather, (long long)teid);
if((*user_info)!=NULL) if((*user_info)!=NULL)
{ {
return 1; return 1;
@@ -159,8 +159,7 @@ static int get_umts_user_info_form_redis(struct umts_user_info **user_info, unsi
return 0; return 0;
} }
int session_runtine_attribute_get_umts_user_info(const struct streaminfo *a_stream, struct umts_user_info **user_info)
int tsg_get_umts_user_info(const struct streaminfo *a_stream, struct umts_user_info **user_info)
{ {
int ret=0; int ret=0;
unsigned int uplink=0,downlink=0; unsigned int uplink=0,downlink=0;

12
src/tsg_icmp.cpp
View File

@@ -171,8 +171,7 @@ static void format_icmpv4(const char *raw_pkt, char *ret_icmpv4, int *ret_len){
} }
/* /*
* icmpv6数据包组 * icmpv6数据包组<EFBFBD><EFBFBD>? * [ICMPV6] = [ipv6_headr]+[icmp]
* [ICMPV6] = [ipv6_headr]+[icmp]
* *
* icmpv6的最大MTU应是ipv6的最小MTU(1280) * icmpv6的最大MTU应是ipv6的最小MTU(1280)
* <本端内容来自RFC443> * <本端内容来自RFC443>
@@ -183,9 +182,8 @@ static void format_icmpv4(const char *raw_pkt, char *ret_icmpv4, int *ret_len){
* *
* [ICMPV6] = [ipv6_headr]+[icmp] * [ICMPV6] = [ipv6_headr]+[icmp]
* *
* 计算ICMPV6的校验和 (ICMP + 伪首部) 作为计算数据部分 * 计算ICMPV6的校验和<EFBFBD><EFBFBD>?(ICMP + 伪首<EFBFBD><EFBFBD>? 作为计算数据部分
* 注意 ICMPV6数据要补充成四字节对 * 注意<EFBFBD><EFBFBD>?ICMPV6数据要补充成四字节对<EFBFBD><EFBFBD>? * ipv6伪首部数<E983A8><E695B0>? 长度
* ipv6伪首部数据: 长度
* { * {
* Soucre Address : 16 * Soucre Address : 16
* Destination Address: 16 * Destination Address: 16
@@ -267,7 +265,7 @@ static void format_icmpv6(const char *raw_pkt, char *ret_icmpv6, int *ret_len){
memcpy(icmp.origin_data, raw_pkt, icmp_original_data_len); memcpy(icmp.origin_data, raw_pkt, icmp_original_data_len);
upper_layer_packet_len = htonl((int)icmp_len); upper_layer_packet_len = htonl((int)icmp_len);
four_byte_alignment(&icmp_len, &icmp_checksum_len); //icmp_len和icmp_checksum_len 补充为4字节对齐 four_byte_alignment(&icmp_len, &icmp_checksum_len); //icmp_len和icmp_checksum_len 补充<EFBFBD><EFBFBD>?字节对齐
//calc icmp checksum //calc icmp checksum
memcpy(icmp_checksum_buf, &icmp, icmp_len); memcpy(icmp_checksum_buf, &icmp, icmp_len);
@@ -350,6 +348,6 @@ unsigned char send_icmp_unreachable(const struct streaminfo *a_stream)
__FUNCTION__, __FUNCTION__,
debug_buf); debug_buf);
return STATE_DROPME|STATE_DROPPKT;; return STATE_DROPME|STATE_DROPPKT;
} }

25
src/tsg_protocol.cpp Normal file
View File

@@ -0,0 +1,25 @@
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
#include <stdint.h>
#include <MESA/ssl.h>
#include <MESA/stream.h>
int tm_get_ssl_ja3_fingerprint(const struct streaminfo *a_stream, char **ja3_fingerprint)
{
struct _ssl_ja3_info_t *ja3_info=ssl_get_ja3_fingerprint((struct streaminfo *)a_stream, (unsigned char *)a_stream->ptcpdetail->pdata, (unsigned int)a_stream->ptcpdetail->datalen, a_stream->threadnum);
if(ja3_info!=NULL)
{
if(ja3_info->fp!=NULL && ja3_info->fp_len>0)
{
*ja3_fingerprint=(char *)dictator_malloc(a_stream->threadnum, ja3_info->fp_len+1);
memset(*ja3_fingerprint, 0, ja3_info->fp_len+1);
memcpy(*ja3_fingerprint, ja3_info->fp, ja3_info->fp_len);
return 1;
}
}
return 0;
}

12
src/tsg_protocol_common.h
View File

@@ -1,5 +1,4 @@
#ifndef __TSG_PROTOCOL_COMMON_H__ #pragma once
#define __TSG_PROTOCOL_COMMON_H__
#include <MESA/stream.h> #include <MESA/stream.h>
#include "tsg_rule.h" #include "tsg_rule.h"
@@ -120,14 +119,13 @@ struct monitor_user_region
struct default_session_para struct default_session_para
{ {
struct Maat_rule_t result; //XJ default policy struct maat_rule result; //XJ default policy
struct deny_user_region tcp; struct deny_user_region tcp;
struct deny_user_region udp; struct deny_user_region udp;
}; };
struct compile_user_region struct compile_user_region
{ {
int ref_cnt;
enum TSG_METHOD_TYPE method_type; enum TSG_METHOD_TYPE method_type;
union union
{ {
@@ -137,13 +135,13 @@ struct compile_user_region
void *user_region_para; void *user_region_para;
}; };
struct packet_capture capture; struct packet_capture capture;
struct maat_rule compile_rule;
}; };
int tsg_send_inject_packet(const struct streaminfo *a_stream, enum sapp_inject_opt sio, char *payload, int payload_len, unsigned char raw_route_dir); int tsg_send_inject_packet(const struct streaminfo *a_stream, enum sapp_inject_opt sio, char *payload, int payload_len, unsigned char raw_route_dir);
unsigned char do_action_redirect_dns(const struct streaminfo *a_stream, Maat_rule_t *p_result, struct compile_user_region *user_region, const void *user_data); unsigned char do_action_redirect_dns(const struct streaminfo *a_stream, struct maat_rule *p_result, struct compile_user_region *user_region, const void *user_data);
unsigned char send_icmp_unreachable(const struct streaminfo *a_stream); unsigned char send_icmp_unreachable(const struct streaminfo *a_stream);
int send_tamper_xxx(const struct streaminfo *a_stream, long *tamper_count, const void *raw_pkt); int send_tamper_xxx(const struct streaminfo *a_stream, long *tamper_count, const void *raw_pkt);
unsigned char tsg_deny_application(const struct streaminfo *a_stream, Maat_rule_t *p_result, tsg_protocol_t protocol, int app_id, enum ACTION_RETURN_TYPE type, const void *user_data); unsigned char tsg_enforing_deny_application(const struct streaminfo *a_stream, struct maat_rule *p_result, enum TSG_PROTOCOL protocol, int app_id, enum ACTION_RETURN_TYPE type, const void *user_data);
#endif

2903
src/tsg_rule.cpp
View File

File diff suppressed because it is too large Load Diff

177
src/tsg_rule_internal.h Normal file
View File

@@ -0,0 +1,177 @@
#pragma once
#include <MESA/maat.h>
#include "tsg_rule.h"
#include "tsg_variable.h"
#ifndef MAX_FILEPATH_LEN
#define MAX_FILEPATH_LEN 128
#endif
#ifndef MAX_IPV6_ADDR_LEN
#define MAX_IPV6_ADDR_LEN 128
#endif
#ifndef TUNNEL_BOOL_ID_MAX
#define TUNNEL_BOOL_ID_MAX 128
#endif
#ifndef TUNNEL_CATALOG_MAX
#define TUNNEL_CATALOG_MAX 128
#endif
#ifndef MAX_TABLE_NAME_LEN
#define MAX_TABLE_NAME_LEN 64
#endif
enum MAAT_MODE
{
MAAT_MODE_FILE=0,
MAAT_MODE_JSON,
MAAT_MODE_REDIS,
MAAT_MODE_MAX
};
enum MAAT_PLUGIN_TB
{
MAAT_PLUGIN_SECURITY_COMPILE=0,
MAAT_PLUGIN_ASN_USER_DEFINED,
MAAT_PLUGIN_ASN_BUILT_IN,
MAAT_PLUGIN_LOCATION_USER_DEFINED,
MAAT_PLUGIN_LOCATION_BUILT_IN,
MAAT_PLUGIN_FQDN_CAT_USER_DEFINED,
MAAT_PLUGIN_FQDN_CAT_BUILT_IN,
MAAT_PLUGIN_APP_ID_DICT,
MAAT_PLUGIN_RESPONSE_PAGES,
MAAT_PLUGIN_DNS_PROFILE_RECORD,
MAAT_PLUGIN_PROFILE_MIRROR,
MAAT_PLUGIN_TUNNEL_CATALOG,
MAAT_PLUGIN_TUNNEL_ENDPOINT,
MAAT_PLUGIN_TUNNEL_LABEL,
MAAT_PLUGIN_SESSION_LOG, //T_VSYS_INFO,
MAAT_PLUGIN_SUBSCRIBER_IP2ID,
MAAT_PLUGIN_GTP_IP2SIGNALING,
MAAT_PLUGIN_MAX
};
struct maat_plugin_table
{
int id;
char name[MAX_TABLE_NAME_LEN];
maat_ex_new_func_t *ex_new;
maat_ex_free_func_t *ex_free;
maat_ex_dup_func_t *ex_dup;
};
enum MAAT_SCAN_TB
{
MAAT_SCAN_SRC_IP_ADDR=0,
MAAT_SCAN_DST_IP_ADDR,
MAAT_SCAN_SUBSCRIBER_ID,
MAAT_SCAN_APP_ID,
MAAT_SCAN_HTTP_HOST,
MAAT_SCAN_HTTP_URL,
MAAT_SCAN_SSL_SNI,
MAAT_SCAN_EXCLUSION_SSL_SNI,
MAAT_SCAN_SRC_ASN,
MAAT_SCAN_DST_ASN,
MAAT_SCAN_SRC_LOCATION,
MAAT_SCAN_DST_LOCATION,
MAAT_SCAN_QUIC_SNI,
//MAAT_SCAN_FQDN_CAT_ID,
MAAT_SCAN_SELECTOR_ID,
MAAT_SCAN_SELECTOR_PROPERTIES,
MAAT_SCAN_GTP_APN,
MAAT_SCAN_GTP_IMSI,
MAAT_SCAN_GTP_PHONE_NUMBER,
MAAT_SCAN_DTLS_SNI,
MAAT_SCAN_TUNNEL_ID,
MAAT_SCAN_SESSION_FLAGS,
MAAT_SCAN_MAX
};
struct maat_scan_table
{
int id;
char name[MAX_TABLE_NAME_LEN];
};
struct maat_runtime_para
{
int level;
int default_compile_id;
int location_field_num;
int session_record_switch;
char data_center[MAX_STRING_LEN128];
char device_tag[MAX_STRING_LEN128];
struct mirrored_vlan default_vlan;
struct maat_scan_table scan_tb[MAAT_SCAN_MAX];
struct maat_plugin_table plugin_tb[MAAT_PLUGIN_MAX];
void *logger;
};
struct maat_compile
{
int ref_cnt;
struct maat_rule rule;
char *p_user_region;
struct compile_user_region *user_region;
};
int tsg_maat_rule_init(const char *conffile);
void plugin_ex_data_gtp_c_free(struct umts_user_info *user_info);
void plugin_ex_data_asn_number_free(struct asn_info *asn);
void plugin_ex_data_location_free(struct location_info *location);
void plugin_ex_data_subscriber_id_free(struct subscribe_id_info *subscriber);
void plugin_ex_data_tunnel_endpoint_free(struct tunnel_endpoint *t_enpoint);
void plugin_ex_data_http_response_pages_free(struct http_response_pages *response_pages);
void plugin_ex_data_app_id_dict_free(struct app_id_dict * dict);
void plugin_ex_data_security_compile_free(struct maat_compile *maat_compile);
void plugin_ex_data_dns_profile_record_free(struct dns_profile_records * records);
void tsg_maat_state_free(struct maat_state *state);
int srt_attribute_set_ip_asn(const struct streaminfo *a_stream, struct maat *feather, struct asn_info **client_asn, struct asn_info **server_asn);
int srt_attribute_set_ip_location(const struct streaminfo *a_stream, struct maat *feather, struct location_info **client_location, struct location_info **server_location);
int srt_attribute_set_subscriber_id(const struct streaminfo *a_stream, struct maat *feather, struct subscribe_id_info **client_subscriber_id, struct subscribe_id_info **server_subscriber_id);
int session_runtine_attribute_get_umts_user_info(const struct streaminfo *a_stream, struct umts_user_info **user_info);
struct umts_user_info *tsg_get_umts_user_info_form_redis(unsigned int teid);
void *matched_rule_cites_http_response_pages(struct maat *feather, long long profile_id);
void *matched_rule_cites_app_id_dict(struct maat *feather, long long app_id);
void *matched_rule_cites_security_compile(struct maat *feather, long long compile_id);
void *matched_rule_cites_dns_profile_record(struct maat *feather, long long profile_id);
char *tsg_data_center_get(void);
char *tsg_device_tag_get(void);
int tsg_location_type_get(void);
int tsg_session_record_switch_get(void);
int tsg_table_idx_get_by_protocol(enum TSG_PROTOCOL proto);
int tsg_http_url_table_idx_get(void);
long long tsg_default_compile_id_get(void);
//parent_app_name.app_name
int tsg_get_app_name_by_id(struct maat *feather, int app_id, char *app_name, int app_name_len, int is_joint_parent);
size_t tsg_scan_session_flags(const struct streaminfo *a_stream, struct maat *feather, unsigned long flag, struct maat_state *s_mid, struct maat_rule *results, size_t n_results);
size_t tsg_scan_app_id_policy(const struct streaminfo *a_stream, struct maat *feather, unsigned int app_id, struct maat_state *s_mid, struct maat_rule *results, size_t n_results);
size_t tsg_scan_shared_policy(const struct streaminfo *a_stream, struct maat *feather, char *domain, int idx, struct maat_state *s_mid, struct maat_rule *results, size_t n_results);
size_t tsg_scan_app_properties_policy(const struct streaminfo *a_stream, struct maat *feather, char *property, char *district, struct maat_state *s_mid, struct maat_rule *results, int n_results);
size_t tsg_scan_tunnel_id(const struct streaminfo *a_stream, struct maat *feather, struct maat_rule *results, size_t n_results, struct maat_state *s_mid, long long *bool_id_array, size_t n_bool_id_array);
size_t tsg_scan_fqdn_category_id(const struct streaminfo * a_stream, struct maat *feather, unsigned int *category_id, int category_id_num, int table_idx, struct maat_state *s_mid, struct maat_rule *results, size_t n_results);
int tsg_scan_intercept_exclusion(const struct streaminfo *a_stream, struct maat *feather, struct maat_rule *p_result, char *domain, int thread_seq);
struct maat_rule *tsg_select_deny_rule(struct maat_rule *rules, size_t n_rules);
struct umts_user_info *tsg_get_umts_user_info_form_redis(struct maat *feather, long long teid);
size_t tsg_select_matched_security_rules(struct maat_rule * matched_rules, size_t n_matched_rules, struct maat_rule *rules, size_t n_rules);
size_t tsg_select_matched_shaping_rules(struct maat_rule * matched_rules, size_t n_matched_rules, struct maat_rule *rules, size_t n_rules);
size_t tsg_select_matched_service_chaining_rules(struct maat_rule * matched_rules, size_t n_matched_rules, struct maat_rule *rules, size_t n_rules);
int session_packet_capture_notify(const struct streaminfo *a_stream, struct maat_rule *rules, size_t n_rules, int thread_seq);

483
src/tsg_send_log.cpp
View File

@@ -19,7 +19,9 @@
#include "app_label.h" #include "app_label.h"
#include "tsg_entry.h" #include "tsg_entry.h"
#include "tsg_bridge.h"
#include "tsg_send_log.h" #include "tsg_send_log.h"
#include "tsg_rule_internal.h"
#include "tsg_send_log_internal.h" #include "tsg_send_log_internal.h"
#include "rapidjson/document.h" // rapidjson's DOM-style API #include "rapidjson/document.h" // rapidjson's DOM-style API
@@ -33,7 +35,6 @@
using namespace rapidjson; using namespace rapidjson;
using namespace std; using namespace std;
char TSG_SEND_LOG_VERSION_20200729=0;
struct tsg_log_instance_t *g_tsg_log_instance; struct tsg_log_instance_t *g_tsg_log_instance;
struct TLD_handle_t struct TLD_handle_t
@@ -127,7 +128,7 @@ static int register_topic(struct tsg_log_instance_t *instance, struct topic_stat
for(int i=0; i<thread_num; i++) for(int i=0; i<thread_num; i++)
{ {
topic->send_log_percent[i]=100; topic->send_log_percent[i]=100;
topic->drop_start[i]=get_current_time_ms(); topic->drop_start[i]=tsg_get_current_time_ms();
} }
topic->fs2_line_id=FS_register(_instance->fs2_handle, FS_STYLE_LINE, FS_CALC_SPEED, topic->name); topic->fs2_line_id=FS_register(_instance->fs2_handle, FS_STYLE_LINE, FS_CALC_SPEED, topic->name);
@@ -138,7 +139,7 @@ static int register_topic(struct tsg_log_instance_t *instance, struct topic_stat
static int update_percent(struct tsg_log_instance_t *_instance, int service_id, enum LOG_COLUMN_STATUS column, int thread_id) static int update_percent(struct tsg_log_instance_t *_instance, int service_id, enum LOG_COLUMN_STATUS column, int thread_id)
{ {
long long current_time_ms=get_current_time_ms(); long long current_time_ms=tsg_get_current_time_ms();
struct topic_stat *topic=(struct topic_stat *)&(_instance->service2topic[service_id]); struct topic_stat *topic=(struct topic_stat *)&(_instance->service2topic[service_id]);
switch(column) switch(column)
@@ -202,7 +203,7 @@ static struct tsg_log_instance_t *get_log_instance(void)
return NULL; return NULL;
} }
static int is_tunnels(struct streaminfo *a_stream) static int is_tunnels(const struct streaminfo *a_stream)
{ {
const struct streaminfo *ptmp = a_stream; const struct streaminfo *ptmp = a_stream;
const struct streaminfo *pfather=NULL; const struct streaminfo *pfather=NULL;
@@ -240,7 +241,7 @@ static int is_tunnels(struct streaminfo *a_stream)
return is_tunnel; return is_tunnel;
} }
static int set_isn(struct TLD_handle_t *_handle, struct streaminfo *a_stream, char *field_name, enum MESA_stream_opt type) static int set_isn(const struct streaminfo *a_stream, struct TLD_handle_t *_handle, char *field_name, enum MESA_stream_opt type)
{ {
unsigned int isn=0; unsigned int isn=0;
int size=sizeof(isn); int size=sizeof(isn);
@@ -253,21 +254,21 @@ static int set_isn(struct TLD_handle_t *_handle, struct streaminfo *a_stream, ch
return 1; return 1;
} }
static int set_tcp_isn(struct tsg_log_instance_t *_instance, struct TLD_handle_t *_handle, struct streaminfo *a_stream) static int set_tcp_isn(struct tsg_log_instance_t *_instance, struct TLD_handle_t *_handle, const struct streaminfo *a_stream)
{ {
if(a_stream->type==STREAM_TYPE_TCP) if(a_stream->type==STREAM_TYPE_TCP)
{ {
switch(a_stream->dir) switch(a_stream->dir)
{ {
case DIR_C2S: case DIR_C2S:
set_isn(_handle, a_stream, _instance->id2field[LOG_COMMON_TCP_CLIENT_ISN].name, MSO_TCP_ISN_C2S); set_isn(a_stream, _handle, _instance->id2field[LOG_COMMON_TCP_CLIENT_ISN].name, MSO_TCP_ISN_C2S);
break; break;
case DIR_S2C: case DIR_S2C:
set_isn(_handle, a_stream, _instance->id2field[LOG_COMMON_TCP_SERVER_ISN].name, MSO_TCP_ISN_S2C); set_isn(a_stream, _handle, _instance->id2field[LOG_COMMON_TCP_SERVER_ISN].name, MSO_TCP_ISN_S2C);
break; break;
case DIR_DOUBLE: case DIR_DOUBLE:
set_isn(_handle, a_stream, _instance->id2field[LOG_COMMON_TCP_CLIENT_ISN].name, MSO_TCP_ISN_C2S); set_isn(a_stream, _handle, _instance->id2field[LOG_COMMON_TCP_CLIENT_ISN].name, MSO_TCP_ISN_C2S);
set_isn(_handle, a_stream, _instance->id2field[LOG_COMMON_TCP_SERVER_ISN].name, MSO_TCP_ISN_S2C); set_isn(a_stream, _handle, _instance->id2field[LOG_COMMON_TCP_SERVER_ISN].name, MSO_TCP_ISN_S2C);
break; break;
default: default:
break; break;
@@ -277,9 +278,9 @@ static int set_tcp_isn(struct tsg_log_instance_t *_instance, struct TLD_handle_t
return 1; return 1;
} }
static int set_linkinfo(struct tsg_log_instance_t *_instance, struct TLD_handle_t *_handle, struct streaminfo *a_stream) static int set_linkinfo(struct tsg_log_instance_t *_instance, struct TLD_handle_t *_handle, const struct streaminfo *a_stream)
{ {
const char *linkinfo=(const char *)tsg_get_xxx_from_bridge(a_stream, _instance->bridge_id[LOG_BRIDGE_MAC_LINKINFO]); const char *linkinfo=(const char *)session_mac_linkinfo_get(a_stream);
if(linkinfo==NULL) if(linkinfo==NULL)
{ {
return 0; return 0;
@@ -316,7 +317,7 @@ static int set_linkinfo(struct tsg_log_instance_t *_instance, struct TLD_handle_
return 0; return 0;
} }
static int set_asn(struct TLD_handle_t *_handle, struct streaminfo *a_stream, char *field_name, struct asn_info *asn_info) static int set_asn(struct TLD_handle_t *_handle, const struct streaminfo *a_stream, char *field_name, struct asn_info *asn_info)
{ {
if(asn_info!=NULL) if(asn_info!=NULL)
{ {
@@ -334,7 +335,7 @@ static int set_asn(struct TLD_handle_t *_handle, struct streaminfo *a_stream, ch
return 1; return 1;
} }
static int set_location(struct TLD_handle_t *_handle, struct streaminfo *a_stream, char *field_name, struct location_info *location_info) static int set_location(struct TLD_handle_t *_handle, const struct streaminfo *a_stream, char *field_name, struct location_info *location_info)
{ {
if(location_info==NULL) if(location_info==NULL)
{ {
@@ -344,7 +345,7 @@ static int set_location(struct TLD_handle_t *_handle, struct streaminfo *a_strea
int len=0; int len=0;
char buff[1024]={0}; char buff[1024]={0};
int buff_len=sizeof(buff); int buff_len=sizeof(buff);
int location_type=tsg_get_location_type(); int location_type=tsg_location_type_get();
switch(location_type) switch(location_type)
{ {
case 18: case 18:
@@ -376,9 +377,9 @@ static int set_location(struct TLD_handle_t *_handle, struct streaminfo *a_strea
return 1; return 1;
} }
static int set_direction(struct tsg_log_instance_t *_instance, struct TLD_handle_t *_handle, struct streaminfo *a_stream) static int set_direction(struct tsg_log_instance_t *_instance, struct TLD_handle_t *_handle, const struct streaminfo *a_stream)
{ {
char direction=get_direction_from_tcpall(a_stream); char direction=srt_action_context_get_direction(a_stream);
if(direction>0) if(direction>0)
{ {
TLD_append(_handle, _instance->id2field[LOG_COMMON_DIRECTION].name, (void *)(long)direction, TLD_TYPE_LONG); TLD_append(_handle, _instance->id2field[LOG_COMMON_DIRECTION].name, (void *)(long)direction, TLD_TYPE_LONG);
@@ -388,7 +389,7 @@ static int set_direction(struct tsg_log_instance_t *_instance, struct TLD_handle
return 0; return 0;
} }
static int set_address_list(struct tsg_log_instance_t *_instance, struct TLD_handle_t *_handle, struct streaminfo *a_stream) static int set_address_list(struct tsg_log_instance_t *_instance, struct TLD_handle_t *_handle, const struct streaminfo *a_stream)
{ {
unsigned short tunnel_type=0; unsigned short tunnel_type=0;
char nest_addr_buf[1024]; char nest_addr_buf[1024];
@@ -409,7 +410,7 @@ static int set_address_list(struct tsg_log_instance_t *_instance, struct TLD_han
return 1; return 1;
} }
static int set_tuple4(struct tsg_log_instance_t *_instance, struct TLD_handle_t *_handle, struct streaminfo *a_stream) static int set_tuple4(struct tsg_log_instance_t *_instance, struct TLD_handle_t *_handle, const struct streaminfo *a_stream)
{ {
int addr_type=0; int addr_type=0;
unsigned short c_port=0, s_port=0; unsigned short c_port=0, s_port=0;
@@ -456,7 +457,7 @@ static int set_tuple4(struct tsg_log_instance_t *_instance, struct TLD_handle_t
return 1; return 1;
} }
static int set_duraction(struct tsg_log_instance_t *_instance, struct TLD_handle_t *_handle, struct streaminfo *a_stream) static int set_duraction(struct tsg_log_instance_t *_instance, struct TLD_handle_t *_handle, const struct streaminfo *a_stream)
{ {
long common_con_duration_ms=0; long common_con_duration_ms=0;
int size=sizeof(unsigned long long); int size=sizeof(unsigned long long);
@@ -500,7 +501,7 @@ static int set_subscriber_id(struct TLD_handle_t *_handle, char *field_name, str
return 0; return 0;
} }
static int set_fqdn_category(struct tsg_log_instance_t *_instance, struct TLD_handle_t *_handle, struct streaminfo *a_stream, unsigned int *category_id, int category_id_num) static int set_fqdn_category(struct tsg_log_instance_t *_instance, struct TLD_handle_t *_handle, const struct streaminfo *a_stream, unsigned int *category_id, int category_id_num)
{ {
int i=0; int i=0;
if(category_id_num<=0 || category_id==NULL) if(category_id_num<=0 || category_id==NULL)
@@ -519,7 +520,7 @@ static int set_fqdn_category(struct tsg_log_instance_t *_instance, struct TLD_ha
return 1; return 1;
} }
static int set_umts_user_info(struct tsg_log_instance_t *_instance, struct TLD_handle_t *_handle, struct streaminfo *a_stream, struct umts_user_info *user_info) static int set_umts_user_info(struct tsg_log_instance_t *_instance, struct TLD_handle_t *_handle, const struct streaminfo *a_stream, struct umts_user_info *user_info)
{ {
if(user_info==NULL) if(user_info==NULL)
{ {
@@ -549,7 +550,7 @@ static int set_umts_user_info(struct tsg_log_instance_t *_instance, struct TLD_h
return 1; return 1;
} }
static int set_packet_bytes(struct tsg_log_instance_t *_instance, struct TLD_handle_t *_handle, struct streaminfo *a_stream) static int set_packet_bytes(struct tsg_log_instance_t *_instance, struct TLD_handle_t *_handle, const struct streaminfo *a_stream)
{ {
struct tcp_flow_stat *tflow_project=NULL; struct tcp_flow_stat *tflow_project=NULL;
struct udp_flow_stat *uflow_project=NULL; struct udp_flow_stat *uflow_project=NULL;
@@ -600,7 +601,7 @@ static int set_app_identify_info(struct TLD_handle_t *_handle, char *field_name,
for(j=0; j<result[i].app_num; j++) for(j=0; j<result[i].app_num; j++)
{ {
Value object(kObjectType); Value object(kObjectType);
ret=tsg_app_id2name(result[i].attributes[j].app_id, app_name, sizeof(app_name), 0); ret=tsg_get_app_name_by_id(g_tsg_maat_feather, result[i].attributes[j].app_id, app_name, sizeof(app_name), 0);
if(ret>0) if(ret>0)
{ {
add_str_member(_handle, &object, "app_name", app_name); add_str_member(_handle, &object, "app_name", app_name);
@@ -636,7 +637,7 @@ static int get_app_id_list(Value *app_id_object, struct TLD_handle_t *_handle, c
{ {
char app_name[512]={0}; char app_name[512]={0};
Value object(kObjectType); Value object(kObjectType);
int ret=tsg_app_id2name(result->attributes[i].app_id, app_name, sizeof(app_name), 1); int ret=tsg_get_app_name_by_id(g_tsg_maat_feather, result->attributes[i].app_id, app_name, sizeof(app_name), 1);
if(ret>0) if(ret>0)
{ {
add_str_member(_handle, &object, "app_name", app_name); add_str_member(_handle, &object, "app_name", app_name);
@@ -666,7 +667,7 @@ static int set_userdefine_app(struct TLD_handle_t *_handle, char *field_name, st
for(i=0; i<result->app_num; i++) for(i=0; i<result->app_num; i++)
{ {
memset(app_name, 0, sizeof(app_name)); memset(app_name, 0, sizeof(app_name));
tsg_app_id2name(result->attributes[i].app_id, app_name, sizeof(app_name), 1); tsg_get_app_name_by_id(g_tsg_maat_feather, result->attributes[i].app_id, app_name, sizeof(app_name), 1);
if(strnlen(app_name, sizeof(app_name)) > 0) if(strnlen(app_name, sizeof(app_name)) > 0)
{ {
Value app_name_str; Value app_name_str;
@@ -802,7 +803,7 @@ int set_app_info(struct tsg_log_instance_t *_instance, struct TLD_handle_t *_han
if(combined_num==0) if(combined_num==0)
{ {
offset=tsg_app_id2name(result[ORIGIN_UNKNOWN].attributes[0].app_id, app_full_path, sizeof(app_full_path), 0); offset=tsg_get_app_name_by_id(g_tsg_maat_feather, result[ORIGIN_UNKNOWN].attributes[0].app_id, app_full_path, sizeof(app_full_path), 0);
if(offset>0) if(offset>0)
{ {
TLD_append(_handle, _instance->id2field[LOG_COMMON_APP_FULL_PATH].name, (void *)app_full_path, TLD_TYPE_STRING); TLD_append(_handle, _instance->id2field[LOG_COMMON_APP_FULL_PATH].name, (void *)app_full_path, TLD_TYPE_STRING);
@@ -814,7 +815,7 @@ int set_app_info(struct tsg_log_instance_t *_instance, struct TLD_handle_t *_han
for(int i=0; i<combined_num; i++) for(int i=0; i<combined_num; i++)
{ {
offset+=tsg_app_id2name(combined_array[i], app_full_path+offset, sizeof(app_full_path)-offset, 0); offset+=tsg_get_app_name_by_id(g_tsg_maat_feather, combined_array[i], app_full_path+offset, sizeof(app_full_path)-offset, 0);
if(offset>0) if(offset>0)
{ {
app_full_path[offset++]='.'; app_full_path[offset++]='.';
@@ -840,13 +841,13 @@ int set_app_info(struct tsg_log_instance_t *_instance, struct TLD_handle_t *_han
return 1; return 1;
} }
int set_app_id(struct tsg_log_instance_t *_instance, struct TLD_handle_t *_handle, struct streaminfo *a_stream) int set_app_id(struct tsg_log_instance_t *_instance, struct TLD_handle_t *_handle, const struct streaminfo *a_stream)
{ {
struct gather_app_result *gather_result=(struct gather_app_result *)tsg_get_xxx_from_bridge(a_stream, g_tsg_para.bridge[BRIDGE_TYPE_GATHER_APP_RESULT].id); struct gather_app_result *gather_result=(struct gather_app_result *)session_gather_app_results_get(a_stream);
if(gather_result==NULL) if(gather_result==NULL)
{ {
char app_name[512]={0}; char app_name[512]={0};
if(tsg_app_id2name(_instance->unknown_app_id, app_name, sizeof(app_name), 0)) if(tsg_get_app_name_by_id(g_tsg_maat_feather, _instance->unknown_app_id, app_name, sizeof(app_name), 0))
{ {
TLD_append(_handle, _instance->id2field[LOG_COMMON_APP_FULL_PATH].name, (void *)app_name, TLD_TYPE_STRING); TLD_append(_handle, _instance->id2field[LOG_COMMON_APP_FULL_PATH].name, (void *)app_name, TLD_TYPE_STRING);
TLD_append(_handle, _instance->id2field[LOG_COMMON_APP_LABEL].name, (void *)app_name, TLD_TYPE_STRING); TLD_append(_handle, _instance->id2field[LOG_COMMON_APP_LABEL].name, (void *)app_name, TLD_TYPE_STRING);
@@ -879,7 +880,7 @@ int set_app_id(struct tsg_log_instance_t *_instance, struct TLD_handle_t *_handl
return 1; return 1;
} }
int set_vlan(struct tsg_log_instance_t *_instance, struct TLD_handle_t *_handle, struct single_layer_vlan_addr *vlan_addr, int layer_num, Value *tunnel_object, tsg_log_field_id_t id) int set_vlan(struct tsg_log_instance_t *_instance, struct TLD_handle_t *_handle, struct single_layer_vlan_addr *vlan_addr, int layer_num, Value *tunnel_object, enum LOG_FIELD_ID id)
{ {
if(layer_num==0) if(layer_num==0)
{ {
@@ -897,7 +898,7 @@ int set_vlan(struct tsg_log_instance_t *_instance, struct TLD_handle_t *_handle,
return 1; return 1;
} }
static int set_mpls(struct tsg_log_instance_t *_instance, struct TLD_handle_t *_handle, struct single_layer_mpls_addr *mpls_addr, int layer_num, Value *tunnel_object, tsg_log_field_id_t id) static int set_mpls(struct tsg_log_instance_t *_instance, struct TLD_handle_t *_handle, struct single_layer_mpls_addr *mpls_addr, int layer_num, Value *tunnel_object, enum LOG_FIELD_ID id)
{ {
if(layer_num==0) if(layer_num==0)
{ {
@@ -1209,9 +1210,9 @@ int TLD_convert_json(struct TLD_handle_t *_handle, char *buff, unsigned int buff
return 1; return 1;
} }
static int set_mail_eml(struct tsg_log_instance_t *_instance, struct TLD_handle_t *_handle, struct streaminfo *a_stream) static int set_mail_eml(struct tsg_log_instance_t *_instance, struct TLD_handle_t *_handle, const struct streaminfo *a_stream)
{ {
struct tsg_conn_sketch_notify_data *notify_mail=(struct tsg_conn_sketch_notify_data *)tsg_get_xxx_from_bridge(a_stream, g_tsg_para.bridge[BRIDGE_TYPE_RECV_CONN_SKETCH_DATA].id); struct tsg_conn_sketch_notify_data *notify_mail=(struct tsg_conn_sketch_notify_data *)session_conn_sketch_notify_data_get(a_stream);
if(notify_mail!=NULL && notify_mail->pdata.mail_eml_filename!=NULL && notify_mail->protocol==PROTO_MAIL) if(notify_mail!=NULL && notify_mail->pdata.mail_eml_filename!=NULL && notify_mail->protocol==PROTO_MAIL)
{ {
TLD_delete(_handle, _instance->id2field[LOG_COMMON_MAIL_EML_FILE].name); TLD_delete(_handle, _instance->id2field[LOG_COMMON_MAIL_EML_FILE].name);
@@ -1222,10 +1223,9 @@ static int set_mail_eml(struct tsg_log_instance_t *_instance, struct TLD_handle_
return 0; return 0;
} }
static int set_s3_filename(struct tsg_log_instance_t *_instance, struct TLD_handle_t *_handle, const struct streaminfo *a_stream)
static int set_s3_filename(struct tsg_log_instance_t *_instance, struct TLD_handle_t *_handle, struct streaminfo *a_stream)
{ {
struct business_notify_data *bnd_label=(struct business_notify_data *)tsg_get_xxx_from_bridge(a_stream, _instance->bridge_id[LOG_BRIDGE_BUSINESS_S3_FILENAME]); struct business_notify_data *bnd_label=(struct business_notify_data *)session_business_data_get(a_stream);
if(bnd_label==NULL || bnd_label->pdata==NULL) if(bnd_label==NULL || bnd_label->pdata==NULL)
{ {
return 0; return 0;
@@ -1252,20 +1252,29 @@ static int set_s3_filename(struct tsg_log_instance_t *_instance, struct TLD_hand
return 1; return 1;
} }
int set_nat_linkinfo(struct tsg_log_instance_t *_instance, struct TLD_handle_t *_handle, struct streaminfo *a_stream, char *field_name, int project_id) int set_nat_linkinfo(struct tsg_log_instance_t *_instance, struct TLD_handle_t *_handle, const struct streaminfo *a_stream)
{ {
const char *nat_linkinfo=(const char *)stream_bridge_async_data_get(a_stream, project_id); if(_instance->send_nat_linkinfo==0 || a_stream==NULL)
if(nat_linkinfo==NULL)
{ {
return 0; return 0;
} }
copy_rapidjson(_handle, field_name, nat_linkinfo); char *c2s_linkinfo=(char *)session_nat_c2s_linkinfo_get(a_stream);
if(c2s_linkinfo!=NULL)
return 0; {
copy_rapidjson(_handle, _instance->id2field[LOG_COMMON_LINK_INFO_C2S].name, c2s_linkinfo);
} }
static int set_tunnel_ipv4v6_port(struct tsg_log_instance_t *_instance, struct TLD_handle_t *_handle, struct streaminfo *a_stream, Value *object, enum addr_type_t up_layer_type) char *s2c_linkinfo=(char *)session_nat_s2c_linkinfo_get(a_stream);
if(s2c_linkinfo!=NULL)
{
copy_rapidjson(_handle, _instance->id2field[LOG_COMMON_LINK_INFO_S2C].name, s2c_linkinfo);
}
return 1;
}
static int set_tunnel_ipv4v6_port(struct tsg_log_instance_t *_instance, struct TLD_handle_t *_handle, const struct streaminfo *a_stream, Value *object, enum addr_type_t up_layer_type)
{ {
char ip_buff[64]={0}; char ip_buff[64]={0};
if(a_stream==NULL) if(a_stream==NULL)
@@ -1273,7 +1282,7 @@ static int set_tunnel_ipv4v6_port(struct tsg_log_instance_t *_instance, struct T
return 0; return 0;
} }
tsg_log_field_id_t s_ip_idx, d_ip_idx, s_port_idx, d_port_idx; enum LOG_FIELD_ID s_ip_idx, d_ip_idx, s_port_idx, d_port_idx;
switch(up_layer_type) switch(up_layer_type)
{ {
@@ -1332,9 +1341,9 @@ struct session_marker_notify_ctx
char *identify_str; char *identify_str;
}; };
int set_session_flags(struct tsg_log_instance_t *_instance, struct TLD_handle_t *_handle, struct streaminfo *a_stream) int set_session_flags(struct tsg_log_instance_t *_instance, struct TLD_handle_t *_handle, const struct streaminfo *a_stream)
{ {
struct session_marker_notify_ctx *sm_notify=(struct session_marker_notify_ctx *)tsg_get_xxx_from_bridge(a_stream, _instance->bridge_id[LOG_BRIDGE_ASYNC_SESSION_FLAGS]); struct session_marker_notify_ctx *sm_notify=(struct session_marker_notify_ctx *)session_session_flags_get(a_stream);
if(sm_notify==NULL) if(sm_notify==NULL)
{ {
return 0; return 0;
@@ -1353,18 +1362,23 @@ int set_session_flags(struct tsg_log_instance_t *_instance, struct TLD_handle_t
return 0; return 0;
} }
int set_shaping_rule_ids(struct tsg_log_instance_t *_instance, struct TLD_handle_t *_handle, struct streaminfo *a_stream) int set_shaping_rule_ids(struct tsg_log_instance_t *_instance, struct TLD_handle_t *_handle, const struct streaminfo *a_stream)
{ {
struct notify_shaping_policy *shaping_label=(struct notify_shaping_policy *)tsg_get_xxx_from_bridge(a_stream, g_tsg_para.bridge[BRIDGE_TYPE_NOTIFY_SHAPING_RESULT].id); if(a_stream==NULL)
if(shaping_label==NULL) {
return 0;
}
struct matched_policy_rules *hited_shaping=(struct matched_policy_rules *)session_matched_rules_get(a_stream, TSG_SERVICE_SHAPING);
if(hited_shaping==NULL)
{ {
return 0; return 0;
} }
Value shaping_rule_ids_array(kArrayType); Value shaping_rule_ids_array(kArrayType);
for(int i=0; i<shaping_label->shaping_result_num; i++) for(size_t i=0; i<hited_shaping->n_rules; i++)
{ {
shaping_rule_ids_array.PushBack(shaping_label->shaping_result[i].config_id, _handle->document->GetAllocator()); shaping_rule_ids_array.PushBack((unsigned int)(hited_shaping->rules[i].rule_id), _handle->document->GetAllocator());
} }
TLD_append(_handle, _instance->id2field[LOG_COMMON_SHAPING_RULE_IDS].name, (void *) &shaping_rule_ids_array, TLD_TYPE_OBJECT); TLD_append(_handle, _instance->id2field[LOG_COMMON_SHAPING_RULE_IDS].name, (void *) &shaping_rule_ids_array, TLD_TYPE_OBJECT);
@@ -1372,7 +1386,7 @@ int set_shaping_rule_ids(struct tsg_log_instance_t *_instance, struct TLD_handle
return 0; return 0;
} }
static int set_common_tunnels(struct tsg_log_instance_t *_instance, struct TLD_handle_t *_handle, struct streaminfo *a_stream) static int set_common_tunnels(struct tsg_log_instance_t *_instance, struct TLD_handle_t *_handle, const struct streaminfo *a_stream)
{ {
int ret=0; int ret=0;
char ip_buff[64]={0}; char ip_buff[64]={0};
@@ -1469,7 +1483,7 @@ static int set_common_tunnels(struct tsg_log_instance_t *_instance, struct TLD_h
return 0; return 0;
} }
char *log_field_id2name(struct tsg_log_instance_t *instance, tsg_log_field_id_t id) char *log_field_id2name(struct tsg_log_instance_t *instance, enum LOG_FIELD_ID id)
{ {
struct tsg_log_instance_t *_instance=instance; struct tsg_log_instance_t *_instance=instance;
if(_instance!=NULL) if(_instance!=NULL)
@@ -1480,66 +1494,45 @@ char *log_field_id2name(struct tsg_log_instance_t *instance, tsg_log_field_id_t
return NULL; return NULL;
} }
unsigned long long tsg_get_stream_id(struct streaminfo * a_stream) int is_multi_hit_same_policy(struct maat_rule *result, int *policy_id, int *policy_id_num)
{
int ret=0;
int device_id_size=sizeof(unsigned long long);
unsigned long long device_id=(unsigned long long)g_tsg_para.device_seq_in_dc;
ret=MESA_get_stream_opt(a_stream, MSO_GLOBAL_STREAM_ID, (void *)&device_id, &device_id_size);
if(ret==0)
{
return device_id;
}
return -1;
}
int is_multi_hit_same_policy(struct Maat_rule_t *result, int *policy_id, int *policy_id_num)
{ {
int j=0; int j=0;
for(j=0;j<*policy_id_num;j++) for(j=0;j<*policy_id_num;j++)
{ {
if(policy_id[j]==result->config_id) if(policy_id[j]==result->rule_id)
{ {
return 1; return 1;
} }
} }
policy_id[(*policy_id_num)++]=result->config_id; policy_id[(*policy_id_num)++]=result->rule_id;
return 0; return 0;
} }
static int set_xxxx_from_user_region(struct TLD_handle_t *_handle, struct tsg_log_instance_t *_instance, struct Maat_rule_t *p_result, int thread_seq) static int set_xxxx_from_user_region(struct TLD_handle_t *_handle, struct tsg_log_instance_t *_instance, struct maat_rule *p_result, int thread_seq)
{ {
cJSON *item=NULL; cJSON *item=NULL;
cJSON *object=NULL; cJSON *object=NULL;
char *user_region=NULL;
TLD_delete(_handle, _instance->id2field[LOG_COMMON_USER_REGION].name); TLD_delete(_handle, _instance->id2field[LOG_COMMON_USER_REGION].name);
TLD_delete(_handle, _instance->id2field[LOG_COMMON_VSYSTEM_ID].name); TLD_delete(_handle, _instance->id2field[LOG_COMMON_VSYSTEM_ID].name);
TLD_delete(_handle, _instance->id2field[LOG_COMMON_SUB_ACTION].name); TLD_delete(_handle, _instance->id2field[LOG_COMMON_SUB_ACTION].name);
if(p_result->action!=TSG_ACTION_NONE && p_result->serv_def_len>0) if(p_result->action!=TSG_ACTION_NONE)
{ {
user_region=(char *)dictator_malloc(thread_seq, p_result->serv_def_len+1); struct maat_compile *compile=(struct maat_compile *)matched_rule_cites_security_compile(g_tsg_maat_feather, p_result->rule_id);
int ret=Maat_read_rule(g_tsg_maat_feather, p_result, MAAT_RULE_SERV_DEFINE, user_region, p_result->serv_def_len+1); if(compile!=NULL && compile->p_user_region!=NULL)
if(ret==p_result->serv_def_len)
{ {
user_region[p_result->serv_def_len]='\0'; object=cJSON_Parse(compile->p_user_region);
object=cJSON_Parse(user_region);
if(_instance->send_user_region==1) if(_instance->send_user_region==1)
{ {
TLD_append(_handle, _instance->id2field[LOG_COMMON_USER_REGION].name, (void *)user_region, TLD_TYPE_STRING); TLD_append(_handle, _instance->id2field[LOG_COMMON_USER_REGION].name, (void *)(compile->p_user_region), TLD_TYPE_STRING);
}
} }
dictator_free(thread_seq, user_region); plugin_ex_data_security_compile_free(compile);
user_region=NULL; }
} }
if(object==NULL) if(object==NULL)
@@ -1573,35 +1566,20 @@ static int set_xxxx_from_user_region(struct TLD_handle_t *_handle, struct tsg_lo
return 0; return 0;
} }
int set_application_behavior(struct tsg_log_instance_t *_instance, struct TLD_handle_t *_handle, struct streaminfo *a_stream) int set_application_behavior(struct tsg_log_instance_t *_instance, struct TLD_handle_t *_handle, const struct streaminfo *a_stream)
{ {
if(a_stream==NULL) struct application_behavior *behavior_result=(struct application_behavior *)session_application_behavior_get(a_stream);
if(behavior_result!=NULL)
{ {
return 0;
}
struct application_behavior *behavior_result=NULL;
behavior_result=(struct application_behavior *)tsg_get_xxx_from_bridge(a_stream, _instance->bridge_id[LOG_BRIDGE_APP_BEHAVIOR_RESULT]);
if(behavior_result==NULL)
{
return 0;
}
TLD_append(_handle, _instance->id2field[LOG_COMMON_APPLICATION_BEHAVIOR].name, (void *)(behavior_result->stream_behavior), TLD_TYPE_STRING); TLD_append(_handle, _instance->id2field[LOG_COMMON_APPLICATION_BEHAVIOR].name, (void *)(behavior_result->stream_behavior), TLD_TYPE_STRING);
}
return 1; return 1;
} }
int set_notify_execution_result(struct tsg_log_instance_t *_instance, struct TLD_handle_t *_handle, struct streaminfo *a_stream, struct Maat_rule_t *p_result) int set_policy_action_para_exec_result(struct tsg_log_instance_t *_instance, struct TLD_handle_t *_handle, const struct streaminfo *a_stream, struct maat_rule *p_result)
{ {
if(a_stream==NULL) struct tsg_notify_execution_result *execution_result=(struct tsg_notify_execution_result *)session_mirrored_and_capture_packets_exec_result_get(a_stream);
{
return 0;
}
int i=0;
struct tsg_notify_execution_result *execution_result=NULL;
execution_result=(struct tsg_notify_execution_result *)tsg_get_xxx_from_bridge(a_stream, _instance->bridge_id[LOG_BRIDGE_CONN_SKETCH_EXEC_RESULT]);
if(execution_result==NULL) if(execution_result==NULL)
{ {
return 0; return 0;
@@ -1611,9 +1589,9 @@ int set_notify_execution_result(struct tsg_log_instance_t *_instance, struct TLD
TLD_delete(_handle, _instance->id2field[LOG_COMMON_MIRRORED_BYTES].name); TLD_delete(_handle, _instance->id2field[LOG_COMMON_MIRRORED_BYTES].name);
TLD_delete(_handle, _instance->id2field[LOG_COMMON_PACKET_CAPTURE_FILE].name); TLD_delete(_handle, _instance->id2field[LOG_COMMON_PACKET_CAPTURE_FILE].name);
for(i=0; i<execution_result->stat_mirrored_cnt; i++) for(int i=0; i<execution_result->stat_mirrored_cnt; i++)
{ {
if(execution_result->stat_mirrored[i].compile_id==p_result->config_id) if(execution_result->stat_mirrored[i].compile_id==p_result->rule_id)
{ {
TLD_append(_handle, _instance->id2field[LOG_COMMON_MIRRORED_PKTS].name, (void *)(execution_result->stat_mirrored[i].packets), TLD_TYPE_LONG); TLD_append(_handle, _instance->id2field[LOG_COMMON_MIRRORED_PKTS].name, (void *)(execution_result->stat_mirrored[i].packets), TLD_TYPE_LONG);
TLD_append(_handle, _instance->id2field[LOG_COMMON_MIRRORED_BYTES].name, (void *)(execution_result->stat_mirrored[i].bytes), TLD_TYPE_LONG); TLD_append(_handle, _instance->id2field[LOG_COMMON_MIRRORED_BYTES].name, (void *)(execution_result->stat_mirrored[i].bytes), TLD_TYPE_LONG);
@@ -1621,9 +1599,9 @@ int set_notify_execution_result(struct tsg_log_instance_t *_instance, struct TLD
} }
} }
for(i=0; i<execution_result->capture_result_cnt; i++) for(int i=0; i<execution_result->capture_result_cnt; i++)
{ {
if(execution_result->capture_result[i].compile_id==p_result->config_id) if(execution_result->capture_result[i].compile_id==p_result->rule_id)
{ {
TLD_append(_handle, _instance->id2field[LOG_COMMON_PACKET_CAPTURE_FILE].name, (void *)(execution_result->capture_result[i].packet_path), TLD_TYPE_STRING); TLD_append(_handle, _instance->id2field[LOG_COMMON_PACKET_CAPTURE_FILE].name, (void *)(execution_result->capture_result[i].packet_path), TLD_TYPE_STRING);
break; break;
@@ -1633,85 +1611,82 @@ int set_notify_execution_result(struct tsg_log_instance_t *_instance, struct TLD
return 1; return 1;
} }
int set_session_attributes(struct tsg_log_instance_t *_instance, struct TLD_handle_t *_handle, struct streaminfo *a_stream) int set_session_attributes(struct tsg_log_instance_t *_instance, struct TLD_handle_t *_handle, const struct streaminfo *a_stream)
{ {
int ret=0; struct session_runtime_attribute *srt_attribute=(struct session_runtime_attribute *)session_runtime_attribute_get(a_stream);
struct session_attribute_label *attribute_label=NULL; if(srt_attribute==NULL)
attribute_label=(struct session_attribute_label *)project_req_get_struct(a_stream, _instance->session_attribute_project_id);
if(attribute_label==NULL)
{ {
return 0; return 0;
} }
if(attribute_label->establish_latency_ms>0) if(srt_attribute->establish_latency_ms>0)
{ {
TLD_append(_handle, _instance->id2field[LOG_COMMON_ESTABLISH_LATENCY_MS].name, (void *)attribute_label->establish_latency_ms, TLD_TYPE_LONG); TLD_append(_handle, _instance->id2field[LOG_COMMON_ESTABLISH_LATENCY_MS].name, (void *)srt_attribute->establish_latency_ms, TLD_TYPE_LONG);
} }
if(attribute_label->http_action_file_size>0) if(srt_attribute->http_action_file_size>0)
{ {
TLD_append(_handle, _instance->id2field[LOG_COMMON_HTTP_ACTION_FILESIZE].name, (void *)(long)attribute_label->http_action_file_size, TLD_TYPE_LONG); TLD_append(_handle, _instance->id2field[LOG_COMMON_HTTP_ACTION_FILESIZE].name, (void *)(long)srt_attribute->http_action_file_size, TLD_TYPE_LONG);
} }
set_asn(_handle, a_stream, _instance->id2field[LOG_COMMON_CLINET_ASN].name, attribute_label->client_asn); set_asn(_handle, a_stream, _instance->id2field[LOG_COMMON_CLINET_ASN].name, srt_attribute->client_asn);
set_asn(_handle, a_stream, _instance->id2field[LOG_COMMON_SERVER_ASN].name, attribute_label->server_asn); set_asn(_handle, a_stream, _instance->id2field[LOG_COMMON_SERVER_ASN].name, srt_attribute->server_asn);
set_location(_handle, a_stream, _instance->id2field[LOG_COMMON_CLINET_LOCATION].name, attribute_label->client_location); set_location(_handle, a_stream, _instance->id2field[LOG_COMMON_CLINET_LOCATION].name, srt_attribute->client_location);
set_location(_handle, a_stream, _instance->id2field[LOG_COMMON_SERVER_LOCATION].name, attribute_label->server_location); set_location(_handle, a_stream, _instance->id2field[LOG_COMMON_SERVER_LOCATION].name, srt_attribute->server_location);
ret=set_subscriber_id(_handle, _instance->id2field[LOG_COMMON_SUBSCRIBER_ID].name, attribute_label->client_subscribe_id); int ret=set_subscriber_id(_handle, _instance->id2field[LOG_COMMON_SUBSCRIBER_ID].name, srt_attribute->client_subscribe_id);
if(ret==0) if(ret==0)
{ {
set_subscriber_id(_handle, _instance->id2field[LOG_COMMON_SUBSCRIBER_ID].name, attribute_label->server_subscribe_id); set_subscriber_id(_handle, _instance->id2field[LOG_COMMON_SUBSCRIBER_ID].name, srt_attribute->server_subscribe_id);
} }
set_fqdn_category(_instance, _handle, a_stream, attribute_label->fqdn_category_id, attribute_label->fqdn_category_id_num); set_fqdn_category(_instance, _handle, a_stream, srt_attribute->fqdn_category_ids, srt_attribute->n_fqdn_category_ids);
if(attribute_label->ja3_fingerprint!=NULL) if(srt_attribute->ja3_fingerprint!=NULL)
{ {
TLD_append(_handle, _instance->id2field[LOG_SSL_JA3_FINGERPRINT].name, (void *)attribute_label->ja3_fingerprint, TLD_TYPE_STRING); TLD_append(_handle, _instance->id2field[LOG_SSL_JA3_FINGERPRINT].name, (void *)srt_attribute->ja3_fingerprint, TLD_TYPE_STRING);
} }
set_umts_user_info(_instance, _handle, a_stream, attribute_label->user_info); set_umts_user_info(_instance, _handle, a_stream, srt_attribute->user_info);
if(attribute_label->client_endpoint!=NULL) if(srt_attribute->client_endpoint!=NULL)
{ {
TLD_append(_handle, _instance->id2field[LOG_COMMON_TUNNELS_ENDPOINT_A_DESC].name, (void *)attribute_label->client_endpoint->description, TLD_TYPE_STRING); TLD_append(_handle, _instance->id2field[LOG_COMMON_TUNNELS_ENDPOINT_A_DESC].name, (void *)srt_attribute->client_endpoint->description, TLD_TYPE_STRING);
} }
if(attribute_label->server_endpoint!=NULL) if(srt_attribute->server_endpoint!=NULL)
{ {
TLD_append(_handle, _instance->id2field[LOG_COMMON_TUNNELS_ENDPOINT_B_DESC].name, (void *)attribute_label->server_endpoint->description, TLD_TYPE_STRING); TLD_append(_handle, _instance->id2field[LOG_COMMON_TUNNELS_ENDPOINT_B_DESC].name, (void *)srt_attribute->server_endpoint->description, TLD_TYPE_STRING);
} }
if(attribute_label->session_flags>0 && !(TLD_search(_handle, _instance->id2field[LOG_COMMON_FLAGS].name))) if(srt_attribute->session_flags>0 && !(TLD_search(_handle, _instance->id2field[LOG_COMMON_FLAGS].name)))
{ {
TLD_append(_handle, _instance->id2field[LOG_COMMON_FLAGS].name, (void *)attribute_label->session_flags, TLD_TYPE_LONG); TLD_append(_handle, _instance->id2field[LOG_COMMON_FLAGS].name, (void *)srt_attribute->session_flags, TLD_TYPE_LONG);
} }
return 1; return 1;
} }
int set_lua_scripts_result(struct tsg_log_instance_t *_instance, struct TLD_handle_t *_handle, struct streaminfo *a_stream) int set_lua_scripts_result(struct tsg_log_instance_t *_instance, struct TLD_handle_t *_handle, const struct streaminfo *a_stream)
{ {
struct user_defined_attribute_label *uda_label=(struct user_defined_attribute_label *)tsg_get_xxx_from_bridge(a_stream, _instance->bridge_id[LOG_BRIDGE_APP_LUA_RESULT]); struct user_defined_attribute *uda_label=(struct user_defined_attribute *)session_lua_user_defined_attribute_get(a_stream);
if(uda_label!=NULL) if(uda_label!=NULL)
{ {
Value array(kArrayType); Value array(kArrayType);
for(int i=0; i<uda_label->attribute_num; i++) for(int i=0; i<uda_label->n_akv; i++)
{ {
Value object(kObjectType); Value object(kObjectType);
switch(uda_label->attribute[i].type) switch(uda_label->akv[i].type)
{ {
case ATTRIBUTE_TYPE_BOOL: case LUA_ATTRIBUTE_TYPE_BOOL:
case ATTRIBUTE_TYPE_NUMERIC: case LUA_ATTRIBUTE_TYPE_NUMERIC:
add_number_member(_handle, &object, uda_label->attribute[i].name, uda_label->attribute[i].number); add_number_member(_handle, &object, uda_label->akv[i].name, uda_label->akv[i].number);
break; break;
case ATTRIBUTE_TYPE_IP: case LUA_ATTRIBUTE_TYPE_IP:
case ATTRIBUTE_TYPE_STRING: case LUA_ATTRIBUTE_TYPE_STRING:
add_str_member(_handle, &object, uda_label->attribute[i].name, uda_label->attribute[i].string); add_str_member(_handle, &object, uda_label->akv[i].name, uda_label->akv[i].string);
break; break;
default: default:
continue; continue;
@@ -1726,7 +1701,7 @@ int set_lua_scripts_result(struct tsg_log_instance_t *_instance, struct TLD_hand
return 0; return 0;
} }
int TLD_append_streaminfo(struct tsg_log_instance_t *instance, struct TLD_handle_t *handle, struct streaminfo *a_stream) int TLD_append_streaminfo(struct tsg_log_instance_t *instance, struct TLD_handle_t *handle, const struct streaminfo *a_stream)
{ {
if(instance==NULL || handle==NULL || a_stream==NULL) if(instance==NULL || handle==NULL || a_stream==NULL)
{ {
@@ -1762,7 +1737,7 @@ int TLD_append_streaminfo(struct tsg_log_instance_t *instance, struct TLD_handle
set_common_tunnels(_instance, _handle, a_stream); set_common_tunnels(_instance, _handle, a_stream);
} }
unsigned long long stream_id=tsg_get_stream_id(a_stream); unsigned long long stream_id=tsg_get_stream_trace_id(a_stream);
char stream_id_buff[128]={0}; char stream_id_buff[128]={0};
snprintf(stream_id_buff, sizeof(stream_id_buff), "%llu", stream_id); snprintf(stream_id_buff, sizeof(stream_id_buff), "%llu", stream_id);
TLD_append(_handle, _instance->id2field[LOG_COMMON_STREAM_TRACE_ID].name, (void *)stream_id_buff, TLD_TYPE_STRING); TLD_append(_handle, _instance->id2field[LOG_COMMON_STREAM_TRACE_ID].name, (void *)stream_id_buff, TLD_TYPE_STRING);
@@ -1773,7 +1748,7 @@ int TLD_append_streaminfo(struct tsg_log_instance_t *instance, struct TLD_handle
return 0; return 0;
} }
int load_log_common_field(const char *filename, id2field_t *id2field, struct topic_stat **service2topic, int *max_service) int log_common_fields_new(const char *filename, id2field_t *id2field, struct topic_stat **service2topic, int *max_service)
{ {
int i=0,flag=0; int i=0,flag=0;
int ret=0,id=0; int ret=0,id=0;
@@ -1881,7 +1856,6 @@ struct tsg_log_instance_t *tsg_sendlog_init(const char *conffile, screen_stat_ha
char override_sled_ip[32]={0}; char override_sled_ip[32]={0};
char kafka_errstr[1024]={0}; char kafka_errstr[1024]={0};
unsigned int local_ip_nr=0; unsigned int local_ip_nr=0;
char bridge_name[LOG_BRIDGE_MAX][128]={0};
rd_kafka_conf_t *rdkafka_conf = NULL; rd_kafka_conf_t *rdkafka_conf = NULL;
char broker_list[1024]={0}; char broker_list[1024]={0};
struct tsg_log_instance_t *_instance=NULL; struct tsg_log_instance_t *_instance=NULL;
@@ -1916,24 +1890,6 @@ struct tsg_log_instance_t *tsg_sendlog_init(const char *conffile, screen_stat_ha
MESA_load_profile_int_def(conffile, "TSG_LOG", "VSYSTEM_ID", &(_instance->vsystem_id), 1); MESA_load_profile_int_def(conffile, "TSG_LOG", "VSYSTEM_ID", &(_instance->vsystem_id), 1);
MESA_load_profile_int_def(conffile, "SYSTEM","UNKNOWN_APP_ID", &_instance->unknown_app_id, 4); MESA_load_profile_int_def(conffile, "SYSTEM","UNKNOWN_APP_ID", &_instance->unknown_app_id, 4);
MESA_load_profile_string_def(conffile, "TSG_LOG", "LINKINFO_FROM_MAC", bridge_name[LOG_BRIDGE_MAC_LINKINFO], sizeof(bridge_name[LOG_BRIDGE_MAC_LINKINFO]), "mirror_linkinfo_from_mac");
MESA_load_profile_string_def(conffile, "TSG_LOG", "NAT_C2S_LINKINFO", bridge_name[LOG_BRIDGE_NAT_C2S_LINKINFO], sizeof(bridge_name[LOG_BRIDGE_NAT_C2S_LINKINFO]), "common_link_info_c2s");
MESA_load_profile_string_def(conffile, "TSG_LOG", "NAT_S2C_LINKINFO", bridge_name[LOG_BRIDGE_NAT_S2C_LINKINFO], sizeof(bridge_name[LOG_BRIDGE_NAT_S2C_LINKINFO]), "common_link_info_s2c");
MESA_load_profile_string_def(conffile, "TSG_LOG", "APP_LUA_SCRIPTS_BRIDGE_NAME", bridge_name[LOG_BRIDGE_APP_LUA_RESULT], sizeof(bridge_name[LOG_BRIDGE_APP_LUA_RESULT]), "LUA_USER_DEFINED_ATTRIBUTE");
MESA_load_profile_string_def(conffile, "TSG_LOG", "BUSINESS_S3_FILENAME", bridge_name[LOG_BRIDGE_BUSINESS_S3_FILENAME], sizeof(bridge_name[LOG_BRIDGE_BUSINESS_S3_FILENAME]), "TSG_BUSINESS_S3_FILENAME");
MESA_load_profile_string_def(conffile, "SYSTEM", "APP_BEHAVIOR_BRIDGE_NAME", bridge_name[LOG_BRIDGE_APP_BEHAVIOR_RESULT], sizeof(bridge_name[LOG_BRIDGE_APP_BEHAVIOR_RESULT]), "TSG_APPLICATION_BEHAVIOR");
MESA_load_profile_string_def(conffile, "SYSTEM", "NOTIFY_EXEC_RESULT_BRIDGE_NAME", bridge_name[LOG_BRIDGE_CONN_SKETCH_EXEC_RESULT], sizeof(bridge_name[LOG_BRIDGE_CONN_SKETCH_EXEC_RESULT]), "TSG_NOTIFICATION_EXECUTION_RESULT");
MESA_load_profile_string_def(conffile, "SYSTEM", "NOTIFY_ASYNC_FLAGS_BRIDGE_NAME", bridge_name[LOG_BRIDGE_ASYNC_SESSION_FLAGS], sizeof(bridge_name[LOG_BRIDGE_ASYNC_SESSION_FLAGS]), "SESSION_FLAGS_ASYNC_NOTIFY_DATA");
for(int i=0; i<LOG_BRIDGE_MAX; i++)
{
_instance->bridge_id[i]=stream_bridge_build(bridge_name[i], "w");
if(_instance->bridge_id[i]<0)
{
MESA_handle_runtime_log(g_tsg_para.logger, RLOG_LV_FATAL, "LINKINFO_FROM_MAC", "stream_bridge_build is error, bridge_name: %s", bridge_name[i]);
}
}
_instance->logger=MESA_create_runtime_log_handle(log_path, _instance->level); _instance->logger=MESA_create_runtime_log_handle(log_path, _instance->level);
if(_instance->logger==NULL) if(_instance->logger==NULL)
{ {
@@ -2020,7 +1976,7 @@ struct tsg_log_instance_t *tsg_sendlog_init(const char *conffile, screen_stat_ha
return NULL; return NULL;
} }
load_log_common_field(common_field_file, _instance->id2field, &(_instance->service2topic), &(_instance->max_service)); log_common_fields_new(common_field_file, _instance->id2field, &(_instance->service2topic), &(_instance->max_service));
if(_instance->service2topic!=NULL) if(_instance->service2topic!=NULL)
{ {
@@ -2030,16 +1986,11 @@ struct tsg_log_instance_t *tsg_sendlog_init(const char *conffile, screen_stat_ha
{ {
register_topic(_instance, &( _instance->service2topic[i])); register_topic(_instance, &( _instance->service2topic[i]));
} }
if(i==1)
{
memcpy(&(_instance->service2topic[i]), &(_instance->service2topic[0]), sizeof(struct topic_stat)); // service id of security event is 0 and 1
}
} }
} }
else else
{ {
MESA_handle_runtime_log(_instance->logger, RLOG_LV_FATAL, "KAFKA_INIT", "load_log_common_field is error, please check %s", common_field_file); MESA_handle_runtime_log(_instance->logger, RLOG_LV_FATAL, "KAFKA_INIT", "log_common_fields_new is error, please check %s", common_field_file);
} }
return _instance; return _instance;
@@ -2091,71 +2042,75 @@ void tsg_sendlog_destroy(struct tsg_log_instance_t * instance)
free(instance); free(instance);
instance=NULL; instance=NULL;
/*
int ret=0,count=0;
while(1)
{
ret=rd_kafka_wait_destroyed(1000);
if(ret==0)
{
break;
}
count++;
}
*/
return ; return ;
} }
int send_log(struct tsg_log_instance_t *_instance, struct TLD_handle_t *_handle, struct streaminfo *a_stream, struct Maat_rule_t *p_result, int p_result_num, int thread_id) int send_log_by_type(struct tsg_log_instance_t *_instance, struct TLD_handle_t *_handle, const struct streaminfo *a_stream, LOG_TYPE log_type, int thread_id)
{ {
int fs_id=0,ret=0,repeat_cnt=0; int ret=update_percent(_instance, log_type, LOG_COLUMN_STATUS_DROP, thread_id);
int policy_id[MAX_RESULT_NUM]={0}; if(ret==1)
{
MESA_handle_runtime_log(_instance->logger, RLOG_LV_DEBUG,
"record_log",
"drop log: log_type=%d send_log_percent: %d addr=%s",
log_type,
_instance->service2topic[log_type].send_log_percent[thread_id],
(a_stream==NULL ? "" : PRINTADDR(a_stream,_instance->level))
);
}
StringBuffer sb(0, 2048);
Writer<StringBuffer> writer(sb);
_handle->document->Accept(writer);
tsg_send_payload(_instance, log_type, (char *)sb.GetString(), sb.GetSize(), thread_id);
if(g_tsg_para.session_record_switch==0 && (p_result[0].service_id==2 || p_result[0].service_id==6 || p_result[0].service_id==7))
{
return 0; return 0;
} }
for(int i=0;i<p_result_num; i++) int send_security_event_log(struct tsg_log_instance_t *_instance, struct TLD_handle_t *_handle, const struct streaminfo *a_stream, struct maat_rule *rules, size_t n_rules, int thread_id)
{ {
if(is_multi_hit_same_policy(&(p_result[i]), policy_id, &repeat_cnt)) int fs_id=0,repeat_cnt=0;
int policy_id[MAX_RESULT_NUM]={0};
for(size_t i=0;i<n_rules; i++)
{
if(is_multi_hit_same_policy(&(rules[i]), policy_id, &repeat_cnt))
{ {
MESA_handle_runtime_log(_instance->logger, RLOG_LV_DEBUG, MESA_handle_runtime_log(_instance->logger, RLOG_LV_DEBUG,
"TSG_SEND_LOG", "tsg_send_log",
"tsg same log:cfg_id=%d service=%d addr=%s", "tsg same log:cfg_id=%d service=%d addr=%s",
p_result[i].config_id, rules[i].rule_id,
p_result[i].service_id, rules[i].service_id,
(a_stream==NULL ? "" : PRINTADDR(a_stream,_instance->level)) (a_stream==NULL ? "" : PRINTADDR(a_stream,_instance->level))
); );
continue; continue;
} }
switch(p_result[i].do_log) switch(rules[i].do_log)
{ {
case LOG_ABORT: case LOG_ABORT:
MESA_handle_runtime_log(_instance->logger, RLOG_LV_DEBUG, MESA_handle_runtime_log(_instance->logger, RLOG_LV_DEBUG,
"TSG_SEND_LOG", "tsg_send_log",
"tsg abort log:cfg_id=%d service=%d addr=%s", "tsg abort log:cfg_id=%d service=%d addr=%s",
p_result[i].config_id, rules[i].rule_id,
p_result[i].service_id, rules[i].service_id,
(a_stream==NULL ? "" : PRINTADDR(a_stream,_instance->level)) (a_stream==NULL ? "" : PRINTADDR(a_stream,_instance->level))
); );
fs_id=action2fs_id((int)p_result[i].action); fs_id=action2fs_id((int)rules[i].action);
FS_operate(_instance->fs2_handle, _instance->fs2_field_id[fs_id], 0, FS_OP_ADD, 1); FS_operate(_instance->fs2_handle, _instance->fs2_field_id[fs_id], 0, FS_OP_ADD, 1);
continue; continue;
break; break;
case LOG_ALL: case LOG_ALL:
if(p_result[i].action==TSG_ACTION_MONITOR) if(rules[i].action==TSG_ACTION_MONITOR)
{ {
set_s3_filename(_instance, _handle, a_stream); set_s3_filename(_instance, _handle, a_stream);
set_mail_eml(_instance, _handle, a_stream); set_mail_eml(_instance, _handle, a_stream);
} }
break; break;
case LOG_NOFILE: case LOG_NOFILE:
if(p_result[i].action==TSG_ACTION_MONITOR) if(rules[i].action==TSG_ACTION_MONITOR)
{ {
TLD_delete(_handle, _instance->id2field[LOG_COMMON_MAIL_EML_FILE].name); TLD_delete(_handle, _instance->id2field[LOG_COMMON_MAIL_EML_FILE].name);
TLD_delete(_handle, _instance->id2field[LOG_COMMON_HTTP_REQUEST_S3_FILE].name); TLD_delete(_handle, _instance->id2field[LOG_COMMON_HTTP_REQUEST_S3_FILE].name);
@@ -2166,39 +2121,15 @@ int send_log(struct tsg_log_instance_t *_instance, struct TLD_handle_t *_handle,
break; break;
} }
ret=update_percent(_instance, p_result[i].service_id, LOG_COLUMN_STATUS_DROP, thread_id); TLD_append(_handle, _instance->id2field[LOG_COMMON_POLICY_ID].name, (void *)(long)(rules[i].rule_id), TLD_TYPE_LONG);
if(ret==1) TLD_append(_handle, _instance->id2field[LOG_COMMON_SERVICE].name, (void *)(long)(rules[i].service_id), TLD_TYPE_LONG);
{ TLD_append(_handle, _instance->id2field[LOG_COMMON_ACTION].name, (void *)(long)((unsigned char)rules[i].action), TLD_TYPE_LONG);
MESA_handle_runtime_log(_instance->logger, RLOG_LV_DEBUG,
"TSG_SEND_LOG",
"tsg drop log:cfg_id=%d service=%d send_log_percent: %d addr=%s",
p_result[i].config_id,
p_result[i].service_id,
_instance->service2topic[p_result[i].service_id].send_log_percent[thread_id],
(a_stream==NULL ? "" : PRINTADDR(a_stream,_instance->level))
);
continue;
}
TLD_append(_handle, _instance->id2field[LOG_COMMON_POLICY_ID].name, (void *)(long)(p_result[i].config_id), TLD_TYPE_LONG); set_policy_action_para_exec_result(_instance, _handle, a_stream, &(rules[i]));
TLD_append(_handle, _instance->id2field[LOG_COMMON_SERVICE].name, (void *)(long)(p_result[i].service_id), TLD_TYPE_LONG);
TLD_append(_handle, _instance->id2field[LOG_COMMON_ACTION].name, (void *)(long)((unsigned char)p_result[i].action), TLD_TYPE_LONG);
set_notify_execution_result(_instance, _handle, a_stream, &(p_result[i])); set_xxxx_from_user_region(_handle, _instance, &(rules[i]), thread_id);
if(_instance->send_nat_linkinfo &&p_result[i].config_id==0 && a_stream!=NULL) send_log_by_type(_instance, _handle, a_stream, LOG_TYPE_SECURITY_EVENT, thread_id);
{
set_nat_linkinfo(_instance, _handle, a_stream, _instance->id2field[LOG_COMMON_LINK_INFO_C2S].name, _instance->bridge_id[LOG_BRIDGE_NAT_C2S_LINKINFO]);
set_nat_linkinfo(_instance, _handle, a_stream, _instance->id2field[LOG_COMMON_LINK_INFO_S2C].name, _instance->bridge_id[LOG_BRIDGE_NAT_S2C_LINKINFO]);
}
set_xxxx_from_user_region(_handle, _instance, &(p_result[i]), thread_id);
StringBuffer sb(0, 2048);
Writer<StringBuffer> writer(sb);
_handle->document->Accept(writer);
tsg_send_payload(_instance, p_result[i].service_id, (char *)sb.GetString(), sb.GetSize(), thread_id);
TLD_delete(_handle, _instance->id2field[LOG_COMMON_POLICY_ID].name); TLD_delete(_handle, _instance->id2field[LOG_COMMON_POLICY_ID].name);
TLD_delete(_handle, _instance->id2field[LOG_COMMON_SERVICE].name); TLD_delete(_handle, _instance->id2field[LOG_COMMON_SERVICE].name);
@@ -2209,14 +2140,14 @@ int send_log(struct tsg_log_instance_t *_instance, struct TLD_handle_t *_handle,
return 0; return 0;
} }
int tsg_send_log(struct tsg_log_instance_t *instance, struct TLD_handle_t *handle, tsg_log_t *log_msg, int thread_id) int tsg_send_log(struct tsg_log_instance_t *instance, struct TLD_handle_t *handle, const struct streaminfo *a_stream, enum LOG_TYPE log_type, struct maat_rule *rules, size_t n_rules, int thread_id)
{ {
if(instance==NULL || handle==NULL || log_msg==NULL) if(instance==NULL || handle==NULL || rules==NULL || n_rules==0)
{ {
TLD_cancel(handle); TLD_cancel(handle);
if(instance!=NULL) if(instance!=NULL)
{ {
MESA_handle_runtime_log(instance->logger, RLOG_LV_DEBUG, "TSG_SEND_LOG", " instance==NULL || TLD_handle==NULL || log_msg==NULL "); MESA_handle_runtime_log(instance->logger, RLOG_LV_DEBUG, "tsg_send_log", " instance==NULL || TLD_handle==NULL || log_msg==NULL ");
} }
return -1; return -1;
} }
@@ -2228,51 +2159,61 @@ int tsg_send_log(struct tsg_log_instance_t *instance, struct TLD_handle_t *handl
{ {
TLD_cancel(handle); TLD_cancel(handle);
FS_operate(_instance->fs2_handle, _instance->sum_line_id, _instance->fs2_field_id[LOG_COLUMN_STATUS_DROP], FS_OP_ADD, 1); FS_operate(_instance->fs2_handle, _instance->sum_line_id, _instance->fs2_field_id[LOG_COLUMN_STATUS_DROP], FS_OP_ADD, 1);
MESA_handle_runtime_log(_instance->logger, RLOG_LV_INFO, "TSG_SEND_LOG", "Disable tsg_send_log."); MESA_handle_runtime_log(_instance->logger, RLOG_LV_INFO, "tsg_send_log", "Disable tsg_send_log.");
return 0; return 0;
} }
TLD_append_streaminfo(instance, handle, log_msg->a_stream); TLD_append_streaminfo(instance, handle, a_stream);
TLD_append(_handle, _instance->id2field[LOG_COMMON_SLED_IP].name, (void *)(_instance->local_ip_str), TLD_TYPE_STRING); TLD_append(_handle, _instance->id2field[LOG_COMMON_SLED_IP].name, (void *)(_instance->local_ip_str), TLD_TYPE_STRING);
if(strlen(g_tsg_para.device_sn)>0) if(strlen(g_tsg_para.device_sn)>0)
{ {
TLD_append(_handle, _instance->id2field[LOG_COMMON_DEVICE_ID].name, (void *)(g_tsg_para.device_sn), TLD_TYPE_STRING); TLD_append(_handle, _instance->id2field[LOG_COMMON_DEVICE_ID].name, (void *)(g_tsg_para.device_sn), TLD_TYPE_STRING);
} }
if(strlen(g_tsg_para.data_center)>0 && _instance->send_data_center==1) TLD_append(_handle, _instance->id2field[LOG_COMMON_DATA_CENTER].name, (void *)tsg_data_center_get(), TLD_TYPE_STRING);
{ TLD_append(_handle, _instance->id2field[LOG_COMMON_DEVICE_TAG].name, (void *)tsg_device_tag_get(), TLD_TYPE_STRING);
TLD_append(_handle, _instance->id2field[LOG_COMMON_DATA_CENTER].name, (void *)(g_tsg_para.data_center), TLD_TYPE_STRING);
}
if(strlen(g_tsg_para.device_tag)>0)
{
TLD_append(_handle, _instance->id2field[LOG_COMMON_DEVICE_TAG].name, (void *)(g_tsg_para.device_tag), TLD_TYPE_STRING);
}
TLD_append(_handle, _instance->id2field[LOG_COMMON_TRAFFIC_VSYSTEM_ID].name, (void *)(long)_instance->vsystem_id, TLD_TYPE_LONG); TLD_append(_handle, _instance->id2field[LOG_COMMON_TRAFFIC_VSYSTEM_ID].name, (void *)(long)_instance->vsystem_id, TLD_TYPE_LONG);
set_application_behavior(_instance, _handle, log_msg->a_stream); set_application_behavior(_instance, _handle, a_stream);
if((log_msg->result[0].service_id==2 || log_msg->result[0].service_id==6 || log_msg->result[0].service_id==7) && log_msg->a_stream!=NULL) // stream of intercept is NULL struct matched_policy_rules *matched_security_rules=NULL;
{
set_shaping_rule_ids(_instance, _handle, log_msg->a_stream);
}
send_log(_instance, _handle, log_msg->a_stream, log_msg->result, log_msg->result_num, thread_id); switch(log_type)
//fetch firewall result
if(log_msg->result[0].service_id==2 || log_msg->result[0].service_id==7)
{ {
struct policy_priority_label *priority_label=(struct policy_priority_label *)tsg_get_xxx_from_bridge(log_msg->a_stream, g_tsg_para.bridge[BRIDGE_TYPE_POLICY_PRIORITY].id); case LOG_TYPE_SECURITY_EVENT:
if(priority_label!=NULL && priority_label->security_result_num>0) send_security_event_log(_instance, _handle, a_stream, rules, n_rules, thread_id);
break;
case LOG_TYPE_SESSION_RECORD:
case LOG_TYPE_TRANSACTION_RECORD:
matched_security_rules=(struct matched_policy_rules *)session_matched_rules_get(a_stream, TSG_SERVICE_SECURITY);
if(matched_security_rules!=NULL && matched_security_rules->n_rules>0)
{ {
if(priority_label->security_result[0].action!=TSG_ACTION_INTERCEPT) if(matched_security_rules->rules[0].action!=TSG_ACTION_INTERCEPT)
{ {
send_log(_instance, _handle, log_msg->a_stream, priority_label->security_result, priority_label->security_result_num, thread_id); send_security_event_log(_instance, _handle, a_stream, matched_security_rules->rules, matched_security_rules->n_rules, thread_id);
free_policy_label(log_msg->a_stream, g_tsg_para.bridge[BRIDGE_TYPE_POLICY_PRIORITY].id, (void *)priority_label); session_matched_rules_free(a_stream, TSG_SERVICE_SECURITY, (void *)matched_security_rules);
tsg_set_xxx_to_bridge(log_msg->a_stream, g_tsg_para.bridge[BRIDGE_TYPE_POLICY_PRIORITY].id, NULL); session_matched_rules_async(a_stream, TSG_SERVICE_SECURITY, NULL);
} }
} }
// no break;
case LOG_TYPE_INTERIM_SESSION_RECORD:
if(tsg_session_record_switch_get()==0)
{
break;
}
set_shaping_rule_ids(_instance, _handle, a_stream);
set_nat_linkinfo(_instance, _handle, a_stream);
send_log_by_type(_instance, _handle, a_stream, log_type, thread_id);
break;
case LOG_TYPE_BGP_RECORD:
case LOG_TYPE_VOIP_RECORD:
case LOG_TYPE_GTPC_RECORD:
case LOG_TYPE_INTERNAL_RTP_RECORD:
send_log_by_type(_instance, _handle, a_stream, log_type, thread_id);
break;
default:
TLD_cancel(handle);
return 0;
} }
TLD_cancel(handle); TLD_cancel(handle);
@@ -2313,7 +2254,7 @@ int tsg_send_payload(struct tsg_log_instance_t *instance, int topic_id, char *pa
{ {
MESA_handle_runtime_log(_instance->logger, MESA_handle_runtime_log(_instance->logger,
RLOG_LV_INFO, RLOG_LV_INFO,
"TSG_SEND_LOG", "tsg_send_log",
"tsg_send_log to kafka is error (payload==NULL || payload_len<=0 || topic_id<0 || _instance->service2topic[topic_id].topic_rkt==NULL), topic: %s", "tsg_send_log to kafka is error (payload==NULL || payload_len<=0 || topic_id<0 || _instance->service2topic[topic_id].topic_rkt==NULL), topic: %s",
_instance->service2topic[topic_id].name _instance->service2topic[topic_id].name
); );
@@ -2327,7 +2268,7 @@ int tsg_send_payload(struct tsg_log_instance_t *instance, int topic_id, char *pa
MESA_handle_runtime_log(_instance->logger, MESA_handle_runtime_log(_instance->logger,
RLOG_LV_INFO, RLOG_LV_INFO,
"TSG_SEND_LOG", "tsg_send_log",
"tsg_send_log to kafka is error of code: %d %s(%s), status: %d, topic: %s %s", "tsg_send_log to kafka is error of code: %d %s(%s), status: %d, topic: %s %s",
rd_kafka_last_error(), rd_kafka_last_error(),
rd_kafka_err2name(rd_kafka_last_error()), rd_kafka_err2name(rd_kafka_last_error()),
@@ -2343,7 +2284,7 @@ int tsg_send_payload(struct tsg_log_instance_t *instance, int topic_id, char *pa
update_percent(_instance, topic_id, LOG_COLUMN_STATUS_SUCCESS, thread_id); update_percent(_instance, topic_id, LOG_COLUMN_STATUS_SUCCESS, thread_id);
MESA_handle_runtime_log(_instance->logger, MESA_handle_runtime_log(_instance->logger,
RLOG_LV_DEBUG, RLOG_LV_DEBUG,
"TSG_SEND_LOG", "tsg_send_log",
"log send successfully %s: %s", "log send successfully %s: %s",
_instance->service2topic[topic_id].name, _instance->service2topic[topic_id].name,
payload payload

29
src/tsg_send_log_internal.h
View File

@@ -1,5 +1,4 @@
#ifndef __TSG_SEND_LOG_INTERNAL_H__ #pragma once
#define __TSG_SEND_LOG_INTERNAL_H__
#include <MESA/field_stat2.h> #include <MESA/field_stat2.h>
@@ -16,14 +15,14 @@
#define MAX_STRING_LEN32 32 #define MAX_STRING_LEN32 32
#endif #endif
enum _SEND_MODE enum SEND_MODE
{ {
CLOSE=0, CLOSE=0,
KAFKA=1, KAFKA=1,
}; };
typedef enum _tsg_log_field_id enum LOG_FIELD_ID
{ {
LOG_COMMON_POLICY_ID=1, LOG_COMMON_POLICY_ID=1,
LOG_COMMON_SERVICE, LOG_COMMON_SERVICE,
@@ -140,7 +139,7 @@ typedef enum _tsg_log_field_id
LOG_COMMON_SHAPING_RULE_IDS, LOG_COMMON_SHAPING_RULE_IDS,
LOG_COMMON_FLAGS_IDENTIFY_INFO, LOG_COMMON_FLAGS_IDENTIFY_INFO,
LOG_COMMON_MAX LOG_COMMON_MAX
}tsg_log_field_id_t; };
enum LOG_COLUMN_STATUS enum LOG_COLUMN_STATUS
{ {
@@ -168,20 +167,6 @@ enum LOG_FS2_TYPE{
LOG_FS2_TYPE_MAX LOG_FS2_TYPE_MAX
}; };
enum LOG_BRIDGE
{
LOG_BRIDGE_MAC_LINKINFO=0,
LOG_BRIDGE_NAT_C2S_LINKINFO,
LOG_BRIDGE_NAT_S2C_LINKINFO,
LOG_BRIDGE_APP_LUA_RESULT,
LOG_BRIDGE_BUSINESS_S3_FILENAME,
LOG_BRIDGE_APP_BEHAVIOR_RESULT,
LOG_BRIDGE_CONN_SKETCH_EXEC_RESULT,
LOG_BRIDGE_ASYNC_SESSION_FLAGS,
LOG_BRIDGE_MAX
};
typedef struct _id2field typedef struct _id2field
{ {
int type; int type;
@@ -213,11 +198,9 @@ struct tsg_log_instance_t
int send_data_center; int send_data_center;
int recovery_interval; int recovery_interval;
int rapidjson_chunk_capacity; int rapidjson_chunk_capacity;
int session_attribute_project_id;
int tcp_flow_project_id; int tcp_flow_project_id;
int udp_flow_project_id; int udp_flow_project_id;
int sum_line_id; int sum_line_id;
int bridge_id[LOG_BRIDGE_MAX];
int fs2_column_id[LOG_COLUMN_STATUS_MAX]; int fs2_column_id[LOG_COLUMN_STATUS_MAX];
int fs2_field_id[LOG_FS2_TYPE_MAX]; int fs2_field_id[LOG_FS2_TYPE_MAX];
char tcp_label[MAX_STRING_LEN32]; char tcp_label[MAX_STRING_LEN32];
@@ -235,9 +218,7 @@ struct tsg_log_instance_t
void *logger; void *logger;
}; };
char *log_field_id2name(struct tsg_log_instance_t *instance, tsg_log_field_id_t id); char *log_field_id2name(struct tsg_log_instance_t *instance, enum LOG_FIELD_ID id);
struct tsg_log_instance_t *tsg_sendlog_init(const char *conffile, screen_stat_handle_t fs2_handle); struct tsg_log_instance_t *tsg_sendlog_init(const char *conffile, screen_stat_handle_t fs2_handle);
void tsg_sendlog_destroy(struct tsg_log_instance_t * instance); void tsg_sendlog_destroy(struct tsg_log_instance_t * instance);
#endif

28
src/tsg_statistic.cpp
View File

@@ -11,7 +11,29 @@
#include "tsg_statistic.h" #include "tsg_statistic.h"
#include "tsg_send_log_internal.h" #include "tsg_send_log_internal.h"
tsg_statis_para_t g_tsg_statis_para; enum TRAFFIC_INFO_IDX
{
TRAFFIC_INFO_ALLOW=0,
TRAFFIC_INFO_DENY,
TRAFFIC_INFO_MONITOR,
TRAFFIC_INFO_INTERCEPT,
TRAFFIC_INFO_MAX
};
struct tsg_statistic
{
int cycle;
int fs_line_id;
int thread_alive;
pthread_t stat_thread_id;
int fs_field_id[STATIS_MAX];
long long statistic_opt[_OPT_TYPE_MAX];
struct _traffic_info *traffic_info[TSG_ACTION_MAX+1];
struct _traffic_info default_total_info;
screen_stat_handle_t fs2_handle;
};
struct tsg_statistic g_tsg_statis_para;
int tsg_set_statistic_opt(int value, enum _STATISTIC_OPT_TYPE type, int thread_seq) int tsg_set_statistic_opt(int value, enum _STATISTIC_OPT_TYPE type, int thread_seq)
{ {
@@ -31,7 +53,7 @@ int tsg_set_statistic_opt(int value, enum _STATISTIC_OPT_TYPE type, int thread_s
return 0; return 0;
} }
int tsg_set_intercept_flow(Maat_rule_t *p_result, struct _traffic_info *traffic_info, int thread_seq) int tsg_set_intercept_flow(struct maat_rule *p_result, struct _traffic_info *traffic_info, int thread_seq)
{ {
struct _traffic_info *_info=NULL; struct _traffic_info *_info=NULL;
@@ -49,7 +71,7 @@ int tsg_set_intercept_flow(Maat_rule_t *p_result, struct _traffic_info *traffic_
return 0; return 0;
} }
int tsg_set_policy_flow(struct streaminfo *a_stream, Maat_rule_t *p_result, int thread_seq) int tsg_set_policy_flow(const struct streaminfo *a_stream, struct maat_rule *p_result, int thread_seq)
{ {
unsigned long long value=0; unsigned long long value=0;
int value_len=sizeof(unsigned long long); int value_len=sizeof(unsigned long long);

18
src/tsg_sync_state.cpp
View File

@@ -3,6 +3,7 @@
#include <string.h> #include <string.h>
#include <MESA/cJSON.h> #include <MESA/cJSON.h>
#include "tsg_variable.h"
#include "tsg_sync_state.h" #include "tsg_sync_state.h"
#include "tsg_send_log.h" #include "tsg_send_log.h"
@@ -23,9 +24,9 @@ static int tsg_send_ctrl_pkt(const struct streaminfo *a_stream, cJSON *object)
} }
char *payload = NULL; char *payload = NULL;
uint64_t session_id = tsg_get_stream_id((struct streaminfo *)a_stream); uint64_t session_id = tsg_get_stream_trace_id((struct streaminfo *)a_stream);
// tsg_get_stream_id maybe return -1 // tsg_get_stream_trace_id maybe return -1
if (session_id && session_id != (uint64_t)-1) if (session_id && session_id != (uint64_t)-1)
{ {
char trace_id[128]={0}; char trace_id[128]={0};
@@ -107,7 +108,14 @@ int tsg_sync_policy_update(const struct streaminfo *a_stream, struct update_poli
for (int i = 0; i < policy_array_num; i++) for (int i = 0; i < policy_array_num; i++)
{ {
policy_arr = cJSON_CreateIntArray(policy_array[i].ids, policy_array[i].id_num); int tmp_ids[8]={0};
int n_tmp_ids=MIN(policy_array[i].n_ids, 8);
for(int j=0; j<n_tmp_ids; j++)
{
tmp_ids[j]=(int)(policy_array[i].ids[j]);
}
policy_arr = cJSON_CreateIntArray(tmp_ids, n_tmp_ids);
if (policy_arr == NULL || policy_array[i].type >= POLICY_UPDATE_MAX) if (policy_arr == NULL || policy_array[i].type >= POLICY_UPDATE_MAX)
{ {
cJSON_Delete(object); cJSON_Delete(object);
@@ -154,8 +162,8 @@ int tsg_recv_control_pkt(const struct streaminfo *a_stream, const void *payload,
params_object = cJSON_GetObjectItem(object, "params"); params_object = cJSON_GetObjectItem(object, "params");
sf_ids_array = cJSON_GetObjectItem(params_object, "sf_profile_ids"); sf_ids_array = cJSON_GetObjectItem(params_object, "sf_profile_ids");
result.sf_ids.id_num = cJSON_GetArraySize(sf_ids_array); result.sf_ids.n_ids = cJSON_GetArraySize(sf_ids_array);
for (int i = 0; i < result.sf_ids.id_num; i ++) for (int i = 0; i < result.sf_ids.n_ids; i ++)
{ {
result.sf_ids.ids[i] = cJSON_GetArrayItem(sf_ids_array, i)->valueint; result.sf_ids.ids[i] = cJSON_GetArrayItem(sf_ids_array, i)->valueint;
} }

9
src/tsg_sync_state.h
View File

@@ -1,5 +1,4 @@
#ifndef TSG_SESSION_STATE_H #pragma once
#define TSG_SESSION_STATE_H
#include <stdint.h> #include <stdint.h>
#include <MESA/stream.h> #include <MESA/stream.h>
@@ -14,8 +13,8 @@ enum policy_type
struct update_policy struct update_policy
{ {
enum policy_type type; enum policy_type type;
int id_num; int n_ids;
int ids[8]; long long ids[8];
}; };
// i don't need this // i don't need this
@@ -36,5 +35,3 @@ int tsg_sync_policy_update(const struct streaminfo *a_stream, struct update_poli
int tsg_recv_control_pkt(const struct streaminfo *a_stream, const void *payload, int payload_len); int tsg_recv_control_pkt(const struct streaminfo *a_stream, const void *payload, int payload_len);
#endif //TSG_SESSION_STATE_H

4
src/tsg_tamper.cpp
View File

@@ -36,11 +36,11 @@ int swap_payload2byte(char *str, int endlen)
{ {
char temp; char temp;
if(endlen<4){ //最少满足2个16bit的长度即最小4字节。 if(endlen<4){ //最少满<EFBFBD><EFBFBD>?<3F><>?6bit的长度即最<EFBFBD><EFBFBD>?字节<E5AD97><E88A82>?
return 0; return 0;
} }
//这样交换是别面校验和不对的问 //这样交换是别面校验和不对的问<EFBFBD><EFBFBD>?
for(int i=1; i<endlen; i=i+2){ for(int i=1; i<endlen; i=i+2){
for (int j=i+2; j<endlen; j=j+2){ for (int j=i+2; j<endlen; j=j+2){
if(str[i] != str[j]){ if(str[i] != str[j]){

85
src/tsg_variable.cpp Normal file
View File

@@ -0,0 +1,85 @@
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
#include "tsg_label.h"
#include "tsg_variable.h"
struct tsg_rt_para g_tsg_para;
struct id2field g_tsg_proto_name2id[PROTO_MAX]={{PROTO_UNKONWN, 0, "unknown"},
{PROTO_IPv4, 0, "IPV4"},
{PROTO_IPv6, 0, "IPV6"},
{PROTO_TCP, 0, "TCP"},
{PROTO_UDP, 0, "UDP"},
{PROTO_HTTP, 0, "HTTP"},
{PROTO_MAIL, 0, "MAIL"},
{PROTO_DNS, 0, "DNS"},
{PROTO_FTP, 0, "FTP"},
{PROTO_SSL, 0, "SSL"},
{PROTO_SIP, 0, "SIP"},
{PROTO_BGP, 0, "BGP"},
{PROTO_STREAMING_MEDIA, 0, "STREAMING_MEDIA"},
{PROTO_QUIC, 0, "QUIC"},
{PROTO_SSH, 0, "SSH"},
{PROTO_SMTP, 0, "SMTP"},
{PROTO_IMAP, 0, "IMAP"},
{PROTO_POP3, 0, "POP3"},
{PROTO_RTP, 0, "RTP"},
{PROTO_APP, 0, "BASE"},
{PROTO_L2TP, 0, "L2TP"},
{PROTO_PPTP, 0, "PPTP"},
{PROTO_STRATUM, 0, "Stratum"},
{PROTO_RDP, 0, "RDP"},
{PROTO_DTLS, 0, "DTLS"}
};
const char *tsg_l7_protocol_id2name(unsigned int l7_protocol_id)
{
struct l7_protocol *l7_proto=NULL;
HASH_FIND(hh1, g_tsg_para.name_by_id, &l7_protocol_id, sizeof(l7_protocol_id), l7_proto);
if(l7_proto!=NULL)
{
return (const char *)l7_proto->name;
}
return NULL;
}
unsigned int tsg_l7_protocol_name2id(const char *l7_protocol_name)
{
struct l7_protocol *l7_proto=NULL;
HASH_FIND(hh2, g_tsg_para.id_by_name, l7_protocol_name, strlen(l7_protocol_name), l7_proto);
if(l7_proto!=NULL)
{
return l7_proto->id;
}
return 0;
}
long long tsg_get_current_time_ms(void)
{
int size=sizeof(long long);
long long current_time_ms=0;
sapp_get_platform_opt(SPO_CURTIME_TIMET_MS, &current_time_ms, &size);
return current_time_ms;
}
unsigned long long tsg_get_stream_trace_id(const struct streaminfo * a_stream)
{
int ret=0;
int device_id_size=sizeof(unsigned long long);
unsigned long long device_id=(unsigned long long)g_tsg_para.device_seq_in_dc;
ret=MESA_get_stream_opt(a_stream, MSO_GLOBAL_STREAM_ID, (void *)&device_id, &device_id_size);
if(ret==0)
{
return device_id;
}
return -1;
}

105
src/tsg_variable.h
View File

@@ -1,5 +1,8 @@
#pragma once #pragma once
#include "uthash.h"
#include "tsg_bridge.h"
#include <MESA/stream.h> #include <MESA/stream.h>
#include <MESA/field_stat2.h> #include <MESA/field_stat2.h>
#include <ctemplate/template.h> #include <ctemplate/template.h>
@@ -72,54 +75,6 @@ enum DEPLOY_MODE
DEPLOY_MODE_MAX DEPLOY_MODE_MAX
}; };
enum MASTER_STATIC_TABLE
{
TABLE_SECURITY_COMPILE=0,
TABLE_IP_ADDR,
TABLE_SUBSCRIBER_ID,
TABLE_APP_ID,
TABLE_HTTP_HOST,
TABLE_SSL_SNI,
TABLE_EXCLUSION_SSL_SNI,
TABLE_SRC_ASN,
TABLE_DST_ASN,
TABLE_SRC_LOCATION,
TABLE_DST_LOCATION,
TABLE_ASN_USER_DEFINED,
TABLE_ASN_BUILT_IN,
TABLE_LOCATION_USER_DEFINED,
TABLE_LOCATION_BUILT_IN,
TABLE_QUIC_SNI,
TABLE_FQDN_CAT_ID,
TABLE_FQDN_CAT_USER_DEFINED,
TABLE_FQDN_CAT_BUILT_IN,
TABLE_APP_ID_DICT,
TABLE_SELECTOR_ID,
TABLE_SELECTOR_PROPERTIES,
TABLE_GTP_APN,
TABLE_GTP_IMSI,
TABLE_GTP_PHONE_NUMBER,
TABLE_RESPONSE_PAGES,
TABLE_DNS_PROFILE_RECORD,
TABLE_PROFILE_MIRROR,
TABLE_HTTP_URL,
TABLE_DTLS_SNI,
TABLE_TUNNEL_ID,
TABLE_TUNNEL_CATALOG,
TABLE_TUNNEL_ENDPOINT,
TABLE_TUNNEL_LABEL,
TABLE_SESSION_FLAGS,
TABLE_SESSION_LOG,
TABLE_MAX
};
enum MASTER_DYNAMIC_TABLE
{
DYN_TABLE_SUBSCRIBER_IP=0,
DYN_TABLE_GTP_SIGNALING,
DYN_TABLE_MAX
};
#ifndef MIN #ifndef MIN
#define MIN(a, b) (((a) < (b)) ? (a) : (b)) #define MIN(a, b) (((a) < (b)) ? (a) : (b))
#endif #endif
@@ -136,13 +91,6 @@ enum MASTER_DYNAMIC_TABLE
#define MAX_STRING_LEN32 32 #define MAX_STRING_LEN32 32
#endif #endif
struct id2field
{
int type;
int id;
char name[MAX_STRING_LEN32];
};
struct reset_argv struct reset_argv
{ {
int pkt_num; int pkt_num;
@@ -153,22 +101,23 @@ struct reset_argv
int remedy; int remedy;
}; };
#ifndef MAX_TABLE_NAME_LEN
#define MAX_TABLE_NAME_LEN 64
#endif
#ifndef MAX_STRING_LEN128 #ifndef MAX_STRING_LEN128
#define MAX_STRING_LEN128 128 #define MAX_STRING_LEN128 128
#endif #endif
typedef struct tsg_para struct id2field
{
int type;
int id;
char name[MAX_STRING_LEN32];
};
struct tsg_rt_para
{ {
int level; int level;
short mirror_switch; short mirror_switch;
unsigned short timeout; unsigned short timeout;
int dynamic_maat_switch; int dynamic_maat_switch;
int location_field_num;
int app_dict_field_num;
int device_seq_in_dc; int device_seq_in_dc;
int datacenter_id; int datacenter_id;
int scan_signaling_switch; int scan_signaling_switch;
@@ -178,31 +127,18 @@ typedef struct tsg_para
int feature_tamper; int feature_tamper;
int service_chaining_sid; int service_chaining_sid;
int shaping_sid; int shaping_sid;
int send_resetall;
enum DEPLOY_MODE deploy_mode; enum DEPLOY_MODE deploy_mode;
int scan_time_interval; int scan_time_interval;
int identify_app_max_pkt_num; int identify_app_max_pkt_num;
int unknown_app_id; int unknown_app_id;
int hit_path_switch; int proto_flag; //enum TSG_PROTOCOL
int session_record_switch;
int default_compile_id;
int table_id[TABLE_MAX];
int dyn_table_id[DYN_TABLE_MAX];
int session_attribute_project_id;
int proto_flag; //tsg_protocol_t
int fs2_field_id[TSG_FS2_MAX]; int fs2_field_id[TSG_FS2_MAX];
char device_sn[MAX_STRING_LEN128]; char device_sn[MAX_STRING_LEN128];
char log_path[MAX_STRING_LEN128]; char log_path[MAX_STRING_LEN128];
char device_id_command[MAX_STRING_LEN128]; char device_id_command[MAX_STRING_LEN128];
char data_center[MAX_STRING_LEN128];
char device_tag[MAX_STRING_LEN128];
char table_name[TABLE_MAX][MAX_TABLE_NAME_LEN];
char dyn_table_name[DYN_TABLE_MAX][MAX_TABLE_NAME_LEN];
struct bridge_info bridge[BRIDGE_TYPE_MAX];
int send_resetall;
void *logger; void *logger;
void *maat_logger;
struct reset_argv reset; struct reset_argv reset;
struct mirrored_vlan default_vlan;
screen_stat_handle_t fs2_handle; screen_stat_handle_t fs2_handle;
struct l7_protocol *name_by_id; struct l7_protocol *name_by_id;
struct l7_protocol *id_by_name; struct l7_protocol *id_by_name;
@@ -210,9 +146,18 @@ typedef struct tsg_para
ctemplate::Template *tpl_403,*tpl_404; ctemplate::Template *tpl_403,*tpl_404;
ctemplate::Template *tpl_200,*tpl_204; ctemplate::Template *tpl_200,*tpl_204;
ctemplate::Template *tpl_303; ctemplate::Template *tpl_303;
}g_tsg_para_t; };
extern g_tsg_para_t g_tsg_para; extern struct tsg_rt_para g_tsg_para;;
extern Maat_feather_t g_tsg_dynamic_maat_feather;
extern struct id2field g_tsg_proto_name2id[PROTO_MAX]; extern struct id2field g_tsg_proto_name2id[PROTO_MAX];
struct l7_protocol
{
int id; /* first key */
char name[32]; /* second key */
UT_hash_handle hh1; /* handle for first hash table */
UT_hash_handle hh2; /* handle for second hash table */
};
long long tsg_get_current_time_ms(void);

7
src/version.map
View File

@@ -8,6 +8,13 @@ global:
*tsg_free_gtp_signaling_field; *tsg_free_gtp_signaling_field;
*tsg_*; *tsg_*;
*TLD_*; *TLD_*;
*session_runtime_attribute_get*;
*srt_attribute*;
*session_runtime_process_context_async*;
*session_runtime_process_context_get*;
*srt_process_context_*;
*session_matched_rules_notify*;
*session_matched_rules_copy*;
*GIT*; *GIT*;
}; };
local: *; local: *;

1
test/bin/foreign_files/TSG_PROFILE_RESPONSE_PAGES.1 Normal file
View File

@@ -0,0 +1 @@
test1

1
test/bin/foreign_files/TSG_PROFILE_RESPONSE_PAGES.2 Normal file
View File

@@ -0,0 +1 @@
test2

217
test/bin/gtest_maat.json
View File

@@ -1,7 +1,7 @@
{ {
"compile_table": "TSG_SECURITY_COMPILE", "compile_table": "TSG_COMPILE",
"group2compile_table": "GROUP_COMPILE_RELATION", "group2compile_table": "TSG_GROUP_COMPILE_RELATION",
"group2group_table": "GROUP_GROUP_RELATION", "group2group_table": "TSG_GROUP_GROUP_RELATION",
"rules": [ "rules": [
{ {
"compile_id": 1, "compile_id": 1,
@@ -9,9 +9,10 @@
"action": 1, "action": 1,
"do_blacklist": 0, "do_blacklist": 0,
"do_log": 1, "do_log": 1,
"effective_rage": 0, "tags": "{}",
"user_region": "Virtual", "user_region": "{}",
"is_valid": "yes", "is_valid": "yes",
"evaluation_order": "2.111",
"groups": [ "groups": [
{ {
"group_name":"OBJ_DST_IP_ADDR", "group_name":"OBJ_DST_IP_ADDR",
@@ -23,12 +24,12 @@
"table_name": "TSG_OBJ_IP_ADDR", "table_name": "TSG_OBJ_IP_ADDR",
"table_content": { "table_content": {
"addr_type": "ipv4", "addr_type": "ipv4",
"saddr_format": "range", "addr_format": "range",
"src_ip1": "0.0.0.0", "ip1": "0.0.0.0",
"src_ip2": "255.255.255.255", "ip2": "255.255.255.255",
"sport_format": "range", "port_format": "range",
"src_port1": "0", "port1": "0",
"src_port2": "0", "port2": "0",
"protocol": 0, "protocol": 0,
"direction": "double" "direction": "double"
} }
@@ -43,9 +44,10 @@
"action": 16, "action": 16,
"do_blacklist": 0, "do_blacklist": 0,
"do_log": 1, "do_log": 1,
"effective_rage": 0, "tags": "{}",
"user_region": "{\"method\":\"rate_limit\",\"bps\":1024,\"packet_capture\":{\"enable\":1,\"capture_depth\":2000}}", "user_region": "{\"method\":\"rate_limit\",\"bps\":1024,\"packet_capture\":{\"enable\":1,\"capture_depth\":2000}}",
"is_valid": "yes", "is_valid": "yes",
"evaluation_order": "2.111",
"groups": [ "groups": [
{ {
"group_name": "OBJ_DST_IP_ADDR", "group_name": "OBJ_DST_IP_ADDR",
@@ -57,12 +59,12 @@
"table_name": "TSG_OBJ_IP_ADDR", "table_name": "TSG_OBJ_IP_ADDR",
"table_content": { "table_content": {
"addr_type": "ipv4", "addr_type": "ipv4",
"saddr_format": "range", "addr_format": "range",
"src_ip1": "0.0.0.0", "ip1": "0.0.0.0",
"src_ip2": "255.255.255.255", "ip2": "255.255.255.255",
"sport_format": "range", "format": "range",
"src_port1": "0", "port1": "0",
"src_port2": "0", "port2": "0",
"protocol": 0, "protocol": 0,
"direction": "double" "direction": "double"
} }
@@ -70,20 +72,185 @@
] ]
} }
] ]
},
{
"compile_id": 3,
"service": 0,
"action": 1,
"do_blacklist": 0,
"do_log": 1,
"tags": "{}",
"user_region": "{}",
"is_valid": "yes",
"evaluation_order": "0.0",
"groups": [
{
"not_flag": 0,
"clause_index": 0,
"virtual_table": "TSG_SECURITY_TUNNEL",
"regions": [
{
"table_name": "TSG_OBJ_TUNNEL_ID",
"table_type": "interval",
"table_content": {
"low_boundary": 900,
"up_boundary": 1003
}
}
]
}
]
},
{
"compile_id": 4,
"service": 0,
"action": 16,
"do_blacklist": 0,
"do_log": 1,
"tags": "{}",
"user_region": "{\"method\":\"rate_limit\",\"bps\":1024,\"packet_capture\":{\"enable\":1,\"capture_depth\":2000}}",
"is_valid": "yes",
"evaluation_order": "0.0",
"groups": [
{
"not_flag": 0,
"clause_index": 0,
"virtual_table": "TSG_SECURITY_TUNNEL",
"regions": [
{
"table_name": "TSG_OBJ_TUNNEL_ID",
"table_type": "interval",
"table_content": {
"low_boundary": 900,
"up_boundary": 1003
}
}
]
}
]
} }
], ],
"plugin_table": [ "plugin_table": [
{ {
"table_name": "APP_ID_DICT", "table_name": "APP_ID_DICT",
"table_content": [ "table_content": [
"4\tunknown\t0\tnull\tcategory\tsubcategory\ttechnology\trisk\tcharacteristics\tnull\tnull\t1\t0\t3600\t3600\t1800\t1800\t1", "67\thttp\t0\tnull\tnetworking\tinfrastructure\tnetwork-protocol\t3\tused-by-malware,vulnerability,widely-used\tnull\tnull\t{\"method\":\"drop\",\"after_n_packets\":0,\"send_icmp_unreachable\":1,\"send_tcp_reset\":1}\t0\t60\t120\t30\t30\t1",
"67\thttp\t0\tnull\tcategory\tsubcategory\ttechnology\trisk\tcharacteristics\tnull\tnull\t1\t0\t3600\t3600\t1800\t1800\t1", "68\thttps\t0\tnull\tnetworking\tinfrastructure\tnetwork-protocol\t3\tused-by-malware,vulnerability,widely-used\tnull\tnull\t{\"method\":\"rate_limit\",\"bps\":1000}\t0\t0\t0\t0\t0\t1",
"156\tqq\t0\tnull\tcategory\tsubcategory\ttechnology\trisk\tcharacteristics\tnull\tnull\t1\t0\t3600\t3600\t1800\t1800\t1", "4\tunknown\t0\tnull\tcategory\tsubcategory\ttechnology\trisk\tcharacteristics\tnull\tnull\tnull\t1\t3600\t3600\t1800\t1800\t1",
"336\tOPENVPN\t0\tnull\tcategory\tsubcategory\ttechnology\trisk\tcharacteristics\tnull\tnull\t1\t0\t3600\t3600\t1800\t1800\t1", "70\thttps\t1\tssl\tnetworking\tinfrastructure\tnetwork-protocol\t3\tused-by-malware,vulnerability,widely-used\tnull\tnull\t{\"method\":\"rate_limit\",\"bps\":1000}\t0\t0\t0\t0\t0\t1"
"199\tSSL\t0\tnull\tcategory\tsubcategory\ttechnology\trisk\tcharacteristics\tnull\tnull\t1\t0\t3600\t3600\t1800\t1800\t1", ]
"1241\tqq_web\t0\tnull\tcategory\tsubcategory\ttechnology\trisk\tcharacteristics\tnull\tnull\t1\t0\t3600\t3600\t1800\t1800\t1", },
"3145\tqq_r2\t0\tnull\tcategory\tsubcategory\ttechnology\trisk\tcharacteristics\tnull\tnull\t1\t0\t3600\t3600\t1800\t1800\t1" {
"table_name": "TSG_DYN_MOBILE_IDENTITY_APN_TEID",
"table_content": [
"1\t111039813\t460045157065560\t861440152009856\t111039813.cmiott.gxqli.mcto60g.com\t8626070583075127\t1",
"2\t111052899\t460045157053102\t861440152041083\t111052899.cmiott.wkctf.mcto60g.com\t8626070583008402\t1"
]
},
{
"table_name": "TSG_IP_ASN_BUILT_IN",
"table_content": [
]
},
{
"table_name": "TSG_IP_ASN_USER_DEFINED",
"table_content": [
]
},
{
"table_name": "TSG_IP_LOCATION_BUILT_IN",
"table_content": [
"6777621\t1819730\t4\t124.156.128.0\t124.156.191.255\t22.25\t114.1667\t50.0\ten\tAS\tAsia\tHK\tHong\\bKong\tOther\tOther\tOther\tRoad1\tAsia/Hong_Kong\t1",
"3716523\t1814992\t4\t192.168.50.1\t192.168.50.255\t34.7725\t113.7266\t50.0\ten\tAS\tAsia\tCN\tChina\tBeijing\tBeijing\tXin\\bXi\\bGang\tRoad1\tAsia/Shanghai\t1"
]
},
{
"table_name": "TSG_IP_LOCATION_USER_DEFINED",
"table_content": [
"371652\t181499\t4\t192.168.50.10\t192.168.50.255\t34.7725\t113.7266\t50.0\ten\tAS\tAsia\tCN\tChina\tBeijing\tBeijing\tHua\\bYan\\bBei\\bLi\tRoad1\tAsia/Shanghai\t1"
]
},
{
"table_name": "TSG_FQDN_CATEGORY_BUILT_IN",
"table_content": [
"106285681\t4\t106285681.201198.com\t1\t1",
"106285682\t5\t106285682.201198.com\t1\t1",
"106285688\t8\t106285688.201198.com\t1\t1",
"106285689\t9\t106285689.201198.com\t1\t1",
"106285690\t9\t106285689.201198.com\t1\t1",
"106285691\t10\t1106285683.201198.com\t1\t1"
]
},
{
"table_name": "TSG_FQDN_CATEGORY_USER_DEFINED",
"table_content": [
"1106285681\t4\t1106285681.201198.com\t1\t1",
"1106285682\t5\t1106285682.201198.com\t1\t1",
"1106285683\t6\t1106285683.201198.com\t1\t1",
"1106285684\t7\t1106285684.201198.com\t1\t1",
"1106285685\t7\t1106285684.201198.com\t1\t1"
]
},
{
"table_name": "TSG_TUNNEL_CATALOG",
"table_content": [
"977\t1.1.1.1-1.1.1.1\tGTP\t1367\t1",
"978\t1.1.1.1-1.1.1.1\tGTP\t1367&1605\t1"
]
},
{
"table_name": "TSG_TUNNEL_ENDPOINT",
"table_content": [
"989\t4\t192.50.0.0\t192.50.255.255\ttest\t1",
"990\t4\t192.50.0.0\t192.50.255.255\ttest\t1",
"991\t4\t192.40.128.0\t192.40.255.255\ttest\t1",
"992\t4\t192.40.0.0\t192.40.127.255\ttest\t1"
]
},
{
"table_name": "TSG_TUNNEL_LABEL",
"table_content": [
"15560\t15560\tVLAN_ID\t1",
"15561\t15561\tVLAN_ID\t1"
]
},
{
"table_name": "TSG_DYN_SUBSCRIBER_IP",
"table_content": [
"1299\t4\t192.168.56.28\ttest5628\t1",
"1300\t4\t192.168.56.27\ttest5627\t1"
]
},
{
"table_name": "TSG_PROFILE_DNS_RECORDS",
"table_content": [
"8119\teditTypeA\tA\t[{\"value\":\"1.1.1.1\",\"priority\":null},{\"value\":\"2.2.2.2\",\"priority\":null},{\"value\":\"3.3.3.3\",\"priority\":null}]\t1",
"7961\tFile\tAAAA\t[{\"value\":\"1030::C9B4:FF12:48AA:1A2B\",\"priority\":null},{\"value\":\"1030::C9B4:FF12:48AA:1A2C\",\"priority\":null}]\t1",
"7701\tTypeCNAME\tCNAME\t[{\"value\":\"www.facebook.com\",\"priority\":null},{\"value\":\"www.twitter.com\",\"priority\":null}]\t1"
]
},
{
"table_name": "TSG_PROFILE_RESPONSE_PAGES",
"table_content": [
"957\ttest-html-1\thtml\tforeign_files/TSG_PROFILE_RESPONSE_PAGES.1\t1",
"958\ttest-html-2\thtml\tforeign_files/TSG_PROFILE_RESPONSE_PAGES.2\t1"
]
},
{
"table_name": "TSG_PROFILE_TRAFFIC_MIRROR",
"table_content": [
"845\t168.50.28yinyong\t[3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34]\t1",
"123\ttesttesttesttesttesttesttesttesttesttesttesttesttesttesttesttesttesttesttesttesttesttesttesttesttesttesttesttesttesttesttesttest\t[66]\t1"
]
},
{
"table_name": "T_VSYS_INFO",
"table_content": [
"6\t1\t1"
] ]
} }
] ]
} }

17
test/src/CMakeLists.txt
View File

@@ -9,8 +9,17 @@ include_directories(${PROJECT_SOURCE_DIR}/src/)
add_definitions(-std=c++11) add_definitions(-std=c++11)
LINK_DIRECTORIES(/opt/MESA/lib) LINK_DIRECTORIES(/opt/MESA/lib)
#add_executable(gtest_rule ${PROJECT_SOURCE_DIR}/src/tsg_rule.cpp ${PROJECT_SOURCE_DIR}/src/tsg_bridge.cpp ${PROJECT_SOURCE_DIR}/src/tsg_leaky_bucket.cpp gtest_common.cpp gtest_rule.cpp) add_executable(gtest_rule ${PROJECT_SOURCE_DIR}/src/tsg_rule.cpp ${PROJECT_SOURCE_DIR}/src/tsg_variable.cpp gtest_common.cpp gtest_rule.cpp)
#target_link_libraries(gtest_rule gtest-static ctemplate-static cjson MESA_prof_load MESA_handle_logger MESA_jump_layer MESA_field_stat2 maatframe) target_link_libraries(gtest_rule gtest-static ctemplate-static cjson MESA_prof_load MESA_handle_logger maat4)
add_executable(gtest_bridge ${PROJECT_SOURCE_DIR}/src/tsg_bridge.cpp ${PROJECT_SOURCE_DIR}/src/tsg_protocol.cpp ${PROJECT_SOURCE_DIR}/src/tsg_variable.cpp gtest_common.cpp gtest_bridge.cpp)
target_link_libraries(gtest_bridge gtest-static ctemplate-static cjson MESA_prof_load MESA_handle_logger maat4)
add_executable(gtest_action ${PROJECT_SOURCE_DIR}/src/tsg_action.cpp ${PROJECT_SOURCE_DIR}/src/tsg_leaky_bucket.cpp ${PROJECT_SOURCE_DIR}/src/tsg_dns.cpp ${PROJECT_SOURCE_DIR}/src/tsg_icmp.cpp ${PROJECT_SOURCE_DIR}/src/tsg_tamper.cpp ${PROJECT_SOURCE_DIR}/src/tsg_variable.cpp gtest_common.cpp gtest_action.cpp)
target_link_libraries(gtest_action gtest-static ctemplate-static cjson MESA_prof_load MESA_handle_logger maat4 MESA_field_stat2)
add_executable(gtest_sendlog ${PROJECT_SOURCE_DIR}/src/tsg_send_log.cpp ${PROJECT_SOURCE_DIR}/src/tsg_variable.cpp gtest_common.cpp gtest_sendlog.cpp)
target_link_libraries(gtest_sendlog gtest-static ctemplate-static cjson MESA_prof_load MESA_handle_logger maat4 rdkafka MESA_field_stat2)
set(TSG_MASTER_SRC ${PROJECT_SOURCE_DIR}/src/tsg_entry.cpp set(TSG_MASTER_SRC ${PROJECT_SOURCE_DIR}/src/tsg_entry.cpp
${PROJECT_SOURCE_DIR}/src/tsg_rule.cpp ${PROJECT_SOURCE_DIR}/src/tsg_rule.cpp
@@ -26,10 +35,12 @@ set(TSG_MASTER_SRC ${PROJECT_SOURCE_DIR}/src/tsg_entry.cpp
${PROJECT_SOURCE_DIR}/src/tsg_tamper.cpp ${PROJECT_SOURCE_DIR}/src/tsg_tamper.cpp
${PROJECT_SOURCE_DIR}/src/tsg_bridge.cpp ${PROJECT_SOURCE_DIR}/src/tsg_bridge.cpp
${PROJECT_SOURCE_DIR}/src/tsg_sync_state.cpp ${PROJECT_SOURCE_DIR}/src/tsg_sync_state.cpp
${PROJECT_SOURCE_DIR}/src/tsg_variable.cpp
${PROJECT_SOURCE_DIR}/src/tsg_protocol.cpp
) )
add_executable(gtest_master ${TSG_MASTER_SRC} gtest_kafka.cpp gtest_common.cpp gtest_master.cpp) add_executable(gtest_master ${TSG_MASTER_SRC} gtest_kafka.cpp gtest_common.cpp gtest_master.cpp)
target_link_libraries(gtest_master gtest-static ctemplate-static cjson MESA_prof_load MESA_handle_logger MESA_jump_layer MESA_field_stat2 maatframe MESA_htable) target_link_libraries(gtest_master gtest-static ctemplate-static cjson MESA_prof_load MESA_handle_logger MESA_jump_layer MESA_field_stat2 maat4 MESA_htable)
add_executable(gtest_sync_session_state ${PROJECT_SOURCE_DIR}/src/tsg_sync_state.cpp gtest_common.cpp gtest_session_state.cpp) add_executable(gtest_sync_session_state ${PROJECT_SOURCE_DIR}/src/tsg_sync_state.cpp gtest_common.cpp gtest_session_state.cpp)
target_link_libraries(gtest_sync_session_state gtest-static cjson ctemplate-static) target_link_libraries(gtest_sync_session_state gtest-static cjson ctemplate-static)

111
test/src/gtest_action.cpp Normal file
View File

@@ -0,0 +1,111 @@
#include <stdio.h>
#include <string.h>
#include <unistd.h>
#include "tsg_rule.h"
#include "tsg_label.h"
#include "tsg_entry.h"
#include "tsg_variable.h"
#include "tsg_rule_internal.h"
#include "tsg_protocol_common.h"
#include <gtest/gtest.h>
struct maat *g_tsg_maat_feather;
const struct session_runtime_attribute *session_runtime_attribute_get(const struct streaminfo * a_stream)
{
return NULL;
}
void *matched_rule_cites_http_response_pages(struct maat *feather, long long profile_id)
{
return NULL;
}
void plugin_ex_data_http_response_pages_free(struct http_response_pages * response_pages)
{
}
void *matched_rule_cites_app_id_dict(struct maat *feather, long long app_id)
{
return NULL;
}
void plugin_ex_data_app_id_dict_free(struct app_id_dict * dict)
{
}
void *matched_rule_cites_security_compile(struct maat *feather, long long profile_id)
{
return NULL;
}
void plugin_ex_data_security_compile_free(struct maat_compile * maat_compile)
{
}
void *matched_rule_cites_dns_profile_record(struct maat *feather, long long profile_id)
{
return NULL;
}
void plugin_ex_data_dns_profile_record_free(struct dns_profile_records * records)
{
}
int session_runtime_action_context_async(const struct streaminfo * a_stream, void * data)
{
return 0;
}
int srt_attribute_set_reponse_size(const struct streaminfo * a_stream, int http_action_file_size)
{
return 0;
}
int srt_action_context_set_leaky_bucket(const struct streaminfo * a_stream, struct leaky_bucket * bucket, int thread_seq)
{
return 0;
}
int srt_action_context_set_l7_protocol(const struct streaminfo * a_stream, enum TSG_PROTOCOL protocol, int thread_seq)
{
return 0;
}
int srt_action_context_set_rule_method(const struct streaminfo * a_stream, enum TSG_METHOD_TYPE method_type, int thread_seq)
{
return 0;
}
int srt_action_context_set_after_n_packet(const struct streaminfo * a_stream, int after_n_packets, int thread_seq)
{
return 0;
}
const struct session_runtime_action_context *session_runtime_action_context_get(const struct streaminfo *a_stream)
{
return NULL;
}
int tsg_set_statistic_opt(int value, enum _STATISTIC_OPT_TYPE type, int thread_seq)
{
return 0;
}
int session_packet_capture_notify(const struct streaminfo * a_stream, struct maat_rule *results, size_t n_results, int thread_seq)
{
return 0;
}
TEST(TM_ACTION, Http)
{
EXPECT_EQ(1, 1);
}
int main(int argc, char *argv[])
{
testing::InitGoogleTest(&argc, argv);
return RUN_ALL_TESTS();
}

101
test/src/gtest_bridge.cpp Normal file
View File

@@ -0,0 +1,101 @@
#include <stdio.h>
#include <string.h>
#include <unistd.h>
#include "tsg_rule.h"
#include "tsg_label.h"
#include "tsg_entry.h"
#include "tsg_variable.h"
#include "tsg_rule_internal.h"
#include "tsg_protocol_common.h"
#include <gtest/gtest.h>
void tsg_maat_state_free(struct maat_state *state)
{
}
void destroy_bucket(struct leaky_bucket * * bucket, int thread_seq)
{
}
void plugin_ex_data_gtp_c_free(struct umts_user_info *user_info)
{
}
void plugin_ex_data_asn_number_free(struct asn_info *asn)
{
}
void plugin_ex_data_location_free(struct location_info *location)
{
}
void plugin_ex_data_subscriber_id_free(struct subscribe_id_info *subscriber)
{
}
void plugin_ex_data_tunnel_endpoint_free(struct tunnel_endpoint *t_enpoint)
{
}
int srt_attribute_set_ip_asn(const struct streaminfo * a_stream, struct maat *feather, struct asn_info **client_asn, struct asn_info **server_asn)
{
return 0;
}
int srt_attribute_set_ip_location(const struct streaminfo * a_stream, struct maat *feather, struct location_info **client_location, struct location_info **server_location)
{
return 0;
}
int srt_attribute_set_subscriber_id(const struct streaminfo *a_stream, struct maat *feather, struct subscribe_id_info **client_subscribe_id, struct subscribe_id_info **server_subscribe_id)
{
return 0;
}
int session_runtine_attribute_get_umts_user_info(const struct streaminfo *a_stream, struct umts_user_info **user_info)
{
return 0;
}
struct umts_user_info *tsg_get_umts_user_info_form_redis(struct maat *feather, unsigned int teid)
{
return NULL;
}
int session_app_identify_result_cb(const struct streaminfo * a_stream, int bridge_id, void * data)
{
return 0;
}
int session_flags_identify_result_cb(const struct streaminfo * a_stream, int bridge_id, void * data)
{
return 0;
}
int tsg_sync_policy_update(const struct streaminfo *a_stream, struct update_policy *policy_array, int policy_array_num)
{
return 0;
}
TEST(TM_Bridge, HitedSecurityPolicyResult)
{
EXPECT_EQ(1,1);
EXPECT_NE(nullptr, "");
EXPECT_STREQ("460045157065560", "460045157065560");
}
int main(int argc, char *argv[])
{
int ret=tsg_bridge_init("tsgconf/main.conf");
if(ret<0)
{
return -1;
}
testing::InitGoogleTest(&argc, argv);
return RUN_ALL_TESTS();
}

6
test/src/gtest_common.h
View File

@@ -3,10 +3,10 @@
#include "tsg_send_log.h" #include "tsg_send_log.h"
extern "C" int TSG_MASTER_INIT(); extern "C" int TSG_MASTER_INIT();
void free_shaping_result(const struct streaminfo *stream, int bridge_id, void *data); void session_matched_rules_free(const struct streaminfo *stream, int bridge_id, void *data);
int TLD_convert_json(struct TLD_handle_t *_handle, char *buff, unsigned int buff_len); int TLD_convert_json(struct TLD_handle_t *_handle, char *buff, unsigned int buff_len);
int set_app_id(struct tsg_log_instance_t *_instance, struct TLD_handle_t *_handle, struct streaminfo *a_stream); int set_app_id(struct tsg_log_instance_t *_instance, struct TLD_handle_t *_handle, const struct streaminfo *a_stream);
int set_shaping_rule_ids(struct tsg_log_instance_t *_instance, struct TLD_handle_t *_handle, struct streaminfo *a_stream); int set_shaping_rule_ids(struct tsg_log_instance_t *_instance, struct TLD_handle_t *_handle, const struct streaminfo *a_stream);

4
test/src/gtest_function.h
View File

@@ -28,6 +28,6 @@ using namespace rapidjson;
using namespace std; using namespace std;
extern "C" int TSG_MASTER_INIT(); extern "C" int TSG_MASTER_INIT();
int set_vlan(struct tsg_log_instance_t *_instance, struct TLD_handle_t *_handle, struct single_layer_vlan_addr *vlan_addr, int layer_num, Value *tunnel_object, tsg_log_field_id_t id); int set_vlan(struct tsg_log_instance_t *instance, struct TLD_handle_t *handle, struct single_layer_vlan_addr *vlan_addr, int layer_num, Value *tunnel_object, tsg_log_field_id_t id);
int set_app_full_path(struct TLD_handle_t *_handle, char *field_name, struct gather_app_result *result); int set_app_full_path(struct TLD_handle_t *handle, char *field_name, struct gather_app_result *result);

636
test/src/gtest_master.cpp
View File

@@ -3,41 +3,46 @@
#include <unistd.h> #include <unistd.h>
#include "gtest_common.h" #include "gtest_common.h"
#include "tsg_rule.h"
#include "tsg_entry.h" #include "tsg_entry.h"
#include "tsg_rule_internal.h"
#include <gtest/gtest.h> #include <gtest/gtest.h>
extern int rd_kafka_get_sendlog_cnt(void); extern int rd_kafka_get_sendlog_cnt(void);
extern const char *rd_kafka_get_sendlog_payload(int idx); extern const char *rd_kafka_get_sendlog_payload(int idx);
extern int matched_shaping_rules_deal(const struct streaminfo *a_stream, struct maat_rule *shaping_rules, size_t n_shaping_rules, int thread_seq);;
extern int matched_service_chaining_rules_deal(const struct streaminfo *a_stream, struct maat_rule *service_chaining_rules, size_t n_service_chaining_rules, int thread_seq);;
extern void session_segment_id_free(const struct streaminfo * a_stream, int bridge_id, void * data);
TEST(TSGMaster, SetAPPIDHttp) TEST(TSGMaster, SetAPPIDHttp)
{ {
struct streaminfo a_stream={0}; const struct streaminfo a_stream={0};
struct gather_app_result gather_result[ORIGIN_MAX]={0}; struct gather_app_result async_gather_result[ORIGIN_MAX]={0};
gather_result[ORIGIN_BASIC_PROTOCOL].app_num=1; async_gather_result[ORIGIN_BASIC_PROTOCOL].app_num=1;
gather_result[ORIGIN_BASIC_PROTOCOL].origin=ORIGIN_BASIC_PROTOCOL; async_gather_result[ORIGIN_BASIC_PROTOCOL].origin=ORIGIN_BASIC_PROTOCOL;
gather_result[ORIGIN_BASIC_PROTOCOL].attributes[0].app_id=67; //HTTP async_gather_result[ORIGIN_BASIC_PROTOCOL].attributes[0].app_id=67; //HTTP
tsg_set_xxx_to_bridge(&a_stream, g_tsg_para.bridge[BRIDGE_TYPE_GATHER_APP_RESULT].id, (void *)gather_result); session_gather_app_results_async(&a_stream, (void *)async_gather_result);
struct gather_app_result *get_result=(struct gather_app_result *)tsg_get_xxx_from_bridge(&a_stream, g_tsg_para.bridge[BRIDGE_TYPE_GATHER_APP_RESULT].id); struct gather_app_result *gather_result=(struct gather_app_result *)session_gather_app_results_get(&a_stream);
EXPECT_NE(nullptr, get_result); EXPECT_NE(nullptr, gather_result);
EXPECT_EQ(1, get_result[ORIGIN_BASIC_PROTOCOL].app_num); EXPECT_EQ(1, gather_result[ORIGIN_BASIC_PROTOCOL].app_num);
EXPECT_EQ(67, get_result[ORIGIN_BASIC_PROTOCOL].attributes[0].app_id); EXPECT_EQ(67, gather_result[ORIGIN_BASIC_PROTOCOL].attributes[0].app_id);
EXPECT_EQ(0, get_result[ORIGIN_BASIC_PROTOCOL].attributes[0].packet_sequence); EXPECT_EQ(0, gather_result[ORIGIN_BASIC_PROTOCOL].attributes[0].packet_sequence);
EXPECT_EQ(0, get_result[ORIGIN_BASIC_PROTOCOL].attributes[0].surrogate_id); EXPECT_EQ(0, gather_result[ORIGIN_BASIC_PROTOCOL].attributes[0].surrogate_id);
EXPECT_EQ(ORIGIN_BASIC_PROTOCOL, get_result[ORIGIN_BASIC_PROTOCOL].origin); EXPECT_EQ(ORIGIN_BASIC_PROTOCOL, gather_result[ORIGIN_BASIC_PROTOCOL].origin);
struct TLD_handle_t *handle=TLD_create(0); struct TLD_handle_t *handle=TLD_create(0);
set_app_id(g_tsg_log_instance, handle, (struct streaminfo *)&a_stream); set_app_id(g_tsg_log_instance, handle, (struct streaminfo *)&a_stream);
char app_ids[256]={0}; char app_ids[256]={0};
TLD_convert_json(handle, app_ids, sizeof(app_ids)); TLD_convert_json(handle, app_ids, sizeof(app_ids));
EXPECT_STREQ("{\"common_app_full_path\":\"http\",\"common_app_label\":\"http\"}", app_ids); EXPECT_STREQ("{\"common_app_full_path\":\"http\",\"common_app_label\":\"http\",\"common_app_id\":{\"LPI_L7\":[{\"app_name\":\"http\",\"app_id\":67,\"surrogate_id\":0,\"packet_sequence\":0}]}}", app_ids);
tsg_set_xxx_to_bridge(&a_stream, g_tsg_para.bridge[BRIDGE_TYPE_GATHER_APP_RESULT].id, NULL); session_gather_app_results_async(&a_stream, NULL);
get_result=(struct gather_app_result *)tsg_get_xxx_from_bridge(&a_stream, g_tsg_para.bridge[BRIDGE_TYPE_GATHER_APP_RESULT].id); gather_result=(struct gather_app_result *)session_gather_app_results_get(&a_stream);
EXPECT_EQ(nullptr, get_result); EXPECT_EQ(nullptr, gather_result);
} }
TEST(TSGMaster, SetAPPIDUnknown) TEST(TSGMaster, SetAPPIDUnknown)
@@ -55,45 +60,53 @@ TEST(TSGMaster, SetAPPIDUnknown)
TEST(TSGMaster, ShapingSetRuleIds) TEST(TSGMaster, ShapingSetRuleIds)
{ {
const struct streaminfo a_stream={0}; const struct streaminfo a_stream={0};
struct Maat_rule_t shaping_result[MAX_RESULT_NUM]={0}; struct maat_rule shaping_result[MAX_RESULT_NUM]={0};
for(int i=0; i<MAX_RESULT_NUM; i++) for(int i=0; i<MAX_RESULT_NUM; i++)
{ {
shaping_result[i].action=TSG_ACTION_SHAPING; shaping_result[i].action=TSG_ACTION_SHAPING;
shaping_result[i].config_id=TSG_ACTION_SHAPING+i; shaping_result[i].rule_id=TSG_ACTION_SHAPING+i;
} }
tsg_notify_hited_shaping_result(&a_stream, shaping_result, MAX_RESULT_NUM, 0); matched_shaping_rules_deal(&a_stream, shaping_result, MAX_RESULT_NUM, 0);
struct TLD_handle_t *handle=TLD_create(0); struct TLD_handle_t *handle=TLD_create(0);
set_shaping_rule_ids(g_tsg_log_instance, handle, (struct streaminfo *)&a_stream); set_shaping_rule_ids(g_tsg_log_instance, handle, &a_stream);
char shaping_rule_ids[256]={0}; char shaping_rule_ids[256]={0};
TLD_convert_json(handle, shaping_rule_ids, sizeof(shaping_rule_ids)); TLD_convert_json(handle, shaping_rule_ids, sizeof(shaping_rule_ids));
EXPECT_STREQ("{\"common_shaping_rule_ids\":[32,33,34,35,36,37,38,39]}", shaping_rule_ids); EXPECT_STREQ("{\"common_shaping_rule_ids\":[32,33,34,35,36,37,38,39]}", shaping_rule_ids);
struct notify_shaping_policy *shaping_label=(struct notify_shaping_policy *)stream_bridge_async_data_get(&a_stream, g_tsg_para.bridge[BRIDGE_TYPE_NOTIFY_SHAPING_RESULT].id); const struct matched_policy_rules *hited_shaping=session_matched_rules_get(&a_stream, TSG_SERVICE_SHAPING);
EXPECT_NE(nullptr, shaping_label); EXPECT_NE(nullptr, hited_shaping);
EXPECT_EQ(MAX_RESULT_NUM, shaping_label->shaping_result_num); EXPECT_EQ(MAX_RESULT_NUM, hited_shaping->n_rules);
for(int i=0; i<shaping_label->shaping_result_num; i++) for(size_t i=0; i<hited_shaping->n_rules; i++)
{ {
EXPECT_EQ(TSG_ACTION_SHAPING, shaping_label->shaping_result[i].action); EXPECT_EQ(TSG_ACTION_SHAPING, hited_shaping->rules[i].action);
EXPECT_EQ(TSG_ACTION_SHAPING+i, shaping_label->shaping_result[i].config_id); EXPECT_EQ(TSG_ACTION_SHAPING+i, hited_shaping->rules[i].rule_id);
} }
free_shaping_result(&a_stream, g_tsg_para.bridge[BRIDGE_TYPE_NOTIFY_SHAPING_RESULT].id, (void *)shaping_label); struct segment_id_list *segment_ids=(struct segment_id_list *)session_control_segment_ids_get(&a_stream);
stream_bridge_async_data_put(&a_stream, g_tsg_para.bridge[BRIDGE_TYPE_NOTIFY_SHAPING_RESULT].id, NULL); EXPECT_NE(nullptr, segment_ids);
EXPECT_EQ(nullptr, stream_bridge_async_data_get(&a_stream, g_tsg_para.bridge[BRIDGE_TYPE_NOTIFY_SHAPING_RESULT].id)); EXPECT_EQ(1, segment_ids->sz_sidlist);
EXPECT_EQ(g_tsg_para.shaping_sid, segment_ids->sid_list[0]);
session_segment_id_free(&a_stream, 0, (void *)segment_ids);
session_control_segment_ids_async(&a_stream, NULL);
session_matched_rules_free(&a_stream, TSG_SERVICE_SHAPING, (void *)hited_shaping);
session_matched_rules_async(&a_stream, TSG_SERVICE_SHAPING, NULL);
EXPECT_EQ(nullptr, session_matched_rules_get(&a_stream, TSG_SERVICE_SHAPING));
} }
int shaping_policy_notify_cb(const struct streaminfo *stream, int bridge_id, void *data) int shaping_policy_notify_cb(const struct streaminfo *stream, int bridge_id, void *data)
{ {
struct notify_shaping_policy *shaping_label=(struct notify_shaping_policy *)data; struct matched_policy_rules *hited_shaping=(struct matched_policy_rules *)data;
EXPECT_NE(nullptr, shaping_label); EXPECT_NE(nullptr, hited_shaping);
EXPECT_EQ(MAX_RESULT_NUM, shaping_label->shaping_result_num); EXPECT_EQ(MAX_RESULT_NUM, hited_shaping->n_rules);
for(int i=0; i<shaping_label->shaping_result_num; i++) for(size_t i=0; i<hited_shaping->n_rules; i++)
{ {
EXPECT_EQ(TSG_ACTION_SHAPING, shaping_label->shaping_result[i].action); EXPECT_EQ(TSG_ACTION_SHAPING, hited_shaping->rules[i].action);
EXPECT_EQ(TSG_ACTION_SHAPING+i, shaping_label->shaping_result[i].config_id); EXPECT_EQ(TSG_ACTION_SHAPING+i, hited_shaping->rules[i].rule_id);
} }
return 0; return 0;
@@ -102,37 +115,38 @@ int shaping_policy_notify_cb(const struct streaminfo *stream, int bridge_id, voi
TEST(TSGMaster, ShapingPolicyNotify) TEST(TSGMaster, ShapingPolicyNotify)
{ {
const struct streaminfo a_stream={0}; const struct streaminfo a_stream={0};
struct Maat_rule_t shaping_result[MAX_RESULT_NUM]={0}; struct maat_rule shaping_result[MAX_RESULT_NUM]={0};
for(int i=0; i<MAX_RESULT_NUM; i++) for(int i=0; i<MAX_RESULT_NUM; i++)
{ {
shaping_result[i].action=TSG_ACTION_SHAPING; shaping_result[i].action=TSG_ACTION_SHAPING;
shaping_result[i].config_id=TSG_ACTION_SHAPING+i; shaping_result[i].rule_id=TSG_ACTION_SHAPING+i;
} }
stream_bridge_register_data_sync_cb(g_tsg_para.bridge[BRIDGE_TYPE_NOTIFY_SHAPING_RESULT].id, shaping_policy_notify_cb); stream_bridge_register_data_sync_cb(stream_bridge_build("NOTIFY_SHAPING_RESULT", "w"), shaping_policy_notify_cb);
tsg_notify_hited_shaping_result(&a_stream, shaping_result, MAX_RESULT_NUM, 0); matched_shaping_rules_deal(&a_stream, shaping_result, MAX_RESULT_NUM, 0);
int shaping_result_num=tsg_pull_shaping_result((struct streaminfo *)&a_stream, shaping_result, MAX_RESULT_NUM);
EXPECT_EQ(MAX_RESULT_NUM, shaping_result_num); const struct matched_policy_rules *hited_shaping=session_matched_rules_get(&a_stream, TSG_SERVICE_SHAPING);
for(int i=0; i<shaping_result_num; i++) EXPECT_NE(nullptr, hited_shaping);
EXPECT_EQ(MAX_RESULT_NUM, hited_shaping->n_rules);
for(size_t i=0; i<hited_shaping->n_rules; i++)
{ {
EXPECT_EQ(TSG_ACTION_SHAPING, shaping_result[i].action); EXPECT_EQ(TSG_ACTION_SHAPING, hited_shaping->rules[i].action);
EXPECT_EQ(TSG_ACTION_SHAPING+i, shaping_result[i].config_id); EXPECT_EQ(TSG_ACTION_SHAPING+i, hited_shaping->rules[i].rule_id);
} }
struct notify_shaping_policy *shaping_label=(struct notify_shaping_policy *)stream_bridge_async_data_get(&a_stream, g_tsg_para.bridge[BRIDGE_TYPE_NOTIFY_SHAPING_RESULT].id); struct segment_id_list *segment_ids=(struct segment_id_list *)session_control_segment_ids_get(&a_stream);
EXPECT_NE(nullptr, shaping_label); EXPECT_NE(nullptr, segment_ids);
EXPECT_EQ(MAX_RESULT_NUM, shaping_label->shaping_result_num); EXPECT_EQ(1, segment_ids->sz_sidlist);
for(int i=0; i<shaping_label->shaping_result_num; i++) EXPECT_EQ(g_tsg_para.shaping_sid, segment_ids->sid_list[0]);
{
EXPECT_EQ(TSG_ACTION_SHAPING, shaping_label->shaping_result[i].action);
EXPECT_EQ(TSG_ACTION_SHAPING+i, shaping_label->shaping_result[i].config_id);
}
free_shaping_result(&a_stream, g_tsg_para.bridge[BRIDGE_TYPE_NOTIFY_SHAPING_RESULT].id, (void *)shaping_label); session_segment_id_free(&a_stream, 0, (void *)segment_ids);
stream_bridge_async_data_put(&a_stream, g_tsg_para.bridge[BRIDGE_TYPE_NOTIFY_SHAPING_RESULT].id, NULL); session_control_segment_ids_async(&a_stream, NULL);
EXPECT_EQ(nullptr, stream_bridge_async_data_get(&a_stream, g_tsg_para.bridge[BRIDGE_TYPE_NOTIFY_SHAPING_RESULT].id));
session_matched_rules_free(&a_stream, TSG_SERVICE_SHAPING, (void *)hited_shaping);
session_matched_rules_async(&a_stream, TSG_SERVICE_SHAPING, NULL);
EXPECT_EQ(nullptr, session_matched_rules_get(&a_stream, TSG_SERVICE_SHAPING));
} }
int shaping_policy_notify_null_cb(const struct streaminfo *stream, int bridge_id, void *data) int shaping_policy_notify_null_cb(const struct streaminfo *stream, int bridge_id, void *data)
@@ -144,24 +158,24 @@ int shaping_policy_notify_null_cb(const struct streaminfo *stream, int bridge_id
TEST(TSGMaster, ShapingPolicyNotifyNULL) TEST(TSGMaster, ShapingPolicyNotifyNULL)
{ {
const struct streaminfo a_stream={0}; const struct streaminfo a_stream={0};
struct Maat_rule_t shaping_result[MAX_RESULT_NUM]={0}; struct maat_rule shaping_result[MAX_RESULT_NUM]={0};
stream_bridge_register_data_sync_cb(g_tsg_para.bridge[BRIDGE_TYPE_NOTIFY_SHAPING_RESULT].id, shaping_policy_notify_null_cb); stream_bridge_register_data_sync_cb(stream_bridge_build("NOTIFY_SHAPING_RESULT", "w"), shaping_policy_notify_cb);
tsg_notify_hited_shaping_result(&a_stream, shaping_result, 0, 0); matched_shaping_rules_deal(&a_stream, shaping_result, 0, 0);
struct notify_shaping_policy *shaping_label=(struct notify_shaping_policy *)stream_bridge_async_data_get(&a_stream, g_tsg_para.bridge[BRIDGE_TYPE_NOTIFY_SHAPING_RESULT].id); const struct matched_policy_rules *hited_shaping=session_matched_rules_get(&a_stream, TSG_SERVICE_SHAPING);
EXPECT_EQ(nullptr, shaping_label); EXPECT_EQ(nullptr, hited_shaping);
} }
int shaping_duplicate_policy_notify_cb(const struct streaminfo *stream, int bridge_id, void *data) int shaping_duplicate_policy_notify_cb(const struct streaminfo *stream, int bridge_id, void *data)
{ {
struct notify_shaping_policy *shaping_label=(struct notify_shaping_policy *)data; struct matched_policy_rules *hited_shaping=(struct matched_policy_rules *)data;
EXPECT_NE(nullptr, shaping_label); EXPECT_NE(nullptr, hited_shaping);
EXPECT_EQ(MAX_RESULT_NUM/2, shaping_label->shaping_result_num); EXPECT_EQ(MAX_RESULT_NUM/2, hited_shaping->n_rules);
for(int i=0; i<shaping_label->shaping_result_num; i++) for(size_t i=0; i<hited_shaping->n_rules; i++)
{ {
EXPECT_EQ(TSG_ACTION_SHAPING, shaping_label->shaping_result[i].action); EXPECT_EQ(TSG_ACTION_SHAPING, hited_shaping->rules[i].action);
EXPECT_EQ(TSG_ACTION_SHAPING+i, shaping_label->shaping_result[i].config_id); EXPECT_EQ(TSG_ACTION_SHAPING+i, hited_shaping->rules[i].rule_id);
} }
return 0; return 0;
@@ -170,126 +184,120 @@ int shaping_duplicate_policy_notify_cb(const struct streaminfo *stream, int brid
TEST(TSGMaster, ShapingDuplicatePolicyNotify) TEST(TSGMaster, ShapingDuplicatePolicyNotify)
{ {
const struct streaminfo a_stream={0}; const struct streaminfo a_stream={0};
struct Maat_rule_t shaping_result[MAX_RESULT_NUM]={0}; struct maat_rule shaping_result[MAX_RESULT_NUM]={0};
for(int i=0; i<MAX_RESULT_NUM; i++) for(int i=0; i<MAX_RESULT_NUM; i++)
{ {
shaping_result[i].action=TSG_ACTION_SHAPING; shaping_result[i].action=TSG_ACTION_SHAPING;
shaping_result[i].config_id=TSG_ACTION_SHAPING+(i%4); shaping_result[i].rule_id=TSG_ACTION_SHAPING+(i%4);
} }
stream_bridge_register_data_sync_cb(g_tsg_para.bridge[BRIDGE_TYPE_NOTIFY_SHAPING_RESULT].id, shaping_duplicate_policy_notify_cb); stream_bridge_register_data_sync_cb(stream_bridge_build("NOTIFY_SHAPING_RESULT", "w"), shaping_policy_notify_cb);
tsg_notify_hited_shaping_result(&a_stream, shaping_result, MAX_RESULT_NUM, 0); matched_shaping_rules_deal(&a_stream, shaping_result, MAX_RESULT_NUM, 0);
int shaping_result_num=tsg_pull_shaping_result((struct streaminfo *)&a_stream, shaping_result, MAX_RESULT_NUM);
EXPECT_EQ(MAX_RESULT_NUM/2, shaping_result_num); const struct matched_policy_rules *hited_shaping=session_matched_rules_get(&a_stream, TSG_SERVICE_SHAPING);
for(int i=0; i<shaping_result_num; i++) EXPECT_NE(nullptr, hited_shaping);
EXPECT_EQ(MAX_RESULT_NUM/2, hited_shaping->n_rules);
for(size_t i=0; i<hited_shaping->n_rules; i++)
{ {
EXPECT_EQ(TSG_ACTION_SHAPING, shaping_result[i].action); EXPECT_EQ(TSG_ACTION_SHAPING, hited_shaping->rules[i].action);
EXPECT_EQ(TSG_ACTION_SHAPING+i, shaping_result[i].config_id); EXPECT_EQ(TSG_ACTION_SHAPING+i, hited_shaping->rules[i].rule_id);
} }
struct notify_shaping_policy *shaping_label=(struct notify_shaping_policy *)stream_bridge_async_data_get(&a_stream, g_tsg_para.bridge[BRIDGE_TYPE_NOTIFY_SHAPING_RESULT].id); struct segment_id_list *segment_ids=(struct segment_id_list *)session_control_segment_ids_get(&a_stream);
EXPECT_NE(nullptr, shaping_label); EXPECT_NE(nullptr, segment_ids);
EXPECT_EQ(MAX_RESULT_NUM/2, shaping_label->shaping_result_num); EXPECT_EQ(1, segment_ids->sz_sidlist);
for(int i=0; i<shaping_label->shaping_result_num; i++) EXPECT_EQ(g_tsg_para.shaping_sid, segment_ids->sid_list[0]);
{
EXPECT_EQ(TSG_ACTION_SHAPING, shaping_label->shaping_result[i].action);
EXPECT_EQ(TSG_ACTION_SHAPING+i, shaping_label->shaping_result[i].config_id);
}
free_shaping_result(&a_stream, g_tsg_para.bridge[BRIDGE_TYPE_NOTIFY_SHAPING_RESULT].id, (void *)shaping_label); session_segment_id_free(&a_stream, 0, (void *)segment_ids);
stream_bridge_async_data_put(&a_stream, g_tsg_para.bridge[BRIDGE_TYPE_NOTIFY_SHAPING_RESULT].id, NULL); session_control_segment_ids_async(&a_stream, NULL);
EXPECT_EQ(nullptr, stream_bridge_async_data_get(&a_stream, g_tsg_para.bridge[BRIDGE_TYPE_NOTIFY_SHAPING_RESULT].id));
session_matched_rules_free(&a_stream, TSG_SERVICE_SHAPING, (void *)hited_shaping);
session_matched_rules_async(&a_stream, TSG_SERVICE_SHAPING, NULL);
EXPECT_EQ(nullptr, session_matched_rules_get(&a_stream, TSG_SERVICE_SHAPING));
} }
TEST(TSGMaster, ShapingDuplicatePolicyMultipleNotify) TEST(TSGMaster, ShapingDuplicatePolicyMultipleNotify)
{ {
const struct streaminfo a_stream={0}; const struct streaminfo a_stream={0};
struct Maat_rule_t shaping_result[MAX_RESULT_NUM]={0}; struct maat_rule shaping_result[MAX_RESULT_NUM]={0};
for(int i=0; i<MAX_RESULT_NUM/2; i++) for(int i=0; i<MAX_RESULT_NUM/2; i++)
{ {
shaping_result[i].action=TSG_ACTION_SHAPING; shaping_result[i].action=TSG_ACTION_SHAPING;
shaping_result[i].config_id=TSG_ACTION_SHAPING+i; shaping_result[i].rule_id=TSG_ACTION_SHAPING+i;
} }
stream_bridge_register_data_sync_cb(g_tsg_para.bridge[BRIDGE_TYPE_NOTIFY_SHAPING_RESULT].id, shaping_duplicate_policy_notify_cb); stream_bridge_register_data_sync_cb(stream_bridge_build("NOTIFY_SHAPING_RESULT", "w"), shaping_policy_notify_cb);
// First notify // First notify
tsg_notify_hited_shaping_result(&a_stream, shaping_result, MAX_RESULT_NUM/2, 0); matched_shaping_rules_deal(&a_stream, shaping_result, MAX_RESULT_NUM/2, 0);
int shaping_result_num=tsg_pull_shaping_result((struct streaminfo *)&a_stream, shaping_result, MAX_RESULT_NUM);
EXPECT_EQ(MAX_RESULT_NUM/2, shaping_result_num);
for(int i=0; i<shaping_result_num; i++)
{
EXPECT_EQ(TSG_ACTION_SHAPING, shaping_result[i].action);
EXPECT_EQ(TSG_ACTION_SHAPING+i, shaping_result[i].config_id);
}
struct notify_shaping_policy *shaping_label=(struct notify_shaping_policy *)stream_bridge_async_data_get(&a_stream, g_tsg_para.bridge[BRIDGE_TYPE_NOTIFY_SHAPING_RESULT].id); const struct matched_policy_rules *hited_shaping=session_matched_rules_get(&a_stream, TSG_SERVICE_SHAPING);
EXPECT_NE(nullptr, shaping_label); EXPECT_NE(nullptr, hited_shaping);
EXPECT_EQ(MAX_RESULT_NUM/2, shaping_label->shaping_result_num); EXPECT_EQ(MAX_RESULT_NUM/2, hited_shaping->n_rules);
for(int i=0; i<shaping_label->shaping_result_num; i++) for(size_t i=0; i<hited_shaping->n_rules; i++)
{ {
EXPECT_EQ(TSG_ACTION_SHAPING, shaping_label->shaping_result[i].action); EXPECT_EQ(TSG_ACTION_SHAPING, hited_shaping->rules[i].action);
EXPECT_EQ(TSG_ACTION_SHAPING+i, shaping_label->shaping_result[i].config_id); EXPECT_EQ(TSG_ACTION_SHAPING+i, hited_shaping->rules[i].rule_id);
} }
// Second notify // Second notify
tsg_notify_hited_shaping_result(&a_stream, shaping_result, MAX_RESULT_NUM/2, 0); matched_shaping_rules_deal(&a_stream, shaping_result, MAX_RESULT_NUM/2, 0);
shaping_result_num=tsg_pull_shaping_result((struct streaminfo *)&a_stream, shaping_result, MAX_RESULT_NUM);
EXPECT_EQ(MAX_RESULT_NUM/2, shaping_result_num); hited_shaping=session_matched_rules_get(&a_stream, TSG_SERVICE_SHAPING);
for(int i=0; i<shaping_result_num; i++) EXPECT_NE(nullptr, hited_shaping);
EXPECT_EQ(MAX_RESULT_NUM/2, hited_shaping->n_rules);
for(size_t i=0; i<hited_shaping->n_rules; i++)
{ {
EXPECT_EQ(TSG_ACTION_SHAPING, shaping_result[i].action); EXPECT_EQ(TSG_ACTION_SHAPING, hited_shaping->rules[i].action);
EXPECT_EQ(TSG_ACTION_SHAPING+i, shaping_result[i].config_id); EXPECT_EQ(TSG_ACTION_SHAPING+i, hited_shaping->rules[i].rule_id);
} }
shaping_label=(struct notify_shaping_policy *)stream_bridge_async_data_get(&a_stream, g_tsg_para.bridge[BRIDGE_TYPE_NOTIFY_SHAPING_RESULT].id); struct segment_id_list *segment_ids=(struct segment_id_list *)session_control_segment_ids_get(&a_stream);
EXPECT_NE(nullptr, shaping_label); EXPECT_NE(nullptr, segment_ids);
EXPECT_EQ(MAX_RESULT_NUM/2, shaping_label->shaping_result_num); EXPECT_EQ(1, segment_ids->sz_sidlist);
for(int i=0; i<shaping_label->shaping_result_num; i++) EXPECT_EQ(g_tsg_para.shaping_sid, segment_ids->sid_list[0]);
{
EXPECT_EQ(TSG_ACTION_SHAPING, shaping_label->shaping_result[i].action);
EXPECT_EQ(TSG_ACTION_SHAPING+i, shaping_label->shaping_result[i].config_id);
}
free_shaping_result(&a_stream, g_tsg_para.bridge[BRIDGE_TYPE_NOTIFY_SHAPING_RESULT].id, (void *)shaping_label); session_segment_id_free(&a_stream, 0, (void *)segment_ids);
stream_bridge_async_data_put(&a_stream, g_tsg_para.bridge[BRIDGE_TYPE_NOTIFY_SHAPING_RESULT].id, NULL); session_control_segment_ids_async(&a_stream, NULL);
EXPECT_EQ(nullptr, stream_bridge_async_data_get(&a_stream, g_tsg_para.bridge[BRIDGE_TYPE_NOTIFY_SHAPING_RESULT].id));
session_matched_rules_free(&a_stream, TSG_SERVICE_SHAPING, (void *)hited_shaping);
session_matched_rules_async(&a_stream, TSG_SERVICE_SHAPING, NULL);
EXPECT_EQ(nullptr, session_matched_rules_get(&a_stream, TSG_SERVICE_SHAPING));
} }
TEST(TSGMaster, SecurityPolicySendlog) TEST(TSGMaster, SecurityPolicySendlog)
{ {
const struct streaminfo a_stream={0}; const struct streaminfo a_stream={0};
struct Maat_rule_t security_result[MAX_RESULT_NUM]={0}; struct maat_rule matched_policy[MAX_RESULT_NUM]={0};
for(int i=0; i<MAX_RESULT_NUM; i++) for(int i=0; i<MAX_RESULT_NUM; i++)
{ {
security_result[i].do_log=1; matched_policy[i].do_log=1;
security_result[i].action=TSG_ACTION_MONITOR; matched_policy[i].action=TSG_ACTION_MONITOR;
security_result[i].config_id=TSG_ACTION_MONITOR+i; matched_policy[i].rule_id=TSG_ACTION_MONITOR+i;
} }
// First notify // First notify
tsg_notify_hited_security_result(&a_stream, security_result, MAX_RESULT_NUM, 0); session_matched_rules_notify(&a_stream, TSG_SERVICE_SECURITY, matched_policy, MAX_RESULT_NUM, 0);
struct policy_priority_label *priority_label=(struct policy_priority_label *)tsg_get_xxx_from_bridge(&a_stream, g_tsg_para.bridge[BRIDGE_TYPE_POLICY_PRIORITY].id); const struct matched_policy_rules *hited_security=session_matched_rules_get(&a_stream, TSG_SERVICE_SECURITY);
EXPECT_NE(nullptr, priority_label); EXPECT_NE(nullptr, hited_security);
EXPECT_EQ(MAX_RESULT_NUM, priority_label->security_result_num); EXPECT_EQ(MAX_RESULT_NUM, hited_security->n_rules);
for(int i=0; i<priority_label->security_result_num; i++) for(size_t i=0; i<hited_security->n_rules; i++)
{ {
EXPECT_EQ(TSG_ACTION_MONITOR, priority_label->security_result[i].action); EXPECT_EQ(TSG_ACTION_MONITOR, hited_security->rules[i].action);
EXPECT_EQ(TSG_ACTION_MONITOR+i, priority_label->security_result[i].config_id); EXPECT_EQ(TSG_ACTION_MONITOR+i, hited_security->rules[i].rule_id);
} }
struct TLD_handle_t * handle=TLD_create(0); struct TLD_handle_t * handle=TLD_create(0);
struct Maat_rule_t session_record={0, 2, 1, 0, 0, 0, 0, {0}}; struct maat_rule session_record={0, 0, 2, 1, 0};
tsg_log_t log_msg={1, &session_record, (struct streaminfo*)&a_stream}; tsg_send_log(g_tsg_log_instance, handle, &a_stream, LOG_TYPE_SESSION_RECORD, &session_record, 1, 0);
tsg_send_log(g_tsg_log_instance, handle, &log_msg, 0);
int sendlog_cnt=rd_kafka_get_sendlog_cnt(); int sendlog_cnt=rd_kafka_get_sendlog_cnt();
EXPECT_EQ(8, sendlog_cnt); EXPECT_EQ(9, sendlog_cnt);
//EXPECT_STREQ("{}", rd_kafka_get_sendlog_payload(0)); //EXPECT_STREQ("{}", rd_kafka_get_sendlog_payload(0));
//EXPECT_STREQ("{}", rd_kafka_get_sendlog_payload(1)); //EXPECT_STREQ("{}", rd_kafka_get_sendlog_payload(1));
//EXPECT_STREQ("{}", rd_kafka_get_sendlog_payload(2)); //EXPECT_STREQ("{}", rd_kafka_get_sendlog_payload(2));
@@ -300,169 +308,331 @@ TEST(TSGMaster, SecurityPolicySendlog)
//EXPECT_STREQ("{}", rd_kafka_get_sendlog_payload(7)); //EXPECT_STREQ("{}", rd_kafka_get_sendlog_payload(7));
//EXPECT_STREQ("{}", rd_kafka_get_sendlog_payload(8)); //EXPECT_STREQ("{}", rd_kafka_get_sendlog_payload(8));
priority_label=(struct policy_priority_label *)tsg_get_xxx_from_bridge(&a_stream, g_tsg_para.bridge[BRIDGE_TYPE_POLICY_PRIORITY].id); hited_security=session_matched_rules_get(&a_stream, TSG_SERVICE_SECURITY);
EXPECT_EQ(nullptr, priority_label); EXPECT_EQ(nullptr, hited_security);
} }
TEST(TSGMaster, SecurityDuplicatePolicyMultipleNotify)
{
const struct streaminfo a_stream={0};
struct Maat_rule_t security_result[MAX_RESULT_NUM]={0};
for(int i=0; i<MAX_RESULT_NUM/2; i++)
{
security_result[i].action=TSG_ACTION_MONITOR;
security_result[i].config_id=TSG_ACTION_MONITOR+i;
}
// First notify
tsg_notify_hited_security_result(&a_stream, security_result, MAX_RESULT_NUM/2, 0);
struct policy_priority_label *priority_label=(struct policy_priority_label *)tsg_get_xxx_from_bridge(&a_stream, g_tsg_para.bridge[BRIDGE_TYPE_POLICY_PRIORITY].id);
EXPECT_NE(nullptr, priority_label);
EXPECT_EQ(MAX_RESULT_NUM/2, priority_label->security_result_num);
for(int i=0; i<priority_label->security_result_num; i++)
{
EXPECT_EQ(TSG_ACTION_MONITOR, priority_label->security_result[i].action);
EXPECT_EQ(TSG_ACTION_MONITOR+i, priority_label->security_result[i].config_id);
}
// Second notify
tsg_notify_hited_security_result(&a_stream, security_result, MAX_RESULT_NUM/2, 0);
priority_label=(struct policy_priority_label *)tsg_get_xxx_from_bridge(&a_stream, g_tsg_para.bridge[BRIDGE_TYPE_POLICY_PRIORITY].id);
EXPECT_NE(nullptr, priority_label);
EXPECT_EQ(MAX_RESULT_NUM/2, priority_label->security_result_num);
for(int i=0; i<priority_label->security_result_num; i++)
{
EXPECT_EQ(TSG_ACTION_MONITOR, priority_label->security_result[i].action);
EXPECT_EQ(TSG_ACTION_MONITOR+i, priority_label->security_result[i].config_id);
}
free_shaping_result(&a_stream, g_tsg_para.bridge[BRIDGE_TYPE_POLICY_PRIORITY].id, (void *)priority_label);
stream_bridge_async_data_put(&a_stream, g_tsg_para.bridge[BRIDGE_TYPE_POLICY_PRIORITY].id, NULL);
EXPECT_EQ(nullptr, stream_bridge_async_data_get(&a_stream, g_tsg_para.bridge[BRIDGE_TYPE_POLICY_PRIORITY].id));
}
extern void set_s_chaining_result_to_bridge(const struct streaminfo * a_stream, struct Maat_rule_t * p_result, int p_result_num, int thread_seq);
TEST(TSGMaster, ServiceChainingPolicyNotify) TEST(TSGMaster, ServiceChainingPolicyNotify)
{ {
const struct streaminfo a_stream={0}; const struct streaminfo a_stream={0};
struct Maat_rule_t s_chaining_result[MAX_RESULT_NUM]={0}; struct maat_rule s_chaining_result[MAX_RESULT_NUM]={0};
for(int i=0; i<MAX_RESULT_NUM/2; i++) for(int i=0; i<MAX_RESULT_NUM/2; i++)
{ {
s_chaining_result[i].action=TSG_ACTION_S_CHAINING; s_chaining_result[i].action=TSG_ACTION_S_CHAINING;
s_chaining_result[i].config_id=TSG_ACTION_S_CHAINING+i; s_chaining_result[i].rule_id=TSG_ACTION_S_CHAINING+i;
} }
set_s_chaining_result_to_bridge(&a_stream, s_chaining_result, MAX_RESULT_NUM/2, 0); matched_service_chaining_rules_deal(&a_stream, s_chaining_result, MAX_RESULT_NUM/2, 0);
struct tm_hited_result *hited_s_chaining=(struct tm_hited_result *)tsg_get_xxx_from_bridge(&a_stream, g_tsg_para.bridge[BRIDGE_TYPE_SERVICE_CHAINING].id); const struct matched_policy_rules *hited_s_chaining=session_matched_rules_get(&a_stream, TSG_SERVICE_CHAINING);
EXPECT_NE(nullptr, hited_s_chaining); EXPECT_NE(nullptr, hited_s_chaining);
EXPECT_EQ(g_tsg_para.service_chaining_sid, hited_s_chaining->sid); EXPECT_EQ(MAX_RESULT_NUM/2, hited_s_chaining->n_rules);
EXPECT_EQ(MAX_RESULT_NUM/2, hited_s_chaining->result_num); for(size_t i=0; i<hited_s_chaining->n_rules; i++)
for(int i=0; i<hited_s_chaining->result_num; i++)
{ {
EXPECT_EQ(TSG_ACTION_S_CHAINING, hited_s_chaining->result[i].action); EXPECT_EQ(TSG_ACTION_S_CHAINING, hited_s_chaining->rules[i].action);
EXPECT_EQ(TSG_ACTION_S_CHAINING+i, hited_s_chaining->result[i].config_id); EXPECT_EQ(TSG_ACTION_S_CHAINING+i, hited_s_chaining->rules[i].rule_id);
} }
free_shaping_result(&a_stream, g_tsg_para.bridge[BRIDGE_TYPE_SERVICE_CHAINING].id, (void *)hited_s_chaining); struct segment_id_list *segment_ids=(struct segment_id_list *)session_control_segment_ids_get(&a_stream);
stream_bridge_async_data_put(&a_stream, g_tsg_para.bridge[BRIDGE_TYPE_SERVICE_CHAINING].id, NULL); EXPECT_NE(nullptr, segment_ids);
EXPECT_EQ(nullptr, stream_bridge_async_data_get(&a_stream, g_tsg_para.bridge[BRIDGE_TYPE_SERVICE_CHAINING].id)); EXPECT_EQ(1, segment_ids->sz_sidlist);
EXPECT_EQ(g_tsg_para.service_chaining_sid, segment_ids->sid_list[0]);
session_segment_id_free(&a_stream, 0, (void *)segment_ids);
session_control_segment_ids_async(&a_stream, NULL);
session_matched_rules_free(&a_stream, TSG_SERVICE_CHAINING, (void *)hited_s_chaining);
session_matched_rules_async(&a_stream, TSG_SERVICE_CHAINING, NULL);
EXPECT_EQ(nullptr, session_matched_rules_get(&a_stream, TSG_SERVICE_CHAINING));
} }
TEST(TSGMaster, ServiceChainingDuplicatePolicyMultipleNotify) TEST(TSGMaster, ServiceChainingDuplicatePolicyMultipleNotify)
{ {
const struct streaminfo a_stream={0}; const struct streaminfo a_stream={0};
struct Maat_rule_t s_chaining_result[MAX_RESULT_NUM]={0}; struct maat_rule s_chaining_result[MAX_RESULT_NUM]={0};
// first // first
for(int i=0; i<MAX_RESULT_NUM/2; i++) for(int i=0; i<MAX_RESULT_NUM/2; i++)
{ {
s_chaining_result[i].action=TSG_ACTION_S_CHAINING; s_chaining_result[i].action=TSG_ACTION_S_CHAINING;
s_chaining_result[i].config_id=TSG_ACTION_S_CHAINING+i; s_chaining_result[i].rule_id=TSG_ACTION_S_CHAINING+i;
} }
set_s_chaining_result_to_bridge(&a_stream, s_chaining_result, MAX_RESULT_NUM/2, 0); matched_service_chaining_rules_deal(&a_stream, s_chaining_result, MAX_RESULT_NUM/2, 0);
struct tm_hited_result *hited_s_chaining=(struct tm_hited_result *)tsg_get_xxx_from_bridge(&a_stream, g_tsg_para.bridge[BRIDGE_TYPE_SERVICE_CHAINING].id); const struct matched_policy_rules *hited_s_chaining=session_matched_rules_get(&a_stream, TSG_SERVICE_CHAINING);
EXPECT_NE(nullptr, hited_s_chaining); EXPECT_NE(nullptr, hited_s_chaining);
EXPECT_EQ(g_tsg_para.service_chaining_sid, hited_s_chaining->sid); EXPECT_EQ(MAX_RESULT_NUM/2, hited_s_chaining->n_rules);
EXPECT_EQ(MAX_RESULT_NUM/2, hited_s_chaining->result_num); for(size_t i=0; i<hited_s_chaining->n_rules; i++)
for(int i=0; i<hited_s_chaining->result_num; i++)
{ {
EXPECT_EQ(TSG_ACTION_S_CHAINING, hited_s_chaining->result[i].action); EXPECT_EQ(TSG_ACTION_S_CHAINING, hited_s_chaining->rules[i].action);
EXPECT_EQ(TSG_ACTION_S_CHAINING+i, hited_s_chaining->result[i].config_id); EXPECT_EQ(TSG_ACTION_S_CHAINING+i, hited_s_chaining->rules[i].rule_id);
} }
// second // second
for(int i=0; i<MAX_RESULT_NUM/2; i++) for(int i=0; i<MAX_RESULT_NUM/2; i++)
{ {
s_chaining_result[i].action=TSG_ACTION_S_CHAINING; s_chaining_result[i].action=TSG_ACTION_S_CHAINING;
s_chaining_result[i].config_id=TSG_ACTION_S_CHAINING+i; s_chaining_result[i].rule_id=TSG_ACTION_S_CHAINING+i;
} }
tsg_notify_hited_s_chaining_result(&a_stream, s_chaining_result, MAX_RESULT_NUM/2, 1); matched_service_chaining_rules_deal(&a_stream, s_chaining_result, MAX_RESULT_NUM/2, 0);
hited_s_chaining=(struct tm_hited_result *)tsg_get_xxx_from_bridge(&a_stream, g_tsg_para.bridge[BRIDGE_TYPE_SERVICE_CHAINING].id); hited_s_chaining=session_matched_rules_get(&a_stream, TSG_SERVICE_CHAINING);
EXPECT_NE(nullptr, hited_s_chaining); EXPECT_NE(nullptr, hited_s_chaining);
EXPECT_EQ(g_tsg_para.service_chaining_sid, hited_s_chaining->sid); EXPECT_EQ(MAX_RESULT_NUM/2, hited_s_chaining->n_rules);
EXPECT_EQ(MAX_RESULT_NUM/2, hited_s_chaining->result_num); for(size_t i=0; i<hited_s_chaining->n_rules; i++)
for(int i=0; i<hited_s_chaining->result_num; i++)
{ {
EXPECT_EQ(TSG_ACTION_S_CHAINING, hited_s_chaining->result[i].action); EXPECT_EQ(TSG_ACTION_S_CHAINING, hited_s_chaining->rules[i].action);
EXPECT_EQ(TSG_ACTION_S_CHAINING+i, hited_s_chaining->result[i].config_id); EXPECT_EQ(TSG_ACTION_S_CHAINING+i, hited_s_chaining->rules[i].rule_id);
} }
free_shaping_result(&a_stream, g_tsg_para.bridge[BRIDGE_TYPE_SERVICE_CHAINING].id, (void *)hited_s_chaining); struct segment_id_list *segment_ids=(struct segment_id_list *)session_control_segment_ids_get(&a_stream);
stream_bridge_async_data_put(&a_stream, g_tsg_para.bridge[BRIDGE_TYPE_SERVICE_CHAINING].id, NULL); EXPECT_NE(nullptr, segment_ids);
EXPECT_EQ(nullptr, stream_bridge_async_data_get(&a_stream, g_tsg_para.bridge[BRIDGE_TYPE_SERVICE_CHAINING].id)); EXPECT_EQ(1, segment_ids->sz_sidlist);
EXPECT_EQ(g_tsg_para.service_chaining_sid, segment_ids->sid_list[0]);
session_segment_id_free(&a_stream, 0, (void *)segment_ids);
session_control_segment_ids_async(&a_stream, NULL);
session_matched_rules_free(&a_stream, TSG_SERVICE_CHAINING, (void *)hited_s_chaining);
session_matched_rules_async(&a_stream, TSG_SERVICE_CHAINING, NULL);
EXPECT_EQ(nullptr, session_matched_rules_get(&a_stream, TSG_SERVICE_CHAINING));
} }
TEST(TSGMaster, ServiceChainingPolicyMultipleNotify) TEST(TSGMaster, ServiceChainingPolicyMultipleNotify)
{ {
const struct streaminfo a_stream={0}; const struct streaminfo a_stream={0};
struct Maat_rule_t s_chaining_result[MAX_RESULT_NUM]={0}; struct maat_rule s_chaining_result[MAX_RESULT_NUM]={0};
// first // first
for(int i=0; i<MAX_RESULT_NUM/2; i++) for(int i=0; i<MAX_RESULT_NUM/2; i++)
{ {
s_chaining_result[i].action=TSG_ACTION_S_CHAINING; s_chaining_result[i].action=TSG_ACTION_S_CHAINING;
s_chaining_result[i].config_id=TSG_ACTION_S_CHAINING+i; s_chaining_result[i].rule_id=TSG_ACTION_S_CHAINING+i;
} }
set_s_chaining_result_to_bridge(&a_stream, s_chaining_result, MAX_RESULT_NUM/2, 0); matched_service_chaining_rules_deal(&a_stream, s_chaining_result, MAX_RESULT_NUM/2, 0);
struct tm_hited_result *hited_s_chaining=(struct tm_hited_result *)tsg_get_xxx_from_bridge(&a_stream, g_tsg_para.bridge[BRIDGE_TYPE_SERVICE_CHAINING].id); const struct matched_policy_rules *hited_s_chaining=session_matched_rules_get(&a_stream, TSG_SERVICE_CHAINING);
EXPECT_NE(nullptr, hited_s_chaining); EXPECT_NE(nullptr, hited_s_chaining);
EXPECT_EQ(g_tsg_para.service_chaining_sid, hited_s_chaining->sid); EXPECT_EQ(MAX_RESULT_NUM/2, hited_s_chaining->n_rules);
EXPECT_EQ(MAX_RESULT_NUM/2, hited_s_chaining->result_num); for(size_t i=0; i<hited_s_chaining->n_rules; i++)
for(int i=0; i<hited_s_chaining->result_num; i++)
{ {
EXPECT_EQ(TSG_ACTION_S_CHAINING, hited_s_chaining->result[i].action); EXPECT_EQ(TSG_ACTION_S_CHAINING, hited_s_chaining->rules[i].action);
EXPECT_EQ(TSG_ACTION_S_CHAINING+i, hited_s_chaining->result[i].config_id); EXPECT_EQ(TSG_ACTION_S_CHAINING+i, hited_s_chaining->rules[i].rule_id);
} }
// second // second
for(int i=MAX_RESULT_NUM/2; i<MAX_RESULT_NUM; i++) for(int i=MAX_RESULT_NUM/2; i<MAX_RESULT_NUM; i++)
{ {
s_chaining_result[i].action=TSG_ACTION_S_CHAINING; s_chaining_result[i].action=TSG_ACTION_S_CHAINING;
s_chaining_result[i].config_id=TSG_ACTION_S_CHAINING+i; s_chaining_result[i].rule_id=TSG_ACTION_S_CHAINING+i;
} }
tsg_notify_hited_s_chaining_result(&a_stream, &(s_chaining_result[MAX_RESULT_NUM/2]), MAX_RESULT_NUM/2, 1); matched_service_chaining_rules_deal(&a_stream, s_chaining_result, MAX_RESULT_NUM/2, 0);
hited_s_chaining=(struct tm_hited_result *)tsg_get_xxx_from_bridge(&a_stream, g_tsg_para.bridge[BRIDGE_TYPE_SERVICE_CHAINING].id); hited_s_chaining=session_matched_rules_get(&a_stream, TSG_SERVICE_CHAINING);
EXPECT_NE(nullptr, hited_s_chaining); EXPECT_NE(nullptr, hited_s_chaining);
EXPECT_EQ(g_tsg_para.service_chaining_sid, hited_s_chaining->sid); EXPECT_EQ(MAX_RESULT_NUM/2, hited_s_chaining->n_rules);
EXPECT_EQ(MAX_RESULT_NUM, hited_s_chaining->result_num); for(size_t i=0; i<hited_s_chaining->n_rules; i++)
for(int i=0; i<hited_s_chaining->result_num; i++)
{ {
EXPECT_EQ(TSG_ACTION_S_CHAINING, hited_s_chaining->result[i].action); EXPECT_EQ(TSG_ACTION_S_CHAINING, hited_s_chaining->rules[i].action);
EXPECT_EQ(TSG_ACTION_S_CHAINING+i, hited_s_chaining->result[i].config_id); EXPECT_EQ(TSG_ACTION_S_CHAINING+i, hited_s_chaining->rules[i].rule_id);
} }
free_shaping_result(&a_stream, g_tsg_para.bridge[BRIDGE_TYPE_SERVICE_CHAINING].id, (void *)hited_s_chaining); struct segment_id_list *segment_ids=(struct segment_id_list *)session_control_segment_ids_get(&a_stream);
stream_bridge_async_data_put(&a_stream, g_tsg_para.bridge[BRIDGE_TYPE_SERVICE_CHAINING].id, NULL); EXPECT_NE(nullptr, segment_ids);
EXPECT_EQ(nullptr, stream_bridge_async_data_get(&a_stream, g_tsg_para.bridge[BRIDGE_TYPE_SERVICE_CHAINING].id)); EXPECT_EQ(1, segment_ids->sz_sidlist);
EXPECT_EQ(g_tsg_para.service_chaining_sid, segment_ids->sid_list[0]);
session_segment_id_free(&a_stream, 0, (void *)segment_ids);
session_control_segment_ids_async(&a_stream, NULL);
session_matched_rules_free(&a_stream, TSG_SERVICE_CHAINING, (void *)hited_s_chaining);
session_matched_rules_async(&a_stream, TSG_SERVICE_CHAINING, NULL);
EXPECT_EQ(nullptr, session_matched_rules_get(&a_stream, TSG_SERVICE_CHAINING));
}
TEST(TSGMaster, SecurityDuplicatePolicyMultipleNotify)
{
const struct streaminfo a_stream={0};
struct maat_rule matched_policy[MAX_RESULT_NUM]={0};
for(int i=0; i<MAX_RESULT_NUM/2; i++)
{
matched_policy[i].action=TSG_ACTION_MONITOR;
matched_policy[i].rule_id=TSG_ACTION_MONITOR+i;
}
// First notify
session_matched_rules_notify(&a_stream, TSG_SERVICE_SECURITY, matched_policy, MAX_RESULT_NUM/2, 0);
const struct matched_policy_rules *hited_security=session_matched_rules_get(&a_stream, TSG_SERVICE_SECURITY);
EXPECT_NE(nullptr, hited_security);
EXPECT_EQ(MAX_RESULT_NUM/2, hited_security->n_rules);
for(size_t i=0; i<hited_security->n_rules; i++)
{
EXPECT_EQ(TSG_ACTION_MONITOR, hited_security->rules[i].action);
EXPECT_EQ(TSG_ACTION_MONITOR+i, hited_security->rules[i].rule_id);
}
// Second notify
session_matched_rules_notify(&a_stream, TSG_SERVICE_SECURITY, matched_policy, MAX_RESULT_NUM/2, 0);
hited_security=session_matched_rules_get(&a_stream, TSG_SERVICE_SECURITY);
EXPECT_NE(nullptr, hited_security);
EXPECT_EQ(MAX_RESULT_NUM/2, hited_security->n_rules);
for(size_t i=0; i<hited_security->n_rules; i++)
{
EXPECT_EQ(TSG_ACTION_MONITOR, hited_security->rules[i].action);
EXPECT_EQ(TSG_ACTION_MONITOR+i, hited_security->rules[i].rule_id);
}
session_matched_rules_free(&a_stream, TSG_SERVICE_SECURITY, (void *)hited_security);
session_matched_rules_async(&a_stream, TSG_SERVICE_SECURITY, NULL);
EXPECT_EQ(nullptr, session_matched_rules_get(&a_stream, TSG_SERVICE_SECURITY));
}
extern int session_packet_capture_notify(const struct streaminfo *a_stream, struct maat_rule *rules, size_t n_rules, int thread_seq);
TEST(TSGMaster, SecurityPolicyIntercept)
{
const struct streaminfo a_stream={0};
struct maat_rule matched_policy[MAX_RESULT_NUM]={0};
matched_policy[1].action=TSG_ACTION_INTERCEPT;
matched_policy[1].rule_id=TSG_ACTION_INTERCEPT;
// Set Intercept
session_matched_rules_notify(&a_stream, TSG_SERVICE_SECURITY, &matched_policy[1], 1, 0);
const struct matched_policy_rules *hited_security=session_matched_rules_get(&a_stream, TSG_SERVICE_SECURITY);
EXPECT_NE(nullptr, hited_security);
EXPECT_EQ(1, hited_security->n_rules);
EXPECT_EQ(TSG_ACTION_INTERCEPT, hited_security->rules[0].action);
EXPECT_EQ(TSG_ACTION_INTERCEPT, hited_security->rules[0].rule_id);
session_matched_rules_free(&a_stream, TSG_SERVICE_SECURITY, (void *)hited_security);
session_matched_rules_async(&a_stream, TSG_SERVICE_SECURITY, NULL);
EXPECT_EQ(nullptr, session_matched_rules_get(&a_stream, TSG_SERVICE_SECURITY));
}
TEST(TSGMaster, SecurityMultiplePolicyMonitorToIntercept)
{
const struct streaminfo a_stream={0};
struct maat_rule matched_policy[MAX_RESULT_NUM]={0};
matched_policy[0].action=TSG_ACTION_MONITOR;
matched_policy[0].rule_id=TSG_ACTION_MONITOR;
matched_policy[1].action=TSG_ACTION_INTERCEPT;
matched_policy[1].rule_id=TSG_ACTION_INTERCEPT;
// First Monitor, second Intercpt
session_matched_rules_notify(&a_stream, TSG_SERVICE_SECURITY, &matched_policy[0], 1, 0);
int ret=session_matched_rules_copy(&a_stream, TSG_SERVICE_INTERCEPT, &(matched_policy[2]), 1);
EXPECT_EQ(0, ret);
ret=session_matched_rules_copy(&a_stream, TSG_SERVICE_SECURITY, &(matched_policy[2]), 1);
EXPECT_EQ(1, ret);
EXPECT_EQ(TSG_ACTION_MONITOR, matched_policy[2].action);
EXPECT_EQ(TSG_ACTION_MONITOR, matched_policy[2].rule_id);
ret=session_matched_rules_copy(&a_stream, TSG_SERVICE_SECURITY, &(matched_policy[2]), 1);
EXPECT_EQ(1, ret);
EXPECT_EQ(TSG_ACTION_MONITOR, matched_policy[2].action);
EXPECT_EQ(TSG_ACTION_MONITOR, matched_policy[2].rule_id);
const struct matched_policy_rules *hited_security=session_matched_rules_get(&a_stream, TSG_SERVICE_SECURITY);
EXPECT_NE(nullptr, hited_security);
EXPECT_EQ(1, hited_security->n_rules);
EXPECT_EQ(TSG_ACTION_MONITOR, hited_security->rules[0].action);
EXPECT_EQ(TSG_ACTION_MONITOR, hited_security->rules[0].rule_id);
session_matched_rules_free(&a_stream, TSG_SERVICE_SECURITY, (void *)hited_security);
session_matched_rules_async(&a_stream, TSG_SERVICE_SECURITY, NULL);
EXPECT_EQ(nullptr, session_matched_rules_get(&a_stream, TSG_SERVICE_SECURITY));
// Set Intercept
session_matched_rules_notify(&a_stream, TSG_SERVICE_INTERCEPT, &matched_policy[1], 1, 0);
ret=session_matched_rules_copy(&a_stream, TSG_SERVICE_INTERCEPT, &(matched_policy[2]), 1);
EXPECT_EQ(1, ret);
EXPECT_EQ(TSG_ACTION_INTERCEPT, matched_policy[2].action);
EXPECT_EQ(TSG_ACTION_INTERCEPT, matched_policy[2].rule_id);
ret=session_matched_rules_copy(&a_stream, TSG_SERVICE_INTERCEPT, &(matched_policy[2]), 1);
EXPECT_EQ(1, ret);
EXPECT_EQ(TSG_ACTION_INTERCEPT, matched_policy[2].action);
EXPECT_EQ(TSG_ACTION_INTERCEPT, matched_policy[2].rule_id);
const struct matched_policy_rules *hited_intercept=session_matched_rules_get(&a_stream, TSG_SERVICE_INTERCEPT);
EXPECT_NE(nullptr, hited_intercept);
EXPECT_EQ(1, hited_intercept->n_rules);
EXPECT_EQ(TSG_ACTION_INTERCEPT, hited_intercept->rules[0].action);
EXPECT_EQ(TSG_ACTION_INTERCEPT, hited_intercept->rules[0].rule_id);
session_matched_rules_free(&a_stream, TSG_SERVICE_INTERCEPT, (void *)hited_intercept);
session_matched_rules_async(&a_stream, TSG_SERVICE_INTERCEPT, NULL);
EXPECT_EQ(nullptr, session_matched_rules_get(&a_stream, TSG_SERVICE_INTERCEPT));
}
TEST(TSGMaster, ShapingAndServiceChainingPolicyNotify)
{
const struct streaminfo a_stream={0};
// service chaining notify
struct maat_rule service_chaining_result[MAX_RESULT_NUM]={0};
for(int i=0; i<MAX_RESULT_NUM/2; i++)
{
service_chaining_result[i].action=TSG_ACTION_S_CHAINING;
service_chaining_result[i].rule_id=TSG_ACTION_S_CHAINING+i;
}
matched_service_chaining_rules_deal(&a_stream, service_chaining_result, MAX_RESULT_NUM/2, 0);
const struct matched_policy_rules *hitted_service_chaining=session_matched_rules_get(&a_stream, TSG_SERVICE_CHAINING);
EXPECT_NE(nullptr, hitted_service_chaining);
EXPECT_EQ(MAX_RESULT_NUM/2, hitted_service_chaining->n_rules);
for(size_t i=0; i<hitted_service_chaining->n_rules; i++)
{
EXPECT_EQ(TSG_ACTION_S_CHAINING, hitted_service_chaining->rules[i].action);
EXPECT_EQ(TSG_ACTION_S_CHAINING+i, hitted_service_chaining->rules[i].rule_id);
}
// shping notify
struct maat_rule shaping_result[MAX_RESULT_NUM]={0};
for(int i=0; i<MAX_RESULT_NUM/2; i++)
{
shaping_result[i].action=TSG_ACTION_SHAPING;
shaping_result[i].rule_id=TSG_ACTION_SHAPING+i;
}
matched_shaping_rules_deal(&a_stream, shaping_result, MAX_RESULT_NUM/2, 0);
const struct matched_policy_rules *hitted_shaping=session_matched_rules_get(&a_stream, TSG_SERVICE_SHAPING);
EXPECT_NE(nullptr, hitted_shaping);
EXPECT_EQ(MAX_RESULT_NUM/2, hitted_shaping->n_rules);
for(size_t i=0; i<hitted_shaping->n_rules; i++)
{
EXPECT_EQ(TSG_ACTION_SHAPING, hitted_shaping->rules[i].action);
EXPECT_EQ(TSG_ACTION_SHAPING+i, hitted_shaping->rules[i].rule_id);
}
struct segment_id_list *segment_ids=(struct segment_id_list *)session_control_segment_ids_get(&a_stream);
EXPECT_NE(nullptr, segment_ids);
EXPECT_EQ(2, segment_ids->sz_sidlist);
EXPECT_EQ(g_tsg_para.service_chaining_sid, segment_ids->sid_list[0]);
EXPECT_EQ(g_tsg_para.shaping_sid, segment_ids->sid_list[1]);
session_segment_id_free(&a_stream, 0, (void *)segment_ids);
session_control_segment_ids_async(&a_stream, NULL);
session_matched_rules_free(&a_stream, TSG_SERVICE_SHAPING, (void *)hitted_shaping);
session_matched_rules_async(&a_stream, TSG_SERVICE_SHAPING, NULL);
EXPECT_EQ(nullptr, session_matched_rules_get(&a_stream, TSG_SERVICE_SHAPING));
session_matched_rules_free(&a_stream, TSG_SERVICE_CHAINING, (void *)hitted_service_chaining);
session_matched_rules_async(&a_stream, TSG_SERVICE_CHAINING, NULL);
EXPECT_EQ(nullptr, session_matched_rules_get(&a_stream, TSG_SERVICE_CHAINING));
} }
int main(int argc, char *argv[]) int main(int argc, char *argv[])

1132
test/src/gtest_rule.cpp
View File

File diff suppressed because it is too large Load Diff

115
test/src/gtest_sendlog.cpp
View File

@@ -2,37 +2,128 @@
#include <string.h> #include <string.h>
#include <unistd.h> #include <unistd.h>
#include "tsg_rule.h"
#include "gtest_common.h" #include "gtest_common.h"
#include <gtest/gtest.h> #include <gtest/gtest.h>
int tsg_app_id2name(int app_id, char *app_name, int app_name_len, int is_joint_parent) struct maat *g_tsg_maat_feather;
{
return 0;
}
int tsg_get_location_type(void) char *tsg_device_tag_get(void)
{
return 19;
}
char *tsg_l7_protocol_id2name(unsigned int l7_protocol_id)
{ {
return NULL; return NULL;
} }
char get_direction_from_tcpall(const struct streaminfo *a_stream) char *tsg_data_center_get(void)
{
return NULL;
}
int tsg_location_type_get(void)
{ {
return 0; return 0;
} }
int tsg_session_record_switch_get(void)
{
return 0;
}
void *session_mac_linkinfo_get(const struct streaminfo * a_stream)
{
return NULL;
}
void *session_gather_app_results_get(const struct streaminfo * a_stream)
{
return NULL;
}
void *session_conn_sketch_notify_data_get(const struct streaminfo * a_stream)
{
return NULL;
}
void *session_business_data_get(const struct streaminfo * a_stream)
{
return NULL;
}
void *session_session_flags_get(const struct streaminfo * a_stream)
{
return NULL;
}
void *session_application_behavior_get(const struct streaminfo * a_stream)
{
return NULL;
}
void *session_mirrored_and_capture_packets_exec_result_get(const struct streaminfo * a_stream)
{
return NULL;
}
void *session_lua_user_defined_attribute_get(const struct streaminfo * a_stream)
{
return NULL;
}
void *session_nat_c2s_linkinfo_get(const struct streaminfo * a_stream)
{
return NULL;
}
void *session_nat_s2c_linkinfo_get(const struct streaminfo * a_stream)
{
return NULL;
}
int session_matched_rules_async(const struct streaminfo * a_stream, TSG_SERVICE service, void * data)
{
return 0;
}
const struct matched_policy_rules *session_matched_rules_get(const struct streaminfo *a_stream, enum TSG_SERVICE service)
{
return 0;
}
void session_matched_rules_free(const struct streaminfo * a_stream, TSG_SERVICE service, void * data)
{
}
char srt_action_context_get_direction(const struct streaminfo * a_stream)
{
return 0;
}
int tsg_get_app_name_by_id(struct maat *feahter, int app_id, char * app_name, int app_name_len, int is_joint_parent)
{
return 0;
}
const struct session_runtime_attribute *session_runtime_attribute_get(const struct streaminfo * a_stream)
{
return NULL;
}
void *matched_rule_cites_security_compile(struct maat * feather, long long compile_id)
{
return NULL;
}
void plugin_ex_data_security_compile_free(struct maat_compile * maat_compile)
{
}
TEST(MasterTest, SetVlan) TEST(MasterTest, SetVlan)
{ {
//int ret=set_vlan(NULL, NULL, NULL, 0, NULL, LOG_COMMON_TUNNELS_VLAN_SRC_ID); //int ret=set_vlan(NULL, NULL, NULL, 0, NULL, LOG_COMMON_TUNNELS_VLAN_SRC_ID);
//EXPECT_EQ(1, ret); //EXPECT_EQ(1, ret);
} }
int main(int argc, char *argv[]) int main(int argc, char *argv[])
{ {
testing::InitGoogleTest(&argc, argv); testing::InitGoogleTest(&argc, argv);

6
test/src/gtest_session_state.cpp
View File

@@ -10,7 +10,7 @@ extern int get_ctrl_pkt(char *buf, int len);
struct parse_handle test_handle; struct parse_handle test_handle;
unsigned long long tsg_get_stream_id(struct streaminfo * a_stream) unsigned long long tsg_get_stream_trace_id(const struct streaminfo * a_stream)
{ {
return 10; return 10;
} }
@@ -131,11 +131,11 @@ TEST(SESSION_STATE, ActiveStateServiceChainingAndShaping1)
int ctrl_pkt_len = 0; int ctrl_pkt_len = 0;
memset(&policy_array, 0, sizeof(struct update_policy) * 2); memset(&policy_array, 0, sizeof(struct update_policy) * 2);
policy_array[0].type = POLICY_UPDATE_SHAPING; policy_array[0].type = POLICY_UPDATE_SHAPING;
policy_array[0].id_num = 3; policy_array[0].n_ids = 3;
policy_array[0].ids[0] = 1; policy_array[0].ids[0] = 1;
policy_array[0].ids[1] = 2; policy_array[0].ids[1] = 2;
policy_array[0].ids[2] = 3; policy_array[0].ids[2] = 3;
policy_array[1].id_num = 3; policy_array[1].n_ids = 3;
policy_array[1].ids[0] = 4; policy_array[1].ids[0] = 4;
policy_array[1].ids[1] = 5; policy_array[1].ids[1] = 5;
policy_array[1].ids[2] = 6; policy_array[1].ids[2] = 6;